Raymond Yee
|
2685940069
|
ooops typo
|
2015-03-05 12:25:34 -08:00 |
Raymond Yee
|
c9a0fc8ee7
|
tweak from the article
SSLCipherSuite EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS +RC4 RC4
|
2015-03-05 12:24:20 -08:00 |
Raymond Yee
|
bcc1abed00
|
Now let's try https://community.qualys.com/blogs/securitylabs/2013/08/05/configuring-apache-nginx-and-openssl-for-forward-secrecy
|
2015-03-05 12:15:12 -08:00 |
Raymond Yee
|
25b8749206
|
Let's see what using the old configuration to be more compatible with old browsers does for the ssl test
|
2015-03-05 12:07:30 -08:00 |
Raymond Yee
|
9477ae66f2
|
first config try didn't up our score....now trying config generated by mozilla
|
2015-03-04 11:35:25 -08:00 |
Raymond Yee
|
5c64cfac38
|
testing SSL configuration to try to disallow RC4 and enable forward secrecy
|
2015-03-04 10:53:54 -08:00 |
Raymond Yee
|
c911a0f945
|
redirect all for prod
|
2015-01-08 14:08:18 -08:00 |
Raymond Yee
|
a77bae1cd6
|
restore prod to current state
|
2015-01-08 11:14:12 -08:00 |
eric
|
b6e17b6fcf
|
Merge branch 'master' into ssl_redirect
|
2015-01-08 13:11:18 -05:00 |
Raymond Yee
|
8a5c86d718
|
I had a bug in the crontab for just all this time....
|
2014-12-20 18:22:20 -05:00 |
Raymond Yee
|
c04a858905
|
configure production for redirecting everything to tls too.
|
2014-12-12 13:52:56 -08:00 |
Raymond Yee
|
22c917eb65
|
let's try redirecting everything
|
2014-12-12 13:47:25 -08:00 |
Raymond Yee
|
2764d337ae
|
need to include --upgrade flag to pip install (doh)
|
2014-10-16 15:18:06 -07:00 |
Raymond Yee
|
685e827e44
|
Turning off SSL v2 and SSL v3 from Apache to patch against POODLE vulnerability: http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566
|
2014-10-15 14:56:59 -07:00 |
Raymond Yee
|
629527e3e0
|
the commands to link the celery config files belong in the startup
|
2014-10-10 17:28:59 -07:00 |
Raymond Yee
|
9be8d2b3a7
|
just was not configured properly for celery
|
2014-10-10 17:00:28 -07:00 |
Raymond Yee
|
957d3f2c88
|
Fix SSL conf on production too
|
2014-05-23 18:15:54 -07:00 |
Raymond Yee
|
91250d937b
|
it seems key issue is lack of
ServerName just.unglue.it:443
|
2014-05-23 17:57:40 -07:00 |
Raymond Yee
|
af016cc0fb
|
adding to apache conf:
SSLProtocol all -SSLv2 +TLSv1
|
2014-05-23 17:25:40 -07:00 |
Raymond Yee
|
1867964938
|
need a LF at end for crontab
|
2014-05-05 17:46:15 -07:00 |
Raymond Yee
|
918d295509
|
set the SHELL, PATH in crontab for just/please
|
2014-05-05 17:04:27 -07:00 |
eric
|
2892a22824
|
change terminology from "donation" to "gift"
|
2013-12-13 15:15:35 -05:00 |
Raymond Yee
|
7f35d0b74d
|
/opt/regluit/ENV/bin/django-admin.py emit_notices --settings=regluit.settings.please ->
/opt/regluit/ENV/bin/django-admin.py emit_notices --settings=regluit.settings.just
|
2013-11-11 17:58:19 -08:00 |
Raymond Yee
|
c253fd3909
|
update-just should also do a pip install
|
2013-02-11 10:54:37 -08:00 |
Raymond Yee
|
fe45fdc2ab
|
update which SSLCertificateChainFile being used by unglue.it
|
2013-01-07 21:11:39 -05:00 |
Raymond Yee
|
4fa7ea75ba
|
update just.conf to move from just.unglueit.com -> just.unglue.it and for using a different CA
|
2013-01-07 20:53:43 -05:00 |
Raymond Yee
|
2ff9d4a4d3
|
[#38999845] Redirect pledge and donation pages to https
|
2012-11-05 21:58:30 +00:00 |
Raymond Yee
|
542ffd8f34
|
Update reference to Django in requirements_versioned.pip to 1.4.2
removed requiresments.pip and requirements_relaunch.pip and updated README.md
|
2012-10-18 07:34:39 -07:00 |
Raymond Yee
|
d33485df99
|
use requirements_versioned.pip in update-prod
|
2012-10-14 21:59:13 -07:00 |
Jason
|
7d4ec00382
|
Adding public key for jason kace to repository
|
2012-05-11 16:38:49 -04:00 |
eric
|
0ffd89e072
|
eric's public key
|
2012-05-10 16:36:16 -04:00 |
Raymond Yee
|
ccf753794c
|
Renaming AY's key to have her name
|
2012-05-10 13:23:10 -07:00 |
Andromeda Yelton
|
57b519c2d1
|
committing public key
|
2012-05-10 15:40:14 -04:00 |
Ed Summers
|
509bff4d52
|
Configuration files for just.unglueit.com
|
2012-05-07 18:44:01 +00:00 |
Ed Summers
|
9ea3d62ead
|
added my pubkey
|
2012-05-04 17:01:51 -04:00 |
Raymond Yee
|
e94e0352e9
|
Raymond's public key:
ssh-keygen -l -f deploy/public_keys/raymond_yee.pub ->
2048 89:33:28:02:e4:ef:c0:5e:f5:30:e1:4a:2c:1f:a3:b7 deploy/public_keys/raymond_yee.pub (RSA)
|
2012-05-03 18:44:42 -07:00 |
Ed Summers
|
0279253aa2
|
emit_notice.sh has to +x mode
added a db encoding for test db for production
|
2012-04-20 17:18:54 +00:00 |
Raymond Yee
|
1aa9b5e550
|
crontab needs end of file
|
2012-04-18 19:07:02 -07:00 |
Raymond Yee
|
c0dee5365a
|
Trying to correct a complaint from crontab -- /bin/sh: no source
|
2012-04-18 19:05:40 -07:00 |
Raymond Yee
|
8619945838
|
[#27115145] implementing ubuntu crontab for production -- first job: django.admin emit_notices every minute
|
2012-04-18 18:32:13 -07:00 |
Raymond Yee
|
e4352f4382
|
Putting into place a crontab for please
Adding django-admin.py emit_notices job to crontab
|
2012-04-18 09:57:32 -07:00 |
Raymond Yee
|
7690345aec
|
Added more documentation on setting up celerybeat to README.md
updated deployment scripts to launch celerybeat
|
2012-04-05 15:07:27 -07:00 |
Raymond Yee
|
a941421317
|
Add celerybeat restart to update-regluit
|
2012-04-05 14:48:30 -07:00 |
Raymond Yee
|
2c2d1bb606
|
Adding first passes at celerybeat configuration files for please and unglue.it -- still need to be tested
|
2012-04-05 13:24:03 -07:00 |
Raymond Yee
|
d747ba3e87
|
This celerybeat conf works for ry-dev.dyndns.org
|
2012-04-05 20:21:31 +00:00 |
Raymond Yee
|
dfc4115143
|
Adding celerybeat
|
2012-04-05 11:09:46 -07:00 |
Raymond Yee
|
572d2ecd91
|
I committed the wrong file for celeryd_rydev.conf -- this is the right one
|
2012-04-05 15:34:57 +00:00 |
Raymond Yee
|
4bbef9e102
|
Add a celeryd.conf file for ry-dev...on the way to getting the celerybeat daemon to work
|
2012-04-04 22:56:00 +00:00 |
Ed Summers
|
abb936fcf6
|
Added a script to update the production machine
|
2012-02-02 19:39:35 +00:00 |
Ed Summers
|
e4337b5986
|
Change update-regluit to refer to settings.please not settings.prod
|
2012-01-26 15:53:59 +00:00 |
Raymond Yee
|
6ea55848bd
|
Merge branch 'master' into ry
|
2012-01-26 07:38:00 -08:00 |
Raymond Yee
|
dcf477c34a
|
Adding a site for ry-dev to initial_data.json
Creating a separate celeryd_please.conf to handle please
Added SITE_ID to dev.py
More instructions for README.md
|
2012-01-26 07:29:46 -08:00 |
Ed Summers
|
744b751279
|
We need separate wsgi file for please
|
2012-01-26 02:12:23 +00:00 |
Raymond Yee
|
84c37a988a
|
Turn off the godaddy bundle temporarily
|
2012-01-25 17:48:58 -08:00 |
Ed Summers
|
a1202c9125
|
need logging!
|
2012-01-20 16:24:27 +00:00 |
Ed Summers
|
714e45598d
|
/var/run/celery does not persist after reboot, afterwhich celery fails to start again. we can use the /var/log/celery directory for the .pid file
|
2012-01-18 03:51:11 +00:00 |
Ed Summers
|
7afb746835
|
got redirects working
|
2012-01-16 23:32:32 +00:00 |
Raymond Yee
|
8fc9c88476
|
reinstate /etc/ssl/certs/gd_bundle.crt
|
2012-01-15 17:54:23 -05:00 |
Ed Summers
|
8bffcbc308
|
production config changes
|
2012-01-15 22:14:45 +00:00 |
Ed Summers
|
61f9ff9980
|
forked please and prod configurations
|
2012-01-15 20:37:08 +00:00 |
Ed Summers
|
4f33fbcbd1
|
using mod_rewrite now to redirect to https, also on the homepage now
|
2012-01-04 03:26:15 +00:00 |
Raymond Yee
|
c96996e284
|
Added
SSLCertificateChainFile /etc/ssl/certs/gd_bundle.crt
to deploy/regluit.conf to enable Godaddy cert to work on Chrome, etc.
|
2011-11-29 12:03:48 -08:00 |
Ed Summers
|
f193ea396e
|
use local mailserver instead of google mail ; also now routing all /admin and /accounts traffic through ssl
|
2011-11-20 02:48:26 +00:00 |
Ed Summers
|
473114fb9d
|
oops forgot settings for collectstatic
|
2011-11-18 14:01:03 -05:00 |
Ed Summers
|
b8fe12ea58
|
noinput important
|
2011-11-18 13:51:39 -05:00 |
Ed Summers
|
0cadda0821
|
need to run collectstatic to push the css/js/images to /var/www/static
|
2011-11-18 13:49:35 -05:00 |
Ed Summers
|
5a70d967e9
|
added info about collecting static files for production environment
|
2011-11-18 16:37:05 +00:00 |
Ed Summers
|
296cbf1488
|
pip typo
|
2011-11-17 23:19:15 -05:00 |
Ed Summers
|
ada2385cec
|
update needs to install python dependencies
|
2011-11-17 23:16:39 -05:00 |
Ed Summers
|
2876f9db4e
|
minor tweaks to get the automated git pull working
|
2011-11-11 04:07:33 +00:00 |
Ed Summers
|
9824d093f2
|
added timestamp for successful update
|
2011-11-11 03:41:25 +00:00 |
Ed Summers
|
4860ec430a
|
added script to update please.unglueit.com
|
2011-11-09 18:22:23 +00:00 |
Ed Summers
|
a79de596bb
|
added production deployment information and scripts for celeryd
|
2011-10-20 04:36:41 +00:00 |
Ed Summers
|
0c1411f2e8
|
added celery async task for add_related that gets exercised when a book is added to a wishlist. includes new settings for the djkombu celery backend
|
2011-10-19 23:31:16 -04:00 |
Ed Summers
|
d7f2101166
|
production apache and mod_wsgi configs
|
2011-10-07 03:14:29 +00:00 |
thatandromeda
|
60ef42aae9
|
fixed typo (regluit.settigns->regluit.settings)
|
2011-09-07 10:02:35 -03:00 |
Ed Summers
|
139a866bf6
|
setup api, core and frontend apps, also added initial homepage template from stefan
|
2011-08-30 23:46:55 -04:00 |