Giuseppe Lavagetto has submitted this change and it was merged. ( https://gerrit.wikimedia.org/r/370445 )
Change subject: role::puppet_compiler: bind ssl to 0.0.0.0 ...................................................................... role::puppet_compiler: bind ssl to 0.0.0.0 * Install openjdk-8 * Bind the jetty app to listen on 0.0.0.0 * configure puppet to connect to puppetdb via the fqdn Change-Id: I3b27971660ffa5e0965ae53d77c73b5a9d836a99 --- M modules/puppet_compiler/manifests/init.pp M modules/puppetdb/manifests/app.pp 2 files changed, 20 insertions(+), 8 deletions(-) Approvals: Giuseppe Lavagetto: Looks good to me, approved jenkins-bot: Verified diff --git a/modules/puppet_compiler/manifests/init.pp b/modules/puppet_compiler/manifests/init.pp index af68ba2..0741787 100644 --- a/modules/puppet_compiler/manifests/init.pp +++ b/modules/puppet_compiler/manifests/init.pp @@ -94,16 +94,20 @@ rmdirs => true, } + + require_pacakge('openjdk-8-jdk') + # Add a puppetdb instance with a local database. class { 'puppetdb::app': db_driver => 'hsqldb', heap_size => '2G', db_rw_host => undef, perform_gc => true, + bind_ip => '0.0.0.0', } class { 'puppetmaster::puppetdb::client': - host => 'localhost', + host => $::fqdn, port => 8081, } } diff --git a/modules/puppetdb/manifests/app.pp b/modules/puppetdb/manifests/app.pp index 15b01c5..69a7a43 100644 --- a/modules/puppetdb/manifests/app.pp +++ b/modules/puppetdb/manifests/app.pp @@ -12,6 +12,7 @@ $db_password=undef, $perform_gc=false, $heap_size='4G', + $bind_ip=undef, ) { requires_os('debian >= jessie') @@ -98,15 +99,22 @@ group => 'puppetdb', } + $jetty_settings = { + 'port' => 8080, + 'ssl-port' => 8081, + 'ssl-key' => '/etc/puppetdb/ssl/server.key', + 'ssl-cert' => '/etc/puppetdb/ssl/cert.pem', + 'ssl-ca-cert' => $ca_path, + } + if $bind_ip { + $actual_jetty_settings = merge($jetty_settings, {'ssl-host' => $bind_ip}) + } + else { + $actual_jetty_settings = $jetty_settings + } puppetdb::config { 'jetty': - settings => { - 'port' => 8080, - 'ssl-port' => 8081, - 'ssl-key' => '/etc/puppetdb/ssl/server.key', - 'ssl-cert' => '/etc/puppetdb/ssl/cert.pem', - 'ssl-ca-cert' => $ca_path, - }, + settings => $actual_jetty_settings, require => Base::Expose_puppet_certs['/etc/puppetdb'], } -- To view, visit https://gerrit.wikimedia.org/r/370445 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I3b27971660ffa5e0965ae53d77c73b5a9d836a99 Gerrit-PatchSet: 2 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Giuseppe Lavagetto <glavage...@wikimedia.org> Gerrit-Reviewer: Giuseppe Lavagetto <glavage...@wikimedia.org> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits