Project

General

Profile

Download (12.8 KB) Statistics
| Branch: | Tag: | Revision:

puppet-puppet/manifests/params.pp @ a406d2c8

# Default parameters
class puppet::params {

# Basic config
$version = 'present'
$user = 'puppet'
$group = 'puppet'
$ip = '0.0.0.0'
$port = 8140
$listen = false
$listen_to = []
$pluginsync = true
$splay = false
$splaylimit = '1800'
$runinterval = '1800'
$runmode = 'service'

# Not defined here as the commands depend on module parameter "dir"
$cron_cmd = undef
$systemd_cmd = undef

$agent_noop = false
$show_diff = false
$module_repository = undef
if versioncmp($::puppetversion, '4.0') < 0 {
$configtimeout = 120
$server_puppetserver_dir = '/etc/puppetserver'
$server_ruby_load_paths = []
$server_jruby_gem_home = '/var/lib/puppet/jruby-gems'
} else {
$configtimeout = undef
$server_puppetserver_dir = '/etc/puppetlabs/puppetserver'
$server_ruby_load_paths = ['/opt/puppetlabs/puppet/lib/ruby/vendor_ruby']
$server_jruby_gem_home = '/opt/puppetlabs/server/data/puppetserver/jruby-gems'
}
if versioncmp($::puppetversion, '4.0') < 0 or versioncmp($::puppetversion, '4.5') >= 0 {
$hiera_config = '$confdir/hiera.yaml'
} else {
$hiera_config = '$codedir/hiera.yaml'
}
$usecacheonfailure = true
$ca_server = undef
$ca_port = undef
$prerun_command = undef
$postrun_command = undef
$dns_alt_names = []
$use_srv_records = false
$srv_domain = $::domain
# lint:ignore:puppet_url_without_modules
$pluginsource = 'puppet:///plugins'
$pluginfactsource = 'puppet:///pluginfacts'
# lint:endignore
$classfile = '$statedir/classes.txt'
$syslogfacility = undef
$environment = $::environment
if versioncmp($::puppetversion, '4.0') < 0 {
$aio_package = false
} elsif $::osfamily == 'Windows' or $::rubysitedir =~ /\/opt\/puppetlabs\/puppet/ {
$aio_package = true
} else {
$aio_package = false
}

case $::osfamily {
'Windows' : {
# Windows prefixes normal paths with the Data Directory's path and leaves 'puppet' off the end
$dir_prefix = 'C:/ProgramData/PuppetLabs/puppet'
$dir = "${dir_prefix}/etc"
$codedir = "${dir_prefix}/etc"
$logdir = "${dir_prefix}/var/log"
$rundir = "${dir_prefix}/var/run"
$ssldir = "${dir_prefix}/etc/ssl"
$vardir = "${dir_prefix}/var"
$sharedir = "${dir_prefix}/share"
$bindir = "${dir_prefix}/bin"
$root_group = undef
}

/^(FreeBSD|DragonFly)$/ : {
$dir = '/usr/local/etc/puppet'
$codedir = '/usr/local/etc/puppet'
$logdir = '/var/log/puppet'
$rundir = '/var/run/puppet'
$ssldir = '/var/puppet/ssl'
$vardir = '/var/puppet'
$sharedir = '/usr/local/share/puppet'
$bindir = '/usr/local/bin'
$root_group = undef
}

default : {
if $aio_package {
$dir = '/etc/puppetlabs/puppet'
$codedir = '/etc/puppetlabs/code'
$logdir = '/var/log/puppetlabs/puppet'
$rundir = '/var/run/puppetlabs'
$ssldir = '/etc/puppetlabs/puppet/ssl'
$vardir = '/opt/puppetlabs/puppet/cache'
$sharedir = '/opt/puppetlabs/puppet'
$bindir = '/opt/puppetlabs/bin'
} else {
$dir = '/etc/puppet'
$codedir = '/etc/puppet'
$logdir = '/var/log/puppet'
$rundir = '/var/run/puppet'
$ssldir = '/var/lib/puppet/ssl'
$vardir = '/var/lib/puppet'
$sharedir = '/usr/share/puppet'
$bindir = '/usr/bin'
}
$root_group = undef
}
}

$autosign = "${dir}/autosign.conf"
$autosign_mode = '0664'

$puppet_cmd = "${bindir}/puppet"

$manage_packages = true

if $aio_package and $::osfamily != 'Windows' {
$dir_owner = 'root'
$dir_group = $root_group
} elsif $::osfamily == 'Windows' {
$dir_owner = undef
$dir_group = undef
} else {
$dir_owner = $user
$dir_group = $group
}

$package_provider = $::osfamily ? {
'windows' => 'chocolatey',
default => undef,
}

$package_source = undef

# Need your own config templates? Specify here:
$main_template = 'puppet/puppet.conf.erb'
$agent_template = 'puppet/agent/puppet.conf.erb'
$auth_template = 'puppet/auth.conf.erb'

# Allow any to the CRL. Needed in case of puppet CA proxy
$allow_any_crl_auth = false

# Authenticated nodes to allow
$auth_allowed = ['$1']

# Will this host be a puppet agent ?
$agent = true
$remove_lock = true
$client_certname = $::clientcert

# Custom puppetmaster
if defined('$trusted') and $::trusted['authenticated'] == 'local' {
$puppetmaster = undef
} else {
$puppetmaster = $::puppetmaster
}

# Hashes containing additional settings
$additional_settings = {}
$agent_additional_settings = {}
$server_additional_settings = {}

# Will this host be a puppetmaster?
$server = false
$server_ca = true
$server_reports = 'foreman'
$server_passenger = true
$server_service_fallback = true
$server_passenger_min_instances = $::processorcount
$server_passenger_pre_start = true
$server_passenger_ruby = undef
$server_httpd_service = 'httpd'
$server_external_nodes = "${dir}/node.rb"
$server_enc_api = 'v2'
$server_report_api = 'v2'
$server_request_timeout = 60
$server_ca_proxy = undef
$server_certname = $::clientcert
$server_strict_variables = false
$server_rack_arguments = []
$server_http = false
$server_http_port = 8139
$server_http_allow = []

# use puppetserver (JVM) or puppet master (Ruby)?
$server_implementation = $aio_package ? {
true => 'puppetserver',
default => 'master',
}

# Need a new master template for the server?
$server_template = 'puppet/server/puppet.conf.erb'
# Template for server settings in [main]
$server_main_template = 'puppet/server/puppet.conf.main.erb'

# The script that is run to determine the reported manifest version. Undef
# means we determine it in server.pp
$server_config_version = undef

# Set 'false' for static environments, or 'true' for git-based workflow
$server_git_repo = false
# Git branch to puppet env mapping for the post receive hook
$server_git_branch_map = {}

# Static environments config, ignore if the git_repo or dynamic_environments is 'true'
# What environments do we have
$server_environments = ['development', 'production']
# Dynamic environments config (deprecated when directory_environments is true)
$server_dynamic_environments = false
# Directory environments config
$server_directory_environments = versioncmp($::puppetversion, '3.6.0') >= 0
# Owner of the environments dir: for cases external service needs write
# access to manage it.
$server_environments_owner = $user
$server_environments_group = $root_group
$server_environments_mode = '0755'
# Where we store our puppet environments
$server_envs_dir = "${codedir}/environments"
# Where remains our manifests dir
$server_manifest_path = "${codedir}/manifests"
# Modules in this directory would be shared across all environments
$server_common_modules_path = ["${server_envs_dir}/common", "${codedir}/modules", "${sharedir}/modules"]

# Dynamic environments config, ignore if the git_repo is 'false'
# Path to the repository
$server_git_repo_path = "${vardir}/puppet.git"
# mode of the repository
$server_git_repo_mode = '0755'
# user of the repository
$server_git_repo_user = $user
# group of the repository
$server_git_repo_group = $user
# Override these if you need your own hooks
$server_post_hook_content = 'puppet/server/post-receive.erb'
$server_post_hook_name = 'post-receive'

# PuppetDB config
$server_puppetdb_host = undef
$server_puppetdb_port = 8081
$server_puppetdb_swf = false

# Do you use storeconfigs? (note: not required)
# - undef if you don't
# - active_record for 2.X style db
# - puppetdb for puppetdb
$server_storeconfigs_backend = undef

# Passenger config
$server_app_root = "${dir}/rack"
$server_ssl_dir = $ssldir

$server_package = undef
$server_version = undef

if $aio_package {
$client_package = ['puppet-agent']
} elsif ($::osfamily == 'Debian') {
$client_package = ['puppet-common','puppet']
} elsif ($::osfamily =~ /(FreeBSD|DragonFly)/) {
if (versioncmp($::puppetversion, '4.0') > 0) {
$client_package = ['puppet4']
} else {
$client_package = ['puppet38']
}
} else {
$client_package = ['puppet']
}

$puppetrun_cmd = "${puppet_cmd} kick"
$puppetca_cmd = "${puppet_cmd} cert"

# Puppet service name
$service_name = 'puppet'
# Puppet onedshot systemd service and timer name
$systemd_unit_name = 'puppet-run'
# Mechanisms to manage and reload/restart the agent
# If supported on the OS, reloading is prefered since it does not kill a currently active puppet run
case $::osfamily {
'Debian' : {
$agent_restart_command = "/usr/sbin/service ${service_name} reload"
if ($::operatingsystem == 'Debian') and (versioncmp($::operatingsystemrelease, '8.0') >= 0) or
($::operatingsystem == 'Ubuntu') and (versioncmp($::operatingsystemrelease, '15.04') >= 0)
{
$unavailable_runmodes = []
} else {
$unavailable_runmodes = ['systemd.timer']
}
}
'Redhat' : {
$osreleasemajor = regsubst($::operatingsystemrelease, '^(\d+)\..*$', '\1') # workaround for the possibly missing operatingsystemmajrelease
$agent_restart_command = $osreleasemajor ? {
/^(5|6)$/ => "/sbin/service ${service_name} reload",
'7' => "/usr/bin/systemctl reload-or-restart ${service_name}",
default => undef,
}
$unavailable_runmodes = $osreleasemajor ? {
/^(5|6)$/ => ['systemd.timer'],
default => [],
}
}
'Windows': {
$agent_restart_command = undef
$unavailable_runmodes = ['cron', 'systemd.timer']
}
default : {
$agent_restart_command = undef
$unavailable_runmodes = ['systemd.timer']
}
}

# Foreman parameters
$lower_fqdn = downcase($::fqdn)
$server_foreman = true
$server_facts = true
$server_puppet_basedir = $aio_package ? {
true => '/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet',
false => undef,
}
$server_foreman_url = "https://${lower_fqdn}"
$server_foreman_ssl_ca = undef
$server_foreman_ssl_cert = undef
$server_foreman_ssl_key = undef

# Which Parser do we want to use? https://docs.puppetlabs.com/references/latest/configuration.html#parser
$server_parser = 'current'

# Timeout for cached environments, changed in puppet 3.7.x
$server_environment_timeout = undef

# puppet server configuration file
$server_jvm_config = $::osfamily ? {
'RedHat' => '/etc/sysconfig/puppetserver',
'Debian' => '/etc/default/puppetserver',
default => '/etc/default/puppetserver',
}

$server_jvm_java_bin = '/usr/bin/java'
$server_jvm_min_heap_size = '2G'
$server_jvm_max_heap_size = '2G'
$server_jvm_extra_args = '-XX:MaxPermSize=256m'

$server_ssl_dir_manage = true
$server_default_manifest = false
$server_default_manifest_path = '/etc/puppet/manifests/default_manifest.pp'
$server_default_manifest_content = '' # lint:ignore:empty_string_assignment
$server_max_active_instances = $::processorcount
$server_idle_timeout = 1200000
$server_connect_timeout = 120000
$server_enable_ruby_profiler = false
$server_ca_auth_required = true
$server_admin_api_whitelist = [ '127.0.0.1', '::1', $::ipaddress ]
$server_ca_client_whitelist = [ '127.0.0.1', '::1', $::ipaddress ]
$server_cipher_suites = [ 'TLS_RSA_WITH_AES_256_CBC_SHA256', 'TLS_RSA_WITH_AES_256_CBC_SHA', 'TLS_RSA_WITH_AES_128_CBC_SHA256', 'TLS_RSA_WITH_AES_128_CBC_SHA', ]
$server_ssl_protocols = [ 'TLSv1.2', ]

# Puppetserver >= 2.2 Which auth.conf shall we use?
$server_use_legacy_auth_conf = false

# For puppetserver 2, certain configuration parameters are version specific. We assume a particular version here.
$server_puppetserver_version = '2.4.99'
}
(4-4/5)