diff options
Diffstat (limited to 'manifests')
-rw-r--r-- | manifests/puppetboard.pp | 40 | ||||
-rw-r--r-- | manifests/puppetserver.pp | 10 |
2 files changed, 35 insertions, 15 deletions
diff --git a/manifests/puppetboard.pp b/manifests/puppetboard.pp index d477632..8bc57ab 100644 --- a/manifests/puppetboard.pp +++ b/manifests/puppetboard.pp @@ -36,22 +36,32 @@ class profiles::puppetboard { provider => apache, } + # Only set up TLS if we are ready. This allows us to bootstrap + # ourselves the next run. $certname = lookup('certname') - class { 'puppetboard::apache::vhost': - vhost_name => $::fqdn, - port => 443, - ssl => true, - ssl_cert => "/etc/letsencrypt/live/${certname}/cert.pem", - ssl_key => "/etc/letsencrypt/live/${certname}/privkey.pem", - ssl_chain => "/etc/letsencrypt/live/${certname}/fullchain.pem", - } + if $certname and $facts['letsencrypt_directory'][$certname] { + class { 'puppetboard::apache::vhost': + vhost_name => $::fqdn, + port => 443, + ssl => true, + ssl_cert => "/etc/letsencrypt/live/${certname}/cert.pem", + ssl_key => "/etc/letsencrypt/live/${certname}/privkey.pem", + ssl_chain => "/etc/letsencrypt/live/${certname}/fullchain.pem", + } - apache::vhost { "http-redirect": - servername => $::fqdn, - port => 80, - redirect_source => ['/'], - redirect_dest => ["https://${::fqdn}/"], - redirect_status => ['permanent'], - docroot => false, + apache::vhost { "http-redirect": + servername => $::fqdn, + port => 80, + redirect_source => ['/'], + redirect_dest => ["https://${::fqdn}/"], + redirect_status => ['permanent'], + docroot => false, + } + } else { + class { 'puppetboard::apache::vhost': + vhost_name => $::fqdn, + port => 80, + ssl => false, + } } } diff --git a/manifests/puppetserver.pp b/manifests/puppetserver.pp index 3a6921e..7467600 100644 --- a/manifests/puppetserver.pp +++ b/manifests/puppetserver.pp @@ -1,5 +1,8 @@ class profiles::puppetserver ( + # TODO provide sensible default here, to allow us to bootstrap + # ourselves Hash $hiera, + String $pupetdb_server = $::fqdn, ) { # required for the git hook ensure_packages(['ruby']) @@ -40,6 +43,13 @@ class profiles::puppetserver ( ], } + class { 'puppetdb::master::config': + puppetdb_server => $puppetdb_server, + } + + # TODO + # apt install puppetdb-termini + file { "/etc/puppetlabs/puppet/hiera.yaml": ensure => file, content => hash2yaml($hiera, { |