puppet-foreman_proxy_content/manifests/init.pp @ 6c2f9717
df8a7710 | Ivan Nečas | # Configure the node
|
|
#
|
|||
# === Parameters:
|
|||
#
|
|||
# $parent_fqdn:: fqdn of the parent node. REQUIRED
|
|||
#
|
|||
# $certs_tar:: path to a tar with certs for the node
|
|||
#
|
|||
# $pulp:: should Pulp be configured on the node
|
|||
# type:boolean
|
|||
#
|
|||
# $pulp_admin_password:: passowrd for the Pulp admin user.It should be left blank so that random password is generated
|
|||
#
|
|||
# $pulp_oauth_effective_user:: User to be used for Pulp REST interaction
|
|||
#
|
|||
# $pulp_oauth_key:: OAuth key to be used for Pulp REST interaction
|
|||
#
|
|||
# $pulp_oauth_secret:: OAuth secret to be used for Pulp REST interaction
|
|||
#
|
|||
# $foreman_proxy_port:: Port on which will foreman proxy listen
|
|||
# type:integer
|
|||
#
|
|||
# $puppet:: Use puppet
|
|||
# type:boolean
|
|||
#
|
|||
# $puppetca:: Use puppet ca
|
|||
# type:boolean
|
|||
#
|
|||
# $tftp:: Use TFTP
|
|||
# type:boolean
|
|||
#
|
|||
# $tftp_servername:: Defines the TFTP server name to use, overrides the name in the subnet declaration
|
|||
#
|
|||
# $dhcp:: Use DHCP
|
|||
# type:boolean
|
|||
#
|
|||
# $dhcp_interface:: DHCP listen interface
|
|||
#
|
|||
# $dhcp_gateway:: DHCP pool gateway
|
|||
#
|
|||
# $dhcp_range:: Space-separated DHCP pool range
|
|||
#
|
|||
# $dhcp_nameservers:: DHCP nameservers
|
|||
#
|
|||
# $dns:: Use DNS
|
|||
# type:boolean
|
|||
#
|
|||
# $dns_zone:: DNS zone name
|
|||
#
|
|||
# $dns_reverse:: DNS reverse zone name
|
|||
#
|
|||
# $dns_interface:: DNS interface
|
|||
#
|
|||
# $dns_forwarders:: DNS forwarders
|
|||
# type:array
|
|||
#
|
|||
# $register_in_foreman:: Register proxy back in Foreman
|
|||
# type:boolean
|
|||
#
|
|||
# $foreman_oauth_effective_user:: User to be used for Foreman REST interaction
|
|||
#
|
|||
# $foreman_oauth_key:: OAuth key to be used for Foreman REST interaction
|
|||
#
|
|||
# $foreman_oauth_secret:: OAuth secret to be used for Foreman REST interaction
|
|||
#
|
|||
#
|
|||
class capsule (
|
|||
$parent_fqdn = $capsule::params::parent_fqdn,
|
|||
$certs_tar = $capsule::params::certs_tar,
|
|||
$pulp = $capsule::params::pulp,
|
|||
$pulp_admin_password = $capsule::params::pulp_admin_password,
|
|||
$pulp_oauth_effective_user = $capsule::params::pulp_oauth_effective_user,
|
|||
$pulp_oauth_key = $capsule::params::pulp_oauth_key,
|
|||
$pulp_oauth_secret = $capsule::params::pulp_oauth_secret,
|
|||
$foreman_proxy_port = $capsule::params::foreman_proxy_port,
|
|||
$puppet = $capsule::params::puppet,
|
|||
$puppetca = $capsule::params::puppetca,
|
|||
$tftp = $capsule::params::tftp,
|
|||
$tftp_servername = $capsule::params::tftp_servername,
|
|||
$dhcp = $capsule::params::dhcp,
|
|||
$dhcp_interface = $capsule::params::dhcp_interface,
|
|||
$dhcp_gateway = $capsule::params::dhcp_gateway,
|
|||
$dhcp_range = $capsule::params::dhcp_range,
|
|||
$dhcp_nameservers = $capsule::params::dhcp_nameservers,
|
|||
$dns = $capsule::params::dns,
|
|||
$dns_zone = $capsule::params::dns_zone,
|
|||
$dns_reverse = $capsule::params::dns_reverse,
|
|||
$dns_interface = $capsule::params::dns_interface,
|
|||
$dns_forwarders = $capsule::params::dns_forwarders,
|
|||
$register_in_foreman = $capsule::params::register_in_foreman,
|
|||
$foreman_oauth_effective_user = $capsule::params::foreman_oauth_effective_user,
|
|||
$foreman_oauth_key = $capsule::params::foreman_oauth_key,
|
|||
$foreman_oauth_secret = $capsule::params::foreman_oauth_secret
|
|||
) inherits capsule::params {
|
|||
8b15d7e6 | Ivan Nečas | validate_present($capsule::parent_fqdn)
|
|
df8a7710 | Ivan Nečas | ||
if $pulp {
|
|||
validate_pulp($pulp)
|
|||
validate_present($pulp_oauth_secret)
|
|||
}
|
|||
eb7a2c55 | Ivan Nečas | $capsule_fqdn = $::fqdn
|
|
8b15d7e6 | Ivan Nečas | $foreman_url = "https://${parent_fqdn}"
|
|
df8a7710 | Ivan Nečas | ||
if $register_in_foreman {
|
|||
validate_present($foreman_oauth_secret)
|
|||
}
|
|||
if $pulp {
|
|||
09fd7d98 | Ivan Nečas | class { 'certs::apache':
|
|
hostname => $capsule_fqdn
|
|||
}
|
|||
e04cffee | Ivan Nečas | class { 'certs::qpid': } ~>
|
|
df8a7710 | Ivan Nečas | class { 'pulp':
|
|
e04cffee | Ivan Nečas | default_password => $pulp_admin_password,
|
|
oauth_key => $pulp_oauth_key,
|
|||
oauth_secret => $pulp_oauth_secret,
|
|||
qpid_ssl_cert_db => $certs::nss_db_dir,
|
|||
qpid_ssl_cert_password_file => $certs::qpid::nss_db_password_file,
|
|||
messaging_ca_cert => $certs::ca_cert,
|
|||
messaging_client_cert => $certs::params::messaging_client_cert
|
|||
eb7a2c55 | Ivan Nečas | } ~>
|
|
df8a7710 | Ivan Nečas | class { 'pulp::child':
|
|
parent_fqdn => $parent_fqdn,
|
|||
oauth_effective_user => $pulp_oauth_effective_user,
|
|||
oauth_key => $pulp_oauth_key,
|
|||
oauth_secret => $pulp_oauth_secret
|
|||
}
|
|||
eb7a2c55 | Ivan Nečas | ||
class { 'certs::pulp_child':
|
|||
hostname => $capsule_fqdn,
|
|||
notify => [ Class['pulp'], Class['pulp::child'] ],
|
|||
}
|
|||
df8a7710 | Ivan Nečas | }
|
|
if $puppet {
|
|||
09fd7d98 | Ivan Nečas | class { 'certs::puppet':
|
|
hostname => $capsule_fqdn
|
|||
} ~>
|
|||
8b15d7e6 | Ivan Nečas | class { 'puppet':
|
|
df8a7710 | Ivan Nečas | server => true,
|
|
server_foreman_url => $foreman_url,
|
|||
server_foreman_ssl_cert => $::certs::puppet::client_cert,
|
|||
server_foreman_ssl_key => $::certs::puppet::client_key,
|
|||
d8c04f97 | Eric D. Helms | server_foreman_ssl_ca => $::certs::puppet::client_ca_cert,
|
|
df8a7710 | Ivan Nečas | server_storeconfigs_backend => false,
|
|
server_dynamic_environments => true,
|
|||
server_environments_owner => 'apache',
|
|||
server_config_version => ''
|
|||
}
|
|||
}
|
|||
09fd7d98 | Ivan Nečas | $foreman_proxy = $tftp or $dhcp or $dns or $puppet or $puppetca
|
|
df8a7710 | Ivan Nečas | ||
09fd7d98 | Ivan Nečas | if $foreman_proxy {
|
|
df8a7710 | Ivan Nečas | ||
class { 'certs::foreman_proxy':
|
|||
eb7a2c55 | Ivan Nečas | hostname => $capsule_fqdn,
|
|
df8a7710 | Ivan Nečas | require => Package['foreman-proxy'],
|
|
before => Service['foreman-proxy'],
|
|||
}
|
|||
8b15d7e6 | Ivan Nečas | class { 'foreman_proxy':
|
|
df8a7710 | Ivan Nečas | custom_repo => true,
|
|
port => $foreman_proxy_port,
|
|||
puppetca => $puppetca,
|
|||
ssl_cert => $::certs::foreman_proxy::proxy_cert,
|
|||
ssl_key => $::certs::foreman_proxy::proxy_key,
|
|||
d8c04f97 | Eric D. Helms | ssl_ca => $::certs::foreman_proxy::proxy_ca_cert,
|
|
df8a7710 | Ivan Nečas | tftp => $tftp,
|
|
tftp_servername => $tftp_servername,
|
|||
dhcp => $dhcp,
|
|||
dhcp_interface => $dhcp_interface,
|
|||
dhcp_gateway => $dhcp_gateway,
|
|||
dhcp_range => $dhcp_range,
|
|||
dhcp_nameservers => $dhcp_nameservers,
|
|||
dns => $dns,
|
|||
dns_zone => $dns_zone,
|
|||
dns_reverse => $dns_reverse,
|
|||
dns_interface => $dns_interface,
|
|||
dns_forwarders => $dns_forwarders,
|
|||
register_in_foreman => $register_in_foreman,
|
|||
foreman_base_url => $foreman_url,
|
|||
eb7a2c55 | Ivan Nečas | registered_proxy_url => "https://${capsule_fqdn}:${capsule::foreman_proxy_port}",
|
|
df8a7710 | Ivan Nečas | oauth_effective_user => $foreman_oauth_effective_user,
|
|
oauth_consumer_key => $foreman_oauth_key,
|
|||
oauth_consumer_secret => $foreman_oauth_secret
|
|||
}
|
|||
}
|
|||
eb7a2c55 | Ivan Nečas | ||
if $certs_tar {
|
|||
certs::tar_extract { $capsule::certs_tar: }
|
|||
09fd7d98 | Ivan Nečas | if $pulp {
|
|
eb7a2c55 | Ivan Nečas | Certs::Tar_extract[$certs_tar] -> Class['certs::apache']
|
|
09fd7d98 | Ivan Nečas | Certs::Tar_extract[$certs_tar] -> Class['certs::pulp_child']
|
|
eb7a2c55 | Ivan Nečas | }
|
|
09fd7d98 | Ivan Nečas | if $puppet {
|
|
Certs::Tar_extract[$certs_tar] -> Class['certs::puppet']
|
|||
eb7a2c55 | Ivan Nečas | }
|
|
09fd7d98 | Ivan Nečas | if $foreman_proxy {
|
|
Certs::Tar_extract[$certs_tar] -> Class['certs::foreman_proxy']
|
|||
eb7a2c55 | Ivan Nečas | }
|
|
}
|
|||
df8a7710 | Ivan Nečas | }
|