Puppet Class: splunk::web

Defined in:
manifests/web.pp

Overview

Parameters:

  • ciphersuite (Any) (defaults to: $splunk::ciphersuite)
  • sslversions (Any) (defaults to: $splunk::sslversions)
  • httpport (Any) (defaults to: $splunk::httpport)
  • ecdhcurvename (Any) (defaults to: $splunk::ecdhcurvename)
  • privkeypath (Any) (defaults to: $splunk::privkeypath)
  • servercert (Any) (defaults to: $splunk::servercert)
  • reuse_puppet_certs_for_web (Any) (defaults to: $splunk::reuse_puppet_certs_for_web)
  • splunk_os_user (Any) (defaults to: $splunk::real_splunk_os_user)
  • splunk_os_group (Any) (defaults to: $splunk::real_splunk_os_group)
  • splunk_dir_mode (Any) (defaults to: $splunk::real_splunk_dir_mode)
  • splunk_file_mode (Any) (defaults to: $splunk::real_splunk_file_mode)
  • splunk_app_precedence_dir (Any) (defaults to: $splunk::splunk_app_precedence_dir)
  • splunk_app_replace (Any) (defaults to: $splunk::splunk_app_replace)
  • splunk_home (Any) (defaults to: $splunk::splunk_home) 


6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
 
# File 'manifests/web.pp', line 6

class splunk::web (
  $ciphersuite = $splunk::ciphersuite,
  $sslversions = $splunk::sslversions,
  $httpport = $splunk::httpport,
  $ecdhcurvename = $splunk::ecdhcurvename,
  $privkeypath = $splunk::privkeypath,
  $servercert = $splunk::servercert,
  $reuse_puppet_certs_for_web = $splunk::reuse_puppet_certs_for_web,
  $splunk_os_user = $splunk::real_splunk_os_user,
  $splunk_os_group = $splunk::real_splunk_os_group,
  $splunk_dir_mode = $splunk::real_splunk_dir_mode,
  $splunk_file_mode = $splunk::real_splunk_file_mode,
  $splunk_app_precedence_dir = $splunk::splunk_app_precedence_dir,
  $splunk_app_replace = $splunk::splunk_app_replace,
  $splunk_home = $splunk::splunk_home
){
  $splunk_app_name = 'puppet_common_ssl_web'
  if $httpport == undef {
    file {"${splunk_home}/etc/apps/${splunk_app_name}_base":
      ensure  => absent,
      recurse => true,
      purge   => true,
      force   => true,
    }
    -> file { ["${splunk_home}/etc/apps/${splunk_app_name}_disabled",
            "${splunk_home}/etc/apps/${splunk_app_name}_disabled/${splunk_app_precedence_dir}",
            "${splunk_home}/etc/apps/${splunk_app_name}_disabled/metadata",]:
      ensure => directory,
      owner  => $splunk_os_user,
      group  => $splunk_os_group,
      mode   => $splunk_dir_mode,
    }
    -> file { "${splunk_home}/etc/apps/${splunk_app_name}_disabled/${splunk_app_precedence_dir}/web.conf":
      ensure  => present,
      owner   => $splunk_os_user,
      group   => $splunk_os_group,
      mode    => $splunk_file_mode,
      replace => $splunk_app_replace,
      content => template("splunk/${splunk_app_name}_base/local/web.conf"),
    }
  } else {
    case $::osfamily {
      /^[Ww]indows$/: {
        # On Windows, we have to run createssl ourselves because we run the msi with LAUNCHSPLUNK=0
        exec { 'splunk createssl':
          command     => 'splunk createssl web-cert 2048',
          path        => ["${splunk_home}/bin"],
          environment => "OPENSSL_CONF=${splunk_home}/openssl.cnf",
          creates     => [
            "${splunk_home}/etc/auth/splunkweb/cert.pem",
          ],
          logoutput   => true,
        }
      }
      default: {
        # On Linux this already taken care of by enable boot-start
      }
    }
    file {"${splunk_home}/etc/apps/${splunk_app_name}_disabled":
      ensure  => absent,
      recurse => true,
      purge   => true,
      force   => true,
    }
    -> file { ["${splunk_home}/etc/apps/${splunk_app_name}_base",
            "${splunk_home}/etc/apps/${splunk_app_name}_base/${splunk_app_precedence_dir}",
            "${splunk_home}/etc/apps/${splunk_app_name}_base/metadata",]:
      ensure => directory,
      owner  => $splunk_os_user,
      group  => $splunk_os_group,
      mode   => $splunk_dir_mode,
    }
    -> file { "${splunk_home}/etc/apps/${splunk_app_name}_base/${splunk_app_precedence_dir}/web.conf":
      ensure  => present,
      owner   => $splunk_os_user,
      group   => $splunk_os_group,
      mode    => $splunk_file_mode,
      replace => $splunk_app_replace,
      content => template("splunk/${splunk_app_name}_base/local/web.conf"),
    }

  }
}