Project

General

Profile

« Previous | Next » 

Revision b7eab059

Added by Michael Moll over 8 years ago

prepare support for more OSes & refactor few tests

View differences:

manifests/params.pp
include ::tftp::params
include ::puppet::params
case $::osfamily {
'RedHat': {
$plugin_prefix = 'rubygem-smart_proxy_'
$foreman_api_package = 'rubygem-apipie-bindings'
$dir = '/usr/share/foreman-proxy'
$etc = '/etc'
$shell = '/bin/false'
$user = 'foreman-proxy'
$puppetssh_command = '/usr/bin/puppet agent --onetime --no-usecacheonfailure'
$dhcp_config = '/etc/dhcp/dhcpd.conf'
$dhcp_leases = '/var/lib/dhcpd/dhcpd.leases'
$keyfile = '/etc/rndc.key'
$nsupdate = 'bind-utils'
$tftp_syslinux_filenames = ['/usr/share/syslinux/chain.c32',
'/usr/share/syslinux/menu.c32',
'/usr/share/syslinux/memdisk',
'/usr/share/syslinux/pxelinux.0']
}
'Debian': {
$plugin_prefix = 'ruby-smart-proxy-'
$foreman_api_package = 'ruby-apipie-bindings'
$dir = '/usr/share/foreman-proxy'
$etc = '/etc'
$shell = '/bin/false'
$user = 'foreman-proxy'
$puppetssh_command = '/usr/bin/puppet agent --onetime --no-usecacheonfailure'
$dhcp_config = '/etc/dhcp/dhcpd.conf'
$dhcp_leases = '/var/lib/dhcp/dhcpd.leases'
$keyfile = '/etc/bind/rndc.key'
$nsupdate = 'dnsutils'
if ($::operatingsystem == 'Debian') and (versioncmp($::operatingsystemrelease, '8.0') >= 0) or
($::operatingsystem == 'Ubuntu') and (versioncmp($::operatingsystemrelease, '14.10') >= 0) {
$tftp_syslinux_filenames = ['/usr/lib/PXELINUX/pxelinux.0',
'/usr/lib/syslinux/memdisk',
'/usr/lib/syslinux/modules/bios/chain.c32',
'/usr/lib/syslinux/modules/bios/ldlinux.c32',
'/usr/lib/syslinux/modules/bios/libutil.c32',
'/usr/lib/syslinux/modules/bios/menu.c32']
} else {
$tftp_syslinux_filenames = ['/usr/lib/syslinux/chain.c32',
'/usr/lib/syslinux/menu.c32',
'/usr/lib/syslinux/memdisk',
'/usr/lib/syslinux/pxelinux.0']
}
}
default: {
fail("${::hostname}: This module does not support osfamily ${::osfamily}")
}
}
# Packaging
$repo = 'stable'
$gpgcheck = true
$repo = 'stable'
$gpgcheck = true
# if set to true, no repo will be added by this module, letting you to
# set it to some custom location.
$custom_repo = false
$version = 'present'
$custom_repo = false
$version = 'present'
$plugin_version = 'installed'
# variables
$bind_host = '*'
$port = undef # deprecated in favor of $ssl_port/$http_port
$dir = '/usr/share/foreman-proxy'
$user = 'foreman-proxy'
$log = '/var/log/foreman-proxy/proxy.log'
$log_level = 'ERROR'
$port = undef # deprecated in favor of $ssl_port/$http_port
$log = '/var/log/foreman-proxy/proxy.log'
$log_level = 'ERROR'
$puppet_home = $puppet::params::vardir
# Enable listening on http
$http = false
$http = false
$http_port = '8000'
# Enable SSL, ensure proxy is added with "https://" protocol if true
$ssl = true
$ssl = true
$ssl_port = '8443'
# If CA is specified, remote Foreman host will be verified
$ssl_ca = "${puppet_home}/ssl/certs/ca.pem"
# Used to communicate to Foreman
$ssl_cert = "${puppet_home}/ssl/certs/${::fqdn}.pem"
$ssl_key = "${puppet_home}/ssl/private_keys/${::fqdn}.pem"
$ssl_key = "${puppet_home}/ssl/private_keys/${::fqdn}.pem"
$foreman_ssl_ca = undef
$foreman_ssl_ca = undef
$foreman_ssl_cert = undef
$foreman_ssl_key = undef
$foreman_ssl_key = undef
# Only hosts listed will be permitted, empty array to disable authorization
$trusted_hosts = [$::fqdn]
# Whether to manage File['/etc/sudoers.d'] or not. When reusing this module,
$sudoers = "${etc}/sudoers"
# Whether to manage File["$etc/sudoers.d"] or not. When reusing this module,
# this may be disabled to let a dedicated sudo module manage it instead.
$manage_sudoersd = true
......
$use_sudoersd = true
# puppet settings
$puppet_url = "https://${::fqdn}:8140"
$puppet_url = "https://${::fqdn}:8140"
$puppet_use_environment_api = undef
$puppet_use_cache = undef
$puppet_cache_location = '/var/cache/foreman-proxy'
# puppetca settings
$puppetca = true
$puppetca_listen_on = 'https'
$autosign_location = '/etc/puppet/autosign.conf'
$autosign_location = "${etc}/puppet/autosign.conf"
$puppetca_cmd = $puppet::params::puppetca_cmd
$puppet_group = 'puppet'
$ssldir = "${puppet_home}/ssl"
......
$puppetrun_listen_on = 'https'
$puppetrun_cmd = $puppet::params::puppetrun_cmd
$puppetrun_provider = undef
$customrun_cmd = '/bin/false'
$customrun_cmd = $shell
$customrun_args = '-ay -f -s'
$puppetssh_sudo = false
$puppetssh_command = '/usr/bin/puppet agent --onetime --no-usecacheonfailure'
$puppetssh_user = 'root'
$puppetssh_keyfile = '/etc/foreman-proxy/id_rsa'
$puppetssh_keyfile = "${etc}/foreman-proxy/id_rsa"
$puppetssh_wait = false
$puppet_user = 'root'
$salt_puppetrun_cmd = 'puppet.run'
......
$template_url = "http://${::fqdn}:${http_port}"
# TFTP settings - requires optional TFTP puppet module
$tftp = true
$tftp_listen_on = 'https'
$tftp = true
$tftp_listen_on = 'https'
$tftp_root = $tftp::params::root
$tftp_dirs = ["${tftp_root}/pxelinux.cfg","${tftp_root}/boot"]
$tftp_servername = undef
# TODO: remove these on the next major version bump
$tftp_syslinux_root = undef
$tftp_syslinux_files = undef
case $::osfamily {
'Debian': {
if ($::operatingsystem == 'Debian') and (versioncmp($::operatingsystemrelease, '8.0') >= 0) or
($::operatingsystem == 'Ubuntu') and (versioncmp($::operatingsystemrelease, '14.10') >= 0) {
$tftp_syslinux_filenames = ['/usr/lib/PXELINUX/pxelinux.0',
'/usr/lib/syslinux/memdisk',
'/usr/lib/syslinux/modules/bios/chain.c32',
'/usr/lib/syslinux/modules/bios/ldlinux.c32',
'/usr/lib/syslinux/modules/bios/libutil.c32',
'/usr/lib/syslinux/modules/bios/menu.c32']
} else {
$tftp_syslinux_filenames = ['/usr/lib/syslinux/chain.c32',
'/usr/lib/syslinux/menu.c32',
'/usr/lib/syslinux/memdisk',
'/usr/lib/syslinux/pxelinux.0']
}
}
default: {
$tftp_syslinux_filenames = ['/usr/share/syslinux/chain.c32',
'/usr/share/syslinux/menu.c32',
'/usr/share/syslinux/memdisk',
'/usr/share/syslinux/pxelinux.0']
}
}
$tftp_root = $tftp::params::root
$tftp_dirs = ["${tftp_root}/pxelinux.cfg","${tftp_root}/boot"]
$tftp_servername = undef
# DHCP settings - requires optional DHCP puppet module
$dhcp = false
$dhcp_listen_on = 'https'
......
$dhcp_key_name = undef
$dhcp_key_secret = undef
$dhcp_omapi_port = 7911
# DHCP server settings
case $::osfamily {
'Debian': {
$dhcp_vendor = 'isc'
$dhcp_config = '/etc/dhcp/dhcpd.conf'
$dhcp_leases = '/var/lib/dhcp/dhcpd.leases'
}
'RedHat': {
$dhcp_vendor = 'isc'
$dhcp_config = '/etc/dhcp/dhcpd.conf'
$dhcp_leases = '/var/lib/dhcpd/dhcpd.leases'
}
default: {
$dhcp_vendor = 'isc'
$dhcp_config = '/etc/dhcpd.conf'
$dhcp_leases = '/var/lib/dhcpd/dhcpd.leases'
}
}
$dhcp_vendor = 'isc'
# DNS settings - requires optional DNS puppet module
$dns = false
......
# localhost can resolve to ipv6 which ruby doesn't handle well
$dns_server = '127.0.0.1'
$dns_ttl = '86400'
$dns_tsig_keytab = '/etc/foreman-proxy/dns.keytab'
$dns_tsig_keytab = "${etc}/foreman-proxy/dns.keytab"
$dns_tsig_principal = "foremanproxy/${::fqdn}@${dns_realm}"
case $::osfamily {
'Debian': {
$keyfile = '/etc/bind/rndc.key'
$nsupdate = 'dnsutils'
}
default: {
$keyfile = '/etc/rndc.key'
$nsupdate = 'bind-utils'
}
}
$dns_forwarders = []
......
$realm = false
$realm_listen_on = 'https'
$realm_provider = 'freeipa'
$realm_keytab = '/etc/foreman-proxy/freeipa.keytab'
$realm_keytab = "${etc}/foreman-proxy/freeipa.keytab"
$realm_principal = 'realm-proxy@EXAMPLE.COM'
$freeipa_remove_dns = true
......
$oauth_effective_user = 'admin'
# OAuth credentials
# shares cached_data with the foreman module so they're the same
$oauth_consumer_key = cache_data('oauth_consumer_key', random_password(32))
$oauth_consumer_key = cache_data('oauth_consumer_key', random_password(32))
$oauth_consumer_secret = cache_data('oauth_consumer_secret', random_password(32))
$foreman_api_package = $::osfamily ? {
'Debian' => 'ruby-apipie-bindings',
default => 'rubygem-apipie-bindings',
}
case $::osfamily {
'RedHat': {
$plugin_prefix = 'rubygem-smart_proxy_'
}
'Debian': {
$plugin_prefix = 'ruby-smart-proxy-'
}
default: {
$plugin_prefix = 'smart_proxy_'
}
}
$puppet_use_cache = undef
$puppet_cache_location = '/var/cache/foreman-proxy'
}

Also available in: Unified diff