summaryrefslogtreecommitdiff
path: root/puppet
AgeCommit message (Collapse)Author
2014-07-30add replication role to user databases with tapiceroAzul
This way the replication has read access on the source and write access on the target.
2014-07-29Merge remote-tracking branch 'fbernitt/issue_5217_allow_registration' into ↵Azul
develop
2014-07-15haproxy default to couch_write, couch_read on GETAzul
METH_POST probably does not catch PUT, DESTROY etc. So instead we now use the master as the default and only use the replications for GET and HEAD requests.
2014-07-14proper json for tapicero configAzul
2014-07-14update couchdb puppet moduleAzul
2014-07-11Added allow_registration to webapp config.yml.Folker Bernitt
- See issue #5217 - See companion change in leap_web
2014-07-01Use new macro pick_node to pick vpn gateway for obfsproxy.jsonirregulator
2014-07-01Check appropriately if obfsproxy is included in servicesirregulator
2014-07-01Add apt preferences requirement for obfsproxy package resourceirregulator
2014-07-01Add User resource requirement for obfsproxy service, log, etc dirirregulator
2014-07-01Remove unneeded newlines from obfsproxy.confirregulator
2014-07-01Explicitly set apt preferences for obfsproxy to wheezy-backportsirregulator
2014-07-01Make obfsproxy daemon bind to specific address rather than 0.0.0.0irregulator
If obfsproxy is spawned alongside eip service, make it listen to the gateway_adress IP. If obfsproxy is running standalone listen to ip_address.
2014-07-01Remove initscript subscription to conf fileirregulator
2014-07-01Move log files to var/log instead of var/log/obfsproxyirregulator
2014-07-01Subscribe obfsproxy service resource to conf fileirregulator
2014-07-01Simplify init script, let puppet service resource use init statusirregulator
2014-07-01Change logrotate's frequency and number of log files to keepirregulator
2014-07-01Be able to specify log_level parameter for obfsproxyirregulator
log_level sets minimum logging severity of obfsproxy daemon, can be error, warning, info, debug. Defaults to info.
2014-07-01Address logging for obfsproxy daemonirregulator
Create obfsproxy directory in /var/log, specify log file when obfsproxy is spawned by init script, create a logrotate configuration for obfsproxy's logs.
2014-07-01Line up equal signs, change double to single quotesirregulator
2014-07-01Remove commented lines from obfsproxy puppet module classirregulator
2014-07-01Remove commented lines from init script status sectionirregulator
2014-07-01Change exit status code if config file is missingirregulator
2014-07-01Move obfsproxy_daemon to obfsproxy_initirregulator
2014-07-01Add data directory to save scramblesuit's state.irregulator
Also clean up a little the obfsproxy puppet class, create appropriate directories, restrict permissions.
2014-07-01Make shorewall accept incoming traffic for obfsproxy serverirregulator
2014-07-01Initial commit for obfsproxy server feature in platformirregulator
2014-06-27add a package resource for leap-keymanager to make sure it is also theMicah Anderson
latest version, this is necessary to transition to the python-gnupg-ng package, which will not otherwise be installed Change-Id: I2ea631e15518fd40cb0ea4fe718498bdfba3c599
2014-06-27leap-mx package resource ensure parameter needs to be 'latest' to ensureMicah Anderson
packages will be upgraded Change-Id: Ic94be8b732d9d2202f87c0c2cdd2fd0d16cc9efc
2014-06-27reorder /etc/hostsChristoph
now "hostname -f" results in the correct hostname. Fixes #5835
2014-06-26reorder /etc/hostsChristoph
now "hostname -f" results in the correct hostname. Fixes #5835
2014-06-25lint site_couchdbelijah
2014-06-25update couchdb submoduleelijah
2014-06-25create netrc files for all users with new puppet_couchdbAzul
This only works with the latest patch to puppet_couchdb
2014-06-25hand replication credentials to tapiceroAzul
2014-06-25minor: fix typo in replication user rolesAzul
2014-06-25haproxy: support read only couchdb mirrorselijah
2014-06-25stunnel: make site_mx and site_webapp use new site_stunnelelijah
2014-06-25add replication userAzul
2014-06-25site_couchdb: support auto-stunnel setup, split master, bigcouch, and mirror ↵elijah
out into separate files.
2014-06-25new generic system for stunnel: just `include site_stunnel` and stunnel + ↵elijah
needed shorewall will be automatically set up. requires new leap_cli
2014-06-25first steps towards mirroring couchAzul
2014-06-25set mirror option if we are on a couch mirrorAzul
2014-06-25separate bigcouch specifics from init.ppAzul
2014-06-25split bigcouch stunnel from plain couch stunnelAzul
2014-06-17allow webapp.json to configure what engines are enabledelijah
2014-06-04clean up how /etc/hosts is generated so it doesn't require custom behavior ↵0.5.2elijah
depending on the services.
2014-06-04bugfix: actually apply modules based on $serviceselijah
2014-06-03move hiera from site.pp to site_config::setupChristoph
the problem was following: if a host has the webapp service, the template for /etc/hosts adds some stuff. But setup.pp did not ask hiera about the services so "/srv/leap/bin/puppet_command set_hostname" always resets the hostname. Since that gets triggered every time you run "leap deploy" the hostname changes, some services restart, then the hostname changes back and the services restart again. The solution is to get the hiera data before every run.