hdm: HDM installation main class
hdm::docker: Manage HDM using Dockerhdm::rvm: Manage HDM using RVM
Hdm::Gitdata: type to enforce git settings for HDMHdm::Ldap_settings: type to enforce ldap settings for HDMHdm::Puppetdb: type to enforce puppetdb settings for HDM
This class controls the installation of HDM
include hdmThe following parameters are available in the hdm class:
methodmanage_dockerversioncontainer_registry_urlruby_versionportbind_iphostnametimezonehdm_pathsecret_key_basegit_urlusergrouppuppetdb_settingspuppet_dirpuppet_code_dirdisable_authenticationallow_encryptionread_onlygit_dataldap_settingsldap_bind_dn_passwordhdm_hiera_config_filecustom_lookup_function
Data type: Enum['docker', 'rvm']
Select the installation method. Available methods: docker, rvm When using rvm we install rvm into system and add the bundler gem.
Default value: 'docker'
Data type: Boolean
Set to false if this module should NOT also include the docker class (without any arguments) Please note that the docker module only works on Debian, RedHat and windows systems. SLES users must install and start docker via puppet package and service resource.
Default value: true
Data type: String[1]
Select the version to deploy. Version is the image tag name when using docker and the git tag when using rvm Please find the releases on HDM website: https://github.com/betadots/hdm/releases
Default value: '3.0.0'
Data type: String[1]
Configure another registry. Contains the host, path and container name. The version is set via the version parameter. e.g. ghcr.io/betadots/hdm
Default value: 'ghcr.io/betadots/hdm'
Data type: String[1]
Select the ruby version when installing using rvm Please check hdm ruby version requirement
Default value: '3.3.1'
Data type: Stdlib::Port
The port where HDM should run on
Default value: 3000
Data type: Stdlib::IP::Address::Nosubnet
The ip address to bind the process to
Default value: '0.0.0.0'
Data type: String[1]
The HDM webservice hostname
Default value: $facts['networking']['fqdn']
Data type: String[1]
THe timezone to use when running with docker
Default value: $facts['timezone']
Data type: Stdlib::Unixpath
Path where one wants to install and configure hdm
Default value: '/etc/hdm'
Data type: String[1]
A secret key. Key can be generated using openssl rand -hex 16
Default value: '7a8509ab31fdb0c15c71c941d089474a'
Data type: String[1]
The git URL to clone the hdm repo from
Default value: 'https://github.com/betadots/hdm.git'
Data type: String[1]
The hdm user name
Default value: 'hdm'
Data type: String[1]
The hdm group name
Default value: 'hdm'
Data type: Hdm::Puppetdb
A hash to provide information on how HDM can connect to puppetdb The following options are possible: Plain text (default)
{
'server' => 'http://localhost:8080',
}
Using PE token:
{
'server' => 'https://localhost:8081',
'token' => '/etc/hdm/puppetdb.token',
'cacert' => '<path to cacert>',
}
Using SSL cert:
{
'server' => 'https://localhost:8081',
'pem' => {
'key' => '/etc/hdm/ssl.key',
'cert' => '/etc/hdm/ssl.cert',
'ca_file' => '/etc/hdm/ssl.ca',
},
}
Default value: { 'server' => 'http://localhost:8080', }
Data type: Stdlib::Unixpath
The path where HDM can find the global hiera.yaml file defaults to '/etc/puppetlabs'
Default value: '/etc/puppetlabs'
Data type: Stdlib::Unixpath
The path where HDM can find deployed Puppet environments (similar to puppet config code_dir) defaults to '/etc/puppetlabs/code'
Default value: '/etc/puppetlabs/code'
Data type: Boolean
Disable user and login This makes HDM available to anyone.
Default value: false
Data type: Boolean
Specify if HDM should use EYAML Needs HDM access to EYAML keys (public and private) Values for keys are taken from hiera.yaml file and can not be set individually.
Default value: false
Data type: Boolean
Set to false if you want the ability to change data via HDM webfrontend. WARNING!! setting to true is untested!!! Changes are stored via GIT. Setting this to true also needs the git_data Array parameter
Default value: true
Data type: Optional[Hdm::Gitdata]
Configure several settings related to the option to modify data via Webfrontend. WARNING!! untested!! Required Array of hash data:
[
{
'datadir' => 'modules/hieradata/data',
'git_url' => 'git@server:path/repo.git',
'path_in_repo' => 'data',
'ssh_priv_key' => '.ssh/id_rsa',
}
]
Default value: undef
Data type: Optional[Hdm::Ldap_settings]
Config for LDAP integration Needs the following Hash:
{
'host' => 'localhost',
'port' => 389,
'base_dn' => 'ou=hdm,dc=nodomain',
'bind_dn' => 'cn=admin,dc=nodomain',
'bind_dn_password' => 'openldap', # clear text
'ldaps' => false,
}
Default value: undef
Data type: Optional[Sensitive[String[1]]]
set sensitive password for ldap bind
Default value: undef
Data type: String[1]
Set to another file if you want HDM to not use hiera.yaml.
Default value: 'hiera.yaml'
Data type: Hash[String[1],Enum['yaml', 'eyaml']]
If you use your own developed hiera lookup function, HDM needs to know if the function returns yaml or eyaml data. Example:
{
'functon_name' => '<yaml|eyaml>'
}
Default value: `{}`
## Data types
### <a name="Hdm--Gitdata"></a>`Hdm::Gitdata`
type to enforce git settings for HDM
Alias of
```puppet
Array[Struct[
{
datadir => Stdlib::Unixpath,
git_url => String[1],
path_in_repo => String[1],
Optional[ssh_priv_key] => String[1],
}
]]
type to enforce ldap settings for HDM
Alias of
Struct[{
'host' => Stdlib::Host,
'port' => Stdlib::Port,
'base_dn' => String[1],
'bind_dn' => String[1],
'bind_dn_password' => Optional[Variant[Sensitive[String[1]],String[1]]],
'ldaps' => Boolean,
}]type to enforce puppetdb settings for HDM
Alias of
Struct[{
server => Stdlib::Httpurl,
Optional[pem] => Struct[
{
key => Stdlib::Unixpath,
cert => Stdlib::Unixpath,
ca_file => Stdlib::Unixpath,
}
],
Optional[token] => Stdlib::Unixpath,
Optional[cacert] => Stdlib::Unixpath,
}]