Merge pull request 'Setup PuppetDB/Puppetboard' (#25) from neoloc/puppetdb into develop

Reviewed-on: unkinben/puppet-prod#25
2023-10-21 22:01:07 +09:30 · 2023-10-21 22:01:07 +09:30 · 789ae2a508
commit 789ae2a508
parent b2a4ef2386 ac27a9ce0b
9 changed files with 119 additions and 10 deletions
--- a/25
+++ b/25
@ -1,19 +1,26 @@
 forge 'forge.puppetlabs.com'
 moduledir 'external_modules'

-# Forge Modules
+# puppetlabs
 mod 'puppetlabs-stdlib', '9.1.0'
 mod 'puppetlabs-inifile', '6.0.0'
 mod 'puppetlabs-concat', '9.0.0'
-#mod 'eyp-eyplib', '0.1.24'
-#mod 'eyp-systemd', '3.1.0'
-mod 'puppet-systemd', '5.1.0'
-mod 'ghoneycutt-puppet', '3.3.0'
-mod 'puppet-archive', '7.0.0'
-mod 'puppet-chrony', '2.6.0'
 mod 'puppetlabs-vcsrepo', '6.1.0'
 mod 'puppetlabs-yumrepo_core', '2.0.0'
-mod 'puppet-yum', '7.0.0'
 mod 'puppetlabs-apt', '9.1.0'
-mod 'saz-sudo', '8.0.0'
+mod 'puppetlabs-puppetdb', '7.13.0'
+mod 'puppetlabs-postgresql', '9.1.0'
+mod 'puppetlabs-firewall', '6.0.0'
 mod 'puppetlabs-accounts', '8.1.0'
+
+# puppet
+mod 'puppet-python', '7.0.0'
+mod 'puppet-systemd', '5.1.0'
+mod 'puppet-yum', '7.0.0'
+mod 'puppet-archive', '7.0.0'
+mod 'puppet-chrony', '2.6.0'
+mod 'puppet-puppetboard', '9.0.0'
+
+# other
+mod 'ghoneycutt-puppet', '3.3.0'
+mod 'saz-sudo', '8.0.0'
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@ -11,7 +11,6 @@ profiles::base::packages::common:
  - mtr
  - ncdu
  - neovim
-  - python3
  - screen
  - strace
  - tmux
@ -35,6 +34,9 @@ profiles::puppet::g10k::bin_path: '/opt/puppetlabs/bin/g10k'
 profiles::puppet::g10k::cfg_path: '/etc/puppetlabs/r10k/r10k.yaml'
 profiles::puppet::g10k::environments_path: '/etc/puppetlabs/code/environments'
 profiles::puppet::g10k::default_environment: 'develop'
+profiles::puppet::puppetdb::puppetdb_host: prodinf01n04.main.unkin.net
+puppetdb::master::config::create_puppet_service_resource: false
+puppetdb::master::config::puppetdb_host: "%{lookup('profiles::puppet::puppetdb::puppetdb_host')}"

 profiles::accounts::sysadmin::sshkeys:
  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZ8SRLlPiDylBpdWR9LpvPg4fDVD+DZst4yRPFwMMhta4mnB1H9XuvZkptDhXywWQ7QIcqa2WbhCen0OQJCtwn3s7EYtacmF5MxmwBYocPoK2AArGuh6NA9rwTdLrPdzhZ+gwe88PAzRLNzjm0ZBR+mA9saMbPJdqpKp0AWeAM8QofRQAWuCzQg9i0Pn1KDMvVDRHCZof4pVlHSTyHNektq4ifovn0zhKC8jD/cYu95mc5ftBbORexpGiQWwQ3HZw1IBe0ZETB1qPIPwsoJpt3suvMrL6T2//fcIIUE3TcyJKb/yhztja4TZs5jT8370G/vhlT70He0YPxqHub8ZfBv0khlkY93VBWYpNGJwM1fVqlw7XbfBNdOuJivJac8eW317ZdiDnKkBTxapThpPG3et9ib1HoPGKRsd/fICzNz16h2R3tddSdihTFL+bmTCa6Lo+5t5uRuFjQvhSLSgO2/gRAprc3scYOB4pY/lxOFfq3pU2VvSJtRgLNEYMUYKk= ben@unkin.net
--- a/hieradata/os/AlmaLinux/AlmaLinux8.yaml
+++ b/hieradata/os/AlmaLinux/AlmaLinux8.yaml
@ -6,3 +6,4 @@ profiles::yum::managed_repos:
  - 'appstream'
  - 'epel'
  - 'puppet7'
+  - 'yum.postgresql.org'
--- a/hieradata/os/AlmaLinux/AlmaLinux9.yaml
+++ b/hieradata/os/AlmaLinux/AlmaLinux9.yaml
@ -6,3 +6,4 @@ profiles::yum::managed_repos:
  - 'appstream'
  - 'epel'
  - 'puppet7'
+  - 'yum.postgresql.org'
--- a/site/profiles/manifests/base.pp
+++ b/site/profiles/manifests/base.pp
@ -17,11 +17,20 @@ class profiles::base (
    }
  }

+  # include the base packages profile
  class { 'profiles::base::packages':
    packages => hiera('profiles::base::packages::common'),
    ensure   => 'installed',
  }

+  # include the python class
+  class { 'python':
+    manage_python_package => true,
+    manage_venv_package   => true,
+    manage_pip_package    => true,
+    use_epel              => false,
+  }
+
  # all hosts will have sudo applied
  include sudo

--- a/site/profiles/manifests/puppet/puppetboard.pp
+++ b/site/profiles/manifests/puppet/puppetboard.pp
@ -0,0 +1,43 @@
+# Class: profiles::puppet::puppetboard
+#
+# This class manages the configuration of Puppetboard, a web frontend for PuppetDB.
+#
+# Parameters:
+#   - `python_version`: Specifies the Python version used for the virtualenv where Puppetboard runs.
+#   - `manage_virtualenv`: Determines if this class should handle the creation of the virtual environment for Puppetboard.
+#   - `reports_count`: Defines the number of reports to show per node in Puppetboard.
+#   - `offline_mode`: Determines if Puppetboard should work in offline mode or not.
+#   - `default_environment`: Sets the default Puppet environment to filter results in Puppetboard.
+#
+# Usage:
+#   This class can be called directly in your manifests or through Hiera.
+#
+# Example:
+#   To use the default parameters (as shown below), you can declare the class:
+#   
+#   include profiles::puppet::puppetboard
+#
+#   Alternatively, you can customize the parameters:
+#
+#   class { 'profiles::puppet::puppetboard':
+#     python_version => '3.8',
+#     reports_count  => 50,
+#     offline_mode   => false,
+#   }
+#
+class profiles::puppet::puppetboard (
+  String $python_version = '3.6',
+  Boolean $manage_virtualenv = false,
+  Integer $reports_count = 40,
+  Boolean $offline_mode = true,
+  String $default_environment = '*',
+) {
+
+  class { 'puppetboard':
+    python_version      => $python_version,
+    manage_virtualenv   => $manage_virtualenv,
+    reports_count       => $reports_count,
+    offline_mode        => $offline_mode,
+    default_environment => $default_environment,
+  }
+}
--- a/site/profiles/manifests/puppet/puppetdb.pp
+++ b/site/profiles/manifests/puppet/puppetdb.pp
@ -0,0 +1,38 @@
+# profiles::puppet::puppetdb
+#
+# This class manages the installation and configuration of PuppetDB
+# and its underlying PostgreSQL database on a single node.
+#
+# It makes use of the puppetlabs-puppetdb module to manage both the
+# PuppetDB service and its PostgreSQL backend.
+#
+class profiles::puppet::puppetdb(
+  String  $puppetdb_host,
+  String  $listen_address = $facts['networking']['ip'],
+) {
+
+  # disable the postgresql dnf module for el8+
+  if $facts['os']['family'] == 'RedHat' and $facts['os']['release']['major'] >= '8' {
+    # based on https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/manifests/dnfmodule.pp
+    package { 'postgresql dnf module':
+        ensure   => 'disabled',
+        name     => 'postgresql',
+        provider => 'dnfmodule',
+        before   => Class['puppetdb::database::postgresql'],
+    }
+  }
+
+  # Install and configure PostgreSQL for PuppetDB
+  class { 'puppetdb::database::postgresql':
+    listen_addresses  => $listen_address,
+    postgresql_ssl_on => false,
+    postgres_version  => '15',
+    puppetdb_server   => $puppetdb_host,
+    before            => Class['puppetdb::server'],
+  }
+
+  class { 'puppetdb::server':
+    database_host     => $listen_address,
+    postgresql_ssl_on => false,
+  }
+}
--- a/site/profiles/manifests/puppet/puppetmaster.pp
+++ b/site/profiles/manifests/puppet/puppetmaster.pp
@ -27,6 +27,7 @@ class profiles::puppet::puppetmaster {
  include profiles::puppet::g10k
  include profiles::puppet::enc
  include profiles::puppet::autosign
+  include puppetdb::master::config

  class { 'profiles::puppet::server':
    vardir              => '/opt/puppetlabs/server/data/puppetserver',
--- a/site/roles/manifests/puppet/puppetdb.pp
+++ b/site/roles/manifests/puppet/puppetdb.pp
@ -0,0 +1,7 @@
+# a role to deploy the puppetdb
+# work in progress
+class roles::puppet::puppetdb {
+    include profiles::defaults
+    include profiles::base
+    include profiles::puppet::puppetdb
+  }