Revision fc17ce2d
Added by Michael Moll almost 8 years ago
README.md | ||
---|---|---|
|
||
## Compatibility
|
||
|
||
This module only supports Smart Proxy 1.11 or higher as of version 3.0, as the
|
||
This module only supports Smart Proxy 1.12 or higher as of version 4.0, as the
|
||
configuration layout changed significantly.
|
||
|
||
To configure older versions of the Smart Proxy (1.5 to 1.10), use version 2.x
|
||
of this module.
|
||
|
||
### 1.11 compatibility notes
|
||
|
||
* Puppet users must set `puppet_split_config_files => false` to keep a single
|
||
puppet.yml configuration file.
|
||
* If using the virsh DHCP/DNS provider, `libvirt_backend => "virsh"` must be set.
|
||
To configure older versions of the Smart Proxy use version 2.x of this module
|
||
for 1.5 to 1.10 and 3.x for 1.11.
|
||
|
||
# Contributing
|
||
|
manifests/config.pp | ||
---|---|---|
foreman_proxy::settings_file { ['dns_nsupdate', 'dns_nsupdate_gss']:
|
||
module => false,
|
||
}
|
||
if $::foreman_proxy::libvirt_backend == 'libvirt' {
|
||
foreman_proxy::settings_file { ['dns_libvirt', 'dhcp_libvirt']:
|
||
module => false,
|
||
}
|
||
foreman_proxy::settings_file { ['dns_libvirt', 'dhcp_libvirt']:
|
||
module => false,
|
||
}
|
||
foreman_proxy::settings_file { 'puppet':
|
||
enabled => $::foreman_proxy::puppet,
|
||
listen_on => $::foreman_proxy::puppet_listen_on,
|
||
}
|
||
if $::foreman_proxy::puppet_split_config_files {
|
||
foreman_proxy::settings_file { [
|
||
'puppet_proxy_customrun',
|
||
'puppet_proxy_legacy',
|
||
'puppet_proxy_mcollective',
|
||
'puppet_proxy_puppet_api',
|
||
'puppet_proxy_puppetrun',
|
||
'puppet_proxy_salt',
|
||
'puppet_proxy_ssh',
|
||
]:
|
||
module => false,
|
||
}
|
||
foreman_proxy::settings_file { [
|
||
'puppet_proxy_customrun',
|
||
'puppet_proxy_legacy',
|
||
'puppet_proxy_mcollective',
|
||
'puppet_proxy_puppet_api',
|
||
'puppet_proxy_puppetrun',
|
||
'puppet_proxy_salt',
|
||
'puppet_proxy_ssh',
|
||
]:
|
||
module => false,
|
||
}
|
||
foreman_proxy::settings_file { 'puppetca':
|
||
enabled => $::foreman_proxy::puppetca,
|
manifests/init.pp | ||
---|---|---|
# $puppet:: Enable Puppet module for environment imports and Puppet runs
|
||
# type:boolean
|
||
#
|
||
# $puppet_split_config_files:: Split Puppet configuration files. This is needed since version 1.12.
|
||
# type:boolean
|
||
#
|
||
# $puppet_listen_on:: Puppet feature to listen on https, http, or both
|
||
#
|
||
# $puppetrun_provider:: Provider for running/kicking Puppet agents
|
||
... | ... | |
# $dns_forwarders:: DNS forwarders
|
||
# type:array
|
||
#
|
||
# $libvirt_backend:: Backend of libvirt DNS/DHCP provider (virsh or libvirt)
|
||
#
|
||
# $libvirt_connection:: Connection string of libvirt DNS/DHCP provider (e.g. "qemu:///system")
|
||
#
|
||
# $libvirt_network:: Network for libvirt DNS/DHCP provider
|
||
... | ... | |
$puppetca_cmd = $foreman_proxy::params::puppetca_cmd,
|
||
$puppet_group = $foreman_proxy::params::puppet_group,
|
||
$puppet = $foreman_proxy::params::puppet,
|
||
$puppet_split_config_files = $foreman_proxy::params::puppet_split_config_files,
|
||
$puppet_listen_on = $foreman_proxy::params::puppet_listen_on,
|
||
$puppetrun_cmd = $foreman_proxy::params::puppetrun_cmd,
|
||
$puppetrun_provider = $foreman_proxy::params::puppetrun_provider,
|
||
... | ... | |
$dns_tsig_keytab = $foreman_proxy::params::dns_tsig_keytab,
|
||
$dns_tsig_principal = $foreman_proxy::params::dns_tsig_principal,
|
||
$dns_forwarders = $foreman_proxy::params::dns_forwarders,
|
||
$libvirt_backend = $foreman_proxy::params::libvirt_backend,
|
||
$libvirt_network = $foreman_proxy::params::libvirt_network,
|
||
$libvirt_connection = $foreman_proxy::params::libvirt_connection,
|
||
$bmc = $foreman_proxy::params::bmc,
|
||
... | ... | |
# lint:endignore
|
||
|
||
# Validate puppet params
|
||
validate_bool($puppet, $puppet_split_config_files, $puppetssh_wait)
|
||
validate_bool($puppet, $puppetssh_wait)
|
||
validate_string($ssldir, $puppetdir, $puppetca_cmd, $puppetrun_cmd)
|
||
validate_string($puppet_url, $puppet_ssl_ca, $puppet_ssl_cert, $puppet_ssl_key)
|
||
validate_string($mcollective_user, $salt_puppetrun_cmd)
|
||
... | ... | |
}
|
||
if $puppetrun_provider {
|
||
validate_string($puppetrun_provider)
|
||
if $puppetrun_provider == 'puppetssh' and $puppet_split_config_files {
|
||
$real_puppetrun_provider = 'ssh'
|
||
warning('foreman_proxy::puppetrun_provider should be "ssh", not "puppetssh" for 1.12 and above')
|
||
} else {
|
||
$real_puppetrun_provider = $puppetrun_provider
|
||
}
|
||
}
|
||
|
||
# Validate template params
|
||
... | ... | |
validate_array($dns_forwarders)
|
||
|
||
# Validate libvirt params
|
||
validate_re($libvirt_backend, '^(libvirt|virsh)$')
|
||
validate_string($libvirt_network, $libvirt_connection)
|
||
|
||
# Validate bmc params
|
manifests/params.pp | ||
---|---|---|
|
||
$keyfile = '/etc/bind/rndc.key'
|
||
$nsupdate = 'dnsutils'
|
||
if ($::operatingsystem == 'Debian') and (versioncmp($::operatingsystemrelease, '8.0') >= 0) or
|
||
($::operatingsystem == 'Ubuntu') and (versioncmp($::operatingsystemrelease, '14.10') >= 0) {
|
||
if $::operatingsystem == 'Ubuntu' and $::operatingsystemrelease == '14.04' {
|
||
$tftp_syslinux_filenames = ['/usr/lib/syslinux/chain.c32',
|
||
'/usr/lib/syslinux/mboot.c32',
|
||
'/usr/lib/syslinux/menu.c32',
|
||
'/usr/lib/syslinux/memdisk',
|
||
'/usr/lib/syslinux/pxelinux.0']
|
||
} else {
|
||
$tftp_syslinux_filenames = ['/usr/lib/PXELINUX/pxelinux.0',
|
||
'/usr/lib/syslinux/memdisk',
|
||
'/usr/lib/syslinux/modules/bios/chain.c32',
|
||
... | ... | |
'/usr/lib/syslinux/modules/bios/libutil.c32',
|
||
'/usr/lib/syslinux/modules/bios/mboot.c32',
|
||
'/usr/lib/syslinux/modules/bios/menu.c32']
|
||
} else {
|
||
$tftp_syslinux_filenames = ['/usr/lib/syslinux/chain.c32',
|
||
'/usr/lib/syslinux/mboot.c32',
|
||
'/usr/lib/syslinux/menu.c32',
|
||
'/usr/lib/syslinux/memdisk',
|
||
'/usr/lib/syslinux/pxelinux.0']
|
||
}
|
||
}
|
||
/^(FreeBSD|DragonFly)$/: {
|
||
... | ... | |
|
||
# puppetrun settings
|
||
$puppet = true
|
||
$puppet_split_config_files = true
|
||
$puppet_listen_on = 'https'
|
||
|
||
$puppetrun_cmd = $puppet::params::puppetrun_cmd
|
||
... | ... | |
$dns_forwarders = []
|
||
|
||
# libvirt options
|
||
$libvirt_backend = 'libvirt'
|
||
$libvirt_connection = 'qemu:///system'
|
||
$libvirt_network = 'default'
|
||
|
metadata.json | ||
---|---|---|
{
|
||
"name": "theforeman-foreman_proxy",
|
||
"version": "3.0.1",
|
||
"version": "4.0.0",
|
||
"author": "theforeman",
|
||
"summary": "Foreman Smart Proxy configuration",
|
||
"license": "GPL-3.0+",
|
||
... | ... | |
{
|
||
"operatingsystem": "Fedora",
|
||
"operatingsystemrelease": [
|
||
"21"
|
||
"24"
|
||
]
|
||
},
|
||
{
|
||
"operatingsystem": "Debian",
|
||
"operatingsystemrelease": [
|
||
"7",
|
||
"8"
|
||
]
|
||
},
|
||
{
|
||
"operatingsystem": "Ubuntu",
|
||
"operatingsystemrelease": [
|
||
"12.04",
|
||
"14.04",
|
||
"16.04"
|
||
]
|
spec/classes/foreman_proxy__config__spec.rb | ||
---|---|---|
end
|
||
|
||
if facts[:osfamily] == 'Debian'
|
||
case facts[:operatingsystemmajrelease]
|
||
when '7'
|
||
it 'should copy the correct default files for Debian 7' do
|
||
if facts[:operatingsystem] == 'Ubuntu' && facts[:operatingsystemrelease] == '14.04'
|
||
it 'should copy the correct default files for Ubuntu 14.04' do
|
||
should contain_foreman_proxy__tftp__copy_file('/usr/lib/syslinux/chain.c32')
|
||
should contain_foreman_proxy__tftp__copy_file('/usr/lib/syslinux/mboot.c32')
|
||
should contain_foreman_proxy__tftp__copy_file('/usr/lib/syslinux/menu.c32')
|
||
should contain_foreman_proxy__tftp__copy_file('/usr/lib/syslinux/memdisk')
|
||
should contain_foreman_proxy__tftp__copy_file('/usr/lib/syslinux/pxelinux.0')
|
||
end
|
||
when '8'
|
||
it 'should copy the correct default files for Debian 8' do
|
||
else
|
||
it 'should copy the correct default files for newer Debian/Ubuntu versions' do
|
||
should contain_foreman_proxy__tftp__copy_file('/usr/lib/PXELINUX/pxelinux.0')
|
||
should contain_foreman_proxy__tftp__copy_file('/usr/lib/syslinux/memdisk')
|
||
should contain_foreman_proxy__tftp__copy_file('/usr/lib/syslinux/modules/bios/chain.c32')
|
||
... | ... | |
end
|
||
end
|
||
|
||
context 'when puppetrun_provider => ssh and user/key overridden' do
|
||
context 'when puppetrun_provider => ssh' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
puppetrun_provider => "ssh",
|
||
puppetssh_user => "example",
|
||
puppetssh_keyfile => "/home/example/.ssh/id_rsa",
|
||
}'
|
||
end
|
||
|
||
... | ... | |
':use_provider: puppet_proxy_ssh',
|
||
])
|
||
end
|
||
|
||
it 'should set puppetssh_user and puppetssh_keyfile' do
|
||
verify_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/puppet_proxy_ssh.yml", [
|
||
':user: example',
|
||
':keyfile: /home/example/.ssh/id_rsa',
|
||
])
|
||
end
|
||
end
|
||
|
||
context 'when puppetrun_provider => puppetssh' do
|
||
context 'when puppetrun_provider => ssh and user/key overridden' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
puppetrun_provider => "puppetssh",
|
||
puppetrun_provider => "ssh",
|
||
puppetssh_user => "example",
|
||
puppetssh_keyfile => "/home/example/.ssh/id_rsa",
|
||
}'
|
||
end
|
||
|
||
it 'should set provider to puppet_proxy_ssh' do
|
||
verify_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/puppet.yml", [
|
||
':use_provider: puppet_proxy_ssh',
|
||
it 'should set puppetssh_user and puppetssh_keyfile' do
|
||
verify_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/puppet_proxy_ssh.yml", [
|
||
':user: example',
|
||
':keyfile: /home/example/.ssh/id_rsa',
|
||
])
|
||
end
|
||
end
|
||
... | ... | |
])
|
||
end
|
||
end
|
||
|
||
context 'when libvirt_backend => virsh' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
libvirt_backend => "virsh",
|
||
libvirt_network => "mynet",
|
||
}'
|
||
end
|
||
|
||
it 'should generate correct settings.yml' do
|
||
verify_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.yml", [
|
||
':virsh_network: mynet',
|
||
])
|
||
end
|
||
|
||
it "should not manage libvirt backend config files" do
|
||
should_not contain_file("#{etc_dir}/foreman-proxy/settings.d/dhcp_libvirt.yml")
|
||
should_not contain_file("#{etc_dir}/foreman-proxy/settings.d/dns_libvirt.yml")
|
||
end
|
||
end
|
||
|
||
context 'with puppet_split_config_files => false' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
puppet_split_config_files => false,
|
||
}'
|
||
end
|
||
|
||
it 'should generate correct puppet.yml' do
|
||
verify_exact_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/puppet.yml", [
|
||
'---',
|
||
':enabled: https',
|
||
":puppet_conf: #{etc_dir}/puppet/puppet.conf",
|
||
":customrun_cmd: #{shell}",
|
||
':customrun_args: -ay -f -s',
|
||
':puppetssh_sudo: false',
|
||
":puppetssh_command: #{usr_dir}/bin/puppet agent --onetime --no-usecacheonfailure",
|
||
':puppetssh_wait: false',
|
||
":puppet_url: https://#{facts[:fqdn]}:8140",
|
||
":puppet_ssl_ca: #{var_dir}/ssl/certs/ca.pem",
|
||
":puppet_ssl_cert: #{var_dir}/ssl/certs/#{facts[:fqdn]}.pem",
|
||
":puppet_ssl_key: #{var_dir}/ssl/private_keys/#{facts[:fqdn]}.pem",
|
||
])
|
||
end
|
||
|
||
context 'with pupppetrun_provider set to mcollective' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
puppet => true,
|
||
puppet_split_config_files => false,
|
||
puppetrun_provider => "mcollective",
|
||
}'
|
||
end
|
||
|
||
it 'should contain mcollective as puppet_provider and mcollective_user as root' do
|
||
verify_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/puppet.yml", [
|
||
':puppet_provider: mcollective',
|
||
':mcollective_user: root',
|
||
])
|
||
end
|
||
end
|
||
|
||
context 'when puppetrun_provider => puppetrun' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
puppet_split_config_files => false,
|
||
puppetrun_provider => "puppetrun",
|
||
}'
|
||
end
|
||
|
||
it 'should contain puppetrun as puppet_provider and puppet_user as root' do
|
||
verify_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/puppet.yml", [
|
||
':puppet_provider: puppetrun',
|
||
':puppet_user: root',
|
||
])
|
||
end
|
||
end
|
||
|
||
context 'when puppetrun_provider => puppetssh' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
puppet_split_config_files => false,
|
||
puppetrun_provider => "puppetssh",
|
||
}'
|
||
end
|
||
|
||
it 'should set provider to puppetssh' do
|
||
verify_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/puppet.yml", [
|
||
':puppet_provider: puppetssh',
|
||
])
|
||
end
|
||
|
||
it 'should set puppetssh_user and puppetssh_keyfile' do
|
||
verify_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/puppet.yml", [
|
||
':puppetssh_user: root',
|
||
":puppetssh_keyfile: #{etc_dir}/foreman-proxy/id_rsa",
|
||
])
|
||
end
|
||
end
|
||
|
||
context 'when puppetrun_provider => salt' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
puppet_split_config_files => false,
|
||
puppetrun_provider => "salt",
|
||
}'
|
||
end
|
||
|
||
it 'should contain salt as puppet_provider and salt_puppetrun_cmd' do
|
||
verify_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/puppet.yml", [
|
||
':puppet_provider: salt',
|
||
':salt_puppetrun_cmd: puppet.run',
|
||
])
|
||
end
|
||
end
|
||
|
||
context 'when puppet_use_environment_api set' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
puppet_split_config_files => false,
|
||
puppet_use_environment_api => false,
|
||
}'
|
||
end
|
||
|
||
it 'should set puppet_use_environment_api' do
|
||
verify_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/puppet.yml", [
|
||
':puppet_use_environment_api: false',
|
||
])
|
||
end
|
||
end
|
||
|
||
context 'with puppet use_cache enabled' do
|
||
let :pre_condition do
|
||
'class {"foreman_proxy":
|
||
puppet_split_config_files => false,
|
||
puppet_use_cache => true,
|
||
}'
|
||
end
|
||
|
||
it 'should set use_cache' do
|
||
verify_contents(catalogue, "#{etc_dir}/foreman-proxy/settings.d/puppet.yml", [
|
||
':use_cache: true',
|
||
])
|
||
end
|
||
end
|
||
end
|
||
end
|
||
end
|
||
end
|
templates/dhcp.yml.erb | ||
---|---|---|
:enabled: <%= @module_enabled %>
|
||
|
||
# valid providers:
|
||
# - <%= "dhcp_" %>isc (ISC dhcp server)
|
||
# - <%= "dhcp_" %>native_ms (Microsoft native implementation)
|
||
# - <%= "dhcp_" %><%= scope.lookupvar("foreman_proxy::libvirt_backend") %> (dnsmasq via libvirt)
|
||
# - dhcp_isc (ISC dhcp server)
|
||
# - dhcp_native_ms (Microsoft native implementation)
|
||
# - dhcp_libvirt (dnsmasq via libvirt)
|
||
:use_provider: dhcp_<%= scope.lookupvar("foreman_proxy::dhcp_provider") %>
|
||
:server: <%= scope.lookupvar("foreman_proxy::dhcp_server") %>
|
||
# subnets restricts the subnets queried to a subset, to reduce the query time.
|
templates/dns.yml.erb | ||
---|---|---|
# DNS management
|
||
:enabled: <%= @module_enabled %>
|
||
# valid providers:
|
||
# <%= "dns_" %>dnscmd (Microsoft Windows native implementation)
|
||
# <%= "dns_" %>nsupdate
|
||
# <%= "dns_" %>nsupdate_gss (for GSS-TSIG support)
|
||
# <%= "dns_" %><%= scope.lookupvar("foreman_proxy::libvirt_backend") %> (dnsmasq via libvirt)
|
||
# dns_dnscmd (Microsoft Windows native implementation)
|
||
# dns_nsupdate
|
||
# dns_nsupdate_gss (for GSS-TSIG support)
|
||
# dns_libvirt (dnsmasq via libvirt)
|
||
:use_provider: dns_<%= scope.lookupvar("foreman_proxy::dns_provider") %>
|
||
# use this setting if you want to override default TTL setting (86400)
|
||
:dns_ttl: <%= scope.lookupvar("foreman_proxy::dns_ttl") %>
|
templates/puppet.yml.erb | ||
---|---|---|
---
|
||
<% split_files = scope.lookupvar("foreman_proxy::puppet_split_config_files") -%>
|
||
# Puppet management
|
||
:enabled: <%= @module_enabled %>
|
||
# valid providers:
|
||
# <%= "puppet_proxy_" if split_files %>puppetrun (for puppetrun/kick, deprecated in Puppet 3)
|
||
# <%= "puppet_proxy_" if split_files %>mcollective (uses mco puppet)
|
||
<% if split_files -%>
|
||
# puppet_proxy_puppetrun (for puppetrun/kick, deprecated in Puppet 3)
|
||
# puppet_proxy_mcollective (uses mco puppet)
|
||
# puppet_proxy_ssh (run puppet over ssh)
|
||
# puppet_proxy_salt (uses salt puppet.run)
|
||
# puppet_proxy_customrun (calls a custom command with args)
|
||
<% unless [nil, :undefined, :undef, ''].include?(scope.lookupvar("foreman_proxy::puppetrun_provider")) -%>
|
||
:use_provider: puppet_proxy_<%= scope.lookupvar("foreman_proxy::puppetrun_provider") %>
|
||
<% else -%>
|
||
# puppetssh (run puppet over ssh)
|
||
<% end -%>
|
||
# <%= "puppet_proxy_" if split_files %>salt (uses salt puppet.run)
|
||
# <%= "puppet_proxy_" if split_files %>customrun (calls a custom command with args)
|
||
<% unless [nil, :undefined, :undef, ''].include?(scope.lookupvar("foreman_proxy::real_puppetrun_provider")) -%>
|
||
:<%= split_files ? 'use' : 'puppet' %>_provider: <%= "puppet_proxy_" if split_files %><%= scope.lookupvar("foreman_proxy::real_puppetrun_provider") %>
|
||
<% else -%>
|
||
#:<%= split_files ? 'use' : 'puppet' %>_provider: <%= "puppet_proxy_" if split_files %>puppetrun
|
||
#:use_provider: puppet_proxy_puppetrun
|
||
<% end -%>
|
||
|
||
<% if split_files -%>
|
||
:puppet_version: <%= @puppetversion %>
|
||
<% else -%>
|
||
:puppet_conf: <%= scope.lookupvar("foreman_proxy::puppetdir") %>/puppet.conf
|
||
|
||
# customrun command details
|
||
# Set :customrun_cmd to the full path of the script you want to run, instead of /bin/false
|
||
:customrun_cmd: <%= scope.lookupvar("foreman_proxy::customrun_cmd") %>
|
||
# Set :customrun_args to any args you want to pass to your custom script. The hostname of the
|
||
# system to run against will be appended after the custom commands.
|
||
:customrun_args: <%= scope.lookupvar("foreman_proxy::customrun_args") %>
|
||
|
||
# whether to use sudo before the ssh command
|
||
:puppetssh_sudo: <%= scope.lookupvar("foreman_proxy::puppetssh_sudo") %>
|
||
# the command which will be sent to the host
|
||
:puppetssh_command: <%= scope.lookupvar("foreman_proxy::puppetssh_command") %>
|
||
# wait for the command to finish (and capture exit code), or detach process and return 0
|
||
# Note: enabling this option causes the Foreman web UI to be blocked when executing puppetrun,
|
||
# with timeout from the Browser and/or Foreman's REST client after 60 seconds.
|
||
:puppetssh_wait: <%= scope.lookupvar("foreman_proxy::puppetssh_wait") %>
|
||
# With which user should the proxy connect
|
||
<% if scope.lookupvar("foreman_proxy::puppetrun_provider") == 'puppetssh' -%>
|
||
:puppetssh_user: <%= scope.lookupvar("foreman_proxy::puppetssh_user") %>
|
||
:puppetssh_keyfile: <%= scope.lookupvar("foreman_proxy::puppetssh_keyfile") %>
|
||
<% else -%>
|
||
#:puppetssh_user: root
|
||
#:puppetssh_keyfile: /etc/foreman-proxy/id_rsa
|
||
<% end -%>
|
||
|
||
# Custom salt puppet.run command
|
||
# Set :salt_puppetrun_cmd to 'puppet.run agent no-noop' to run in no-noop mode.
|
||
# Default command is puppet.run
|
||
<% if scope.lookupvar("foreman_proxy::puppetrun_provider") == 'salt' -%>
|
||
:salt_puppetrun_cmd: <%= scope.lookupvar("foreman_proxy::salt_puppetrun_cmd") %>
|
||
<% else -%>
|
||
#:salt_puppetrun_cmd: puppet.run
|
||
<% end -%>
|
||
|
||
# Which user to invoke sudo as to run puppet commands
|
||
<% if scope.lookupvar("foreman_proxy::puppetrun_provider") == 'puppetrun' -%>
|
||
:puppet_user: <%= scope.lookupvar("foreman_proxy::puppet_user") %>
|
||
<% else -%>
|
||
#:puppet_user: root
|
||
<% end -%>
|
||
|
||
# If you want to override the puppet_user above just for mco commands
|
||
<% if scope.lookupvar("foreman_proxy::puppetrun_provider") == 'mcollective' -%>
|
||
:mcollective_user: <%= scope.lookupvar("foreman_proxy::mcollective_user") %>
|
||
<% else -%>
|
||
#:mcollective_user: peadmin
|
||
<% end -%>
|
||
|
||
# URL of the puppet master itself for API requests
|
||
:puppet_url: <%= scope.lookupvar("foreman_proxy::puppet_url") %>
|
||
# SSL certificates used to access the puppet master API
|
||
:puppet_ssl_ca: <%= scope.lookupvar("foreman_proxy::puppet_ssl_ca") %>
|
||
:puppet_ssl_cert: <%= scope.lookupvar("foreman_proxy::puppet_ssl_cert") %>
|
||
:puppet_ssl_key: <%= scope.lookupvar("foreman_proxy::puppet_ssl_key") %>
|
||
|
||
# Override use of Puppet's API to list environments, by default it will use only if
|
||
# environmentpath is given in puppet.conf, else will look for environments in puppet.conf
|
||
<% if [nil, :undefined, :undef].include?(scope.lookupvar("foreman_proxy::puppet_use_environment_api")) %>
|
||
#:puppet_use_environment_api: true
|
||
<% else %>
|
||
:puppet_use_environment_api: <%= scope.lookupvar("foreman_proxy::puppet_use_environment_api") %>
|
||
<% end %>
|
||
|
||
# Cache options
|
||
<% if [nil, :undefined, :undef].include?(scope.lookupvar("foreman_proxy::puppet_use_cache")) -%>
|
||
#:use_cache: true
|
||
<% else -%>
|
||
:use_cache: <%= scope.lookupvar("foreman_proxy::puppet_use_cache") %>
|
||
<% end -%>
|
||
<% end -%>
|
templates/settings.yml.erb | ||
---|---|---|
# default values for https_port is 8443
|
||
<%= '#' unless ssl -%>:https_port: <%= scope.lookupvar("foreman_proxy::ssl_port") %>
|
||
<%= '#' unless http -%>:http_port: <%= scope.lookupvar("foreman_proxy::http_port") %>
|
||
<%- if scope.lookupvar('foreman_proxy::libvirt_backend') == 'virsh' -%>
|
||
# shared options for virsh DNS/DHCP provider
|
||
:virsh_network: <%= scope.lookupvar('foreman_proxy::libvirt_network') %>
|
||
<%- end -%>
|
||
# Log configuration
|
||
# Uncomment and modify if you want to change the location of the log file or use STDOUT or SYSLOG values
|
||
:log_file: <%= scope.lookupvar("foreman_proxy::log") %>
|
Also available in: Unified diff
remove formerly deprecated parameters and code (#257)
- remove libvirt_backend parameter
- remove puppet_split_config_files parameter
- remove unneeded ERB in dhcp.yml and dns.yml template
- mark Fedora 24 supported instead of Fedora 21
- remove Debian 7 (wheezy) support
- remove Ubuntu 12.04 (precise) support