Puppet Class: puppet_cd::params

Inherited by:
puppet_cd::main::dirs
puppet_cd::main::user
puppet_cd::main::files
puppet_cd::main::config
puppet_cd::main::install
puppet_cd::puppetdb::dirs
puppet_cd::puppetdb::files
puppet_cd::server::service
puppet_cd::puppetdb::service
puppet_cd::firewall::iptables
Defined in:
manifests/params.pp

Summary

Class manages parameters for the puppet_cd module.

Overview

puppet_cd::params.pp Module name: puppet_cd Author: Arne Teuke (arne_teuke@confdroid) settings are applied. any other fqdn # will be considered a puppet agent.

Parameters:

  • pt_manage_fw (Boolean) (defaults to: true)

    whether to manage firewall settings

  • pt_pm_fqdn (String) (defaults to: 'puppetmaster.example.net')

    the fqdn for the puppetmaster and master

  • pt_db_fqdn (String) (defaults to: 'puppetdb.example.net')

    the fqdn for the puppetdb host.

  • pt_pkg_ensure (String) (defaults to: 'present')

    valid: “present”, “latest”, “v1.2.3”

  • pt_agent_pkg (String) (defaults to: 'puppet-agent')

    the packages for agents to install

  • pt_server_pkg (String) (defaults to: 'puppetserver')

    the server packages to install

  • pt_db_pkg (Array) (defaults to: ['puppetdb','puppetdb-termini'])

    the packages for puppetdb

  • pt_r10k_pkg (Array) (defaults to: ['ruby','ruby-devel','gcc','make','redhat-rpm-config','rpm-build'])

    the packages for r10k to install

  • pt_no_ssl_port (String) (defaults to: '8080')

    non-ssl port number for puppetdb

  • pt_ssl_port (String) (defaults to: '8081')

    ssl port for puppetdb

  • pt_use_ssl_only (Boolean) (defaults to: true)

    whether to use ssl only.

  • pt_user (String) (defaults to: 'puppet')

    the puppet user

  • pt_user_comment (String) (defaults to: 'puppetserver daemon')

    the user comment

  • pt_user_home (String) (defaults to: '/opt/puppetlabs/server/data/puppetserver')

    the user home

  • pt_user_shell (String) (defaults to: '/sbin/nologin')

    the user shell

  • pt_manage_db_user (Boolean) (defaults to: true)

    whether to manage the user for puppetdb

  • pt_db_user (String) (defaults to: 'puppetdb')

    the puppetdb user

  • pt_db_user_comment (String) (defaults to: 'PuppetDB daemon')

    the user comment for puppetdb user

  • pt_db_user_home (String) (defaults to: '/opt/puppetlabs/server/data/puppetdb')

    the user home for the puppetdb user

  • pt_db_user_shell (String) (defaults to: '/sbin/nologin')

    the shell for the puppetdb user

  • pt_use_puppetdb (Boolean) (defaults to: false)

    whether to use puppetdb on host

  • pt_environment (String) (defaults to: 'production')

    the environment

  • pt_basemodulepath (String) (defaults to: '/etc/puppetlabs/code/environments/common:/etc/puppetlabs/code/modules:/opt/puppetlabs/puppet/modules:/usr/share/puppet/modules')

    the base module path

  • pt_logdir (String) (defaults to: '/var/log/puppetlabs/puppet')

    the log directory

  • pt_allow_duplicate_certs (Boolean) (defaults to: false)

    whether to allow duplicated certs

  • pt_pluginfactsource (String) (defaults to: 'pluginfacts')

    the plugin fact source

  • pt_pluginsource (String) (defaults to: 'plugins')

    the plugin source

  • pt_runinterval (String) (defaults to: '1800')

    the runinterval

  • pt_reports (String) (defaults to: 'foreman')

    where to send the run reports

  • pt_show_diff (Boolean) (defaults to: false)

    whether to show the diff

  • pt_default_schedules (Boolean) (defaults to: false)

    the default run schedules

  • pt_masterport (String) (defaults to: '8140')

    the master port to listen on

  • pt_noop (Boolean) (defaults to: false)

    whether noop should be executed

  • pt_pluginsync (Boolean) (defaults to: true)

    whether pluginsync should be allowed

  • pt_report (Boolean) (defaults to: true)

    whether reports should be created

  • pt_splay (Boolean) (defaults to: false)

    whether to enable a sleeping period before runs

  • pt_splaylimit (String) (defaults to: '1800')

    the splay limit

  • pt_usecacheonfailure (Boolean) (defaults to: true)

    whether to use the cache on failure

  • pt_autosign (String) (defaults to: '/etc/puppetlabs/puppet/autosign.conf')

    where to check the autosign settings

  • pt_ca (Boolean) (defaults to: true)

    whether to be a ca

  • pt_external_nodes (String) (defaults to: '/etc/puppetlabs/puppet/node.rb')

    the external node settings (ENC)

  • pt_logdir_master (String) (defaults to: '/var/log/puppetlabs/puppetserver')

    the log directory on the master

  • pt_node_terminus (String) (defaults to: 'exec')

    Which node data plugin to use when compiling node catalogs.

  • pt_strict_variables (Boolean) (defaults to: false)

    Causes an evaluation error when referencing unknown variables

  • pt_storeconfigs (Boolean) (defaults to: true)

    whether store client configs.

  • pt_storeconfigs_backend (String) (defaults to: 'puppetdb')

    where to store client configs

  • pt_parser (String) (defaults to: 'current')

    which parser version to use

  • pt_cert_revocation (Boolean) (defaults to: true)

    whether to check for cert revocations

  • pt_logging_max_file_size (String) (defaults to: '200MB')

    max file size for puppetdb logging

  • pt_logging_max_history (String) (defaults to: '90')

    max logging history

  • pt_logging_total_size (String) (defaults to: '1GB')

    total size of logging file

  • pt_com_proc_threads (String) (defaults to: '4')

    number of processing threads

  • pt_concurrent_writes (String) (defaults to: '4')

    max concurrent writes

  • pt_db_subname (String) (defaults to: '//localhost:5432/puppetdb')

    the db name

  • pt_db_username (String) (defaults to: 'foobar')

    the db username

  • pt_db_password (String) (defaults to: 'foobar')

    the db password

  • pt_gc_interval (String) (defaults to: '60')

    garbage collection interval (Java)

  • pt_log_slow_statements (String) (defaults to: '10')

    number of seconds before an SQL query is considered “slow.”

  • pt_puppetdb_source_lan (String) (defaults to: '0.0.0.0/0')

    the source lan for puppetdb clients

  • pt_soft_write_failure (Boolean) (defaults to: false)

    allows the PuppetDB-termini to fail softly if PuppetDB is not accessible for command submission.

  • pt_no_ssl_host (String) (defaults to: '0.0.0.0')

    ip range for non-ssl hosts

  • pt_ssl_host (String) (defaults to: '0.0.0.0')

    ip range for SSL hosts

  • pt_ssl_key (String) (defaults to: '/etc/puppetlabs/puppetdb/ssl/private.pem')

    location of the private key

  • pt_ssl_cert (String) (defaults to: '/etc/puppetlabs/puppetdb/ssl/public.pem')

    location of the ssl cert

  • pt_ssl_ca_cert (String) (defaults to: '/etc/puppetlabs/puppetdb/ssl/ca.pem')

    location of the ssl ca cert

  • pt_log_access (Boolean) (defaults to: false)

    whether to configure log access

  • pt_access_log_config (String) (defaults to: '/etc/puppetlabs/puppetdb/request-logging.xml')

    the location of the access log config

  • pt_enable_repl (Boolean) (defaults to: false)

    whether to allow puppetdb replication

  • pt_repl_port (String) (defaults to: '8082')

    the replication port

  • pt_repl_host (String) (defaults to: '127.0.0.1')

    the replication host

  • pt_use_r10k (Boolean) (defaults to: false)

    whether to use r10k service

  • pt_use_r10k_webhook (Boolean) (defaults to: false)

    whether to use r10k webhook service

  • pt_r10k_remote (String) (defaults to: 'git@gitlab.example.net/repo.git')

    the remote url for the r10k control repo

  • pt_r10k_prefix (Boolean) (defaults to: false)

    the r10k prefix. defaults to false

  • pt_r10k_basedir (String) (defaults to: '/etc/puppetlabs/code/environments')

    the base directory for r10k.yaml

  • pt_r10k_webhook_pkg (String) (defaults to: '/tmp/webhook-go.rpm')

    the packages for the r10k webhook

  • pt_manage_user (Boolean) (defaults to: true)

    whether to manage the puppet user



88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
 
# File 'manifests/params.pp', line 88

class puppet_cd::params (

  Boolean $pt_manage_fw             = true,
  String $pt_pm_fqdn                = 'puppetmaster.example.net',
  String $pt_db_fqdn                = 'puppetdb.example.net',

  # installation
  String $pt_pkg_ensure             = 'present',
  String $pt_agent_pkg              = 'puppet-agent',
  String $pt_server_pkg             = 'puppetserver',
  Array $pt_db_pkg                  = ['puppetdb','puppetdb-termini'],
  Array $pt_r10k_pkg                = ['ruby','ruby-devel','gcc','make','redhat-rpm-config','rpm-build'],
  String $pt_r10k_webhook_pkg       = '/tmp/webhook-go.rpm',

  # user settings
  ## puppet user
  Boolean $pt_manage_user           = true,
  String $pt_user                   = 'puppet',
  String $pt_user_comment           = 'puppetserver daemon',
  String $pt_user_home              = '/opt/puppetlabs/server/data/puppetserver',
  String $pt_user_shell             = '/sbin/nologin',
  ## puppetdb user
  Boolean $pt_manage_db_user        = true,
  String $pt_db_user                = 'puppetdb',
  String $pt_db_user_comment        = 'PuppetDB daemon',
  String $pt_db_user_home           = '/opt/puppetlabs/server/data/puppetdb',
  String $pt_db_user_shell          = '/sbin/nologin',
  # templates
  ## puppet
  String $pt_environment            = 'production',
  Boolean $pt_allow_duplicate_certs = false,
  String $pt_basemodulepath         = '/etc/puppetlabs/code/environments/common:/etc/puppetlabs/code/modules:/opt/puppetlabs/puppet/modules:/usr/share/puppet/modules',
  String $pt_logdir                 = '/var/log/puppetlabs/puppet',
  String $pt_pluginfactsource       = 'pluginfacts',
  String $pt_pluginsource           = 'plugins',
  String $pt_reports                = 'foreman',
  Boolean $pt_show_diff             = false,
  Boolean $pt_default_schedules     = false,
  String $pt_masterport             = '8140',
  Boolean $pt_noop                  = false,
  Boolean $pt_pluginsync            = true,
  Boolean $pt_report                = true,
  String $pt_runinterval            = '1800',
  Boolean $pt_splay                 = false,
  String $pt_splaylimit             = '1800',
  Boolean $pt_usecacheonfailure     = true,
  String $pt_autosign               = '/etc/puppetlabs/puppet/autosign.conf',
  Boolean $pt_ca                    = true,
  String $pt_external_nodes         = '/etc/puppetlabs/puppet/node.rb',
  String $pt_logdir_master          = '/var/log/puppetlabs/puppetserver',
  String $pt_node_terminus          = 'exec',
  Boolean $pt_strict_variables      = false,
  Boolean $pt_storeconfigs          = true,
  String $pt_storeconfigs_backend   = 'puppetdb',
  String $pt_parser                 = 'current',
  Boolean $pt_cert_revocation       = true,
  ## puppetdb
  Boolean $pt_use_puppetdb          = false,
  String $pt_logging_max_file_size  = '200MB',
  String $pt_logging_max_history     = '90',
  String $pt_logging_total_size     = '1GB',
  String $pt_com_proc_threads       = '4',
  String $pt_concurrent_writes      = '4',
  String $pt_db_subname             = '//localhost:5432/puppetdb',
  String $pt_db_username            = 'foobar',
  String $pt_db_password            = 'foobar',
  String $pt_gc_interval            = '60',
  String $pt_log_slow_statements    = '10',
  String $pt_no_ssl_port            = '8080',
  String $pt_ssl_port               = '8081',
  Boolean $pt_use_ssl_only          = true,
  String $pt_puppetdb_source_lan    = '0.0.0.0/0',
  Boolean $pt_soft_write_failure    = false,
  String $pt_no_ssl_host            = '0.0.0.0',
  String $pt_ssl_host               = '0.0.0.0',
  String $pt_ssl_key                = '/etc/puppetlabs/puppetdb/ssl/private.pem',
  String $pt_ssl_cert               = '/etc/puppetlabs/puppetdb/ssl/public.pem',
  String $pt_ssl_ca_cert            = '/etc/puppetlabs/puppetdb/ssl/ca.pem',
  Boolean $pt_log_access            = false,
  String $pt_access_log_config      = '/etc/puppetlabs/puppetdb/request-logging.xml',
  Boolean $pt_enable_repl           = false,
  String $pt_repl_port              = '8082',
  String $pt_repl_host              = '127.0.0.1',

# r10k
  Boolean $pt_use_r10k              = false,
  Boolean $pt_use_r10k_webhook      = false,
  String $pt_r10k_remote            = 'git@gitlab.example.net/repo.git',
  Boolean $pt_r10k_prefix           = false,
  String $pt_r10k_basedir           = '/etc/puppetlabs/code/environments',

) {
# facts
  $fqdn                   = $facts['networking']['fqdn']
  $domain                 = $facts['networking']['domain']
  $os_name                = $facts['os']['name']
  $os_release             = $facts['os']['release']['major']

# directories
## puppet
  $pt_main_dir                      = '/etc/puppetlabs'
  $pt_puppetdir                     = "${pt_main_dir}/puppet"
  $pt_code_dir                      = "${pt_main_dir}/code"
  $pt_environmentspath              = "${pt_code_dir}/environments"
  $pt_ssldir                        = "${pt_puppetdir}/ssl"
  $pt_privatekeydir                 = "${pt_ssldir}/private_keys"
  $pt_rundir                        = '/var/run/puppetlabs'
  $pt_rundir_master                 = '/var/run/puppetlabs/puppetserver'
  $pt_vardir                        = '/opt/puppetlabs/puppet/cache'
  $pt_vardir_master                 = '/opt/puppetlabs/server/data/puppetserver'
## puppetdb
  $pt_puppetdb_main                 = '/etc/puppetlabs/puppetdb'
  $pt_puppetdb_conf_d               = "${pt_puppetdb_main}/conf.d"
  $pt_puppetdb_ssl                  = "${pt_puppetdb_main}/ssl"
  $pt_puppetdb_log                  = '/var/log/puppetlabs/puppetdb'
  $pt_puppetdb_var_dir              = '/opt/puppetlabs/server/data/puppetdb'
## r10k
  $pt_r10k_dir                      = "${pt_main_dir}/r10k"
  $pt_r10k_webhook_dir              = '/etc/r10k-webhook'

# files
## puppet
  $pt_puppet_conf_file              = "${pt_puppetdir}/puppet.conf"
  $pt_puppet_conf_erb               = 'puppet_cd/puppet.conf.erb'
  $pt_agent_conf_erb                = 'puppet_cd/agent.conf.erb'
  $pt_hiera_config                  = "${pt_puppetdir}/hiera.yaml"
## puppetdb
  $pt_bootstrap_conf                = "${pt_puppetdb_main}/bootstrap.cfg"
  $pt_bootstrap_erb                 = 'puppet_cd/puppetdb/bootstrap.cfg.erb'
  $pt_puppetdb_access_log           = "${pt_puppetdb_log}/puppetdb-access"
  $pt_request_logging_conf          = "${pt_puppetdb_main}/request-logging.xml"
  $pt_request_logging_erb           = 'puppet_cd/puppetdb/request_logging.xml.erb'
  $pt_logback_conf                  = "${pt_puppetdb_main}/logback.xml"
  $pt_logback_erb                   = 'puppet_cd/puppetdb/logback.xml.erb'
  $pt_puppetdb_config_ini           = "${pt_puppetdb_conf_d}/config.ini"
  $pt_puppetdb_config_erb           = 'puppet_cd/puppetdb/config.ini.erb'
  $pt_puppetdb_database_ini         = "${pt_puppetdb_conf_d}/database.ini"
  $pt_puppetdb_database_erb         = 'puppet_cd/puppetdb/database.ini.erb'
  $pt_puppetdb_jetty_ini            = "${pt_puppetdb_conf_d}/jetty.ini"
  $pt_puppetdb_jetty_erb            = 'puppet_cd/puppetdb/jetty.ini.erb'
  $pt_puppetdb_conf_file            = "${pt_puppetdir}/puppetdb.conf"
  $pt_puppetdb_conf_erb             = 'puppet_cd/puppetdb/puppetdb.conf.erb'
  $pt_puppetdb_repl_ini             = "${pt_puppetdb_conf_d}/repl.ini"
  $pt_puppetdb_repl_erb             = 'puppet_cd/puppetdb/repl.ini.erb'
## r10k
  $pt_r10k_file                     = "${pt_r10k_dir}/r10k.yaml"
  $pt_r10k_erb                      = 'puppet_cd/r10k/r10k.yaml.erb'

# service
  $pt_server_service                = 'puppetserver'
  $pt_agent_service                 = 'puppet'
  $pt_db_service                    = 'puppetdb'
  $pt_webhook_service               = 'webhook-go.service'

#
  # includes must be last
  include puppet_cd::main::config
}