This patch introduces the optional parameter $disable_ssl, which
defaults to false. If set to true, the settings ssl-host and ssl-port
are completely removed from the Jetty section of the PuppetDB config
files.
This disables serving of HTTPS requests by PuppetDB, which can be useful
when SSL handling is offloaded to a reverse proxy server like Apache or
Nginx, as suggested in the PuppetDB documentation (see
http://docs.puppetlabs.com/puppetdb/1.2/connect_puppet_apply.html#option-a-set-up-an-ssl-proxy-for-puppetdb).
Prior to this commit, the deprecated `manage_redhat_firewall` param
was not actually backward compatible because there were several
cases where we couldn't tell the difference between the user
explicitly specifying `false` for that parameter as opposed to
not specifying it at all. This commit is a bit ugly because it
sets some defaults to `undef` in order to allow us to tell the
difference between the two cases, but it should resolve backwards
compatibility issues.
Prior to this commit the module did not provide a way to set a bind address for the HTTP port. This
commit allows users to not only bind to an address and port other than localhost and 8080, but it also
opens the firewall if explicitly requested.
Prior to this commit if you tried to use the classes
`puppetdb::master::routes` or `puppetdb::master::storeconfigs`
directly (rather than implicitly through
`puppetdb::master::config`), you would get a failure about
`puppetdb::params` not having been evaluated. This is because
the classes were missing an `inherits` statement; this commit
fixes both of them.
Prior to this commit if you tried to use the class
`puppetdb::master::puppetdb_conf` directly (rather than
implicitly through `puppetdb::master::config`), you would
get a failure about `puppetdb::params` not having been
evaluated. This is because the class was missing an
`inherits` statement; this commit fixes the bug.
The subname value in database.ini when using an embedded database varies
between the Puppet Enterprise package and the FOSS Puppet package.
Previously, the PuppetDB module could not successfully manage an
embedded database on a PE master. This commit adds an additional
parameter and utilization to account for this.
In some environments, puppetdb can take longer than 10 seconds
to start up. Prior to this commit, that value was hard coded
and the module would sometimes fail when it wouldn't have failed
with a slightly larger timeout. This commit makes the timeout
configurable, and also increases the default value to 15 seconds.
This is just a small add-on to Hunter's commits where he added
extra parameters to support PE. This commit just cleans up
some of my old comments that were made irrelevant or inaccurate
due to the work that he did, and adds a bit of documentation to
the new test manifest that he created.
Prior to this commit, the module always attempted
to restart the puppet master service whenever it
managed the master config files. This commit
disables that behavior since our acceptance nodes
don't have the service installed.
Prior to this commit, if you allowed the puppetdb module
to manage postgres for you, it would always try to manage
the firewall for the postgres port on redhat systems.
This commit exposes that as a parameter in a few more
spots, and passes it through to the postgres module.
Prior to this commit, users needed to be aware that the puppet
master service would need a restart if certain config files
were changed (routes.yaml, puppetdb.conf). This commit
adds a notification that will trigger a service restart if
those files are modified.
Prior to this commit, all of the puppetdb packages were being
installed with 'ensure=present'. This commit changes things
so that you can explicitly specify a version if you desire;
the default is still 'present'.
This commit does the following:
* Use the new inifile module to manage puppet.conf
* More comprehensive management of config files
* Validate database connectivity before applying puppetdb
config changes
* Validate puppetdb connectivity before applying puppet
master config changes
* Documentation
The test manifests for single-node (everything installed on
the master machine) now work properly. You have to
edit your puppet.conf by hand to turn on storeconfigs and
point it at puppetdb, but other than that, this successfully
handles everything that you need for either an hsql or
postgres setup.