summaryrefslogtreecommitdiff
path: root/puppet
AgeCommit message (Collapse)Author
2013-11-27explicitly set the admin user as having access to the per-user databases, ↵Micah Anderson
even though it is probably not needed Change-Id: I2f9e751570190f7358332404ae734ae850f92b9f
2013-11-27setup some common leap system directories: /var/lib/leap and /var/log/leapMicah Anderson
Change-Id: I18aa0ee635d7166676e4bb4384e2b517784a68b0
2013-11-27initial tapicero configurationMicah Anderson
Change-Id: Ie53b09df0758ba01b30ed658bee04682bc180b01
2013-11-27break out the database creation, user creation and design document loading ↵Micah Anderson
into different classes Change-Id: Idd126d69e1fbe9c9794ad50337307dcc5dd635f4
2013-11-27enable uploading a document to couch from a file (#4256)Micah Anderson
deploy design documents during couch deploy (#3771) Change-Id: I4679e066303ac9b02582214c48e2e7dcfe5bd651
2013-11-27make some more dependency chains explicitMicah Anderson
Change-Id: Ib9525c3a933041fa9b378e1869c0a866375bb509
2013-11-27disable starttls over submission for client connections, we are using TLS ↵Micah Anderson
wrapper mode on the smtps port 465 now (#4366) enable the missing smtpd_helo_restrictions for smtps Change-Id: Iac497369d65c5ad8fd7e93e6fcabb830b855b4f6
2013-11-25add new version of couchdb submodule0.3.0rc4Azul
This one reverts a buggy fix. Trying to push it out asap
2013-11-25fixed `diff` bug with try::file and directorieselijah
2013-11-25fix bug when 'environment' is nil in hiera.yamlelijah
2013-11-22Merge branch 'develop' of ssh://leap.se/leap_platform into developelijah
2013-11-22improvements to webapp deployment: allow for greater customization, allow ↵elijah
for custom git source, improve apache config.
2013-11-22added custom index.htmlelijah
2013-11-22update couchdb submodule to get debugging output #4225Micah Anderson
Change-Id: Ie1b6d67f493ed6891a2df76b044d64d359edb420
2013-11-21initial design documents from the webapp (#3770)Azul
2013-11-19added website nagios check (#1629)Micah Anderson
Change-Id: Icebf9d8849b4440f4f6dbc00a1a8ac0873b62f6a
2013-10-31Merge branch 'develop' of ssh://code.leap.se/leap_platform into developvarac
2013-10-31Automate local backup of couchdb data (Feature #4350)varac
2013-10-31certtool-postfix-gendh attempted before postfix is installed (Bug #4340)Micah Anderson
Change-Id: I4ffb5b9203741d1152dfd93ef9ecc45f6a6088d4
2013-10-31require postfix is installed before installing postfix-pcre (#4223)Micah Anderson
Change-Id: I547b99becb8b16fec0ac89f06fb6d833cbde3c2b
2013-10-30added submodule backupninja from https://leap.se/git/puppet_backupninjavarac
2013-10-30Merge branch 'feature/3974_site_tor__can_t_convert_String' into developvarac
2013-10-30updated submodule stdlibvarac
2013-10-30Users with access to a db are called members - not readers (#4219)Azul
( they can read and write ). I think couch themselves changed the termology at some point but i might just have used the wrong term from the beginning on. Let's call them members either way because it's more clear that read only members require aditional design docs.
2013-10-24stop specifying the haproxy that we provided in our repository, it is ↵Micah Anderson
available in wheezy-backports now (#4272) Change-Id: Ie0b8b69f1305f4ec8d11356acc308aad2a8c1e91
2013-10-22site_tor: can't convert String into Integer (Bug #3974)varac
tor.contacts has been a string, and is now an array of email addresses this change needed to be adopted also in stdlib/lib/puppet/parser/functions/obfuscate_email.rb (see #4193).
2013-10-21updated submodule postfixvarac
2013-10-20Possibility to include local puppet recipes (Feature #3976)varac
2013-10-18"Header set X-Frame-Options: Allow" only for nagios (Bug #4169)varac
Nagios won't work with setting this option to "DENY", as set in conf.d/security (#4169). Therefor we allow it here, only for nagios.
2013-10-18nagios: use hash instead of array for hosts (Bug #3909)varac
Puppet 2.7.19 introduced a change that don't allow resource titles to be something else that a string. from the puppet 2.7.19 changelog: Don’t allow resource titles which aren’t strings It was possible to create resources whose titles weren't strings, by using a variable containing a hash, or the result of a function which doesn't return a string. This can cause problems resolving relationships when the stringified version of the title differs between master and agent. Now we will only accept primitives, and will stringify them. That is: string, symbol, number, boolean. Arrays or nested arrays will still be flattened and used to create multiple resources. Any other value (for instance: a hash) will cause a parse error. currently, it's much easier to iterate over a hash in puppet than over an array, cause every resource you call iterating over an array would need a unique name, and you don't have this in arrays.
2013-10-17syslog: fix apt_preferences snippet to glob on both rsyslog and rsyslog-relp ↵Micah Anderson
(#4161) Change-Id: I7eaa35897da3b24833be3b2c14db99cd66b547c0
2013-10-17Merge branch 'feature/4158_vagrant__support_other_provider' into developvarac
2013-10-16fix for rsyslog-relp being installed first, resulting in dependency errors ↵Micah Anderson
(#4161) Change-Id: I2f0bcc5b4cb5effae57051f04251aeb8b09a4c6d
2013-10-16Merge branch 'develop' of ssh://code.leap.se/leap_platform into developvarac
2013-10-16updated submodule couchdbvarac
2013-10-16vagrant: support other providers besides virtualbox (Bug #4158), Part 2varac
took out the last remaining virtualbox references
2013-10-16/etc/apt/preferences is changed twice on every puppetrun on couch nodes ↵varac
(Feature #3962) this will fix the alteration of the preferences file. we now use the apt module default preferences, and pin the depending packages from squeeze that are dependencies for the bigcouch package in the couchdb module, class couchdb::bigcouch::package::cloudant.
2013-10-16syslog: add rsyslog::snippet to anonymize logsMicah Anderson
it is necessary to install the fixed package from the leap.se repository until it is available in wheezy-backports, so install the apt preferences to pull it from there, and add its necessary library dependency from wheezy-backports Change-Id: I379ff2ceaac1a978143715d3a7ced0011ca0d747
2013-10-16rsyslog: setup default local config that gets us the same config as default ↵Micah Anderson
from debian Change-Id: If07ee200e2ae0d9cfaf8e405d6354c80d77330ca
2013-10-16add rsyslog puppet submoduleMicah Anderson
Change-Id: Ic9f521010af7b362490ee5b0048e41cf11bfc593
2013-10-16vagrant: support other providers besides virtualbox (Bug #4158)varac
2013-10-15Merge branch 'feature/1863_puppet_-_openvpn_gateway_netmask' into developvarac
2013-10-15new fallback nameservers (#4113)varac
* the german privacy foundation has dissolved itself and shut down their public nameserver. we are now using the public nameserver by Digitalcourage, a german privacy organisation (https://en.wikipedia.org/wiki/Digitalcourage) * the IP for the server of the swiss privacy foundation has changed (http://www.privacyfoundation.ch/de/service/server.html)
2013-10-15puppet - openvpn gateway address is hard coded as a /24 network (Bug #1863)varac
2013-10-11/etc/haproxy/haproxy.cfg changed randomly (Feature #4111)varac
2013-10-11class moved but forgot to renamevarac
2013-10-11fixed issues from https://review.leap.se/r/98/varac
2013-10-11install ruby-dev for nickserver/webapp (#4079 + #4080)varac
2013-10-11don't remove dev-packages on webapp nodevarac
they are needed for building gems
2013-10-11move site_config::checks to site_config::mx::checksvarac