2014-10-07 16:06:54 +02:00
|
|
|
# PRIVATE CLASS - do not use directly
|
|
|
|
#
|
2013-08-07 16:32:19 +02:00
|
|
|
# The puppetdb default configuration settings.
|
2015-06-18 22:45:51 +02:00
|
|
|
class puppetdb::params inherits puppetdb::globals {
|
2012-11-13 21:38:38 +01:00
|
|
|
$listen_address = 'localhost'
|
|
|
|
$listen_port = '8080'
|
2015-10-13 19:39:15 +02:00
|
|
|
$disable_cleartext = false
|
2012-11-13 21:38:38 +01:00
|
|
|
$open_listen_port = false
|
2015-05-29 14:32:02 +02:00
|
|
|
$ssl_listen_address = '0.0.0.0'
|
2012-11-13 21:38:38 +01:00
|
|
|
$ssl_listen_port = '8081'
|
2014-10-17 07:07:45 +02:00
|
|
|
$ssl_protocols = undef
|
2013-04-09 00:39:04 +02:00
|
|
|
$disable_ssl = false
|
2013-01-17 02:52:11 +01:00
|
|
|
$open_ssl_listen_port = undef
|
2012-11-13 21:38:38 +01:00
|
|
|
$postgres_listen_addresses = 'localhost'
|
2012-09-18 00:26:32 +02:00
|
|
|
|
2015-06-18 22:45:51 +02:00
|
|
|
$puppetdb_version = $puppetdb::globals::version
|
|
|
|
$database = $puppetdb::globals::database
|
2014-07-11 11:14:40 +02:00
|
|
|
$manage_dbserver = true
|
2015-06-24 18:10:32 +02:00
|
|
|
$manage_pg_repo = true
|
2015-06-18 22:45:51 +02:00
|
|
|
$postgres_version = '9.4'
|
2012-09-18 00:26:32 +02:00
|
|
|
|
2012-09-20 23:46:26 +02:00
|
|
|
# The remaining database settings are not used for an embedded database
|
2016-05-02 06:41:53 +02:00
|
|
|
$database_host = 'localhost'
|
|
|
|
$database_port = '5432'
|
|
|
|
$database_name = 'puppetdb'
|
|
|
|
$database_username = 'puppetdb'
|
|
|
|
$database_password = 'puppetdb'
|
|
|
|
$database_ssl = undef
|
|
|
|
$jdbc_ssl_properties = ''
|
|
|
|
$database_validate = true
|
|
|
|
$database_max_pool_size = '25'
|
2012-09-18 02:06:48 +02:00
|
|
|
|
2013-02-05 23:34:48 +01:00
|
|
|
# These settings manage the various auto-deactivation and auto-purge settings
|
2013-04-07 11:56:01 +02:00
|
|
|
$node_ttl = '0s'
|
|
|
|
$node_purge_ttl = '0s'
|
2013-05-03 00:00:00 +02:00
|
|
|
$report_ttl = '14d'
|
2013-02-05 23:34:48 +01:00
|
|
|
|
2012-09-20 23:46:26 +02:00
|
|
|
$gc_interval = '60'
|
2012-09-18 02:06:48 +02:00
|
|
|
|
2013-08-07 16:32:19 +02:00
|
|
|
$log_slow_statements = '10'
|
|
|
|
$conn_max_age = '60'
|
|
|
|
$conn_keep_alive = '45'
|
|
|
|
$conn_lifetime = '0'
|
|
|
|
|
2014-06-26 17:15:34 +02:00
|
|
|
$max_threads = undef
|
|
|
|
|
2014-08-04 13:06:07 +02:00
|
|
|
# These settings are for the read database
|
2015-09-01 23:27:51 +02:00
|
|
|
$read_database = 'postgres'
|
|
|
|
$read_database_host = undef
|
|
|
|
$read_database_port = '5432'
|
|
|
|
$read_database_name = 'puppetdb'
|
|
|
|
$read_database_username = 'puppetdb'
|
|
|
|
$read_database_password = 'puppetdb'
|
|
|
|
$read_database_ssl = undef
|
|
|
|
$read_database_jdbc_ssl_properties = ''
|
|
|
|
$read_database_validate = true
|
|
|
|
$read_log_slow_statements = '10'
|
|
|
|
$read_conn_max_age = '60'
|
|
|
|
$read_conn_keep_alive = '45'
|
|
|
|
$read_conn_lifetime = '0'
|
2016-05-02 06:41:53 +02:00
|
|
|
$read_database_max_pool_size = '25'
|
2014-08-04 13:06:07 +02:00
|
|
|
|
2015-09-21 23:23:12 +02:00
|
|
|
$manage_firewall = true
|
|
|
|
$java_args = {}
|
|
|
|
$merge_default_java_args = true
|
2014-10-07 16:06:54 +02:00
|
|
|
|
2014-12-05 23:05:50 +01:00
|
|
|
$puppetdb_package = 'puppetdb'
|
|
|
|
$puppetdb_service = 'puppetdb'
|
|
|
|
$puppetdb_user = 'puppetdb'
|
|
|
|
$puppetdb_group = 'puppetdb'
|
2015-01-15 10:13:51 +01:00
|
|
|
$masterless = false
|
2013-06-04 14:19:53 +02:00
|
|
|
|
2015-06-18 22:45:51 +02:00
|
|
|
if !($puppetdb_version in ['latest','present','absent']) and versioncmp($puppetdb_version, '3.0.0') < 0 {
|
|
|
|
case $::osfamily {
|
|
|
|
'RedHat', 'Suse', 'Archlinux','Debian': {
|
2015-10-14 13:05:45 +02:00
|
|
|
$etcdir = '/etc/puppetdb'
|
2015-09-16 00:21:33 +02:00
|
|
|
$vardir = '/var/lib/puppetdb'
|
2015-10-05 22:40:54 +02:00
|
|
|
$database_embedded_path = "${vardir}/db/db"
|
2015-06-18 22:45:51 +02:00
|
|
|
$puppet_confdir = pick($settings::confdir,'/etc/puppet')
|
|
|
|
$puppet_service_name = 'puppetmaster'
|
|
|
|
}
|
|
|
|
'OpenBSD': {
|
2015-10-14 13:05:45 +02:00
|
|
|
$etcdir = '/etc/puppetdb'
|
2015-09-16 00:21:33 +02:00
|
|
|
$vardir = '/var/db/puppetdb'
|
2015-10-05 22:40:54 +02:00
|
|
|
$database_embedded_path = "${vardir}/db/db"
|
2015-06-18 22:45:51 +02:00
|
|
|
$puppet_confdir = pick($settings::confdir,'/etc/puppet')
|
|
|
|
$puppet_service_name = 'puppetmasterd'
|
|
|
|
}
|
|
|
|
'FreeBSD': {
|
2015-10-14 13:05:45 +02:00
|
|
|
$etcdir = '/usr/local/etc/puppetdb'
|
2015-09-16 00:21:33 +02:00
|
|
|
$vardir = '/var/db/puppetdb'
|
2015-10-05 22:40:54 +02:00
|
|
|
$database_embedded_path = "${vardir}/db/db"
|
2015-06-18 22:45:51 +02:00
|
|
|
$puppet_confdir = pick($settings::confdir,'/usr/local/etc/puppet')
|
|
|
|
$puppet_service_name = 'puppetmaster'
|
|
|
|
}
|
2015-10-05 22:40:54 +02:00
|
|
|
default: {
|
|
|
|
fail("The fact 'osfamily' is set to ${::osfamily} which is not supported by the puppetdb module.")
|
|
|
|
}
|
2015-06-18 22:45:51 +02:00
|
|
|
}
|
|
|
|
$terminus_package = 'puppetdb-terminus'
|
|
|
|
$test_url = '/v3/version'
|
|
|
|
} else {
|
|
|
|
case $::osfamily {
|
2016-02-09 23:52:43 +01:00
|
|
|
'RedHat', 'Suse', 'Archlinux','Debian': {
|
2015-10-14 13:05:45 +02:00
|
|
|
$etcdir = '/etc/puppetlabs/puppetdb'
|
2015-10-05 22:40:54 +02:00
|
|
|
$puppet_confdir = pick($settings::confdir,'/etc/puppetlabs/puppet')
|
|
|
|
$puppet_service_name = 'puppetserver'
|
2015-06-18 22:45:51 +02:00
|
|
|
}
|
|
|
|
'OpenBSD': {
|
2015-10-14 13:05:45 +02:00
|
|
|
$etcdir = '/etc/puppetlabs/puppetdb'
|
2015-10-05 22:40:54 +02:00
|
|
|
$puppet_confdir = pick($settings::confdir,'/etc/puppetlabs/puppet')
|
|
|
|
$puppet_service_name = undef
|
2015-06-18 22:45:51 +02:00
|
|
|
}
|
|
|
|
'FreeBSD': {
|
2015-10-14 13:05:45 +02:00
|
|
|
$etcdir = '/usr/local/etc/puppetlabs/puppetdb'
|
2015-10-05 22:40:54 +02:00
|
|
|
$puppet_confdir = pick($settings::confdir,'/usr/local/etc/puppetlabs/puppet')
|
|
|
|
$puppet_service_name = undef
|
|
|
|
}
|
|
|
|
default: {
|
|
|
|
fail("The fact 'osfamily' is set to ${::osfamily} which is not supported by the puppetdb module.")
|
2015-06-18 22:45:51 +02:00
|
|
|
}
|
|
|
|
}
|
2016-02-09 23:52:43 +01:00
|
|
|
$terminus_package = 'puppetdb-termini'
|
2015-06-18 22:45:51 +02:00
|
|
|
$test_url = '/pdb/meta/v1/version'
|
2015-09-16 00:21:33 +02:00
|
|
|
$vardir = '/opt/puppetlabs/server/data/puppetdb'
|
2015-10-05 22:40:54 +02:00
|
|
|
$database_embedded_path = "${vardir}/db/db"
|
2015-06-18 22:45:51 +02:00
|
|
|
}
|
|
|
|
|
2015-10-14 13:05:45 +02:00
|
|
|
$confdir = "${etcdir}/conf.d"
|
|
|
|
$ssl_dir = "${etcdir}/ssl"
|
|
|
|
|
2014-12-05 23:05:50 +01:00
|
|
|
case $::osfamily {
|
|
|
|
'RedHat', 'Suse', 'Archlinux': {
|
2015-10-05 22:40:54 +02:00
|
|
|
$puppetdb_initconf = '/etc/sysconfig/puppetdb'
|
2013-06-04 14:19:53 +02:00
|
|
|
}
|
2014-12-05 23:05:50 +01:00
|
|
|
'Debian': {
|
2015-10-05 22:40:54 +02:00
|
|
|
$puppetdb_initconf = '/etc/default/puppetdb'
|
2014-12-05 23:05:50 +01:00
|
|
|
}
|
2015-06-18 22:45:51 +02:00
|
|
|
'OpenBSD','FreeBSD': {
|
2015-10-05 22:40:54 +02:00
|
|
|
$puppetdb_initconf = undef
|
|
|
|
}
|
|
|
|
default: {
|
|
|
|
fail("The fact 'osfamily' is set to ${::osfamily} which is not supported by the puppetdb module.")
|
2013-02-15 17:16:36 +01:00
|
|
|
}
|
2012-10-01 20:05:25 +02:00
|
|
|
}
|
|
|
|
|
2012-10-17 02:39:47 +02:00
|
|
|
$puppet_conf = "${puppet_confdir}/puppet.conf"
|
2013-04-15 16:37:58 +02:00
|
|
|
$puppetdb_startup_timeout = 120
|
2013-09-02 11:30:31 +02:00
|
|
|
$puppetdb_service_status = 'running'
|
2014-10-07 16:06:54 +02:00
|
|
|
|
2015-04-08 16:29:03 +02:00
|
|
|
$command_threads = undef
|
|
|
|
$store_usage = undef
|
|
|
|
$temp_usage = undef
|
|
|
|
|
2015-10-05 22:40:54 +02:00
|
|
|
$ssl_set_cert_paths = false
|
|
|
|
$ssl_cert_path = "${ssl_dir}/public.pem"
|
|
|
|
$ssl_key_path = "${ssl_dir}/private.pem"
|
|
|
|
$ssl_ca_cert_path = "${ssl_dir}/ca.pem"
|
|
|
|
$ssl_deploy_certs = false
|
|
|
|
$ssl_key = undef
|
|
|
|
$ssl_cert = undef
|
|
|
|
$ssl_ca_cert = undef
|
2015-10-14 13:05:45 +02:00
|
|
|
|
|
|
|
$certificate_whitelist_file = "${etcdir}/certificate-whitelist"
|
|
|
|
# the default is free access for now
|
|
|
|
$certificate_whitelist = [ ]
|
|
|
|
# change to this to only allow access by the puppet master by default:
|
|
|
|
#$certificate_whitelist = [ $::servername ]
|
2012-09-18 00:26:32 +02:00
|
|
|
}
|