class vmcluster::vmselect ( Boolean $enable = false, String $user = 'vmselect', String $group = 'vmselect', Boolean $manage_user = true, Boolean $manage_service = true, Array[String] $packages = ['vmselect', 'vmutils'], Stdlib::Absolutepath $exec_path = '/usr/bin/vmselect', Stdlib::Absolutepath $data_path = '/var/lib/vmselect', Stdlib::Absolutepath $vars_file = '/etc/default/vmselect', Hash[String, Variant[String, Array[String]]] $options = {}, ) { # if enabled, manage this service if $enable { # install required packages if $packages { ensure_packages($packages, {ensure => 'installed'}) } # manage the user/group if $manage_user { group { $group: ensure => present, } user { $user: ensure => present, shell => '/usr/sbin/nologin', groups => $group, managehome => true, } } # manage directories file { [ $data_path ]: ensure => directory, owner => $user, group => $group, } # manage environment options file file { $vars_file: ensure => file, owner => 'root', group => 'root', mode => '0644', content => template('vmcluster/options.erb'), } # manage the systemd service if $manage_service { # manage the subscribed resources if 'tls' in $options and $options['tls'] == 'true' { if 'tlsCertFile' in $options and 'tlsKeyFile' in $options { # tls option AND certs listed, subscribe to the options file and certs $subscribe = [File[$vars_file],File[$options['tlsCertFile']], File[$options['tlsKeyFile']]] }else{ # tls option but no certs listed, just subscribe to the options file warning('TLS is enabled but tlsCertFile or tlsKeyFile is missing from vmselect options.') $subscribe = [File[$vars_file]] } }else{ # no tls option, just subscribe to the options file $subscribe = [File[$vars_file]] } # Use these in notifications or file resources systemd::unit_file { 'vmselect.service': content => template('vmcluster/vmselect.service.erb'), enable => true, active => true, subscribe => $subscribe, } } } }