Files
argocd-apps/apps/base/puppet/configmap_puppetserver-init-masters-config.yaml
unkinben df1b9a5685 feat: complete puppet infrastructure (#29)
complete the implementation of puppet in kubernetes, taking many
features from the openvox helm chart and improving on them. changes from
helm are:
- using vault for storing secrets
- using g10k instead of r10k
- using a single shared g10k cronjob for all masters/compilers
- using a single shared /etc/puppetlabs/code directory (shared, cephfs)

changes:
- deploy puppet master and compiler servers with statefulset/deployment
- deploy puppetdb with postgresql backend, taking advantage of cnpg cluster and pooler
- deploy puppetboard
- all supporting configmaps, services, ingresses, and hpas
- added vaultstaticsecret for eyaml private keys
- configured secure mounting of eyaml keys at /var/lib/puppet/keys/
- updated base kustomization to include all 23 new puppet resource files

Reviewed-on: #29
2026-03-17 20:25:11 +11:00

29 lines
944 B
YAML

apiVersion: v1
data:
check_for_masters.sh: |
#!/usr/bin/env bash
if [[ -d "$PUPPET_SSL_DIR" ]]; then
ls -la /etc/puppetlabs/puppet/ssl/certs/
echo "A Puppetserver master has already started running."
echo "Waiting to finish the generation of the Puppet SSL certs..."
sleep 5
while ! [[ -n "$(find /etc/puppetlabs/puppet/ssl/certs -name 'puppet*.pem' | head -1)" ]];
do
echo "Still waiting..."
sleep 5
done
sleep 15
echo "Puppet SSL certs have been generated. Continuing..."
else
echo "No other Puppetserver master is running. Continuing..."
fi
kind: ConfigMap
metadata:
labels:
app.kubernetes.io/component: puppetserver
app.kubernetes.io/instance: puppetserver
app.kubernetes.io/name: puppetserver
app.kubernetes.io/version: 8.8.0
name: puppetserver-init-masters-config
namespace: puppet