Revision 3c158112
Added by Greg Sutcliffe almost 11 years ago
manifests/server/config.pp | ||
---|---|---|
# Set up the puppet server config
|
||
class puppet::server::config inherits puppet::config {
|
||
if $puppet::server::passenger {
|
||
if $puppet::server_passenger {
|
||
# Anchor the passenger config inside this
|
||
class { 'puppet::server::passenger': } -> Class['puppet::server::config']
|
||
}
|
||
... | ... | |
}
|
||
|
||
# Open read permissions to private keys to puppet group for foreman, proxy etc.
|
||
file { "${puppet::server::ssl_dir}/private_keys":
|
||
group => $puppet::server::group,
|
||
file { "${puppet::server_ssl_dir}/private_keys":
|
||
group => $puppet::server_group,
|
||
mode => '0750',
|
||
}
|
||
|
||
file { "${puppet::server::ssl_dir}/private_keys/${::fqdn}.pem":
|
||
group => $puppet::server::group,
|
||
file { "${puppet::server_ssl_dir}/private_keys/${::fqdn}.pem":
|
||
group => $puppet::server_group,
|
||
mode => '0640',
|
||
}
|
||
|
||
# Include foreman components for the puppetmaster
|
||
# ENC script, reporting script etc.
|
||
class {'foreman::puppetmaster':
|
||
foreman_url => $puppet::server::foreman_url,
|
||
facts => $puppet::server::facts,
|
||
puppet_home => $puppet::server::puppet_home,
|
||
puppet_basedir => $puppet::server::puppet_basedir
|
||
foreman_url => $puppet::server_foreman_url,
|
||
facts => $puppet::server_facts,
|
||
puppet_home => $puppet::server_puppet_home,
|
||
puppet_basedir => $puppet::server_puppet_basedir
|
||
}
|
||
|
||
# appends our server configuration to puppet.conf
|
||
File ["${puppet::server::dir}/puppet.conf"] {
|
||
content => template($puppet::server::agent_template, $puppet::server::master_template),
|
||
File ["${puppet::server_dir}/puppet.conf"] {
|
||
content => template($puppet::agent_template, $puppet::server_template),
|
||
}
|
||
|
||
## If the ssl dir is not the default dir, it needs to be created before running
|
||
# the generate ca cert or it will fail.
|
||
exec {'puppet_server_config-create_ssl_dir':
|
||
creates => $::puppet::server::ssl_dir,
|
||
command => "/bin/mkdir -p ${::puppet::server::ssl_dir}",
|
||
creates => $::puppet::server_ssl_dir,
|
||
command => "/bin/mkdir -p ${::puppet::server_ssl_dir}",
|
||
before => Exec['puppet_server_config-generate_ca_cert'],
|
||
}
|
||
|
||
exec {'puppet_server_config-generate_ca_cert':
|
||
creates => $::puppet::server::ssl_cert,
|
||
command => "${puppet::params::puppetca_path}/${puppet::params::puppetca_bin} --generate ${::fqdn}",
|
||
require => File["${puppet::server::dir}/puppet.conf"],
|
||
notify => Service[$puppet::server::httpd_service],
|
||
require => File["${puppet::server_dir}/puppet.conf"],
|
||
notify => Service[$puppet::server_httpd_service],
|
||
}
|
||
|
||
file { "${puppet::server::vardir}/reports":
|
||
file { "${puppet::server_vardir}/reports":
|
||
ensure => directory,
|
||
owner => $puppet::server::user,
|
||
owner => $puppet::server_user,
|
||
}
|
||
|
||
if $puppet::server::git_repo {
|
||
if $puppet::server_git_repo {
|
||
|
||
# location where our puppet environments are located
|
||
file { $puppet::server::envs_dir:
|
||
file { $puppet::server_envs_dir:
|
||
ensure => directory,
|
||
owner => $puppet::server::user,
|
||
owner => $puppet::server_user,
|
||
}
|
||
|
||
# need to chown the $vardir before puppet does it, or else
|
||
# we can't write puppet.git/ on the first run
|
||
|
||
file { $puppet::server::vardir:
|
||
file { $puppet::server_vardir:
|
||
ensure => directory,
|
||
owner => $puppet::server::user,
|
||
owner => $puppet::server_user,
|
||
}
|
||
|
||
include git
|
||
|
||
git::repo { 'puppet_repo':
|
||
bare => true,
|
||
target => $puppet::server::git_repo_path,
|
||
user => $puppet::server::user,
|
||
require => File[$puppet::server::envs_dir],
|
||
target => $puppet::server_git_repo_path,
|
||
user => $puppet::server_user,
|
||
require => File[$puppet::server_envs_dir],
|
||
}
|
||
|
||
# git post hook to auto generate an environment per branch
|
||
file { "${puppet::server::git_repo_path}/hooks/${puppet::server::post_hook_name}":
|
||
content => template($puppet::server::post_hook_content),
|
||
owner => $puppet::server::user,
|
||
file { "${puppet::server_git_repo_path}/hooks/${puppet::server_post_hook_name}":
|
||
content => template($puppet::server_post_hook_content),
|
||
owner => $puppet::server_user,
|
||
mode => '0755',
|
||
require => Git::Repo['puppet_repo'],
|
||
}
|
||
... | ... | |
}
|
||
else
|
||
{
|
||
file { [$puppet::server::envs_dir, '/usr/share/puppet', $puppet::server::common_modules_path]:
|
||
file { [$puppet::server_envs_dir, '/usr/share/puppet', $puppet::server_common_modules_path]:
|
||
ensure => directory,
|
||
}
|
||
|
||
# make sure your site.pp exists (puppet #15106, foreman #1708)
|
||
file { "${puppet::server::manifest_path}/site.pp":
|
||
file { "${puppet::server_manifest_path}/site.pp":
|
||
ensure => present,
|
||
replace => false,
|
||
content => "# Empty site.pp required (puppet #15106, foreman #1708)\n",
|
||
}
|
||
|
||
# setup empty directories for our environments
|
||
puppet::server::env {$puppet::server::environments: }
|
||
puppet::server::env {$puppet::server_environments: }
|
||
}
|
||
|
||
}
|
Also available in: Unified diff
Make puppet::server install from puppet topclass