recommit for updates in build 49

2025-02-26 17:06:15 +01:00
parent 490ea6ccf0
commit 262a6cf2ca
4 changed files with 163 additions and 19 deletions
--- a/doc/puppet_classes/puppet_cd_3A_3Afirewall_3A_3Aiptables.html
+++ b/doc/puppet_classes/puppet_cd_3A_3Afirewall_3A_3Aiptables.html
@@ -116,7 +116,30 @@
 18
 19
 20
-21</pre>
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44</pre>
      </td>
      <td>
        <pre class="code"><span class="info file"># File 'manifests/firewall/iptables.pp', line 6</span>
@@ -136,6 +159,29 @@ class puppet_cd::firewall::iptables (
      jump  =&gt; &#39;accept&#39;,
    }
  }
+
+  if $fqdn == $pt_db_fqdn {
+    if $pt_use_ssl_only != true {
+      firewall { &quot;3${pt_no_ssl_port} open port ${pt_no_ssl_port}&quot;:
+        proto =&gt; &#39;tcp&#39;,
+        dport =&gt; $pt_no_ssl_port,
+        jump  =&gt; &#39;accept&#39;,
+      }
+      firewall { &quot;3${pt_ssl_port} open port ${pt_ssl_port}&quot;:
+        proto =&gt; &#39;tcp&#39;,
+        dport =&gt; $pt_ssl_port,
+        jump  =&gt; &#39;accept&#39;,
+      }
+    }
+
+    if $pt_use_ssl_only == true {
+      firewall { &quot;3${pt_ssl_port} open port ${pt_ssl_port}&quot;:
+        proto =&gt; &#39;tcp&#39;,
+        dport =&gt; $pt_ssl_port,
+        jump  =&gt; &#39;accept&#39;,
+      }
+    }
+  }
 }</pre>
      </td>
    </tr>
--- a/doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Afiles.html
+++ b/doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Afiles.html
@@ -105,9 +105,7 @@
 7
 8
 9
-10
-11
-12</pre>
+10</pre>
      </td>
      <td>
        <pre class="code"><span class="info file"># File 'manifests/main/files.pp', line 6</span>
@@ -115,9 +113,7 @@
 class puppet_cd::main::files (

 ) inherits puppet_cd::params {
-
  require puppet_cd::main::dirs
-
 }</pre>
      </td>
    </tr>
--- a/doc/puppet_classes/puppet_cd_3A_3Aparams.html
+++ b/doc/puppet_classes/puppet_cd_3A_3Aparams.html
@@ -251,6 +251,60 @@ considered a puppet agent.</p>
        &mdash;
        <div class='inline'>
 <p>the packages for puppetdb</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_no_ssl_port</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;8080&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>non-ssl port number for puppetdb</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_ssl_port</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;8081&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>ssl port for puppetdb</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_use_ssl_only</span>
+      
+      
+        <span class='type'>(<tt>Boolean</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>true</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>whether to use ssl only.</p>
 </div>
      
    </li>
@@ -266,9 +320,6 @@ considered a puppet agent.</p>
        <pre class="lines">


-15
-16
-17
 18
 19
 20
@@ -288,10 +339,19 @@ considered a puppet agent.</p>
 34
 35
 36
-37</pre>
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46</pre>
      </td>
      <td>
-        <pre class="code"><span class="info file"># File 'manifests/params.pp', line 15</span>
+        <pre class="code"><span class="info file"># File 'manifests/params.pp', line 18</span>

 class puppet_cd::params (

@@ -306,11 +366,17 @@ class puppet_cd::params (
  String $pt_server_pkg     = &#39;puppetserver&#39;,
  Array $pt_db_pkg          = [&#39;puppetdb&#39;,&#39;puppetdb-termini&#39;],

+  String $pt_no_ssl_port    = &#39;8080&#39;,
+  String $pt_ssl_port       = &#39;8081&#39;,
+  Boolean $pt_use_ssl_only  = true,
+
 ) {
  $fqdn                     = $facts[&#39;networking&#39;][&#39;fqdn&#39;]

 # service
-  $pt_service               = &#39;puppetserver&#39;
+  $pt_server_service        = &#39;puppetserver&#39;
+  $pt_agent_service         = &#39;puppet&#39;
+  $pt_db_service            = &#39;puppetdb&#39;

 #
  # includes must be last
--- a/doc/puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html
+++ b/doc/puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html
@@ -119,7 +119,25 @@
 21
 22
 23
-24</pre>
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42</pre>
      </td>
      <td>
        <pre class="code"><span class="info file"># File 'manifests/server/service.pp', line 6</span>
@@ -127,15 +145,33 @@
 class puppet_cd::server::service (

 ) inherits puppet_cd::params {
-  if $fqdn == $pt_pm_fqdn {
-    # manager requirement
-
-    require puppet_cd::firewall::iptables
  require puppet_cd::main::files

-    # manage puppet server service
+  # manage agent service on all nodes
+  service { $pt_agent_service:
+    ensure     =&gt; running,
+    hasstatus  =&gt; true,
+    hasrestart =&gt; true,
+    enable     =&gt; true,
+  }

-    service { $pt_service:
+  # manage puppet server service
+  if $fqdn == $pt_pm_fqdn {
+    require puppet_cd::firewall::iptables
+
+    service { $pt_server_service:
+      ensure     =&gt; running,
+      hasstatus  =&gt; true,
+      hasrestart =&gt; true,
+      enable     =&gt; true,
+    }
+  }
+
+  # manage puppetdb service
+  if $fqdn == $pt_db_fqdn {
+    require puppet_cd::firewall::iptables
+
+    service { $pt_db_service:
      ensure     =&gt; running,
      hasstatus  =&gt; true,
      hasrestart =&gt; true,