summaryrefslogtreecommitdiff
path: root/puppet
AgeCommit message (Collapse)Author
2013-02-12switch to using stdlib's standard stagesMicah Anderson
2013-02-12remove the apt-get autoclean from the initial apt-get update, this just ↵Micah Anderson
slows things down and I don't see a need for it
2013-02-12missed one require => Package['shorewall'] on of the file resources in ↵Micah Anderson
site_shorewall
2013-02-12file resources that make changes to shorewall need to make sure that ↵Micah Anderson
shorewall is installed first (#1741)
2013-02-12remove unused commented-out lineMicah Anderson
2013-02-12update shorewall submodule to get fix for augeas package dependency problemMicah Anderson
2013-02-12Merge remote-tracking branch 'origin/develop' into bundle-and-precompile-as-userMicah Anderson
2013-02-12fixed shorewall is blocking api port (Bug #1735)varac
2013-02-11duplicate shortwall service definitions now inclduded from services/*varac
2013-02-10set webapp module to use try::file where appropriateelijah
2013-02-10added 'try' moduleelijah
2013-02-09run bundler and rake assets:precompile as normal userAzul
otherwise the generated files will be owned by root and the bundle will be inside roots /home/max
2013-02-09site_shorewall::monitor: allow port 80 + 443varac
2013-02-09re-enabling futon (see #1121)varac
2013-02-08changed contact_email to tor.contactselijah
2013-02-08couchdb: disable futon (Feature #1121)varac
2013-02-07configure tor relay nicknamevarac
2013-02-07working tor relayvarac
2013-02-07configure exit policiesvarac
2013-02-06allow outgoing traffic moved to site_shorewall::defaultsvarac
2013-02-06allow port 80 to tor servervarac
2013-02-06add basic tor servicevarac
2013-02-06nagios: don't check openvpn, check cmd doesn't workvarac
2013-02-06include shorewall config for webapp and couchdbvarac
2013-02-06site_config::default : include site_shorewall::defaultsvarac
2013-02-06configure shorewall for couchdb, tor, webappvarac
2013-02-06allow all outgoing trafficvarac
2013-02-06Restructuring site_shorewallvarac
site_shorewall::defaults can be used on every host, it configures a basic firewall, which blocks everything from outside except ping + ssh, and allows outgoing traffic for http, git, dns.
2013-02-06added submodule torvarac
2013-02-04compile assets for webapp, fixes #1628varac
2013-02-03Increase Exec[bundler_update] timeoutvarac
Exec[bundler_update] can take a really long time, increasing timeout from 300s (default) to 600s fixes Increase command timeout for Exec[bundler_update] (Feature #1643)
2013-02-01moved concat::setup to site_config::defaultvarac
Because in site.pp it didn't get the tag "leap_base" and would not be declared with leap cli's default puppet tags. Fixes: parent directory /var/lib/puppet/concat does not exist (Feature#1625)
2013-02-01update x509 submodule to get key owner enhancementMicah Anderson
2013-02-01automatic update of submodule puppet_aptvarac
2013-02-01disable nagios debug mode (Feature #1551)varac
2013-01-31update the x509 submodule to get non-root application access to key file ↵Micah Anderson
enhancement put the leap-webapp user in the 'ssl-cert' group pass group => 'leap-webapp' to the leap_client_ca.key so the application can access it
2013-01-31install an apache Directory override block to disable passenger for nagios, ↵Micah Anderson
if the node is a monitor node
2013-01-31tag 'base' is a bad idea because it invokes apache::base as wellvarac
2013-01-31Merge branch 'develop' of ssh://code.leap.se/leap_platform into developvarac
2013-01-31install etckeeper on all nodesvarac
2013-01-31Merge branch 'develop' of ssh://leap.se/leap_platform into developelijah
2013-01-31added /etc/openvpn/ca_bundle.pem in order to allow multiple CA certs to be used.elijah
2013-01-31tag 'service' for all service classesvarac
2013-01-31changed tag default to 'base'varac
2013-01-31just purge the nagios3/conf.d content, not the dir itselfvarac
2013-01-31include site_nagios so every subclass inherits tag 'service'varac
2013-01-31puppet tags: site_config::default and site_config::slowvarac
2013-01-30codename is unavailable in the site_apt module, but $::lsbdistcodename is ↵Micah Anderson
fine here
2013-01-30automatic update of submodule puppet_aptvarac
2013-01-30provide a fall-back apt.sources.d entry that is disabled by default (#1348)Micah Anderson
This file will have the .disabled removed by the apt wrapper when the apt-get update fails