From 7061047cfc24cd3e93cafd9ed202569f9303b0ae Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Mon, 2 Sep 2019 12:57:38 +0200 Subject: [PATCH 1/2] two changes 1. Added new checks for the web instance demw.eidas.swedenconnect.se 2. added eid module to be be coppied to hosts in host-puppet-conf-test script --- global/overlay/etc/puppet/manifests/cosmos-site.pp | 8 +++++++- host-puppet-conf-test | 1 + 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 4b94abe2..0b3d5df0 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -1084,7 +1084,7 @@ class nagios_monitor { nagioscfg::command {'check_ssl_cert_3': command_line => "/usr/lib/nagios/plugins/check_ssl_cert -A -H '\$HOSTADDRESS\$' -c '\$ARG2\$' -w '\$ARG1\$' -p '\$ARG3\$'" } - $public_hosts = ['swedenconnect.se','qa.test.swedenconnect.se','qa.md.swedenconnect.se','md.swedenconnect.se','md.eidas.swedenconnect.se','qa.md.eidas.swedenconnect.se','qa.connector.eidas.swedenconnect.se','qa.proxy.eidas.swedenconnect.se','connector.eidas.swedenconnect.se'] + $public_hosts = ['demw.eidas.swedenconnect.se','swedenconnect.se','qa.test.swedenconnect.se','qa.md.swedenconnect.se','md.swedenconnect.se','md.eidas.swedenconnect.se','qa.md.eidas.swedenconnect.se','qa.connector.eidas.swedenconnect.se','qa.proxy.eidas.swedenconnect.se','connector.eidas.swedenconnect.se'] nagioscfg::host {$public_hosts: } nagioscfg::service {'check_public_ssl_cert': host_name => $public_hosts, @@ -1113,6 +1113,12 @@ class nagios_monitor { description => 'check metadata for Sweden Connect', contact_groups => ['alerts'], } + nagioscfg::service {'check_metadata_DE_middleware': + host_name => ['demw.eidas.swedenconnect.se'], + check_command => 'check_website!https://demw.eidas.swedenconnect.se/eidas-middleware/Metadata', + description => 'check metadata for DE middleware', + contact_groups => ['alerts'], + } } class redis_cluster_node { diff --git a/host-puppet-conf-test b/host-puppet-conf-test index 609eca51..0ce9b322 100755 --- a/host-puppet-conf-test +++ b/host-puppet-conf-test @@ -25,6 +25,7 @@ then rsync -av --exclude '*~' global/overlay/etc/puppet/cosmos-rules.yaml root@$HOSTNAME:/etc/puppet/cosmos-rules.yaml rsync -av --exclude '*~' global/overlay/etc/puppet/manifests/cosmos-site.pp root@$HOSTNAME:/etc/puppet/manifests/cosmos-site.pp rsync -av --exclude '*~' global/overlay/etc/puppet/cosmos-db.yaml root@$HOSTNAME:/etc/puppet/cosmos-db.yaml + rsync -av --exclude '*~' global/overlay/etc/puppet/modules/eid/* root@$HOSTNAME:/etc/puppet/modules/eid/. # Test if the user has symlinked puppet-sunet correctly # by first checking if the link exits and then whether From e7994628c0e6745a3fe3c4b324188a5cca69e4aa Mon Sep 17 00:00:00 2001 From: Maria Haider Date: Mon, 9 Sep 2019 12:46:45 +0200 Subject: [PATCH 2/2] logrotate function for Eidas log collecting servers --- .../overlay/etc/puppet/manifests/cosmos-site.pp | 15 ++++++++++++++- .../eid/templates/eidas_logs/eidas_logs.erb | 9 +++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) create mode 100644 global/overlay/etc/puppet/modules/eid/templates/eidas_logs/eidas_logs.erb diff --git a/global/overlay/etc/puppet/manifests/cosmos-site.pp b/global/overlay/etc/puppet/manifests/cosmos-site.pp index 0b3d5df0..9267bd5a 100644 --- a/global/overlay/etc/puppet/manifests/cosmos-site.pp +++ b/global/overlay/etc/puppet/manifests/cosmos-site.pp @@ -127,7 +127,20 @@ class https_server { } -class eidas_log { } +class eidas_log { + file { + '/etc/logrotate.d': + ensure => 'directory', + mode => '0755', + ; + '/etc/logrotate.d/eidas_logs': + ensure => file, + path => '/etc/logrotate.d/eidas_logs', + mode => '0644', + content => template('eid/eidas_logs/eidas_logs.erb'), + ; + } +} class swamid_metadata($filename=undef) { sunet::metadata::swamid { "$filename": } diff --git a/global/overlay/etc/puppet/modules/eid/templates/eidas_logs/eidas_logs.erb b/global/overlay/etc/puppet/modules/eid/templates/eidas_logs/eidas_logs.erb new file mode 100644 index 00000000..1154fcb8 --- /dev/null +++ b/global/overlay/etc/puppet/modules/eid/templates/eidas_logs/eidas_logs.erb @@ -0,0 +1,9 @@ +/var/log/eidas_*.log { + rotate 7 + daily + missingok + notifempty + delaycompress + compress + su root syslog +}