Age | Commit message (Collapse) | Author |
|
- Resolves: #7948
|
|
|
|
|
|
|
|
ownership reset on each deploy.
|
|
|
|
Use purging of nagios resources in a way that not
all resources are recreated on every puppetrun.
Resolves: #2327
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- Resolves: #7887
|
|
|
|
|
|
Change-Id: I9c8f9c9c3ee7cd89f013cbb08397377522ed5a4a
|
|
only have the following logfiles in that directory ever:
mx.log, mx.log.[1-5], with an optional .gz suffix.
However, we were wrong about the 'optional' part of the compression, we
use the 'compress' option, so the logs will always be compressed. So
there should never be the log files mx.log.1, mx.log.2, etc.
This change adjusts the clean-up to deal with that. (#7058)
https://github.com/leapcode/leap_platform/pull/97
Change-Id: I109d08ac063fe094c54e93be91893a67d7fbb51b
|
|
|
|
# Conflicts:
# puppet/modules/site_couchdb/manifests/plain.pp
|
|
|
|
|
|
|
|
|
|
|
|
Conflicts:
puppet/modules/site_postfix/manifests/mx.pp
|
|
better key algorithm choices.
Change-Id: I6b9ec83dbfbf15d1b65e14145bf625db6517f6b7
|
|
Change-Id: I9cee85c19d86dc7c8d70c4cdeb2e7426191b57a5
|
|
replacement wasn't being done. (#7890)
This moves that replacement into its own class, clears the old value and
sets it properly in the smtps transport.
Change-Id: I27c02730597df4943761d8bcb61014aeded9dc75
|
|
|
|
CN entries (#7867)
Change-Id: Ie33277a62e90f9dc0602bb963dbb96a61cebed1d
|
|
|
|
smtpd_relay_restrictions was added in postfix 2.10 (jessie
has 2.11 atm). Without this, outbound mails are rejected to
be relayed.
from http://www.postfix.org/SMTPD_ACCESS_README.html:
NOTE: Postfix versions before 2.10 did not have
smtpd_relay_restrictions. They combined the mail relay and spam blocking
policies, under smtpd_recipient_restrictions. This could lead to
unexpected results. For example, a permissive spam blocking policy could
unexpectedly result in a permissive mail relay policy. An example of
this is documented under "Dangerous use of
smtpd_recipient_restrictions".
smtpd_relay_restrictions defaults to
'permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination'
and is configured here to check for a valid client cert.
see http://www.postfix.org/postconf.5.html#smtpd_relay_restrictions
- Resolves: #7856
|
|
- Resolves: #7641
|
|
`site_apt` aready ensures for installing packages after Exec[update_apt]
is run, so we don't need to duplicate this in `site_config::default.pp`.
|
|
Because this is the recommended way of depnending in the apt README.
|
|
We need to include class `site_config::default` in class
`site_config::slow` so we don't get this duplicate definition:
- [local1.bitmask.local] Error: Duplicate declaration: Class[Apt] is
already declared; cannot redeclare at
/srv/leap/puppet/modules/site_apt/manifests/init.pp:29 on node
local1.bitmask.local
To be honest, i didn't figuered out the real cause of this, but it works
with this.
|
|
`site_config::default.pp` takes care the all packages are
installed before `Exec['refresh_apt']`, so we don't need to
add it here for a single package.
|
|
The apt module now takes care of all the dependencies removed
from `site_apt`.
Also, the dependency to install the `lsb` package after
`refresh_apt` is unnesseccary because lsb facts won't work
anyway on the first run if `lsb` is not installed before, so
we can safely remove it.
|
|
|
|
|
|
|
|
This worked before, but somehow stopped working.
We need to include 'site_config::slow' top-level scope instead
of including it in 'site_config::default', because otherwise it
would get tagged with 'leap_base', and would be included always.
This way 'site_config::slow' gets included by default, but can be
excluded by using 'leap deploy --fast'.
See https://leap.se/en/docs/platform/details/under-the-hood#tags
- Resolves: #7844
|
|
The problem was that puppet tried to remove them on the couch node,
but they need to get removed on monitor node.
- Resolves: #7641
|
|
- Resolves: #7853
|
|
- Related: #7853
|
|
- Resolves: #7418
|
|
- Resolves: #7842
|