Revision 3c158112
Added by Greg Sutcliffe almost 11 years ago
| manifests/server/config.pp | ||
|---|---|---|
|
# Set up the puppet server config
|
||
|
class puppet::server::config inherits puppet::config {
|
||
|
if $puppet::server::passenger {
|
||
|
if $puppet::server_passenger {
|
||
|
# Anchor the passenger config inside this
|
||
|
class { 'puppet::server::passenger': } -> Class['puppet::server::config']
|
||
|
}
|
||
| ... | ... | |
|
}
|
||
|
|
||
|
# Open read permissions to private keys to puppet group for foreman, proxy etc.
|
||
|
file { "${puppet::server::ssl_dir}/private_keys":
|
||
|
group => $puppet::server::group,
|
||
|
file { "${puppet::server_ssl_dir}/private_keys":
|
||
|
group => $puppet::server_group,
|
||
|
mode => '0750',
|
||
|
}
|
||
|
|
||
|
file { "${puppet::server::ssl_dir}/private_keys/${::fqdn}.pem":
|
||
|
group => $puppet::server::group,
|
||
|
file { "${puppet::server_ssl_dir}/private_keys/${::fqdn}.pem":
|
||
|
group => $puppet::server_group,
|
||
|
mode => '0640',
|
||
|
}
|
||
|
|
||
|
# Include foreman components for the puppetmaster
|
||
|
# ENC script, reporting script etc.
|
||
|
class {'foreman::puppetmaster':
|
||
|
foreman_url => $puppet::server::foreman_url,
|
||
|
facts => $puppet::server::facts,
|
||
|
puppet_home => $puppet::server::puppet_home,
|
||
|
puppet_basedir => $puppet::server::puppet_basedir
|
||
|
foreman_url => $puppet::server_foreman_url,
|
||
|
facts => $puppet::server_facts,
|
||
|
puppet_home => $puppet::server_puppet_home,
|
||
|
puppet_basedir => $puppet::server_puppet_basedir
|
||
|
}
|
||
|
|
||
|
# appends our server configuration to puppet.conf
|
||
|
File ["${puppet::server::dir}/puppet.conf"] {
|
||
|
content => template($puppet::server::agent_template, $puppet::server::master_template),
|
||
|
File ["${puppet::server_dir}/puppet.conf"] {
|
||
|
content => template($puppet::agent_template, $puppet::server_template),
|
||
|
}
|
||
|
|
||
|
## If the ssl dir is not the default dir, it needs to be created before running
|
||
|
# the generate ca cert or it will fail.
|
||
|
exec {'puppet_server_config-create_ssl_dir':
|
||
|
creates => $::puppet::server::ssl_dir,
|
||
|
command => "/bin/mkdir -p ${::puppet::server::ssl_dir}",
|
||
|
creates => $::puppet::server_ssl_dir,
|
||
|
command => "/bin/mkdir -p ${::puppet::server_ssl_dir}",
|
||
|
before => Exec['puppet_server_config-generate_ca_cert'],
|
||
|
}
|
||
|
|
||
|
exec {'puppet_server_config-generate_ca_cert':
|
||
|
creates => $::puppet::server::ssl_cert,
|
||
|
command => "${puppet::params::puppetca_path}/${puppet::params::puppetca_bin} --generate ${::fqdn}",
|
||
|
require => File["${puppet::server::dir}/puppet.conf"],
|
||
|
notify => Service[$puppet::server::httpd_service],
|
||
|
require => File["${puppet::server_dir}/puppet.conf"],
|
||
|
notify => Service[$puppet::server_httpd_service],
|
||
|
}
|
||
|
|
||
|
file { "${puppet::server::vardir}/reports":
|
||
|
file { "${puppet::server_vardir}/reports":
|
||
|
ensure => directory,
|
||
|
owner => $puppet::server::user,
|
||
|
owner => $puppet::server_user,
|
||
|
}
|
||
|
|
||
|
if $puppet::server::git_repo {
|
||
|
if $puppet::server_git_repo {
|
||
|
|
||
|
# location where our puppet environments are located
|
||
|
file { $puppet::server::envs_dir:
|
||
|
file { $puppet::server_envs_dir:
|
||
|
ensure => directory,
|
||
|
owner => $puppet::server::user,
|
||
|
owner => $puppet::server_user,
|
||
|
}
|
||
|
|
||
|
# need to chown the $vardir before puppet does it, or else
|
||
|
# we can't write puppet.git/ on the first run
|
||
|
|
||
|
file { $puppet::server::vardir:
|
||
|
file { $puppet::server_vardir:
|
||
|
ensure => directory,
|
||
|
owner => $puppet::server::user,
|
||
|
owner => $puppet::server_user,
|
||
|
}
|
||
|
|
||
|
include git
|
||
|
|
||
|
git::repo { 'puppet_repo':
|
||
|
bare => true,
|
||
|
target => $puppet::server::git_repo_path,
|
||
|
user => $puppet::server::user,
|
||
|
require => File[$puppet::server::envs_dir],
|
||
|
target => $puppet::server_git_repo_path,
|
||
|
user => $puppet::server_user,
|
||
|
require => File[$puppet::server_envs_dir],
|
||
|
}
|
||
|
|
||
|
# git post hook to auto generate an environment per branch
|
||
|
file { "${puppet::server::git_repo_path}/hooks/${puppet::server::post_hook_name}":
|
||
|
content => template($puppet::server::post_hook_content),
|
||
|
owner => $puppet::server::user,
|
||
|
file { "${puppet::server_git_repo_path}/hooks/${puppet::server_post_hook_name}":
|
||
|
content => template($puppet::server_post_hook_content),
|
||
|
owner => $puppet::server_user,
|
||
|
mode => '0755',
|
||
|
require => Git::Repo['puppet_repo'],
|
||
|
}
|
||
| ... | ... | |
|
}
|
||
|
else
|
||
|
{
|
||
|
file { [$puppet::server::envs_dir, '/usr/share/puppet', $puppet::server::common_modules_path]:
|
||
|
file { [$puppet::server_envs_dir, '/usr/share/puppet', $puppet::server_common_modules_path]:
|
||
|
ensure => directory,
|
||
|
}
|
||
|
|
||
|
# make sure your site.pp exists (puppet #15106, foreman #1708)
|
||
|
file { "${puppet::server::manifest_path}/site.pp":
|
||
|
file { "${puppet::server_manifest_path}/site.pp":
|
||
|
ensure => present,
|
||
|
replace => false,
|
||
|
content => "# Empty site.pp required (puppet #15106, foreman #1708)\n",
|
||
|
}
|
||
|
|
||
|
# setup empty directories for our environments
|
||
|
puppet::server::env {$puppet::server::environments: }
|
||
|
puppet::server::env {$puppet::server_environments: }
|
||
|
}
|
||
|
|
||
|
}
|
||
Also available in: Unified diff
Make puppet::server install from puppet topclass