API tools faq
paste
Advertisement
KpuCko

PuppetBoard -> PuppetDB SSL

KpuCko
Feb 7th, 2025
142
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 3.12 KB | None | 0 0
raw download clone embed print report
  1. ## Working config, additional persistency needed, please bear this in mind.
  2. ## For PuppetDB you might want to include some additional folders as persistent storage like logs or data.
  3.  
  4. ---
  5. services:
  6.   puppet:
  7.     image: ghcr.io/voxpupuli/puppetserver:8.7.0-latest
  8.     hostname: puppet.home.lan
  9.     environment:
  10.       PUPPETSERVER_HOSTNAME: puppet.home.lan
  11.       PUPPETSERVER_PORT: 8140
  12.       PUPPETDB_HOSTNAME: puppetdb.home.lan
  13.       PUPPETDB_SSL_PORT: 8081
  14.       PUPPETDB_SERVER_URLS: "https://puppetdb.home.lan:8081"
  15.       USE_PUPPETDB: true
  16.       PUPPET_STORECONFIGS_BACKEND: puppetdb
  17.       PUPPET_STORECONFIGS: true
  18.       PUPPET_REPORTS: "puppetdb,store"
  19.       CA_ALLOW_SUBJECT_ALT_NAMES: true
  20.       AUTOSIGN: true
  21.     volumes:
  22.       - ./puppetserver-ssl:/etc/puppetlabs/puppet/ssl
  23.       - ./puppetserver-ca:/etc/puppetlabs/puppetserver/ca
  24.       - ./puppetserver:/opt/puppetlabs/server/data/puppetserver
  25.       - ./puppetserver-code:/etc/puppetlabs/code
  26.     ports:
  27.       - 8140:8140
  28.     restart: always
  29.  
  30.   puppetdb:
  31.     image: ghcr.io/voxpupuli/puppetdb:8.8.1-latest
  32.     hostname: puppetdb.home.lan
  33.     environment:
  34.       USE_PUPPETSERVER: true
  35.       PUPPETSERVER_HOSTNAME: puppet.home.lan
  36.       PUPPETSERVER_PORT: 8140
  37.       PUPPETDB_SSL_PORT: 8081
  38.       PUPPETDB_POSTGRES_HOSTNAME: postgres.home.lan
  39.       PUPPETDB_POSTGRES_PORT: 5432
  40.       PUPPETDB_PASSWORD: puppetdb
  41.       PUPPETDB_USER: puppetdb
  42.       CERTNAME: puppetdb.home.lan
  43.       PUPPETDB_CERTIFICATE_ALLOWLIST: "puppet,puppet.home.lan,puppetdb,puppetdb.home.lan,puppetboard,puppetboard.home.lan"
  44.     volumes:
  45.       - ./puppetdb-ssl:/opt/puppetlabs/server/data/puppetdb/certs
  46.     ports:
  47.       - 8081:8081
  48.     depends_on:
  49.       postgres:
  50.         condition: service_healthy
  51.         restart: true
  52.       puppet:
  53.         condition: service_healthy
  54.         restart: true
  55.     restart: always
  56.  
  57.   postgres:
  58.     image: docker.io/postgres:17-alpine
  59.     hostname: postgres.home.lan
  60.     environment:
  61.       POSTGRES_DB: puppetdb
  62.       POSTGRES_USER: puppetdb
  63.       POSTGRES_PASSWORD: puppetdb
  64.     healthcheck:
  65.       test: ["CMD-SHELL", "sh -c 'pg_isready -U puppetdb -d puppetdb'"]
  66.       interval: 10s
  67.       timeout: 3s
  68.       retries: 3
  69.     volumes:
  70.       - ./enable_pg_trgm.sql:/docker-entrypoint-initdb.d/enable_pg_trgm.sql
  71.       - ./postgres-data:/var/lib/postgresql/data
  72.     restart: always
  73.  
  74.   puppetboard:
  75.     image: ghcr.io/voxpupuli/puppetboard
  76.     hostname: puppetboard.home.lan
  77.     ### entrypoint: ["/bin/sh", "-c", "sleep infinity"]
  78.     environment:
  79.       PUPPETDB_HOST: puppetdb.home.lan
  80.       PUPPETDB_PORT: 8081
  81.       PUPPETBOARD_PORT: 8080
  82.       ENABLE_CATALOG: true
  83.       PUPPETDB_SSL_VERIFY: /etc/puppetlabs/puppet/ssl/ca.pem
  84.       PUPPETDB_KEY: /etc/puppetlabs/puppet/ssl/puppetdb-key.pem
  85.       PUPPETDB_CERT: /etc/puppetlabs/puppet/ssl/puppetdb-cert.pem
  86.       SECRET_KEY: "495ed6e5e799015811d1d00bd424b464df1b9809dade7964b6e4dcf124d9e170"
  87.       DEFAULT_ENVIRONMENT: "*"
  88.     volumes:
  89.       - ./puppetboard-ssl:/etc/puppetlabs/puppet/ssl
  90.     ports:
  91.       - 8282:8080
  92.     restart: none
  93.  
  94. networks:
  95.   default:
  96.     name: crafty-minimal
Tags: puppetboard puppetdb
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!