unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity

promote develop to master #6

Merged
unkinben merged 449 commits from develop into master 2024-06-01 14:48:48 +10:00
Conversation 0 Commits 449 Files Changed 291 +86 -64
8 changed files with 86 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 56b23620b7 - Show all commits

11
hieradata/common.yaml
View File

@ -87,6 +87,9 @@ lookup_options:
profiles::consul::client::node_rules: profiles::consul::client::node_rules:
merge: merge:
strategy: deep strategy: deep
profiles::puppet::server::dns_alt_names:
merge:
strategy: deep
facts_path: '/opt/puppetlabs/facter/facts.d' facts_path: '/opt/puppetlabs/facter/facts.d'
@ -237,3 +240,11 @@ profiles::base::hosts::additional_hosts:
aliases: aliases:
- prodinf01n22 - prodinf01n22
- repos.main.unkin.net - repos.main.unkin.net
profiles::puppet::server::dns_alt_names:
- "%{facts.networking.fqdn}"
- "%{facts.networking.hostname}"
- puppetmaster.main.unkin.net
- puppet.main.unkin.net
- puppetmaster
- puppet

4
hieradata/country/au/region/drw1/infra/puppet/master.yaml Normal file
View File

@ -0,0 +1,4 @@
---
profiles::puppet::server::dns_alt_names:
- puppetca.main.unkin.net
- puppetca

4
hieradata/country/au/region/syd1/infra/puppet/master.yaml Normal file
View File

@ -0,0 +1,4 @@
---
profiles::puppet::server::dns_alt_names:
- puppetca.main.unkin.net
- puppetca

4
hieradata/nodes/prodinf01n01.main.unkin.net.yaml Normal file
View File

@ -0,0 +1,4 @@
---
profiles::puppet::server::dns_alt_names:
- puppetca.main.unkin.net
- puppetca

3
hieradata/roles/infra/puppet.yaml Normal file
View File

@ -0,0 +1,3 @@
---
profiles::packages::install:
- puppetserver

4
site/profiles/manifests/puppet/client.pp
View File

@ -14,6 +14,9 @@ class profiles::puppet::client (
Boolean $usecacheonfailure = false, Boolean $usecacheonfailure = false,
) { ) {
# dont manage puppet.conf if this is a puppetmaster
if $facts['enc_role'] != 'roles::infra::puppet::master' {
# Assuming you want to manage puppet.conf with this profile # Assuming you want to manage puppet.conf with this profile
file { '/etc/puppetlabs/puppet/puppet.conf': file { '/etc/puppetlabs/puppet/puppet.conf':
ensure => 'present', ensure => 'present',
@ -23,5 +26,6 @@ class profiles::puppet::client (
mode => '0644', mode => '0644',
notify => Service['puppet'], notify => Service['puppet'],
} }
}
} }

41
site/profiles/manifests/puppet/puppetmaster.pp
View File

@ -23,8 +23,11 @@
# Limitations: # Limitations:
# This is designed to work on Unix-like systems. # This is designed to work on Unix-like systems.
class profiles::puppet::puppetmaster ( class profiles::puppet::puppetmaster (
String $puppetdb_host = lookup('profiles::puppet::puppetdb::puppetdb_host'), Optional[Stdlib::Fqdn] $puppetdb_host = lookup('profiles::puppet::puppetdb::puppetdb_host', Optional[Stdlib::Fqdn], 'first', undef),
) { ) {
if $facts['enc_role'] == 'roles::infra::puppet::master' {
include profiles::puppet::r10k include profiles::puppet::r10k
include profiles::puppet::g10k include profiles::puppet::g10k
include profiles::puppet::enc include profiles::puppet::enc
@ -32,36 +35,22 @@ class profiles::puppet::puppetmaster (
include profiles::puppet::autosign include profiles::puppet::autosign
include profiles::puppet::gems include profiles::puppet::gems
include profiles::helpers::certmanager include profiles::helpers::certmanager
include profiles::puppet::server
class { 'puppetdb::master::config': class { 'puppetdb::master::config':
puppetdb_server => $puppetdb_host, puppetdb_server => $puppetdb_host,
manage_storeconfigs => false, manage_storeconfigs => false,
} }
class { 'profiles::puppet::server': Package['puppetserver']
vardir => '/opt/puppetlabs/server/data/puppetserver', -> Class['profiles::puppet::gems']
logdir => '/var/log/puppetlabs/puppetserver', -> Class['profiles::puppet::r10k']
rundir => '/var/run/puppetlabs/puppetserver', -> Class['profiles::puppet::g10k']
pidfile => '/var/run/puppetlabs/puppetserver/puppetserver.pid', -> Class['profiles::puppet::enc']
codedir => '/etc/puppetlabs/code', -> Class['profiles::puppet::cobbler_enc']
dns_alt_names => [ -> Class['profiles::puppet::autosign']
'prodinf01n01.main.unkin.net', -> Class['puppetdb::master::config']
'puppet.main.unkin.net', -> Class['profiles::puppet::server']
'puppetca.main.unkin.net',
'puppetmaster.main.unkin.net',
'puppet',
'puppetca',
'puppetmaster',
],
server => 'prodinf01n01.main.unkin.net',
node_terminus => 'exec',
external_nodes => '/opt/cobbler-enc/cobbler-enc',
autosign => '/etc/puppetlabs/puppet/autosign.conf',
default_manifest => '/etc/puppetlabs/code/environments/develop/manifests',
default_environment => 'develop',
storeconfigs => true,
storeconfigs_backend => 'puppetdb',
reports => 'puppetdb',
usecacheonfailure => false,
} }
} }

41
site/profiles/manifests/puppet/server.pp
View File

@ -9,28 +9,31 @@
# pidfile - File path for the PID file. # pidfile - File path for the PID file.
# codedir - Directory path for code data. # codedir - Directory path for code data.
# dns_alt_names - Array of alternate DNS names for the server. # dns_alt_names - Array of alternate DNS names for the server.
# server - Server's name. # agent_server - Server name for the puppet agent on the master.
# node_terminus - Node terminus. # node_terminus - Node terminus.
# external_nodes - Path to the external node classifier script. # external_nodes - Path to the external node classifier script.
# autosign - Path to the autosign script. # autosign - Path to the autosign script.
# #
class profiles::puppet::server ( class profiles::puppet::server (
String $vardir, Stdlib::Absolutepath $vardir = '/opt/puppetlabs/server/data/puppetserver',
String $logdir, Stdlib::Absolutepath $logdir = '/var/log/puppetlabs/puppetserver',
String $rundir, Stdlib::Absolutepath $rundir = '/var/run/puppetlabs/puppetserver',
String $pidfile, Stdlib::Absolutepath $pidfile = '/var/run/puppetlabs/puppetserver/puppetserver.pid',
String $codedir, Stdlib::Absolutepath $codedir = '/etc/puppetlabs/code',
Array[String[1]] $dns_alt_names, Array[String] $dns_alt_names = [
String $server, $facts['networking']['fqdn'],
String $node_terminus, $facts['networking']['hostname'],
String $external_nodes, ],
String $autosign, Stdlib::Fqdn $agent_server = 'puppetmaster',
String $default_manifest, String $node_terminus = 'exec',
String $default_environment, String $external_nodes = '/opt/cobbler-enc/cobbler-enc',
Boolean $storeconfigs, String $default_environment = 'develop',
String $storeconfigs_backend, Stdlib::Absolutepath $autosign = '/etc/puppetlabs/puppet/autosign.conf',
String $reports, Stdlib::Absolutepath $default_manifest = "${codedir}/environments/${default_environment}/manifests",
Boolean $usecacheonfailure, Boolean $storeconfigs = true,
String $storeconfigs_backend = 'puppetdb',
String $reports = 'puppetdb',
Boolean $usecacheonfailure = false,
) { ) {
file { '/etc/puppetlabs/puppet/puppet.conf': file { '/etc/puppetlabs/puppet/puppet.conf':
@ -44,8 +47,8 @@ class profiles::puppet::server (
'rundir' => $rundir, 'rundir' => $rundir,
'pidfile' => $pidfile, 'pidfile' => $pidfile,
'codedir' => $codedir, 'codedir' => $codedir,
'dns_alt_names' => join($dns_alt_names, ','), 'dns_alt_names' => join(sort($dns_alt_names), ','),
'server' => $server, 'server' => $agent_server,
'node_terminus' => $node_terminus, 'node_terminus' => $node_terminus,
'external_nodes' => $external_nodes, 'external_nodes' => $external_nodes,
'autosign' => $autosign, 'autosign' => $autosign,