Platform merge requestshttps://staging.gitlab.com/leap/platform/-/merge_requests2016-06-13T18:26:30Zhttps://staging.gitlab.com/leap/platform/-/merge_requests/168Catalog test2016-06-13T18:26:30Zusername-removed-2546Catalog testusername-removed-75310username-removed-75310https://staging.gitlab.com/leap/platform/-/merge_requests/167[feat] Automatic couchdb db compaction2016-05-20T18:30:02Zusername-removed-2546[feat] Automatic couchdb db compactionAutomatic background couchdb db compaction frees a huge
amount of diskspace.
- Resolves: #8118Automatic background couchdb db compaction frees a huge
amount of diskspace.
- Resolves: #8118username-removed-75310username-removed-75310https://staging.gitlab.com/leap/platform/-/merge_requests/166Improve platform testing2016-05-18T11:40:18Zusername-removed-2546Improve platform testing`rake test` with run all puppet checks required for CI (syntax , validate, spec, lint)
tested here: https://jenkins.leap.se/view/Platform%20Builds/job/platform_citest/96/
last remaining module `rake test` will complain about is `ba...`rake test` with run all puppet checks required for CI (syntax , validate, spec, lint)
tested here: https://jenkins.leap.se/view/Platform%20Builds/job/platform_citest/96/
last remaining module `rake test` will complain about is `backupninja`, and this is the m.r. that fixes it: https://gitlab.com/shared-puppet-modules-group/backupninja/merge_requests/6username-removed-75310username-removed-75310https://staging.gitlab.com/leap/platform/-/merge_requests/165Fix clamd start configuration (#8048)2016-04-21T13:09:41Zusername-removed-75310Fix clamd start configuration (#8048)If clamd is not running, the helpful cronjob tries to start it again,
but the way it is being started can only be run as root, and the cronjob
is run as the clamav user, so you get an error on each cron run. This
fixes that problem
...If clamd is not running, the helpful cronjob tries to start it again,
but the way it is being started can only be run as root, and the cronjob
is run as the clamav user, so you get an error on each cron run. This
fixes that problem
Change-Id: I4cdb29dc651bee8a2eef1655ad4748d885afae0fusername-removed-2546username-removed-2546https://staging.gitlab.com/leap/platform/-/merge_requests/164Fix various syslog things (#8021)2016-05-09T14:35:36Zusername-removed-75310Fix various syslog things (#8021)This fixes a few different syslog issues that were reported (#8021)This fixes a few different syslog issues that were reported (#8021)username-removed-2546username-removed-2546https://staging.gitlab.com/leap/platform/-/merge_requests/163Fix opendkim socket errors (#8020)2016-04-21T13:07:42Zusername-removed-75310Fix opendkim socket errors (#8020)In order to fix these:
Apr 4 17:40:44 snail postfix/smtpd[27450]: warning: connect to Milter service inet:localhost:8891: Connection refused
We need to remove the chroot option for the cleanup service.
Unfortunately, the postfi...In order to fix these:
Apr 4 17:40:44 snail postfix/smtpd[27450]: warning: connect to Milter service inet:localhost:8891: Connection refused
We need to remove the chroot option for the cleanup service.
Unfortunately, the postfix module doesn't have a convenient way to manage master.cf entries.
See e97a9d3800b173375a630e18e4b1aa0894eb96e1 for opendkim implementation.
Change-Id: I2742650965e61273fb804ebe9ce3f9bd38796582username-removed-2546username-removed-2546https://staging.gitlab.com/leap/platform/-/merge_requests/162[feat] Dont install recommended packages2016-03-31T08:56:05Zusername-removed-2546[feat] Dont install recommended packagesBy default, Puppet installs recommended packages.
We turn this off for all apt Package resources.By default, Puppet installs recommended packages.
We turn this off for all apt Package resources.username-removed-75310username-removed-75310https://staging.gitlab.com/leap/platform/-/merge_requests/161add whitebox test for opendkim (#7649)2016-03-17T19:56:55Zusername-removed-75310add whitebox test for opendkim (#7649)Change-Id: I8c8ec225d703e3caf6c77fc72305da847cea9560Change-Id: I8c8ec225d703e3caf6c77fc72305da847cea9560username-removed-2546username-removed-2546https://staging.gitlab.com/leap/platform/-/merge_requests/160[bug] Clamav test depends on multiple files2016-03-17T13:25:43Zusername-removed-2546[bug] Clamav test depends on multiple filesThe systemd clamav service depends on these files, see the
`/lib/systemd/system/clamav-daemon.service` unit file:
ConditionPathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc}
ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]...The systemd clamav service depends on these files, see the
`/lib/systemd/system/clamav-daemon.service` unit file:
ConditionPathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc}
ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc}
Also, leap test should always check for the freshclam daemon.
- Resolves: #7683username-removed-75310username-removed-75310https://staging.gitlab.com/leap/platform/-/merge_requests/159fix tor-related jessie deprecations (#7962)2016-03-11T20:56:10Zusername-removed-75310fix tor-related jessie deprecations (#7962)username-removed-2546username-removed-2546https://staging.gitlab.com/leap/platform/-/merge_requests/158[jessie] Remove obsolete backports pinning2016-03-14T13:40:57Zusername-removed-2546[jessie] Remove obsolete backports pinningtested successfully: https://jenkins.leap.se/view/Platform%20Builds/job/platform_citest_jessie/142/consoletested successfully: https://jenkins.leap.se/view/Platform%20Builds/job/platform_citest_jessie/142/consoleusername-removed-75310username-removed-75310https://staging.gitlab.com/leap/platform/-/merge_requests/157Add Dependencies to site_nagios resources2016-03-10T19:25:31Zusername-removed-2546Add Dependencies to site_nagios resourcesusername-removed-75310username-removed-75310https://staging.gitlab.com/leap/platform/-/merge_requests/156[feat] Use systemd as service provider2016-03-10T19:26:20Zusername-removed-2546[feat] Use systemd as service providerEven when the service provider defaults to systemd in
latest puppet, it still defaults to 'debian' in puppet
3.7.2 (jessie version).
We dropped wheezy support so we should use the systemd provider
for now.
https://docs.puppetlab...Even when the service provider defaults to systemd in
latest puppet, it still defaults to 'debian' in puppet
3.7.2 (jessie version).
We dropped wheezy support so we should use the systemd provider
for now.
https://docs.puppetlabs.com/puppet/latest/reference/type.html#service-provider-systemdusername-removed-75310username-removed-75310https://staging.gitlab.com/leap/platform/-/merge_requests/155change name of leap-keyring package to leap-archive-keyring2016-03-08T20:15:01Zusername-removed-75310change name of leap-keyring package to leap-archive-keyringPretty simple change... the package is being built now with this name. The platform and the web page need to be changed to match.
Change-Id: I5f04e31e49642597c69895b5aca3ff5326dfd6ecPretty simple change... the package is being built now with this name. The platform and the web page need to be changed to match.
Change-Id: I5f04e31e49642597c69895b5aca3ff5326dfd6ecusername-removed-2546username-removed-2546https://staging.gitlab.com/leap/platform/-/merge_requests/154[bug] Remove stunnel leftovers from bigcouch2016-03-10T19:28:58Zusername-removed-2546[bug] Remove stunnel leftovers from bigcouch- Resolves: #7785- Resolves: #7785username-removed-75310username-removed-75310https://staging.gitlab.com/leap/platform/-/merge_requests/153Set MUA required ciphers, tighten up the mandatory protocols (#4232)2016-05-24T20:48:35Zusername-removed-75310Set MUA required ciphers, tighten up the mandatory protocols (#4232)Change-Id: I328aa37b393817e1764ea7e635fcefc801adbbf4Change-Id: I328aa37b393817e1764ea7e635fcefc801adbbf4username-removed-118369username-removed-118369https://staging.gitlab.com/leap/platform/-/merge_requests/152Dont recreate nagios resources on every run2016-03-09T16:40:47Zusername-removed-2546Dont recreate nagios resources on every runUse purging of nagios resources in a way that not
all resources are recreated on every puppetrun.
Resolves: #2327Use purging of nagios resources in a way that not
all resources are recreated on every puppetrun.
Resolves: #2327username-removed-75310username-removed-75310https://staging.gitlab.com/leap/platform/-/merge_requests/151Update opendkim platform pieces to match leap-cli.2016-02-24T02:14:57Zusername-removed-75310Update opendkim platform pieces to match leap-cli.
This enables opendkim, using the updated variable configuration from leap cli, and fixes a few syntax errors along the way. This was tested on cat.
Change-Id: I9c8f9c9c3ee7cd89f013cbb08397377522ed5a4a
This enables opendkim, using the updated variable configuration from leap cli, and fixes a few syntax errors along the way. This was tested on cat.
Change-Id: I9c8f9c9c3ee7cd89f013cbb08397377522ed5a4ausername-removed-2546username-removed-2546https://staging.gitlab.com/leap/platform/-/merge_requests/150We are rotating the mx logs 5 times, but we originally thought we should (#7058)2016-02-23T19:50:46Zusername-removed-75310We are rotating the mx logs 5 times, but we originally thought we should (#7058)only have the following logfiles in that directory ever:
mx.log, mx.log.[1-5], with an optional .gz suffix.
However, we were wrong about the 'optional' part of the compression, we
use the 'compress' option, so the logs will always b...only have the following logfiles in that directory ever:
mx.log, mx.log.[1-5], with an optional .gz suffix.
However, we were wrong about the 'optional' part of the compression, we
use the 'compress' option, so the logs will always be compressed. So
there should never be the log files mx.log.1, mx.log.2, etc.
This change adjusts the clean-up to deal with that. (#7058)
https://github.com/leapcode/leap_platform/pull/97
Change-Id: I109d08ac063fe094c54e93be91893a67d7fbb51busername-removed-2546username-removed-2546https://staging.gitlab.com/leap/platform/-/merge_requests/149Allow ecdsa hostkeys (#7642) until we can safely transition providers to2016-02-11T15:38:07Zusername-removed-75310Allow ecdsa hostkeys (#7642) until we can safely transition providers tobetter key algorithm choices.
Change-Id: I6b9ec83dbfbf15d1b65e14145bf625db6517f6b7better key algorithm choices.
Change-Id: I6b9ec83dbfbf15d1b65e14145bf625db6517f6b7username-removed-2546username-removed-2546