Newer
Older
# /etc/puppet/puppet.conf -- Puppet system management configuration.
#
# This file is managed via Puppet and is generated from an ERB template.
<% if (puppetversion.gsub(/\./, '').to_i < 260) then -%>
[puppetd]
<% else -%>
[agent]
<% end -%>
# The location of the Puppet master server.
<% if (server != '') then -%>
server = <%= server %>
<% elsif is_master then -%>
server = <%= fqdn %>
<% elsif (hostname =~ /^frankoz\d(-test)?$/) then -%>
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
<% elsif (puppetversion.gsub(/\./, '').to_i >= 260) then -%>
server = jimhenson.stanford.edu
<% end -%>
<% if (puppetversion.gsub(/\./, '').to_i >= 260) then -%>
# The Puppet environment to use.
environment = <%= environment %>
<% end -%>
# Increase the default client timeout to five minutes.
configtimeout = 300
<% if (runinterval != '') then -%>
# Change the run interval from the default of 30 minutes.
runinterval = <%= runinterval %>
<% end -%>
# Make sure all log messages are sent to the right directory
# This directory must be writable by the puppet user
logdir = /var/log/puppet
vardir = /var/lib/puppet
ssldir = <%= ssldir %>
rundir = <%= if puppetversion.gsub(/\./, '').to_i >= 240
then "/var/run/puppet"
else "/var/run"
end
%>
# The location of the puppet ca server
<% if (ca_server != '') then -%>
ca_server = <%= ca_server %>
<% else -%>
ca_server = puppetca.stanford.edu
<% end -%>
ca_port = 8141
# Enable graphing
graph = true
# Enable reporting
report = true
# Enable plugins
pluginsync = true
<% if (puppetversion.gsub(/\./, '').to_i < 250) -%>
pluginsource = puppet://puppet/plugins/
<% end -%>
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion. Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option. The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
<% if puppetversion.gsub(/\./, '').to_i >= 240 then -%>
# We want unified diffs (only 0.24.4+ clients)
diff_args = '-u'
show_diff = true
<% end -%>
<%
###################################################################
## START
## This section will only appear in config files on a puppet master
-%>
<% if is_master then -%>
[master]
<% if (hostname =~ /jimhenson-dev/) then -%>
# In the dev environment, use jimhenson-dev.stanford.edu as the name
certname = jimhenson-dev.stanford.edu
<% else -%>
# Use jimhenson.stanford.edu as the name
certname = jimhenson.stanford.edu
<% end -%>
# Send log messages to syslog for proper handling
syslogfacility = local2
# Make sure all log messages are sent to the right directory
# This directory must be writable by the puppet user
logdir = /var/log/puppet
vardir = /var/lib/puppet
rundir = /var/run/puppet
<% if (hostname =~ /jimhenson-dev/) then -%>
# If ssldir is not set, the puppet master will read certs from
# /etc/puppet/ssl which has certs signed from the production puppet
# service. However, we want the dev puppet master to use its own certs
# when acting as puppet master, so we use a different directory.
ssldir = /srv/puppetmaster/ssl
<% end -%>
# List of reports to run
reports = tagmail,lastcheck,logcache
# Where is the manifest file?
manifest = /srv/puppet/$environment/manifests/site.pp
# Enable graphing of relationship maps
graph = true
# Where are the modules
modulepath = /srv/puppet/$environment/modules:/srv/puppet/$environment/services:/srv/puppet/$environment/clients
# Location of the certificate revocation list
<% if (hostname =~ /jimhenson-dev/) then -%>
cacrl = /srv/puppetmaster/ssl/crl.pem
<% else -%>
cacrl = /etc/puppet/ssl/crl.pem
<% end -%>
# We don't want to behave as a CA
ca = false
# specify the manifests directory
manifestdir = /srv/puppet/$environment/manifests
# Location of the ActiveMQ server
<% if (hostname =~ /jimhenson-dev/) then -%>
queue_source = stomp://frankoz1-dev.stanford.edu:61613/
<% else -%>
queue_source = stomp://frankoz1.stanford.edu:61613/
<% end -%>
# Use asynchronous storeconfigs
async_storeconfigs = true
## Store the puppet configs in the ISAT database
storeconfigs = false
dbadapter = mysql
dbname = %%PUPPET_MYSQL_DATABASE%%
dbuser = %%PUPPET_MYSQL_USERNAME%%
dbpassword = %%PUPPET_MYSQL_PASSWORD%%
<% if (hostname =~ /jimhenson-dev/) then -%>
dbserver = frankoz2-dev.stanford.edu
<% else -%>
dbserver = frankoz2.stanford.edu
<% end -%>
# Proper ssl variable passing for apache
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
<% end -%>
<%
## END
## The above section will only appear in config files on a puppet
## master.
#################################################################
-%>