class nodo::master { $main_master = hiera('nodo::master::main', false) if $main_master == true { # Puppetmaster should be included before nodo::vserver class { 'puppetmasterd': main => true, } # This is a workaround to correctly set allowed hosts on munin # client when the host is also present. # # Somewhow the inclusion of munin::host makes both $munin_allow # and $munin_port to get blank. # # Right now we don't need to bother with fixing $munin_port as # we are running the munin host in the main master node but it's # mandatory to fix $munin_allow so munin can connect into the node. $munin_allow = hiera('nodo::munin_node::host', '') include munin::host include munin::plugins::muninhost # The main master has a host entry pointing to itself, other # masters still retrieve catalogs from the main master. host { "puppet": ensure => present, ip => "127.0.0.1", alias => ["puppet.$domain"], } } else { class { 'puppetmasterd': main => false, } host { "puppet": ensure => absent, } } # We should run master nodes web server behind an HTTPS proxy $nodo_https_proxy = 'yes' # These should be included after puppetmaster include nodo::vserver include database include git-manager include websites::admin include nagios::headless include nagios::defaults # Nagios apache workaround file { "/etc/apache2/conf.d/nagios3.conf": ensure => absent, } case $puppetmaster_db_password { '': { fail("Please set \$puppetmaster_db_password in your host config") } } # Update master's puppet.conf if you change here database::instance { "puppet": password => "$puppetmaster_db_password", } # Used for trac dependency graphs package { "graphviz": ensure => present, } # Check domain registration domain::check { $domain: } }