From 4d3a80e3b14c21039eaa58852f0eb4766b5e0e1c Mon Sep 17 00:00:00 2001 From: Christoph Date: Thu, 26 Jun 2014 15:14:46 +0200 Subject: reorder /etc/hosts now "hostname -f" results in the correct hostname. Fixes #5835 --- puppet/modules/site_config/manifests/hosts.pp | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_config/manifests/hosts.pp b/puppet/modules/site_config/manifests/hosts.pp index 6982d37b..e43ad45e 100644 --- a/puppet/modules/site_config/manifests/hosts.pp +++ b/puppet/modules/site_config/manifests/hosts.pp @@ -10,10 +10,9 @@ class site_config::hosts() { } else { $dns_aliases = $dns['aliases'] } - $my_hostnames = unique(sort(concat( - [$hostname, $domain_hash['full'], $domain_hash['internal']], - $dns_aliases - ))) + $my_hostnames = unique(concat( + $dns_aliases, [$hostname, $domain_hash['full'], $domain_hash['internal']] + )) file { '/etc/hostname': ensure => present, -- cgit v1.2.3 From 8ff905489915324427884d1e8dc850d117c7859c Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Fri, 27 Jun 2014 20:21:09 -0400 Subject: leap-mx package resource ensure parameter needs to be 'latest' to ensure packages will be upgraded Change-Id: Ic94be8b732d9d2202f87c0c2cdd2fd0d16cc9efc --- puppet/modules/leap_mx/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules') diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index b59eac01..6a010998 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -44,7 +44,7 @@ class leap_mx { # package { 'leap-mx': - ensure => installed, + ensure => latest, require => Class['site_apt::preferences::twisted'] } -- cgit v1.2.3 From be68734a93a2780578c2a54b6c90296c9fe88cbe Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Fri, 27 Jun 2014 20:36:54 -0400 Subject: add a package resource for leap-keymanager to make sure it is also the latest version, this is necessary to transition to the python-gnupg-ng package, which will not otherwise be installed Change-Id: I2ea631e15518fd40cb0ea4fe718498bdfba3c599 --- puppet/modules/leap_mx/manifests/init.pp | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'puppet/modules') diff --git a/puppet/modules/leap_mx/manifests/init.pp b/puppet/modules/leap_mx/manifests/init.pp index 6a010998..c90fc231 100644 --- a/puppet/modules/leap_mx/manifests/init.pp +++ b/puppet/modules/leap_mx/manifests/init.pp @@ -40,12 +40,16 @@ class leap_mx { } # - # LEAP-MX CODE + # LEAP-MX CODE AND DEPENDENCIES # - package { 'leap-mx': - ensure => latest, - require => Class['site_apt::preferences::twisted'] + package { + 'leap-mx': + ensure => latest, + require => Class['site_apt::preferences::twisted']; + + [ 'leap-keymanager' ]: + ensure => latest; } # -- cgit v1.2.3 From 66e36fc3e1c4b3482876f445372e4bc9a62c8f1f Mon Sep 17 00:00:00 2001 From: guido Date: Tue, 5 Aug 2014 11:19:46 -0400 Subject: Fixes: #5952 Webapp now logs to it's own file instead of syslog and user.log --- puppet/modules/site_webapp/manifests/init.pp | 1 + puppet/modules/site_webapp/manifests/logging.pp | 16 ++++++++++++++++ 2 files changed, 17 insertions(+) create mode 100644 puppet/modules/site_webapp/manifests/logging.pp (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp index d6f1d7ae..7fdd0c3f 100644 --- a/puppet/modules/site_webapp/manifests/init.pp +++ b/puppet/modules/site_webapp/manifests/init.pp @@ -16,6 +16,7 @@ class site_webapp { include site_config::ruby::dev include site_webapp::apache include site_webapp::couchdb + include site_webapp::logging include site_haproxy include site_webapp::cron include site_config::x509::cert diff --git a/puppet/modules/site_webapp/manifests/logging.pp b/puppet/modules/site_webapp/manifests/logging.pp new file mode 100644 index 00000000..441c5792 --- /dev/null +++ b/puppet/modules/site_webapp/manifests/logging.pp @@ -0,0 +1,16 @@ +class site_webapp::logging { + + rsyslog::snippet { '01-webapp': + content => 'if $programname == "webapp" then /var/log/leap/webapp.log +stop' + } + + augeas { + 'logrotate_webapp': + context => '/files/etc/logrotate.d/webapp/rule', + changes => [ 'set file /var/log/leap/webapp.log', 'set rotate 7', + 'set schedule daily', 'set compress compress', + 'set missingok missingok', 'set ifempty notifempty', + 'set copytruncate copytruncate' ] + } +} -- cgit v1.2.3 From db6e7a72941aaf593f8cb47fa0061f39ebb29b30 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 21 Aug 2014 12:16:43 +0200 Subject: Fix "Nagios ssh check is automatically added by the ssh module and cantains a wrong hostname on single node setup (Bug #5998)" before, the ssh module added this check, resulting in a wrong hostname and the port was always '22'. manage_nagios parameter is boolean, so we use false instead of 'no' manually add check_ssh to nagios (#5998) --- puppet/modules/site_nagios/manifests/add_service.pp | 8 ++++++++ puppet/modules/site_sshd/manifests/init.pp | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_nagios/manifests/add_service.pp b/puppet/modules/site_nagios/manifests/add_service.pp index 8d2a310b..1b67d14e 100644 --- a/puppet/modules/site_nagios/manifests/add_service.pp +++ b/puppet/modules/site_nagios/manifests/add_service.pp @@ -1,9 +1,17 @@ define site_nagios::add_service ( $hostname, $ip_address, $openvpn_gw = '', $service) { + $ssh = hiera_hash('ssh') + $ssh_port = $ssh['port'] + case $service { 'webapp': { nagios_service { + "${name}_ssh": + use => 'generic-service', + check_command => "check_ssh_port!$ssh_port", + service_description => 'SSH', + host_name => $hostname; "${name}_cert": use => 'generic-service', check_command => 'check_https_cert', diff --git a/puppet/modules/site_sshd/manifests/init.pp b/puppet/modules/site_sshd/manifests/init.pp index 400c21ea..9a05b6ed 100644 --- a/puppet/modules/site_sshd/manifests/init.pp +++ b/puppet/modules/site_sshd/manifests/init.pp @@ -52,7 +52,7 @@ class site_sshd { ## SSHD SERVER CONFIGURATION ## class { '::sshd': - manage_nagios => 'no', + manage_nagios => false, ports => $ssh['port'], use_pam => 'yes', hardened_ssl => 'yes', -- cgit v1.2.3 From 271c37a151d8e786b29ef7f5c13217693ec65401 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 21 Aug 2014 12:15:31 -0400 Subject: Fix starting tapicero when it is not running (#6004) Due to how tapicero's initscript is made, it is not possible to check for a valid exit code for the status (it returns a zero when it is not running). So we disable the puppet 'hasstatus' parameter and instead puppet will look in the process table for 'tapicero' Change-Id: I9b017ea8055c0207e43876dd4e3bbc2619c0fd35 --- puppet/modules/tapicero/manifests/init.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules') diff --git a/puppet/modules/tapicero/manifests/init.pp b/puppet/modules/tapicero/manifests/init.pp index af1a96ac..35f6b06b 100644 --- a/puppet/modules/tapicero/manifests/init.pp +++ b/puppet/modules/tapicero/manifests/init.pp @@ -122,7 +122,7 @@ class tapicero { service { 'tapicero': ensure => running, enable => true, - hasstatus => true, + hasstatus => false, hasrestart => true, require => [ File['/etc/init.d/tapicero'], File['/var/run/tapicero'] ]; } -- cgit v1.2.3 From 51906e599a400255d528aa2182a1e7e86bb4b230 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 22 Aug 2014 21:58:41 +0200 Subject: FQDN should come first in /etc/hosts fixes /etc/hosts: wrong order (Bug #5835) (now for real) before, /etc/hosts contained i.e. 127.0.1.1 plain1 plain1.bitmask.net plain1.bitmask.i which resulted in no fqdn reported both by "hostname -f" and "facter fqdn" this fix produces this order which is needed to report a fqdn: 127.0.1.1 plain1.bitmask.net plain1 plain1.bitmask.i --- puppet/modules/site_config/manifests/hosts.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_config/manifests/hosts.pp b/puppet/modules/site_config/manifests/hosts.pp index e43ad45e..878b6af0 100644 --- a/puppet/modules/site_config/manifests/hosts.pp +++ b/puppet/modules/site_config/manifests/hosts.pp @@ -11,7 +11,7 @@ class site_config::hosts() { $dns_aliases = $dns['aliases'] } $my_hostnames = unique(concat( - $dns_aliases, [$hostname, $domain_hash['full'], $domain_hash['internal']] + [$domain_hash['full'], $hostname, $domain_hash['internal']], $dns_aliases )) file { '/etc/hostname': -- cgit v1.2.3 From d873d4d8f9d80482602e1196e9cffab9d0545fa7 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 26 Aug 2014 10:42:44 +0200 Subject: Fix Tapicero not starting after first deploy (#6004) Added a dependency on the couchdb "tapicero" user to get created before starting the tapicero daemon. --- puppet/modules/tapicero/manifests/init.pp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'puppet/modules') diff --git a/puppet/modules/tapicero/manifests/init.pp b/puppet/modules/tapicero/manifests/init.pp index 35f6b06b..f2e723f5 100644 --- a/puppet/modules/tapicero/manifests/init.pp +++ b/puppet/modules/tapicero/manifests/init.pp @@ -124,7 +124,9 @@ class tapicero { enable => true, hasstatus => false, hasrestart => true, - require => [ File['/etc/init.d/tapicero'], File['/var/run/tapicero'] ]; + require => [ File['/etc/init.d/tapicero'], + File['/var/run/tapicero'], + Couchdb::Add_user[$::site_couchdb::couchdb_tapicero_user] ]; } } -- cgit v1.2.3 From f78171d2747e2afff820040890825c675a47ecc9 Mon Sep 17 00:00:00 2001 From: guido Date: Thu, 28 Aug 2014 11:44:01 -0400 Subject: syslog logs everything but webapp FIX #6020 --- puppet/modules/site_webapp/manifests/logging.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules') diff --git a/puppet/modules/site_webapp/manifests/logging.pp b/puppet/modules/site_webapp/manifests/logging.pp index 441c5792..b414b82c 100644 --- a/puppet/modules/site_webapp/manifests/logging.pp +++ b/puppet/modules/site_webapp/manifests/logging.pp @@ -2,7 +2,7 @@ class site_webapp::logging { rsyslog::snippet { '01-webapp': content => 'if $programname == "webapp" then /var/log/leap/webapp.log -stop' +&~' } augeas { -- cgit v1.2.3