-
Notifications
You must be signed in to change notification settings - Fork 289
/
Copy pathinit.pp
155 lines (147 loc) · 4.55 KB
/
init.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
# @summary Base Sensu class
#
# This is the main Sensu class
#
# @param version
# Version of Sensu to install. Defaults to `installed` to support
# Windows MSI packaging and to avoid surprising upgrades.
#
# @param etc_dir
# Absolute path to the Sensu etc directory.
#
# @param ssl_dir
# Absolute path to the Sensu ssl directory.
#
# @param manage_user
# Boolean that determines if sensu user should be managed
#
# @param user
# User used by sensu services
#
# @param manage_group
# Boolean that determines if sensu group should be managed
#
# @param group
# User group used by sensu services
#
# @param etc_dir_purge
# Boolean to determine if the etc_dir should be purged
# such that only Puppet managed files are present.
#
# @param ssl_dir_purge
# Boolean to determine if the ssl_dir should be purged
# such that only Puppet managed files are present.
#
# @param manage_repo
# Boolean to determine if software repository for Sensu
# should be managed.
#
# @param use_ssl
# Sensu backend service uses SSL
#
# @param ssl_ca_source
# Source of SSL CA used by sensu services
# This parameter is mutually exclusive with ssl_ca_content
#
# @param ssl_ca_content
# Content of SSL CA used by sensu services
# This parameter is mutually exclusive with ssl_ca_source
#
# @param api_host
# Sensu backend host used to configure sensuctl and verify API access.
# @param api_port
# Sensu backend port used to configure sensuctl and verify API access.
# @param password
# Sensu backend admin password used to confiure sensuctl.
# @param agent_password
# The sensu agent password
# @param agent_entity_config_password
# The password used when configuring Sensu Agent entity config items
# Defaults to value used for `agent_password`.
# @param validate_namespaces
# Determines if sensuctl and sensu_api types will validate their namespace exists
# @param validate_api
# Determines if Sensu API is validated
class sensu (
String $version = 'installed',
Stdlib::Absolutepath $etc_dir = '/etc/sensu',
Stdlib::Absolutepath $ssl_dir = '/etc/sensu/ssl',
Boolean $manage_user = true,
String $user = 'sensu',
Boolean $manage_group = true,
String $group = 'sensu',
Boolean $etc_dir_purge = true,
Boolean $ssl_dir_purge = true,
Boolean $manage_repo = true,
Boolean $use_ssl = true,
Optional[String] $ssl_ca_source = $facts['puppet_localcacert'],
Optional[String] $ssl_ca_content = undef,
String $api_host = $trusted['certname'],
Stdlib::Port $api_port = 8080,
String $password = 'P@ssw0rd!',
String $agent_password = 'P@ssw0rd!',
Optional[String] $agent_entity_config_password = undef,
Boolean $validate_namespaces = true,
Boolean $validate_api = true,
) {
if $ssl_ca_content {
$_ssl_ca_source = undef
} else {
$_ssl_ca_source = $ssl_ca_source
}
if $use_ssl and !($_ssl_ca_source or $ssl_ca_content) {
fail('sensu: ssl_ca_source or ssl_ca_content must be defined when use_ssl is true')
}
if $facts['os']['family'] == 'windows' {
# dirname can not handle back slashes so convert to forward slash then back to back slash
$etc_dir_fixed = regsubst($etc_dir, '\\\\', '/', 'G')
$etc_parent_dirname = dirname($etc_dir_fixed)
$etc_parent_dir = regsubst($etc_parent_dirname, '/', '\\\\', 'G')
$sensu_user = undef
$sensu_group = undef
$directory_mode = undef
$file_mode = undef
$trusted_ca_file_path = "${ssl_dir}\\ca.crt"
$agent_config_path = "${etc_dir}\\agent.yml"
} else {
$etc_parent_dir = undef
$sensu_user = $user
$sensu_group = $group
$directory_mode = '0755'
$file_mode = '0640'
$join_path = '/'
$trusted_ca_file_path = "${ssl_dir}/ca.crt"
$agent_config_path = "${etc_dir}/agent.yml"
}
if $use_ssl {
$api_protocol = 'https'
$trusted_ca_file = $trusted_ca_file_path
} else {
$api_protocol = 'http'
$trusted_ca_file = 'absent'
}
$api_url = "${api_protocol}://${api_host}:${api_port}"
$_agent_entity_config_password = pick($agent_entity_config_password, $agent_password)
case $facts['os']['family'] {
'RedHat': {
$os_package_require = []
}
'Debian': {
$os_package_require = [Class['apt::update']]
}
'windows': {
$os_package_require = []
}
default: {
fail("Detected osfamily <${facts['os']['family']}>. Only RedHat, Debian and Windows are supported.")
}
}
# $package_require is used by sensu::agent and sensu::backend
# package resources
if $manage_repo {
$package_require = [Class['sensu::repo']] + $os_package_require
} else {
$package_require = undef
}
include sensu::resources
}