Showing with 416 additions and 553 deletions.
  1. +1 −1 .fixtures.yml
  2. +1 −1 .sync.yml
  3. +2 −2 .travis.yml
  4. +24 −0 CHANGELOG.md
  5. +1 −0 Gemfile
  6. +3 −13 README.md
  7. +15 −2 manifests/config.pp
  8. +40 −70 manifests/config/apache.pp
  9. +0 −20 manifests/config/passenger/fragment.pp
  10. +6 −8 manifests/database.pp
  11. +0 −13 manifests/database/mysql.pp
  12. +0 −7 manifests/database/sqlite.pp
  13. +26 −0 manifests/dynflow/worker.pp
  14. +17 −44 manifests/init.pp
  15. +9 −21 manifests/install.pp
  16. +7 −14 manifests/params.pp
  17. +3 −0 manifests/plugin.pp
  18. +3 −1 manifests/rake.pp
  19. +8 −6 manifests/service.pp
  20. +6 −3 metadata.json
  21. +12 −1 spec/acceptance/foreman_basic_spec.rb
  22. +14 −3 spec/acceptance/foreman_journald_spec.rb
  23. +13 −2 spec/acceptance/foreman_prometheus_spec.rb
  24. +12 −1 spec/acceptance/foreman_reverse_proxy_spec.rb
  25. +12 −1 spec/acceptance/foreman_rex_cockpit_spec.rb
  26. +12 −1 spec/acceptance/foreman_statsd_spec.rb
  27. +18 −0 spec/classes/cli_plugins_spec.rb
  28. +0 −10 spec/classes/foreman_cli_ansible_spec.rb
  29. +0 −10 spec/classes/foreman_cli_azure_spec.rb
  30. +0 −15 spec/classes/foreman_cli_discovery_spec.rb
  31. +0 −11 spec/classes/foreman_cli_kubevirt_spec.rb
  32. +0 −10 spec/classes/foreman_cli_openscap_spec.rb
  33. +0 −10 spec/classes/foreman_cli_remote_execution_spec.rb
  34. +0 −10 spec/classes/foreman_cli_tasks_spec.rb
  35. +0 −10 spec/classes/foreman_cli_templates_spec.rb
  36. +0 −15 spec/classes/foreman_cli_virt_who_configure_spec.rb
  37. +1 −30 spec/classes/foreman_config_apache_spec.rb
  38. +1 −14 spec/classes/foreman_config_ipa_spec.rb
  39. +0 −37 spec/classes/foreman_database_spec.rb
  40. +12 −27 spec/classes/foreman_install_spec.rb
  41. +1 −4 spec/classes/foreman_service_spec.rb
  42. +29 −28 spec/classes/foreman_spec.rb
  43. +2 −10 spec/defines/foreman_config_apache_fragment_spec.rb
  44. +0 −25 spec/defines/foreman_config_passenger_fragment_spec.rb
  45. +49 −0 spec/defines/foreman_dynflow_worker_spec.rb
  46. +7 −1 spec/defines/foreman_plugin_spec.rb
  47. +32 −29 spec/defines/foreman_rake_spec.rb
  48. +3 −3 spec/defines/foreman_repos_apt_spec.rb
  49. +3 −0 spec/spec_helper_acceptance.rb
  50. +3 −9 templates/database.yml.erb
  51. +5 −0 templates/dynflow_worker.yml.erb
  52. +3 −0 templates/settings.yaml.erb
2 changes: 1 addition & 1 deletion .fixtures.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,9 @@ fixtures:
repo: "https://github.com/puppetlabs/puppetlabs-cron_core"
puppet_version: ">= 6.0.0"
extlib: 'https://github.com/voxpupuli/puppet-extlib'
mysql: 'https://github.com/puppetlabs/puppetlabs-mysql'
postgresql: 'https://github.com/puppetlabs/puppetlabs-postgresql'
puppet: 'https://github.com/theforeman/puppet-puppet'
redis: 'https://github.com/voxpupuli/puppet-redis'
systemd: 'https://github.com/camptocamp/puppet-systemd'
selinux_core:
repo: "https://github.com/puppetlabs/puppetlabs-selinux_core"
Expand Down
2 changes: 1 addition & 1 deletion .sync.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
.travis.yml:
beaker_sets:
- centos7-64
- debian9-64
- debian10-64
env:
global:
- PARALLEL_TEST_PROCESSORS=8
Expand Down
4 changes: 2 additions & 2 deletions .travis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ matrix:
- rvm: 2.5.1
env:
- BEAKER_PUPPET_COLLECTION=puppet5
- BEAKER_setfile=debian9-64{hostname=debian9-64.example.com}
- BEAKER_setfile=debian10-64{hostname=debian10-64.example.com}
script: bundle exec rake beaker
services: docker
bundler_args: --without development
Expand All @@ -48,7 +48,7 @@ matrix:
- rvm: 2.5.1
env:
- BEAKER_PUPPET_COLLECTION=puppet6
- BEAKER_setfile=debian9-64{hostname=debian9-64.example.com}
- BEAKER_setfile=debian10-64{hostname=debian10-64.example.com}
script: bundle exec rake beaker
services: docker
bundler_args: --without development
Expand Down
24 changes: 24 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,29 @@
# Changelog

## [14.0.0](https://github.com/theforeman/puppet-foreman/tree/14.0.0) (2020-02-12)

[Full Changelog](https://github.com/theforeman/puppet-foreman/compare/13.1.0...14.0.0)

**Breaking changes:**

- Drop foreman::config::passenger::fragment [\#799](https://github.com/theforeman/puppet-foreman/pull/799) ([ekohl](https://github.com/ekohl))
- Ensure plugins are installed before the database [\#792](https://github.com/theforeman/puppet-foreman/pull/792) ([ekohl](https://github.com/ekohl))
- Drop keepalive parameters [\#785](https://github.com/theforeman/puppet-foreman/pull/785) ([ekohl](https://github.com/ekohl))
- Drop listen\_on\_interface [\#784](https://github.com/theforeman/puppet-foreman/pull/784) ([ekohl](https://github.com/ekohl))
- Drop the selinux parameter [\#783](https://github.com/theforeman/puppet-foreman/pull/783) ([ekohl](https://github.com/ekohl))
- Drop multiple database support [\#781](https://github.com/theforeman/puppet-foreman/pull/781) ([ekohl](https://github.com/ekohl))
- Drop Debian 9 and Ubuntu 16.04, add Debian 10 [\#777](https://github.com/theforeman/puppet-foreman/pull/777) ([mmoll](https://github.com/mmoll))
- Fixes [\#28067](https://projects.theforeman.org/issues/28067) - dynflow sidekiq services config [\#761](https://github.com/theforeman/puppet-foreman/pull/761) ([ezr-ondrej](https://github.com/ezr-ondrej))

**Implemented enhancements:**

- Run migrations if there are pending migrations [\#778](https://github.com/theforeman/puppet-foreman/pull/778) ([ehelms](https://github.com/ehelms))
- Fixes [\#26739](https://projects.theforeman.org/issues/26739) - Add admin users locale and timezone setting [\#731](https://github.com/theforeman/puppet-foreman/pull/731) ([sbernhard](https://github.com/sbernhard))

**Fixed bugs:**

- Refs [\#28067](https://projects.theforeman.org/issues/28067): Ensure dynflow worker config exists before service [\#791](https://github.com/theforeman/puppet-foreman/pull/791) ([ehelms](https://github.com/ehelms))

## [13.1.0](https://github.com/theforeman/puppet-foreman/tree/13.1.0) (2019-11-25)

[Full Changelog](https://github.com/theforeman/puppet-foreman/compare/13.0.1...13.1.0)
Expand Down
1 change: 1 addition & 0 deletions Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ gem 'beaker', '>= 4.2.0', {"groups"=>["system_tests"]}
gem 'beaker-docker', {"groups"=>["system_tests"]}
gem 'beaker-hostgenerator', '>= 1.1.10', {"groups"=>["system_tests"]}
gem 'beaker-puppet', {"groups"=>["system_tests"]}
gem 'beaker-vagrant', {"groups"=>["system_tests"]}
gem 'beaker-rspec', {"groups"=>["system_tests"]}
gem 'beaker-module_install_helper', {"groups"=>["system_tests"]}
gem 'beaker-puppet_install_helper', {"groups"=>["system_tests"]}
Expand Down
16 changes: 3 additions & 13 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,15 +29,10 @@ to configure Foreman's Smart Proxy and related services.

## Database support

This module supports configuration of either SQLite, PostgreSQL or MySQL as the
database for Foreman. The database type can be changed using the `db_type`
parameter, or management disabled with `db_manage`.

The default database is PostgreSQL, which will be fully installed and managed
on the host this module is applied to. Databases will be created with using the
`en_US.utf8` locale, which means a respective OS locale must be available on
the database host. If using MySQL, the puppetlabs-mysql module must be added to
the modulepath, otherwise it's not required.
the database host. The database management can be disabled with `db_manage`.

## Support policy

Expand All @@ -51,20 +46,15 @@ previous stable release.

### Foreman version compatibility notes

This module targets Foreman 1.21+. Running without passenger is only supported
on Foreman 1.23+. The Azure plugin support only works with Foreman 1.24+.

The Foreman userdata plugin has been merged into Foreman 1.23 and removed from
this module.
This module targets Foreman 2.0+.

## Running without passenger

To use this module without passenger, the `passenger` parameter must be set to
`false`. This will install the `foreman-service` package and ensure the service
is running.

This introduces a soft dependency on `camptocamp-systemd`. This feature is only
available on Foreman 1.23+.
This introduces a soft dependency on `camptocamp-systemd`.

## Types and providers

Expand Down
17 changes: 15 additions & 2 deletions manifests/config.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,19 @@
Class['puppet::server::install'] -> Class['foreman::config']
}

if $::foreman::jobs_manage_service {
if $::foreman::jobs_sidekiq_redis_url != undef {
$jobs_redis_url = $::foreman::jobs_sidekiq_redis_url
} else {
include ::redis
$jobs_redis_url = "redis://localhost:${::redis::port}/6"
}

file { '/etc/foreman/dynflow':
ensure => directory,
}
}

concat::fragment {'foreman_settings+01-header.yaml':
target => '/etc/foreman/settings.yaml',
content => template('foreman/settings.yaml.erb'),
Expand Down Expand Up @@ -41,7 +54,7 @@
ensure => directory,
}

if $::foreman::db_root_cert and $::foreman::db_type == 'postgresql' {
if $::foreman::db_root_cert {
$pg_cert_dir = "${::foreman::app_root}/.postgresql"

file { $pg_cert_dir:
Expand Down Expand Up @@ -88,7 +101,7 @@
fail("${::hostname}: The system does not seem to be IPA-enrolled")
}

if $::foreman::selinux or (str2bool($::selinux) and $::foreman::selinux != false) {
if $facts['selinux'] {
selboolean { ['allow_httpd_mod_auth_pam', 'httpd_dbus_sssd']:
persistent => true,
value => 'on',
Expand Down
110 changes: 40 additions & 70 deletions manifests/config/apache.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,6 @@
#
# $app_root:: Root of the application.
#
# $listen_on_interface:: Specify which interface to bind passenger to.
# Defaults to all interfaces.
#
# $passenger_ruby:: Path to Ruby interpreter
#
# $priority:: Apache vhost priority
Expand Down Expand Up @@ -46,14 +43,6 @@
# $foreman_url:: The URL Foreman should be reachable under. Used for loading the application
# on startup rather than on demand.
#
# $keepalive:: Enable KeepAlive setting of Apache?
#
# $max_keepalive_requests:: MaxKeepAliveRequests setting of Apache
# (Number of requests allowed on a persistent connection)
#
# $keepalive_timeout:: KeepAliveTimeout setting of Apache
# (Seconds the server will wait for subsequent requests on a persistent connection)
#
# $access_log_format:: Apache log format to use
#
# $ipa_authentication:: Whether to install support for IPA authentication
Expand All @@ -67,7 +56,6 @@
class foreman::config::apache(
Boolean $passenger = $::foreman::passenger,
Stdlib::Absolutepath $app_root = $::foreman::app_root,
Optional[String] $listen_on_interface = $::foreman::passenger_interface,
Optional[String] $passenger_ruby = $::foreman::passenger_ruby,
String $priority = $::foreman::vhost_priority,
Stdlib::Fqdn $servername = $::foreman::servername,
Expand All @@ -85,19 +73,16 @@
Stdlib::Absolutepath $ssl_key = $::foreman::server_ssl_key,
Variant[Enum[''], Stdlib::Absolutepath] $ssl_crl = $::foreman::server_ssl_crl,
Optional[String] $ssl_protocol = $::foreman::server_ssl_protocol,
Enum['none','optional','require','optional_no_ca'] $ssl_verify_client = $::foreman::server_ssl_verify_client,
String $user = $::foreman::user,
Boolean $passenger_prestart = $::foreman::passenger_prestart,
Integer[0] $passenger_min_instances = $::foreman::passenger_min_instances,
Integer[0] $passenger_start_timeout = $::foreman::passenger_start_timeout,
Stdlib::HTTPUrl $foreman_url = $::foreman::foreman_url,
Boolean $keepalive = $::foreman::keepalive,
Integer[0] $max_keepalive_requests = $::foreman::max_keepalive_requests,
Integer[0] $keepalive_timeout = $::foreman::keepalive_timeout,
Optional[String] $access_log_format = undef,
Boolean $ipa_authentication = $::foreman::ipa_authentication,
Hash[String, Any] $http_vhost_options = {},
Hash[String, Any] $https_vhost_options = {},
Optional[Boolean] $selinux = $::foreman::selinux,
) {
$docroot = "${app_root}/public"
$suburi_parts = split($foreman_url, '/')
Expand Down Expand Up @@ -184,7 +169,7 @@
],
}

if $selinux or ($facts['selinux'] and $selinux != false) {
if $facts['selinux'] {
selboolean { 'httpd_can_network_connect':
persistent => true,
value => 'on',
Expand All @@ -202,13 +187,6 @@
include ::apache::mod::auth_kerb
}

# Check the value in case the interface doesn't exist, otherwise listen on all interfaces
if $listen_on_interface and $listen_on_interface in split($::interfaces, ',') {
$listen_interface = fact("ipaddress_${listen_on_interface}")
} else {
$listen_interface = undef
}

file { "${apache::confd_dir}/${priority}-foreman.d":
ensure => 'directory',
owner => 'root',
Expand All @@ -219,23 +197,19 @@
}

apache::vhost { 'foreman':
add_default_charset => 'UTF-8',
docroot => $docroot,
manage_docroot => false,
ip => $listen_interface,
options => ['SymLinksIfOwnerMatch'],
port => $server_port,
priority => $priority,
servername => $servername,
serveraliases => $serveraliases,
keepalive => bool2str($keepalive, 'on', 'off'),
max_keepalive_requests => $max_keepalive_requests,
keepalive_timeout => $keepalive_timeout,
access_log_format => $access_log_format,
additional_includes => ["${::apache::confd_dir}/${priority}-foreman.d/*.conf"],
use_optional_includes => true,
custom_fragment => $custom_fragment,
* => $vhost_http_internal_options + $http_vhost_options,
add_default_charset => 'UTF-8',
docroot => $docroot,
manage_docroot => false,
options => ['SymLinksIfOwnerMatch'],
port => $server_port,
priority => $priority,
servername => $servername,
serveraliases => $serveraliases,
access_log_format => $access_log_format,
additional_includes => ["${::apache::confd_dir}/${priority}-foreman.d/*.conf"],
use_optional_includes => true,
custom_fragment => $custom_fragment,
* => $vhost_http_internal_options + $http_vhost_options,
}

if $ssl {
Expand All @@ -257,35 +231,31 @@
}

apache::vhost { 'foreman-ssl':
add_default_charset => 'UTF-8',
docroot => $docroot,
manage_docroot => false,
ip => $listen_interface,
options => ['SymLinksIfOwnerMatch'],
port => $server_ssl_port,
priority => $priority,
servername => $servername,
serveraliases => $serveraliases,
ssl => true,
ssl_cert => $ssl_cert,
ssl_certs_dir => $ssl_certs_dir,
ssl_key => $ssl_key,
ssl_chain => $ssl_chain,
ssl_ca => $ssl_ca,
ssl_crl => $ssl_crl_real,
ssl_crl_check => $ssl_crl_check,
ssl_protocol => $ssl_protocol,
ssl_verify_client => 'optional',
ssl_options => '+StdEnvVars +ExportCertData',
ssl_verify_depth => '3',
keepalive => bool2str($keepalive, 'on', 'off'),
max_keepalive_requests => $max_keepalive_requests,
keepalive_timeout => $keepalive_timeout,
access_log_format => $access_log_format,
additional_includes => ["${::apache::confd_dir}/${priority}-foreman-ssl.d/*.conf"],
use_optional_includes => true,
custom_fragment => $custom_fragment,
* => $vhost_https_internal_options + $https_vhost_options,
add_default_charset => 'UTF-8',
docroot => $docroot,
manage_docroot => false,
options => ['SymLinksIfOwnerMatch'],
port => $server_ssl_port,
priority => $priority,
servername => $servername,
serveraliases => $serveraliases,
ssl => true,
ssl_cert => $ssl_cert,
ssl_certs_dir => $ssl_certs_dir,
ssl_key => $ssl_key,
ssl_chain => $ssl_chain,
ssl_ca => $ssl_ca,
ssl_crl => $ssl_crl_real,
ssl_crl_check => $ssl_crl_check,
ssl_protocol => $ssl_protocol,
ssl_verify_client => $ssl_verify_client,
ssl_options => '+StdEnvVars +ExportCertData',
ssl_verify_depth => '3',
access_log_format => $access_log_format,
additional_includes => ["${::apache::confd_dir}/${priority}-foreman-ssl.d/*.conf"],
use_optional_includes => true,
custom_fragment => $custom_fragment,
* => $vhost_https_internal_options + $https_vhost_options,
}
}
}
20 changes: 0 additions & 20 deletions manifests/config/passenger/fragment.pp
View file

This file was deleted.

14 changes: 6 additions & 8 deletions manifests/database.pp
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,10 @@
# Set up the foreman database
class foreman::database {
if $::foreman::db_manage {
$db_class = "foreman::database::${::foreman::db_type}"

contain $db_class
contain foreman::database::postgresql

if $::foreman::db_manage_rake {
Class[$db_class] ~> Foreman_config_entry['db_pending_migration']
Class['foreman::database::postgresql'] ~> Foreman::Rake['db:migrate']
}
}

Expand All @@ -17,15 +15,15 @@
'SEED_ADMIN_FIRST_NAME' => $::foreman::initial_admin_first_name,
'SEED_ADMIN_LAST_NAME' => $::foreman::initial_admin_last_name,
'SEED_ADMIN_EMAIL' => $::foreman::initial_admin_email,
'SEED_ADMIN_LOCALE' => $::foreman::initial_admin_locale,
'SEED_ADMIN_TIMEZONE' => $::foreman::initial_admin_timezone,
'SEED_ORGANIZATION' => $::foreman::initial_organization,
'SEED_LOCATION' => $::foreman::initial_location,
}

foreman_config_entry { 'db_pending_migration':
value => false,
dry => true,
foreman::rake { 'db:migrate':
unless => '/usr/sbin/foreman-rake db:abort_if_pending_migrations',
}
~> foreman::rake { 'db:migrate': }
~> foreman_config_entry { 'db_pending_seed':
value => false,
dry => true,
Expand Down
13 changes: 0 additions & 13 deletions manifests/database/mysql.pp
View file

This file was deleted.

Loading