aboutsummaryrefslogtreecommitdiff
path: root/manifests/master.pp
blob: 4c384b6cfe5cfc1107f90e38e7b40e6ee9e8d06d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
class nodo::master {
  $main_master = hiera('nodo::master::main', false)

  if $main_master == true {
    # Puppetmaster should be included before nodo::vserver
    class { 'puppetmasterd':
      main => true,
    }

    # This is a workaround to correctly set allowed hosts on munin
    # client when the host is also present.
    #
    # Somewhow the inclusion of munin::host makes both $munin_allow
    # and $munin_port to get blank.
    #
    # Right now we don't need to bother with fixing $munin_port as
    # we are running the munin host in the main master node but it's
    # mandatory to fix $munin_allow so munin can connect into the node.
    $munin_allow = hiera('nodo::munin_node::host',   '')

    include munin::host
    include munin::plugins::muninhost

    # The main master has a host entry pointing to itself, other
    # masters still retrieve catalogs from the main master.
    host { "puppet":
      ensure => present,
      ip     => "127.0.0.1",
      alias  => ["puppet.$domain"],
    }
  } else {
    class { 'puppetmasterd':
      main => false,
    }

    host { "puppet":
      ensure => absent,
    }
  }

  # We should run master nodes web server behind an HTTPS proxy
  $nodo_https_proxy = 'yes'

  # These should be included after puppetmaster
  include nodo::vserver
  include database
  include git-manager
  include websites::admin
  include nagios::headless
  include nagios::defaults

  # Nagios apache workaround
  file { "/etc/apache2/conf.d/nagios3.conf":
    ensure => absent,
  }

  case $puppetmaster_db_password {
    '': { fail("Please set \$puppetmaster_db_password in your host config") }
  }

  # Update master's puppet.conf if you change here
  database::instance { "puppet":
    password => "$puppetmaster_db_password",
  }

  # Used for trac dependency graphs
  package { "graphviz":
    ensure => present,
  }

  # Check domain registration
  domain::check { $domain: }
}