6 files changed, 146 insertions, 12 deletions
diff --git a/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh b/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh
new file mode 100755
index 00000000..51a8ac52
--- /dev/null
+++ b/puppet/modules/site_check_mk/files/agent/local_checks/couchdb/leap_couch_stats.sh
@@ -0,0 +1,106 @@
+#!/bin/bash
+#
+# todo:
+#  - thresholds
+#  - couch response time
+#  - make CURL/URL/DBLIST_EXCLUDE vars configurable
+#  - move load_nagios_utils() to helper library so we can use it from multiple scripts
+
+start_time=$(date +%s.%N)
+
+CURL='curl -s --netrc-file /etc/couchdb/couchdb.netrc'
+URL='http://127.0.0.1:5984'
+TMPFILE=$(mktemp)
+DBLIST_EXCLUDE='user-'
+PREFIX='Couchdb_'
+
+
+load_nagios_utils () {
+  # load the nagios utils
+  # in debian, the package nagios-plugins-common installs utils.sh to /usr/lib/nagios/plugins/utils.sh
+  utilsfn=
+  for d in $PROGPATH /usr/lib/nagios/plugins /usr/lib64/nagios/plugins /usr/local/nagios/libexec /opt/nagios-plugins/libexec . ; do
+    if [ -f "$d/utils.sh" ]; then
+      utilsfn=$d/utils.sh;
+    fi
+  done
+  if [ "$utilsfn" = "" ]; then
+    echo "UNKNOWN - cannot find utils.sh (part of nagios plugins)";
+    exit 3;
+  fi
+  . "$utilsfn";
+  STATE[$STATE_OK]='OK'
+  STATE[$STATE_WARNING]='Warning'
+  STATE[$STATE_CRITICAL]='Critical'
+  STATE[$STATE_UNKNOWN]='Unknown'
+  STATE[$STATE_DEPENDENT]='Dependend'
+}
+
+get_global_stats_perf () {
+  trap "localexit=3" ERR
+  local localexit db_count
+  localexit=0
+
+  # get a list of all dbs
+  $CURL -X GET $URL/_all_dbs | json_pp | egrep -v '(\[|\])' > $TMPFILE
+
+  db_count=$( wc -l < $TMPFILE)
+  excluded_db_count=$( grep -c "$DBLIST_EXCLUDE" $TMPFILE )
+
+  echo "db_count=$db_count|excluded_db_count=$excluded_db_count"
+  return ${localexit}
+}
+
+db_stats () {
+  trap "localexit=3" ERR
+  local db db_stats doc_count del_doc_count localexit
+  localexit=0
+
+  db=$1
+  perf="$perf|${db}_docs=$( $CURL -s -X GET ${URL}/$db | json_pp |grep 'doc_count' | sed 's/[^0-9]//g' )"
+  db_stats=$( $CURL -s -X GET ${URL}/$db | json_pp )
+
+  doc_count=$( echo "$db_stats" | grep 'doc_count' | grep -v 'deleted_doc_count' | sed 's/[^0-9]//g' )
+  del_doc_count=$( echo "$db_stats" | grep 'doc_del_count' | sed 's/[^0-9]//g' )
+
+  # don't divide by zero
+  if [ $del_doc_count -eq 0 ]
+  then
+    del_doc_perc=0
+  else
+    del_doc_perc=$(( del_doc_count * 100 / doc_count ))
+  fi
+
+  bytes=$( echo "$db_stats" | grep disk_size | sed 's/[^0-9]//g' )
+  disk_size=$( echo "scale = 2; $bytes / 1024 / 1024" | bc -l )
+
+  echo -n "${localexit} ${PREFIX}${db}_database ${db}_docs=$doc_count|${db}_deleted_docs=$del_doc_count|${db}_deleted_docs_percentage=${del_doc_perc}%"
+  printf "|${db}_disksize_mb=%02.2fmb ${STATE[localexit]}: database $db\n" "$disk_size"
+
+  return ${localexit}
+}
+
+# main
+
+load_nagios_utils
+
+# per-db stats
+# get a list of all dbs
+$CURL -X GET $URL/_all_dbs | json_pp | egrep -v '(\[|\])' > $TMPFILE
+
+# get list of dbs to check
+dbs=$( grep -v "${DBLIST_EXCLUDE}" $TMPFILE | tr -d '\n"' | sed 's/,/ /g' )
+
+for db in $dbs
+do
+  db_stats "$db"
+done
+
+# show global couchdb stats
+global_stats_perf=$(get_global_stats_perf)
+exitcode=$?
+
+end_time=$(date +%s.%N)
+duration=$( echo "scale = 2; $end_time - $start_time" | bc -l )
+
+printf "${exitcode} ${PREFIX}global_stats ${global_stats_perf}|script_duration=%02.2fs ${STATE[exitcode]}: global couchdb status\n" "$duration"
diff --git a/puppet/modules/site_check_mk/files/extra_service_conf.mk b/puppet/modules/site_check_mk/files/extra_service_conf.mk
index 61b0dd39..a4c6e769 100644
--- a/puppet/modules/site_check_mk/files/extra_service_conf.mk
+++ b/puppet/modules/site_check_mk/files/extra_service_conf.mk
@@ -5,14 +5,10 @@ extra_service_conf["max_check_attempts"] = [
 ]
 
 #
-# run check_mk_agent every 2 minutes if it terminates successfully.
+# run check_mk_agent every 10 minutes if it terminates successfully.
 # see https://leap.se/code/issues/6539 for the rationale
 #
-# update: temporarily set interval to 60 minutes until we solve the
-#         issue with the users db getting bloated with deleted
-#         test users.
-#
 extra_service_conf["normal_check_interval"] = [
-  ("60", ALL_HOSTS , "Check_MK" )
+  ("10", ALL_HOSTS , "Check_MK" )
 ]
 
diff --git a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp
index 2dfe16fa..abfc7ad0 100644
--- a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp
+++ b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp
@@ -45,4 +45,11 @@ class site_check_mk::agent::couchdb {
       require => File['/etc/check_mk/mrpe.cfg'];
   }
 
+
+  # check different couchdb stats
+  file { '/usr/lib/check_mk_agent/local/leap_couch_stats.sh':
+    source  => 'puppet:///modules/site_check_mk/agent/local_checks/couchdb/leap_couch_stats.sh',
+    mode    => '0755',
+    require => Package['check_mk-agent']
+  }
 }
diff --git a/puppet/modules/site_config/manifests/syslog.pp b/puppet/modules/site_config/manifests/syslog.pp
index 1b0c1e05..83b49c8e 100644
--- a/puppet/modules/site_config/manifests/syslog.pp
+++ b/puppet/modules/site_config/manifests/syslog.pp
@@ -15,8 +15,24 @@ action(type="mmanon" ipv4.bits="32" mode="rewrite")'
   augeas {
     'logrotate_leap_deploy':
       context => '/files/etc/logrotate.d/leap_deploy/rule',
-      changes => [ 'set file /var/log/leap/deploy*.log', 'set rotate 7',
-                   'set schedule daily', 'set compress compress',
+      changes => [ 'set file /var/log/leap/deploy.log',
+                   'set rotate 5',
+                   'set size 1M',
+                   'set compress compress',
+                   'set missingok missingok',
+                   'set copytruncate copytruncate' ];
+
+    # NOTE:
+    # the puppet_command script requires the option delaycompress
+    # be set on the summary log file.
+
+    'logrotate_leap_deploy_summary':
+      context => '/files/etc/logrotate.d/leap_deploy_summary/rule',
+      changes => [ 'set file /var/log/leap/deploy-summary.log',
+                   'set rotate 5',
+                   'set size 100k',
+                   'set delaycompress delaycompress',
+                   'set compress compress',
                    'set missingok missingok',
                    'set copytruncate copytruncate' ]
   }
diff --git a/puppet/modules/site_static/manifests/domain.pp b/puppet/modules/site_static/manifests/domain.pp
index 6941b1a3..b9177f25 100644
--- a/puppet/modules/site_static/manifests/domain.pp
+++ b/puppet/modules/site_static/manifests/domain.pp
@@ -12,9 +12,18 @@ define site_static::domain (
 
   create_resources(site_static::location, $locations)
 
-  x509::cert { $domain: content => $cert }
-  x509::key  { $domain: content => $key }
-  x509::ca   { "${domain}_ca": content => $ca_cert }
+  x509::cert { $domain:
+    content => $cert,
+    notify => Service[apache]
+  }
+  x509::key { $domain:
+    content => $key,
+    notify => Service[apache]
+  }
+  x509::ca { "${domain}_ca":
+    content => $ca_cert,
+    notify => Service[apache]
+  }
 
   apache::vhost::file { $domain:
     content => template('site_static/apache.conf.erb')
diff --git a/puppet/modules/tapicero/templates/tapicero.yaml.erb b/puppet/modules/tapicero/templates/tapicero.yaml.erb
index 40048a5e..fb3b93aa 100644
--- a/puppet/modules/tapicero/templates/tapicero.yaml.erb
+++ b/puppet/modules/tapicero/templates/tapicero.yaml.erb
@@ -17,7 +17,7 @@ connection:
 
 # file to store the last processed user record in so we can resume after
 # a restart:
-seq_file: "/var/lib/leap/tapicero/tapicero.seq"
+seq_dir: "/var/lib/leap/tapicero/"
 
 # Configure log_file like this if you want to log to a file instead of syslog:
 # log_file: "/var/leap/log/tapicero.log"