|
# configuration for the JRuby interpreters
|
|
jruby-puppet: {
|
|
<%- if scope.function_versioncmp([@puppetversion, '4.0']) >= 0 -%>
|
|
# Where the puppet-agent dependency places puppet, facter, etc...
|
|
# Puppet server expects to load Puppet from this location
|
|
ruby-load-path: [
|
|
<%- @server_ruby_load_paths.each do |ruby_load_path| -%>
|
|
<%= ruby_load_path %>,
|
|
<%- end -%>
|
|
]
|
|
<%- end -%>
|
|
|
|
# This setting determines where JRuby will install gems. It is used for loading gems,
|
|
# and also by the `puppetserver gem` command line tool.
|
|
gem-home: <%= @server_jruby_gem_home %>
|
|
|
|
<%- if scope.function_versioncmp([@server_puppetserver_version, '2.7']) >= 0 -%>
|
|
# This setting defines the complete "GEM_PATH" for jruby. If set, it should include
|
|
# the gem-home directory as well as any other directories that gems can be loaded
|
|
# from (including the vendored gems directory for gems that ship with puppetserver)
|
|
gem-path: [${jruby-puppet.gem-home}, "/opt/puppetlabs/server/data/puppetserver/vendored-jruby-gems"]
|
|
|
|
<%- end -%>
|
|
# PLEASE NOTE: Use caution when modifying the below settings. Modifying
|
|
# these settings will change the value of the corresponding Puppet settings
|
|
# for Puppet Server, but not for the Puppet CLI tools. This likely will not
|
|
# be a problem with master-var-dir, master-run-dir, or master-log-dir unless
|
|
# some critical setting in puppet.conf is interpolating the value of one
|
|
# of the corresponding settings, but it is important that any changes made to
|
|
# master-conf-dir and master-code-dir are also made to the corresponding Puppet
|
|
# settings when running the Puppet CLI tools. See
|
|
# https://docs.puppetlabs.com/puppetserver/latest/puppet_conf_setting_diffs.html#overriding-puppet-settings-in-puppet-server
|
|
# for more information.
|
|
|
|
# (optional) path to puppet conf dir; if not specified, will use
|
|
# the puppet default
|
|
master-conf-dir: <%= @server_dir %>
|
|
|
|
<%- if scope.function_versioncmp([@server_puppetserver_version, '2.1']) >= 0 -%>
|
|
# (optional) path to puppet code dir; if not specified, will use
|
|
# the puppet default
|
|
master-code-dir: <%= @codedir %>
|
|
|
|
<%- end -%>
|
|
# (optional) path to puppet var dir; if not specified, will use
|
|
# the puppet default
|
|
master-var-dir: <%= @server_puppetserver_vardir %>
|
|
|
|
<%- if scope.function_versioncmp([@server_puppetserver_version, '2.1']) >= 0 -%>
|
|
# (optional) path to puppet run dir; if not specified, will use
|
|
# the puppet default
|
|
master-run-dir: <%= @server_puppetserver_rundir %>
|
|
|
|
# (optional) path to puppet log dir; if not specified, will use
|
|
# the puppet default
|
|
master-log-dir: <%= @server_puppetserver_logdir %>
|
|
|
|
<%- end -%>
|
|
# (optional) maximum number of JRuby instances to allow
|
|
max-active-instances: <%= @server_max_active_instances %>
|
|
|
|
# (optional) the number of HTTP requests a given JRuby instance will handle in its lifetime.
|
|
max-requests-per-instance: <%= @server_max_requests_per_instance %>
|
|
<%- if scope.function_versioncmp([@server_puppetserver_version, '2.2']) >= 0 -%>
|
|
|
|
# (optional) Authorize access to Puppet master endpoints via rules specified
|
|
# in the legacy Puppet auth.conf file (if true or not specified) or via rules
|
|
# specified in the Puppet Server HOCON-formatted auth.conf (if false).
|
|
use-legacy-auth-conf: <%= @server_use_legacy_auth_conf %>
|
|
<%- end -%>
|
|
<%- if scope.function_versioncmp([@server_puppetserver_version, '2.3']) >= 0 -%>
|
|
|
|
# (optional) enable or disable environment class cache
|
|
environment-class-cache-enabled: <%= @server_environment_class_cache_enabled %>
|
|
<%- end -%>
|
|
}
|
|
|
|
# settings related to HTTP client requests made by Puppet Server
|
|
http-client: {
|
|
# A list of acceptable protocols for making HTTP requests
|
|
ssl-protocols: [
|
|
<%- @server_ssl_protocols.each do |protocol| -%>
|
|
<%= protocol %>,
|
|
<%- end -%>
|
|
]
|
|
|
|
# A list of acceptable cipher suites for making HTTP requests
|
|
cipher-suites: [
|
|
<%- @server_cipher_suites.each do |cipher| -%>
|
|
<%= cipher %>,
|
|
<%- end -%>
|
|
]
|
|
|
|
# The amount of time, in milliseconds, that an outbound HTTP connection
|
|
# will wait for data to be available before closing the socket. If not
|
|
# defined, defaults to 20 minutes. If 0, the timeout is infinite and if
|
|
# negative, the value is undefined by the application and governed by the
|
|
# system default behavior.
|
|
idle-timeout-milliseconds: <%= @server_idle_timeout %>
|
|
|
|
# The amount of time, in milliseconds, that an outbound HTTP connection will
|
|
# wait to connect before giving up. Defaults to 2 minutes if not set. If 0,
|
|
# the timeout is infinite and if negative, the value is undefined in the
|
|
# application and governed by the system default behavior.
|
|
connect-timeout-milliseconds: <%= @server_connect_timeout %>
|
|
}
|
|
|
|
# settings related to profiling the puppet Ruby code
|
|
profiler: {
|
|
# enable or disable profiling for the Ruby code; defaults to 'false'.
|
|
enabled: <%= @server_enable_ruby_profiler %>
|
|
}
|
|
<%- if scope.function_versioncmp([@server_puppetserver_version, '2.2']) < 0 -%>
|
|
|
|
# Settings related to the puppet-admin HTTP API
|
|
puppet-admin: {
|
|
client-whitelist: [
|
|
<%- @server_admin_api_whitelist.each do |certname| -%>
|
|
"<%= certname %>",
|
|
<%- end -%>
|
|
]
|
|
}
|
|
<%- end -%>
|
