Commit Graph

26363 Commits (5464b7156120e9be898e31336bf59b021a64d25f)
 

Author SHA1 Message Date
Vlad Gusev 317fe95be0 system/puppet: add --tags parameter (#1916)
* system/puppet: add --tags parameter

--tags [1] is used to apply a part of the node’s catalog.

In puppet:
puppet agent --tags update,monitoring

In ansible:
puppet: tags=update,monitoring

[1] https://docs.puppetlabs.com/puppet/latest/reference/lang_tags.html#restricting-catalog-runs

* Add example of tag usage.

* system/puppet: add list type for a tags dict.
8 years ago
Michael Scherer 817335ae0d Client_secret is supposed to be kept secret, so mark it as no_log (#1995) 8 years ago
nitzmahone bd3172b2e8 win_updates fix to use documented InstanceGuid property name 8 years ago
nitzmahone e20eac089f win_updates shouldn't install hidden updates 8 years ago
Michael Scherer e7e1a8bfea Avoid token leak by marking it as sensitive with no_log (#1966) 8 years ago
Michael Scherer ed69d8335e Properly label path argument with type='path' (#1940) 8 years ago
Michael Scherer b8706a1f95 Do not leak mail password by error 8 years ago
Michael Scherer 0dd3296ddd Mark password as 'no_log', to avoid leaking it 8 years ago
Rob b93fda8573 Updated Amazon module guidelines regarding boto3
* Updated Amazon module guidelines regarding boto3

* Spelling correction
8 years ago
Andy Baker c0d281e290 type should be 'list' not the default of 'string' 8 years ago
Evgeni Golov 1847f19e41 don't create world-readable archives of LXC containers
with the default umask tar will create a world-readable archive of the

container, which may contain sensitive data

Signed-off-by: Evgeni Golov <evgeni@golov.de>
8 years ago
Michael Scherer 3b79c1621b Prevent password leaks in notification/irc 8 years ago
Michael Scherer 67b2623e92 Use no_log=True for campfire module to avoid leaks 8 years ago
Michael Scherer f2bf444395 Set no log for jabber.py password 8 years ago
Evgeni Golov 16b2d85d34 do not use a predictable filenames in the LXC plugin
* do not use a predictable filename for the LXC attach script

* don't use predictable filenames for LXC attach script logging

* don't set a predictable archive_path

this should prevent symlink attacks which could result in

* data corruption

* data leakage

* privilege escalation
8 years ago
Michael Scherer f47a756c46 Add proper type to cpanm arguments
from_path, locallib, executable should be path to benefits
from path expansion for ~user.
8 years ago
Chulki Lee 432a9a31ca osx_defaults: fix datetime
Fix #1742
8 years ago
Matt Martz c8bd27f1e8 Rebase PRs against $TRAVIS_BRANCH before performing tests 8 years ago
mo@oclab.net 20fd04b9e7 firewalld: fixes documentation
- removes warning, aligning to existing documentation
- adds version
8 years ago
mo@oclab.net 8b2d484032 firewalld: add/remove interfaces to/from zones 8 years ago
David Hocky aabd6390d4 fix dscp marking documentation in iptables module 8 years ago
Evgeni Golov 88d8820f1b explicitly set "default: null" in the docs 8 years ago
Evgeni Golov e1846d2e4b do not set a default config for lxc containers
otherwise deploying user-containers fail as these require information
from ~/.config/lxc/default.conf that the LXC tools will load if no
--config was supplied

Signed-off-by: Evgeni Golov <evgeni@golov.de>
8 years ago
Chris Porter 2b8b04638d fix security vulnerability in lxc module
octal/decimal confusion makes file world-writable before executing it
8 years ago
Hans-Joachim Kliemeck e3d8facc7f fixxed tests 8 years ago
Hans-Joachim Kliemeck c82d72e12a fixed problems related to userpricincipalname (user@domain) and undefined variables fixed variable capitalization 8 years ago
Hans-Joachim Kliemeck 186197397c fixxed problem with match @ 8 years ago
Hans-Joachim Kliemeck 9ba30d2cea only call set-acl if necessary 8 years ago
Hans-Joachim Kliemeck 700ca56c61 as suggested by @marcind, convert to boolean 8 years ago
Hans-Joachim Kliemeck 404483ea83 fixed documentation 8 years ago
Hans-Joachim Kliemeck de4a271dd0 added userprincipal support 8 years ago
Hans-Joachim Kliemeck 65d5658553 added separate module to change owner, since win_acl is ACL only and should not be more complex 8 years ago
Marcos Diez 1aec0a3ffb mongodb_user.py: changes on comments 8 years ago
Marcos Diez 37ba9a3fe1 mongodb_user: fix checking if the roles of an oplog reader user changed 8 years ago
Guillaume Dufour dc83f2c6d7 use python fallback to avoid error on old mongo version without roles 8 years ago
Guillaume Dufour 467d9a8090 avoid problem with old mongo version without roles 8 years ago
Guillaume Dufour b07e1c13f7 fix #1731 : mongodb_user always says changed 8 years ago
John Barker d20b7ee6e6 restore version_added in dynamodb_table.py 8 years ago
Matt Hite 846a538648 Allow port 0 as a valid pool member port 8 years ago
Jason Witkowski 48931065e5 The current module supporting F5 BIGIP pool creation does not support a setup where the port number must be zero to signify the pool will listen on multiple ports. This change implements that functionality and fixes an illogical conditional. 8 years ago
Michael Scherer a21ab5b990 Use type='path' for reposdir, since that's a path 8 years ago
Rene Moser 051b11b983 openstack: doc: add return doc, fixes build 8 years ago
Paul Seiffert 48223fd268 Allow Datadog metric alerts to define multiple thresholds 8 years ago
David Shrewsbury 33d3616bab Add OpenStack os_user_role module 8 years ago
Michael Scherer dc94ce72c7 Use boolean instead of "yes" + choice for most option
This enable a more standard behavior with others modules
8 years ago
Michael Scherer 2a0c9bb3a2 Use type 'path' for rootdir, for pkgng 8 years ago
Michael Gruener bdeb5af740 cloudflare_dns: Cosmetic cleanup 8 years ago
Michael Gruener 90503c9f2a cloudflare_dns: normalize return value and docs 8 years ago
Michael Gruener 95f270089b cloudflare_dns: Cleanup record update handling 8 years ago
Michael Gruener 78640328cb cloudflare_dns: Allow CNAME content updates 8 years ago