diff options
Diffstat (limited to 'puppet/modules')
-rw-r--r-- | puppet/modules/leap_mx/manifests/init.pp | 12 | ||||
-rw-r--r-- | puppet/modules/site_config/manifests/hosts.pp | 7 | ||||
-rw-r--r-- | puppet/modules/site_nagios/manifests/add_service.pp | 8 | ||||
-rw-r--r-- | puppet/modules/site_sshd/manifests/init.pp | 2 | ||||
-rw-r--r-- | puppet/modules/site_webapp/manifests/init.pp | 1 | ||||
-rw-r--r-- | puppet/modules/site_webapp/manifests/logging.pp | 16 | ||||
-rw-r--r-- | puppet/modules/tapicero/manifests/init.pp | 2 |
7 files changed, 38 insertions, 10 deletions
diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index b59eac01..c90fc231 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -40,12 +40,16 @@ class leap_mx { } # - # LEAP-MX CODE + # LEAP-MX CODE AND DEPENDENCIES # - package { 'leap-mx': - ensure => installed, - require => Class['site_apt::preferences::twisted'] + package { + 'leap-mx': + ensure => latest, + require => Class['site_apt::preferences::twisted']; + + [ 'leap-keymanager' ]: + ensure => latest; } # diff --git a/puppet/modules/site_config/manifests/hosts.pp b/puppet/modules/site_config/manifests/hosts.pp index 6982d37b..e43ad45e 100644 --- a/puppet/modules/site_config/manifests/hosts.pp +++ b/puppet/modules/site_config/manifests/hosts.pp @@ -10,10 +10,9 @@ class site_config::hosts() { } else { $dns_aliases = $dns['aliases'] } - $my_hostnames = unique(sort(concat( - [$hostname, $domain_hash['full'], $domain_hash['internal']], - $dns_aliases - ))) + $my_hostnames = unique(concat( + $dns_aliases, [$hostname, $domain_hash['full'], $domain_hash['internal']] + )) file { '/etc/hostname': ensure => present, diff --git a/puppet/modules/site_nagios/manifests/add_service.pp b/puppet/modules/site_nagios/manifests/add_service.pp index 8d2a310b..1b67d14e 100644 --- a/puppet/modules/site_nagios/manifests/add_service.pp +++ b/puppet/modules/site_nagios/manifests/add_service.pp @@ -1,9 +1,17 @@ define site_nagios::add_service ( $hostname, $ip_address, $openvpn_gw = '', $service) { + $ssh = hiera_hash('ssh') + $ssh_port = $ssh['port'] + case $service { 'webapp': { nagios_service { + "${name}_ssh": + use => 'generic-service', + check_command => "check_ssh_port!$ssh_port", + service_description => 'SSH', + host_name => $hostname; "${name}_cert": use => 'generic-service', check_command => 'check_https_cert', diff --git a/puppet/modules/site_sshd/manifests/init.pp b/puppet/modules/site_sshd/manifests/init.pp index 400c21ea..9a05b6ed 100644 --- a/puppet/modules/site_sshd/manifests/init.pp +++ b/puppet/modules/site_sshd/manifests/init.pp @@ -52,7 +52,7 @@ class site_sshd { ## SSHD SERVER CONFIGURATION ## class { '::sshd': - manage_nagios => 'no', + manage_nagios => false, ports => $ssh['port'], use_pam => 'yes', hardened_ssl => 'yes', diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index d6f1d7ae..7fdd0c3f 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -16,6 +16,7 @@ class site_webapp { include site_config::ruby::dev include site_webapp::apache include site_webapp::couchdb + include site_webapp::logging include site_haproxy include site_webapp::cron include site_config::x509::cert diff --git a/puppet/modules/site_webapp/manifests/logging.pp b/puppet/modules/site_webapp/manifests/logging.pp new file mode 100644 index 00000000..441c5792 --- /dev/null +++ b/puppet/modules/site_webapp/manifests/logging.pp @@ -0,0 +1,16 @@ +class site_webapp::logging { + + rsyslog::snippet { '01-webapp': + content => 'if $programname == "webapp" then /var/log/leap/webapp.log +stop' + } + + augeas { + 'logrotate_webapp': + context => '/files/etc/logrotate.d/webapp/rule', + changes => [ 'set file /var/log/leap/webapp.log', 'set rotate 7', + 'set schedule daily', 'set compress compress', + 'set missingok missingok', 'set ifempty notifempty', + 'set copytruncate copytruncate' ] + } +} diff --git a/puppet/modules/tapicero/manifests/init.pp b/puppet/modules/tapicero/manifests/init.pp index af1a96ac..35f6b06b 100644 --- a/puppet/modules/tapicero/manifests/init.pp +++ b/puppet/modules/tapicero/manifests/init.pp @@ -122,7 +122,7 @@ class tapicero { service { 'tapicero': ensure => running, enable => true, - hasstatus => true, + hasstatus => false, hasrestart => true, require => [ File['/etc/init.d/tapicero'], File['/var/run/tapicero'] ]; } |