Puppet Class: sensu

Defined in:
manifests/init.pp

Summary

Base Sensu class

Overview

This is the main Sensu class

Parameters:

  • version (String) (defaults to: 'installed')

    Version of Sensu to install. Defaults to installed to support Windows MSI packaging and to avoid surprising upgrades.

  • etc_dir (Stdlib::Absolutepath) (defaults to: '/etc/sensu')

    Absolute path to the Sensu etc directory.

  • ssl_dir (Stdlib::Absolutepath) (defaults to: '/etc/sensu/ssl')

    Absolute path to the Sensu ssl directory.

  • manage_user (Boolean) (defaults to: true)

    Boolean that determines if sensu user should be managed

  • user (String) (defaults to: 'sensu')

    User used by sensu services

  • manage_group (Boolean) (defaults to: true)

    Boolean that determines if sensu group should be managed

  • group (String) (defaults to: 'sensu')

    User group used by sensu services

  • etc_dir_purge (Boolean) (defaults to: true)

    Boolean to determine if the etc_dir should be purged such that only Puppet managed files are present.

  • ssl_dir_purge (Boolean) (defaults to: true)

    Boolean to determine if the ssl_dir should be purged such that only Puppet managed files are present.

  • manage_repo (Boolean) (defaults to: true)

    Boolean to determine if software repository for Sensu should be managed.

  • use_ssl (Boolean) (defaults to: true)

    Sensu backend service uses SSL

  • ssl_ca_source (Optional[String]) (defaults to: $facts['puppet_localcacert'])

    Source of SSL CA used by sensu services This parameter is mutually exclusive with ssl_ca_content

  • ssl_ca_content (Optional[String]) (defaults to: undef)

    Content of SSL CA used by sensu services This parameter is mutually exclusive with ssl_ca_source

  • api_host (String) (defaults to: $trusted['certname'])

    Sensu backend host used to configure sensuctl and verify API access.

  • api_port (Stdlib::Port) (defaults to: 8080)

    Sensu backend port used to configure sensuctl and verify API access.

  • password (String) (defaults to: 'P@ssw0rd!')

    Sensu backend admin password used to confiure sensuctl.

  • agent_password (String) (defaults to: 'P@ssw0rd!')

    The sensu agent password

  • agent_entity_config_password (Optional[String]) (defaults to: undef)

    The password used when configuring Sensu Agent entity config items Defaults to value used for agent_password.

  • validate_namespaces (Boolean) (defaults to: true)

    Determines if sensuctl and sensu_api types will validate their namespace exists

  • validate_api (Boolean) (defaults to: true)

    Determines if Sensu API is validated



65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
 
# File 'manifests/init.pp', line 65

class sensu (
  String $version = 'installed',
  Stdlib::Absolutepath $etc_dir = '/etc/sensu',
  Stdlib::Absolutepath $ssl_dir = '/etc/sensu/ssl',
  Boolean $manage_user = true,
  String $user = 'sensu',
  Boolean $manage_group = true,
  String $group = 'sensu',
  Boolean $etc_dir_purge = true,
  Boolean $ssl_dir_purge = true,
  Boolean $manage_repo = true,
  Boolean $use_ssl = true,
  Optional[String] $ssl_ca_source = $facts['puppet_localcacert'],
  Optional[String] $ssl_ca_content = undef,
  String $api_host = $trusted['certname'],
  Stdlib::Port $api_port = 8080,
  String $password = 'P@ssw0rd!',
  String $agent_password = 'P@ssw0rd!',
  Optional[String] $agent_entity_config_password = undef,
  Boolean $validate_namespaces = true,
  Boolean $validate_api = true,
) {

  if $ssl_ca_content {
    $_ssl_ca_source = undef
  } else {
    $_ssl_ca_source = $ssl_ca_source
  }
  if $use_ssl and !($_ssl_ca_source or $ssl_ca_content) {
    fail('sensu: ssl_ca_source or ssl_ca_content must be defined when use_ssl is true')
  }

  if $facts['os']['family'] == 'windows' {
    # dirname can not handle back slashes so convert to forward slash then back to back slash
    $etc_dir_fixed = regsubst($etc_dir, '\\\\', '/', 'G')
    $etc_parent_dirname = dirname($etc_dir_fixed)
    $etc_parent_dir = regsubst($etc_parent_dirname, '/', '\\\\', 'G')
    $sensu_user = undef
    $sensu_group = undef
    $directory_mode = undef
    $file_mode = undef
    $trusted_ca_file_path = "${ssl_dir}\\ca.crt"
    $agent_config_path = "${etc_dir}\\agent.yml"
  } else {
    $etc_parent_dir = undef
    $sensu_user = $user
    $sensu_group = $group
    $directory_mode = '0755'
    $file_mode = '0640'
    $join_path = '/'
    $trusted_ca_file_path = "${ssl_dir}/ca.crt"
    $agent_config_path = "${etc_dir}/agent.yml"
  }

  if $use_ssl {
    $api_protocol = 'https'
    $trusted_ca_file = $trusted_ca_file_path
  } else {
    $api_protocol = 'http'
    $trusted_ca_file = 'absent'
  }
  $api_url = "${api_protocol}://${api_host}:${api_port}"

  $_agent_entity_config_password = pick($agent_entity_config_password, $agent_password)

  case $facts['os']['family'] {
    'RedHat': {
      $os_package_require = []
    }
    'Debian': {
      $os_package_require = [Class['apt::update']]
    }
    'windows': {
      $os_package_require = []
    }
    default: {
      fail("Detected osfamily <${facts['os']['family']}>. Only RedHat, Debian and Windows are supported.")
    }
  }

  # $package_require is used by sensu::agent and sensu::backend
  # package resources
  if $manage_repo {
    $package_require = [Class['sensu::repo']] + $os_package_require
  } else {
    $package_require = undef
  }

  include sensu::resources

}