6 files changed, 18 insertions, 6 deletions
diff --git a/Vagrantfile b/Vagrantfile
index 4a91c459..18590a8f 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -5,8 +5,7 @@ Vagrant.configure("2") do |config|
     # see https://leap.se/en/docs/platform/details/development#Verify.vagrantbox.download
     # for details
 
-    config.vm.box = "leap-wheezy"
-    config.vm.box_url = "https://downloads.leap.se/platform/vagrant/virtualbox/leap-wheezy.box"
+    config.vm.box = "LEAP/wheezy"
     #config.vm.network :private_network, ip: "10.5.5.102"
     config.vm.provider "virtualbox" do |v|
       v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
diff --git a/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh b/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh
index 95474ccb..83b407e0 100755
--- a/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh
+++ b/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh
@@ -117,3 +117,6 @@ end_time=$(date +%s.%N)
 duration=$( echo "scale = 2; $end_time - $start_time" | bc -l )
 
 printf "${exitcode} ${PREFIX}global_stats ${global_stats_perf}|script_duration=%02.2fs ${STATE[exitcode]}: global couchdb status\n" "$duration"
+
+rm "$TMPFILE"
+
diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg
index ed50f420..d99dcde9 100644
--- a/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg
+++ b/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg
@@ -8,6 +8,11 @@
  I ovpn-.*TLS Error: TLS object -> incoming plaintext read error
  I ovpn-.*Fatal TLS error \(check_tls_errors_co\), restarting
  I ovpn-.*TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate
+ I ovpn-.*TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
+ I ovpn-.*TLS Error: unknown opcode received from
+ I ovpn-.*Authenticate/Decrypt packet error: packet HMAC authentication failed
+ I ovpn-.*TLS Error: reading acknowledgement record from packet
+ I ovpn-.*TLS Error: session-id not found in packet from
 
  I ovpn-.*SIGUSR1\[soft,tls-error\] received, client-instance restarting
  I ovpn-.*VERIFY ERROR: depth=0, error=certificate has expired
diff --git a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp
index 4a5ec68e..ad9962d4 100644
--- a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp
+++ b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp
@@ -1,3 +1,4 @@
+# sets up tapicero monitoring
 class site_check_mk::agent::tapicero {
 
   include ::site_nagios::plugins
@@ -14,7 +15,7 @@ class site_check_mk::agent::tapicero {
       lens    => 'Spacevars.lns',
       changes => [
         'rm /files/etc/check_mk/mrpe.cfg/Tapicero_Procs',
-        'set Tapicero_Procs "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -a tapicero"' ],
+        "set Tapicero_Procs \"/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 --ereg-argument-array='^tapicero$'\"" ],
       require => File['/etc/check_mk/mrpe.cfg'];
     'Tapicero_Heartbeat':
       incl    => '/etc/check_mk/mrpe.cfg',
diff --git a/puppet/modules/site_check_mk/manifests/server.pp b/puppet/modules/site_check_mk/manifests/server.pp
index 171f1576..67519513 100644
--- a/puppet/modules/site_check_mk/manifests/server.pp
+++ b/puppet/modules/site_check_mk/manifests/server.pp
@@ -1,3 +1,4 @@
+# setup check_mk on the monitoring server
 class site_check_mk::server {
 
   $ssh_hash = hiera('ssh')
@@ -6,10 +7,9 @@ class site_check_mk::server {
   $seckey   = $ssh_hash['monitor']['private_key']
 
   $nagios_hiera     = hiera_hash('nagios')
-  $nagios_hosts     = $nagios_hiera['hosts']
+  $hosts            = $nagios_hiera['hosts']
 
-  $hosts            = hiera_hash('hosts')
-  $all_hosts        = inline_template ('<% @hosts.keys.sort.each do |key| -%>"<%= @hosts[key]["domain_internal"] %>", <% end -%>')
+  $all_hosts        = inline_template ('<% @hosts.keys.sort.each do |key| -%><% if @hosts[key]["environment"] != "disabled" %>"<%= @hosts[key]["domain_internal"] %>", <% end -%><% end -%>')
   $domains_internal = $nagios_hiera['domains_internal']
   $environments     = $nagios_hiera['environments']
 
diff --git a/puppet/modules/site_config/manifests/remove_files.pp b/puppet/modules/site_config/manifests/remove_files.pp
index 3f46659c..b339e6af 100644
--- a/puppet/modules/site_config/manifests/remove_files.pp
+++ b/puppet/modules/site_config/manifests/remove_files.pp
@@ -27,6 +27,10 @@ class site_config::remove_files {
       path => '/var/log/',
       recurse => true,
       matches => 'leap_mx*';
+    'leap_mx_rotate':
+      path => '/var/log/leap/',
+      recurse => true,
+      matches => [ 'mx.log.[0-9]', 'mx.log.[0-9]?', 'mx.log.[6-9]?gz'];
     '/srv/leap/webapp/public/provider.json':;
     '/srv/leap/couchdb/designs/tmp_users':
       recurse => true,