confdroid/puppet_cd
3
0
Fork 0
Code Wiki Activity

Recommit for updates in build 102

Browse Source
This commit is contained in:
Jenkins Server
2025-11-01 16:40:59 +01:00
parent 9c218c2519
commit 12d9d2c1e0
8 changed files with 301 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
doc/_index.html
View File

@@ -98,11 +98,6 @@
</li>
<li>
<span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Amain_3A_3Auser.html" title="puppet_classes::puppet_cd::main::user (puppet_class)">puppet_cd::main::user</a></span>
</li>
<li>
<span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Aparams.html" title="puppet_classes::puppet_cd::params (puppet_class)">puppet_cd::params</a></span>

37
doc/file.README.html
View File

@@ -75,18 +75,41 @@
<p><strong><em>Attention: Never use this puppet module on systems which have been previously configured manually. It is impossible to predict how and what would have been configured, hence previous configurations outside the scope of this module may be overwritten! Automated configurations require a test environment to verify that the module suits the purpose intended by the user, as well as tune the parameters, before deploying into live production</em></strong></p>
<h2 id="label-Features">Features</h2>
<h3 id="label-Puppet+server+and+agent">Puppet server and agent</h3>
<ul><li>
<p>if the host FQDN matches your specified Puppet master via <code>$pt_pm_fqdn</code>, it installs and configures a puppetmaster. On your puppetmaster, If you set <code>$pt_use_r10k</code>to <code>true</code>, it also installs r10k to connect to a control repo and manage the code available to clients via Puppetfile. If you set <code>$pt_use_r10k_webhook</code>to <code>true</code>, it also installs a simple webhook listener to watch for post_hooks from gitlab, and triggers the r10k deployment.</p>
<p>if the host FQDN matches your specified Puppet master via <code>$pt_pm_fqdn</code>, it installs and configures a puppetmaster ready for serving with Foreman as ENC ( Foreman not yet included).</p>
</li><li>
<p>open firewall ports depending on fqdn choices</p>
</li><li>
<p>start services as required</p>
</li><li>
<p>manage directories</p>
<p>Any other system becomes a puppet agent.</p>
</li></ul>
<h3 id="label-R10k+service+-28optional-29">R10k service (optional)</h3>
<ul><li>
<p>install r10k service on your puppetmaster. If you set <code>$pt_use_r10k</code>to <code>true</code>, it also installs r10k to connect to a control repo and manage the code available to clients via Puppetfile.</p>
</li></ul>
<h3 id="label-R10k+Web+hook">R10k Web hook</h3>
<ul><li>
<p>installs a webhook listener If you set <code>$pt_use_r10k_webhook</code>to <code>true</code>, it also installs a simple webhook listener to watch for post_hooks from gitlab, and triggers the r10k deployment.</p>
</li></ul>
<h3 id="label-Puppetdb">Puppetdb</h3>
<ul><li>
<p>to do</p>
</li><li>
<p>install node.rb from the foreman for puppetdb</p>
</li></ul>
<h3 id="label-Firewall">Firewall</h3>
<ul><li>
<p>open firewall ports depending on choices above</p>
</li></ul>
<h3 id="label-Directories-2C+Files+and+Services-2C">Directories, Files and Services,</h3>
<ul><li>
<p>manage directories and required files including permissions and selinux context (todo)</p>
</li><li>
<p>manage puppet user settings (optional)</p>
<p>start services as required</p>
</li></ul>
<h2 id="label-Support">Support</h2>

37
doc/index.html
View File

@@ -75,18 +75,41 @@
<p><strong><em>Attention: Never use this puppet module on systems which have been previously configured manually. It is impossible to predict how and what would have been configured, hence previous configurations outside the scope of this module may be overwritten! Automated configurations require a test environment to verify that the module suits the purpose intended by the user, as well as tune the parameters, before deploying into live production</em></strong></p>
<h2 id="label-Features">Features</h2>
<h3 id="label-Puppet+server+and+agent">Puppet server and agent</h3>
<ul><li>
<p>if the host FQDN matches your specified Puppet master via <code>$pt_pm_fqdn</code>, it installs and configures a puppetmaster. On your puppetmaster, If you set <code>$pt_use_r10k</code>to <code>true</code>, it also installs r10k to connect to a control repo and manage the code available to clients via Puppetfile. If you set <code>$pt_use_r10k_webhook</code>to <code>true</code>, it also installs a simple webhook listener to watch for post_hooks from gitlab, and triggers the r10k deployment.</p>
<p>if the host FQDN matches your specified Puppet master via <code>$pt_pm_fqdn</code>, it installs and configures a puppetmaster ready for serving with Foreman as ENC ( Foreman not yet included).</p>
</li><li>
<p>open firewall ports depending on fqdn choices</p>
</li><li>
<p>start services as required</p>
</li><li>
<p>manage directories</p>
<p>Any other system becomes a puppet agent.</p>
</li></ul>
<h3 id="label-R10k+service+-28optional-29">R10k service (optional)</h3>
<ul><li>
<p>install r10k service on your puppetmaster. If you set <code>$pt_use_r10k</code>to <code>true</code>, it also installs r10k to connect to a control repo and manage the code available to clients via Puppetfile.</p>
</li></ul>
<h3 id="label-R10k+Web+hook">R10k Web hook</h3>
<ul><li>
<p>installs a webhook listener If you set <code>$pt_use_r10k_webhook</code>to <code>true</code>, it also installs a simple webhook listener to watch for post_hooks from gitlab, and triggers the r10k deployment.</p>
</li></ul>
<h3 id="label-Puppetdb">Puppetdb</h3>
<ul><li>
<p>to do</p>
</li><li>
<p>install node.rb from the foreman for puppetdb</p>
</li></ul>
<h3 id="label-Firewall">Firewall</h3>
<ul><li>
<p>open firewall ports depending on choices above</p>
</li></ul>
<h3 id="label-Directories-2C+Files+and+Services-2C">Directories, Files and Services,</h3>
<ul><li>
<p>manage directories and required files including permissions and selinux context (todo)</p>
</li><li>
<p>manage puppet user settings (optional)</p>
<p>start services as required</p>
</li></ul>
<h2 id="label-Support">Support</h2>

13
doc/puppet_class_list.html
View File

@@ -78,28 +78,21 @@
</li>
<li id="object_puppet_classes::puppet_cd::main::user" class="odd">
<div class="item">
<span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Amain_3A_3Auser.html" title="puppet_classes::puppet_cd::main::user (puppet_class)">puppet_cd::main::user</a></span>
</div>
</li>
<li id="object_puppet_classes::puppet_cd::params" class="even">
<li id="object_puppet_classes::puppet_cd::params" class="odd">
<div class="item">
<span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Aparams.html" title="puppet_classes::puppet_cd::params (puppet_class)">puppet_cd::params</a></span>
</div>
</li>
<li id="object_puppet_classes::puppet_cd::r10k::install" class="odd">
<li id="object_puppet_classes::puppet_cd::r10k::install" class="even">
<div class="item">
<span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Ar10k_3A_3Ainstall.html" title="puppet_classes::puppet_cd::r10k::install (puppet_class)">puppet_cd::r10k::install</a></span>
</div>
</li>
<li id="object_puppet_classes::puppet_cd::server::service" class="even">
<li id="object_puppet_classes::puppet_cd::server::service" class="odd">
<div class="item">
<span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html" title="puppet_classes::puppet_cd::server::service (puppet_class)">puppet_cd::server::service</a></span>
</div>

16
doc/puppet_classes/puppet_cd_3A_3Afirewall_3A_3Aiptables.html
View File

@@ -124,7 +124,14 @@
26
27
28
29</pre>
29
30
31
32
33
34
35
36</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/firewall/iptables.pp', line 6</span>
@@ -152,6 +159,13 @@ class puppet_cd::firewall::iptables (
}
}
}
if ($pt_puppetdb_fqdn == $fqdn) and ($pt_use_puppetdb == true) {
firewall { &quot;3${pt_https_port} open port ${pt_https_port}&quot;:
proto =&gt; &#39;tcp&#39;,
dport =&gt; $pt_https_port,
jump =&gt; &#39;accept&#39;,
}
}
}</pre>
</td>
</tr>

2
doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Afiles.html
View File

@@ -214,7 +214,7 @@ class puppet_cd::main::files (
group =&gt; &#39;root&#39;,
mode =&gt; &#39;0550&#39;,
selrole =&gt; object_r,
seltype =&gt; foreman_enc_t,
seltype =&gt; puppet_etc_t,
seluser =&gt; system_u,
content =&gt; template($pt_node_rb_erb),
}

309
doc/puppet_classes/puppet_cd_3A_3Aparams.html
View File

@@ -69,8 +69,6 @@
<span class='object_link'><a href="puppet_cd_3A_3Amain_3A_3Adirs.html" title="puppet_classes::puppet_cd::main::dirs (puppet_class)">puppet_cd::main::dirs</a></span><br/>
<span class='object_link'><a href="puppet_cd_3A_3Amain_3A_3Auser.html" title="puppet_classes::puppet_cd::main::user (puppet_class)">puppet_cd::main::user</a></span><br/>
<span class='object_link'><a href="puppet_cd_3A_3Amain_3A_3Afiles.html" title="puppet_classes::puppet_cd::main::files (puppet_class)">puppet_cd::main::files</a></span><br/>
<span class='object_link'><a href="puppet_cd_3A_3Amain_3A_3Aconfig.html" title="puppet_classes::puppet_cd::main::config (puppet_class)">puppet_cd::main::config</a></span><br/>
@@ -240,13 +238,13 @@
<li>
<span class='name'>pt_server_pkg</span>
<span class='name'>pt_puppetdb_pkg</span>
<span class='type'>(<tt>String</tt>)</span>
<span class='type'>(<tt>Array</tt>)</span>
<em class="default">(defaults to: <tt>&#39;puppetserver&#39;</tt>)</em>
<em class="default">(defaults to: <tt>[&#39;puppetdb-termini&#39;, &#39;puppetdb&#39;]</tt>)</em>
&mdash;
@@ -274,78 +272,6 @@
</li>
<li>
<span class='name'>pt_user</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;puppet&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the puppet user</p>
</div>
</li>
<li>
<span class='name'>pt_user_comment</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;puppetserver daemon&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the user comment</p>
</div>
</li>
<li>
<span class='name'>pt_user_home</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;/opt/puppetlabs/server/data/puppetserver&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the user home</p>
</div>
</li>
<li>
<span class='name'>pt_user_shell</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;/sbin/nologin&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the user shell</p>
</div>
</li>
<li>
<span class='name'>pt_environment</span>
@@ -940,24 +866,6 @@
</li>
<li>
<span class='name'>pt_manage_user</span>
<span class='type'>(<tt>Boolean</tt>)</span>
<em class="default">(defaults to: <tt>false</tt>)</em>
&mdash;
<div class='inline'>
<p>whether to manage the puppet user</p>
</div>
</li>
<li>
<span class='name'>pt_r10k_webhook_port</span>
@@ -1014,15 +922,182 @@
<li>
<span class='name'>pt_puppetdb_pkg</span>
<span class='name'>pt_db_subname</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;puppetdb-termini&#39;</tt>)</em>
<em class="default">(defaults to: <tt>&#39;//localhost:5432/puppetdb&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the url for the database connection</p>
</div>
</li>
<li>
<span class='name'>pt_db_username</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;foobar&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the username for the database connection</p>
</div>
</li>
<li>
<span class='name'>pt_db_password</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;foobar&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>the password for the database connection</p>
</div>
</li>
<li>
<span class='name'>pt_gc_interval</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;60&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>How often (in minutes) to compact the database</p>
</div>
</li>
<li>
<span class='name'>pt_http_port</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;8080&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Port to listen on for clear-text HTTP.</p>
</div>
</li>
<li>
<span class='name'>pt_https_port</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;8081&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>Port to listen on for HTTPs connections.</p>
</div>
</li>
<li>
<span class='name'>pt_ssl_host</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;0.0.0.0&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>IP address to listen on for HTTPS connections</p>
</div>
</li>
<li>
<span class='name'>pt_repl_on</span>
<span class='type'>(<tt>Boolean</tt>)</span>
<em class="default">(defaults to: <tt>false</tt>)</em>
&mdash;
<div class='inline'>
<p>toggle the remote repl true false</p>
</div>
</li>
<li>
<span class='name'>pt_repl_port</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;8082&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>What port the REPL should listen on</p>
</div>
</li>
<li>
<span class='name'>pt_repl_host</span>
<span class='type'>(<tt>String</tt>)</span>
<em class="default">(defaults to: <tt>&#39;127.0.0.1&#39;</tt>)</em>
&mdash;
<div class='inline'>
<p>IP address to listen on</p>
</div>
</li>
</ul>
@@ -1036,11 +1111,6 @@
<pre class="lines">
59
60
61
62
63
64
65
66
@@ -1152,10 +1222,19 @@
172
173
174
175</pre>
175
176
177
178
179
180
181
182
183
184</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 59</span>
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 64</span>
class puppet_cd::params (
@@ -1168,18 +1247,10 @@ class puppet_cd::params (
String $pt_pkg_ensure = &#39;present&#39;,
String $pt_agent_pkg = &#39;puppet-agent&#39;,
String $pt_server_pkg = &#39;puppetserver&#39;,
String $pt_puppetdb_pkg = &#39;puppetdb-termini&#39;,
Array $pt_puppetdb_pkg = [&#39;puppetdb-termini&#39;, &#39;puppetdb&#39;],
Array $pt_r10k_pkg = [&#39;ruby&#39;,&#39;ruby-devel&#39;,&#39;rubygems&#39;,&#39;gcc&#39;,&#39;make&#39;],
Array $pt_r10k_webhook_pkg = [&#39;webrick&#39;, &#39;r10k_gitlab_webhook&#39;],
# user settings
## puppet user
Boolean $pt_manage_user = false,
String $pt_user = &#39;puppet&#39;,
String $pt_user_comment = &#39;puppetserver daemon&#39;,
String $pt_user_home = &#39;/opt/puppetlabs/server/data/puppetserver&#39;,
String $pt_user_shell = &#39;/sbin/nologin&#39;,
# templates
## puppet
String $pt_environment = &#39;production&#39;,
@@ -1213,6 +1284,18 @@ class puppet_cd::params (
# puppetdb
String $pt_ssl_port = &#39;8081&#39;,
Boolean $pt_soft_write_failure = false,
String $pt_db_subname = &#39;//localhost:5432/puppetdb&#39;,
String $pt_db_username = &#39;foobar&#39;,
String $pt_db_password = &#39;foobar&#39;,
String $pt_gc_interval = &#39;60&#39;,
## jetty
String $pt_http_port = &#39;8080&#39;,
String $pt_https_port = &#39;8081&#39;,
String $pt_ssl_host = &#39;0.0.0.0&#39;,
## repl
Boolean $pt_repl_on = false,
String $pt_repl_port = &#39;8082&#39;,
String $pt_repl_host = &#39;127.0.0.1&#39;,
# r10k
Boolean $pt_use_r10k = false,

28
doc/puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html
View File

@@ -137,7 +137,17 @@
39
40
41
42</pre>
42
43
44
45
46
47
48
49
50
51
52</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'manifests/server/service.pp', line 6</span>
@@ -158,7 +168,6 @@ class puppet_cd::server::service (
# manage puppet server service
if $fqdn == $pt_pm_fqdn {
require puppet_cd::firewall::iptables
require puppet_cd::main::user
service { $pt_server_service:
ensure =&gt; running,
@@ -166,11 +175,10 @@ class puppet_cd::server::service (
hasrestart =&gt; true,
enable =&gt; true,
}
}
# manage webhook service
if $pt_use_r10k_webhook == true {
require puppet_cd::r10k::install
service { $pt_r10k_webhook_service:
ensure =&gt; running,
hasstatus =&gt; true,
@@ -178,6 +186,18 @@ class puppet_cd::server::service (
enable =&gt; true,
}
}
}
if ($pt_use_puppetdb == true) and ($pt_puppetdb_fqdn == $fqdn) {
require puppet_cd::firewall::iptables
service { $pt_db_service:
ensure =&gt; running,
hasstatus =&gt; true,
hasrestart =&gt; true,
enable =&gt; true,
}
}
}</pre>
</td>
</tr>