1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
class profiles::puppetserver (
Hash $hiera = {
'version' => 5,
'defaults' => {
'datadir' => '/puppet',
},
'hierarchy' => [
{
'name' => 'Data',
'data_hash' => 'yaml_data',
'paths' => [
'nodes/%{trusted.certname}.yaml',
'os/name/%{facts.os.name}.yaml',
'os/family/%{facts.os.family}.yaml',
'common.yaml',
],
}
]
},
) {
if defined(Class['profiles::puppetagent']) {
fail('Can only either be puppetagent or puppetserver (which is also a puppetagent), not both')
}
# required for the git hook
ensure_packages(['ruby'])
file { '/usr/libexec':
ensure => directory,
}
ensure_packages(['python3-yaml'])
inifile::create_ini_settings(
{ common => {
node_fmt => yaml,
nodes => '/puppet/nodes.yaml',
},
},
{
path => '/etc/node-classifier.ini',
}
)
file { '/usr/libexec/external-node-classifier':
mode => '0555',
source => 'puppet:///modules/profiles/node-classifier.py',
}
class { 'puppet':
server => true,
show_diff => true,
server_foreman => false,
server_reports => 'puppetdb',
server_storeconfigs => true,
server_git_repo => true,
server_git_repo_path => '/var/lib/puppet.git',
server_external_nodes => '/usr/libexec/external-node-classifier',
server_strict_variables => true,
autosign_entries => [
'*.adrift.space',
],
}
# This is the default value, and shouldn't have to be set (which is
# why theforeman-puppet module doesnt), but puppetlabs-puppetdb
# does, which forecus us into an infinite restart loop since
# the main config is constantly changed
if ! defined(Puppet::Config::Master['storeconfigs_backend']) {
puppet::config::master { 'storeconfigs_backend':
value => 'puppetdb',
}
}
# TODO
# apt install puppetdb-termini
file { "/etc/puppetlabs/puppet/hiera.yaml":
ensure => file,
content => hash2yaml($hiera, {
'header' => '# This file is managed by puppet',
}),
}
}
|