clean up logging mess: add 'logfile' define, mv openvpn and stunnel logs to their own files, fix mx logwatch path.

author: elijah <elijah@riseup.net> 2015-04-15 16:12:11 -0700
committer: elijah <elijah@riseup.net> 2015-04-16 11:10:59 -0700
commit: bb07407485ed1626221a1190cc2fb2789f95ed22 (patch)
tree: 0ab39a464ecacd637a3c2f2da652fdc05e970d23 /puppet
parent: 7f069dc47c318e9047a3ae7a29a90f3471610e34 (diff)
15 files changed, 42 insertions, 52 deletions
diff --git a/puppet/modules/leap/manifests/init.pp b/puppet/modules/leap/manifests/init.pp
new file mode 100644
index 00000000..bbae3781
--- /dev/null
+++ b/puppet/modules/leap/manifests/init.pp
@@ -0,0 +1,3 @@
+class leap {
+
+}
+\ No newline at end of file
diff --git a/puppet/modules/leap/manifests/logfile.pp b/puppet/modules/leap/manifests/logfile.pp
new file mode 100644
index 00000000..42a82943
--- /dev/null
+++ b/puppet/modules/leap/manifests/logfile.pp
@@ -0,0 +1,26 @@
+#
+# make syslog log to a particular file for a particular process.
+#
+
+define leap::logfile($process=$title) {
+  $logfile = "/var/log/leap/${title}.log"
+
+  rsyslog::snippet { "50-${name}":
+    content => "if \$programname startswith '${process}' then ${logfile}
+&~"
+  }
+
+  augeas {
+    "logrotate_${name}":
+      context => "/files/etc/logrotate.d/${name}/rule",
+      changes => [
+        "set file ${logfile}",
+        'set rotate 7',
+        'set schedule daily',
+        'set compress compress',
+        'set missingok missingok',
+        'set ifempty notifempty',
+        'set copytruncate copytruncate'
+      ]
+  }
+}
diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp
index 78065f56..a0590ee1 100644
--- a/puppet/modules/leap_mx/manifests/init.pp
+++ b/puppet/modules/leap_mx/manifests/init.pp
@@ -11,7 +11,8 @@ class leap_mx {
 
   include soledad::common
   include site_apt::preferences::twisted
-  include leap_mx::syslog
+
+  leap::logfile { 'mx': process => 'leap-mx'}
 
   #
   # USER AND GROUP
diff --git a/puppet/modules/leap_mx/manifests/syslog.pp b/puppet/modules/leap_mx/manifests/syslog.pp
deleted file mode 100644
index 0247a392..00000000
--- a/puppet/modules/leap_mx/manifests/syslog.pp
+++ /dev/null
@@ -1,17 +0,0 @@
-class leap_mx::syslog {
-
-  rsyslog::snippet { '99-leap-mx':
-    content => 'if $programname startswith \'leap-mx\' then /var/log/leap/mx.log
-&~'
-  }
-
-  augeas {
-    'logrotate_leap-mx':
-      context => '/files/etc/logrotate.d/leap-mx/rule',
-      changes => [ 'set file /var/log/leap/mx*.log', 'set rotate 7',
-                   'set schedule daily', 'set compress compress',
-                   'set missingok missingok', 'set ifempty notifempty',
-                   'set copytruncate copytruncate' ]
-  }
-
-}
diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/leap_mx.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/leap_mx.cfg
index c71c5392..166d0230 100644
--- a/puppet/modules/site_check_mk/files/agent/logwatch/leap_mx.cfg
+++ b/puppet/modules/site_check_mk/files/agent/logwatch/leap_mx.cfg
@@ -1,4 +1,4 @@
-/var/log/leap_mx.log
+/var/log/leap/mx.log
  W Don't know how to deliver mail
  W No public key, stopping the processing chain
 
diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/openvpn.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg
index ac17c0ca..ed50f420 100644
--- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/openvpn.cfg
+++ b/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg
@@ -1,3 +1,4 @@
+/var/log/leap/openvpn.log
 # ignore openvpn TLS initialization errors when clients
 # suddenly hangup before properly establishing
 # a tls connection
diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/stunnel.cfg
index eb3131f2..b1e6cf2f 100644
--- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg
+++ b/puppet/modules/site_check_mk/files/agent/logwatch/stunnel.cfg
@@ -1,3 +1,4 @@
+/var/log/leap/stunnel.log
 # check for stunnel failures
 #
 # these are temporary failures and happen very often, so we
diff --git a/puppet/modules/site_check_mk/manifests/agent/mx.pp b/puppet/modules/site_check_mk/manifests/agent/mx.pp
index da66c549..98757b59 100644
--- a/puppet/modules/site_check_mk/manifests/agent/mx.pp
+++ b/puppet/modules/site_check_mk/manifests/agent/mx.pp
@@ -12,7 +12,7 @@ class site_check_mk::agent::mx {
       lens    => 'Spacevars.lns',
       changes => [
         'rm /files/etc/check_mk/mrpe.cfg/Leap_MX_Procs',
-        'set Leap_MX_Procs \'/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -a "/usr/bin/python /usr/bin/twistd --pidfile=/var/run/leap_mx.pid --rundir=/var/lib/leap_mx/ --python=/usr/share/app/leap_mx.tac --logfile=/var/log/leap_mx.log"\'' ],
+        'set Leap_MX_Procs \'/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -a "/usr/bin/python /usr/bin/twistd --pidfile=/var/run/leap_mx.pid --rundir=/var/lib/leap_mx/ --python=/usr/share/app/leap_mx.tac --logfile=/var/log/leap/mx.log"\'' ],
       require => File['/etc/check_mk/mrpe.cfg'];
   }
 
diff --git a/puppet/modules/site_check_mk/manifests/agent/openvpn.pp b/puppet/modules/site_check_mk/manifests/agent/openvpn.pp
index 919a408d..0596a497 100644
--- a/puppet/modules/site_check_mk/manifests/agent/openvpn.pp
+++ b/puppet/modules/site_check_mk/manifests/agent/openvpn.pp
@@ -2,7 +2,7 @@ class site_check_mk::agent::openvpn {
 
   # check syslog
   concat::fragment { 'syslog_openpvn':
-    source  => 'puppet:///modules/site_check_mk/agent/logwatch/syslog/openvpn.cfg',
+    source  => 'puppet:///modules/site_check_mk/agent/logwatch/openvpn.cfg',
     target  => '/etc/check_mk/logwatch.d/syslog.cfg',
     order   => '02';
   }
diff --git a/puppet/modules/site_check_mk/manifests/agent/stunnel.pp b/puppet/modules/site_check_mk/manifests/agent/stunnel.pp
index 64022824..7f765771 100644
--- a/puppet/modules/site_check_mk/manifests/agent/stunnel.pp
+++ b/puppet/modules/site_check_mk/manifests/agent/stunnel.pp
@@ -1,7 +1,7 @@
 class site_check_mk::agent::stunnel {
 
   concat::fragment { 'syslog_stunnel':
-    source  => 'puppet:///modules/site_check_mk/agent/logwatch/syslog/stunnel.cfg',
+    source  => 'puppet:///modules/site_check_mk/agent/logwatch/stunnel.cfg',
     target  => '/etc/check_mk/logwatch.d/syslog.cfg',
     order   => '02';
   }
diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp
index d6f9150b..e2a3124e 100644
--- a/puppet/modules/site_openvpn/manifests/init.pp
+++ b/puppet/modules/site_openvpn/manifests/init.pp
@@ -228,6 +228,7 @@ class site_openvpn {
       order   => 10;
   }
 
+  leap::logfile { 'openvpn': }
   include site_check_mk::agent::openvpn
 
 }
diff --git a/puppet/modules/site_stunnel/manifests/init.pp b/puppet/modules/site_stunnel/manifests/init.pp
index 2e0cf5b8..176b8618 100644
--- a/puppet/modules/site_stunnel/manifests/init.pp
+++ b/puppet/modules/site_stunnel/manifests/init.pp
@@ -29,6 +29,7 @@ class site_stunnel {
   $client_sections = keys($clients)
   site_stunnel::clients { $client_sections: }
 
+  leap::logfile { "stunnel": process => "stunnel4" }
   include site_stunnel::override_service
 }
 
diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp
index ea64048b..f10ef00d 100644
--- a/puppet/modules/site_webapp/manifests/init.pp
+++ b/puppet/modules/site_webapp/manifests/init.pp
@@ -18,7 +18,6 @@ class site_webapp {
   include site_config::ruby::dev
   include site_webapp::apache
   include site_webapp::couchdb
-  include site_webapp::logging
   include site_haproxy
   include site_webapp::cron
   include site_config::x509::cert
@@ -173,6 +172,8 @@ class site_webapp {
     ensure => latest,
   }
 
+  leap::logfile { 'webapp': }
+
   include site_shorewall::webapp
   include site_check_mk::agent::webapp
 }
diff --git a/puppet/modules/site_webapp/manifests/logging.pp b/puppet/modules/site_webapp/manifests/logging.pp
deleted file mode 100644
index b414b82c..00000000
--- a/puppet/modules/site_webapp/manifests/logging.pp
+++ /dev/null
@@ -1,16 +0,0 @@
-class site_webapp::logging {
-
-  rsyslog::snippet { '01-webapp':
-    content => 'if $programname == "webapp" then /var/log/leap/webapp.log
-&~'
-  }
-
-  augeas {
-    'logrotate_webapp':
-      context => '/files/etc/logrotate.d/webapp/rule',
-      changes => [ 'set file /var/log/leap/webapp.log', 'set rotate 7',
-                   'set schedule daily', 'set compress compress',
-                   'set missingok missingok', 'set ifempty notifempty',
-                   'set copytruncate copytruncate' ]
-  }
-}
diff --git a/puppet/modules/tapicero/manifests/init.pp b/puppet/modules/tapicero/manifests/init.pp
index d4ff1acb..ca8488c8 100644
--- a/puppet/modules/tapicero/manifests/init.pp
+++ b/puppet/modules/tapicero/manifests/init.pp
@@ -133,17 +133,5 @@ class tapicero {
                     Couchdb::Add_user[$::site_couchdb::couchdb_tapicero_user] ];
   }
 
-  rsyslog::snippet { '99-tapicero':
-    content => 'if $programname startswith \'tapicero\' then /var/log/leap/tapicero.log
-&~'
-  }
-
-  augeas {
-    'logrotate_tapicero':
-      context => '/files/etc/logrotate.d/tapicero/rule',
-      changes => [ 'set file /var/log/leap/tapicero*.log', 'set rotate 7',
-                   'set schedule daily', 'set compress compress',
-                   'set missingok missingok', 'set ifempty notifempty',
-                   'set copytruncate copytruncate' ]
-  }
+  leap::logfile { 'tapicero': }
 }
author	elijah <elijah@riseup.net>	2015-04-15 16:12:11 -0700
committer	elijah <elijah@riseup.net>	2015-04-16 11:10:59 -0700
commit	bb07407485ed1626221a1190cc2fb2789f95ed22 (patch)
tree	0ab39a464ecacd637a3c2f2da652fdc05e970d23 /puppet
parent	7f069dc47c318e9047a3ae7a29a90f3471610e34 (diff)