Updated logs playbook to clean up unencrypted tarballs

freedomofpress · Jul 7, 2019 · d51530e · d51530e
1 parent 196544b
commit d51530e
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 7 deletions.
diff --git a/admin/securedrop_admin/__init__.py b/admin/securedrop_admin/__init__.py
@@ -41,6 +41,8 @@
 sdlog = logging.getLogger(__name__)
 RELEASE_KEY = '22245C81E3BAEB4138B36061310F561200F4AD77'
 DEFAULT_KEYSERVER = 'hkps://keys.openpgp.org'
+SUPPORT_ONION_URL = 'http://support6kv2242qx.onion'
+SUPPORT_URL = 'https://support.freedom.press'
 EXIT_SUCCESS = 0
 EXIT_SUBPROCESS_ERROR = 1
 EXIT_INTERRUPT = 2
@@ -741,8 +743,8 @@ def get_logs(args):
         os.path.join(args.ansible_path, 'securedrop-logs.yml'),
     ]
     subprocess.check_call(ansible_cmd, cwd=args.ansible_path)
-    sdlog.info("Encrypt logs and send to securedrop@freedom.press or upload "
-               "to the SecureDrop support portal.")
+    sdlog.info("Please send the encrypted logs to securedrop@freedom.press or "
+               "upload them to the SecureDrop support portal: " + SUPPORT_URL)
     return 0
 
 

diff --git a/install_files/ansible-base/securedrop-logs.yml b/install_files/ansible-base/securedrop-logs.yml
@@ -65,6 +65,16 @@
         src: "{{ log_tarball_filename }}"
         dest: "{{ playbook_dir }}/{{ log_tarball_filename }}"
 
+    - name: Delete tarball from server admin home directory.
+      file:
+        path: "{{ log_tarball_filename }}"
+        state: absent
+
+    - name: Clean directory for generated logs to save disk space
+      file:
+        path: /tmp/generated-logs
+        state: absent
+
     - name: Fetch FPF GPG key.
       become: no
       local_action: >-
@@ -86,12 +96,14 @@
       environment:
         GNUPG_HOME: /home/amensia/.gnupg
 
+    - name: Delete local unencrypted log tarballs.
+      become: no
+      local_action:
+        module: file
+        path: "{{ log_tarball_filename }}"
+        state: absent
+
     - name: Display filenames of local log tarballs.
       debug:
         msg: >-
           Logs copied successfully, find them at {{ (playbook_dir +'/'+ log_tarball_filename )|realpath }}.gpg .
-
-    - name: Clean directory for generated logs to save disk space
-      file:
-        path: /tmp/generated-logs
-        state: absent