puppet 2.6.0 → 2.6.1

data/lib/puppet/util/autoload.rb

@@ -131,11 +131,23 @@ class Puppet::Util::Autoload
     # We have to require this late in the process because otherwise we might have
     # load order issues.
     require 'puppet/node/environment'
-    Puppet::Node::Environment.new(env).modulepath.collect do |dir|
-      Dir.entries(dir).reject { |f| f =~ /^\./ }.collect { |f| File.join(dir, f) }
-    end.flatten.collect { |d| [File.join(d, "plugins"), File.join(d, "lib")] }.flatten.find_all do |d|
-      FileTest.directory?(d)
-    end
+
+    real_env = Puppet::Node::Environment.new(env)
+
+    # We're using a per-thread cache of said module directories, so that
+    # we don't scan the filesystem each time we try to load something with
+    # this autoload instance. But since we don't want to cache for the eternity
+    # this env_module_directories gets reset after the compilation on the master.
+    # This is also reset after an agent ran.
+    # One of the side effect of this change is that this module directories list will be
+    # shared among all autoload that we have running at a time. But that won't be an issue
+    # as by definition those directories are shared by all autoload.
+    Thread.current[:env_module_directories] ||= {}
+    Thread.current[:env_module_directories][real_env] ||= real_env.modulepath.collect do |dir|
+        Dir.entries(dir).reject { |f| f =~ /^\./ }.collect { |f| File.join(dir, f) }
+      end.flatten.collect { |d| [File.join(d, "plugins"), File.join(d, "lib")] }.flatten.find_all do |d|
+        FileTest.directory?(d)
+      end
   end
 
   def search_directories(env=nil)

data/lib/puppet/util/cacher.rb

@@ -1,3 +1,5 @@
+require 'monitor'
+
 module Puppet::Util::Cacher
   module Expirer
     attr_reader :timestamp
@@ -49,7 +51,7 @@ module Puppet::Util::Cacher
       define_method(name.to_s + "=") do |value|
         # Make sure the cache timestamp is set
         cache_timestamp
-        value_cache[name] = value
+        value_cache.synchronize { value_cache[name] = value }
       end
 
       if ttl = options[:ttl]
@@ -70,6 +72,7 @@ module Puppet::Util::Cacher
 
   # Methods that get added to instances.
   module InstanceMethods
+
     def expire
       # Only expire if we have an expirer.  This is
       # mostly so that we can comfortably handle cases
@@ -92,15 +95,17 @@ module Puppet::Util::Cacher
     end
 
     def cached_value(name)
-      # Allow a nil expirer, in which case we regenerate the value every time.
-      if expired_by_expirer?(name)
-        value_cache.clear
-        @cache_timestamp = Time.now
-      elsif expired_by_ttl?(name)
-        value_cache.delete(name)
+      value_cache.synchronize do
+        # Allow a nil expirer, in which case we regenerate the value every time.
+        if expired_by_expirer?(name)
+          value_cache.clear
+          @cache_timestamp = Time.now
+        elsif expired_by_ttl?(name)
+          value_cache.delete(name)
+        end
+        value_cache[name] = send("init_#{name}") unless value_cache.include?(name)
+        value_cache[name]
       end
-      value_cache[name] = send("init_#{name}") unless value_cache.include?(name)
-      value_cache[name]
     end
 
     def expired_by_expirer?(name)
@@ -121,7 +126,7 @@ module Puppet::Util::Cacher
     end
 
     def value_cache
-      @value_cache ||= {}
+      @value_cache ||= {}.extend(MonitorMixin)
     end
   end
 end

data/lib/puppet/util/command_line/puppetdoc

@@ -8,15 +8,15 @@
 #
 # = Usage
 #
-#   puppet doc [-a|--all] [-h|--help] [-o|--outputdir <rdoc outputdir>] [-m|--mode <text|pdf|markdown|trac|rdoc>]
+#   puppet doc [-a|--all] [-h|--help] [-o|--outputdir <rdoc outputdir>] [-m|--mode <text|pdf|rdoc>]
 #              [-r|--reference <[type]|configuration|..>] [--charset CHARSET] [manifest-file]
 #
 # = Description
 #
-# If mode is not 'rdoc', then this command generates a restructured-text document describing all installed
+# If mode is not 'rdoc', then this command generates a Markdown document describing all installed
 # Puppet types or all allowable arguments to puppet executables.  It is largely
 # meant for internal use and is used to generate the reference document
-# available on the Reductive Labs web site.
+# available on the Puppet Labs web site.
 #
 # In 'rdoc' mode, this command generates an html RDoc hierarchy describing the manifests that
 # are in 'manifestdir' and 'modulepath' configuration directives.
@@ -37,7 +37,7 @@
 #   Specifies the directory where to output the rdoc documentation in 'rdoc' mode.
 #
 # mode::
-#   Determine the output mode.  Valid modes are 'text', 'trac', 'pdf', 'markdown' and 'rdoc'. The 'pdf' and 'markdown' modes create PDF or Markdown formatted files in the /tmp directory. Note that 'trac' mode only works on Reductive Labs servers.  The default mode is 'text'.  In 'rdoc' mode you must provide 'manifests-path'
+#   Determine the output mode.  Valid modes are 'text', 'trac', 'pdf' and 'rdoc'. The 'pdf' mode creates PDF formatted files in the /tmp directory. The default mode is 'text'.  In 'rdoc' mode you must provide 'manifests-path'
 #
 # reference::
 #   Build a particular reference.  Get a list of references by running +puppet doc --list+.
@@ -53,7 +53,7 @@
 # or
 #   $ puppet doc /etc/puppet/manifests/site.pp
 # or
-#   $ puppet doc -m markdown -r configuration
+#   $ puppet doc -m pdf -r configuration
 #
 # = Author
 #

data/lib/puppet/util/command_line/puppetrun

@@ -54,8 +54,6 @@
 # This is what you would install on your Puppet master; non-master hosts could
 # leave off the 'fileserver' and 'puppetmaster' namespaces.
 #
-# Expect more documentation on this eventually.
-#
 # = Options
 #
 # Note that any configuration parameter that's valid in the configuration file

data/lib/puppet/util/command_line/ralsh

@@ -59,23 +59,23 @@
 # types:
 #   List all available types.
 #
-# verbose::
+# verbose:
 #   Print extra information.
 #
 # = Example
 #
-# This example uses ``puppet resource`` to return Puppet configuration for the user ``luke``::
-#
-#    $ puppet resource user luke
-#    user { 'luke':
-#      home => '/home/luke',
-#      uid => '100',
-#      ensure => 'present',
-#      comment => 'Luke Kanies,,,',
-#      gid => '1000',
-#      shell => '/bin/bash',
-#      groups => ['sysadmin','audio','video','puppet']
-#    }
+# This example uses `puppet resource` to return Puppet configuration for the user `luke`:
+#
+#      $ puppet resource user luke
+#      user { 'luke':
+#        home => '/home/luke',
+#        uid => '100',
+#        ensure => 'present',
+#        comment => 'Luke Kanies,,,',
+#        gid => '1000',
+#        shell => '/bin/bash',
+#        groups => ['sysadmin','audio','video','puppet']
+#      }
 #
 # = Author
 #

data/lib/puppet/util/docs.rb

@@ -47,25 +47,19 @@ module Puppet::Util::Docs
       lengths[i] = value.to_s.length if value.to_s.length > lengths[i]
     end
 
-    # Add the top header row
-    str += lengths.collect { |num| "=" * num }.join(" ") + "\n"
+    # Add the header names
+    str += headers.zip(lengths).collect { |value, num| pad(value, num) }.join(" | ") + " |" + "\n"
 
-    # And the header names
-    str += headers.zip(lengths).collect { |value, num| pad(value, num) }.join(" ") + "\n"
-
-    # And the second header row
-    str += lengths.collect { |num| "=" * num }.join(" ") + "\n"
+    # And the header row
+    str += lengths.collect { |num| "-" * num }.join(" | ") + " |" + "\n"
 
     # Now each data row
     data.sort { |a, b| a[0].to_s <=> b[0].to_s }.each do |name, rows|
       str += [name, rows].flatten.zip(lengths).collect do |value, length|
         pad(value, length)
-      end.join(" ") + "\n"
+      end.join(" | ") + " |" + "\n"
     end
 
-    # And the bottom line row
-    str += lengths.collect { |num| "=" * num }.join(" ") + "\n"
-
     str + "\n"
   end
 
@@ -111,4 +105,3 @@ module Puppet::Util::Docs
 
   module_function :scrub
 end
-

data/lib/puppet/util/monkey_patches.rb

@@ -1,4 +1,7 @@
-Process.maxgroups = 1024
+
+unless defined? JRUBY_VERSION
+  Process.maxgroups = 1024
+end
 
 module RDoc
   def self.caller(skip=nil)
@@ -22,7 +25,7 @@ end
 
 [Object, Exception, Integer, Struct, Date, Time, Range, Regexp, Hash, Array, Float, String, FalseClass, TrueClass, Symbol, NilClass, Class].each { |cls|
   cls.class_eval do
-    def to_yaml
+    def to_yaml(ignored=nil)
       ZAML.dump(self)
     end
   end

data/lib/puppet/util/nagios_maker.rb

@@ -45,17 +45,16 @@ module Puppet::Util::NagiosMaker
     provider.nagios_type
 
     type.desc "The Nagios type #{name.to_s}.  This resource type is autogenerated using the
-      model developed in Naginator_, and all of the Nagios types are generated using the
+      model developed in Naginator, and all of the Nagios types are generated using the
       same code and the same library.
 
       This type generates Nagios configuration statements in Nagios-parseable configuration
-      files.  By default, the statements will be added to ``#{target}``, but
-      you can send them to a different file by setting their ``target`` attribute.
+      files.  By default, the statements will be added to `#{target}`, but
+      you can send them to a different file by setting their `target` attribute.
 
-      You can purge Nagios resources using the ``resources`` type, but *only*
+      You can purge Nagios resources using the `resources` type, but *only*
       in the default file locations.  This is an architectural limitation.
 
-      .. _naginator: http://projects.reductivelabs.com/projects/naginator
     "
   end
 end

data/lib/puppet/util/provider_features.rb

@@ -72,7 +72,7 @@ module Puppet::Util::ProviderFeatures
     names = @features.keys.sort { |a,b| a.to_s <=> b.to_s }
     names.each do |name|
       doc = @features[name].docs.gsub(/\n\s+/, " ")
-      str += "- **#{name}**: #{doc}\n"
+      str += "- *#{name}*: #{doc}\n"
     end
 
     if providers.length > 0
@@ -83,7 +83,7 @@ module Puppet::Util::ProviderFeatures
         prov = provider(provname)
         names.each do |name|
           if prov.feature?(name)
-            data[provname] << "**X**"
+            data[provname] << "*X*"
           else
             data[provname] << ""
           end

data/lib/puppet/util/rdoc.rb

@@ -41,7 +41,7 @@ module Puppet::Util::RDoc
   def manifestdoc(files)
     Puppet[:ignoreimport] = true
     files.select { |f| FileTest.file?(f) }.each do |f|
-      parser = Puppet::Parser::Parser.new(:environment => Puppet[:environment])
+      parser = Puppet::Parser::Parser.new(Puppet::Node::Environment.new(Puppet[:environment]))
       parser.file = f
       ast = parser.parse
       output(f, ast)

data/lib/puppet/util/rdoc/parser.rb

@@ -15,6 +15,8 @@ module RDoc
 class Parser
   extend ParserFactory
 
+  SITE = "__site__"
+
   attr_accessor :ast, :input_file_name, :top_level
 
   # parser registration into RDoc
@@ -74,7 +76,7 @@ class Parser
 
   # split_module tries to find if +path+ belongs to the module path
   # if it does, it returns the module name, otherwise if we are sure
-  # it is part of the global manifest path, "<site>" is returned.
+  # it is part of the global manifest path, "__site__" is returned.
   # And finally if this path couldn't be mapped anywhere, nil is returned.
   def split_module(path)
     # find a module
@@ -105,7 +107,7 @@ class Parser
     end
     # we are under a global manifests
     Puppet.debug "rdoc: global manifests"
-    "<site>"
+    SITE
   end
 
   # create documentation for the top level +container+
@@ -128,7 +130,7 @@ class Parser
     Puppet.debug "rdoc: scanning for #{name}"
 
     container.module_name = name
-    container.global=true if name == "<site>"
+    container.global=true if name == SITE
 
     @stats.num_modules += 1
     container, name  = get_class_or_module(container,name)

data/lib/puppet/util/reference.rb

@@ -15,7 +15,7 @@ class Puppet::Util::Reference
   end
 
   def self.modes
-    %w{pdf trac text markdown}
+    %w{pdf text}
   end
 
   def self.newreference(name, options = {}, &block)
@@ -32,7 +32,7 @@ class Puppet::Util::Reference
       section = reference(name) or raise "Could not find section #{name}"
       depth = section.depth if section.depth < depth
     end
-    text = ".. contents:: :depth: 2\n\n"
+    text = "{:toc}\n\n"
   end
 
   def self.pdf(text)
@@ -67,32 +67,6 @@ class Puppet::Util::Reference
 
   end
 
-  def self.markdown(name, text)
-    puts "Creating markdown for #{name} reference."
-    dir = "/tmp/#{Puppet::PUPPETVERSION}"
-    FileUtils.mkdir(dir) unless File.directory?(dir)
-    Puppet::Util.secure_open(dir + "/#{name}.rst", "w") do |f|
-      f.puts text
-    end
-    pandoc = %x{which pandoc}
-    if $CHILD_STATUS != 0 or pandoc =~ /no /
-      pandoc = %x{which pandoc}
-    end
-    if $CHILD_STATUS != 0 or pandoc =~ /no /
-      raise "Could not find pandoc"
-    end
-    pandoc.chomp!
-    cmd = %{#{pandoc} -s -r rst -w markdown #{dir}/#{name}.rst -o #{dir}/#{name}.mdwn}
-    output = %x{#{cmd}}
-    unless $CHILD_STATUS == 0
-      $stderr.puts "Pandoc failed to create #{name} reference."
-      $stderr.puts output
-      exit(1)
-    end
-
-    File.unlink(dir + "/#{name}.rst")
-  end
-
   def self.references
     instance_loader(:reference).loadall
     loaded_instances(:reference).sort { |a,b| a.to_s <=> b.to_s }
@@ -167,7 +141,7 @@ class Puppet::Util::Reference
     # First the header
     text = h(@title, 1)
     text += "\n\n**This page is autogenerated; any changes will get overwritten** *(last generated on #{Time.now.to_s})*\n\n"
-    text +=  ".. contents:: :depth: #{@depth}\n\n" if withcontents
+    text +=  "{:toc}\n\n" if withcontents
 
     text += @header
 
@@ -181,27 +155,4 @@ class Puppet::Util::Reference
   def to_text(withcontents = true)
     strip_trac(to_rest(withcontents))
   end
-
-  def to_trac(with_contents = true)
-    "{{{\n#!rst\n#{self.to_rest(with_contents)}\n}}}"
-  end
-
-  def trac
-    Puppet::Util.secure_open("/tmp/puppetdoc.txt", "w") do |f|
-      f.puts self.to_trac
-    end
-
-    puts "Writing #{@name} reference to trac as #{@page}"
-    cmd = %{sudo trac-admin /opt/rl/trac/puppet wiki import %s /tmp/puppetdoc.txt} % self.page
-    output = %x{#{cmd}}
-    unless $CHILD_STATUS == 0
-      $stderr.puts "trac-admin failed"
-      $stderr.puts output
-      exit(1)
-    end
-    unless output =~ /^\s+/
-      $stderr.puts output
-    end
-  end
 end
-

data/man/man5/puppet.conf.5

@@ -1,1557 +1,2103 @@
-.TH CONFIGURATION REFERENCE  "" "" ""
-.SH NAME
-Configuration Reference \- 
-.\" Man page generated from reStructeredText.
-.
-.sp
-\fBThis page is autogenerated; any changes will get overwritten\fP \fI(last generated on Wed Jul 14 14:33:09 \-0700 2010)\fP
-.SS Contents
-.INDENT 0.0
-.IP \(bu 2
-.
-\fI\%Specifying Configuration Parameters\fP
-.IP \(bu 2
-.
-\fI\%Signals\fP
-.IP \(bu 2
-.
-\fI\%Configuration Parameter Reference\fP
-.UNINDENT
-.SH SPECIFYING CONFIGURATION PARAMETERS
-.SS On The Command\-Line
-.sp
-Every Puppet executable (with the exception of \fBpuppetdoc\fP) accepts all of
-the parameters below, but not all of the arguments make sense for every executable.
-.sp
-I have tried to be as thorough as possible in the descriptions of the
-arguments, so it should be obvious whether an argument is appropriate or not.
-.sp
-These parameters can be supplied to the executables either as command\-line
-options or in the configuration file.  For instance, the command\-line
-invocation below would set the configuration directory to \fB/private/puppet\fP:
-.sp
+.\" generated with Ronn/v0.7.3
+.\" http://github.com/rtomayko/ronn/tree/0.7.3
+.
+.TH "PUPPETCONF" "5" "August 2010" "" ""
+\fBThis page is autogenerated; any changes will get overwritten\fR \fI(last generated on Sat Aug 28 14:00:20 \-0700 2010)\fR
+.
+.P
+{:toc}
+.
+.SH "Specifying Configuration Parameters"
+On The Command\-Line +++++++++++++++++++ Every Puppet executable (with the exception of \fBpuppetdoc\fR) accepts all of the parameters below, but not all of the arguments make sense for every executable\.
+.
+.P
+I have tried to be as thorough as possible in the descriptions of the arguments, so it should be obvious whether an argument is appropriate or not\.
+.
+.P
+These parameters can be supplied to the executables either as command\-line options or in the configuration file\. For instance, the command\-line invocation below would set the configuration directory to \fB/private/puppet\fR:
+.
+.IP "" 4
+.
 .nf
-.ft C
+
 $ puppet agent \-\-confdir=/private/puppet
-.ft P
+.
 .fi
-.sp
-Note that boolean options are turned on and off with a slightly different
-syntax on the command line:
-.sp
+.
+.IP "" 0
+.
+.P
+Note that boolean options are turned on and off with a slightly different syntax on the command line:
+.
+.IP "" 4
+.
 .nf
-.ft C
+
 $ puppet agent \-\-storeconfigs
 
 $ puppet agent \-\-no\-storeconfigs
-.ft P
+.
 .fi
-.sp
-The invocations above will enable and disable, respectively, the storage of
-the client configuration.
-.SS Configuration Files
-.sp
-As mentioned above, the configuration parameters can also be stored in a
-configuration file, located in the configuration directory.  As root, the
-default configuration directory is \fB/etc/puppet\fP, and as a regular user, the
-default configuration directory is \fB~user/.puppet\fP.  As of 0.23.0, all
-executables look for \fBpuppet.conf\fP in their configuration directory
-(although they previously looked for separate files).  For example,
-\fBpuppet.conf\fP is located at \fB/etc/puppet/puppet.conf\fP as root and
-\fB~user/.puppet/puppet.conf\fP as a regular user by default.
-.sp
-All executables will set any parameters set within the \fBmain\fP section,
-and each executable will also use one of the \fBmaster\fP, \fBagent\fP, or
-\fBuser\fP sections.
-.SS File Format
-.sp
-The file follows INI\-style formatting.  Here is an example of a very simple
-\fBpuppet.conf\fP file:
-.sp
+.
+.IP "" 0
+.
+.P
+The invocations above will enable and disable, respectively, the storage of the client configuration\.
+.
+.P
+Configuration Files +++++++++++++++++++
+.
+.P
+As mentioned above, the configuration parameters can also be stored in a configuration file, located in the configuration directory\. As root, the default configuration directory is \fB/etc/puppet\fR, and as a regular user, the default configuration directory is \fB~user/\.puppet\fR\. As of 0\.23\.0, all executables look for \fBpuppet\.conf\fR in their configuration directory (although they previously looked for separate files)\. For example, \fBpuppet\.conf\fR is located at \fB/etc/puppet/puppet\.conf\fR as \fBroot\fR and \fB~user/\.puppet/puppet\.conf\fR as a regular user by default\.
+.
+.P
+All executables will set any parameters set within the \fB[main]\fR section, and each executable will also use one of the \fB[master]\fR, \fB[agent]\fR\.
+.
+.P
+File Format \'\'\'\'\'\'\'\'\'\'\'
+.
+.P
+The file follows INI\-style formatting\. Here is an example of a very simple \fBpuppet\.conf\fR file:
+.
+.IP "" 4
+.
 .nf
-.ft C
+
 [main]
   confdir = /private/puppet
   storeconfigs = true
-.ft P
+.
 .fi
-.sp
-Note that boolean parameters must be explicitly specified as \fItrue\fP or
-\fIfalse\fP as seen above.
-.sp
-If you need to change file parameters (e.g., reset the mode or owner), do
-so within curly braces on the same line:
-.sp
+.
+.IP "" 0
+.
+.P
+Note that boolean parameters must be explicitly specified as \fBtrue\fR or \fBfalse\fR as seen above\.
+.
+.P
+If you need to change file parameters (e\.g\., reset the mode or owner), do so within curly braces on the same line:
+.
+.IP "" 4
+.
 .nf
-.ft C
+
 [main]
   myfile = /tmp/whatever {owner = root, mode = 644}
-.ft P
+.
 .fi
-.sp
-If you\(aqre starting out with a fresh configuration, you may wish to let
-the executable generate a template configuration file for you by invoking
-the executable in question with the \fI\-\-genconfig\fP command.  The executable
-will print a template configuration to standard output, which can be
-redirected to a file like so:
-.sp
+.
+.IP "" 0
+.
+.P
+If you\'re starting out with a fresh configuration, you may wish to let the executable generate a template configuration file for you by invoking the executable in question with the \fB\-\-genconfig\fR command\. The executable will print a template configuration to standard output, which can be redirected to a file like so:
+.
+.IP "" 4
+.
 .nf
-.ft C
-$ puppet agent \-\-genconfig > /etc/puppet/puppet.conf
-.ft P
+
+$ puppet agent \-\-genconfig > /etc/puppet/puppet\.conf
+.
 .fi
-.sp
-Note that this invocation will replace the contents of any pre\-existing
-\fIpuppet.conf\fP file, so make a backup of your present config if it contains
-valuable information.
-.sp
-Like the \fI\-\-genconfig\fP argument, the executables also accept a \fI\-\-genmanifest\fP
-argument, which will generate a manifest that can be used to manage all of
-Puppet\(aqs directories and files and prints it to standard output.  This can
-likewise be redirected to a file:
-.sp
+.
+.IP "" 0
+.
+.P
+Note that this invocation will replace the contents of any pre\-existing \fBpuppet\.conf\fR file, so make a backup of your present config if it contains valuable information\.
+.
+.P
+Like the \fB\-\-genconfig\fR argument, the executables also accept a \fB\-\-genmanifest\fR argument, which will generate a manifest that can be used to manage all of Puppet\'s directories and files and prints it to standard output\. This can likewise be redirected to a file:
+.
+.IP "" 4
+.
 .nf
-.ft C
-$ puppet agent \-\-genmanifest > /etc/puppet/manifests/site.pp
-.ft P
+
+$ puppet agent \-\-genmanifest > /etc/puppet/manifests/site\.pp
+.
 .fi
-.sp
-Puppet can also create user and group accounts for itself (one \fIpuppet\fP group
-and one \fIpuppet\fP user) if it is invoked as \fIroot\fP with the \fI\-\-mkusers\fP argument:
-.sp
+.
+.IP "" 0
+.
+.P
+Puppet can also create user and group accounts for itself (one \fBpuppet\fR group and one \fBpuppet\fR user) if it is invoked as \fBroot\fR with the \fB\-\-mkusers\fR argument:
+.
+.IP "" 4
+.
 .nf
-.ft C
+
 $ puppet agent \-\-mkusers
-.ft P
+.
 .fi
-.SH SIGNALS
-.sp
-The \fBpuppet agent\fP and \fBpuppet master\fP executables catch some signals for special
-handling.  Both daemons catch (\fBSIGHUP\fP), which forces the server to restart
-tself.  Predictably, interrupt and terminate (\fBSIGINT\fP and \fBSIGTERM\fP) will shut
-down the server, whether it be an instance of \fBpuppet agent\fP or \fBpuppet master\fP.
-.sp
-Sending the \fBSIGUSR1\fP signal to an instance of \fBpuppet agent\fP will cause it to
-immediately begin a new configuration transaction with the server.  This
-signal has no effect on \fBpuppet master\fP.
-.SH CONFIGURATION PARAMETER REFERENCE
-.sp
-Below is a list of all documented parameters.  Not all of them are valid with all
-Puppet executables, but the executables will ignore any inappropriate values.
-.SS async_storeconfigs
-.sp
-Whether to use a queueing system to provide asynchronous database integration. Requires that \fBpuppetqd\fP be running and that \(aqPSON\(aq support for ruby be installed.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS authconfig
-.sp
-The configuration file that defines the rights to the different namespaces and methods.  This can be used as a coarse\-grained authorization system for both \fBpuppet agent\fP and \fBpuppet master\fP.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $confdir/namespaceauth.conf
-.UNINDENT
-.SS autoflush
-.sp
-Whether log files should always flush to disk.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS autosign
-.sp
-Whether to enable autosign.  Valid values are true (which autosigns any key request, and is a very bad idea), false (which never autosigns any key request), and the path to a file, which uses that configuration file to determine which keys to sign.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $confdir/autosign.conf
-.UNINDENT
-.SS bindaddress
-.sp
-The address a listening server should bind to.  Mongrel servers default to 127.0.0.1 and WEBrick defaults to 0.0.0.0.
-.SS bucketdir
-.sp
-Where FileBucket files are stored.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/bucket
-.UNINDENT
-.SS ca
-.sp
-Wether the master should function as a certificate authority.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: true
-.UNINDENT
-.SS ca_days
-.sp
-How long a certificate should be valid. This parameter is deprecated, use ca_ttl instead
-.SS ca_md
-.sp
-The type of hash used in certificates.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: md5
-.UNINDENT
-.SS ca_name
-.sp
-The name to use the Certificate Authority certificate.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $certname
-.UNINDENT
-.SS ca_port
-.sp
-The port to use for the certificate authority.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $masterport
-.UNINDENT
-.SS ca_server
-.sp
-The server to use for certificate authority requests.  It\(aqs a separate server because it cannot and does not need to horizontally scale.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $server
-.UNINDENT
-.SS ca_ttl
-.sp
-The default TTL for new certificates; valid values must be an integer, optionally followed by one of the units \(aqy\(aq (years of 365 days), \(aqd\(aq (days), \(aqh\(aq (hours), or \(aqs\(aq (seconds). The unit defaults to seconds. If this parameter is set, ca_days is ignored. Examples are \(aq3600\(aq (one hour) and \(aq1825d\(aq, which is the same as \(aq5y\(aq (5 years)
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: 5y
-.UNINDENT
-.SS cacert
-.sp
-The CA certificate.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $cadir/ca_crt.pem
-.UNINDENT
-.SS cacrl
-.sp
-The certificate revocation list (CRL) for the CA. Will be used if present but otherwise ignored.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $cadir/ca_crl.pem
-.UNINDENT
-.SS cadir
-.sp
-The root directory for the certificate authority.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $ssldir/ca
-.UNINDENT
-.SS cakey
-.sp
-The CA private key.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $cadir/ca_key.pem
-.UNINDENT
-.SS capass
-.sp
+.
+.IP "" 0
+.
+.SH "Signals"
+The \fBpuppet agent\fR and \fBpuppet master\fR executables catch some signals for special handling\. Both daemons catch (\fBSIGHUP\fR), which forces the server to restart tself\. Predictably, interrupt and terminate (\fBSIGINT\fR and \fBSIGTERM\fR) will shut down the server, whether it be an instance of \fBpuppet agent\fR or \fBpuppet master\fR\.
+.
+.P
+Sending the \fBSIGUSR1\fR signal to an instance of \fBpuppet agent\fR will cause it to immediately begin a new configuration transaction with the server\. This signal has no effect on \fBpuppet master\fR\.
+.
+.SH "Configuration Parameter Reference"
+Below is a list of all documented parameters\. Not all of them are valid with all Puppet executables, but the executables will ignore any inappropriate values\.
+.
+.P
+async_storeconfigs ++++++++++++++++++
+.
+.P
+Whether to use a queueing system to provide asynchronous database integration\. Requires that \fBpuppetqd\fR be running and that \'PSON\' support for ruby be installed\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+authconfig ++++++++++
+.
+.P
+The configuration file that defines the rights to the different namespaces and methods\. This can be used as a coarse\-grained authorization system for both \fBpuppet agent\fR and \fBpuppet master\fR\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $confdir/namespaceauth\.conf
+.
+.IP "" 0
+.
+.P
+autoflush +++++++++
+.
+.P
+Whether log files should always flush to disk\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+autosign ++++++++
+.
+.P
+Whether to enable autosign\. Valid values are true (which autosigns any key request, and is a very bad idea), false (which never autosigns any key request), and the path to a file, which uses that configuration file to determine which keys to sign\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $confdir/autosign\.conf
+.
+.IP "" 0
+.
+.P
+bindaddress +++++++++++
+.
+.P
+The address a listening server should bind to\. Mongrel servers default to 127\.0\.0\.1 and WEBrick defaults to 0\.0\.0\.0\.
+.
+.P
+bucketdir +++++++++
+.
+.P
+Where FileBucket files are stored\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/bucket
+.
+.IP "" 0
+.
+.P
+ca ++
+.
+.P
+Wether the master should function as a certificate authority\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: true
+.
+.IP "" 0
+.
+.P
+ca_days +++++++
+.
+.P
+How long a certificate should be valid\. This parameter is deprecated, use ca_ttl instead
+.
+.P
+ca_md +++++
+.
+.P
+The type of hash used in certificates\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: md5
+.
+.IP "" 0
+.
+.P
+ca_name +++++++
+.
+.P
+The name to use the Certificate Authority certificate\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $certname
+.
+.IP "" 0
+.
+.P
+ca_port +++++++
+.
+.P
+The port to use for the certificate authority\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $masterport
+.
+.IP "" 0
+.
+.P
+ca_server +++++++++
+.
+.P
+The server to use for certificate authority requests\. It\'s a separate server because it cannot and does not need to horizontally scale\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $server
+.
+.IP "" 0
+.
+.P
+ca_ttl ++++++
+.
+.P
+The default TTL for new certificates; valid values must be an integer, optionally followed by one of the units \'y\' (years of 365 days), \'d\' (days), \'h\' (hours), or \'s\' (seconds)\. The unit defaults to seconds\. If this parameter is set, ca_days is ignored\. Examples are \'3600\' (one hour) and \'1825d\', which is the same as \'5y\' (5 years)
+.
+.IP "\(bu" 4
+\fIDefault\fR: 5y
+.
+.IP "" 0
+.
+.P
+cacert ++++++
+.
+.P
+The CA certificate\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $cadir/ca_crt\.pem
+.
+.IP "" 0
+.
+.P
+cacrl +++++
+.
+.P
+The certificate revocation list (CRL) for the CA\. Will be used if present but otherwise ignored\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $cadir/ca_crl\.pem
+.
+.IP "" 0
+.
+.P
+cadir +++++
+.
+.P
+The root directory for the certificate authority\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $ssldir/ca
+.
+.IP "" 0
+.
+.P
+cakey +++++
+.
+.P
+The CA private key\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $cadir/ca_key\.pem
+.
+.IP "" 0
+.
+.P
+capass ++++++
+.
+.P
 Where the CA stores the password for the private key
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $caprivatedir/ca.pass
-.UNINDENT
-.SS caprivatedir
-.sp
-Where the CA stores private certificate information.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $cadir/private
-.UNINDENT
-.SS capub
-.sp
-The CA public key.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $cadir/ca_pub.pem
-.UNINDENT
-.SS catalog_format
-.sp
-(Deprecated for \(aqpreferred_serialization_format\(aq) What format to use to dump the catalog.  Only supports \(aqmarshal\(aq and \(aqyaml\(aq.  Only matters on the client, since it asks the server for a specific format.
-.SS catalog_terminus
-.sp
-Where to get node catalogs.  This is useful to change if, for instance, you\(aqd like to pre\-compile catalogs and store them in memcached or some other easily\-accessed store.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: compiler
-.UNINDENT
-.SS cert_inventory
-.sp
+.
+.IP "\(bu" 4
+\fIDefault\fR: $caprivatedir/ca\.pass
+.
+.IP "" 0
+.
+.P
+caprivatedir ++++++++++++
+.
+.P
+Where the CA stores private certificate information\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $cadir/private
+.
+.IP "" 0
+.
+.P
+capub +++++
+.
+.P
+The CA public key\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $cadir/ca_pub\.pem
+.
+.IP "" 0
+.
+.P
+catalog_format ++++++++++++++
+.
+.P
+(Deprecated for \'preferred_serialization_format\') What format to use to dump the catalog\. Only supports \'marshal\' and \'yaml\'\. Only matters on the client, since it asks the server for a specific format\.
+.
+.P
+catalog_terminus ++++++++++++++++
+.
+.P
+Where to get node catalogs\. This is useful to change if, for instance, you\'d like to pre\-compile catalogs and store them in memcached or some other easily\-accessed store\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: compiler
+.
+.IP "" 0
+.
+.P
+cert_inventory ++++++++++++++
+.
+.P
 A Complete listing of all certificates
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $cadir/inventory.txt
-.UNINDENT
-.SS certdir
-.sp
-The certificate directory.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $ssldir/certs
-.UNINDENT
-.SS certdnsnames
-.sp
-The DNS names on the Server certificate as a colon\-separated list. If it\(aqs anything other than an empty string, it will be used as an alias in the created certificate.  By default, only the server gets an alias set up, and only for \(aqpuppet\(aq.
-.SS certificate_revocation
-.sp
-Whether certificate revocation should be supported by downloading a Certificate Revocation List (CRL) to all clients.  If enabled, CA chaining will almost definitely not work.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: true
-.UNINDENT
-.SS certname
-.sp
-The name to use when handling certificates.  Defaults to the fully qualified domain name.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: pelin.lovedthanlost.net
-.UNINDENT
-.SS classfile
-.sp
-The file in which puppet agent stores a list of the classes associated with the retrieved configuration.  Can be loaded in the separate \fBpuppet\fP executable using the \fB\-\-loadclasses\fP option.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $statedir/classes.txt
-.UNINDENT
-.SS client_datadir
-.sp
-The directory in which serialized data is stored on the client.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/client_data
-.UNINDENT
-.SS clientbucketdir
-.sp
-Where FileBucket files are stored locally.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/clientbucket
-.UNINDENT
-.SS clientyamldir
-.sp
-The directory in which client\-side YAML data is stored.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/client_yaml
-.UNINDENT
-.SS code
-.sp
-Code to parse directly.  This is essentially only used by \fBpuppet\fP, and should only be set if you\(aqre writing your own Puppet executable
-.SS color
-.sp
-Whether to use colors when logging to the console. Valid values are \fBansi\fP (equivalent to \fBtrue\fP), \fBhtml\fP (mostly used during testing with TextMate), and \fBfalse\fP, which produces no color.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: ansi
-.UNINDENT
-.SS confdir
-.sp
-The main Puppet configuration directory.  The default for this parameter is calculated based on the user.  If the process is running as root or the user that \fBpuppet master\fP is supposed to run as, it defaults to a system directory, but if it\(aqs running as any other user, it defaults to being in \fB~\fP.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: /etc/puppet
-.UNINDENT
-.SS config
-.sp
-The configuration file for doc.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $confdir/puppet.conf
-.UNINDENT
-.SS config_version
-.sp
-How to determine the configuration version.  By default, it will be the time that the configuration is parsed, but you can provide a shell script to override how the version is determined.  The output of this script will be added to every log message in the reports, allowing you to correlate changes on your hosts to the source version on the server.
-.SS configprint
-.sp
-Print the value of a specific configuration parameter.  If a parameter is provided for this, then the value is printed and puppet exits.  Comma\-separate multiple values.  For a list of all values, specify \(aqall\(aq.  This feature is only available in Puppet versions higher than 0.18.4.
-.SS configtimeout
-.sp
-How long the client should wait for the configuration to be retrieved before considering it a failure.  This can help reduce flapping if too many clients contact the server at one time.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: 120
-.UNINDENT
-.SS couchdb_url
-.sp
+.
+.IP "\(bu" 4
+\fIDefault\fR: $cadir/inventory\.txt
+.
+.IP "" 0
+.
+.P
+certdir +++++++
+.
+.P
+The certificate directory\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $ssldir/certs
+.
+.IP "" 0
+.
+.P
+certdnsnames ++++++++++++
+.
+.P
+The DNS names on the Server certificate as a colon\-separated list\. If it\'s anything other than an empty string, it will be used as an alias in the created certificate\. By default, only the server gets an alias set up, and only for \'puppet\'\.
+.
+.P
+certificate_revocation ++++++++++++++++++++++
+.
+.P
+Whether certificate revocation should be supported by downloading a Certificate Revocation List (CRL) to all clients\. If enabled, CA chaining will almost definitely not work\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: true
+.
+.IP "" 0
+.
+.P
+certname ++++++++
+.
+.P
+The name to use when handling certificates\. Defaults to the fully qualified domain name\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: pelin\.members\.linode\.com
+.
+.IP "" 0
+.
+.P
+classfile +++++++++
+.
+.P
+The file in which puppet agent stores a list of the classes associated with the retrieved configuration\. Can be loaded in the separate \fBpuppet\fR executable using the \fB\-\-loadclasses\fR option\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $statedir/classes\.txt
+.
+.IP "" 0
+.
+.P
+client_datadir ++++++++++++++
+.
+.P
+The directory in which serialized data is stored on the client\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/client_data
+.
+.IP "" 0
+.
+.P
+clientbucketdir +++++++++++++++
+.
+.P
+Where FileBucket files are stored locally\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/clientbucket
+.
+.IP "" 0
+.
+.P
+clientyamldir +++++++++++++
+.
+.P
+The directory in which client\-side YAML data is stored\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/client_yaml
+.
+.IP "" 0
+.
+.P
+code ++++
+.
+.P
+Code to parse directly\. This is essentially only used by \fBpuppet\fR, and should only be set if you\'re writing your own Puppet executable
+.
+.P
+color +++++
+.
+.P
+Whether to use colors when logging to the console\. Valid values are \fBansi\fR (equivalent to \fBtrue\fR), \fBhtml\fR (mostly used during testing with TextMate), and \fBfalse\fR, which produces no color\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: ansi
+.
+.IP "" 0
+.
+.P
+confdir +++++++
+.
+.P
+The main Puppet configuration directory\. The default for this parameter is calculated based on the user\. If the process is running as root or the user that \fBpuppet master\fR is supposed to run as, it defaults to a system directory, but if it\'s running as any other user, it defaults to being in \fB~\fR\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: /etc/puppet
+.
+.IP "" 0
+.
+.P
+config ++++++
+.
+.P
+The configuration file for doc\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $confdir/puppet\.conf
+.
+.IP "" 0
+.
+.P
+config_version ++++++++++++++
+.
+.P
+How to determine the configuration version\. By default, it will be the time that the configuration is parsed, but you can provide a shell script to override how the version is determined\. The output of this script will be added to every log message in the reports, allowing you to correlate changes on your hosts to the source version on the server\.
+.
+.P
+configprint +++++++++++
+.
+.P
+Print the value of a specific configuration parameter\. If a parameter is provided for this, then the value is printed and puppet exits\. Comma\-separate multiple values\. For a list of all values, specify \'all\'\. This feature is only available in Puppet versions higher than 0\.18\.4\.
+.
+.P
+configtimeout +++++++++++++
+.
+.P
+How long the client should wait for the configuration to be retrieved before considering it a failure\. This can help reduce flapping if too many clients contact the server at one time\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: 120
+.
+.IP "" 0
+.
+.P
+couchdb_url +++++++++++
+.
+.P
 The url where the puppet couchdb database will be created
-.INDENT 0.0
-.IP \(bu 2
 .
-\fBDefault\fP: \fI\%http://127.0.0.1:5984/puppet\fP
-.UNINDENT
-.SS csrdir
-.sp
+.IP "\(bu" 4
+\fIDefault\fR: http://127\.0\.0\.1:5984/puppet
+.
+.IP "" 0
+.
+.P
+csrdir ++++++
+.
+.P
 Where the CA stores certificate requests
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $cadir/requests
-.UNINDENT
-.SS daemonize
-.sp
-Send the process into the background.  This is the default.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: true
-.UNINDENT
-.SS dbadapter
-.sp
-The type of database to use.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: sqlite3
-.UNINDENT
-.SS dbconnections
-.sp
-The number of database connections. Only used when networked databases are used.  Will be ignored if the value is an empty string or is less than 1.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: 0
-.UNINDENT
-.SS dblocation
-.sp
-The database cache for client configurations.  Used for querying within the language.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $statedir/clientconfigs.sqlite3
-.UNINDENT
-.SS dbmigrate
-.sp
-Whether to automatically migrate the database.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS dbname
-.sp
-The name of the database to use.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: puppet
-.UNINDENT
-.SS dbpassword
-.sp
-The database password for caching. Only used when networked databases are used.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: puppet
-.UNINDENT
-.SS dbport
-.sp
-The database password for caching. Only used when networked databases are used.
-.SS dbserver
-.sp
-The database server for caching. Only used when networked databases are used.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: localhost
-.UNINDENT
-.SS dbsocket
-.sp
-The database socket location. Only used when networked databases are used.  Will be ignored if the value is an empty string.
-.SS dbuser
-.sp
-The database user for caching. Only used when networked databases are used.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: puppet
-.UNINDENT
-.SS diff
-.sp
-Which diff command to use when printing differences between files.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: diff
-.UNINDENT
-.SS diff_args
-.sp
-Which arguments to pass to the diff command when printing differences between files.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: \-u
-.UNINDENT
-.SS downcasefacts
-.sp
-Whether facts should be made all lowercase when sent to the server.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS dynamicfacts
-.sp
-Facts that are dynamic; these facts will be ignored when deciding whether changed facts should result in a recompile.  Multiple facts should be comma\-separated.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: memorysize,memoryfree,swapsize,swapfree
-.UNINDENT
-.SS environment
-.sp
-The environment Puppet is running in.  For clients (e.g., \fBpuppet agent\fP) this determines the environment itself, which is used to find modules and much more.  For servers (i.e., \fBpuppet master\fP) this provides the default environment for nodes we know nothing about.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: production
-.UNINDENT
-.SS evaltrace
-.sp
-Whether each resource should log when it is being evaluated.  This allows you to interactively see exactly what is being done.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS external_nodes
-.sp
-An external command that can produce node information.  The output must be a YAML dump of a hash, and that hash must have one or both of \fBclasses\fP and \fBparameters\fP, where \fBclasses\fP is an array and \fBparameters\fP is a hash.  For unknown nodes, the commands should exit with a non\-zero exit code. This command makes it straightforward to store your node mapping information in other data sources like databases.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: none
-.UNINDENT
-.SS factdest
-.sp
-Where Puppet should store facts that it pulls down from the central server.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/facts/
-.UNINDENT
-.SS factpath
-.sp
-Where Puppet should look for facts.  Multiple directories should be colon\-separated, like normal PATH variables.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/lib/facter/${\fI\%File::PATH_SEPARATOR\fP}$vardir/facts
-.UNINDENT
-.SS facts_terminus
-.sp
-Where to get node facts.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: facter
-.UNINDENT
-.SS factsignore
-.sp
-What files to ignore when pulling down facts.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: .svn CVS
-.UNINDENT
-.SS factsource
-.sp
-From where to retrieve facts.  The standard Puppet \fBfile\fP type is used for retrieval, so anything that is a valid file source can be used here.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: puppet://$server/facts/
-.UNINDENT
-.SS factsync
-.sp
-Whether facts should be synced with the central server.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS fileserverconfig
-.sp
-Where the fileserver configuration is stored.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $confdir/fileserver.conf
-.UNINDENT
-.SS filetimeout
-.sp
-The minimum time to wait (in seconds) between checking for updates in configuration files.  This timeout determines how quickly Puppet checks whether a file (such as manifests or templates) has changed on disk.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: 15
-.UNINDENT
-.SS freeze_main
-.sp
-Freezes the \(aqmain\(aq class, disallowing any code to be added to it.  This essentially means that you can\(aqt have any code outside of a node, class, or definition other than in the site manifest.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS genconfig
-.sp
-Whether to just print a configuration to stdout and exit.  Only makes sense when used interactively.  Takes into account arguments specified on the CLI.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS genmanifest
-.sp
-Whether to just print a manifest to stdout and exit.  Only makes sense when used interactively.  Takes into account arguments specified on the CLI.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS graph
-.sp
-Whether to create dot graph files for the different configuration graphs.  These dot files can be interpreted by tools like OmniGraffle or dot (which is part of ImageMagick).
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS graphdir
-.sp
-Where to store dot\-outputted graphs.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $statedir/graphs
-.UNINDENT
-.SS group
-.sp
-The group puppet master should run as.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: puppet
-.UNINDENT
-.SS hostcert
-.sp
-Where individual hosts store and look for their certificates.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $certdir/$certname.pem
-.UNINDENT
-.SS hostcrl
-.sp
-Where the host\(aqs certificate revocation list can be found. This is distinct from the certificate authority\(aqs CRL.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $ssldir/crl.pem
-.UNINDENT
-.SS hostcsr
-.sp
-Where individual hosts store and look for their certificate requests.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $ssldir/csr_$certname.pem
-.UNINDENT
-.SS hostprivkey
-.sp
-Where individual hosts store and look for their private key.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $privatekeydir/$certname.pem
-.UNINDENT
-.SS hostpubkey
-.sp
-Where individual hosts store and look for their public key.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $publickeydir/$certname.pem
-.UNINDENT
-.SS http_compression
-.sp
-Allow http compression in REST communication with the master. This setting might improve performance for agent \-> master communications over slow WANs. Your puppetmaster needs to support compression (usually by activating some settings in a reverse\-proxy in front of the puppetmaster, which rules out webrick). It is harmless to activate this settings if your master doesn\(aqt support compression, but if it supports it, this setting might reduce performance on high\-speed LANs.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS http_proxy_host
-.sp
-The HTTP proxy host to use for outgoing connections.  Note: You may need to use a FQDN for the server hostname when using a proxy.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: none
-.UNINDENT
-.SS http_proxy_port
-.sp
-The HTTP proxy port to use for outgoing connections
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: 3128
-.UNINDENT
-.SS httplog
-.sp
-Where the puppet agent web server logs.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $logdir/http.log
-.UNINDENT
-.SS ignorecache
-.sp
-Ignore cache and always recompile the configuration.  This is useful for testing new configurations, where the local cache may in fact be stale even if the timestamps are up to date \- if the facts change or if the server changes.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS ignoreimport
-.sp
-A parameter that can be used in commit hooks, since it enables you to parse\-check a single file rather than requiring that all files exist.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS ignoreschedules
-.sp
-Boolean; whether puppet agent should ignore schedules.  This is useful for initial puppet agent runs.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS keylength
-.sp
-The bit length of keys.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: 1024
-.UNINDENT
-.SS ldapattrs
-.sp
-The LDAP attributes to include when querying LDAP for nodes.  All returned attributes are set as variables in the top\-level scope. Multiple values should be comma\-separated.  The value \(aqall\(aq returns all attributes.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: all
-.UNINDENT
-.SS ldapbase
-.sp
-The search base for LDAP searches.  It\(aqs impossible to provide a meaningful default here, although the LDAP libraries might have one already set.  Generally, it should be the \(aqou=Hosts\(aq branch under your main directory.
-.SS ldapclassattrs
-.sp
-The LDAP attributes to use to define Puppet classes.  Values should be comma\-separated.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: puppetclass
-.UNINDENT
-.SS ldapnodes
-.sp
-Whether to search for node configurations in LDAP.  See \fI\%http://projects.puppetlabs.com/projects/puppet/wiki/LDAP_Nodes\fP for more information.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS ldapparentattr
-.sp
-The attribute to use to define the parent node.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: parentnode
-.UNINDENT
-.SS ldappassword
-.sp
-The password to use to connect to LDAP.
-.SS ldapport
-.sp
-The LDAP port.  Only used if \fBldapnodes\fP is enabled.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: 389
-.UNINDENT
-.SS ldapserver
-.sp
-The LDAP server.  Only used if \fBldapnodes\fP is enabled.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: ldap
-.UNINDENT
-.SS ldapssl
-.sp
-Whether SSL should be used when searching for nodes. Defaults to false because SSL usually requires certificates to be set up on the client side.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS ldapstackedattrs
-.sp
-The LDAP attributes that should be stacked to arrays by adding the values in all hierarchy elements of the tree.  Values should be comma\-separated.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: puppetvar
-.UNINDENT
-.SS ldapstring
-.sp
-The search string used to find an LDAP node.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: (&(objectclass=puppetClient)(cn=%s))
-.UNINDENT
-.SS ldaptls
-.sp
-Whether TLS should be used when searching for nodes. Defaults to false because TLS usually requires certificates to be set up on the client side.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS ldapuser
-.sp
-The user to use to connect to LDAP.  Must be specified as a full DN.
-.SS lexical
-.sp
-Whether to use lexical scoping (vs. dynamic).
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS libdir
-.sp
-An extra search path for Puppet.  This is only useful for those files that Puppet will load on demand, and is only guaranteed to work for those cases.  In fact, the autoload mechanism is responsible for making sure this directory is in Ruby\(aqs search path
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/lib
-.UNINDENT
-.SS listen
-.sp
-Whether puppet agent should listen for connections.  If this is true, then by default only the \fBrunner\fP server is started, which allows remote authorized and authenticated nodes to connect and trigger \fBpuppet agent\fP runs.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS localcacert
-.sp
-Where each client stores the CA certificate.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $certdir/ca.pem
-.UNINDENT
-.SS localconfig
-.sp
-Where puppet agent caches the local configuration.  An extension indicating the cache format is added automatically.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $statedir/localconfig
-.UNINDENT
-.SS logdir
-.sp
-The Puppet log directory.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/log
-.UNINDENT
-.SS manage_internal_file_permissions
-.sp
-Whether Puppet should manage the owner, group, and mode of files it uses internally
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: true
-.UNINDENT
-.SS manifest
-.sp
-The entry\-point manifest for puppet master.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $manifestdir/site.pp
-.UNINDENT
-.SS manifestdir
-.sp
-Where puppet master looks for its manifests.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $confdir/manifests
-.UNINDENT
-.SS masterhttplog
-.sp
-Where the puppet master web server logs.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $logdir/masterhttp.log
-.UNINDENT
-.SS masterlog
-.sp
-Where puppet master logs.  This is generally not used, since syslog is the default log destination.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $logdir/puppetmaster.log
-.UNINDENT
-.SS masterport
-.sp
-Which port puppet master listens on.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: 8140
-.UNINDENT
-.SS maximum_uid
-.sp
-The maximum allowed UID.  Some platforms use negative UIDs but then ship with tools that do not know how to handle signed ints, so the UIDs show up as huge numbers that can then not be fed back into the system.  This is a hackish way to fail in a slightly more useful way when that happens.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: 4294967290
-.UNINDENT
-.SS mkusers
-.sp
-Whether to create the necessary user and group that puppet agent will run as.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS mode
-.sp
-The effective \(aqrun mode\(aq of the application: master, agent, or user.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: master
-.UNINDENT
-.SS modulepath
-.sp
-The search path for modules as a colon\-separated list of directories.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $confdir/modules:/usr/share/puppet/modules
-.UNINDENT
-.SS name
-.sp
-The name of the application, if we are running as one.  The default is essentially $0 without the path or \fB.rb\fP.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: doc
-.UNINDENT
-.SS node_name
-.sp
-How the puppetmaster determines the client\(aqs identity and sets the \(aqhostname\(aq, \(aqfqdn\(aq and \(aqdomain\(aq facts for use in the manifest, in particular for determining which \(aqnode\(aq statement applies to the client. Possible values are \(aqcert\(aq (use the subject\(aqs CN in the client\(aqs certificate) and \(aqfacter\(aq (use the hostname that the client reported in its facts)
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: cert
-.UNINDENT
-.SS node_terminus
-.sp
-Where to find information about nodes.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: plain
-.UNINDENT
-.SS noop
-.sp
-Whether puppet agent should be run in noop mode.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS onetime
-.sp
-Run the configuration once, rather than as a long\-running daemon. This is useful for interactively running puppetd.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS parseonly
-.sp
-Just check the syntax of the manifests.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS passfile
-.sp
-Where puppet agent stores the password for its private key. Generally unused.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $privatedir/password
-.UNINDENT
-.SS path
-.sp
-The shell search path.  Defaults to whatever is inherited from the parent process.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: none
-.UNINDENT
-.SS pidfile
-.sp
-The pid file
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $rundir/$name.pid
-.UNINDENT
-.SS plugindest
-.sp
-Where Puppet should store plugins that it pulls down from the central server.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $libdir
-.UNINDENT
-.SS pluginsignore
-.sp
-What files to ignore when pulling down plugins.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: .svn CVS .git
-.UNINDENT
-.SS pluginsource
-.sp
-From where to retrieve plugins.  The standard Puppet \fBfile\fP type is used for retrieval, so anything that is a valid file source can be used here.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: puppet://$server/plugins
-.UNINDENT
-.SS pluginsync
-.sp
-Whether plugins should be synced with the central server.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS postrun_command
-.sp
-A command to run after every agent run.  If this command returns a non\-zero return code, the entire Puppet run will be considered to have failed, even though it might have performed work during the normal run.
-.SS preferred_serialization_format
-.sp
-The preferred means of serializing ruby instances for passing over the wire.  This won\(aqt guarantee that all instances will be serialized using this method, since not all classes can be guaranteed to support this format, but it will be used for all classes that support it.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: pson
-.UNINDENT
-.SS prerun_command
-.sp
-A command to run before every agent run.  If this command returns a non\-zero return code, the entire Puppet run will fail.
-.SS privatedir
-.sp
-Where the client stores private certificate information.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $ssldir/private
-.UNINDENT
-.SS privatekeydir
-.sp
-The private key directory.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $ssldir/private_keys
-.UNINDENT
-.SS publickeydir
-.sp
-The public key directory.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $ssldir/public_keys
-.UNINDENT
-.SS puppetdlockfile
-.sp
-A lock file to temporarily stop puppet agent from doing anything.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $statedir/puppetdlock
-.UNINDENT
-.SS puppetdlog
-.sp
-The log file for puppet agent.  This is generally not used.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $logdir/puppetd.log
-.UNINDENT
-.SS puppetport
-.sp
-Which port puppet agent listens on.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: 8139
-.UNINDENT
-.SS queue_source
-.sp
-Which type of queue to use for asynchronous processing.  If your stomp server requires authentication, you can include it in the URI as long as your stomp client library is at least 1.1.1
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: stomp://localhost:61613/
-.UNINDENT
-.SS queue_type
-.sp
-Which type of queue to use for asynchronous processing.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: stomp
-.UNINDENT
-.SS rails_loglevel
-.sp
-The log level for Rails connections.  The value must be a valid log level within Rails.  Production environments normally use \fBinfo\fP and other environments normally use \fBdebug\fP.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: info
-.UNINDENT
-.SS railslog
-.sp
-Where Rails\-specific logs are sent
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $logdir/rails.log
-.UNINDENT
-.SS report
-.sp
-Whether to send reports after every transaction.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS report_port
-.sp
-The port to communicate with the report_server.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $masterport
-.UNINDENT
-.SS report_server
-.sp
-The server to which to send transaction reports.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $server
-.UNINDENT
-.SS reportdir
-.sp
-The directory in which to store reports received from the client.  Each client gets a separate subdirectory.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/reports
-.UNINDENT
-.SS reportfrom
-.sp
-The \(aqfrom\(aq email address for the reports.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: \fI\%report@pelin.lovedthanlost.net\fP
-.UNINDENT
-.SS reports
-.sp
-The list of reports to generate.  All reports are looked for in puppet/reports/name.rb, and multiple report names should be comma\-separated (whitespace is okay).
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: store
-.UNINDENT
-.SS reportserver
-.sp
-(Deprecated for \(aqreport_server\(aq) The server to which to send transaction reports.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $server
-.UNINDENT
-.SS reporturl
-.sp
-The URL used by the http reports processor to send reports
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: \fI\%http://localhost:3000/reports\fP
-.UNINDENT
-.SS req_bits
-.sp
-The bit length of the certificates.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: 2048
-.UNINDENT
-.SS requestdir
-.sp
-Where host certificate requests are stored.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $ssldir/certificate_requests
-.UNINDENT
-.SS rest_authconfig
-.sp
-The configuration file that defines the rights to the different rest indirections.  This can be used as a fine\-grained authorization system for \fBpuppet master\fP.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $confdir/auth.conf
-.UNINDENT
-.SS rrddir
-.sp
-The directory where RRD database files are stored. Directories for each reporting host will be created under this directory.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/rrd
-.UNINDENT
-.SS rrdinterval
-.sp
-How often RRD should expect data. This should match how often the hosts report back to the server.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $runinterval
-.UNINDENT
-.SS rundir
-.sp
-Where Puppet PID files are kept.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/run
-.UNINDENT
-.SS runinterval
-.sp
-How often puppet agent applies the client configuration; in seconds.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: 1800
-.UNINDENT
-.SS sendmail
-.sp
-Where to find the sendmail binary with which to send email.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: /usr/sbin/sendmail
-.UNINDENT
-.SS serial
-.sp
-Where the serial number for certificates is stored.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $cadir/serial
-.UNINDENT
-.SS server
-.sp
-The server to which server puppet agent should connect
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: puppet
-.UNINDENT
-.SS server_datadir
-.sp
-The directory in which serialized data is stored, usually in a subdirectory.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/server_data
-.UNINDENT
-.SS servertype
-.sp
-The type of server to use.  Currently supported options are webrick and mongrel.  If you use mongrel, you will need a proxy in front of the process or processes, since Mongrel cannot speak SSL.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: webrick
-.UNINDENT
-.SS show_diff
-.sp
-Whether to print a contextual diff when files are being replaced.  The diff is printed on stdout, so this option is meaningless unless you are running Puppet interactively. This feature currently requires the \fBdiff/lcs\fP Ruby library.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS signeddir
-.sp
-Where the CA stores signed certificates.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $cadir/signed
-.UNINDENT
-.SS smtpserver
-.sp
-The server through which to send email reports.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: none
-.UNINDENT
-.SS splay
-.sp
-Whether to sleep for a pseudo\-random (but consistent) amount of time before a run.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS splaylimit
-.sp
-The maximum time to delay before runs.  Defaults to being the same as the run interval.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $runinterval
-.UNINDENT
-.SS ssl_client_header
-.sp
-The header containing an authenticated client\(aqs SSL DN.  Only used with Mongrel.  This header must be set by the proxy to the authenticated client\(aqs SSL DN (e.g., \fB/CN=puppet.puppetlabs.com\fP). See \fI\%http://projects.puppetlabs.com/projects/puppet/wiki/Using_Mongrel\fP for more information.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: HTTP_X_CLIENT_DN
-.UNINDENT
-.SS ssl_client_verify_header
-.sp
-The header containing the status message of the client verification. Only used with Mongrel.  This header must be set by the proxy to \(aqSUCCESS\(aq if the client successfully authenticated, and anything else otherwise. See \fI\%http://projects.puppetlabs.com/projects/puppet/wiki/Using_Mongrel\fP for more information.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: HTTP_X_CLIENT_VERIFY
-.UNINDENT
-.SS ssldir
-.sp
-Where SSL certificates are kept.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $confdir/ssl
-.UNINDENT
-.SS statedir
-.sp
-The directory where Puppet state is stored.  Generally, this directory can be removed without causing harm (although it might result in spurious service restarts).
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/state
-.UNINDENT
-.SS statefile
-.sp
-Where puppet agent and puppet master store state associated with the running configuration.  In the case of puppet master, this file reflects the state discovered through interacting with clients.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $statedir/state.yaml
-.UNINDENT
-.SS storeconfigs
-.sp
-Whether to store each client\(aqs configuration.  This requires ActiveRecord from Ruby on Rails.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS strict_hostname_checking
-.sp
-Whether to only search for the complete hostname as it is in the certificate when searching for node information in the catalogs.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS summarize
-.sp
-Whether to print a transaction summary.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS syslogfacility
-.sp
-What syslog facility to use when logging to syslog.  Syslog has a fixed list of valid facilities, and you must choose one of those; you cannot just make one up.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: daemon
-.UNINDENT
-.SS tagmap
-.sp
-The mapping between reporting tags and email addresses.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $confdir/tagmail.conf
-.UNINDENT
-.SS tags
-.sp
-Tags to use to find resources.  If this is set, then only resources tagged with the specified tags will be applied. Values must be comma\-separated.
-.SS templatedir
-.sp
-Where Puppet looks for template files.  Can be a list of colon\-seperated directories.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/templates
-.UNINDENT
-.SS thin_storeconfigs
-.sp
-Boolean; wether storeconfigs store in the database only the facts and exported resources. If true, then storeconfigs performance will be higher and still allow exported/collected resources, but other usage external to Puppet might not work
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS trace
-.sp
-Whether to print stack traces on some errors
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS use_cached_catalog
-.sp
-Whether to only use the cached catalog rather than compiling a new catalog on every run.  Puppet can be run with this enabled by default and then selectively disabled when a recompile is desired.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: false
-.UNINDENT
-.SS usecacheonfailure
-.sp
-Whether to use the cached configuration when the remote configuration will not compile.  This option is useful for testing new configurations, where you want to fix the broken configuration rather than reverting to a known\-good one.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: true
-.UNINDENT
-.SS user
-.sp
-The user puppet master should run as.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: puppet
-.UNINDENT
-.SS vardir
-.sp
-Where Puppet stores dynamic and growing data.  The default for this parameter is calculated specially, like \fI\%confdir\fP.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: /var/lib/puppet
-.UNINDENT
-.SS yamldir
-.sp
-The directory in which YAML data is stored, usually in a subdirectory.
-.INDENT 0.0
-.IP \(bu 2
-.
-\fBDefault\fP: $vardir/yaml
-.UNINDENT
-.SS zlib
-.sp
-Boolean; whether to use the zlib library
-.INDENT 0.0
-.IP \(bu 2
 .
-\fBDefault\fP: true
-.UNINDENT
-
-.sp
-.ce
-----
-
-.ce 0
-.sp
-.sp
-\fIThis page autogenerated on Wed Jul 14 14:33:09 \-0700 2010\fP
-.\" Generated by docutils manpage writer.
-.\" 
+.IP "\(bu" 4
+\fIDefault\fR: $cadir/requests
+.
+.IP "" 0
+.
+.P
+daemonize +++++++++
+.
+.P
+Send the process into the background\. This is the default\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: true
+.
+.IP "" 0
+.
+.P
+dbadapter +++++++++
+.
+.P
+The type of database to use\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: sqlite3
+.
+.IP "" 0
+.
+.P
+dbconnections +++++++++++++
+.
+.P
+The number of database connections\. Only used when networked databases are used\. Will be ignored if the value is an empty string or is less than 1\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: 0
+.
+.IP "" 0
+.
+.P
+dblocation ++++++++++
+.
+.P
+The database cache for client configurations\. Used for querying within the language\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $statedir/clientconfigs\.sqlite3
+.
+.IP "" 0
+.
+.P
+dbmigrate +++++++++
+.
+.P
+Whether to automatically migrate the database\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+dbname ++++++
+.
+.P
+The name of the database to use\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: puppet
+.
+.IP "" 0
+.
+.P
+dbpassword ++++++++++
+.
+.P
+The database password for caching\. Only used when networked databases are used\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: puppet
+.
+.IP "" 0
+.
+.P
+dbport ++++++
+.
+.P
+The database password for caching\. Only used when networked databases are used\.
+.
+.P
+dbserver ++++++++
+.
+.P
+The database server for caching\. Only used when networked databases are used\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: localhost
+.
+.IP "" 0
+.
+.P
+dbsocket ++++++++
+.
+.P
+The database socket location\. Only used when networked databases are used\. Will be ignored if the value is an empty string\.
+.
+.P
+dbuser ++++++
+.
+.P
+The database user for caching\. Only used when networked databases are used\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: puppet
+.
+.IP "" 0
+.
+.P
+diff ++++
+.
+.P
+Which diff command to use when printing differences between files\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: diff
+.
+.IP "" 0
+.
+.P
+diff_args +++++++++
+.
+.P
+Which arguments to pass to the diff command when printing differences between files\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: \-u
+.
+.IP "" 0
+.
+.P
+downcasefacts +++++++++++++
+.
+.P
+Whether facts should be made all lowercase when sent to the server\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+dynamicfacts ++++++++++++
+.
+.P
+Facts that are dynamic; these facts will be ignored when deciding whether changed facts should result in a recompile\. Multiple facts should be comma\-separated\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: memorysize,memoryfree,swapsize,swapfree
+.
+.IP "" 0
+.
+.P
+environment +++++++++++
+.
+.P
+The environment Puppet is running in\. For clients (e\.g\., \fBpuppet agent\fR) this determines the environment itself, which is used to find modules and much more\. For servers (i\.e\., \fBpuppet master\fR) this provides the default environment for nodes we know nothing about\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: production
+.
+.IP "" 0
+.
+.P
+evaltrace +++++++++
+.
+.P
+Whether each resource should log when it is being evaluated\. This allows you to interactively see exactly what is being done\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+external_nodes ++++++++++++++
+.
+.P
+An external command that can produce node information\. The output must be a YAML dump of a hash, and that hash must have one or both of \fBclasses\fR and \fBparameters\fR, where \fBclasses\fR is an array and \fBparameters\fR is a hash\. For unknown nodes, the commands should exit with a non\-zero exit code\. This command makes it straightforward to store your node mapping information in other data sources like databases\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: none
+.
+.IP "" 0
+.
+.P
+factdest ++++++++
+.
+.P
+Where Puppet should store facts that it pulls down from the central server\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/facts/
+.
+.IP "" 0
+.
+.P
+factpath ++++++++
+.
+.P
+Where Puppet should look for facts\. Multiple directories should be colon\-separated, like normal PATH variables\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/lib/facter:$vardir/facts
+.
+.IP "" 0
+.
+.P
+facts_terminus ++++++++++++++
+.
+.P
+The node facts terminus\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: facter
+.
+.IP "" 0
+.
+.P
+factsignore +++++++++++
+.
+.P
+What files to ignore when pulling down facts\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: \.svn CVS
+.
+.IP "" 0
+.
+.P
+factsource ++++++++++
+.
+.P
+From where to retrieve facts\. The standard Puppet \fBfile\fR type is used for retrieval, so anything that is a valid file source can be used here\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: puppet://$server/facts/
+.
+.IP "" 0
+.
+.P
+factsync ++++++++
+.
+.P
+Whether facts should be synced with the central server\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+fileserverconfig ++++++++++++++++
+.
+.P
+Where the fileserver configuration is stored\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $confdir/fileserver\.conf
+.
+.IP "" 0
+.
+.P
+filetimeout +++++++++++
+.
+.P
+The minimum time to wait (in seconds) between checking for updates in configuration files\. This timeout determines how quickly Puppet checks whether a file (such as manifests or templates) has changed on disk\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: 15
+.
+.IP "" 0
+.
+.P
+freeze_main +++++++++++
+.
+.P
+Freezes the \'main\' class, disallowing any code to be added to it\. This essentially means that you can\'t have any code outside of a node, class, or definition other than in the site manifest\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+genconfig +++++++++
+.
+.P
+Whether to just print a configuration to stdout and exit\. Only makes sense when used interactively\. Takes into account arguments specified on the CLI\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+genmanifest +++++++++++
+.
+.P
+Whether to just print a manifest to stdout and exit\. Only makes sense when used interactively\. Takes into account arguments specified on the CLI\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+graph +++++
+.
+.P
+Whether to create dot graph files for the different configuration graphs\. These dot files can be interpreted by tools like OmniGraffle or dot (which is part of ImageMagick)\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+graphdir ++++++++
+.
+.P
+Where to store dot\-outputted graphs\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $statedir/graphs
+.
+.IP "" 0
+.
+.P
+group +++++
+.
+.P
+The group puppet master should run as\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: puppet
+.
+.IP "" 0
+.
+.P
+hostcert ++++++++
+.
+.P
+Where individual hosts store and look for their certificates\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $certdir/$certname\.pem
+.
+.IP "" 0
+.
+.P
+hostcrl +++++++
+.
+.P
+Where the host\'s certificate revocation list can be found\. This is distinct from the certificate authority\'s CRL\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $ssldir/crl\.pem
+.
+.IP "" 0
+.
+.P
+hostcsr +++++++
+.
+.P
+Where individual hosts store and look for their certificate requests\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $ssldir/csr_$certname\.pem
+.
+.IP "" 0
+.
+.P
+hostprivkey +++++++++++
+.
+.P
+Where individual hosts store and look for their private key\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $privatekeydir/$certname\.pem
+.
+.IP "" 0
+.
+.P
+hostpubkey ++++++++++
+.
+.P
+Where individual hosts store and look for their public key\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $publickeydir/$certname\.pem
+.
+.IP "" 0
+.
+.P
+http_compression ++++++++++++++++
+.
+.P
+Allow http compression in REST communication with the master\. This setting might improve performance for agent \-> master communications over slow WANs\. Your puppetmaster needs to support compression (usually by activating some settings in a reverse\-proxy in front of the puppetmaster, which rules out webrick)\. It is harmless to activate this settings if your master doesn\'t support compression, but if it supports it, this setting might reduce performance on high\-speed LANs\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+http_proxy_host +++++++++++++++
+.
+.P
+The HTTP proxy host to use for outgoing connections\. Note: You may need to use a FQDN for the server hostname when using a proxy\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: none
+.
+.IP "" 0
+.
+.P
+http_proxy_port +++++++++++++++
+.
+.P
+The HTTP proxy port to use for outgoing connections
+.
+.IP "\(bu" 4
+\fIDefault\fR: 3128
+.
+.IP "" 0
+.
+.P
+httplog +++++++
+.
+.P
+Where the puppet agent web server logs\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $logdir/http\.log
+.
+.IP "" 0
+.
+.P
+ignorecache +++++++++++
+.
+.P
+Ignore cache and always recompile the configuration\. This is useful for testing new configurations, where the local cache may in fact be stale even if the timestamps are up to date \- if the facts change or if the server changes\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+ignoreimport ++++++++++++
+.
+.P
+A parameter that can be used in commit hooks, since it enables you to parse\-check a single file rather than requiring that all files exist\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+ignoreschedules +++++++++++++++
+.
+.P
+Boolean; whether puppet agent should ignore schedules\. This is useful for initial puppet agent runs\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+keylength +++++++++
+.
+.P
+The bit length of keys\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: 1024
+.
+.IP "" 0
+.
+.P
+ldapattrs +++++++++
+.
+.P
+The LDAP attributes to include when querying LDAP for nodes\. All returned attributes are set as variables in the top\-level scope\. Multiple values should be comma\-separated\. The value \'all\' returns all attributes\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: all
+.
+.IP "" 0
+.
+.P
+ldapbase ++++++++
+.
+.P
+The search base for LDAP searches\. It\'s impossible to provide a meaningful default here, although the LDAP libraries might have one already set\. Generally, it should be the \'ou=Hosts\' branch under your main directory\.
+.
+.P
+ldapclassattrs ++++++++++++++
+.
+.P
+The LDAP attributes to use to define Puppet classes\. Values should be comma\-separated\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: puppetclass
+.
+.IP "" 0
+.
+.P
+ldapnodes +++++++++
+.
+.P
+Whether to search for node configurations in LDAP\. See http://projects\.puppetlabs\.com/projects/puppet/wiki/LDAP_Nodes for more information\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+ldapparentattr ++++++++++++++
+.
+.P
+The attribute to use to define the parent node\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: parentnode
+.
+.IP "" 0
+.
+.P
+ldappassword ++++++++++++
+.
+.P
+The password to use to connect to LDAP\.
+.
+.P
+ldapport ++++++++
+.
+.P
+The LDAP port\. Only used if \fBldapnodes\fR is enabled\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: 389
+.
+.IP "" 0
+.
+.P
+ldapserver ++++++++++
+.
+.P
+The LDAP server\. Only used if \fBldapnodes\fR is enabled\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: ldap
+.
+.IP "" 0
+.
+.P
+ldapssl +++++++
+.
+.P
+Whether SSL should be used when searching for nodes\. Defaults to false because SSL usually requires certificates to be set up on the client side\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+ldapstackedattrs ++++++++++++++++
+.
+.P
+The LDAP attributes that should be stacked to arrays by adding the values in all hierarchy elements of the tree\. Values should be comma\-separated\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: puppetvar
+.
+.IP "" 0
+.
+.P
+ldapstring ++++++++++
+.
+.P
+The search string used to find an LDAP node\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: (&(objectclass=puppetClient)(cn=%s))
+.
+.IP "" 0
+.
+.P
+ldaptls +++++++
+.
+.P
+Whether TLS should be used when searching for nodes\. Defaults to false because TLS usually requires certificates to be set up on the client side\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+ldapuser ++++++++
+.
+.P
+The user to use to connect to LDAP\. Must be specified as a full DN\.
+.
+.P
+lexical +++++++
+.
+.P
+Whether to use lexical scoping (vs\. dynamic)\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+libdir ++++++
+.
+.P
+An extra search path for Puppet\. This is only useful for those files that Puppet will load on demand, and is only guaranteed to work for those cases\. In fact, the autoload mechanism is responsible for making sure this directory is in Ruby\'s search path
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/lib
+.
+.IP "" 0
+.
+.P
+listen ++++++
+.
+.P
+Whether puppet agent should listen for connections\. If this is true, then by default only the \fBrunner\fR server is started, which allows remote authorized and authenticated nodes to connect and trigger \fBpuppet agent\fR runs\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+localcacert +++++++++++
+.
+.P
+Where each client stores the CA certificate\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $certdir/ca\.pem
+.
+.IP "" 0
+.
+.P
+localconfig +++++++++++
+.
+.P
+Where puppet agent caches the local configuration\. An extension indicating the cache format is added automatically\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $statedir/localconfig
+.
+.IP "" 0
+.
+.P
+logdir ++++++
+.
+.P
+The Puppet log directory\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/log
+.
+.IP "" 0
+.
+.P
+manage_internal_file_permissions ++++++++++++++++++++++++++++++++
+.
+.P
+Whether Puppet should manage the owner, group, and mode of files it uses internally
+.
+.IP "\(bu" 4
+\fIDefault\fR: true
+.
+.IP "" 0
+.
+.P
+manifest ++++++++
+.
+.P
+The entry\-point manifest for puppet master\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $manifestdir/site\.pp
+.
+.IP "" 0
+.
+.P
+manifestdir +++++++++++
+.
+.P
+Where puppet master looks for its manifests\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $confdir/manifests
+.
+.IP "" 0
+.
+.P
+masterhttplog +++++++++++++
+.
+.P
+Where the puppet master web server logs\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $logdir/masterhttp\.log
+.
+.IP "" 0
+.
+.P
+masterlog +++++++++
+.
+.P
+Where puppet master logs\. This is generally not used, since syslog is the default log destination\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $logdir/puppetmaster\.log
+.
+.IP "" 0
+.
+.P
+masterport ++++++++++
+.
+.P
+Which port puppet master listens on\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: 8140
+.
+.IP "" 0
+.
+.P
+maximum_uid +++++++++++
+.
+.P
+The maximum allowed UID\. Some platforms use negative UIDs but then ship with tools that do not know how to handle signed ints, so the UIDs show up as huge numbers that can then not be fed back into the system\. This is a hackish way to fail in a slightly more useful way when that happens\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: 4294967290
+.
+.IP "" 0
+.
+.P
+mkusers +++++++
+.
+.P
+Whether to create the necessary user and group that puppet agent will run as\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+modulepath ++++++++++
+.
+.P
+The search path for modules as a colon\-separated list of directories\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $confdir/modules:/usr/share/puppet/modules
+.
+.IP "" 0
+.
+.P
+name ++++
+.
+.P
+The name of the application, if we are running as one\. The default is essentially $0 without the path or \fB\.rb\fR\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: doc
+.
+.IP "" 0
+.
+.P
+node_name +++++++++
+.
+.P
+How the puppetmaster determines the client\'s identity and sets the \'hostname\', \'fqdn\' and \'domain\' facts for use in the manifest, in particular for determining which \'node\' statement applies to the client\. Possible values are \'cert\' (use the subject\'s CN in the client\'s certificate) and \'facter\' (use the hostname that the client reported in its facts)
+.
+.IP "\(bu" 4
+\fIDefault\fR: cert
+.
+.IP "" 0
+.
+.P
+node_terminus +++++++++++++
+.
+.P
+Where to find information about nodes\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: plain
+.
+.IP "" 0
+.
+.P
+noop ++++
+.
+.P
+Whether puppet agent should be run in noop mode\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+onetime +++++++
+.
+.P
+Run the configuration once, rather than as a long\-running daemon\. This is useful for interactively running puppetd\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+parseonly +++++++++
+.
+.P
+Just check the syntax of the manifests\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+passfile ++++++++
+.
+.P
+Where puppet agent stores the password for its private key\. Generally unused\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $privatedir/password
+.
+.IP "" 0
+.
+.P
+path ++++
+.
+.P
+The shell search path\. Defaults to whatever is inherited from the parent process\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: none
+.
+.IP "" 0
+.
+.P
+pidfile +++++++
+.
+.P
+The pid file
+.
+.IP "\(bu" 4
+\fIDefault\fR: $rundir/$name\.pid
+.
+.IP "" 0
+.
+.P
+plugindest ++++++++++
+.
+.P
+Where Puppet should store plugins that it pulls down from the central server\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $libdir
+.
+.IP "" 0
+.
+.P
+pluginsignore +++++++++++++
+.
+.P
+What files to ignore when pulling down plugins\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: \.svn CVS \.git
+.
+.IP "" 0
+.
+.P
+pluginsource ++++++++++++
+.
+.P
+From where to retrieve plugins\. The standard Puppet \fBfile\fR type is used for retrieval, so anything that is a valid file source can be used here\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: puppet://$server/plugins
+.
+.IP "" 0
+.
+.P
+pluginsync ++++++++++
+.
+.P
+Whether plugins should be synced with the central server\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+postrun_command +++++++++++++++
+.
+.P
+A command to run after every agent run\. If this command returns a non\-zero return code, the entire Puppet run will be considered to have failed, even though it might have performed work during the normal run\.
+.
+.P
+preferred_serialization_format ++++++++++++++++++++++++++++++
+.
+.P
+The preferred means of serializing ruby instances for passing over the wire\. This won\'t guarantee that all instances will be serialized using this method, since not all classes can be guaranteed to support this format, but it will be used for all classes that support it\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: pson
+.
+.IP "" 0
+.
+.P
+prerun_command ++++++++++++++
+.
+.P
+A command to run before every agent run\. If this command returns a non\-zero return code, the entire Puppet run will fail\.
+.
+.P
+privatedir ++++++++++
+.
+.P
+Where the client stores private certificate information\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $ssldir/private
+.
+.IP "" 0
+.
+.P
+privatekeydir +++++++++++++
+.
+.P
+The private key directory\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $ssldir/private_keys
+.
+.IP "" 0
+.
+.P
+publickeydir ++++++++++++
+.
+.P
+The public key directory\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $ssldir/public_keys
+.
+.IP "" 0
+.
+.P
+puppetdlockfile +++++++++++++++
+.
+.P
+A lock file to temporarily stop puppet agent from doing anything\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $statedir/puppetdlock
+.
+.IP "" 0
+.
+.P
+puppetdlog ++++++++++
+.
+.P
+The log file for puppet agent\. This is generally not used\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $logdir/puppetd\.log
+.
+.IP "" 0
+.
+.P
+puppetport ++++++++++
+.
+.P
+Which port puppet agent listens on\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: 8139
+.
+.IP "" 0
+.
+.P
+queue_source ++++++++++++
+.
+.P
+Which type of queue to use for asynchronous processing\. If your stomp server requires authentication, you can include it in the URI as long as your stomp client library is at least 1\.1\.1
+.
+.IP "\(bu" 4
+\fIDefault\fR: stomp://localhost:61613/
+.
+.IP "" 0
+.
+.P
+queue_type ++++++++++
+.
+.P
+Which type of queue to use for asynchronous processing\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: stomp
+.
+.IP "" 0
+.
+.P
+rails_loglevel ++++++++++++++
+.
+.P
+The log level for Rails connections\. The value must be a valid log level within Rails\. Production environments normally use \fBinfo\fR and other environments normally use \fBdebug\fR\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: info
+.
+.IP "" 0
+.
+.P
+railslog ++++++++
+.
+.P
+Where Rails\-specific logs are sent
+.
+.IP "\(bu" 4
+\fIDefault\fR: $logdir/rails\.log
+.
+.IP "" 0
+.
+.P
+report ++++++
+.
+.P
+Whether to send reports after every transaction\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+report_port +++++++++++
+.
+.P
+The port to communicate with the report_server\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $masterport
+.
+.IP "" 0
+.
+.P
+report_server +++++++++++++
+.
+.P
+The server to which to send transaction reports\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $server
+.
+.IP "" 0
+.
+.P
+reportdir +++++++++
+.
+.P
+The directory in which to store reports received from the client\. Each client gets a separate subdirectory\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/reports
+.
+.IP "" 0
+.
+.P
+reportfrom ++++++++++
+.
+.P
+The \'from\' email address for the reports\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: report@pelin\.members\.linode\.com
+.
+.IP "" 0
+.
+.P
+reports +++++++
+.
+.P
+The list of reports to generate\. All reports are looked for in \fBpuppet/reports/name\.rb\fR, and multiple report names should be comma\-separated (whitespace is okay)\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: store
+.
+.IP "" 0
+.
+.P
+reportserver ++++++++++++
+.
+.P
+(Deprecated for \'report_server\') The server to which to send transaction reports\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $server
+.
+.IP "" 0
+.
+.P
+reporturl +++++++++
+.
+.P
+The URL used by the http reports processor to send reports
+.
+.IP "\(bu" 4
+\fIDefault\fR: http://localhost:3000/reports
+.
+.IP "" 0
+.
+.P
+req_bits ++++++++
+.
+.P
+The bit length of the certificates\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: 2048
+.
+.IP "" 0
+.
+.P
+requestdir ++++++++++
+.
+.P
+Where host certificate requests are stored\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $ssldir/certificate_requests
+.
+.IP "" 0
+.
+.P
+rest_authconfig +++++++++++++++
+.
+.P
+The configuration file that defines the rights to the different rest indirections\. This can be used as a fine\-grained authorization system for \fBpuppet master\fR\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $confdir/auth\.conf
+.
+.IP "" 0
+.
+.P
+rrddir ++++++
+.
+.P
+The directory where RRD database files are stored\. Directories for each reporting host will be created under this directory\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/rrd
+.
+.IP "" 0
+.
+.P
+rrdinterval +++++++++++
+.
+.P
+How often RRD should expect data\. This should match how often the hosts report back to the server\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $runinterval
+.
+.IP "" 0
+.
+.P
+run_mode ++++++++
+.
+.P
+The effective \'run mode\' of the application: master, agent, or user\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: master
+.
+.IP "" 0
+.
+.P
+rundir ++++++
+.
+.P
+Where Puppet PID files are kept\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/run
+.
+.IP "" 0
+.
+.P
+runinterval +++++++++++
+.
+.P
+How often puppet agent applies the client configuration; in seconds\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: 1800
+.
+.IP "" 0
+.
+.P
+sendmail ++++++++
+.
+.P
+Where to find the sendmail binary with which to send email\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: /usr/sbin/sendmail
+.
+.IP "" 0
+.
+.P
+serial ++++++
+.
+.P
+Where the serial number for certificates is stored\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $cadir/serial
+.
+.IP "" 0
+.
+.P
+server ++++++
+.
+.P
+The server to which server puppet agent should connect
+.
+.IP "\(bu" 4
+\fIDefault\fR: puppet
+.
+.IP "" 0
+.
+.P
+server_datadir ++++++++++++++
+.
+.P
+The directory in which serialized data is stored, usually in a subdirectory\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/server_data
+.
+.IP "" 0
+.
+.P
+servertype ++++++++++
+.
+.P
+The type of server to use\. Currently supported options are webrick and mongrel\. If you use mongrel, you will need a proxy in front of the process or processes, since Mongrel cannot speak SSL\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: webrick
+.
+.IP "" 0
+.
+.P
+show_diff +++++++++
+.
+.P
+Whether to print a contextual diff when files are being replaced\. The diff is printed on stdout, so this option is meaningless unless you are running Puppet interactively\. This feature currently requires the \fBdiff/lcs\fR Ruby library\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+signeddir +++++++++
+.
+.P
+Where the CA stores signed certificates\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $cadir/signed
+.
+.IP "" 0
+.
+.P
+smtpserver ++++++++++
+.
+.P
+The server through which to send email reports\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: none
+.
+.IP "" 0
+.
+.P
+splay +++++
+.
+.P
+Whether to sleep for a pseudo\-random (but consistent) amount of time before a run\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+splaylimit ++++++++++
+.
+.P
+The maximum time to delay before runs\. Defaults to being the same as the run interval\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $runinterval
+.
+.IP "" 0
+.
+.P
+ssl_client_header +++++++++++++++++
+.
+.P
+The header containing an authenticated client\'s SSL DN\. Only used with Mongrel\. This header must be set by the proxy to the authenticated client\'s SSL DN (e\.g\., \fB/CN=puppet\.puppetlabs\.com\fR)\. See http://projects\.puppetlabs\.com/projects/puppet/wiki/Using_Mongrel for more information\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: HTTP_X_CLIENT_DN
+.
+.IP "" 0
+.
+.P
+ssl_client_verify_header ++++++++++++++++++++++++
+.
+.P
+The header containing the status message of the client verification\. Only used with Mongrel\. This header must be set by the proxy to \'SUCCESS\' if the client successfully authenticated, and anything else otherwise\. See http://projects\.puppetlabs\.com/projects/puppet/wiki/Using_Mongrel for more information\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: HTTP_X_CLIENT_VERIFY
+.
+.IP "" 0
+.
+.P
+ssldir ++++++
+.
+.P
+Where SSL certificates are kept\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $confdir/ssl
+.
+.IP "" 0
+.
+.P
+statedir ++++++++
+.
+.P
+The directory where Puppet state is stored\. Generally, this directory can be removed without causing harm (although it might result in spurious service restarts)\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/state
+.
+.IP "" 0
+.
+.P
+statefile +++++++++
+.
+.P
+Where puppet agent and puppet master store state associated with the running configuration\. In the case of puppet master, this file reflects the state discovered through interacting with clients\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $statedir/state\.yaml
+.
+.IP "" 0
+.
+.P
+storeconfigs ++++++++++++
+.
+.P
+Whether to store each client\'s configuration\. This requires ActiveRecord from Ruby on Rails\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+strict_hostname_checking ++++++++++++++++++++++++
+.
+.P
+Whether to only search for the complete hostname as it is in the certificate when searching for node information in the catalogs\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+summarize +++++++++
+.
+.P
+Whether to print a transaction summary\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+syslogfacility ++++++++++++++
+.
+.P
+What syslog facility to use when logging to syslog\. Syslog has a fixed list of valid facilities, and you must choose one of those; you cannot just make one up\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: daemon
+.
+.IP "" 0
+.
+.P
+tagmap ++++++
+.
+.P
+The mapping between reporting tags and email addresses\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $confdir/tagmail\.conf
+.
+.IP "" 0
+.
+.P
+tags ++++
+.
+.P
+Tags to use to find resources\. If this is set, then only resources tagged with the specified tags will be applied\. Values must be comma\-separated\.
+.
+.P
+templatedir +++++++++++
+.
+.P
+Where Puppet looks for template files\. Can be a list of colon\-seperated directories\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/templates
+.
+.IP "" 0
+.
+.P
+thin_storeconfigs +++++++++++++++++
+.
+.P
+Boolean; wether storeconfigs store in the database only the facts and exported resources\. If true, then storeconfigs performance will be higher and still allow exported/collected resources, but other usage external to Puppet might not work
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+trace +++++
+.
+.P
+Whether to print stack traces on some errors
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+use_cached_catalog ++++++++++++++++++
+.
+.P
+Whether to only use the cached catalog rather than compiling a new catalog on every run\. Puppet can be run with this enabled by default and then selectively disabled when a recompile is desired\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: false
+.
+.IP "" 0
+.
+.P
+usecacheonfailure +++++++++++++++++
+.
+.P
+Whether to use the cached configuration when the remote configuration will not compile\. This option is useful for testing new configurations, where you want to fix the broken configuration rather than reverting to a known\-good one\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: true
+.
+.IP "" 0
+.
+.P
+user ++++
+.
+.P
+The user puppet master should run as\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: puppet
+.
+.IP "" 0
+.
+.P
+vardir ++++++
+.
+.P
+Where Puppet stores dynamic and growing data\. The default for this parameter is calculated specially, like \fBconfdir\fR_\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: /var/lib/puppet
+.
+.IP "" 0
+.
+.P
+yamldir +++++++
+.
+.P
+The directory in which YAML data is stored, usually in a subdirectory\.
+.
+.IP "\(bu" 4
+\fIDefault\fR: $vardir/yaml
+.
+.IP "" 0
+.
+.P
+zlib ++++
+.
+.P
+Boolean; whether to use the zlib library
+.
+.IP "\(bu" 4
+\fIDefault\fR: true
+.
+.IP "" 0
 .
+.P
+\fIThis page autogenerated on Sat Aug 28 14:00:20 \-0700 2010\fR