Puppet Class: mcollective::server::config

Defined in:
manifests/server/config.pp

Overview

private class



2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
# File 'manifests/server/config.pp', line 2

class mcollective::server::config {
  assert_private()

  datacat { 'mcollective::server':
    owner    => 'root',
    group    => '0',
    mode     => '0400',
    path     => $::mcollective::server_config_file_real,
    template => 'mcollective/settings.cfg.erb',
  }

  ::mcollective::server::setting { 'classesfile':
    value => $::mcollective::classesfile,
  }

  ::mcollective::server::setting { 'daemonize':
    value => bool2num($::mcollective::server_daemonize),
  }

  ::mcollective::server::setting { 'logfile':
    value => $::mcollective::server_logfile,
  }

  ::mcollective::server::setting { 'loglevel':
    value => $::mcollective::server_loglevel,
  }

  file { "${::mcollective::confdir}/policies":
    ensure => 'directory',
    owner  => 'root',
    group  => '0',
    mode   => '0700',
  }

  file { $::mcollective::ssldir:
    ensure => 'directory',
    owner  => 'root',
    group  => '0',
    mode   => '0755',
  }

  if $::mcollective::middleware_ssl or $::mcollective::securityprovider == 'ssl' {

    file { $::mcollective::middleware_ssl_ca_path:
      owner  => 'root',
      group  => '0',
      mode   => '0444',
      # FIXME: see below
      source => $::mcollective::middleware_ssl_ca_real,
    }

    file { $::mcollective::middleware_ssl_key_path:
      owner  => 'root',
      group  => '0',
      mode   => '0400',
      # FIXME: this was my best guess looking at the 2.1.3-era upstream tests,
      #        but ithe specs still barf hard with `STRICT_VARIABLES=yes.`
      source => $::mcollective::middleware_ssl_key_real,
    }

    file { $::mcollective::middleware_ssl_cert_path:
      owner  => 'root',
      group  => '0',
      mode   => '0444',
      # FIXME: see above
      source => $::mcollective::middleware_ssl_cert_real,
    }

    if $::mcollective::ssl_mco_autokeys {

      file { "${::mcollective::confdir}/ssl/mco_autokeys":
        ensure => directory,
        mode   => '0750',
        owner  => 'root',
        group  => 'puppet'
      }
      file { 'mco_priv_key':
        path    => "${::mcollective::confdir}/ssl/mco_autokeys/mco_private.pem",
        content => mco_autokey('2048', true),
        mode    => '0400',
        owner   => 'root',
        group   => 'puppet',
        require => File['/etc/mcollective/ssl/mco_autokeys']
      }
      file { 'mco_pub_key':
        path    => "${::mcollective::confdir}/ssl/mco_autokeys/mco_public.pem",
        content => mco_autokey('2048'),
        mode    => '0400',
        owner   => 'root',
        group   => 'puppet',
        require => File['mco_priv_key'],
      }
    }
    else {
      file { "${::mcollective::confdir}/ssl/server_public.pem":
        owner  => 'root',
        group  => '0',
        mode   => '0444',
        source => $::mcollective::ssl_server_public,
      }

      file { "${::mcollective::confdir}/ssl/server_private.pem":
        owner  => 'root',
        group  => '0',
        mode   => '0400',
        source => $::mcollective::ssl_server_private
      }
    }
  }

  ::mcollective::soft_include { [
    "::mcollective::server::config::connector::${::mcollective::connector}",
    "::mcollective::server::config::securityprovider::${::mcollective::securityprovider}",
    "::mcollective::server::config::factsource::${::mcollective::factsource}",
    "::mcollective::server::config::registration::${::mcollective::registration}",
    "::mcollective::server::config::rpcauditprovider::${::mcollective::rpcauditprovider}",
    "::mcollective::server::config::rpcauthprovider::${::mcollective::rpcauthprovider}",
  ]:
    start => Anchor['mcollective::server::config::begin'],
    end   => Anchor['mcollective::server::config::end'],
  }

  anchor { 'mcollective::server::config::begin': }
  anchor { 'mcollective::server::config::end': }
}