Puppet Class: pulp::config

Defined in:
manifests/config.pp

Overview

Pulp Master Configuration



3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
# File 'manifests/config.pp', line 3

class pulp::config {
  file { '/var/lib/pulp/packages':
    ensure => directory,
    owner  => 'apache',
    group  => 'apache',
    mode   => '0755',
  }

  file { '/etc/pulp/server.conf':
    ensure    => file,
    content   => template('pulp/server.conf.erb'),
    owner     => 'apache',
    group     => 'apache',
    mode      => '0600',
    show_diff => $pulp::show_conf_diff,
  }

  file { '/etc/pki/pulp/content':
    ensure => directory,
    owner  => 'apache',
    group  => 'apache',
    mode   => '0755',
  }

  file { '/etc/pki/pulp/content/pulp-global-repo.ca':
    ensure => link,
    target => $pulp::ca_cert,
  }

  if $pulp::enable_deb or $pulp::enable_ostree or $pulp::enable_rpm or $pulp::enable_iso {
    file { '/etc/pulp/repo_auth.conf':
      ensure  => file,
      content => template('pulp/repo_auth.conf.erb'),
      owner   => 'root',
      group   => 'root',
      mode    => '0644',
    }
  }

  if $pulp::enable_deb {
    file { '/etc/pulp/server/plugins.conf.d/deb_importer.json':
      ensure    => file,
      content   => template('pulp/deb_importer.json.erb'),
      owner     => 'root',
      group     => 'root',
      mode      => '0644',
      show_diff => $pulp::show_conf_diff,
    }
  }

  if $pulp::enable_rpm {
    file { '/etc/pulp/server/plugins.conf.d/yum_importer.json':
      ensure    => file,
      content   => template('pulp/yum_importer.json.erb'),
      owner     => 'root',
      group     => 'root',
      mode      => '0644',
      show_diff => $pulp::show_conf_diff,
    }

    file { '/etc/pulp/server/plugins.conf.d/yum_distributor.json':
      ensure    => file,
      content   => template('pulp/yum_distributor.json.erb'),
      owner     => 'root',
      group     => 'root',
      mode      => '0644',
      show_diff => $pulp::show_conf_diff,
    }
  }

  if $pulp::enable_iso {
    file { '/etc/pulp/server/plugins.conf.d/iso_importer.json':
      ensure    => file,
      content   => template('pulp/iso_importer.json.erb'),
      owner     => 'root',
      group     => 'root',
      mode      => '0644',
      show_diff => $pulp::show_conf_diff,
    }
  }

  if $pulp::enable_docker {
    file { '/etc/pulp/server/plugins.conf.d/docker_importer.json':
      ensure    => file,
      content   => template('pulp/docker_importer.json.erb'),
      owner     => 'root',
      group     => 'root',
      mode      => '0644',
      show_diff => $pulp::show_conf_diff,
    }
  }

  if $pulp::enable_ostree {
    file { '/etc/pulp/server/plugins.conf.d/ostree_importer.json':
      ensure    => file,
      content   => template('pulp/ostree_importer.json.erb'),
      owner     => 'root',
      group     => 'root',
      mode      => '0644',
      show_diff => $pulp::show_conf_diff,
    }
  }

  if $pulp::enable_puppet {
    if $facts['os']['selinux']['enabled'] {
      selboolean { 'pulp_manage_puppet':
        persistent => true,
        value      => 'on',
      }
    }

    file { '/etc/pulp/server/plugins.conf.d/puppet_importer.json':
      ensure    => file,
      content   => template('pulp/puppet_importer.json.erb'),
      owner     => 'root',
      group     => 'root',
      mode      => '0644',
      show_diff => $pulp::show_conf_diff,
    }
  }

  file { '/etc/default/pulp_workers':
    ensure  => file,
    content => template('pulp/systemd_pulp_workers'),
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
  }

  exec { '/usr/bin/pulp-gen-key-pair':
    creates => $pulp::rsa_key,
  } ->
  file { $pulp::rsa_key:
    owner => 'root',
    group => 'apache',
    mode  => '0640',
  }

  if $pulp::reset_cache {
    exec { 'reset_pulp_cache':
      command => 'rm -rf /var/lib/pulp/packages/*',
      path    => '/sbin:/bin:/usr/bin',
      before  => Exec['migrate_pulp_db'],
      require => File['/var/lib/pulp/packages'],
    }
  }

  if $pulp::consumers_crl {
    exec { 'setup-crl-symlink':
      command     => "/usr/bin/openssl x509 -in '${pulp::ca_cert}' -hash -noout | /usr/bin/xargs -I{} /bin/ln -sf '${pulp::consumers_crl}' '/etc/pki/pulp/content/{}.r0'",
      logoutput   => 'on_failure',
      refreshonly => true,
    }
  }

  exec { 'run pulp-gen-ca':
    command => '/usr/bin/pulp-gen-ca-certificate',
    creates => $pulp::ca_cert,
    require => File['/etc/pulp/server.conf'],
  }

  if $pulp::manage_squid {
    contain pulp::squid
  }

  if $pulp::enable_profiling {
    file { $pulp::profiling_directory:
      ensure => directory,
      owner  => 'apache',
      group  => 'apache',
      mode   => '0755',
    }
  }
}