/manifests/server/config.pp - Installer - Foreman

puppet-puppet/manifests/server/config.pp @ 55cdf17d

       # Set up the puppet server config
       class puppet::server::config inherits puppet::config {
         if $::puppet::server::passenger and $::puppet::server::implementation == 'master' {
           contain 'puppet::server::passenger' # lint:ignore:relative_classname_inclusion (PUP-1597)
+        }
         if $::puppet::server::implementation == 'puppetserver' {
           contain 'puppet::server::puppetserver' # lint:ignore:relative_classname_inclusion (PUP-1597)
           unless empty($::puppet::server::puppetserver_vardir) {
             puppet::config::master {
               'vardir': value => $::puppet::server::puppetserver_vardir;
+            }
+          }
           unless empty($::puppet::server::puppetserver_rundir) {
             puppet::config::master {
               'rundir': value => $::puppet::server::puppetserver_rundir;
+            }
+          }
           unless empty($::puppet::server::puppetserver_logdir) {
             puppet::config::master {
               'logdir': value => $::puppet::server::puppetserver_logdir;
+            }
+          }
+        }
         # Mirror the relationship, as defined() is parse-order dependent
         # Ensures puppetmasters certs are generated before the proxy is needed
         if defined(Class['foreman_proxy::config']) and $foreman_proxy::ssl {
           Class['puppet::server::config'] ~> Class['foreman_proxy::config']
           Class['puppet::server::config'] ~> Class['foreman_proxy::service']
+        }
         # And before Foreman's cert-using service needs it
         if defined(Class['foreman::service']) and $foreman::ssl {
           Class['puppet::server::config'] -> Class['foreman::service']
+        }
         ## General configuration
         $ca_server                   = $::puppet::ca_server
         $ca_port                     = $::puppet::ca_port
         $server_storeconfigs_backend = $::puppet::server::storeconfigs_backend
         $server_external_nodes       = $::puppet::server::external_nodes
         $server_environment_timeout  = $::puppet::server::environment_timeout
         if $server_external_nodes and $server_external_nodes != '' {
           class{ '::puppet::server::enc':
             enc_path => $server_external_nodes,
+          }
+        }
         $autosign = ($::puppet::server::autosign =~ Boolean)? {
           true  => $::puppet::server::autosign,
           false => "${::puppet::server::autosign} { mode = ${::puppet::server::autosign_mode} }"
+        }
         puppet::config::main {
           'reports':            value => $::puppet::server::reports;
+        }
         if $::puppet::server::hiera_config and !empty($::puppet::server::hiera_config){
           puppet::config::main {
             'hiera_config':       value => $::puppet::server::hiera_config;
+          }
+        }
         if $puppet::server::directory_environments {
           puppet::config::main {
             'environmentpath':  value => $puppet::server::envs_dir;
+          }
+        }
         if $puppet::server::common_modules_path and !empty($puppet::server::common_modules_path) {
           puppet::config::main {
             'basemodulepath':   value => $puppet::server::common_modules_path, joiner => ':';
+          }
+        }
         if $puppet::server::default_manifest {
           puppet::config::main {
             'default_manifest': value => $puppet::server::default_manifest_path;
+          }
+        }
         puppet::config::master {
           'autosign':           value => $autosign;
           'ca':                 value => $::puppet::server::ca;
           'certname':           value => $::puppet::server::certname;
           'parser':             value => $::puppet::server::parser;
           'strict_variables':   value => $::puppet::server::strict_variables;
+        }
         if $::puppet::server::ssl_dir_manage {
           puppet::config::master {
             'ssldir':           value => $::puppet::server::ssl_dir;
+          }
+        }
         if $server_environment_timeout {
           puppet::config::master {
             'environment_timeout':  value => $server_environment_timeout;
+          }
+        }
         if $server_storeconfigs_backend {
           puppet::config::master {
             'storeconfigs':         value => true;
             'storeconfigs_backend': value => $server_storeconfigs_backend;
+          }
+        }
         if !$::puppet::server::directory_environments and ($::puppet::server::git_repo or $::puppet::server::dynamic_environments) {
           puppet::config::master {
             'manifest':   value => "${::puppet::server::envs_dir}/\$environment/manifests/site.pp";
             'modulepath': value => "${::puppet::server::envs_dir}/\$environment/modules";
+          }
           if $::puppet::server::config_version_cmd {
             puppet::config::master {
               'config_version': value => $::puppet::server::config_version_cmd;
+            }
+          }
+        }
         $::puppet::server_additional_settings.each |$key,$value| {
           puppet::config::master { $key: value => $value }
+        }
         file { "${puppet::vardir}/reports":
           ensure => directory,
           owner  => $::puppet::server::user,
           group  => $::puppet::server::group,
           mode   => '0750',
+        }
         if '/usr/share/puppet/modules' in $puppet::server::common_modules_path {
           # Create Foreman share dir which does not depend on Puppet version
           exec { 'mkdir -p /usr/share/puppet/modules':
             creates => '/usr/share/puppet/modules',
             path    => ['/usr/bin', '/bin'],
+          }
+        }
         ## SSL and CA configuration
         # Open read permissions to private keys to puppet group for foreman, proxy etc.
         file { "${::puppet::server::ssl_dir}/private_keys":
           ensure  => directory,
           owner   => $::puppet::server::user,
           group   => $::puppet::server::group,
           mode    => '0750',
           require => Exec['puppet_server_config-create_ssl_dir'],
+        }
         if $puppet::server::ssl_key_manage {
           file { "${::puppet::server::ssl_dir}/private_keys/${::puppet::server::certname}.pem":
             owner => $::puppet::server::user,
             group => $::puppet::server::group,
             mode  => '0640',
+          }
+        }
         # If the ssl dir is not the default dir, it needs to be created before running
         # the generate ca cert or it will fail.
         exec {'puppet_server_config-create_ssl_dir':
           creates => $::puppet::server::ssl_dir,
           command => "/bin/mkdir -p ${::puppet::server::ssl_dir}",
           umask   => '0022',
+        }
         # Generate a new CA and host cert if our host cert doesn't exist
         if $::puppet::server::ca {
           exec {'puppet_server_config-generate_ca_cert':
             creates => $::puppet::server::ssl_cert,
             command => "${::puppet::puppetca_cmd} --generate ${::puppet::server::certname} --allow-dns-alt-names",
             umask   => '0022',
             require => [
               Concat["${::puppet::server::dir}/puppet.conf"],
               Exec['puppet_server_config-create_ssl_dir'],
             ],
+          }
         } elsif $::puppet::server::ca_crl_sync {
           # If not a ca AND sync the crl from the ca master
           if defined('$::servername') {
             file { $::puppet::server::ssl_ca_crl:
               ensure  => file,
               owner   => $::puppet::server::user,
               group   => $::puppet::server::group,
               mode    => '0644',
               content => file($::settings::cacrl, $::settings::hostcrl, '/dev/null'),
+            }
+          }
+        }
         if $::puppet::server::passenger and $::puppet::server::implementation == 'master' and $::puppet::server::ca {
           Exec['puppet_server_config-generate_ca_cert'] ~> Service[$::puppet::server::httpd_service]
+        }
         # autosign file
         if $::puppet::server_ca and !($puppet::server::autosign =~ Boolean) {
           if $::puppet::server::autosign_content or $::puppet::server::autosign_source {
             if !empty($::puppet::server::autosign_entries) {
               fail('Cannot set both autosign_content/autosign_source and autosign_entries')
+            }
             $autosign_content = $::puppet::server::autosign_content
           } elsif !empty($::puppet::server::autosign_entries) {
             $autosign_content = template('puppet/server/autosign.conf.erb')
           } else {
             $autosign_content = undef
+          }
           file { $::puppet::server::autosign:
             ensure  => file,
             owner   => $::puppet::server::user,
             group   => $::puppet::server::group,
             mode    => $::puppet::server::autosign_mode,
             content => $autosign_content,
             source  => $::puppet::server::autosign_source,
+          }
+        }
         # only manage this file if we provide content
         if $::puppet::server::default_manifest and $::puppet::server::default_manifest_content != '' {
           file { $::puppet::server::default_manifest_path:
             ensure  => file,
             owner   => $puppet::user,
             group   => $puppet::group,
             mode    => '0644',
             content => $::puppet::server::default_manifest_content,
+          }
+        }
         ## Environments
         # location where our puppet environments are located
         if $::puppet::server::envs_target and $::puppet::server::envs_target != '' {
           $ensure = 'link'
         } else {
           $ensure = 'directory'
+        }
         file { $::puppet::server::envs_dir:
           ensure => $ensure,
           owner  => $::puppet::server::environments_owner,
           group  => $::puppet::server::environments_group,
           mode   => $::puppet::server::environments_mode,
           target => $::puppet::server::envs_target,
           force  => true,
+        }
         if $::puppet::server::git_repo {
           # need to chown the $vardir before puppet does it, or else
           # we can't write puppet.git/ on the first run
           include ::git
           git::repo { 'puppet_repo':
             bare    => true,
             target  => $::puppet::server::git_repo_path,
             mode    => $::puppet::server::git_repo_mode,
             user    => $::puppet::server::git_repo_user,
             group   => $::puppet::server::git_repo_group,
             require => File[$::puppet::server::envs_dir],
+          }
           $git_branch_map = $::puppet::server::git_branch_map
           # git post hook to auto generate an environment per branch
           file { "${::puppet::server::git_repo_path}/hooks/${::puppet::server::post_hook_name}":
             content => template($::puppet::server::post_hook_content),
             owner   => $::puppet::server::git_repo_user,
             group   => $::puppet::server::git_repo_group,
             mode    => $::puppet::server::git_repo_mode,
             require => Git::Repo['puppet_repo'],
+          }
+        }
         elsif ! $::puppet::server::dynamic_environments {
           file { $puppet::sharedir:
             ensure => directory,
+          }
           if $::puppet::server::common_modules_path and $::puppet::server::common_modules_path != '' {
             file { $::puppet::server::common_modules_path:
               ensure => directory,
               owner  => $::puppet::server_environments_owner,
               group  => $::puppet::server_environments_group,
               mode   => $::puppet::server_environments_mode,
+            }
+          }
           # setup empty directories for our environments
           puppet::server::env {$::puppet::server::environments: }
+        }
         ## Foreman
         if $::puppet::server::foreman {
           # Include foreman components for the puppetmaster
           # ENC script, reporting script etc.
           anchor { 'puppet::server::config_start': }
           -> class {'::foreman::puppetmaster':
             foreman_url    => $::puppet::server::foreman_url,
             receive_facts  => $::puppet::server::server_foreman_facts,
             puppet_home    => $::puppet::server::puppetserver_vardir,
             puppet_basedir => $::puppet::server::puppet_basedir,
             puppet_etcdir  => $puppet::dir,
             enc_api        => $::puppet::server::enc_api,
             report_api     => $::puppet::server::report_api,
             timeout        => $::puppet::server::request_timeout,
             ssl_ca         => pick($::puppet::server::foreman_ssl_ca, $::puppet::server::ssl_ca_cert),
             ssl_cert       => pick($::puppet::server::foreman_ssl_cert, $::puppet::server::ssl_cert),
             ssl_key        => pick($::puppet::server::foreman_ssl_key, $::puppet::server::ssl_cert_key),
+          }
           ~> anchor { 'puppet::server::config_end': }
+        }
         ## PuppetDB
         if $::puppet::server::puppetdb_host {
           class { '::puppetdb::master::config':
             puppetdb_server             => $::puppet::server::puppetdb_host,
             puppetdb_port               => $::puppet::server::puppetdb_port,
             puppetdb_soft_write_failure => $::puppet::server::puppetdb_swf,
             manage_storeconfigs         => false,
             restart_puppet              => false,
+          }
           Class['puppetdb::master::puppetdb_conf'] ~> Class['puppet::server::service']
+        }
+      }

« Previous
1
2
3
…
8
Next »

(1-1/8)

Project

General

Profile

Foreman » Installer