This patch introduces the optional parameter $disable_ssl, which
defaults to false. If set to true, the settings ssl-host and ssl-port
are completely removed from the Jetty section of the PuppetDB config
files.
This disables serving of HTTPS requests by PuppetDB, which can be useful
when SSL handling is offloaded to a reverse proxy server like Apache or
Nginx, as suggested in the PuppetDB documentation (see
http://docs.puppetlabs.com/puppetdb/1.2/connect_puppet_apply.html#option-a-set-up-an-ssl-proxy-for-puppetdb).
Prior to this commit, the deprecated `manage_redhat_firewall` param
was not actually backward compatible because there were several
cases where we couldn't tell the difference between the user
explicitly specifying `false` for that parameter as opposed to
not specifying it at all. This commit is a bit ugly because it
sets some defaults to `undef` in order to allow us to tell the
difference between the two cases, but it should resolve backwards
compatibility issues.
Prior to this commit the module did not provide a way to set a bind address for the HTTP port. This
commit allows users to not only bind to an address and port other than localhost and 8080, but it also
opens the firewall if explicitly requested.
The subname value in database.ini when using an embedded database varies
between the Puppet Enterprise package and the FOSS Puppet package.
Previously, the PuppetDB module could not successfully manage an
embedded database on a PE master. This commit adds an additional
parameter and utilization to account for this.
Prior to this commit, if you allowed the puppetdb module
to manage postgres for you, it would always try to manage
the firewall for the postgres port on redhat systems.
This commit exposes that as a parameter in a few more
spots, and passes it through to the postgres module.
This commit does the following:
* Use the new inifile module to manage puppet.conf
* More comprehensive management of config files
* Validate database connectivity before applying puppetdb
config changes
* Validate puppetdb connectivity before applying puppet
master config changes
* Documentation