From 276b77cdcc0d169b84e046afe8763e2c52ff76fb Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Mon, 5 Oct 2015 15:22:25 +0200
Subject: [feat] remove tapicero leftovers

Soledad now creates user-dbs, which has been done by tapicero
in the past. we need to remove any leftovers from tapicero.
---
 .../modules/site_config/manifests/remove/files.pp  | 74 ++++++++++++++++++++++
 .../site_config/manifests/remove/tapicero.pp       | 57 +++++++++++++++++
 2 files changed, 131 insertions(+)
 create mode 100644 puppet/modules/site_config/manifests/remove/files.pp
 create mode 100644 puppet/modules/site_config/manifests/remove/tapicero.pp

(limited to 'puppet/modules/site_config/manifests/remove')

diff --git a/puppet/modules/site_config/manifests/remove/files.pp b/puppet/modules/site_config/manifests/remove/files.pp
new file mode 100644
index 00000000..feff7c05
--- /dev/null
+++ b/puppet/modules/site_config/manifests/remove/files.pp
@@ -0,0 +1,74 @@
+#
+# Sometimes when we upgrade the platform, we need to ensure that files that
+# the platform previously created will get removed.
+#
+# These file removals don't need to be kept forever: we only need to remove
+# files that are present in the prior platform release.
+#
+# We can assume that the every node is upgraded from the previous platform
+# release.
+#
+
+class site_config::remove::files {
+
+  #
+  # Platform 0.8 removals
+  #
+
+  tidy {
+    '/etc/apache/sites-enabled/leap_webapp.conf':
+      notify => Service['apache'];
+  }
+
+
+  #
+  # Platform 0.7 removals
+  #
+
+  tidy {
+    '/etc/rsyslog.d/99-tapicero.conf':;
+    '/etc/rsyslog.d/99-leap-mx.conf':;
+    '/etc/rsyslog.d/01-webapp.conf':;
+    '/etc/rsyslog.d/50-stunnel.conf':;
+    '/etc/logrotate.d/mx':;
+    '/etc/logrotate.d/stunnel':;
+    '/var/log/stunnel4/stunnel.log':;
+    'leap_mx':
+      path => '/var/log/',
+      recurse => true,
+      matches => 'leap_mx*';
+    '/srv/leap/webapp/public/provider.json':;
+    '/srv/leap/couchdb/designs/tmp_users':
+      recurse => true,
+      rmdirs => true;
+    '/etc/leap/soledad-server.conf':;
+  }
+
+  # leax-mx logged to /var/log/leap_mx.log in the past
+  # we need to use a dumb exec here because file_line doesn't
+  # allow removing lines that match a regex in the current version
+  # of stdlib, see https://tickets.puppetlabs.com/browse/MODULES-1903
+  exec { 'rm_old_leap_mx_log_destination':
+      command => "/bin/sed -i '/leap_mx.log/d' /etc/check_mk/logwatch.state",
+      onlyif  => "/bin/grep -qe 'leap_mx.log' /etc/check_mk/logwatch.state"
+  }
+
+  # Don't use check_mk logwatch to watch bigcouch logs anymore
+  # see https://leap.se/code/issues/7375 for more details
+  file { '/etc/check_mk/logwatch.d/bigcouch.cfg':
+    ensure => absent,
+    notify => [
+      Exec['remove_bigcouch_logwatch_spoolfiles'],
+      Exec['remove_bigcouch_logwatch_stateline']
+    ]
+  }
+  # remove leftover bigcouch logwatch spool files
+  exec { 'remove_bigcouch_logwatch_spoolfiles':
+    command     => 'find /var/lib/check_mk/logwatch -name \'\\opt\\bigcouch\\var\\log\\bigcouch.log\' -exec rm {} \;',
+    refreshonly => true,
+  }
+  exec { 'remove_bigcouch_logwatch_stateline':
+    command     => "sed -i '/bigcouch.log/d' /etc/check_mk/logwatch.state",
+    refreshonly => true,
+  }
+}
diff --git a/puppet/modules/site_config/manifests/remove/tapicero.pp b/puppet/modules/site_config/manifests/remove/tapicero.pp
new file mode 100644
index 00000000..765f7428
--- /dev/null
+++ b/puppet/modules/site_config/manifests/remove/tapicero.pp
@@ -0,0 +1,57 @@
+# remove tapicero leftovers from previous deploys
+class site_config::remove::tapicero {
+
+  exec { 'kill_tapicero':
+    onlyif  => '/usr/bin/test -s /var/run/tapicero.pid',
+    command => '/usr/bin/pkill --pidfile /var/run/tapicero.pid'
+  }
+
+  user { 'tapicero':
+    ensure  => absent;
+  }
+
+  group { 'tapicero':
+    ensure => absent,
+    require => User['tapicero'];
+  }
+
+  tidy {
+    '/srv/leap/tapicero':
+      recurse => true,
+      require   => [ Exec['kill_tapicero'] ];
+    '/var/lib/leap/tapicero':
+      require   => [ Exec['kill_tapicero'] ];
+    '/var/run/tapicero':
+      require   => [ Exec['kill_tapicero'] ];
+    '/etc/leap/tapicero.yaml':
+      require   => [ Exec['kill_tapicero'] ];
+    '/etc/init.d/tapicero':
+      require   => [ Exec['kill_tapicero'] ];
+    'tapicero_logs':
+      path    => '/var/log/leap',
+      recurse => true,
+      matches => 'tapicero*',
+      require   => [ Exec['kill_tapicero'] ];
+    '/etc/check_mk/logwatch.d/tapicero.cfg':;
+    'checkmk_logwatch_spool':
+      path    => '/var/lib/check_mk/logwatch',
+      recurse => true,
+      matches => '*tapicero.log',
+      require   => [ Exec['kill_tapicero'] ];
+  }
+
+  # remove local nagios plugin checks via mrpe
+  augeas {
+    'Tapicero_Procs':
+      incl    => '/etc/check_mk/mrpe.cfg',
+      lens    => 'Spacevars.lns',
+      changes => 'rm /files/etc/check_mk/mrpe.cfg/Tapicero_Procs',
+      require => File['/etc/check_mk/mrpe.cfg'];
+    'Tapicero_Heartbeat':
+      incl    => '/etc/check_mk/mrpe.cfg',
+      lens    => 'Spacevars.lns',
+      changes => 'rm Tapicero_Heartbeat',
+      require => File['/etc/check_mk/mrpe.cfg'];
+  }
+
+}
-- 
cgit v1.2.3