feat: split puppetdb role into api and sql

- add puppetdb_api and puppetdb_sql role
- add puppetdb_api and puppetdb_sql profile
- add prodinf01n05 to /etc/hosts file
- set listen_address for all services to be hosts ip
- set storeconfigs and storeconfigs_backend to be managed by puppetmaster profile

hieradata/common.yaml

@@ -38,8 +38,9 @@ profiles::puppet::g10k::cfg_path: '/etc/puppetlabs/r10k/r10k.yaml'
 profiles::puppet::g10k::environments_path: '/etc/puppetlabs/code/environments'
 profiles::puppet::g10k::default_environment: 'develop'
 profiles::puppet::puppetdb::puppetdb_host: prodinf01n04.main.unkin.net
+profiles::puppet::puppetdb::postgres_host: prodinf01n05.main.unkin.net
 puppetdb::master::config::create_puppet_service_resource: false
-puppetdb::master::config::puppetdb_host: "%{lookup('profiles::puppet::puppetdb::puppetdb_host')}"
+#puppetdb::master::config::puppetdb_host: "%{lookup('profiles::puppet::puppetdb::puppetdb_host')}"
 
 profiles::accounts::sysadmin::sshkeys:
   - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZ8SRLlPiDylBpdWR9LpvPg4fDVD+DZst4yRPFwMMhta4mnB1H9XuvZkptDhXywWQ7QIcqa2WbhCen0OQJCtwn3s7EYtacmF5MxmwBYocPoK2AArGuh6NA9rwTdLrPdzhZ+gwe88PAzRLNzjm0ZBR+mA9saMbPJdqpKp0AWeAM8QofRQAWuCzQg9i0Pn1KDMvVDRHCZof4pVlHSTyHNektq4ifovn0zhKC8jD/cYu95mc5ftBbORexpGiQWwQ3HZw1IBe0ZETB1qPIPwsoJpt3suvMrL6T2//fcIIUE3TcyJKb/yhztja4TZs5jT8370G/vhlT70He0YPxqHub8ZfBv0khlkY93VBWYpNGJwM1fVqlw7XbfBNdOuJivJac8eW317ZdiDnKkBTxapThpPG3et9ib1HoPGKRsd/fICzNz16h2R3tddSdihTFL+bmTCa6Lo+5t5uRuFjQvhSLSgO2/gRAprc3scYOB4pY/lxOFfq3pU2VvSJtRgLNEYMUYKk= ben@unkin.net
@@ -58,3 +59,7 @@ profiles::base::hosts::additional_hosts:
     aliases:
       - prodinf01n04
       - puppetdb
+  - ip: 198.18.17.5
+    hostname: prodinf01n05.main.unkin.net
+    aliases:
+      - prodinf01n05

site/profiles/manifests/puppet/puppetdb.pp

@@ -1,39 +0,0 @@
-# profiles::puppet::puppetdb
-#
-# This class manages the installation and configuration of PuppetDB
-# and its underlying PostgreSQL database on a single node.
-#
-# It makes use of the puppetlabs-puppetdb module to manage both the
-# PuppetDB service and its PostgreSQL backend.
-#
-class profiles::puppet::puppetdb(
-  String  $puppetdb_host,
-  String  $listen_address = $facts['networking']['ip'],
-) {
-
-  # disable the postgresql dnf module for el8+
-  if $facts['os']['family'] == 'RedHat' and $facts['os']['release']['major'] >= '8' {
-    # based on https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/manifests/dnfmodule.pp
-    package { 'postgresql dnf module':
-        ensure   => 'disabled',
-        name     => 'postgresql',
-        provider => 'dnfmodule',
-        before   => Class['puppetdb::database::postgresql'],
-    }
-  }
-
-  # Install and configure PostgreSQL for PuppetDB
-  class { 'puppetdb::database::postgresql':
-    listen_addresses  => $listen_address,
-    postgresql_ssl_on => false,
-    postgres_version  => '15',
-    puppetdb_server   => $puppetdb_host,
-    before            => Class['puppetdb::server'],
-  }
-
-  class { 'puppetdb::server':
-    database_host     => $listen_address,
-    postgresql_ssl_on => false,
-    manage_firewall   => false,
-  }
-}

site/profiles/manifests/puppet/puppetdb_api.pp

@@ -0,0 +1,16 @@
+# configure the puppetdb api service
+class profiles::puppet::puppetdb_api (
+  String $postgres_host = lookup('profiles::puppet::puppetdb::postgres_host'),
+  String $listen_address = $facts['networking']['ip'],
+) {
+
+  class { 'puppetdb::server':
+    database_host      => $postgres_host,
+    manage_firewall    => false,
+    ssl_listen_address => $listen_address,
+    listen_address     => $listen_address,
+  }
+
+  contain ::puppetdb::server
+
+}

site/profiles/manifests/puppet/puppetdb_sql.pp

@@ -0,0 +1,27 @@
+# configure the puppetdb sql service
+class profiles::puppet::puppetdb_sql (
+  String $puppetdb_host = lookup('profiles::puppet::puppetdb::puppetdb_host'),
+  String $listen_address = $facts['networking']['ip'],
+) {
+
+  # disable the postgresql dnf module for el8+
+  if $facts['os']['family'] == 'RedHat' and $facts['os']['release']['major'] >= '8' {
+    # based on https://github.com/puppetlabs/puppetlabs-postgresql/blob/main/manifests/dnfmodule.pp
+    package { 'postgresql dnf module':
+        ensure   => 'disabled',
+        name     => 'postgresql',
+        provider => 'dnfmodule',
+        before   => Class['puppetdb::database::postgresql'],
+    }
+  }
+
+  # Install and configure PostgreSQL for PuppetDB
+  class { 'puppetdb::database::postgresql':
+    listen_addresses => $listen_address,
+    postgres_version => '15',
+    puppetdb_server  => $puppetdb_host,
+  }
+
+  contain ::puppetdb::database::postgresql
+
+}

site/profiles/manifests/puppet/puppetmaster.pp

@@ -32,6 +32,7 @@ class profiles::puppet::puppetmaster (
 
   class { 'puppetdb::master::config':
     puppetdb_server     => $puppetdb_host,
+    manage_storeconfigs => false,
   }
 
   class { 'profiles::puppet::server':
@@ -55,5 +56,7 @@ class profiles::puppet::puppetmaster (
     autosign             => '/etc/puppetlabs/puppet/autosign.conf',
     default_manifest     => '/etc/puppetlabs/code/environments/develop/manifests',
     default_environment  => 'develop',
+    storeconfigs         => true,
+    storeconfigs_backend => 'puppetdb',
   }
 }

site/profiles/manifests/puppet/server.pp

@@ -27,6 +27,8 @@ class profiles::puppet::server (
   String $autosign,
   String $default_manifest,
   String $default_environment,
+  Boolean $storeconfigs,
+  String $storeconfigs_backend,
 ) {
 
   file { '/etc/puppetlabs/puppet/puppet.conf':
@@ -47,6 +49,8 @@ class profiles::puppet::server (
       'autosign'             => $autosign,
       'default_manifest'     => $default_manifest,
       'default_environment'  => $default_environment,
+      'storeconfigs'         => $storeconfigs,
+      'storeconfigs_backend' => $storeconfigs_backend,
     }),
     notify  => Service['puppetserver'],
   }

site/profiles/templates/puppet/server/puppet.conf.epp

@@ -17,3 +17,5 @@ external_nodes = <%= $external_nodes %>
 autosign = <%= $autosign %>
 default_manifest = <%= $default_manifest %>
 default_environment = <%= $default_environment %>
+storeconfigs = <%= $storeconfigs %>
+storeconfigs_backend = <%= $storeconfigs_backend %>

site/roles/manifests/puppet/puppetdb_api.pp

@@ -0,0 +1,6 @@
+# a role to deploy the puppetdb api service
+class roles::puppet::puppetdb_api {
+    include profiles::defaults
+    include profiles::base
+    include profiles::puppet::puppetdb_api
+  }

site/roles/manifests/puppet/puppetdb_sql.pp

@@ -0,0 +1,6 @@
+# a role to deploy the puppetdb postgresql service
+class roles::puppet::puppetdb_sql {
+    include profiles::defaults
+    include profiles::base
+    include profiles::puppet::puppetdb_sql
+  }