leap_platform.git - [leap

Age	Commit message (Collapse)	Author
2016-03-11	update tor submodule to latest, to adapt to new jessie puppet requirements	Micah
	Change-Id: I0ed4827bc53da280d9ed62ea71382ca302ce6924
2016-03-11	Set MUA required ciphers, tighten up the mandatory protocols (#4232)	Micah
	Change-Id: I328aa37b393817e1764ea7e635fcefc801adbbf4
2016-03-10	[feat] add /etc/nagios3/conf.d/local as confdir	varac
	- Related: #2327
2016-03-10	[bug] Remove stunnel leftovers from bigcouch	varac
	- Resolves: #7785
2016-03-10	Merge branch 'serviceprovider_systemd' into develop	varac

2016-03-10	Merge branch 'add_site_nagios_dependencies' into develop	varac

2016-03-10	Update submodule nagios	varac

2016-03-10	Add Dependencies to site_nagios resources	varac

2016-03-09	[bug] Adopt new parameters from nagios and check_mk module	varac

2016-03-09	Merge branch '2327_dont_recreate_nagios_resources' into develop	varac

2016-03-09	Update submodule check_mk	varac

2016-03-09	Update submoduls nagios	varac

2016-03-08	update copy of the archive signing keys, switching to the new names	Micah
	Change-Id: I0305e33c743c15ec38abcf66979a1b2f582f693c
2016-03-08	change name of leap-keyring package to leap-archive-keyring (#7950)	Micah
	Change-Id: I5f04e31e49642597c69895b5aca3ff5326dfd6ec
2016-03-08	[feat] Use systemd as service provider	varac
	Even when the service provider defaults to systemd in latest puppet, it still defaults to 'debian' in puppet 3.7.2 (jessie version). We dropped wheezy support so we should use the systemd provider for now. https://docs.puppetlabs.com/puppet/latest/reference/type.html#service-provider-systemd
2016-03-08	[bug] Fix inline template with deprecated variable notation	varac
	- Resolves: #7948
2016-03-08	updated submodule couchdb	varac

2016-03-04	fix location of couchdb.admin.yml	elijah

2016-03-04	ensure /var/leap/couchdb exists before creating files there.	elijah

2016-03-04	move the location of couchdb.admin.yml so that it does not need to have its ↵	elijah
	ownership reset on each deploy.
2016-03-04	only not create soledad admin .netrc file if soledad is enabled	elijah

2016-03-02	Dont recreate nagios resources on every run	varac
	Use purging of nagios resources in a way that not all resources are recreated on every puppetrun. Resolves: #2327
2016-02-26	Update submodules apache and apt	varac

2016-02-26	Merge branch 'develop' of ssh://leap.se/leap_platform into develop	elijah

2016-02-26	plain couchdb now required, bigcouch support disabled.	elijah

2016-02-25	fix typo in last commit	varac

2016-02-25	check-mk's mk_job depends on the time package	varac

2016-02-25	couchdb module uses pbkdf2 as default pwhash algor. now	varac

2016-02-25	remove couchdb_pwhash_alg leftover	varac

2016-02-25	no build-essential packages needed for building leap_cli	varac

2016-02-24	[bug] Adopt ncli aliases to new version of icli	varac
	- Resolves: #7887
2016-02-24	Use site_couchdb::plain even when couch.master is set top "master"	varac

2016-02-24	Update module stunnel	varac

2016-02-23	Update opendkim platform pieces to match leap-cli.	Micah
	Change-Id: I9c8f9c9c3ee7cd89f013cbb08397377522ed5a4a
2016-02-23	We are rotating the mx logs 5 times, but we originally thought we should	Micah
	only have the following logfiles in that directory ever: mx.log, mx.log.[1-5], with an optional .gz suffix. However, we were wrong about the 'optional' part of the compression, we use the 'compress' option, so the logs will always be compressed. So there should never be the log files mx.log.1, mx.log.2, etc. This change adjusts the clean-up to deal with that. (#7058) https://github.com/leapcode/leap_platform/pull/97 Change-Id: I109d08ac063fe094c54e93be91893a67d7fbb51b
2016-02-23	use pbkdf2 pwhash for plain couch.	elijah

2016-02-23	default to plain couchdb, unless otherwise specified.	elijah
	# Conflicts: # puppet/modules/site_couchdb/manifests/plain.pp
2016-02-23	get dkim working, closes #5924	elijah

2016-02-23	Update submodule vcsrepo	varac

2016-02-23	Update submodule postfix	varac

2016-02-16	remove pinning of openvpn package to backports	elijah

2016-02-12	update postfix submodule for postscreen (Resolves: 2303)0.8.0rc1	kwadronaut

2016-02-12	add postscreen greeter (Resolves: 2303)	kwadronaut
	Conflicts: puppet/modules/site_postfix/manifests/mx.pp
2016-02-11	Allow ecdsa hostkeys (#7642) until we can safely transition providers to	Micah
	better key algorithm choices. Change-Id: I6b9ec83dbfbf15d1b65e14145bf625db6517f6b7
2016-02-11	Disable journald in order to resolve IP logging subversion (#7863)	Micah
	Change-Id: I9cee85c19d86dc7c8d70c4cdeb2e7426191b57a5
2016-02-11	Due to the smtps transport specifying a header_check, the received_anon	Micah
	replacement wasn't being done. (#7890) This moves that replacement into its own class, clears the old value and sets it properly in the smtps transport. Change-Id: I27c02730597df4943761d8bcb61014aeded9dc75
2016-02-10	add postscreen greeter (Resolves: 2303)	kwadronaut

2016-02-04	fix postfix Received anonymizing header regexp to properly match Client	Micah
	CN entries (#7867) Change-Id: Ie33277a62e90f9dc0602bb963dbb96a61cebed1d
2016-02-02	Merge branch 'bugfix/mxlog' into develop	elijah

2016-02-02	[bug] Add smtpd_relay_restrictions to postfix conf	varac
	smtpd_relay_restrictions was added in postfix 2.10 (jessie has 2.11 atm). Without this, outbound mails are rejected to be relayed. from http://www.postfix.org/SMTPD_ACCESS_README.html: NOTE: Postfix versions before 2.10 did not have smtpd_relay_restrictions. They combined the mail relay and spam blocking policies, under smtpd_recipient_restrictions. This could lead to unexpected results. For example, a permissive spam blocking policy could unexpectedly result in a permissive mail relay policy. An example of this is documented under "Dangerous use of smtpd_recipient_restrictions". smtpd_relay_restrictions defaults to 'permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination' and is configured here to check for a valid client cert. see http://www.postfix.org/postconf.5.html#smtpd_relay_restrictions - Resolves: #7856