|
1 | | -# this class installs nginx with unicorn in front of puppetmaster |
2 | | -# tested only on centos 7 |
| 1 | +# Class: puppet::unicorn |
| 2 | +# |
| 3 | +# Parameters: |
| 4 | +# none |
| 5 | +# |
| 6 | +# Actions: |
| 7 | +# - Configures nginx and unicorn for puppet master use. Tested only on CentOS 7 |
| 8 | +# |
| 9 | +# Requires: |
| 10 | +# - nginx |
| 11 | +# |
| 12 | +# Sample Usage: |
| 13 | +# class {'puppet::unicorn':} |
| 14 | +# |
| 15 | +# written by Tim 'bastelfreak' Meusel |
| 16 | +# with big help from Rob 'rnelson0' Nelson |
3 | 17 |
|
4 | 18 | class puppet::unicorn () { |
5 | 19 | include nginx |
6 | 20 | # install unicorn |
7 | | - package {'gcc': |
8 | | - ensure => 'latest', |
9 | | - } -> |
10 | | - package {'ruby-devel': |
| 21 | + package {['ruby-devel', 'gcc']: |
11 | 22 | ensure => 'latest', |
12 | 23 | } -> |
13 | 24 | package {['unicorn', 'rack']: |
|
21 | 32 | file {'unicorn-conf': |
22 | 33 | path => '/etc/puppet/unicorn.conf', |
23 | 34 | source => 'puppet:///modules/puppet/unicorn.conf', |
24 | | - |
25 | 35 | } -> |
26 | 36 | file {'unicorn-service': |
27 | 37 | path => '/usr/lib/systemd/system/unicorn-puppetmaster.service', |
|
32 | 42 | command => '/usr/bin/systemctl daemon-reload', |
33 | 43 | refreshonly => true, |
34 | 44 | notify => Service['unicorn-puppetmaster'], |
35 | | - } -> |
| 45 | + } |
36 | 46 | unless defined(Service['unicorn-puppetmaster']) { |
37 | 47 | service{'unicorn-puppetmaster': |
38 | 48 | ensure => 'running', |
39 | 49 | enable => true, |
| 50 | + require => Exec['systemd-reload'], |
| 51 | + } |
| 52 | + } |
| 53 | + # update SELinux |
| 54 | + if $selinux_config_mode == 'enforcing' { |
| 55 | + file{'get-SEL-policy': |
| 56 | + path => '/usr/share/selinux/targeted/nginx.pp', |
| 57 | + source => 'puppet:///modules/puppet/nginx.pp', |
| 58 | + } -> |
| 59 | + package {'policycoreutils': |
| 60 | + ensure => 'latest', |
| 61 | + } -> |
| 62 | + selmodule{'nginx': |
| 63 | + ensure => 'present', |
| 64 | + syncversion => true, |
40 | 65 | } |
41 | 66 | } |
42 | 67 | # hacky vhost |
|
49 | 74 | path => '/etc/nginx/sites-enabled/puppetmaster', |
50 | 75 | target => '/etc/nginx/sites-available/puppetmaster', |
51 | 76 | notify => Service['nginx'], |
52 | | - } -> |
| 77 | + } |
53 | 78 | unless defined(Service['nginx']) { |
54 | 79 | service{'nginx': |
55 | 80 | ensure => 'running', |
56 | 81 | enable => true, |
| 82 | + require => File['enable-puppetmaster-vhost'], |
57 | 83 | } |
58 | 84 | } |
59 | 85 | } |
|
0 commit comments