summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xbin/puppet_command35
-rw-r--r--provider_base/services/_couchdb_multimaster.json6
-rw-r--r--puppet/modules/site_apache/templates/vhosts.d/api.conf.erb2
-rw-r--r--puppet/modules/site_apache/templates/vhosts.d/common.conf.erb2
-rw-r--r--puppet/modules/site_apt/manifests/preferences/rsyslog.pp14
-rw-r--r--puppet/modules/site_obfsproxy/manifests/init.pp14
6 files changed, 47 insertions, 26 deletions
diff --git a/bin/puppet_command b/bin/puppet_command
index a9d39066..5e690bef 100755
--- a/bin/puppet_command
+++ b/bin/puppet_command
@@ -57,13 +57,9 @@ def apply
end
def set_hostname
- unless File.exists?(HIERA_FILE)
- puts("ERROR: Cannot set hostname without #{HIERA_FILE}")
- exit(1)
- end
- hostname = YAML.load_file(HIERA_FILE)['name']
+ hostname = hiera_file['name']
if hostname.nil? || hostname.empty?
- puts('ERROR: NAME argument required')
+ puts('ERROR: "name" missing from hiera file')
exit(1)
end
current_hostname_file = File.read('/etc/hostname') rescue nil
@@ -75,7 +71,7 @@ def set_hostname
f.write hostname
end
if File.read('/etc/hostname') == hostname
- puts "Set /etc/hostname to #{hostname}"
+ puts "Changed /etc/hostname to #{hostname}"
else
puts "ERROR: failed to update /etc/hostname"
end
@@ -84,9 +80,9 @@ def set_hostname
# call /bin/hostname
if current_hostname != hostname
if run("/bin/hostname #{hostname}") == 0
- puts "Set hostname to #{hostname}"
+ puts "Changed hostname to #{hostname}"
else
- puts "ERROR: failed to call `/bin/hostname #{hostname}`"
+ puts "ERROR: call to `/bin/hostname #{hostname}` returned an error."
end
end
end
@@ -97,9 +93,26 @@ end
def puppet_apply(options={}, &block)
options = {:verbosity => @verbosity, :tags => @tags}.merge(options)
manifest = options[:manifest] || SITE_MANIFEST
+ fqdn = hiera_file['domain']['name']
+ domain = hiera_file['domain']['full_suffix']
Dir.chdir(PUPPET_DIRECTORY) do
- return run("#{PUPPET_BIN} apply #{custom_parameters(options)} #{PUPPET_PARAMETERS} #{manifest}", &block)
+ return run("FACTER_fqdn='#{fqdn}' FACTER_domain='#{domain}' #{PUPPET_BIN} apply #{custom_parameters(options)} #{PUPPET_PARAMETERS} #{manifest}", &block)
+ end
+end
+
+#
+# Return a ruby object representing the contents of the hiera yaml file.
+#
+def hiera_file
+ unless File.exists?(HIERA_FILE)
+ puts("ERROR: hiera file '#{HIERA_FILE}' does not exist.")
+ exit(1)
end
+ $hiera_contents ||= YAML.load_file(HIERA_FILE)
+ return $hiera_contents
+rescue Exception => exc
+ puts("ERROR: problem reading hiera file '#{HIERA_FILE}' (#{exc})")
+ exit(1)
end
def custom_parameters(options)
@@ -201,4 +214,4 @@ Signal.trap("EXIT") do
# but only after the child puppet process is also dead (I think).
end
-main() \ No newline at end of file
+main()
diff --git a/provider_base/services/_couchdb_multimaster.json b/provider_base/services/_couchdb_multimaster.json
index 8c433188..0f340e00 100644
--- a/provider_base/services/_couchdb_multimaster.json
+++ b/provider_base/services/_couchdb_multimaster.json
@@ -8,8 +8,8 @@
"ednp_server": "= stunnel_server(couch.bigcouch.ednp_port)"
},
"clients": {
- "epmd_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], couch.bigcouch.epmd_port)",
- "ednp_clients": "= stunnel_client(nodes_like_me[:services => :couchdb], couch.bigcouch.ednp_port)"
+ "epmd_clients": "= stunnel_client(nodes_like_me['services' => 'couchdb']['couch.mode' => 'multimaster'], couch.bigcouch.epmd_port)",
+ "ednp_clients": "= stunnel_client(nodes_like_me['services' => 'couchdb']['couch.mode' => 'multimaster'], couch.bigcouch.ednp_port)"
}
},
"couch": {
@@ -18,7 +18,7 @@
"epmd_port": 4369,
"ednp_port": 9002,
"cookie": "= secret :bigcouch_cookie",
- "neighbors": "= nodes_like_me['services' => 'couchdb']['couch.master' => true].exclude(self).field('domain.full')"
+ "neighbors": "= nodes_like_me['services' => 'couchdb']['couch.mode' => 'multimaster'].exclude(self).field('domain.full')"
}
}
}
diff --git a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb
index 3360ac59..74cd1ced 100644
--- a/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb
+++ b/puppet/modules/site_apache/templates/vhosts.d/api.conf.erb
@@ -2,12 +2,14 @@
ServerName <%= api_domain %>
RewriteEngine On
RewriteRule ^.*$ https://<%= api_domain -%>:<%= api_port -%>%{REQUEST_URI} [R=permanent,L]
+ CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log common
</VirtualHost>
Listen 0.0.0.0:<%= api_port %>
<VirtualHost *:<%= api_port -%>>
ServerName <%= api_domain %>
+ CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log common
SSLEngine on
SSLProtocol all -SSLv2
diff --git a/puppet/modules/site_apache/templates/vhosts.d/common.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/common.conf.erb
index ed430510..0e08529c 100644
--- a/puppet/modules/site_apache/templates/vhosts.d/common.conf.erb
+++ b/puppet/modules/site_apache/templates/vhosts.d/common.conf.erb
@@ -3,12 +3,14 @@
ServerAlias www.<%= domain %>
RewriteEngine On
RewriteRule ^.*$ https://<%= domain -%>%{REQUEST_URI} [R=permanent,L]
+ CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log common
</VirtualHost>
<VirtualHost *:443>
ServerName <%= domain_name %>
ServerAlias <%= domain %>
ServerAlias www.<%= domain %>
+ CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log common
SSLEngine on
SSLProtocol all -SSLv2
diff --git a/puppet/modules/site_apt/manifests/preferences/rsyslog.pp b/puppet/modules/site_apt/manifests/preferences/rsyslog.pp
index 132a6e24..bfeaa7da 100644
--- a/puppet/modules/site_apt/manifests/preferences/rsyslog.pp
+++ b/puppet/modules/site_apt/manifests/preferences/rsyslog.pp
@@ -1,9 +1,13 @@
class site_apt::preferences::rsyslog {
- apt::preferences_snippet { 'rsyslog_anon_depends':
- package => 'libestr0 librelp0 rsyslog*',
- priority => '999',
- pin => 'release a=wheezy-backports',
- before => Class['rsyslog::install']
+ apt::preferences_snippet {
+ 'rsyslog_anon_depends':
+ package => 'libestr0 librelp0 rsyslog*',
+ priority => '999',
+ pin => 'release a=wheezy-backports',
+ before => Class['rsyslog::install'];
+
+ 'fixed_rsyslog_anon_package':
+ ensure => absent;
}
}
diff --git a/puppet/modules/site_obfsproxy/manifests/init.pp b/puppet/modules/site_obfsproxy/manifests/init.pp
index 40b7fba8..6275ebee 100644
--- a/puppet/modules/site_obfsproxy/manifests/init.pp
+++ b/puppet/modules/site_obfsproxy/manifests/init.pp
@@ -11,13 +11,13 @@ class site_obfsproxy {
$dest_ip = $obfsproxy['gateway_address']
$dest_port = '443'
- if $::services =~ /\bopenvpn\b/ {
- $openvpn = hiera('openvpn')
- $bind_address = $openvpn['gateway_address']
- }
- elsif $::services =~ /\bobfsproxy\b/ {
- $bind_address = hiera('ip_address')
- }
+ if member($::services, 'openvpn') {
+ $openvpn = hiera('openvpn')
+ $bind_address = $openvpn['gateway_address']
+ }
+ elsif member($::services, 'obfsproxy') {
+ $bind_address = hiera('ip_address')
+ }
include site_apt::preferences::twisted
include site_apt::preferences::obfsproxy