openvox 7.37.1 → 8.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1086) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +7 -3
  3. data/Gemfile +17 -12
  4. data/README.md +25 -30
  5. data/Rakefile +43 -33
  6. data/bin/puppet +1 -0
  7. data/examples/hiera/README.md +68 -57
  8. data/examples/hiera/data/common.yaml +12 -0
  9. data/examples/hiera/data/dc1.yaml +6 -0
  10. data/examples/hiera/hiera.yaml +15 -0
  11. data/examples/hiera/modules/ntp/data/common.yaml +4 -0
  12. data/examples/hiera/modules/ntp/hiera.yaml +9 -0
  13. data/examples/hiera/modules/ntp/manifests/config.pp +16 -4
  14. data/examples/hiera/modules/ntp/templates/ntp.conf.epp +3 -0
  15. data/examples/hiera/modules/users/manifests/common.pp +7 -2
  16. data/examples/hiera/modules/users/manifests/dc1.pp +7 -2
  17. data/examples/hiera/site.pp +1 -1
  18. data/ext/build_defaults.yaml +1 -1
  19. data/ext/windows/service/daemon.rb +54 -60
  20. data/install.rb +21 -92
  21. data/lib/hiera/puppet_function.rb +8 -6
  22. data/lib/hiera/scope.rb +15 -13
  23. data/lib/hiera_puppet.rb +4 -6
  24. data/lib/puppet/agent/disabler.rb +5 -3
  25. data/lib/puppet/agent/locker.rb +2 -2
  26. data/lib/puppet/agent.rb +6 -4
  27. data/lib/puppet/application/agent.rb +305 -301
  28. data/lib/puppet/application/apply.rb +124 -117
  29. data/lib/puppet/application/catalog.rb +2 -0
  30. data/lib/puppet/application/config.rb +2 -0
  31. data/lib/puppet/application/describe.rb +50 -48
  32. data/lib/puppet/application/device.rb +224 -223
  33. data/lib/puppet/application/doc.rb +57 -58
  34. data/lib/puppet/application/epp.rb +2 -0
  35. data/lib/puppet/application/face_base.rb +18 -17
  36. data/lib/puppet/application/facts.rb +2 -0
  37. data/lib/puppet/application/filebucket.rb +174 -168
  38. data/lib/puppet/application/generate.rb +3 -1
  39. data/lib/puppet/application/help.rb +2 -0
  40. data/lib/puppet/application/indirection_base.rb +2 -0
  41. data/lib/puppet/application/lookup.rb +181 -181
  42. data/lib/puppet/application/module.rb +2 -0
  43. data/lib/puppet/application/node.rb +2 -0
  44. data/lib/puppet/application/parser.rb +2 -0
  45. data/lib/puppet/application/plugin.rb +2 -0
  46. data/lib/puppet/application/report.rb +2 -0
  47. data/lib/puppet/application/resource.rb +106 -96
  48. data/lib/puppet/application/script.rb +76 -74
  49. data/lib/puppet/application/ssl.rb +100 -92
  50. data/lib/puppet/application.rb +32 -32
  51. data/lib/puppet/application_support.rb +3 -2
  52. data/lib/puppet/coercion.rb +5 -3
  53. data/lib/puppet/compilable_resource_type.rb +4 -2
  54. data/lib/puppet/concurrent/lock.rb +2 -3
  55. data/lib/puppet/concurrent/synchronized.rb +2 -2
  56. data/lib/puppet/concurrent/thread_local_singleton.rb +1 -0
  57. data/lib/puppet/concurrent.rb +2 -0
  58. data/lib/puppet/configurer/downloader.rb +11 -5
  59. data/lib/puppet/configurer/fact_handler.rb +17 -16
  60. data/lib/puppet/configurer/plugin_handler.rb +2 -0
  61. data/lib/puppet/configurer.rb +40 -36
  62. data/lib/puppet/confine/any.rb +3 -1
  63. data/lib/puppet/confine/boolean.rb +3 -1
  64. data/lib/puppet/confine/exists.rb +3 -1
  65. data/lib/puppet/confine/false.rb +3 -1
  66. data/lib/puppet/confine/feature.rb +3 -2
  67. data/lib/puppet/confine/true.rb +3 -1
  68. data/lib/puppet/confine/variable.rb +4 -2
  69. data/lib/puppet/confine.rb +5 -2
  70. data/lib/puppet/confine_collection.rb +6 -3
  71. data/lib/puppet/confiner.rb +5 -3
  72. data/lib/puppet/context/trusted_information.rb +12 -10
  73. data/lib/puppet/context.rb +2 -0
  74. data/lib/puppet/daemon.rb +26 -10
  75. data/lib/puppet/data_binding.rb +3 -1
  76. data/lib/puppet/datatypes/error.rb +3 -1
  77. data/lib/puppet/datatypes/impl/error.rb +2 -0
  78. data/lib/puppet/datatypes.rb +12 -7
  79. data/lib/puppet/defaults.rb +164 -125
  80. data/lib/puppet/environments.rb +13 -15
  81. data/lib/puppet/error.rb +19 -15
  82. data/lib/puppet/etc.rb +10 -5
  83. data/lib/puppet/external/dot.rb +65 -75
  84. data/lib/puppet/face/catalog/select.rb +4 -2
  85. data/lib/puppet/face/catalog.rb +7 -5
  86. data/lib/puppet/face/config.rb +30 -31
  87. data/lib/puppet/face/epp.rb +25 -26
  88. data/lib/puppet/face/facts.rb +8 -6
  89. data/lib/puppet/face/generate.rb +5 -2
  90. data/lib/puppet/face/help/action.erb +0 -1
  91. data/lib/puppet/face/help/face.erb +0 -1
  92. data/lib/puppet/face/help/global.erb +1 -1
  93. data/lib/puppet/face/help.rb +80 -62
  94. data/lib/puppet/face/module/changes.rb +4 -3
  95. data/lib/puppet/face/module/install.rb +7 -4
  96. data/lib/puppet/face/module/list.rb +52 -53
  97. data/lib/puppet/face/module/uninstall.rb +2 -0
  98. data/lib/puppet/face/module/upgrade.rb +5 -3
  99. data/lib/puppet/face/module.rb +3 -1
  100. data/lib/puppet/face/node/clean.rb +4 -2
  101. data/lib/puppet/face/node.rb +5 -3
  102. data/lib/puppet/face/parser.rb +18 -19
  103. data/lib/puppet/face/plugin.rb +10 -8
  104. data/lib/puppet/face/report.rb +10 -10
  105. data/lib/puppet/face/resource.rb +2 -0
  106. data/lib/puppet/face.rb +2 -0
  107. data/lib/puppet/facter_impl.rb +1 -1
  108. data/lib/puppet/feature/base.rb +13 -13
  109. data/lib/puppet/feature/bolt.rb +2 -0
  110. data/lib/puppet/feature/cfpropertylist.rb +2 -0
  111. data/lib/puppet/feature/eventlog.rb +2 -0
  112. data/lib/puppet/feature/hiera_eyaml.rb +2 -0
  113. data/lib/puppet/feature/hocon.rb +2 -0
  114. data/lib/puppet/feature/libuser.rb +5 -3
  115. data/lib/puppet/feature/msgpack.rb +2 -0
  116. data/lib/puppet/feature/pe_license.rb +4 -2
  117. data/lib/puppet/feature/pson.rb +6 -0
  118. data/lib/puppet/feature/selinux.rb +2 -0
  119. data/lib/puppet/feature/ssh.rb +3 -1
  120. data/lib/puppet/feature/telnet.rb +3 -7
  121. data/lib/puppet/feature/zlib.rb +3 -1
  122. data/lib/puppet/ffi/posix/constants.rb +3 -1
  123. data/lib/puppet/ffi/posix/functions.rb +2 -1
  124. data/lib/puppet/ffi/posix.rb +2 -0
  125. data/lib/puppet/ffi/windows/api_types.rb +3 -1
  126. data/lib/puppet/ffi/windows/constants.rb +80 -78
  127. data/lib/puppet/ffi/windows/functions.rb +76 -75
  128. data/lib/puppet/ffi/windows/structs.rb +6 -5
  129. data/lib/puppet/ffi/windows.rb +2 -0
  130. data/lib/puppet/file_bucket/dipper.rb +20 -11
  131. data/lib/puppet/file_bucket/file.rb +8 -6
  132. data/lib/puppet/file_bucket.rb +2 -0
  133. data/lib/puppet/file_serving/base.rb +17 -9
  134. data/lib/puppet/file_serving/configuration/parser.rb +13 -10
  135. data/lib/puppet/file_serving/configuration.rb +10 -7
  136. data/lib/puppet/file_serving/content.rb +2 -0
  137. data/lib/puppet/file_serving/fileset.rb +23 -19
  138. data/lib/puppet/file_serving/http_metadata.rb +3 -4
  139. data/lib/puppet/file_serving/metadata.rb +26 -23
  140. data/lib/puppet/file_serving/mount/file.rb +15 -11
  141. data/lib/puppet/file_serving/mount/locales.rb +5 -5
  142. data/lib/puppet/file_serving/mount/modules.rb +3 -0
  143. data/lib/puppet/file_serving/mount/pluginfacts.rb +5 -5
  144. data/lib/puppet/file_serving/mount/plugins.rb +5 -5
  145. data/lib/puppet/file_serving/mount/scripts.rb +3 -0
  146. data/lib/puppet/file_serving/mount/tasks.rb +3 -0
  147. data/lib/puppet/file_serving/mount.rb +4 -1
  148. data/lib/puppet/file_serving/terminus_helper.rb +2 -0
  149. data/lib/puppet/file_serving/terminus_selector.rb +3 -1
  150. data/lib/puppet/file_serving.rb +2 -0
  151. data/lib/puppet/file_system/file_impl.rb +9 -8
  152. data/lib/puppet/file_system/jruby.rb +2 -0
  153. data/lib/puppet/file_system/memory_file.rb +3 -0
  154. data/lib/puppet/file_system/memory_impl.rb +5 -1
  155. data/lib/puppet/file_system/path_pattern.rb +4 -2
  156. data/lib/puppet/file_system/posix.rb +7 -2
  157. data/lib/puppet/file_system/uniquefile.rb +33 -31
  158. data/lib/puppet/file_system/windows.rb +33 -22
  159. data/lib/puppet/file_system.rb +5 -3
  160. data/lib/puppet/forge/cache.rb +4 -3
  161. data/lib/puppet/forge/errors.rb +3 -4
  162. data/lib/puppet/forge/repository.rb +6 -3
  163. data/lib/puppet/forge.rb +20 -22
  164. data/lib/puppet/functions/abs.rb +7 -4
  165. data/lib/puppet/functions/alert.rb +2 -0
  166. data/lib/puppet/functions/all.rb +3 -1
  167. data/lib/puppet/functions/annotate.rb +2 -0
  168. data/lib/puppet/functions/any.rb +3 -1
  169. data/lib/puppet/functions/assert_type.rb +5 -2
  170. data/lib/puppet/functions/binary_file.rb +4 -1
  171. data/lib/puppet/functions/break.rb +4 -2
  172. data/lib/puppet/functions/call.rb +2 -1
  173. data/lib/puppet/functions/camelcase.rb +4 -3
  174. data/lib/puppet/functions/capitalize.rb +4 -3
  175. data/lib/puppet/functions/ceiling.rb +3 -2
  176. data/lib/puppet/functions/chomp.rb +3 -2
  177. data/lib/puppet/functions/chop.rb +3 -2
  178. data/lib/puppet/functions/compare.rb +5 -3
  179. data/lib/puppet/functions/contain.rb +7 -4
  180. data/lib/puppet/functions/convert_to.rb +2 -0
  181. data/lib/puppet/functions/crit.rb +2 -0
  182. data/lib/puppet/functions/debug.rb +2 -0
  183. data/lib/puppet/functions/defined.rb +10 -6
  184. data/lib/puppet/functions/dig.rb +13 -10
  185. data/lib/puppet/functions/downcase.rb +4 -2
  186. data/lib/puppet/functions/each.rb +2 -0
  187. data/lib/puppet/functions/emerg.rb +2 -0
  188. data/lib/puppet/functions/empty.rb +2 -0
  189. data/lib/puppet/functions/epp.rb +2 -1
  190. data/lib/puppet/functions/err.rb +2 -0
  191. data/lib/puppet/functions/eyaml_lookup_key.rb +17 -16
  192. data/lib/puppet/functions/filter.rb +8 -7
  193. data/lib/puppet/functions/find_file.rb +6 -0
  194. data/lib/puppet/functions/find_template.rb +2 -0
  195. data/lib/puppet/functions/flatten.rb +2 -0
  196. data/lib/puppet/functions/floor.rb +3 -2
  197. data/lib/puppet/functions/get.rb +4 -2
  198. data/lib/puppet/functions/getvar.rb +7 -5
  199. data/lib/puppet/functions/group_by.rb +2 -2
  200. data/lib/puppet/functions/hiera.rb +2 -0
  201. data/lib/puppet/functions/hiera_array.rb +2 -0
  202. data/lib/puppet/functions/hiera_hash.rb +2 -0
  203. data/lib/puppet/functions/hiera_include.rb +3 -0
  204. data/lib/puppet/functions/hocon_data.rb +5 -5
  205. data/lib/puppet/functions/import.rb +3 -1
  206. data/lib/puppet/functions/include.rb +5 -2
  207. data/lib/puppet/functions/index.rb +5 -4
  208. data/lib/puppet/functions/info.rb +2 -0
  209. data/lib/puppet/functions/inline_epp.rb +2 -1
  210. data/lib/puppet/functions/join.rb +4 -2
  211. data/lib/puppet/functions/json_data.rb +6 -6
  212. data/lib/puppet/functions/keys.rb +2 -0
  213. data/lib/puppet/functions/length.rb +2 -1
  214. data/lib/puppet/functions/lest.rb +2 -0
  215. data/lib/puppet/functions/lookup.rb +12 -12
  216. data/lib/puppet/functions/lstrip.rb +3 -2
  217. data/lib/puppet/functions/map.rb +4 -2
  218. data/lib/puppet/functions/match.rb +8 -5
  219. data/lib/puppet/functions/max.rb +75 -8
  220. data/lib/puppet/functions/min.rb +75 -8
  221. data/lib/puppet/functions/module_directory.rb +2 -0
  222. data/lib/puppet/functions/new.rb +5 -3
  223. data/lib/puppet/functions/next.rb +3 -1
  224. data/lib/puppet/functions/notice.rb +2 -0
  225. data/lib/puppet/functions/reduce.rb +8 -11
  226. data/lib/puppet/functions/regsubst.rb +15 -16
  227. data/lib/puppet/functions/require.rb +7 -3
  228. data/lib/puppet/functions/return.rb +2 -0
  229. data/lib/puppet/functions/reverse_each.rb +2 -0
  230. data/lib/puppet/functions/round.rb +2 -0
  231. data/lib/puppet/functions/rstrip.rb +3 -2
  232. data/lib/puppet/functions/scanf.rb +2 -0
  233. data/lib/puppet/functions/size.rb +2 -2
  234. data/lib/puppet/functions/slice.rb +4 -1
  235. data/lib/puppet/functions/sort.rb +2 -0
  236. data/lib/puppet/functions/split.rb +2 -0
  237. data/lib/puppet/functions/step.rb +2 -0
  238. data/lib/puppet/functions/strftime.rb +5 -3
  239. data/lib/puppet/functions/strip.rb +3 -2
  240. data/lib/puppet/functions/then.rb +3 -0
  241. data/lib/puppet/functions/tree_each.rb +4 -3
  242. data/lib/puppet/functions/type.rb +2 -0
  243. data/lib/puppet/functions/unique.rb +12 -9
  244. data/lib/puppet/functions/unwrap.rb +2 -0
  245. data/lib/puppet/functions/upcase.rb +4 -2
  246. data/lib/puppet/functions/values.rb +2 -0
  247. data/lib/puppet/functions/versioncmp.rb +2 -1
  248. data/lib/puppet/functions/warning.rb +2 -0
  249. data/lib/puppet/functions/with.rb +2 -0
  250. data/lib/puppet/functions/yaml_data.rb +13 -13
  251. data/lib/puppet/functions.rb +57 -61
  252. data/lib/puppet/generate/models/type/property.rb +4 -1
  253. data/lib/puppet/generate/models/type/type.rb +5 -2
  254. data/lib/puppet/generate/type.rb +11 -5
  255. data/lib/puppet/gettext/config.rb +16 -9
  256. data/lib/puppet/gettext/module_translations.rb +2 -1
  257. data/lib/puppet/gettext/stubs.rb +2 -0
  258. data/lib/puppet/graph/key.rb +2 -0
  259. data/lib/puppet/graph/prioritizer.rb +2 -0
  260. data/lib/puppet/graph/rb_tree_map.rb +43 -24
  261. data/lib/puppet/graph/relationship_graph.rb +31 -29
  262. data/lib/puppet/graph/sequential_prioritizer.rb +2 -0
  263. data/lib/puppet/graph/simple_graph.rb +63 -57
  264. data/lib/puppet/graph.rb +2 -0
  265. data/lib/puppet/http/client.rb +10 -6
  266. data/lib/puppet/http/dns.rb +12 -12
  267. data/lib/puppet/http/errors.rb +4 -2
  268. data/lib/puppet/http/external_client.rb +4 -3
  269. data/lib/puppet/http/factory.rb +3 -1
  270. data/lib/puppet/http/pool.rb +3 -1
  271. data/lib/puppet/http/pool_entry.rb +2 -0
  272. data/lib/puppet/http/proxy.rb +21 -19
  273. data/lib/puppet/http/redirector.rb +5 -3
  274. data/lib/puppet/http/resolver/server_list.rb +5 -4
  275. data/lib/puppet/http/resolver/settings.rb +2 -1
  276. data/lib/puppet/http/resolver/srv.rb +2 -1
  277. data/lib/puppet/http/resolver.rb +4 -2
  278. data/lib/puppet/http/response.rb +2 -0
  279. data/lib/puppet/http/response_converter.rb +4 -3
  280. data/lib/puppet/http/response_net_http.rb +2 -1
  281. data/lib/puppet/http/retry_after_handler.rb +4 -3
  282. data/lib/puppet/http/service/ca.rb +37 -5
  283. data/lib/puppet/http/service/compiler.rb +13 -10
  284. data/lib/puppet/http/service/file_server.rb +5 -3
  285. data/lib/puppet/http/service/puppetserver.rb +3 -2
  286. data/lib/puppet/http/service/report.rb +5 -7
  287. data/lib/puppet/http/service.rb +17 -22
  288. data/lib/puppet/http/session.rb +6 -4
  289. data/lib/puppet/http/site.rb +3 -1
  290. data/lib/puppet/http.rb +4 -2
  291. data/lib/puppet/indirector/catalog/compiler.rb +81 -80
  292. data/lib/puppet/indirector/catalog/json.rb +2 -0
  293. data/lib/puppet/indirector/catalog/msgpack.rb +2 -0
  294. data/lib/puppet/indirector/catalog/rest.rb +2 -0
  295. data/lib/puppet/indirector/catalog/store_configs.rb +3 -3
  296. data/lib/puppet/indirector/catalog/yaml.rb +2 -0
  297. data/lib/puppet/indirector/code.rb +2 -0
  298. data/lib/puppet/indirector/data_binding/hiera.rb +2 -1
  299. data/lib/puppet/indirector/data_binding/none.rb +2 -0
  300. data/lib/puppet/indirector/direct_file_server.rb +4 -1
  301. data/lib/puppet/indirector/envelope.rb +2 -0
  302. data/lib/puppet/indirector/errors.rb +2 -0
  303. data/lib/puppet/indirector/exec.rb +5 -3
  304. data/lib/puppet/indirector/face.rb +17 -28
  305. data/lib/puppet/indirector/fact_search.rb +4 -2
  306. data/lib/puppet/indirector/facts/facter.rb +10 -7
  307. data/lib/puppet/indirector/facts/json.rb +4 -2
  308. data/lib/puppet/indirector/facts/memory.rb +2 -0
  309. data/lib/puppet/indirector/facts/network_device.rb +2 -0
  310. data/lib/puppet/indirector/facts/rest.rb +2 -0
  311. data/lib/puppet/indirector/facts/store_configs.rb +3 -2
  312. data/lib/puppet/indirector/facts/yaml.rb +2 -0
  313. data/lib/puppet/indirector/file_bucket_file/file.rb +33 -27
  314. data/lib/puppet/indirector/file_bucket_file/rest.rb +6 -3
  315. data/lib/puppet/indirector/file_bucket_file/selector.rb +2 -1
  316. data/lib/puppet/indirector/file_content/file.rb +2 -0
  317. data/lib/puppet/indirector/file_content/file_server.rb +2 -0
  318. data/lib/puppet/indirector/file_content/rest.rb +3 -1
  319. data/lib/puppet/indirector/file_content/selector.rb +2 -0
  320. data/lib/puppet/indirector/file_content.rb +2 -0
  321. data/lib/puppet/indirector/file_metadata/file.rb +2 -0
  322. data/lib/puppet/indirector/file_metadata/file_server.rb +2 -0
  323. data/lib/puppet/indirector/file_metadata/http.rb +4 -2
  324. data/lib/puppet/indirector/file_metadata/rest.rb +3 -1
  325. data/lib/puppet/indirector/file_metadata/selector.rb +2 -0
  326. data/lib/puppet/indirector/file_metadata.rb +2 -0
  327. data/lib/puppet/indirector/file_server.rb +3 -0
  328. data/lib/puppet/indirector/generic_http.rb +2 -0
  329. data/lib/puppet/indirector/hiera.rb +8 -7
  330. data/lib/puppet/indirector/indirection.rb +50 -41
  331. data/lib/puppet/indirector/json.rb +9 -6
  332. data/lib/puppet/indirector/memory.rb +5 -2
  333. data/lib/puppet/indirector/msgpack.rb +11 -7
  334. data/lib/puppet/indirector/node/exec.rb +6 -6
  335. data/lib/puppet/indirector/node/json.rb +2 -1
  336. data/lib/puppet/indirector/node/memory.rb +2 -0
  337. data/lib/puppet/indirector/node/msgpack.rb +2 -0
  338. data/lib/puppet/indirector/node/plain.rb +2 -0
  339. data/lib/puppet/indirector/node/rest.rb +2 -0
  340. data/lib/puppet/indirector/node/store_configs.rb +3 -3
  341. data/lib/puppet/indirector/node/yaml.rb +2 -0
  342. data/lib/puppet/indirector/none.rb +3 -2
  343. data/lib/puppet/indirector/plain.rb +2 -0
  344. data/lib/puppet/indirector/report/json.rb +4 -2
  345. data/lib/puppet/indirector/report/msgpack.rb +3 -1
  346. data/lib/puppet/indirector/report/processor.rb +3 -0
  347. data/lib/puppet/indirector/report/rest.rb +2 -13
  348. data/lib/puppet/indirector/report/yaml.rb +4 -2
  349. data/lib/puppet/indirector/request.rb +15 -12
  350. data/lib/puppet/indirector/resource/ral.rb +10 -10
  351. data/lib/puppet/indirector/resource/store_configs.rb +3 -1
  352. data/lib/puppet/indirector/resource/validator.rb +2 -0
  353. data/lib/puppet/indirector/rest.rb +3 -1
  354. data/lib/puppet/indirector/store_configs.rb +2 -0
  355. data/lib/puppet/indirector/terminus.rb +8 -4
  356. data/lib/puppet/indirector/yaml.rb +7 -5
  357. data/lib/puppet/indirector.rb +3 -0
  358. data/lib/puppet/info_service/class_information_service.rb +16 -17
  359. data/lib/puppet/info_service/plan_information_service.rb +5 -3
  360. data/lib/puppet/info_service/task_information_service.rb +10 -9
  361. data/lib/puppet/info_service.rb +1 -0
  362. data/lib/puppet/interface/action.rb +46 -42
  363. data/lib/puppet/interface/action_builder.rb +12 -6
  364. data/lib/puppet/interface/action_manager.rb +9 -6
  365. data/lib/puppet/interface/documentation.rb +40 -34
  366. data/lib/puppet/interface/face_collection.rb +18 -14
  367. data/lib/puppet/interface/option.rb +23 -11
  368. data/lib/puppet/interface/option_builder.rb +14 -9
  369. data/lib/puppet/interface/option_manager.rb +12 -10
  370. data/lib/puppet/interface.rb +9 -8
  371. data/lib/puppet/loaders.rb +2 -1
  372. data/lib/puppet/metatype/manager.rb +16 -15
  373. data/lib/puppet/module/plan.rb +22 -15
  374. data/lib/puppet/module/task.rb +33 -28
  375. data/lib/puppet/module.rb +59 -47
  376. data/lib/puppet/module_tool/applications/application.rb +17 -12
  377. data/lib/puppet/module_tool/applications/checksummer.rb +3 -3
  378. data/lib/puppet/module_tool/applications/installer.rb +78 -87
  379. data/lib/puppet/module_tool/applications/uninstaller.rb +24 -22
  380. data/lib/puppet/module_tool/applications/unpacker.rb +11 -9
  381. data/lib/puppet/module_tool/applications/upgrader.rb +66 -60
  382. data/lib/puppet/module_tool/applications.rb +2 -0
  383. data/lib/puppet/module_tool/checksums.rb +4 -3
  384. data/lib/puppet/module_tool/dependency.rb +5 -4
  385. data/lib/puppet/module_tool/errors/base.rb +3 -1
  386. data/lib/puppet/module_tool/errors/installer.rb +6 -5
  387. data/lib/puppet/module_tool/errors/shared.rb +16 -15
  388. data/lib/puppet/module_tool/errors/uninstaller.rb +3 -2
  389. data/lib/puppet/module_tool/errors/upgrader.rb +4 -3
  390. data/lib/puppet/module_tool/errors.rb +2 -0
  391. data/lib/puppet/module_tool/install_directory.rb +8 -5
  392. data/lib/puppet/module_tool/installed_modules.rb +5 -2
  393. data/lib/puppet/module_tool/local_tarball.rb +10 -8
  394. data/lib/puppet/module_tool/metadata.rb +36 -30
  395. data/lib/puppet/module_tool/shared_behaviors.rb +61 -43
  396. data/lib/puppet/module_tool/tar/gnu.rb +12 -8
  397. data/lib/puppet/module_tool/tar/mini.rb +6 -4
  398. data/lib/puppet/module_tool/tar.rb +4 -2
  399. data/lib/puppet/module_tool.rb +11 -11
  400. data/lib/puppet/network/authconfig.rb +2 -0
  401. data/lib/puppet/network/authorization.rb +2 -0
  402. data/lib/puppet/network/client_request.rb +7 -4
  403. data/lib/puppet/network/format.rb +9 -3
  404. data/lib/puppet/network/format_handler.rb +9 -7
  405. data/lib/puppet/network/format_support.rb +8 -7
  406. data/lib/puppet/network/formats.rb +34 -25
  407. data/lib/puppet/network/http/api/indirected_routes.rb +38 -45
  408. data/lib/puppet/network/http/api/indirection_type.rb +2 -1
  409. data/lib/puppet/network/http/api/master/v3/environments.rb +2 -1
  410. data/lib/puppet/network/http/api/master/v3.rb +2 -1
  411. data/lib/puppet/network/http/api/master.rb +2 -0
  412. data/lib/puppet/network/http/api/server/v3/environments.rb +21 -15
  413. data/lib/puppet/network/http/api/server/v3.rb +14 -13
  414. data/lib/puppet/network/http/api/server.rb +2 -0
  415. data/lib/puppet/network/http/api.rb +20 -18
  416. data/lib/puppet/network/http/connection.rb +6 -4
  417. data/lib/puppet/network/http/error.rb +5 -3
  418. data/lib/puppet/network/http/handler.rb +12 -14
  419. data/lib/puppet/network/http/issues.rb +2 -0
  420. data/lib/puppet/network/http/memory_response.rb +3 -1
  421. data/lib/puppet/network/http/request.rb +22 -10
  422. data/lib/puppet/network/http/response.rb +2 -0
  423. data/lib/puppet/network/http/route.rb +14 -11
  424. data/lib/puppet/network/http.rb +2 -0
  425. data/lib/puppet/network/http_pool.rb +4 -3
  426. data/lib/puppet/network/uri.rb +2 -0
  427. data/lib/puppet/network.rb +2 -0
  428. data/lib/puppet/node/environment.rb +36 -33
  429. data/lib/puppet/node/facts.rb +10 -10
  430. data/lib/puppet/node/server_facts.rb +6 -6
  431. data/lib/puppet/node.rb +12 -12
  432. data/lib/puppet/pal/catalog_compiler.rb +2 -3
  433. data/lib/puppet/pal/compiler.rb +11 -6
  434. data/lib/puppet/pal/function_signature.rb +5 -3
  435. data/lib/puppet/pal/json_catalog_encoder.rb +7 -2
  436. data/lib/puppet/pal/pal_api.rb +2 -0
  437. data/lib/puppet/pal/pal_impl.rb +103 -108
  438. data/lib/puppet/pal/plan_signature.rb +4 -2
  439. data/lib/puppet/pal/script_compiler.rb +4 -2
  440. data/lib/puppet/pal/task_signature.rb +15 -9
  441. data/lib/puppet/parameter/boolean.rb +2 -0
  442. data/lib/puppet/parameter/package_options.rb +3 -1
  443. data/lib/puppet/parameter/path.rb +7 -3
  444. data/lib/puppet/parameter/value.rb +5 -3
  445. data/lib/puppet/parameter/value_collection.rb +17 -16
  446. data/lib/puppet/parameter.rb +17 -16
  447. data/lib/puppet/parser/abstract_compiler.rb +2 -3
  448. data/lib/puppet/parser/ast/block_expression.rb +4 -2
  449. data/lib/puppet/parser/ast/branch.rb +2 -0
  450. data/lib/puppet/parser/ast/hostclass.rb +4 -2
  451. data/lib/puppet/parser/ast/leaf.rb +3 -0
  452. data/lib/puppet/parser/ast/node.rb +2 -0
  453. data/lib/puppet/parser/ast/pops_bridge.rb +13 -13
  454. data/lib/puppet/parser/ast/resource.rb +8 -8
  455. data/lib/puppet/parser/ast/resource_instance.rb +3 -0
  456. data/lib/puppet/parser/ast/resourceparam.rb +9 -7
  457. data/lib/puppet/parser/ast/top_level_construct.rb +2 -0
  458. data/lib/puppet/parser/ast.rb +16 -15
  459. data/lib/puppet/parser/catalog_compiler.rb +3 -3
  460. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +4 -2
  461. data/lib/puppet/parser/compiler/catalog_validator.rb +2 -0
  462. data/lib/puppet/parser/compiler.rb +45 -44
  463. data/lib/puppet/parser/e4_parser_adapter.rb +17 -16
  464. data/lib/puppet/parser/files.rb +8 -6
  465. data/lib/puppet/parser/functions/assert_type.rb +43 -41
  466. data/lib/puppet/parser/functions/binary_file.rb +16 -14
  467. data/lib/puppet/parser/functions/break.rb +29 -27
  468. data/lib/puppet/parser/functions/contain.rb +3 -1
  469. data/lib/puppet/parser/functions/create_resources.rb +18 -14
  470. data/lib/puppet/parser/functions/defined.rb +104 -102
  471. data/lib/puppet/parser/functions/dig.rb +26 -24
  472. data/lib/puppet/parser/functions/digest.rb +3 -1
  473. data/lib/puppet/parser/functions/each.rb +101 -99
  474. data/lib/puppet/parser/functions/epp.rb +4 -3
  475. data/lib/puppet/parser/functions/fail.rb +11 -9
  476. data/lib/puppet/parser/functions/file.rb +16 -14
  477. data/lib/puppet/parser/functions/filter.rb +57 -55
  478. data/lib/puppet/parser/functions/find_file.rb +19 -18
  479. data/lib/puppet/parser/functions/fqdn_rand.rb +25 -23
  480. data/lib/puppet/parser/functions/generate.rb +23 -21
  481. data/lib/puppet/parser/functions/hiera.rb +95 -93
  482. data/lib/puppet/parser/functions/hiera_array.rb +83 -82
  483. data/lib/puppet/parser/functions/hiera_hash.rb +93 -92
  484. data/lib/puppet/parser/functions/hiera_include.rb +93 -92
  485. data/lib/puppet/parser/functions/include.rb +5 -3
  486. data/lib/puppet/parser/functions/inline_epp.rb +4 -3
  487. data/lib/puppet/parser/functions/inline_template.rb +15 -13
  488. data/lib/puppet/parser/functions/lest.rb +36 -34
  489. data/lib/puppet/parser/functions/lookup.rb +132 -130
  490. data/lib/puppet/parser/functions/map.rb +54 -52
  491. data/lib/puppet/parser/functions/match.rb +31 -29
  492. data/lib/puppet/parser/functions/md5.rb +4 -2
  493. data/lib/puppet/parser/functions/new.rb +916 -915
  494. data/lib/puppet/parser/functions/next.rb +36 -34
  495. data/lib/puppet/parser/functions/realize.rb +13 -11
  496. data/lib/puppet/parser/functions/reduce.rb +134 -132
  497. data/lib/puppet/parser/functions/regsubst.rb +8 -5
  498. data/lib/puppet/parser/functions/require.rb +8 -5
  499. data/lib/puppet/parser/functions/return.rb +90 -88
  500. data/lib/puppet/parser/functions/reverse_each.rb +59 -57
  501. data/lib/puppet/parser/functions/scanf.rb +25 -23
  502. data/lib/puppet/parser/functions/sha1.rb +4 -2
  503. data/lib/puppet/parser/functions/sha256.rb +3 -1
  504. data/lib/puppet/parser/functions/shellquote.rb +2 -0
  505. data/lib/puppet/parser/functions/slice.rb +27 -25
  506. data/lib/puppet/parser/functions/split.rb +7 -6
  507. data/lib/puppet/parser/functions/sprintf.rb +8 -7
  508. data/lib/puppet/parser/functions/step.rb +62 -60
  509. data/lib/puppet/parser/functions/strftime.rb +175 -173
  510. data/lib/puppet/parser/functions/tag.rb +10 -7
  511. data/lib/puppet/parser/functions/tagged.rb +16 -13
  512. data/lib/puppet/parser/functions/template.rb +27 -24
  513. data/lib/puppet/parser/functions/then.rb +54 -52
  514. data/lib/puppet/parser/functions/type.rb +36 -34
  515. data/lib/puppet/parser/functions/versioncmp.rb +3 -2
  516. data/lib/puppet/parser/functions/with.rb +22 -20
  517. data/lib/puppet/parser/functions.rb +12 -9
  518. data/lib/puppet/parser/parser_factory.rb +2 -0
  519. data/lib/puppet/parser/relationship.rb +9 -3
  520. data/lib/puppet/parser/resource/param.rb +4 -2
  521. data/lib/puppet/parser/resource.rb +42 -40
  522. data/lib/puppet/parser/scope.rb +84 -70
  523. data/lib/puppet/parser/script_compiler.rb +12 -12
  524. data/lib/puppet/parser/templatewrapper.rb +3 -2
  525. data/lib/puppet/parser/type_loader.rb +31 -30
  526. data/lib/puppet/parser.rb +3 -1
  527. data/lib/puppet/plugins/configuration.rb +2 -0
  528. data/lib/puppet/plugins/syntax_checkers.rb +2 -1
  529. data/lib/puppet/plugins.rb +3 -1
  530. data/lib/puppet/pops/adaptable.rb +5 -3
  531. data/lib/puppet/pops/adapters.rb +4 -1
  532. data/lib/puppet/pops/evaluator/access_operator.rb +133 -120
  533. data/lib/puppet/pops/evaluator/callable_signature.rb +6 -5
  534. data/lib/puppet/pops/evaluator/closure.rb +272 -277
  535. data/lib/puppet/pops/evaluator/collector_transformer.rb +18 -15
  536. data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +10 -8
  537. data/lib/puppet/pops/evaluator/collectors/catalog_collector.rb +4 -3
  538. data/lib/puppet/pops/evaluator/collectors/exported_collector.rb +6 -5
  539. data/lib/puppet/pops/evaluator/collectors/fixed_set_collector.rb +10 -10
  540. data/lib/puppet/pops/evaluator/compare_operator.rb +36 -21
  541. data/lib/puppet/pops/evaluator/deferred_resolver.rb +19 -17
  542. data/lib/puppet/pops/evaluator/epp_evaluator.rb +19 -18
  543. data/lib/puppet/pops/evaluator/evaluator_impl.rb +245 -245
  544. data/lib/puppet/pops/evaluator/external_syntax_support.rb +3 -2
  545. data/lib/puppet/pops/evaluator/json_strict_literal_evaluator.rb +6 -5
  546. data/lib/puppet/pops/evaluator/literal_evaluator.rb +5 -5
  547. data/lib/puppet/pops/evaluator/puppet_proc.rb +6 -3
  548. data/lib/puppet/pops/evaluator/relationship_operator.rb +14 -11
  549. data/lib/puppet/pops/evaluator/runtime3_converter.rb +34 -30
  550. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +35 -35
  551. data/lib/puppet/pops/evaluator/runtime3_support.rb +32 -39
  552. data/lib/puppet/pops/functions/dispatch.rb +7 -7
  553. data/lib/puppet/pops/functions/dispatcher.rb +8 -7
  554. data/lib/puppet/pops/functions/function.rb +18 -20
  555. data/lib/puppet/pops/issue_reporter.rb +25 -22
  556. data/lib/puppet/pops/issues.rb +10 -5
  557. data/lib/puppet/pops/label_provider.rb +6 -4
  558. data/lib/puppet/pops/loader/base_loader.rb +4 -4
  559. data/lib/puppet/pops/loader/dependency_loader.rb +8 -4
  560. data/lib/puppet/pops/loader/gem_support.rb +5 -2
  561. data/lib/puppet/pops/loader/generic_plan_instantiator.rb +2 -0
  562. data/lib/puppet/pops/loader/loader.rb +8 -8
  563. data/lib/puppet/pops/loader/loader_paths.rb +42 -41
  564. data/lib/puppet/pops/loader/module_loaders.rb +45 -49
  565. data/lib/puppet/pops/loader/predefined_loader.rb +3 -3
  566. data/lib/puppet/pops/loader/puppet_function_instantiator.rb +6 -2
  567. data/lib/puppet/pops/loader/puppet_plan_instantiator.rb +6 -2
  568. data/lib/puppet/pops/loader/puppet_resource_type_impl_instantiator.rb +6 -5
  569. data/lib/puppet/pops/loader/ruby_data_type_instantiator.rb +5 -1
  570. data/lib/puppet/pops/loader/ruby_function_instantiator.rb +5 -1
  571. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +18 -8
  572. data/lib/puppet/pops/loader/runtime3_type_loader.rb +4 -3
  573. data/lib/puppet/pops/loader/simple_environment_loader.rb +3 -3
  574. data/lib/puppet/pops/loader/static_loader.rb +29 -27
  575. data/lib/puppet/pops/loader/task_instantiator.rb +4 -2
  576. data/lib/puppet/pops/loader/type_definition_instantiator.rb +9 -5
  577. data/lib/puppet/pops/loader/typed_name.rb +4 -2
  578. data/lib/puppet/pops/loader/uri_helper.rb +3 -1
  579. data/lib/puppet/pops/loaders.rb +27 -23
  580. data/lib/puppet/pops/lookup/configured_data_provider.rb +2 -0
  581. data/lib/puppet/pops/lookup/context.rb +32 -23
  582. data/lib/puppet/pops/lookup/data_adapter.rb +2 -0
  583. data/lib/puppet/pops/lookup/data_dig_function_provider.rb +8 -7
  584. data/lib/puppet/pops/lookup/data_hash_function_provider.rb +5 -3
  585. data/lib/puppet/pops/lookup/data_provider.rb +2 -0
  586. data/lib/puppet/pops/lookup/environment_data_provider.rb +2 -0
  587. data/lib/puppet/pops/lookup/explainer.rb +47 -45
  588. data/lib/puppet/pops/lookup/function_provider.rb +8 -6
  589. data/lib/puppet/pops/lookup/global_data_provider.rb +4 -3
  590. data/lib/puppet/pops/lookup/hiera_config.rb +208 -160
  591. data/lib/puppet/pops/lookup/interpolation.rb +21 -10
  592. data/lib/puppet/pops/lookup/invocation.rb +4 -0
  593. data/lib/puppet/pops/lookup/key_recorder.rb +6 -3
  594. data/lib/puppet/pops/lookup/location_resolver.rb +4 -2
  595. data/lib/puppet/pops/lookup/lookup_adapter.rb +39 -34
  596. data/lib/puppet/pops/lookup/lookup_key.rb +3 -1
  597. data/lib/puppet/pops/lookup/lookup_key_function_provider.rb +4 -2
  598. data/lib/puppet/pops/lookup/module_data_provider.rb +12 -9
  599. data/lib/puppet/pops/lookup/sub_lookup.rb +7 -3
  600. data/lib/puppet/pops/lookup.rb +16 -11
  601. data/lib/puppet/pops/merge_strategy.rb +22 -16
  602. data/lib/puppet/pops/migration/migration_checker.rb +8 -5
  603. data/lib/puppet/pops/model/ast.rb +786 -685
  604. data/lib/puppet/pops/model/ast_transformer.rb +18 -18
  605. data/lib/puppet/pops/model/factory.rb +33 -31
  606. data/lib/puppet/pops/model/model_label_provider.rb +5 -2
  607. data/lib/puppet/pops/model/model_tree_dumper.rb +32 -30
  608. data/lib/puppet/pops/model/pn_transformer.rb +5 -6
  609. data/lib/puppet/pops/model/tree_dumper.rb +7 -4
  610. data/lib/puppet/pops/parser/code_merger.rb +3 -3
  611. data/lib/puppet/pops/parser/epp_parser.rb +6 -5
  612. data/lib/puppet/pops/parser/epp_support.rb +10 -9
  613. data/lib/puppet/pops/parser/evaluating_parser.rb +13 -9
  614. data/lib/puppet/pops/parser/heredoc_support.rb +14 -14
  615. data/lib/puppet/pops/parser/interpolation_support.rb +25 -25
  616. data/lib/puppet/pops/parser/lexer2.rb +74 -62
  617. data/lib/puppet/pops/parser/lexer_support.rb +57 -57
  618. data/lib/puppet/pops/parser/locatable.rb +2 -2
  619. data/lib/puppet/pops/parser/locator.rb +47 -43
  620. data/lib/puppet/pops/parser/parser_support.rb +22 -21
  621. data/lib/puppet/pops/parser/pn_parser.rb +10 -9
  622. data/lib/puppet/pops/parser/slurp_support.rb +41 -40
  623. data/lib/puppet/pops/patterns.rb +14 -14
  624. data/lib/puppet/pops/pcore.rb +7 -6
  625. data/lib/puppet/pops/pn.rb +8 -5
  626. data/lib/puppet/pops/puppet_stack.rb +3 -1
  627. data/lib/puppet/pops/resource/param.rb +13 -12
  628. data/lib/puppet/pops/resource/resource_type_impl.rb +47 -45
  629. data/lib/puppet/pops/semantic_error.rb +3 -1
  630. data/lib/puppet/pops/serialization/abstract_reader.rb +6 -4
  631. data/lib/puppet/pops/serialization/abstract_writer.rb +11 -9
  632. data/lib/puppet/pops/serialization/deserializer.rb +3 -0
  633. data/lib/puppet/pops/serialization/extension.rb +8 -0
  634. data/lib/puppet/pops/serialization/from_data_converter.rb +16 -9
  635. data/lib/puppet/pops/serialization/instance_reader.rb +2 -0
  636. data/lib/puppet/pops/serialization/instance_writer.rb +2 -0
  637. data/lib/puppet/pops/serialization/json.rb +9 -5
  638. data/lib/puppet/pops/serialization/json_path.rb +3 -1
  639. data/lib/puppet/pops/serialization/object.rb +6 -3
  640. data/lib/puppet/pops/serialization/serializer.rb +20 -16
  641. data/lib/puppet/pops/serialization/time_factory.rb +2 -1
  642. data/lib/puppet/pops/serialization/to_data_converter.rb +9 -6
  643. data/lib/puppet/pops/serialization/to_stringified_converter.rb +8 -7
  644. data/lib/puppet/pops/serialization.rb +10 -8
  645. data/lib/puppet/pops/time/timespan.rb +33 -21
  646. data/lib/puppet/pops/time/timestamp.rb +12 -5
  647. data/lib/puppet/pops/types/annotatable.rb +3 -2
  648. data/lib/puppet/pops/types/annotation.rb +6 -4
  649. data/lib/puppet/pops/types/class_loader.rb +17 -15
  650. data/lib/puppet/pops/types/implementation_registry.rb +4 -1
  651. data/lib/puppet/pops/types/iterable.rb +24 -14
  652. data/lib/puppet/pops/types/p_binary_type.rb +6 -6
  653. data/lib/puppet/pops/types/p_init_type.rb +15 -12
  654. data/lib/puppet/pops/types/p_meta_type.rb +6 -5
  655. data/lib/puppet/pops/types/p_object_type.rb +104 -79
  656. data/lib/puppet/pops/types/p_object_type_extension.rb +15 -14
  657. data/lib/puppet/pops/types/p_runtime_type.rb +12 -10
  658. data/lib/puppet/pops/types/p_sem_ver_range_type.rb +3 -2
  659. data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -8
  660. data/lib/puppet/pops/types/p_sensitive_type.rb +3 -5
  661. data/lib/puppet/pops/types/p_timespan_type.rb +7 -5
  662. data/lib/puppet/pops/types/p_timestamp_type.rb +4 -3
  663. data/lib/puppet/pops/types/p_type_set_type.rb +51 -44
  664. data/lib/puppet/pops/types/p_uri_type.rb +41 -33
  665. data/lib/puppet/pops/types/puppet_object.rb +2 -1
  666. data/lib/puppet/pops/types/recursion_guard.rb +12 -6
  667. data/lib/puppet/pops/types/ruby_generator.rb +19 -14
  668. data/lib/puppet/pops/types/ruby_method.rb +8 -7
  669. data/lib/puppet/pops/types/string_converter.rb +113 -103
  670. data/lib/puppet/pops/types/tree_iterators.rb +16 -20
  671. data/lib/puppet/pops/types/type_acceptor.rb +2 -0
  672. data/lib/puppet/pops/types/type_asserter.rb +5 -3
  673. data/lib/puppet/pops/types/type_assertion_error.rb +1 -1
  674. data/lib/puppet/pops/types/type_calculator.rb +56 -49
  675. data/lib/puppet/pops/types/type_conversion_error.rb +2 -10
  676. data/lib/puppet/pops/types/type_factory.rb +25 -16
  677. data/lib/puppet/pops/types/type_formatter.rb +60 -65
  678. data/lib/puppet/pops/types/type_mismatch_describer.rb +62 -53
  679. data/lib/puppet/pops/types/type_parser.rb +124 -117
  680. data/lib/puppet/pops/types/type_set_reference.rb +3 -0
  681. data/lib/puppet/pops/types/type_with_members.rb +2 -2
  682. data/lib/puppet/pops/types/types.rb +267 -249
  683. data/lib/puppet/pops/utils.rb +43 -45
  684. data/lib/puppet/pops/validation/checker4_0.rb +65 -58
  685. data/lib/puppet/pops/validation/tasks_checker.rb +7 -5
  686. data/lib/puppet/pops/validation/validator_factory_4_0.rb +2 -2
  687. data/lib/puppet/pops/validation.rb +26 -23
  688. data/lib/puppet/pops/visitable.rb +2 -0
  689. data/lib/puppet/pops/visitor.rb +18 -4
  690. data/lib/puppet/pops.rb +6 -3
  691. data/lib/puppet/property/boolean.rb +2 -0
  692. data/lib/puppet/property/ensure.rb +17 -16
  693. data/lib/puppet/property/keyvalue.rb +15 -14
  694. data/lib/puppet/property/list.rb +10 -9
  695. data/lib/puppet/property/ordered_list.rb +6 -5
  696. data/lib/puppet/property.rb +47 -48
  697. data/lib/puppet/provider/aix_object.rb +15 -9
  698. data/lib/puppet/provider/command.rb +2 -0
  699. data/lib/puppet/provider/confine.rb +2 -0
  700. data/lib/puppet/provider/exec/posix.rb +4 -1
  701. data/lib/puppet/provider/exec/shell.rb +2 -0
  702. data/lib/puppet/provider/exec/windows.rb +6 -4
  703. data/lib/puppet/provider/exec.rb +6 -4
  704. data/lib/puppet/provider/file/posix.rb +37 -19
  705. data/lib/puppet/provider/file/windows.rb +28 -29
  706. data/lib/puppet/provider/group/aix.rb +4 -2
  707. data/lib/puppet/provider/group/directoryservice.rb +7 -5
  708. data/lib/puppet/provider/group/groupadd.rb +16 -10
  709. data/lib/puppet/provider/group/ldap.rb +3 -0
  710. data/lib/puppet/provider/group/pw.rb +4 -3
  711. data/lib/puppet/provider/group/windows_adsi.rb +10 -7
  712. data/lib/puppet/provider/ldap.rb +5 -3
  713. data/lib/puppet/provider/nameservice/directoryservice.rb +72 -62
  714. data/lib/puppet/provider/nameservice/objectadd.rb +4 -4
  715. data/lib/puppet/provider/nameservice/pw.rb +8 -8
  716. data/lib/puppet/provider/nameservice.rb +23 -19
  717. data/lib/puppet/provider/network_device.rb +2 -2
  718. data/lib/puppet/provider/package/aix.rb +29 -27
  719. data/lib/puppet/provider/package/appdmg.rb +24 -22
  720. data/lib/puppet/provider/package/apple.rb +7 -5
  721. data/lib/puppet/provider/package/apt.rb +28 -25
  722. data/lib/puppet/provider/package/aptitude.rb +3 -3
  723. data/lib/puppet/provider/package/aptrpm.rb +18 -14
  724. data/lib/puppet/provider/package/blastwave.rb +19 -22
  725. data/lib/puppet/provider/package/dnf.rb +12 -5
  726. data/lib/puppet/provider/package/dnfmodule.rb +17 -15
  727. data/lib/puppet/provider/package/dpkg.rb +24 -25
  728. data/lib/puppet/provider/package/fink.rb +17 -15
  729. data/lib/puppet/provider/package/freebsd.rb +6 -4
  730. data/lib/puppet/provider/package/gem.rb +29 -26
  731. data/lib/puppet/provider/package/hpux.rb +9 -7
  732. data/lib/puppet/provider/package/macports.rb +6 -4
  733. data/lib/puppet/provider/package/nim.rb +27 -28
  734. data/lib/puppet/provider/package/openbsd.rb +37 -34
  735. data/lib/puppet/provider/package/opkg.rb +17 -14
  736. data/lib/puppet/provider/package/pacman.rb +39 -42
  737. data/lib/puppet/provider/package/pip.rb +32 -31
  738. data/lib/puppet/provider/package/pip2.rb +3 -2
  739. data/lib/puppet/provider/package/pip3.rb +3 -2
  740. data/lib/puppet/provider/package/pkg.rb +46 -41
  741. data/lib/puppet/provider/package/pkgdmg.rb +23 -17
  742. data/lib/puppet/provider/package/pkgin.rb +14 -13
  743. data/lib/puppet/provider/package/pkgng.rb +20 -15
  744. data/lib/puppet/provider/package/pkgutil.rb +40 -41
  745. data/lib/puppet/provider/package/portage.rb +73 -69
  746. data/lib/puppet/provider/package/ports.rb +19 -16
  747. data/lib/puppet/provider/package/portupgrade.rb +48 -55
  748. data/lib/puppet/provider/package/puppet_gem.rb +6 -15
  749. data/lib/puppet/provider/package/puppetserver_gem.rb +16 -13
  750. data/lib/puppet/provider/package/rpm.rb +45 -40
  751. data/lib/puppet/provider/package/rug.rb +11 -11
  752. data/lib/puppet/provider/package/sun.rb +28 -24
  753. data/lib/puppet/provider/package/sunfreeware.rb +3 -1
  754. data/lib/puppet/provider/package/tdnf.rb +9 -2
  755. data/lib/puppet/provider/package/up2date.rb +10 -10
  756. data/lib/puppet/provider/package/urpmi.rb +9 -7
  757. data/lib/puppet/provider/package/windows/exe_package.rb +11 -9
  758. data/lib/puppet/provider/package/windows/msi_package.rb +5 -3
  759. data/lib/puppet/provider/package/windows/package.rb +8 -5
  760. data/lib/puppet/provider/package/windows.rb +10 -9
  761. data/lib/puppet/provider/package/xbps.rb +127 -0
  762. data/lib/puppet/provider/package/yum.rb +65 -62
  763. data/lib/puppet/provider/package/zypper.rb +29 -29
  764. data/lib/puppet/provider/package.rb +9 -7
  765. data/lib/puppet/provider/package_targetable.rb +5 -3
  766. data/lib/puppet/provider/parsedfile.rb +21 -17
  767. data/lib/puppet/provider/service/base.rb +19 -23
  768. data/lib/puppet/provider/service/bsd.rb +7 -5
  769. data/lib/puppet/provider/service/daemontools.rb +42 -39
  770. data/lib/puppet/provider/service/debian.rb +12 -10
  771. data/lib/puppet/provider/service/freebsd.rb +50 -52
  772. data/lib/puppet/provider/service/gentoo.rb +11 -9
  773. data/lib/puppet/provider/service/init.rb +33 -31
  774. data/lib/puppet/provider/service/launchd.rb +38 -31
  775. data/lib/puppet/provider/service/openbsd.rb +17 -16
  776. data/lib/puppet/provider/service/openrc.rb +6 -5
  777. data/lib/puppet/provider/service/openwrt.rb +7 -6
  778. data/lib/puppet/provider/service/rcng.rb +7 -5
  779. data/lib/puppet/provider/service/redhat.rb +10 -7
  780. data/lib/puppet/provider/service/runit.rb +16 -15
  781. data/lib/puppet/provider/service/service.rb +7 -8
  782. data/lib/puppet/provider/service/smf.rb +42 -37
  783. data/lib/puppet/provider/service/src.rb +29 -29
  784. data/lib/puppet/provider/service/systemd.rb +48 -48
  785. data/lib/puppet/provider/service/upstart.rb +37 -37
  786. data/lib/puppet/provider/service/windows.rb +45 -48
  787. data/lib/puppet/provider/user/aix.rb +24 -20
  788. data/lib/puppet/provider/user/directoryservice.rb +98 -91
  789. data/lib/puppet/provider/user/hpux.rb +33 -35
  790. data/lib/puppet/provider/user/ldap.rb +13 -10
  791. data/lib/puppet/provider/user/openbsd.rb +24 -22
  792. data/lib/puppet/provider/user/pw.rb +8 -7
  793. data/lib/puppet/provider/user/user_role_add.rb +40 -36
  794. data/lib/puppet/provider/user/useradd.rb +64 -53
  795. data/lib/puppet/provider/user/windows_adsi.rb +14 -10
  796. data/lib/puppet/provider.rb +20 -19
  797. data/lib/puppet/reference/configuration.rb +55 -47
  798. data/lib/puppet/reference/function.rb +2 -0
  799. data/lib/puppet/reference/indirection.rb +33 -28
  800. data/lib/puppet/reference/metaparameter.rb +3 -1
  801. data/lib/puppet/reference/providers.rb +12 -10
  802. data/lib/puppet/reference/report.rb +2 -0
  803. data/lib/puppet/reference/type.rb +7 -5
  804. data/lib/puppet/relationship.rb +10 -9
  805. data/lib/puppet/reports/http.rb +3 -2
  806. data/lib/puppet/reports/log.rb +4 -3
  807. data/lib/puppet/reports/store.rb +9 -6
  808. data/lib/puppet/reports.rb +8 -6
  809. data/lib/puppet/resource/catalog.rb +54 -53
  810. data/lib/puppet/resource/status.rb +9 -7
  811. data/lib/puppet/resource/type.rb +65 -41
  812. data/lib/puppet/resource/type_collection.rb +10 -6
  813. data/lib/puppet/resource.rb +91 -81
  814. data/lib/puppet/runtime.rb +2 -0
  815. data/lib/puppet/scheduler/job.rb +2 -0
  816. data/lib/puppet/scheduler/scheduler.rb +4 -2
  817. data/lib/puppet/scheduler/splay_job.rb +16 -3
  818. data/lib/puppet/scheduler/timer.rb +2 -0
  819. data/lib/puppet/scheduler.rb +3 -1
  820. data/lib/puppet/settings/alias_setting.rb +5 -5
  821. data/lib/puppet/settings/array_setting.rb +2 -1
  822. data/lib/puppet/settings/autosign_setting.rb +2 -1
  823. data/lib/puppet/settings/base_setting.rb +23 -18
  824. data/lib/puppet/settings/boolean_setting.rb +5 -3
  825. data/lib/puppet/settings/certificate_revocation_setting.rb +2 -1
  826. data/lib/puppet/settings/config_file.rb +11 -9
  827. data/lib/puppet/settings/directory_setting.rb +2 -0
  828. data/lib/puppet/settings/duration_setting.rb +5 -4
  829. data/lib/puppet/settings/enum_setting.rb +3 -1
  830. data/lib/puppet/settings/environment_conf.rb +19 -15
  831. data/lib/puppet/settings/errors.rb +6 -3
  832. data/lib/puppet/settings/file_or_directory_setting.rb +4 -7
  833. data/lib/puppet/settings/file_setting.rb +15 -24
  834. data/lib/puppet/settings/http_extra_headers_setting.rb +2 -1
  835. data/lib/puppet/settings/ini_file.rb +5 -3
  836. data/lib/puppet/settings/integer_setting.rb +3 -1
  837. data/lib/puppet/settings/path_setting.rb +2 -0
  838. data/lib/puppet/settings/port_setting.rb +4 -2
  839. data/lib/puppet/settings/priority_setting.rb +13 -12
  840. data/lib/puppet/settings/server_list_setting.rb +7 -6
  841. data/lib/puppet/settings/string_setting.rb +2 -0
  842. data/lib/puppet/settings/symbolic_enum_setting.rb +3 -1
  843. data/lib/puppet/settings/terminus_setting.rb +2 -0
  844. data/lib/puppet/settings/ttl_setting.rb +7 -5
  845. data/lib/puppet/settings/value_translator.rb +9 -7
  846. data/lib/puppet/settings.rb +171 -163
  847. data/lib/puppet/ssl/base.rb +9 -6
  848. data/lib/puppet/ssl/certificate.rb +6 -4
  849. data/lib/puppet/ssl/certificate_request.rb +34 -38
  850. data/lib/puppet/ssl/certificate_request_attributes.rb +7 -4
  851. data/lib/puppet/ssl/certificate_signer.rb +3 -3
  852. data/lib/puppet/ssl/digest.rb +2 -0
  853. data/lib/puppet/ssl/error.rb +3 -0
  854. data/lib/puppet/ssl/oids.rb +11 -9
  855. data/lib/puppet/ssl/openssl_loader.rb +6 -4
  856. data/lib/puppet/ssl/ssl_context.rb +2 -0
  857. data/lib/puppet/ssl/ssl_provider.rb +13 -9
  858. data/lib/puppet/ssl/state_machine.rb +153 -22
  859. data/lib/puppet/ssl/verifier.rb +3 -2
  860. data/lib/puppet/ssl.rb +3 -1
  861. data/lib/puppet/syntax_checkers/base64.rb +7 -5
  862. data/lib/puppet/syntax_checkers/epp.rb +7 -6
  863. data/lib/puppet/syntax_checkers/json.rb +7 -7
  864. data/lib/puppet/syntax_checkers/pp.rb +7 -6
  865. data/lib/puppet/syntax_checkers.rb +3 -1
  866. data/lib/puppet/test/test_helper.rb +30 -44
  867. data/lib/puppet/thread_local.rb +2 -0
  868. data/lib/puppet/transaction/additional_resource_generator.rb +12 -7
  869. data/lib/puppet/transaction/event.rb +8 -5
  870. data/lib/puppet/transaction/event_manager.rb +12 -11
  871. data/lib/puppet/transaction/persistence.rb +16 -16
  872. data/lib/puppet/transaction/report.rb +34 -27
  873. data/lib/puppet/transaction/resource_harness.rb +17 -9
  874. data/lib/puppet/transaction.rb +37 -35
  875. data/lib/puppet/trusted_external.rb +10 -5
  876. data/lib/puppet/type/component.rb +14 -7
  877. data/lib/puppet/type/exec.rb +71 -61
  878. data/lib/puppet/type/file/checksum.rb +6 -2
  879. data/lib/puppet/type/file/checksum_value.rb +6 -4
  880. data/lib/puppet/type/file/content.rb +24 -20
  881. data/lib/puppet/type/file/ctime.rb +5 -4
  882. data/lib/puppet/type/file/data_sync.rb +9 -6
  883. data/lib/puppet/type/file/ensure.rb +24 -25
  884. data/lib/puppet/type/file/group.rb +3 -1
  885. data/lib/puppet/type/file/mode.rb +14 -11
  886. data/lib/puppet/type/file/mtime.rb +5 -3
  887. data/lib/puppet/type/file/owner.rb +3 -2
  888. data/lib/puppet/type/file/selcontext.rb +24 -23
  889. data/lib/puppet/type/file/source.rb +31 -30
  890. data/lib/puppet/type/file/target.rb +23 -25
  891. data/lib/puppet/type/file/type.rb +3 -2
  892. data/lib/puppet/type/file.rb +60 -54
  893. data/lib/puppet/type/filebucket.rb +6 -4
  894. data/lib/puppet/type/group.rb +14 -13
  895. data/lib/puppet/type/notify.rb +4 -3
  896. data/lib/puppet/type/package.rb +47 -45
  897. data/lib/puppet/type/resources.rb +39 -34
  898. data/lib/puppet/type/schedule.rb +21 -21
  899. data/lib/puppet/type/service.rb +19 -18
  900. data/lib/puppet/type/stage.rb +2 -0
  901. data/lib/puppet/type/tidy.rb +40 -34
  902. data/lib/puppet/type/user.rb +62 -56
  903. data/lib/puppet/type/whit.rb +2 -1
  904. data/lib/puppet/type.rb +180 -227
  905. data/lib/puppet/util/at_fork/noop.rb +2 -0
  906. data/lib/puppet/util/at_fork/solaris.rb +37 -39
  907. data/lib/puppet/util/at_fork.rb +3 -1
  908. data/lib/puppet/util/autoload.rb +10 -4
  909. data/lib/puppet/util/backups.rb +13 -11
  910. data/lib/puppet/util/character_encoding.rb +9 -6
  911. data/lib/puppet/util/checksums.rb +16 -12
  912. data/lib/puppet/util/classgen.rb +18 -23
  913. data/lib/puppet/util/colors.rb +67 -65
  914. data/lib/puppet/util/command_line/puppet_option_parser.rb +18 -16
  915. data/lib/puppet/util/command_line/trollop.rb +695 -673
  916. data/lib/puppet/util/command_line.rb +7 -5
  917. data/lib/puppet/util/constant_inflector.rb +4 -3
  918. data/lib/puppet/util/diff.rb +17 -18
  919. data/lib/puppet/util/docs.rb +8 -4
  920. data/lib/puppet/util/errors.rb +13 -11
  921. data/lib/puppet/util/execution.rb +58 -36
  922. data/lib/puppet/util/execution_stub.rb +2 -0
  923. data/lib/puppet/util/feature.rb +9 -9
  924. data/lib/puppet/util/file_watcher.rb +3 -0
  925. data/lib/puppet/util/fileparsing.rb +20 -24
  926. data/lib/puppet/util/filetype.rb +43 -43
  927. data/lib/puppet/util/http_proxy.rb +2 -0
  928. data/lib/puppet/util/inifile.rb +13 -18
  929. data/lib/puppet/util/instance_loader.rb +3 -0
  930. data/lib/puppet/util/json.rb +2 -0
  931. data/lib/puppet/util/json_lockfile.rb +4 -1
  932. data/lib/puppet/util/ldap/connection.rb +21 -19
  933. data/lib/puppet/util/ldap/generator.rb +2 -0
  934. data/lib/puppet/util/ldap/manager.rb +20 -21
  935. data/lib/puppet/util/ldap.rb +2 -0
  936. data/lib/puppet/util/libuser.rb +3 -2
  937. data/lib/puppet/util/limits.rb +2 -0
  938. data/lib/puppet/util/lockfile.rb +8 -8
  939. data/lib/puppet/util/log/destination.rb +4 -3
  940. data/lib/puppet/util/log/destinations.rb +20 -20
  941. data/lib/puppet/util/log.rb +40 -31
  942. data/lib/puppet/util/logging.rb +34 -30
  943. data/lib/puppet/util/metaid.rb +2 -1
  944. data/lib/puppet/util/metric.rb +9 -6
  945. data/lib/puppet/util/monkey_patches.rb +22 -30
  946. data/lib/puppet/util/multi_match.rb +9 -5
  947. data/lib/puppet/util/network_device/base.rb +3 -2
  948. data/lib/puppet/util/network_device/config.rb +9 -9
  949. data/lib/puppet/util/network_device/transport/base.rb +1 -1
  950. data/lib/puppet/util/network_device/transport.rb +2 -0
  951. data/lib/puppet/util/network_device.rb +2 -0
  952. data/lib/puppet/util/package/version/debian.rb +33 -31
  953. data/lib/puppet/util/package/version/gem.rb +3 -0
  954. data/lib/puppet/util/package/version/pip.rb +14 -8
  955. data/lib/puppet/util/package/version/range/eq.rb +4 -1
  956. data/lib/puppet/util/package/version/range/gt.rb +3 -0
  957. data/lib/puppet/util/package/version/range/gt_eq.rb +3 -0
  958. data/lib/puppet/util/package/version/range/lt.rb +4 -1
  959. data/lib/puppet/util/package/version/range/lt_eq.rb +3 -0
  960. data/lib/puppet/util/package/version/range/min_max.rb +5 -0
  961. data/lib/puppet/util/package/version/range/simple.rb +2 -0
  962. data/lib/puppet/util/package/version/range.rb +9 -5
  963. data/lib/puppet/util/package/version/rpm.rb +7 -5
  964. data/lib/puppet/util/package.rb +5 -2
  965. data/lib/puppet/util/pidlock.rb +11 -10
  966. data/lib/puppet/util/platform.rb +5 -3
  967. data/lib/puppet/util/plist.rb +16 -16
  968. data/lib/puppet/util/posix.rb +27 -24
  969. data/lib/puppet/util/profiler/aggregate.rb +7 -10
  970. data/lib/puppet/util/profiler/around_profiler.rb +2 -1
  971. data/lib/puppet/util/profiler/logging.rb +3 -1
  972. data/lib/puppet/util/profiler/object_counts.rb +2 -0
  973. data/lib/puppet/util/profiler/wall_clock.rb +6 -5
  974. data/lib/puppet/util/profiler.rb +2 -0
  975. data/lib/puppet/util/provider_features.rb +10 -6
  976. data/lib/puppet/util/psych_support.rb +2 -0
  977. data/lib/puppet/util/rdoc/code_objects.rb +18 -20
  978. data/lib/puppet/util/rdoc/generators/puppet_generator.rb +118 -128
  979. data/lib/puppet/util/rdoc/generators/template/puppet/puppet.rb +62 -79
  980. data/lib/puppet/util/rdoc/parser/puppet_parser_core.rb +32 -29
  981. data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +3 -1
  982. data/lib/puppet/util/rdoc/parser.rb +3 -1
  983. data/lib/puppet/util/rdoc.rb +10 -9
  984. data/lib/puppet/util/reference.rb +7 -32
  985. data/lib/puppet/util/resource_template.rb +3 -1
  986. data/lib/puppet/util/retry_action.rb +6 -5
  987. data/lib/puppet/util/rpm_compare.rb +31 -28
  988. data/lib/puppet/util/rubygems.rb +3 -3
  989. data/lib/puppet/util/run_mode.rb +46 -4
  990. data/lib/puppet/util/selinux.rb +72 -38
  991. data/lib/puppet/util/skip_tags.rb +2 -0
  992. data/lib/puppet/util/splayer.rb +2 -0
  993. data/lib/puppet/util/storage.rb +13 -13
  994. data/lib/puppet/util/suidmanager.rb +38 -37
  995. data/lib/puppet/util/symbolic_file_mode.rb +76 -76
  996. data/lib/puppet/util/tag_set.rb +4 -2
  997. data/lib/puppet/util/tagging.rb +12 -13
  998. data/lib/puppet/util/terminal.rb +6 -4
  999. data/lib/puppet/util/user_attr.rb +9 -7
  1000. data/lib/puppet/util/warnings.rb +4 -0
  1001. data/lib/puppet/util/watched_file.rb +4 -1
  1002. data/lib/puppet/util/watcher/change_watcher.rb +2 -0
  1003. data/lib/puppet/util/watcher/periodic_watcher.rb +2 -1
  1004. data/lib/puppet/util/watcher/timer.rb +2 -0
  1005. data/lib/puppet/util/watcher.rb +5 -5
  1006. data/lib/puppet/util/windows/access_control_entry.rb +3 -1
  1007. data/lib/puppet/util/windows/access_control_list.rb +10 -7
  1008. data/lib/puppet/util/windows/adsi.rb +82 -74
  1009. data/lib/puppet/util/windows/com.rb +10 -7
  1010. data/lib/puppet/util/windows/daemon.rb +77 -80
  1011. data/lib/puppet/util/windows/error.rb +7 -5
  1012. data/lib/puppet/util/windows/eventlog.rb +13 -9
  1013. data/lib/puppet/util/windows/file.rb +49 -45
  1014. data/lib/puppet/util/windows/monkey_patches/process.rb +2 -3
  1015. data/lib/puppet/util/windows/principal.rb +37 -34
  1016. data/lib/puppet/util/windows/process.rb +36 -40
  1017. data/lib/puppet/util/windows/registry.rb +60 -58
  1018. data/lib/puppet/util/windows/root_certs.rb +5 -3
  1019. data/lib/puppet/util/windows/security.rb +92 -90
  1020. data/lib/puppet/util/windows/security_descriptor.rb +2 -0
  1021. data/lib/puppet/util/windows/service.rb +24 -12
  1022. data/lib/puppet/util/windows/sid.rb +23 -21
  1023. data/lib/puppet/util/windows/string.rb +2 -0
  1024. data/lib/puppet/util/windows/user.rb +56 -55
  1025. data/lib/puppet/util/windows.rb +8 -1
  1026. data/lib/puppet/util/yaml.rb +3 -1
  1027. data/lib/puppet/util.rb +112 -161
  1028. data/lib/puppet/vendor.rb +3 -1
  1029. data/lib/puppet/version.rb +5 -2
  1030. data/lib/puppet/x509/cert_provider.rb +48 -12
  1031. data/lib/puppet/x509/pem_store.rb +3 -1
  1032. data/lib/puppet/x509.rb +2 -0
  1033. data/lib/puppet.rb +22 -19
  1034. data/lib/puppet_pal.rb +2 -0
  1035. data/lib/puppet_x.rb +2 -0
  1036. data/locales/puppet.pot +9723 -5
  1037. data/man/man5/puppet.conf.5 +121 -912
  1038. data/man/man8/puppet-agent.8 +39 -107
  1039. data/man/man8/puppet-apply.8 +18 -51
  1040. data/man/man8/puppet-catalog.8 +25 -122
  1041. data/man/man8/puppet-config.8 +22 -70
  1042. data/man/man8/puppet-describe.8 +6 -22
  1043. data/man/man8/puppet-device.8 +13 -49
  1044. data/man/man8/puppet-doc.8 +8 -24
  1045. data/man/man8/puppet-epp.8 +23 -168
  1046. data/man/man8/puppet-facts.8 +14 -92
  1047. data/man/man8/puppet-filebucket.8 +22 -54
  1048. data/man/man8/puppet-generate.8 +5 -35
  1049. data/man/man8/puppet-help.8 +8 -29
  1050. data/man/man8/puppet-lookup.8 +25 -61
  1051. data/man/man8/puppet-module.8 +19 -124
  1052. data/man/man8/puppet-node.8 +47 -68
  1053. data/man/man8/puppet-parser.8 +12 -55
  1054. data/man/man8/puppet-plugin.8 +10 -33
  1055. data/man/man8/puppet-report.8 +10 -53
  1056. data/man/man8/puppet-resource.8 +19 -44
  1057. data/man/man8/puppet-script.8 +11 -33
  1058. data/man/man8/puppet-ssl.8 +12 -30
  1059. data/man/man8/puppet.8 +90 -20
  1060. data/tasks/tag.rake +34 -0
  1061. metadata +77 -65
  1062. data/CONTRIBUTING.md +0 -161
  1063. data/examples/hiera/etc/hiera.yaml +0 -15
  1064. data/examples/hiera/etc/hieradb/common.yaml +0 -3
  1065. data/examples/hiera/etc/hieradb/dc1.yaml +0 -6
  1066. data/examples/hiera/etc/hieradb/development.yaml +0 -2
  1067. data/examples/hiera/etc/puppet.conf +0 -3
  1068. data/examples/hiera/modules/data/manifests/common.pp +0 -4
  1069. data/examples/hiera/modules/ntp/manifests/data.pp +0 -4
  1070. data/examples/hiera/modules/ntp/templates/ntp.conf.erb +0 -3
  1071. data/examples/hiera/modules/users/manifests/development.pp +0 -4
  1072. data/lib/puppet/external/pson/common.rb +0 -374
  1073. data/lib/puppet/external/pson/pure/generator.rb +0 -395
  1074. data/lib/puppet/external/pson/pure/parser.rb +0 -308
  1075. data/lib/puppet/external/pson/pure.rb +0 -15
  1076. data/lib/puppet/external/pson/version.rb +0 -8
  1077. data/lib/puppet/module_tool/contents_description.rb +0 -89
  1078. data/tasks/benchmark.rake +0 -180
  1079. data/tasks/ci.rake +0 -24
  1080. data/tasks/generate_ast_model.rake +0 -90
  1081. data/tasks/generate_cert_fixtures.rake +0 -194
  1082. data/tasks/manpages.rake +0 -67
  1083. data/tasks/memwalk.rake +0 -195
  1084. data/tasks/parallel.rake +0 -410
  1085. data/tasks/parser.rake +0 -22
  1086. data/tasks/yard.rake +0 -59
@@ -1,2198 +1,1407 @@
1
- .\" generated with Ronn/v0.7.3
2
- .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
- .
4
- .TH "PUPPETCONF" "5" "October 2024" "Puppet, Inc." "Puppet manual"
5
- \fBThis page is autogenerated; any changes will get overwritten\fR
6
- .
1
+ .\" generated with Ronn-NG/v0.10.1
2
+ .\" http://github.com/apjanke/ronn-ng/tree/0.10.1
3
+ .TH "PUPPETCONF" "5" "January 2025" "Vox Pupuli" "OpenVox manual"
7
4
  .SH "Configuration settings"
8
- .
9
5
  .IP "\(bu" 4
10
6
  Each of these settings can be specified in \fBpuppet\.conf\fR or on the command line\.
11
- .
12
7
  .IP "\(bu" 4
13
8
  Puppet Enterprise (PE) and open source Puppet share the configuration settings documented here\. However, PE defaults differ from open source defaults for some settings, such as \fBnode_terminus\fR, \fBstoreconfigs\fR, \fBalways_retry_plugins\fR, \fBdisable18n\fR, \fBenvironment_timeout\fR (when Code Manager is enabled), and the Puppet Server JRuby \fBmax\-active\-instances\fR setting\. To verify PE configuration defaults, check the \fBpuppet\.conf\fR or \fBpe\-puppet\-server\.conf\fR file after installation\.
14
- .
15
9
  .IP "\(bu" 4
16
10
  When using boolean settings on the command line, use \fB\-\-setting\fR and \fB\-\-no\-setting\fR instead of \fB\-\-setting (true|false)\fR\. (Using \fB\-\-setting false\fR results in "Error: Could not parse application options: needless argument"\.)
17
- .
18
11
  .IP "\(bu" 4
19
- Settings can be interpolated as \fB$variables\fR in other settings; \fB$environment\fR is special, in that puppet master will interpolate each agent node\'s environment instead of its own\.
20
- .
12
+ Settings can be interpolated as \fB$variables\fR in other settings; \fB$environment\fR is special, in that puppet master will interpolate each agent node's environment instead of its own\.
21
13
  .IP "\(bu" 4
22
14
  Multiple values should be specified as comma\-separated lists; multiple directories should be separated with the system path separator (usually a colon)\.
23
- .
24
15
  .IP "\(bu" 4
25
- Settings that represent time intervals should be specified in duration format: an integer immediately followed by one of the units \'y\' (years of 365 days), \'d\' (days), \'h\' (hours), \'m\' (minutes), or \'s\' (seconds)\. The unit cannot be combined with other units, and defaults to seconds when omitted\. Examples are \'3600\' which is equivalent to \'1h\' (one hour), and \'1825d\' which is equivalent to \'5y\' (5 years)\.
26
- .
16
+ Settings that represent time intervals should be specified in duration format: an integer immediately followed by one of the units 'y' (years of 365 days), 'd' (days), 'h' (hours), 'm' (minutes), or 's' (seconds)\. The unit cannot be combined with other units, and defaults to seconds when omitted\. Examples are '3600' which is equivalent to '1h' (one hour), and '1825d' which is equivalent to '5y' (5 years)\.
27
17
  .IP "\(bu" 4
28
18
  If you use the \fBsplay\fR setting, note that the period that it waits changes each time the Puppet agent is restarted\.
29
- .
30
19
  .IP "\(bu" 4
31
20
  Settings that take a single file or directory can optionally set the owner, group, and mode for their value: \fBrundir = $vardir/run { owner = puppet, group = puppet, mode = 644 }\fR
32
- .
33
21
  .IP "\(bu" 4
34
- The Puppet executables ignores any setting that isn\'t relevant to their function\.
35
- .
22
+ The Puppet executables ignores any setting that isn't relevant to their function\.
36
23
  .IP "" 0
37
- .
38
24
  .P
39
25
  See the configuration guide \fIhttps://puppet\.com/docs/puppet/latest/config_about_settings\.html\fR for more details\.
40
- .
41
26
  .SS "agent_catalog_run_lockfile"
42
27
  A lock file to indicate that a puppet agent catalog run is currently in progress\. The file contains the pid of the process that holds the lock on the catalog run\.
43
- .
44
28
  .IP "\(bu" 4
45
29
  \fIDefault\fR: \fB$statedir/agent_catalog_run\.lock\fR
46
- .
47
30
  .IP "" 0
48
- .
49
31
  .SS "agent_disabled_lockfile"
50
32
  A lock file to indicate that puppet agent runs have been administratively disabled\. File contains a JSON object with state information\.
51
- .
52
33
  .IP "\(bu" 4
53
34
  \fIDefault\fR: \fB$statedir/agent_disabled\.lock\fR
54
- .
55
35
  .IP "" 0
56
- .
57
36
  .SS "allow_duplicate_certs"
58
37
  Whether to allow a new certificate request to overwrite an existing certificate request\. If true, then the old certificate must be cleaned using \fBpuppetserver ca clean\fR, and the new request signed using \fBpuppetserver ca sign\fR\.
59
- .
60
38
  .IP "\(bu" 4
61
39
  \fIDefault\fR: \fBfalse\fR
62
- .
63
40
  .IP "" 0
64
- .
65
41
  .SS "allow_pson_serialization"
66
- Whether when unable to serialize to JSON or other formats, Puppet falls back to PSON\. This option affects both puppetserver\'s configuration management service responses and when the agent saves its cached catalog\. This option is useful in preventing the loss of data because rich data cannot be serialized via PSON\.
67
- .
42
+ Whether to allow PSON serialization\. When unable to serialize to JSON or other formats, Puppet falls back to PSON\. This option affects the configuration management service responses of Puppet Server and the process by which the agent saves its cached catalog\. With a default value of \fBfalse\fR, this option is useful in preventing the loss of data because rich data cannot be serialized via PSON\.
68
43
  .IP "\(bu" 4
69
- \fIDefault\fR: \fBtrue\fR
70
- .
44
+ \fIDefault\fR: \fBfalse\fR
71
45
  .IP "" 0
72
- .
73
46
  .SS "always_retry_plugins"
74
47
  Affects how we cache attempts to load Puppet resource types and features\. If true, then calls to \fBPuppet\.type\.<type>?\fR \fBPuppet\.feature\.<feature>?\fR will always attempt to load the type or feature (which can be an expensive operation) unless it has already been loaded successfully\. This makes it possible for a single agent run to, e\.g\., install a package that provides the underlying capabilities for a type or feature, and then later load that type or feature during the same run (even if the type or feature had been tested earlier and had not been available)\.
75
- .
76
48
  .P
77
49
  If this setting is set to false, then types and features will only be checked once, and if they are not available, the negative result is cached and returned for all subsequent attempts to load the type or feature\. This behavior is almost always appropriate for the server, and can result in a significant performance improvement for types and features that are checked frequently\.
78
- .
79
50
  .IP "\(bu" 4
80
51
  \fIDefault\fR: \fBtrue\fR
81
- .
82
52
  .IP "" 0
83
- .
84
53
  .SS "autoflush"
85
54
  Whether log files should always flush to disk\.
86
- .
87
55
  .IP "\(bu" 4
88
56
  \fIDefault\fR: \fBtrue\fR
89
- .
90
57
  .IP "" 0
91
- .
92
58
  .SS "autosign"
93
59
  Whether (and how) to autosign certificate requests\. This setting is only relevant on a Puppet Server acting as a certificate authority (CA)\.
94
- .
95
60
  .P
96
61
  Valid values are true (autosigns all certificate requests; not recommended), false (disables autosigning certificates), or the absolute path to a file\.
97
- .
98
62
  .P
99
63
  The file specified in this setting may be either a \fBconfiguration file\fR or a \fBcustom policy executable\.\fR Puppet will automatically determine what it is: If the Puppet user (see the \fBuser\fR setting) can execute the file, it will be treated as a policy executable; otherwise, it will be treated as a config file\.
100
- .
101
64
  .P
102
65
  If a custom policy executable is configured, the CA Puppet Server will run it every time it receives a CSR\. The executable will be passed the subject CN of the request \fIas a command line argument,\fR and the contents of the CSR in PEM format \fIon stdin\.\fR It should exit with a status of 0 if the cert should be autosigned and non\-zero if the cert should not be autosigned\.
103
- .
104
66
  .P
105
67
  If a certificate request is not autosigned, it will persist for review\. An admin user can use the \fBpuppetserver ca sign\fR command to manually sign it, or can delete the request\.
106
- .
107
68
  .P
108
- For info on autosign configuration files, see the guide to Puppet\'s config files \fIhttps://puppet\.com/docs/puppet/latest/config_file_autosign\.html\fR\.
109
- .
69
+ For info on autosign configuration files, see the guide to Puppet's config files \fIhttps://puppet\.com/docs/puppet/latest/config_file_autosign\.html\fR\.
110
70
  .IP "\(bu" 4
111
71
  \fIDefault\fR: \fB$confdir/autosign\.conf\fR
112
- .
113
72
  .IP "" 0
114
- .
115
73
  .SS "basemodulepath"
116
- The search path for \fBglobal\fR modules\. Should be specified as a list of directories separated by the system path separator character\. (The POSIX path separator is \':\', and the Windows path separator is \';\'\.)
117
- .
74
+ The search path for \fBglobal\fR modules\. Should be specified as a list of directories separated by the system path separator character\. (The POSIX path separator is ':', and the Windows path separator is ';'\.)
118
75
  .P
119
76
  These are the modules that will be used by \fIall\fR environments\. Note that the \fBmodules\fR directory of the active environment will have priority over any global directories\. For more info, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
120
- .
121
77
  .IP "\(bu" 4
122
78
  \fIDefault\fR: \fB$codedir/modules:/opt/puppetlabs/puppet/modules\fR
123
- .
124
79
  .IP "" 0
125
- .
126
80
  .SS "binder_config"
127
81
  The binder configuration file\. Puppet reads this file on each request to configure the bindings system\. If set to nil (the default), a $confdir/binder_config\.yaml is optionally loaded\. If it does not exists, a default configuration is used\. If the setting :binding_config is specified, it must reference a valid and existing yaml file\.
128
- .
129
82
  .IP "\(bu" 4
130
83
  \fIDefault\fR: ``
131
- .
132
84
  .IP "" 0
133
- .
134
85
  .SS "bucketdir"
135
86
  Where FileBucket files are stored\.
136
- .
137
87
  .IP "\(bu" 4
138
88
  \fIDefault\fR: \fB$vardir/bucket\fR
139
- .
140
89
  .IP "" 0
141
- .
142
90
  .SS "ca_fingerprint"
143
91
  The expected fingerprint of the CA certificate\. If specified, the agent will compare the CA certificate fingerprint that it downloads against this value and reject the CA certificate if the values do not match\. This only applies during the first download of the CA certificate\.
144
- .
145
92
  .IP "\(bu" 4
146
93
  \fIDefault\fR: ``
147
- .
148
94
  .IP "" 0
149
- .
150
95
  .SS "ca_name"
151
96
  The name to use the Certificate Authority certificate\.
152
- .
153
97
  .IP "\(bu" 4
154
98
  \fIDefault\fR: \fBPuppet CA: $certname\fR
155
- .
156
99
  .IP "" 0
157
- .
158
100
  .SS "ca_port"
159
101
  The port to use for the certificate authority\.
160
- .
161
102
  .IP "\(bu" 4
162
103
  \fIDefault\fR: \fB$serverport\fR
163
- .
164
104
  .IP "" 0
165
- .
105
+ .SS "ca_refresh_interval"
106
+ How often the Puppet agent refreshes its local CA certificates\. By default, CA certificates are refreshed every 24 hours\. If a different interval is specified, the agent refreshes its CA certificates during the next agent run if the elapsed time since the certificates were last refreshed exceeds the specified duration\.
107
+ .P
108
+ In general, the interval should be greater than the \fBruninterval\fR value\. Setting the \fBca_refresh_interval\fR value to 0 or an equal or lesser value than \fBruninterval\fR causes the CA certificates to be refreshed on every run\.
109
+ .P
110
+ If the agent downloads new CA certs, the agent uses those for subsequent network requests\. If the refresh request fails or if the CA certs are unchanged on the server, then the agent run will continue using the local CA certs it already has\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
111
+ .IP "\(bu" 4
112
+ \fIDefault\fR: \fB1d\fR
113
+ .IP "" 0
166
114
  .SS "ca_server"
167
- The server to use for certificate authority requests\. It\'s a separate server because it cannot and does not need to horizontally scale\.
168
- .
115
+ The server to use for certificate authority requests\. It's a separate server because it cannot and does not need to horizontally scale\.
169
116
  .IP "\(bu" 4
170
117
  \fIDefault\fR: \fB$server\fR
171
- .
172
118
  .IP "" 0
173
- .
174
119
  .SS "ca_ttl"
175
120
  The default TTL for new certificates\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
176
- .
177
121
  .IP "\(bu" 4
178
122
  \fIDefault\fR: \fB5y\fR
179
- .
180
123
  .IP "" 0
181
- .
182
124
  .SS "cacert"
183
125
  The CA certificate\.
184
- .
185
126
  .IP "\(bu" 4
186
127
  \fIDefault\fR: \fB$cadir/ca_crt\.pem\fR
187
- .
188
128
  .IP "" 0
189
- .
190
129
  .SS "cacrl"
191
130
  The certificate revocation list (CRL) for the CA\.
192
- .
193
131
  .IP "\(bu" 4
194
132
  \fIDefault\fR: \fB$cadir/ca_crl\.pem\fR
195
- .
196
133
  .IP "" 0
197
- .
198
134
  .SS "cadir"
199
135
  The root directory for the certificate authority\.
200
- .
201
136
  .IP "\(bu" 4
202
137
  \fIDefault\fR: \fB/etc/puppetlabs/puppetserver/ca\fR
203
- .
204
138
  .IP "" 0
205
- .
206
139
  .SS "cakey"
207
140
  The CA private key\.
208
- .
209
141
  .IP "\(bu" 4
210
142
  \fIDefault\fR: \fB$cadir/ca_key\.pem\fR
211
- .
212
143
  .IP "" 0
213
- .
214
144
  .SS "capub"
215
145
  The CA public key\.
216
- .
217
146
  .IP "\(bu" 4
218
147
  \fIDefault\fR: \fB$cadir/ca_pub\.pem\fR
219
- .
220
148
  .IP "" 0
221
- .
222
149
  .SS "catalog_cache_terminus"
223
- How to store cached catalogs\. Valid values are \'json\', \'msgpack\' and \'yaml\'\. The agent application defaults to \'json\'\.
224
- .
150
+ How to store cached catalogs\. Valid values are 'json', 'msgpack' and 'yaml'\. The agent application defaults to 'json'\.
225
151
  .IP "\(bu" 4
226
152
  \fIDefault\fR: ``
227
- .
228
153
  .IP "" 0
229
- .
230
154
  .SS "catalog_terminus"
231
- Where to get node catalogs\. This is useful to change if, for instance, you\'d like to pre\-compile catalogs and store them in memcached or some other easily\-accessed store\.
232
- .
155
+ Where to get node catalogs\. This is useful to change if, for instance, you'd like to pre\-compile catalogs and store them in memcached or some other easily\-accessed store\.
233
156
  .IP "\(bu" 4
234
157
  \fIDefault\fR: \fBcompiler\fR
235
- .
236
158
  .IP "" 0
237
- .
238
159
  .SS "cert_inventory"
239
160
  The inventory file\. This is a text file to which the CA writes a complete listing of all certificates\.
240
- .
241
161
  .IP "\(bu" 4
242
162
  \fIDefault\fR: \fB$cadir/inventory\.txt\fR
243
- .
244
163
  .IP "" 0
245
- .
246
164
  .SS "certdir"
247
165
  The certificate directory\.
248
- .
249
166
  .IP "\(bu" 4
250
167
  \fIDefault\fR: \fB$ssldir/certs\fR
251
- .
252
168
  .IP "" 0
253
- .
254
169
  .SS "certificate_revocation"
255
170
  Whether certificate revocation checking should be enabled, and what level of checking should be performed\.
256
- .
257
171
  .P
258
172
  When certificate revocation is enabled, Puppet expects the contents of its CRL to be one or more PEM\-encoded CRLs concatenated together\. When using a cert bundle, CRLs for all CAs in the chain of trust must be included in the crl file\. The chain should be ordered from least to most authoritative, with the first CRL listed being for the root of the chain and the last being for the leaf CA\.
259
- .
260
173
  .P
261
- When certificate_revocation is set to \'true\' or \'chain\', Puppet ensures that each CA in the chain of trust has not been revoked by its issuing CA\.
262
- .
174
+ When certificate_revocation is set to 'true' or 'chain', Puppet ensures that each CA in the chain of trust has not been revoked by its issuing CA\.
263
175
  .P
264
- When certificate_revocation is set to \'leaf\', Puppet verifies certs against the issuing CA\'s revocation list, but it does not verify the revocation status of the issuing CA or any CA above it within the chain of trust\.
265
- .
176
+ When certificate_revocation is set to 'leaf', Puppet verifies certs against the issuing CA's revocation list, but it does not verify the revocation status of the issuing CA or any CA above it within the chain of trust\.
266
177
  .P
267
- When certificate_revocation is set to \'false\', Puppet disables all certificate revocation checking and does not attempt to download the CRL\.
268
- .
178
+ When certificate_revocation is set to 'false', Puppet disables all certificate revocation checking and does not attempt to download the CRL\.
269
179
  .IP "\(bu" 4
270
180
  \fIDefault\fR: \fBchain\fR
271
- .
272
181
  .IP "" 0
273
- .
274
182
  .SS "certname"
275
183
  The name to use when handling certificates\. When a node requests a certificate from the CA Puppet Server, it uses the value of the \fBcertname\fR setting as its requested Subject CN\.
276
- .
277
184
  .P
278
- This is the name used when managing a node\'s permissions in Puppet Server\'s auth\.conf \fIhttps://puppet\.com/docs/puppetserver/latest/config_file_auth\.html\fR\. In most cases, it is also used as the node\'s name when matching node definitions \fIhttps://puppet\.com/docs/puppet/latest/lang_node_definitions\.html\fR and requesting data from an ENC\. (This can be changed with the \fBnode_name_value\fR and \fBnode_name_fact\fR settings, although you should only do so if you have a compelling reason\.)
279
- .
185
+ This is the name used when managing a node's permissions in Puppet Server's auth\.conf \fIhttps://puppet\.com/docs/puppetserver/latest/config_file_auth\.html\fR\. In most cases, it is also used as the node's name when matching node definitions \fIhttps://puppet\.com/docs/puppet/latest/lang_node_definitions\.html\fR and requesting data from an ENC\. (This can be changed with the \fBnode_name_value\fR and \fBnode_name_fact\fR settings, although you should only do so if you have a compelling reason\.)
280
186
  .P
281
- A node\'s certname is available in Puppet manifests as \fB$trusted[\'certname\']\fR\. (See Facts and Built\-In Variables \fIhttps://puppet\.com/docs/puppet/latest/lang_facts_and_builtin_vars\.html\fR for more details\.)
282
- .
187
+ A node's certname is available in Puppet manifests as \fB$trusted['certname']\fR\. (See Facts and Built\-In Variables \fIhttps://puppet\.com/docs/puppet/latest/lang_facts_and_builtin_vars\.html\fR for more details\.)
283
188
  .IP "\(bu" 4
284
189
  For best compatibility, you should limit the value of \fBcertname\fR to only use lowercase letters, numbers, periods, underscores, and dashes\. (That is, it should match \fB/A[a\-z0\-9\._\-]+Z/\fR\.)
285
- .
286
190
  .IP "\(bu" 4
287
- The special value \fBca\fR is reserved, and can\'t be used as the certname for a normal node\.
288
- .
191
+ The special value \fBca\fR is reserved, and can't be used as the certname for a normal node\.
289
192
  .IP
290
193
  \fBNote:\fR You must set the certname in the main section of the puppet\.conf file\. Setting it in a different section causes errors\.
291
- .
292
194
  .IP "" 0
293
- .
294
195
  .P
295
- Defaults to the node\'s fully qualified domain name\.
296
- .
196
+ Defaults to the node's fully qualified domain name\.
297
197
  .IP "\(bu" 4
298
- \fIDefault\fR: \fBthe Host\'s fully qualified domain name, as determined by Facter\fR
299
- .
198
+ \fIDefault\fR: \fBthe Host's fully qualified domain name, as determined by Facter\fR
300
199
  .IP "" 0
301
- .
302
200
  .SS "ciphers"
303
201
  The list of ciphersuites for TLS connections initiated by puppet\. The default value is chosen to support TLS 1\.0 and up, but can be made more restrictive if needed\. The ciphersuites must be specified in OpenSSL format, not IANA\.
304
- .
305
202
  .IP "\(bu" 4
306
203
  \fIDefault\fR: \fBECDHE\-ECDSA\-AES128\-GCM\-SHA256:ECDHE\-RSA\-AES128\-GCM\-SHA256:ECDHE\-ECDSA\-AES256\-GCM\-SHA384:ECDHE\-RSA\-AES256\-GCM\-SHA384:ECDHE\-ECDSA\-CHACHA20\-POLY1305:ECDHE\-RSA\-CHACHA20\-POLY1305:DHE\-RSA\-AES128\-GCM\-SHA256:DHE\-RSA\-AES256\-GCM\-SHA384:DHE\-RSA\-CHACHA20\-POLY1305:ECDHE\-ECDSA\-AES128\-SHA256:ECDHE\-RSA\-AES128\-SHA256:ECDHE\-ECDSA\-AES128\-SHA:ECDHE\-RSA\-AES128\-SHA:ECDHE\-ECDSA\-AES256\-SHA384:ECDHE\-RSA\-AES256\-SHA384:ECDHE\-ECDSA\-AES256\-SHA:ECDHE\-RSA\-AES256\-SHA:DHE\-RSA\-AES128\-SHA256:DHE\-RSA\-AES256\-SHA256:AES128\-GCM\-SHA256:AES256\-GCM\-SHA384:AES128\-SHA256:AES256\-SHA256\fR
307
- .
308
204
  .IP "" 0
309
- .
310
205
  .SS "classfile"
311
206
  The file in which puppet agent stores a list of the classes associated with the retrieved configuration\. Can be loaded in the separate \fBpuppet\fR executable using the \fB\-\-loadclasses\fR option\.
312
- .
313
207
  .IP "\(bu" 4
314
208
  \fIDefault\fR: \fB$statedir/classes\.txt\fR
315
- .
316
209
  .IP "" 0
317
- .
318
210
  .SS "client_datadir"
319
211
  The directory in which serialized data is stored on the client\.
320
- .
321
212
  .IP "\(bu" 4
322
213
  \fIDefault\fR: \fB$vardir/client_data\fR
323
- .
324
214
  .IP "" 0
325
- .
326
215
  .SS "clientbucketdir"
327
216
  Where FileBucket files are stored locally\.
328
- .
329
217
  .IP "\(bu" 4
330
218
  \fIDefault\fR: \fB$vardir/clientbucket\fR
331
- .
332
219
  .IP "" 0
333
- .
334
220
  .SS "clientyamldir"
335
221
  The directory in which client\-side YAML data is stored\.
336
- .
337
222
  .IP "\(bu" 4
338
223
  \fIDefault\fR: \fB$vardir/client_yaml\fR
339
- .
340
224
  .IP "" 0
341
- .
342
225
  .SS "code"
343
- Code to parse directly\. This is essentially only used by \fBpuppet\fR, and should only be set if you\'re writing your own Puppet executable\.
344
- .
226
+ Code to parse directly\. This is essentially only used by \fBpuppet\fR, and should only be set if you're writing your own Puppet executable\.
345
227
  .SS "codedir"
346
- The main Puppet code directory\. The default for this setting is calculated based on the user\. If the process is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it\'s running as any other user, it defaults to being in the user\'s home directory\.
347
- .
228
+ The main Puppet code directory\. The default for this setting is calculated based on the user\. If the process is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it's running as any other user, it defaults to being in the user's home directory\.
348
229
  .IP "\(bu" 4
349
230
  \fIDefault\fR: \fBUnix/Linux: /etc/puppetlabs/code \-\- Windows: C:\eProgramData\ePuppetLabs\ecode \-\- Non\-root user: ~/\.puppetlabs/etc/code\fR
350
- .
351
231
  .IP "" 0
352
- .
353
232
  .SS "color"
354
233
  Whether to use colors when logging to the console\. Valid values are \fBansi\fR (equivalent to \fBtrue\fR), \fBhtml\fR, and \fBfalse\fR, which produces no color\.
355
- .
356
234
  .IP "\(bu" 4
357
235
  \fIDefault\fR: \fBansi\fR
358
- .
359
236
  .IP "" 0
360
- .
361
237
  .SS "confdir"
362
- The main Puppet configuration directory\. The default for this setting is calculated based on the user\. If the process is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it\'s running as any other user, it defaults to being in the user\'s home directory\.
363
- .
238
+ The main Puppet configuration directory\. The default for this setting is calculated based on the user\. If the process is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it's running as any other user, it defaults to being in the user's home directory\.
364
239
  .IP "\(bu" 4
365
240
  \fIDefault\fR: \fBUnix/Linux: /etc/puppetlabs/puppet \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\eetc \-\- Non\-root user: ~/\.puppetlabs/etc/puppet\fR
366
- .
367
241
  .IP "" 0
368
- .
369
242
  .SS "config"
370
243
  The configuration file for the current puppet application\.
371
- .
372
244
  .IP "\(bu" 4
373
245
  \fIDefault\fR: \fB$confdir/${config_file_name}\fR
374
- .
375
246
  .IP "" 0
376
- .
377
247
  .SS "config_file_name"
378
248
  The name of the puppet config file\.
379
- .
380
249
  .IP "\(bu" 4
381
250
  \fIDefault\fR: \fBpuppet\.conf\fR
382
- .
383
251
  .IP "" 0
384
- .
385
252
  .SS "config_version"
386
253
  How to determine the configuration version\. By default, it will be the time that the configuration is parsed, but you can provide a shell script to override how the version is determined\. The output of this script will be added to every log message in the reports, allowing you to correlate changes on your hosts to the source version on the server\.
387
- .
388
254
  .P
389
255
  Setting a global value for config_version in puppet\.conf is not allowed (but it can be overridden from the commandline)\. Please set a per\-environment value in environment\.conf instead\. For more info, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
390
- .
391
256
  .SS "configprint"
392
- Prints the value of a specific configuration setting\. If the name of a setting is provided for this, then the value is printed and puppet exits\. Comma\-separate multiple values\. For a list of all values, specify \'all\'\. This setting is deprecated, the \'puppet config\' command replaces this functionality\.
393
- .
257
+ Prints the value of a specific configuration setting\. If the name of a setting is provided for this, then the value is printed and puppet exits\. Comma\-separate multiple values\. For a list of all values, specify 'all'\. This setting is deprecated, the 'puppet config' command replaces this functionality\.
394
258
  .SS "crl_refresh_interval"
395
- How often the Puppet agent refreshes its local CRL\. By default the CRL is only downloaded once, and never refreshed\. If a duration is specified, then the agent will refresh its CRL whenever it next runs and the elapsed time since the CRL was last refreshed exceeds the duration\.
396
- .
259
+ How often the Puppet agent refreshes its local Certificate Revocation List (CRL)\. By default, the CRL is refreshed every 24 hours\. If a different interval is specified, the agent refreshes its CRL on the next Puppet agent run if the elapsed time since the CRL was last refreshed exceeds the specified interval\.
397
260
  .P
398
- In general, the duration should be greater than the \fBruninterval\fR\. Setting it to an equal or lesser value will cause the CRL to be refreshed on every run\.
399
- .
261
+ In general, the interval should be greater than the \fBruninterval\fR value\. Setting the \fBcrl_refresh_interval\fR value to 0 or an equal or lesser value than \fBruninterval\fR causes the CRL to be refreshed on every run\.
400
262
  .P
401
263
  If the agent downloads a new CRL, the agent will use it for subsequent network requests\. If the refresh request fails or if the CRL is unchanged on the server, then the agent run will continue using the local CRL it already has\.This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
402
- .
403
264
  .IP "\(bu" 4
404
- \fIDefault\fR: ``
405
- .
265
+ \fIDefault\fR: \fB1d\fR
406
266
  .IP "" 0
407
- .
408
267
  .SS "csr_attributes"
409
268
  An optional file containing custom attributes to add to certificate signing requests (CSRs)\. You should ensure that this file does not exist on your CA Puppet Server; if it does, unwanted certificate extensions may leak into certificates created with the \fBpuppetserver ca generate\fR command\.
410
- .
411
269
  .P
412
270
  If present, this file must be a YAML hash containing a \fBcustom_attributes\fR key and/or an \fBextension_requests\fR key\. The value of each key must be a hash, where each key is a valid OID and each value is an object that can be cast to a string\.
413
- .
414
271
  .P
415
272
  Custom attributes can be used by the CA when deciding whether to sign the certificate, but are then discarded\. Attribute OIDs can be any OID value except the standard CSR attributes (i\.e\. attributes described in RFC 2985 section 5\.4)\. This is useful for embedding a pre\-shared key for autosigning policy executables (see the \fBautosign\fR setting), often by using the \fB1\.2\.840\.113549\.1\.9\.7\fR ("challenge password") OID\.
416
- .
417
273
  .P
418
- Extension requests will be permanently embedded in the final certificate\. Extension OIDs must be in the "ppRegCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.1\fR), "ppPrivCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.2\fR), or "ppAuthCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.3\fR) OID arcs\. The ppRegCertExt arc is reserved for four of the most common pieces of data to embed: \fBpp_uuid\fR (\fB\.1\fR), \fBpp_instance_id\fR (\fB\.2\fR), \fBpp_image_name\fR (\fB\.3\fR), and \fBpp_preshared_key\fR (\fB\.4\fR) \-\-\- in the YAML file, these can be referred to by their short descriptive names instead of their full OID\. The ppPrivCertExt arc is unregulated, and can be used for site\-specific extensions\. The ppAuthCert arc is reserved for two pieces of data to embed: \fBpp_authorization\fR (\fB\.1\fR) and \fBpp_auth_role\fR (\fB\.13\fR)\. As with ppRegCertExt, in the YAML file, these can be referred to by their short descriptive name instead of their full OID\.
419
- .
274
+ Extension requests will be permanently embedded in the final certificate\. Extension OIDs must be in the "ppRegCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.1\fR), "ppPrivCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.2\fR), or "ppAuthCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.3\fR) OID arcs\. The ppRegCertExt arc is reserved for four of the most common pieces of data to embed: \fBpp_uuid\fR (\fB\.1\fR), \fBpp_instance_id\fR (\fB\.2\fR), \fBpp_image_name\fR (\fB\.3\fR), and \fBpp_preshared_key\fR (\fB\.4\fR) \-\- in the YAML file, these can be referred to by their short descriptive names instead of their full OID\. The ppPrivCertExt arc is unregulated, and can be used for site\-specific extensions\. The ppAuthCert arc is reserved for two pieces of data to embed: \fBpp_authorization\fR (\fB\.1\fR) and \fBpp_auth_role\fR (\fB\.13\fR)\. As with ppRegCertExt, in the YAML file, these can be referred to by their short descriptive name instead of their full OID\.
420
275
  .IP "\(bu" 4
421
276
  \fIDefault\fR: \fB$confdir/csr_attributes\.yaml\fR
422
- .
423
277
  .IP "" 0
424
- .
425
278
  .SS "csrdir"
426
279
  Where the CA stores certificate requests\.
427
- .
428
280
  .IP "\(bu" 4
429
281
  \fIDefault\fR: \fB$cadir/requests\fR
430
- .
431
282
  .IP "" 0
432
- .
433
283
  .SS "daemonize"
434
284
  Whether to send the process into the background\. This defaults to true on POSIX systems, and to false on Windows (where Puppet currently cannot daemonize)\.
435
- .
436
285
  .IP "\(bu" 4
437
286
  \fIDefault\fR: \fBtrue\fR
438
- .
439
287
  .IP "" 0
440
- .
441
288
  .SS "data_binding_terminus"
442
- This setting has been deprecated\. Use of any value other than \'hiera\' should instead be configured in a version 5 hiera\.yaml\. Until this setting is removed, it controls which data binding terminus to use for global automatic data binding (across all environments)\. By default this value is \'hiera\'\. A value of \'none\' turns off the global binding\.
443
- .
289
+ This setting has been deprecated\. Use of any value other than 'hiera' should instead be configured in a version 5 hiera\.yaml\. Until this setting is removed, it controls which data binding terminus to use for global automatic data binding (across all environments)\. By default this value is 'hiera'\. A value of 'none' turns off the global binding\.
444
290
  .IP "\(bu" 4
445
291
  \fIDefault\fR: \fBhiera\fR
446
- .
447
292
  .IP "" 0
448
- .
449
293
  .SS "default_file_terminus"
450
294
  The default source for files if no server is given in a uri, e\.g\. puppet:///file\. The default of \fBrest\fR causes the file to be retrieved using the \fBserver\fR setting\. When running \fBapply\fR the default is \fBfile_server\fR, causing requests to be filled locally\.
451
- .
452
295
  .IP "\(bu" 4
453
296
  \fIDefault\fR: \fBrest\fR
454
- .
455
297
  .IP "" 0
456
- .
457
298
  .SS "default_manifest"
458
- The default main manifest for directory environments\. Any environment that doesn\'t set the \fBmanifest\fR setting in its \fBenvironment\.conf\fR file will use this manifest\.
459
- .
299
+ The default main manifest for directory environments\. Any environment that doesn't set the \fBmanifest\fR setting in its \fBenvironment\.conf\fR file will use this manifest\.
460
300
  .P
461
- This setting\'s value can be an absolute or relative path\. An absolute path will make all environments default to the same main manifest; a relative path will allow each environment to use its own manifest, and Puppet will resolve the path relative to each environment\'s main directory\.
462
- .
301
+ This setting's value can be an absolute or relative path\. An absolute path will make all environments default to the same main manifest; a relative path will allow each environment to use its own manifest, and Puppet will resolve the path relative to each environment's main directory\.
463
302
  .P
464
303
  In either case, the path can point to a single file or to a directory of manifests to be evaluated in alphabetical order\.
465
- .
466
304
  .IP "\(bu" 4
467
305
  \fIDefault\fR: \fB\./manifests\fR
468
- .
469
306
  .IP "" 0
470
- .
471
307
  .SS "default_schedules"
472
308
  Boolean; whether to generate the default schedule resources\. Setting this to false is useful for keeping external report processors clean of skipped schedule resources\.
473
- .
474
309
  .IP "\(bu" 4
475
310
  \fIDefault\fR: \fBtrue\fR
476
- .
477
311
  .IP "" 0
478
- .
479
312
  .SS "deviceconfdir"
480
- The root directory of devices\' $confdir\.
481
- .
313
+ The root directory of devices' $confdir\.
482
314
  .IP "\(bu" 4
483
315
  \fIDefault\fR: \fB$confdir/devices\fR
484
- .
485
316
  .IP "" 0
486
- .
487
317
  .SS "deviceconfig"
488
318
  Path to the device config file for puppet device\.
489
- .
490
319
  .IP "\(bu" 4
491
320
  \fIDefault\fR: \fB$confdir/device\.conf\fR
492
- .
493
321
  .IP "" 0
494
- .
495
322
  .SS "devicedir"
496
- The root directory of devices\' $vardir\.
497
- .
323
+ The root directory of devices' $vardir\.
498
324
  .IP "\(bu" 4
499
325
  \fIDefault\fR: \fB$vardir/devices\fR
500
- .
501
326
  .IP "" 0
502
- .
503
327
  .SS "diff"
504
328
  Which diff command to use when printing differences between files\. This setting has no default value on Windows, as standard \fBdiff\fR is not available, but Puppet can use many third\-party diff tools\.
505
- .
506
329
  .IP "\(bu" 4
507
330
  \fIDefault\fR: \fBdiff\fR
508
- .
509
331
  .IP "" 0
510
- .
511
332
  .SS "diff_args"
512
333
  Which arguments to pass to the diff command when printing differences between files\. The command to use can be chosen with the \fBdiff\fR setting\.
513
- .
514
334
  .IP "\(bu" 4
515
335
  \fIDefault\fR: \fB\-u\fR
516
- .
517
336
  .IP "" 0
518
- .
519
337
  .SS "digest_algorithm"
520
338
  Which digest algorithm to use for file resources and the filebucket\. Valid values are sha256, sha384, sha512, sha224, md5\. Default is sha256\.
521
- .
522
339
  .IP "\(bu" 4
523
340
  \fIDefault\fR: \fBsha256\fR
524
- .
525
341
  .IP "" 0
526
- .
527
342
  .SS "disable_i18n"
528
343
  If true, turns off all translations of Puppet and module log messages, which affects error, warning, and info log messages, as well as any translations in the report and CLI\.
529
- .
530
344
  .IP "\(bu" 4
531
345
  \fIDefault\fR: \fBtrue\fR
532
- .
533
346
  .IP "" 0
534
- .
535
347
  .SS "disable_per_environment_manifest"
536
348
  Whether to disallow an environment\-specific main manifest\. When set to \fBtrue\fR, Puppet will use the manifest specified in the \fBdefault_manifest\fR setting for all environments\. If an environment specifies a different main manifest in its \fBenvironment\.conf\fR file, catalog requests for that environment will fail with an error\.
537
- .
538
349
  .P
539
350
  This setting requires \fBdefault_manifest\fR to be set to an absolute path\.
540
- .
541
351
  .IP "\(bu" 4
542
352
  \fIDefault\fR: \fBfalse\fR
543
- .
544
353
  .IP "" 0
545
- .
546
354
  .SS "disable_warnings"
547
- A comma\-separated list of warning types to suppress\. If large numbers of warnings are making Puppet\'s logs too large or difficult to use, you can temporarily silence them with this setting\.
548
- .
355
+ A comma\-separated list of warning types to suppress\. If large numbers of warnings are making Puppet's logs too large or difficult to use, you can temporarily silence them with this setting\.
549
356
  .P
550
357
  If you are preparing to upgrade Puppet to a new major version, you should re\-enable all warnings for a while\.
551
- .
552
358
  .P
553
359
  Valid values for this setting are:
554
- .
555
360
  .IP "\(bu" 4
556
- \fBdeprecations\fR \-\-\- disables deprecation warnings\.
557
- .
361
+ \fBdeprecations\fR \-\- disables deprecation warnings\.
558
362
  .IP "\(bu" 4
559
- \fBundefined_variables\fR \-\-\- disables warnings about non existing variables\.
560
- .
363
+ \fBundefined_variables\fR \-\- disables warnings about non existing variables\.
561
364
  .IP "\(bu" 4
562
- \fBundefined_resources\fR \-\-\- disables warnings about non existing resources\.
563
- .
365
+ \fBundefined_resources\fR \-\- disables warnings about non existing resources\.
564
366
  .IP "\(bu" 4
565
367
  \fIDefault\fR: \fB[]\fR
566
- .
567
368
  .IP "" 0
568
- .
569
369
  .SS "dns_alt_names"
570
370
  A comma\-separated list of alternate DNS names for Puppet Server\. These are extra hostnames (in addition to its \fBcertname\fR) that the server is allowed to use when serving agents\. Puppet checks this setting when automatically creating a certificate for Puppet agent or Puppet Server\. These can be either IP or DNS, and the type should be specified and followed with a colon\. Untyped inputs will default to DNS\.
571
- .
572
371
  .P
573
- In order to handle agent requests at a given hostname (like "puppet\.example\.com"), Puppet Server needs a certificate that proves it\'s allowed to use that name; if a server shows a certificate that doesn\'t include its hostname, Puppet agents will refuse to trust it\. If you use a single hostname for Puppet traffic but load\-balance it to multiple Puppet Servers, each of those servers needs to include the official hostname in its list of extra names\.
574
- .
372
+ In order to handle agent requests at a given hostname (like "puppet\.example\.com"), Puppet Server needs a certificate that proves it's allowed to use that name; if a server shows a certificate that doesn't include its hostname, Puppet agents will refuse to trust it\. If you use a single hostname for Puppet traffic but load\-balance it to multiple Puppet Servers, each of those servers needs to include the official hostname in its list of extra names\.
575
373
  .P
576
- \fBNote:\fR The list of alternate names is locked in when the server\'s certificate is signed\. If you need to change the list later, you can\'t just change this setting; you also need to regenerate the certificate\. For more information on that process, see the cert regen docs \fIhttps://puppet\.com/docs/puppet/latest/ssl_regenerate_certificates\.html\fR\.
577
- .
374
+ \fBNote:\fR The list of alternate names is locked in when the server's certificate is signed\. If you need to change the list later, you can't just change this setting; you also need to regenerate the certificate\. For more information on that process, see the cert regen docs \fIhttps://puppet\.com/docs/puppet/latest/ssl_regenerate_certificates\.html\fR\.
578
375
  .P
579
- To see all the alternate names your servers are using, log into your CA server and run \fBpuppetserver ca list \-\-all\fR, then check the output for \fB(alt names: \.\.\.)\fR\. Most agent nodes should NOT have alternate names; the only certs that should have them are Puppet Server nodes that you want other agents to trust\.
580
- .
376
+ To see all the alternate names your servers are using, log into your CA server and run \fBpuppetserver ca list \-\-all\fR, then check the output for \fB(alt names: \|\.\|\.\|\.)\fR\. Most agent nodes should NOT have alternate names; the only certs that should have them are Puppet Server nodes that you want other agents to trust\.
581
377
  .SS "document_all"
582
378
  Whether to document all resources when using \fBpuppet doc\fR to generate manifest documentation\.
583
- .
584
379
  .IP "\(bu" 4
585
380
  \fIDefault\fR: \fBfalse\fR
586
- .
587
381
  .IP "" 0
588
- .
589
382
  .SS "environment"
590
383
  The environment in which Puppet is running\. For clients, such as \fBpuppet agent\fR, this determines the environment itself, which Puppet uses to find modules and much more\. For servers, such as \fBpuppet server\fR, this provides the default environment for nodes that Puppet knows nothing about\.
591
- .
592
384
  .P
593
- When defining an environment in the \fB[agent]\fR section, this refers to the environment that the agent requests from the primary server\. The environment doesn\'t have to exist on the local filesystem because the agent fetches it from the primary server\. This definition is used when running \fBpuppet agent\fR\.
594
- .
385
+ When defining an environment in the \fB[agent]\fR section, this refers to the environment that the agent requests from the primary server\. The environment doesn't have to exist on the local filesystem because the agent fetches it from the primary server\. This definition is used when running \fBpuppet agent\fR\.
595
386
  .P
596
387
  When defined in the \fB[user]\fR section, the environment refers to the path that Puppet uses to search for code and modules related to its execution\. This requires the environment to exist locally on the filesystem where puppet is being executed\. Puppet subcommands, including \fBpuppet module\fR and \fBpuppet apply\fR, use this definition\.
597
- .
598
388
  .P
599
389
  Given that the context and effects vary depending on the config section \fIhttps://puppet\.com/docs/puppet/latest/config_file_main\.html#config\-sections\fR in which the \fBenvironment\fR setting is defined, do not set it globally\.
600
- .
601
390
  .IP "\(bu" 4
602
391
  \fIDefault\fR: \fBproduction\fR
603
- .
604
392
  .IP "" 0
605
- .
606
393
  .SS "environment_data_provider"
607
- The name of a registered environment data provider used when obtaining environment specific data\. The three built in and registered providers are \'none\' (no data), \'function\' (data obtained by calling the function \'environment::data()\') and \'hiera\' (data obtained using a data provider configured using a hiera\.yaml file in root of the environment)\. Other environment data providers may be registered in modules on the module path\. For such custom data providers see the respective module documentation\. This setting is deprecated\.
608
- .
394
+ The name of a registered environment data provider used when obtaining environment specific data\. The three built in and registered providers are 'none' (no data), 'function' (data obtained by calling the function 'environment::data()') and 'hiera' (data obtained using a data provider configured using a hiera\.yaml file in root of the environment)\. Other environment data providers may be registered in modules on the module path\. For such custom data providers see the respective module documentation\. This setting is deprecated\.
609
395
  .IP "\(bu" 4
610
396
  \fIDefault\fR: ``
611
- .
612
397
  .IP "" 0
613
- .
614
398
  .SS "environment_timeout"
615
399
  How long the Puppet server should cache data it loads from an environment\.
616
- .
617
400
  .P
618
- A value of \fB0\fR will disable caching\. This setting can also be set to \fBunlimited\fR, which will cache environments until the server is restarted or told to refresh the cache\. All other values will result in Puppet server evicting environments that haven\'t been used within the last \fBenvironment_timeout\fR seconds\.
619
- .
401
+ A value of \fB0\fR will disable caching\. This setting can also be set to \fBunlimited\fR, which will cache environments until the server is restarted or told to refresh the cache\. All other values will result in Puppet server evicting environments that haven't been used within the last \fBenvironment_timeout\fR seconds\.
620
402
  .P
621
403
  You should change this setting once your Puppet deployment is doing non\-trivial work\. We chose the default value of \fB0\fR because it lets new users update their code without any extra steps, but it lowers the performance of your Puppet server\. We recommend either:
622
- .
623
404
  .IP "\(bu" 4
624
405
  Setting this to \fBunlimited\fR and explicitly refreshing your Puppet server as part of your code deployment process\.
625
- .
626
406
  .IP "\(bu" 4
627
407
  Setting this to a number that will keep your most actively used environments cached, but allow testing environments to fall out of the cache and reduce memory usage\. A value of 3 minutes (3m) is a reasonable value\.
628
- .
629
408
  .IP "" 0
630
- .
631
409
  .P
632
410
  Once you set \fBenvironment_timeout\fR to a non\-zero value, you need to tell Puppet server to read new code from disk using the \fBenvironment\-cache\fR API endpoint after you deploy new code\. See the docs for the Puppet Server administrative API \fIhttps://puppet\.com/docs/puppetserver/latest/admin\-api/v1/environment\-cache\.html\fR\.
633
- .
634
411
  .IP "\(bu" 4
635
412
  \fIDefault\fR: \fB0\fR
636
- .
637
413
  .IP "" 0
638
- .
639
414
  .SS "environmentpath"
640
- A search path for directory environments, as a list of directories separated by the system path separator character\. (The POSIX path separator is \':\', and the Windows path separator is \';\'\.)
641
- .
415
+ A search path for directory environments, as a list of directories separated by the system path separator character\. (The POSIX path separator is ':', and the Windows path separator is ';'\.)
642
416
  .P
643
417
  This setting must have a value set to enable \fBdirectory environments\.\fR The recommended value is \fB$codedir/environments\fR\. For more details, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
644
- .
645
418
  .IP "\(bu" 4
646
419
  \fIDefault\fR: \fB$codedir/environments\fR
647
- .
648
420
  .IP "" 0
649
- .
650
421
  .SS "evaltrace"
651
422
  Whether each resource should log when it is being evaluated\. This allows you to interactively see exactly what is being done\.
652
- .
653
423
  .IP "\(bu" 4
654
424
  \fIDefault\fR: \fBfalse\fR
655
- .
656
425
  .IP "" 0
657
- .
658
426
  .SS "exclude_unchanged_resources"
659
- When set to true, resources that have had no changes after catalog application will not have corresponding unchanged resource status updates listed in the report\.
660
- .
427
+ Specifies how unchanged resources are listed in reports\. When set to \fBtrue\fR, resources that have had no changes after catalog application will not have corresponding unchanged resource status updates listed in a report\.
661
428
  .IP "\(bu" 4
662
- \fIDefault\fR: \fBfalse\fR
663
- .
429
+ \fIDefault\fR: \fBtrue\fR
664
430
  .IP "" 0
665
- .
666
431
  .SS "external_nodes"
667
432
  The external node classifier (ENC) script to use for node data\. Puppet combines this data with the main manifest to produce node catalogs\.
668
- .
669
433
  .P
670
434
  To enable this setting, set the \fBnode_terminus\fR setting to \fBexec\fR\.
671
- .
672
435
  .P
673
- This setting\'s value must be the path to an executable command that can produce node information\. The command must:
674
- .
436
+ This setting's value must be the path to an executable command that can produce node information\. The command must:
675
437
  .IP "\(bu" 4
676
438
  Take the name of a node as a command\-line argument\.
677
- .
678
439
  .IP "\(bu" 4
679
- .
440
+ Return a YAML hash with up to three keys:
680
441
  .IP "\(bu" 4
681
- \fBclasses\fR \-\-\- A list of classes, as an array or hash\.
682
- .
442
+ \fBclasses\fR \-\- A list of classes, as an array or hash\.
683
443
  .IP "\(bu" 4
684
- \fBenvironment\fR \-\-\- A string\.
685
- .
444
+ \fBenvironment\fR \-\- A string\.
686
445
  .IP "\(bu" 4
687
- \fBparameters\fR \-\-\- A list of top\-scope variables to set, as a hash\.
688
- .
446
+ \fBparameters\fR \-\- A list of top\-scope variables to set, as a hash\.
689
447
  .IP "" 0
690
448
 
691
- .
692
449
  .IP "\(bu" 4
693
450
  For unknown nodes, exit with a non\-zero exit code\.
694
- .
695
451
  .IP "" 0
696
- .
697
452
  .P
698
453
  Generally, an ENC script makes requests to an external data source\.
699
- .
700
454
  .P
701
455
  For more info, see the ENC documentation \fIhttps://puppet\.com/docs/puppet/latest/nodes_external\.html\fR\.
702
- .
703
456
  .IP "\(bu" 4
704
457
  \fIDefault\fR: \fBnone\fR
705
- .
706
458
  .IP "" 0
707
- .
708
459
  .SS "fact_name_length_soft_limit"
709
460
  The soft limit for the length of a fact name\.
710
- .
711
461
  .IP "\(bu" 4
712
462
  \fIDefault\fR: \fB2560\fR
713
- .
714
463
  .IP "" 0
715
- .
716
464
  .SS "fact_value_length_soft_limit"
717
465
  The soft limit for the length of a fact value\.
718
- .
719
466
  .IP "\(bu" 4
720
467
  \fIDefault\fR: \fB4096\fR
721
- .
722
468
  .IP "" 0
723
- .
724
469
  .SS "factpath"
725
- Where Puppet should look for facts\. Multiple directories should be separated by the system path separator character\. (The POSIX path separator is \':\', and the Windows path separator is \';\'\.)
726
- .
470
+ Where Puppet should look for facts\. Multiple directories should be separated by the system path separator character\. (The POSIX path separator is ':', and the Windows path separator is ';'\.)
727
471
  .IP "\(bu" 4
728
472
  \fIDefault\fR: \fB$vardir/lib/facter:$vardir/facts\fR
729
- .
730
473
  .IP "" 0
731
- .
732
474
  .SS "facts_terminus"
733
475
  The node facts terminus\.
734
- .
735
476
  .IP "\(bu" 4
736
477
  \fIDefault\fR: \fBfacter\fR
737
- .
738
478
  .IP "" 0
739
- .
740
479
  .SS "fileserverconfig"
741
480
  Where the fileserver configuration is stored\.
742
- .
743
481
  .IP "\(bu" 4
744
482
  \fIDefault\fR: \fB$confdir/fileserver\.conf\fR
745
- .
746
483
  .IP "" 0
747
- .
748
484
  .SS "filetimeout"
749
- The minimum time to wait between checking for updates in configuration files\. This timeout determines how quickly Puppet checks whether a file (such as manifests or puppet\.conf) has changed on disk\. The default will change in a future release to be \'unlimited\', requiring a reload of the Puppet service to pick up changes to its internal configuration\. Currently we do not accept a value of \'unlimited\'\. To reparse files within an environment in Puppet Server please use the environment_cache endpoint
750
- .
485
+ The minimum time to wait between checking for updates in configuration files\. This timeout determines how quickly Puppet checks whether a file (such as manifests or puppet\.conf) has changed on disk\. The default will change in a future release to be 'unlimited', requiring a reload of the Puppet service to pick up changes to its internal configuration\. Currently we do not accept a value of 'unlimited'\. To reparse files within an environment in Puppet Server please use the environment_cache endpoint
751
486
  .IP "\(bu" 4
752
487
  \fIDefault\fR: \fB15s\fR
753
- .
754
488
  .IP "" 0
755
- .
756
489
  .SS "forge_authorization"
757
490
  The authorization key to connect to the Puppet Forge\. Leave blank for unauthorized or license based connections
758
- .
759
491
  .IP "\(bu" 4
760
492
  \fIDefault\fR: ``
761
- .
762
493
  .IP "" 0
763
- .
764
494
  .SS "freeze_main"
765
- Freezes the \'main\' class, disallowing any code to be added to it\. This essentially means that you can\'t have any code outside of a node, class, or definition other than in the site manifest\.
766
- .
495
+ Freezes the 'main' class, disallowing any code to be added to it\. This essentially means that you can't have any code outside of a node, class, or definition other than in the site manifest\.
767
496
  .IP "\(bu" 4
768
497
  \fIDefault\fR: \fBfalse\fR
769
- .
770
498
  .IP "" 0
771
- .
772
499
  .SS "genconfig"
773
500
  When true, causes Puppet applications to print an example config file to stdout and exit\. The example will include descriptions of each setting, and the current (or default) value of each setting, incorporating any settings overridden on the CLI (with the exception of \fBgenconfig\fR itself)\. This setting only makes sense when specified on the command line as \fB\-\-genconfig\fR\.
774
- .
775
501
  .IP "\(bu" 4
776
502
  \fIDefault\fR: \fBfalse\fR
777
- .
778
503
  .IP "" 0
779
- .
780
504
  .SS "genmanifest"
781
505
  Whether to just print a manifest to stdout and exit\. Only makes sense when specified on the command line as \fB\-\-genmanifest\fR\. Takes into account arguments specified on the CLI\.
782
- .
783
506
  .IP "\(bu" 4
784
507
  \fIDefault\fR: \fBfalse\fR
785
- .
786
508
  .IP "" 0
787
- .
788
509
  .SS "graph"
789
- Whether to create \.dot graph files, which let you visualize the dependency and containment relationships in Puppet\'s catalog\. You can load and view these files with tools like OmniGraffle \fIhttp://www\.omnigroup\.com/applications/omnigraffle/\fR (OS X) or graphviz \fIhttp://www\.graphviz\.org/\fR (multi\-platform)\.
790
- .
510
+ Whether to create \.dot graph files, which let you visualize the dependency and containment relationships in Puppet's catalog\. You can load and view these files with tools like OmniGraffle \fIhttp://www\.omnigroup\.com/applications/omnigraffle/\fR (OS X) or graphviz \fIhttp://www\.graphviz\.org/\fR (multi\-platform)\.
791
511
  .P
792
512
  Graph files are created when \fIapplying\fR a catalog, so this setting should be used on nodes running \fBpuppet agent\fR or \fBpuppet apply\fR\.
793
- .
794
513
  .P
795
- The \fBgraphdir\fR setting determines where Puppet will save graphs\. Note that we don\'t save graphs for historical runs; Puppet will replace the previous \.dot files with new ones every time it applies a catalog\.
796
- .
514
+ The \fBgraphdir\fR setting determines where Puppet will save graphs\. Note that we don't save graphs for historical runs; Puppet will replace the previous \.dot files with new ones every time it applies a catalog\.
797
515
  .P
798
- See your graphing software\'s documentation for details on opening \.dot files\. If you\'re using GraphViz\'s \fBdot\fR command, you can do a quick PNG render with \fBdot \-Tpng <DOT FILE> \-o <OUTPUT FILE>\fR\.
799
- .
516
+ See your graphing software's documentation for details on opening \.dot files\. If you're using GraphViz's \fBdot\fR command, you can do a quick PNG render with \fBdot \-Tpng <DOT FILE> \-o <OUTPUT FILE>\fR\.
800
517
  .IP "\(bu" 4
801
518
  \fIDefault\fR: \fBfalse\fR
802
- .
803
519
  .IP "" 0
804
- .
805
520
  .SS "graphdir"
806
521
  Where to save \.dot\-format graphs (when the \fBgraph\fR setting is enabled)\.
807
- .
808
522
  .IP "\(bu" 4
809
523
  \fIDefault\fR: \fB$statedir/graphs\fR
810
- .
811
524
  .IP "" 0
812
- .
813
525
  .SS "group"
814
526
  The group Puppet Server will run as\. Used to ensure the agent side processes (agent, apply, etc) create files and directories readable by Puppet Server when necessary\.
815
- .
816
527
  .IP "\(bu" 4
817
528
  \fIDefault\fR: \fBpuppet\fR
818
- .
819
529
  .IP "" 0
820
- .
821
530
  .SS "hiera_config"
822
531
  The hiera configuration file\. Puppet only reads this file on startup, so you must restart the puppet server every time you edit it\.
823
- .
824
532
  .IP "\(bu" 4
825
533
  \fIDefault\fR: \fB$confdir/hiera\.yaml\. However, for backwards compatibility, if a file exists at $codedir/hiera\.yaml, Puppet uses that instead\.\fR
826
- .
827
534
  .IP "" 0
828
- .
829
535
  .SS "hostcert"
830
536
  Where individual hosts store and look for their certificates\.
831
- .
832
537
  .IP "\(bu" 4
833
538
  \fIDefault\fR: \fB$certdir/$certname\.pem\fR
834
- .
835
539
  .IP "" 0
836
- .
540
+ .SS "hostcert_renewal_interval"
541
+ How often the Puppet agent renews its client certificate\. By default, the client certificate is renewed 30 days before the certificate expires\. If a different interval is specified, the agent renews its client certificate during the next agent run, assuming that the client certificate has expired within the specified duration\.
542
+ .P
543
+ In general, the \fBhostcert_renewal_interval\fR value should be greater than the \fBruninterval\fR value\. Setting the \fBhostcert_renewal_interval\fR value to 0 disables automatic renewal\.
544
+ .P
545
+ If the agent downloads a new certificate, the agent will use it for subsequent network requests\. If the refresh request fails, the agent run continues to use its existing certificate\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
546
+ .IP "\(bu" 4
547
+ \fIDefault\fR: \fB30d\fR
548
+ .IP "" 0
837
549
  .SS "hostcrl"
838
- Where the host\'s certificate revocation list can be found\. This is distinct from the certificate authority\'s CRL\.
839
- .
550
+ Where the host's certificate revocation list can be found\. This is distinct from the certificate authority's CRL\.
840
551
  .IP "\(bu" 4
841
552
  \fIDefault\fR: \fB$ssldir/crl\.pem\fR
842
- .
843
553
  .IP "" 0
844
- .
845
554
  .SS "hostcsr"
846
555
  Where individual hosts store their certificate request (CSR) while waiting for the CA to issue their certificate\.
847
- .
848
556
  .IP "\(bu" 4
849
557
  \fIDefault\fR: \fB$requestdir/$certname\.pem\fR
850
- .
851
558
  .IP "" 0
852
- .
853
559
  .SS "hostprivkey"
854
560
  Where individual hosts store and look for their private key\.
855
- .
856
561
  .IP "\(bu" 4
857
562
  \fIDefault\fR: \fB$privatekeydir/$certname\.pem\fR
858
- .
859
563
  .IP "" 0
860
- .
861
564
  .SS "hostpubkey"
862
565
  Where individual hosts store and look for their public key\.
863
- .
864
566
  .IP "\(bu" 4
865
567
  \fIDefault\fR: \fB$publickeydir/$certname\.pem\fR
866
- .
867
568
  .IP "" 0
868
- .
869
569
  .SS "http_connect_timeout"
870
570
  The maximum amount of time to wait when establishing an HTTP connection\. The default value is 2 minutes\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
871
- .
872
571
  .IP "\(bu" 4
873
572
  \fIDefault\fR: \fB2m\fR
874
- .
875
573
  .IP "" 0
876
- .
877
574
  .SS "http_debug"
878
575
  Whether to write HTTP request and responses to stderr\. This should never be used in a production environment\.
879
- .
880
576
  .IP "\(bu" 4
881
577
  \fIDefault\fR: \fBfalse\fR
882
- .
883
578
  .IP "" 0
884
- .
885
579
  .SS "http_extra_headers"
886
580
  The list of extra headers that will be sent with http requests to the primary server\. The header definition consists of a name and a value separated by a colon\.
887
- .
888
581
  .IP "\(bu" 4
889
582
  \fIDefault\fR: \fB[]\fR
890
- .
891
583
  .IP "" 0
892
- .
893
584
  .SS "http_keepalive_timeout"
894
585
  The maximum amount of time a persistent HTTP connection can remain idle in the connection pool, before it is closed\. This timeout should be shorter than the keepalive timeout used on the HTTP server, e\.g\. Apache KeepAliveTimeout directive\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
895
- .
896
586
  .IP "\(bu" 4
897
587
  \fIDefault\fR: \fB4s\fR
898
- .
899
588
  .IP "" 0
900
- .
901
589
  .SS "http_proxy_host"
902
- The HTTP proxy host to use for outgoing connections\. The proxy will be bypassed if the server\'s hostname matches the NO_PROXY environment variable or \fBno_proxy\fR setting\. Note: You may need to use a FQDN for the server hostname when using a proxy\. Environment variable http_proxy or HTTP_PROXY will override this value\.
903
- .
590
+ The HTTP proxy host to use for outgoing connections\. The proxy will be bypassed if the server's hostname matches the NO_PROXY environment variable or \fBno_proxy\fR setting\. Note: You may need to use a FQDN for the server hostname when using a proxy\. Environment variable http_proxy or HTTP_PROXY will override this value\.
904
591
  .IP "\(bu" 4
905
592
  \fIDefault\fR: \fBnone\fR
906
- .
907
593
  .IP "" 0
908
- .
909
594
  .SS "http_proxy_password"
910
595
  The password for the user of an authenticated HTTP proxy\. Requires the \fBhttp_proxy_user\fR setting\.
911
- .
912
596
  .P
913
597
  Note that passwords must be valid when used as part of a URL\. If a password contains any characters with special meanings in URLs (as specified by RFC 3986 section 2\.2), they must be URL\-encoded\. (For example, \fB#\fR would become \fB%23\fR\.)
914
- .
915
598
  .IP "\(bu" 4
916
599
  \fIDefault\fR: \fBnone\fR
917
- .
918
600
  .IP "" 0
919
- .
920
601
  .SS "http_proxy_port"
921
602
  The HTTP proxy port to use for outgoing connections
922
- .
923
603
  .IP "\(bu" 4
924
604
  \fIDefault\fR: \fB3128\fR
925
- .
926
605
  .IP "" 0
927
- .
928
606
  .SS "http_proxy_user"
929
607
  The user name for an authenticated HTTP proxy\. Requires the \fBhttp_proxy_host\fR setting\.
930
- .
931
608
  .IP "\(bu" 4
932
609
  \fIDefault\fR: \fBnone\fR
933
- .
934
610
  .IP "" 0
935
- .
936
611
  .SS "http_read_timeout"
937
612
  The time to wait for data to be read from an HTTP connection\. If nothing is read after the elapsed interval then the connection will be closed\. The default value is 10 minutes\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
938
- .
939
613
  .IP "\(bu" 4
940
614
  \fIDefault\fR: \fB10m\fR
941
- .
942
615
  .IP "" 0
943
- .
944
616
  .SS "http_user_agent"
945
617
  The HTTP User\-Agent string to send when making network requests\.
946
- .
947
618
  .IP "\(bu" 4
948
- \fIDefault\fR: \fBPuppet/7\.35\.0 Ruby/3\.1\.1\-p18 (x86_64\-linux)\fR
949
- .
619
+ \fIDefault\fR: \fBPuppet/<version> Ruby/<version> (<architecture>)\fR
950
620
  .IP "" 0
951
- .
952
621
  .SS "ignore_plugin_errors"
953
622
  Whether the puppet run should ignore errors during pluginsync\. If the setting is false and there are errors during pluginsync, then the agent will abort the run and submit a report containing information about the failed run\.
954
- .
955
623
  .IP "\(bu" 4
956
624
  \fIDefault\fR: \fBfalse\fR
957
- .
958
625
  .IP "" 0
959
- .
960
626
  .SS "ignoremissingtypes"
961
627
  Skip searching for classes and definitions that were missing during a prior compilation\. The list of missing objects is maintained per\-environment and persists until the environment is cleared or the primary server is restarted\.
962
- .
963
628
  .IP "\(bu" 4
964
629
  \fIDefault\fR: \fBfalse\fR
965
- .
966
630
  .IP "" 0
967
- .
968
631
  .SS "ignoreschedules"
969
632
  Boolean; whether puppet agent should ignore schedules\. This is useful for initial puppet agent runs\.
970
- .
971
633
  .IP "\(bu" 4
972
634
  \fIDefault\fR: \fBfalse\fR
973
- .
974
635
  .IP "" 0
975
- .
976
636
  .SS "include_legacy_facts"
977
- Whether to include legacy facts when requesting a catalog\. This option can be set to false provided all puppet manifests, hiera\.yaml and hiera configuration layers no longer access legacy facts, such as \fB$osfamily\fR, and instead access structured facts, such as \fB$facts[\'os\'][\'family\']\fR\.
978
- .
637
+ Whether to include legacy facts when requesting a catalog\. This option can be set to \fBfalse\fR if all puppet manifests, hiera\.yaml, and hiera configuration layers no longer access legacy facts, such as \fB$osfamily\fR, and instead access structured facts, such as \fB$facts['os']['family']\fR\.
979
638
  .IP "\(bu" 4
980
- \fIDefault\fR: \fBtrue\fR
981
- .
639
+ \fIDefault\fR: \fBfalse\fR
982
640
  .IP "" 0
983
- .
984
641
  .SS "key_type"
985
642
  The type of private key\. Valid values are \fBrsa\fR and \fBec\fR\. Default is \fBrsa\fR\.
986
- .
987
643
  .IP "\(bu" 4
988
644
  \fIDefault\fR: \fBrsa\fR
989
- .
990
645
  .IP "" 0
991
- .
992
646
  .SS "keylength"
993
647
  The bit length of keys\.
994
- .
995
648
  .IP "\(bu" 4
996
649
  \fIDefault\fR: \fB4096\fR
997
- .
998
650
  .IP "" 0
999
- .
1000
651
  .SS "lastrunfile"
1001
652
  Where puppet agent stores the last run report summary in yaml format\.
1002
- .
1003
653
  .IP "\(bu" 4
1004
654
  \fIDefault\fR: \fB$publicdir/last_run_summary\.yaml\fR
1005
- .
1006
655
  .IP "" 0
1007
- .
1008
656
  .SS "lastrunreport"
1009
657
  Where Puppet Agent stores the last run report, by default, in yaml format\. The format of the report can be changed by setting the \fBcache\fR key of the \fBreport\fR terminus in the routes\.yaml \fIhttps://puppet\.com/docs/puppet/latest/config_file_routes\.html\fR file\. To avoid mismatches between content and file extension, this setting needs to be manually updated to reflect the terminus changes\.
1010
- .
1011
658
  .IP "\(bu" 4
1012
659
  \fIDefault\fR: \fB$statedir/last_run_report\.yaml\fR
1013
- .
1014
660
  .IP "" 0
1015
- .
1016
661
  .SS "ldapattrs"
1017
- The LDAP attributes to include when querying LDAP for nodes\. All returned attributes are set as variables in the top\-level scope\. Multiple values should be comma\-separated\. The value \'all\' returns all attributes\.
1018
- .
662
+ The LDAP attributes to include when querying LDAP for nodes\. All returned attributes are set as variables in the top\-level scope\. Multiple values should be comma\-separated\. The value 'all' returns all attributes\.
1019
663
  .IP "\(bu" 4
1020
664
  \fIDefault\fR: \fBall\fR
1021
- .
1022
665
  .IP "" 0
1023
- .
1024
666
  .SS "ldapbase"
1025
- The search base for LDAP searches\. It\'s impossible to provide a meaningful default here, although the LDAP libraries might have one already set\. Generally, it should be the \'ou=Hosts\' branch under your main directory\.
1026
- .
667
+ The search base for LDAP searches\. It's impossible to provide a meaningful default here, although the LDAP libraries might have one already set\. Generally, it should be the 'ou=Hosts' branch under your main directory\.
1027
668
  .SS "ldapclassattrs"
1028
669
  The LDAP attributes to use to define Puppet classes\. Values should be comma\-separated\.
1029
- .
1030
670
  .IP "\(bu" 4
1031
671
  \fIDefault\fR: \fBpuppetclass\fR
1032
- .
1033
672
  .IP "" 0
1034
- .
1035
673
  .SS "ldapparentattr"
1036
674
  The attribute to use to define the parent node\.
1037
- .
1038
675
  .IP "\(bu" 4
1039
676
  \fIDefault\fR: \fBparentnode\fR
1040
- .
1041
677
  .IP "" 0
1042
- .
1043
678
  .SS "ldappassword"
1044
679
  The password to use to connect to LDAP\.
1045
- .
1046
680
  .SS "ldapport"
1047
681
  The LDAP port\.
1048
- .
1049
682
  .IP "\(bu" 4
1050
683
  \fIDefault\fR: \fB389\fR
1051
- .
1052
684
  .IP "" 0
1053
- .
1054
685
  .SS "ldapserver"
1055
686
  The LDAP server\.
1056
- .
1057
687
  .IP "\(bu" 4
1058
688
  \fIDefault\fR: \fBldap\fR
1059
- .
1060
689
  .IP "" 0
1061
- .
1062
690
  .SS "ldapssl"
1063
691
  Whether SSL should be used when searching for nodes\. Defaults to false because SSL usually requires certificates to be set up on the client side\.
1064
- .
1065
692
  .IP "\(bu" 4
1066
693
  \fIDefault\fR: \fBfalse\fR
1067
- .
1068
694
  .IP "" 0
1069
- .
1070
695
  .SS "ldapstackedattrs"
1071
696
  The LDAP attributes that should be stacked to arrays by adding the values in all hierarchy elements of the tree\. Values should be comma\-separated\.
1072
- .
1073
697
  .IP "\(bu" 4
1074
698
  \fIDefault\fR: \fBpuppetvar\fR
1075
- .
1076
699
  .IP "" 0
1077
- .
1078
700
  .SS "ldapstring"
1079
701
  The search string used to find an LDAP node\.
1080
- .
1081
702
  .IP "\(bu" 4
1082
703
  \fIDefault\fR: \fB(&(objectclass=puppetClient)(cn=%s))\fR
1083
- .
1084
704
  .IP "" 0
1085
- .
1086
705
  .SS "ldaptls"
1087
706
  Whether TLS should be used when searching for nodes\. Defaults to false because TLS usually requires certificates to be set up on the client side\.
1088
- .
1089
707
  .IP "\(bu" 4
1090
708
  \fIDefault\fR: \fBfalse\fR
1091
- .
1092
709
  .IP "" 0
1093
- .
1094
710
  .SS "ldapuser"
1095
711
  The user to use to connect to LDAP\. Must be specified as a full DN\.
1096
- .
1097
712
  .SS "libdir"
1098
- An extra search path for Puppet\. This is only useful for those files that Puppet will load on demand, and is only guaranteed to work for those cases\. In fact, the autoload mechanism is responsible for making sure this directory is in Ruby\'s search path
1099
- .
713
+ An extra search path for Puppet\. This is only useful for those files that Puppet will load on demand, and is only guaranteed to work for those cases\. In fact, the autoload mechanism is responsible for making sure this directory is in Ruby's search path
1100
714
  .IP "\(bu" 4
1101
715
  \fIDefault\fR: \fB$vardir/lib\fR
1102
- .
1103
716
  .IP "" 0
1104
- .
1105
717
  .SS "localcacert"
1106
718
  Where each client stores the CA certificate\.
1107
- .
1108
719
  .IP "\(bu" 4
1109
720
  \fIDefault\fR: \fB$certdir/ca\.pem\fR
1110
- .
1111
721
  .IP "" 0
1112
- .
1113
722
  .SS "localedest"
1114
723
  Where Puppet should store translation files that it pulls down from the central server\.
1115
- .
1116
724
  .IP "\(bu" 4
1117
725
  \fIDefault\fR: \fB$vardir/locales\fR
1118
- .
1119
726
  .IP "" 0
1120
- .
1121
727
  .SS "localesource"
1122
728
  From where to retrieve translation files\. The standard Puppet \fBfile\fR type is used for retrieval, so anything that is a valid file source can be used here\.
1123
- .
1124
729
  .IP "\(bu" 4
1125
730
  \fIDefault\fR: \fBpuppet:///locales\fR
1126
- .
1127
731
  .IP "" 0
1128
- .
1129
732
  .SS "location_trusted"
1130
- This will allow sending the name + password and the cookie header to all hosts that puppet may redirect to\. This may or may not introduce a security breach if puppet redirects you to a site to which you\'ll send your authentication info and cookies\.
1131
- .
733
+ This will allow sending the name + password and the cookie header to all hosts that puppet may redirect to\. This may or may not introduce a security breach if puppet redirects you to a site to which you'll send your authentication info and cookies\.
1132
734
  .IP "\(bu" 4
1133
735
  \fIDefault\fR: \fBfalse\fR
1134
- .
1135
736
  .IP "" 0
1136
- .
1137
737
  .SS "log_level"
1138
738
  Default logging level for messages from Puppet\. Allowed values are:
1139
- .
1140
739
  .IP "\(bu" 4
1141
740
  debug
1142
- .
1143
741
  .IP "\(bu" 4
1144
742
  info
1145
- .
1146
743
  .IP "\(bu" 4
1147
744
  notice
1148
- .
1149
745
  .IP "\(bu" 4
1150
746
  warning
1151
- .
1152
747
  .IP "\(bu" 4
1153
748
  err
1154
- .
1155
749
  .IP "\(bu" 4
1156
750
  alert
1157
- .
1158
751
  .IP "\(bu" 4
1159
752
  emerg
1160
- .
1161
753
  .IP "\(bu" 4
1162
754
  crit
1163
- .
1164
755
  .IP "\(bu" 4
1165
756
  \fIDefault\fR: \fBnotice\fR
1166
- .
1167
757
  .IP "" 0
1168
- .
1169
758
  .SS "logdest"
1170
- Where to send log messages\. Choose between \'syslog\' (the POSIX syslog service), \'eventlog\' (the Windows Event Log), \'console\', or the path to a log file\. Multiple destinations can be set using a comma separated list (eg: \fB/path/file1,console,/path/file2\fR)
1171
- .
759
+ Where to send log messages\. Choose between 'syslog' (the POSIX syslog service), 'eventlog' (the Windows Event Log), 'console', or the path to a log file\. Multiple destinations can be set using a comma separated list (eg: \fB/path/file1,console,/path/file2\fR)
1172
760
  .IP "\(bu" 4
1173
761
  \fIDefault\fR: ``
1174
- .
1175
762
  .IP "" 0
1176
- .
1177
763
  .SS "logdir"
1178
764
  The directory in which to store log files
1179
- .
1180
765
  .IP "\(bu" 4
1181
766
  \fIDefault\fR: \fBUnix/Linux: /var/log/puppetlabs/puppet \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\evar\elog \-\- Non\-root user: ~/\.puppetlabs/var/log\fR
1182
- .
1183
767
  .IP "" 0
1184
- .
1185
768
  .SS "manage_internal_file_permissions"
1186
769
  Whether Puppet should manage the owner, group, and mode of files it uses internally\. \fBNote\fR: For Windows agents, the default is \fBfalse\fR for versions 4\.10\.13 and greater, versions 5\.5\.6 and greater, and versions 6\.0 and greater\.
1187
- .
1188
770
  .IP "\(bu" 4
1189
771
  \fIDefault\fR: \fBtrue\fR
1190
- .
1191
772
  .IP "" 0
1192
- .
1193
773
  .SS "manifest"
1194
774
  The entry\-point manifest for the primary server\. This can be one file or a directory of manifests to be evaluated in alphabetical order\. Puppet manages this path as a directory if one exists or if the path ends with a / or \.
1195
- .
1196
775
  .P
1197
- Setting a global value for \fBmanifest\fR in puppet\.conf is not allowed (but it can be overridden from the commandline)\. Please use directory environments instead\. If you need to use something other than the environment\'s \fBmanifests\fR directory as the main manifest, you can set \fBmanifest\fR in environment\.conf\. For more info, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
1198
- .
776
+ Setting a global value for \fBmanifest\fR in puppet\.conf is not allowed (but it can be overridden from the commandline)\. Please use directory environments instead\. If you need to use something other than the environment's \fBmanifests\fR directory as the main manifest, you can set \fBmanifest\fR in environment\.conf\. For more info, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
1199
777
  .IP "\(bu" 4
1200
778
  \fIDefault\fR: ``
1201
- .
1202
779
  .IP "" 0
1203
- .
1204
780
  .SS "masterport"
1205
781
  The default port puppet subcommands use to communicate with Puppet Server\. (eg \fBpuppet facts upload\fR, \fBpuppet agent\fR)\. May be overridden by more specific settings (see \fBca_port\fR, \fBreport_port\fR)\.
1206
- .
1207
782
  .IP "\(bu" 4
1208
783
  \fIDefault\fR: \fB8140\fR
1209
- .
1210
784
  .IP "" 0
1211
- .
1212
785
  .SS "max_deprecations"
1213
786
  Sets the max number of logged/displayed parser validation deprecation warnings in case multiple deprecation warnings have been detected\. A value of 0 blocks the logging of deprecation warnings\. The count is per manifest\.
1214
- .
1215
787
  .IP "\(bu" 4
1216
788
  \fIDefault\fR: \fB10\fR
1217
- .
1218
789
  .IP "" 0
1219
- .
1220
790
  .SS "max_errors"
1221
791
  Sets the max number of logged/displayed parser validation errors in case multiple errors have been detected\. A value of 0 is the same as a value of 1; a minimum of one error is always raised\. The count is per manifest\.
1222
- .
1223
792
  .IP "\(bu" 4
1224
793
  \fIDefault\fR: \fB10\fR
1225
- .
1226
794
  .IP "" 0
1227
- .
1228
795
  .SS "max_warnings"
1229
796
  Sets the max number of logged/displayed parser validation warnings in case multiple warnings have been detected\. A value of 0 blocks logging of warnings\. The count is per manifest\.
1230
- .
1231
797
  .IP "\(bu" 4
1232
798
  \fIDefault\fR: \fB10\fR
1233
- .
1234
799
  .IP "" 0
1235
- .
1236
800
  .SS "maximum_uid"
1237
801
  The maximum allowed UID\. Some platforms use negative UIDs but then ship with tools that do not know how to handle signed ints, so the UIDs show up as huge numbers that can then not be fed back into the system\. This is a hackish way to fail in a slightly more useful way when that happens\.
1238
- .
1239
802
  .IP "\(bu" 4
1240
803
  \fIDefault\fR: \fB4294967290\fR
1241
- .
1242
804
  .IP "" 0
1243
- .
1244
805
  .SS "maxwaitforcert"
1245
806
  The maximum amount of time the Puppet agent should wait for its certificate request to be signed\. A value of \fBunlimited\fR will cause puppet agent to ask for a signed certificate indefinitely\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
1246
- .
1247
807
  .IP "\(bu" 4
1248
808
  \fIDefault\fR: \fBunlimited\fR
1249
- .
1250
809
  .IP "" 0
1251
- .
1252
810
  .SS "maxwaitforlock"
1253
811
  The maximum amount of time the puppet agent should wait for an already running puppet agent to finish before starting a new one\. This is set by default to 1 minute\. A value of \fBunlimited\fR will cause puppet agent to wait indefinitely\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
1254
- .
1255
812
  .IP "\(bu" 4
1256
813
  \fIDefault\fR: \fB1m\fR
1257
- .
1258
814
  .IP "" 0
1259
- .
1260
815
  .SS "merge_dependency_warnings"
1261
816
  Whether to merge class\-level dependency failure warnings\.
1262
- .
1263
817
  .P
1264
818
  When a class has a failed dependency, every resource in the class generates a notice level message about the dependency failure, and a warning level message about skipping the resource\.
1265
- .
1266
819
  .P
1267
820
  If true, all messages caused by a class dependency failure are merged into one message associated with the class\.
1268
- .
1269
821
  .IP "\(bu" 4
1270
822
  \fIDefault\fR: \fBfalse\fR
1271
- .
1272
823
  .IP "" 0
1273
- .
1274
824
  .SS "mkusers"
1275
825
  Whether to create the necessary user and group that puppet agent will run as\.
1276
- .
1277
826
  .IP "\(bu" 4
1278
827
  \fIDefault\fR: \fBfalse\fR
1279
- .
1280
828
  .IP "" 0
1281
- .
1282
829
  .SS "module_groups"
1283
830
  Extra module groups to request from the Puppet Forge\. This is an internal setting, and users should never change it\.
1284
- .
1285
831
  .IP "\(bu" 4
1286
832
  \fIDefault\fR: ``
1287
- .
1288
833
  .IP "" 0
1289
- .
1290
834
  .SS "module_repository"
1291
835
  The module repository
1292
- .
1293
836
  .IP "\(bu" 4
1294
837
  \fIDefault\fR: \fBhttps://forgeapi\.puppet\.com\fR
1295
- .
1296
838
  .IP "" 0
1297
- .
1298
839
  .SS "module_working_dir"
1299
840
  The directory into which module tool data is stored
1300
- .
1301
841
  .IP "\(bu" 4
1302
842
  \fIDefault\fR: \fB$vardir/puppet\-module\fR
1303
- .
1304
843
  .IP "" 0
1305
- .
1306
844
  .SS "modulepath"
1307
- The search path for modules, as a list of directories separated by the system path separator character\. (The POSIX path separator is \':\', and the Windows path separator is \';\'\.)
1308
- .
845
+ The search path for modules, as a list of directories separated by the system path separator character\. (The POSIX path separator is ':', and the Windows path separator is ';'\.)
1309
846
  .P
1310
- Setting a global value for \fBmodulepath\fR in puppet\.conf is not allowed (but it can be overridden from the commandline)\. Please use directory environments instead\. If you need to use something other than the default modulepath of \fB<ACTIVE ENVIRONMENT\'S MODULES DIR>:$basemodulepath\fR, you can set \fBmodulepath\fR in environment\.conf\. For more info, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
1311
- .
847
+ Setting a global value for \fBmodulepath\fR in puppet\.conf is not allowed (but it can be overridden from the commandline)\. Please use directory environments instead\. If you need to use something other than the default modulepath of \fB<ACTIVE ENVIRONMENT'S MODULES DIR>:$basemodulepath\fR, you can set \fBmodulepath\fR in environment\.conf\. For more info, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
1312
848
  .SS "name"
1313
849
  The name of the application, if we are running as one\. The default is essentially $0 without the path or \fB\.rb\fR\.
1314
- .
1315
850
  .IP "\(bu" 4
1316
851
  \fIDefault\fR: ``
1317
- .
1318
852
  .IP "" 0
1319
- .
1320
853
  .SS "named_curve"
1321
854
  The short name for the EC curve used to generate the EC private key\. Valid values must be one of the curves in \fBOpenSSL::PKey::EC\.builtin_curves\fR\. Default is \fBprime256v1\fR\.
1322
- .
1323
855
  .IP "\(bu" 4
1324
856
  \fIDefault\fR: \fBprime256v1\fR
1325
- .
1326
857
  .IP "" 0
1327
- .
1328
858
  .SS "no_proxy"
1329
859
  List of host or domain names that should not go through \fBhttp_proxy_host\fR\. Environment variable no_proxy or NO_PROXY will override this value\. Names can be specified as an FQDN \fBhost\.example\.com\fR, wildcard \fB*\.example\.com\fR, dotted domain \fB\.example\.com\fR, or suffix \fBexample\.com\fR\.
1330
- .
1331
860
  .IP "\(bu" 4
1332
861
  \fIDefault\fR: \fBlocalhost, 127\.0\.0\.1\fR
1333
- .
1334
862
  .IP "" 0
1335
- .
1336
863
  .SS "node_cache_terminus"
1337
- How to store cached nodes\. Valid values are (none), \'json\', \'msgpack\', or \'yaml\'\.
1338
- .
864
+ How to store cached nodes\. Valid values are (none), 'json', 'msgpack', or 'yaml'\.
1339
865
  .IP "\(bu" 4
1340
866
  \fIDefault\fR: ``
1341
- .
1342
867
  .IP "" 0
1343
- .
1344
868
  .SS "node_name_fact"
1345
- The fact name used to determine the node name used for all requests the agent makes to the primary server\. WARNING: This setting is mutually exclusive with node_name_value\. Changing this setting also requires changes to Puppet Server\'s default auth\.conf \fIhttps://puppet\.com/docs/puppetserver/latest/config_file_auth\.html\fR\.
1346
- .
869
+ The fact name used to determine the node name used for all requests the agent makes to the primary server\. WARNING: This setting is mutually exclusive with node_name_value\. Changing this setting also requires changes to Puppet Server's default auth\.conf \fIhttps://puppet\.com/docs/puppetserver/latest/config_file_auth\.html\fR\.
1347
870
  .SS "node_name_value"
1348
- The explicit value used for the node name for all requests the agent makes to the primary server\. WARNING: This setting is mutually exclusive with node_name_fact\. Changing this setting also requires changes to Puppet Server\'s default auth\.conf \fIhttps://puppet\.com/docs/puppetserver/latest/config_file_auth\.html\fR\.
1349
- .
871
+ The explicit value used for the node name for all requests the agent makes to the primary server\. WARNING: This setting is mutually exclusive with node_name_fact\. Changing this setting also requires changes to Puppet Server's default auth\.conf \fIhttps://puppet\.com/docs/puppetserver/latest/config_file_auth\.html\fR\.
1350
872
  .IP "\(bu" 4
1351
873
  \fIDefault\fR: \fB$certname\fR
1352
- .
1353
874
  .IP "" 0
1354
- .
1355
875
  .SS "node_terminus"
1356
876
  Which node data plugin to use when compiling node catalogs\.
1357
- .
1358
877
  .P
1359
878
  When Puppet compiles a catalog, it combines two primary sources of info: the main manifest, and a node data plugin (often called a "node terminus," for historical reasons)\. Node data plugins provide three things for a given node name:
1360
- .
1361
879
  .IP "1." 4
1362
- A list of classes to add to that node\'s catalog (and, optionally, values for their parameters)\.
1363
- .
880
+ A list of classes to add to that node's catalog (and, optionally, values for their parameters)\.
1364
881
  .IP "2." 4
1365
882
  Which Puppet environment the node should use\.
1366
- .
1367
883
  .IP "3." 4
1368
884
  A list of additional top\-scope variables to set\.
1369
- .
1370
885
  .IP "" 0
1371
- .
1372
886
  .P
1373
887
  The three main node data plugins are:
1374
- .
1375
888
  .IP "\(bu" 4
1376
- \fBplain\fR \-\-\- Returns no data, so that the main manifest controls all node configuration\.
1377
- .
889
+ \fBplain\fR \-\- Returns no data, so that the main manifest controls all node configuration\.
1378
890
  .IP "\(bu" 4
1379
- \fBexec\fR \-\-\- Uses an external node classifier (ENC) \fIhttps://puppet\.com/docs/puppet/latest/nodes_external\.html\fR, configured by the \fBexternal_nodes\fR setting\. This lets you pull a list of Puppet classes from any external system, using a small glue script to perform the request and format the result as YAML\.
1380
- .
891
+ \fBexec\fR \-\- Uses an external node classifier (ENC) \fIhttps://puppet\.com/docs/puppet/latest/nodes_external\.html\fR, configured by the \fBexternal_nodes\fR setting\. This lets you pull a list of Puppet classes from any external system, using a small glue script to perform the request and format the result as YAML\.
1381
892
  .IP "\(bu" 4
1382
- \fBclassifier\fR (formerly \fBconsole\fR) \-\-\- Specific to Puppet Enterprise\. Uses the PE console for node data\."
1383
- .
893
+ \fBclassifier\fR (formerly \fBconsole\fR) \-\- Specific to Puppet Enterprise\. Uses the PE console for node data\."
1384
894
  .IP "\(bu" 4
1385
895
  \fIDefault\fR: \fBplain\fR
1386
- .
1387
896
  .IP "" 0
1388
- .
1389
897
  .SS "noop"
1390
898
  Whether to apply catalogs in noop mode, which allows Puppet to partially simulate a normal run\. This setting affects puppet agent and puppet apply\.
1391
- .
1392
899
  .P
1393
900
  When running in noop mode, Puppet will check whether each resource is in sync, like it does when running normally\. However, if a resource attribute is not in the desired state (as declared in the catalog), Puppet will take no action, and will instead report the changes it \fIwould\fR have made\. These simulated changes will appear in the report sent to the primary Puppet server, or be shown on the console if running puppet agent or puppet apply in the foreground\. The simulated changes will not send refresh events to any subscribing or notified resources, although Puppet will log that a refresh event \fIwould\fR have been sent\.
1394
- .
1395
901
  .P
1396
902
  \fBImportant note:\fR The \fBnoop\fR metaparameter \fIhttps://puppet\.com/docs/puppet/latest/metaparameter\.html#noop\fR allows you to apply individual resources in noop mode, and will override the global value of the \fBnoop\fR setting\. This means a resource with \fBnoop => false\fR \fIwill\fR be changed if necessary, even when running puppet agent with \fBnoop = true\fR or \fB\-\-noop\fR\. (Conversely, a resource with \fBnoop => true\fR will only be simulated, even when noop mode is globally disabled\.)
1397
- .
1398
903
  .IP "\(bu" 4
1399
904
  \fIDefault\fR: \fBfalse\fR
1400
- .
1401
905
  .IP "" 0
1402
- .
1403
906
  .SS "number_of_facts_soft_limit"
1404
907
  The soft limit for the total number of fact values\. This counts the child elements of all facts (e\.g\. all items of an array or a hash), not just top level facts\.
1405
- .
1406
908
  .IP "\(bu" 4
1407
- \fIDefault\fR: \fB2048\fR
1408
- .
909
+ \fIDefault\fR: \fB10240\fR
1409
910
  .IP "" 0
1410
- .
1411
911
  .SS "onetime"
1412
912
  Perform one configuration run and exit, rather than spawning a long\-running daemon\. This is useful for interactively running puppet agent, or running puppet agent from cron\.
1413
- .
1414
913
  .IP "\(bu" 4
1415
914
  \fIDefault\fR: \fBfalse\fR
1416
- .
1417
915
  .IP "" 0
1418
- .
1419
916
  .SS "passfile"
1420
917
  Where puppet agent stores the password for its private key\. Generally unused\.
1421
- .
1422
918
  .IP "\(bu" 4
1423
919
  \fIDefault\fR: \fB$privatedir/password\fR
1424
- .
1425
920
  .IP "" 0
1426
- .
1427
921
  .SS "path"
1428
922
  The shell search path\. Defaults to whatever is inherited from the parent process\.
1429
- .
1430
923
  .P
1431
924
  This setting can only be set in the \fB[main]\fR section of puppet\.conf; it cannot be set in \fB[server]\fR, \fB[agent]\fR, or an environment config section\.
1432
- .
1433
925
  .IP "\(bu" 4
1434
926
  \fIDefault\fR: \fBnone\fR
1435
- .
1436
927
  .IP "" 0
1437
- .
1438
928
  .SS "payload_soft_limit"
1439
929
  The soft limit for the size of the payload\.
1440
- .
1441
930
  .IP "\(bu" 4
1442
931
  \fIDefault\fR: \fB16777216\fR
1443
- .
1444
932
  .IP "" 0
1445
- .
1446
933
  .SS "pidfile"
1447
934
  The file containing the PID of a running process\. This file is intended to be used by service management frameworks and monitoring systems to determine if a puppet process is still in the process table\.
1448
- .
1449
935
  .IP "\(bu" 4
1450
936
  \fIDefault\fR: \fB$rundir/${run_mode}\.pid\fR
1451
- .
1452
937
  .IP "" 0
1453
- .
1454
938
  .SS "plugindest"
1455
939
  Where Puppet should store plugins that it pulls down from the central server\.
1456
- .
1457
940
  .IP "\(bu" 4
1458
941
  \fIDefault\fR: \fB$libdir\fR
1459
- .
1460
942
  .IP "" 0
1461
- .
1462
943
  .SS "pluginfactdest"
1463
944
  Where Puppet should store external facts that are being handled by pluginsync
1464
- .
1465
945
  .IP "\(bu" 4
1466
946
  \fIDefault\fR: \fB$vardir/facts\.d\fR
1467
- .
1468
947
  .IP "" 0
1469
- .
1470
948
  .SS "pluginfactsource"
1471
949
  Where to retrieve external facts for pluginsync
1472
- .
1473
950
  .IP "\(bu" 4
1474
951
  \fIDefault\fR: \fBpuppet:///pluginfacts\fR
1475
- .
1476
952
  .IP "" 0
1477
- .
1478
953
  .SS "pluginsignore"
1479
954
  What files to ignore when pulling down plugins\.
1480
- .
1481
955
  .IP "\(bu" 4
1482
956
  \fIDefault\fR: \fB\.svn CVS \.git \.hg\fR
1483
- .
1484
957
  .IP "" 0
1485
- .
1486
958
  .SS "pluginsource"
1487
959
  From where to retrieve plugins\. The standard Puppet \fBfile\fR type is used for retrieval, so anything that is a valid file source can be used here\.
1488
- .
1489
960
  .IP "\(bu" 4
1490
961
  \fIDefault\fR: \fBpuppet:///plugins\fR
1491
- .
1492
962
  .IP "" 0
1493
- .
1494
963
  .SS "pluginsync"
1495
964
  Whether plugins should be synced with the central server\. This setting is deprecated\.
1496
- .
1497
965
  .IP "\(bu" 4
1498
966
  \fIDefault\fR: \fBtrue\fR
1499
- .
1500
967
  .IP "" 0
1501
- .
1502
968
  .SS "postrun_command"
1503
969
  A command to run after every agent run\. If this command returns a non\-zero return code, the entire Puppet run will be considered to have failed, even though it might have performed work during the normal run\.
1504
- .
1505
970
  .SS "preferred_serialization_format"
1506
- The preferred means of serializing ruby instances for passing over the wire\. This won\'t guarantee that all instances will be serialized using this method, since not all classes can be guaranteed to support this format, but it will be used for all classes that support it\.
1507
- .
971
+ The preferred means of serializing ruby instances for passing over the wire\. This won't guarantee that all instances will be serialized using this method, since not all classes can be guaranteed to support this format, but it will be used for all classes that support it\.
1508
972
  .IP "\(bu" 4
1509
973
  \fIDefault\fR: \fBjson\fR
1510
- .
1511
974
  .IP "" 0
1512
- .
1513
975
  .SS "preprocess_deferred"
1514
- Whether puppet should call deferred functions before applying the catalog\. If set to \fBtrue\fR, then all prerequisites needed for the deferred function must be satified prior to puppet running\. If set to \fBfalse\fR, then deferred functions will follow puppet relationships and ordering\. This allows puppet to install prerequisites needed for a deferred function and call the deferred function in the same run\.
1515
- .
976
+ Whether Puppet should call deferred functions before applying the catalog\. If set to \fBtrue\fR, all prerequisites required for the deferred function must be satisfied before the Puppet run\. If set to \fBfalse\fR, deferred functions follow Puppet relationships and ordering\. In this way, Puppet can install the prerequisites required for a deferred function and call the deferred function in the same run\.
1516
977
  .IP "\(bu" 4
1517
- \fIDefault\fR: \fBtrue\fR
1518
- .
978
+ \fIDefault\fR: \fBfalse\fR
1519
979
  .IP "" 0
1520
- .
1521
980
  .SS "prerun_command"
1522
981
  A command to run before every agent run\. If this command returns a non\-zero return code, the entire Puppet run will fail\.
1523
- .
1524
982
  .SS "preview_outputdir"
1525
983
  The directory where catalog previews per node are generated\.
1526
- .
1527
984
  .IP "\(bu" 4
1528
985
  \fIDefault\fR: \fB$vardir/preview\fR
1529
- .
1530
986
  .IP "" 0
1531
- .
1532
987
  .SS "priority"
1533
- The scheduling priority of the process\. Valid values are \'high\', \'normal\', \'low\', or \'idle\', which are mapped to platform\-specific values\. The priority can also be specified as an integer value and will be passed as is, e\.g\. \-5\. Puppet must be running as a privileged user in order to increase scheduling priority\.
1534
- .
988
+ The scheduling priority of the process\. Valid values are 'high', 'normal', 'low', or 'idle', which are mapped to platform\-specific values\. The priority can also be specified as an integer value and will be passed as is, e\.g\. \-5\. Puppet must be running as a privileged user in order to increase scheduling priority\.
1535
989
  .IP "\(bu" 4
1536
990
  \fIDefault\fR: ``
1537
- .
1538
991
  .IP "" 0
1539
- .
1540
992
  .SS "privatedir"
1541
993
  Where the client stores private certificate information\.
1542
- .
1543
994
  .IP "\(bu" 4
1544
995
  \fIDefault\fR: \fB$ssldir/private\fR
1545
- .
1546
996
  .IP "" 0
1547
- .
1548
997
  .SS "privatekeydir"
1549
998
  The private key directory\.
1550
- .
1551
999
  .IP "\(bu" 4
1552
1000
  \fIDefault\fR: \fB$ssldir/private_keys\fR
1553
- .
1554
1001
  .IP "" 0
1555
- .
1556
1002
  .SS "profile"
1557
1003
  Whether to enable experimental performance profiling
1558
- .
1559
1004
  .IP "\(bu" 4
1560
1005
  \fIDefault\fR: \fBfalse\fR
1561
- .
1562
1006
  .IP "" 0
1563
- .
1564
1007
  .SS "publicdir"
1565
1008
  Where Puppet stores public files\.
1566
- .
1567
1009
  .IP "\(bu" 4
1568
1010
  \fIDefault\fR: \fBUnix/Linux: /opt/puppetlabs/puppet/public \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\epublic \-\- Non\-root user: ~/\.puppetlabs/opt/puppet/public\fR
1569
- .
1570
1011
  .IP "" 0
1571
- .
1572
1012
  .SS "publickeydir"
1573
1013
  The public key directory\.
1574
- .
1575
1014
  .IP "\(bu" 4
1576
1015
  \fIDefault\fR: \fB$ssldir/public_keys\fR
1577
- .
1578
1016
  .IP "" 0
1579
- .
1580
1017
  .SS "puppet_trace"
1581
1018
  Whether to print the Puppet stack trace on some errors\. This is a noop if \fBtrace\fR is also set\.
1582
- .
1583
1019
  .IP "\(bu" 4
1584
1020
  \fIDefault\fR: \fBfalse\fR
1585
- .
1586
1021
  .IP "" 0
1587
- .
1588
1022
  .SS "puppetdlog"
1589
1023
  The fallback log file\. This is only used when the \fB\-\-logdest\fR option is not specified AND Puppet is running on an operating system where both the POSIX syslog service and the Windows Event Log are unavailable\. (Currently, no supported operating systems match that description\.)
1590
- .
1591
1024
  .P
1592
1025
  Despite the name, both puppet agent and puppet server will use this file as the fallback logging destination\.
1593
- .
1594
1026
  .P
1595
1027
  For control over logging destinations, see the \fB\-\-logdest\fR command line option in the manual pages for puppet server, puppet agent, and puppet apply\. You can see man pages by running \fBpuppet <SUBCOMMAND> \-\-help\fR, or read them online at https://puppet\.com/docs/puppet/latest/man/\.
1596
- .
1597
1028
  .IP "\(bu" 4
1598
1029
  \fIDefault\fR: \fB$logdir/puppetd\.log\fR
1599
- .
1600
1030
  .IP "" 0
1601
- .
1602
1031
  .SS "report"
1603
1032
  Whether to send reports after every transaction\.
1604
- .
1605
1033
  .IP "\(bu" 4
1606
1034
  \fIDefault\fR: \fBtrue\fR
1607
- .
1608
1035
  .IP "" 0
1609
- .
1610
1036
  .SS "report_configured_environmentpath"
1611
- When versioned_environment_dirs is \fBtrue\fR Puppet will readlink the environmentpath when constructing the environment\'s modulepath\. The full readlinked path is referred to as the "resolved path" and the configured path potentially containing symlinks is the "configured path"\. When reporting where resources come from users may choose between the configured or resolved path\.
1612
- .
1037
+ Specifies how environment paths are reported\. When the value of \fBversioned_environment_dirs\fR is \fBtrue\fR, Puppet applies the readlink function to the \fBenvironmentpath\fR setting when constructing the environment's modulepath\. The full readlinked path is referred to as the "resolved path," and the configured path potentially containing symlinks is the "configured path\." When reporting where resources come from, users may choose between the configured and resolved path\.
1613
1038
  .P
1614
- When set to false, the resolved paths are reported instead of the configured paths\.
1615
- .
1039
+ When set to \fBfalse\fR, the resolved paths are reported instead of the configured paths\.
1616
1040
  .IP "\(bu" 4
1617
1041
  \fIDefault\fR: \fBtrue\fR
1618
- .
1619
1042
  .IP "" 0
1620
- .
1621
1043
  .SS "report_include_system_store"
1622
- Whether the \'http\' report processor should include the system certificate store when submitting reports to HTTPS URLs\. If false, then the \'http\' processor will only trust HTTPS report servers whose certificates are issued by the puppet CA or one of its intermediate CAs\. If true, the processor will additionally trust CA certificates in the system\'s certificate store\.
1623
- .
1044
+ Whether the 'http' report processor should include the system certificate store when submitting reports to HTTPS URLs\. If false, then the 'http' processor will only trust HTTPS report servers whose certificates are issued by the puppet CA or one of its intermediate CAs\. If true, the processor will additionally trust CA certificates in the system's certificate store\.
1624
1045
  .IP "\(bu" 4
1625
1046
  \fIDefault\fR: \fBfalse\fR
1626
- .
1627
1047
  .IP "" 0
1628
- .
1629
1048
  .SS "report_port"
1630
1049
  The port to communicate with the report_server\.
1631
- .
1632
1050
  .IP "\(bu" 4
1633
1051
  \fIDefault\fR: \fB$serverport\fR
1634
- .
1635
1052
  .IP "" 0
1636
- .
1637
1053
  .SS "report_server"
1638
1054
  The server to send transaction reports to\.
1639
- .
1640
1055
  .IP "\(bu" 4
1641
1056
  \fIDefault\fR: \fB$server\fR
1642
- .
1643
1057
  .IP "" 0
1644
- .
1645
1058
  .SS "reportdir"
1646
1059
  The directory in which to store reports\. Each node gets a separate subdirectory in this directory\. This setting is only used when the \fBstore\fR report processor is enabled (see the \fBreports\fR setting)\.
1647
- .
1648
1060
  .IP "\(bu" 4
1649
1061
  \fIDefault\fR: \fB$vardir/reports\fR
1650
- .
1651
1062
  .IP "" 0
1652
- .
1653
1063
  .SS "reports"
1654
1064
  The list of report handlers to use\. When using multiple report handlers, their names should be comma\-separated, with whitespace allowed\. (For example, \fBreports = http, store\fR\.)
1655
- .
1656
1065
  .P
1657
1066
  This setting is relevant to puppet server and puppet apply\. The primary Puppet server will call these report handlers with the reports it receives from agent nodes, and puppet apply will call them with its own report\. (In all cases, the node applying the catalog must have \fBreport = true\fR\.)
1658
- .
1659
1067
  .P
1660
1068
  See the report reference for information on the built\-in report handlers; custom report handlers can also be loaded from modules\. (Report handlers are loaded from the lib directory, at \fBpuppet/reports/NAME\.rb\fR\.)
1661
- .
1662
1069
  .P
1663
1070
  To turn off reports entirely, set this to \fBnone\fR
1664
- .
1665
1071
  .IP "\(bu" 4
1666
1072
  \fIDefault\fR: \fBstore\fR
1667
- .
1668
1073
  .IP "" 0
1669
- .
1670
1074
  .SS "reporturl"
1671
1075
  The URL that reports should be forwarded to\. This setting is only used when the \fBhttp\fR report processor is enabled (see the \fBreports\fR setting)\.
1672
- .
1673
1076
  .IP "\(bu" 4
1674
1077
  \fIDefault\fR: \fBhttp://localhost:3000/reports/upload\fR
1675
- .
1676
1078
  .IP "" 0
1677
- .
1678
1079
  .SS "requestdir"
1679
1080
  Where host certificate requests are stored\.
1680
- .
1681
1081
  .IP "\(bu" 4
1682
1082
  \fIDefault\fR: \fB$ssldir/certificate_requests\fR
1683
- .
1684
1083
  .IP "" 0
1685
- .
1686
1084
  .SS "resourcefile"
1687
1085
  The file in which puppet agent stores a list of the resources associated with the retrieved configuration\.
1688
- .
1689
1086
  .IP "\(bu" 4
1690
1087
  \fIDefault\fR: \fB$statedir/resources\.txt\fR
1691
- .
1692
1088
  .IP "" 0
1693
- .
1694
1089
  .SS "resubmit_facts"
1695
1090
  Whether to send updated facts after every transaction\. By default puppet only submits facts at the beginning of the transaction before applying a catalog\. Since puppet can modify the state of the system, the value of the facts may change after puppet finishes\. Therefore, any facts stored in puppetdb may not be consistent until the agent next runs, typically in 30 minutes\. If this feature is enabled, puppet will resubmit facts after applying its catalog, ensuring facts for the node stored in puppetdb are current\. However, this will double the fact submission load on puppetdb, so it is disabled by default\.
1696
- .
1697
1091
  .IP "\(bu" 4
1698
1092
  \fIDefault\fR: \fBfalse\fR
1699
- .
1700
1093
  .IP "" 0
1701
- .
1702
1094
  .SS "rich_data"
1703
1095
  Enables having extended data in the catalog by storing them as a hash with the special key \fB__ptype\fR\. When enabled, resource containing values of the data types \fBBinary\fR, \fBRegexp\fR, \fBSemVer\fR, \fBSemVerRange\fR, \fBTimespan\fR and \fBTimestamp\fR, as well as instances of types derived from \fBObject\fR retain their data type\.
1704
- .
1705
1096
  .IP "\(bu" 4
1706
1097
  \fIDefault\fR: \fBtrue\fR
1707
- .
1708
1098
  .IP "" 0
1709
- .
1710
1099
  .SS "route_file"
1711
1100
  The YAML file containing indirector route configuration\.
1712
- .
1713
1101
  .IP "\(bu" 4
1714
1102
  \fIDefault\fR: \fB$confdir/routes\.yaml\fR
1715
- .
1716
1103
  .IP "" 0
1717
- .
1718
1104
  .SS "rundir"
1719
1105
  Where Puppet PID files are kept\.
1720
- .
1721
1106
  .IP "\(bu" 4
1722
1107
  \fIDefault\fR: \fBUnix/Linux: /var/run/puppetlabs \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\evar\erun \-\- Non\-root user: ~/\.puppetlabs/var/run\fR
1723
- .
1724
1108
  .IP "" 0
1725
- .
1726
1109
  .SS "runinterval"
1727
1110
  How often puppet agent applies the catalog\. Note that a runinterval of 0 means "run continuously" rather than "never run\." This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
1728
- .
1729
1111
  .IP "\(bu" 4
1730
1112
  \fIDefault\fR: \fB30m\fR
1731
- .
1732
1113
  .IP "" 0
1733
- .
1734
1114
  .SS "runtimeout"
1735
1115
  The maximum amount of time an agent run is allowed to take\. A Puppet agent run that exceeds this timeout will be aborted\. A value of 0 disables the timeout\. Defaults to 1 hour\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
1736
- .
1737
1116
  .IP "\(bu" 4
1738
1117
  \fIDefault\fR: \fB1h\fR
1739
- .
1740
1118
  .IP "" 0
1741
- .
1742
1119
  .SS "serial"
1743
1120
  Where the serial number for certificates is stored\.
1744
- .
1745
1121
  .IP "\(bu" 4
1746
1122
  \fIDefault\fR: \fB$cadir/serial\fR
1747
- .
1748
1123
  .IP "" 0
1749
- .
1750
1124
  .SS "server"
1751
1125
  The primary Puppet server to which the Puppet agent should connect\.
1752
- .
1753
1126
  .IP "\(bu" 4
1754
1127
  \fIDefault\fR: \fBpuppet\fR
1755
- .
1756
1128
  .IP "" 0
1757
- .
1758
1129
  .SS "server_datadir"
1759
1130
  The directory in which serialized data is stored, usually in a subdirectory\.
1760
- .
1761
1131
  .IP "\(bu" 4
1762
1132
  \fIDefault\fR: \fB$vardir/server_data\fR
1763
- .
1764
1133
  .IP "" 0
1765
- .
1766
1134
  .SS "server_list"
1767
- The list of primary Puppet servers to which the Puppet agent should connect, in the order that they will be tried\. Each value should be a fully qualified domain name, followed by an optional \':\' and port number\. If a port is omitted, Puppet uses masterport for that host\.
1768
- .
1135
+ The list of primary Puppet servers to which the Puppet agent should connect, in the order that they will be tried\. Each value should be a fully qualified domain name, followed by an optional ':' and port number\. If a port is omitted, Puppet uses masterport for that host\.
1769
1136
  .IP "\(bu" 4
1770
1137
  \fIDefault\fR: \fB[]\fR
1771
- .
1772
1138
  .IP "" 0
1773
- .
1774
1139
  .SS "serverport"
1775
1140
  The default port puppet subcommands use to communicate with Puppet Server\. (eg \fBpuppet facts upload\fR, \fBpuppet agent\fR)\. May be overridden by more specific settings (see \fBca_port\fR, \fBreport_port\fR)\.
1776
- .
1777
1141
  .IP "\(bu" 4
1778
1142
  \fIDefault\fR: \fB8140\fR
1779
- .
1780
1143
  .IP "" 0
1781
- .
1782
1144
  .SS "settings_catalog"
1783
1145
  Whether to compile and apply the settings catalog
1784
- .
1785
1146
  .IP "\(bu" 4
1786
1147
  \fIDefault\fR: \fBtrue\fR
1787
- .
1788
1148
  .IP "" 0
1789
- .
1790
1149
  .SS "show_diff"
1791
- Whether to log and report a contextual diff when files are being replaced\. This causes partial file contents to pass through Puppet\'s normal logging and reporting system, so this setting should be used with caution if you are sending Puppet\'s reports to an insecure destination\. This feature currently requires the \fBdiff/lcs\fR Ruby library\.
1792
- .
1150
+ Whether to log and report a contextual diff when files are being replaced\. This causes partial file contents to pass through Puppet's normal logging and reporting system, so this setting should be used with caution if you are sending Puppet's reports to an insecure destination\. This feature currently requires the \fBdiff/lcs\fR Ruby library\.
1793
1151
  .IP "\(bu" 4
1794
1152
  \fIDefault\fR: \fBfalse\fR
1795
- .
1796
1153
  .IP "" 0
1797
- .
1798
1154
  .SS "signeddir"
1799
1155
  Where the CA stores signed certificates\.
1800
- .
1801
1156
  .IP "\(bu" 4
1802
1157
  \fIDefault\fR: \fB$cadir/signed\fR
1803
- .
1804
1158
  .IP "" 0
1805
- .
1806
1159
  .SS "skip_logging_catalog_request_destination"
1807
- If you wish to suppress the notice of which compiler supplied the catalog
1808
- .
1160
+ Specifies whether to suppress the notice of which compiler supplied the catalog\. A value of \fBtrue\fR suppresses the notice\.
1809
1161
  .IP "\(bu" 4
1810
1162
  \fIDefault\fR: \fBfalse\fR
1811
- .
1812
1163
  .IP "" 0
1813
- .
1814
1164
  .SS "skip_tags"
1815
1165
  Tags to use to filter resources\. If this is set, then only resources not tagged with the specified tags will be applied\. Values must be comma\-separated\.
1816
- .
1817
1166
  .SS "sourceaddress"
1818
1167
  The address the agent should use to initiate requests\.
1819
- .
1820
1168
  .IP "\(bu" 4
1821
1169
  \fIDefault\fR: ``
1822
- .
1823
1170
  .IP "" 0
1824
- .
1825
1171
  .SS "splay"
1826
1172
  Whether to sleep for a random amount of time, ranging from immediately up to its \fB$splaylimit\fR, before performing its first agent run after a service restart\. After this period, the agent runs periodically on its \fB$runinterval\fR\.
1827
- .
1828
1173
  .P
1829
1174
  For example, assume a default 30\-minute \fB$runinterval\fR, \fBsplay\fR set to its default of \fBfalse\fR, and an agent starting at :00 past the hour\. The agent would check in every 30 minutes at :01 and :31 past the hour\.
1830
- .
1831
1175
  .P
1832
1176
  With \fBsplay\fR enabled, it waits any amount of time up to its \fB$splaylimit\fR before its first run\. For example, it might randomly wait 8 minutes, then start its first run at :08 past the hour\. With the \fB$runinterval\fR at its default 30 minutes, its next run will be at :38 past the hour\.
1833
- .
1834
1177
  .P
1835
- If you restart an agent\'s puppet service with \fBsplay\fR enabled, it recalculates its splay period and delays its first agent run after restarting for this new period\. If you simultaneously restart a group of puppet agents with \fBsplay\fR enabled, their checkins to your primary servers can be distributed more evenly\.
1836
- .
1178
+ If you restart an agent's puppet service with \fBsplay\fR enabled, it recalculates its splay period and delays its first agent run after restarting for this new period\. If you simultaneously restart a group of puppet agents with \fBsplay\fR enabled, their checkins to your primary servers can be distributed more evenly\.
1837
1179
  .IP "\(bu" 4
1838
1180
  \fIDefault\fR: \fBfalse\fR
1839
- .
1840
1181
  .IP "" 0
1841
- .
1842
1182
  .SS "splaylimit"
1843
- The maximum time to delay before an agent\'s first run when \fBsplay\fR is enabled\. Defaults to the agent\'s \fB$runinterval\fR\. The \fBsplay\fR interval is random and recalculated each time the agent is started or restarted\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
1844
- .
1183
+ The maximum time to delay before an agent's first run when \fBsplay\fR is enabled\. Defaults to the agent's \fB$runinterval\fR\. The \fBsplay\fR interval is random and recalculated each time the agent is started or restarted\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
1845
1184
  .IP "\(bu" 4
1846
1185
  \fIDefault\fR: \fB$runinterval\fR
1847
- .
1848
1186
  .IP "" 0
1849
- .
1850
1187
  .SS "srv_domain"
1851
1188
  The domain which will be queried to find the SRV records of servers to use\.
1852
- .
1853
1189
  .IP "\(bu" 4
1854
1190
  \fIDefault\fR: \fBexample\.com\fR
1855
- .
1856
1191
  .IP "" 0
1857
- .
1858
1192
  .SS "ssl_client_header"
1859
- The header containing an authenticated client\'s SSL DN\. This header must be set by the proxy to the authenticated client\'s SSL DN (e\.g\., \fB/CN=puppet\.puppetlabs\.com\fR)\. Puppet will parse out the Common Name (CN) from the Distinguished Name (DN) and use the value of the CN field for authorization\.
1860
- .
1193
+ The header containing an authenticated client's SSL DN\. This header must be set by the proxy to the authenticated client's SSL DN (e\.g\., \fB/CN=puppet\.puppetlabs\.com\fR)\. Puppet will parse out the Common Name (CN) from the Distinguished Name (DN) and use the value of the CN field for authorization\.
1861
1194
  .P
1862
1195
  Note that the name of the HTTP header gets munged by the web server common gateway interface: an \fBHTTP_\fR prefix is added, dashes are converted to underscores, and all letters are uppercased\. Thus, to use the \fBX\-Client\-DN\fR header, this setting should be \fBHTTP_X_CLIENT_DN\fR\.
1863
- .
1864
1196
  .IP "\(bu" 4
1865
1197
  \fIDefault\fR: \fBHTTP_X_CLIENT_DN\fR
1866
- .
1867
1198
  .IP "" 0
1868
- .
1869
1199
  .SS "ssl_client_verify_header"
1870
- The header containing the status message of the client verification\. This header must be set by the proxy to \'SUCCESS\' if the client successfully authenticated, and anything else otherwise\.
1871
- .
1200
+ The header containing the status message of the client verification\. This header must be set by the proxy to 'SUCCESS' if the client successfully authenticated, and anything else otherwise\.
1872
1201
  .P
1873
1202
  Note that the name of the HTTP header gets munged by the web server common gateway interface: an \fBHTTP_\fR prefix is added, dashes are converted to underscores, and all letters are uppercased\. Thus, to use the \fBX\-Client\-Verify\fR header, this setting should be \fBHTTP_X_CLIENT_VERIFY\fR\.
1874
- .
1875
1203
  .IP "\(bu" 4
1876
1204
  \fIDefault\fR: \fBHTTP_X_CLIENT_VERIFY\fR
1877
- .
1878
1205
  .IP "" 0
1879
- .
1880
1206
  .SS "ssl_lockfile"
1881
1207
  A lock file to indicate that the ssl bootstrap process is currently in progress\.
1882
- .
1883
1208
  .IP "\(bu" 4
1884
1209
  \fIDefault\fR: \fB$ssldir/ssl\.lock\fR
1885
- .
1886
1210
  .IP "" 0
1887
- .
1888
1211
  .SS "ssl_trust_store"
1889
- A file containing CA certificates in PEM format that puppet should trust when making HTTPS requests\. This \fBonly\fR applies to https requests to non\-puppet infrastructure, such as retrieving file metadata and content from https file sources, puppet module tool and the \'http\' report processor\. This setting is ignored when making requests to puppet:// URLs such as catalog and report requests\.
1890
- .
1212
+ A file containing CA certificates in PEM format that puppet should trust when making HTTPS requests\. This \fBonly\fR applies to https requests to non\-puppet infrastructure, such as retrieving file metadata and content from https file sources, puppet module tool and the 'http' report processor\. This setting is ignored when making requests to puppet:// URLs such as catalog and report requests\.
1891
1213
  .IP "\(bu" 4
1892
1214
  \fIDefault\fR: ``
1893
- .
1894
1215
  .IP "" 0
1895
- .
1896
1216
  .SS "ssldir"
1897
1217
  Where SSL certificates are kept\.
1898
- .
1899
1218
  .IP "\(bu" 4
1900
1219
  \fIDefault\fR: \fB$confdir/ssl\fR
1901
- .
1902
1220
  .IP "" 0
1903
- .
1904
1221
  .SS "statedir"
1905
1222
  The directory where Puppet state is stored\. Generally, this directory can be removed without causing harm (although it might result in spurious service restarts)\.
1906
- .
1907
1223
  .IP "\(bu" 4
1908
1224
  \fIDefault\fR: \fB$vardir/state\fR
1909
- .
1910
1225
  .IP "" 0
1911
- .
1912
1226
  .SS "statefile"
1913
1227
  Where Puppet agent and Puppet Server store state associated with the running configuration\. In the case of Puppet Server, this file reflects the state discovered through interacting with clients\.
1914
- .
1915
1228
  .IP "\(bu" 4
1916
1229
  \fIDefault\fR: \fB$statedir/state\.yaml\fR
1917
- .
1918
1230
  .IP "" 0
1919
- .
1920
1231
  .SS "statettl"
1921
1232
  How long the Puppet agent should cache when a resource was last checked or synced\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\. A value of \fB0\fR or \fBunlimited\fR will disable cache pruning\.
1922
- .
1923
1233
  .P
1924
1234
  This setting affects the usage of \fBschedule\fR resources, as the information about when a resource was last checked (and therefore when it needs to be checked again) is stored in the \fBstatefile\fR\. The \fBstatettl\fR needs to be large enough to ensure that a resource will not trigger multiple times during a schedule due to its entry expiring from the cache\.
1925
- .
1926
1235
  .IP "\(bu" 4
1927
1236
  \fIDefault\fR: \fB32d\fR
1928
- .
1929
1237
  .IP "" 0
1930
- .
1931
1238
  .SS "static_catalogs"
1932
1239
  Whether to compile a static catalog \fIhttps://puppet\.com/docs/puppet/latest/static_catalogs\.html#enabling\-or\-disabling\-static\-catalogs\fR, which occurs only on Puppet Server when the \fBcode\-id\-command\fR and \fBcode\-content\-command\fR settings are configured in its \fBpuppetserver\.conf\fR file\.
1933
- .
1934
1240
  .IP "\(bu" 4
1935
1241
  \fIDefault\fR: \fBtrue\fR
1936
- .
1937
1242
  .IP "" 0
1938
- .
1939
1243
  .SS "storeconfigs"
1940
- Whether to store each client\'s configuration, including catalogs, facts, and related data\. This also enables the import and export of resources in the Puppet language \- a mechanism for exchange resources between nodes\.
1941
- .
1244
+ Whether to store each client's configuration, including catalogs, facts, and related data\. This also enables the import and export of resources in the Puppet language \- a mechanism for exchange resources between nodes\.
1942
1245
  .P
1943
- By default this uses the \'puppetdb\' backend\.
1944
- .
1246
+ By default this uses the 'puppetdb' backend\.
1945
1247
  .P
1946
1248
  You can adjust the backend using the storeconfigs_backend setting\.
1947
- .
1948
1249
  .IP "\(bu" 4
1949
1250
  \fIDefault\fR: \fBfalse\fR
1950
- .
1951
1251
  .IP "" 0
1952
- .
1953
1252
  .SS "storeconfigs_backend"
1954
1253
  Configure the backend terminus used for StoreConfigs\. By default, this uses the PuppetDB store, which must be installed and configured before turning on StoreConfigs\.
1955
- .
1956
1254
  .IP "\(bu" 4
1957
1255
  \fIDefault\fR: \fBpuppetdb\fR
1958
- .
1959
1256
  .IP "" 0
1960
- .
1961
1257
  .SS "strict"
1962
1258
  The strictness level of puppet\. Allowed values are:
1963
- .
1964
1259
  .IP "\(bu" 4
1965
1260
  off \- do not perform extra validation, do not report
1966
- .
1967
1261
  .IP "\(bu" 4
1968
- warning \- perform extra validation, report as warning (default)
1969
- .
1262
+ warning \- perform extra validation, report as warning
1970
1263
  .IP "\(bu" 4
1971
- error \- perform extra validation, fail with error
1972
- .
1264
+ error \- perform extra validation, fail with error (default)
1973
1265
  .IP "" 0
1974
- .
1975
1266
  .P
1976
1267
  The strictness level is for both language semantics and runtime evaluation validation\. In addition to controlling the behavior with this primary server switch some individual warnings may also be controlled by the disable_warnings setting\.
1977
- .
1978
1268
  .P
1979
1269
  No new validations will be added to a micro (x\.y\.z) release, but may be added in minor releases (x\.y\.0)\. In major releases it expected that most (if not all) strictness validation become standard behavior\.
1980
- .
1981
1270
  .IP "\(bu" 4
1982
- \fIDefault\fR: \fBwarning\fR
1983
- .
1271
+ \fIDefault\fR: \fBerror\fR
1984
1272
  .IP "" 0
1985
- .
1986
1273
  .SS "strict_environment_mode"
1987
1274
  Whether the agent specified environment should be considered authoritative, causing the run to fail if the retrieved catalog does not match it\.
1988
- .
1989
1275
  .IP "\(bu" 4
1990
1276
  \fIDefault\fR: \fBfalse\fR
1991
- .
1992
1277
  .IP "" 0
1993
- .
1994
1278
  .SS "strict_variables"
1995
1279
  Causes an evaluation error when referencing unknown variables\. (This does not affect referencing variables that are explicitly set to undef)\.
1996
- .
1997
1280
  .IP "\(bu" 4
1998
- \fIDefault\fR: \fBfalse\fR
1999
- .
1281
+ \fIDefault\fR: \fBtrue\fR
2000
1282
  .IP "" 0
2001
- .
2002
1283
  .SS "summarize"
2003
1284
  Whether to print a transaction summary\.
2004
- .
2005
1285
  .IP "\(bu" 4
2006
1286
  \fIDefault\fR: \fBfalse\fR
2007
- .
2008
1287
  .IP "" 0
2009
- .
2010
1288
  .SS "supported_checksum_types"
2011
1289
  Checksum types supported by this agent for use in file resources of a static catalog\. Values must be comma\-separated\. Valid types are sha256, sha256lite, sha384, sha512, sha224, sha1, sha1lite, md5, md5lite, mtime, ctime\. Default is sha256, sha384, sha512, sha224, md5\.
2012
- .
2013
1290
  .IP "\(bu" 4
2014
1291
  \fIDefault\fR: \fB["sha256", "sha384", "sha512", "sha224", "md5"]\fR
2015
- .
2016
1292
  .IP "" 0
2017
- .
2018
1293
  .SS "syslogfacility"
2019
1294
  What syslog facility to use when logging to syslog\. Syslog has a fixed list of valid facilities, and you must choose one of those; you cannot just make one up\.
2020
- .
2021
1295
  .IP "\(bu" 4
2022
1296
  \fIDefault\fR: \fBdaemon\fR
2023
- .
2024
1297
  .IP "" 0
2025
- .
2026
1298
  .SS "tags"
2027
1299
  Tags to use to find resources\. If this is set, then only resources tagged with the specified tags will be applied\. Values must be comma\-separated\.
2028
- .
2029
1300
  .SS "tasks"
2030
1301
  Turns on experimental support for tasks and plans in the puppet language\. This is for internal API use only\. Do not change this setting\.
2031
- .
2032
1302
  .IP "\(bu" 4
2033
1303
  \fIDefault\fR: \fBfalse\fR
2034
- .
2035
1304
  .IP "" 0
2036
- .
2037
1305
  .SS "top_level_facts_soft_limit"
2038
1306
  The soft limit for the number of top level facts\.
2039
- .
2040
1307
  .IP "\(bu" 4
2041
1308
  \fIDefault\fR: \fB512\fR
2042
- .
2043
1309
  .IP "" 0
2044
- .
2045
1310
  .SS "trace"
2046
1311
  Whether to print stack traces on some errors\. Will print internal Ruby stack trace interleaved with Puppet function frames\.
2047
- .
2048
1312
  .IP "\(bu" 4
2049
1313
  \fIDefault\fR: \fBfalse\fR
2050
- .
2051
1314
  .IP "" 0
2052
- .
2053
1315
  .SS "transactionstorefile"
2054
1316
  Transactional storage file for persisting data between transactions for the purposes of inferring information (such as corrective_change) on new data received\.
2055
- .
2056
1317
  .IP "\(bu" 4
2057
1318
  \fIDefault\fR: \fB$statedir/transactionstore\.yaml\fR
2058
- .
2059
1319
  .IP "" 0
2060
- .
2061
1320
  .SS "trusted_external_command"
2062
- The external trusted facts script or directory to use\. This setting\'s value can be set to the path to an executable command that can produce external trusted facts or to a directory containing those executable commands\. The command(s) must:
2063
- .
1321
+ The external trusted facts script or directory to use\. This setting's value can be set to the path to an executable command that can produce external trusted facts or to a directory containing those executable commands\. The command(s) must:
2064
1322
  .IP "\(bu" 4
2065
1323
  Take the name of a node as a command\-line argument\.
2066
- .
2067
1324
  .IP "\(bu" 4
2068
1325
  Return a JSON hash with the external trusted facts for this node\.
2069
- .
2070
1326
  .IP "\(bu" 4
2071
1327
  For unknown or invalid nodes, exit with a non\-zero exit code\.
2072
- .
2073
1328
  .IP "" 0
2074
- .
2075
1329
  .P
2076
- If the setting points to an executable command, then the external trusted facts will be stored in the \'external\' key of the trusted facts hash\. Otherwise for each executable file in the directory, the external trusted facts will be stored in the \fB<basename>\fR key of the \fBtrusted[\'external\']\fR hash\. For example, if the files foo\.rb and bar\.sh are in the directory, then \fBtrusted[\'external\']\fR will be the hash \fB{ \'foo\' => <foo\.rb output>, \'bar\' => <bar\.sh output> }\fR\.
2077
- .
1330
+ If the setting points to an executable command, then the external trusted facts will be stored in the 'external' key of the trusted facts hash\. Otherwise for each executable file in the directory, the external trusted facts will be stored in the \fB<basename>\fR key of the \fBtrusted['external']\fR hash\. For example, if the files foo\.rb and bar\.sh are in the directory, then \fBtrusted['external']\fR will be the hash \fB{ 'foo' => <foo\.rb output>, 'bar' => <bar\.sh output> }\fR\.
2078
1331
  .IP "\(bu" 4
2079
1332
  \fIDefault\fR: ``
2080
- .
2081
1333
  .IP "" 0
2082
- .
2083
1334
  .SS "trusted_oid_mapping_file"
2084
1335
  File that provides mapping between custom SSL oids and user\-friendly names
2085
- .
2086
1336
  .IP "\(bu" 4
2087
1337
  \fIDefault\fR: \fB$confdir/custom_trusted_oid_mapping\.yaml\fR
2088
- .
2089
1338
  .IP "" 0
2090
- .
2091
1339
  .SS "use_cached_catalog"
2092
1340
  Whether to only use the cached catalog rather than compiling a new catalog on every run\. Puppet can be run with this enabled by default and then selectively disabled when a recompile is desired\. Because a Puppet agent using cached catalogs does not contact the primary server for a new catalog, it also does not upload facts at the beginning of the Puppet run\.
2093
- .
2094
1341
  .IP "\(bu" 4
2095
1342
  \fIDefault\fR: \fBfalse\fR
2096
- .
2097
1343
  .IP "" 0
2098
- .
2099
1344
  .SS "use_last_environment"
2100
1345
  Puppet saves both the initial and converged environment in the last_run_summary file\. If they differ, and this setting is set to true, we will use the last converged environment and skip the node request\.
2101
- .
2102
1346
  .P
2103
1347
  When set to false, we will do the node request and ignore the environment data from the last_run_summary file\.
2104
- .
2105
1348
  .IP "\(bu" 4
2106
1349
  \fIDefault\fR: \fBtrue\fR
2107
- .
2108
1350
  .IP "" 0
2109
- .
2110
1351
  .SS "use_srv_records"
2111
1352
  Whether the server will search for SRV records in DNS for the current domain\.
2112
- .
2113
1353
  .IP "\(bu" 4
2114
1354
  \fIDefault\fR: \fBfalse\fR
2115
- .
2116
1355
  .IP "" 0
2117
- .
2118
1356
  .SS "usecacheonfailure"
2119
1357
  Whether to use the cached configuration when the remote configuration will not compile\. This option is useful for testing new configurations, where you want to fix the broken configuration rather than reverting to a known\-good one\.
2120
- .
2121
1358
  .IP "\(bu" 4
2122
1359
  \fIDefault\fR: \fBtrue\fR
2123
- .
2124
1360
  .IP "" 0
2125
- .
2126
1361
  .SS "user"
2127
1362
  The user Puppet Server will run as\. Used to ensure the agent side processes (agent, apply, etc) create files and directories readable by Puppet Server when necessary\.
2128
- .
2129
1363
  .IP "\(bu" 4
2130
1364
  \fIDefault\fR: \fBpuppet\fR
2131
- .
2132
1365
  .IP "" 0
2133
- .
2134
1366
  .SS "vardir"
2135
1367
  Where Puppet stores dynamic and growing data\. The default for this setting is calculated specially, like \fBconfdir\fR_\.
2136
- .
2137
1368
  .IP "\(bu" 4
2138
1369
  \fIDefault\fR: \fBUnix/Linux: /opt/puppetlabs/puppet/cache \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\ecache \-\- Non\-root user: ~/\.puppetlabs/opt/puppet/cache\fR
2139
- .
2140
1370
  .IP "" 0
2141
- .
2142
1371
  .SS "vendormoduledir"
2143
1372
  The directory containing \fBvendored\fR modules\. These modules will be used by \fIall\fR environments like those in the \fBbasemodulepath\fR\. The only difference is that modules in the \fBbasemodulepath\fR are pluginsynced, while vendored modules are not
2144
- .
2145
1373
  .IP "\(bu" 4
2146
1374
  \fIDefault\fR: \fB/opt/puppetlabs/puppet/vendor_modules\fR
2147
- .
2148
1375
  .IP "" 0
2149
- .
2150
1376
  .SS "versioned_environment_dirs"
2151
1377
  Whether or not to look for versioned environment directories, symlinked from \fB$environmentpath/<environment>\fR\. This is an experimental feature and should be used with caution\.
2152
- .
2153
1378
  .IP "\(bu" 4
2154
1379
  \fIDefault\fR: \fBfalse\fR
2155
- .
2156
1380
  .IP "" 0
2157
- .
2158
1381
  .SS "waitforcert"
2159
1382
  How frequently puppet agent should ask for a signed certificate\.
2160
- .
2161
1383
  .P
2162
- When starting for the first time, puppet agent will submit a certificate signing request (CSR) to the server named in the \fBca_server\fR setting (usually the primary Puppet server); this may be autosigned, or may need to be approved by a human, depending on the CA server\'s configuration\.
2163
- .
1384
+ When starting for the first time, puppet agent will submit a certificate signing request (CSR) to the server named in the \fBca_server\fR setting (usually the primary Puppet server); this may be autosigned, or may need to be approved by a human, depending on the CA server's configuration\.
2164
1385
  .P
2165
1386
  Puppet agent cannot apply configurations until its approved certificate is available\. Since the certificate may or may not be available immediately, puppet agent will repeatedly try to fetch it at this interval\. You can turn off waiting for certificates by specifying a time of 0, or a maximum amount of time to wait in the \fBmaxwaitforcert\fR setting, in which case puppet agent will exit if it cannot get a cert\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
2166
- .
2167
1387
  .IP "\(bu" 4
2168
1388
  \fIDefault\fR: \fB2m\fR
2169
- .
2170
1389
  .IP "" 0
2171
- .
2172
1390
  .SS "waitforlock"
2173
1391
  How frequently puppet agent should try running when there is an already ongoing puppet agent instance\.
2174
- .
2175
1392
  .P
2176
1393
  This argument is by default disabled (value set to 0)\. In this case puppet agent will immediately exit if it cannot run at that moment\. When a value other than 0 is set, this can also be used in combination with the \fBmaxwaitforlock\fR argument\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
2177
- .
2178
1394
  .IP "\(bu" 4
2179
1395
  \fIDefault\fR: \fB0\fR
2180
- .
2181
1396
  .IP "" 0
2182
- .
2183
1397
  .SS "write_catalog_summary"
2184
1398
  Whether to write the \fBclassfile\fR and \fBresourcefile\fR after applying the catalog\. It is enabled by default, except when running \fBpuppet apply\fR\.
2185
- .
2186
1399
  .IP "\(bu" 4
2187
1400
  \fIDefault\fR: \fBtrue\fR
2188
- .
2189
1401
  .IP "" 0
2190
- .
2191
1402
  .SS "yamldir"
2192
1403
  The directory in which YAML data is stored, usually in a subdirectory\.
2193
- .
2194
1404
  .IP "\(bu" 4
2195
1405
  \fIDefault\fR: \fB$vardir/yaml\fR
2196
- .
2197
1406
  .IP "" 0
2198
1407