Puppet Class: profile::puppetdb::database

Defined in:
modules/profile/manifests/puppetdb/database.pp

Overview

Class profile::puppetdb::database

Sets up a puppetdb postgresql database.

Parameters:

  • master (Stdlib::Host) (defaults to: lookup('profile::puppetdb::master'))
  • shared_buffers (String) (defaults to: lookup('profile::puppetdb::database::shared_buffers'))
  • replication_password (String) (defaults to: lookup('puppetdb::password::replication'))
  • puppetdb_password (String) (defaults to: lookup('puppetdb::password::rw'))
  • users (Hash) (defaults to: lookup('profile::puppetdb::database::users'))
  • replication_lag_crit (Integer) (defaults to: lookup('profile::puppetdb::database::replication_lag_crit'))
  • replication_lag_warn (Integer) (defaults to: lookup('profile::puppetdb::database::replication_lag_warn'))
  • slaves (Optional[Array[Stdlib::Host]]) (defaults to: lookup('profile::puppetdb::slaves'))
  • ssldir (Optional[Stdlib::Unixpath]) (defaults to: lookup('profile::puppetdb::database::ssldir', {'default_value' => undef}))


5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# File 'modules/profile/manifests/puppetdb/database.pp', line 5

class profile::puppetdb::database(
    Stdlib::Host $master         = lookup('profile::puppetdb::master'),
    String $shared_buffers       = lookup('profile::puppetdb::database::shared_buffers'),
    String $replication_password = lookup('puppetdb::password::replication'),
    String $puppetdb_password    = lookup('puppetdb::password::rw'),
    Hash   $users                = lookup('profile::puppetdb::database::users'),
    Integer$replication_lag_crit = lookup('profile::puppetdb::database::replication_lag_crit'),
    Integer$replication_lag_warn = lookup('profile::puppetdb::database::replication_lag_warn'),
    Optional[Array[Stdlib::Host]] $slaves = lookup('profile::puppetdb::slaves'),
    Optional[Stdlib::Unixpath]    $ssldir = lookup('profile::puppetdb::database::ssldir',
                                                  {'default_value' => undef}),
) {
    $pgversion = $::lsbdistcodename ? {
        'buster'  => '11',
        'stretch' => '9.6',
    }
    $slave_range = join($slaves, ' ')

    $role = $master ? {
        $::fqdn => 'master',
        default => 'slave',
    }

    class { '::puppetmaster::puppetdb::database':
        master           => $master,
        pgversion        => $pgversion,
        shared_buffers   => $shared_buffers,
        replication_pass => $replication_password,
        puppetdb_pass    => $puppetdb_password,
        puppetdb_users   => $users,
        ssldir           => $ssldir,
    }

    if $role == 'slave' {
        class { 'postgresql::slave::monitoring':
            pg_master   => $master,
            pg_user     => 'replication',
            pg_password => $replication_password,
            pg_database => 'puppetdb',
            critical    => $replication_lag_crit,
            warning     => $replication_lag_warn,
        }
    }

    # Firewall rules
    # Allow connections from all the slaves
    ferm::service { 'postgresql_puppetdb':
        proto  => 'tcp',
        port   => 5432,
        srange => "@resolve((${slave_range}))",
    }
}