6 files changed, 48 insertions, 35 deletions
diff --git a/puppet/modules/site_apt/files/Debian/51unattended-upgrades-leap b/puppet/modules/site_apt/files/Debian/51unattended-upgrades-leap
new file mode 100644
index 00000000..bbaac6a2
--- /dev/null
+++ b/puppet/modules/site_apt/files/Debian/51unattended-upgrades-leap
@@ -0,0 +1,6 @@
+// this file is managed by puppet !
+
+Unattended-Upgrade::Allowed-Origins {
+  "leap.se:stable";
+}
+
diff --git a/puppet/modules/site_apt/manifests/unattended_upgrades.pp b/puppet/modules/site_apt/manifests/unattended_upgrades.pp
index 40111deb..42f1f4c6 100644
--- a/puppet/modules/site_apt/manifests/unattended_upgrades.pp
+++ b/puppet/modules/site_apt/manifests/unattended_upgrades.pp
@@ -1,9 +1,20 @@
+# configute unattended upgrades so packages from both Debian and LEAP
+# repos get upgraded unattended
 class site_apt::unattended_upgrades {
   # override unattended-upgrades package resource to make sure
   # that it is upgraded on every deploy (#6245)
 
+  # configure upgrades for Debian
   class { 'apt::unattended_upgrades':
-    config_content => template('site_apt/50unattended-upgrades'),
     ensure_version => latest
   }
+
+  # configure LEAP upgrades
+  apt::apt_conf { '51unattended-upgrades-leap':
+    source      => [
+      "puppet:///modules/site_apt/${::lsbdistid}/51unattended-upgrades-leap"],
+    require     => Package['unattended-upgrades'],
+    refresh_apt => false,
+  }
+
 }
diff --git a/puppet/modules/site_apt/templates/50unattended-upgrades b/puppet/modules/site_apt/templates/50unattended-upgrades
deleted file mode 100644
index 9ae3ab84..00000000
--- a/puppet/modules/site_apt/templates/50unattended-upgrades
+++ /dev/null
@@ -1,16 +0,0 @@
-// this file is managed by puppet !
-
-Unattended-Upgrade::Allowed-Origins {
-        "${distro_id}:oldstable";
-        "${distro_id}:${distro_codename}-security";
-        "${distro_id}:${distro_codename}-updates";
-        "${distro_id} Backports:${distro_codename}-backports";
-        "leap.se:stable";
-};
-
-APT::Periodic::Update-Package-Lists "1";
-APT::Periodic::Download-Upgradeable-Packages "1";
-APT::Periodic::Unattended-Upgrade "1";
-
-Unattended-Upgrade::Mail "root";
-Unattended-Upgrade::MailOnlyOnError "true";
diff --git a/puppet/modules/site_config/manifests/remove/bigcouch.pp b/puppet/modules/site_config/manifests/remove/bigcouch.pp
new file mode 100644
index 00000000..0783fe9d
--- /dev/null
+++ b/puppet/modules/site_config/manifests/remove/bigcouch.pp
@@ -0,0 +1,26 @@
+# remove bigcouch leftovers from previous installations
+class site_config::remove::bigcouch {
+
+  # Don't use check_mk logwatch to watch bigcouch logs anymore
+  # see https://leap.se/code/issues/7375 for more details
+  file { '/etc/check_mk/logwatch.d/bigcouch.cfg':
+    ensure => absent,
+    notify => [
+      Exec['remove_bigcouch_logwatch_spoolfiles'],
+      Exec['remove_bigcouch_logwatch_stateline']
+    ]
+  }
+  # remove leftover bigcouch logwatch spool files
+  exec { 'remove_bigcouch_logwatch_spoolfiles':
+    command     => 'find /var/lib/check_mk/logwatch -name \'\\opt\\bigcouch\\var\\log\\bigcouch.log\' -exec rm {} \;',
+    refreshonly => true,
+  }
+  exec { 'remove_bigcouch_logwatch_stateline':
+    command     => "sed -i '/bigcouch.log/d' /etc/check_mk/logwatch.state",
+    refreshonly => true,
+  }
+
+  cron { 'compact_all_shards':
+    ensure => absent
+  }
+}
diff --git a/puppet/modules/site_config/manifests/remove/files.pp b/puppet/modules/site_config/manifests/remove/files.pp
index 077381e1..4f7aa6e6 100644
--- a/puppet/modules/site_config/manifests/remove/files.pp
+++ b/puppet/modules/site_config/manifests/remove/files.pp
@@ -51,22 +51,4 @@ class site_config::remove::files {
       onlyif  => "/bin/grep -qe 'leap_mx.log' /etc/check_mk/logwatch.state"
   }
 
-  # Don't use check_mk logwatch to watch bigcouch logs anymore
-  # see https://leap.se/code/issues/7375 for more details
-  file { '/etc/check_mk/logwatch.d/bigcouch.cfg':
-    ensure => absent,
-    notify => [
-      Exec['remove_bigcouch_logwatch_spoolfiles'],
-      Exec['remove_bigcouch_logwatch_stateline']
-    ]
-  }
-  # remove leftover bigcouch logwatch spool files
-  exec { 'remove_bigcouch_logwatch_spoolfiles':
-    command     => 'find /var/lib/check_mk/logwatch -name \'\\opt\\bigcouch\\var\\log\\bigcouch.log\' -exec rm {} \;',
-    refreshonly => true,
-  }
-  exec { 'remove_bigcouch_logwatch_stateline':
-    command     => "sed -i '/bigcouch.log/d' /etc/check_mk/logwatch.state",
-    refreshonly => true,
-  }
 }
diff --git a/puppet/modules/site_couchdb/manifests/master.pp b/puppet/modules/site_couchdb/manifests/master.pp
index 5dab6325..49d90f2f 100644
--- a/puppet/modules/site_couchdb/manifests/master.pp
+++ b/puppet/modules/site_couchdb/manifests/master.pp
@@ -8,4 +8,8 @@ class site_couchdb::master {
   }
 
   include site_check_mk::agent::couchdb::master
+
+  # remove bigcouch leftovers from previous installations
+  include ::site_config::remove::bigcouch
+
 }