class profiles::puppetboard2 ( ) { file { '/srv': ensure => directory, } class { 'puppetboard': manage_git => true, manage_virtualenv => false, install_from => 'package', puppetdb_port => 8080, # Required for /metrics/ to work puppetdb_host => 'puppet.adrift.space', enable_catalog => true, python_loglevel => 'info', offline_mode => true, default_environment => '*', } include ::nginx include ::profiles::certificate letsencrypt::domain { 'puppetboard.adrift.space': # cert_name => $profiles::certificate::cert_name, cert_name => 'puppetboard.adrift.space', } ensure_packages(['uwsgi-py39']) # uwsgi --socket /tmp/uwsgi-puppetboard --master --uid uwsgi --wsgi-file /usr/local/www/puppetboard/wsgi.py nginx::resource::server { 'puppetboard.adrift.space': ipv6_enable => true, ipv6_listen_options => '', www_root => '/', use_default_location => false, * => letsencrypt::conf::nginx('puppetboard.adrift.space'), } $uwsgi_sock = '/var/run/uwsgi.sock' if $facts['letsencrypt_directory']['puppetboard.adrift.space'] { nginx::resource::location { default: server => 'puppetboard.adrift.space', ssl => true, ssl_only => true, index_files => [], ; 'puppetboard.adrift.space - puppetboard /': location => '/', uwsgi => "unix:${uwsgi_sock}", uwsgi_param => { 'UWSGI_FILE' => '/usr/local/www/puppetboard/wsgi.py', 'Host' => '$host', 'X-Real-Ip' => '$remote_addr', 'X-Forwarded-For' => '$proxy_add_x_forwarded_for', 'X-Forwarded-Proto' => '$http_x_forwarded_proto', }, } } # The following is extremeley BSD specific, also, uwsgi should be managed separately. ensure_packages(['uwsgi-py39']) service { 'uwsgi': ensure => running, enable => true, } file { '/etc/rc.conf.d/uwsgi': content => @("EOF") # Added by Puppet uwsgi_socket=${uwsgi_sock} | EOF } }