diff options
Diffstat (limited to 'puppet')
| -rw-r--r-- | puppet/modules/leap_mx/manifests/init.pp | 12 | ||||
| -rw-r--r-- | puppet/modules/site_config/manifests/hosts.pp | 2 | ||||
| -rw-r--r-- | puppet/modules/site_nagios/manifests/add_service.pp | 8 | ||||
| -rw-r--r-- | puppet/modules/site_sshd/manifests/init.pp | 2 | ||||
| -rw-r--r-- | puppet/modules/site_webapp/manifests/init.pp | 1 | ||||
| -rw-r--r-- | puppet/modules/site_webapp/manifests/logging.pp | 16 | ||||
| -rw-r--r-- | puppet/modules/tapicero/manifests/init.pp | 6 |
7 files changed, 39 insertions, 8 deletions
diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index b59eac01..c90fc231 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -40,12 +40,16 @@ class leap_mx { } # - # LEAP-MX CODE + # LEAP-MX CODE AND DEPENDENCIES # - package { 'leap-mx': - ensure => installed, - require => Class['site_apt::preferences::twisted'] + package { + 'leap-mx': + ensure => latest, + require => Class['site_apt::preferences::twisted']; + + [ 'leap-keymanager' ]: + ensure => latest; } # diff --git a/puppet/modules/site_config/manifests/hosts.pp b/puppet/modules/site_config/manifests/hosts.pp index e43ad45e..878b6af0 100644 --- a/puppet/modules/site_config/manifests/hosts.pp +++ b/puppet/modules/site_config/manifests/hosts.pp @@ -11,7 +11,7 @@ class site_config::hosts() { $dns_aliases = $dns['aliases'] } $my_hostnames = unique(concat( - $dns_aliases, [$hostname, $domain_hash['full'], $domain_hash['internal']] + [$domain_hash['full'], $hostname, $domain_hash['internal']], $dns_aliases )) file { '/etc/hostname': diff --git a/puppet/modules/site_nagios/manifests/add_service.pp b/puppet/modules/site_nagios/manifests/add_service.pp index 8d2a310b..1b67d14e 100644 --- a/puppet/modules/site_nagios/manifests/add_service.pp +++ b/puppet/modules/site_nagios/manifests/add_service.pp @@ -1,9 +1,17 @@ define site_nagios::add_service ( $hostname, $ip_address, $openvpn_gw = '', $service) { + $ssh = hiera_hash('ssh') + $ssh_port = $ssh['port'] + case $service { 'webapp': { nagios_service { + "${name}_ssh": + use => 'generic-service', + check_command => "check_ssh_port!$ssh_port", + service_description => 'SSH', + host_name => $hostname; "${name}_cert": use => 'generic-service', check_command => 'check_https_cert', diff --git a/puppet/modules/site_sshd/manifests/init.pp b/puppet/modules/site_sshd/manifests/init.pp index 400c21ea..9a05b6ed 100644 --- a/puppet/modules/site_sshd/manifests/init.pp +++ b/puppet/modules/site_sshd/manifests/init.pp @@ -52,7 +52,7 @@ class site_sshd { ## SSHD SERVER CONFIGURATION ## class { '::sshd': - manage_nagios => 'no', + manage_nagios => false, ports => $ssh['port'], use_pam => 'yes', hardened_ssl => 'yes', diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index 08618457..17b010f3 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -16,6 +16,7 @@ class site_webapp { include site_config::ruby::dev include site_webapp::apache include site_webapp::couchdb + include site_webapp::logging include site_haproxy include site_webapp::cron include site_config::x509::cert diff --git a/puppet/modules/site_webapp/manifests/logging.pp b/puppet/modules/site_webapp/manifests/logging.pp new file mode 100644 index 00000000..b414b82c --- /dev/null +++ b/puppet/modules/site_webapp/manifests/logging.pp @@ -0,0 +1,16 @@ +class site_webapp::logging { + + rsyslog::snippet { '01-webapp': + content => 'if $programname == "webapp" then /var/log/leap/webapp.log +&~' + } + + augeas { + 'logrotate_webapp': + context => '/files/etc/logrotate.d/webapp/rule', + changes => [ 'set file /var/log/leap/webapp.log', 'set rotate 7', + 'set schedule daily', 'set compress compress', + 'set missingok missingok', 'set ifempty notifempty', + 'set copytruncate copytruncate' ] + } +} diff --git a/puppet/modules/tapicero/manifests/init.pp b/puppet/modules/tapicero/manifests/init.pp index fd8c1344..2bf72004 100644 --- a/puppet/modules/tapicero/manifests/init.pp +++ b/puppet/modules/tapicero/manifests/init.pp @@ -124,9 +124,11 @@ class tapicero { service { 'tapicero': ensure => running, enable => true, - hasstatus => true, + hasstatus => false, hasrestart => true, - require => [ File['/etc/init.d/tapicero'], File['/var/run/tapicero'] ]; + require => [ File['/etc/init.d/tapicero'], + File['/var/run/tapicero'], + Couchdb::Add_user[$::site_couchdb::couchdb_tapicero_user] ]; } } |