Installs and configures Foreman, part of the Foreman installer or to be used as a Puppet module.
Many Foreman plugins can be installed by adding additional foreman::plugin::*
classes, extra compute resource support via foreman::compute::*
classes and
the Hammer CLI can be installed by adding foreman::cli
.
By default, it configures Foreman to run as a standalone service fronted by Apache as a reverse proxy with a PostgreSQL database.
The web interface is configured to use Puppet's SSL certificates by default, so
ensure they're present first, reconfigure server_ssl_*
or disable the ssl
parameter. When used with the 'puppet' module, it will generate a new CA and
the required certificate.
Lots of parameters are supplied to tune the default installation, which may be found in the class documentation at the top of each manifest.
Other modules may be used in combination with this one: puppet for managing a Puppet master and agent, and foreman_proxy to configure Foreman's Smart Proxy and related services.
The default database is PostgreSQL, which will be fully installed and managed
on the host this module is applied to. Databases will be created with using the
en_US.utf8
locale, which means a respective OS locale must be available on
the database host. The database management can be disabled with db_manage
.
Foreman supports different backends as Rails cache. This is handled by this
module using the parameter rails_cache_store
. The parameter takes a hash
containing the type and options specfic to the backend.
The default is the file backend, configured via {'type' => 'file'}
. To
setup for redis use a hash similar to {'type' => 'redis', 'urls' => ['localhost:8479/4'], 'options' => {'compress' => 'true', 'namespace' => 'foreman'}}
where urls
takes an array of redis urls which get prepended with redis://
and options
using a hash with options from rails
falling back to {'compress' => 'true', 'namespace' => 'foreman'}
if no
option is provided.
An example configuration for activating the redis backend with a local instance could look like this:
class { 'foreman':
rails_cache_store => {
'type' => 'redis',
'urls' => ['localhost:8479/4'],
'options' => {
'compress' => 'true',
'namespace' => 'foreman'
}
}
}
At any time, the module supports two releases, however the previous version may require parameters to be changed from their default values. These should be noted below.
Thus 'master' will support the upcoming major version and the current stable. The latest release (git tag, Puppet Forge) should support current and the previous stable release.
This module targets Foreman 3.1+. The module can not be used to manage Foreman installations on EL7.
This module configures Apache to serve static assets from
/var/lib/foreman/public
directly. This requires an appropriate
SELinux policy, like the one introduced in foreman-selinux
version 3.5.
Additionally, some plugin packages might be incomplatible with such
a deployment. To serve assets via Rails again, set
foreman::config::apache::proxy_assets
to true
.
foreman_config_entry
can be used to manage settings in Foreman's database, as
seen in Administer > Settings. The cli
provider uses foreman-rake
to change settings.
foreman_smartproxy
can create and manage registered smart proxies in
Foreman's database. The rest_v3
provider uses the API with Ruby's HTTP library, OAuth and JSON.
foreman_hostgroup
can be used to create and destroy hostgroups. Nested hostgroups are supported
and hostgroups can be assigned to locations/organizations.
The type currently doesn't support other properties such as environment
, puppet classes
etc.
There is a function foreman::enc
to retrieve the ENC data. This returns the
data as a hash and can be used in Hiera. This requires the URL to use the
Puppet CA infrastructure:
---
version: 5
hierarchy:
- name: "Foreman ENC"
data_hash: foreman::enc
options:
url: https://foreman.example.com
It is also possible to use HTTP basic auth by adding a username/password to the
URL in the form of https://username:password@foreman.example.com
.
Then within your manifests you can use lookup
. For example, in
manifests/site.pp
:
node default {
lookup('classes', {merge => unique}).include
}
See the CONTRIBUTING.md file for much more information.
Adding new foreman::plugin::*
classes is a very useful place to start
contributing to this module.
See https://theforeman.org or at #theforeman irc channel on freenode
Copyright (c) 2010-2013 Ohad Levy and their respective owners
Except where specified in provided modules, this program and entire repository is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see https://www.gnu.org/licenses/.