diff --git a/manifests/database/default_read_grant.pp b/manifests/database/default_read_grant.pp index 5c5fcb84..373d56c7 100644 --- a/manifests/database/default_read_grant.pp +++ b/manifests/database/default_read_grant.pp @@ -2,10 +2,10 @@ # # @api private define puppetdb::database::default_read_grant ( - String $database_name, - String $schema, - String $database_username, - String $database_read_only_username, + String[1] $database_name, + String[1] $schema, + String[1] $database_username, + String[1] $database_read_only_username, Optional[Stdlib::Port] $database_port = undef, ) { postgresql_psql { "grant default select permission for ${database_read_only_username}": diff --git a/manifests/database/postgresql.pp b/manifests/database/postgresql.pp index 825b3fe7..f0a9f2bd 100644 --- a/manifests/database/postgresql.pp +++ b/manifests/database/postgresql.pp @@ -71,27 +71,30 @@ # PostgreSQL password authentication method, either `md5` or `scram-sha-256` # class puppetdb::database::postgresql ( - $listen_addresses = $puppetdb::params::database_host, - $puppetdb_server = $puppetdb::params::puppetdb_server, - $database_name = $puppetdb::params::database_name, - $database_username = $puppetdb::params::database_username, - Variant[String[1], Sensitive[String[1]]] $database_password = $puppetdb::params::database_password, - $database_port = $puppetdb::params::database_port, - $manage_database = $puppetdb::params::manage_database, - $manage_server = $puppetdb::params::manage_dbserver, - $manage_package_repo = $puppetdb::params::manage_pg_repo, - $postgres_version = $puppetdb::params::postgres_version, - $postgresql_ssl_on = $puppetdb::params::postgresql_ssl_on, - $postgresql_ssl_key_path = $puppetdb::params::postgresql_ssl_key_path, - $postgresql_ssl_cert_path = $puppetdb::params::postgresql_ssl_cert_path, - $postgresql_ssl_ca_cert_path = $puppetdb::params::postgresql_ssl_ca_cert_path, - $read_database_username = $puppetdb::params::read_database_username, - Variant[String[1], Sensitive[String[1]]] $read_database_password = $puppetdb::params::read_database_password, - $read_database_host = $puppetdb::params::read_database_host, - Boolean $password_sensitive = false, - Postgresql::Pg_password_encryption $password_encryption = $puppetdb::params::password_encryption, + Stdlib::Host $listen_addresses = $puppetdb::params::database_host, + Stdlib::Host $puppetdb_server = $puppetdb::params::puppetdb_server, + String[1] $database_name = $puppetdb::params::database_name, + String[1] $database_username = $puppetdb::params::database_username, + Variant[String[1], Sensitive[String[1]]] $database_password = $puppetdb::params::database_password, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $database_port = $puppetdb::params::database_port, + Boolean $manage_database = $puppetdb::params::manage_database, + Boolean $manage_server = $puppetdb::params::manage_dbserver, + Boolean $manage_package_repo = $puppetdb::params::manage_pg_repo, + String[2,3] $postgres_version = $puppetdb::params::postgres_version, + Boolean $postgresql_ssl_on = $puppetdb::params::postgresql_ssl_on, + Stdlib::Absolutepath $postgresql_ssl_key_path = $puppetdb::params::postgresql_ssl_key_path, + Stdlib::Absolutepath $postgresql_ssl_cert_path = $puppetdb::params::postgresql_ssl_cert_path, + Stdlib::Absolutepath $postgresql_ssl_ca_cert_path = $puppetdb::params::postgresql_ssl_ca_cert_path, + String[1] $read_database_username = $puppetdb::params::read_database_username, + Variant[String[1], Sensitive[String[1]]] $read_database_password = $puppetdb::params::read_database_password, + Optional[Stdlib::Host] $read_database_host = $puppetdb::params::read_database_host, + Boolean $password_sensitive = false, + Postgresql::Pg_password_encryption $password_encryption = $puppetdb::params::password_encryption, ) inherits puppetdb::params { - $port = scanf($database_port, '%i')[0] + $port = case $database_port.is_a(String) { + true: { scanf($database_port, '%i')[0] } + default: { $database_port } + } if $manage_server { class { 'postgresql::globals': diff --git a/manifests/database/postgresql_ssl_rules.pp b/manifests/database/postgresql_ssl_rules.pp index bd1e61d2..fb347731 100644 --- a/manifests/database/postgresql_ssl_rules.pp +++ b/manifests/database/postgresql_ssl_rules.pp @@ -2,10 +2,10 @@ # # @api private define puppetdb::database::postgresql_ssl_rules ( - String $database_name, - String $database_username, + String[1] $database_name, + String[1] $database_username, String[2,3] $postgres_version, - String $puppetdb_server, + String[1] $puppetdb_server, ) { $identity_map_key = "${database_name}-${database_username}-map" diff --git a/manifests/database/read_grant.pp b/manifests/database/read_grant.pp index e81ce8fc..ec57ba88 100644 --- a/manifests/database/read_grant.pp +++ b/manifests/database/read_grant.pp @@ -2,9 +2,9 @@ # # @api private define puppetdb::database::read_grant ( - String $database_name, - String $schema, - String $database_read_only_username, + String[1] $database_name, + String[1] $schema, + String[1] $database_read_only_username, Optional[Stdlib::Port] $database_port = undef, ) { postgresql_psql { "grant select permission for ${database_read_only_username}": diff --git a/manifests/database/read_only_user.pp b/manifests/database/read_only_user.pp index 9b73ea31..7a18f63a 100644 --- a/manifests/database/read_only_user.pp +++ b/manifests/database/read_only_user.pp @@ -18,12 +18,12 @@ # # @api private define puppetdb::database::read_only_user ( - String $read_database_username, - String $database_name, - String $database_owner, - Variant[String[1], Boolean, Sensitive[String[1]]] $password_hash = false, - Optional[Stdlib::Port] $database_port = undef, - Optional[Postgresql::Pg_password_encryption] $password_encryption = undef, + String[1] $read_database_username, + String[1] $database_name, + String[1] $database_owner, + Variant[String[1], Boolean, Sensitive[String[1]]] $password_hash = false, + Optional[Stdlib::Port] $database_port = undef, + Optional[Postgresql::Pg_password_encryption] $password_encryption = undef, ) { postgresql::server::role { $read_database_username: password_hash => $password_hash, diff --git a/manifests/database/ssl_configuration.pp b/manifests/database/ssl_configuration.pp index 1e8e6c0b..024e43ac 100644 --- a/manifests/database/ssl_configuration.pp +++ b/manifests/database/ssl_configuration.pp @@ -2,16 +2,16 @@ # # @api private class puppetdb::database::ssl_configuration ( - $database_name = $puppetdb::params::database_name, - $database_username = $puppetdb::params::database_username, - $read_database_username = $puppetdb::params::read_database_username, - $read_database_host = $puppetdb::params::read_database_host, - $puppetdb_server = $puppetdb::params::puppetdb_server, - $postgresql_ssl_key_path = $puppetdb::params::postgresql_ssl_key_path, - $postgresql_ssl_cert_path = $puppetdb::params::postgresql_ssl_cert_path, - $postgresql_ssl_ca_cert_path = $puppetdb::params::postgresql_ssl_ca_cert_path, - $postgres_version = $puppetdb::params::postgres_version, - $create_read_user_rule = false, + String[1] $database_name = $puppetdb::params::database_name, + String[1] $database_username = $puppetdb::params::database_username, + String[1] $read_database_username = $puppetdb::params::read_database_username, + Optional[Stdlib::Host] $read_database_host = $puppetdb::params::read_database_host, + String[1] $puppetdb_server = $puppetdb::params::puppetdb_server, + Stdlib::Absolutepath $postgresql_ssl_key_path = $puppetdb::params::postgresql_ssl_key_path, + Stdlib::Absolutepath $postgresql_ssl_cert_path = $puppetdb::params::postgresql_ssl_cert_path, + Stdlib::Absolutepath $postgresql_ssl_ca_cert_path = $puppetdb::params::postgresql_ssl_ca_cert_path, + String[2,3] $postgres_version = $puppetdb::params::postgres_version, + Boolean $create_read_user_rule = false, ) inherits puppetdb::params { File { ensure => present, diff --git a/manifests/globals.pp b/manifests/globals.pp index 581b1673..08653bd8 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -8,7 +8,7 @@ # Puppet's config directory. Defaults to `/etc/puppetlabs/puppet`. # class puppetdb::globals ( - $version = 'present', + String[1] $version = 'present', Stdlib::Absolutepath $puppet_confdir = $settings::confdir, ) { if !(fact('os.family') in ['RedHat', 'Suse', 'Archlinux', 'Debian', 'OpenBSD', 'FreeBSD']) { diff --git a/manifests/init.pp b/manifests/init.pp index af32b4ed..35e9aafa 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -346,89 +346,89 @@ # PostgreSQL password authentication method, either `md5` or `scram-sha-256` # class puppetdb ( - $listen_address = $puppetdb::params::listen_address, - $listen_port = $puppetdb::params::listen_port, - $disable_cleartext = $puppetdb::params::disable_cleartext, - $open_listen_port = $puppetdb::params::open_listen_port, - $ssl_listen_address = $puppetdb::params::ssl_listen_address, - $ssl_listen_port = $puppetdb::params::ssl_listen_port, - $disable_ssl = $puppetdb::params::disable_ssl, - $open_ssl_listen_port = $puppetdb::params::open_ssl_listen_port, - $ssl_dir = $puppetdb::params::ssl_dir, - $ssl_set_cert_paths = $puppetdb::params::ssl_set_cert_paths, - $ssl_cert_path = $puppetdb::params::ssl_cert_path, - $ssl_key_path = $puppetdb::params::ssl_key_path, - $ssl_key_pk8_path = $puppetdb::params::ssl_key_pk8_path, - $ssl_ca_cert_path = $puppetdb::params::ssl_ca_cert_path, - $ssl_deploy_certs = $puppetdb::params::ssl_deploy_certs, - $ssl_key = $puppetdb::params::ssl_key, - $ssl_cert = $puppetdb::params::ssl_cert, - $ssl_ca_cert = $puppetdb::params::ssl_ca_cert, - $ssl_protocols = $puppetdb::params::ssl_protocols, - $postgresql_ssl_on = $puppetdb::params::postgresql_ssl_on, - $postgresql_ssl_folder = $puppetdb::params::postgresql_ssl_folder, - $postgresql_ssl_cert_path = $puppetdb::params::postgresql_ssl_cert_path, - $postgresql_ssl_key_path = $puppetdb::params::postgresql_ssl_key_path, - $postgresql_ssl_ca_cert_path = $puppetdb::params::postgresql_ssl_ca_cert_path, - $cipher_suites = $puppetdb::params::cipher_suites, - $migrate = $puppetdb::params::migrate, - $manage_dbserver = $puppetdb::params::manage_dbserver, - $manage_database = $puppetdb::params::manage_database, - $manage_package_repo = $puppetdb::params::manage_pg_repo, - $postgres_version = $puppetdb::params::postgres_version, - $database_host = $puppetdb::params::database_host, - $database_port = $puppetdb::params::database_port, - $database_username = $puppetdb::params::database_username, - Variant[String[1], Sensitive[String[1]]] $database_password = $puppetdb::params::database_password, - $database_name = $puppetdb::params::database_name, - $manage_db_password = $puppetdb::params::manage_db_password, - $jdbc_ssl_properties = $puppetdb::params::jdbc_ssl_properties, - $database_listen_address = $puppetdb::params::postgres_listen_addresses, - $database_validate = $puppetdb::params::database_validate, - $node_ttl = $puppetdb::params::node_ttl, - $node_purge_ttl = $puppetdb::params::node_purge_ttl, - $report_ttl = $puppetdb::params::report_ttl, - Optional[Array] $facts_blacklist = $puppetdb::params::facts_blacklist, - $gc_interval = $puppetdb::params::gc_interval, - $node_purge_gc_batch_limit = $puppetdb::params::node_purge_gc_batch_limit, - $conn_max_age = $puppetdb::params::conn_max_age, - $conn_lifetime = $puppetdb::params::conn_lifetime, - $puppetdb_package = $puppetdb::params::puppetdb_package, - $puppetdb_service = $puppetdb::params::puppetdb_service, - $puppetdb_service_status = $puppetdb::params::puppetdb_service_status, - $puppetdb_user = $puppetdb::params::puppetdb_user, - $puppetdb_group = $puppetdb::params::puppetdb_group, - $puppetdb_server = $puppetdb::params::puppetdb_server, - $read_database_host = $puppetdb::params::read_database_host, - $read_database_port = $puppetdb::params::read_database_port, - $read_database_username = $puppetdb::params::read_database_username, - Variant[String[1], Sensitive[String[1]]] $read_database_password = $puppetdb::params::read_database_password, - $read_database_name = $puppetdb::params::read_database_name, - $manage_read_db_password = $puppetdb::params::manage_read_db_password, - $read_database_jdbc_ssl_properties = $puppetdb::params::read_database_jdbc_ssl_properties, - $read_database_validate = $puppetdb::params::read_database_validate, - $read_conn_max_age = $puppetdb::params::read_conn_max_age, - $read_conn_lifetime = $puppetdb::params::read_conn_lifetime, - $confdir = $puppetdb::params::confdir, - $vardir = $puppetdb::params::vardir, - $manage_firewall = $puppetdb::params::manage_firewall, - $java_args = $puppetdb::params::java_args, - $merge_default_java_args = $puppetdb::params::merge_default_java_args, - $max_threads = $puppetdb::params::max_threads, - $command_threads = $puppetdb::params::command_threads, - $concurrent_writes = $puppetdb::params::concurrent_writes, - $store_usage = $puppetdb::params::store_usage, - $temp_usage = $puppetdb::params::temp_usage, - $disable_update_checking = $puppetdb::params::disable_update_checking, - $certificate_whitelist_file = $puppetdb::params::certificate_whitelist_file, - $certificate_whitelist = $puppetdb::params::certificate_whitelist, - $database_max_pool_size = $puppetdb::params::database_max_pool_size, - $read_database_max_pool_size = $puppetdb::params::read_database_max_pool_size, - Boolean $automatic_dlo_cleanup = $puppetdb::params::automatic_dlo_cleanup, - String[1] $cleanup_timer_interval = $puppetdb::params::cleanup_timer_interval, - Integer[1] $dlo_max_age = $puppetdb::params::dlo_max_age, - Postgresql::Pg_password_encryption $postgresql_password_encryption = $puppetdb::params::password_encryption, - Optional[Stdlib::Absolutepath] $java_bin = $puppetdb::params::java_bin, + Stdlib::Host $listen_address = $puppetdb::params::listen_address, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $listen_port = $puppetdb::params::listen_port, + Boolean $disable_cleartext = $puppetdb::params::disable_cleartext, + Boolean $open_listen_port = $puppetdb::params::open_listen_port, + Stdlib::Host $ssl_listen_address = $puppetdb::params::ssl_listen_address, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $ssl_listen_port = $puppetdb::params::ssl_listen_port, + Boolean $disable_ssl = $puppetdb::params::disable_ssl, + Boolean $open_ssl_listen_port = $puppetdb::params::open_ssl_listen_port, + Stdlib::Absolutepath $ssl_dir = $puppetdb::params::ssl_dir, + Boolean $ssl_set_cert_paths = $puppetdb::params::ssl_set_cert_paths, + Stdlib::Absolutepath $ssl_cert_path = $puppetdb::params::ssl_cert_path, + Stdlib::Absolutepath $ssl_key_path = $puppetdb::params::ssl_key_path, + Stdlib::Absolutepath $ssl_key_pk8_path = $puppetdb::params::ssl_key_pk8_path, + Stdlib::Absolutepath $ssl_ca_cert_path = $puppetdb::params::ssl_ca_cert_path, + Boolean $ssl_deploy_certs = $puppetdb::params::ssl_deploy_certs, + Optional[String[1]] $ssl_key = $puppetdb::params::ssl_key, + Optional[String[1]] $ssl_cert = $puppetdb::params::ssl_cert, + Optional[String[1]] $ssl_ca_cert = $puppetdb::params::ssl_ca_cert, + Optional[String[1]] $ssl_protocols = $puppetdb::params::ssl_protocols, + Boolean $postgresql_ssl_on = $puppetdb::params::postgresql_ssl_on, + Stdlib::Absolutepath $postgresql_ssl_folder = $puppetdb::params::postgresql_ssl_folder, + Stdlib::Absolutepath $postgresql_ssl_cert_path = $puppetdb::params::postgresql_ssl_cert_path, + Stdlib::Absolutepath $postgresql_ssl_key_path = $puppetdb::params::postgresql_ssl_key_path, + Stdlib::Absolutepath $postgresql_ssl_ca_cert_path = $puppetdb::params::postgresql_ssl_ca_cert_path, + Optional[String[1]] $cipher_suites = $puppetdb::params::cipher_suites, + Boolean $migrate = $puppetdb::params::migrate, + Boolean $manage_dbserver = $puppetdb::params::manage_dbserver, + Boolean $manage_database = $puppetdb::params::manage_database, + Boolean $manage_package_repo = $puppetdb::params::manage_pg_repo, + String[2,3] $postgres_version = $puppetdb::params::postgres_version, + Stdlib::Host $database_host = $puppetdb::params::database_host, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $database_port = $puppetdb::params::database_port, + String[1] $database_username = $puppetdb::params::database_username, + Variant[String[1], Sensitive[String[1]]] $database_password = $puppetdb::params::database_password, + String[1] $database_name = $puppetdb::params::database_name, + Boolean $manage_db_password = $puppetdb::params::manage_db_password, + Variant[String[0], Boolean[false]] $jdbc_ssl_properties = $puppetdb::params::jdbc_ssl_properties, + String[1] $database_listen_address = $puppetdb::params::postgres_listen_addresses, + Boolean $database_validate = $puppetdb::params::database_validate, + Pattern[/\A[0-9dhms]+\Z/] $node_ttl = $puppetdb::params::node_ttl, + Pattern[/\A[0-9dhms]+\Z/] $node_purge_ttl = $puppetdb::params::node_purge_ttl, + Pattern[/\A[0-9dhms]+\Z/] $report_ttl = $puppetdb::params::report_ttl, + Optional[Array] $facts_blacklist = $puppetdb::params::facts_blacklist, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $gc_interval = $puppetdb::params::gc_interval, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $node_purge_gc_batch_limit = $puppetdb::params::node_purge_gc_batch_limit, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $conn_max_age = $puppetdb::params::conn_max_age, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $conn_lifetime = $puppetdb::params::conn_lifetime, + String[1] $puppetdb_package = $puppetdb::params::puppetdb_package, + String[1] $puppetdb_service = $puppetdb::params::puppetdb_service, + Enum['running', 'true', 'stopped', 'false'] $puppetdb_service_status = $puppetdb::params::puppetdb_service_status, + String[1] $puppetdb_user = $puppetdb::params::puppetdb_user, + String[1] $puppetdb_group = $puppetdb::params::puppetdb_group, + Stdlib::Host $puppetdb_server = $puppetdb::params::puppetdb_server, + Optional[Stdlib::Host] $read_database_host = $puppetdb::params::read_database_host, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $read_database_port = $puppetdb::params::read_database_port, + String[1] $read_database_username = $puppetdb::params::read_database_username, + Variant[String[1], Sensitive[String[1]]] $read_database_password = $puppetdb::params::read_database_password, + String[1] $read_database_name = $puppetdb::params::read_database_name, + Boolean $manage_read_db_password = $puppetdb::params::manage_read_db_password, + Variant[String[0], Boolean[false]] $read_database_jdbc_ssl_properties = $puppetdb::params::read_database_jdbc_ssl_properties, + Boolean $read_database_validate = $puppetdb::params::read_database_validate, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $read_conn_max_age = $puppetdb::params::read_conn_max_age, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $read_conn_lifetime = $puppetdb::params::read_conn_lifetime, + Stdlib::Absolutepath $confdir = $puppetdb::params::confdir, + Stdlib::Absolutepath $vardir = $puppetdb::params::vardir, + Boolean $manage_firewall = $puppetdb::params::manage_firewall, + Hash $java_args = $puppetdb::params::java_args, + Boolean $merge_default_java_args = $puppetdb::params::merge_default_java_args, + Optional[Integer[0]] $max_threads = $puppetdb::params::max_threads, + Optional[Integer[0]] $command_threads = $puppetdb::params::command_threads, + Optional[Integer[0]] $concurrent_writes = $puppetdb::params::concurrent_writes, + Optional[Integer[0]] $store_usage = $puppetdb::params::store_usage, + Optional[Integer[0]] $temp_usage = $puppetdb::params::temp_usage, + Optional[Boolean] $disable_update_checking = $puppetdb::params::disable_update_checking, + Stdlib::Absolutepath $certificate_whitelist_file = $puppetdb::params::certificate_whitelist_file, + Array $certificate_whitelist = $puppetdb::params::certificate_whitelist, + Optional[Variant[Integer[0], Enum['absent'], Pattern[/\A[0-9]+\Z/]]] $database_max_pool_size = $puppetdb::params::database_max_pool_size, + Optional[Variant[Integer[0], Enum['absent'], Pattern[/\A[0-9]+\Z/]]] $read_database_max_pool_size = $puppetdb::params::read_database_max_pool_size, + Boolean $automatic_dlo_cleanup = $puppetdb::params::automatic_dlo_cleanup, + String[1] $cleanup_timer_interval = $puppetdb::params::cleanup_timer_interval, + Integer[1] $dlo_max_age = $puppetdb::params::dlo_max_age, + Postgresql::Pg_password_encryption $postgresql_password_encryption = $puppetdb::params::password_encryption, + Optional[Stdlib::Absolutepath] $java_bin = $puppetdb::params::java_bin, ) inherits puppetdb::params { class { 'puppetdb::server': listen_address => $listen_address, diff --git a/manifests/master/config.pp b/manifests/master/config.pp index d29f83f4..2483448f 100644 --- a/manifests/master/config.pp +++ b/manifests/master/config.pp @@ -77,7 +77,7 @@ # # @param puppetdb_startup_timeout # The maximum amount of time that the module should wait for PuppetDB to start up. -# This is most important during the initial install of PuppetDB (defaults to 15 +# This is most important during the initial install of PuppetDB (defaults to 120 # seconds). # # @param test_url @@ -90,35 +90,35 @@ # files (other than `puppet.conf`). # class puppetdb::master::config ( - $puppetdb_server = fact('networking.fqdn'), - $puppetdb_port = defined(Class['puppetdb']) ? { + Stdlib::Host $puppetdb_server = fact('networking.fqdn'), + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $puppetdb_port = defined(Class['puppetdb']) ? { true => $puppetdb::disable_ssl ? { true => 8080, default => 8081, }, default => 8081, }, - $puppetdb_disable_ssl = defined(Class['puppetdb']) ? { + Boolean $puppetdb_disable_ssl = defined(Class['puppetdb']) ? { true => $puppetdb::disable_ssl, default => false, }, - $masterless = $puppetdb::params::masterless, - $puppetdb_soft_write_failure = false, - $manage_routes = true, - $manage_storeconfigs = true, - $enable_storeconfigs = true, - $manage_report_processor = false, - $manage_config = true, - $create_puppet_service_resource = true, - $strict_validation = true, - $enable_reports = false, - $puppet_confdir = $puppetdb::params::puppet_confdir, - $puppet_conf = $puppetdb::params::puppet_conf, - $terminus_package = $puppetdb::params::terminus_package, - $puppet_service_name = $puppetdb::params::puppet_service_name, - $puppetdb_startup_timeout = $puppetdb::params::puppetdb_startup_timeout, - $test_url = $puppetdb::params::test_url, - $restart_puppet = true, + Boolean $masterless = $puppetdb::params::masterless, + Boolean $puppetdb_soft_write_failure = false, + Boolean $manage_routes = true, + Boolean $manage_storeconfigs = true, + Boolean $enable_storeconfigs = true, + Boolean $manage_report_processor = false, + Boolean $manage_config = true, + Boolean $create_puppet_service_resource = true, + Boolean $strict_validation = true, + Boolean $enable_reports = false, + Stdlib::Absolutepath $puppet_confdir = $puppetdb::params::puppet_confdir, + Stdlib::Absolutepath $puppet_conf = $puppetdb::params::puppet_conf, + String[1] $terminus_package = $puppetdb::params::terminus_package, + String[1] $puppet_service_name = $puppetdb::params::puppet_service_name, + Integer[0] $puppetdb_startup_timeout = $puppetdb::params::puppetdb_startup_timeout, + String[1] $test_url = $puppetdb::params::test_url, + Boolean $restart_puppet = true, ) inherits puppetdb::params { # **WARNING**: Ugly hack to work around a yum bug with metadata parsing. This # should not be copied, replicated or even looked at. In short, never rename diff --git a/manifests/master/puppetdb_conf.pp b/manifests/master/puppetdb_conf.pp index 999529e4..76baa221 100644 --- a/manifests/master/puppetdb_conf.pp +++ b/manifests/master/puppetdb_conf.pp @@ -2,14 +2,14 @@ # # @api private class puppetdb::master::puppetdb_conf ( - $server = 'localhost', - $port = '8081', - $soft_write_failure = $puppetdb::disable_ssl ? { + Stdlib::Host $server = 'localhost', + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $port = '8081', + Stdlib::Absolutepath $puppet_confdir = $puppetdb::params::puppet_confdir, + Boolean $soft_write_failure = $puppetdb::disable_ssl ? { true => true, default => false, }, - $puppet_confdir = $puppetdb::params::puppet_confdir, - $legacy_terminus = $puppetdb::params::terminus_package ? { + Boolean $legacy_terminus = $puppetdb::params::terminus_package ? { /(puppetdb-terminus)/ => true, default => false, }, diff --git a/manifests/master/report_processor.pp b/manifests/master/report_processor.pp index c715c109..b49a553c 100644 --- a/manifests/master/report_processor.pp +++ b/manifests/master/report_processor.pp @@ -2,9 +2,9 @@ # # @api private class puppetdb::master::report_processor ( - $puppet_conf = $puppetdb::params::puppet_conf, - $masterless = $puppetdb::params::masterless, - $enable = false + Stdlib::Absolutepath $puppet_conf = $puppetdb::params::puppet_conf, + Boolean $masterless = $puppetdb::params::masterless, + Boolean $enable = false ) inherits puppetdb::params { if $masterless { $puppet_conf_section = 'main' diff --git a/manifests/master/routes.pp b/manifests/master/routes.pp index 4fd5eeb5..e71af317 100644 --- a/manifests/master/routes.pp +++ b/manifests/master/routes.pp @@ -2,9 +2,9 @@ # # @api private class puppetdb::master::routes ( - $puppet_confdir = $puppetdb::params::puppet_confdir, - $masterless = $puppetdb::params::masterless, - $routes = undef, + Stdlib::Absolutepath $puppet_confdir = $puppetdb::params::puppet_confdir, + Boolean $masterless = $puppetdb::params::masterless, + Optional[Hash] $routes = undef, ) inherits puppetdb::params { if $masterless { $routes_real = { diff --git a/manifests/master/storeconfigs.pp b/manifests/master/storeconfigs.pp index b22f24be..9f4b0a18 100644 --- a/manifests/master/storeconfigs.pp +++ b/manifests/master/storeconfigs.pp @@ -2,9 +2,9 @@ # # @api private class puppetdb::master::storeconfigs ( - $puppet_conf = $puppetdb::params::puppet_conf, - $masterless = $puppetdb::params::masterless, - $enable = true, + Stdlib::Absolutepath $puppet_conf = $puppetdb::params::puppet_conf, + Boolean $masterless = $puppetdb::params::masterless, + Boolean $enable = true, ) inherits puppetdb::params { if $masterless { $puppet_conf_section = 'main' diff --git a/manifests/params.pp b/manifests/params.pp index 5f19dfd0..d0cc271f 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -11,7 +11,7 @@ $ssl_protocols = undef $disable_ssl = false $cipher_suites = undef - $open_ssl_listen_port = undef + $open_ssl_listen_port = false $postgres_listen_addresses = 'localhost' $puppetdb_version = $puppetdb::globals::version diff --git a/manifests/server.pp b/manifests/server.pp index e6a708d3..877b65f8 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -311,79 +311,79 @@ # java binary path for PuppetDB. If undef, default will be used. # class puppetdb::server ( - $listen_address = $puppetdb::params::listen_address, - $listen_port = $puppetdb::params::listen_port, - $disable_cleartext = $puppetdb::params::disable_cleartext, - $open_listen_port = $puppetdb::params::open_listen_port, - $ssl_listen_address = $puppetdb::params::ssl_listen_address, - $ssl_listen_port = $puppetdb::params::ssl_listen_port, - $disable_ssl = $puppetdb::params::disable_ssl, - $open_ssl_listen_port = $puppetdb::params::open_ssl_listen_port, - Stdlib::Absolutepath $ssl_dir = $puppetdb::params::ssl_dir, - Boolean $ssl_set_cert_paths = $puppetdb::params::ssl_set_cert_paths, - Stdlib::Absolutepath $ssl_cert_path = $puppetdb::params::ssl_cert_path, - Stdlib::Absolutepath $ssl_key_path = $puppetdb::params::ssl_key_path, - Stdlib::Absolutepath $ssl_key_pk8_path = $puppetdb::params::ssl_key_pk8_path, - Stdlib::Absolutepath $ssl_ca_cert_path = $puppetdb::params::ssl_ca_cert_path, - Boolean $ssl_deploy_certs = $puppetdb::params::ssl_deploy_certs, - $ssl_key = $puppetdb::params::ssl_key, - $ssl_cert = $puppetdb::params::ssl_cert, - $ssl_ca_cert = $puppetdb::params::ssl_ca_cert, - $ssl_protocols = $puppetdb::params::ssl_protocols, - $postgresql_ssl_on = $puppetdb::params::postgresql_ssl_on, - $cipher_suites = $puppetdb::params::cipher_suites, - $migrate = $puppetdb::params::migrate, - $database_host = $puppetdb::params::database_host, - $database_port = $puppetdb::params::database_port, - $database_username = $puppetdb::params::database_username, - Variant[String[1], Sensitive[String[1]]] $database_password = $puppetdb::params::database_password, - $database_name = $puppetdb::params::database_name, - $manage_db_password = $puppetdb::params::manage_db_password, - $jdbc_ssl_properties = $puppetdb::params::jdbc_ssl_properties, - $database_validate = $puppetdb::params::database_validate, - $node_ttl = $puppetdb::params::node_ttl, - $node_purge_ttl = $puppetdb::params::node_purge_ttl, - $report_ttl = $puppetdb::params::report_ttl, - Optional[Array] $facts_blacklist = $puppetdb::params::facts_blacklist, - $gc_interval = $puppetdb::params::gc_interval, - $node_purge_gc_batch_limit = $puppetdb::params::node_purge_gc_batch_limit, - $conn_max_age = $puppetdb::params::conn_max_age, - $conn_lifetime = $puppetdb::params::conn_lifetime, - $puppetdb_package = $puppetdb::params::puppetdb_package, - $puppetdb_service = $puppetdb::params::puppetdb_service, - $puppetdb_service_status = $puppetdb::params::puppetdb_service_status, - $puppetdb_user = $puppetdb::params::puppetdb_user, - $puppetdb_group = $puppetdb::params::puppetdb_group, - $read_database_host = $puppetdb::params::read_database_host, - $read_database_port = $puppetdb::params::read_database_port, - $read_database_username = $puppetdb::params::read_database_username, - Variant[String[1], Sensitive[String[1]]] $read_database_password = $puppetdb::params::read_database_password, - $read_database_name = $puppetdb::params::read_database_name, - $manage_read_db_password = $puppetdb::params::manage_read_db_password, - $read_database_jdbc_ssl_properties = $puppetdb::params::read_database_jdbc_ssl_properties, - $read_database_validate = $puppetdb::params::read_database_validate, - $read_conn_max_age = $puppetdb::params::read_conn_max_age, - $read_conn_lifetime = $puppetdb::params::read_conn_lifetime, - $confdir = $puppetdb::params::confdir, - $vardir = $puppetdb::params::vardir, - $manage_firewall = $puppetdb::params::manage_firewall, - $manage_database = $puppetdb::params::manage_database, - $java_args = $puppetdb::params::java_args, - $merge_default_java_args = $puppetdb::params::merge_default_java_args, - $max_threads = $puppetdb::params::max_threads, - $command_threads = $puppetdb::params::command_threads, - $concurrent_writes = $puppetdb::params::concurrent_writes, - $store_usage = $puppetdb::params::store_usage, - $temp_usage = $puppetdb::params::temp_usage, - $disable_update_checking = $puppetdb::params::disable_update_checking, - $certificate_whitelist_file = $puppetdb::params::certificate_whitelist_file, - $certificate_whitelist = $puppetdb::params::certificate_whitelist, - $database_max_pool_size = $puppetdb::params::database_max_pool_size, - $read_database_max_pool_size = $puppetdb::params::read_database_max_pool_size, - Boolean $automatic_dlo_cleanup = $puppetdb::params::automatic_dlo_cleanup, - String[1] $cleanup_timer_interval = $puppetdb::params::cleanup_timer_interval, - Integer[1] $dlo_max_age = $puppetdb::params::dlo_max_age, - Optional[Stdlib::Absolutepath] $java_bin = $puppetdb::params::java_bin, + Stdlib::Host $listen_address = $puppetdb::params::listen_address, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $listen_port = $puppetdb::params::listen_port, + Boolean $disable_cleartext = $puppetdb::params::disable_cleartext, + Boolean $open_listen_port = $puppetdb::params::open_listen_port, + Stdlib::Host $ssl_listen_address = $puppetdb::params::ssl_listen_address, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $ssl_listen_port = $puppetdb::params::ssl_listen_port, + Boolean $disable_ssl = $puppetdb::params::disable_ssl, + Boolean $open_ssl_listen_port = $puppetdb::params::open_ssl_listen_port, + Stdlib::Absolutepath $ssl_dir = $puppetdb::params::ssl_dir, + Boolean $ssl_set_cert_paths = $puppetdb::params::ssl_set_cert_paths, + Stdlib::Absolutepath $ssl_cert_path = $puppetdb::params::ssl_cert_path, + Stdlib::Absolutepath $ssl_key_path = $puppetdb::params::ssl_key_path, + Stdlib::Absolutepath $ssl_key_pk8_path = $puppetdb::params::ssl_key_pk8_path, + Stdlib::Absolutepath $ssl_ca_cert_path = $puppetdb::params::ssl_ca_cert_path, + Boolean $ssl_deploy_certs = $puppetdb::params::ssl_deploy_certs, + Optional[String[1]] $ssl_key = $puppetdb::params::ssl_key, + Optional[String[1]] $ssl_cert = $puppetdb::params::ssl_cert, + Optional[String[1]] $ssl_ca_cert = $puppetdb::params::ssl_ca_cert, + Optional[String[1]] $ssl_protocols = $puppetdb::params::ssl_protocols, + Boolean $postgresql_ssl_on = $puppetdb::params::postgresql_ssl_on, + Optional[String[1]] $cipher_suites = $puppetdb::params::cipher_suites, + Boolean $migrate = $puppetdb::params::migrate, + Stdlib::Host $database_host = $puppetdb::params::database_host, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $database_port = $puppetdb::params::database_port, + String[1] $database_username = $puppetdb::params::database_username, + Variant[String[1], Sensitive[String[1]]] $database_password = $puppetdb::params::database_password, + String[1] $database_name = $puppetdb::params::database_name, + Boolean $manage_db_password = $puppetdb::params::manage_db_password, + Variant[String[0], Boolean[false]] $jdbc_ssl_properties = $puppetdb::params::jdbc_ssl_properties, + Boolean $database_validate = $puppetdb::params::database_validate, + Pattern[/\A[0-9dhms]+\Z/] $node_ttl = $puppetdb::params::node_ttl, + Pattern[/\A[0-9dhms]+\Z/] $node_purge_ttl = $puppetdb::params::node_purge_ttl, + Pattern[/\A[0-9dhms]+\Z/] $report_ttl = $puppetdb::params::report_ttl, + Optional[Array] $facts_blacklist = $puppetdb::params::facts_blacklist, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $gc_interval = $puppetdb::params::gc_interval, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $node_purge_gc_batch_limit = $puppetdb::params::node_purge_gc_batch_limit, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $conn_max_age = $puppetdb::params::conn_max_age, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $conn_lifetime = $puppetdb::params::conn_lifetime, + String[1] $puppetdb_package = $puppetdb::params::puppetdb_package, + String[1] $puppetdb_service = $puppetdb::params::puppetdb_service, + Enum['running', 'true', 'stopped', 'false'] $puppetdb_service_status = $puppetdb::params::puppetdb_service_status, + String[1] $puppetdb_user = $puppetdb::params::puppetdb_user, + String[1] $puppetdb_group = $puppetdb::params::puppetdb_group, + Optional[Stdlib::Host] $read_database_host = $puppetdb::params::read_database_host, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $read_database_port = $puppetdb::params::read_database_port, + String[1] $read_database_username = $puppetdb::params::read_database_username, + Variant[String[1], Sensitive[String[1]]] $read_database_password = $puppetdb::params::read_database_password, + String[1] $read_database_name = $puppetdb::params::read_database_name, + Boolean $manage_read_db_password = $puppetdb::params::manage_read_db_password, + Variant[String[0], Boolean[false]] $read_database_jdbc_ssl_properties = $puppetdb::params::read_database_jdbc_ssl_properties, + Boolean $read_database_validate = $puppetdb::params::read_database_validate, + Variant[Integer, Pattern[/\A[0-9]+\Z/]] $read_conn_max_age = $puppetdb::params::read_conn_max_age, + Variant[Integer, Pattern[/\A[0-9]+\Z/]] $read_conn_lifetime = $puppetdb::params::read_conn_lifetime, + Stdlib::Absolutepath $confdir = $puppetdb::params::confdir, + Stdlib::Absolutepath $vardir = $puppetdb::params::vardir, + Boolean $manage_firewall = $puppetdb::params::manage_firewall, + Boolean $manage_database = $puppetdb::params::manage_database, + Hash $java_args = $puppetdb::params::java_args, + Boolean $merge_default_java_args = $puppetdb::params::merge_default_java_args, + Optional[Integer[0]] $max_threads = $puppetdb::params::max_threads, + Optional[Integer[0]] $command_threads = $puppetdb::params::command_threads, + Optional[Integer[0]] $concurrent_writes = $puppetdb::params::concurrent_writes, + Optional[Integer[0]] $store_usage = $puppetdb::params::store_usage, + Optional[Integer[0]] $temp_usage = $puppetdb::params::temp_usage, + Optional[Boolean] $disable_update_checking = $puppetdb::params::disable_update_checking, + Stdlib::Absolutepath $certificate_whitelist_file = $puppetdb::params::certificate_whitelist_file, + Array $certificate_whitelist = $puppetdb::params::certificate_whitelist, + Optional[Variant[Integer[0], Enum['absent'], Pattern[/\A[0-9]+\Z/]]] $database_max_pool_size = $puppetdb::params::database_max_pool_size, + Optional[Variant[Integer[0], Enum['absent'], Pattern[/\A[0-9]+\Z/]]] $read_database_max_pool_size = $puppetdb::params::read_database_max_pool_size, + Boolean $automatic_dlo_cleanup = $puppetdb::params::automatic_dlo_cleanup, + String[1] $cleanup_timer_interval = $puppetdb::params::cleanup_timer_interval, + Integer[1] $dlo_max_age = $puppetdb::params::dlo_max_age, + Optional[Stdlib::Absolutepath] $java_bin = $puppetdb::params::java_bin, ) inherits puppetdb::params { # Apply necessary suffix if zero is specified. # Can we drop this in the next major release? diff --git a/manifests/server/command_processing.pp b/manifests/server/command_processing.pp index 9b4d0137..8643dbf3 100644 --- a/manifests/server/command_processing.pp +++ b/manifests/server/command_processing.pp @@ -2,11 +2,11 @@ # # @api private class puppetdb::server::command_processing ( - $command_threads = $puppetdb::params::command_threads, - $concurrent_writes = $puppetdb::params::concurrent_writes, - $store_usage = $puppetdb::params::store_usage, - $temp_usage = $puppetdb::params::temp_usage, - $confdir = $puppetdb::params::confdir, + Stdlib::Absolutepath $confdir = $puppetdb::params::confdir, + Optional[Integer[0]] $command_threads = $puppetdb::params::command_threads, + Optional[Integer[0]] $concurrent_writes = $puppetdb::params::concurrent_writes, + Optional[Integer[0]] $store_usage = $puppetdb::params::store_usage, + Optional[Integer[0]] $temp_usage = $puppetdb::params::temp_usage, ) inherits puppetdb::params { $config_ini = "${confdir}/config.ini" diff --git a/manifests/server/database.pp b/manifests/server/database.pp index 2b8e19ef..dab941ec 100644 --- a/manifests/server/database.pp +++ b/manifests/server/database.pp @@ -2,30 +2,30 @@ # # @api private class puppetdb::server::database ( - $database_host = $puppetdb::params::database_host, - $database_port = $puppetdb::params::database_port, - $database_username = $puppetdb::params::database_username, - Variant[String[1], Sensitive[String[1]]] $database_password = $puppetdb::params::database_password, - $database_name = $puppetdb::params::database_name, - $manage_db_password = $puppetdb::params::manage_db_password, - $jdbc_ssl_properties = $puppetdb::params::jdbc_ssl_properties, - $database_validate = $puppetdb::params::database_validate, - $node_ttl = $puppetdb::params::node_ttl, - $node_purge_ttl = $puppetdb::params::node_purge_ttl, - $report_ttl = $puppetdb::params::report_ttl, - $facts_blacklist = $puppetdb::params::facts_blacklist, - $gc_interval = $puppetdb::params::gc_interval, - $node_purge_gc_batch_limit = $puppetdb::params::node_purge_gc_batch_limit, - $conn_max_age = $puppetdb::params::conn_max_age, - $conn_lifetime = $puppetdb::params::conn_lifetime, - $confdir = $puppetdb::params::confdir, - $puppetdb_group = $puppetdb::params::puppetdb_group, - $database_max_pool_size = $puppetdb::params::database_max_pool_size, - $migrate = $puppetdb::params::migrate, - $postgresql_ssl_on = $puppetdb::params::postgresql_ssl_on, - $ssl_cert_path = $puppetdb::params::ssl_cert_path, - $ssl_key_pk8_path = $puppetdb::params::ssl_key_pk8_path, - $ssl_ca_cert_path = $puppetdb::params::ssl_ca_cert_path + Stdlib::Host $database_host = $puppetdb::params::database_host, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $database_port = $puppetdb::params::database_port, + String[1] $database_username = $puppetdb::params::database_username, + Variant[String[1], Sensitive[String[1]]] $database_password = $puppetdb::params::database_password, + String[1] $database_name = $puppetdb::params::database_name, + Boolean $manage_db_password = $puppetdb::params::manage_db_password, + Variant[String[0], Boolean[false]] $jdbc_ssl_properties = $puppetdb::params::jdbc_ssl_properties, + Boolean $database_validate = $puppetdb::params::database_validate, + Pattern[/\A[0-9dhms]+\Z/] $node_ttl = $puppetdb::params::node_ttl, + Pattern[/\A[0-9dhms]+\Z/] $node_purge_ttl = $puppetdb::params::node_purge_ttl, + Pattern[/\A[0-9dhms]+\Z/] $report_ttl = $puppetdb::params::report_ttl, + Optional[Array] $facts_blacklist = $puppetdb::params::facts_blacklist, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $gc_interval = $puppetdb::params::gc_interval, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $node_purge_gc_batch_limit = $puppetdb::params::node_purge_gc_batch_limit, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $conn_max_age = $puppetdb::params::conn_max_age, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $conn_lifetime = $puppetdb::params::conn_lifetime, + Stdlib::Absolutepath $confdir = $puppetdb::params::confdir, + String[1] $puppetdb_group = $puppetdb::params::puppetdb_group, + Optional[Variant[Integer[0], Enum['absent'], Pattern[/\A[0-9]+\Z/]]] $database_max_pool_size = $puppetdb::params::database_max_pool_size, + Boolean $migrate = $puppetdb::params::migrate, + Boolean $postgresql_ssl_on = $puppetdb::params::postgresql_ssl_on, + Stdlib::Absolutepath $ssl_cert_path = $puppetdb::params::ssl_cert_path, + Stdlib::Absolutepath $ssl_key_pk8_path = $puppetdb::params::ssl_key_pk8_path, + Stdlib::Absolutepath $ssl_ca_cert_path = $puppetdb::params::ssl_ca_cert_path ) inherits puppetdb::params { if str2bool($database_validate) { # Validate the database connection. If we can't connect, we want to fail diff --git a/manifests/server/firewall.pp b/manifests/server/firewall.pp index 4330e053..982452e8 100644 --- a/manifests/server/firewall.pp +++ b/manifests/server/firewall.pp @@ -2,10 +2,10 @@ # # @api private class puppetdb::server::firewall ( - $http_port = $puppetdb::params::listen_port, - $open_http_port = $puppetdb::params::open_listen_port, - $ssl_port = $puppetdb::params::ssl_listen_port, - $open_ssl_port = $puppetdb::params::open_ssl_listen_port, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $http_port = $puppetdb::params::listen_port, + Boolean $open_http_port = $puppetdb::params::open_listen_port, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $ssl_port = $puppetdb::params::ssl_listen_port, + Boolean $open_ssl_port = $puppetdb::params::open_ssl_listen_port, ) inherits puppetdb::params { include firewall diff --git a/manifests/server/global.pp b/manifests/server/global.pp index 9e7cb2ca..f8d34202 100644 --- a/manifests/server/global.pp +++ b/manifests/server/global.pp @@ -2,9 +2,9 @@ # # @api private class puppetdb::server::global ( - $vardir = $puppetdb::params::vardir, - $confdir = $puppetdb::params::confdir, - $puppetdb_group = $puppetdb::params::puppetdb_group, + Stdlib::Absolutepath $vardir = $puppetdb::params::vardir, + Stdlib::Absolutepath $confdir = $puppetdb::params::confdir, + String[1] $puppetdb_group = $puppetdb::params::puppetdb_group, ) inherits puppetdb::params { $config_ini = "${confdir}/config.ini" diff --git a/manifests/server/jetty.pp b/manifests/server/jetty.pp index 9a4bbb47..b1e5a856 100644 --- a/manifests/server/jetty.pp +++ b/manifests/server/jetty.pp @@ -2,21 +2,21 @@ # # @api private class puppetdb::server::jetty ( - $listen_address = $puppetdb::params::listen_address, - $listen_port = $puppetdb::params::listen_port, - $disable_cleartext = $puppetdb::params::disable_cleartext, - $ssl_listen_address = $puppetdb::params::ssl_listen_address, - $ssl_listen_port = $puppetdb::params::ssl_listen_port, - $disable_ssl = $puppetdb::params::disable_ssl, - Boolean $ssl_set_cert_paths = $puppetdb::params::ssl_set_cert_paths, - $ssl_cert_path = $puppetdb::params::ssl_cert_path, - $ssl_key_path = $puppetdb::params::ssl_key_path, - $ssl_ca_cert_path = $puppetdb::params::ssl_ca_cert_path, - Optional[String] $ssl_protocols = $puppetdb::params::ssl_protocols, - Optional[String] $cipher_suites = $puppetdb::params::cipher_suites, - $confdir = $puppetdb::params::confdir, - $max_threads = $puppetdb::params::max_threads, - $puppetdb_group = $puppetdb::params::puppetdb_group, + Stdlib::Host $listen_address = $puppetdb::params::listen_address, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $listen_port = $puppetdb::params::listen_port, + Boolean $disable_cleartext = $puppetdb::params::disable_cleartext, + Stdlib::Host $ssl_listen_address = $puppetdb::params::ssl_listen_address, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $ssl_listen_port = $puppetdb::params::ssl_listen_port, + Boolean $disable_ssl = $puppetdb::params::disable_ssl, + Boolean $ssl_set_cert_paths = $puppetdb::params::ssl_set_cert_paths, + Stdlib::Absolutepath $ssl_cert_path = $puppetdb::params::ssl_cert_path, + Stdlib::Absolutepath $ssl_key_path = $puppetdb::params::ssl_key_path, + Stdlib::Absolutepath $ssl_ca_cert_path = $puppetdb::params::ssl_ca_cert_path, + Optional[String[1]] $ssl_protocols = $puppetdb::params::ssl_protocols, + Optional[String[1]] $cipher_suites = $puppetdb::params::cipher_suites, + Stdlib::Absolutepath $confdir = $puppetdb::params::confdir, + Optional[Integer[0]] $max_threads = $puppetdb::params::max_threads, + String[1] $puppetdb_group = $puppetdb::params::puppetdb_group, ) inherits puppetdb::params { $jetty_ini = "${confdir}/jetty.ini" diff --git a/manifests/server/puppetdb.pp b/manifests/server/puppetdb.pp index 001547df..54f7d003 100644 --- a/manifests/server/puppetdb.pp +++ b/manifests/server/puppetdb.pp @@ -2,11 +2,11 @@ # # @api private class puppetdb::server::puppetdb ( - $certificate_whitelist_file = $puppetdb::params::certificate_whitelist_file, - $certificate_whitelist = $puppetdb::params::certificate_whitelist, - $disable_update_checking = $puppetdb::params::disable_update_checking, - $confdir = $puppetdb::params::confdir, - $puppetdb_group = $puppetdb::params::puppetdb_group, + Stdlib::Absolutepath $certificate_whitelist_file = $puppetdb::params::certificate_whitelist_file, + Array $certificate_whitelist = $puppetdb::params::certificate_whitelist, + Optional[Boolean] $disable_update_checking = $puppetdb::params::disable_update_checking, + Stdlib::Absolutepath $confdir = $puppetdb::params::confdir, + String[1] $puppetdb_group = $puppetdb::params::puppetdb_group, ) inherits puppetdb::params { $puppetdb_ini = "${confdir}/puppetdb.ini" diff --git a/manifests/server/read_database.pp b/manifests/server/read_database.pp index 24a4cb8f..999fe061 100644 --- a/manifests/server/read_database.pp +++ b/manifests/server/read_database.pp @@ -2,23 +2,23 @@ # # @api private class puppetdb::server::read_database ( - $read_database_host = $puppetdb::params::read_database_host, - $read_database_port = $puppetdb::params::read_database_port, - $read_database_username = $puppetdb::params::read_database_username, - Variant[String[1], Sensitive[String[1]]] $read_database_password = $puppetdb::params::read_database_password, - $read_database_name = $puppetdb::params::read_database_name, - $manage_db_password = $puppetdb::params::manage_read_db_password, - $jdbc_ssl_properties = $puppetdb::params::read_database_jdbc_ssl_properties, - $database_validate = $puppetdb::params::read_database_validate, - $conn_max_age = $puppetdb::params::read_conn_max_age, - $conn_lifetime = $puppetdb::params::read_conn_lifetime, - $confdir = $puppetdb::params::confdir, - $puppetdb_group = $puppetdb::params::puppetdb_group, - $database_max_pool_size = $puppetdb::params::read_database_max_pool_size, - $postgresql_ssl_on = $puppetdb::params::postgresql_ssl_on, - $ssl_cert_path = $puppetdb::params::ssl_cert_path, - $ssl_key_pk8_path = $puppetdb::params::ssl_key_pk8_path, - $ssl_ca_cert_path = $puppetdb::params::ssl_ca_cert_path + Optional[Stdlib::Host] $read_database_host = $puppetdb::params::read_database_host, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $read_database_port = $puppetdb::params::read_database_port, + String[1] $read_database_username = $puppetdb::params::read_database_username, + Variant[String[1], Sensitive[String[1]]] $read_database_password = $puppetdb::params::read_database_password, + String[1] $read_database_name = $puppetdb::params::read_database_name, + Boolean $manage_db_password = $puppetdb::params::manage_read_db_password, + Variant[String[0], Boolean[false]] $jdbc_ssl_properties = $puppetdb::params::read_database_jdbc_ssl_properties, + Boolean $database_validate = $puppetdb::params::read_database_validate, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $conn_max_age = $puppetdb::params::read_conn_max_age, + Variant[Integer[0], Pattern[/\A[0-9]+\Z/]] $conn_lifetime = $puppetdb::params::read_conn_lifetime, + Stdlib::Absolutepath $confdir = $puppetdb::params::confdir, + String[1] $puppetdb_group = $puppetdb::params::puppetdb_group, + Optional[Variant[Integer[0], Enum['absent'], Pattern[/\A[0-9]+\Z/]]] $database_max_pool_size = $puppetdb::params::read_database_max_pool_size, + Boolean $postgresql_ssl_on = $puppetdb::params::postgresql_ssl_on, + Stdlib::Absolutepath $ssl_cert_path = $puppetdb::params::ssl_cert_path, + Stdlib::Absolutepath $ssl_key_pk8_path = $puppetdb::params::ssl_key_pk8_path, + Stdlib::Absolutepath $ssl_ca_cert_path = $puppetdb::params::ssl_ca_cert_path ) inherits puppetdb::params { if $read_database_host != undef { if str2bool($database_validate) { diff --git a/manifests/server/validate_db.pp b/manifests/server/validate_db.pp index 62cda9dc..466511ec 100644 --- a/manifests/server/validate_db.pp +++ b/manifests/server/validate_db.pp @@ -2,12 +2,12 @@ # # @api private class puppetdb::server::validate_db ( - $database_host = $puppetdb::params::database_host, - $database_port = $puppetdb::params::database_port, - $database_username = $puppetdb::params::database_username, - Variant[String[1], Sensitive[String[1]]] $database_password = $puppetdb::params::database_password, - $database_name = $puppetdb::params::database_name, - $jdbc_ssl_properties = $puppetdb::params::jdbc_ssl_properties, + Stdlib::Host $database_host = $puppetdb::params::database_host, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $database_port = $puppetdb::params::database_port, + String[1] $database_username = $puppetdb::params::database_username, + Variant[String[1], Sensitive[String[1]]] $database_password = $puppetdb::params::database_password, + String[1] $database_name = $puppetdb::params::database_name, + Variant[String[0], Boolean[false]] $jdbc_ssl_properties = $puppetdb::params::jdbc_ssl_properties, ) inherits puppetdb::params { if ($database_password != undef and $jdbc_ssl_properties == false) { postgresql_conn_validator { 'validate puppetdb postgres connection': diff --git a/manifests/server/validate_read_db.pp b/manifests/server/validate_read_db.pp index ef319e90..ef54e7cc 100644 --- a/manifests/server/validate_read_db.pp +++ b/manifests/server/validate_read_db.pp @@ -2,12 +2,12 @@ # # @api private class puppetdb::server::validate_read_db ( - $database_host = $puppetdb::params::database_host, - $database_port = $puppetdb::params::database_port, - $database_username = $puppetdb::params::database_username, - Variant[String[1], Sensitive[String[1]]] $database_password = $puppetdb::params::database_password, - $database_name = $puppetdb::params::database_name, - $jdbc_ssl_properties = $puppetdb::params::jdbc_ssl_properties, + Stdlib::Host $database_host = $puppetdb::params::database_host, + Variant[Stdlib::Port::User, Pattern[/\A[0-9]+\Z/]] $database_port = $puppetdb::params::database_port, + String[1] $database_username = $puppetdb::params::database_username, + Variant[String[1], Sensitive[String[1]]] $database_password = $puppetdb::params::database_password, + String[1] $database_name = $puppetdb::params::database_name, + Variant[String[0], Boolean[false]] $jdbc_ssl_properties = $puppetdb::params::jdbc_ssl_properties, ) inherits puppetdb::params { if ($database_password != undef and $jdbc_ssl_properties == false) { postgresql_conn_validator { 'validate puppetdb postgres (read) connection': diff --git a/spec/support/unit/shared/server.rb b/spec/support/unit/shared/server.rb index d15b4986..58db4509 100644 --- a/spec/support/unit/shared/server.rb +++ b/spec/support/unit/shared/server.rb @@ -6,7 +6,7 @@ http_port: '8080', open_http_port: false, ssl_port: '8081', - open_ssl_port: nil, + open_ssl_port: false, } end diff --git a/spec/unit/classes/init_spec.rb b/spec/unit/classes/init_spec.rb index 423b97af..f6ce41cd 100644 --- a/spec/unit/classes/init_spec.rb +++ b/spec/unit/classes/init_spec.rb @@ -87,7 +87,7 @@ class { 'postgresql::server': let(:params) do { postgresql_ssl_on: true, - puppetdb_server: 'puppetdb_host', + puppetdb_server: 'puppetdb.example.com', } end @@ -96,7 +96,7 @@ class { 'postgresql::server': is_expected.to contain_class('puppetdb::database::postgresql') .with( 'postgresql_ssl_on' => true, - 'puppetdb_server' => 'puppetdb_host', + 'puppetdb_server' => 'puppetdb.example.com', ) } end