confdroid/puppet_cd
3
0
Fork 0
Code Wiki Activity

remove all references for puppetdb - https://gitlab.confdroid.com/internal/confdroid_management/-/issues/284

Browse Source
This commit is contained in:
Arne Teuke
2025-10-27 15:47:43 +01:00
parent 06d3f02e9f
commit 137c0827cc
18 changed files with 5 additions and 543 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@@ -6,7 +6,8 @@
## Synopsis ## Synopsis
This Puppet module configures settings for Puppet master and agents, PuppetDB and R10k, the full bundle. This Puppet module configures settings for Puppet master , agents and R10k, the full bundle. Puppetdb has been outsourced to a [module](https://gitlab.confdroid.com/puppet/puppetdb_cd) on its own, due to complexity
The syntax is specifically for Puppet Core 8 and Rocky 9, although might work elsewhere as well. The syntax is specifically for Puppet Core 8 and Rocky 9, although might work elsewhere as well.
This module is also designed to work with External Node Classifiers (ENC), for instance Foreman. This module is also designed to work with External Node Classifiers (ENC), for instance Foreman.
@@ -20,8 +21,6 @@ This module is also designed to work with External Node Classifiers (ENC), for i
On your puppetmaster, If you set `$pt_use_r10k`to `true`, it also installs r10k to connect to a control repo and manage the code available to clients via Puppetfile. On your puppetmaster, If you set `$pt_use_r10k`to `true`, it also installs r10k to connect to a control repo and manage the code available to clients via Puppetfile.
If you set `$pt_use_r10k_webhook`to `true`, it also installs a simple webhook listener to watch for post_hooks from gitlab, and triggers the r10k deployment. If you set `$pt_use_r10k_webhook`to `true`, it also installs a simple webhook listener to watch for post_hooks from gitlab, and triggers the r10k deployment.
* if the host FQDN matches your specified puppetdb host via `$pt_db_fqdn`, Puppetdb is installed and added to the puppetmaster config. Settings for the (external) postgreSQL database are also configured.
* open firewall ports depending on fqdn choices * open firewall ports depending on fqdn choices
* start services as required * start services as required
* manage directories * manage directories

4
manifests/main/config.pp
View File

@@ -8,10 +8,6 @@ class puppet_cd::main::config (
) inherits puppet_cd::params { ) inherits puppet_cd::params {
include puppet_cd::server::service include puppet_cd::server::service
if $pt_use_puppetdb == true {
include puppet_cd::puppetdb::service
}
if $pt_use_r10k == true { if $pt_use_r10k == true {
include puppet_cd::r10k::install include puppet_cd::r10k::install
} }

23
manifests/main/files.pp
View File

@@ -31,27 +31,4 @@ class puppet_cd::main::files (
notify => Service[$pt_agent_service,$pt_server_service], notify => Service[$pt_agent_service,$pt_server_service],
} }
} }
if $pt_use_puppetdb == true {
file { $pt_puppetdb_conf_file:
ensure => file,
path => $pt_puppetdb_conf_file,
owner => 'root',
group => 'root',
mode => '0644',
content => template($pt_puppetdb_conf_erb),
# notify => Service[$pt_agent_service,$pt_server_service],
}
# fix service file syslog vs journald
file { $pt_puppetdb_service_file:
ensure => file,
path => $pt_puppetdb_service_file,
owner => 'root',
group => 'root',
mode => '0644',
content => template($pt_puppetdb_service_erb),
notify => Service[$pt_db_service],
}
}
} }

5
manifests/main/install.pp
View File

@@ -15,10 +15,5 @@ class puppet_cd::main::install (
ensure => $pt_pkg_ensure, ensure => $pt_pkg_ensure,
} }
} }
if $fqdn == $pt_db_fqdn {
package { $pt_db_pkg:
ensure => $pt_pkg_ensure,
}
} }
} }

19
manifests/main/user.pp
View File

@@ -24,23 +24,4 @@ class puppet_cd::main::user (
allowdupe => false, allowdupe => false,
} }
} }
if ($fqdn == $pt_db_fqdn) and ($pt_manage_db_user == true) {
user { $pt_db_user:
ensure => present,
name => $pt_db_user,
allowdupe => false,
comment => $pt_db_user_comment,
gid => $pt_db_user,
managehome => true,
home => $pt_db_user_home,
shell => $pt_db_user_shell,
}
group { $pt_db_user:
ensure => present,
name => $pt_db_user,
allowdupe => false,
}
}
} }

64
manifests/params.pp
View File

@@ -90,7 +90,6 @@ class puppet_cd::params (
Boolean $pt_manage_fw = true, Boolean $pt_manage_fw = true,
String $pt_pm_fqdn = 'puppetmaster.example.net', String $pt_pm_fqdn = 'puppetmaster.example.net',
String $pt_db_fqdn = 'puppetdb.example.net',
# installation # installation
String $pt_pkg_ensure = 'latest', String $pt_pkg_ensure = 'latest',
@@ -107,12 +106,7 @@ class puppet_cd::params (
String $pt_user_comment = 'puppetserver daemon', String $pt_user_comment = 'puppetserver daemon',
String $pt_user_home = '/opt/puppetlabs/server/data/puppetserver', String $pt_user_home = '/opt/puppetlabs/server/data/puppetserver',
String $pt_user_shell = '/sbin/nologin', String $pt_user_shell = '/sbin/nologin',
## puppetdb user
Boolean $pt_manage_db_user = false,
String $pt_db_user = 'puppetdb',
String $pt_db_user_comment = 'PuppetDB daemon',
String $pt_db_user_home = '/opt/puppetlabs/server/data/puppetdb',
String $pt_db_user_shell = '/sbin/nologin',
# templates # templates
## puppet ## puppet
String $pt_environment = 'production', String $pt_environment = 'production',
@@ -142,33 +136,6 @@ class puppet_cd::params (
String $pt_storeconfigs_backend = 'puppetdb', String $pt_storeconfigs_backend = 'puppetdb',
String $pt_parser = 'current', String $pt_parser = 'current',
Boolean $pt_cert_revocation = true, Boolean $pt_cert_revocation = true,
## puppetdb
Boolean $pt_use_puppetdb = false,
String $pt_logging_max_file_size = '200MB',
String $pt_logging_max_history = '90',
String $pt_logging_total_size = '1GB',
String $pt_com_proc_threads = '4',
String $pt_concurrent_writes = '4',
String $pt_db_subname = '//localhost:5432/puppetdb',
String $pt_db_username = 'foobar',
String $pt_db_password = 'foobar',
String $pt_gc_interval = '60',
String $pt_log_slow_statements = '10',
String $pt_no_ssl_port = '8080',
String $pt_ssl_port = '8081',
Boolean $pt_use_ssl_only = true,
String $pt_puppetdb_source_lan = '0.0.0.0/0',
Boolean $pt_soft_write_failure = false,
String $pt_no_ssl_host = '0.0.0.0',
String $pt_ssl_host = '0.0.0.0',
String $pt_ssl_key = '/etc/puppetlabs/puppetdb/ssl/private.pem',
String $pt_ssl_cert = '/etc/puppetlabs/puppetdb/ssl/public.pem',
String $pt_ssl_ca_cert = '/etc/puppetlabs/puppetdb/ssl/ca.pem',
Boolean $pt_log_access = false,
String $pt_access_log_config = '/etc/puppetlabs/puppetdb/request-logging.xml',
Boolean $pt_enable_repl = false,
String $pt_repl_port = '8082',
String $pt_repl_host = '127.0.0.1',
# r10k # r10k
Boolean $pt_use_r10k = false, Boolean $pt_use_r10k = false,
@@ -197,12 +164,7 @@ class puppet_cd::params (
$pt_rundir_master = '/var/run/puppetlabs/puppetserver' $pt_rundir_master = '/var/run/puppetlabs/puppetserver'
$pt_vardir = '/opt/puppetlabs/puppet/cache' $pt_vardir = '/opt/puppetlabs/puppet/cache'
$pt_vardir_master = '/opt/puppetlabs/server/data/puppetserver' $pt_vardir_master = '/opt/puppetlabs/server/data/puppetserver'
## puppetdb
$pt_puppetdb_main = '/etc/puppetlabs/puppetdb'
$pt_puppetdb_conf_d = "${pt_puppetdb_main}/conf.d"
$pt_puppetdb_ssl = "${pt_puppetdb_main}/ssl"
$pt_puppetdb_log = '/var/log/puppetlabs/puppetdb'
$pt_puppetdb_var_dir = '/opt/puppetlabs/server/data/puppetdb'
## r10k ## r10k
$pt_r10k_dir = "${pt_main_dir}/r10k" $pt_r10k_dir = "${pt_main_dir}/r10k"
$pt_r10k_webhook_dir = '/etc/r10k-webhook' $pt_r10k_webhook_dir = '/etc/r10k-webhook'
@@ -213,26 +175,7 @@ class puppet_cd::params (
$pt_puppet_conf_erb = 'puppet_cd/puppet.conf.erb' $pt_puppet_conf_erb = 'puppet_cd/puppet.conf.erb'
$pt_agent_conf_erb = 'puppet_cd/agent.conf.erb' $pt_agent_conf_erb = 'puppet_cd/agent.conf.erb'
$pt_hiera_config = "${pt_puppetdir}/hiera.yaml" $pt_hiera_config = "${pt_puppetdir}/hiera.yaml"
## puppetdb
$pt_bootstrap_conf = "${pt_puppetdb_main}/bootstrap.cfg"
$pt_bootstrap_erb = 'puppet_cd/puppetdb/bootstrap.cfg.erb'
$pt_puppetdb_access_log = "${pt_puppetdb_log}/puppetdb-access"
$pt_request_logging_conf = "${pt_puppetdb_main}/request-logging.xml"
$pt_request_logging_erb = 'puppet_cd/puppetdb/request_logging.xml.erb'
$pt_logback_conf = "${pt_puppetdb_main}/logback.xml"
$pt_logback_erb = 'puppet_cd/puppetdb/logback.xml.erb'
$pt_puppetdb_config_ini = "${pt_puppetdb_conf_d}/config.ini"
$pt_puppetdb_config_erb = 'puppet_cd/puppetdb/config.ini.erb'
$pt_puppetdb_database_ini = "${pt_puppetdb_conf_d}/database.ini"
$pt_puppetdb_database_erb = 'puppet_cd/puppetdb/database.ini.erb'
$pt_puppetdb_jetty_ini = "${pt_puppetdb_conf_d}/jetty.ini"
$pt_puppetdb_jetty_erb = 'puppet_cd/puppetdb/jetty.ini.erb'
$pt_puppetdb_conf_file = "${pt_puppetdir}/puppetdb.conf"
$pt_puppetdb_conf_erb = 'puppet_cd/puppetdb/puppetdb.conf.erb'
$pt_puppetdb_repl_ini = "${pt_puppetdb_conf_d}/repl.ini"
$pt_puppetdb_repl_erb = 'puppet_cd/puppetdb/repl.ini.erb'
$pt_puppetdb_service_file = '/usr/lib/systemd/system/puppetdb.service'
$pt_puppetdb_service_erb = 'puppet_cd/puppetdb/puppetdb_service.erb'
## r10k ## r10k
$pt_r10k_file = "${pt_r10k_dir}/r10k.yaml" $pt_r10k_file = "${pt_r10k_dir}/r10k.yaml"
$pt_r10k_erb = 'puppet_cd/r10k/r10k.yaml.erb' $pt_r10k_erb = 'puppet_cd/r10k/r10k.yaml.erb'
@@ -243,7 +186,6 @@ class puppet_cd::params (
# service # service
$pt_server_service = 'puppetserver' $pt_server_service = 'puppetserver'
$pt_agent_service = 'puppet' $pt_agent_service = 'puppet'
$pt_db_service = 'puppetdb'
$pt_r10k_webhook_service = 'r10k_gitlab_webhook' $pt_r10k_webhook_service = 'r10k_gitlab_webhook'
# #

64
manifests/puppetdb/dirs.pp
View File

@@ -1,64 +0,0 @@
## puppet_cd::puppetdb::dirs.pp
# Module name: puppet_cd
# Author: Arne Teuke (arne_teuke@confdroid)
# @summary Class manages puppetdb directories
###############################################################################
class puppet_cd::puppetdb::dirs (
) inherits puppet_cd::params {
if ($fqdn == $pt_db_fqdn) and ($pt_use_puppetdb == true) {
require puppet_cd::main::install
# main directory
file { $pt_puppetdb_main:
ensure => directory,
path => $pt_puppetdb_main,
owner => $pt_db_user,
group => $pt_db_user,
mode => '0750',
selrange => s0,
selrole => object_r,
seltype => etc_t,
seluser => system_u,
}
# conf.d directory
file { $pt_puppetdb_conf_d:
ensure => directory,
path => $pt_puppetdb_conf_d,
owner => $pt_db_user,
group => $pt_db_user,
mode => '0750',
selrange => s0,
selrole => object_r,
seltype => etc_t,
seluser => system_u,
}
# ssl directory
file { $pt_puppetdb_ssl:
ensure => directory,
path => $pt_puppetdb_ssl,
owner => $pt_db_user,
group => $pt_db_user,
mode => '0750',
selrange => s0,
selrole => object_r,
seltype => etc_t,
seluser => system_u,
}
# log dir
file { $pt_puppetdb_log:
ensure => directory,
path => $pt_puppetdb_log,
owner => $pt_db_user,
group => $pt_db_user,
mode => '0700',
selrange => s0,
selrole => object_r,
seltype => var_log_t,
seluser => system_u,
}
}
}

117
manifests/puppetdb/files.pp
View File

@@ -1,117 +0,0 @@
## puppet_cd::puppetdb::files.pp
# Module name: puppet_cd
# Author: Arne Teuke (arne_teuke@confdroid)
# @summary Class manages puppetdb files
###############################################################################
class puppet_cd::puppetdb::files (
) inherits puppet_cd::params {
if ($fqdn == $pt_db_fqdn) and ($pt_use_puppetdb == true) {
require puppet_cd::puppetdb::dirs
# bootstrap.cfg
file { $pt_bootstrap_conf:
ensure => file,
path => $pt_bootstrap_conf,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => puppet_etc_t,
seluser => system_u,
content => template($pt_bootstrap_erb),
notify => Service[$pt_db_service],
}
# requestlogging.xml
file { $pt_request_logging_conf:
ensure => file,
path => $pt_request_logging_conf,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => puppet_etc_t,
seluser => system_u,
content => template($pt_request_logging_erb),
notify => Service[$pt_db_service],
}
# logback.xml
file { $pt_logback_conf:
ensure => file,
path => $pt_logback_conf,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => puppet_etc_t,
seluser => system_u,
content => template($pt_logback_erb),
notify => Service[$pt_db_service],
}
# config.ini
file { $pt_puppetdb_config_ini:
ensure => file,
path => $pt_puppetdb_config_ini,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => puppet_etc_t,
seluser => system_u,
content => template($pt_puppetdb_config_erb),
notify => Service[$pt_db_service],
}
# database.ini
file { $pt_puppetdb_database_ini:
ensure => file,
path => $pt_puppetdb_database_ini,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => puppet_etc_t,
seluser => system_u,
content => template($pt_puppetdb_database_erb),
notify => Service[$pt_db_service],
}
# jetty.ini
file { $pt_puppetdb_jetty_ini :
ensure => file,
path => $pt_puppetdb_jetty_ini ,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => puppet_etc_t,
seluser => system_u,
content => template($pt_puppetdb_jetty_erb),
notify => Service[$pt_db_service],
}
# repl.ini
file { $pt_puppetdb_repl_ini:
ensure => file,
path => $pt_puppetdb_repl_ini,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => puppet_etc_t,
seluser => system_u,
content => template($pt_puppetdb_repl_erb),
notify => Service[$pt_db_service],
}
}
}

19
manifests/puppetdb/service.pp
View File

@@ -1,19 +0,0 @@
## puppet_cd::puppetdb::service.pp
# Module name: puppet_cd
# Author: Arne Teuke (arne_teuke@confdroid)
# @summary Class manages puppetdb service
###############################################################################
class puppet_cd::puppetdb::service (
) inherits puppet_cd::params {
if ($fqdn == $pt_db_fqdn) and ($pt_use_puppetdb == true) {
require puppet_cd::puppetdb::files
service { $pt_db_service:
ensure => running,
hasstatus => true,
hasrestart => true,
enable => true,
}
}
}

32
templates/puppetdb/bootstrap.cfg.erb
View File

@@ -1,32 +0,0 @@
###############################################################################
########## bootstrap.cfg managed by puppet agent ##########
###############################################################################
# This file is used by the application framework (trapperkeeper) to
# determine what services should be loaded at boot time.
# For more info, see:
# https://github.com/puppetlabs/trapperkeeper/wiki/Bootstrapping
# Web Server
puppetlabs.trapperkeeper.services.webserver.jetty9-service/jetty9-service
# Webrouting
puppetlabs.trapperkeeper.services.webrouting.webrouting-service/webrouting-service
# TK status
puppetlabs.trapperkeeper.services.metrics.metrics-service/metrics-webservice
puppetlabs.trapperkeeper.services.status.status-service/status-service
puppetlabs.trapperkeeper.services.scheduler.scheduler-service/scheduler-service
# PuppetDB Services
puppetlabs.puppetdb.cli.services/puppetdb-service
puppetlabs.puppetdb.command/command-service
puppetlabs.puppetdb.pdb-routing/maint-mode-service
puppetlabs.puppetdb.pdb-routing/pdb-routing-service
puppetlabs.puppetdb.config/config-service
# NREPL
puppetlabs.trapperkeeper.services.nrepl.nrepl-service/nrepl-service
# Dashboard redirect: remove to disable
puppetlabs.puppetdb.dashboard/dashboard-redirect-service

11
templates/puppetdb/config.ini.erb
View File

@@ -1,11 +0,0 @@
###############################################################################
########## config.ini managed by puppet agent ##########
###############################################################################
[global]
vardir = <%= @pt_puppetdb_var_dir %>
logging-config = <%= @pt_logback_conf %>
[command-processing]
threads = <%= @pt_com_proc_threads %>
concurrent-writes = <%= @pt_concurrent_writes %>

10
templates/puppetdb/database.ini.erb
View File

@@ -1,10 +0,0 @@
###############################################################################
########## database.ini managed by puppet agent ##########
###############################################################################
[database]
subname = <%= @pt_db_subname %>
username = <%= @pt_db_username %>
password = <%= @pt_db_password %>
gc-interval = <%= @pt_gc_interval %>

31
templates/puppetdb/jetty.ini.erb
View File

@@ -1,31 +0,0 @@
###############################################################################
########## jetty.ini managed by puppet agent ##########
###############################################################################
[jetty]
<% if @pt_use_ssl_only != true %>
host = <%= @pt_no_ssl_host %>
port = <%= @pt_no_ssl_port %>
# ssl
ssl-host = <%= @pt_ssl_host %>
ssl-port = <%= @pt_ssl_port %>
ssl-key = <%= @pt_ssl_key %>
ssl-cert = <%= @pt_ssl_cert %>
ssl-ca-cert = <%= @pt_ssl_ca_cert %>
<% if @pt_log_access == true %>
access-log-config = <%= @pt_access_log_config %>
<% end end %>
<% if @pt_use_ssl_only == true %>
ssl-host = <%= @pt_ssl_host %>
ssl-port = <%= @pt_ssl_port %>
ssl-key = <%= @pt_ssl_key %>
ssl-cert = <%= @pt_ssl_cert %>
ssl-ca-cert = <%= @pt_ssl_ca_cert %>
<% if @pt_log_access == true %>
access-log-config = <%= @pt_access_log_config %>
<% end end %>

59
templates/puppetdb/logback.xml.erb
View File

@@ -1,59 +0,0 @@
<configuration scan="true">
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>%d %-5p [%c{2}] %m%n</pattern>
</encoder>
</appender>
<appender name="F1" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>/var/log/puppetlabs/puppetdb/puppetdb.log</file>
<append>true</append>
<rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
<fileNamePattern>/var/log/puppetlabs/puppetdb/puppetdb-%d{yyyy-MM-dd}.%i.log.gz</fileNamePattern>
<!-- each file should be at most 200MB, keep 90 days worth of history, but at most 1GB total-->
<maxFileSize>200MB</maxFileSize>
<maxHistory>90</maxHistory>
<totalSizeCap>1GB</totalSizeCap>
</rollingPolicy>
<encoder>
<pattern>%d %-5p [%c{2}] %m%n</pattern>
</encoder>
</appender>
<!-- Suppress internal ActiveMQ logging -->
<logger name="org.apache.activemq" level="warn"/>
<!-- Suppress internal Spring Framework logging -->
<logger name="org.springframework.jms.connection" level="warn"/>
<!-- Lower the log level for ActiveMQ KahaDB MessageDatabase -->
<logger name="org.apache.activemq.store.kahadb.MessageDatabase"
level="info"/>
<appender name="STATUS" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>/var/log/puppetlabs/puppetdb/puppetdb-status.log</file>
<append>true</append>
<rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
<!-- rollover daily -->
<fileNamePattern>/var/log/puppetlabs/puppetdb/puppetdb-status-%d{yyyy-MM-dd}.%i.log.gz</fileNamePattern>
<!-- each file should be at most 200MB, keep 90 days worth of history, but at most 1GB total-->
<maxFileSize>200MB</maxFileSize>
<maxHistory>90</maxHistory>
<totalSizeCap>1GB</totalSizeCap>
</rollingPolicy>
<encoder>
<!-- note that this will only log the JSON message (%m) and a newline (%n)-->
<pattern>%m%n</pattern>
</encoder>
</appender>
<!-- without additivity="false", the status log messages will be sent to every other appender as well-->
<logger name="puppetlabs.trapperkeeper.services.status.status-debug-logging" level="debug" additivity="false">
<appender-ref ref="STATUS"/>
</logger>
<root level="info">
<appender-ref ref="${logappender:-DUMMY}" />
<appender-ref ref="F1" />
</root>
</configuration>

7
templates/puppetdb/puppetdb.conf.erb
View File

@@ -1,7 +0,0 @@
###############################################################################
########## puppetdb.conf managed by puppet agent ##########
###############################################################################
[main]
server_urls = https://<%= @pt_db_fqdn%>:<%= @pt_ssl_port %>
soft_write_failure = <%= @pt_soft_write_failure %>

48
templates/puppetdb/puppetdb_service.erb
View File

@@ -1,48 +0,0 @@
#
# Local settings can be configured without being overwritten by package upgrades, for example
# if you want to increase puppetdb open-files-limit to 10000,
# you need to increase systemd's LimitNOFILE setting, so create a file named
# "/etc/systemd/system/puppetdb.service.d/limits.conf" containing:
# [Service]
# LimitNOFILE=10000
# You can confirm it worked by running systemctl daemon-reload
# then running systemctl show puppetdb | grep LimitNOFILE
#
[Unit]
Description=puppetdb Service
After=syslog.target network.target nss-lookup.target
[Service]
Type=forking
EnvironmentFile=/etc/sysconfig/puppetdb
User=puppetdb
TimeoutStartSec=14400
TimeoutStopSec=60
Restart=on-failure
StartLimitBurst=5
PIDFile=/run/puppetlabs/puppetdb/puppetdb.pid
# https://tickets.puppetlabs.com/browse/EZ-129
# Prior to systemd v228, TasksMax was unset by default, and unlimited. Starting in 228 a default of '512'
# was implemented. This is low enough to cause problems for certain applications. In systemd 231, the
# default was changed to be 15% of the default kernel limit. This explicitly sets TasksMax to 4915,
# which should match the default in systemd 231 and later.
# See https://github.com/systemd/systemd/issues/3211#issuecomment-233676333
TasksMax=4915
#set default privileges to -rw-r-----
UMask=027
ExecReload=/opt/puppetlabs/server/apps/puppetdb/bin/puppetdb reload
ExecStart=/opt/puppetlabs/server/apps/puppetdb/bin/puppetdb start
ExecStop=/opt/puppetlabs/server/apps/puppetdb/bin/puppetdb stop
KillMode=process
SuccessExitStatus=143
StandardOutput=journal
[Install]
WantedBy=multi-user.target

13
templates/puppetdb/repl.ini.erb
View File

@@ -1,13 +0,0 @@
###############################################################################
########## repl.ini managed by puppet agent ##########
###############################################################################
[nrepl]
<% if @pt_enable_repl == true %>
enabled = <%= @pt_enable_repl %>
port = <% @pt_repl_port %>
host = <%= @pt_repl_host %>
<% else %>
# REPL is disabled for security reasons and not normally not required.
# To enable it, set `$pt_enable_repl` to `true`.
<% end %>

17
templates/puppetdb/request_logging.xml.erb
View File

@@ -1,17 +0,0 @@
<configuration debug="false">
<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
<file><%= @pt_puppetdb_access_log %>.log</file>
<append>true</append>
<rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
<fileNamePattern><%= @pt_puppetdb_access_log %>-%d{yyyy-MM-dd}.%i.log.gz</fileNamePattern>
<!-- each file should be at most 200MB, keep 90 days worth of history, but at most 1GB total-->
<maxFileSize><%= @pt_logging_max_file_size %></maxFileSize>
<maxHistory><%= @pt_loging_max_history %></maxHistory>
<totalSizeCap><%= @pt_logging_total_size %></totalSizeCap>
</rollingPolicy>
<encoder>
<pattern>%h %l %u [%t] "%r" %s %b "%i{Referer}" "%i{User-Agent}" %D</pattern>
</encoder>
</appender>
<appender-ref ref="FILE" />
</configuration>