Add defaults and make server_timeout and inotify configurable (fixes v…

…oxpupuli#85) Add defaults from subscription-manager 1.21.10
kallies · Feb 22, 2019 · 6157bbb · 6157bbb
1 parent ff828de
commit 6157bbb
Show file tree

Hide file tree

Showing 2 changed files with 60 additions and 42 deletions.
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -6,41 +6,42 @@
 #
 # @summary Subscribe the node to RHSM
 #
-# @param rh_user [String] User for the Customer Portal.
+# @param rh_user User for the Customer Portal.
 #   You need to specify either (rh_user and rh_password) or (org and activationkey)
-# @param rh_password [String] Password for the rh_user account
-# @param org [String] Organization to use
-# @param activationkey [String] Activationkey to use
-# @param servername [String] Servername, default provided
+# @param rh_password Password for the rh_user account
+# @param org Organization to use
+# @param activationkey Activationkey to use
+# @param servername Servername, default provided
 #   Used directly in rhsm.conf template
-# @param serverprefix [String] server.prefix to use
+# @param serverprefix server.prefix to use
 #   Used directly in rhsm.conf template
 #   /rhsm for Satellite 6
 #   /subscription for RHSM
-# @param serverport [Integer] server.port to use
+# @param serverport server.port to use
 #   Used directly in rhsm.conf template
-# @param ca_cert_dir [String] Server CA certificate location
-# @param repo_ca_cert_filename [String] File containting the CA cert to use when generating yum repo configs
+# @param ca_cert_dir Server CA certificate location
+# @param repo_ca_cert_filename File containting the CA cert to use when generating yum repo configs
 #   katello-server-ca.pem for Satellite 6
 #   redhat-uep.pem for RHSM
-# @param repo_ca_cert_source [String] URI, if set the content is used for CA file resource ${ca_cert_dir}/${repo_ca_cert_filename}
+# @param repo_ca_cert_source URI, if set the content is used for CA file resource ${ca_cert_dir}/${repo_ca_cert_filename}
 #   Possible values are puppet:, file: and http:
-# @param manage_repos [Integer] 1 if subscription manager should manage yum repos file or
+# @param manage_repos 1 if subscription manager should manage yum repos file or
 #   0 if the subscription is only used for tracking purposes
-# @param full_refresh_on_yum [Integer] rhsm.full_refresh_on_yum
+# @param full_refresh_on_yum rhsm.full_refresh_on_yum
 #   Used directly in rhsm.conf template
 #   1 for Satellite 6
 #   0 for RHSM
-# @param pool [String] Attach system to a specific pool instead of auto attach to compatible subscriptions
-# @param proxy_hostname [String] Proxy hostname
-# @param proxy_port [Integer] Proxy port
-# @param proxy_user [String] Proxy user
-# @param proxy_password [String] Proxy password
-# @param baseurl [String] Base URL for rhsm, default provided
-# @param package_ensure [String] Whether to install subscription-manager
-# @param enabled_repo_ids [Array[String]
-#   A listing of the Repo IDs to provide to the subscription-manager repo
-#   --enable command.
+# @param inotify Inotify is used for monitoring changes in directories with certificates. When this directory is mounted using a network
+#   file system without inotify notification support (e.g. NFS), then disabling inotify is strongly recommended.
+# @param pool Attach system to a specific pool instead of auto attach to compatible subscriptions
+# @param proxy_hostname Proxy hostname
+# @param proxy_port Proxy port
+# @param proxy_user Proxy user
+# @param proxy_password Proxy password
+# @param server_timeout HTTP timeout in seconds
+# @param baseurl Base URL for rhsm, default provided
+# @param package_ensure Whether to install subscription-manager
+# @param enabled_repo_ids A listing of the Repo IDs to provide to the `subscription-manager repo --enable` command.
 #   
 # @example
 #   include rhsm
@@ -54,25 +55,27 @@
 # @author Ger Apeldoorn <info@gerapeldoorn.nl>
 #
 class rhsm (
-  $rh_user                           = undef,
-  $rh_password                       = undef,
-  $org                               = undef,
-  $activationkey                     = undef,
-  $pool                              = undef,
-  $proxy_hostname                    = undef,
-  $proxy_port                        = undef,
-  $proxy_user                        = undef,
-  $proxy_password                    = undef,
-  $baseurl                           = 'https://cdn.redhat.com',
-  $servername                        = 'subscription.rhsm.redhat.com',
-  $serverprefix                      = '/subscription',
-  $serverport                        = 443,
-  $ca_cert_dir                       = '/etc/rhsm/ca/',
-  $repo_ca_cert_filename             = 'redhat-uep.pem',
-  $repo_ca_cert_source               = undef,
-  $manage_repos                      = 1,
-  $full_refresh_on_yum               = 0,
-  $package_ensure                    = 'latest',
+  Optional[String] $rh_user = undef,
+  Optional[String] $rh_password = undef,
+  Optional[String] $org = undef,
+  Optional[String] $activationkey = undef,
+  Optional[String] $pool = undef,
+  Optional[Stdlib::Fqdn] $proxy_hostname = undef,
+  Optional[Stdlib::Port] $proxy_port = undef,
+  Optional[String] $proxy_user = undef,
+  Optional[String] $proxy_password = undef,
+  Optional[Variant[Stdlib::Filesource,Pattern[/\Apuppet:\/\/.+/]]] $repo_ca_cert_source = undef,
+  Integer[0] $server_timeout = 180,
+  Stdlib::Httpurl $baseurl = 'https://cdn.redhat.com',
+  Stdlib::Fqdn $servername = 'subscription.rhsm.redhat.com',
+  Stdlib::Absolutepath $serverprefix = '/subscription',
+  Stdlib::Port $serverport = 443,
+  Stdlib::Absolutepath $ca_cert_dir = '/etc/rhsm/ca/',
+  String $repo_ca_cert_filename = 'redhat-uep.pem',
+  Integer[0,1] $manage_repos = 1,
+  Integer[0,1] $full_refresh_on_yum = 0,
+  Integer[0,1] $inotify = 1,
+  Enum['present','absent','held','latest','installed','purged'] $package_ensure = 'latest',
   Array[String[1]] $enabled_repo_ids = [],
 ) {
 

diff --git a/templates/rhsm.conf.erb b/templates/rhsm.conf.erb
@@ -33,10 +33,15 @@ proxy_password = <%= @proxy_password %>
 # host/domain suffix blacklist for proxy, if needed
 no_proxy =
 
+server_timeout = <%= @server_timeout %>
+
 [rhsm]
 # Content base URL:
 baseurl= <%= @baseurl %>
 
+# Repository metadata GPG key URL:
+repomd_gpg_url =
+
 # Server CA certificate location:
 ca_cert_dir = <%= @ca_cert_dir %>
 
@@ -64,6 +69,17 @@ pluginDir = /usr/share/rhsm-plugins
 # The directory to search for plugin configuration files
 pluginConfDir = /etc/rhsm/pluginconf.d
 
+# Manage automatic enabling of yum/dnf plugins (product-id, subscription-manager)
+auto_enable_yum_plugins = 1
+
+# Inotify is used for monitoring changes in directories with certificates.
+# Currently only the /etc/pki/consumer directory is monitored by the
+# rhsm.service. When this directory is mounted using a network file system
+# without inotify notification support (e.g. NFS), then disabling inotify
+# is strongly recommended. When inotify is disabled, periodical directory
+# polling is used instead.
+inotify = <%= @inotify %>
+
 [rhsmcertd]
 # Interval to run cert check (in minutes):
 certCheckInterval = 240
@@ -80,4 +96,3 @@ default_log_level = INFO
 # rhsm.connection = DEBUG
 # rhsm-app = DEBUG
 # rhsm-app.rhsmd = DEBUG
-