summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Vagrantfile3
-rwxr-xr-xpuppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh3
-rw-r--r--puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg5
-rw-r--r--puppet/modules/site_check_mk/manifests/agent/tapicero.pp3
-rw-r--r--puppet/modules/site_check_mk/manifests/server.pp6
-rw-r--r--puppet/modules/site_config/manifests/remove_files.pp4
6 files changed, 18 insertions, 6 deletions
diff --git a/Vagrantfile b/Vagrantfile
index 4a91c459..18590a8f 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -5,8 +5,7 @@ Vagrant.configure("2") do |config|
# see https://leap.se/en/docs/platform/details/development#Verify.vagrantbox.download
# for details
- config.vm.box = "leap-wheezy"
- config.vm.box_url = "https://downloads.leap.se/platform/vagrant/virtualbox/leap-wheezy.box"
+ config.vm.box = "LEAP/wheezy"
#config.vm.network :private_network, ip: "10.5.5.102"
config.vm.provider "virtualbox" do |v|
v.customize ["modifyvm", :id, "--natdnshostresolver1", "on"]
diff --git a/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh b/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh
index 95474ccb..83b407e0 100755
--- a/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh
+++ b/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh
@@ -117,3 +117,6 @@ end_time=$(date +%s.%N)
duration=$( echo "scale = 2; $end_time - $start_time" | bc -l )
printf "${exitcode} ${PREFIX}global_stats ${global_stats_perf}|script_duration=%02.2fs ${STATE[exitcode]}: global couchdb status\n" "$duration"
+
+rm "$TMPFILE"
+
diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg
index ed50f420..d99dcde9 100644
--- a/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg
+++ b/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg
@@ -8,6 +8,11 @@
I ovpn-.*TLS Error: TLS object -> incoming plaintext read error
I ovpn-.*Fatal TLS error \(check_tls_errors_co\), restarting
I ovpn-.*TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate
+ I ovpn-.*TLS_ERROR: BIO read tls_read_plaintext error: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
+ I ovpn-.*TLS Error: unknown opcode received from
+ I ovpn-.*Authenticate/Decrypt packet error: packet HMAC authentication failed
+ I ovpn-.*TLS Error: reading acknowledgement record from packet
+ I ovpn-.*TLS Error: session-id not found in packet from
I ovpn-.*SIGUSR1\[soft,tls-error\] received, client-instance restarting
I ovpn-.*VERIFY ERROR: depth=0, error=certificate has expired
diff --git a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp
index 4a5ec68e..ad9962d4 100644
--- a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp
+++ b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp
@@ -1,3 +1,4 @@
+# sets up tapicero monitoring
class site_check_mk::agent::tapicero {
include ::site_nagios::plugins
@@ -14,7 +15,7 @@ class site_check_mk::agent::tapicero {
lens => 'Spacevars.lns',
changes => [
'rm /files/etc/check_mk/mrpe.cfg/Tapicero_Procs',
- 'set Tapicero_Procs "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -a tapicero"' ],
+ "set Tapicero_Procs \"/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 --ereg-argument-array='^tapicero$'\"" ],
require => File['/etc/check_mk/mrpe.cfg'];
'Tapicero_Heartbeat':
incl => '/etc/check_mk/mrpe.cfg',
diff --git a/puppet/modules/site_check_mk/manifests/server.pp b/puppet/modules/site_check_mk/manifests/server.pp
index 171f1576..67519513 100644
--- a/puppet/modules/site_check_mk/manifests/server.pp
+++ b/puppet/modules/site_check_mk/manifests/server.pp
@@ -1,3 +1,4 @@
+# setup check_mk on the monitoring server
class site_check_mk::server {
$ssh_hash = hiera('ssh')
@@ -6,10 +7,9 @@ class site_check_mk::server {
$seckey = $ssh_hash['monitor']['private_key']
$nagios_hiera = hiera_hash('nagios')
- $nagios_hosts = $nagios_hiera['hosts']
+ $hosts = $nagios_hiera['hosts']
- $hosts = hiera_hash('hosts')
- $all_hosts = inline_template ('<% @hosts.keys.sort.each do |key| -%>"<%= @hosts[key]["domain_internal"] %>", <% end -%>')
+ $all_hosts = inline_template ('<% @hosts.keys.sort.each do |key| -%><% if @hosts[key]["environment"] != "disabled" %>"<%= @hosts[key]["domain_internal"] %>", <% end -%><% end -%>')
$domains_internal = $nagios_hiera['domains_internal']
$environments = $nagios_hiera['environments']
diff --git a/puppet/modules/site_config/manifests/remove_files.pp b/puppet/modules/site_config/manifests/remove_files.pp
index 3f46659c..b339e6af 100644
--- a/puppet/modules/site_config/manifests/remove_files.pp
+++ b/puppet/modules/site_config/manifests/remove_files.pp
@@ -27,6 +27,10 @@ class site_config::remove_files {
path => '/var/log/',
recurse => true,
matches => 'leap_mx*';
+ 'leap_mx_rotate':
+ path => '/var/log/leap/',
+ recurse => true,
+ matches => [ 'mx.log.[0-9]', 'mx.log.[0-9]?', 'mx.log.[6-9]?gz'];
'/srv/leap/webapp/public/provider.json':;
'/srv/leap/couchdb/designs/tmp_users':
recurse => true,