From 63ca770b6913d674db639c486a8ba215ea0b7a65 Mon Sep 17 00:00:00 2001 From: Christoph Kluenter Date: Mon, 29 Sep 2014 13:57:30 +0200 Subject: configure dhclient if its used in /e/network/interfaces we don't dhclient to to set domain and search in /etc/reslov.conf bigcouch has a strange way to find its hostname. It uses the domain stanza in /etc/resolv.conf to find its domain --- puppet/modules/site_config/manifests/default.pp | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/default.pp b/puppet/modules/site_config/manifests/default.pp index fc2179de..42359a00 100644 --- a/puppet/modules/site_config/manifests/default.pp +++ b/puppet/modules/site_config/manifests/default.pp @@ -25,10 +25,7 @@ class site_config::default { # i.e. openstack/aws nodes, vagrant nodes # fix dhclient from changing resolver information - if $::ec2_instance_id { - include site_config::dhclient - } - if $::virtual == 'virtualbox' { + if $::dhcp_enabled == 'true' { include site_config::dhclient } -- cgit v1.2.3 From 664dca31dec0c7935ee96359209d9dcefc03e38c Mon Sep 17 00:00:00 2001 From: Christoph Kluenter Date: Mon, 29 Sep 2014 14:31:54 +0200 Subject: ensure dhclicent and resolv.conf are configured before bigcouch --- puppet/modules/site_config/manifests/dhclient.pp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/dhclient.pp b/puppet/modules/site_config/manifests/dhclient.pp index 7ac0caf3..dbe2ef1c 100644 --- a/puppet/modules/site_config/manifests/dhclient.pp +++ b/puppet/modules/site_config/manifests/dhclient.pp @@ -17,7 +17,9 @@ class site_config::dhclient { exec { 'reload_dhclient': refreshonly => true, - command => '/usr/local/sbin/reload_dhclient'; + command => '/usr/local/sbin/reload_dhclient', + before => Class['site_config::resolvconf'], + require => File['/usr/local/sbin/reload_dhclient'], } file { '/etc/dhcp/dhclient-enter-hooks.d/disable_resolvconf': -- cgit v1.2.3 From 280d1656978291d1fd9cab6280af64677973a4fb Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 13 Jan 2015 22:26:13 +0100 Subject: don't remove fontconfig-config package cause pnp4nagios depends on it (#6615) Change-Id: If6c0d88e83b52588ee908edfa81451d37794a4b4 --- puppet/modules/site_config/manifests/packages/base.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/packages/base.pp b/puppet/modules/site_config/manifests/packages/base.pp index ae47963c..f20d04a4 100644 --- a/puppet/modules/site_config/manifests/packages/base.pp +++ b/puppet/modules/site_config/manifests/packages/base.pp @@ -7,7 +7,7 @@ class site_config::packages::base { } # base set of packages that we want to remove everywhere - package { [ 'acpi', 'acpid', 'acpi-support-base', 'eject', 'ftp', 'fontconfig-config', + package { [ 'acpi', 'acpid', 'acpi-support-base', 'eject', 'ftp', 'laptop-detect', 'lpr', 'nfs-common', 'nfs-kernel-server', 'portmap', 'pppconfig', 'pppoe', 'pump', 'qstat', 'rpcbind', 'samba-common', 'samba-common-bin', 'smbclient', 'tcl8.5', -- cgit v1.2.3 From b2a59dc0d8d28b14450bfef9d109331e04d6c2cf Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 21 Jan 2015 15:10:36 -0500 Subject: Provide a base-level set of quality entropy by installing haveged on systems by default (#6664) Change-Id: Ic2d4416b7c55f00f01d4b2ade78339d653bc8993 --- puppet/modules/site_config/manifests/default.pp | 3 +++ 1 file changed, 3 insertions(+) (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/default.pp b/puppet/modules/site_config/manifests/default.pp index a20ffc3b..138efc97 100644 --- a/puppet/modules/site_config/manifests/default.pp +++ b/puppet/modules/site_config/manifests/default.pp @@ -38,6 +38,9 @@ class site_config::default { # install/configure syslog include site_config::syslog + # provide a basic level of quality entropy + include haveged + # install/remove base packages include site_config::packages::base -- cgit v1.2.3 From 3dc7507adef2935668e309dd3a3f2694f283f215 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 27 Jan 2015 20:48:28 +0100 Subject: vcsrepo should depend on git package (Bug #6659) Change-Id: Ibc2ae4697a37af97de625bfc9d8e149306578321 --- puppet/modules/site_config/manifests/default.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/default.pp b/puppet/modules/site_config/manifests/default.pp index 138efc97..a75b3c7c 100644 --- a/puppet/modules/site_config/manifests/default.pp +++ b/puppet/modules/site_config/manifests/default.pp @@ -47,7 +47,7 @@ class site_config::default { # include basic shorewall config include site_shorewall::defaults - Class['git'] -> Vcsrepo<||> + Package['git'] -> Vcsrepo<||> # include basic shell config include site_config::shell -- cgit v1.2.3 From 512cd3900b742e01a4a205d2c504741aab5fe84d Mon Sep 17 00:00:00 2001 From: elijah Date: Mon, 9 Feb 2015 22:29:58 -0800 Subject: logs deploy information to /var/log/leap/deploy.log (full puppet log) and /var/log/leap/deploy-summary.log (just the start and complete, with platform version, user, leap_cli version, platform branch). downgrading platform require --downgrade (requires new leap_cli) --- puppet/modules/site_config/manifests/default.pp | 2 +- puppet/modules/site_config/manifests/syslog.pp | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/default.pp b/puppet/modules/site_config/manifests/default.pp index a75b3c7c..aa49f930 100644 --- a/puppet/modules/site_config/manifests/default.pp +++ b/puppet/modules/site_config/manifests/default.pp @@ -35,7 +35,7 @@ class site_config::default { # configure caching, local resolver include site_config::caching_resolver - # install/configure syslog + # install/configure syslog and core log rotations include site_config::syslog # provide a basic level of quality entropy diff --git a/puppet/modules/site_config/manifests/syslog.pp b/puppet/modules/site_config/manifests/syslog.pp index 26c65f02..1b0c1e05 100644 --- a/puppet/modules/site_config/manifests/syslog.pp +++ b/puppet/modules/site_config/manifests/syslog.pp @@ -11,4 +11,13 @@ class site_config::syslog { content => '$ModLoad mmanon action(type="mmanon" ipv4.bits="32" mode="rewrite")' } + + augeas { + 'logrotate_leap_deploy': + context => '/files/etc/logrotate.d/leap_deploy/rule', + changes => [ 'set file /var/log/leap/deploy*.log', 'set rotate 7', + 'set schedule daily', 'set compress compress', + 'set missingok missingok', + 'set copytruncate copytruncate' ] + } } -- cgit v1.2.3 From c79e0282d5b5db3aba0167f13648ccc676fcb96b Mon Sep 17 00:00:00 2001 From: elijah Date: Tue, 7 Apr 2015 09:49:52 -0700 Subject: rotate deploy logs by size instead of by date. --- puppet/modules/site_config/manifests/syslog.pp | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/syslog.pp b/puppet/modules/site_config/manifests/syslog.pp index 1b0c1e05..83b49c8e 100644 --- a/puppet/modules/site_config/manifests/syslog.pp +++ b/puppet/modules/site_config/manifests/syslog.pp @@ -15,8 +15,24 @@ action(type="mmanon" ipv4.bits="32" mode="rewrite")' augeas { 'logrotate_leap_deploy': context => '/files/etc/logrotate.d/leap_deploy/rule', - changes => [ 'set file /var/log/leap/deploy*.log', 'set rotate 7', - 'set schedule daily', 'set compress compress', + changes => [ 'set file /var/log/leap/deploy.log', + 'set rotate 5', + 'set size 1M', + 'set compress compress', + 'set missingok missingok', + 'set copytruncate copytruncate' ]; + + # NOTE: + # the puppet_command script requires the option delaycompress + # be set on the summary log file. + + 'logrotate_leap_deploy_summary': + context => '/files/etc/logrotate.d/leap_deploy_summary/rule', + changes => [ 'set file /var/log/leap/deploy-summary.log', + 'set rotate 5', + 'set size 100k', + 'set delaycompress delaycompress', + 'set compress compress', 'set missingok missingok', 'set copytruncate copytruncate' ] } -- cgit v1.2.3 From 7bb8b2e0685b3738c7842e86c09b826c2732e8bd Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 8 Apr 2015 20:36:27 +0200 Subject: set the 'logoutput' parameter for any exec type to 'on_error' Change-Id: I04c796a502db52f3a594ef4c3cf08c330839bc13 --- puppet/modules/site_config/manifests/default.pp | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/default.pp b/puppet/modules/site_config/manifests/default.pp index aa49f930..c15080f5 100644 --- a/puppet/modules/site_config/manifests/default.pp +++ b/puppet/modules/site_config/manifests/default.pp @@ -1,6 +1,10 @@ class site_config::default { tag 'leap_base' + # the logoutput exec parameter defaults to "on_error" in puppet 3, + # but to "false" in puppet 2.7, so we need to set this globally here + Exec<||> { logoutput => on_failure } + $services = hiera('services', []) $domain_hash = hiera('domain') include site_config::params -- cgit v1.2.3 From 1530a85da3415bc000635d62882d9ba7082a793b Mon Sep 17 00:00:00 2001 From: elijah Date: Thu, 16 Apr 2015 20:42:09 -0700 Subject: properly clean up unused files --- puppet/modules/site_config/manifests/default.pp | 1 + .../modules/site_config/manifests/remove_files.pp | 36 ++++++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 puppet/modules/site_config/manifests/remove_files.pp (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/default.pp b/puppet/modules/site_config/manifests/default.pp index c15080f5..e69e4b7b 100644 --- a/puppet/modules/site_config/manifests/default.pp +++ b/puppet/modules/site_config/manifests/default.pp @@ -58,6 +58,7 @@ class site_config::default { # set up core leap files and directories include site_config::files + include site_config::remove_files if ! member($services, 'mx') { include site_postfix::satellite diff --git a/puppet/modules/site_config/manifests/remove_files.pp b/puppet/modules/site_config/manifests/remove_files.pp new file mode 100644 index 00000000..cc5fc174 --- /dev/null +++ b/puppet/modules/site_config/manifests/remove_files.pp @@ -0,0 +1,36 @@ +# +# Sometimes when we upgrade the platform, we need to ensure that files that +# the platform previously created will get removed. +# +# These file removals don't need to be kept forever: we only need to remove +# files that are present in the prior platform release. +# +# We can assume that the every node is upgraded from the previous platform +# release. +# + +class site_config::remove_files { + + # + # Platform 0.7 removals + # + + tidy { + '/etc/rsyslog.d/99-tapicero.conf':; + '/etc/rsyslog.d/99-leap-mx.conf':; + '/etc/rsyslog.d/01-webapp.conf':; + '/etc/rsyslog.d/50-stunnel.conf':; + '/etc/logrotate.d/leap-mx':; + '/etc/logrotate.d/stunnel':; + '/var/log/stunnel4/stunnel.log':; + 'leap_mx': + path => '/var/log/', + recurse => true, + matches => 'leap_mx*'; + '/srv/leap/webapp/public/provider.json':; + '/srv/leap/couchdb/designs/tmp_users': + recurse => true, + rmdirs => true; + } + +} -- cgit v1.2.3 From 64cc83793aa35b84b60dd40305c7edf8369a187b Mon Sep 17 00:00:00 2001 From: elijah Date: Fri, 17 Apr 2015 10:19:37 -0700 Subject: rename leap-mx logrotate file; minor style change. --- puppet/modules/site_config/manifests/remove_files.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/remove_files.pp b/puppet/modules/site_config/manifests/remove_files.pp index cc5fc174..44e3e47b 100644 --- a/puppet/modules/site_config/manifests/remove_files.pp +++ b/puppet/modules/site_config/manifests/remove_files.pp @@ -20,7 +20,7 @@ class site_config::remove_files { '/etc/rsyslog.d/99-leap-mx.conf':; '/etc/rsyslog.d/01-webapp.conf':; '/etc/rsyslog.d/50-stunnel.conf':; - '/etc/logrotate.d/leap-mx':; + '/etc/logrotate.d/mx':; '/etc/logrotate.d/stunnel':; '/var/log/stunnel4/stunnel.log':; 'leap_mx': -- cgit v1.2.3 From 984684f56f15d9d89ea78ffe6ed67dabf3d63208 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 13 May 2015 13:38:28 +0200 Subject: remove old leap_mx logfile location from check_mk logwatch state file #6964 Change-Id: I385c639e5c096deef4f81691a85c1b83cbab9421 --- puppet/modules/site_config/manifests/default.pp | 5 +++++ puppet/modules/site_config/manifests/remove_files.pp | 7 +++++++ 2 files changed, 12 insertions(+) (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/default.pp b/puppet/modules/site_config/manifests/default.pp index e69e4b7b..57e45506 100644 --- a/puppet/modules/site_config/manifests/default.pp +++ b/puppet/modules/site_config/manifests/default.pp @@ -1,3 +1,4 @@ +# This class is the basic configuration for all nodes class site_config::default { tag 'leap_base' @@ -13,6 +14,10 @@ class site_config::default { include apt::update Package { require => Exec['apt_updated'] } + class {'augeas': + version => 'latest' + } + include site_config::slow # default class, used by all hosts diff --git a/puppet/modules/site_config/manifests/remove_files.pp b/puppet/modules/site_config/manifests/remove_files.pp index 44e3e47b..05a758bb 100644 --- a/puppet/modules/site_config/manifests/remove_files.pp +++ b/puppet/modules/site_config/manifests/remove_files.pp @@ -33,4 +33,11 @@ class site_config::remove_files { rmdirs => true; } + # leax-mx logged to /var/log/leap_mx.log in the past + augeas { 'rm_old_leap_mx_log_destination': + incl => '/etc/check_mk/logwatch.state', + lens => 'Simplelines.lns', + changes => [ "rm /files/etc/check_mk/logwatch.state/*[.=~regexp('.*leap_mx.log.*')]" ], + } + } -- cgit v1.2.3 From d5dccfc5cd72188bac66d7433c94b1046b50c7fb Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 26 May 2015 11:47:26 +0200 Subject: Revert "remove old leap_mx logfile location from check_mk logwatch state file #6964" This reverts commit 984684f56f15d9d89ea78ffe6ed67dabf3d63208. Needed because: Augeas fails after upgrading augeas packages during same puppetrun, but only on first deploy - https://leap.se/code/issues/6997 --- puppet/modules/site_config/manifests/default.pp | 5 ----- puppet/modules/site_config/manifests/remove_files.pp | 7 ------- 2 files changed, 12 deletions(-) (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/default.pp b/puppet/modules/site_config/manifests/default.pp index 57e45506..e69e4b7b 100644 --- a/puppet/modules/site_config/manifests/default.pp +++ b/puppet/modules/site_config/manifests/default.pp @@ -1,4 +1,3 @@ -# This class is the basic configuration for all nodes class site_config::default { tag 'leap_base' @@ -14,10 +13,6 @@ class site_config::default { include apt::update Package { require => Exec['apt_updated'] } - class {'augeas': - version => 'latest' - } - include site_config::slow # default class, used by all hosts diff --git a/puppet/modules/site_config/manifests/remove_files.pp b/puppet/modules/site_config/manifests/remove_files.pp index 05a758bb..44e3e47b 100644 --- a/puppet/modules/site_config/manifests/remove_files.pp +++ b/puppet/modules/site_config/manifests/remove_files.pp @@ -33,11 +33,4 @@ class site_config::remove_files { rmdirs => true; } - # leax-mx logged to /var/log/leap_mx.log in the past - augeas { 'rm_old_leap_mx_log_destination': - incl => '/etc/check_mk/logwatch.state', - lens => 'Simplelines.lns', - changes => [ "rm /files/etc/check_mk/logwatch.state/*[.=~regexp('.*leap_mx.log.*')]" ], - } - } -- cgit v1.2.3 From 26f7665f556570e4bbd446d7b2046854642aff58 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 26 May 2015 12:22:29 +0200 Subject: check_mk complains about non-existing logfile (#6964) Change-Id: Ic58f9516854f812d46aa3a574628318951f99a95 --- puppet/modules/site_config/manifests/remove_files.pp | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'puppet/modules/site_config/manifests') diff --git a/puppet/modules/site_config/manifests/remove_files.pp b/puppet/modules/site_config/manifests/remove_files.pp index 44e3e47b..3f46659c 100644 --- a/puppet/modules/site_config/manifests/remove_files.pp +++ b/puppet/modules/site_config/manifests/remove_files.pp @@ -33,4 +33,14 @@ class site_config::remove_files { rmdirs => true; } + # leax-mx logged to /var/log/leap_mx.log in the past + # we need to use a dumb exec here because file_line doesn't + # allow removing lines that match a regex in the current version + # of stdlib, see https://tickets.puppetlabs.com/browse/MODULES-1903 + exec { 'rm_old_leap_mx_log_destination': + command => "/bin/sed -i '/leap_mx.log/d' /etc/check_mk/logwatch.state", + onlyif => "/bin/grep -qe 'leap_mx.log' /etc/check_mk/logwatch.state" + } + + } -- cgit v1.2.3