Commit 7166e3af authored by Walter Heck's avatar Walter Heck

Merge branch 'fix/puppet_lint' into 'develop'

Fix/puppet lint



See merge request !6
parents e4a9a12c cfb0a879
......@@ -10,6 +10,7 @@ end
PuppetLint.configuration.send('disable_documentation')
PuppetLint.configuration.send('disable_80chars')
PuppetLint.configuration.send('disable_140chars')
PuppetSyntax.exclude_paths = [
"vendor/**/*.*",
......
class opstheater::profile::base::icinga {
Icinga2::Object::Host {
display_name => $::fqdn,
check_command => 'cluster-zone',
......@@ -15,5 +15,5 @@ class opstheater::profile::base::icinga {
remote_endpoint => $::fqdn
},
}
}
......@@ -4,13 +4,13 @@ class opstheater::profile::elasticsearch{
# resources required for elasticsearch
include ::java
include opstheater::profile::filebeat::elasticsearch
class { '::elasticsearch':
}
# load elasticsearch instance details fore hiera
$instances = hiera_hash('opstheater::profile::elasticsearch::instances', undef)
if $instances {
create_resources('elasticsearch::instance', $instances)
} else {
......@@ -24,7 +24,7 @@ class opstheater::profile::elasticsearch{
dport => '9200',
tag => 'opstheater',
}
@firewall { '200 allow elasticsearch 9300 access':
chain => 'INPUT',
jump => 'OPSTHEATER',
......@@ -32,5 +32,5 @@ class opstheater::profile::elasticsearch{
dport => '9300',
tag => 'opstheater',
}
}
......@@ -25,7 +25,7 @@ class opstheater::profile::firewall {
$ip_list.each | String $ip | {
firewall { "100 accept connections for ${ip}":
chain => 'OPSTHEATER',
action => 'accept'
action => 'accept',
proto => 'all',
source => $ip,
}
......@@ -34,7 +34,7 @@ class opstheater::profile::firewall {
Firewall <| tag == 'opstheater' |>
Firewall {
before => Class['opstheater::profile::firewall::pre']
before => Class['opstheater::profile::firewall::pre'],
require => Class['opstheater::profile::firewall::post']
}
......
......@@ -4,7 +4,7 @@ class opstheater::profile::firewall::pre {
require => undef,
}
# Default firewall rules
# Default firewall rules
firewall { '000 accept all icmp':
proto => 'icmp',
action => 'accept',
......
class opstheater::profile::foremanproxy {
# Class Defines
$foreman_fqdn = hiera('opstheater::foreman::fqdn')
$foreman_url = hiera('opstheater::foreman::url')
$nginx_ssl_cert = "/etc/nginx/ssl/${foreman_fqdn}.crt";
$nginx_ssl_key = "/etc/nginx/ssl/${foreman_fqdn}.key";
# Include nginx
class { 'nginx': }
# Make our nginx ssl directory
file { ['/etc/nginx/ssl'] :
ensure => directory,
......@@ -18,7 +18,7 @@ class opstheater::profile::foremanproxy {
}
include opstheater::profile::filebeat::foreman::proxy
# Create our SSL Key
file { $nginx_ssl_key :
ensure => file,
......@@ -26,7 +26,7 @@ class opstheater::profile::foremanproxy {
notify => Class['nginx::service'],
require => File['/etc/nginx/ssl'],
}
# Create our SSL Cert for Gitlab Nginx specifically for Nginx with the CACert combined with the cert
concat{ $nginx_ssl_cert:
owner => 'nginx',
......@@ -45,7 +45,7 @@ class opstheater::profile::foremanproxy {
source => 'puppet:///modules/opstheater/ssl/master-cabundle.crt',
order => 20,
}
# If we want to run HTTPS...
if hiera('opstheater::http_mode') == 'https' {
......@@ -70,7 +70,7 @@ class opstheater::profile::foremanproxy {
ssl_cert => $nginx_ssl_cert,
ssl_key => $nginx_ssl_key,
}
# If we don't want HTTPS...
} else {
# Setup a insecure proxy to foreman (for dev envs usually)
......
......@@ -185,7 +185,7 @@ class opstheater::profile::gitlab {
action => 'accept',
proto => 'tcp',
dport => '80',
source => hiera('opstheater::vpn_ip', '0.0.0.0')
source => hiera('opstheater::vpn_ip', '0.0.0.0'),
tag => 'opstheater',
}
......@@ -194,7 +194,7 @@ class opstheater::profile::gitlab {
jump => 'OPSTHEATER',
proto => 'tcp',
dport => '443',
source => hiera('opstheater::vpn_ip', '0.0.0.0')
source => hiera('opstheater::vpn_ip', '0.0.0.0'),
tag => 'opstheater',
}
......
......@@ -5,11 +5,11 @@ class opstheater::profile::grafana {
$elasticsearchurl = hiera('opstheater::elasticsearch::fqdn')
$install_method = hiera('opstheater::profile::grafana::install_method')
$domain = hiera('opstheater::domain')
$smtp_address = hiera('opstheater::smtp::fqdn'),
$smtp_port = hiera('opstheater::smtp::port'),
$smtp_user_name = hiera('opstheater::smtp::username'),
$smtp_password = hiera('opstheater::smtp::password'),
$smtp_openssl_verify_mode = hiera('opstheater::smtp::openssl_verify_mode'),
$smtp_address = hiera('opstheater::smtp::fqdn')
$smtp_port = hiera('opstheater::smtp::port')
$smtp_user_name = hiera('opstheater::smtp::username')
$smtp_password = hiera('opstheater::smtp::password')
$smtp_openssl_verify_mode = hiera('opstheater::smtp::openssl_verify_mode')
class { '::grafana':
install_method => $install_method,
......
......@@ -27,7 +27,7 @@ class opstheater::profile::icinga::client {
},
parent => 'master',
}
icinga2::object::zone { 'master':
endpoints => {
$icinga2_web_fqdn => {
......
class opstheater::profile::kibana {
$elasticsearch = hiera('opstheater::elasticsearch::fqdn')
# use the standard kibana4 class, the parameters will be loaded from hiera
......
class opstheater::role::client::fosstrusty {
include opstheater::profile::client::trusty
}
\ No newline at end of file
class opstheater::role::puppet::master {
# Include our standard base packages
include opstheater::profile::base
unless $::pe_server_version {
# Add our secure (if specified) foreman proxy via Nginx
include opstheater::profile::foremanproxy
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment