Add an HTTP hook for updating code on the puppet server
[cacert-puppet.git] / sitemodules / profiles / manifests / puppet_server.pp
1 # Class: profiles::puppet_server
2 # ==============================
3 #
4 # This class takes care of resources on the puppet server
5 #
6 # Parameters
7 # ----------
8 #
9 # @param git_pull_ssh_passphrase passphrase to use for the ssh key to pull
10 # new code from the control repository
11 # @param git_pull_directory directory where the puppet control repository
12 # is checked out
13 # @param git_pull_tokens list of tokens that are valid to trigger the
14 # git pull hook
15 #
16 # Examples
17 # --------
18 #
19 # @example
20 # class roles::myhost {
21 # include profiles::puppet_server
22 # }
23 #
24 # Authors
25 # -------
26 #
27 # Jan Dittberner <jandd@cacert.org>
28 #
29 # Copyright
30 # ---------
31 #
32 # Copyright 2018 Jan Dittberner
33 class profiles::puppet_server (
34 String $git_pull_ssh_passphrase,
35 String $git_pull_directory = '/etc/puppetlabs/code/environment/production',
36 Array[String] $git_pull_tokens,
37 ) {
38 package { 'sshpass':
39 ensure => installed,
40 }
41
42 package { 'git':
43 ensure => installed,
44 }
45
46 file { '/usr/local/sbin/git-pull-hook':
47 ensure => file,
48 owner => 'root',
49 group => 'root',
50 mode => '0750',
51 source => 'puppet:///modules/profiles/puppet_server/git-pull-hook',
52 require => [Package['sshpass'], Package['git']],
53 }
54
55 file { '/etc/init.d/git-pull-hook':
56 ensure => file,
57 owner => 'root',
58 group => 'root',
59 mode => '0755',
60 source => 'puppet:///modules/profiles/puppet_server/git-pull-hook.init.sh'
61 }
62
63 file { '/etc/git-pull-hook.ini':
64 ensure => file,
65 owner => 'root',
66 group => 'root',
67 mode => '0400',
68 content => epp(
69 'profiles/puppet_server/git-pull-hook.ini.epp',
70 {
71 'ssh_passphrase' => $git_pull_ssh_passphrase,
72 'tokens' => $git_pull_tokens,
73 'git_directory' => $git_pull_directory,
74 }
75 )
76 }
77
78 service { 'git-pull-hook':
79 ensure => running,
80 enable => true,
81 require => [
82 File['/etc/init.d/git-pull-hook'], File['/usr/local/sbin/git-pull-hook'],
83 File['/etc/git-pull-hook.ini'],
84 ],
85 }
86 }