#
# Managed by Puppet
#
# configuration for the JRuby interpreters
jruby-puppet: {
    # Where the puppet-agent dependency places puppet, facter, etc...
    # Puppet server expects to load Puppet from this location
    ruby-load-path: [
        /opt/puppetlabs/puppet/lib/ruby/vendor_ruby,
        /opt/puppetlabs/puppet/cache/lib,
    ]

    # This setting determines where JRuby will install gems.  It is used for loading gems,
    # and also by the `puppetserver gem` command line tool.
    gem-home: /opt/puppetlabs/server/data/puppetserver/jruby-gems

    # This setting defines the complete "GEM_PATH" for jruby.  If set, it should include
    # the gem-home directory as well as any other directories that gems can be loaded
    # from (including the vendored gems directory for gems that ship with puppetserver)
    gem-path: [${jruby-puppet.gem-home}, "/opt/puppetlabs/server/data/puppetserver/vendored-jruby-gems", "/opt/puppetlabs/puppet/lib/ruby/vendor_gems"]

    # PLEASE NOTE: Use caution when modifying the below settings. Modifying
    # these settings will change the value of the corresponding Puppet settings
    # for Puppet Server, but not for the Puppet CLI tools. This likely will not
    # be a problem with master-var-dir, master-run-dir, or master-log-dir unless
    # some critical setting in puppet.conf is interpolating the value of one
    # of the corresponding settings, but it is important that any changes made to
    # master-conf-dir and master-code-dir are also made to the corresponding Puppet
    # settings when running the Puppet CLI tools. See
    # https://docs.puppetlabs.com/puppetserver/latest/puppet_conf_setting_diffs.html#overriding-puppet-settings-in-puppet-server
    # for more information.

    # (optional) path to puppet conf dir; if not specified, will use
    # the puppet default
    master-conf-dir: /etc/puppetlabs/puppet

    # (optional) path to puppet code dir; if not specified, will use
    # the puppet default
    master-code-dir: /etc/puppetlabs/code

    # (optional) path to puppet var dir; if not specified, will use
    # the puppet default
    master-var-dir: /opt/puppetlabs/server/data/puppetserver

    # (optional) path to puppet run dir; if not specified, will use
    # the puppet default
    master-run-dir: /var/run/puppetlabs/puppetserver

    # (optional) path to puppet log dir; if not specified, will use
    # the puppet default
    master-log-dir: /var/log/puppetlabs/puppetserver

    # (optional) maximum number of JRuby instances to allow
    max-active-instances: 4

    # (optional) the number of HTTP requests a given JRuby instance will handle in its lifetime.
    max-requests-per-instance: 0

    # (optional) The maximum number of requests that may be queued waiting to borrow a JRuby from the pool.
    max-queued-requests: 0

    # (optional) Sets the upper limit for the random sleep set as a Retry-After header on 503 responses returned when max-queued-requests is enabled.
    max-retry-delay: 1800

    # (optional) Authorize access to Puppet master endpoints via rules
    # specified in the legacy Puppet auth.conf file (if true) or via rules
    # specified in the Puppet Server HOCON-formatted auth.conf (if false or not
    # specified).
    use-legacy-auth-conf: false

    # (optional) enable or disable environment class cache
    environment-class-cache-enabled: false
}

# settings related to HTTPS client requests made by Puppet Server
http-client: {
    # A list of acceptable protocols for making HTTPS requests
    ssl-protocols: [
        TLSv1.2,
    ]

    # A list of acceptable cipher suites for making HTTPS requests
    cipher-suites: [
        TLS_RSA_WITH_AES_256_CBC_SHA256,
        TLS_RSA_WITH_AES_256_CBC_SHA,
        TLS_RSA_WITH_AES_128_CBC_SHA256,
        TLS_RSA_WITH_AES_128_CBC_SHA,
    ]

    # Whether to enable http-client metrics; defaults to 'true'.
    metrics-enabled: true

    # The amount of time, in milliseconds, that an outbound HTTP connection
    # will wait for data to be available before closing the socket. If not
    # defined, defaults to 20 minutes. If 0, the timeout is infinite and if
    # negative, the value is undefined by the application and governed by the
    # system default behavior.
    idle-timeout-milliseconds: 1200000

    # The amount of time, in milliseconds, that an outbound HTTP connection will
    # wait to connect before giving up. Defaults to 2 minutes if not set. If 0,
    # the timeout is infinite and if negative, the value is undefined in the
    # application and governed by the system default behavior.
    connect-timeout-milliseconds: 120000
}

# settings related to profiling the puppet Ruby code
profiler: {
    # enable or disable profiling for the Ruby code;
    enabled: true
}