puppet/modules/site_config/manifests/remove/files.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84

#
# Sometimes when we upgrade the platform, we need to ensure that files that
# the platform previously created will get removed.
#
# These file removals don't need to be kept forever: we only need to remove
# files that are present in the prior platform release.
#
# We can assume that the every node is upgraded from the previous platform
# release.
#

class site_config::remove::files {

  #
  # Platform 0.9 removals
  #

  tidy {
    # moved to /srv/static/public/provider.json
    # for permissions reasons.
    '/srv/leap/provider.json':;

    # tests are moved to /srv/leap/tests/server-tests
    # by rsync is not able to clean up the old location,
    # so, we do it here:
    '/srv/leap/tests/order.rb':;
    '/srv/leap/tests/README.md':;
    '/srv/leap/tests/helpers':
      recurse => true,
      rmdirs => true;
    '/srv/leap/tests/puppet':
      recurse => true,
      rmdirs => true;
    '/srv/leap/tests/white-box':
      recurse => true,
      rmdirs => true;
  }

  #
  # Platform 0.8 removals
  #

  tidy {
    '/etc/default/leap_mx':;
    '/etc/logrotate.d/mx':;
    '/etc/rsyslog.d/50-mx.conf':;
    '/etc/apt/preferences.d/openvpn':;
    '/etc/apt/sources.list.d/secondary.list.disabled.list':;
  }

  #
  # Platform 0.7 removals
  #

  tidy {
    '/etc/rsyslog.d/99-tapicero.conf':;
    '/etc/rsyslog.d/01-webapp.conf':;
    '/etc/rsyslog.d/50-stunnel.conf':;
    '/etc/logrotate.d/stunnel':;
    '/var/log/stunnel4/stunnel.log':;
    'leap_mx':
      path => '/var/log/',
      recurse => true,
      matches => ['leap_mx*', 'mx.log.[1-5]', 'mx.log.[6-9](.gz)?',
                  'mx.log.[0-9][0-9](.gz)?'];
    '/srv/leap/webapp/public/provider.json':;
    '/srv/leap/couchdb/designs/tmp_users':
      recurse => true,
      rmdirs => true;
    '/etc/leap/soledad-server.conf':;
    '/var/log/leap/openvpn.log':;
    '/etc/rsyslog.d/50-openvpn.conf':;
  }

  # leax-mx logged to /var/log/leap_mx.log in the past
  # we need to use a dumb exec here because file_line doesn't
  # allow removing lines that match a regex in the current version
  # of stdlib, see https://tickets.puppetlabs.com/browse/MODULES-1903
  exec { 'rm_old_leap_mx_log_destination':
      command => "/bin/sed -i '/leap_mx.log/d' /etc/check_mk/logwatch.state",
      onlyif  => "/bin/grep -qe 'leap_mx.log' /etc/check_mk/logwatch.state"
  }

}