Puppet Class: mcollective::server::config
- Defined in:
- manifests/server/config.pp
Overview
private class
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 |
# File 'manifests/server/config.pp', line 2
class mcollective::server::config {
assert_private()
datacat { 'mcollective::server':
owner => 'root',
group => '0',
mode => '0400',
path => $::mcollective::server_config_file_real,
template => 'mcollective/settings.cfg.erb',
}
::mcollective::server::setting { 'classesfile':
value => $::mcollective::classesfile,
}
::mcollective::server::setting { 'daemonize':
value => bool2num($::mcollective::server_daemonize),
}
::mcollective::server::setting { 'logfile':
value => $::mcollective::server_logfile,
}
::mcollective::server::setting { 'loglevel':
value => $::mcollective::server_loglevel,
}
file { "${::mcollective::confdir}/policies":
ensure => 'directory',
owner => 'root',
group => '0',
mode => '0700',
}
file { $::mcollective::ssldir:
ensure => 'directory',
owner => 'root',
group => '0',
mode => '0755',
}
if $::mcollective::middleware_ssl or $::mcollective::securityprovider == 'ssl' {
file { $::mcollective::middleware_ssl_ca_path:
owner => 'root',
group => '0',
mode => '0444',
# FIXME: see below
source => $::mcollective::middleware_ssl_ca_real,
}
file { $::mcollective::middleware_ssl_key_path:
owner => 'root',
group => '0',
mode => '0400',
# FIXME: this was my best guess looking at the 2.1.3-era upstream tests,
# but ithe specs still barf hard with `STRICT_VARIABLES=yes.`
source => $::mcollective::middleware_ssl_key_real,
}
file { $::mcollective::middleware_ssl_cert_path:
owner => 'root',
group => '0',
mode => '0444',
# FIXME: see above
source => $::mcollective::middleware_ssl_cert_real,
}
if $::mcollective::ssl_mco_autokeys {
file { "${::mcollective::confdir}/ssl/mco_autokeys":
ensure => directory,
mode => '0750',
owner => 'root',
group => 'puppet'
}
file { 'mco_priv_key':
path => "${::mcollective::confdir}/ssl/mco_autokeys/mco_private.pem",
content => mco_autokey('2048', true),
mode => '0400',
owner => 'root',
group => 'puppet',
require => File['/etc/mcollective/ssl/mco_autokeys']
}
file { 'mco_pub_key':
path => "${::mcollective::confdir}/ssl/mco_autokeys/mco_public.pem",
content => mco_autokey('2048'),
mode => '0400',
owner => 'root',
group => 'puppet',
require => File['mco_priv_key'],
}
}
else {
file { "${::mcollective::confdir}/ssl/server_public.pem":
owner => 'root',
group => '0',
mode => '0444',
source => $::mcollective::ssl_server_public,
}
file { "${::mcollective::confdir}/ssl/server_private.pem":
owner => 'root',
group => '0',
mode => '0400',
source => $::mcollective::ssl_server_private
}
}
}
::mcollective::soft_include { [
"::mcollective::server::config::connector::${::mcollective::connector}",
"::mcollective::server::config::securityprovider::${::mcollective::securityprovider}",
"::mcollective::server::config::factsource::${::mcollective::factsource}",
"::mcollective::server::config::registration::${::mcollective::registration}",
"::mcollective::server::config::rpcauditprovider::${::mcollective::rpcauditprovider}",
"::mcollective::server::config::rpcauthprovider::${::mcollective::rpcauthprovider}",
]:
start => Anchor['mcollective::server::config::begin'],
end => Anchor['mcollective::server::config::end'],
}
anchor { 'mcollective::server::config::begin': }
anchor { 'mcollective::server::config::end': }
}
|