Puppet Class: sensu::rabbitmq::config

Defined in:
manifests/rabbitmq/config.pp

Summary

Sets the Sensu rabbitmq config

Overview

Sets the Sensu rabbitmq config



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
 
# File 'manifests/rabbitmq/config.pp', line 5

class sensu::rabbitmq::config {

  if $::sensu::_purge_config and !$::sensu::server and !$::sensu::client and !$::sensu::enterprise and $::sensu::transport_type != 'rabbitmq' {
    $ensure = 'absent'
  } else {
    $ensure = 'present'
  }

  $ssl_dir = "${sensu::etc_dir}/ssl"

  if $::sensu::rabbitmq_ssl_cert_chain or $::sensu::rabbitmq_ssl_private_key {
    file { $ssl_dir:
      ensure  => directory,
      owner   => $::sensu::user,
      group   => $::sensu::group,
      mode    => $::sensu::dir_mode,
      require => Package[$::sensu::package::pkg_title],
    }

    # if provided a cert chain, and its a puppet:// URI, source file form the
    # the URI provided
    if $::sensu::rabbitmq_ssl_cert_chain and $::sensu::rabbitmq_ssl_cert_chain =~ /^puppet:\/\// {
      file { "${ssl_dir}/cert.pem":
        ensure  => file,
        source  => $::sensu::rabbitmq_ssl_cert_chain,
        owner   => $::sensu::user,
        group   => $::sensu::group,
        mode    => $::sensu::file_mode,
        require => File[$ssl_dir],
        before  => Sensu_rabbitmq_config[$::fqdn],
      }

      $ssl_cert_chain = "${ssl_dir}/cert.pem"
    # else provided a cert chain, and the variable actually contains the cert,
    # create the file with conents of the variable
    } elsif $::sensu::rabbitmq_ssl_cert_chain and  $::sensu::rabbitmq_ssl_cert_chain =~ /BEGIN CERTIFICATE/ {
      file { "${ssl_dir}/cert.pem":
        ensure  => file,
        content => $::sensu::rabbitmq_ssl_cert_chain,
        owner   => $::sensu::user,
        group   => $::sensu::group,
        mode    => $::sensu::file_mode,
        require => File[$ssl_dir],
        before  => Sensu_rabbitmq_config[$::fqdn],
      }

      $ssl_cert_chain = "${ssl_dir}/cert.pem"
    # else set the cert to value passed in wholesale, usually this is
    # a raw file path
    } else {
      $ssl_cert_chain = $::sensu::rabbitmq_ssl_cert_chain
    }

    # if provided private key, and its a puppet:// URI, source file from the
    # URI provided
    if $::sensu::rabbitmq_ssl_private_key and $::sensu::rabbitmq_ssl_private_key =~ /^puppet:\/\// {
      file { "${ssl_dir}/key.pem":
        ensure    => file,
        source    => $::sensu::rabbitmq_ssl_private_key,
        owner     => $::sensu::user,
        group     => $::sensu::group,
        mode      => $::sensu::file_mode,
        show_diff => false,
        require   => File[$ssl_dir],
        before    => Sensu_rabbitmq_config[$::fqdn],
      }

      $ssl_private_key = "${ssl_dir}/key.pem"
    # else provided private key, and the variable actually contains the key,
    # create file with contents of the variable
    } elsif $::sensu::rabbitmq_ssl_private_key and $::sensu::rabbitmq_ssl_private_key =~ /BEGIN RSA PRIVATE KEY/ {
      file { "${ssl_dir}/key.pem":
        ensure    => file,
        content   => $::sensu::rabbitmq_ssl_private_key,
        owner     => $::sensu::user,
        group     => $::sensu::group,
        mode      => $::sensu::file_mode,
        show_diff => false,
        require   => File[$ssl_dir],
        before    => Sensu_rabbitmq_config[$::fqdn],
      }

      $ssl_private_key = "${ssl_dir}/key.pem"
    # else set the private key to value passed in wholesale, usually this is
    # a raw file path
    } else {
      $ssl_private_key = $::sensu::rabbitmq_ssl_private_key
    }
  } else {
    $ssl_cert_chain = undef
    $ssl_private_key = undef
  }

  if ($ssl_cert_chain and $ssl_cert_chain != '') or ($ssl_private_key and $ssl_private_key != '') {
    $enable_ssl = true
  } else {
    $enable_ssl = $::sensu::rabbitmq_ssl
  }

  file { "${sensu::conf_dir}/rabbitmq.json":
    ensure => $ensure,
    owner  => $::sensu::user,
    group  => $::sensu::group,
    mode   => $::sensu::file_mode,
    before => Sensu_rabbitmq_config[$::fqdn],
  }

  $has_cluster = !($::sensu::rabbitmq_cluster == undef or $::sensu::rabbitmq_cluster == [])
  $host = $has_cluster ? { false => $::sensu::rabbitmq_host, true => undef, }
  $port = $has_cluster ? { false => $::sensu::rabbitmq_port, true => undef, }
  $user = $has_cluster ? { false => $::sensu::rabbitmq_user, true => undef, }
  $password = $has_cluster ? { false => $::sensu::rabbitmq_password, true => undef, }
  $vhost = $has_cluster ? { false => $::sensu::rabbitmq_vhost, true => undef, }
  $ssl_transport = $has_cluster ? { false => $enable_ssl, true => undef, }
  $cert_chain = $has_cluster ? { false => $ssl_cert_chain, true => undef, }
  $private_key = $has_cluster ? { false => $ssl_private_key, true => undef, }
  $prefetch = $has_cluster ? { false => $::sensu::rabbitmq_prefetch, true => undef, }
  $base_path = $::sensu::conf_dir
  $cluster = $has_cluster ? { true => $::sensu::rabbitmq_cluster, false => undef, }
  $heartbeat = $has_cluster ? { false => $::sensu::rabbitmq_heartbeat, true => undef, }

  sensu_rabbitmq_config { $::fqdn:
    ensure          => $ensure,
    base_path       => $base_path,
    port            => $port,
    host            => $host,
    user            => $user,
    password        => $password,
    vhost           => $vhost,
    heartbeat       => $heartbeat,
    ssl_transport   => $enable_ssl,
    ssl_cert_chain  => $ssl_cert_chain,
    ssl_private_key => $ssl_private_key,
    prefetch        => $prefetch,
    cluster         => $cluster,
  }
}