puppet.conf.template.erb 6.03 KB
Newer Older
1
<%
2
  # Set a variable that tells us if we are running in a Puppet 3 environment.
Adam Lewenberg's avatar
Adam Lewenberg committed
3
  if (puppetversion =~ /^3\./) then
4
    puppet3 = true
5
  else
6
    puppet3 = false
7
  end
Adam Lewenberg's avatar
Adam Lewenberg committed
8

9
10
11
12
  # Set use_directory_environments local variable to true if we are in
  # Puppet 3.
  use_directory_environments = puppet3

13
  # For the master section
Adam Lewenberg's avatar
Adam Lewenberg committed
14
  if    (hostname =~ /^jimhenson-dev$/) then
15
    certname_master = 'jimhenson-dev.stanford.edu'
16
  elsif (hostname =~ /^jimhenson\d$/) then
17
    certname_master = 'jimhenson.stanford.edu'
Adam Lewenberg's avatar
Adam Lewenberg committed
18
  elsif (hostname =~ /^puppetservice1-dev$/) then
19
    certname_master = 'puppetservice1-dev.stanford.edu'
Adam Lewenberg's avatar
Adam Lewenberg committed
20
  elsif (hostname =~ /^puppetservice\d$/) then
21
    certname_master = 'puppetservice.stanford.edu'
Adam Lewenberg's avatar
Adam Lewenberg committed
22
  end
23
24
25
26
27
28

  # Figure out what Puppetmaster to use
  if (server != '') then
    pserver = server
  elsif (is_master) then
    pserver = fqdn
29
  else
30
31
32
33
34
    if (hostname =~ /^(puppetrepo-dev|puppetdb-dev).*$/) then
      pserver = 'puppetservice1-dev.stanford.edu'
    else
      pserver = 'puppetservice.stanford.edu'
    end
35
  end 
36
37
38
39

  # Figure out what Puppet CA service to use.
  if (ca_server != '') then
    pca_server = ca_server
40
41
  elsif (hostname =~ /^(puppetservice.*dev|puppetrepo-dev|puppetdb-dev).*$/) then
    pca_server = 'puppetca-dev.stanford.edu'
42
  else
43
    pca_server = 'puppetrepo.stanford.edu'
44
45
46
  end


47
-%>
Adam Lewenberg's avatar
Adam Lewenberg committed
48
49
50
51
52
53
54
# /etc/puppet/puppet.conf -- Puppet system management configuration.
#
# This file is managed via Puppet and is generated from an ERB template.

[agent]

# The location of the Puppet master server.
55
56
57
58
59
server = <%= pserver %>

# The location of the Puppet CA server
ca_server = <%= pca_server %>
ca_port   = 8141
Adam Lewenberg's avatar
Adam Lewenberg committed
60

61
62
63
64
65
<% if (@certname != '') then -%>
# We override the certname
certname = <%= @certname %>

<% end -%>
Adam Lewenberg's avatar
Adam Lewenberg committed
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# The Puppet environment to use.
environment = <%= environment %>

# Increase the default client timeout to five minutes.
configtimeout = 300

<% if (runinterval != '') then -%>
# Change the run interval from the default of 30 minutes.
runinterval = <%= runinterval %>

<% end -%>
# Make sure all log messages are sent to the right directory
# This directory must be writable by the puppet user
logdir = /var/log/puppet
vardir = /var/lib/puppet
ssldir = <%= ssldir %>
rundir = <%= if puppetversion.gsub(/\./, '').to_i >= 240
             then "/var/run/puppet"
             else "/var/run"
           end
       %>

# Enable graphing
graph = true

# Enable reporting
report = true

# Enable plugins
pluginsync = true
<% if (puppetversion.gsub(/\./, '').to_i < 250) -%>
pluginsource = puppet://puppet/plugins/
<% end -%>

# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion.  Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.  The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt

# Where puppetd caches the local configuration.  An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
<% if puppetversion.gsub(/\./, '').to_i >= 240  then -%>

# We want unified diffs (only 0.24.4+ clients)
diff_args = '-u'
show_diff = true
<% end -%>
<%
   ###################################################################
   ## START
   ## This section will only appear in config files on a puppet master
-%>
<% if is_master then -%>

[master]
Adam Lewenberg's avatar
Adam Lewenberg committed
124
<% if (use_directory_environments) then -%>
Adam Lewenberg's avatar
Adam Lewenberg committed
125
# This directory is where all the enviroments can be found (Puppet 3.x and above)
126
127
128
environmentpath = /srv/puppet

<% end -%>
129
130
# Use <%= certname_master %> for the certificate name
certname = <%= certname_master %>
Adam Lewenberg's avatar
Adam Lewenberg committed
131

Adam Lewenberg's avatar
Adam Lewenberg committed
132
133
134
# We do not want to behave as a CA
ca = false

Adam Lewenberg's avatar
Adam Lewenberg committed
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
# Send log messages to syslog for proper handling
syslogfacility = local2

# Make sure all log messages are sent to the right directory
# This directory must be writable by the puppet user
logdir = /var/log/puppet
vardir = /var/lib/puppet
rundir = /var/run/puppet
<% if (hostname =~ /jimhenson-dev/) then -%>
# If ssldir is not set, the puppet master will read certs from
# /etc/puppet/ssl which has certs signed from the production puppet
# service. However, we want the dev puppet master to use its own certs
# when acting as puppet master, so we use a different directory.
ssldir = /srv/puppetmaster/ssl
<% end -%>

# List of reports to run
152
<% if (puppet3) -%>
153
reports = puppetdb,tagmail,lastcheck3,logcache3
154
<% else -%>
Adam Lewenberg's avatar
Adam Lewenberg committed
155
reports = tagmail,lastcheck,logcache
156
<% end -%>
Adam Lewenberg's avatar
Adam Lewenberg committed
157
158
159
160

# Enable graphing of relationship maps
graph = true

161
<% if (!use_directory_environments) then -%>
162
163
164
165
# Where is the manifest file? (Puppet 2.x only)
manifest = /srv/puppet/$environment/manifests/site.pp

# Where are the modules? (Puppet 2.x only)
Adam Lewenberg's avatar
Adam Lewenberg committed
166
167
modulepath = /srv/puppet/$environment/modules:/srv/puppet/$environment/services:/srv/puppet/$environment/clients

Adam Lewenberg's avatar
Adam Lewenberg committed
168
169
170
# Specify the manifests directory (Puppet 2.x only)
manifestdir = /srv/puppet/$environment/manifests

Adam Lewenberg's avatar
Adam Lewenberg committed
171
<% end -%>
Adam Lewenberg's avatar
Adam Lewenberg committed
172
173
174
175
176
177
178
# Location of the certificate revocation list
<% if (hostname =~ /jimhenson-dev/) then -%>
cacrl = /srv/puppetmaster/ssl/crl.pem
<% else -%>
cacrl = /etc/puppet/ssl/crl.pem
<% end -%>

179
<% if (!puppet3) -%>
Adam Lewenberg's avatar
Adam Lewenberg committed
180
181
# Location of the ActiveMQ server
<% if (hostname =~ /jimhenson-dev/) then -%>
182
queue_source = stomp://frankoz1-dev.stanford.edu:61613/
Adam Lewenberg's avatar
Adam Lewenberg committed
183
184
185
<% else -%>
queue_source = stomp://frankoz1.stanford.edu:61613/
<% end -%>
186
<% end -%>
Adam Lewenberg's avatar
Adam Lewenberg committed
187

188
189
190
191
192
193
194
## START storeconfig settings
<% if (puppet3) -%>
# Puppet 3.x and above
storeconfigs         = true
storeconfigs_backend = puppetdb
<% else -%>
# Puppet 2.x
Adam Lewenberg's avatar
Adam Lewenberg committed
195
# Use asynchronous storeconfigs
196
storeconfigs       = false
Adam Lewenberg's avatar
Adam Lewenberg committed
197
198
199
200
201
202
203
204
205
async_storeconfigs = true

## Store the puppet configs in the ISAT database
dbadapter    = mysql
dbname       = %%PUPPET_MYSQL_DATABASE%%
dbuser       = %%PUPPET_MYSQL_USERNAME%%
dbpassword   = %%PUPPET_MYSQL_PASSWORD%%
dbserver     = frankoz2.stanford.edu
<% end -%>
206
207
## END storeconfig settings

Adam Lewenberg's avatar
Adam Lewenberg committed
208
209
210
211
212
213
214
215
216
217
# Proper ssl variable passing for apache
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
<% end -%>
<%
   ## END
   ## The above section will only appear in config files on a puppet
   ## master.
   #################################################################
-%>