diff options
| author | elijah <elijah@riseup.net> | 2016-01-26 12:27:51 -0800 |
|---|---|---|
| committer | elijah <elijah@riseup.net> | 2016-01-26 12:27:51 -0800 |
| commit | b95d60260ecb57fe08fca0571771a14b803c1b4e (patch) | |
| tree | 30f0bbb5156ec13951e1ed32c06bdc7550c6d044 | |
| parent | 8fc9f0da2f755ad8b225d4b0557c6179236ca7f4 (diff) | |
| parent | 27a059ccb3b5210f7e539326c30f20d8530cde1d (diff) | |
Merge branch 'develop' of ssh://leap.se/leap_platform into develop
| -rwxr-xr-x | bin/debug.sh | 14 | ||||
| -rw-r--r-- | puppet/modules/site_apt/files/Debian/51unattended-upgrades-leap | 6 | ||||
| -rw-r--r-- | puppet/modules/site_apt/manifests/unattended_upgrades.pp | 13 | ||||
| -rw-r--r-- | puppet/modules/site_apt/templates/50unattended-upgrades | 16 | ||||
| -rw-r--r-- | puppet/modules/site_config/manifests/remove/bigcouch.pp | 26 | ||||
| -rw-r--r-- | puppet/modules/site_config/manifests/remove/files.pp | 18 | ||||
| -rw-r--r-- | puppet/modules/site_couchdb/manifests/master.pp | 4 |
7 files changed, 57 insertions, 40 deletions
diff --git a/bin/debug.sh b/bin/debug.sh index 2363644c..d6f37542 100755 --- a/bin/debug.sh +++ b/bin/debug.sh @@ -2,20 +2,24 @@ # debug script to be run on remote servers # called from leap_cli with the 'leap debug' cmd -regexp='(leap|pixelated|stunnel|couch|soledad|haproxy)' +apps='(leap|pixelated|stunnel|couch|soledad|haproxy)' + +facts='(apt_running |^architecture |^augeasversion |^couchdb_.* |^debian_.* |^dhcp_enabled |^domain |^facterversion |^filesystems |^fqdn |^hardwaremodel |^hostname |^interface.* |^ipaddress.* |^is_pe |^is_virtual |^kernel.* |^lib |^lsb.* |^memory.* |^mtu_.* |^netmask.* |^network_.* |^operatingsystem |^os.* |^path |^physicalprocessorcount |^processor.* |^ps |^puppetversion |^root_home |^rsyslog_version |^rubysitedir |^rubyversion |^selinux |^ssh_version |^swapfree.* |^swapsize.* |^type |^virtual)' + # query facts and filter out private stuff -echo -e '\n\n' -facter | egrep -iv '(^ssh|^uniqueid)' +export FACTERLIB="/srv/leap/puppet/modules/apache/lib/facter:/srv/leap/puppet/modules/apt/lib/facter:/srv/leap/puppet/modules/concat/lib/facter:/srv/leap/puppet/modules/couchdb/lib/facter:/srv/leap/puppet/modules/rsyslog/lib/facter:/srv/leap/puppet/modules/site_config/lib/facter:/srv/leap/puppet/modules/sshd/lib/facter:/srv/leap/puppet/modules/stdlib/lib/facter" + +facter 2>/dev/null | egrep -i "$facts" # query installed versions echo -e '\n\n' -dpkg -l | egrep "$regexp" +dpkg -l | egrep "$apps" # query running procs echo -e '\n\n' -ps aux|egrep "$regexp" +ps aux|egrep "$apps" echo -e '\n\n' echo -e "Last deploy:\n" diff --git a/puppet/modules/site_apt/files/Debian/51unattended-upgrades-leap b/puppet/modules/site_apt/files/Debian/51unattended-upgrades-leap new file mode 100644 index 00000000..bbaac6a2 --- /dev/null +++ b/puppet/modules/site_apt/files/Debian/51unattended-upgrades-leap @@ -0,0 +1,6 @@ +// this file is managed by puppet ! + +Unattended-Upgrade::Allowed-Origins { + "leap.se:stable"; +} + diff --git a/puppet/modules/site_apt/manifests/unattended_upgrades.pp b/puppet/modules/site_apt/manifests/unattended_upgrades.pp index 40111deb..42f1f4c6 100644 --- a/puppet/modules/site_apt/manifests/unattended_upgrades.pp +++ b/puppet/modules/site_apt/manifests/unattended_upgrades.pp @@ -1,9 +1,20 @@ +# configute unattended upgrades so packages from both Debian and LEAP +# repos get upgraded unattended class site_apt::unattended_upgrades { # override unattended-upgrades package resource to make sure # that it is upgraded on every deploy (#6245) + # configure upgrades for Debian class { 'apt::unattended_upgrades': - config_content => template('site_apt/50unattended-upgrades'), ensure_version => latest } + + # configure LEAP upgrades + apt::apt_conf { '51unattended-upgrades-leap': + source => [ + "puppet:///modules/site_apt/${::lsbdistid}/51unattended-upgrades-leap"], + require => Package['unattended-upgrades'], + refresh_apt => false, + } + } diff --git a/puppet/modules/site_apt/templates/50unattended-upgrades b/puppet/modules/site_apt/templates/50unattended-upgrades deleted file mode 100644 index 9ae3ab84..00000000 --- a/puppet/modules/site_apt/templates/50unattended-upgrades +++ /dev/null @@ -1,16 +0,0 @@ -// this file is managed by puppet ! - -Unattended-Upgrade::Allowed-Origins { - "${distro_id}:oldstable"; - "${distro_id}:${distro_codename}-security"; - "${distro_id}:${distro_codename}-updates"; - "${distro_id} Backports:${distro_codename}-backports"; - "leap.se:stable"; -}; - -APT::Periodic::Update-Package-Lists "1"; -APT::Periodic::Download-Upgradeable-Packages "1"; -APT::Periodic::Unattended-Upgrade "1"; - -Unattended-Upgrade::Mail "root"; -Unattended-Upgrade::MailOnlyOnError "true"; diff --git a/puppet/modules/site_config/manifests/remove/bigcouch.pp b/puppet/modules/site_config/manifests/remove/bigcouch.pp new file mode 100644 index 00000000..0783fe9d --- /dev/null +++ b/puppet/modules/site_config/manifests/remove/bigcouch.pp @@ -0,0 +1,26 @@ +# remove bigcouch leftovers from previous installations +class site_config::remove::bigcouch { + + # Don't use check_mk logwatch to watch bigcouch logs anymore + # see https://leap.se/code/issues/7375 for more details + file { '/etc/check_mk/logwatch.d/bigcouch.cfg': + ensure => absent, + notify => [ + Exec['remove_bigcouch_logwatch_spoolfiles'], + Exec['remove_bigcouch_logwatch_stateline'] + ] + } + # remove leftover bigcouch logwatch spool files + exec { 'remove_bigcouch_logwatch_spoolfiles': + command => 'find /var/lib/check_mk/logwatch -name \'\\opt\\bigcouch\\var\\log\\bigcouch.log\' -exec rm {} \;', + refreshonly => true, + } + exec { 'remove_bigcouch_logwatch_stateline': + command => "sed -i '/bigcouch.log/d' /etc/check_mk/logwatch.state", + refreshonly => true, + } + + cron { 'compact_all_shards': + ensure => absent + } +} diff --git a/puppet/modules/site_config/manifests/remove/files.pp b/puppet/modules/site_config/manifests/remove/files.pp index 077381e1..4f7aa6e6 100644 --- a/puppet/modules/site_config/manifests/remove/files.pp +++ b/puppet/modules/site_config/manifests/remove/files.pp @@ -51,22 +51,4 @@ class site_config::remove::files { onlyif => "/bin/grep -qe 'leap_mx.log' /etc/check_mk/logwatch.state" } - # Don't use check_mk logwatch to watch bigcouch logs anymore - # see https://leap.se/code/issues/7375 for more details - file { '/etc/check_mk/logwatch.d/bigcouch.cfg': - ensure => absent, - notify => [ - Exec['remove_bigcouch_logwatch_spoolfiles'], - Exec['remove_bigcouch_logwatch_stateline'] - ] - } - # remove leftover bigcouch logwatch spool files - exec { 'remove_bigcouch_logwatch_spoolfiles': - command => 'find /var/lib/check_mk/logwatch -name \'\\opt\\bigcouch\\var\\log\\bigcouch.log\' -exec rm {} \;', - refreshonly => true, - } - exec { 'remove_bigcouch_logwatch_stateline': - command => "sed -i '/bigcouch.log/d' /etc/check_mk/logwatch.state", - refreshonly => true, - } } diff --git a/puppet/modules/site_couchdb/manifests/master.pp b/puppet/modules/site_couchdb/manifests/master.pp index 5dab6325..49d90f2f 100644 --- a/puppet/modules/site_couchdb/manifests/master.pp +++ b/puppet/modules/site_couchdb/manifests/master.pp @@ -8,4 +8,8 @@ class site_couchdb::master { } include site_check_mk::agent::couchdb::master + + # remove bigcouch leftovers from previous installations + include ::site_config::remove::bigcouch + } |