# /etc/puppet/puppet.conf -- Puppet system management configuration.
#
# This file is managed via Puppet and is generated from an ERB template.

<% if (puppetversion.gsub(/\./, '').to_i < 260) then -%>
[puppetd]
<% else -%>
[agent]
<% end -%>

# The location of the Puppet master server.
<% if (server != '') then -%>
server = <%= server %>
<% elsif is_master then -%>
server = <%= fqdn %>
<% elsif (hostname =~ /^frankoz\d(-test)?$/) then -%>
server = jimhenson1.stanford.edu
<% elsif (puppetversion.gsub(/\./, '').to_i >= 260) then -%>
server = jimhenson.stanford.edu
<% end -%>

<% if (puppetversion.gsub(/\./, '').to_i >= 260) then -%>
# The Puppet environment to use.
environment = <%= environment %>

<% end -%>
# Increase the default client timeout to five minutes.
configtimeout = 300

<% if (runinterval != '') then -%>
# Change the run interval from the default of 30 minutes.
runinterval = <%= runinterval %>

<% end -%>
# Make sure all log messages are sent to the right directory
# This directory must be writable by the puppet user
logdir = /var/log/puppet
vardir = /var/lib/puppet
ssldir = <%= ssldir %>
rundir = <%= if puppetversion.gsub(/\./, '').to_i >= 240
             then "/var/run/puppet"
             else "/var/run"
           end
       %>

# The location of the puppet ca server
<% if (ca_server != '') then -%>
ca_server = <%= ca_server %>
<% else -%>
ca_server = puppetca.stanford.edu
<% end -%>
ca_port = 8141

# Enable graphing
graph = true

# Enable reporting
report = true

# Enable plugins
pluginsync = true
<% if (puppetversion.gsub(/\./, '').to_i < 250) -%>
pluginsource = puppet://puppet/plugins/
<% end -%>

# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion.  Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.  The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt

# Where puppetd caches the local configuration.  An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig
<% if puppetversion.gsub(/\./, '').to_i >= 240  then -%>

# We want unified diffs (only 0.24.4+ clients)
diff_args = '-u'
show_diff = true
<% end -%>
<%
   ###################################################################
   ## START
   ## This section will only appear in config files on a puppet master
-%>
<% if is_master then -%>

[master]
<% if (hostname =~ /jimhenson-dev/) then -%>
# In the dev environment, use jimhenson-dev.stanford.edu as the name
certname = jimhenson-dev.stanford.edu
<% else -%>
# Use jimhenson.stanford.edu as the name
certname = jimhenson.stanford.edu
<% end -%>

# Send log messages to syslog for proper handling
syslogfacility = local2

# Make sure all log messages are sent to the right directory
# This directory must be writable by the puppet user
logdir = /var/log/puppet
vardir = /var/lib/puppet
rundir = /var/run/puppet
<% if (hostname =~ /jimhenson-dev/) then -%>
# If ssldir is not set, the puppet master will read certs from
# /etc/puppet/ssl which has certs signed from the production puppet
# service. However, we want the dev puppet master to use its own certs
# when acting as puppet master, so we use a different directory.
ssldir = /srv/puppetmaster/ssl
<% end -%>

# List of reports to run
reports = tagmail,lastcheck,logcache

# Where is the manifest file?
manifest = /srv/puppet/$environment/manifests/site.pp

# Enable graphing of relationship maps
graph = true

# Where are the modules
modulepath = /srv/puppet/$environment/modules:/srv/puppet/$environment/services:/srv/puppet/$environment/clients

# Location of the certificate revocation list
<% if (hostname =~ /jimhenson-dev/) then -%>
cacrl = /srv/puppetmaster/ssl/crl.pem
<% else -%>
cacrl = /etc/puppet/ssl/crl.pem
<% end -%>

# We don't want to behave as a CA
ca = false

# specify the manifests directory
manifestdir = /srv/puppet/$environment/manifests

# Location of the ActiveMQ server
<% if (hostname =~ /jimhenson-dev/) then -%>
queue_source = stomp://frankoz1-dev.stanford.edu:61613/
<% else -%>
queue_source = stomp://frankoz1.stanford.edu:61613/
<% end -%>

# Use asynchronous storeconfigs
async_storeconfigs = true

## Store the puppet configs in the ISAT database
storeconfigs = false
dbadapter    = mysql
dbname       = %%PUPPET_MYSQL_DATABASE%%
dbuser       = %%PUPPET_MYSQL_USERNAME%%
dbpassword   = %%PUPPET_MYSQL_PASSWORD%%
<% if (hostname =~ /jimhenson-dev/) then -%>
dbserver     = frankoz2-dev.stanford.edu
<% else -%>
dbserver     = frankoz2.stanford.edu
<% end -%>
# Proper ssl variable passing for apache
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
<% end -%>
<%
   ## END
   ## The above section will only appear in config files on a puppet
   ## master.
   #################################################################
-%>