puppet.conf.template.erb

<%
  # Set a variable that tells us if we are running in a Puppet 3 environment.
  if (puppetversion =~ /^3\./) then
    puppet3 = true
  else
    puppet3 = false
  end

  # Set use_directory_environments local variable to true if we are in
  # Puppet 3.
  use_directory_environments = puppet3

  # For the master section
  if    (hostname =~ /^jimhenson-dev$/) then
    certname_master = 'jimhenson-dev.stanford.edu'
  elsif (hostname =~ /^jimhenson\d$/) then
    certname_master = 'jimhenson.stanford.edu'
  elsif (hostname =~ /^puppetservice1-dev$/) then
    certname_master = 'puppetservice1-dev.stanford.edu'
  elsif (hostname =~ /^puppetservice\d$/) then
    certname_master = 'puppetservice.stanford.edu'
  end

  # Figure out what Puppetmaster to use
  if (server != '') then
    pserver = server
  elsif (is_master) then
    pserver = fqdn
  else
    if (hostname =~ /^(puppetrepo-dev|puppetdb-dev).*$/) then
      pserver = 'puppetservice1-dev.stanford.edu'
    else
      pserver = 'puppetservice.stanford.edu'
    end
  end 

  # Figure out what Puppet CA service to use.
  if (ca_server != '') then
    pca_server = ca_server
  elsif (hostname =~ /^(puppetservice.*dev|puppetrepo-dev|puppetdb-dev).*$/) then
    pca_server = 'puppetca-dev.stanford.edu'
  else
    pca_server = 'puppetrepo.stanford.edu'
  end


-%>
# /etc/puppet/puppet.conf -- Puppet system management configuration.
#
# This file is managed via Puppet and is generated from an ERB template.

[agent]

# The location of the Puppet master server.
server = <%= pserver %>

# The location of the Puppet CA server
ca_server = <%= pca_server %>
ca_port   = 8141

<% if (@certname != '') then -%>
# We override the certname
certname = <%= @certname %>

<% end -%>
# The Puppet environment to use.
environment = <%= environment %>

# Increase the default client timeout to five minutes.
configtimeout = 300

<% if (runinterval != '') then -%>
# Change the run interval from the default of 30 minutes.
runinterval = <%= runinterval %>

<% end -%>
# Make sure all log messages are sent to the right directory
# This directory must be writable by the puppet user
logdir = /var/log/puppet
vardir = /var/lib/puppet
ssldir = <%= ssldir %>
rundir = <%= if puppetversion.gsub(/\./, '').to_i >= 240
             then "/var/run/puppet"
             else "/var/run"
           end
       %>

# Enable graphing
graph = true

# Enable reporting
report = true

# Enable plugins
pluginsync = true
<% if (puppetversion.gsub(/\./, '').to_i < 250) -%>
pluginsource = puppet://puppet/plugins/
<% end -%>

# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion.  Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.  The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt

# Where puppetd caches the local configuration.  An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
<% if puppetversion.gsub(/\./, '').to_i >= 240  then -%>

# We want unified diffs (only 0.24.4+ clients)
diff_args = '-u'
show_diff = true
<% end -%>
<%
   ###################################################################
   ## START
   ## This section will only appear in config files on a puppet master
-%>
<% if is_master then -%>

[master]
<% if (use_directory_environments) then -%>
# This directory is where all the enviroments can be found (Puppet 3.x and above)
environmentpath = /srv/puppet

<% end -%>
# Use <%= certname_master %> for the certificate name
certname = <%= certname_master %>

# We do not want to behave as a CA
ca = false

# Send log messages to syslog for proper handling
syslogfacility = local2

# Make sure all log messages are sent to the right directory
# This directory must be writable by the puppet user
logdir = /var/log/puppet
vardir = /var/lib/puppet
rundir = /var/run/puppet
<% if (hostname =~ /jimhenson-dev/) then -%>
# If ssldir is not set, the puppet master will read certs from
# /etc/puppet/ssl which has certs signed from the production puppet
# service. However, we want the dev puppet master to use its own certs
# when acting as puppet master, so we use a different directory.
ssldir = /srv/puppetmaster/ssl
<% end -%>

# List of reports to run
<% if (puppet3) -%>
reports = puppetdb,tagmail,lastcheck3,logcache3
<% else -%>
reports = tagmail,lastcheck,logcache
<% end -%>

# Enable graphing of relationship maps
graph = true

<% if (!use_directory_environments) then -%>
# Where is the manifest file? (Puppet 2.x only)
manifest = /srv/puppet/$environment/manifests/site.pp

# Where are the modules? (Puppet 2.x only)
modulepath = /srv/puppet/$environment/modules:/srv/puppet/$environment/services:/srv/puppet/$environment/clients

# Specify the manifests directory (Puppet 2.x only)
manifestdir = /srv/puppet/$environment/manifests

<% end -%>
# Location of the certificate revocation list
<% if (hostname =~ /jimhenson-dev/) then -%>
cacrl = /srv/puppetmaster/ssl/crl.pem
<% else -%>
cacrl = /etc/puppet/ssl/crl.pem
<% end -%>

<% if (!puppet3) -%>
# Location of the ActiveMQ server
<% if (hostname =~ /jimhenson-dev/) then -%>
queue_source = stomp://frankoz1-dev.stanford.edu:61613/
<% else -%>
queue_source = stomp://frankoz1.stanford.edu:61613/
<% end -%>
<% end -%>

## START storeconfig settings
<% if (puppet3) -%>
# Puppet 3.x and above
storeconfigs         = true
storeconfigs_backend = puppetdb
<% else -%>
# Puppet 2.x
# Use asynchronous storeconfigs
storeconfigs       = false
async_storeconfigs = true

## Store the puppet configs in the ISAT database
dbadapter    = mysql
dbname       = %%PUPPET_MYSQL_DATABASE%%
dbuser       = %%PUPPET_MYSQL_USERNAME%%
dbpassword   = %%PUPPET_MYSQL_PASSWORD%%
dbserver     = frankoz2.stanford.edu
<% end -%>
## END storeconfig settings

# Proper ssl variable passing for apache
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
<% end -%>
<%
   ## END
   ## The above section will only appear in config files on a puppet
   ## master.
   #################################################################
-%>