puppet_cd/manifests/puppetdb/files.pp

## puppet_cd::puppetdb::files.pp
# Module name: puppet_cd
# Author: Arne Teuke (arne_teuke@confdroid)
# @summary  Class manages config files for the puppetdb section
###############################################################################
class puppet_cd::puppetdb::files (

) inherits puppet_cd::params {
  if ($pt_use_puppetdb == true) and ($pt_puppetdb_fqdn == $fqdn) {
    require puppet_cd::puppetdb::dirs

    # bootstrap.cfg
    file { $pt_bootstrap_conf_file:
      ensure   => file,
      owner    => 'root',
      group    => 'root',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => puppet_etc_t,
      seluser  => system_u,
      content  => template($pt_bootstrap_conf_erb),
      notify   => Service[$pt_db_service],
    }
    # logback.xml
    file { $pt_logback_conf_file:
      ensure   => file,
      owner    => 'root',
      group    => 'root',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => puppet_etc_t,
      seluser  => system_u,
      content  => template($pt_logback_conf_erb),
      notify   => Service[$pt_db_service],
    }
    # request-logging.xml
    file { $pt_logging_conf_file:
      ensure   => file,
      owner    => 'root',
      group    => 'root',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => puppet_etc_t,
      seluser  => system_u,
      content  => template($pt_logging_conf_erb),
      notify   => Service[$pt_db_service],
    }
    # service config
    file { $pt_service_conf_file:
      ensure   => file,
      owner    => 'root',
      group    => 'root',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => systemd_unit_file_t,
      seluser  => system_u,
      content  => template($pt_service_conf_erb),
      notify   => Service[$pt_db_service],
    }
    # conf.d files
    ## auth.conf
    file { $pt_auth_conf_file:
      ensure   => file,
      owner    => 'root',
      group    => 'root',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => puppet_etc_t,
      seluser  => system_u,
      content  => template($pt_auth_conf_erb),
      notify   => Service[$pt_db_service],
    }
    # config.ini
    file { $pt_config_ini_file:
      ensure   => file,
      owner    => 'root',
      group    => 'root',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => puppet_etc_t,
      seluser  => system_u,
      content  => template($pt_config_ini_erb),
      notify   => Service[$pt_db_service],
    }
    # database.ini
    file { $pt_db_ini_file:
      ensure   => file,
      owner    => 'root',
      group    => 'root',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => puppet_etc_t,
      seluser  => system_u,
      content  => template($pt_db_ini_erb),
      notify   => Service[$pt_db_service],
    }
    # jetty.ini
    file { $pt_jetty_ini_file:
      ensure   => file,
      owner    => 'root',
      group    => 'root',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => puppet_etc_t,
      seluser  => system_u,
      content  => template($pt_jetty_ini_erb),
      notify   => Service[$pt_db_service],
    }
    # repl.ini
    file { $pt_repl_ini_file:
      ensure   => file,
      owner    => 'root',
      group    => 'root',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => puppet_etc_t,
      seluser  => system_u,
      content  => template($pt_repl_ini_erb),
      notify   => Service[$pt_db_service],
    }
    if $pt_enable_tls == true {
      # create tls certs
      ## ca.crt
      file { $pt_ca_crt_file:
        ensure   => file,
        owner    => 'puppetdb',
        group    => 'puppetdb',
        mode     => '0440',
        selrange => s0,
        selrole  => object_r,
        seltype  => puppet_etc_t,
        seluser  => system_u,
        content  => template($pt_ca_crt_erb),
        notify   => Service[$pt_db_service],
      }
      ## server.crt
      file { $pt_server_crt_file:
        ensure   => file,
        owner    => 'puppetdb',
        group    => 'puppetdb',
        mode     => '0440',
        selrange => s0,
        selrole  => object_r,
        seltype  => puppet_etc_t,
        seluser  => system_u,
        content  => template($pt_server_crt_erb),
        notify   => Service[$pt_db_service],
      }
      ## server.key
      file { $pt_server_key_file:
        ensure   => file,
        owner    => 'puppetdb',
        group    => 'puppetdb',
        mode     => '0440',
        selrange => s0,
        selrole  => object_r,
        seltype  => puppet_etc_t,
        seluser  => system_u,
        content  => template($pt_server_key_erb),
        notify   => Service[$pt_db_service],
      }
    }
  }
}