Setup PuppetDB/Puppetboard

- install modules required
    - puppetdb
    - postgresql
    - puppetboard
    - python
  - create new profiles to manage each item (puppetdb/puppetboard)
  - added puppetdb role
  - include the puppetdb::master::config in puppetmaster role
  - re-organised the puppetfile
  - moved python to be managed by the python module
  - added postgresql to list of managed repos

Puppetfile

@@ -1,17 +1,24 @@
 forge 'forge.puppetlabs.com'
 moduledir 'external_modules'
 
-# Forge Modules
+# puppetlabs
 mod 'puppetlabs-stdlib', '9.1.0'
 mod 'puppetlabs-inifile', '6.0.0'
 mod 'puppetlabs-concat', '9.0.0'
-#mod 'eyp-eyplib', '0.1.24'
-#mod 'eyp-systemd', '3.1.0'
-mod 'puppet-systemd', '5.1.0'
-mod 'ghoneycutt-puppet', '3.3.0'
-mod 'puppet-archive', '7.0.0'
-mod 'puppet-chrony', '2.6.0'
 mod 'puppetlabs-vcsrepo', '6.1.0'
 mod 'puppetlabs-yumrepo_core', '2.0.0'
-mod 'puppet-yum', '7.0.0'
 mod 'puppetlabs-apt', '9.1.0'
+mod 'puppetlabs-puppetdb', '7.13.0'
+mod 'puppetlabs-postgresql', '9.1.0'
+mod 'puppetlabs-firewall', '6.0.0'
+
+# puppet
+mod 'puppet-python', '7.0.0'
+mod 'puppet-systemd', '5.1.0'
+mod 'puppet-yum', '7.0.0'
+mod 'puppet-archive', '7.0.0'
+mod 'puppet-chrony', '2.6.0'
+mod 'puppet-puppetboard', '9.0.0'
+
+# other
+mod 'ghoneycutt-puppet', '3.3.0'

hieradata/common.yaml

@@ -11,7 +11,6 @@ profiles::base::packages::common:
   - mtr
   - ncdu
   - neovim
-  - python3
   - screen
   - strace
   - sudo
@@ -36,3 +35,6 @@ profiles::puppet::g10k::bin_path: '/opt/puppetlabs/bin/g10k'
 profiles::puppet::g10k::cfg_path: '/etc/puppetlabs/r10k/r10k.yaml'
 profiles::puppet::g10k::environments_path: '/etc/puppetlabs/code/environments'
 profiles::puppet::g10k::default_environment: 'develop'
+profiles::puppet::puppetdb::puppetdb_host: prodinf01n04.main.unkin.net
+puppetdb::master::config::create_puppet_service_resource: false
+puppetdb::master::config::puppetdb_host: "%{lookup('profiles::puppet::puppetdb::puppetdb_host')}"

hieradata/os/AlmaLinux/AlmaLinux8.yaml

@@ -6,3 +6,4 @@ profiles::yum::managed_repos:
   - 'appstream'
   - 'epel'
   - 'puppet7'
+  - 'yum.postgresql.org'

hieradata/os/AlmaLinux/AlmaLinux9.yaml

@@ -6,3 +6,4 @@ profiles::yum::managed_repos:
   - 'appstream'
   - 'epel'
   - 'puppet7'
+  - 'yum.postgresql.org'

site/profiles/manifests/base.pp

@@ -17,8 +17,17 @@ class profiles::base (
     }
   }
 
+  # include the base packages profile
   class { 'profiles::base::packages':
     packages => hiera('profiles::base::packages::common'),
     ensure   => 'installed',
   }
+
+  # include the python class
+  class { 'python':
+    manage_python_package => true,
+    manage_venv_package   => true,
+    manage_pip_package    => true,
+    use_epel              => false,
+  }
 }

site/profiles/manifests/puppet/puppetboard.pp

@@ -0,0 +1,43 @@
+# Class: profiles::puppet::puppetboard
+#
+# This class manages the configuration of Puppetboard, a web frontend for PuppetDB.
+#
+# Parameters:
+#   - `python_version`: Specifies the Python version used for the virtualenv where Puppetboard runs.
+#   - `manage_virtualenv`: Determines if this class should handle the creation of the virtual environment for Puppetboard.
+#   - `reports_count`: Defines the number of reports to show per node in Puppetboard.
+#   - `offline_mode`: Determines if Puppetboard should work in offline mode or not.
+#   - `default_environment`: Sets the default Puppet environment to filter results in Puppetboard.
+#
+# Usage:
+#   This class can be called directly in your manifests or through Hiera.
+#
+# Example:
+#   To use the default parameters (as shown below), you can declare the class:
+#   
+#   include profiles::puppet::puppetboard
+#
+#   Alternatively, you can customize the parameters:
+#
+#   class { 'profiles::puppet::puppetboard':
+#     python_version => '3.8',
+#     reports_count  => 50,
+#     offline_mode   => false,
+#   }
+#
+class profiles::puppet::puppetboard (
+  String $python_version = '3.6',
+  Boolean $manage_virtualenv = false,
+  Integer $reports_count = 40,
+  Boolean $offline_mode = true,
+  String $default_environment = '*',
+) {
+
+  class { 'puppetboard':
+    python_version      => $python_version,
+    manage_virtualenv   => $manage_virtualenv,
+    reports_count       => $reports_count,
+    offline_mode        => $offline_mode,
+    default_environment => $default_environment,
+  }
+}

site/profiles/manifests/puppet/puppetdb.pp

@@ -0,0 +1,38 @@
+# profiles::puppet::puppetdb
+#
+# This class manages the installation and configuration of PuppetDB
+# and its underlying PostgreSQL database on a single node.
+#
+# It makes use of the puppetlabs-puppetdb module to manage both the
+# PuppetDB service and its PostgreSQL backend.
+#
+class profiles::puppet::puppetdb(
+  String  $puppetdb_host,
+  String  $listen_address = $facts['networking']['ip'],
+) {
+
+  # disable the postgresql dnf module for el8+
+  if $facts['os']['family'] == 'RedHat' and $facts['os']['release']['major'] >= '8' {
+    # based on https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/manifests/dnfmodule.pp
+    package { 'postgresql dnf module':
+        ensure   => 'disabled',
+        name     => 'postgresql',
+        provider => 'dnfmodule',
+        before   => Class['puppetdb::database::postgresql'],
+    }
+  }
+
+  # Install and configure PostgreSQL for PuppetDB
+  class { 'puppetdb::database::postgresql':
+    listen_addresses  => $listen_address,
+    postgresql_ssl_on => false,
+    postgres_version  => '15',
+    puppetdb_server   => $puppetdb_host,
+    before            => Class['puppetdb::server'],
+  }
+
+  class { 'puppetdb::server':
+    database_host     => $listen_address,
+    postgresql_ssl_on => false,
+  }
+}

site/profiles/manifests/puppet/puppetmaster.pp

@@ -27,6 +27,7 @@ class profiles::puppet::puppetmaster {
   include profiles::puppet::g10k
   include profiles::puppet::enc
   include profiles::puppet::autosign
+  include puppetdb::master::config
 
   class { 'profiles::puppet::server':
     vardir              => '/opt/puppetlabs/server/data/puppetserver',

site/roles/manifests/puppet/puppetdb.pp

@@ -0,0 +1,7 @@
+# a role to deploy the puppetdb
+# work in progress
+class roles::puppet::puppetdb {
+    include profiles::defaults
+    include profiles::base
+    include profiles::puppet::puppetdb
+  }