From 6c8d3a7639af50266a56ed0661006280c7198b2f Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 09:46:07 +0100 Subject: no build-essential packages needed for building leap_cli --- puppet/modules/leap/manifests/cli/install.pp | 2 -- 1 file changed, 2 deletions(-) diff --git a/puppet/modules/leap/manifests/cli/install.pp b/puppet/modules/leap/manifests/cli/install.pp index 6a12a4a5..25e87033 100644 --- a/puppet/modules/leap/manifests/cli/install.pp +++ b/puppet/modules/leap/manifests/cli/install.pp @@ -4,7 +4,6 @@ class leap::cli::install ( $source = false ) { # needed for building leap_cli from source include ::git include ::rubygems - include ::site_config::packages::build_essential class { '::ruby': install_dev => true @@ -14,7 +13,6 @@ class leap::cli::install ( $source = false ) { Class[Ruby] -> Class[rubygems] -> - Class[::site_config::packages::build_essential] -> Class[bundler::install] -- cgit v1.2.3 From b8736b39e21251f9a888914822858c704fdb8e08 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 09:46:30 +0100 Subject: remove wheezy support --- vagrant/install-platform.pp | 7 ------- 1 file changed, 7 deletions(-) diff --git a/vagrant/install-platform.pp b/vagrant/install-platform.pp index 8d177156..223853c1 100755 --- a/vagrant/install-platform.pp +++ b/vagrant/install-platform.pp @@ -1,13 +1,6 @@ class {'apt': } Exec['update_apt'] -> Package <||> - -if $::lsbdistcodename == 'wheezy' { - package { 'ruby-hiera-puppet': - ensure => installed - } -} - # install leap_cli from source, so it will work with the develop # branch of leap_platform class { '::leap::cli::install': -- cgit v1.2.3 From a33a7d634ab33f46814bd154882f3b1c9b3b3978 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 15:59:55 +0100 Subject: remove couchdb_pwhash_alg leftover --- puppet/modules/site_apache/manifests/common.pp | 6 +++++- puppet/modules/site_couchdb/manifests/init.pp | 1 - 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/puppet/modules/site_apache/manifests/common.pp b/puppet/modules/site_apache/manifests/common.pp index dadf7ea5..8a11759a 100644 --- a/puppet/modules/site_apache/manifests/common.pp +++ b/puppet/modules/site_apache/manifests/common.pp @@ -4,7 +4,11 @@ class site_apache::common { include apache::module::rewrite include apache::module::env - class { '::apache': no_default_site => true, ssl => true } + class { '::apache': + no_default_site => true, + ssl => true, + ssl_cipher_suite => 'HIGH:MEDIUM:!aNULL:!MD5' + } # needed for the mod_ssl config include apache::module::mime diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index 0c282e1c..b3d9fdf0 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -38,7 +38,6 @@ class site_couchdb { $couchdb_backup = $couchdb_config['backup'] $couchdb_mode = $couchdb_config['mode'] - $couchdb_pwhash_alg = $couchdb_config['pwhash_alg'] if $couchdb_mode == 'multimaster' { include site_couchdb::bigcouch } if $couchdb_mode =~ /^(plain|master)$/ { include site_couchdb::plain } -- cgit v1.2.3 From c6e45bc1097ed0a9dc7cb33898ea0b4e60635983 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 16:08:32 +0100 Subject: couchdb module uses pbkdf2 as default pwhash algor. now --- puppet/modules/couchdb | 2 +- puppet/modules/site_couchdb/manifests/plain.pp | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/puppet/modules/couchdb b/puppet/modules/couchdb index b2dada71..53a4c75a 160000 --- a/puppet/modules/couchdb +++ b/puppet/modules/couchdb @@ -1 +1 @@ -Subproject commit b2dada713dd3486dec8eaf9bdcd1e223c9297f68 +Subproject commit 53a4c75ae09feb6d89b3535886663356d9ef4287 diff --git a/puppet/modules/site_couchdb/manifests/plain.pp b/puppet/modules/site_couchdb/manifests/plain.pp index 9338e56a..b40fc100 100644 --- a/puppet/modules/site_couchdb/manifests/plain.pp +++ b/puppet/modules/site_couchdb/manifests/plain.pp @@ -3,8 +3,7 @@ class site_couchdb::plain { class { 'couchdb': admin_pw => $site_couchdb::couchdb_admin_pw, admin_salt => $site_couchdb::couchdb_admin_salt, - chttpd_bind_address => '127.0.0.1', - pwhash_alg => 'pbkdf2' + chttpd_bind_address => '127.0.0.1' } include site_check_mk::agent::couchdb::plain -- cgit v1.2.3 From 81501eae66c9b46283b16cb83e4037938655094d Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 16:12:24 +0100 Subject: dont set custom log destination --- vagrant/configure-leap.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index b22756de..61ffeab7 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -24,7 +24,6 @@ chown ${USER}:${USER} ${PROVIDERDIR} cd $PROVIDERDIR $LEAP $OPTS new --contacts "$contacts" --domain "$provider_domain" --name "$provider_name" --platform=/vagrant . -$SUDO echo -e '\n@log = "/var/log/leap/deploy.log"' >> Leapfile if [ ! -e /home/${USER}/.ssh/id_rsa ]; then $SUDO ssh-keygen -f /home/${USER}/.ssh/id_rsa -P '' -- cgit v1.2.3 From 2599431bb42380f5d8d45769c9a56175f8137267 Mon Sep 17 00:00:00 2001 From: Kali Kaneko Date: Thu, 25 Feb 2016 11:59:39 -0400 Subject: [bug] remove tempdir after soledad sync test Closes: #7921 --- tests/helpers/soledad_sync.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/helpers/soledad_sync.py b/tests/helpers/soledad_sync.py index b8e8fbc9..f4fc81ae 100755 --- a/tests/helpers/soledad_sync.py +++ b/tests/helpers/soledad_sync.py @@ -17,6 +17,7 @@ It takes 5 arguments: __author__: kali@leap.se """ import os +import shutil import sys import tempfile @@ -56,8 +57,13 @@ def create_docs(soledad): if __name__ == '__main__': tempdir = tempfile.mkdtemp() + + def rm_tempdir(): + shutil.rmtree(tempdir) + if len(sys.argv) < 6: bail(USAGE, 2) + uuid, token, server, cert_file, passphrase = sys.argv[1:] s = get_soledad_instance( uuid, passphrase, tempdir, server, cert_file, token) @@ -65,10 +71,12 @@ if __name__ == '__main__': def onSyncDone(sync_result): print "SYNC_RESULT:", sync_result s.close() + rm_tempdir() reactor.stop() def log_and_exit(f): log.err(f) + rm_tempdir() reactor.stop() def start_sync(): -- cgit v1.2.3 From 3dd636c26f6491f61e8cbe103be2765c3d31d4d4 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 17:43:58 +0100 Subject: re-enable deploy logging --- vagrant/configure-leap.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 61ffeab7..41841f24 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -24,6 +24,7 @@ chown ${USER}:${USER} ${PROVIDERDIR} cd $PROVIDERDIR $LEAP $OPTS new --contacts "$contacts" --domain "$provider_domain" --name "$provider_name" --platform=/vagrant . +echo -e '\n@log = "../deploy.log"' >> Leapfile if [ ! -e /home/${USER}/.ssh/id_rsa ]; then $SUDO ssh-keygen -f /home/${USER}/.ssh/id_rsa -P '' -- cgit v1.2.3 From fea4ba86622b891550144c5f434d430e0a4bb4c8 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 17:44:56 +0100 Subject: dont break on errors --- vagrant/configure-leap.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 41841f24..35b3f861 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -61,10 +61,8 @@ gem install rake $LEAP $OPTS -v 2 deploy -set +e $GIT add . $GIT commit -m'initialized and deployed provider' -set -e # Vagrant: leap_mx fails to start on jessie # https://leap.se/code/issues/7755 -- cgit v1.2.3 From 7478e1c4018406f424a5b1140f62970fef6e61f8 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 18:08:39 +0100 Subject: use provider dir as log location --- vagrant/configure-leap.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vagrant/configure-leap.sh b/vagrant/configure-leap.sh index 35b3f861..8751c763 100755 --- a/vagrant/configure-leap.sh +++ b/vagrant/configure-leap.sh @@ -24,7 +24,7 @@ chown ${USER}:${USER} ${PROVIDERDIR} cd $PROVIDERDIR $LEAP $OPTS new --contacts "$contacts" --domain "$provider_domain" --name "$provider_name" --platform=/vagrant . -echo -e '\n@log = "../deploy.log"' >> Leapfile +echo -e '\n@log = "./deploy.log"' >> Leapfile if [ ! -e /home/${USER}/.ssh/id_rsa ]; then $SUDO ssh-keygen -f /home/${USER}/.ssh/id_rsa -P '' -- cgit v1.2.3 From 64752269a4068c823d8ca0d19db852631e7d9dd2 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 18:20:07 +0100 Subject: check-mk's mk_job depends on the time package --- puppet/modules/site_check_mk/manifests/agent.pp | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/puppet/modules/site_check_mk/manifests/agent.pp b/puppet/modules/site_check_mk/manifests/agent.pp index 589041eb..5dc4eeff 100644 --- a/puppet/modules/site_check_mk/manifests/agent.pp +++ b/puppet/modules/site_check_mk/manifests/agent.pp @@ -1,9 +1,14 @@ +# installs check-mk agent class site_check_mk::agent { $ssh_hash = hiera('ssh') $pubkey = $ssh_hash['authorized_keys']['monitor']['key'] $type = $ssh_hash['authorized_keys']['monitor']['type'] + + # /usr/bin/mk-job depends on /usr/bin/time + ensure_packages('time') + class { 'site_apt::preferences::check_mk': } -> class { 'check_mk::agent': @@ -11,7 +16,8 @@ class site_check_mk::agent { agent_logwatch_package_name => 'check-mk-agent-logwatch', method => 'ssh', homedir => '/etc/nagios/check_mk', - register_agent => false + register_agent => false, + requires => Package['time'] } -> class { 'site_check_mk::agent::mrpe': } -> -- cgit v1.2.3 From 0206d426bd51aa4805915f6e23b53d5fdb40d738 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 25 Feb 2016 18:23:38 +0100 Subject: fix typo in last commit --- puppet/modules/site_check_mk/manifests/agent.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/puppet/modules/site_check_mk/manifests/agent.pp b/puppet/modules/site_check_mk/manifests/agent.pp index 5dc4eeff..8d8ab814 100644 --- a/puppet/modules/site_check_mk/manifests/agent.pp +++ b/puppet/modules/site_check_mk/manifests/agent.pp @@ -17,7 +17,7 @@ class site_check_mk::agent { method => 'ssh', homedir => '/etc/nagios/check_mk', register_agent => false, - requires => Package['time'] + require => Package['time'] } -> class { 'site_check_mk::agent::mrpe': } -> -- cgit v1.2.3