class profiles::puppetserver ( # TODO provide sensible default here, to allow us to bootstrap # ourselves Hash $hiera, String $puppetdb_server = $::fqdn, ) { # required for the git hook ensure_packages(['ruby']) file { '/usr/libexec': ensure => directory, } ensure_packages(['python3-yaml']) inifile::create_ini_settings( { common => { node_fmt => yaml, nodes => '/puppet/nodes.yaml', }, }, { path => '/etc/node-classifier.ini', } ) file { '/usr/libexec/external-node-classifier': mode => '0555', source => 'puppet:///modules/profiles/', } class { 'puppet': server => true, show_diff => true, server_foreman => false, server_reports => 'puppetdb', server_storeconfigs => true, server_git_repo => true, server_git_repo_path => '/var/lib/puppet.git', server_external_nodes => '/usr/libexec/external-node-classifier', server_strict_variables => true, autosign_entries => [ '*', ], } # This is the default value, and shouldn't have to be set (which is # why theforeman-puppet module doesnt), but puppetlabs-puppetdb # does, which forecus us into an infinite restart loop since # the main config is constantly changed if ! defined(Puppet::Config::Master['storeconfigs_backend']) { puppet::config::master { 'storeconfigs_backend': value => 'puppetdb', } } class { 'puppetdb::master::config': puppetdb_server => $puppetdb_server, } # TODO # apt install puppetdb-termini file { "/etc/puppetlabs/puppet/hiera.yaml": ensure => file, content => hash2yaml($hiera, { 'header' => '# This file is managed by puppet', }), } }