puppet 6.22.1-universal-darwin → 6.23.0-universal-darwin

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (129) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +14 -14
  3. data/ext/osx/puppet.plist +2 -0
  4. data/lib/puppet/application/agent.rb +12 -5
  5. data/lib/puppet/application/apply.rb +2 -1
  6. data/lib/puppet/application/device.rb +2 -1
  7. data/lib/puppet/application/resource.rb +2 -1
  8. data/lib/puppet/application/script.rb +2 -1
  9. data/lib/puppet/configurer/downloader.rb +2 -1
  10. data/lib/puppet/defaults.rb +5 -3
  11. data/lib/puppet/file_serving/fileset.rb +14 -2
  12. data/lib/puppet/functions/all.rb +1 -1
  13. data/lib/puppet/functions/camelcase.rb +1 -1
  14. data/lib/puppet/functions/capitalize.rb +2 -2
  15. data/lib/puppet/functions/downcase.rb +2 -2
  16. data/lib/puppet/functions/get.rb +5 -5
  17. data/lib/puppet/functions/group_by.rb +13 -5
  18. data/lib/puppet/functions/lest.rb +1 -1
  19. data/lib/puppet/functions/new.rb +100 -100
  20. data/lib/puppet/functions/partition.rb +4 -4
  21. data/lib/puppet/functions/require.rb +5 -5
  22. data/lib/puppet/functions/sort.rb +3 -3
  23. data/lib/puppet/functions/tree_each.rb +7 -9
  24. data/lib/puppet/functions/type.rb +4 -4
  25. data/lib/puppet/functions/upcase.rb +2 -2
  26. data/lib/puppet/http/resolver/server_list.rb +15 -4
  27. data/lib/puppet/http/service/compiler.rb +69 -0
  28. data/lib/puppet/http/service/file_server.rb +2 -1
  29. data/lib/puppet/indirector/catalog/compiler.rb +1 -0
  30. data/lib/puppet/indirector/file_metadata/rest.rb +1 -0
  31. data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
  32. data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
  33. data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
  34. data/lib/puppet/provider/package/nim.rb +11 -6
  35. data/lib/puppet/provider/service/systemd.rb +13 -3
  36. data/lib/puppet/provider/service/windows.rb +38 -0
  37. data/lib/puppet/provider/user/directoryservice.rb +25 -12
  38. data/lib/puppet/reference/configuration.rb +1 -1
  39. data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
  40. data/lib/puppet/type/file/selcontext.rb +1 -1
  41. data/lib/puppet/type/file.rb +19 -1
  42. data/lib/puppet/type/service.rb +18 -38
  43. data/lib/puppet/type/tidy.rb +21 -2
  44. data/lib/puppet/type/user.rb +38 -20
  45. data/lib/puppet/util/selinux.rb +30 -4
  46. data/lib/puppet/version.rb +1 -1
  47. data/locales/puppet.pot +109 -101
  48. data/man/man5/puppet.conf.5 +272 -252
  49. data/man/man8/puppet-agent.8 +1 -1
  50. data/man/man8/puppet-apply.8 +1 -1
  51. data/man/man8/puppet-catalog.8 +1 -1
  52. data/man/man8/puppet-config.8 +1 -1
  53. data/man/man8/puppet-describe.8 +1 -1
  54. data/man/man8/puppet-device.8 +1 -1
  55. data/man/man8/puppet-doc.8 +1 -1
  56. data/man/man8/puppet-epp.8 +1 -1
  57. data/man/man8/puppet-facts.8 +1 -1
  58. data/man/man8/puppet-filebucket.8 +1 -1
  59. data/man/man8/puppet-generate.8 +1 -1
  60. data/man/man8/puppet-help.8 +1 -1
  61. data/man/man8/puppet-key.8 +1 -1
  62. data/man/man8/puppet-lookup.8 +1 -1
  63. data/man/man8/puppet-man.8 +1 -1
  64. data/man/man8/puppet-module.8 +1 -1
  65. data/man/man8/puppet-node.8 +1 -1
  66. data/man/man8/puppet-parser.8 +1 -1
  67. data/man/man8/puppet-plugin.8 +1 -1
  68. data/man/man8/puppet-report.8 +1 -1
  69. data/man/man8/puppet-resource.8 +1 -1
  70. data/man/man8/puppet-script.8 +1 -1
  71. data/man/man8/puppet-ssl.8 +1 -1
  72. data/man/man8/puppet-status.8 +1 -1
  73. data/man/man8/puppet.8 +2 -2
  74. data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
  75. data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
  76. data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
  77. data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
  78. data/spec/fixtures/ssl/ca.pem +57 -35
  79. data/spec/fixtures/ssl/crl.pem +28 -18
  80. data/spec/fixtures/ssl/ec-key.pem +11 -11
  81. data/spec/fixtures/ssl/ec.pem +33 -24
  82. data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
  83. data/spec/fixtures/ssl/encrypted-key.pem +108 -58
  84. data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
  85. data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
  86. data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
  87. data/spec/fixtures/ssl/intermediate.pem +57 -36
  88. data/spec/fixtures/ssl/pluto-key.pem +107 -57
  89. data/spec/fixtures/ssl/pluto.pem +52 -30
  90. data/spec/fixtures/ssl/request-key.pem +107 -57
  91. data/spec/fixtures/ssl/request.pem +47 -26
  92. data/spec/fixtures/ssl/revoked-key.pem +107 -57
  93. data/spec/fixtures/ssl/revoked.pem +52 -30
  94. data/spec/fixtures/ssl/signed-key.pem +107 -57
  95. data/spec/fixtures/ssl/signed.pem +52 -30
  96. data/spec/fixtures/ssl/tampered-cert.pem +52 -30
  97. data/spec/fixtures/ssl/tampered-csr.pem +47 -26
  98. data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
  99. data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
  100. data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
  101. data/spec/fixtures/ssl/unknown-ca.pem +55 -33
  102. data/spec/integration/application/resource_spec.rb +30 -0
  103. data/spec/lib/puppet/test_ca.rb +2 -2
  104. data/spec/unit/application/agent_spec.rb +7 -2
  105. data/spec/unit/configurer/downloader_spec.rb +6 -0
  106. data/spec/unit/configurer_spec.rb +23 -0
  107. data/spec/unit/file_serving/fileset_spec.rb +60 -0
  108. data/spec/unit/gettext/config_spec.rb +12 -0
  109. data/spec/unit/http/service/compiler_spec.rb +123 -0
  110. data/spec/unit/indirector/catalog/compiler_spec.rb +14 -10
  111. data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
  112. data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
  113. data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
  114. data/spec/unit/provider/package/nim_spec.rb +42 -0
  115. data/spec/unit/provider/service/init_spec.rb +1 -0
  116. data/spec/unit/provider/service/openwrt_spec.rb +3 -1
  117. data/spec/unit/provider/service/systemd_spec.rb +42 -8
  118. data/spec/unit/provider/service/windows_spec.rb +202 -0
  119. data/spec/unit/provider/user/directoryservice_spec.rb +67 -35
  120. data/spec/unit/ssl/state_machine_spec.rb +19 -5
  121. data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
  122. data/spec/unit/transaction_spec.rb +18 -20
  123. data/spec/unit/type/file/selinux_spec.rb +3 -3
  124. data/spec/unit/type/service_spec.rb +59 -188
  125. data/spec/unit/type/tidy_spec.rb +17 -7
  126. data/spec/unit/type/user_spec.rb +45 -0
  127. data/spec/unit/util/selinux_spec.rb +87 -16
  128. data/tasks/generate_cert_fixtures.rake +2 -2
  129. metadata +4 -2
@@ -1,7 +1,7 @@
1
1
  .\" generated with Ronn/v0.7.3
2
2
  .\" http://github.com/rtomayko/ronn/tree/0.7.3
3
3
  .
4
- .TH "PUPPETCONF" "5" "April 2021" "Puppet, Inc." "Puppet manual"
4
+ .TH "PUPPETCONF" "5" "June 2021" "Puppet, Inc." "Puppet manual"
5
5
  \fBThis page is autogenerated; any changes will get overwritten\fR
6
6
  .
7
7
  .SH "Configuration settings"
@@ -42,7 +42,7 @@ See the configuration guide \fIhttps://puppet\.com/docs/puppet/latest/config_abo
42
42
  A lock file to indicate that a puppet agent catalog run is currently in progress\. The file contains the pid of the process that holds the lock on the catalog run\.
43
43
  .
44
44
  .IP "\(bu" 4
45
- \fIDefault\fR: $statedir/agent_catalog_run\.lock
45
+ \fIDefault\fR: \fB$statedir/agent_catalog_run\.lock\fR
46
46
  .
47
47
  .IP "" 0
48
48
  .
@@ -50,7 +50,7 @@ A lock file to indicate that a puppet agent catalog run is currently in progress
50
50
  A lock file to indicate that puppet agent runs have been administratively disabled\. File contains a JSON object with state information\.
51
51
  .
52
52
  .IP "\(bu" 4
53
- \fIDefault\fR: $statedir/agent_disabled\.lock
53
+ \fIDefault\fR: \fB$statedir/agent_disabled\.lock\fR
54
54
  .
55
55
  .IP "" 0
56
56
  .
@@ -58,7 +58,7 @@ A lock file to indicate that puppet agent runs have been administratively disabl
58
58
  Whether to allow a new certificate request to overwrite an existing certificate request\. If true, then the old certificate must be cleaned using \fBpuppetserver ca clean\fR, and the new request signed using \fBpuppetserver ca sign\fR\.
59
59
  .
60
60
  .IP "\(bu" 4
61
- \fIDefault\fR: false
61
+ \fIDefault\fR: \fBfalse\fR
62
62
  .
63
63
  .IP "" 0
64
64
  .
@@ -69,7 +69,7 @@ Affects how we cache attempts to load Puppet resource types and features\. If tr
69
69
  If this setting is set to false, then types and features will only be checked once, and if they are not available, the negative result is cached and returned for all subsequent attempts to load the type or feature\. This behavior is almost always appropriate for the server, and can result in a significant performance improvement for types and features that are checked frequently\.
70
70
  .
71
71
  .IP "\(bu" 4
72
- \fIDefault\fR: true
72
+ \fIDefault\fR: \fBtrue\fR
73
73
  .
74
74
  .IP "" 0
75
75
  .
@@ -77,7 +77,7 @@ If this setting is set to false, then types and features will only be checked on
77
77
  Whether log files should always flush to disk\.
78
78
  .
79
79
  .IP "\(bu" 4
80
- \fIDefault\fR: true
80
+ \fIDefault\fR: \fBtrue\fR
81
81
  .
82
82
  .IP "" 0
83
83
  .
@@ -100,7 +100,7 @@ If a certificate request is not autosigned, it will persist for review\. An admi
100
100
  For info on autosign configuration files, see the guide to Puppet\'s config files \fIhttps://puppet\.com/docs/puppet/latest/config_file_autosign\.html\fR\.
101
101
  .
102
102
  .IP "\(bu" 4
103
- \fIDefault\fR: $confdir/autosign\.conf
103
+ \fIDefault\fR: \fB$confdir/autosign\.conf\fR
104
104
  .
105
105
  .IP "" 0
106
106
  .
@@ -111,37 +111,39 @@ The search path for \fBglobal\fR modules\. Should be specified as a list of dire
111
111
  These are the modules that will be used by \fIall\fR environments\. Note that the \fBmodules\fR directory of the active environment will have priority over any global directories\. For more info, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
112
112
  .
113
113
  .IP "\(bu" 4
114
- \fIDefault\fR: $codedir/modules:/opt/puppetlabs/puppet/modules
114
+ \fIDefault\fR: \fB$codedir/modules:/opt/puppetlabs/puppet/modules\fR
115
115
  .
116
116
  .IP "" 0
117
117
  .
118
118
  .SS "binder_config"
119
119
  The binder configuration file\. Puppet reads this file on each request to configure the bindings system\. If set to nil (the default), a $confdir/binder_config\.yaml is optionally loaded\. If it does not exists, a default configuration is used\. If the setting :binding_config is specified, it must reference a valid and existing yaml file\.
120
120
  .
121
- .TP
122
- \fIDefault\fR:
123
-
121
+ .IP "\(bu" 4
122
+ \fIDefault\fR: ``
123
+ .
124
+ .IP "" 0
124
125
  .
125
126
  .SS "bucketdir"
126
127
  Where FileBucket files are stored\.
127
128
  .
128
129
  .IP "\(bu" 4
129
- \fIDefault\fR: $vardir/bucket
130
+ \fIDefault\fR: \fB$vardir/bucket\fR
130
131
  .
131
132
  .IP "" 0
132
133
  .
133
134
  .SS "ca_fingerprint"
134
135
  The expected fingerprint of the CA certificate\. If specified, the agent will compare the CA certificate fingerprint that it downloads against this value and reject the CA certificate if the values do not match\. This only applies during the first download of the CA certificate\.
135
136
  .
136
- .TP
137
- \fIDefault\fR:
138
-
137
+ .IP "\(bu" 4
138
+ \fIDefault\fR: ``
139
+ .
140
+ .IP "" 0
139
141
  .
140
142
  .SS "ca_name"
141
143
  The name to use the Certificate Authority certificate\.
142
144
  .
143
145
  .IP "\(bu" 4
144
- \fIDefault\fR: Puppet CA: $certname
146
+ \fIDefault\fR: \fBPuppet CA: $certname\fR
145
147
  .
146
148
  .IP "" 0
147
149
  .
@@ -149,7 +151,7 @@ The name to use the Certificate Authority certificate\.
149
151
  The port to use for the certificate authority\.
150
152
  .
151
153
  .IP "\(bu" 4
152
- \fIDefault\fR: $serverport
154
+ \fIDefault\fR: \fB$serverport\fR
153
155
  .
154
156
  .IP "" 0
155
157
  .
@@ -157,7 +159,7 @@ The port to use for the certificate authority\.
157
159
  The server to use for certificate authority requests\. It\'s a separate server because it cannot and does not need to horizontally scale\.
158
160
  .
159
161
  .IP "\(bu" 4
160
- \fIDefault\fR: $server
162
+ \fIDefault\fR: \fB$server\fR
161
163
  .
162
164
  .IP "" 0
163
165
  .
@@ -165,7 +167,7 @@ The server to use for certificate authority requests\. It\'s a separate server b
165
167
  The default TTL for new certificates\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
166
168
  .
167
169
  .IP "\(bu" 4
168
- \fIDefault\fR: 5y
170
+ \fIDefault\fR: \fB5y\fR
169
171
  .
170
172
  .IP "" 0
171
173
  .
@@ -173,7 +175,7 @@ The default TTL for new certificates\. This setting can be a time interval in se
173
175
  The CA certificate\.
174
176
  .
175
177
  .IP "\(bu" 4
176
- \fIDefault\fR: $cadir/ca_crt\.pem
178
+ \fIDefault\fR: \fB$cadir/ca_crt\.pem\fR
177
179
  .
178
180
  .IP "" 0
179
181
  .
@@ -181,7 +183,7 @@ The CA certificate\.
181
183
  The certificate revocation list (CRL) for the CA\.
182
184
  .
183
185
  .IP "\(bu" 4
184
- \fIDefault\fR: $cadir/ca_crl\.pem
186
+ \fIDefault\fR: \fB$cadir/ca_crl\.pem\fR
185
187
  .
186
188
  .IP "" 0
187
189
  .
@@ -189,7 +191,7 @@ The certificate revocation list (CRL) for the CA\.
189
191
  The root directory for the certificate authority\.
190
192
  .
191
193
  .IP "\(bu" 4
192
- \fIDefault\fR: /var/lib/jenkins/\.puppetlabs/etc/puppet/ssl/ca
194
+ \fIDefault\fR: \fB/var/lib/jenkins/\.puppetlabs/etc/puppet/ssl/ca\fR
193
195
  .
194
196
  .IP "" 0
195
197
  .
@@ -197,7 +199,7 @@ The root directory for the certificate authority\.
197
199
  The CA private key\.
198
200
  .
199
201
  .IP "\(bu" 4
200
- \fIDefault\fR: $cadir/ca_key\.pem
202
+ \fIDefault\fR: \fB$cadir/ca_key\.pem\fR
201
203
  .
202
204
  .IP "" 0
203
205
  .
@@ -205,22 +207,23 @@ The CA private key\.
205
207
  The CA public key\.
206
208
  .
207
209
  .IP "\(bu" 4
208
- \fIDefault\fR: $cadir/ca_pub\.pem
210
+ \fIDefault\fR: \fB$cadir/ca_pub\.pem\fR
209
211
  .
210
212
  .IP "" 0
211
213
  .
212
214
  .SS "catalog_cache_terminus"
213
215
  How to store cached catalogs\. Valid values are \'json\', \'msgpack\' and \'yaml\'\. The agent application defaults to \'json\'\.
214
216
  .
215
- .TP
216
- \fIDefault\fR:
217
-
217
+ .IP "\(bu" 4
218
+ \fIDefault\fR: ``
219
+ .
220
+ .IP "" 0
218
221
  .
219
222
  .SS "catalog_terminus"
220
223
  Where to get node catalogs\. This is useful to change if, for instance, you\'d like to pre\-compile catalogs and store them in memcached or some other easily\-accessed store\.
221
224
  .
222
225
  .IP "\(bu" 4
223
- \fIDefault\fR: compiler
226
+ \fIDefault\fR: \fBcompiler\fR
224
227
  .
225
228
  .IP "" 0
226
229
  .
@@ -228,7 +231,7 @@ Where to get node catalogs\. This is useful to change if, for instance, you\'d l
228
231
  The inventory file\. This is a text file to which the CA writes a complete listing of all certificates\.
229
232
  .
230
233
  .IP "\(bu" 4
231
- \fIDefault\fR: $cadir/inventory\.txt
234
+ \fIDefault\fR: \fB$cadir/inventory\.txt\fR
232
235
  .
233
236
  .IP "" 0
234
237
  .
@@ -236,7 +239,7 @@ The inventory file\. This is a text file to which the CA writes a complete listi
236
239
  The certificate directory\.
237
240
  .
238
241
  .IP "\(bu" 4
239
- \fIDefault\fR: $ssldir/certs
242
+ \fIDefault\fR: \fB$ssldir/certs\fR
240
243
  .
241
244
  .IP "" 0
242
245
  .
@@ -256,7 +259,7 @@ When certificate_revocation is set to \'leaf\', Puppet verifies certs against th
256
259
  When certificate_revocation is set to \'false\', Puppet disables all certificate revocation checking and does not attempt to download the CRL\.
257
260
  .
258
261
  .IP "\(bu" 4
259
- \fIDefault\fR: chain
262
+ \fIDefault\fR: \fBchain\fR
260
263
  .
261
264
  .IP "" 0
262
265
  .
@@ -284,7 +287,7 @@ The special value \fBca\fR is reserved, and can\'t be used as the certname for a
284
287
  Defaults to the node\'s fully qualified domain name\.
285
288
  .
286
289
  .IP "\(bu" 4
287
- \fIDefault\fR: the Host\'s fully qualified domain name, as determined by Facter
290
+ \fIDefault\fR: \fBthe Host\'s fully qualified domain name, as determined by Facter\fR
288
291
  .
289
292
  .IP "" 0
290
293
  .
@@ -292,7 +295,7 @@ Defaults to the node\'s fully qualified domain name\.
292
295
  The list of ciphersuites for TLS connections initiated by puppet\. The default value is chosen to support TLS 1\.0 and up, but can be made more restrictive if needed\. The ciphersuites must be specified in OpenSSL format, not IANA\.
293
296
  .
294
297
  .IP "\(bu" 4
295
- \fIDefault\fR: ECDHE\-ECDSA\-AES128\-GCM\-SHA256:ECDHE\-RSA\-AES128\-GCM\-SHA256:ECDHE\-ECDSA\-AES256\-GCM\-SHA384:ECDHE\-RSA\-AES256\-GCM\-SHA384:ECDHE\-ECDSA\-CHACHA20\-POLY1305:ECDHE\-RSA\-CHACHA20\-POLY1305:DHE\-RSA\-AES128\-GCM\-SHA256:DHE\-RSA\-AES256\-GCM\-SHA384:DHE\-RSA\-CHACHA20\-POLY1305:ECDHE\-ECDSA\-AES128\-SHA256:ECDHE\-RSA\-AES128\-SHA256:ECDHE\-ECDSA\-AES128\-SHA:ECDHE\-RSA\-AES128\-SHA:ECDHE\-ECDSA\-AES256\-SHA384:ECDHE\-RSA\-AES256\-SHA384:ECDHE\-ECDSA\-AES256\-SHA:ECDHE\-RSA\-AES256\-SHA:DHE\-RSA\-AES128\-SHA256:DHE\-RSA\-AES256\-SHA256:AES128\-GCM\-SHA256:AES256\-GCM\-SHA384:AES128\-SHA256:AES256\-SHA256
298
+ \fIDefault\fR: \fBECDHE\-ECDSA\-AES128\-GCM\-SHA256:ECDHE\-RSA\-AES128\-GCM\-SHA256:ECDHE\-ECDSA\-AES256\-GCM\-SHA384:ECDHE\-RSA\-AES256\-GCM\-SHA384:ECDHE\-ECDSA\-CHACHA20\-POLY1305:ECDHE\-RSA\-CHACHA20\-POLY1305:DHE\-RSA\-AES128\-GCM\-SHA256:DHE\-RSA\-AES256\-GCM\-SHA384:DHE\-RSA\-CHACHA20\-POLY1305:ECDHE\-ECDSA\-AES128\-SHA256:ECDHE\-RSA\-AES128\-SHA256:ECDHE\-ECDSA\-AES128\-SHA:ECDHE\-RSA\-AES128\-SHA:ECDHE\-ECDSA\-AES256\-SHA384:ECDHE\-RSA\-AES256\-SHA384:ECDHE\-ECDSA\-AES256\-SHA:ECDHE\-RSA\-AES256\-SHA:DHE\-RSA\-AES128\-SHA256:DHE\-RSA\-AES256\-SHA256:AES128\-GCM\-SHA256:AES256\-GCM\-SHA384:AES128\-SHA256:AES256\-SHA256\fR
296
299
  .
297
300
  .IP "" 0
298
301
  .
@@ -300,7 +303,7 @@ The list of ciphersuites for TLS connections initiated by puppet\. The default v
300
303
  The file in which puppet agent stores a list of the classes associated with the retrieved configuration\. Can be loaded in the separate \fBpuppet\fR executable using the \fB\-\-loadclasses\fR option\.
301
304
  .
302
305
  .IP "\(bu" 4
303
- \fIDefault\fR: $statedir/classes\.txt
306
+ \fIDefault\fR: \fB$statedir/classes\.txt\fR
304
307
  .
305
308
  .IP "" 0
306
309
  .
@@ -308,7 +311,7 @@ The file in which puppet agent stores a list of the classes associated with the
308
311
  The directory in which serialized data is stored on the client\.
309
312
  .
310
313
  .IP "\(bu" 4
311
- \fIDefault\fR: $vardir/client_data
314
+ \fIDefault\fR: \fB$vardir/client_data\fR
312
315
  .
313
316
  .IP "" 0
314
317
  .
@@ -316,7 +319,7 @@ The directory in which serialized data is stored on the client\.
316
319
  Where FileBucket files are stored locally\.
317
320
  .
318
321
  .IP "\(bu" 4
319
- \fIDefault\fR: $vardir/clientbucket
322
+ \fIDefault\fR: \fB$vardir/clientbucket\fR
320
323
  .
321
324
  .IP "" 0
322
325
  .
@@ -324,7 +327,7 @@ Where FileBucket files are stored locally\.
324
327
  The directory in which client\-side YAML data is stored\.
325
328
  .
326
329
  .IP "\(bu" 4
327
- \fIDefault\fR: $vardir/client_yaml
330
+ \fIDefault\fR: \fB$vardir/client_yaml\fR
328
331
  .
329
332
  .IP "" 0
330
333
  .
@@ -335,7 +338,7 @@ Code to parse directly\. This is essentially only used by \fBpuppet\fR, and shou
335
338
  The main Puppet code directory\. The default for this setting is calculated based on the user\. If the process is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it\'s running as any other user, it defaults to being in the user\'s home directory\.
336
339
  .
337
340
  .IP "\(bu" 4
338
- \fIDefault\fR: Unix/Linux: /etc/puppetlabs/code \-\- Windows: C:\eProgramData\ePuppetLabs\ecode \-\- Non\-root user: ~/\.puppetlabs/etc/code
341
+ \fIDefault\fR: \fBUnix/Linux: /etc/puppetlabs/code \-\- Windows: C:\eProgramData\ePuppetLabs\ecode \-\- Non\-root user: ~/\.puppetlabs/etc/code\fR
339
342
  .
340
343
  .IP "" 0
341
344
  .
@@ -343,7 +346,7 @@ The main Puppet code directory\. The default for this setting is calculated base
343
346
  Whether to use colors when logging to the console\. Valid values are \fBansi\fR (equivalent to \fBtrue\fR), \fBhtml\fR, and \fBfalse\fR, which produces no color\.
344
347
  .
345
348
  .IP "\(bu" 4
346
- \fIDefault\fR: ansi
349
+ \fIDefault\fR: \fBansi\fR
347
350
  .
348
351
  .IP "" 0
349
352
  .
@@ -351,7 +354,7 @@ Whether to use colors when logging to the console\. Valid values are \fBansi\fR
351
354
  The main Puppet configuration directory\. The default for this setting is calculated based on the user\. If the process is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it\'s running as any other user, it defaults to being in the user\'s home directory\.
352
355
  .
353
356
  .IP "\(bu" 4
354
- \fIDefault\fR: Unix/Linux: /etc/puppetlabs/puppet \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\eetc \-\- Non\-root user: ~/\.puppetlabs/etc/puppet
357
+ \fIDefault\fR: \fBUnix/Linux: /etc/puppetlabs/puppet \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\eetc \-\- Non\-root user: ~/\.puppetlabs/etc/puppet\fR
355
358
  .
356
359
  .IP "" 0
357
360
  .
@@ -359,7 +362,7 @@ The main Puppet configuration directory\. The default for this setting is calcul
359
362
  The configuration file for the current puppet application\.
360
363
  .
361
364
  .IP "\(bu" 4
362
- \fIDefault\fR: $confdir/${config_file_name}
365
+ \fIDefault\fR: \fB$confdir/${config_file_name}\fR
363
366
  .
364
367
  .IP "" 0
365
368
  .
@@ -367,7 +370,7 @@ The configuration file for the current puppet application\.
367
370
  The name of the puppet config file\.
368
371
  .
369
372
  .IP "\(bu" 4
370
- \fIDefault\fR: puppet\.conf
373
+ \fIDefault\fR: \fBpuppet\.conf\fR
371
374
  .
372
375
  .IP "" 0
373
376
  .
@@ -389,9 +392,10 @@ In general, the duration should be greater than the \fBruninterval\fR\. Setting
389
392
  .P
390
393
  If the agent downloads a new CRL, the agent will use it for subsequent network requests\. If the refresh request fails or if the CRL is unchanged on the server, then the agent run will continue using the local CRL it already has\.This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
391
394
  .
392
- .TP
393
- \fIDefault\fR:
394
-
395
+ .IP "\(bu" 4
396
+ \fIDefault\fR: ``
397
+ .
398
+ .IP "" 0
395
399
  .
396
400
  .SS "csr_attributes"
397
401
  An optional file containing custom attributes to add to certificate signing requests (CSRs)\. You should ensure that this file does not exist on your CA puppet master; if it does, unwanted certificate extensions may leak into certificates created with the \fBpuppetserver ca generate\fR command\.
@@ -406,7 +410,7 @@ Custom attributes can be used by the CA when deciding whether to sign the certif
406
410
  Extension requests will be permanently embedded in the final certificate\. Extension OIDs must be in the "ppRegCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.1\fR), "ppPrivCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.2\fR), or "ppAuthCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.3\fR) OID arcs\. The ppRegCertExt arc is reserved for four of the most common pieces of data to embed: \fBpp_uuid\fR (\fB\.1\fR), \fBpp_instance_id\fR (\fB\.2\fR), \fBpp_image_name\fR (\fB\.3\fR), and \fBpp_preshared_key\fR (\fB\.4\fR) \-\-\- in the YAML file, these can be referred to by their short descriptive names instead of their full OID\. The ppPrivCertExt arc is unregulated, and can be used for site\-specific extensions\. The ppAuthCert arc is reserved for two pieces of data to embed: \fBpp_authorization\fR (\fB\.1\fR) and \fBpp_auth_role\fR (\fB\.13\fR)\. As with ppRegCertExt, in the YAML file, these can be referred to by their short descriptive name instead of their full OID\.
407
411
  .
408
412
  .IP "\(bu" 4
409
- \fIDefault\fR: $confdir/csr_attributes\.yaml
413
+ \fIDefault\fR: \fB$confdir/csr_attributes\.yaml\fR
410
414
  .
411
415
  .IP "" 0
412
416
  .
@@ -414,7 +418,7 @@ Extension requests will be permanently embedded in the final certificate\. Exten
414
418
  Where the CA stores certificate requests\.
415
419
  .
416
420
  .IP "\(bu" 4
417
- \fIDefault\fR: $cadir/requests
421
+ \fIDefault\fR: \fB$cadir/requests\fR
418
422
  .
419
423
  .IP "" 0
420
424
  .
@@ -422,7 +426,7 @@ Where the CA stores certificate requests\.
422
426
  Whether to send the process into the background\. This defaults to true on POSIX systems, and to false on Windows (where Puppet currently cannot daemonize)\.
423
427
  .
424
428
  .IP "\(bu" 4
425
- \fIDefault\fR: true
429
+ \fIDefault\fR: \fBtrue\fR
426
430
  .
427
431
  .IP "" 0
428
432
  .
@@ -430,7 +434,7 @@ Whether to send the process into the background\. This defaults to true on POSIX
430
434
  This setting has been deprecated\. Use of any value other than \'hiera\' should instead be configured in a version 5 hiera\.yaml\. Until this setting is removed, it controls which data binding terminus to use for global automatic data binding (across all environments)\. By default this value is \'hiera\'\. A value of \'none\' turns off the global binding\.
431
435
  .
432
436
  .IP "\(bu" 4
433
- \fIDefault\fR: hiera
437
+ \fIDefault\fR: \fBhiera\fR
434
438
  .
435
439
  .IP "" 0
436
440
  .
@@ -438,7 +442,7 @@ This setting has been deprecated\. Use of any value other than \'hiera\' should
438
442
  The default source for files if no server is given in a uri, e\.g\. puppet:///file\. The default of \fBrest\fR causes the file to be retrieved using the \fBserver\fR setting\. When running \fBapply\fR the default is \fBfile_server\fR, causing requests to be filled locally\.
439
443
  .
440
444
  .IP "\(bu" 4
441
- \fIDefault\fR: rest
445
+ \fIDefault\fR: \fBrest\fR
442
446
  .
443
447
  .IP "" 0
444
448
  .
@@ -452,7 +456,7 @@ This setting\'s value can be an absolute or relative path\. An absolute path wil
452
456
  In either case, the path can point to a single file or to a directory of manifests to be evaluated in alphabetical order\.
453
457
  .
454
458
  .IP "\(bu" 4
455
- \fIDefault\fR: \./manifests
459
+ \fIDefault\fR: \fB\./manifests\fR
456
460
  .
457
461
  .IP "" 0
458
462
  .
@@ -460,7 +464,7 @@ In either case, the path can point to a single file or to a directory of manifes
460
464
  Boolean; whether to generate the default schedule resources\. Setting this to false is useful for keeping external report processors clean of skipped schedule resources\.
461
465
  .
462
466
  .IP "\(bu" 4
463
- \fIDefault\fR: true
467
+ \fIDefault\fR: \fBtrue\fR
464
468
  .
465
469
  .IP "" 0
466
470
  .
@@ -468,7 +472,7 @@ Boolean; whether to generate the default schedule resources\. Setting this to fa
468
472
  The root directory of devices\' $confdir\.
469
473
  .
470
474
  .IP "\(bu" 4
471
- \fIDefault\fR: $confdir/devices
475
+ \fIDefault\fR: \fB$confdir/devices\fR
472
476
  .
473
477
  .IP "" 0
474
478
  .
@@ -476,7 +480,7 @@ The root directory of devices\' $confdir\.
476
480
  Path to the device config file for puppet device\.
477
481
  .
478
482
  .IP "\(bu" 4
479
- \fIDefault\fR: $confdir/device\.conf
483
+ \fIDefault\fR: \fB$confdir/device\.conf\fR
480
484
  .
481
485
  .IP "" 0
482
486
  .
@@ -484,7 +488,7 @@ Path to the device config file for puppet device\.
484
488
  The root directory of devices\' $vardir\.
485
489
  .
486
490
  .IP "\(bu" 4
487
- \fIDefault\fR: $vardir/devices
491
+ \fIDefault\fR: \fB$vardir/devices\fR
488
492
  .
489
493
  .IP "" 0
490
494
  .
@@ -492,7 +496,7 @@ The root directory of devices\' $vardir\.
492
496
  Which diff command to use when printing differences between files\. This setting has no default value on Windows, as standard \fBdiff\fR is not available, but Puppet can use many third\-party diff tools\.
493
497
  .
494
498
  .IP "\(bu" 4
495
- \fIDefault\fR: diff
499
+ \fIDefault\fR: \fBdiff\fR
496
500
  .
497
501
  .IP "" 0
498
502
  .
@@ -500,7 +504,7 @@ Which diff command to use when printing differences between files\. This setting
500
504
  Which arguments to pass to the diff command when printing differences between files\. The command to use can be chosen with the \fBdiff\fR setting\.
501
505
  .
502
506
  .IP "\(bu" 4
503
- \fIDefault\fR: \-u
507
+ \fIDefault\fR: \fB\-u\fR
504
508
  .
505
509
  .IP "" 0
506
510
  .
@@ -508,7 +512,7 @@ Which arguments to pass to the diff command when printing differences between fi
508
512
  Which digest algorithm to use for file resources and the filebucket\. Valid values are md5, sha256, sha384, sha512, sha224\. Default is md5\.
509
513
  .
510
514
  .IP "\(bu" 4
511
- \fIDefault\fR: md5
515
+ \fIDefault\fR: \fBmd5\fR
512
516
  .
513
517
  .IP "" 0
514
518
  .
@@ -516,7 +520,7 @@ Which digest algorithm to use for file resources and the filebucket\. Valid valu
516
520
  If true, turns off all translations of Puppet and module log messages, which affects error, warning, and info log messages, as well as any translations in the report and CLI\.
517
521
  .
518
522
  .IP "\(bu" 4
519
- \fIDefault\fR: false
523
+ \fIDefault\fR: \fBfalse\fR
520
524
  .
521
525
  .IP "" 0
522
526
  .
@@ -527,7 +531,7 @@ Whether to disallow an environment\-specific main manifest\. When set to \fBtrue
527
531
  This setting requires \fBdefault_manifest\fR to be set to an absolute path\.
528
532
  .
529
533
  .IP "\(bu" 4
530
- \fIDefault\fR: false
534
+ \fIDefault\fR: \fBfalse\fR
531
535
  .
532
536
  .IP "" 0
533
537
  .
@@ -550,7 +554,7 @@ Valid values for this setting are:
550
554
  \fBundefined_resources\fR \-\-\- disables warnings about non existing resources\.
551
555
  .
552
556
  .IP "\(bu" 4
553
- \fIDefault\fR: []
557
+ \fIDefault\fR: \fB[]\fR
554
558
  .
555
559
  .IP "" 0
556
560
  .
@@ -561,7 +565,7 @@ A comma\-separated list of alternate DNS names for Puppet Server\. These are ext
561
565
  In order to handle agent requests at a given hostname (like "puppet\.example\.com"), Puppet Server needs a certificate that proves it\'s allowed to use that name; if a server shows a certificate that doesn\'t include its hostname, Puppet agents will refuse to trust it\. If you use a single hostname for Puppet traffic but load\-balance it to multiple Puppet Servers, each of those servers needs to include the official hostname in its list of extra names\.
562
566
  .
563
567
  .P
564
- \fBNote:\fR The list of alternate names is locked in when the server\'s certificate is signed\. If you need to change the list later, you can\'t just change this setting; you also need to regenerate the certificate\. For more information on that process, see the [cert regen docs] (https://puppet\.com/docs/puppet/latest/ssl_regenerate_certificates\.html)\.
568
+ \fBNote:\fR The list of alternate names is locked in when the server\'s certificate is signed\. If you need to change the list later, you can\'t just change this setting; you also need to regenerate the certificate\. For more information on that process, see the cert regen docs \fIhttps://puppet\.com/docs/puppet/latest/ssl_regenerate_certificates\.html\fR\.
565
569
  .
566
570
  .P
567
571
  To see all the alternate names your servers are using, log into your CA server and run \fBpuppetserver ca list \-\-all\fR, then check the output for \fB(alt names: \.\.\.)\fR\. Most agent nodes should NOT have alternate names; the only certs that should have them are Puppet Server nodes that you want other agents to trust\.
@@ -570,7 +574,7 @@ To see all the alternate names your servers are using, log into your CA server a
570
574
  Whether to document all resources when using \fBpuppet doc\fR to generate manifest documentation\.
571
575
  .
572
576
  .IP "\(bu" 4
573
- \fIDefault\fR: false
577
+ \fIDefault\fR: \fBfalse\fR
574
578
  .
575
579
  .IP "" 0
576
580
  .
@@ -587,16 +591,17 @@ When defined in the \fB[user]\fR section, the environment refers to the path tha
587
591
  Given that the context and effects vary depending on the config section \fIhttps://puppet\.com/docs/puppet/latest/config_file_main\.html#config\-sections\fR in which the \fBenvironment\fR setting is defined, do not set it globally\.
588
592
  .
589
593
  .IP "\(bu" 4
590
- \fIDefault\fR: production
594
+ \fIDefault\fR: \fBproduction\fR
591
595
  .
592
596
  .IP "" 0
593
597
  .
594
598
  .SS "environment_data_provider"
595
599
  The name of a registered environment data provider used when obtaining environment specific data\. The three built in and registered providers are \'none\' (no data), \'function\' (data obtained by calling the function \'environment::data()\') and \'hiera\' (data obtained using a data provider configured using a hiera\.yaml file in root of the environment)\. Other environment data providers may be registered in modules on the module path\. For such custom data providers see the respective module documentation\. This setting is deprecated\.
596
600
  .
597
- .TP
598
- \fIDefault\fR:
599
-
601
+ .IP "\(bu" 4
602
+ \fIDefault\fR: ``
603
+ .
604
+ .IP "" 0
600
605
  .
601
606
  .SS "environment_timeout"
602
607
  How long the Puppet server should cache data it loads from an environment\.
@@ -619,7 +624,7 @@ Setting this to a number that will keep your most actively used environments cac
619
624
  Once you set \fBenvironment_timeout\fR to a non\-zero value, you need to tell Puppet server to read new code from disk using the \fBenvironment\-cache\fR API endpoint after you deploy new code\. See the docs for the Puppet Server administrative API \fIhttps://puppet\.com/docs/puppetserver/latest/admin\-api/v1/environment\-cache\.html\fR\.
620
625
  .
621
626
  .IP "\(bu" 4
622
- \fIDefault\fR: 0
627
+ \fIDefault\fR: \fB0\fR
623
628
  .
624
629
  .IP "" 0
625
630
  .
@@ -627,7 +632,7 @@ Once you set \fBenvironment_timeout\fR to a non\-zero value, you need to tell Pu
627
632
  How Puppet interprets the \fBenvironment_timeout\fR setting when \fBenvironment_timeout\fR is neither \fB0\fR nor \fBunlimited\fR\. If set to \fBfrom_created\fR, then the environment will be evicted \fBenvironment_timeout\fR seconds from when it was created\. If set to \fBfrom_last_used\fR then the environment will be evicted \fBenvironment_timeout\fR seconds from when it was last used\.
628
633
  .
629
634
  .IP "\(bu" 4
630
- \fIDefault\fR: from_created
635
+ \fIDefault\fR: \fBfrom_created\fR
631
636
  .
632
637
  .IP "" 0
633
638
  .
@@ -638,7 +643,7 @@ A search path for directory environments, as a list of directories separated by
638
643
  This setting must have a value set to enable \fBdirectory environments\.\fR The recommended value is \fB$codedir/environments\fR\. For more details, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
639
644
  .
640
645
  .IP "\(bu" 4
641
- \fIDefault\fR: $codedir/environments
646
+ \fIDefault\fR: \fB$codedir/environments\fR
642
647
  .
643
648
  .IP "" 0
644
649
  .
@@ -646,7 +651,7 @@ This setting must have a value set to enable \fBdirectory environments\.\fR The
646
651
  Whether each resource should log when it is being evaluated\. This allows you to interactively see exactly what is being done\.
647
652
  .
648
653
  .IP "\(bu" 4
649
- \fIDefault\fR: false
654
+ \fIDefault\fR: \fBfalse\fR
650
655
  .
651
656
  .IP "" 0
652
657
  .
@@ -688,7 +693,7 @@ Generally, an ENC script makes requests to an external data source\.
688
693
  For more info, see the ENC documentation \fIhttps://puppet\.com/docs/puppet/latest/nodes_external\.html\fR\.
689
694
  .
690
695
  .IP "\(bu" 4
691
- \fIDefault\fR: none
696
+ \fIDefault\fR: \fBnone\fR
692
697
  .
693
698
  .IP "" 0
694
699
  .
@@ -696,7 +701,7 @@ For more info, see the ENC documentation \fIhttps://puppet\.com/docs/puppet/late
696
701
  Whether to enable a pre\-Facter 4\.0 release of Facter (distributed as the "facter\-ng" gem)\. This is not necessary if Facter 3\.x or later is installed\. This setting is still experimental\.
697
702
  .
698
703
  .IP "\(bu" 4
699
- \fIDefault\fR: false
704
+ \fIDefault\fR: \fBfalse\fR
700
705
  .
701
706
  .IP "" 0
702
707
  .
@@ -704,7 +709,7 @@ Whether to enable a pre\-Facter 4\.0 release of Facter (distributed as the "fact
704
709
  Where Puppet should look for facts\. Multiple directories should be separated by the system path separator character\. (The POSIX path separator is \':\', and the Windows path separator is \';\'\.)
705
710
  .
706
711
  .IP "\(bu" 4
707
- \fIDefault\fR: $vardir/lib/facter:$vardir/facts
712
+ \fIDefault\fR: \fB$vardir/lib/facter:$vardir/facts\fR
708
713
  .
709
714
  .IP "" 0
710
715
  .
@@ -712,7 +717,7 @@ Where Puppet should look for facts\. Multiple directories should be separated by
712
717
  The node facts terminus\.
713
718
  .
714
719
  .IP "\(bu" 4
715
- \fIDefault\fR: facter
720
+ \fIDefault\fR: \fBfacter\fR
716
721
  .
717
722
  .IP "" 0
718
723
  .
@@ -720,7 +725,7 @@ The node facts terminus\.
720
725
  Where the fileserver configuration is stored\.
721
726
  .
722
727
  .IP "\(bu" 4
723
- \fIDefault\fR: $confdir/fileserver\.conf
728
+ \fIDefault\fR: \fB$confdir/fileserver\.conf\fR
724
729
  .
725
730
  .IP "" 0
726
731
  .
@@ -728,22 +733,23 @@ Where the fileserver configuration is stored\.
728
733
  The minimum time to wait between checking for updates in configuration files\. This timeout determines how quickly Puppet checks whether a file (such as manifests or puppet\.conf) has changed on disk\. The default will change in a future release to be \'unlimited\', requiring a reload of the Puppet service to pick up changes to its internal configuration\. Currently we do not accept a value of \'unlimited\'\. To reparse files within an environment in Puppet Server please use the environment_cache endpoint
729
734
  .
730
735
  .IP "\(bu" 4
731
- \fIDefault\fR: 15s
736
+ \fIDefault\fR: \fB15s\fR
732
737
  .
733
738
  .IP "" 0
734
739
  .
735
740
  .SS "forge_authorization"
736
741
  The authorization key to connect to the Puppet Forge\. Leave blank for unauthorized or license based connections
737
742
  .
738
- .TP
739
- \fIDefault\fR:
740
-
743
+ .IP "\(bu" 4
744
+ \fIDefault\fR: ``
745
+ .
746
+ .IP "" 0
741
747
  .
742
748
  .SS "freeze_main"
743
749
  Freezes the \'main\' class, disallowing any code to be added to it\. This essentially means that you can\'t have any code outside of a node, class, or definition other than in the site manifest\.
744
750
  .
745
751
  .IP "\(bu" 4
746
- \fIDefault\fR: false
752
+ \fIDefault\fR: \fBfalse\fR
747
753
  .
748
754
  .IP "" 0
749
755
  .
@@ -751,7 +757,7 @@ Freezes the \'main\' class, disallowing any code to be added to it\. This essent
751
757
  Causes validation of loaded legacy Ruby functions (3x API) to raise errors about illegal constructs that could cause harm or that simply does not work\. This flag is on by default\. This flag is made available so that the validation can be turned off in case the method of validation is faulty \- if encountered, please file a bug report\.
752
758
  .
753
759
  .IP "\(bu" 4
754
- \fIDefault\fR: true
760
+ \fIDefault\fR: \fBtrue\fR
755
761
  .
756
762
  .IP "" 0
757
763
  .
@@ -759,7 +765,7 @@ Causes validation of loaded legacy Ruby functions (3x API) to raise errors about
759
765
  Whether or not to enable all features currently being developed for future major releases of Puppet\. Should be used with caution, as in development features are experimental and can have unexpected effects\.
760
766
  .
761
767
  .IP "\(bu" 4
762
- \fIDefault\fR: false
768
+ \fIDefault\fR: \fBfalse\fR
763
769
  .
764
770
  .IP "" 0
765
771
  .
@@ -767,7 +773,7 @@ Whether or not to enable all features currently being developed for future major
767
773
  When true, causes Puppet applications to print an example config file to stdout and exit\. The example will include descriptions of each setting, and the current (or default) value of each setting, incorporating any settings overridden on the CLI (with the exception of \fBgenconfig\fR itself)\. This setting only makes sense when specified on the command line as \fB\-\-genconfig\fR\.
768
774
  .
769
775
  .IP "\(bu" 4
770
- \fIDefault\fR: false
776
+ \fIDefault\fR: \fBfalse\fR
771
777
  .
772
778
  .IP "" 0
773
779
  .
@@ -775,7 +781,7 @@ When true, causes Puppet applications to print an example config file to stdout
775
781
  Whether to just print a manifest to stdout and exit\. Only makes sense when specified on the command line as \fB\-\-genmanifest\fR\. Takes into account arguments specified on the CLI\.
776
782
  .
777
783
  .IP "\(bu" 4
778
- \fIDefault\fR: false
784
+ \fIDefault\fR: \fBfalse\fR
779
785
  .
780
786
  .IP "" 0
781
787
  .
@@ -792,7 +798,7 @@ The \fBgraphdir\fR setting determines where Puppet will save graphs\. Note that
792
798
  See your graphing software\'s documentation for details on opening \.dot files\. If you\'re using GraphViz\'s \fBdot\fR command, you can do a quick PNG render with \fBdot \-Tpng <DOT FILE> \-o <OUTPUT FILE>\fR\.
793
799
  .
794
800
  .IP "\(bu" 4
795
- \fIDefault\fR: false
801
+ \fIDefault\fR: \fBfalse\fR
796
802
  .
797
803
  .IP "" 0
798
804
  .
@@ -800,7 +806,7 @@ See your graphing software\'s documentation for details on opening \.dot files\.
800
806
  Where to save \.dot\-format graphs (when the \fBgraph\fR setting is enabled)\.
801
807
  .
802
808
  .IP "\(bu" 4
803
- \fIDefault\fR: $statedir/graphs
809
+ \fIDefault\fR: \fB$statedir/graphs\fR
804
810
  .
805
811
  .IP "" 0
806
812
  .
@@ -808,7 +814,7 @@ Where to save \.dot\-format graphs (when the \fBgraph\fR setting is enabled)\.
808
814
  The group Puppet Server will run as\. Used to ensure the agent side processes (agent, apply, etc) create files and directories readable by Puppet Server when necessary\.
809
815
  .
810
816
  .IP "\(bu" 4
811
- \fIDefault\fR: puppet
817
+ \fIDefault\fR: \fBpuppet\fR
812
818
  .
813
819
  .IP "" 0
814
820
  .
@@ -816,7 +822,7 @@ The group Puppet Server will run as\. Used to ensure the agent side processes (a
816
822
  The hiera configuration file\. Puppet only reads this file on startup, so you must restart the puppet server every time you edit it\.
817
823
  .
818
824
  .IP "\(bu" 4
819
- \fIDefault\fR: $confdir/hiera\.yaml\. However, for backwards compatibility, if a file exists at $codedir/hiera\.yaml, Puppet uses that instead\.
825
+ \fIDefault\fR: \fB$confdir/hiera\.yaml\. However, for backwards compatibility, if a file exists at $codedir/hiera\.yaml, Puppet uses that instead\.\fR
820
826
  .
821
827
  .IP "" 0
822
828
  .
@@ -824,7 +830,7 @@ The hiera configuration file\. Puppet only reads this file on startup, so you mu
824
830
  Where individual hosts store and look for their certificates\.
825
831
  .
826
832
  .IP "\(bu" 4
827
- \fIDefault\fR: $certdir/$certname\.pem
833
+ \fIDefault\fR: \fB$certdir/$certname\.pem\fR
828
834
  .
829
835
  .IP "" 0
830
836
  .
@@ -832,7 +838,7 @@ Where individual hosts store and look for their certificates\.
832
838
  Where the host\'s certificate revocation list can be found\. This is distinct from the certificate authority\'s CRL\.
833
839
  .
834
840
  .IP "\(bu" 4
835
- \fIDefault\fR: $ssldir/crl\.pem
841
+ \fIDefault\fR: \fB$ssldir/crl\.pem\fR
836
842
  .
837
843
  .IP "" 0
838
844
  .
@@ -840,7 +846,7 @@ Where the host\'s certificate revocation list can be found\. This is distinct fr
840
846
  This setting is deprecated\.
841
847
  .
842
848
  .IP "\(bu" 4
843
- \fIDefault\fR: $ssldir/csr_$certname\.pem
849
+ \fIDefault\fR: \fB$ssldir/csr_$certname\.pem\fR
844
850
  .
845
851
  .IP "" 0
846
852
  .
@@ -848,7 +854,7 @@ This setting is deprecated\.
848
854
  Where individual hosts store and look for their private key\.
849
855
  .
850
856
  .IP "\(bu" 4
851
- \fIDefault\fR: $privatekeydir/$certname\.pem
857
+ \fIDefault\fR: \fB$privatekeydir/$certname\.pem\fR
852
858
  .
853
859
  .IP "" 0
854
860
  .
@@ -856,7 +862,7 @@ Where individual hosts store and look for their private key\.
856
862
  Where individual hosts store and look for their public key\.
857
863
  .
858
864
  .IP "\(bu" 4
859
- \fIDefault\fR: $publickeydir/$certname\.pem
865
+ \fIDefault\fR: \fB$publickeydir/$certname\.pem\fR
860
866
  .
861
867
  .IP "" 0
862
868
  .
@@ -864,7 +870,7 @@ Where individual hosts store and look for their public key\.
864
870
  The maximum amount of time to wait when establishing an HTTP connection\. The default value is 2 minutes\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
865
871
  .
866
872
  .IP "\(bu" 4
867
- \fIDefault\fR: 2m
873
+ \fIDefault\fR: \fB2m\fR
868
874
  .
869
875
  .IP "" 0
870
876
  .
@@ -872,7 +878,7 @@ The maximum amount of time to wait when establishing an HTTP connection\. The de
872
878
  Whether to write HTTP request and responses to stderr\. This should never be used in a production environment\.
873
879
  .
874
880
  .IP "\(bu" 4
875
- \fIDefault\fR: false
881
+ \fIDefault\fR: \fBfalse\fR
876
882
  .
877
883
  .IP "" 0
878
884
  .
@@ -880,7 +886,7 @@ Whether to write HTTP request and responses to stderr\. This should never be use
880
886
  The list of extra headers that will be sent with http requests to the master\. The header definition consists of a name and a value separated by a colon\.
881
887
  .
882
888
  .IP "\(bu" 4
883
- \fIDefault\fR: []
889
+ \fIDefault\fR: \fB[]\fR
884
890
  .
885
891
  .IP "" 0
886
892
  .
@@ -888,7 +894,7 @@ The list of extra headers that will be sent with http requests to the master\. T
888
894
  The maximum amount of time a persistent HTTP connection can remain idle in the connection pool, before it is closed\. This timeout should be shorter than the keepalive timeout used on the HTTP server, e\.g\. Apache KeepAliveTimeout directive\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
889
895
  .
890
896
  .IP "\(bu" 4
891
- \fIDefault\fR: 4s
897
+ \fIDefault\fR: \fB4s\fR
892
898
  .
893
899
  .IP "" 0
894
900
  .
@@ -896,7 +902,7 @@ The maximum amount of time a persistent HTTP connection can remain idle in the c
896
902
  The HTTP proxy host to use for outgoing connections\. The proxy will be bypassed if the server\'s hostname matches the NO_PROXY environment variable or \fBno_proxy\fR setting\. Note: You may need to use a FQDN for the server hostname when using a proxy\. Environment variable http_proxy or HTTP_PROXY will override this value\.
897
903
  .
898
904
  .IP "\(bu" 4
899
- \fIDefault\fR: none
905
+ \fIDefault\fR: \fBnone\fR
900
906
  .
901
907
  .IP "" 0
902
908
  .
@@ -907,7 +913,7 @@ The password for the user of an authenticated HTTP proxy\. Requires the \fBhttp_
907
913
  Note that passwords must be valid when used as part of a URL\. If a password contains any characters with special meanings in URLs (as specified by RFC 3986 section 2\.2), they must be URL\-encoded\. (For example, \fB#\fR would become \fB%23\fR\.)
908
914
  .
909
915
  .IP "\(bu" 4
910
- \fIDefault\fR: none
916
+ \fIDefault\fR: \fBnone\fR
911
917
  .
912
918
  .IP "" 0
913
919
  .
@@ -915,7 +921,7 @@ Note that passwords must be valid when used as part of a URL\. If a password con
915
921
  The HTTP proxy port to use for outgoing connections
916
922
  .
917
923
  .IP "\(bu" 4
918
- \fIDefault\fR: 3128
924
+ \fIDefault\fR: \fB3128\fR
919
925
  .
920
926
  .IP "" 0
921
927
  .
@@ -923,7 +929,7 @@ The HTTP proxy port to use for outgoing connections
923
929
  The user name for an authenticated HTTP proxy\. Requires the \fBhttp_proxy_host\fR setting\.
924
930
  .
925
931
  .IP "\(bu" 4
926
- \fIDefault\fR: none
932
+ \fIDefault\fR: \fBnone\fR
927
933
  .
928
934
  .IP "" 0
929
935
  .
@@ -931,7 +937,7 @@ The user name for an authenticated HTTP proxy\. Requires the \fBhttp_proxy_host\
931
937
  The time to wait for data to be read from an HTTP connection\. If nothing is read after the elapsed interval then the connection will be closed\. The default value is 10 minutes\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
932
938
  .
933
939
  .IP "\(bu" 4
934
- \fIDefault\fR: 10m
940
+ \fIDefault\fR: \fB10m\fR
935
941
  .
936
942
  .IP "" 0
937
943
  .
@@ -939,7 +945,7 @@ The time to wait for data to be read from an HTTP connection\. If nothing is rea
939
945
  The HTTP User\-Agent string to send when making network requests\.
940
946
  .
941
947
  .IP "\(bu" 4
942
- \fIDefault\fR: Puppet/6\.22\.0 Ruby/2\.5\.1\-p57 (x86_64\-linux)
948
+ \fIDefault\fR: \fBPuppet/6\.23\.0 Ruby/2\.5\.1\-p57 (x86_64\-linux)\fR
943
949
  .
944
950
  .IP "" 0
945
951
  .
@@ -947,7 +953,7 @@ The HTTP User\-Agent string to send when making network requests\.
947
953
  Whether the puppet run should ignore errors during pluginsync\. If the setting is false and there are errors during pluginsync, then the agent will abort the run and submit a report containing information about the failed run\.
948
954
  .
949
955
  .IP "\(bu" 4
950
- \fIDefault\fR: true
956
+ \fIDefault\fR: \fBtrue\fR
951
957
  .
952
958
  .IP "" 0
953
959
  .
@@ -955,7 +961,7 @@ Whether the puppet run should ignore errors during pluginsync\. If the setting i
955
961
  Skip searching for classes and definitions that were missing during a prior compilation\. The list of missing objects is maintained per\-environment and persists until the environment is cleared or the master is restarted\.
956
962
  .
957
963
  .IP "\(bu" 4
958
- \fIDefault\fR: false
964
+ \fIDefault\fR: \fBfalse\fR
959
965
  .
960
966
  .IP "" 0
961
967
  .
@@ -963,7 +969,7 @@ Skip searching for classes and definitions that were missing during a prior comp
963
969
  Boolean; whether puppet agent should ignore schedules\. This is useful for initial puppet agent runs\.
964
970
  .
965
971
  .IP "\(bu" 4
966
- \fIDefault\fR: false
972
+ \fIDefault\fR: \fBfalse\fR
967
973
  .
968
974
  .IP "" 0
969
975
  .
@@ -971,7 +977,7 @@ Boolean; whether puppet agent should ignore schedules\. This is useful for initi
971
977
  The type of private key\. Valid values are \fBrsa\fR and \fBec\fR\. Default is \fBrsa\fR\.
972
978
  .
973
979
  .IP "\(bu" 4
974
- \fIDefault\fR: rsa
980
+ \fIDefault\fR: \fBrsa\fR
975
981
  .
976
982
  .IP "" 0
977
983
  .
@@ -979,7 +985,7 @@ The type of private key\. Valid values are \fBrsa\fR and \fBec\fR\. Default is \
979
985
  The bit length of keys\.
980
986
  .
981
987
  .IP "\(bu" 4
982
- \fIDefault\fR: 4096
988
+ \fIDefault\fR: \fB4096\fR
983
989
  .
984
990
  .IP "" 0
985
991
  .
@@ -987,7 +993,7 @@ The bit length of keys\.
987
993
  Where puppet agent stores the last run report summary in yaml format\.
988
994
  .
989
995
  .IP "\(bu" 4
990
- \fIDefault\fR: $statedir/last_run_summary\.yaml
996
+ \fIDefault\fR: \fB$statedir/last_run_summary\.yaml\fR
991
997
  .
992
998
  .IP "" 0
993
999
  .
@@ -995,7 +1001,7 @@ Where puppet agent stores the last run report summary in yaml format\.
995
1001
  Where Puppet Agent stores the last run report, by default, in yaml format\. The format of the report can be changed by setting the \fBcache\fR key of the \fBreport\fR terminus in the routes\.yaml \fIhttps://puppet\.com/docs/puppet/latest/config_file_routes\.html\fR file\. To avoid mismatches between content and file extension, this setting needs to be manually updated to reflect the terminus changes\.
996
1002
  .
997
1003
  .IP "\(bu" 4
998
- \fIDefault\fR: $statedir/last_run_report\.yaml
1004
+ \fIDefault\fR: \fB$statedir/last_run_report\.yaml\fR
999
1005
  .
1000
1006
  .IP "" 0
1001
1007
  .
@@ -1003,7 +1009,7 @@ Where Puppet Agent stores the last run report, by default, in yaml format\. The
1003
1009
  The LDAP attributes to include when querying LDAP for nodes\. All returned attributes are set as variables in the top\-level scope\. Multiple values should be comma\-separated\. The value \'all\' returns all attributes\.
1004
1010
  .
1005
1011
  .IP "\(bu" 4
1006
- \fIDefault\fR: all
1012
+ \fIDefault\fR: \fBall\fR
1007
1013
  .
1008
1014
  .IP "" 0
1009
1015
  .
@@ -1014,7 +1020,7 @@ The search base for LDAP searches\. It\'s impossible to provide a meaningful def
1014
1020
  The LDAP attributes to use to define Puppet classes\. Values should be comma\-separated\.
1015
1021
  .
1016
1022
  .IP "\(bu" 4
1017
- \fIDefault\fR: puppetclass
1023
+ \fIDefault\fR: \fBpuppetclass\fR
1018
1024
  .
1019
1025
  .IP "" 0
1020
1026
  .
@@ -1022,7 +1028,7 @@ The LDAP attributes to use to define Puppet classes\. Values should be comma\-se
1022
1028
  The attribute to use to define the parent node\.
1023
1029
  .
1024
1030
  .IP "\(bu" 4
1025
- \fIDefault\fR: parentnode
1031
+ \fIDefault\fR: \fBparentnode\fR
1026
1032
  .
1027
1033
  .IP "" 0
1028
1034
  .
@@ -1033,7 +1039,7 @@ The password to use to connect to LDAP\.
1033
1039
  The LDAP port\.
1034
1040
  .
1035
1041
  .IP "\(bu" 4
1036
- \fIDefault\fR: 389
1042
+ \fIDefault\fR: \fB389\fR
1037
1043
  .
1038
1044
  .IP "" 0
1039
1045
  .
@@ -1041,7 +1047,7 @@ The LDAP port\.
1041
1047
  The LDAP server\.
1042
1048
  .
1043
1049
  .IP "\(bu" 4
1044
- \fIDefault\fR: ldap
1050
+ \fIDefault\fR: \fBldap\fR
1045
1051
  .
1046
1052
  .IP "" 0
1047
1053
  .
@@ -1049,7 +1055,7 @@ The LDAP server\.
1049
1055
  Whether SSL should be used when searching for nodes\. Defaults to false because SSL usually requires certificates to be set up on the client side\.
1050
1056
  .
1051
1057
  .IP "\(bu" 4
1052
- \fIDefault\fR: false
1058
+ \fIDefault\fR: \fBfalse\fR
1053
1059
  .
1054
1060
  .IP "" 0
1055
1061
  .
@@ -1057,7 +1063,7 @@ Whether SSL should be used when searching for nodes\. Defaults to false because
1057
1063
  The LDAP attributes that should be stacked to arrays by adding the values in all hierarchy elements of the tree\. Values should be comma\-separated\.
1058
1064
  .
1059
1065
  .IP "\(bu" 4
1060
- \fIDefault\fR: puppetvar
1066
+ \fIDefault\fR: \fBpuppetvar\fR
1061
1067
  .
1062
1068
  .IP "" 0
1063
1069
  .
@@ -1065,7 +1071,7 @@ The LDAP attributes that should be stacked to arrays by adding the values in all
1065
1071
  The search string used to find an LDAP node\.
1066
1072
  .
1067
1073
  .IP "\(bu" 4
1068
- \fIDefault\fR: (&(objectclass=puppetClient)(cn=%s))
1074
+ \fIDefault\fR: \fB(&(objectclass=puppetClient)(cn=%s))\fR
1069
1075
  .
1070
1076
  .IP "" 0
1071
1077
  .
@@ -1073,7 +1079,7 @@ The search string used to find an LDAP node\.
1073
1079
  Whether TLS should be used when searching for nodes\. Defaults to false because TLS usually requires certificates to be set up on the client side\.
1074
1080
  .
1075
1081
  .IP "\(bu" 4
1076
- \fIDefault\fR: false
1082
+ \fIDefault\fR: \fBfalse\fR
1077
1083
  .
1078
1084
  .IP "" 0
1079
1085
  .
@@ -1084,7 +1090,7 @@ The user to use to connect to LDAP\. Must be specified as a full DN\.
1084
1090
  An extra search path for Puppet\. This is only useful for those files that Puppet will load on demand, and is only guaranteed to work for those cases\. In fact, the autoload mechanism is responsible for making sure this directory is in Ruby\'s search path
1085
1091
  .
1086
1092
  .IP "\(bu" 4
1087
- \fIDefault\fR: $vardir/lib
1093
+ \fIDefault\fR: \fB$vardir/lib\fR
1088
1094
  .
1089
1095
  .IP "" 0
1090
1096
  .
@@ -1092,7 +1098,7 @@ An extra search path for Puppet\. This is only useful for those files that Puppe
1092
1098
  Where each client stores the CA certificate\.
1093
1099
  .
1094
1100
  .IP "\(bu" 4
1095
- \fIDefault\fR: $certdir/ca\.pem
1101
+ \fIDefault\fR: \fB$certdir/ca\.pem\fR
1096
1102
  .
1097
1103
  .IP "" 0
1098
1104
  .
@@ -1100,7 +1106,7 @@ Where each client stores the CA certificate\.
1100
1106
  Where Puppet should store translation files that it pulls down from the central server\.
1101
1107
  .
1102
1108
  .IP "\(bu" 4
1103
- \fIDefault\fR: $vardir/locales
1109
+ \fIDefault\fR: \fB$vardir/locales\fR
1104
1110
  .
1105
1111
  .IP "" 0
1106
1112
  .
@@ -1108,7 +1114,7 @@ Where Puppet should store translation files that it pulls down from the central
1108
1114
  From where to retrieve translation files\. The standard Puppet \fBfile\fR type is used for retrieval, so anything that is a valid file source can be used here\.
1109
1115
  .
1110
1116
  .IP "\(bu" 4
1111
- \fIDefault\fR: puppet:///locales
1117
+ \fIDefault\fR: \fBpuppet:///locales\fR
1112
1118
  .
1113
1119
  .IP "" 0
1114
1120
  .
@@ -1140,22 +1146,23 @@ emerg
1140
1146
  crit
1141
1147
  .
1142
1148
  .IP "\(bu" 4
1143
- \fIDefault\fR: notice
1149
+ \fIDefault\fR: \fBnotice\fR
1144
1150
  .
1145
1151
  .IP "" 0
1146
1152
  .
1147
1153
  .SS "logdest"
1148
1154
  Where to send log messages\. Choose between \'syslog\' (the POSIX syslog service), \'eventlog\' (the Windows Event Log), \'console\', or the path to a log file\. Multiple destinations can be set using a comma separated list (eg: \fB/path/file1,console,/path/file2\fR)
1149
1155
  .
1150
- .TP
1151
- \fIDefault\fR:
1152
-
1156
+ .IP "\(bu" 4
1157
+ \fIDefault\fR: ``
1158
+ .
1159
+ .IP "" 0
1153
1160
  .
1154
1161
  .SS "logdir"
1155
1162
  The directory in which to store log files
1156
1163
  .
1157
1164
  .IP "\(bu" 4
1158
- \fIDefault\fR: Unix/Linux: /var/log/puppetlabs/puppet \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\evar\elog \-\- Non\-root user: ~/\.puppetlabs/var/log
1165
+ \fIDefault\fR: \fBUnix/Linux: /var/log/puppetlabs/puppet \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\evar\elog \-\- Non\-root user: ~/\.puppetlabs/var/log\fR
1159
1166
  .
1160
1167
  .IP "" 0
1161
1168
  .
@@ -1163,7 +1170,7 @@ The directory in which to store log files
1163
1170
  Whether Puppet should manage the owner, group, and mode of files it uses internally\. \fBNote\fR: For Windows agents, the default is \fBfalse\fR for versions 4\.10\.13 and greater, versions 5\.5\.6 and greater, and versions 6\.0 and greater\.
1164
1171
  .
1165
1172
  .IP "\(bu" 4
1166
- \fIDefault\fR: true
1173
+ \fIDefault\fR: \fBtrue\fR
1167
1174
  .
1168
1175
  .IP "" 0
1169
1176
  .
@@ -1173,15 +1180,16 @@ The entry\-point manifest for puppet master\. This can be one file or a director
1173
1180
  .P
1174
1181
  Setting a global value for \fBmanifest\fR in puppet\.conf is not allowed (but it can be overridden from the commandline)\. Please use directory environments instead\. If you need to use something other than the environment\'s \fBmanifests\fR directory as the main manifest, you can set \fBmanifest\fR in environment\.conf\. For more info, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
1175
1182
  .
1176
- .TP
1177
- \fIDefault\fR:
1178
-
1183
+ .IP "\(bu" 4
1184
+ \fIDefault\fR: ``
1185
+ .
1186
+ .IP "" 0
1179
1187
  .
1180
1188
  .SS "masterport"
1181
1189
  The default port puppet subcommands use to communicate with Puppet Server\. (eg \fBpuppet facts upload\fR, \fBpuppet agent\fR)\. May be overridden by more specific settings (see \fBca_port\fR, \fBreport_port\fR)\.
1182
1190
  .
1183
1191
  .IP "\(bu" 4
1184
- \fIDefault\fR: 8140
1192
+ \fIDefault\fR: \fB8140\fR
1185
1193
  .
1186
1194
  .IP "" 0
1187
1195
  .
@@ -1189,7 +1197,7 @@ The default port puppet subcommands use to communicate with Puppet Server\. (eg
1189
1197
  Sets the max number of logged/displayed parser validation deprecation warnings in case multiple deprecation warnings have been detected\. A value of 0 blocks the logging of deprecation warnings\. The count is per manifest\.
1190
1198
  .
1191
1199
  .IP "\(bu" 4
1192
- \fIDefault\fR: 10
1200
+ \fIDefault\fR: \fB10\fR
1193
1201
  .
1194
1202
  .IP "" 0
1195
1203
  .
@@ -1197,7 +1205,7 @@ Sets the max number of logged/displayed parser validation deprecation warnings i
1197
1205
  Sets the max number of logged/displayed parser validation errors in case multiple errors have been detected\. A value of 0 is the same as a value of 1; a minimum of one error is always raised\. The count is per manifest\.
1198
1206
  .
1199
1207
  .IP "\(bu" 4
1200
- \fIDefault\fR: 10
1208
+ \fIDefault\fR: \fB10\fR
1201
1209
  .
1202
1210
  .IP "" 0
1203
1211
  .
@@ -1205,7 +1213,7 @@ Sets the max number of logged/displayed parser validation errors in case multipl
1205
1213
  Sets the max number of logged/displayed parser validation warnings in case multiple warnings have been detected\. A value of 0 blocks logging of warnings\. The count is per manifest\.
1206
1214
  .
1207
1215
  .IP "\(bu" 4
1208
- \fIDefault\fR: 10
1216
+ \fIDefault\fR: \fB10\fR
1209
1217
  .
1210
1218
  .IP "" 0
1211
1219
  .
@@ -1213,7 +1221,7 @@ Sets the max number of logged/displayed parser validation warnings in case multi
1213
1221
  The maximum allowed UID\. Some platforms use negative UIDs but then ship with tools that do not know how to handle signed ints, so the UIDs show up as huge numbers that can then not be fed back into the system\. This is a hackish way to fail in a slightly more useful way when that happens\.
1214
1222
  .
1215
1223
  .IP "\(bu" 4
1216
- \fIDefault\fR: 4294967290
1224
+ \fIDefault\fR: \fB4294967290\fR
1217
1225
  .
1218
1226
  .IP "" 0
1219
1227
  .
@@ -1221,7 +1229,7 @@ The maximum allowed UID\. Some platforms use negative UIDs but then ship with to
1221
1229
  The maximum amount of time the Puppet agent should wait for its certificate request to be signed\. A value of \fBunlimited\fR will cause puppet agent to ask for a signed certificate indefinitely\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
1222
1230
  .
1223
1231
  .IP "\(bu" 4
1224
- \fIDefault\fR: unlimited
1232
+ \fIDefault\fR: \fBunlimited\fR
1225
1233
  .
1226
1234
  .IP "" 0
1227
1235
  .
@@ -1229,7 +1237,7 @@ The maximum amount of time the Puppet agent should wait for its certificate requ
1229
1237
  The maximum amount of time the puppet agent should wait for an already running puppet agent to finish before starting a new one\. This is set by default to 1 minute\. A value of \fBunlimited\fR will cause puppet agent to wait indefinitely\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
1230
1238
  .
1231
1239
  .IP "\(bu" 4
1232
- \fIDefault\fR: 1m
1240
+ \fIDefault\fR: \fB1m\fR
1233
1241
  .
1234
1242
  .IP "" 0
1235
1243
  .
@@ -1243,7 +1251,7 @@ When a class has a failed dependency, every resource in the class generates a no
1243
1251
  If true, all messages caused by a class dependency failure are merged into one message associated with the class\.
1244
1252
  .
1245
1253
  .IP "\(bu" 4
1246
- \fIDefault\fR: false
1254
+ \fIDefault\fR: \fBfalse\fR
1247
1255
  .
1248
1256
  .IP "" 0
1249
1257
  .
@@ -1251,22 +1259,23 @@ If true, all messages caused by a class dependency failure are merged into one m
1251
1259
  Whether to create the necessary user and group that puppet agent will run as\.
1252
1260
  .
1253
1261
  .IP "\(bu" 4
1254
- \fIDefault\fR: false
1262
+ \fIDefault\fR: \fBfalse\fR
1255
1263
  .
1256
1264
  .IP "" 0
1257
1265
  .
1258
1266
  .SS "module_groups"
1259
1267
  Extra module groups to request from the Puppet Forge\. This is an internal setting, and users should never change it\.
1260
1268
  .
1261
- .TP
1262
- \fIDefault\fR:
1263
-
1269
+ .IP "\(bu" 4
1270
+ \fIDefault\fR: ``
1271
+ .
1272
+ .IP "" 0
1264
1273
  .
1265
1274
  .SS "module_repository"
1266
1275
  The module repository
1267
1276
  .
1268
1277
  .IP "\(bu" 4
1269
- \fIDefault\fR: https://forgeapi\.puppet\.com
1278
+ \fIDefault\fR: \fBhttps://forgeapi\.puppet\.com\fR
1270
1279
  .
1271
1280
  .IP "" 0
1272
1281
  .
@@ -1274,7 +1283,7 @@ The module repository
1274
1283
  The directory into which module tool data is stored
1275
1284
  .
1276
1285
  .IP "\(bu" 4
1277
- \fIDefault\fR: $vardir/puppet\-module
1286
+ \fIDefault\fR: \fB$vardir/puppet\-module\fR
1278
1287
  .
1279
1288
  .IP "" 0
1280
1289
  .
@@ -1287,15 +1296,16 @@ Setting a global value for \fBmodulepath\fR in puppet\.conf is not allowed (but
1287
1296
  .SS "name"
1288
1297
  The name of the application, if we are running as one\. The default is essentially $0 without the path or \fB\.rb\fR\.
1289
1298
  .
1290
- .TP
1291
- \fIDefault\fR:
1292
-
1299
+ .IP "\(bu" 4
1300
+ \fIDefault\fR: ``
1301
+ .
1302
+ .IP "" 0
1293
1303
  .
1294
1304
  .SS "named_curve"
1295
1305
  The short name for the EC curve used to generate the EC private key\. Valid values must be one of the curves in \fBOpenSSL::PKey::EC\.builtin_curves\fR\. Default is \fBprime256v1\fR\.
1296
1306
  .
1297
1307
  .IP "\(bu" 4
1298
- \fIDefault\fR: prime256v1
1308
+ \fIDefault\fR: \fBprime256v1\fR
1299
1309
  .
1300
1310
  .IP "" 0
1301
1311
  .
@@ -1303,16 +1313,17 @@ The short name for the EC curve used to generate the EC private key\. Valid valu
1303
1313
  List of host or domain names that should not go through \fBhttp_proxy_host\fR\. Environment variable no_proxy or NO_PROXY will override this value\. Names can be specified as an FQDN \fBhost\.example\.com\fR, wildcard \fB*\.example\.com\fR, dotted domain \fB\.example\.com\fR, or suffix \fBexample\.com\fR\.
1304
1314
  .
1305
1315
  .IP "\(bu" 4
1306
- \fIDefault\fR: localhost, 127\.0\.0\.1
1316
+ \fIDefault\fR: \fBlocalhost, 127\.0\.0\.1\fR
1307
1317
  .
1308
1318
  .IP "" 0
1309
1319
  .
1310
1320
  .SS "node_cache_terminus"
1311
1321
  How to store cached nodes\. Valid values are (none), \'json\', \'msgpack\', or \'yaml\'\.
1312
1322
  .
1313
- .TP
1314
- \fIDefault\fR:
1315
-
1323
+ .IP "\(bu" 4
1324
+ \fIDefault\fR: ``
1325
+ .
1326
+ .IP "" 0
1316
1327
  .
1317
1328
  .SS "node_name"
1318
1329
  How the puppet master determines the client\'s identity and sets the \'hostname\', \'fqdn\' and \'domain\' facts for use in the manifest, in particular for determining which \'node\' statement applies to the client\. Possible values are \'cert\' (use the subject\'s CN in the client\'s certificate) and \'facter\' (use the hostname that the client reported in its facts)\.
@@ -1321,7 +1332,7 @@ How the puppet master determines the client\'s identity and sets the \'hostname\
1321
1332
  This setting is deprecated, please use explicit fact matching for classification\.
1322
1333
  .
1323
1334
  .IP "\(bu" 4
1324
- \fIDefault\fR: cert
1335
+ \fIDefault\fR: \fBcert\fR
1325
1336
  .
1326
1337
  .IP "" 0
1327
1338
  .
@@ -1332,7 +1343,7 @@ The fact name used to determine the node name used for all requests the agent ma
1332
1343
  The explicit value used for the node name for all requests the agent makes to the master\. WARNING: This setting is mutually exclusive with node_name_fact\. Changing this setting also requires changes to the default auth\.conf configuration on the Puppet Master\. Please see http://links\.puppet\.com/node_name_value for more information\.
1333
1344
  .
1334
1345
  .IP "\(bu" 4
1335
- \fIDefault\fR: $certname
1346
+ \fIDefault\fR: \fB$certname\fR
1336
1347
  .
1337
1348
  .IP "" 0
1338
1349
  .
@@ -1366,7 +1377,7 @@ The three main node data plugins are:
1366
1377
  \fBclassifier\fR (formerly \fBconsole\fR) \-\-\- Specific to Puppet Enterprise\. Uses the PE console for node data\."
1367
1378
  .
1368
1379
  .IP "\(bu" 4
1369
- \fIDefault\fR: plain
1380
+ \fIDefault\fR: \fBplain\fR
1370
1381
  .
1371
1382
  .IP "" 0
1372
1383
  .
@@ -1380,7 +1391,7 @@ When running in noop mode, Puppet will check whether each resource is in sync, l
1380
1391
  \fBImportant note:\fR The \fBnoop\fR metaparameter \fIhttps://puppet\.com/docs/puppet/latest/metaparameter\.html#noop\fR allows you to apply individual resources in noop mode, and will override the global value of the \fBnoop\fR setting\. This means a resource with \fBnoop => false\fR \fIwill\fR be changed if necessary, even when running puppet agent with \fBnoop = true\fR or \fB\-\-noop\fR\. (Conversely, a resource with \fBnoop => true\fR will only be simulated, even when noop mode is globally disabled\.)
1381
1392
  .
1382
1393
  .IP "\(bu" 4
1383
- \fIDefault\fR: false
1394
+ \fIDefault\fR: \fBfalse\fR
1384
1395
  .
1385
1396
  .IP "" 0
1386
1397
  .
@@ -1388,7 +1399,7 @@ When running in noop mode, Puppet will check whether each resource is in sync, l
1388
1399
  Perform one configuration run and exit, rather than spawning a long\-running daemon\. This is useful for interactively running puppet agent, or running puppet agent from cron\.
1389
1400
  .
1390
1401
  .IP "\(bu" 4
1391
- \fIDefault\fR: false
1402
+ \fIDefault\fR: \fBfalse\fR
1392
1403
  .
1393
1404
  .IP "" 0
1394
1405
  .
@@ -1396,7 +1407,7 @@ Perform one configuration run and exit, rather than spawning a long\-running dae
1396
1407
  Where puppet agent stores the password for its private key\. Generally unused\.
1397
1408
  .
1398
1409
  .IP "\(bu" 4
1399
- \fIDefault\fR: $privatedir/password
1410
+ \fIDefault\fR: \fB$privatedir/password\fR
1400
1411
  .
1401
1412
  .IP "" 0
1402
1413
  .
@@ -1407,7 +1418,7 @@ The shell search path\. Defaults to whatever is inherited from the parent proces
1407
1418
  This setting can only be set in the \fB[main]\fR section of puppet\.conf; it cannot be set in \fB[server]\fR, \fB[agent]\fR, or an environment config section\.
1408
1419
  .
1409
1420
  .IP "\(bu" 4
1410
- \fIDefault\fR: none
1421
+ \fIDefault\fR: \fBnone\fR
1411
1422
  .
1412
1423
  .IP "" 0
1413
1424
  .
@@ -1415,7 +1426,7 @@ This setting can only be set in the \fB[main]\fR section of puppet\.conf; it can
1415
1426
  The file containing the PID of a running process\. This file is intended to be used by service management frameworks and monitoring systems to determine if a puppet process is still in the process table\.
1416
1427
  .
1417
1428
  .IP "\(bu" 4
1418
- \fIDefault\fR: $rundir/${run_mode}\.pid
1429
+ \fIDefault\fR: \fB$rundir/${run_mode}\.pid\fR
1419
1430
  .
1420
1431
  .IP "" 0
1421
1432
  .
@@ -1423,7 +1434,7 @@ The file containing the PID of a running process\. This file is intended to be u
1423
1434
  Where Puppet should store plugins that it pulls down from the central server\.
1424
1435
  .
1425
1436
  .IP "\(bu" 4
1426
- \fIDefault\fR: $libdir
1437
+ \fIDefault\fR: \fB$libdir\fR
1427
1438
  .
1428
1439
  .IP "" 0
1429
1440
  .
@@ -1431,7 +1442,7 @@ Where Puppet should store plugins that it pulls down from the central server\.
1431
1442
  Where Puppet should store external facts that are being handled by pluginsync
1432
1443
  .
1433
1444
  .IP "\(bu" 4
1434
- \fIDefault\fR: $vardir/facts\.d
1445
+ \fIDefault\fR: \fB$vardir/facts\.d\fR
1435
1446
  .
1436
1447
  .IP "" 0
1437
1448
  .
@@ -1439,7 +1450,7 @@ Where Puppet should store external facts that are being handled by pluginsync
1439
1450
  Where to retrieve external facts for pluginsync
1440
1451
  .
1441
1452
  .IP "\(bu" 4
1442
- \fIDefault\fR: puppet:///pluginfacts
1453
+ \fIDefault\fR: \fBpuppet:///pluginfacts\fR
1443
1454
  .
1444
1455
  .IP "" 0
1445
1456
  .
@@ -1447,7 +1458,7 @@ Where to retrieve external facts for pluginsync
1447
1458
  What files to ignore when pulling down plugins\.
1448
1459
  .
1449
1460
  .IP "\(bu" 4
1450
- \fIDefault\fR: \.svn CVS \.git \.hg
1461
+ \fIDefault\fR: \fB\.svn CVS \.git \.hg\fR
1451
1462
  .
1452
1463
  .IP "" 0
1453
1464
  .
@@ -1455,7 +1466,7 @@ What files to ignore when pulling down plugins\.
1455
1466
  From where to retrieve plugins\. The standard Puppet \fBfile\fR type is used for retrieval, so anything that is a valid file source can be used here\.
1456
1467
  .
1457
1468
  .IP "\(bu" 4
1458
- \fIDefault\fR: puppet:///plugins
1469
+ \fIDefault\fR: \fBpuppet:///plugins\fR
1459
1470
  .
1460
1471
  .IP "" 0
1461
1472
  .
@@ -1463,7 +1474,7 @@ From where to retrieve plugins\. The standard Puppet \fBfile\fR type is used for
1463
1474
  Whether plugins should be synced with the central server\. This setting is deprecated\.
1464
1475
  .
1465
1476
  .IP "\(bu" 4
1466
- \fIDefault\fR: true
1477
+ \fIDefault\fR: \fBtrue\fR
1467
1478
  .
1468
1479
  .IP "" 0
1469
1480
  .
@@ -1474,7 +1485,7 @@ A command to run after every agent run\. If this command returns a non\-zero ret
1474
1485
  The preferred means of serializing ruby instances for passing over the wire\. This won\'t guarantee that all instances will be serialized using this method, since not all classes can be guaranteed to support this format, but it will be used for all classes that support it\.
1475
1486
  .
1476
1487
  .IP "\(bu" 4
1477
- \fIDefault\fR: json
1488
+ \fIDefault\fR: \fBjson\fR
1478
1489
  .
1479
1490
  .IP "" 0
1480
1491
  .
@@ -1485,22 +1496,23 @@ A command to run before every agent run\. If this command returns a non\-zero re
1485
1496
  The directory where catalog previews per node are generated\.
1486
1497
  .
1487
1498
  .IP "\(bu" 4
1488
- \fIDefault\fR: $vardir/preview
1499
+ \fIDefault\fR: \fB$vardir/preview\fR
1489
1500
  .
1490
1501
  .IP "" 0
1491
1502
  .
1492
1503
  .SS "priority"
1493
1504
  The scheduling priority of the process\. Valid values are \'high\', \'normal\', \'low\', or \'idle\', which are mapped to platform\-specific values\. The priority can also be specified as an integer value and will be passed as is, e\.g\. \-5\. Puppet must be running as a privileged user in order to increase scheduling priority\.
1494
1505
  .
1495
- .TP
1496
- \fIDefault\fR:
1497
-
1506
+ .IP "\(bu" 4
1507
+ \fIDefault\fR: ``
1508
+ .
1509
+ .IP "" 0
1498
1510
  .
1499
1511
  .SS "privatedir"
1500
1512
  Where the client stores private certificate information\.
1501
1513
  .
1502
1514
  .IP "\(bu" 4
1503
- \fIDefault\fR: $ssldir/private
1515
+ \fIDefault\fR: \fB$ssldir/private\fR
1504
1516
  .
1505
1517
  .IP "" 0
1506
1518
  .
@@ -1508,7 +1520,7 @@ Where the client stores private certificate information\.
1508
1520
  The private key directory\.
1509
1521
  .
1510
1522
  .IP "\(bu" 4
1511
- \fIDefault\fR: $ssldir/private_keys
1523
+ \fIDefault\fR: \fB$ssldir/private_keys\fR
1512
1524
  .
1513
1525
  .IP "" 0
1514
1526
  .
@@ -1516,7 +1528,7 @@ The private key directory\.
1516
1528
  Whether to enable experimental performance profiling
1517
1529
  .
1518
1530
  .IP "\(bu" 4
1519
- \fIDefault\fR: false
1531
+ \fIDefault\fR: \fBfalse\fR
1520
1532
  .
1521
1533
  .IP "" 0
1522
1534
  .
@@ -1524,7 +1536,7 @@ Whether to enable experimental performance profiling
1524
1536
  The public key directory\.
1525
1537
  .
1526
1538
  .IP "\(bu" 4
1527
- \fIDefault\fR: $ssldir/public_keys
1539
+ \fIDefault\fR: \fB$ssldir/public_keys\fR
1528
1540
  .
1529
1541
  .IP "" 0
1530
1542
  .
@@ -1532,7 +1544,7 @@ The public key directory\.
1532
1544
  Whether to print the Puppet stack trace on some errors\. This is a noop if \fBtrace\fR is also set\.
1533
1545
  .
1534
1546
  .IP "\(bu" 4
1535
- \fIDefault\fR: false
1547
+ \fIDefault\fR: \fBfalse\fR
1536
1548
  .
1537
1549
  .IP "" 0
1538
1550
  .
@@ -1546,7 +1558,7 @@ Despite the name, both puppet agent and puppet master will use this file as the
1546
1558
  For control over logging destinations, see the \fB\-\-logdest\fR command line option in the manual pages for puppet master, puppet agent, and puppet apply\. You can see man pages by running \fBpuppet <SUBCOMMAND> \-\-help\fR, or read them online at https://puppet\.com/docs/puppet/latest/man/\.
1547
1559
  .
1548
1560
  .IP "\(bu" 4
1549
- \fIDefault\fR: $logdir/puppetd\.log
1561
+ \fIDefault\fR: \fB$logdir/puppetd\.log\fR
1550
1562
  .
1551
1563
  .IP "" 0
1552
1564
  .
@@ -1554,7 +1566,7 @@ For control over logging destinations, see the \fB\-\-logdest\fR command line op
1554
1566
  Whether to send reports after every transaction\.
1555
1567
  .
1556
1568
  .IP "\(bu" 4
1557
- \fIDefault\fR: true
1569
+ \fIDefault\fR: \fBtrue\fR
1558
1570
  .
1559
1571
  .IP "" 0
1560
1572
  .
@@ -1562,7 +1574,7 @@ Whether to send reports after every transaction\.
1562
1574
  Whether the \'http\' report processor should include the system certificate store when submitting reports to HTTPS URLs\. If false, then the \'http\' processor will only trust HTTPS report servers whose certificates are issued by the puppet CA or one of its intermediate CAs\. If true, the processor will additionally trust CA certificates in the system\'s certificate store\.
1563
1575
  .
1564
1576
  .IP "\(bu" 4
1565
- \fIDefault\fR: false
1577
+ \fIDefault\fR: \fBfalse\fR
1566
1578
  .
1567
1579
  .IP "" 0
1568
1580
  .
@@ -1570,7 +1582,7 @@ Whether the \'http\' report processor should include the system certificate stor
1570
1582
  The port to communicate with the report_server\.
1571
1583
  .
1572
1584
  .IP "\(bu" 4
1573
- \fIDefault\fR: $serverport
1585
+ \fIDefault\fR: \fB$serverport\fR
1574
1586
  .
1575
1587
  .IP "" 0
1576
1588
  .
@@ -1578,7 +1590,7 @@ The port to communicate with the report_server\.
1578
1590
  The server to send transaction reports to\.
1579
1591
  .
1580
1592
  .IP "\(bu" 4
1581
- \fIDefault\fR: $server
1593
+ \fIDefault\fR: \fB$server\fR
1582
1594
  .
1583
1595
  .IP "" 0
1584
1596
  .
@@ -1586,7 +1598,7 @@ The server to send transaction reports to\.
1586
1598
  The directory in which to store reports\. Each node gets a separate subdirectory in this directory\. This setting is only used when the \fBstore\fR report processor is enabled (see the \fBreports\fR setting)\.
1587
1599
  .
1588
1600
  .IP "\(bu" 4
1589
- \fIDefault\fR: $vardir/reports
1601
+ \fIDefault\fR: \fB$vardir/reports\fR
1590
1602
  .
1591
1603
  .IP "" 0
1592
1604
  .
@@ -1599,8 +1611,11 @@ This setting is relevant to puppet master and puppet apply\. The puppet master w
1599
1611
  .P
1600
1612
  See the report reference for information on the built\-in report handlers; custom report handlers can also be loaded from modules\. (Report handlers are loaded from the lib directory, at \fBpuppet/reports/NAME\.rb\fR\.)
1601
1613
  .
1614
+ .P
1615
+ To turn off reports entirely, set this to \fBnone\fR
1616
+ .
1602
1617
  .IP "\(bu" 4
1603
- \fIDefault\fR: store
1618
+ \fIDefault\fR: \fBstore\fR
1604
1619
  .
1605
1620
  .IP "" 0
1606
1621
  .
@@ -1608,7 +1623,7 @@ See the report reference for information on the built\-in report handlers; custo
1608
1623
  The URL that reports should be forwarded to\. This setting is only used when the \fBhttp\fR report processor is enabled (see the \fBreports\fR setting)\.
1609
1624
  .
1610
1625
  .IP "\(bu" 4
1611
- \fIDefault\fR: http://localhost:3000/reports/upload
1626
+ \fIDefault\fR: \fBhttp://localhost:3000/reports/upload\fR
1612
1627
  .
1613
1628
  .IP "" 0
1614
1629
  .
@@ -1616,7 +1631,7 @@ The URL that reports should be forwarded to\. This setting is only used when the
1616
1631
  Where host certificate requests are stored\.
1617
1632
  .
1618
1633
  .IP "\(bu" 4
1619
- \fIDefault\fR: $ssldir/certificate_requests
1634
+ \fIDefault\fR: \fB$ssldir/certificate_requests\fR
1620
1635
  .
1621
1636
  .IP "" 0
1622
1637
  .
@@ -1624,7 +1639,7 @@ Where host certificate requests are stored\.
1624
1639
  The file in which puppet agent stores a list of the resources associated with the retrieved configuration\.
1625
1640
  .
1626
1641
  .IP "\(bu" 4
1627
- \fIDefault\fR: $statedir/resources\.txt
1642
+ \fIDefault\fR: \fB$statedir/resources\.txt\fR
1628
1643
  .
1629
1644
  .IP "" 0
1630
1645
  .
@@ -1632,7 +1647,7 @@ The file in which puppet agent stores a list of the resources associated with th
1632
1647
  The configuration file that defines the rights to the different rest indirections\. This can be used as a fine\-grained authorization system for \fBpuppet master\fR\. The \fBpuppet master\fR command is deprecated and Puppet Server uses its own auth\.conf that must be placed within its configuration directory\.
1633
1648
  .
1634
1649
  .IP "\(bu" 4
1635
- \fIDefault\fR: $confdir/auth\.conf
1650
+ \fIDefault\fR: \fB$confdir/auth\.conf\fR
1636
1651
  .
1637
1652
  .IP "" 0
1638
1653
  .
@@ -1640,7 +1655,7 @@ The configuration file that defines the rights to the different rest indirection
1640
1655
  Whether to send updated facts after every transaction\. By default puppet only submits facts at the beginning of the transaction before applying a catalog\. Since puppet can modify the state of the system, the value of the facts may change after puppet finishes\. Therefore, any facts stored in puppetdb may not be consistent until the agent next runs, typically in 30 minutes\. If this feature is enabled, puppet will resubmit facts after applying its catalog, ensuring facts for the node stored in puppetdb are current\. However, this will double the fact submission load on puppetdb, so it is disabled by default\.
1641
1656
  .
1642
1657
  .IP "\(bu" 4
1643
- \fIDefault\fR: false
1658
+ \fIDefault\fR: \fBfalse\fR
1644
1659
  .
1645
1660
  .IP "" 0
1646
1661
  .
@@ -1648,7 +1663,7 @@ Whether to send updated facts after every transaction\. By default puppet only s
1648
1663
  Enables having extended data in the catalog by storing them as a hash with the special key \fB__ptype\fR\. When enabled, resource containing values of the data types \fBBinary\fR, \fBRegexp\fR, \fBSemVer\fR, \fBSemVerRange\fR, \fBTimespan\fR and \fBTimestamp\fR, as well as instances of types derived from \fBObject\fR retain their data type\.
1649
1664
  .
1650
1665
  .IP "\(bu" 4
1651
- \fIDefault\fR: true
1666
+ \fIDefault\fR: \fBtrue\fR
1652
1667
  .
1653
1668
  .IP "" 0
1654
1669
  .
@@ -1656,7 +1671,7 @@ Enables having extended data in the catalog by storing them as a hash with the s
1656
1671
  The YAML file containing indirector route configuration\.
1657
1672
  .
1658
1673
  .IP "\(bu" 4
1659
- \fIDefault\fR: $confdir/routes\.yaml
1674
+ \fIDefault\fR: \fB$confdir/routes\.yaml\fR
1660
1675
  .
1661
1676
  .IP "" 0
1662
1677
  .
@@ -1664,7 +1679,7 @@ The YAML file containing indirector route configuration\.
1664
1679
  Where Puppet PID files are kept\.
1665
1680
  .
1666
1681
  .IP "\(bu" 4
1667
- \fIDefault\fR: Unix/Linux: /var/run/puppetlabs \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\evar\erun \-\- Non\-root user: ~/\.puppetlabs/var/run
1682
+ \fIDefault\fR: \fBUnix/Linux: /var/run/puppetlabs \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\evar\erun \-\- Non\-root user: ~/\.puppetlabs/var/run\fR
1668
1683
  .
1669
1684
  .IP "" 0
1670
1685
  .
@@ -1672,7 +1687,7 @@ Where Puppet PID files are kept\.
1672
1687
  How often puppet agent applies the catalog\. Note that a runinterval of 0 means "run continuously" rather than "never run\." This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
1673
1688
  .
1674
1689
  .IP "\(bu" 4
1675
- \fIDefault\fR: 30m
1690
+ \fIDefault\fR: \fB30m\fR
1676
1691
  .
1677
1692
  .IP "" 0
1678
1693
  .
@@ -1680,7 +1695,7 @@ How often puppet agent applies the catalog\. Note that a runinterval of 0 means
1680
1695
  The maximum amount of time an agent run is allowed to take\. A Puppet agent run that exceeds this timeout will be aborted\. A value of 0 disables the timeout\. Defaults to 1 hour\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
1681
1696
  .
1682
1697
  .IP "\(bu" 4
1683
- \fIDefault\fR: 1h
1698
+ \fIDefault\fR: \fB1h\fR
1684
1699
  .
1685
1700
  .IP "" 0
1686
1701
  .
@@ -1688,7 +1703,7 @@ The maximum amount of time an agent run is allowed to take\. A Puppet agent run
1688
1703
  Where the serial number for certificates is stored\.
1689
1704
  .
1690
1705
  .IP "\(bu" 4
1691
- \fIDefault\fR: $cadir/serial
1706
+ \fIDefault\fR: \fB$cadir/serial\fR
1692
1707
  .
1693
1708
  .IP "" 0
1694
1709
  .
@@ -1696,7 +1711,7 @@ Where the serial number for certificates is stored\.
1696
1711
  The puppet master server to which the puppet agent should connect\.
1697
1712
  .
1698
1713
  .IP "\(bu" 4
1699
- \fIDefault\fR: puppet
1714
+ \fIDefault\fR: \fBpuppet\fR
1700
1715
  .
1701
1716
  .IP "" 0
1702
1717
  .
@@ -1704,7 +1719,7 @@ The puppet master server to which the puppet agent should connect\.
1704
1719
  The directory in which serialized data is stored, usually in a subdirectory\.
1705
1720
  .
1706
1721
  .IP "\(bu" 4
1707
- \fIDefault\fR: $vardir/server_data
1722
+ \fIDefault\fR: \fB$vardir/server_data\fR
1708
1723
  .
1709
1724
  .IP "" 0
1710
1725
  .
@@ -1712,7 +1727,7 @@ The directory in which serialized data is stored, usually in a subdirectory\.
1712
1727
  The list of puppet master servers to which the puppet agent should connect, in the order that they will be tried\.
1713
1728
  .
1714
1729
  .IP "\(bu" 4
1715
- \fIDefault\fR: []
1730
+ \fIDefault\fR: \fB[]\fR
1716
1731
  .
1717
1732
  .IP "" 0
1718
1733
  .
@@ -1720,7 +1735,7 @@ The list of puppet master servers to which the puppet agent should connect, in t
1720
1735
  The default port puppet subcommands use to communicate with Puppet Server\. (eg \fBpuppet facts upload\fR, \fBpuppet agent\fR)\. May be overridden by more specific settings (see \fBca_port\fR, \fBreport_port\fR)\.
1721
1736
  .
1722
1737
  .IP "\(bu" 4
1723
- \fIDefault\fR: 8140
1738
+ \fIDefault\fR: \fB8140\fR
1724
1739
  .
1725
1740
  .IP "" 0
1726
1741
  .
@@ -1728,7 +1743,7 @@ The default port puppet subcommands use to communicate with Puppet Server\. (eg
1728
1743
  Whether to log and report a contextual diff when files are being replaced\. This causes partial file contents to pass through Puppet\'s normal logging and reporting system, so this setting should be used with caution if you are sending Puppet\'s reports to an insecure destination\. This feature currently requires the \fBdiff/lcs\fR Ruby library\.
1729
1744
  .
1730
1745
  .IP "\(bu" 4
1731
- \fIDefault\fR: false
1746
+ \fIDefault\fR: \fBfalse\fR
1732
1747
  .
1733
1748
  .IP "" 0
1734
1749
  .
@@ -1736,7 +1751,7 @@ Whether to log and report a contextual diff when files are being replaced\. This
1736
1751
  Where the CA stores signed certificates\.
1737
1752
  .
1738
1753
  .IP "\(bu" 4
1739
- \fIDefault\fR: $cadir/signed
1754
+ \fIDefault\fR: \fB$cadir/signed\fR
1740
1755
  .
1741
1756
  .IP "" 0
1742
1757
  .
@@ -1746,9 +1761,10 @@ Tags to use to filter resources\. If this is set, then only resources not tagged
1746
1761
  .SS "sourceaddress"
1747
1762
  The address the agent should use to initiate requests\.
1748
1763
  .
1749
- .TP
1750
- \fIDefault\fR:
1751
-
1764
+ .IP "\(bu" 4
1765
+ \fIDefault\fR: ``
1766
+ .
1767
+ .IP "" 0
1752
1768
  .
1753
1769
  .SS "splay"
1754
1770
  Whether to sleep for a random amount of time, ranging from immediately up to its \fB$splaylimit\fR, before performing its first agent run after a service restart\. After this period, the agent runs periodically on its \fB$runinterval\fR\.
@@ -1763,7 +1779,7 @@ With \fBsplay\fR enabled, it waits any amount of time up to its \fB$splaylimit\f
1763
1779
  If you restart an agent\'s puppet service with \fBsplay\fR enabled, it recalculates its splay period and delays its first agent run after restarting for this new period\. If you simultaneously restart a group of puppet agents with \fBsplay\fR enabled, their checkins to your puppet masters can be distributed more evenly\.
1764
1780
  .
1765
1781
  .IP "\(bu" 4
1766
- \fIDefault\fR: false
1782
+ \fIDefault\fR: \fBfalse\fR
1767
1783
  .
1768
1784
  .IP "" 0
1769
1785
  .
@@ -1771,7 +1787,7 @@ If you restart an agent\'s puppet service with \fBsplay\fR enabled, it recalcula
1771
1787
  The maximum time to delay before an agent\'s first run when \fBsplay\fR is enabled\. Defaults to the agent\'s \fB$runinterval\fR\. The \fBsplay\fR interval is random and recalculated each time the agent is started or restarted\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
1772
1788
  .
1773
1789
  .IP "\(bu" 4
1774
- \fIDefault\fR: $runinterval
1790
+ \fIDefault\fR: \fB$runinterval\fR
1775
1791
  .
1776
1792
  .IP "" 0
1777
1793
  .
@@ -1779,16 +1795,17 @@ The maximum time to delay before an agent\'s first run when \fBsplay\fR is enabl
1779
1795
  The domain which will be queried to find the SRV records of servers to use\.
1780
1796
  .
1781
1797
  .IP "\(bu" 4
1782
- \fIDefault\fR: ci\-jenkins\-setup\-platform\.svc\.cluster\.local
1798
+ \fIDefault\fR: \fBci\-jenkins\-setup\-platform\.svc\.cluster\.local\fR
1783
1799
  .
1784
1800
  .IP "" 0
1785
1801
  .
1786
1802
  .SS "ssl_client_ca_auth"
1787
1803
  Certificate authorities who issue server certificates\. SSL servers will not be considered authentic unless they possess a certificate issued by an authority listed in this file\. If this setting has no value then the Puppet master\'s CA certificate (localcacert) will be used\.
1788
1804
  .
1789
- .TP
1790
- \fIDefault\fR:
1791
-
1805
+ .IP "\(bu" 4
1806
+ \fIDefault\fR: ``
1807
+ .
1808
+ .IP "" 0
1792
1809
  .
1793
1810
  .SS "ssl_client_header"
1794
1811
  The header containing an authenticated client\'s SSL DN\. This header must be set by the proxy to the authenticated client\'s SSL DN (e\.g\., \fB/CN=puppet\.puppetlabs\.com\fR)\. Puppet will parse out the Common Name (CN) from the Distinguished Name (DN) and use the value of the CN field for authorization\.
@@ -1797,7 +1814,7 @@ The header containing an authenticated client\'s SSL DN\. This header must be se
1797
1814
  Note that the name of the HTTP header gets munged by the web server common gateway interface: an \fBHTTP_\fR prefix is added, dashes are converted to underscores, and all letters are uppercased\. Thus, to use the \fBX\-Client\-DN\fR header, this setting should be \fBHTTP_X_CLIENT_DN\fR\.
1798
1815
  .
1799
1816
  .IP "\(bu" 4
1800
- \fIDefault\fR: HTTP_X_CLIENT_DN
1817
+ \fIDefault\fR: \fBHTTP_X_CLIENT_DN\fR
1801
1818
  .
1802
1819
  .IP "" 0
1803
1820
  .
@@ -1808,7 +1825,7 @@ The header containing the status message of the client verification\. This heade
1808
1825
  Note that the name of the HTTP header gets munged by the web server common gateway interface: an \fBHTTP_\fR prefix is added, dashes are converted to underscores, and all letters are uppercased\. Thus, to use the \fBX\-Client\-Verify\fR header, this setting should be \fBHTTP_X_CLIENT_VERIFY\fR\.
1809
1826
  .
1810
1827
  .IP "\(bu" 4
1811
- \fIDefault\fR: HTTP_X_CLIENT_VERIFY
1828
+ \fIDefault\fR: \fBHTTP_X_CLIENT_VERIFY\fR
1812
1829
  .
1813
1830
  .IP "" 0
1814
1831
  .
@@ -1816,29 +1833,31 @@ Note that the name of the HTTP header gets munged by the web server common gatew
1816
1833
  A lock file to indicate that the ssl bootstrap process is currently in progress\.
1817
1834
  .
1818
1835
  .IP "\(bu" 4
1819
- \fIDefault\fR: $ssldir/ssl\.lock
1836
+ \fIDefault\fR: \fB$ssldir/ssl\.lock\fR
1820
1837
  .
1821
1838
  .IP "" 0
1822
1839
  .
1823
1840
  .SS "ssl_server_ca_auth"
1824
1841
  The setting is deprecated and has no effect\. Ensure all root and intermediate certificate authorities used to issue client certificates are contained in the server\'s \fBcacert\fR file on the server\.
1825
1842
  .
1826
- .TP
1827
- \fIDefault\fR:
1828
-
1843
+ .IP "\(bu" 4
1844
+ \fIDefault\fR: ``
1845
+ .
1846
+ .IP "" 0
1829
1847
  .
1830
1848
  .SS "ssl_trust_store"
1831
1849
  A file containing CA certificates in PEM format that puppet should trust when making HTTPS requests\. This \fBonly\fR applies to https requests to non\-puppet infrastructure, such as retrieving file metadata and content from https file sources, puppet module tool and the \'http\' report processor\. This setting is ignored when making requests to puppet:// URLs such as catalog and report requests\.
1832
1850
  .
1833
- .TP
1834
- \fIDefault\fR:
1835
-
1851
+ .IP "\(bu" 4
1852
+ \fIDefault\fR: ``
1853
+ .
1854
+ .IP "" 0
1836
1855
  .
1837
1856
  .SS "ssldir"
1838
1857
  Where SSL certificates are kept\.
1839
1858
  .
1840
1859
  .IP "\(bu" 4
1841
- \fIDefault\fR: $confdir/ssl
1860
+ \fIDefault\fR: \fB$confdir/ssl\fR
1842
1861
  .
1843
1862
  .IP "" 0
1844
1863
  .
@@ -1846,7 +1865,7 @@ Where SSL certificates are kept\.
1846
1865
  The directory where Puppet state is stored\. Generally, this directory can be removed without causing harm (although it might result in spurious service restarts)\.
1847
1866
  .
1848
1867
  .IP "\(bu" 4
1849
- \fIDefault\fR: $vardir/state
1868
+ \fIDefault\fR: \fB$vardir/state\fR
1850
1869
  .
1851
1870
  .IP "" 0
1852
1871
  .
@@ -1854,7 +1873,7 @@ The directory where Puppet state is stored\. Generally, this directory can be re
1854
1873
  Where puppet agent and puppet master store state associated with the running configuration\. In the case of puppet master, this file reflects the state discovered through interacting with clients\.
1855
1874
  .
1856
1875
  .IP "\(bu" 4
1857
- \fIDefault\fR: $statedir/state\.yaml
1876
+ \fIDefault\fR: \fB$statedir/state\.yaml\fR
1858
1877
  .
1859
1878
  .IP "" 0
1860
1879
  .
@@ -1865,7 +1884,7 @@ How long the Puppet agent should cache when a resource was last checked or synce
1865
1884
  This setting affects the usage of \fBschedule\fR resources, as the information about when a resource was last checked (and therefore when it needs to be checked again) is stored in the \fBstatefile\fR\. The \fBstatettl\fR needs to be large enough to ensure that a resource will not trigger multiple times during a schedule due to its entry expiring from the cache\.
1866
1885
  .
1867
1886
  .IP "\(bu" 4
1868
- \fIDefault\fR: 32d
1887
+ \fIDefault\fR: \fB32d\fR
1869
1888
  .
1870
1889
  .IP "" 0
1871
1890
  .
@@ -1873,7 +1892,7 @@ This setting affects the usage of \fBschedule\fR resources, as the information a
1873
1892
  Whether to compile a static catalog \fIhttps://puppet\.com/docs/puppet/latest/static_catalogs\.html#enabling\-or\-disabling\-static\-catalogs\fR, which occurs only on a Puppet Server master when the \fBcode\-id\-command\fR and \fBcode\-content\-command\fR settings are configured in its \fBpuppetserver\.conf\fR file\.
1874
1893
  .
1875
1894
  .IP "\(bu" 4
1876
- \fIDefault\fR: true
1895
+ \fIDefault\fR: \fBtrue\fR
1877
1896
  .
1878
1897
  .IP "" 0
1879
1898
  .
@@ -1887,7 +1906,7 @@ By default this uses the \'puppetdb\' backend\.
1887
1906
  You can adjust the backend using the storeconfigs_backend setting\.
1888
1907
  .
1889
1908
  .IP "\(bu" 4
1890
- \fIDefault\fR: false
1909
+ \fIDefault\fR: \fBfalse\fR
1891
1910
  .
1892
1911
  .IP "" 0
1893
1912
  .
@@ -1895,7 +1914,7 @@ You can adjust the backend using the storeconfigs_backend setting\.
1895
1914
  Configure the backend terminus used for StoreConfigs\. By default, this uses the PuppetDB store, which must be installed and configured before turning on StoreConfigs\.
1896
1915
  .
1897
1916
  .IP "\(bu" 4
1898
- \fIDefault\fR: puppetdb
1917
+ \fIDefault\fR: \fBpuppetdb\fR
1899
1918
  .
1900
1919
  .IP "" 0
1901
1920
  .
@@ -1920,7 +1939,7 @@ The strictness level is for both language semantics and runtime evaluation valid
1920
1939
  No new validations will be added to a micro (x\.y\.z) release, but may be added in minor releases (x\.y\.0)\. In major releases it expected that most (if not all) strictness validation become standard behavior\.
1921
1940
  .
1922
1941
  .IP "\(bu" 4
1923
- \fIDefault\fR: warning
1942
+ \fIDefault\fR: \fBwarning\fR
1924
1943
  .
1925
1944
  .IP "" 0
1926
1945
  .
@@ -1928,7 +1947,7 @@ No new validations will be added to a micro (x\.y\.z) release, but may be added
1928
1947
  Whether the agent specified environment should be considered authoritative, causing the run to fail if the retrieved catalog does not match it\.
1929
1948
  .
1930
1949
  .IP "\(bu" 4
1931
- \fIDefault\fR: false
1950
+ \fIDefault\fR: \fBfalse\fR
1932
1951
  .
1933
1952
  .IP "" 0
1934
1953
  .
@@ -1939,7 +1958,7 @@ Whether to only search for the complete hostname as it is in the certificate whe
1939
1958
  This setting is deprecated and will be removed in a future release\.
1940
1959
  .
1941
1960
  .IP "\(bu" 4
1942
- \fIDefault\fR: true
1961
+ \fIDefault\fR: \fBtrue\fR
1943
1962
  .
1944
1963
  .IP "" 0
1945
1964
  .
@@ -1947,7 +1966,7 @@ This setting is deprecated and will be removed in a future release\.
1947
1966
  Causes an evaluation error when referencing unknown variables\. (This does not affect referencing variables that are explicitly set to undef)\.
1948
1967
  .
1949
1968
  .IP "\(bu" 4
1950
- \fIDefault\fR: false
1969
+ \fIDefault\fR: \fBfalse\fR
1951
1970
  .
1952
1971
  .IP "" 0
1953
1972
  .
@@ -1955,7 +1974,7 @@ Causes an evaluation error when referencing unknown variables\. (This does not a
1955
1974
  Whether to print a transaction summary\.
1956
1975
  .
1957
1976
  .IP "\(bu" 4
1958
- \fIDefault\fR: false
1977
+ \fIDefault\fR: \fBfalse\fR
1959
1978
  .
1960
1979
  .IP "" 0
1961
1980
  .
@@ -1963,7 +1982,7 @@ Whether to print a transaction summary\.
1963
1982
  Checksum types supported by this agent for use in file resources of a static catalog\. Values must be comma\-separated\. Valid types are md5, md5lite, sha256, sha256lite, sha384, sha512, sha224, sha1, sha1lite, mtime, ctime\. Default is md5, sha256, sha384, sha512, sha224\.
1964
1983
  .
1965
1984
  .IP "\(bu" 4
1966
- \fIDefault\fR: ["md5", "sha256", "sha384", "sha512", "sha224"]
1985
+ \fIDefault\fR: \fB["md5", "sha256", "sha384", "sha512", "sha224"]\fR
1967
1986
  .
1968
1987
  .IP "" 0
1969
1988
  .
@@ -1971,7 +1990,7 @@ Checksum types supported by this agent for use in file resources of a static cat
1971
1990
  What syslog facility to use when logging to syslog\. Syslog has a fixed list of valid facilities, and you must choose one of those; you cannot just make one up\.
1972
1991
  .
1973
1992
  .IP "\(bu" 4
1974
- \fIDefault\fR: daemon
1993
+ \fIDefault\fR: \fBdaemon\fR
1975
1994
  .
1976
1995
  .IP "" 0
1977
1996
  .
@@ -1982,7 +2001,7 @@ Tags to use to find resources\. If this is set, then only resources tagged with
1982
2001
  Turns on experimental support for tasks and plans in the puppet language\. This is for internal API use only\. Do not change this setting\.
1983
2002
  .
1984
2003
  .IP "\(bu" 4
1985
- \fIDefault\fR: false
2004
+ \fIDefault\fR: \fBfalse\fR
1986
2005
  .
1987
2006
  .IP "" 0
1988
2007
  .
@@ -1990,7 +2009,7 @@ Turns on experimental support for tasks and plans in the puppet language\. This
1990
2009
  Whether to print stack traces on some errors\. Will print internal Ruby stack trace interleaved with Puppet function frames\.
1991
2010
  .
1992
2011
  .IP "\(bu" 4
1993
- \fIDefault\fR: false
2012
+ \fIDefault\fR: \fBfalse\fR
1994
2013
  .
1995
2014
  .IP "" 0
1996
2015
  .
@@ -1998,7 +2017,7 @@ Whether to print stack traces on some errors\. Will print internal Ruby stack tr
1998
2017
  Transactional storage file for persisting data between transactions for the purposes of infering information (such as corrective_change) on new data received\.
1999
2018
  .
2000
2019
  .IP "\(bu" 4
2001
- \fIDefault\fR: $statedir/transactionstore\.yaml
2020
+ \fIDefault\fR: \fB$statedir/transactionstore\.yaml\fR
2002
2021
  .
2003
2022
  .IP "" 0
2004
2023
  .
@@ -2019,15 +2038,16 @@ For unknown or invalid nodes, exit with a non\-zero exit code\.
2019
2038
  .P
2020
2039
  If the setting points to an executable command, then the external trusted facts will be stored in the \'external\' key of the trusted facts hash\. Otherwise for each executable file in the directory, the external trusted facts will be stored in the \fB<basename>\fR key of the \fBtrusted[\'external\']\fR hash\. For example, if the files foo\.rb and bar\.sh are in the directory, then \fBtrusted[\'external\']\fR will be the hash \fB{ \'foo\' => <foo\.rb output>, \'bar\' => <bar\.sh output> }\fR\.
2021
2040
  .
2022
- .TP
2023
- \fIDefault\fR:
2024
-
2041
+ .IP "\(bu" 4
2042
+ \fIDefault\fR: ``
2043
+ .
2044
+ .IP "" 0
2025
2045
  .
2026
2046
  .SS "trusted_oid_mapping_file"
2027
2047
  File that provides mapping between custom SSL oids and user\-friendly names
2028
2048
  .
2029
2049
  .IP "\(bu" 4
2030
- \fIDefault\fR: $confdir/custom_trusted_oid_mapping\.yaml
2050
+ \fIDefault\fR: \fB$confdir/custom_trusted_oid_mapping\.yaml\fR
2031
2051
  .
2032
2052
  .IP "" 0
2033
2053
  .
@@ -2035,7 +2055,7 @@ File that provides mapping between custom SSL oids and user\-friendly names
2035
2055
  Whether to only use the cached catalog rather than compiling a new catalog on every run\. Puppet can be run with this enabled by default and then selectively disabled when a recompile is desired\. Because a Puppet agent using cached catalogs does not contact the master for a new catalog, it also does not upload facts at the beginning of the Puppet run\.
2036
2056
  .
2037
2057
  .IP "\(bu" 4
2038
- \fIDefault\fR: false
2058
+ \fIDefault\fR: \fBfalse\fR
2039
2059
  .
2040
2060
  .IP "" 0
2041
2061
  .
@@ -2043,7 +2063,7 @@ Whether to only use the cached catalog rather than compiling a new catalog on ev
2043
2063
  Whether the server will search for SRV records in DNS for the current domain\.
2044
2064
  .
2045
2065
  .IP "\(bu" 4
2046
- \fIDefault\fR: false
2066
+ \fIDefault\fR: \fBfalse\fR
2047
2067
  .
2048
2068
  .IP "" 0
2049
2069
  .
@@ -2051,7 +2071,7 @@ Whether the server will search for SRV records in DNS for the current domain\.
2051
2071
  Whether to use the cached configuration when the remote configuration will not compile\. This option is useful for testing new configurations, where you want to fix the broken configuration rather than reverting to a known\-good one\.
2052
2072
  .
2053
2073
  .IP "\(bu" 4
2054
- \fIDefault\fR: true
2074
+ \fIDefault\fR: \fBtrue\fR
2055
2075
  .
2056
2076
  .IP "" 0
2057
2077
  .
@@ -2059,7 +2079,7 @@ Whether to use the cached configuration when the remote configuration will not c
2059
2079
  The user Puppet Server will run as\. Used to ensure the agent side processes (agent, apply, etc) create files and directories readable by Puppet Server when necessary\.
2060
2080
  .
2061
2081
  .IP "\(bu" 4
2062
- \fIDefault\fR: puppet
2082
+ \fIDefault\fR: \fBpuppet\fR
2063
2083
  .
2064
2084
  .IP "" 0
2065
2085
  .
@@ -2067,7 +2087,7 @@ The user Puppet Server will run as\. Used to ensure the agent side processes (ag
2067
2087
  Where Puppet stores dynamic and growing data\. The default for this setting is calculated specially, like \fBconfdir\fR_\.
2068
2088
  .
2069
2089
  .IP "\(bu" 4
2070
- \fIDefault\fR: Unix/Linux: /opt/puppetlabs/puppet/cache \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\ecache \-\- Non\-root user: ~/\.puppetlabs/opt/puppet/cache
2090
+ \fIDefault\fR: \fBUnix/Linux: /opt/puppetlabs/puppet/cache \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\ecache \-\- Non\-root user: ~/\.puppetlabs/opt/puppet/cache\fR
2071
2091
  .
2072
2092
  .IP "" 0
2073
2093
  .
@@ -2075,7 +2095,7 @@ Where Puppet stores dynamic and growing data\. The default for this setting is c
2075
2095
  The directory containing \fBvendored\fR modules\. These modules will be used by \fIall\fR environments like those in the \fBbasemodulepath\fR\. The only difference is that modules in the \fBbasemodulepath\fR are pluginsynced, while vendored modules are not
2076
2096
  .
2077
2097
  .IP "\(bu" 4
2078
- \fIDefault\fR: /opt/puppetlabs/puppet/vendor_modules
2098
+ \fIDefault\fR: \fB/opt/puppetlabs/puppet/vendor_modules\fR
2079
2099
  .
2080
2100
  .IP "" 0
2081
2101
  .
@@ -2083,7 +2103,7 @@ The directory containing \fBvendored\fR modules\. These modules will be used by
2083
2103
  Whether or not to look for versioned environment directories, symlinked from \fB$environmentpath/<environment>\fR\. This is an experimental feature and should be used with caution\.
2084
2104
  .
2085
2105
  .IP "\(bu" 4
2086
- \fIDefault\fR: false
2106
+ \fIDefault\fR: \fBfalse\fR
2087
2107
  .
2088
2108
  .IP "" 0
2089
2109
  .
@@ -2097,7 +2117,7 @@ When starting for the first time, puppet agent will submit a certificate signing
2097
2117
  Puppet agent cannot apply configurations until its approved certificate is available\. Since the certificate may or may not be available immediately, puppet agent will repeatedly try to fetch it at this interval\. You can turn off waiting for certificates by specifying a time of 0, or a maximum amount of time to wait in the \fBmaxwaitforcert\fR setting, in which case puppet agent will exit if it cannot get a cert\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
2098
2118
  .
2099
2119
  .IP "\(bu" 4
2100
- \fIDefault\fR: 2m
2120
+ \fIDefault\fR: \fB2m\fR
2101
2121
  .
2102
2122
  .IP "" 0
2103
2123
  .
@@ -2108,7 +2128,7 @@ How frequently puppet agent should try running when there is an already ongoing
2108
2128
  This argument is by default disabled (value set to 0)\. In this case puppet agent will immediately exit if it cannot run at that moment\. When a value other than 0 is set, this can also be used in combination with the \fBmaxwaitforlock\fR argument\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
2109
2129
  .
2110
2130
  .IP "\(bu" 4
2111
- \fIDefault\fR: 0
2131
+ \fIDefault\fR: \fB0\fR
2112
2132
  .
2113
2133
  .IP "" 0
2114
2134
  .
@@ -2116,7 +2136,7 @@ This argument is by default disabled (value set to 0)\. In this case puppet agen
2116
2136
  The directory in which YAML data is stored, usually in a subdirectory\.
2117
2137
  .
2118
2138
  .IP "\(bu" 4
2119
- \fIDefault\fR: $vardir/yaml
2139
+ \fIDefault\fR: \fB$vardir/yaml\fR
2120
2140
  .
2121
2141
  .IP "" 0
2122
2142