diff options
Diffstat (limited to 'puppet')
5 files changed, 28 insertions, 5 deletions
| diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/openvpn.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/openvpn.cfg new file mode 100644 index 00000000..d58e876d --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/openvpn.cfg @@ -0,0 +1,7 @@ +# ignore openvpn TLS initialization errors when clients +# suddenly hangup before properly establishing +# a tls connection + I ovpn-.*TLS Error: Unroutable control packet received from + I ovpn-.*TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) + I ovpn-.*TLS Error: TLS handshake failed + diff --git a/puppet/modules/site_check_mk/manifests/agent/openvpn.pp b/puppet/modules/site_check_mk/manifests/agent/openvpn.pp new file mode 100644 index 00000000..919a408d --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/openvpn.pp @@ -0,0 +1,10 @@ +class site_check_mk::agent::openvpn { + +  # check syslog +  concat::fragment { 'syslog_openpvn': +    source  => 'puppet:///modules/site_check_mk/agent/logwatch/syslog/openvpn.cfg', +    target  => '/etc/check_mk/logwatch.d/syslog.cfg', +    order   => '02'; +  } + +} diff --git a/puppet/modules/site_config/manifests/packages/base.pp b/puppet/modules/site_config/manifests/packages/base.pp index 28aa4dbb..ae47963c 100644 --- a/puppet/modules/site_config/manifests/packages/base.pp +++ b/puppet/modules/site_config/manifests/packages/base.pp @@ -1,5 +1,6 @@  class site_config::packages::base { +    # base set of packages that we want to have installed everywhere    package { [ 'etckeeper', 'screen', 'less', 'ntp' ]:      ensure => installed, diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp index 42146741..4c2a3967 100644 --- a/puppet/modules/site_openvpn/manifests/init.pp +++ b/puppet/modules/site_openvpn/manifests/init.pp @@ -213,4 +213,7 @@ class site_openvpn {        target  => '/etc/default/openvpn',        order   => 10;    } + +  include site_check_mk::agent::openvpn +  } diff --git a/puppet/modules/site_postfix/manifests/mx/reserved_aliases.pp b/puppet/modules/site_postfix/manifests/mx/reserved_aliases.pp index aea66f78..83e27376 100644 --- a/puppet/modules/site_postfix/manifests/mx/reserved_aliases.pp +++ b/puppet/modules/site_postfix/manifests/mx/reserved_aliases.pp @@ -1,11 +1,13 @@ +# Defines which mail addresses shouldn't be available and where they should fwd  class site_postfix::mx::reserved_aliases {    postfix::mailalias { -    [ 'postmaster', 'hostmaster', 'domainadmin', 'certmaster', 'ssladmin', -      'arin-admin', 'administrator', 'webmaster', 'www-data', 'www', -      'nobody', 'sys', 'postgresql', 'mysql', 'bin', 'cron', 'lp', 'games', -      'maildrop', 'abuse', 'noc', 'security', 'usenet', 'news', 'uucp', -      'ftp' ]: +    [ 'abuse', 'admin', 'arin-admin', 'administrator', 'bin', 'cron', +      'certmaster', 'domainadmin', 'games', 'ftp', 'hostmaster', 'lp', +      'maildrop', 'mysql', 'news', 'nobody', 'noc', 'postmaster', 'postgresql', +      'security', 'ssladmin', 'sys', 'usenet', 'uucp', 'webmaster', 'www', +      'www-data', +    ]:        ensure    => present,        recipient => 'root'    } | 
