From 276b77cdcc0d169b84e046afe8763e2c52ff76fb Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Mon, 5 Oct 2015 15:22:25 +0200
Subject: [feat] remove tapicero leftovers

Soledad now creates user-dbs, which has been done by tapicero
in the past. we need to remove any leftovers from tapicero.
---
 puppet/manifests/site.pp | 1 -
 1 file changed, 1 deletion(-)

(limited to 'puppet/manifests/site.pp')

diff --git a/puppet/manifests/site.pp b/puppet/manifests/site.pp
index 912234ac..91dd2d3c 100644
--- a/puppet/manifests/site.pp
+++ b/puppet/manifests/site.pp
@@ -20,7 +20,6 @@ if member($services, 'openvpn') {
 
 if member($services, 'couchdb') {
   include site_couchdb
-  include tapicero
 }
 
 if member($services, 'webapp') {
-- 
cgit v1.2.3


From 150579fb14716892cc3e4d7d9c0f81b30d56f03a Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Mon, 13 Apr 2015 23:16:00 +0200
Subject: restructured site.pp, now only one class gets included in site.pp per
 service (Bug #6851)

Also, moved global Exec{} defaults to site.pp

Change-Id: I9ae91b77afde944d2f1312613b9d9030e32239dd
---
 puppet/manifests/site.pp | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

(limited to 'puppet/manifests/site.pp')

diff --git a/puppet/manifests/site.pp b/puppet/manifests/site.pp
index 91dd2d3c..6bafff8e 100644
--- a/puppet/manifests/site.pp
+++ b/puppet/manifests/site.pp
@@ -2,12 +2,10 @@
 # the logoutput exec parameter defaults to "on_error" in puppet 3,
 # but to "false" in puppet 2.7, so we need to set this globally here
 Exec {
-    logoutput => on_failure,
-      path    => '/usr/bin:/usr/sbin/:/bin:/sbin:/usr/local/bin:/usr/local/sbin'
+  logoutput => on_failure,
+  path      => '/usr/bin:/usr/sbin/:/bin:/sbin:/usr/local/bin:/usr/local/sbin'
 }
 
-include site_config::setup
-include site_config::default
 
 $services = hiera('services', [])
 $services_str = join($services, ', ')
@@ -15,7 +13,6 @@ notice("Services for ${fqdn}: ${services_str}")
 
 if member($services, 'openvpn') {
   include site_openvpn
-  include site_obfsproxy
 }
 
 if member($services, 'couchdb') {
@@ -24,7 +21,6 @@ if member($services, 'couchdb') {
 
 if member($services, 'webapp') {
   include site_webapp
-  include site_nickserver
 }
 
 if member($services, 'soledad') {
@@ -50,5 +46,3 @@ if member($services, 'static') {
 if member($services, 'obfsproxy') {
   include site_obfsproxy
 }
-
-include site_config::packages::uninstall
-- 
cgit v1.2.3


From a8343508a6ced1dcbca621ad4c6f3ac39676326b Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Thu, 28 Jan 2016 00:04:10 +0100
Subject: [feat] Fix fast deploy using 'leap deploy --fast'

This worked before, but somehow stopped working.

We need to include 'site_config::slow' top-level scope instead
of including it in 'site_config::default', because otherwise it
would get tagged with 'leap_base', and would be included always.

This way 'site_config::slow' gets included by default, but can be
excluded by using 'leap deploy --fast'.
See https://leap.se/en/docs/platform/details/under-the-hood#tags

- Resolves: #7844
---
 puppet/manifests/site.pp | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'puppet/manifests/site.pp')

diff --git a/puppet/manifests/site.pp b/puppet/manifests/site.pp
index 6bafff8e..f012d6c8 100644
--- a/puppet/manifests/site.pp
+++ b/puppet/manifests/site.pp
@@ -11,6 +11,15 @@ $services = hiera('services', [])
 $services_str = join($services, ', ')
 notice("Services for ${fqdn}: ${services_str}")
 
+# In the default deployment case, we want to run an 'apt-get dist-upgrade'
+# to ensure the latest packages are installed. This is done by including the
+# class 'site_config::slow' here. However, you only changed a small bit of
+# the platform and want to skip this slow part of deployment, you can do that
+# by using 'leap deploy --fast' which will only apply those resources that are
+# tagged with 'leap_base' or 'leap_service'.
+# See https://leap.se/en/docs/platform/details/under-the-hood#tags
+include site_config::slow
+
 if member($services, 'openvpn') {
   include site_openvpn
 }
-- 
cgit v1.2.3


From 0aebb4c41f96f6ad7a7e8a3b07eaffa1f9075f51 Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Tue, 8 Mar 2016 18:38:22 +0100
Subject: [feat] Use systemd as service provider

Even when the service provider defaults to systemd in
latest puppet, it still defaults to 'debian' in puppet
3.7.2 (jessie version).

We dropped wheezy support so we should use the systemd provider
for now.

https://docs.puppetlabs.com/puppet/latest/reference/type.html#service-provider-systemd
---
 puppet/manifests/site.pp | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'puppet/manifests/site.pp')

diff --git a/puppet/manifests/site.pp b/puppet/manifests/site.pp
index f012d6c8..ec42ffd4 100644
--- a/puppet/manifests/site.pp
+++ b/puppet/manifests/site.pp
@@ -6,6 +6,9 @@ Exec {
   path      => '/usr/bin:/usr/sbin/:/bin:/sbin:/usr/local/bin:/usr/local/sbin'
 }
 
+Service {
+  provider => 'systemd'
+}
 
 $services = hiera('services', [])
 $services_str = join($services, ', ')
-- 
cgit v1.2.3


From 9b50224e6409d433e1074a218cbca594bd822608 Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Tue, 15 Mar 2016 20:21:51 +0100
Subject: Revert "[feat] Use systemd as service provider"

This reverts commit 0aebb4c41f96f6ad7a7e8a3b07eaffa1f9075f51.

We enabled systemd as puppet service default provider, but this results
in these services falsely detected as not running, and restarted on
every deploy.
We need to indivually configure systemd as service provider only for
those services that ship a systed unit file.

see #7966 for details
---
 puppet/manifests/site.pp | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'puppet/manifests/site.pp')

diff --git a/puppet/manifests/site.pp b/puppet/manifests/site.pp
index ec42ffd4..f012d6c8 100644
--- a/puppet/manifests/site.pp
+++ b/puppet/manifests/site.pp
@@ -6,9 +6,6 @@ Exec {
   path      => '/usr/bin:/usr/sbin/:/bin:/sbin:/usr/local/bin:/usr/local/sbin'
 }
 
-Service {
-  provider => 'systemd'
-}
 
 $services = hiera('services', [])
 $services_str = join($services, ', ')
-- 
cgit v1.2.3


From bdba3c13d48960e275ddd208527b8736fa518e23 Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Thu, 17 Mar 2016 20:43:11 +0100
Subject: [feat] Dont install recommended packages

By default, Puppet installs recommended packages.
We turn this off for all apt Package resources.
---
 puppet/manifests/site.pp | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'puppet/manifests/site.pp')

diff --git a/puppet/manifests/site.pp b/puppet/manifests/site.pp
index f012d6c8..ecda4012 100644
--- a/puppet/manifests/site.pp
+++ b/puppet/manifests/site.pp
@@ -6,6 +6,9 @@ Exec {
   path      => '/usr/bin:/usr/sbin/:/bin:/sbin:/usr/local/bin:/usr/local/sbin'
 }
 
+Package <| provider == 'apt' |>  {
+  install_options => ['--no-install-recommends'],
+}
 
 $services = hiera('services', [])
 $services_str = join($services, ', ')
-- 
cgit v1.2.3