# Class: profiles::puppet::server # # This class manages Puppet server's configuration and service. class profiles::puppet::server ( Stdlib::Absolutepath $vardir = '/opt/puppetlabs/server/data/puppetserver', Stdlib::Absolutepath $logdir = '/var/log/puppetlabs/puppetserver', Stdlib::Absolutepath $rundir = '/var/run/puppetlabs/puppetserver', Stdlib::Absolutepath $pidfile = '/var/run/puppetlabs/puppetserver/puppetserver.pid', Stdlib::Absolutepath $codedir = '/etc/puppetlabs/code', Array[String] $dns_alt_names = [ $facts['networking']['fqdn'], $facts['networking']['hostname'], ], Stdlib::Fqdn $agent_server = 'puppetmaster', Stdlib::Fqdn $report_server = $agent_server, Stdlib::Fqdn $ca_server = 'puppetca', String $node_terminus = 'exec', String $external_nodes = '/opt/cobbler-enc/cobbler-enc', String $default_environment = 'develop', String $environment = 'develop', Stdlib::Absolutepath $autosign = '/etc/puppetlabs/puppet/autosign.conf', Stdlib::Absolutepath $default_manifest = "${codedir}/environments/${default_environment}/manifests", String $reports = 'puppetdb', Boolean $storeconfigs = true, String $storeconfigs_backend = 'puppetdb', Boolean $usecacheonfailure = false, Boolean $report = true, Integer $runinterval = 1800, Integer $runtimeout = 3600, Boolean $show_diff = true, Integer $facts_soft_limit = 4096, ) { # add a bool for if this host is a ca, used in the auth.conf file $is_ca = hiera('profiles::puppet::puppetca::is_puppetca', false) file { '/etc/puppetlabs/puppet/puppet.conf': ensure => file, owner => 'root', group => 'root', mode => '0644', content => epp('profiles/puppet/server/puppet.conf.epp', { 'vardir' => $vardir, 'logdir' => $logdir, 'rundir' => $rundir, 'pidfile' => $pidfile, 'codedir' => $codedir, 'dns_alt_names' => join(sort($dns_alt_names), ','), 'server' => $agent_server, 'ca_server' => $ca_server, 'environment' => $environment, 'report' => $report, 'runinterval' => $runinterval, 'runtimeout' => $runtimeout, 'show_diff' => $show_diff, 'report_server' => $report_server, 'node_terminus' => $node_terminus, 'external_nodes' => $external_nodes, 'autosign' => $autosign, 'default_manifest' => $default_manifest, 'default_environment' => $default_environment, 'storeconfigs' => $storeconfigs, 'storeconfigs_backend' => $storeconfigs_backend, 'reports' => $reports, 'usecacheonfailure' => $usecacheonfailure, 'facts_soft_limit' => $facts_soft_limit, }), notify => Service['puppetserver'], } file { '/etc/puppetlabs/puppetserver/conf.d/auth.conf': ensure => 'file', content => template('profiles/puppet/server/auth.conf.erb'), group => 'root', owner => 'root', mode => '0644', notify => Service['puppetserver'], } service { 'puppetserver': ensure => running, enable => true, hasstatus => true, hasrestart => true, } # generate puppet types when restarting systemd::manage_dropin { 'generate_types.conf': ensure => absent, unit => 'puppetserver.service', service_entry => { 'ExecStartPost' => [ "/opt/puppetlabs/bin/puppet generate types --environmentpath ${codedir}/environments", ], }, } file { '/usr/local/bin/puppet_generate_types.sh': ensure => file, mode => '0755', content => @("EOF") #!/bin/bash /opt/puppetlabs/bin/puppet generate types --environmentpath ${codedir}/environments exit 0 | EOF } $_timer = @(EOT) [Unit] Description=puppet-generate-types timer [Timer] OnCalendar=*:0/1 RandomizedDelaySec=1s [Install] WantedBy=timers.target EOT $_service = @(EOT) [Unit] Description=puppet-generate-types service [Service] Type=oneshot ExecStart=/usr/local/bin/puppet_generate_types.sh User=root Group=root PermissionsStartOnly=false PrivateTmp=no EOT systemd::timer { 'puppet-generate-types.timer': timer_content => $_timer, service_content => $_service, active => true, enable => true, require => File['/usr/local/bin/puppet_generate_types.sh'], } }