unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'feat: puppetboard on consul' (#220) from neoloc/puppetboard_consul into develop

Browse Source 
Reviewed-on: unkinben/puppet-prod#220
This commit is contained in:
Ben Vincent 2024-05-22 22:26:44 +09:30
commit e19c84b33e
4 changed files with 44 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
hieradata/country/au/region/syd1/infra/puppetboard/server.yaml Normal file
View File

@ -0,0 +1,5 @@
---
profiles::puppet::puppetboard::nginx_aliases:
- puppetboard.service.consul
- puppetboard.query.consul
- "%{facts.networking.fqdn}"

27
hieradata/roles/infra/puppetboard/server.yaml Normal file
View File

@ -0,0 +1,27 @@
---
# additional altnames
profiles::pki::vault::alt_names:
- puppetboard.main.unkin.net
- puppetboard.service.consul
- puppetboard.query.consul
consul::services:
puppetboard:
service_name: 'puppetboard'
tags:
- 'puppet'
- 'puppetboard'
address: "%{facts.networking.ip}"
port: 80
checks:
- id: 'puppetboard_http_check'
name: 'Puppetboard HTTP Check'
http: "http://%{facts.networking.fqdn}:80"
method: 'GET'
tls_skip_verify: true
interval: '10s'
timeout: '1s'
profiles::consul::client::node_rules:
- resource: service
segment: puppetboard
disposition: write

6
hieradata/roles/infra/storage/consul.yaml
View File

@ -65,3 +65,9 @@ profiles::consul::prepared_query::rules:
service_failover_n: 3 service_failover_n: 3
service_only_passing: true service_only_passing: true
ttl: 10 ttl: 10
puppetboard:
ensure: 'present'
service_name: 'puppetboard'
service_failover_n: 3
service_only_passing: true
ttl: 10

9
site/profiles/manifests/puppet/puppetboard.pp
View File

@ -18,8 +18,9 @@ class profiles::puppet::puppetboard (
String $gunicorn_bind_prefix = 'http://', String $gunicorn_bind_prefix = 'http://',
Integer $gunicorn_workers = 1, Integer $gunicorn_workers = 1,
Integer $gunicorn_threads = 4, Integer $gunicorn_threads = 4,
String $nginx_vhost = 'puppetboard.main.unkin.net', Stdlib::Port $nginx_port = 80,
Integer $nginx_port = 80, Stdlib::Host $nginx_vhost = 'puppetboard.main.unkin.net',
Array[Stdlib::Host] $nginx_aliases = [],
#String[1] $secret_key = "${fqdn_rand_string(32)}", #String[1] $secret_key = "${fqdn_rand_string(32)}",
) { ) {
@ -98,10 +99,12 @@ class profiles::puppet::puppetboard (
# ensure the nginx service is managed # ensure the nginx service is managed
class { 'nginx': } class { 'nginx': }
$nginx_server_names = unique([$nginx_vhost] + $nginx_aliases)
# create the nginx vhost # create the nginx vhost
nginx::resource::server { $nginx_vhost: nginx::resource::server { $nginx_vhost:
listen_port => $nginx_port, listen_port => $nginx_port,
server_name => [$nginx_vhost], server_name => $nginx_server_names,
proxy => "${gunicorn_bind_prefix}${gunicorn_bind}", proxy => "${gunicorn_bind_prefix}${gunicorn_bind}",
proxy_set_header => [ proxy_set_header => [
'Host $http_host', 'Host $http_host',