123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187 |
- # PRIVATE CLASS - do not use directly
- #
- # The puppetdb default configuration settings.
- class puppetdb::params inherits puppetdb::globals {
- $listen_address = 'localhost'
- $listen_port = '8080'
- $disable_cleartext = false
- $open_listen_port = false
- $ssl_listen_address = '0.0.0.0'
- $ssl_listen_port = '8081'
- $ssl_protocols = undef
- $disable_ssl = false
- $open_ssl_listen_port = undef
- $postgres_listen_addresses = 'localhost'
- $puppetdb_version = $puppetdb::globals::version
- $database = $puppetdb::globals::database
- $manage_dbserver = true
- $manage_pg_repo = true
- $postgres_version = '9.4'
- # The remaining database settings are not used for an embedded database
- $database_host = 'localhost'
- $database_port = '5432'
- $database_name = 'puppetdb'
- $database_username = 'puppetdb'
- $database_password = 'puppetdb'
- $database_ssl = undef
- $jdbc_ssl_properties = ''
- $database_validate = true
- $database_max_pool_size = undef
- # These settings manage the various auto-deactivation and auto-purge settings
- $node_ttl = '0s'
- $node_purge_ttl = '0s'
- $report_ttl = '14d'
- $gc_interval = '60'
- $log_slow_statements = '10'
- $conn_max_age = '60'
- $conn_keep_alive = '45'
- $conn_lifetime = '0'
- $max_threads = undef
- # These settings are for the read database
- $read_database = 'postgres'
- $read_database_host = undef
- $read_database_port = '5432'
- $read_database_name = 'puppetdb'
- $read_database_username = 'puppetdb'
- $read_database_password = 'puppetdb'
- $read_database_ssl = undef
- $read_database_jdbc_ssl_properties = ''
- $read_database_validate = true
- $read_log_slow_statements = '10'
- $read_conn_max_age = '60'
- $read_conn_keep_alive = '45'
- $read_conn_lifetime = '0'
- $read_database_max_pool_size = undef
- $manage_firewall = true
- $java_args = {}
- $merge_default_java_args = true
- $puppetdb_package = 'puppetdb'
- $puppetdb_service = 'puppetdb'
- $masterless = false
- if !($puppetdb_version in ['latest','present','absent']) and versioncmp($puppetdb_version, '3.0.0') < 0 {
- case $::osfamily {
- 'RedHat', 'Suse', 'Archlinux','Debian': {
- $etcdir = '/etc/puppetdb'
- $vardir = '/var/lib/puppetdb'
- $database_embedded_path = "${vardir}/db/db"
- $puppet_confdir = pick($settings::confdir,'/etc/puppet')
- $puppet_service_name = 'puppetmaster'
- }
- 'OpenBSD': {
- $etcdir = '/etc/puppetdb'
- $vardir = '/var/db/puppetdb'
- $database_embedded_path = "${vardir}/db/db"
- $puppet_confdir = pick($settings::confdir,'/etc/puppet')
- $puppet_service_name = 'puppetmasterd'
- }
- 'FreeBSD': {
- $etcdir = '/usr/local/etc/puppetdb'
- $vardir = '/var/db/puppetdb'
- $database_embedded_path = "${vardir}/db/db"
- $puppet_confdir = pick($settings::confdir,'/usr/local/etc/puppet')
- $puppet_service_name = 'puppetmaster'
- }
- default: {
- fail("The fact 'osfamily' is set to ${::osfamily} which is not supported by the puppetdb module.")
- }
- }
- $terminus_package = 'puppetdb-terminus'
- $test_url = '/v3/version'
- } else {
- case $::osfamily {
- 'RedHat', 'Suse', 'Archlinux','Debian': {
- $etcdir = '/etc/puppetlabs/puppetdb'
- $puppet_confdir = pick($settings::confdir,'/etc/puppetlabs/puppet')
- $puppet_service_name = 'puppetserver'
- }
- 'OpenBSD': {
- $etcdir = '/etc/puppetlabs/puppetdb'
- $puppet_confdir = pick($settings::confdir,'/etc/puppetlabs/puppet')
- $puppet_service_name = undef
- }
- 'FreeBSD': {
- $etcdir = '/usr/local/etc/puppetlabs/puppetdb'
- $puppet_confdir = pick($settings::confdir,'/usr/local/etc/puppetlabs/puppet')
- $puppet_service_name = undef
- }
- default: {
- fail("The fact 'osfamily' is set to ${::osfamily} which is not supported by the puppetdb module.")
- }
- }
- $terminus_package = 'puppetdb-termini'
- $test_url = '/pdb/meta/v1/version'
- $vardir = '/opt/puppetlabs/server/data/puppetdb'
- $database_embedded_path = "${vardir}/db/db"
- }
- $confdir = "${etcdir}/conf.d"
- $ssl_dir = "${etcdir}/ssl"
- case $::osfamily {
- 'RedHat', 'Suse', 'Archlinux': {
- $puppetdb_user = 'puppetdb'
- $puppetdb_group = 'puppetdb'
- $puppetdb_initconf = '/etc/sysconfig/puppetdb'
- }
- 'Debian': {
- $puppetdb_user = 'puppetdb'
- $puppetdb_group = 'puppetdb'
- $puppetdb_initconf = '/etc/default/puppetdb'
- }
- 'OpenBSD': {
- $puppetdb_user = '_puppetdb'
- $puppetdb_group = '_puppetdb'
- $puppetdb_initconf = undef
- }
- 'FreeBSD': {
- $puppetdb_user = 'puppetdb'
- $puppetdb_group = 'puppetdb'
- $puppetdb_initconf = undef
- }
- default: {
- fail("The fact 'osfamily' is set to ${::osfamily} which is not supported by the puppetdb module.")
- }
- }
- $puppet_conf = "${puppet_confdir}/puppet.conf"
- $puppetdb_startup_timeout = 120
- $puppetdb_service_status = 'running'
- $command_threads = undef
- $store_usage = undef
- $temp_usage = undef
- $ssl_set_cert_paths = false
- $ssl_cert_path = "${ssl_dir}/public.pem"
- $ssl_key_path = "${ssl_dir}/private.pem"
- $ssl_ca_cert_path = "${ssl_dir}/ca.pem"
- $ssl_deploy_certs = false
- $ssl_key = undef
- $ssl_cert = undef
- $ssl_ca_cert = undef
- $certificate_whitelist_file = "${etcdir}/certificate-whitelist"
- # the default is free access for now
- $certificate_whitelist = [ ]
- # change to this to only allow access by the puppet master by default:
- #$certificate_whitelist = [ $::servername ]
- # Get the parameter name for the database connection pool tuning
- if $puppetdb_version in ['latest','present'] or versioncmp($puppetdb_version, '4.0.0') >= 0 {
- $database_max_pool_size_setting_name = 'maximum-pool-size'
- } elsif versioncmp($puppetdb_version, '2.8.0') >= 0 {
- $database_max_pool_size_setting_name = 'partition-conn-max'
- } else {
- $database_max_pool_size_setting_name = undef
- }
- }
|