Puppet Class: pulp

Inherits:
pulp::params
Defined in:
manifests/init.pp

Overview

Install and configure pulp

Parameters:

  • version (String) (defaults to: $pulp::params::version)

    pulp package version, it’s passed to ensure parameter of package resource can be set to specific version number, ‘latest’, ‘present’ etc.

  • crane_debug (Boolean) (defaults to: $pulp::params::crane_debug)

    Whether to enable crane debug logging

  • crane_port (Integer[1, 65535]) (defaults to: $pulp::params::crane_port)

    Port for Crane to run on

  • crane_data_dir (Stdlib::Absolutepath) (defaults to: $pulp::params::crane_data_dir)

    Directory containing docker v1/v2 artifacts published by pulp

  • manage_repo (Boolean) (defaults to: $pulp::params::manage_repo)

    Whether to manage the pulp repository

  • oauth_key (String) (defaults to: $pulp::params::oauth_key)

    Key to enable OAuth style authentication

  • oauth_secret (String) (defaults to: $pulp::params::oauth_secret)

    Shared secret that can be used for OAuth style authentication

  • oauth_enabled (Boolean) (defaults to: $pulp::params::oauth_enabled)

    Controls whether OAuth authentication is enabled

  • messaging_url (String) (defaults to: $pulp::params::messaging_url)

    the url used to contact the broker: <protocol>://<host>:<port>/<virtual-host> Supported <protocol> values are ‘tcp’ or ‘ssl’ depending on if SSL should be used or not. The <virtual-host> is optional, and is only applicable to RabbitMQ broker environments.

  • messaging_transport (Enum['qpid', 'rabbitmq']) (defaults to: $pulp::params::messaging_transport)

    The type of broker you are connecting to.

  • messaging_ca_cert (Optional[Stdlib::Absolutepath]) (defaults to: $pulp::params::messaging_ca_cert)

    Absolute path to PEM encoded CA certificate file, used by Pulp to validate the identity of the broker using SSL.

  • messaging_client_cert (Optional[Stdlib::Absolutepath]) (defaults to: $pulp::params::messaging_client_cert)

    Absolute path to PEM encoded file containing both the private key and certificate Pulp should present to the broker to be authenticated by the broker.

  • messaging_version (String) (defaults to: $pulp::params::messaging_version)

    Determines the version of packages related to the ‘messaging transport protocol’.

  • broker_url (String) (defaults to: $pulp::params::broker_url)

    A URL to a broker that Celery can use to queue tasks: qpid://<username>:<password>@<hostname>:<port>/

  • broker_use_ssl (Boolean) (defaults to: $pulp::params::broker_use_ssl)

    Whether to require SSL.

  • tasks_login_method (Optional[String]) (defaults to: $pulp::params::tasks_login_method)

    Select the SASL login method used to connect to the broker. This should be left unset except in special cases such as SSL client certificate authentication.

  • ca_cert (Stdlib::Absolutepath) (defaults to: $pulp::params::ca_cert)

    Full path to the CA certificate that will be used to sign consumer and admin identification certificates

  • ca_key (Stdlib::Absolutepath) (defaults to: $pulp::params::ca_key)

    Path to the private key for the above CA certificate

  • db_name (String) (defaults to: $pulp::params::db_name)

    Name of the database to use

  • db_seeds (String) (defaults to: $pulp::params::db_seeds)

    Comma-separated list of hostname:port of database replica seed hosts

  • db_username (Optional[String]) (defaults to: $pulp::params::db_username)

    The user name to use for authenticating to the MongoDB server

  • db_password (Optional[String]) (defaults to: $pulp::params::db_password)

    The password to use for authenticating to the MongoDB server

  • db_replica_set (Optional[String]) (defaults to: $pulp::params::db_replica_set)

    The name of replica set configured in MongoDB, if one is in use

  • db_ssl (Boolean) (defaults to: $pulp::params::db_ssl)

    Whether to connect to the database server using SSL.

  • db_ssl_keyfile (Optional[Stdlib::Absolutepath]) (defaults to: $pulp::params::db_ssl_keyfile)

    A path to the private keyfile used to identify the local connection against mongod. If included with the certfile then only the ssl_certfile is needed.

  • db_ssl_certfile (Optional[Stdlib::Absolutepath]) (defaults to: $pulp::params::db_ssl_certfile)

    The certificate file used to identify the local connection against mongod.

  • db_verify_ssl (Boolean) (defaults to: $pulp::params::db_verify_ssl)

    Specifies whether a certificate is required from the other side of the connection, and whether it will be validated if provided. If it is true, then the ca_certs parameter must point to a file of CA certificates used to validate the connection.

  • db_ca_path (Stdlib::Absolutepath) (defaults to: $pulp::params::db_ca_path)

    The ca_certs file contains a set of concatenated “certification authority” certificates, which are used to validate certificates passed from the other end of the connection.

  • db_unsafe_autoretry (Boolean) (defaults to: $pulp::params::db_unsafe_autoretry)

    If true, retry commands to the database if there is a connection error. Warning: if set to true, this setting can result in duplicate records.

  • db_write_concern (Optional[Enum['majority', 'all']]) (defaults to: $pulp::params::db_write_concern)

    Write concern of ‘majority’ or ‘all’. When ‘all’ is specified, ‘w’ is set to number of seeds specified. For version of MongoDB < 2.6, replica_set must also be specified. Please note that ‘all’ will cause Pulp to halt if any of the replica set members is not available. ‘majority’ is used by default

  • server_name (String) (defaults to: $pulp::params::server_name)

    Hostname the admin client and consumers should use when accessing the server

  • key_url (String) (defaults to: $pulp::params::key_url)

    Path within the URL to use for GPG keys

  • ks_url (String) (defaults to: $pulp::params::ks_url)

    Path within the URL to use for kickstart trees

  • debugging_mode (Boolean) (defaults to: $pulp::params::debugging_mode)

    Whether to enable Pulp’s debugging capabilities

  • log_level (Enum['CRITICAL', 'ERROR', 'WARNING', 'INFO', 'DEBUG', 'NOTSET']) (defaults to: $pulp::params::log_level)

    The desired logging level.

  • log_type (Enum['syslog', 'console']) (defaults to: $pulp::params::log_type)

    The desired logging type

  • server_working_directory (Optional[Stdlib::Absolutepath]) (defaults to: $pulp::params::server_working_directory)

    Path to where pulp workers can create working directories needed to complete tasks

  • rsa_key (Stdlib::Absolutepath) (defaults to: $pulp::params::rsa_key)

    The RSA private key used for authentication.

  • rsa_pub (Stdlib::Absolutepath) (defaults to: $pulp::params::rsa_pub)

    The RSA public key used for authentication.

  • https_cert (Optional[Stdlib::Absolutepath]) (defaults to: $pulp::params::https_cert)

    Apache public certificate for ssl

  • https_key (Optional[Stdlib::Absolutepath]) (defaults to: $pulp::params::https_key)

    Apache private certificate for ssl

  • https_ca_cert (Optional[Stdlib::Absolutepath]) (defaults to: $pulp::params::https_ca_cert)

    Apache CA certificate for client authentication. Defaults to $ca_cert

  • https_chain (Optional[Stdlib::Absolutepath]) (defaults to: $pulp::params::https_chain)

    apache chain file for ssl

  • ssl_username (Variant[String, Boolean]) (defaults to: $pulp::params::ssl_username)

    Value to use for SSLUsername directive in apache vhost. Defaults to SSL_CLIENT_S_DN_CN. Set an empty string or false to unset directive.

  • consumers_crl (Optional[Stdlib::Absolutepath]) (defaults to: $pulp::params::consumers_crl)

    Certificate revocation list for consumers which are no valid (have had their client certs revoked)

  • user_cert_expiration (Integer) (defaults to: $pulp::params::user_cert_expiration)

    Number of days a user certificate is valid

  • default_login (String) (defaults to: $pulp::params::default_login)

    Default admin username of the Pulp server; this user will be the first time the server is started

  • default_password (String) (defaults to: $pulp::params::default_password)

    Default password for admin when it is first created; this should be changed once the server is operational

  • repo_auth (Boolean) (defaults to: $pulp::params::repo_auth)

    Whether to determine whether repos managed by pulp will require authentication.

  • consumer_cert_expiration (Integer) (defaults to: $pulp::params::consumer_cert_expiration)

    Number of days a consumer certificate is valid

  • disabled_authenticators (Array[String]) (defaults to: $pulp::params::disabled_authenticators)

    List of repo authenticators to disable.

  • additional_wsgi_scripts (Hash[String, String]) (defaults to: $pulp::params::additional_wsgi_scripts)

    Hash of additional paths and WSGI script locations for Pulp vhost

  • reset_cache (Boolean) (defaults to: $pulp::params::reset_cache)

    Whether to force a cache flush. Not recommend in a regular puppet environment.

  • ssl_verify_client (Enum['none', 'optional', 'require', 'optional_no_ca']) (defaults to: $pulp::params::ssl_verify_client)

    Enforce use of SSL authentication for yum repos access

  • ssl_protocol (Optional[Variant[Array[String], String]]) (defaults to: $pulp::params::ssl_protocol)

    Versions of the SSL/TLS protocol will be accepted in new connections

  • serial_number_path (Stdlib::Absolutepath) (defaults to: $pulp::params::serial_number_path)

    Path to the serial number file

  • consumer_history_lifetime (Integer[-1]) (defaults to: $pulp::params::consumer_history_lifetime)

    number of days to store consumer events; events older than this will be purged; set to -1 to disable

  • messaging_auth_enabled (Boolean) (defaults to: $pulp::params::messaging_auth_enabled)

    Whether to enable message authentication.

  • messaging_topic_exchange (String) (defaults to: $pulp::params::messaging_topic_exchange)

    The name of the exchange to use. The exchange must be a topic exchange. The default ‘amq.topic’ is a default exchange that is guaranteed to exist on a Qpid broker.

  • messaging_event_notifications_enabled (Boolean) (defaults to: $pulp::params::messaging_event_notifications_enabled)

    Whether to enable Pulp event notfications on the message bus.

  • messaging_event_notification_url (Optional[String]) (defaults to: $pulp::params::messaging_event_notification_url)

    The AMQP URL for event notifications.

  • email_host (String) (defaults to: $pulp::params::email_host)

    Hostname of the MTA pulp should relay through

  • email_port (Integer[1, 65535]) (defaults to: $pulp::params::email_port)

    Port of the MTA relay

  • email_from (String) (defaults to: $pulp::params::email_from)

    The “From” address of each email the system sends

  • email_enabled (Boolean) (defaults to: $pulp::params::email_enabled)

    Whether emails will be sent

  • manage_squid (Boolean) (defaults to: $pulp::params::manage_squid)

    Whether the Squid configuration is managed. This is used by Pulp Streamer. Requires the squid module.

  • lazy_redirect_host (Optional[String]) (defaults to: $pulp::params::lazy_redirect_host)

    The host FQDN or IP to which requests are redirected.

  • lazy_redirect_port (Optional[Integer[1, 65535]]) (defaults to: $pulp::params::lazy_redirect_port)

    The TCP port to which requests are redirected

  • lazy_redirect_path (Optional[String]) (defaults to: $pulp::params::lazy_redirect_path)

    The base path to which requests are redirected

  • lazy_https_retrieval (Boolean) (defaults to: $pulp::params::lazy_https_retrieval)

    Controls whether Pulp uses HTTPS or HTTP to retrieve content from the streamer. WARNING: Setting this to ‘false’ is not safe if you wish to use Pulp to provide repository entitlement enforcement. It is strongly recommended to keep this set to ‘true’ and use certificates that are signed by a trusted authority on the web server that serves as the streamer reverse proxy.

  • lazy_download_interval (Integer[0]) (defaults to: $pulp::params::lazy_download_interval)

    The interval in minutes between checks for content cached by the Squid proxy.

  • lazy_download_concurrency (Integer[0]) (defaults to: $pulp::params::lazy_download_concurrency)

    The number of downloads to perform concurrently when downloading content from the Squid cache.

  • proxy_url (Optional[String]) (defaults to: $pulp::params::proxy_url)

    URL of the proxy server

  • proxy_port (Optional[Integer[1, 65535]]) (defaults to: $pulp::params::proxy_port)

    Port the proxy is running on

  • proxy_username (Optional[String]) (defaults to: $pulp::params::proxy_username)

    Proxy username for authentication

  • proxy_password (Optional[String]) (defaults to: $pulp::params::proxy_password)

    Proxy password for authentication

  • yum_max_speed (Optional[String]) (defaults to: $pulp::params::yum_max_speed)

    The maximum download speed for RPM & ISO Pulp tasks, such as a sync. (e.g. “4 kb” or “1 Gb”)

  • yum_gpg_sign_repo_metadata (Boolean) (defaults to: $pulp::params::yum_gpg_sign_repo_metadata)

    Whether yum repo metadata GPG signing will be enabled

  • yum_gpg_key_id (Optional[String]) (defaults to: $pulp::params::yum_gpg_key_id)

    GPG Key ID to use for yum repo metadata signing

  • yum_gpg_cmd (Optional[String]) (defaults to: $pulp::params::yum_gpg_cmd)

    Custom GPG command/script to use for yum repo metadata signing

  • yum_remove_old_repodata_count (Integer[0,65535]) (defaults to: $pulp::params::yum_remove_old_repodata_count)

    Number of older yum repodata files to keep around after each publish

  • num_workers (Integer[0]) (defaults to: $pulp::params::num_workers)

    Number of Pulp workers to use.

  • enable_admin (Boolean) (defaults to: $pulp::params::enable_admin)

    Whether to install and configure the admin command

  • enable_katello (Boolean) (defaults to: $pulp::params::enable_katello)

    Whether to enable pulp katello plugin.

  • enable_crane (Boolean) (defaults to: $pulp::params::enable_crane)

    Whether to enable crane docker repository

  • max_tasks_per_child (Optional[Integer[0]]) (defaults to: $pulp::params::max_tasks_per_child)

    Number of tasks after which the worker is restarted and the memory it allocated is returned to the system

  • enable_rpm (Boolean) (defaults to: $pulp::params::enable_rpm)

    Whether to enable rpm plugin.

  • enable_deb (Boolean) (defaults to: $pulp::params::enable_deb)

    Whether to enable deb plugin.

  • enable_iso (Boolean) (defaults to: $pulp::params::enable_iso)

    Whether to enable iso plugin.

  • enable_docker (Boolean) (defaults to: $pulp::params::enable_docker)

    Whether to enable docker plugin.

  • enable_puppet (Boolean) (defaults to: $pulp::params::enable_puppet)

    Whether to enable puppet plugin.

  • enable_python (Boolean) (defaults to: $pulp::params::enable_python)

    Whether to enable python plugin.

  • enable_ostree (Boolean) (defaults to: $pulp::params::enable_ostree)

    Whether to enable ostree plugin.

  • enable_parent_node (Boolean) (defaults to: $pulp::params::enable_parent_node)

    Whether to enable pulp parent nodes.

  • enable_http (Boolean) (defaults to: $pulp::params::enable_http)

    Whether to enable http access to deb/rpm repos.

  • http_port (Integer[1, 65535]) (defaults to: $pulp::params::http_port)

    HTTP port Apache will listen

  • https_port (Integer[1, 65535]) (defaults to: $pulp::params::https_port)

    HTTPS port Apache will listen

  • manage_httpd (Boolean) (defaults to: $pulp::params::manage_httpd)

    Whether to install and configure the httpd server.

  • manage_plugins_httpd (Boolean) (defaults to: $pulp::params::manage_plugins_httpd)

    Whether to install the enabled pulp plugins apache configs even if $manage_httpd is false.

  • manage_broker (Boolean) (defaults to: $pulp::params::manage_broker)

    Whether install and configure the qpid or rabbitmq broker.

  • manage_db (Boolean) (defaults to: $pulp::params::manage_db)

    Boolean to install and configure the mongodb.

  • node_certificate (Stdlib::Absolutepath) (defaults to: $pulp::params::node_certificate)

    The absolute path to the node SSL certificate

  • node_verify_ssl (Boolean) (defaults to: $pulp::params::node_verify_ssl)

    Whether to verify node SSL

  • node_server_ca_cert (Stdlib::Absolutepath) (defaults to: $pulp::params::node_server_ca_cert)

    Server cert for pulp node

  • node_oauth_effective_user (String) (defaults to: $pulp::params::node_oauth_effective_user)

    Effective user for node OAuth

  • node_oauth_key (String) (defaults to: $pulp::params::node_oauth_key)

    The oauth key used to authenticate to the parent node

  • node_oauth_secret (String) (defaults to: $pulp::params::node_oauth_secret)

    The oauth secret used to authenticate to the parent node

  • max_keep_alive (Integer[0]) (defaults to: $pulp::params::max_keep_alive)

    Configuration value for apache MaxKeepAliveRequests

  • wsgi_processes (Integer[1]) (defaults to: $pulp::params::wsgi_processes)

    Number of WSGI processes to spawn for pulp itself

  • wsgi_max_requests (Integer[0]) (defaults to: $pulp::params::wsgi_max_requests)

    Maximum number of requests for each wsgi worker to process before shutting down and restarting, useful to combat memory leaks.

  • puppet_wsgi_processes (Integer[0]) (defaults to: $pulp::params::puppet_wsgi_processes)

    Number of WSGI processes to spawn for the puppet webapp

  • migrate_db_timeout (Integer[0]) (defaults to: $pulp::params::migrate_db_timeout)

    Change the timeout for pulp-manage-db

  • show_conf_diff (Boolean) (defaults to: $pulp::params::show_conf_diff)

    Allow showing diff for changes in server.conf and importer.json. Warning: may display and log passwords contained in these files.

  • enable_profiling (Boolean) (defaults to: $pulp::params::enable_profiling)

    Turns on cProfiling of tasks in Pulp

  • profiling_directory (Stdlib::Absolutepath) (defaults to: $pulp::params::profiling_directory)

    Directory to store task profiling data in

  • ldap_url (Optional[String]) (defaults to: $pulp::params::ldap_url)

    URL to use for LDAP authentication. Defaults to undef (internal authentication is used)

  • ldap_bind_dn (Optional[String]) (defaults to: $pulp::params::ldap_bind_dn)

    LDAP Bind DN

  • ldap_bind_password (Optional[String]) (defaults to: $pulp::params::ldap_bind_password)

    LDAP Password

  • ldap_remote_user_attribute (String) (defaults to: $pulp::params::ldap_remote_user_attribute)

    LDAP Remote User Attribute. Defaults to ‘sAMAccountName’

  • worker_timeout (Integer[0]) (defaults to: $pulp::params::worker_timeout)

    The amount of time (in seconds) before considering a worker as missing. If Pulp’s mongo database has slow I/O, then setting a higher number may resolve issues where workers are going missing incorrectly. Defaults to 30.



408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
# File 'manifests/init.pp', line 408

class pulp (
  String $version = $pulp::params::version,
  Boolean $crane_debug = $pulp::params::crane_debug,
  Integer[1, 65535] $crane_port = $pulp::params::crane_port,
  Boolean $manage_repo = $pulp::params::manage_repo,
  Stdlib::Absolutepath $crane_data_dir = $pulp::params::crane_data_dir,
  String $db_name = $pulp::params::db_name,
  String $db_seeds = $pulp::params::db_seeds,
  Optional[String] $db_username = $pulp::params::db_username,
  Optional[String] $db_password = $pulp::params::db_password,
  Optional[String] $db_replica_set = $pulp::params::db_replica_set,
  Boolean $db_ssl = $pulp::params::db_ssl,
  Optional[Stdlib::Absolutepath] $db_ssl_keyfile = $pulp::params::db_ssl_keyfile,
  Optional[Stdlib::Absolutepath] $db_ssl_certfile = $pulp::params::db_ssl_certfile,
  Boolean $db_verify_ssl = $pulp::params::db_verify_ssl,
  Stdlib::Absolutepath $db_ca_path = $pulp::params::db_ca_path,
  Boolean $db_unsafe_autoretry = $pulp::params::db_unsafe_autoretry,
  Optional[Enum['majority', 'all']] $db_write_concern = $pulp::params::db_write_concern,
  String $server_name = $pulp::params::server_name,
  String $key_url = $pulp::params::key_url,
  String $ks_url = $pulp::params::ks_url,
  String $default_login = $pulp::params::default_login,
  String $default_password = $pulp::params::default_password,
  Boolean $debugging_mode = $pulp::params::debugging_mode,
  Enum['syslog', 'console'] $log_type = $pulp::params::log_type,
  Enum['CRITICAL', 'ERROR', 'WARNING', 'INFO', 'DEBUG', 'NOTSET'] $log_level = $pulp::params::log_level,
  Optional[Stdlib::Absolutepath] $server_working_directory = $pulp::params::server_working_directory,
  Stdlib::Absolutepath $rsa_key = $pulp::params::rsa_key,
  Stdlib::Absolutepath $rsa_pub = $pulp::params::rsa_pub,
  Stdlib::Absolutepath $ca_cert = $pulp::params::ca_cert,
  Stdlib::Absolutepath $ca_key = $pulp::params::ca_key,
  Optional[Stdlib::Absolutepath] $https_cert = $pulp::params::https_cert,
  Optional[Stdlib::Absolutepath] $https_key = $pulp::params::https_key,
  Optional[Stdlib::Absolutepath] $https_ca_cert = $pulp::params::https_ca_cert,
  Optional[Stdlib::Absolutepath] $https_chain = $pulp::params::https_chain,
  Variant[String, Boolean] $ssl_username = $pulp::params::ssl_username,
  Integer $user_cert_expiration = $pulp::params::user_cert_expiration,
  Integer $consumer_cert_expiration = $pulp::params::consumer_cert_expiration,
  Stdlib::Absolutepath $serial_number_path = $pulp::params::serial_number_path,
  Integer[-1] $consumer_history_lifetime = $pulp::params::consumer_history_lifetime,
  Boolean $oauth_enabled = $pulp::params::oauth_enabled,
  String $oauth_key = $pulp::params::oauth_key,
  String $oauth_secret = $pulp::params::oauth_secret,
  Integer[0] $max_keep_alive = $pulp::params::max_keep_alive,
  String $messaging_url = $pulp::params::messaging_url,
  Enum['qpid', 'rabbitmq'] $messaging_transport = $pulp::params::messaging_transport,
  Boolean $messaging_auth_enabled = $pulp::params::messaging_auth_enabled,
  Optional[Stdlib::Absolutepath] $messaging_ca_cert = $pulp::params::messaging_ca_cert,
  Optional[Stdlib::Absolutepath] $messaging_client_cert = $pulp::params::messaging_client_cert,
  String $messaging_topic_exchange = $pulp::params::messaging_topic_exchange,
  Boolean $messaging_event_notifications_enabled = $pulp::params::messaging_event_notifications_enabled,
  Optional[String] $messaging_event_notification_url = $pulp::params::messaging_event_notification_url,
  String $messaging_version = $pulp::params::messaging_version,
  String $broker_url = $pulp::params::broker_url,
  Boolean $broker_use_ssl = $pulp::params::broker_use_ssl,
  Optional[String] $tasks_login_method = $pulp::params::tasks_login_method,
  String $email_host = $pulp::params::email_host,
  Integer[1, 65535] $email_port = $pulp::params::email_port,
  Integer[1, 65535] $http_port = $pulp::params::http_port,
  Integer[1, 65535] $https_port = $pulp::params::https_port,
  String $email_from = $pulp::params::email_from,
  Boolean $email_enabled = $pulp::params::email_enabled,
  Boolean $manage_squid = $pulp::params::manage_squid,
  Optional[String] $lazy_redirect_host = $pulp::params::lazy_redirect_host,
  Optional[Integer[1, 65535]] $lazy_redirect_port = $pulp::params::lazy_redirect_port,
  Optional[String] $lazy_redirect_path = $pulp::params::lazy_redirect_path,
  Boolean $lazy_https_retrieval = $pulp::params::lazy_https_retrieval,
  Integer[0] $lazy_download_interval = $pulp::params::lazy_download_interval,
  Integer[0] $lazy_download_concurrency = $pulp::params::lazy_download_concurrency,
  Optional[Stdlib::Absolutepath] $consumers_crl = $pulp::params::consumers_crl,
  Boolean $reset_cache = $pulp::params::reset_cache,
  Enum['none', 'optional', 'require', 'optional_no_ca'] $ssl_verify_client = $pulp::params::ssl_verify_client,
  Optional[Variant[Array[String], String]] $ssl_protocol = $pulp::params::ssl_protocol,
  Boolean $repo_auth = $pulp::params::repo_auth,
  Optional[String] $proxy_url = $pulp::params::proxy_url,
  Optional[Integer[1, 65535]] $proxy_port = $pulp::params::proxy_port,
  Optional[String] $proxy_username = $pulp::params::proxy_username,
  Optional[String] $proxy_password = $pulp::params::proxy_password,
  Optional[String] $yum_max_speed = $pulp::params::yum_max_speed,
  Boolean $yum_gpg_sign_repo_metadata = $pulp::params::yum_gpg_sign_repo_metadata,
  Optional[String] $yum_gpg_key_id = $pulp::params::yum_gpg_key_id,
  Optional[String] $yum_gpg_cmd = $pulp::params::yum_gpg_cmd,
  Integer[0,65535] $yum_remove_old_repodata_count = $pulp::params::yum_remove_old_repodata_count,
  Integer[0] $num_workers = $pulp::params::num_workers,
  Integer[0] $worker_timeout = $pulp::params::worker_timeout,
  Boolean $enable_admin = $pulp::params::enable_admin,
  Boolean $enable_katello = $pulp::params::enable_katello,
  Boolean $enable_crane = $pulp::params::enable_crane,
  Optional[Integer[0]] $max_tasks_per_child = $pulp::params::max_tasks_per_child,
  Boolean $enable_deb = $pulp::params::enable_deb,
  Boolean $enable_docker = $pulp::params::enable_docker,
  Boolean $enable_rpm = $pulp::params::enable_rpm,
  Boolean $enable_iso = $pulp::params::enable_iso,
  Boolean $enable_puppet = $pulp::params::enable_puppet,
  Boolean $enable_python = $pulp::params::enable_python,
  Boolean $enable_ostree = $pulp::params::enable_ostree,
  Boolean $enable_parent_node = $pulp::params::enable_parent_node,
  Boolean $enable_http = $pulp::params::enable_http,
  Boolean $manage_broker = $pulp::params::manage_broker,
  Boolean $manage_db = $pulp::params::manage_db,
  Boolean $manage_httpd = $pulp::params::manage_httpd,
  Boolean $manage_plugins_httpd = $pulp::params::manage_plugins_httpd,
  Stdlib::Absolutepath $node_certificate = $pulp::params::node_certificate,
  Boolean $node_verify_ssl = $pulp::params::node_verify_ssl,
  Stdlib::Absolutepath $node_server_ca_cert = $pulp::params::node_server_ca_cert,
  String $node_oauth_effective_user = $pulp::params::node_oauth_effective_user,
  String $node_oauth_key = $pulp::params::node_oauth_key,
  String $node_oauth_secret = $pulp::params::node_oauth_secret,
  Array[String] $disabled_authenticators = $pulp::params::disabled_authenticators,
  Hash[String, String] $additional_wsgi_scripts = $pulp::params::additional_wsgi_scripts,
  Integer[1] $wsgi_processes = $pulp::params::wsgi_processes,
  Integer[0] $wsgi_max_requests = $pulp::params::wsgi_max_requests,
  Integer[0] $puppet_wsgi_processes = $pulp::params::puppet_wsgi_processes,
  Integer[0] $migrate_db_timeout = $pulp::params::migrate_db_timeout,
  Boolean $show_conf_diff = $pulp::params::show_conf_diff,
  Boolean $enable_profiling = $pulp::params::enable_profiling,
  Stdlib::Absolutepath $profiling_directory = $pulp::params::profiling_directory,
  Optional[String] $ldap_url = $pulp::params::ldap_url,
  Optional[String] $ldap_bind_dn = $pulp::params::ldap_bind_dn,
  Optional[String] $ldap_bind_password = $pulp::params::ldap_bind_password,
  String $ldap_remote_user_attribute = $pulp::params::ldap_remote_user_attribute,
) inherits pulp::params {
  if $yum_max_speed {
    $real_yum_max_speed = to_bytes($yum_max_speed)
  } else {
    $real_yum_max_speed = undef
  }

  if $ldap_url or $ldap_bind_dn or $ldap_bind_password {
    assert_type(Array[NotUndef], [$ldap_url, $ldap_bind_dn, $ldap_bind_password])
  }

  if $manage_repo {
    include pulp::repo::upstream
    Class['pulp::repo::upstream'] -> Class['pulp::install']
  }

  include mongodb::client
  include pulp::broker

  if $enable_crane {
    class { 'pulp::crane':
      cert         => $https_cert,
      key          => $https_key,
      ca_cert      => pick($pulp::https_ca_cert, $pulp::ca_cert),
      ssl_chain    => $https_chain,
      port         => $crane_port,
      data_dir     => $crane_data_dir,
      debug        => $crane_debug,
      ssl_protocol => $ssl_protocol,
    }
    contain pulp::crane
  }

  contain pulp::install
  contain pulp::config
  contain pulp::database
  contain pulp::service
  contain pulp::apache

  Class['pulp::install'] -> Class['pulp::config'] -> Class['pulp::database'] ~> Class['pulp::service', 'pulp::apache']
  Class['pulp::config'] ~> Class['pulp::service', 'pulp::apache']

  if $enable_admin {
    if $ssl_username and $ssl_username != '' {
      warning('Using $ssl_username means pulp-admin login doesn\'t work. Falling back to file login but pulp_*repo providers won\'t work')
      $login_method = 'file'
    } else {
      $login_method = 'login'
    }

    class { 'pulp::admin':
      enable_deb    => $enable_deb,
      enable_docker => $enable_docker,
      enable_nodes  => $enable_parent_node,
      enable_ostree => $enable_ostree,
      enable_puppet => $enable_puppet,
      enable_python => $enable_python,
      enable_rpm    => $enable_rpm,
      ca_path       => $ca_cert,
      login_method  => $login_method,
      username      => $default_login,
      password      => $default_password,
      require       => Class['pulp::apache'],
    }
  }
}