.fixtures.yml

@@ -1,12 +1,8 @@
 fixtures:
   repositories:
-    augeas_core:
-      repo: 'https://github.com/puppetlabs/puppetlabs-augeas_core'
-      puppet_version: '>= 6.0.0'
+    augeas_core: 'https://github.com/puppetlabs/puppetlabs-augeas_core'
     concat:   'https://github.com/puppetlabs/puppetlabs-concat.git'
-    cron_core:
-      repo: 'https://github.com/puppetlabs/puppetlabs-cron_core'
-      puppet_version: '>= 6.0.0'
+    cron_core: 'https://github.com/puppetlabs/puppetlabs-cron_core'
     extlib:               'https://github.com/voxpupuli/puppet-extlib.git'
     git:                  'https://github.com/theforeman/puppet-git.git'
     inifile:              'https://github.com/puppetlabs/puppetlabs-inifile.git'

CHANGELOG.md

@@ -1,5 +1,27 @@
 # Changelog
 
+## [17.0.0](https://github.com/theforeman/puppet-puppet/tree/17.0.0) (2023-05-16)
+
+[Full Changelog](https://github.com/theforeman/puppet-puppet/compare/16.5.0...17.0.0)
+
+**Breaking changes:**
+
+- Drop Puppet 6 support [\#873](https://github.com/theforeman/puppet-puppet/pull/873) ([ekohl](https://github.com/ekohl))
+- Drop Ubuntu 16.04, Debian 9, Fedora 31, SLES 11, Windows 8; add F36, EL9 [\#872](https://github.com/theforeman/puppet-puppet/pull/872) ([ekohl](https://github.com/ekohl))
+- Fixes [\#35933](https://projects.theforeman.org/issues/35933) Update for change from puppet master to server [\#859](https://github.com/theforeman/puppet-puppet/pull/859) ([jcpunk](https://github.com/jcpunk))
+
+**Implemented enhancements:**
+
+- Include Puppet CRL update API auth [\#875](https://github.com/theforeman/puppet-puppet/pull/875) ([ekohl](https://github.com/ekohl))
+- Mark compatible with puppetlabs/concat 8.x [\#871](https://github.com/theforeman/puppet-puppet/pull/871) ([ekohl](https://github.com/ekohl))
+- Stop managing services.d dir in /opt/puppetlabs [\#869](https://github.com/theforeman/puppet-puppet/pull/869) ([ekohl](https://github.com/ekohl))
+- Support new non-AIO puppet Debian packages [\#868](https://github.com/theforeman/puppet-puppet/pull/868) ([jcharaoui](https://github.com/jcharaoui))
+
+**Fixed bugs:**
+
+- Respect puppet::server::additional\_settings parameter [\#874](https://github.com/theforeman/puppet-puppet/pull/874) ([ekohl](https://github.com/ekohl))
+- Keep ruby's system Gem.dir in gem-path on FreeBSD [\#843](https://github.com/theforeman/puppet-puppet/pull/843) ([llua](https://github.com/llua))
+
 ## [16.5.0](https://github.com/theforeman/puppet-puppet/tree/16.5.0) (2023-02-21)
 
 [Full Changelog](https://github.com/theforeman/puppet-puppet/compare/16.4.0...16.5.0)

README.md

@@ -1,32 +1,21 @@
 [![Puppet Forge](https://img.shields.io/puppetforge/v/theforeman/puppet.svg)](https://forge.puppetlabs.com/theforeman/puppet)
 [![CI](https://github.com/theforeman/puppet-puppet/actions/workflows/ci.yml/badge.svg?event=schedule)](https://github.com/theforeman/puppet-puppet/actions/workflows/ci.yml)
 
-# Puppet module for installing the Puppet agent and master
+# Puppet module for installing the Puppet agent and server
 
-Installs and configures the Puppet agent and optionally a Puppet master (when
+Installs and configures the Puppet agent and optionally a Puppet server (when
 `server` is true).  Part of the [Foreman installer](https://github.com/theforeman/foreman-installer)
 or to be used as a Puppet module.
 
-When using Puppet Server (version 5.3.6 is the lowest version, this module supports),
-the module supports and assumes you will be installing the latest version.
-If you know you'll be installing an earlier or specific version, you will
-need to override `server_puppetserver_version`. More information in the Puppet
-Server section below.
-
-Many puppet.conf options for agents, masters and other are parameterized, with
+Many puppet.conf options for agents, servers and other are parameterized, with
 class documentation provided at the top of the manifests. In addition, there
 are hash parameters for each configuration section that can be used to supply
 any options that are not explicitly supported.
 
-## Upgrading from Puppetserver 6 to 7
-
-Puppetserver 7 moves the CA files from ssldir to its own. To move the existing
-files, `puppetserver ca migrate` can be used but this requires the puppetserver
-to be stopped. The module does run this command if needed, but doesn't stop the
-service so the application will fail.
+## Compatibility
 
-It is recommended to run this command directly after updating the packages. It
-leaves a symlink so the old config should continue to work.
+See the module metadata for supported operating systems and compatible Puppet
+versions. The Puppetserver version should also match this.
 
 ## Environments support
 
@@ -37,7 +26,7 @@ These are set up under /etc/puppetlabs/code/environments.
 
 Environments can be backed by git by setting `server_git_repo` to true, which
 sets up `/var/lib/puppet/puppet.git` where each branch maps to one environment.
-Avoid using 'master' as this name isn't permitted.  On each push to the repo, a
+Avoid using 'server' as this name isn't permitted.  On each push to the repo, a
 hook updates `/etc/puppet/environments` with the contents of the branch.
 
 Requires [theforeman/git](https://forge.puppetlabs.com/theforeman/git).
@@ -64,10 +53,10 @@ Then the `foreman_ssl_{ca,cert,key}` parameters are ignored and `certs::puppet`
 
 ## PuppetDB integration
 
-The Puppet master can be configured to export catalogs and reports to a
+The Puppet server can be configured to export catalogs and reports to a
 PuppetDB instance, using the puppetlabs/puppetdb module.  Use its
 `puppetdb::server` class to install the PuppetDB server and this module to
-configure the Puppet master to connect to PuppetDB.
+configure the Puppet server to connect to PuppetDB.
 
 Requires [puppetlabs/puppetdb](https://forge.puppetlabs.com/puppetlabs/puppetdb)
 
@@ -100,9 +89,9 @@ wrapper classes or even your ENC (if it supports param classes). For example:
 
 ```puppet
 # Agent and cron (or daemon):
-class { 'puppet': runmode => 'cron' }
+class { 'puppet': runmode => 'cron', agent_server_hostname => 'hostname' }
 
-# Agent and puppetmaster:
+# Agent and puppetserver:
 class { 'puppet': server => true }
 
 # You want to use git?
@@ -121,7 +110,7 @@ class { 'puppet':
   server_post_hook_content => 'puppetserver/post-hook.puppet',
 }
 
-# Configure master without Foreman integration
+# Configure server without Foreman integration
 class { 'puppet':
   server                => true,
   server_foreman        => false,
@@ -155,37 +144,29 @@ puppet apply install.pp --modulepath /path_to/extracted_tarball
 
 # Advanced scenarios
 
-An HTTP (non-SSL) puppetmaster instance can be set up (standalone or in addition to
+An HTTP (non-SSL) puppetserver instance can be set up (standalone or in addition to
 the SSL instance) by setting the `server_http` parameter to `true`. This is useful for
 reverse proxy or load balancer scenarios where the proxy/load balancer takes care of SSL
-termination. The HTTP puppetmaster instance expects the `X-Client-Verify`, `X-SSL-Client-DN`
+termination. The HTTP puppetserver instance expects the `X-Client-Verify`, `X-SSL-Client-DN`
 and `X-SSL-Subject` HTTP headers to have been set on the front end server.
 
 The listening port can be configured by setting `server_http_port` (which defaults to 8139).
 
 For puppetserver, this HTTP instance accepts **ALL** connections and no further restrictions can be configured.
 
-**Note that running an HTTP puppetmaster is a huge security risk when improperly
+**Note that running an HTTP puppetserver is a huge security risk when improperly
 configured. Allowed hosts should be tightly controlled; anyone with access to an allowed
 host can access all client catalogues and client certificates.**
 
 ```puppet
-# Configure an HTTP puppetmaster vhost in addition to the standard SSL vhost
+# Configure an HTTP puppetserver vhost in addition to the standard SSL vhost
 class { '::puppet':
   server               => true,
   server_http          => true,
   server_http_port     => 8130, # default: 8139
 }
 ```
 
-## Puppet Server configuration
-
-Puppet Server requires slightly different configuration between different
-versions, which this module supports. It's recommended that you set the
-`server_puppetserver_version` parameter to the MAJOR.MINOR.PATCH version
-you have installed. By default the module will configure for the latest
-version available.
-
 # Contributing
 
 * Fork the project

manifests/agent/config.pp

@@ -6,7 +6,7 @@
     'localconfig':       value => $puppet::localconfig;
     'default_schedules': value => $puppet::agent_default_schedules;
     'report':            value => $puppet::report;
-    'masterport':        value => $puppet::port;
+    'masterport':        value => $puppet::agent_server_port;
     'environment':       value => $puppet::environment;
     'splay':             value => $puppet::splay;
     'splaylimit':        value => $puppet::splaylimit;

manifests/config.pp

@@ -2,22 +2,21 @@
 # @api private
 class puppet::config (
   # lint:ignore:parameter_types
-  $allow_any_crl_auth  = $puppet::allow_any_crl_auth,
-  $auth_allowed        = $puppet::auth_allowed,
-  $auth_template       = $puppet::auth_template,
-  $ca_server           = $puppet::ca_server,
-  $ca_port             = $puppet::ca_port,
-  $dns_alt_names       = $puppet::dns_alt_names,
-  $module_repository   = $puppet::module_repository,
-  $pluginsource        = $puppet::pluginsource,
-  $pluginfactsource    = $puppet::pluginfactsource,
-  $puppet_dir          = $puppet::dir,
-  $puppetmaster        = $puppet::puppetmaster,
-  $syslogfacility      = $puppet::syslogfacility,
-  $srv_domain          = $puppet::srv_domain,
-  $use_srv_records     = $puppet::use_srv_records,
-  $additional_settings = $puppet::additional_settings,
-  $client_certname     = $puppet::client_certname,
+  $allow_any_crl_auth    = $puppet::allow_any_crl_auth,
+  $auth_allowed          = $puppet::auth_allowed,
+  $ca_server             = $puppet::ca_server,
+  $ca_port               = $puppet::ca_port,
+  $dns_alt_names         = $puppet::dns_alt_names,
+  $module_repository     = $puppet::module_repository,
+  $pluginsource          = $puppet::pluginsource,
+  $pluginfactsource      = $puppet::pluginfactsource,
+  $puppet_dir            = $puppet::dir,
+  $agent_server_hostname = $puppet::agent_server_hostname,
+  $syslogfacility        = $puppet::syslogfacility,
+  $srv_domain            = $puppet::srv_domain,
+  $use_srv_records       = $puppet::use_srv_records,
+  $additional_settings   = $puppet::additional_settings,
+  $client_certname       = $puppet::client_certname,
   # lint:endignore
 ) {
   puppet::config::main {
@@ -53,7 +52,7 @@
     }
   } else {
     puppet::config::main {
-      'server': value => pick($puppetmaster, $facts['networking']['fqdn']);
+      'server': value => pick($agent_server_hostname, $facts['networking']['fqdn']);
     }
   }
   if $pluginsource {
@@ -101,15 +100,4 @@
       }
     }
   }
-
-  if versioncmp($facts['puppetversion'], '7.0.0') >= 0 {
-    file { "${puppet_dir}/auth.conf":
-      ensure => absent,
-    }
-  } else {
-    file { "${puppet_dir}/auth.conf":
-      ensure  => file,
-      content => template($auth_template),
-    }
-  }
 }

manifests/config/master.pp → manifests/config/server.pp

@@ -1,21 +1,21 @@
-# Set a config entry in the [master] section
+# Set a config entry in the [server] section
 #
 # @param value
 #   The value for the config entry
 # @param key
 #   The key of the config entry
 # @param joiner
 #   How to join an array value into a string
-define puppet::config::master (
+define puppet::config::server (
   Variant[Array[String], Boolean, String, Integer] $value,
   String $key    = $name,
   String $joiner = ','
 ) {
-  puppet::config::entry { "master_${name}":
+  puppet::config::entry { "server_${name}":
     key          => $key,
     value        => $value,
     joiner       => $joiner,
-    section      => 'master',
+    section      => 'server',
     sectionorder => 3,
   }
 }