Project

General

Profile

Download (4.64 KB) Statistics
| Branch: | Tag: | Revision:

puppet-pulp/manifests/config.pp @ b4c90011

# Pulp Master Configuration
# Private class
class pulp::config {
file { '/var/lib/pulp/packages':
ensure => directory,
owner => 'apache',
group => 'apache',
mode => '0755',
}

file { '/etc/pulp/server.conf':
ensure => file,
content => template('pulp/server.conf.erb'),
owner => 'apache',
group => 'apache',
mode => '0600',
show_diff => $pulp::show_conf_diff,
}

file { '/etc/pki/pulp/content/pulp-global-repo.ca':
ensure => link,
target => $pulp::ca_cert,
}

if $pulp::enable_rpm {
file { '/etc/pulp/repo_auth.conf':
ensure => file,
content => template('pulp/repo_auth.conf.erb'),
owner => 'root',
group => 'root',
mode => '0644',
}

file { '/etc/pulp/server/plugins.conf.d/yum_importer.json':
ensure => file,
content => template('pulp/yum_importer.json.erb'),
owner => 'root',
group => 'root',
mode => '0644',
show_diff => $pulp::show_conf_diff,
}

file { '/etc/pulp/server/plugins.conf.d/iso_importer.json':
ensure => file,
content => template('pulp/iso_importer.json.erb'),
owner => 'root',
group => 'root',
mode => '0644',
show_diff => $pulp::show_conf_diff,
}
}

if $pulp::enable_docker {
file { '/etc/pulp/server/plugins.conf.d/docker_importer.json':
ensure => file,
content => template('pulp/docker_importer.json.erb'),
owner => 'root',
group => 'root',
mode => '0644',
show_diff => $pulp::show_conf_diff,
}
}

if $pulp::enable_ostree {
file { '/etc/pulp/server/plugins.conf.d/ostree_importer.json':
ensure => file,
content => template('pulp/ostree_importer.json.erb'),
owner => 'root',
group => 'root',
mode => '0644',
show_diff => $pulp::show_conf_diff,
}
}

if $pulp::enable_puppet {
exec { 'selinux_pulp_manage_puppet':
command => 'semanage boolean -m --on pulp_manage_puppet',
path => '/sbin:/usr/sbin:/bin:/usr/bin',
onlyif => 'getsebool pulp_manage_puppet | grep off',
}

file { '/etc/pulp/server/plugins.conf.d/puppet_importer.json':
ensure => file,
content => template('pulp/puppet_importer.json.erb'),
owner => 'root',
group => 'root',
mode => '0644',
show_diff => $pulp::show_conf_diff,
}
}

file { '/etc/default/pulp_workers':
ensure => file,
content => template('pulp/systemd_pulp_workers'),
owner => 'root',
group => 'root',
mode => '0644',
}

file { $::pulp::rsa_key:
owner => 'root',
group => 'apache',
mode => '0640',
}

if $pulp::reset_cache {
exec { 'reset_pulp_cache':
command => 'rm -rf /var/lib/pulp/packages/*',
path => '/sbin:/bin:/usr/bin',
before => Exec['migrate_pulp_db'],
require => File['/var/lib/pulp/packages'],
}
}

if $pulp::consumers_crl {
exec { 'setup-crl-symlink':
command => "/usr/bin/openssl x509 -in '${pulp::ca_cert}' -hash -noout | /usr/bin/xargs -I{} /bin/ln -sf '${pulp::consumers_crl}' '/etc/pki/pulp/content/{}.r0'",
logoutput => 'on_failure',
refreshonly => true,
}
}

exec { 'run pulp-gen-ca':
command => '/usr/bin/pulp-gen-ca-certificate',
creates => '/etc/pki/pulp/ca.crt',
}

if $pulp::manage_squid {
if $::osfamily == 'RedHat' and versioncmp($::operatingsystemrelease, '7') < 0 {
$deprecated_opts = true
} else {
$deprecated_opts = false
}
class { '::squid3':
use_deprecated_opts => $deprecated_opts,
http_port => [ '3128 accel defaultsite=127.0.0.1:8751' ],
acl => [ 'Safe_ports port 3128' ],
http_access => [ 'allow localhost', 'deny to_localhost', 'deny all' ],
cache => [ 'allow all' ],
maximum_object_size => '5 GB',
maximum_object_size_in_memory => '100 MB',
cache_dir => [ 'aufs /var/spool/squid 10000 16 256' ],
template => 'short',
config_hash => {
cache_peer => '127.0.0.1 parent 8751 0 no-digest no-query originserver name=PulpStreamer',
cache_peer_access => 'PulpStreamer allow all',
range_offset_limit => 'none',
minimum_object_size => '0 kB',
},
}
}

if $pulp::enable_profiling {
file { $pulp::profiling_directory:
ensure => directory,
owner => 'apache',
group => 'apache',
mode => '0755',
}
}
}
(6-6/13)