221 lines
12 KiB
Puppet
221 lines
12 KiB
Puppet
## puppet_cd::params.pp
|
|
# Module name: puppet_cd
|
|
# Author: Arne Teuke (arne_teuke@confdroid)
|
|
# @summary Class manages parameters for the puppet_cd module.
|
|
# @param [Boolean] pt_manage_fw whether to manage firewall settings
|
|
# @param [Boolean] pt_use_puppetdb whether to use puppetdb
|
|
# @param [String] pt_pm_fqdn the fqdn for the puppetmaster and master
|
|
# settings are applied. any other fqdn # will be considered a puppet agent.
|
|
# @param [String] pt_puppetdb_fqdn the fqdn for the puppetdb node.
|
|
# @param [String] pt_pkg_ensure valid: "present", "latest", "v1.2.3"
|
|
# @param [String] pt_agent_pkg the packages for agents to install
|
|
# @param [String] pt_server_pkg the server packages to install
|
|
# @param [String] pt_puppetdb_pkg the puppetdb packages to install
|
|
# @param [Array] pt_r10k_pkg the packages for r10k to install
|
|
# @param [String] pt_environment the environment
|
|
# @param [Boolean] pt_basemodulepath the base module path
|
|
# @param [String] pt_logdir the log directory
|
|
# @param [Boolean] pt_allow_duplicate_certs whether to allow duplicated certs
|
|
# @param [String] pt_pluginfactsource the plugin fact source
|
|
# @param [String] pt_pluginsource the plugin source
|
|
# @param [String] pt_runinterval the runinterval
|
|
# @param [String] pt_reports where to send the run reports
|
|
# @param [Boolean] pt_show_diff whether to show the diff
|
|
# @param [Boolean] pt_default_schedules the default run schedules
|
|
# @param [String] pt_masterport the master port to listen on
|
|
# @param [Boolean] pt_noop whether noop should be executed
|
|
# @param [Boolean] pt_pluginsync whether pluginsync should be allowed
|
|
# @param [Boolean] pt_report whether reports should be created
|
|
# @param [Boolean] pt_splay whether to enable a sleeping period before runs
|
|
# @param [String] pt_splaylimit the splay limit
|
|
# @param [Boolean] pt_usecacheonfailure whether to use the cache on failure
|
|
# @param [String] pt_autosign where to check the autosign settings
|
|
# @param [Boolean] pt_ca whether to be a ca
|
|
# @param [String] pt_external_nodes the external node settings (ENC)
|
|
# @param [String] pt_logdir_master the log directory on the master
|
|
# @param [String] pt_node_terminus Which node data plugin to use when compiling
|
|
# node catalogs.
|
|
# @param [Boolean] pt_strict_variables Causes an evaluation error when
|
|
# referencing unknown variables
|
|
# @param [Boolean] pt_storeconfigs whether store client configs.
|
|
# @param [String] pt_storeconfigs_backend where to store client configs
|
|
# @param [String] pt_parser which parser version to use
|
|
# @param [Boolean] pt_cert_revocation whether to check for cert revocations
|
|
# @param [Boolean] pt_use_r10k whether to use r10k service
|
|
# @param [Boolean] pt_use_r10k_webhook whether to use r10k webhook service
|
|
# @param [String] pt_r10k_remote the remote url for the r10k control repo
|
|
# @param [Boolean] pt_r10k_prefix the r10k prefix. defaults to false
|
|
# @param [String] pt_r10k_basedir the base directory for r10k.yaml
|
|
# @param [Array] pt_r10k_webhook_pkg the packages for the r10k webhook
|
|
# @param [String] pt_r10k_webhook_port the port for the webhook listener
|
|
# @param [String] pt_ssl_port the port for the puppetdb ssl port
|
|
# @param [Boolean] pt_soft_write_failure whether to allow soft_write_failure
|
|
# @param [String] pt_db_subname the url for the database connection
|
|
# @param [String] pt_db_username the username for the database connection
|
|
# @param [String] pt_db_password the password for the database connection
|
|
# @param [String] pt_gc_interval How often (in minutes) to compact the database
|
|
# @param [String] pt_http_port Port to listen on for clear-text HTTP.
|
|
# @param [String] pt_https_port Port to listen on for HTTPs connections.
|
|
# @param [String] pt_ssl_host IP address to listen on for HTTPS connections
|
|
# @param [Boolean] pt_repl_on toggle the remote repl true false
|
|
# @param [String] pt_repl_port What port the REPL should listen on
|
|
# @param [String] pt_repl_host IP address to listen on
|
|
# @param [Boolean] pt_enable_tls whether to use tls encryption for the backend
|
|
# @param [String] pt_pptdb_ca_crt placeholder for the ca.crt
|
|
# @param [String] pt_pptdb_server_crt placeholder for the server.crt
|
|
# @param [String] pt_pptdb_server_key placeholder for the server.crt
|
|
###############################################################################
|
|
class puppet_cd::params (
|
|
|
|
Boolean $pt_manage_fw = true,
|
|
String $pt_pm_fqdn = 'puppetmaster.example.net',
|
|
String $pt_puppetdb_fqdn = 'puppetdb.example.net',
|
|
Boolean $pt_use_puppetdb = false,
|
|
|
|
# installation
|
|
String $pt_pkg_ensure = 'present',
|
|
String $pt_agent_pkg = 'puppet-agent',
|
|
String $pt_server_pkg = 'puppetserver',
|
|
Array $pt_puppetdb_pkg = ['puppetdb-termini', 'puppetdb'],
|
|
Array $pt_r10k_pkg = ['ruby','ruby-devel','rubygems','gcc','make'],
|
|
Array $pt_r10k_webhook_pkg = ['webrick', 'r10k_gitlab_webhook'],
|
|
|
|
# templates
|
|
## puppet
|
|
String $pt_environment = 'production',
|
|
Boolean $pt_allow_duplicate_certs = false,
|
|
String $pt_basemodulepath = '/etc/puppetlabs/code/environments/common:/etc/puppetlabs/code/modules:/opt/puppetlabs/puppet/modules:/usr/share/puppet/modules',
|
|
String $pt_logdir = '/var/log/puppetlabs/puppet',
|
|
String $pt_pluginfactsource = 'pluginfacts',
|
|
String $pt_pluginsource = 'plugins',
|
|
String $pt_reports = 'foreman',
|
|
Boolean $pt_show_diff = false,
|
|
Boolean $pt_default_schedules = false,
|
|
String $pt_masterport = '8140',
|
|
Boolean $pt_noop = false,
|
|
Boolean $pt_pluginsync = true,
|
|
Boolean $pt_report = true,
|
|
String $pt_runinterval = '1800',
|
|
Boolean $pt_splay = false,
|
|
String $pt_splaylimit = '1800',
|
|
Boolean $pt_usecacheonfailure = true,
|
|
String $pt_autosign = '/etc/puppetlabs/puppet/autosign.conf',
|
|
Boolean $pt_ca = true,
|
|
String $pt_external_nodes = '/etc/puppetlabs/puppet/node.rb',
|
|
String $pt_logdir_master = '/var/log/puppetlabs/puppetserver',
|
|
String $pt_node_terminus = 'exec',
|
|
Boolean $pt_strict_variables = false,
|
|
Boolean $pt_storeconfigs = true,
|
|
String $pt_storeconfigs_backend = 'puppetdb',
|
|
String $pt_parser = 'current',
|
|
Boolean $pt_cert_revocation = true,
|
|
|
|
# puppetdb
|
|
String $pt_ssl_port = '8081',
|
|
Boolean $pt_soft_write_failure = false,
|
|
String $pt_db_subname = '//localhost:5432/puppetdb',
|
|
String $pt_db_username = 'foobar',
|
|
String $pt_db_password = 'foobar',
|
|
String $pt_gc_interval = '60',
|
|
Boolean $pt_enable_tls = false,
|
|
String $pt_pptdb_ca_crt = 'Changeme',
|
|
String $pt_pptdb_server_crt = 'Changeme',
|
|
String $pt_pptdb_server_key = 'Changeme',
|
|
|
|
## jetty
|
|
String $pt_http_port = '8080',
|
|
String $pt_https_port = '8081',
|
|
String $pt_ssl_host = '0.0.0.0',
|
|
## repl
|
|
Boolean $pt_repl_on = false,
|
|
String $pt_repl_port = '8082',
|
|
String $pt_repl_host = '127.0.0.1',
|
|
|
|
# r10k
|
|
Boolean $pt_use_r10k = false,
|
|
Boolean $pt_use_r10k_webhook = false,
|
|
String $pt_r10k_remote = 'git@gitlab.example.net/repo.git',
|
|
Boolean $pt_r10k_prefix = false,
|
|
String $pt_r10k_basedir = '/etc/puppetlabs/code/environments',
|
|
String $pt_r10k_webhook_port = '8085',
|
|
|
|
) {
|
|
# facts
|
|
$fqdn = $facts['networking']['fqdn']
|
|
$domain = $facts['networking']['domain']
|
|
$os_name = $facts['os']['name']
|
|
$os_release = $facts['os']['release']['major']
|
|
|
|
# directories
|
|
## puppet
|
|
$pt_main_dir = '/etc/puppetlabs'
|
|
$pt_puppetdir = "${pt_main_dir}/puppet"
|
|
$pt_code_dir = "${pt_main_dir}/code"
|
|
$pt_environmentspath = "${pt_code_dir}/environments"
|
|
$pt_ssldir = "${pt_puppetdir}/ssl"
|
|
$pt_privatekeydir = "${pt_ssldir}/private_keys"
|
|
$pt_rundir = '/var/run/puppetlabs'
|
|
$pt_rundir_master = '/var/run/puppetlabs/puppetserver'
|
|
$pt_vardir = '/opt/puppetlabs/puppet/cache'
|
|
$pt_vardir_master = '/opt/puppetlabs/server/data/puppetserver'
|
|
## r10k
|
|
$pt_r10k_dir = "${pt_main_dir}/r10k"
|
|
$pt_r10k_webhook_dir = '/etc/r10k-webhook'
|
|
## puppetdb
|
|
$pt_puppetdb_dir = '/etc/puppetlabs/puppetdb'
|
|
$pt_puppetdb_conf_dir = "${pt_puppetdb_dir}/conf.d"
|
|
$pt_pptdb_ssldir = "${pt_puppetdb_dir}/ssl"
|
|
|
|
# files
|
|
## puppet
|
|
$pt_puppet_conf_file = "${pt_puppetdir}/puppet.conf"
|
|
$pt_puppet_conf_erb = 'puppet_cd/puppet.conf.erb'
|
|
$pt_hiera_config = "${pt_puppetdir}/hiera.yaml"
|
|
$pt_puppetdb_conf_file = "${pt_puppetdir}/puppetdb.conf"
|
|
$pt_puppetdb_conf_erb = 'puppet_cd/puppetdb/puppetdb.conf.erb'
|
|
$pt_routes_file = "${pt_puppetdir}/routes.yaml"
|
|
$pt_routes_erb = 'puppet_cd/puppetdb/routes.yaml.erb'
|
|
$pt_node_rb_file = "${pt_puppetdir}/node.rb"
|
|
$pt_node_rb_erb = 'puppet_cd/puppetdb/node.rb.erb'
|
|
## r10k
|
|
$pt_r10k_file = "${pt_r10k_dir}/r10k.yaml"
|
|
$pt_r10k_erb = 'puppet_cd/r10k/r10k.yaml.erb'
|
|
$pt_webhook_link = 'ln -sf /usr/local/share/gems/gems/r10k_gitlab_webhook-0.1.3/bin/r10k_gitlab_webhook /usr/bin/'
|
|
$pt_webhook_service_file = '/etc/systemd/system/r10k_gitlab_webhook.service'
|
|
$pt_webhook_service_erb = 'puppet_cd/r10k/r10k_webhook_service.erb'
|
|
## puppetdb
|
|
$pt_bootstrap_conf_file = "${pt_puppetdb_dir}/bootstrap.cfg"
|
|
$pt_bootstrap_conf_erb = 'puppet_cd/puppetdb/bootstrap.cfg.erb'
|
|
$pt_logback_conf_file = "${pt_puppetdb_dir}/logback.xml"
|
|
$pt_logback_conf_erb = 'puppet_cd/puppetdb/logback.xml.erb'
|
|
$pt_logging_conf_file = "${pt_puppetdb_dir}/request-logging.xml"
|
|
$pt_logging_conf_erb = 'puppet_cd/puppetdb/request_logging.xml.erb'
|
|
$pt_auth_conf_file = "${pt_puppetdb_conf_dir}/auth.conf"
|
|
$pt_auth_conf_erb = 'puppet_cd/puppetdb/auth.conf.erb'
|
|
$pt_config_ini_file = "${pt_puppetdb_conf_dir}/config.ini"
|
|
$pt_config_ini_erb = 'puppet_cd/puppetdb/config.ini.erb'
|
|
$pt_db_ini_file = "${pt_puppetdb_conf_dir}/database.ini"
|
|
$pt_db_ini_erb = 'puppet_cd/puppetdb/database.ini.erb'
|
|
$pt_jetty_ini_file = "${pt_puppetdb_conf_dir}/jetty.ini"
|
|
$pt_jetty_ini_erb = 'puppet_cd/puppetdb/jetty.ini.erb'
|
|
$pt_repl_ini_file = "${pt_puppetdb_conf_dir}/repl.ini"
|
|
$pt_repl_ini_erb = 'puppet_cd/puppetdb/repl.ini.erb'
|
|
$pt_service_conf_file = '/usr/lib/systemd/system/puppetdb.service'
|
|
$pt_service_conf_erb = 'puppet_cd/puppetdb/service.conf.erb'
|
|
$pt_ca_crt_file = "${pt_pptdb_ssldir}/ca.crt"
|
|
$pt_ca_crt_erb = 'puppet_cd/puppetdb/ca.crt.erb'
|
|
$pt_server_crt_file = "${pt_pptdb_ssldir}/server.crt"
|
|
$pt_server_crt_erb = 'puppet_cd/puppetdb/server.crt.erb'
|
|
$pt_server_key_file = "${pt_pptdb_ssldir}/server.key"
|
|
$pt_server_key_erb = 'puppet_cd/puppetdb/server.key.erb'
|
|
|
|
# service
|
|
$pt_server_service = 'puppetserver'
|
|
$pt_agent_service = 'puppet'
|
|
$pt_r10k_webhook_service = 'r10k_gitlab_webhook'
|
|
$pt_db_service = 'puppetdb'
|
|
#
|
|
# includes must be last
|
|
include puppet_cd::main::config
|
|
}
|