diff options
| -rw-r--r-- | README.md | 2 | ||||
| -rwxr-xr-x | bin/run_tests | 3 | ||||
| -rw-r--r-- | platform.rb | 2 | ||||
| -rw-r--r-- | puppet/modules/leap_mx/manifests/init.pp | 12 | ||||
| -rw-r--r-- | puppet/modules/site_config/manifests/hosts.pp | 2 | ||||
| -rw-r--r-- | puppet/modules/site_nagios/manifests/add_service.pp | 8 | ||||
| -rw-r--r-- | puppet/modules/site_sshd/manifests/init.pp | 2 | ||||
| -rw-r--r-- | puppet/modules/site_webapp/manifests/init.pp | 1 | ||||
| -rw-r--r-- | puppet/modules/site_webapp/manifests/logging.pp | 16 | ||||
| -rw-r--r-- | puppet/modules/tapicero/manifests/init.pp | 6 | ||||
| -rw-r--r-- | tests/white-box/network.rb | 1 |
11 files changed, 42 insertions, 13 deletions
@@ -33,7 +33,7 @@ Visit https://leap.se/en/docs/get-involved/communication for details on how to c Known issues ============ -The following issues are known to be there in 0.5.2: +The following issues are known to exist in 0.5.2 and later: CouchDB Sync ------------ diff --git a/bin/run_tests b/bin/run_tests index e026b5f7..4a5801ac 100755 --- a/bin/run_tests +++ b/bin/run_tests @@ -428,8 +428,7 @@ class LeapRunner < MiniTest::Unit elsif @failures > 0 :failure elsif @warnings > 0 - # :warning << warnings don't warrant a non-zero exit code. - :success + :warning else :success end diff --git a/platform.rb b/platform.rb index 872a34cb..270dd25a 100644 --- a/platform.rb +++ b/platform.rb @@ -4,7 +4,7 @@ # Leap::Platform.define do - self.version = "0.5.3" + self.version = "0.5.4.1" self.compatible_cli = "1.5.8".."1.99" # diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index b59eac01..c90fc231 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -40,12 +40,16 @@ class leap_mx { } # - # LEAP-MX CODE + # LEAP-MX CODE AND DEPENDENCIES # - package { 'leap-mx': - ensure => installed, - require => Class['site_apt::preferences::twisted'] + package { + 'leap-mx': + ensure => latest, + require => Class['site_apt::preferences::twisted']; + + [ 'leap-keymanager' ]: + ensure => latest; } # diff --git a/puppet/modules/site_config/manifests/hosts.pp b/puppet/modules/site_config/manifests/hosts.pp index e43ad45e..878b6af0 100644 --- a/puppet/modules/site_config/manifests/hosts.pp +++ b/puppet/modules/site_config/manifests/hosts.pp @@ -11,7 +11,7 @@ class site_config::hosts() { $dns_aliases = $dns['aliases'] } $my_hostnames = unique(concat( - $dns_aliases, [$hostname, $domain_hash['full'], $domain_hash['internal']] + [$domain_hash['full'], $hostname, $domain_hash['internal']], $dns_aliases )) file { '/etc/hostname': diff --git a/puppet/modules/site_nagios/manifests/add_service.pp b/puppet/modules/site_nagios/manifests/add_service.pp index 8d2a310b..1b67d14e 100644 --- a/puppet/modules/site_nagios/manifests/add_service.pp +++ b/puppet/modules/site_nagios/manifests/add_service.pp @@ -1,9 +1,17 @@ define site_nagios::add_service ( $hostname, $ip_address, $openvpn_gw = '', $service) { + $ssh = hiera_hash('ssh') + $ssh_port = $ssh['port'] + case $service { 'webapp': { nagios_service { + "${name}_ssh": + use => 'generic-service', + check_command => "check_ssh_port!$ssh_port", + service_description => 'SSH', + host_name => $hostname; "${name}_cert": use => 'generic-service', check_command => 'check_https_cert', diff --git a/puppet/modules/site_sshd/manifests/init.pp b/puppet/modules/site_sshd/manifests/init.pp index 400c21ea..9a05b6ed 100644 --- a/puppet/modules/site_sshd/manifests/init.pp +++ b/puppet/modules/site_sshd/manifests/init.pp @@ -52,7 +52,7 @@ class site_sshd { ## SSHD SERVER CONFIGURATION ## class { '::sshd': - manage_nagios => 'no', + manage_nagios => false, ports => $ssh['port'], use_pam => 'yes', hardened_ssl => 'yes', diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index 08618457..17b010f3 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -16,6 +16,7 @@ class site_webapp { include site_config::ruby::dev include site_webapp::apache include site_webapp::couchdb + include site_webapp::logging include site_haproxy include site_webapp::cron include site_config::x509::cert diff --git a/puppet/modules/site_webapp/manifests/logging.pp b/puppet/modules/site_webapp/manifests/logging.pp new file mode 100644 index 00000000..b414b82c --- /dev/null +++ b/puppet/modules/site_webapp/manifests/logging.pp @@ -0,0 +1,16 @@ +class site_webapp::logging { + + rsyslog::snippet { '01-webapp': + content => 'if $programname == "webapp" then /var/log/leap/webapp.log +&~' + } + + augeas { + 'logrotate_webapp': + context => '/files/etc/logrotate.d/webapp/rule', + changes => [ 'set file /var/log/leap/webapp.log', 'set rotate 7', + 'set schedule daily', 'set compress compress', + 'set missingok missingok', 'set ifempty notifempty', + 'set copytruncate copytruncate' ] + } +} diff --git a/puppet/modules/tapicero/manifests/init.pp b/puppet/modules/tapicero/manifests/init.pp index fd8c1344..2bf72004 100644 --- a/puppet/modules/tapicero/manifests/init.pp +++ b/puppet/modules/tapicero/manifests/init.pp @@ -124,9 +124,11 @@ class tapicero { service { 'tapicero': ensure => running, enable => true, - hasstatus => true, + hasstatus => false, hasrestart => true, - require => [ File['/etc/init.d/tapicero'], File['/var/run/tapicero'] ]; + require => [ File['/etc/init.d/tapicero'], + File['/var/run/tapicero'], + Couchdb::Add_user[$::site_couchdb::couchdb_tapicero_user] ]; } } diff --git a/tests/white-box/network.rb b/tests/white-box/network.rb index f2041710..0d98c314 100644 --- a/tests/white-box/network.rb +++ b/tests/white-box/network.rb @@ -54,7 +54,6 @@ class Network < LeapTest end def test_03_Is_shorewall_running? - ignore unless File.exists?('/sbin/shorewall') assert_run('/sbin/shorewall status') pass end |