Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-07-25 | added site_mx | varac | |
2013-07-25 | added submodule postfix from git://labs.riseup.net/shared-postfix | varac | |
2013-07-25 | include site_mx | varac | |
2013-07-23 | Merge branch 'develop' of ssh://code.leap.se/leap_platform into develop | varac | |
2013-07-23 | fix linting error | Micah Anderson | |
Change-Id: I975e1bd480d756a85e556b440a0e28e3899c9af8 | |||
2013-07-23 | not need for file { '/srv/leap/webapp': }, we have vcsrepo { ↵ | varac | |
'/srv/leap/webapp': } | |||
2013-07-23 | /srv/leap/webapp/public/img: require => Vcsrepo['/srv/leap/webapp'] | varac | |
2013-07-19 | try::file - absolute exec paths. | elijah | |
2013-07-19 | an entirely different implementation of try::file, using all execs. the ↵ | elijah | |
built in file resource of puppet can't be used for what we want, because if you specify $source, it always bombs out if it doesn't exist, regardless of dependencies. | |||
2013-07-17 | default to false for $hosts | elijah | |
2013-07-16 | lint site_openvpn manifests | Micah Anderson | |
Change-Id: I314031d93aa9f4a0f217680870678e39c096d46a | |||
2013-07-15 | lint nickserver class | Micah Anderson | |
Change-Id: I03cdb5a6255d245cb1163a30b221b4c32dc4bef6 | |||
2013-07-15 | Merge branch 'hotfix/issue/3140' into develop | varac | |
2013-07-15 | fix smtpd_recipient_restrictions, debug connections from localhost | varac | |
2013-07-11 | changes to support restrictive permissions for /etc/leap. this is required ↵ | elijah | |
to work with the latest leap_cli. | |||
2013-07-10 | ensure that /etc/hosts is output deterministically, so that content does not ↵ | elijah | |
change each time you deploy. | |||
2013-07-10 | added tls support, including smtp auth via client cert | varac | |
2013-07-09 | use file_line from stdlib instead of line, now both ↵ | varac | |
vpn_unlimited_tcp_resolver and vpn_unlimited_udp_resolver are included | |||
2013-07-09 | re-add mx service | varac | |
2013-07-09 | updated submodule apache | varac | |
2013-07-09 | updated submodule couchdb | varac | |
2013-07-09 | updated submodule apt | varac | |
2013-07-09 | beginning of smtp_auth config with client certs | varac | |
2013-07-09 | smtpd_recipient_restrictions: +permit_tls_all_clientcerts | varac | |
2013-07-09 | smtpd_checks: smtpd_delay_reject | varac | |
2013-07-09 | smtpd_checks: smtpd_data_restrictions | varac | |
2013-07-09 | using alias resolver | varac | |
2013-07-09 | update postfix module to new shared version for parameterized classes, and other | Micah Anderson | |
2.7 updates update site_postfix::mx to use parameterized classes | |||
2013-07-09 | no need to import common anymore | varac | |
2013-07-09 | Configure Postfix for incoming mails (Feature #2269) | varac | |
2013-07-09 | hiera variable mx.contact -> postfix $root_mail_recipient | varac | |
2013-07-09 | initial mx couchdb stunnel configuration | Micah Anderson | |
2013-07-09 | added site_mx::haproxy | varac | |
2013-07-09 | added basic site_postfix::mx config | varac | |
2013-07-09 | include shorewall rules for site_mx | varac | |
2013-07-09 | shorewall rules for site_mx | varac | |
2013-07-09 | added site_mx | varac | |
2013-07-09 | added submodule postfix from git://labs.riseup.net/shared-postfix | varac | |
2013-07-09 | include site_mx | varac | |
2013-07-06 | site_webapp -- make bundler not install test-only or development-only gems. | elijah | |
2013-07-04 | more robust openvpn restarting | Micah Anderson | |
this ensures that an actual restart is run on the service when config files are added or removed, instead of relying on the status parameter of the initscript, which can be confused if config files are removed out from under it Change-Id: I1c69fff26933338b707acf7dc4593547f32f92e3 | |||
2013-07-03 | Merge branch 'bug/1983' into leap | Micah Anderson | |
2013-07-02 | update stunnel submodule to fix refresh bug #3013 | Micah Anderson | |
Change-Id: I9ed218d9353c05b34d34c363a6a3f10d54b3a60a | |||
2013-07-02 | create a site_config subclass for package installation and removal add ↵ | Micah Anderson | |
packages that we want to make sure are installed remove packages that were found on vagrant and PC installations that have no business being there Change-Id: I4887a327ca89eb60945ad817a75ff199859824d3 | |||
2013-07-02 | deleted bind9 purging, it was only needed for the transition from bind to ↵ | varac | |
unbound | |||
2013-07-01 | restart stunnels if /etc/hosts is changed (#3031) | Micah Anderson | |
Due to the fact that /etc/hosts is modified in the early stage setup.pp run and the stunnel service is not deployed on an initial puppet run, we cannot simply override the Service['stunnel'] but instead need to trigger a restart through an exec calling the init script that first tests to see if it is present. Change-Id: I6bf5dfece9ecbdb8319747774185dec50d5a55f6 | |||
2013-06-30 | Fix 'Failed to call refresh: /usr/local/sbin/reload_dhclient returned 2 instead | Micah Anderson | |
of one of [0]' by putting in the missing closing single quote. Change-Id: I86feb5d06dd25e28ea67da0b5627e7be4174e01e | |||
2013-07-01 | Merge branch 'feature/authorized_keys' of ↵ | micah | |
/home/git/repositories/micah/leap_platform into develop | |||
2013-06-30 | switch to own define for managing ssh keys | varac | |
The problem with puppet's built-in ssh_authorized_key is that you can purge unmanaged keys in a authorized_keys file. see https://leap.se/code/issues/3010 for details. Conflicts: puppet/modules/site_sshd/manifests/authorized_keys.pp Change-Id: I640bf7ebc0f0f7fb19cc46feb4cb2702d6561a9b | |||
2013-06-30 | modularize and standardize site_sshd: | Micah Anderson | |
. move the setting of the xterm title to site_config::shell . change the xterm file resource to use standard source lines, switch to single quotes, quote mode, and line up parameters . move the mosh pieces into a site_ssh::mosh class and only include it if the right mosh variable is enabled, passing into the class the necessary hiera parameters . lint the site_ssh::mosh resources . change the authorized_keys class to accept the key parameter which is passed in from the main ssh class (but allow for out of scope variable lookup when the tag is passed) Change-Id: Ieec5a3932de9bad1b98633032b28f88e91e46604 |