Puppet Class: puppetdb::server::jetty
- Inherits:
- puppetdb::params
- Defined in:
- manifests/server/jetty.pp
Overview
PRIVATE CLASS - do not use directly
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 |
# File 'manifests/server/jetty.pp', line 2
class puppetdb::server::jetty (
$listen_address = $puppetdb::params::listen_address,
$listen_port = $puppetdb::params::listen_port,
$disable_cleartext = $puppetdb::params::disable_cleartext,
$ssl_listen_address = $puppetdb::params::ssl_listen_address,
$ssl_listen_port = $puppetdb::params::ssl_listen_port,
$disable_ssl = $puppetdb::params::disable_ssl,
Boolean $ssl_set_cert_paths = $puppetdb::params::ssl_set_cert_paths,
$ssl_cert_path = $puppetdb::params::ssl_cert_path,
$ssl_key_path = $puppetdb::params::ssl_key_path,
$ssl_ca_cert_path = $puppetdb::params::ssl_ca_cert_path,
Optional[String] $ssl_protocols = $puppetdb::params::ssl_protocols,
Optional[String] $cipher_suites = $puppetdb::params::cipher_suites,
$confdir = $puppetdb::params::confdir,
$max_threads = $puppetdb::params::max_threads,
$puppetdb_user = $puppetdb::params::puppetdb_user,
$puppetdb_group = $puppetdb::params::puppetdb_group,
) inherits puppetdb::params {
$jetty_ini = "${confdir}/jetty.ini"
file { $jetty_ini:
ensure => file,
owner => $puppetdb_user,
group => $puppetdb_group,
mode => '0600',
}
# Set the defaults
Ini_setting {
path => $jetty_ini,
ensure => present,
section => 'jetty',
require => File[$jetty_ini],
}
$cleartext_setting_ensure = $disable_cleartext ? {
true => 'absent',
default => 'present',
}
ini_setting { 'puppetdb_host':
ensure => $cleartext_setting_ensure,
setting => 'host',
value => $listen_address,
}
ini_setting { 'puppetdb_port':
ensure => $cleartext_setting_ensure,
setting => 'port',
value => $listen_port,
}
$ssl_setting_ensure = $disable_ssl ? {
true => 'absent',
default => 'present',
}
ini_setting { 'puppetdb_sslhost':
ensure => $ssl_setting_ensure,
setting => 'ssl-host',
value => $ssl_listen_address,
}
ini_setting { 'puppetdb_sslport':
ensure => $ssl_setting_ensure,
setting => 'ssl-port',
value => $ssl_listen_port,
}
if $ssl_protocols {
ini_setting { 'puppetdb_sslprotocols':
ensure => $ssl_setting_ensure,
setting => 'ssl-protocols',
value => $ssl_protocols,
}
}
if $cipher_suites {
ini_setting { 'puppetdb_cipher-suites':
ensure => $ssl_setting_ensure,
setting => 'cipher-suites',
value => $cipher_suites,
}
}
if $ssl_set_cert_paths {
# assume paths have been validated in calling class
ini_setting { 'puppetdb_ssl_key':
ensure => present,
setting => 'ssl-key',
value => $ssl_key_path,
}
ini_setting { 'puppetdb_ssl_cert':
ensure => present,
setting => 'ssl-cert',
value => $ssl_cert_path,
}
ini_setting { 'puppetdb_ssl_ca_cert':
ensure => present,
setting => 'ssl-ca-cert',
value => $ssl_ca_cert_path,
}
}
if ($max_threads) {
ini_setting { 'puppetdb_max_threads':
setting => 'max-threads',
value => $max_threads,
}
} else {
ini_setting { 'puppetdb_max_threads':
ensure => absent,
setting => 'max-threads',
}
}
}
|