diff --git a/openvoxserver/files/etc/puppetlabs/puppetserver/conf.d/puppetserver.conf b/openvoxserver/files/etc/puppetlabs/puppetserver/conf.d/puppetserver.conf index 086835f..b5c7ded 100644 --- a/openvoxserver/files/etc/puppetlabs/puppetserver/conf.d/puppetserver.conf +++ b/openvoxserver/files/etc/puppetlabs/puppetserver/conf.d/puppetserver.conf @@ -34,7 +34,18 @@ jruby-puppet: { # (optional) path to puppet var dir; if not specified, will use # /opt/puppetlabs/server/data/puppetserver - master-var-dir: /opt/puppetlabs/server/data/puppetserver + # + # NOTE: intentionally pointed at a dedicated sub-directory instead of the + # package default /opt/puppetlabs/server/data/puppetserver. That default + # mixes variable runtime data (yaml, server_data, bucket, reports) with + # static, image-provided content that must NOT be overlaid by a volume: + # the jruby-gems / vendored-jruby-gems directories (where `require 'puppet'` + # is loaded from). Keeping the var dir separate lets a persistent volume be + # mounted on /opt/puppetlabs/server/data/puppetserver/var without clobbering + # the gems, and makes a read-only root filesystem viable. The gem-home / + # gem-path settings above are deliberately absolute (not derived from this + # var dir) for the same reason. + master-var-dir: /opt/puppetlabs/server/data/puppetserver/var # (optional) path to puppet run dir; if not specified, will use # /var/run/puppetlabs/puppetserver diff --git a/openvoxserver/prep_build_container.sh b/openvoxserver/prep_build_container.sh index a1838a3..f815001 100755 --- a/openvoxserver/prep_build_container.sh +++ b/openvoxserver/prep_build_container.sh @@ -23,6 +23,7 @@ install -d "/opt/puppetlabs/server/data" -m 0775 install -d "/opt/puppetlabs/server/data/puppetserver" -m 0770 install -d "/opt/puppetlabs/server/data/puppetserver/jars" -m 0700 install -d "/opt/puppetlabs/server/data/puppetserver/jruby-gems" -m 0755 +install -d "/opt/puppetlabs/server/data/puppetserver/var" -m 0770 install -d "/opt/puppetlabs/server/data/puppetserver/yaml" -m 0700 install -d "/var/log/puppetlabs/puppetserver" -m 0700 install -d "/var/run/puppetlabs/puppetserver" -m 0755