Version information
This version is compatible with:
- Puppet Enterprise 2023.8.x, 2023.7.x, 2023.6.x, 2023.5.x, 2023.4.x, 2023.3.x, 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x
- Puppet >= 7.0.0 < 9.0.0
- , , , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'puppet-puppetboard', '11.0.0'
Learn more about managing modules with a PuppetfileDocumentation
puppetboard
Table of Contents
- Overview
- Setup
- Usage
- Number of Reports
- Offline Mode
- Set Default Environment
- Disable SELinux Management
- Apache
- Using SSL to the PuppetDB host
- Development
Overview
Puppet module for installing and managing Puppetboard.
Puppetboard is a web interface to PuppetDB aiming to replace the reporting functionality of Puppet Enterprise console (previously: Puppet Dashboard) for the open source Puppet.
Setup
Installation
puppet module install puppet-puppetboard
Dependencies
Note that this module no longer explicitly requires the puppetlabs apache module. If you want to use the apache functionality of this module you will have to specify that the apache module is installed with:
puppet module install puppetlabs-apache
In most cases the module requires the virtualenv
package. This can be enabled in the module with the manage_virtualenv
flag set to true
:
class { 'puppetboard':
manage_virtualenv => true,
secret_key => fqdn_rand_string(32),
}
If the virtualenv is managed by this module, the voxpupuli/python will be used. That module uses voxpupuli/epel on RHEL based platforms.
Usage
Declare the base puppetboard manifest with the below required parameter(s), set to the values you want to use:
class { 'puppetboard':
python_version => '3.9',
secret_key => fqdn_rand_string(32),
}
This will install the latest stable version of the app from a PyPI package in a virtualenv created using the requested Python version and keep it up to date. This example secret key is fine if you have a single-node deployment of the app. If you have a multi-node deployment, you should generate a secret key and use the same one on all nodes.
Number of Reports
NOTE: In order to have reports present in the dashboard, report storage must be enabled on the Puppet master node. This is not the default behavior, so it must be enabled.
See https://puppet.com/docs/puppetdb/latest/connect_puppet_server.html#enabling-report-storage for instructions on report storage.
By default, puppetboard displays only 10 reports. This number can be controlled to set the number of reports to show.
class { 'puppetboard':
python_version => '3.9',
secret_key => fqdn_rand_string(32),
reports_count => 40,
}
Offline Mode
If you are running puppetboard in an environment which does not have network access to public CDNs, puppet board can load static assets (jquery, semantic-ui, tablesorter, etc) from the local web server instead of a CDN:
class { 'puppetboard':
python_version => '3.9',
secret_key => fqdn_rand_string(32),
offline_mode => true,
}
Set Default Environment
By default, puppetboard defaults to "production" environment. This can be set to default to a different environment.
class { 'puppetboard':
python_version => '3.9',
secret_key => fqdn_rand_string(32),
default_environment => 'customers',
}
or to default to "All environments":
class { 'puppetboard':
python_version => '3.9',
secret_key => fqdn_rand_string(32),
default_environment => '*',
}
Disable SELinux Management
class { 'puppetboard':
python_version => '3.9',
secret_key => fqdn_rand_string(32),
manage_selinux => false,
}
If manage_selinux is true, manage policies related to SELinux. If false, do nothing. By default, this module will try to determine if SELinux is enabled, and manage the policies if it is.
Apache
If you want puppetboard accessible through Apache and you're able to use the
official puppetlabs/apache
Puppet module, this module contains two classes
to help configuration.
The first, puppetboard::apache::vhost
, will use the apache::vhost
defined-type to create a full virtual host. This is useful if you want
puppetboard to be available under an address like http://pboard.example.com:
(The following is generic code used in our tests, it works on Debian 9 and 10, also on Ubuntu 16.04 and 18.04. It will talk to PuppetDB on localhost via http)
# Configure Apache on this server
class { 'apache':
default_vhost => false,
}
# Configure Puppetboard
class { 'puppetboard':
python_version => '3.9',
secret_key => fqdn_rand_string(32),
manage_virtualenv => true,
}
# Access Puppetboard through pboard.example.com
class { 'puppetboard::apache::vhost':
vhost_name => 'pboard.example.com',
port => 80,
}
The second, puppetboard::apache::conf
, will create an entry in
/etc/apache2/conf.d
(or /etc/httpd/conf.d
, depending on your distribution).
This is useful if you simply want puppetboard accessible from
http://example.com/puppetboard:
# Configure Puppetboard
class { 'puppetboard':
python_version => '3.9',
secret_key => fqdn_rand_string(32),
}
# Access Puppetboard from example.com/puppetboard
class { 'puppetboard::apache::conf': }
Apache (with Reverse Proxy)
You can also relocate puppetboard to a sub-URI of a Virtual Host. This is useful if you want to reverse-proxy puppetboard, but are not planning on dedicating a domain just for puppetboard:
class { 'puppetboard::apache::vhost':
vhost_name => 'dashes.acme',
wsgi_alias => '/pboard',
}
In this case puppetboard will be available (on the default) on http://dashes.acme:5000/pboard. You can then reverse-proxy to it like so:
Redirect /pboard /pboard/
ProxyPass /pboard/ http://dashes.acme:5000/pboard/
ProxyPassReverse /pboard/ http://dashes.acme:5000/pboard/
Using the puppetlabs/apache module:
apache::vhost { 'example.acme':
port => '80',
docroot => '/var/www/html',
redirect_source => [ '/pboard' ],
redirect_dest => [ '/pboard/' ],
proxy_pass => [
{
'path' => '/pboard/',
'url' => 'http://dashes.acme:5000/pboard/',
},
],
}
Using SSL to the PuppetDB host
If you would like to use certificate auth into the PuppetDB service you must configure puppetboard to use a client certificate and private key.
You have two options for the source of the client certificate & key:
- Generate a new certificate, signed by the puppetmaster CA
- Use the existing puppet client certificate
If you choose option 1, generate the new certificates on the CA puppet master as follows:
sudo puppet cert generate puppetboard.example.com
Note: this name cannot conflict with an existing certificate name.
The new certificate and private key can be found in $certdir/.pem and $privatekeydir/.pem on the CA puppet master. If you are not running puppetboard on the CA puppet master you will need to copy the certificate and key to the node running puppetboard.
Here's an example, using new certificates:
$ssl_dir = '/var/lib/puppetboard/ssl'
$puppetboard_certname = 'puppetboard.example.com'
class { 'puppetboard':
python_version => '3.9',
secret_key => fqdn_rand_string(32),
manage_virtualenv => true,
puppetdb_host => 'puppetdb.example.com',
puppetdb_port => 8081,
puppetdb_key => "${ssl_dir}/private_keys/${puppetboard_certname}.pem",
puppetdb_ssl_verify => "${ssl_dir}/certs/ca.pem",
puppetdb_cert => "${ssl_dir}/certs/${puppetboard_certname}.pem",
}
If you are re-using the existing puppet client certificates, they will already exist on the node (assuming puppet has been run and the client cert signed by the puppet master). However, the puppetboaard user will not have permission to read the private key unless you add it to the puppet group.
Here's a complete example, re-using the puppet client certs:
$ssl_dir = $::settings::ssldir
$puppetboard_certname = $::certname
class { 'puppetboard':
python_version => '3.9',
secret_key => fqdn_rand_string(32),
manage_virtualenv => true,
groups => 'puppet',
puppetdb_host => 'puppetdb.example.com',
puppetdb_port => 8081,
puppetdb_key => "${ssl_dir}/private_keys/${puppetboard_certname}.pem",
puppetdb_ssl_verify => "${ssl_dir}/certs/ca.pem",
puppetdb_cert => "${ssl_dir}/certs/${puppetboard_certname}.pem",
}
Note that both the above approaches only work if you have the Puppet CA root certificate added to the root certificate authority file used by your operating system. If you want to specify the location to the Puppet CA file ( you probably do) you have to use the syntax below. Currently this is a bit of a gross hack, but it's an open issue to resolve it in the Puppet module:
$ssl_dir = $::settings::ssldir
$puppetboard_certname = $::certname
class { 'puppetboard':
python_version => '3.9',
secret_key => fqdn_rand_string(32),
manage_virtualenv => true,
groups => 'puppet',
puppetdb_host => 'puppetdb.example.com',
puppetdb_port => 8081,
puppetdb_key => "${ssl_dir}/private_keys/${puppetboard_certname}.pem",
puppetdb_ssl_verify => "${ssl_dir}/certs/ca.pem",
puppetdb_cert => "${ssl_dir}/certs/${puppetboard_certname}.pem",
}
Using SSL to PuppetDB >= 6.9.1
As of PuppetDB 6.9.1
the /metrics/v2
API is only accessible on the loopback/localhost
interface of the PuppetDB server. This requires you to run puppetboard
locally on
that host and configure puppetdb_host
to 127.0.0.1
:
$ssl_dir = $::settings::ssldir
$puppetboard_certname = $::certname
class { 'puppetboard':
python_version => '3.9',
secret_key => fqdn_rand_string(32),
manage_virtualenv => true,
groups => 'puppet',
puppetdb_host => '127.0.0.1',
puppetdb_port => 8081,
puppetdb_key => "${ssl_dir}/private_keys/${puppetboard_certname}.pem",
puppetdb_ssl_verify => "${ssl_dir}/certs/ca.pem",
puppetdb_cert => "${ssl_dir}/certs/${puppetboard_certname}.pem",
}
NOTE In order for SSL to verify properly in this setup, you'll need your
Puppet SSL certificate to have an IP Subject Alternative Name setup
for 127.0.0.1
, otherwise the certificate verification will fail.
You can set this up in your puppet.conf
with the dns_alt_names
configuration option, documented here.
[main]
dns_alt_names = puppetdb,puppetdb.domain.tld,puppetboard,puppetboard.domain.tld,IP:127.0.0.1
NOTE If you need to regenerate your existing cert to add DNS Alt Names follow the documentation here:
# remove the existing agent certs
puppetserver ca clean --certname <CERTNAME_OF_YOUR_PUPPETDB>
puppet ssl clean
# stop our services
puppet resource service puppetserver ensure=stopped
puppet resource service puppetdb ensure=stopped
# regenerate our cert
puppetserver ca generate --certname <CERTNAME> --subject-alt-names puppetdb,puppetdb.domain.tld,puppetboard,puppetboard.domain.tld,IP:127.0.0.1 --ca-client
# copy the cert into the PuppetDB directory
cp /etc/puppetlabs/puppet/ssl/certs/<CERTNAME>.pem /etc/puppetlabs/puppetdb/ssl/public.pem
cp /etc/puppetlabs/puppet/ssl/private_keys/<CERTNAME>.pem /etc/puppetlabs/puppetdb/ssl/private.pem
# restart our services
puppet resource service puppetdb ensure=running
puppet resource service puppetserver ensure=running
Development
This module is maintained by Vox Pupuli. Vox Pupuli welcomes new contributions to this module, especially those that include documentation and rspec tests. We are happy to provide guidance if necessary.
Please see CONTRIBUTING for more details.
Please log tickets and issues on github.
Authors
- Spencer Krum krum.spencer@gmail.com
- Vox Pupuli Team
- The core of this module was based on Hunter Haugen's puppetboard-vagrant repo.
Reference
Table of Contents
Classes
puppetboard
: Base class for Puppetboard. Sets up the user and python environment.puppetboard::apache::conf
: Creates an entry in your apache configuration directory to run PuppetBoard server-wide (i.e. not in a vhost).puppetboard::apache::vhost
: Sets up an apache::vhost to run PuppetBoard, and writes an appropriate wsgi.py from template
Data types
Puppetboard::Syslogpriority
: type for the different Python log levels
Classes
puppetboard
class { 'puppetboard': user => 'pboard', group => 'pboard', basedir => '/www/puppetboard' } -> class { 'puppetboard::apache::conf': user => 'pboard', group => 'pboard', basedir => '/www/puppetboard' }
Examples
configure puppetboard with an apache config for a subpath (http://$fqdn/puppetboard)
Parameters
The following parameters are available in the puppetboard
class:
install_from
user
homedir
group
groups
basedir
git_source
puppetdb_host
puppetdb_port
puppetdb_key
puppetdb_ssl_verify
puppetdb_cert
puppetdb_timeout
unresponsive
enable_catalog
enable_query
offline_mode
localise_timestamp
python_loglevel
python_proxy
python_index
python_systempkgs
default_environment
revision
version
use_pre_releases
manage_git
manage_virtualenv
python_version
virtualenv_dir
manage_user
manage_group
package_name
manage_selinux
reports_count
settings_file
extra_settings
override
enable_ldap_auth
ldap_require_group
apache_confd
apache_service
secret_key
install_from
Data type: Enum['package', 'pip', 'vcsrepo']
Specify how the app should be installed
Default value: 'pip'
user
Data type: String
Puppetboard system user.
Default value: 'puppetboard'
homedir
Data type: Optional[Stdlib::Absolutepath]
Puppetboard system user's home directory.
Default value: undef
group
Data type: String
Puppetboard system group.
Default value: 'puppetboard'
groups
Data type: Optional[Variant[String[1], Array[String[1]]]]
additional groups for the user that runs puppetboard
Default value: undef
basedir
Data type: Stdlib::AbsolutePath
Base directory where to build puppetboard vcsrepo and python virtualenv.
Default value: '/srv/puppetboard'
git_source
Data type: String
Location of upstream Puppetboard GIT repository
Default value: 'https://github.com/voxpupuli/puppetboard'
puppetdb_host
Data type: String
PuppetDB Host
Default value: '127.0.0.1'
puppetdb_port
Data type: Stdlib::Port
PuppetDB Port
Default value: 8080
puppetdb_key
Data type: Optional[Stdlib::AbsolutePath]
path to PuppetMaster/CA signed client SSL key
Default value: undef
puppetdb_ssl_verify
Data type: Variant[Boolean, Stdlib::AbsolutePath]
whether PuppetDB uses SSL or not (true or false), or the path to the puppet CA
Default value: false
puppetdb_cert
Data type: Optional[Stdlib::AbsolutePath]
path to PuppetMaster/CA signed client SSL cert
Default value: undef
puppetdb_timeout
Data type: Integer[0]
timeout, in seconds, for connecting to PuppetDB
Default value: 20
unresponsive
Data type: Integer[0]
number of hours after which a node is considered "unresponsive"
Default value: 3
enable_catalog
Data type: Boolean
Whether to allow the user to browser catalog comparisons.
Default value: false
enable_query
Data type: Boolean
Whether to allow the user to run raw queries against PuppetDB.
Default value: true
offline_mode
Data type: Boolean
Weather to load static assents (jquery, semantic-ui, tablesorter, etc)
Default value: false
localise_timestamp
Data type: Boolean
Whether to localise the timestamps in the UI.
Default value: true
python_loglevel
Data type: Puppetboard::Syslogpriority
Python logging module log level.
Default value: 'info'
python_proxy
Data type: Optional[String[1]]
HTTP proxy server to use for pip/virtualenv.
Default value: undef
python_index
Data type: Optional[String[1]]
HTTP index server to use for pip/virtualenv.
Default value: undef
python_systempkgs
Data type: Boolean
Python system packages available in virtualenv.
Default value: false
default_environment
Data type: String[1]
set the default environment
Default value: 'production'
revision
Data type: Optional[String]
Commit, tag, or branch from Puppetboard's Git repo to be used
Default value: undef
version
Data type: Variant[Enum['latest'], String[1]]
PyPI package version to be installed
Default value: 'latest'
use_pre_releases
Data type: Boolean
if version is set to 'latest', then should pre-releases be used too?
Default value: false
manage_git
Data type: Boolean
If true, require the git package. If false do nothing.
Default value: false
manage_virtualenv
Data type: Boolean
If true, require the virtualenv package. If false do nothing.
Default value: false
python_version
Data type: Python::Version
Python version to use in virtualenv.
virtualenv_dir
Data type: Stdlib::Absolutepath
Set location where virtualenv will be installed
Default value: "${basedir}/virtenv-puppetboard"
manage_user
Data type: Boolean
If true, manage (create) this group. If false do nothing.
Default value: true
manage_group
Data type: Boolean
If true, manage (create) this group. If false do nothing.
Default value: true
package_name
Data type: Optional[String[1]]
Name of the package to install puppetboard
Default value: undef
manage_selinux
Data type: Boolean
If true, manage selinux policies for puppetboard. If false do nothing.
Default value: pick($facts['os.selinux.enabled'], false)
reports_count
Data type: Integer[0]
This is the number of reports that we want the dashboard to display.
Default value: 10
settings_file
Data type: Stdlib::Absolutepath
Path to puppetboard configuration file
Default value: "${basedir}/puppetboard/settings.py"
extra_settings
Data type: Hash
Defaults to an empty hash '{}'. Used to pass in arbitrary key/value
Default value: {}
override
Data type: Variant[Array[String[1]], String[1]]
Sets the Apache AllowOverride value
Default value: ['None']
enable_ldap_auth
Data type: Boolean
Whether to enable LDAP auth
Default value: false
ldap_require_group
Data type: Boolean
LDAP group to require on login
Default value: false
apache_confd
Data type: Stdlib::Absolutepath
path to the apache2 vhost directory
apache_service
Data type: String[1]
name of the apache2 service
secret_key
Data type: Optional[String[1]]
used for CSRF prevention and more. It should be a long, secret string, the same for all instances of the app. Required since Puppetboard 5.0.0.
Default value: undef
puppetboard::apache::conf
Creates an entry in your apache configuration directory to run PuppetBoard server-wide (i.e. not in a vhost).
- Note Make sure you have purge_configs set to false in your apache class!
Parameters
The following parameters are available in the puppetboard::apache::conf
class:
wsgi_alias
threads
max_reqs
user
group
basedir
enable_ldap_auth
ldap_bind_dn
ldap_bind_password
ldap_url
ldap_bind_authoritative
ldap_require_group
ldap_require_group_dn
ldap_require_user
ldap_require_dn
ldap_require_attribute
ldap_require_filter
virtualenv_dir
wsgi_alias
Data type: Stdlib::Unixpath
WSGI script alias source
Default value: '/puppetboard'
threads
Data type: Integer[1]
Number of WSGI threads to use
Default value: 5
max_reqs
Data type: Integer[0]
Limit on number of requests allowed to daemon process Defaults to 0 (no limit)
Default value: 0
user
Data type: String[1]
WSGI daemon process user, and daemon process name
Default value: $puppetboard::user
group
Data type: String[1]
WSGI daemon process group owner, and daemon process group
Default value: $puppetboard::group
basedir
Data type: Stdlib::AbsolutePath
Base directory where to build puppetboard vcsrepo and python virtualenv.
Default value: $puppetboard::basedir
enable_ldap_auth
Data type: Boolean
Whether to enable LDAP auth
Default value: $puppetboard::enable_ldap_auth
ldap_bind_dn
Data type: Optional[String[1]]
LDAP Bind DN
Default value: undef
ldap_bind_password
Data type: Optional[String[1]]
LDAP password
Default value: undef
ldap_url
Data type: Optional[String[1]]
LDAP connection string
Default value: undef
ldap_bind_authoritative
Data type: Optional[String[1]]
Determines if other authentication providers are used when a user can be mapped to a DN but the server cannot bind with the credentials
Default value: undef
ldap_require_group
Data type: Boolean
LDAP group to require on login
Default value: $puppetboard::ldap_require_group
ldap_require_group_dn
Data type: Optional[String[1]]
LDAP group DN for LDAP group
Default value: undef
ldap_require_user
Data type: Optional[String[1]]
if set, list of uids for Require ldap-user directive
Default value: undef
ldap_require_dn
Data type: Optional[String[1]]
if set, dn to be matched by Require ldap-dn directive
Default value: undef
ldap_require_attribute
Data type: Optional[String[1]]
if set, attributes of LDAP users for Require ldap-attribute directive
Default value: undef
ldap_require_filter
Data type: Optional[String[1]]
if set, LDAP search filter for Require ldap-filter directive
Default value: undef
virtualenv_dir
Data type: Stdlib::Absolutepath
Set location where virtualenv will be installed
Default value: $puppetboard::virtualenv_dir
puppetboard::apache::vhost
Sets up an apache::vhost to run PuppetBoard, and writes an appropriate wsgi.py from template
Parameters
The following parameters are available in the puppetboard::apache::vhost
class:
vhost_name
wsgi_alias
ip
port
ssl
ssl_cert
ssl_key
ssl_chain
threads
user
group
basedir
override
enable_ldap_auth
ldap_bind_dn
ldap_bind_password
ldap_url
ldap_bind_authoritative
ldap_require_group
ldap_require_group_dn
ldap_require_user
ldap_require_dn
ldap_require_attribute
ldap_require_filter
virtualenv_dir
custom_apache_parameters
vhost_name
Data type: String[1]
The vhost ServerName.
wsgi_alias
Data type: Stdlib::Unixpath
WSGI script alias source
Default value: '/'
ip
Data type: Optional[Stdlib::IP::Address]
IP for the vhost to bind to
Default value: undef
port
Data type: Stdlib::Port
Port for the vhost to listen on.
Default value: 5000
ssl
Data type: Boolean
If vhost should be configured with ssl
Default value: false
ssl_cert
Data type: Optional[Stdlib::AbsolutePath]
Path to server SSL cert
Default value: undef
ssl_key
Data type: Optional[Stdlib::AbsolutePath]
Path to server SSL key
Default value: undef
ssl_chain
Data type: Optional[Stdlib::AbsolutePath]
Path to server CA Chain file
Default value: undef
threads
Data type: Integer[1]
Number of WSGI threads to use.
Default value: 5
user
Data type: String[1]
WSGI daemon process user, and daemon process name
Default value: $puppetboard::user
group
Data type: String[1]
WSGI daemon process group owner, and daemon process group
Default value: $puppetboard::group
basedir
Data type: Stdlib::AbsolutePath
Base directory where to build puppetboard vcsrepo and python virtualenv.
Default value: $puppetboard::basedir
override
Data type: Variant[Array[String[1]], String[1]]
Sets the Apache AllowOverride value
Default value: $puppetboard::override
enable_ldap_auth
Data type: Boolean
Whether to enable LDAP auth
Default value: $puppetboard::enable_ldap_auth
ldap_bind_dn
Data type: Optional[String[1]]
LDAP Bind DN
Default value: undef
ldap_bind_password
Data type: Optional[String[1]]
LDAP password
Default value: undef
ldap_url
Data type: Optional[String[1]]
LDAP connection string
Default value: undef
ldap_bind_authoritative
Data type: Optional[String[1]]
Determines if other authentication providers are used when a user can be mapped to a DN but the server cannot bind with the credentials
Default value: undef
ldap_require_group
Data type: Boolean
LDAP group to require on login
Default value: $puppetboard::ldap_require_group
ldap_require_group_dn
Data type: Optional[String[1]]
LDAP group DN for LDAP group
Default value: undef
ldap_require_user
Data type: Optional[String[1]]
if set, list of uids for Require ldap-user directive
Default value: undef
ldap_require_dn
Data type: Optional[String[1]]
if set, dn to be matched by Require ldap-dn directive
Default value: undef
ldap_require_attribute
Data type: Optional[String[1]]
if set, attributes of LDAP users for Require ldap-attribute directive
Default value: undef
ldap_require_filter
Data type: Optional[String[1]]
if set, LDAP search filter for Require ldap-filter directive
Default value: undef
virtualenv_dir
Data type: Stdlib::Absolutepath
Set location where virtualenv will be installed
Default value: $puppetboard::virtualenv_dir
custom_apache_parameters
Data type: Hash
A hash passed to the apache::vhost
for custom settings
Default value: {}
Data types
Puppetboard::Syslogpriority
type for the different Python log levels
Alias of Enum['debug', 'info', 'notice', 'warning', 'err', 'crit', 'alert', 'emerg']
Changelog
All notable changes to this project will be documented in this file. Each new release typically also includes the latest modulesync defaults. These should not affect the functionality of the module.
v11.0.0 (2024-12-14)
Breaking changes:
Implemented enhancements:
- feat: add ldap user/dn/attribute/filter #416 (d1nuc0m)
- Add support for FreeBSD 14 #412 (smortex)
- Add EL 9 support #403 (kenyon)
- Add Debian 12 support #396 (bastelfreak)
- Allow puppet-python 7.x #388 (smortex)
- (#357) Add Ubuntu 22.04 LTS (Jammy Jellyfish) support #358 (prolixalias)
Fixed bugs:
- params class leaks wrong selinux context #228
Merged pull requests:
- Docs: drop EOL CentOS/RHEL 7; bump Python to 3.9 #417 (d1nuc0m)
- .fixtures.yml: Remove puppet version constraint #409 (bastelfreak)
- Add EL9 python_version #401 (h0tw1r3)
- Use Python::Version as type for puppetboard::python_version #398 (nmaludy)
v10.0.0 (2023-11-27)
Breaking changes:
- Drop Puppet 6 support #381 (bastelfreak)
- Remove dependency on vcsrepo #367 (smortex)
- puppet/python: Require 6.3 or newer #366 (smortex)
Implemented enhancements:
- Add Puppet 8 support #386 (bastelfreak)
- Relax dependencies version requirements #384 (smortex)
- Allow configuring SECRET_KEY easier #375 (gdubicki)
- Add parameter to support system packages in venv #313 (h0tw1r3)
Fixed bugs:
- Duplicate statement of the 'virtualenv' package with the python module #225
- The apache service is not notified when settings.py is updated #170
- allow python_version > 3.9 #385 (zivis)
- Do not manage $basedir when installing from packages #368 (smortex)
v9.0.0 (2022-07-14)
Breaking changes:
Implemented enhancements:
Closed issues:
- Path /srv/puppetboard/puppetboard exists and is not the desired repository #355
- pip 9.0 fail with puppetboard ? #174
- Using with packaged puppetboard #85
Merged pull requests:
v8.2.0 (2022-04-22)
Implemented enhancements:
Closed issues:
- Warning: The directory '/srv/puppetboard/puppetboard' contains 1936 entries, which exceeds the default soft limit 1000 #351
- Debian 11 data targets incorrect system python version #338
- Use python3-pip instead of python-pip #311
- Use the $custom apache parameters to set up puppetboard with basic auth #243
- New version of CommonMark has changed the name to lower case -> commonmark #223
Merged pull requests:
v8.1.0 (2022-01-13)
Implemented enhancements:
- add parameter for listen ip #344 (stefan-ahrefs)
Merged pull requests:
v8.0.0 (2021-08-18)
Breaking changes:
Implemented enhancements:
Fixed bugs:
- Class[Python]: has no parameter named 'manage_virtualenv_package' with v7.0.2 version #319
- Fix the way facts are set in the test suite #328 (smortex)
- metadata.json: increase python minimum to 4.1.0 #320 (kenyon)
Closed issues:
- No Module Named Flask #333
- Puppet-python version dependency update #326
- Could not find resource #322
- Proxy setting (python_proxy) is not passed to python::pyvenv #315
- remove virtualenv requirements #276
- manage_git and manage_virtualenv cannot be set to latest as readme suggests #253
- catalog failure is not reflected in node status #235
Merged pull requests:
- Miscellaneous improvements #334 (smortex)
- README TOC points to removed sections, has wrong child elements. #324 (mattblaha)
- Clarify SELinux section of README. #323 (mattblaha)
- README.md: remove wrong example #321 (kenyon)
- Remove params and switch to Hiera-based module data #318 (towo)
- Fix python::pyvenv behind proxy. #316 (dsnt02518)
v7.0.2 (2020-10-17)
Fixed bugs:
v7.0.1 (2020-10-09)
Fixed bugs:
- delete unused variables in params.pp #307 (bastelfreak)
- Fix "unresponsive" default value; default to 3 instead of 0 #306 (smortex)
v7.0.0 (2020-10-06)
Breaking changes:
- Drop SLES 12 because of missing tests/compatibility #297
- Drop End of Life Ubuntu 14.04 #296
- Drop End of Life Debian 8 #295
- Drop RedHat/CentOS 6/7 support due to missing Python 3.6 support in apache #294
- Add datatypes to all params/puppet-strings docs #302 (bastelfreak)
- Drop Python 2, implement Python 3, replace virtualenv with native python 3 implementation, drop EPEL parameter #292 (waipeng)
Implemented enhancements:
- replace legacy virtualenv with python 3 builtin #300
- Add Ubuntu 16.04 and 18.04 support #299
- Add Debian 9 and 10 support #298
- add support for Apache::Vhost ssl_chain parameter #284 (lukebigum)
Fixed bugs:
- Fix depreciation introduced by https://github.com/puppetlabs/puppetlabs-apache/pull/1884 #301 (bastelfreak)
Closed issues:
Merged pull requests:
- Use voxpupuli-acceptance and allow puppet/python 4.x and 5.x #293 (ekohl)
- Remove whitespace #282 (dhoppe)
- Fix virtualenv_version comment #279 (smortex)
- Fix wrong virtualenv parameter in README #278 (paescuj)
- Require puppet-epel over stahnma-epel #277 (dhoppe)
v6.1.0 (2020-03-20)
Implemented enhancements:
Closed issues:
- Install with Python3 #252
Merged pull requests:
- update repo links to https #269 (bastelfreak)
- Require group for vcsrepo as well #259 (paescuj)
- Fix Apache configuration fragment directory on Debian #233 (mattock)
v6.0.0 (2019-10-28)
Breaking changes:
- modulesync 2.7.0 and drop puppet 4 #242 (bastelfreak)
Implemented enhancements:
- add virtualenv_version parameter #255 (bastelfreak)
- add support for require ldap-group #236 (swenske)
Fixed bugs:
- rename LDAP include fragment file extension so it doesn't get include… #257 (lukebigum)
- fix missing @ in the apache templates #237 (swenske)
Closed issues:
- Feature Request: Show changes of noop run #246
Merged pull requests:
- Clean up acceptance spec helper #258 (ekohl)
- Updating dependencies #251 (pjonesIDBS)
v5.0.0 (2018-10-14)
Breaking changes:
Implemented enhancements:
Closed issues:
- Listen IP of Apache Vhost is not configurable #226
- Does puppetboard supports multiple puppetdb connections ? #219
- stankevich-python has been deprecated #215
Merged pull requests:
- modulesync 2.2.0 and allow puppet 6.x #230 (bastelfreak)
- allow puppetlabs/stdlib 5.x #221 (bastelfreak)
- drop EOL OSs; fix puppet version range #214 (bastelfreak)
- Rely on beaker-hostgenerator for docker nodesets #212 (ekohl)
v4.1.0 (2018-05-08)
Fixed bugs:
Closed issues:
- Default vhost configuration causes Apache to fail to start #192
Merged pull requests:
- Document that apache::mod::version should be included #211 (mattock)
- bump puppet to latest supported version 4.10.0 #209 (bastelfreak)
- add reverseproxy example using puppetlabs/apache module #207 (kpankonen)
- fix ProxyPass example #206 (kpankonen)
- Group should be a system group. #203 (ryanc)
- Propose small spelling change #201 (jeis2497052)
- update minimal vcsrepo version #198 (pgassmann)
- Set custom vhost parameters. for example Basic Auth #196 (c33s)
v4.0.0 (2017-11-11)
Breaking changes:
Implemented enhancements:
- Update to support Apache 2.4 - rework of #136 #189 (wyardley)
- Add boolean to control EPEL #181 (lukebigum)
Closed issues:
- Puppet CA certificate not configured correctly #142
Merged pull requests:
- Update (and run in Travis) acceptance tests, fix formatting in LDAP templates #190 (wyardley)
- Revert "Add apache file auth support" #188 (wyardley)
- Sort extra_settings to prevent churn #175 (barneycg)
- Add apache file auth support #149 (arioch)
v3.0.0 (2017-09-17)
Implemented enhancements:
- Add the ability to override home directory for the created user #183 (coreone)
- Apache vhost testing #172 (mterzo)
- replace all validate functions with datatypes #167 (bastelfreak)
Fixed bugs:
- Fixes puppetdb_verify_ssl parameter and apache::vhost unit tests #177 (fuero)
- Update the puppetdb_ssl_verify setting. #169 (rnelson0)
- Restart the web server when the settings file changes #159 (rnelson0)
Closed issues:
- New install, puppetboard start error #171
- Reduce dependency on other modules #166
- Problem with installing puppetboard. #163
Merged pull requests:
- Make EPEL soft dependency per style guide #185 (wyardley)
- Switch to puppet_install_helper (and fix rubocop warning in process) #184 (wyardley)
- add instructions on how to enable report storage to be able to view i… #182 (jonmosco)
- Fix github license detection #179 (alexjfisher)
Document usage of Puppet CA via puppetdb\_ssl\_verify [\#150](https://github.com/voxpupuli/puppet-puppetboard/pull/150) ([apeeters](https://github.com/apeeters))
v2.9.0 (2017-01-13)
Implemented enhancements:
Closed issues:
- Add DEFAULT_ENVIRONMENT to settings.py #132
- Add Ability to pass OFFLINE_MODE to settings.py #130
- Release 2.7.5 to PuppetForge #118
- Adding puppetboard::apache::ldapauth? #110
Merged pull requests:
- Bump minimum version dependencies (for Puppet 4) #157 (juniorsysadmin)
- Remove unknown parameter from documentation #145 (ghoneycutt)
- Add ldap support #144 (elmobp)
- adding default_environment param #133 (james-powis)
- added offline mode #131 (james-powis)
- Explicitly ensure python-dev is installed #129 (dskad)
v2.8.2 (2016-05-05)
Merged pull requests:
- Release 2.8.2 #127 (bastelfreak)
- Fix Travis CI status image #126 (brandonweeks)
- rename to puppet-puppetboard #124 (bastelfreak)
v2.8.1 (2016-05-05)
Merged pull requests:
- Release 2.8.1 #123 (bastelfreak)
v2.7.5 (2016-05-05)
Closed issues:
- The parameter 'reports_count' is declared more than once in the parameter list #114
- please make a fresh release #103
- dependency error when specifying manage_virtualenv #101
- Documentation wrong on SSL #94
- progress or next steps for puppet 4 support #93
- Cut a new release #78
- Module version differences #77
- Setting 'PUPPETDB_SSL_VERIFY' via Hiera Fails #65
- Reference to missing service puppetboard #58
Merged pull requests:
- Update CHANGELONG.md #120 (bastelfreak)
- Release 2.7.5 #117 (jyaworski)
- Changelog md #116 (jyaworski)
- Version 2.7.4 #115 (jyaworski)
- Closes #93 #113 (jyaworski)
- Fixes #58. #111 (jyaworski)
- Move to voxpupuli #109 (jyaworski)
- add ssl parameter to puppetboard::apache::vhost #108 (brandonweeks)
- Update README and metadata.json to reflect org changes #106 (jyaworski)
- Ubuntu exceptions #104 (dalesit)
- Fix duplicate virtualenv declaration #102 (ogdensan)
- Feature/catalog #100 (bahner)
- Fixing what was broken in: 6b95a6ae53e7c4fc74ae830fe4123e3fdf7cb15b #99 (ryno75)
- Remove duplicate reports_count parameter #98 (badgerben)
- added conditionals around package installs #97 (ryno75)
- Default to managing selinux if ::selinux is true #96 (jyaworski)
- The process must match the group #95 (jyaworski)
- Correct selboolean value for selinux on RedHat osfamily. #92 (johnzimm)
- Fix some typo/syntax. Only on/off are valid for selboolean value #91 (Zophar78)
- update documentation for puppetdb_ssl #89 (mkinney)
- Support for .htaccess files #88 (tombuildsstuff)
- Correct default value for experimental in doc #86 (Vincent--)
- Adding the selinux setup to allow this to work on RHEL with selinux e… #84 (jlcox1970)
- Add bounds to dependency versions in metadata #79 (ghoneycutt)
2.7.3 (2015-07-20)
Merged pull requests:
2.7.2 (2015-07-15)
Merged pull requests:
- "remove pry" #81 (nibalizer)
- "Puppetboard now lives in puppet-community" #74 (nibalizer)
- Adding ability to specify limit on number of requests to the daemon #73 (holtwilkins)
- Require Vcsrepo[$dcroot] for wsgi.py file creation #72 (dbogen)
- No more testing on 1.8.7 #70 (nibalizer)
- fixup tests for trusty, add docker nodeset #69 (nibalizer)
2.7.1 (2015-02-04)
2.7.0 (2015-02-04)
Closed issues:
- SSL Cert permissions with managed user #49
- make static/ really static #48
- More flexibility with apache::vhost #47
- Quoting default_settings.py #35
Merged pull requests:
- Better comment about default value of reports_count #64 (txaj)
- Support adding arbitrary values to settings.py #63 (robinbowes)
- Clean up arrow alignement and add a default case to params.pp #62 (krionux)
- Description for rake task for metadata #60 (nibalizer)
- Fix missing listen parameter #57 (eshamow)
- Update metadata.json: fix dependency for stdlib #55 (codec)
- Linting metadata.json #54 (nibalizer)
- Moving to metadata.json #53 (nibalizer)
- Feature/set supplementary groups #52 (robinbowes)
- puppetdb_ssl renamed to puppetdb_ssl_verify #51 (robinbowes)
- Add CentOS caveats #50 (pbrit)
- Adding the ability to control the number of reports that you want to add... #40 (stack72)
2.5.0 (2014-06-23)
Closed issues:
- Have custom settings in settings.py. Don't manage default_settings.py #41
- manage user/groups separately #28
Merged pull requests:
- params: Make key and cert undef. #46 (daenney)
- Output the REPORTS_COUNT parameter to settings.py. Otherwise node pages ... #44 (sigmunau)
- Update wsgi.py.erb #43 (tommodore)
- move custom settings into settings.py. #42 (rmnwolf)
- Improve the docs after having tested the module #39 (nibalizer)
- Update Rakefile to ignore vendor gems in syntax task #38 (cmurphy)
- Quotes in conf file #37 (nibalizer)
- Beaker2 #36 (nibalizer)
- Adding lint and syntax testing #32 (nibalizer)
- introduce a prefix (wsgi_alias) into ::vhost #31 (igalic)
- Add the 'localise_timestamp' configuration option #30 (tomtheun)
- make managing of user/group optional #29 (igalic)
2.4.0 (2014-05-29)
Closed issues:
- Add a virtualenv dependency. Getting "Error: sh: 1: virtualenv: not found" #23
- Add git package dependency #21
- Offer security (ie basic auth) #19
- Allow configuration with SSL #18
- needs non-librarian(?) install instructions #16
Merged pull requests:
- Remove Puppetfile #26 (mcallaway)
- Ensure virtualenv package is 'installed' instead of 'true' #25 (nickchappell)
- Add support for virtualenv #24 (nibalizer)
- add a flag to manage git #22 (nibalizer)
- Add support for setting the git repository source. #20 (jasperla)
- Permit passing $proxy param #17 (hakamadare)
- Add stdlib version requirement to Modulefile #15 (bderickson)
- Users can specify Puppetboard Git SHA to use #14 (bderickson)
1.3.0 (2014-01-23)
Merged pull requests:
- PUPPETDB_SSL setting is now PUPPETDB_SSL_VERIFY #13 (fpletz)
- Document parameters for all classes, and variables used by templates #12 (jantman)
- Fix problem with pip install git requirement #11 (pavel-drabushevich)
1.1.0 (2013-11-25)
Closed issues:
Merged pull requests:
- add class parameters to configure default_settings.py #10 (juliusknorr)
- change base install directory to '$basedir' #9 (ashleygould)
- Fix typo in $docroot declaration #8 (cmurphy)
- Fix parameter list typo in README #5 (cmurphy)
- Fix parameter list typo in README #4 (cmurphy)
- Refactor module #3 (jtopjian)
- Update module dependencies #2 (blkperl)
* This Changelog was automatically generated by github_changelog_generator
Dependencies
- puppetlabs/stdlib (>= 7.0.0 < 10.0.0)
- puppet/python (>= 6.3.0 < 8.0.0)
Copyright (C) 2013-2014 Spencer Krum Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS