Skip to content

Commit 3542ca4

Browse files
committed
move class puppetdb parameter reference to pp
1 parent f863b10 commit 3542ca4

File tree

3 files changed

+667
-631
lines changed

3 files changed

+667
-631
lines changed

README.md

Lines changed: 0 additions & 378 deletions
Original file line numberDiff line numberDiff line change
@@ -360,384 +360,6 @@ You must declare the class to use it:
360360

361361
class { 'puppetdb': }
362362

363-
**Parameters within `puppetdb`:**
364-
365-
#### `listen_address`
366-
367-
The address that the web server should bind to for HTTP requests. Defaults to
368-
`localhost`. Set to `0.0.0.0` to listen on all addresses.
369-
370-
#### `listen_port`
371-
372-
The port on which the puppetdb web server should accept HTTP requests. Defaults
373-
to `8080`.
374-
375-
#### `disable_cleartext`
376-
377-
If true, the puppetdb web server will only serve HTTPS and not HTTP requests (defaults to false).
378-
379-
#### `open_listen_port`
380-
381-
If `true`, open the `http_listen_port` on the firewall. Defaults to `false`.
382-
383-
#### `ssl_listen_address`
384-
385-
The address that the web server should bind to for HTTPS requests. Defaults to
386-
`0.0.0.0` to listen on all addresses.
387-
388-
#### `ssl_listen_port`
389-
390-
The port on which the puppetdb web server should accept HTTPS requests. Defaults
391-
to `8081`.
392-
393-
#### `disable_ssl`
394-
395-
If `true`, the puppetdb web server will only serve HTTP and not HTTPS requests.
396-
Defaults to `false`.
397-
398-
#### `open_ssl_listen_port`
399-
400-
If true, open the `ssl_listen_port` on the firewall. Defaults to `undef`.
401-
402-
#### `ssl_protocols`
403-
404-
Specify the supported SSL protocols for PuppetDB (e.g. TLSv1, TLSv1.1, TLSv1.2.)
405-
406-
### `postgresql_ssl_on`
407-
408-
If `true`, it configures SSL connections between PuppetDB and the PostgreSQL database.
409-
Defaults to `false`.
410-
411-
#### `cipher_suites`
412-
413-
Configure jetty's supported `cipher-suites` (e.g. `SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384`).
414-
Defaults to `undef`.
415-
416-
#### `migrate`
417-
418-
If `true`, puppetdb will automatically migrate to the latest database format at startup. If `false`, if the database format supplied by this version of PuppetDB doesn't match the version expected (whether newer or older), PuppetDB will exit with an error status. Defaults to `true`.
419-
420-
### `manage_dbserver`
421-
422-
If true, the PostgreSQL server will be managed by this module. Defaults to `true`.
423-
424-
### `manage_database`
425-
426-
If true, the PostgreSQL database will be managed by this module. Defaults to `true`.
427-
428-
#### `database_host`
429-
430-
Hostname to use for the database connection. For single case installations this
431-
should be left as the default. Defaults to `localhost`.
432-
433-
#### `database_port`
434-
435-
The port that the database server listens on. Defaults to `5432`.
436-
437-
#### `database_username`
438-
439-
The name of the database user to connect as. Defaults to `puppetdb`.
440-
441-
#### `database_password`
442-
443-
The password for the database user. Defaults to `puppetdb`.
444-
445-
#### `manage_db_password`
446-
447-
Whether or not the database password in database.ini will be managed by this module.
448-
Set this to `false` if you want to set the password some other way.
449-
Defaults to `true`
450-
451-
#### `database_name`
452-
453-
The name of the database instance to connect to. Defaults to `puppetdb`.
454-
455-
#### `jdbc_ssl_properties`
456-
457-
The text to append to the JDBC connection URI. This should begin with a '?'
458-
character. For example, to use SSL for the PostgreSQL connection, set this
459-
parameter's value to `?ssl=true`.
460-
461-
#### `database_validate`
462-
463-
If true, the module will attempt to connect to the database using the specified
464-
settings and fail if it is not able to do so. Defaults to `true`.
465-
466-
#### `node_ttl`
467-
468-
The length of time a node can go without receiving any new data before it's
469-
automatically deactivated. (defaults to '7d', which is a 7-day period. Set to
470-
'0d' to disable auto-deactivation). This option is supported in PuppetDB >=
471-
1.1.0.
472-
473-
#### `node_purge_ttl`
474-
475-
The length of time a node can be deactivated before it's deleted from the
476-
database. (defaults to '14d', which is a 14-day period. Set to '0d' to disable
477-
purging). This option is supported in PuppetDB >= 1.2.0.
478-
479-
#### `report_ttl`
480-
481-
The length of time reports should be stored before being deleted. (defaults to
482-
`14d`, which is a 14-day period). This option is supported in PuppetDB >= 1.1.0.
483-
484-
#### `gc_interval`
485-
486-
This controls how often (in minutes) to compact the database. The compaction
487-
process reclaims space and deletes unnecessary rows. If not supplied, the
488-
default is every 60 minutes. This option is supported in PuppetDB >= 0.9.
489-
490-
#### `log_slow_statements`
491-
492-
This sets the number of seconds before an SQL query is considered "slow." Slow
493-
SQL queries are logged as warnings, to assist in debugging and tuning. Note
494-
PuppetDB does not interrupt slow queries; it simply reports them after they
495-
complete.
496-
497-
The default value is `10` seconds. A value of 0 will disable logging of slow
498-
queries. This option is supported in PuppetDB >= 1.1.
499-
500-
#### `conn_max_age`
501-
502-
The maximum time (in minutes) for a pooled connection to remain unused before
503-
it is closed off.
504-
505-
If not supplied, we default to `60` minutes. This option is supported in PuppetDB >= 1.1.
506-
507-
#### `conn_keep_alive`
508-
509-
This sets the time (in minutes) for a connection to remain idle before sending
510-
a test query to the DB. This is useful to prevent a DB from timing out
511-
connections on its end.
512-
513-
If not supplied, we default to 45 minutes. This option is supported in PuppetDB >= 1.1.
514-
515-
#### `conn_lifetime`
516-
517-
The maximum time (in minutes) a pooled connection should remain open. Any
518-
connections older than this setting will be closed off. Connections currently in
519-
use will not be affected until they are returned to the pool.
520-
521-
If not supplied, we won't terminate connections based on their age alone. This
522-
option is supported in PuppetDB >= 1.4.
523-
524-
#### `puppetdb_package`
525-
526-
The PuppetDB package name in the package manager. Defaults to `present`.
527-
528-
#### `puppetdb_service`
529-
530-
The name of the PuppetDB service. Defaults to `puppetdb`.
531-
532-
#### `puppetdb_service_status`
533-
534-
Sets whether the service should be `running ` or `stopped`. When set to `stopped` the
535-
service doesn't start on boot either. Valid values are `true`, `running`,
536-
`false`, and `stopped`.
537-
538-
#### `confdir`
539-
540-
The PuppetDB configuration directory. Defaults to `/etc/puppetdb/conf.d`.
541-
542-
#### `vardir`
543-
544-
The parent directory for the MQ's data directory.
545-
546-
#### `java_args`
547-
548-
Java VM options used for overriding default Java VM options specified in
549-
PuppetDB package. Defaults to `{}`. See
550-
[PuppetDB Configuration](https://puppet.com/docs/puppetdb/latest/configure.html)
551-
to get more details about the current defaults.
552-
553-
For example, to set `-Xmx512m -Xms256m` options use:
554-
555-
{
556-
'-Xmx' => '512m',
557-
'-Xms' => '256m',
558-
}
559-
560-
#### `merge_default_java_args`
561-
562-
Sets whether the provided java args should be merged with the defaults, or
563-
should override the defaults. This setting is necessary if any of the defaults
564-
are to be removed. Defaults to true. If `false`, the `java_args` in the PuppetDB
565-
init config file will reflect only what is passed via the `java_args` param.
566-
567-
#### `max_threads`
568-
569-
Jetty option to explicitly set `max-threads`. Defaults to `undef`, so the
570-
PuppetDB-Jetty default is used.
571-
572-
#### `read_database_host`
573-
*This parameter must be set to use another PuppetDB instance for queries.*
574-
575-
The hostname or IP address of the read database server. If set to `undef`, and
576-
`manage_database` is set to `true`, it will use the value of the `database_host`
577-
parameter. This option is supported in PuppetDB >= 1.6.
578-
579-
#### `read_database_port`
580-
581-
The port that the read database server listens on. If `read_database_host`
582-
is set to `undef`, and `manage_database` is set to `true`, it will use the value of
583-
the `database_port` parameter. This option is supported in PuppetDB >= 1.6.
584-
585-
#### `read_database_username`
586-
587-
The name of the read database user to connect as. Defaults to `puppetdb-read`. This
588-
option is supported in PuppetDB >= 1.6.
589-
590-
#### `read_database_password`
591-
592-
The password for the read database user. Defaults to `puppetdb-read`. This option is
593-
supported in PuppetDB >= 1.6.
594-
595-
#### `manage_read_db_password`
596-
597-
Whether or not the database password in read-database.ini will be managed by this module.
598-
Set this to `false` if you want to set the password some other way.
599-
Defaults to `true`
600-
601-
#### `read_database_name`
602-
603-
The name of the read database instance to connect to. If `read_database_host`
604-
is set to `undef`, and `manage_database` is set to `true`, it will use the value of
605-
the `database_name` parameter. This option is supported in PuppetDB >= 1.6.
606-
607-
#### `read_log_slow_statements`
608-
609-
This sets the number of seconds before an SQL query to the read database is
610-
considered "slow." Slow SQL queries are logged as warnings, to assist in
611-
debugging and tuning. Note PuppetDB does not interrupt slow queries; it simply
612-
reports them after they complete.
613-
614-
The default value is 10 seconds. A value of 0 will disable logging of slow
615-
queries. This option is supported in PuppetDB >= 1.6.
616-
617-
#### `read_conn_max_age`
618-
619-
The maximum time (in minutes) for a pooled read database connection to remain
620-
unused before it is closed off.
621-
622-
If not supplied, we default to 60 minutes. This option is supported in PuppetDB >= 1.6.
623-
624-
#### `read_conn_keep_alive`
625-
626-
This sets the time (in minutes) for a read database connection to remain idle
627-
before sending a test query to the DB. This is useful to prevent a DB from
628-
timing out connections on its end.
629-
630-
If not supplied, we default to 45 minutes. This option is supported in PuppetDB >= 1.6.
631-
632-
#### `read_conn_lifetime`
633-
634-
The maximum time (in minutes) a pooled read database connection should remain
635-
open. Any connections older than this setting will be closed off. Connections
636-
currently in use will not be affected until they are returned to the pool.
637-
638-
If not supplied, we won't terminate connections based on their age alone. This
639-
option is supported in PuppetDB >= 1.6.
640-
641-
#### `ssl_dir`
642-
643-
Base directory for PuppetDB SSL configuration. Defaults to `/etc/puppetdb/ssl`
644-
or `/etc/puppetlabs/puppetdb/ssl` for FOSS and PE respectively.
645-
646-
#### `ssl_set_cert_paths`
647-
648-
A switch to enable or disable the management of SSL certificates in your
649-
`jetty.ini` configuration file.
650-
651-
#### `ssl_cert_path`
652-
653-
Path to your SSL certificate for populating `jetty.ini`.
654-
655-
#### `ssl_key_path`
656-
657-
Path to your SSL key for populating `jetty.ini`.
658-
659-
#### `ssl_ca_cert_path`
660-
661-
Path to your SSL CA for populating `jetty.ini`.
662-
663-
#### `ssl_deploy_certs`
664-
665-
A boolean switch to enable or disable the management of SSL keys in your
666-
`ssl_dir`. Default is `false`.
667-
668-
#### `ssl_key`
669-
670-
Contents of your SSL key, as a string.
671-
672-
#### `ssl_cert`
673-
674-
Contents of your SSL certificate, as a string.
675-
676-
#### `ssl_ca_cert`
677-
678-
Contents of your SSL CA certificate, as a string.
679-
680-
#### `manage_firewall`
681-
682-
If `true`, puppet will manage your iptables rules for PuppetDB via the
683-
[puppetlabs-firewall](https://forge.puppetlabs.com/puppetlabs/firewall) class.
684-
685-
#### `command_threads`
686-
687-
The number of command processing threads to use. Defaults to `undef`, using the
688-
PuppetDB built-in default.
689-
690-
#### `concurrent_writes`
691-
692-
The number of threads allowed to write to disk at any one time. Defaults to
693-
`undef`, which uses the PuppetDB built-in default.
694-
695-
#### `store_usage`
696-
697-
The amount of disk space (in MB) to allow for persistent message storage.
698-
Defaults to `undef`, using the PuppetDB built-in default.
699-
700-
#### `temp_usage`
701-
702-
The amount of disk space (in MB) to allow for temporary message storage.
703-
Defaults to `undef`, using the PuppetDB built-in default.
704-
705-
#### `disable_update_checking`
706-
707-
Setting this to true disables checking for updated versions of PuppetDB and sending basic analytics data to Puppet.
708-
Defaults to `undef`, using the PuppetDB built-in default.
709-
710-
#### `certificate_whitelist_file`
711-
712-
The name of the certificate whitelist file to set up and configure in PuppetDB. Defaults to `/etc/puppetdb/certificate-whitelist` or `/etc/puppetlabs/puppetdb/certificate-whitelist` for FOSS and PE respectively.
713-
714-
#### `certificate_whitelist`
715-
716-
Array of the X.509 certificate Common Names of clients allowed to connect to PuppetDB. Defaults to empty. Be aware that this permits full access to all Puppet clients to download anything contained in PuppetDB, including the full catalogs of all nodes, which possibly contain sensitive information. Set to `[ $::servername ]` to allow access only from your (single) Puppet master, which is enough for normal operation. Set to a list of Puppet masters if you have multiple.
717-
718-
#### `automatic_dlo_cleanup`
719-
720-
PuppetDB creates [Dead Letter Office](https://puppet.com/docs/puppetdb/5.2/maintain_and_tune.html#clean-up-the-dead-letter-office).
721-
Those are reports of failed requests. They spill up the disk. This parameter is
722-
a boolean and defaults to false. You can enable automatic cleanup of DLO
723-
reports by setting this to true.
724-
725-
#### `cleanup_timer_interval`
726-
727-
The DLO cleanup is a systemd timer if systemd is available, otherwise a
728-
cronjob. The variable configures the systemd.timer option [onCalender](https://www.freedesktop.org/software/systemd/man/systemd.timer.html#OnCalendar=).
729-
It defaults to `*-*-* ${fqdn_rand(24)}:${fqdn_rand(60)}:00`. This will start
730-
the cleanup service on a daily basis. The exact minute and hour is random
731-
per node based on the [fqdn_rand](https://puppet.com/docs/puppet/5.5/function.html#fqdnrand)
732-
method. On non-systemd systems, the cron runs daily and the `$puppetdb_user` needs
733-
to be able to run cron jobs. On systemd systems you need the [camptocamp/systemd](https://forge.puppet.com/camptocamp/systemd)
734-
module, which is an optional dependency and not automatically installed!
735-
736-
#### `dlo_max_age`
737-
738-
This is a positive integer. It describes the amount of days you want to keep
739-
the DLO reports. The default value is 90 days.
740-
741363
### puppetdb::server
742364

743365
The `puppetdb::server` class manages the PuppetDB server independently of the

0 commit comments

Comments
 (0)