Puppet Class: profile::puppetmaster::common

Defined in:
modules/profile/manifests/puppetmaster/common.pp

Summary

Shared profile for front- and back-end puppetmasters.

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • base_config (Hash) (defaults to: lookup('profile::puppetmaster::common::base_config'))

    Dict merged with front- or back- specifics and then passed to ::puppetmaster as $config

  • storeconfigs (Enum['puppetdb', 'none']) (defaults to: lookup('profile::puppetmaster::common::storeconfigs'))

    Accepts values of 'puppetdb', 'activerecord', and 'none'

  • puppetdb_hosts (Array[Stdlib::Host]) (defaults to: lookup('profile::puppetmaster::common::puppetdb_hosts'))

    list of puppetdb hosts

  • puppetdb_port (Stdlib::Port) (defaults to: lookup('profile::puppetmaster::common::puppetdb_port'))

    The port to connect to

  • command_broadcast (Boolean) (defaults to: lookup('profile::puppetmaster::common::command_broadcast'))
  • ssl_verify_depth (Integer[1,2]) (defaults to: lookup('profile::puppetmaster::common::ssl_verify_depth'))

    ssl verify depth

  • netbox_hiera_enable (Boolean) (defaults to: lookup('profile::puppetmaster::common::netbox_hiera_enable'))

    add the netbox-hiera repo

  • reports (Array[Puppetmaster::Report]) (defaults to: lookup('profile::puppetmaster::common::reports'))

    list of puppet reports

  • enable_merge_cli (Boolean) (defaults to: lookup('profile::puppetmaster::common::enable_merge_cli'))

    whether to use the puppet-merge tool to manage git updates

  • hiera_config (String[1]) (defaults to: lookup('profile::puppetmaster::common::hiera_config'))

    which hiera configuration file to use

  • disable_env_config (Boolean) (defaults to: lookup('profile::puppetmaster::common::disable_env_config'))

    disable environments config

  • puppetdb_submit_only_hosts (Array[Stdlib::HTTPSUrl]) (defaults to: lookup('profile::puppetmaster::common::puppetdb_submit_only_hosts')) 


16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
 
# File 'modules/profile/manifests/puppetmaster/common.pp', line 16

class profile::puppetmaster::common (
    Hash         $base_config              = lookup('profile::puppetmaster::common::base_config'),
    Boolean      $command_broadcast        = lookup('profile::puppetmaster::common::command_broadcast'),
    Integer[1,2] $ssl_verify_depth         = lookup('profile::puppetmaster::common::ssl_verify_depth'),
    Boolean      $netbox_hiera_enable      = lookup('profile::puppetmaster::common::netbox_hiera_enable'),
    Boolean      $enable_merge_cli         = lookup('profile::puppetmaster::common::enable_merge_cli'),
    Boolean      $disable_env_config       = lookup('profile::puppetmaster::common::disable_env_config'),
    String[1]    $hiera_config             = lookup('profile::puppetmaster::common::hiera_config'),
    Enum['puppetdb', 'none'] $storeconfigs = lookup('profile::puppetmaster::common::storeconfigs'),
    Array[Puppetmaster::Report] $reports   = lookup('profile::puppetmaster::common::reports'),
    Array[Stdlib::Host] $puppetdb_hosts    = lookup('profile::puppetmaster::common::puppetdb_hosts'),
    Stdlib::Port        $puppetdb_port     = lookup('profile::puppetmaster::common::puppetdb_port'),
    Array[Stdlib::HTTPSUrl] $puppetdb_submit_only_hosts = lookup('profile::puppetmaster::common::puppetdb_submit_only_hosts'),
) {
    $env_config = $disable_env_config ? {
        true    => {},
        default => {
            'environmentpath'  => '$confdir/environments',
            'default_manifest' => '$confdir/manifests',
        }
    }

    $activerecord_config =   {
        'storeconfigs'      => true,
        'thin_storeconfigs' => true,
    }

    $puppetdb_config = {
        storeconfigs         => true,
        storeconfigs_backend => 'puppetdb',
        reports              => $reports.join(','),
    }

    if $storeconfigs == 'puppetdb' {
        class { 'puppetmaster::puppetdb::client':
            hosts             => $puppetdb_hosts,
            port              => $puppetdb_port,
            command_broadcast => $command_broadcast,
            submit_only_hosts => $puppetdb_submit_only_hosts,
        }
        $config = merge($base_config, $puppetdb_config, $env_config)
    } else {
        $config = merge($base_config, $env_config)
    }

    # Don't attempt to use puppet-master service, we're using passenger.
    # TODO: I think we can probably drop this need to check for jessie pms in cloud
    service { 'puppet-master':
        ensure  => stopped,
        enable  => false,
        require => Package['puppet'],
    }

    # Clean up facts for idle hosts. This is just a cache so there's no danger of
    #  premature deletion.
    systemd::timer::job { 'puppet_fact_cleanup':
        ensure      => absent,
        description => 'clean up fact cache for absent hosts',
        user        => 'puppet',
        command     => "/usr/bin/findĀ  /var/lib/puppet/yaml -mtime +7 -exec rm {} \\;",
        interval    => {'start' => 'OnCalendar', 'interval' => 'daily'},
    }

    # Clean up reports for idle hosts. This is just a cache so there's no danger of
    #  premature deletion.
    systemd::timer::job { 'puppet_report_cleanup':
        ensure      => absent,
        description => 'clean up puppet reports cache for absent hosts',
        user        => 'puppet',
        command     => "/usr/bin/findĀ  /var/lib/puppet/reports -mtime +14 -exec rm {} \\;",
        interval    => {'start' => 'OnCalendar', 'interval' => 'daily'},
    }

    include profile::ssh::ca
}