Puppet Class: psquared::git

Defined in:
manifests/git.pp

Overview

Built-in puppet enterprise git server

Parameters:

  • repo_path (Any) (defaults to: '/var/lib/psquared')
  • upstream (Any) (defaults to: 'https://github.com/GeoffWilliams/r10k-control/')
  • control_repo (Any) (defaults to: 'r10k-control')
  • supplemental_repos (Any) (defaults to: [])
  • authorised_keys (Any) (defaults to: [])
  • admin_key (Any) (defaults to: present)
  • admin_user (Any) (defaults to: 'psquared')
  • admin_password (Any) (defaults to: 'changeme')


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
# File 'manifests/git.pp', line 2

class psquared::git(
    $repo_path          = '/var/lib/psquared',
    $upstream           = 'https://github.com/GeoffWilliams/r10k-control/',
    $control_repo       = 'r10k-control',
    $supplemental_repos = [],
    $authorised_keys    = [],
    $admin_key          = present,
    $admin_user         = 'psquared',
    $admin_password     = 'changeme',
) {

  $control_repo_path = "${repo_path}/${control_repo}"
  $ssh_path = "${repo_path}/.ssh"
  $hook_filename = "hooks/post-receive"

  File {
    owner => $admin_user,
    group => $admin_user,
    mode  => '0755',
  }

  #file { "/etc/puppetlabs/r10k/r10k.yaml":
  #  ensure  => file,
  #  owner   => 'root',
  #  group   => 'root',
  #  mode    => '0644',
  #  content => template("${module_name}/r10k.yaml.erb"),
  #}
  $master_group = 'PE Master'
  $original_classes = node_groups($master_group)[$master_group]['classes']
  $delta_classes = {
    'puppet_enterprise::profile::master' => {
      'code_manager_auto_configure' => true,
      'r10k_remote'                 => $control_repo_path,
    }
  }
  node_group { 'PE Master':
    ensure               => 'present',
    classes              => merge($original_classes, $delta_classes),
    environment          => 'production',
    override_environment => 'false',
    parent               => 'PE Infrastructure',
  }

  file { $repo_path:
    ensure => directory,
  }

  vcsrepo { $control_repo_path:
    ensure   => bare,
    provider => git,
    user     => $admin_user,
    source   => $upstream,
    require  => File[$repo_path],
  }

  file { "${control_repo_path}/${hook_filename}":
    ensure => file,
    mode   => '0755',
    source => "puppet:///modules/${module_name}/post-receive",
  }

  # admin key :)
  user { $admin_user:
    ensure => $admin_key,
    home   => $repo_path,
  }

  $ssh_keyname = "psquared@${fqdn}"
  include sshkeys

  sshkeys::install_keypair { $ssh_keyname:
    ensure  => $admin_key,
    ssh_dir => $ssh_path,
  }

  # fixme - need to update sshkeys to allow removal
  sshkeys::known_host { $ssh_keyname:
    ssh_dir => $ssh_path,
  }

  # fixme - grant access to the account to other users
  sshkeys::authorize { $admin_user:
    ensure          => $admin_key,
    authorized_keys => [$ssh_keyname],
    ssh_dir         => $ssh_path,
  }

  exec { "install_token_psquared":
    command     => "cd ${repo_path} && pe_rbac code_manager --password ${admin_password} \\
&& chown -R ${admin_user}.${admin_user} ${repo_path}/.puppetlabs",
    creates     => "${repo_path}/.puppetlabs/token",
    environment => "HOME=${repo_path}",
    path        => ["/opt/puppetlabs/puppet/bin/", "/usr/bin", "/bin"],
  }
}