- 17 Jul, 2020 6 commits
-
-
Łukasz Nowak authored
Despite the new system does not support promise failing scenarios, use a simple way to have such configurations in late way and massively test various important cases for rejection, error reporting and similar.
-
Łukasz Nowak authored
-
Łukasz Nowak authored
By default do not offer authentication certificate, the switch authenticate-to-backend can be used on cluster or slave level to control this feature.
-
Łukasz Nowak authored
rsyslogd is used, as haproxy does not support writing log files by its own.
-
Łukasz Nowak authored
This is needed in order to provide future support for client certificates to the backend. Also it means that haproxy is used in all cases, with or without cache, and as a result the "cached" version of caddy is dropped. Let haproxy setup maxconn by itself, as it's wise enough. Also trust that it'll detect and use proper limits, instead enforcing them in the shell with ulimit trick (ulimit -n $(ulimit -Hn)). As empty server alias can impact the configuration, add proper test for checking it.
-
Łukasz Nowak authored
-
- 16 Jul, 2020 2 commits
-
-
Łukasz Nowak authored
-
Thomas Gambier authored
the name of constructed records should be unique so use the slave reference instead of the "origin" parameter to be sure it is unique. Before this change, if 2 slaves have the same origin parameter "foo.com", we have the following in zone-files.yml: [...] sa.continent.foo.com: - cname: cname.of.slave1.for.sa [...] sa.continent.foo.com: - cname: cname.of.slave2.for.sa So only the cname for slave2 will be used.
-
- 15 Jul, 2020 1 commit
-
-
Jérome Perrin authored
-
- 14 Jul, 2020 9 commits
-
-
Łukasz Nowak authored
Instead of passing various kedifa information to the profile generating configuration use section kedifa-configuration and access later such grouped values.
-
Łukasz Nowak authored
In context of frontend node reuse passed directory section to slave configuration to improve readability and simplify future enhancements.
-
Łukasz Nowak authored
-
Łukasz Nowak authored
This reverts commit 92fd6909, which incorrectly added test assertion files with 'test.test'.
-
Łukasz Nowak authored
Caddy's proxy stanza for defined path with spaces sometimes is working when it's done like this: proxy /path with_spaces ip:port It happens, that few first requests after starting Caddy it's working, but then it fails with error message like: dial tcp: lookup with_spaces on ip: no such host So to stabilise situation now paths are generated like: proxy "/path with_spaces" ip:port
-
Łukasz Nowak authored
ssl_proxy_ca_crt can be just empty value, and that's not acceptable.
-
Łukasz Nowak authored
-
Łukasz Nowak authored
Use @@LOCATION@@ template to provide proper prefix path.
-
Łukasz Nowak authored
-
- 10 Jul, 2020 1 commit
-
-
Jérome Perrin authored
These changes allow to build SlapOS on Debian Buster ppc64el. The PowerPC 64-bits little endian platform appeared more recently into autoconf and therefore needed updated `config.sub` and `config.guess` files. Somehow these only needed to be patched on autoconf itself which is quite dated (2012), and libyaml that does not ship it's own `config.sub` and `config.guess` files. Other components built fine out of the box. `config.sub` and `config.guess` files were taken from Debian Buster itself. More information at: https://wiki.debian.org/AutoTools/autoconf **This merge request would have to be backported to previous releases in the case components reference older releases of SlapOS, which, if I understand correctly, is the case some times.** See merge request nexedi/slapos!780
-
- 09 Jul, 2020 2 commits
-
-
Leo Le Bouter authored
autoconf and libyaml needed updated config.sub and config.guess files on ppc64le. gnu-config component was created to centralize updated config.sub and config.guess files. autoconf and libyaml now extend gnu-config and overwrite their bundled config.guess and config.sub with gnu-config's. in the future, any component can extend gnu-config to update it's own config.sub and config.guess files if necessary.
-
Jérome Perrin authored
monitor app shows: ![monoring app showing /log url](/uploads/dbb22484f79ed1538a308c640d74c3dc/image.png) but this URL can not be accessed: ![/log URL unauthorized](/uploads/cf74f2d8bb867123c39264d8f7d9de74/image.png) The correct URL looks to be this: ![/share/private/log is OK](/uploads/4775d5d3841d8ffa68d67f2cf2b87b22/image.png) See merge request nexedi/slapos!785
-
- 08 Jul, 2020 7 commits
-
-
Thomas Gambier authored
This MR includes the following steps: 1. Target Python 3 2. Upgrade powerdns from version 3.3.1 to version 4.2.1 --- which also means... 3. Rework the configuration to support the [new GeoIP backend config format](https://doc.powerdns.com/authoritative/backends/geoip.html) See the commit messages for more detail. Note: EDNS Client Subnet extension is enabled. See merge request nexedi/slapos!764
-
Bryton Lacquement authored
-
Bryton Lacquement authored
With the recent powerdns upgrade, the GeoIP backend uses a new config format, see zones-file.yml.jinja2. zz.countries.nexedi.dk.rbldnsd (which maps IPs to countries) is replaced by GeoLite2-Country.mmdb(1) (which maps IPs to countries & continents). Note: zz.countries.nexedi.dk.rbldnsd is not deleted (yet?); it is parsed to keep information about China and its IP ranges grouped by ISP. cdn.conf.in (which maps RR(s) to countries) is dropped; it is replaced by an equivalent mapping done inside zones-file.yml.jinja2. Also, EDNS Client Subnet extension is enabled. --- (1): Added in previous commit.
-
Bryton Lacquement authored
-
Bryton Lacquement authored
Note: Only boost>=1.35 and openssl are required to build powerdns from source; ragel, bison and flex are also required if building from git. See https://doc.powerdns.com/authoritative/appendices/compiling.html#dependencies
-
Bryton Lacquement authored
-
Bryton Lacquement authored
-
- 07 Jul, 2020 1 commit
-
-
Jérome Perrin authored
-
- 06 Jul, 2020 3 commits
-
-
Thomas Gambier authored
See merge request nexedi/slapos!781
-
Łukasz Nowak authored
Replace occurences of 2.7 version to: * just python part, in case if part was referred * to ${python:version} in case string was generated
-
Łukasz Nowak authored
In "Do not harcode version of wanted Python" (3f930869) the references to pytohn are dropped, but they are needed during OBS preparation.
-
- 03 Jul, 2020 4 commits
-
-
Łukasz Nowak authored
Fixes: * switched to shared * used correct dependencies * fixed compilation parameters
-
Łukasz Nowak authored
Fixes: * switched to shared
-
Łukasz Nowak authored
-
Alain Takoudjou authored
-
- 02 Jul, 2020 1 commit
-
-
Bryton Lacquement authored
See merge request nexedi/slapos!779
-
- 01 Jul, 2020 2 commits
-
-
Thomas Gambier authored
fixup of 6fbc6e15
-
Jérome Perrin authored
The version we were using did not support timing diagrams. Update to a more recent version where it's supported. See merge request nexedi/slapos!778
-
- 30 Jun, 2020 1 commit
-
-
Jérome Perrin authored
This is a new feature requiring a recent plantuml version
-