Puppet Class: profile::puppetdb::microservice

Defined in:
modules/profile/manifests/puppetdb/microservice.pp

Overview

Parameters:

  • enabled (Boolean) (defaults to: lookup('profile::puppetdb::microservice::enabled'))
  • port (Stdlib::Port) (defaults to: lookup('profile::puppetdb::microservice::port'))
  • uwsgi_port (Stdlib::Port) (defaults to: lookup('profile::puppetdb::microservice::uwsgi_port'))
  • allowed_hosts (Array[Stdlib::Host]) (defaults to: lookup('profile::puppetdb::microservice::allowed_hosts'))


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
# File 'modules/profile/manifests/puppetdb/microservice.pp', line 2

class profile::puppetdb::microservice (
    Boolean             $enabled       = lookup('profile::puppetdb::microservice::enabled'),
    Stdlib::Port        $port          = lookup('profile::puppetdb::microservice::port'),
    Stdlib::Port        $uwsgi_port    = lookup('profile::puppetdb::microservice::uwsgi_port'),
    Array[Stdlib::Host] $allowed_hosts = lookup('profile::puppetdb::microservice::allowed_hosts'),
) {
    $ssl_settings = ssl_ciphersuite('nginx', 'strong', true)
    $ensure = $enabled ? {
        false => 'absent',
        default => 'present',
    }
    $ferm_ensure = $allowed_hosts.empty? {
        false   => 'present',
        default => 'absent',
    }

    ensure_packages(['python3-flask'], {'ensure' => $ensure})

    nginx::site { 'puppetdb-microservice':
        ensure  => $ensure,
        content => template('profile/puppetdb/nginx-puppetdb-microservice.conf.erb'),
    }

    file { '/srv/puppetdb-microservice.py':
        ensure => $ensure,
        source => 'puppet:///modules/profile/puppetdb/puppetdb-microservice.py',
        owner  => 'root',
        mode   => '0644',
    }
    uwsgi::app { 'puppetdb-microservice':
        ensure   => $ensure,
        settings => {
            uwsgi => {
                'plugins'     => 'python3',
                'socket'      => '/run/uwsgi/puppetdb-microservice.sock',
                'file'        => '/srv/puppetdb-microservice.py',
                'callable'    => 'app',
                'http-socket' => "127.0.0.1:${uwsgi_port}",
            },
        },
    }
    ferm::service { 'puppetdb-microservice':
        ensure => $ferm_ensure,
        proto  => 'tcp',
        port   => $port,
        srange => "@resolve((${allowed_hosts.join(' ')}))",
    }
}