Puppet Class: puppet::profile::puppetdb

Defined in:
manifests/profile/puppetdb.pp

Summary

A short summary of the purpose of this class

Overview

A description of what this class does

Examples:

include puppet::profile::puppetdb

Parameters:

  • platform_name (Puppet::Platform) (defaults to: 'puppet8')
  • manage_database (Boolean) (defaults to: true)
  • database_host (Stdlib::Host) (defaults to: 'localhost')
  • database_name (String) (defaults to: 'puppetdb')
  • database_username (String) (defaults to: 'puppetdb')
  • database_password (String) (defaults to: 'puppetdb')
  • manage_firewall (Boolean) (defaults to: false)
  • manage_cron (Boolean) (defaults to: true)

    Specifies whether to manage crontab entries. This setting is critical for containerized environments where crontab may not be available.

  • ssl_deploy_certs (Boolean) (defaults to: false)

    This parameter will be passed into the class ‘puppetdb`. The class `puppetdb` expects the parameters `puppetdb::ssl_key`, `puppetdb::ssl_cert`, and `puppetdb::ssl_ca_cert` to be set with the appropriate SSL asset content.



24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
 
# File 'manifests/profile/puppetdb.pp', line 24

class puppet::profile::puppetdb (
  Puppet::Platform $platform_name = 'puppet8',
  Boolean $manage_database = true,
  Stdlib::Host $database_host = 'localhost',
  String $database_name = 'puppetdb',
  String $database_username = 'puppetdb',
  String $database_password = 'puppetdb',
  Boolean $manage_firewall = false,
  Boolean $manage_cron = true,
  Boolean $ssl_deploy_certs = false,
) {
  include puppet

  # puppet::globals must be declared before puppet::repo include
  class { 'puppet::globals':
    platform_name => $platform_name,
  }

  include puppet::repo

  class { 'puppet::puppetdb':
    manage_database            => $manage_database,
    postgres_database_host     => $database_host,
    postgres_database_name     => $database_name,
    postgres_database_username => $database_username,
    postgres_database_password => $database_password,
    # According to moz://a SSL Configuration Generator for jetty 10.0.20, intermediate config
    ssl_protocols              => ['TLSv1.2', 'TLSv1.3'],
    cipher_suites              => [
      'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256',
      'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256',
      'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384',
      'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384',
      'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256',
      'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256',
      'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384',
      'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256',
      'TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256',
    ],
    manage_firewall            => $manage_firewall,
    manage_cron                => $manage_cron,
    ssl_deploy_certs           => $ssl_deploy_certs,
  }
}