diff options
8 files changed, 37 insertions, 19 deletions
diff --git a/Vagrantfile b/Vagrantfile index 18590a8f..c9c68284 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -1,5 +1,7 @@ -Vagrant.configure("2") do |config| - config.vm.define :node1 do |config| +# -*- mode: ruby -*- +# vi: set ft=ruby : +Vagrant.configure("2") do |vagrant_config| + vagrant_config.vm.define :node1 do |config| # Please verify the sha512 sum of the downloaded box before importing it into vagrant ! # see https://leap.se/en/docs/platform/details/development#Verify.vagrantbox.download @@ -8,13 +10,14 @@ Vagrant.configure("2") do |config| config.vm.box = "LEAP/wheezy" #config.vm.network :private_network, ip: "10.5.5.102" config.vm.provider "virtualbox" do |v| + v.memory = 1024 v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"] v.name = "node1" end config.vm.provision "puppet" do |puppet| puppet.manifests_path = "./vagrant" - puppet.module_path = "./puppet/modules" + puppet.module_path = "./puppet/modules" puppet.manifest_file = "install-platform.pp" puppet.options = "--verbose" end diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index 6bcdd19a..284662d2 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -77,16 +77,18 @@ class leap_mx { } augeas { - "logrotate_mx": - context => "/files/etc/logrotate.d/leap-mx/rule", + 'logrotate_mx': + context => '/files/etc/logrotate.d/leap-mx/rule', changes => [ - "set file /var/log/leap/mx.log", - 'set rotate 5', - 'set schedule daily', - 'set compress compress', - 'set missingok missingok', - 'set ifempty notifempty', - 'set copytruncate copytruncate' - ] + 'set file /var/log/leap/mx.log', + 'set rotate 5', + 'set schedule daily', + 'clear nocreate', + 'rm create', + 'rm ifempty', + 'set compress compress', + 'set missingok missingok', + 'set copytruncate copytruncate' + ] } } diff --git a/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh b/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh index 95474ccb..83b407e0 100755 --- a/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh +++ b/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh @@ -117,3 +117,6 @@ end_time=$(date +%s.%N) duration=$( echo "scale = 2; $end_time - $start_time" | bc -l ) printf "${exitcode} ${PREFIX}global_stats ${global_stats_perf}|script_duration=%02.2fs ${STATE[exitcode]}: global couchdb status\n" "$duration" + +rm "$TMPFILE" + diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg index ed50f420..d99dcde9 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg @@ -8,6 +8,11 @@ I ovpn-.*TLS Error: TLS object -> incoming plaintext read error I ovpn-.*Fatal TLS error \(check_tls_errors_co\), restarting I ovpn-.*TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate + I ovpn-.*TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate + I ovpn-.*TLS Error: unknown opcode received from + I ovpn-.*Authenticate/Decrypt packet error: packet HMAC authentication failed + I ovpn-.*TLS Error: reading acknowledgement record from packet + I ovpn-.*TLS Error: session-id not found in packet from I ovpn-.*SIGUSR1\[soft,tls-error\] received, client-instance restarting I ovpn-.*VERIFY ERROR: depth=0, error=certificate has expired diff --git a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp index 4a5ec68e..8505b34a 100644 --- a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp +++ b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp @@ -1,3 +1,4 @@ +# sets up tapicero monitoring class site_check_mk::agent::tapicero { include ::site_nagios::plugins @@ -14,12 +15,12 @@ class site_check_mk::agent::tapicero { lens => 'Spacevars.lns', changes => [ 'rm /files/etc/check_mk/mrpe.cfg/Tapicero_Procs', - 'set Tapicero_Procs "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -a tapicero"' ], + "set Tapicero_Procs \"/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 --ereg-argument-array='^tapicero$'\"" ], require => File['/etc/check_mk/mrpe.cfg']; 'Tapicero_Heartbeat': incl => '/etc/check_mk/mrpe.cfg', lens => 'Spacevars.lns', - changes => 'set Tapicero_Heartbeat \'/usr/local/lib/nagios/plugins/check_last_regex_in_log -f /var/log/leap/tapicero.log -r "tapicero" -w 300 -c 600\'', + changes => 'set Tapicero_Heartbeat \'/usr/local/lib/nagios/plugins/check_last_regex_in_log -f /var/log/leap/tapicero.log -r "tapicero" -w 1200 -c 2400\'', require => File['/etc/check_mk/mrpe.cfg']; } } diff --git a/puppet/modules/site_check_mk/manifests/server.pp b/puppet/modules/site_check_mk/manifests/server.pp index 171f1576..67519513 100644 --- a/puppet/modules/site_check_mk/manifests/server.pp +++ b/puppet/modules/site_check_mk/manifests/server.pp @@ -1,3 +1,4 @@ +# setup check_mk on the monitoring server class site_check_mk::server { $ssh_hash = hiera('ssh') @@ -6,10 +7,9 @@ class site_check_mk::server { $seckey = $ssh_hash['monitor']['private_key'] $nagios_hiera = hiera_hash('nagios') - $nagios_hosts = $nagios_hiera['hosts'] + $hosts = $nagios_hiera['hosts'] - $hosts = hiera_hash('hosts') - $all_hosts = inline_template ('<% @hosts.keys.sort.each do |key| -%>"<%= @hosts[key]["domain_internal"] %>", <% end -%>') + $all_hosts = inline_template ('<% @hosts.keys.sort.each do |key| -%><% if @hosts[key]["environment"] != "disabled" %>"<%= @hosts[key]["domain_internal"] %>", <% end -%><% end -%>') $domains_internal = $nagios_hiera['domains_internal'] $environments = $nagios_hiera['environments'] diff --git a/puppet/modules/site_config/manifests/remove_files.pp b/puppet/modules/site_config/manifests/remove_files.pp index 3f46659c..b339e6af 100644 --- a/puppet/modules/site_config/manifests/remove_files.pp +++ b/puppet/modules/site_config/manifests/remove_files.pp @@ -27,6 +27,10 @@ class site_config::remove_files { path => '/var/log/', recurse => true, matches => 'leap_mx*'; + 'leap_mx_rotate': + path => '/var/log/leap/', + recurse => true, + matches => [ 'mx.log.[0-9]', 'mx.log.[0-9]?', 'mx.log.[6-9]?gz']; '/srv/leap/webapp/public/provider.json':; '/srv/leap/couchdb/designs/tmp_users': recurse => true, diff --git a/puppet/modules/site_static/manifests/init.pp b/puppet/modules/site_static/manifests/init.pp index a3fd9c1e..1efc510b 100644 --- a/puppet/modules/site_static/manifests/init.pp +++ b/puppet/modules/site_static/manifests/init.pp @@ -60,4 +60,4 @@ class site_static { include site_shorewall::defaults include site_shorewall::service::http include site_shorewall::service::https -}
\ No newline at end of file +} |