tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added support for puppetmaster on OpenBSD using nxing and passenger

Browse source
This commit is contained in:
Ossi Salmi 2011-11-28 00:58:54 +02:00 committed by Timo Mkinen
parent 0b4d310656
commit 78d6eddb2c
3 changed files with 121 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
puppet/files/puppet-config.ru Normal file
View file

@ -0,0 +1,16 @@
# a config.ru, for use with every rack-compatible webserver.
# SSL needs to be handled outside this, though.
# if puppet is not in your RUBYLIB:
# $:.unshift('/opt/puppet/lib')
$0 = "master"
# if you want debugging:
#ARGV << "--debug"
ARGV << "--rack"
require 'puppet/application/master'
# we're usually running inside a Rack::Builder.new {} block,
# therefore we need to call run *here*.
run Puppet::Application[:master].run

117
puppet/manifests/init.pp
View file

@ -47,6 +47,7 @@ class puppet::client {
case $operatingsystem {
openbsd: {
service { "puppet":
name => "puppetd",
ensure => running,
enable => true,
start => $operatingsystemrelease ? {
@ -57,7 +58,6 @@ class puppet::client {
/4\.[1-6]/ => "/usr/bin/pkill -HUP -f /usr/local/bin/puppetd",
default => "/usr/bin/pkill -HUP -f /usr/local/sbin/puppetd",
},
pattern => puppetd,
subscribe => File["/etc/puppet/puppet.conf"],
}
}
@ -156,6 +156,17 @@ class puppet::server {
#
class puppet::server::common inherits puppet::client {
case $operatingsystem {
"openbsd": {
$user = "_puppet"
$group = "_puppet"
}
default: {
$user = "puppet"
$group = "puppet"
}
}
case $puppet_storeconfigs {
"": { $puppet_storeconfigs = "thin" }
"thin","full","none": { }
@ -168,6 +179,7 @@ class puppet::server::common inherits puppet::client {
name => $operatingsystem ? {
debian => "puppetmaster",
ubuntu => "puppetmaster",
openbsd => "ruby-puppet",
default => "puppet-server",
},
ensure => installed,
@ -196,14 +208,18 @@ class puppet::server::common inherits puppet::client {
package { [ "rails",
regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'libsqlite3-ruby\1'), ]:
ensure => installed,
before => Service["puppetmaster"],
}
}
"openbsd": {
package { [ "ruby-rails",
"ruby-sqlite3", ]:
ensure => installed,
}
}
default: {
package { [ "rubygem-rails",
"rubygem-sqlite3-ruby", ]:
ensure => installed,
before => Service["puppetmaster"],
}
}
}
@ -213,6 +229,7 @@ class puppet::server::common inherits puppet::client {
name => $operatingsystem ? {
debian => regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'librrd-ruby\1'),
ubuntu => regsubst($rubyversion, '^([0-9]+\.[0-9]+)\..*', 'librrd-ruby\1'),
openbsd => "ruby-rrd",
default => "ruby-RRDtool",
},
ensure => installed,
@ -223,7 +240,10 @@ class puppet::server::common inherits puppet::client {
ensure => directory,
mode => 0755,
owner => root,
group => root,
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
require => Package["puppetmaster"],
}
file { "/srv/puppet":
@ -236,7 +256,10 @@ class puppet::server::common inherits puppet::client {
ensure => directory,
mode => 0755,
owner => root,
group => root,
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
require => Package["puppetmaster"],
}
}
@ -245,10 +268,9 @@ class puppet::server::common inherits puppet::client {
file { "/srv/puppet/storeconfigs":
ensure => directory,
mode => 0750,
owner => puppet,
group => puppet,
owner => $user,
group => $group,
require => File["/srv/puppet"],
before => Service["puppetmaster"],
}
}
file { [ "/srv/puppet/bucket",
@ -256,35 +278,37 @@ class puppet::server::common inherits puppet::client {
"/srv/puppet/rrd", ]:
ensure => directory,
mode => 0750,
owner => puppet,
group => puppet,
owner => $user,
group => $group,
require => File["/srv/puppet"],
before => Service["puppetmaster"],
}
file { [ "/srv/puppet/files",
"/srv/puppet/templates" ]:
ensure => directory,
mode => 0755,
owner => root,
group => root,
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
require => File["/srv/puppet"],
before => Service["puppetmaster"],
}
file { "/srv/puppet/files/common":
ensure => directory,
mode => 0755,
owner => root,
group => root,
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
require => File["/srv/puppet/files"],
before => Service["puppetmaster"],
}
file { "/srv/puppet/files/private":
ensure => directory,
mode => 0750,
owner => root,
group => puppet,
group => $group,
require => File["/srv/puppet/files"],
before => Service["puppetmaster"],
}
File["/etc/puppet/puppet.conf"] {
@ -298,7 +322,10 @@ class puppet::server::common inherits puppet::client {
"puppet:///modules/puppet/tagmail.conf", ],
mode => 0644,
owner => root,
group => root,
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
require => Package["puppetmaster"],
}
@ -309,21 +336,25 @@ class puppet::server::common inherits puppet::client {
"puppet:///modules/puppet/fileserver.conf", ],
mode => 0644,
owner => root,
group => root,
group => $operatingsystem ? {
"openbsd" => "wheel",
default => "root",
},
require => Package["puppetmaster"],
notify => Service["puppetmaster"],
}
if !$puppet_report_maxage {
$puppet_report_maxage = "720"
}
file { "/etc/cron.daily/puppet-report-cleanup":
ensure => present,
content => template("puppet/puppet-report-cleanup.erb"),
mode => 0755,
owner => root,
group => root,
require => File["/srv/puppet/reports"],
if $operatingsystem != "OpenBSD" {
if !$puppet_report_maxage {
$puppet_report_maxage = "720"
}
file { "/etc/cron.daily/puppet-report-cleanup":
ensure => present,
content => template("puppet/puppet-report-cleanup.erb"),
mode => 0755,
owner => root,
group => root,
require => File["/srv/puppet/reports"],
}
}
}
@ -337,7 +368,9 @@ class puppet::server::common inherits puppet::client {
# Array containing ports that puppetmaster should listen to. Defaults to
# [ "18140", "18141", "18142", "18143", ].
#
class puppet::server::mongrel inherits puppet::server::common {
class puppet::server::mongrel {
require puppet::server::common
if ! $puppet_listenports {
$puppet_listenports = [ "18140", "18141", "18142", "18143", ]
@ -351,7 +384,8 @@ class puppet::server::mongrel inherits puppet::server::common {
enable => true,
hasstatus => true,
require => Package["puppetmaster", "mongrel"],
subscribe => File["/etc/puppet/puppet.conf"],
subscribe => File["/etc/puppet/fileserver.conf",
"/etc/puppet/puppet.conf"],
}
case $operatingsystem {
@ -382,13 +416,14 @@ class puppet::server::mongrel inherits puppet::server::common {
# Install and configure Puppet server using apache as proxy server.
#
class puppet::server::apache inherits puppet::server::mongrel {
class puppet::server::apache {
require puppet::server::mongrel
include apache::sslserver
apache::configfile { "puppet.conf":
content => template("puppet/puppet-httpd.conf.erb"),
http => false,
require => Service["puppetmaster"],
}
case $operatingsystem {
debian,ubuntu: {
@ -402,6 +437,20 @@ class puppet::server::apache inherits puppet::server::mongrel {
}
# Install and configure Puppet server using nginx and passenger.
#
class puppet::server::nginx::passenger {
require puppet::server::common
include ::nginx::passenger
nginx::configfile { "puppet.conf":
content => template("puppet/puppet-passenger.conf.erb"),
}
}
# Install and configure opencollab-puppet-uploader.
#
# === Global variables

22
puppet/templates/puppet-passenger.conf.erb Normal file
View file

@ -0,0 +1,22 @@
server {
server_name puppet;
listen 8140 default ssl;
ssl_certificate <%= puppet_ssldir %>/certs/<%= homename %>.pem;
ssl_certificate_key <%= puppet_ssldir %>/private_keys/<%= homename %>.pem;
ssl_client_certificate <%= puppet_ssldir %>/certs/ca.pem;
ssl_crl <%= puppet_ssldir %>/ca/ca_crl.pem;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers HIGH:+MEDIUM;
ssl_prefer_server_ciphers on;
ssl_verify_client optional;
ssl_verify_depth 1;
ssl_session_cache shared:SSL:8m;
ssl_session_timeout 5m;
passenger_enabled on;
rails_env production;
root /var/nginx/puppet/public;
passenger_set_cgi_param HTTP_X_CLIENT_DN $ssl_client_s_dn;
passenger_set_cgi_param HTTP_X_CLIENT_VERIFY $ssl_client_verify;
}