summaryrefslogtreecommitdiff
path: root/puppet/modules/site_config
AgeCommit message (Collapse)Author
2016-01-22restructured site.pp, now only one class gets included in site.pp per ↵varac
service (Bug #6851) Also, moved global Exec{} defaults to site.pp Change-Id: I9ae91b77afde944d2f1312613b9d9030e32239dd
2016-01-19Swiss privacy foundation nameserver is not responding, switch secondaryMicah
fall-back to an OpenNIC resolver that does not log (#7781) Change-Id: I290321927c8188c82e95e2cd4b93cd01bd2258c2
2016-01-19Merge branch '7802_rsyslog_jessie' into developvarac
2016-01-19Ensure curl is installed before it is called (#7803)Micah
Change-Id: Iedd464a397e9944159991241cd84caad6a2a40d6
2016-01-15[bug] Only pin rsyslog debs to backports on wheezyvarac
- Resolves: #7802
2016-01-15linted site_config::syslogvarac
2016-01-08[bug] Make /etc/leap world-readablevarac
Under jessie, leap-mx is started by systemd now, not as a forked proc by twistd anymore. Therefore leap-mx (the user the mx proc runs as) needs direct access to it's config file under /etc/leap/mx.conf. Before, twistd would start as root, read the config and then fork an mx proc as unprivileged leap-mx user. - Tested: [quetzal] - Resolves: #7782
2015-12-15Merge branch 'dont_remove_nfs_client_on_vagrant' into developvarac
2015-12-15Merge branch 'remove_run_stages' into developvarac
2015-12-15Have leap-mx log with the process name 'leap-mx', but log toMicah
/var/log/leap/mx.log, and clean up the files associated with the previous configuration (#7691) Change-Id: Id08c97980292968e8e89f128afb5fa78bda30069
2015-12-10[feat] Dont remove nfs client on local vagrant nodesvarac
2015-12-09[feat] Remove puppet run stagesvarac
To reduce complexity, let's get rid of run stages. We used them earlier but they seem to have no purpose anymore. There was two stage leftovers: - `site_config::slow` did an `apt-get dist-upgrade` in the `setup` stage - `site_config::setup` did call the `site_config::hosts` class in the `setup` stage I checked for dependencies to to those resources, and it looks good, i tested by triggering a citest. From https://docs.puppetlabs.com/puppet/latest/reference/lang_run_stages.html#limitations-and-known-issues: ``` Due to these limitations, stages should only be used with the simplest of classes, and only when absolutely necessary. Mass dependencies like package repositories are effectively the only valid use case. ```
2015-11-24Switch to syslog for leap_mx (#6942)Micah
In order to switch to syslog for leap_mx, leap_mx needs to change to log to syslog (#6307 and #6937), and we need to clean up the platform pieces that set the non-syslog options, and rotated log files (#6942). Hopefully, this will solve the leap_mx logrotation issue at the same time (#7058) Change-Id: If68f808a65c24c91231b88d15759809c9e379294
2015-11-24Cleanup old leap mx logs that may appear on some nodes due to how thingsMicah
were logged before Change-Id: Ief95f35ea52a189075c2eda28c00bcc567c464b2
2015-11-17[bug] [jessie] Don't specify ruby versionsvarac
because ruby-1.9.3 is not available on jessie. - Related: #6920
2015-11-17[feat] Don't manually install compiler packagesvarac
These packages are a dependency of build-essential and will get installed anyway. - Related: #6920
2015-11-02Add basic DKIM support, this requires changes in leap_cli detailed inMicah
issue #5924 Change-Id: I6aa1e7751633407d441cbc6436d8426d37dbbfa7
2015-10-12[feat] Remove tapicero couchdb uservarac
- Resolves: #7514
2015-10-07[bug] Fix missing dependency (tapicero leftovers)varac
We need to remove local check-mk-agent checks on the tapicero nodes, and want to notify the monitoring server to re-inventarize the local checks. This doesn't work when both services run on different hosts, it will fail with: Could not find dependent Exec[check_mk-refresh] for Tidy[checkmk_logwatch_spool] So i remove the notifies, because we will re-inventarize of local checks by a daily cronjob anyway, see #6873. ... - Resolves: #XYZ - Related: #XYZ - Documentation: #XYZ - Releases: XYZ
2015-10-07[bug] Fix removal of webapp apache config filevarac
Done by including a service-dependend site_config::remove::webapp class.
2015-10-07Merge branch 'develop' of gitlab.com:leap/platform into developvarac
2015-10-06[feat] Remove tapicero from more placesvarac
Remove from: - platform white-box tests (couchdb user ACLs, tapicero daemon test) - provider_base/ dir that handles the compilation of the hiera config file - Resolves: #7501
2015-10-06[feat] remove tapicero leftoversvarac
Soledad now creates user-dbs, which has been done by tapicero in the past. we need to remove any leftovers from tapicero.
2015-10-05Merge branch 'soledad_userdb_creation' into developvarac
2015-10-05[feat] Create-user-db: use couchdb admin rightsvarac
- create soledad-admin user - deploy netrc file for userdb creation - Move soledad-server.conf from /etc/leap to /etc/soledad - make soledad-server.conf group-accessible for the soledad group, so the soledad-admin user can read it - Resolves: #7502
2015-09-30fix missing service dependency errorMicah
this tidy should only happen on webapp nodes Change-Id: I56faac4fa28fde9dcad7ce9a6ed0d684630a556e
2015-09-24do not remove /var/log/leap/mx.log.*, this is where leap_mx is logging.elijah
2015-09-24fix missing service dependency errorMicah
this tidy should only happen on webapp nodes Change-Id: I56faac4fa28fde9dcad7ce9a6ed0d684630a556e
2015-09-24Remove no longer used vhost for leap_webapp (#7475)Micah
The configuration /etc/apache/sites-enabled/leap_webapp.conf was never removed after 6255e58bf9ff3489bf2707bc2be9759ec5c7db68 made it obsolete, and because it exists on older systems, it is being used instead of the correct common.conf. This removes it and reloads apache. Change-Id: Ic4c9901f4bba869ecb3dfe5362dfd1971570f89a
2015-08-12Don't use check_mk logwatch to watch bigcouch logs anymore (#7375)varac
The rationale here is: - bigcouch/its included erlang version is incredibly noisy and spits out warnings/error msgs all the time - it uses the worst logging format i ever saw, multiple lines directly to a file (couch 2.0 uses lager as logging backend which can log to syslog) - trying to sort out the false positives will take too much time, and who knows which of them will be resolved in couch 1.6/2.0 Change-Id: Idbe6b37a19cd65ce31a50d4c28eedb4cf15ba3b5
2015-07-07Clean up left-over files from old way of leap-mx logging, this shouldMicah Anderson
stop the logrotate cron errors from happening. (#7058) Change-Id: Iceaeb8c17600fc23d2b1ca075546f8573c145760
2015-07-01Don't remove acpid and acpi-support-base packagesvarac
Those packages are needed by libvirt to reboot/shutdown a VM by the virsh command. Change-Id: I3eb7b113d11e3034f41d09d51c203b93275ae3c9
2015-06-23cleanup no longer used unbound conf.d pieces (#7187)Micah Anderson
Change-Id: Ie0b1f22c49462bd5c4ee3290f100e5d3e14ccb03
2015-06-23Remove old clean-up, this is no longer necessaryMicah Anderson
Change-Id: I4e8fe3355a2d55193ebf745de1f932a6dcd6121c
2015-06-02ensure the enterhooks directory is presentChristoph Kluenter
2015-05-26check_mk complains about non-existing logfile (#6964)varac
Change-Id: Ic58f9516854f812d46aa3a574628318951f99a95
2015-05-26Revert "remove old leap_mx logfile location from check_mk logwatch state ↵varac
file #6964" This reverts commit 984684f56f15d9d89ea78ffe6ed67dabf3d63208. Needed because: Augeas fails after upgrading augeas packages during same puppetrun, but only on first deploy - https://leap.se/code/issues/6997
2015-05-14remove old leap_mx logfile location from check_mk logwatch state file #6964varac
Change-Id: I385c639e5c096deef4f81691a85c1b83cbab9421
2015-04-17rename leap-mx logrotate file; minor style change.elijah
2015-04-16properly clean up unused fileselijah
2015-04-08set the 'logoutput' parameter for any exec type to 'on_error'varac
Change-Id: I04c796a502db52f3a594ef4c3cf08c330839bc13
2015-04-07rotate deploy logs by size instead of by date.elijah
2015-02-09logs deploy information to /var/log/leap/deploy.log (full puppet log) and ↵elijah
/var/log/leap/deploy-summary.log (just the start and complete, with platform version, user, leap_cli version, platform branch). downgrading platform require --downgrade (requires new leap_cli)
2015-01-27vcsrepo should depend on git package (Bug #6659)varac
Change-Id: Ibc2ae4697a37af97de625bfc9d8e149306578321
2015-01-22Provide a base-level set of quality entropy by installing haveged onMicah Anderson
systems by default (#6664) Change-Id: Ic2d4416b7c55f00f01d4b2ade78339d653bc8993
2015-01-13don't remove fontconfig-config package cause pnp4nagios depends on it (#6615)varac
Change-Id: If6c0d88e83b52588ee908edfa81451d37794a4b4
2014-12-04Merge remote-tracking branch 'leap/develop' into check_dhcpChristoph Kluenter
2014-10-21implement custom puppet support (#6201, #6226)Micah Anderson
change puppet command to include in the --modulepath /srv/leap/files/puppet/modules If a provider places puppet code under files/puppet it will be sync'd over to all the nodes, once leap cli #6225 is merged. The custom puppet entry point is in class 'custom' which can be put into files/puppet/modules/custom/manifests/init.pp Change-Id: I74879c6ee056b03cd4691aa81a7668b60383bdad
2014-09-29ensure dhclicent and resolv.conf are configured before bigcouchChristoph Kluenter
2014-09-29configure dhclient if its used in /e/network/interfacesChristoph Kluenter
we don't dhclient to to set domain and search in /etc/reslov.conf bigcouch has a strange way to find its hostname. It uses the domain stanza in /etc/resolv.conf to find its domain
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 16:49:58 +0000