summaryrefslogtreecommitdiff
path: root/puppet/modules/site_config/manifests/remove/files.pp
blob: 06c267729ed66424e4748b4a0f884f2cfd85bbfd (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#
# Sometimes when we upgrade the platform, we need to ensure that files that
# the platform previously created will get removed.
#
# These file removals don't need to be kept forever: we only need to remove
# files that are present in the prior platform release.
#
# We can assume that the every node is upgraded from the previous platform
# release.
#

class site_config::remove::files {

  #
  # Platform 0.7 removals
  #

  tidy {
    '/etc/rsyslog.d/99-tapicero.conf':;
    '/etc/rsyslog.d/99-leap-mx.conf':;
    '/etc/rsyslog.d/01-webapp.conf':;
    '/etc/rsyslog.d/50-stunnel.conf':;
    '/etc/logrotate.d/mx':;
    '/etc/logrotate.d/stunnel':;
    '/var/log/stunnel4/stunnel.log':;
    'leap_mx':
      path => '/var/log/',
      recurse => true,
      matches => 'leap_mx*';
    # We rotate 5 logs, so we should only have mx.log, mx.log.[1-5], with an
    # optional .gz suffix. The following will remove any logs that are out
    # of this range
    'leap_mx_rotate':
      path => '/var/log/leap/',
      recurse => true,
      matches => [ 'mx.log.[6-9](.gz)?', 'mx.log.[0-9][0-9]'];
    '/srv/leap/webapp/public/provider.json':;
    '/srv/leap/couchdb/designs/tmp_users':
      recurse => true,
      rmdirs => true;
    '/etc/leap/soledad-server.conf':;
  }

  # leax-mx logged to /var/log/leap_mx.log in the past
  # we need to use a dumb exec here because file_line doesn't
  # allow removing lines that match a regex in the current version
  # of stdlib, see https://tickets.puppetlabs.com/browse/MODULES-1903
  exec { 'rm_old_leap_mx_log_destination':
      command => "/bin/sed -i '/leap_mx.log/d' /etc/check_mk/logwatch.state",
      onlyif  => "/bin/grep -qe 'leap_mx.log' /etc/check_mk/logwatch.state"
  }

  # Don't use check_mk logwatch to watch bigcouch logs anymore
  # see https://leap.se/code/issues/7375 for more details
  file { '/etc/check_mk/logwatch.d/bigcouch.cfg':
    ensure => absent,
    notify => [
      Exec['remove_bigcouch_logwatch_spoolfiles'],
      Exec['remove_bigcouch_logwatch_stateline']
    ]
  }
  # remove leftover bigcouch logwatch spool files
  exec { 'remove_bigcouch_logwatch_spoolfiles':
    command     => 'find /var/lib/check_mk/logwatch -name \'\\opt\\bigcouch\\var\\log\\bigcouch.log\' -exec rm {} \;',
    refreshonly => true,
  }
  exec { 'remove_bigcouch_logwatch_stateline':
    command     => "sed -i '/bigcouch.log/d' /etc/check_mk/logwatch.state",
    refreshonly => true,
  }
}