Puppet Class: role::puppetmaster::standalone

Defined in:
modules/role/manifests/puppetmaster/standalone.pp

Overview

Parameters:

  • autosign (Boolean) (defaults to: false)
  • prevent_cherrypicks (Boolean) (defaults to: false)
  • git_sync_minutes (Integer[1,30]) (defaults to: 10)
  • extra_auth_rules (Optional[String]) (defaults to: undef)
  • server_name (Stdlib::Host) (defaults to: $facts['fqdn'])
  • enable_geoip (Boolean) (defaults to: false)
  • use_r10k (Boolean) (defaults to: false)
  • upload_facts (Boolean) (defaults to: false)
  • r10k_sources (Hash[String, Puppetmaster::R10k::Source]) (defaults to: {})
  • realm_override (Optional[String[1]]) (defaults to: undef) 


42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
 
# File 'modules/role/manifests/puppetmaster/standalone.pp', line 42

class role::puppetmaster::standalone(
    Boolean                                  $autosign            = false,
    Boolean                                  $prevent_cherrypicks = false,
    Integer[1,30]                            $git_sync_minutes    = 10,
    Optional[String]                         $extra_auth_rules    = undef,
    Stdlib::Host                             $server_name         = $facts['fqdn'],
    Boolean                                  $enable_geoip        = false,
    Boolean                                  $use_r10k            = false,
    Boolean                                  $upload_facts        = false,
    Hash[String, Puppetmaster::R10k::Source] $r10k_sources        = {},
    Optional[String[1]]                      $realm_override      = undef,
) {
    system::role { 'puppetmaster::standalone':
        description => 'Cloud VPS project puppetmaster',
    }

    include profile::openstack::base::puppetmaster::enc_client
    include profile::openstack::base::puppetmaster::stale_certs_exporter
    include profile::openstack::base::puppetmaster::safe_dirs
    # Sync swift rings
    class { 'profile::swift::fetch_rings':
        volatile_dir => '/var/lib/puppet/volatile',
    }

    $base_config = {
        'node_terminus'     => 'exec',
        'external_nodes'    => '/usr/local/bin/puppet-enc',
        'thin_storeconfigs' => false,
        'autosign'          => $autosign,
    }

    class {'profile::puppetmaster::common':
        base_config        => $base_config,
        disable_env_config => $use_r10k,
    }

    $config = $profile::puppetmaster::common::storeconfigs == 'puppetdb' ? {
        true    => $profile::puppetmaster::common::config + { 'thin_storeconfigs' => true },
        default => $profile::puppetmaster::common::config
    }

    class { 'httpd':
        remove_default_ports => true,
        modules              => [
            'proxy',
            'proxy_http',
            'proxy_balancer',
            'passenger',
            'rewrite',
            'lbmethod_byrequests',
        ],
    }
    ensure_packages('libapache2-mod-passenger')

    class { 'puppetmaster':
        server_name         => $server_name,
        secure_private      => false,
        prevent_cherrypicks => $prevent_cherrypicks,
        extra_auth_rules    => $extra_auth_rules,
        config              => $config,
        enable_geoip        => $enable_geoip,
        hiera_config        => $profile::puppetmaster::common::hiera_config,
        use_r10k            => $use_r10k,
        r10k_sources        => $r10k_sources,
        upload_facts        => $upload_facts,
        realm_override      => $realm_override,
    }

    # Update git checkout
    class { 'puppetmaster::gitsync':
        run_every_minutes => $git_sync_minutes,
    }

    class { 'puppetmaster::ca_monitoring':
        ca_root => "${facts['puppet_config']['master']['ssldir']}/ca",
    }

    ferm::service { 'puppetmaster-standalone':
        proto  => 'tcp',
        port   => 8140,
        srange => '$LABS_NETWORKS',
    }
}