puppet 7.3.0-universal-darwin → 7.7.0-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile.lock +31 -25
- data/ext/build_defaults.yaml +0 -1
- data/install.rb +11 -11
- data/lib/hiera_puppet.rb +1 -1
- data/lib/puppet.rb +37 -37
- data/lib/puppet/agent.rb +6 -6
- data/lib/puppet/agent/disabler.rb +1 -1
- data/lib/puppet/agent/locker.rb +2 -2
- data/lib/puppet/application.rb +6 -6
- data/lib/puppet/application/agent.rb +18 -11
- data/lib/puppet/application/apply.rb +6 -5
- data/lib/puppet/application/catalog.rb +1 -1
- data/lib/puppet/application/config.rb +1 -1
- data/lib/puppet/application/describe.rb +1 -1
- data/lib/puppet/application/device.rb +8 -7
- data/lib/puppet/application/doc.rb +7 -7
- data/lib/puppet/application/epp.rb +2 -2
- data/lib/puppet/application/face_base.rb +2 -2
- data/lib/puppet/application/facts.rb +1 -1
- data/lib/puppet/application/filebucket.rb +2 -2
- data/lib/puppet/application/generate.rb +1 -1
- data/lib/puppet/application/help.rb +1 -1
- data/lib/puppet/application/indirection_base.rb +1 -1
- data/lib/puppet/application/lookup.rb +6 -6
- data/lib/puppet/application/module.rb +1 -1
- data/lib/puppet/application/node.rb +1 -1
- data/lib/puppet/application/parser.rb +2 -2
- data/lib/puppet/application/plugin.rb +1 -1
- data/lib/puppet/application/report.rb +1 -1
- data/lib/puppet/application/resource.rb +3 -2
- data/lib/puppet/application/script.rb +6 -5
- data/lib/puppet/application/ssl.rb +13 -2
- data/lib/puppet/application_support.rb +4 -4
- data/lib/puppet/compilable_resource_type.rb +1 -1
- data/lib/puppet/concurrent/lock.rb +1 -1
- data/lib/puppet/configurer.rb +4 -4
- data/lib/puppet/configurer/downloader.rb +4 -3
- data/lib/puppet/configurer/fact_handler.rb +3 -3
- data/lib/puppet/configurer/plugin_handler.rb +1 -1
- data/lib/puppet/confine.rb +1 -1
- data/lib/puppet/confine/boolean.rb +1 -1
- data/lib/puppet/confine/exists.rb +1 -1
- data/lib/puppet/confine/false.rb +1 -1
- data/lib/puppet/confine/feature.rb +1 -1
- data/lib/puppet/confine/true.rb +1 -1
- data/lib/puppet/confine/variable.rb +1 -1
- data/lib/puppet/confine_collection.rb +1 -1
- data/lib/puppet/confiner.rb +1 -1
- data/lib/puppet/context.rb +2 -2
- data/lib/puppet/context/trusted_information.rb +1 -1
- data/lib/puppet/daemon.rb +2 -2
- data/lib/puppet/data_binding.rb +1 -1
- data/lib/puppet/datatypes/error.rb +1 -1
- data/lib/puppet/defaults.rb +15 -11
- data/lib/puppet/environments.rb +17 -2
- data/lib/puppet/etc.rb +1 -1
- data/lib/puppet/external/pson/common.rb +1 -1
- data/lib/puppet/external/pson/pure.rb +3 -3
- data/lib/puppet/face.rb +1 -1
- data/lib/puppet/face/catalog.rb +1 -1
- data/lib/puppet/face/config.rb +2 -2
- data/lib/puppet/face/epp.rb +6 -6
- data/lib/puppet/face/facts.rb +18 -8
- data/lib/puppet/face/generate.rb +2 -2
- data/lib/puppet/face/help.rb +3 -3
- data/lib/puppet/face/module.rb +3 -3
- data/lib/puppet/face/module/install.rb +2 -2
- data/lib/puppet/face/node.rb +1 -1
- data/lib/puppet/face/parser.rb +4 -4
- data/lib/puppet/face/plugin.rb +2 -2
- data/lib/puppet/face/report.rb +1 -1
- data/lib/puppet/face/resource.rb +1 -1
- data/lib/puppet/feature/base.rb +2 -2
- data/lib/puppet/feature/bolt.rb +1 -1
- data/lib/puppet/feature/cfpropertylist.rb +1 -1
- data/lib/puppet/feature/eventlog.rb +1 -1
- data/lib/puppet/feature/hiera_eyaml.rb +1 -1
- data/lib/puppet/feature/hocon.rb +1 -1
- data/lib/puppet/feature/libuser.rb +2 -2
- data/lib/puppet/feature/msgpack.rb +1 -1
- data/lib/puppet/feature/pe_license.rb +1 -1
- data/lib/puppet/feature/selinux.rb +1 -1
- data/lib/puppet/feature/ssh.rb +1 -1
- data/lib/puppet/feature/telnet.rb +1 -1
- data/lib/puppet/feature/zlib.rb +1 -1
- data/lib/puppet/ffi/posix.rb +2 -2
- data/lib/puppet/ffi/posix/constants.rb +1 -1
- data/lib/puppet/ffi/posix/functions.rb +1 -1
- data/lib/puppet/ffi/windows.rb +4 -4
- data/lib/puppet/ffi/windows/api_types.rb +3 -3
- data/lib/puppet/ffi/windows/constants.rb +2 -2
- data/lib/puppet/ffi/windows/functions.rb +1 -1
- data/lib/puppet/ffi/windows/structs.rb +1 -1
- data/lib/puppet/file_bucket/dipper.rb +4 -4
- data/lib/puppet/file_bucket/file.rb +3 -3
- data/lib/puppet/file_serving/base.rb +2 -2
- data/lib/puppet/file_serving/configuration.rb +10 -10
- data/lib/puppet/file_serving/configuration/parser.rb +2 -2
- data/lib/puppet/file_serving/content.rb +3 -3
- data/lib/puppet/file_serving/fileset.rb +16 -4
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_serving/metadata.rb +6 -6
- data/lib/puppet/file_serving/mount.rb +4 -4
- data/lib/puppet/file_serving/mount/file.rb +1 -1
- data/lib/puppet/file_serving/mount/locales.rb +1 -1
- data/lib/puppet/file_serving/mount/modules.rb +1 -1
- data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -1
- data/lib/puppet/file_serving/mount/plugins.rb +1 -1
- data/lib/puppet/file_serving/mount/tasks.rb +1 -1
- data/lib/puppet/file_serving/terminus_helper.rb +2 -2
- data/lib/puppet/file_serving/terminus_selector.rb +1 -1
- data/lib/puppet/file_system.rb +9 -9
- data/lib/puppet/file_system/jruby.rb +1 -1
- data/lib/puppet/file_system/memory_file.rb +8 -1
- data/lib/puppet/file_system/path_pattern.rb +1 -1
- data/lib/puppet/file_system/uniquefile.rb +1 -1
- data/lib/puppet/file_system/windows.rb +4 -2
- data/lib/puppet/forge.rb +5 -5
- data/lib/puppet/forge/cache.rb +1 -1
- data/lib/puppet/forge/errors.rb +3 -3
- data/lib/puppet/forge/repository.rb +4 -4
- data/lib/puppet/functions.rb +1 -1
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +13 -5
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/partition.rb +12 -4
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/tree_each.rb +7 -9
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/functions/versioncmp.rb +1 -1
- data/lib/puppet/generate/models/type/type.rb +1 -1
- data/lib/puppet/generate/type.rb +2 -2
- data/lib/puppet/gettext/config.rb +3 -3
- data/lib/puppet/gettext/module_translations.rb +1 -1
- data/lib/puppet/graph.rb +6 -6
- data/lib/puppet/graph/simple_graph.rb +2 -2
- data/lib/puppet/http.rb +26 -26
- data/lib/puppet/http/factory.rb +6 -2
- data/lib/puppet/http/proxy.rb +1 -1
- data/lib/puppet/http/resolver/server_list.rb +15 -4
- data/lib/puppet/http/service/compiler.rb +73 -1
- data/lib/puppet/http/service/file_server.rb +3 -2
- data/lib/puppet/indirector.rb +5 -5
- data/lib/puppet/indirector/catalog/compiler.rb +7 -6
- data/lib/puppet/indirector/catalog/json.rb +2 -2
- data/lib/puppet/indirector/catalog/msgpack.rb +2 -2
- data/lib/puppet/indirector/catalog/rest.rb +2 -2
- data/lib/puppet/indirector/catalog/store_configs.rb +2 -2
- data/lib/puppet/indirector/catalog/yaml.rb +2 -2
- data/lib/puppet/indirector/code.rb +1 -1
- data/lib/puppet/indirector/data_binding/hiera.rb +1 -1
- data/lib/puppet/indirector/data_binding/none.rb +1 -1
- data/lib/puppet/indirector/direct_file_server.rb +2 -2
- data/lib/puppet/indirector/envelope.rb +1 -1
- data/lib/puppet/indirector/errors.rb +1 -1
- data/lib/puppet/indirector/exec.rb +2 -2
- data/lib/puppet/indirector/face.rb +1 -1
- data/lib/puppet/indirector/facts/facter.rb +3 -2
- data/lib/puppet/indirector/facts/json.rb +3 -3
- data/lib/puppet/indirector/facts/memory.rb +2 -2
- data/lib/puppet/indirector/facts/network_device.rb +2 -2
- data/lib/puppet/indirector/facts/rest.rb +2 -2
- data/lib/puppet/indirector/facts/store_configs.rb +2 -2
- data/lib/puppet/indirector/facts/yaml.rb +3 -3
- data/lib/puppet/indirector/file_bucket_file/file.rb +4 -4
- data/lib/puppet/indirector/file_bucket_file/rest.rb +2 -2
- data/lib/puppet/indirector/file_bucket_file/selector.rb +1 -1
- data/lib/puppet/indirector/file_content.rb +1 -1
- data/lib/puppet/indirector/file_content/file.rb +3 -3
- data/lib/puppet/indirector/file_content/file_server.rb +3 -3
- data/lib/puppet/indirector/file_content/rest.rb +3 -3
- data/lib/puppet/indirector/file_content/selector.rb +4 -4
- data/lib/puppet/indirector/file_metadata.rb +1 -1
- data/lib/puppet/indirector/file_metadata/file.rb +3 -3
- data/lib/puppet/indirector/file_metadata/file_server.rb +3 -3
- data/lib/puppet/indirector/file_metadata/http.rb +3 -3
- data/lib/puppet/indirector/file_metadata/rest.rb +4 -3
- data/lib/puppet/indirector/file_metadata/selector.rb +4 -4
- data/lib/puppet/indirector/file_server.rb +4 -4
- data/lib/puppet/indirector/generic_http.rb +1 -1
- data/lib/puppet/indirector/hiera.rb +1 -1
- data/lib/puppet/indirector/indirection.rb +5 -5
- data/lib/puppet/indirector/json.rb +2 -2
- data/lib/puppet/indirector/memory.rb +1 -1
- data/lib/puppet/indirector/msgpack.rb +2 -2
- data/lib/puppet/indirector/node/exec.rb +2 -2
- data/lib/puppet/indirector/node/json.rb +2 -2
- data/lib/puppet/indirector/node/memory.rb +2 -2
- data/lib/puppet/indirector/node/msgpack.rb +2 -2
- data/lib/puppet/indirector/node/plain.rb +2 -2
- data/lib/puppet/indirector/node/rest.rb +2 -2
- data/lib/puppet/indirector/node/store_configs.rb +2 -2
- data/lib/puppet/indirector/node/yaml.rb +2 -2
- data/lib/puppet/indirector/none.rb +1 -1
- data/lib/puppet/indirector/plain.rb +1 -1
- data/lib/puppet/indirector/report/json.rb +2 -2
- data/lib/puppet/indirector/report/msgpack.rb +2 -2
- data/lib/puppet/indirector/report/processor.rb +3 -3
- data/lib/puppet/indirector/report/rest.rb +1 -1
- data/lib/puppet/indirector/report/yaml.rb +2 -2
- data/lib/puppet/indirector/request.rb +3 -3
- data/lib/puppet/indirector/resource/ral.rb +1 -1
- data/lib/puppet/indirector/resource/store_configs.rb +2 -2
- data/lib/puppet/indirector/terminus.rb +5 -5
- data/lib/puppet/indirector/yaml.rb +2 -2
- data/lib/puppet/info_service.rb +3 -3
- data/lib/puppet/info_service/class_information_service.rb +3 -3
- data/lib/puppet/info_service/plan_information_service.rb +1 -1
- data/lib/puppet/info_service/task_information_service.rb +1 -1
- data/lib/puppet/interface.rb +10 -10
- data/lib/puppet/interface/documentation.rb +1 -1
- data/lib/puppet/loaders.rb +21 -25
- data/lib/puppet/metatype/manager.rb +3 -3
- data/lib/puppet/module.rb +5 -4
- data/lib/puppet/module/plan.rb +1 -1
- data/lib/puppet/module/task.rb +1 -1
- data/lib/puppet/module_tool.rb +10 -10
- data/lib/puppet/module_tool/applications.rb +7 -7
- data/lib/puppet/module_tool/applications/application.rb +2 -2
- data/lib/puppet/module_tool/applications/checksummer.rb +2 -2
- data/lib/puppet/module_tool/applications/installer.rb +7 -7
- data/lib/puppet/module_tool/applications/unpacker.rb +2 -2
- data/lib/puppet/module_tool/applications/upgrader.rb +5 -5
- data/lib/puppet/module_tool/checksums.rb +1 -1
- data/lib/puppet/module_tool/contents_description.rb +1 -1
- data/lib/puppet/module_tool/dependency.rb +2 -2
- data/lib/puppet/module_tool/errors.rb +6 -6
- data/lib/puppet/module_tool/install_directory.rb +2 -2
- data/lib/puppet/module_tool/installed_modules.rb +2 -2
- data/lib/puppet/module_tool/local_tarball.rb +2 -2
- data/lib/puppet/module_tool/metadata.rb +3 -3
- data/lib/puppet/module_tool/tar.rb +4 -4
- data/lib/puppet/network/format.rb +1 -1
- data/lib/puppet/network/format_handler.rb +3 -3
- data/lib/puppet/network/format_support.rb +1 -1
- data/lib/puppet/network/formats.rb +2 -2
- data/lib/puppet/network/http.rb +17 -14
- data/lib/puppet/network/http/api.rb +11 -7
- data/lib/puppet/network/http/api/indirected_routes.rb +1 -1
- data/lib/puppet/network/http/api/master.rb +3 -2
- data/lib/puppet/network/http/api/master/v3.rb +2 -25
- data/lib/puppet/network/http/api/master/v3/environments.rb +2 -33
- data/lib/puppet/network/http/api/server.rb +10 -0
- data/lib/puppet/network/http/api/server/v3.rb +39 -0
- data/lib/puppet/network/http/api/server/v3/environments.rb +48 -0
- data/lib/puppet/network/http/connection.rb +1 -1
- data/lib/puppet/network/http/error.rb +1 -1
- data/lib/puppet/network/http/handler.rb +3 -3
- data/lib/puppet/network/http_pool.rb +1 -1
- data/lib/puppet/node.rb +3 -3
- data/lib/puppet/node/environment.rb +15 -8
- data/lib/puppet/node/facts.rb +3 -3
- data/lib/puppet/pal/pal_api.rb +10 -10
- data/lib/puppet/pal/pal_impl.rb +3 -3
- data/lib/puppet/parameter.rb +4 -4
- data/lib/puppet/parameter/boolean.rb +1 -1
- data/lib/puppet/parameter/package_options.rb +1 -1
- data/lib/puppet/parameter/path.rb +1 -1
- data/lib/puppet/parameter/value.rb +1 -1
- data/lib/puppet/parameter/value_collection.rb +1 -1
- data/lib/puppet/parser.rb +10 -10
- data/lib/puppet/parser/ast.rb +8 -8
- data/lib/puppet/parser/ast/hostclass.rb +1 -1
- data/lib/puppet/parser/ast/pops_bridge.rb +2 -2
- data/lib/puppet/parser/catalog_compiler.rb +2 -2
- data/lib/puppet/parser/compiler.rb +5 -5
- data/lib/puppet/parser/e4_parser_adapter.rb +1 -1
- data/lib/puppet/parser/functions.rb +4 -4
- data/lib/puppet/parser/functions/digest.rb +1 -1
- data/lib/puppet/parser/functions/file.rb +1 -1
- data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
- data/lib/puppet/parser/functions/versioncmp.rb +1 -1
- data/lib/puppet/parser/parser_factory.rb +2 -2
- data/lib/puppet/parser/resource.rb +3 -3
- data/lib/puppet/parser/scope.rb +3 -3
- data/lib/puppet/parser/script_compiler.rb +2 -2
- data/lib/puppet/parser/templatewrapper.rb +2 -2
- data/lib/puppet/parser/type_loader.rb +1 -1
- data/lib/puppet/plugins/configuration.rb +5 -5
- data/lib/puppet/pops.rb +57 -57
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +1 -1
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +7 -7
- data/lib/puppet/pops/evaluator/external_syntax_support.rb +1 -1
- data/lib/puppet/pops/loader/base_loader.rb +42 -32
- data/lib/puppet/pops/loader/dependency_loader.rb +2 -2
- data/lib/puppet/pops/loader/loader.rb +15 -5
- data/lib/puppet/pops/loader/module_loaders.rb +8 -8
- data/lib/puppet/pops/loader/predefined_loader.rb +4 -0
- data/lib/puppet/pops/loader/runtime3_type_loader.rb +1 -1
- data/lib/puppet/pops/loader/static_loader.rb +4 -0
- data/lib/puppet/pops/loader/task_instantiator.rb +1 -1
- data/lib/puppet/pops/loaders.rb +4 -4
- data/lib/puppet/pops/lookup/invocation.rb +1 -1
- data/lib/puppet/pops/model/ast_transformer.rb +1 -1
- data/lib/puppet/pops/model/pn_transformer.rb +1 -1
- data/lib/puppet/pops/parser/eparser.rb +2 -2
- data/lib/puppet/pops/parser/evaluating_parser.rb +1 -1
- data/lib/puppet/pops/parser/lexer2.rb +5 -9
- data/lib/puppet/pops/parser/lexer_support.rb +1 -1
- data/lib/puppet/pops/parser/parser_support.rb +4 -4
- data/lib/puppet/pops/puppet_stack.rb +1 -1
- data/lib/puppet/pops/serialization/json.rb +1 -1
- data/lib/puppet/pops/serialization/json_path.rb +1 -1
- data/lib/puppet/pops/time/timespan.rb +1 -1
- data/lib/puppet/pops/types/p_type_set_type.rb +1 -1
- data/lib/puppet/pops/types/string_converter.rb +1 -1
- data/lib/puppet/pops/types/type_calculator.rb +1 -1
- data/lib/puppet/pops/types/type_formatter.rb +1 -1
- data/lib/puppet/pops/types/type_parser.rb +1 -1
- data/lib/puppet/pops/types/types.rb +1 -1
- data/lib/puppet/pops/validation/checker4_0.rb +1 -2
- data/lib/puppet/property.rb +3 -3
- data/lib/puppet/property/boolean.rb +1 -1
- data/lib/puppet/property/ensure.rb +1 -1
- data/lib/puppet/property/keyvalue.rb +1 -1
- data/lib/puppet/property/list.rb +2 -2
- data/lib/puppet/property/ordered_list.rb +1 -1
- data/lib/puppet/provider.rb +2 -2
- data/lib/puppet/provider/confine.rb +2 -2
- data/lib/puppet/provider/exec.rb +2 -2
- data/lib/puppet/provider/exec/posix.rb +1 -1
- data/lib/puppet/provider/exec/windows.rb +1 -1
- data/lib/puppet/provider/file/posix.rb +1 -1
- data/lib/puppet/provider/file/windows.rb +1 -1
- data/lib/puppet/provider/group/aix.rb +1 -1
- data/lib/puppet/provider/group/directoryservice.rb +1 -1
- data/lib/puppet/provider/group/groupadd.rb +15 -10
- data/lib/puppet/provider/group/ldap.rb +1 -1
- data/lib/puppet/provider/group/pw.rb +1 -1
- data/lib/puppet/provider/group/windows_adsi.rb +1 -1
- data/lib/puppet/provider/ldap.rb +2 -2
- data/lib/puppet/provider/nameservice.rb +1 -1
- data/lib/puppet/provider/nameservice/directoryservice.rb +3 -3
- data/lib/puppet/provider/nameservice/objectadd.rb +1 -1
- data/lib/puppet/provider/nameservice/pw.rb +1 -1
- data/lib/puppet/provider/package.rb +1 -1
- data/lib/puppet/provider/package/aix.rb +2 -2
- data/lib/puppet/provider/package/appdmg.rb +2 -2
- data/lib/puppet/provider/package/apple.rb +1 -1
- data/lib/puppet/provider/package/apt.rb +32 -4
- data/lib/puppet/provider/package/aptitude.rb +6 -0
- data/lib/puppet/provider/package/dnfmodule.rb +2 -2
- data/lib/puppet/provider/package/dpkg.rb +1 -1
- data/lib/puppet/provider/package/gem.rb +3 -3
- data/lib/puppet/provider/package/hpux.rb +1 -1
- data/lib/puppet/provider/package/macports.rb +2 -2
- data/lib/puppet/provider/package/nim.rb +2 -2
- data/lib/puppet/provider/package/openbsd.rb +1 -1
- data/lib/puppet/provider/package/opkg.rb +1 -1
- data/lib/puppet/provider/package/pacman.rb +1 -1
- data/lib/puppet/provider/package/pip.rb +3 -3
- data/lib/puppet/provider/package/pkg.rb +2 -2
- data/lib/puppet/provider/package/pkgdmg.rb +3 -3
- data/lib/puppet/provider/package/pkgin.rb +1 -1
- data/lib/puppet/provider/package/pkgng.rb +1 -1
- data/lib/puppet/provider/package/portage.rb +1 -1
- data/lib/puppet/provider/package/portupgrade.rb +1 -1
- data/lib/puppet/provider/package/puppet_gem.rb +12 -1
- data/lib/puppet/provider/package/puppetserver_gem.rb +0 -0
- data/lib/puppet/provider/package/rpm.rb +2 -2
- data/lib/puppet/provider/package/sun.rb +1 -1
- data/lib/puppet/provider/package/windows.rb +3 -3
- data/lib/puppet/provider/package/windows/exe_package.rb +1 -1
- data/lib/puppet/provider/package/windows/msi_package.rb +1 -1
- data/lib/puppet/provider/package/windows/package.rb +4 -4
- data/lib/puppet/provider/package/yum.rb +3 -3
- data/lib/puppet/provider/package_targetable.rb +1 -1
- data/lib/puppet/provider/parsedfile.rb +3 -3
- data/lib/puppet/provider/service/base.rb +6 -4
- data/lib/puppet/provider/service/daemontools.rb +0 -1
- data/lib/puppet/provider/service/debian.rb +5 -5
- data/lib/puppet/provider/service/init.rb +1 -1
- data/lib/puppet/provider/service/launchd.rb +9 -3
- data/lib/puppet/provider/service/service.rb +28 -3
- data/lib/puppet/provider/service/smf.rb +0 -24
- data/lib/puppet/provider/service/src.rb +2 -2
- data/lib/puppet/provider/service/systemd.rb +12 -7
- data/lib/puppet/provider/service/windows.rb +38 -0
- data/lib/puppet/provider/user/aix.rb +2 -2
- data/lib/puppet/provider/user/directoryservice.rb +2 -2
- data/lib/puppet/provider/user/ldap.rb +1 -1
- data/lib/puppet/provider/user/openbsd.rb +1 -1
- data/lib/puppet/provider/user/pw.rb +1 -1
- data/lib/puppet/provider/user/user_role_add.rb +2 -2
- data/lib/puppet/provider/user/useradd.rb +65 -11
- data/lib/puppet/provider/user/windows_adsi.rb +1 -1
- data/lib/puppet/reference/configuration.rb +1 -1
- data/lib/puppet/reference/indirection.rb +4 -4
- data/lib/puppet/reference/report.rb +1 -1
- data/lib/puppet/reports.rb +1 -1
- data/lib/puppet/reports/http.rb +2 -2
- data/lib/puppet/reports/log.rb +1 -1
- data/lib/puppet/reports/store.rb +2 -2
- data/lib/puppet/resource.rb +4 -4
- data/lib/puppet/resource/catalog.rb +5 -5
- data/lib/puppet/resource/status.rb +2 -2
- data/lib/puppet/resource/type.rb +4 -4
- data/lib/puppet/resource/type_collection.rb +4 -4
- data/lib/puppet/runtime.rb +1 -1
- data/lib/puppet/scheduler.rb +4 -4
- data/lib/puppet/settings.rb +31 -30
- data/lib/puppet/settings/autosign_setting.rb +1 -1
- data/lib/puppet/settings/base_setting.rb +2 -2
- data/lib/puppet/settings/certificate_revocation_setting.rb +1 -1
- data/lib/puppet/settings/config_file.rb +1 -1
- data/lib/puppet/settings/environment_conf.rb +1 -0
- data/lib/puppet/settings/errors.rb +1 -1
- data/lib/puppet/settings/priority_setting.rb +3 -3
- data/lib/puppet/ssl.rb +11 -11
- data/lib/puppet/ssl/base.rb +3 -3
- data/lib/puppet/ssl/certificate.rb +1 -1
- data/lib/puppet/ssl/certificate_request.rb +2 -2
- data/lib/puppet/ssl/certificate_request_attributes.rb +2 -2
- data/lib/puppet/ssl/oids.rb +1 -1
- data/lib/puppet/ssl/openssl_loader.rb +1 -1
- data/lib/puppet/ssl/ssl_context.rb +1 -1
- data/lib/puppet/ssl/ssl_provider.rb +1 -1
- data/lib/puppet/ssl/state_machine.rb +2 -2
- data/lib/puppet/ssl/verifier.rb +5 -1
- data/lib/puppet/syntax_checkers/base64.rb +1 -1
- data/lib/puppet/syntax_checkers/epp.rb +1 -1
- data/lib/puppet/syntax_checkers/json.rb +1 -1
- data/lib/puppet/syntax_checkers/pp.rb +1 -1
- data/lib/puppet/transaction.rb +11 -11
- data/lib/puppet/transaction/event.rb +4 -4
- data/lib/puppet/transaction/event_manager.rb +1 -1
- data/lib/puppet/transaction/persistence.rb +1 -1
- data/lib/puppet/transaction/report.rb +2 -2
- data/lib/puppet/transaction/resource_harness.rb +1 -1
- data/lib/puppet/type.rb +14 -14
- data/lib/puppet/type/component.rb +3 -3
- data/lib/puppet/type/file.rb +37 -19
- data/lib/puppet/type/file/checksum.rb +1 -1
- data/lib/puppet/type/file/checksum_value.rb +2 -2
- data/lib/puppet/type/file/content.rb +2 -2
- data/lib/puppet/type/file/data_sync.rb +2 -2
- data/lib/puppet/type/file/ensure.rb +1 -1
- data/lib/puppet/type/file/group.rb +1 -1
- data/lib/puppet/type/file/mode.rb +1 -1
- data/lib/puppet/type/file/selcontext.rb +2 -2
- data/lib/puppet/type/file/source.rb +4 -4
- data/lib/puppet/type/filebucket.rb +1 -1
- data/lib/puppet/type/group.rb +2 -2
- data/lib/puppet/type/package.rb +5 -5
- data/lib/puppet/type/resources.rb +2 -2
- data/lib/puppet/type/service.rb +10 -29
- data/lib/puppet/type/tidy.rb +24 -5
- data/lib/puppet/type/user.rb +4 -4
- data/lib/puppet/util.rb +43 -34
- data/lib/puppet/util/at_fork.rb +3 -3
- data/lib/puppet/util/at_fork/solaris.rb +1 -1
- data/lib/puppet/util/autoload.rb +4 -4
- data/lib/puppet/util/checksums.rb +3 -3
- data/lib/puppet/util/colors.rb +1 -1
- data/lib/puppet/util/command_line.rb +6 -6
- data/lib/puppet/util/command_line/puppet_option_parser.rb +2 -2
- data/lib/puppet/util/execution.rb +2 -2
- data/lib/puppet/util/feature.rb +2 -2
- data/lib/puppet/util/filetype.rb +1 -1
- data/lib/puppet/util/http_proxy.rb +1 -1
- data/lib/puppet/util/inifile.rb +2 -2
- data/lib/puppet/util/instance_loader.rb +3 -3
- data/lib/puppet/util/json_lockfile.rb +1 -1
- data/lib/puppet/util/ldap/connection.rb +1 -1
- data/lib/puppet/util/ldap/generator.rb +1 -1
- data/lib/puppet/util/ldap/manager.rb +3 -3
- data/lib/puppet/util/limits.rb +1 -1
- data/lib/puppet/util/log.rb +6 -6
- data/lib/puppet/util/log/destinations.rb +1 -1
- data/lib/puppet/util/logging.rb +2 -2
- data/lib/puppet/util/metric.rb +2 -2
- data/lib/puppet/util/monkey_patches.rb +14 -3
- data/lib/puppet/util/network_device/base.rb +3 -3
- data/lib/puppet/util/network_device/config.rb +2 -2
- data/lib/puppet/util/network_device/transport.rb +1 -1
- data/lib/puppet/util/network_device/transport/base.rb +2 -2
- data/lib/puppet/util/package/version/range.rb +6 -6
- data/lib/puppet/util/package/version/range/eq.rb +1 -1
- data/lib/puppet/util/package/version/range/gt.rb +1 -1
- data/lib/puppet/util/package/version/range/gt_eq.rb +1 -1
- data/lib/puppet/util/package/version/range/lt.rb +1 -1
- data/lib/puppet/util/package/version/range/lt_eq.rb +1 -1
- data/lib/puppet/util/package/version/range/min_max.rb +1 -1
- data/lib/puppet/util/package/version/range/simple.rb +1 -1
- data/lib/puppet/util/package/version/rpm.rb +1 -1
- data/lib/puppet/util/pidlock.rb +1 -1
- data/lib/puppet/util/plist.rb +1 -1
- data/lib/puppet/util/posix.rb +1 -1
- data/lib/puppet/util/profiler.rb +3 -3
- data/lib/puppet/util/profiler/aggregate.rb +2 -2
- data/lib/puppet/util/profiler/object_counts.rb +1 -1
- data/lib/puppet/util/profiler/wall_clock.rb +1 -1
- data/lib/puppet/util/provider_features.rb +2 -2
- data/lib/puppet/util/rdoc.rb +2 -2
- data/lib/puppet/util/rdoc/generators/puppet_generator.rb +2 -2
- data/lib/puppet/util/rdoc/parser.rb +6 -6
- data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +1 -1
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/resource_template.rb +2 -2
- data/lib/puppet/util/rubygems.rb +1 -1
- data/lib/puppet/util/selinux.rb +30 -4
- data/lib/puppet/util/skip_tags.rb +1 -1
- data/lib/puppet/util/storage.rb +1 -1
- data/lib/puppet/util/suidmanager.rb +2 -2
- data/lib/puppet/util/symbolic_file_mode.rb +1 -1
- data/lib/puppet/util/tag_set.rb +1 -1
- data/lib/puppet/util/tagging.rb +1 -1
- data/lib/puppet/util/watched_file.rb +1 -1
- data/lib/puppet/util/watcher.rb +3 -3
- data/lib/puppet/util/windows.rb +20 -20
- data/lib/puppet/util/windows/access_control_entry.rb +1 -1
- data/lib/puppet/util/windows/adsi.rb +47 -1
- data/lib/puppet/util/windows/daemon.rb +1 -1
- data/lib/puppet/util/windows/error.rb +2 -2
- data/lib/puppet/util/windows/file.rb +1 -1
- data/lib/puppet/util/windows/monkey_patches/process.rb +2 -2
- data/lib/puppet/util/windows/principal.rb +10 -3
- data/lib/puppet/util/windows/process.rb +2 -2
- data/lib/puppet/util/windows/registry.rb +1 -1
- data/lib/puppet/util/windows/root_certs.rb +2 -2
- data/lib/puppet/util/windows/security.rb +1 -1
- data/lib/puppet/util/windows/security_descriptor.rb +1 -1
- data/lib/puppet/util/windows/service.rb +1 -1
- data/lib/puppet/util/windows/sid.rb +5 -3
- data/lib/puppet/util/windows/user.rb +1 -1
- data/lib/puppet/vendor.rb +1 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509.rb +4 -4
- data/lib/puppet/x509/cert_provider.rb +1 -1
- data/lib/puppet/x509/pem_store.rb +1 -1
- data/lib/puppet_pal.rb +2 -2
- data/locales/puppet.pot +173 -157
- data/man/man5/puppet.conf.5 +263 -240
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +1 -1
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +5 -2
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +1 -1
- data/man/man8/puppet-node.8 +1 -1
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +1 -1
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +5 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
- data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/ca.pem +57 -35
- data/spec/fixtures/ssl/crl.pem +28 -18
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +33 -24
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +108 -58
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
- data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
- data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
- data/spec/fixtures/ssl/intermediate.pem +57 -36
- data/spec/fixtures/ssl/pluto-key.pem +107 -57
- data/spec/fixtures/ssl/pluto.pem +52 -30
- data/spec/fixtures/ssl/request-key.pem +107 -57
- data/spec/fixtures/ssl/request.pem +47 -26
- data/spec/fixtures/ssl/revoked-key.pem +107 -57
- data/spec/fixtures/ssl/revoked.pem +52 -30
- data/spec/fixtures/ssl/signed-key.pem +107 -57
- data/spec/fixtures/ssl/signed.pem +52 -30
- data/spec/fixtures/ssl/tampered-cert.pem +52 -30
- data/spec/fixtures/ssl/tampered-csr.pem +47 -26
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
- data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-ca.pem +55 -33
- data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
- data/spec/integration/application/agent_spec.rb +33 -0
- data/spec/integration/application/plugin_spec.rb +1 -1
- data/spec/integration/http/client_spec.rb +12 -0
- data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
- data/spec/integration/parser/collection_spec.rb +10 -0
- data/spec/integration/type/file_spec.rb +5 -5
- data/spec/integration/util/windows/adsi_spec.rb +18 -0
- data/spec/integration/util/windows/principal_spec.rb +21 -0
- data/spec/integration/util/windows/registry_spec.rb +6 -0
- data/spec/lib/puppet/test_ca.rb +2 -2
- data/spec/lib/puppet_spec/files.rb +1 -1
- data/spec/shared_contexts/provider.rb +16 -0
- data/spec/spec_helper.rb +11 -1
- data/spec/unit/application/agent_spec.rb +7 -2
- data/spec/unit/application/facts_spec.rb +58 -7
- data/spec/unit/application/ssl_spec.rb +23 -0
- data/spec/unit/configurer/downloader_spec.rb +6 -0
- data/spec/unit/configurer_spec.rb +23 -0
- data/spec/unit/environments_spec.rb +164 -88
- data/spec/unit/file_bucket/dipper_spec.rb +1 -1
- data/spec/unit/file_serving/fileset_spec.rb +60 -0
- data/spec/unit/file_system_spec.rb +9 -0
- data/spec/unit/gettext/config_spec.rb +12 -0
- data/spec/unit/http/factory_spec.rb +19 -0
- data/spec/unit/http/service/compiler_spec.rb +123 -0
- data/spec/unit/indirector/catalog/compiler_spec.rb +14 -10
- data/spec/unit/indirector/facts/facter_spec.rb +9 -0
- data/spec/unit/module_spec.rb +1 -1
- data/spec/unit/network/http/api/master_spec.rb +38 -0
- data/spec/unit/network/http/api/{master → server}/v3/environments_spec.rb +2 -2
- data/spec/unit/network/http/api/{master → server}/v3_spec.rb +19 -19
- data/spec/unit/network/http/api_spec.rb +11 -11
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
- data/spec/unit/pops/loaders/dependency_loader_spec.rb +1 -1
- data/spec/unit/pops/lookup/context_spec.rb +1 -1
- data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
- data/spec/unit/pops/types/type_parser_spec.rb +2 -1
- data/spec/unit/pops/validator/validator_spec.rb +20 -43
- data/spec/unit/provider/group/groupadd_spec.rb +5 -2
- data/spec/unit/provider/package/apt_spec.rb +24 -15
- data/spec/unit/provider/package/aptitude_spec.rb +1 -1
- data/spec/unit/provider/package/dnfmodule_spec.rb +13 -4
- data/spec/unit/provider/package/gem_spec.rb +3 -1
- data/spec/unit/provider/package/pip2_spec.rb +3 -1
- data/spec/unit/provider/package/pip3_spec.rb +3 -1
- data/spec/unit/provider/package/pip_spec.rb +3 -1
- data/spec/unit/provider/package/pkg_spec.rb +44 -44
- data/spec/unit/provider/package/puppet_gem_spec.rb +31 -1
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +2 -0
- data/spec/unit/provider/service/base_spec.rb +8 -8
- data/spec/unit/provider/service/bsd_spec.rb +0 -4
- data/spec/unit/provider/service/daemontools_spec.rb +1 -1
- data/spec/unit/provider/service/debian_spec.rb +15 -17
- data/spec/unit/provider/service/gentoo_spec.rb +19 -14
- data/spec/unit/provider/service/init_spec.rb +29 -20
- data/spec/unit/provider/service/launchd_spec.rb +10 -12
- data/spec/unit/provider/service/openbsd_spec.rb +21 -35
- data/spec/unit/provider/service/openrc_spec.rb +15 -14
- data/spec/unit/provider/service/openwrt_spec.rb +3 -1
- data/spec/unit/provider/service/redhat_spec.rb +20 -19
- data/spec/unit/provider/service/smf_spec.rb +6 -5
- data/spec/unit/provider/service/src_spec.rb +5 -10
- data/spec/unit/provider/service/systemd_spec.rb +68 -29
- data/spec/unit/provider/service/upstart_spec.rb +25 -20
- data/spec/unit/provider/service/windows_spec.rb +202 -0
- data/spec/unit/provider/user/useradd_spec.rb +70 -3
- data/spec/unit/resource/catalog_spec.rb +1 -1
- data/spec/unit/ssl/certificate_request_spec.rb +4 -10
- data/spec/unit/ssl/state_machine_spec.rb +19 -5
- data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
- data/spec/unit/transaction_spec.rb +18 -20
- data/spec/unit/type/file/selinux_spec.rb +3 -3
- data/spec/unit/type/service_spec.rb +10 -154
- data/spec/unit/type/tidy_spec.rb +17 -7
- data/spec/unit/util/at_fork_spec.rb +9 -9
- data/spec/unit/util/posix_spec.rb +1 -1
- data/spec/unit/util/selinux_spec.rb +87 -16
- data/spec/unit/util/windows/sid_spec.rb +6 -0
- data/tasks/generate_cert_fixtures.rake +2 -2
- metadata +15 -16
- data/spec/lib/matchers/include.rb +0 -27
- data/spec/lib/matchers/include_spec.rb +0 -32
- data/spec/unit/pops/parser/parse_application_spec.rb +0 -13
- data/spec/unit/pops/parser/parse_capabilities_spec.rb +0 -23
- data/spec/unit/pops/parser/parse_site_spec.rb +0 -43
data/man/man5/puppet.conf.5
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPETCONF" "5" "
|
4
|
+
.TH "PUPPETCONF" "5" "May 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
\fBThis page is autogenerated; any changes will get overwritten\fR
|
6
6
|
.
|
7
7
|
.SH "Configuration settings"
|
@@ -42,7 +42,7 @@ See the configuration guide \fIhttps://puppet\.com/docs/puppet/latest/config_abo
|
|
42
42
|
A lock file to indicate that a puppet agent catalog run is currently in progress\. The file contains the pid of the process that holds the lock on the catalog run\.
|
43
43
|
.
|
44
44
|
.IP "\(bu" 4
|
45
|
-
\fIDefault\fR: $statedir/agent_catalog_run\.lock
|
45
|
+
\fIDefault\fR: \fB$statedir/agent_catalog_run\.lock\fR
|
46
46
|
.
|
47
47
|
.IP "" 0
|
48
48
|
.
|
@@ -50,7 +50,7 @@ A lock file to indicate that a puppet agent catalog run is currently in progress
|
|
50
50
|
A lock file to indicate that puppet agent runs have been administratively disabled\. File contains a JSON object with state information\.
|
51
51
|
.
|
52
52
|
.IP "\(bu" 4
|
53
|
-
\fIDefault\fR: $statedir/agent_disabled\.lock
|
53
|
+
\fIDefault\fR: \fB$statedir/agent_disabled\.lock\fR
|
54
54
|
.
|
55
55
|
.IP "" 0
|
56
56
|
.
|
@@ -58,7 +58,7 @@ A lock file to indicate that puppet agent runs have been administratively disabl
|
|
58
58
|
Whether to allow a new certificate request to overwrite an existing certificate request\. If true, then the old certificate must be cleaned using \fBpuppetserver ca clean\fR, and the new request signed using \fBpuppetserver ca sign\fR\.
|
59
59
|
.
|
60
60
|
.IP "\(bu" 4
|
61
|
-
\fIDefault\fR:
|
61
|
+
\fIDefault\fR: \fBfalse\fR
|
62
62
|
.
|
63
63
|
.IP "" 0
|
64
64
|
.
|
@@ -69,7 +69,7 @@ Affects how we cache attempts to load Puppet resource types and features\. If tr
|
|
69
69
|
If this setting is set to false, then types and features will only be checked once, and if they are not available, the negative result is cached and returned for all subsequent attempts to load the type or feature\. This behavior is almost always appropriate for the server, and can result in a significant performance improvement for types and features that are checked frequently\.
|
70
70
|
.
|
71
71
|
.IP "\(bu" 4
|
72
|
-
\fIDefault\fR:
|
72
|
+
\fIDefault\fR: \fBtrue\fR
|
73
73
|
.
|
74
74
|
.IP "" 0
|
75
75
|
.
|
@@ -77,7 +77,7 @@ If this setting is set to false, then types and features will only be checked on
|
|
77
77
|
Whether log files should always flush to disk\.
|
78
78
|
.
|
79
79
|
.IP "\(bu" 4
|
80
|
-
\fIDefault\fR:
|
80
|
+
\fIDefault\fR: \fBtrue\fR
|
81
81
|
.
|
82
82
|
.IP "" 0
|
83
83
|
.
|
@@ -100,7 +100,7 @@ If a certificate request is not autosigned, it will persist for review\. An admi
|
|
100
100
|
For info on autosign configuration files, see the guide to Puppet\'s config files \fIhttps://puppet\.com/docs/puppet/latest/config_file_autosign\.html\fR\.
|
101
101
|
.
|
102
102
|
.IP "\(bu" 4
|
103
|
-
\fIDefault\fR: $confdir/autosign\.conf
|
103
|
+
\fIDefault\fR: \fB$confdir/autosign\.conf\fR
|
104
104
|
.
|
105
105
|
.IP "" 0
|
106
106
|
.
|
@@ -111,37 +111,39 @@ The search path for \fBglobal\fR modules\. Should be specified as a list of dire
|
|
111
111
|
These are the modules that will be used by \fIall\fR environments\. Note that the \fBmodules\fR directory of the active environment will have priority over any global directories\. For more info, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
|
112
112
|
.
|
113
113
|
.IP "\(bu" 4
|
114
|
-
\fIDefault\fR: $codedir/modules:/opt/puppetlabs/puppet/modules
|
114
|
+
\fIDefault\fR: \fB$codedir/modules:/opt/puppetlabs/puppet/modules\fR
|
115
115
|
.
|
116
116
|
.IP "" 0
|
117
117
|
.
|
118
118
|
.SS "binder_config"
|
119
119
|
The binder configuration file\. Puppet reads this file on each request to configure the bindings system\. If set to nil (the default), a $confdir/binder_config\.yaml is optionally loaded\. If it does not exists, a default configuration is used\. If the setting :binding_config is specified, it must reference a valid and existing yaml file\.
|
120
120
|
.
|
121
|
-
.
|
122
|
-
\fIDefault\fR:
|
123
|
-
|
121
|
+
.IP "\(bu" 4
|
122
|
+
\fIDefault\fR: ``
|
123
|
+
.
|
124
|
+
.IP "" 0
|
124
125
|
.
|
125
126
|
.SS "bucketdir"
|
126
127
|
Where FileBucket files are stored\.
|
127
128
|
.
|
128
129
|
.IP "\(bu" 4
|
129
|
-
\fIDefault\fR: $vardir/bucket
|
130
|
+
\fIDefault\fR: \fB$vardir/bucket\fR
|
130
131
|
.
|
131
132
|
.IP "" 0
|
132
133
|
.
|
133
134
|
.SS "ca_fingerprint"
|
134
135
|
The expected fingerprint of the CA certificate\. If specified, the agent will compare the CA certificate fingerprint that it downloads against this value and reject the CA certificate if the values do not match\. This only applies during the first download of the CA certificate\.
|
135
136
|
.
|
136
|
-
.
|
137
|
-
\fIDefault\fR:
|
138
|
-
|
137
|
+
.IP "\(bu" 4
|
138
|
+
\fIDefault\fR: ``
|
139
|
+
.
|
140
|
+
.IP "" 0
|
139
141
|
.
|
140
142
|
.SS "ca_name"
|
141
143
|
The name to use the Certificate Authority certificate\.
|
142
144
|
.
|
143
145
|
.IP "\(bu" 4
|
144
|
-
\fIDefault\fR:
|
146
|
+
\fIDefault\fR: \fBPuppet CA: $certname\fR
|
145
147
|
.
|
146
148
|
.IP "" 0
|
147
149
|
.
|
@@ -149,7 +151,7 @@ The name to use the Certificate Authority certificate\.
|
|
149
151
|
The port to use for the certificate authority\.
|
150
152
|
.
|
151
153
|
.IP "\(bu" 4
|
152
|
-
\fIDefault\fR: $serverport
|
154
|
+
\fIDefault\fR: \fB$serverport\fR
|
153
155
|
.
|
154
156
|
.IP "" 0
|
155
157
|
.
|
@@ -157,7 +159,7 @@ The port to use for the certificate authority\.
|
|
157
159
|
The server to use for certificate authority requests\. It\'s a separate server because it cannot and does not need to horizontally scale\.
|
158
160
|
.
|
159
161
|
.IP "\(bu" 4
|
160
|
-
\fIDefault\fR: $server
|
162
|
+
\fIDefault\fR: \fB$server\fR
|
161
163
|
.
|
162
164
|
.IP "" 0
|
163
165
|
.
|
@@ -165,7 +167,7 @@ The server to use for certificate authority requests\. It\'s a separate server b
|
|
165
167
|
The default TTL for new certificates\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
166
168
|
.
|
167
169
|
.IP "\(bu" 4
|
168
|
-
\fIDefault\fR:
|
170
|
+
\fIDefault\fR: \fB5y\fR
|
169
171
|
.
|
170
172
|
.IP "" 0
|
171
173
|
.
|
@@ -173,7 +175,7 @@ The default TTL for new certificates\. This setting can be a time interval in se
|
|
173
175
|
The CA certificate\.
|
174
176
|
.
|
175
177
|
.IP "\(bu" 4
|
176
|
-
\fIDefault\fR: $cadir/ca_crt\.pem
|
178
|
+
\fIDefault\fR: \fB$cadir/ca_crt\.pem\fR
|
177
179
|
.
|
178
180
|
.IP "" 0
|
179
181
|
.
|
@@ -181,7 +183,7 @@ The CA certificate\.
|
|
181
183
|
The certificate revocation list (CRL) for the CA\.
|
182
184
|
.
|
183
185
|
.IP "\(bu" 4
|
184
|
-
\fIDefault\fR: $cadir/ca_crl\.pem
|
186
|
+
\fIDefault\fR: \fB$cadir/ca_crl\.pem\fR
|
185
187
|
.
|
186
188
|
.IP "" 0
|
187
189
|
.
|
@@ -189,7 +191,7 @@ The certificate revocation list (CRL) for the CA\.
|
|
189
191
|
The root directory for the certificate authority\.
|
190
192
|
.
|
191
193
|
.IP "\(bu" 4
|
192
|
-
\fIDefault\fR: /etc/puppetlabs/puppetserver/ca
|
194
|
+
\fIDefault\fR: \fB/etc/puppetlabs/puppetserver/ca\fR
|
193
195
|
.
|
194
196
|
.IP "" 0
|
195
197
|
.
|
@@ -197,7 +199,7 @@ The root directory for the certificate authority\.
|
|
197
199
|
The CA private key\.
|
198
200
|
.
|
199
201
|
.IP "\(bu" 4
|
200
|
-
\fIDefault\fR: $cadir/ca_key\.pem
|
202
|
+
\fIDefault\fR: \fB$cadir/ca_key\.pem\fR
|
201
203
|
.
|
202
204
|
.IP "" 0
|
203
205
|
.
|
@@ -205,22 +207,23 @@ The CA private key\.
|
|
205
207
|
The CA public key\.
|
206
208
|
.
|
207
209
|
.IP "\(bu" 4
|
208
|
-
\fIDefault\fR: $cadir/ca_pub\.pem
|
210
|
+
\fIDefault\fR: \fB$cadir/ca_pub\.pem\fR
|
209
211
|
.
|
210
212
|
.IP "" 0
|
211
213
|
.
|
212
214
|
.SS "catalog_cache_terminus"
|
213
215
|
How to store cached catalogs\. Valid values are \'json\', \'msgpack\' and \'yaml\'\. The agent application defaults to \'json\'\.
|
214
216
|
.
|
215
|
-
.
|
216
|
-
\fIDefault\fR:
|
217
|
-
|
217
|
+
.IP "\(bu" 4
|
218
|
+
\fIDefault\fR: ``
|
219
|
+
.
|
220
|
+
.IP "" 0
|
218
221
|
.
|
219
222
|
.SS "catalog_terminus"
|
220
223
|
Where to get node catalogs\. This is useful to change if, for instance, you\'d like to pre\-compile catalogs and store them in memcached or some other easily\-accessed store\.
|
221
224
|
.
|
222
225
|
.IP "\(bu" 4
|
223
|
-
\fIDefault\fR:
|
226
|
+
\fIDefault\fR: \fBcompiler\fR
|
224
227
|
.
|
225
228
|
.IP "" 0
|
226
229
|
.
|
@@ -228,7 +231,7 @@ Where to get node catalogs\. This is useful to change if, for instance, you\'d l
|
|
228
231
|
The inventory file\. This is a text file to which the CA writes a complete listing of all certificates\.
|
229
232
|
.
|
230
233
|
.IP "\(bu" 4
|
231
|
-
\fIDefault\fR: $cadir/inventory\.txt
|
234
|
+
\fIDefault\fR: \fB$cadir/inventory\.txt\fR
|
232
235
|
.
|
233
236
|
.IP "" 0
|
234
237
|
.
|
@@ -236,7 +239,7 @@ The inventory file\. This is a text file to which the CA writes a complete listi
|
|
236
239
|
The certificate directory\.
|
237
240
|
.
|
238
241
|
.IP "\(bu" 4
|
239
|
-
\fIDefault\fR: $ssldir/certs
|
242
|
+
\fIDefault\fR: \fB$ssldir/certs\fR
|
240
243
|
.
|
241
244
|
.IP "" 0
|
242
245
|
.
|
@@ -256,7 +259,7 @@ When certificate_revocation is set to \'leaf\', Puppet verifies certs against th
|
|
256
259
|
When certificate_revocation is set to \'false\', Puppet disables all certificate revocation checking and does not attempt to download the CRL\.
|
257
260
|
.
|
258
261
|
.IP "\(bu" 4
|
259
|
-
\fIDefault\fR:
|
262
|
+
\fIDefault\fR: \fBchain\fR
|
260
263
|
.
|
261
264
|
.IP "" 0
|
262
265
|
.
|
@@ -284,7 +287,15 @@ The special value \fBca\fR is reserved, and can\'t be used as the certname for a
|
|
284
287
|
Defaults to the node\'s fully qualified domain name\.
|
285
288
|
.
|
286
289
|
.IP "\(bu" 4
|
287
|
-
\fIDefault\fR:
|
290
|
+
\fIDefault\fR: \fBthe Host\'s fully qualified domain name, as determined by Facter\fR
|
291
|
+
.
|
292
|
+
.IP "" 0
|
293
|
+
.
|
294
|
+
.SS "ciphers"
|
295
|
+
The list of ciphersuites for TLS connections initiated by puppet\. The default value is chosen to support TLS 1\.0 and up, but can be made more restrictive if needed\. The ciphersuites must be specified in OpenSSL format, not IANA\.
|
296
|
+
.
|
297
|
+
.IP "\(bu" 4
|
298
|
+
\fIDefault\fR: \fBECDHE\-ECDSA\-AES128\-GCM\-SHA256:ECDHE\-RSA\-AES128\-GCM\-SHA256:ECDHE\-ECDSA\-AES256\-GCM\-SHA384:ECDHE\-RSA\-AES256\-GCM\-SHA384:ECDHE\-ECDSA\-CHACHA20\-POLY1305:ECDHE\-RSA\-CHACHA20\-POLY1305:DHE\-RSA\-AES128\-GCM\-SHA256:DHE\-RSA\-AES256\-GCM\-SHA384:DHE\-RSA\-CHACHA20\-POLY1305:ECDHE\-ECDSA\-AES128\-SHA256:ECDHE\-RSA\-AES128\-SHA256:ECDHE\-ECDSA\-AES128\-SHA:ECDHE\-RSA\-AES128\-SHA:ECDHE\-ECDSA\-AES256\-SHA384:ECDHE\-RSA\-AES256\-SHA384:ECDHE\-ECDSA\-AES256\-SHA:ECDHE\-RSA\-AES256\-SHA:DHE\-RSA\-AES128\-SHA256:DHE\-RSA\-AES256\-SHA256:AES128\-GCM\-SHA256:AES256\-GCM\-SHA384:AES128\-SHA256:AES256\-SHA256\fR
|
288
299
|
.
|
289
300
|
.IP "" 0
|
290
301
|
.
|
@@ -292,7 +303,7 @@ Defaults to the node\'s fully qualified domain name\.
|
|
292
303
|
The file in which puppet agent stores a list of the classes associated with the retrieved configuration\. Can be loaded in the separate \fBpuppet\fR executable using the \fB\-\-loadclasses\fR option\.
|
293
304
|
.
|
294
305
|
.IP "\(bu" 4
|
295
|
-
\fIDefault\fR: $statedir/classes\.txt
|
306
|
+
\fIDefault\fR: \fB$statedir/classes\.txt\fR
|
296
307
|
.
|
297
308
|
.IP "" 0
|
298
309
|
.
|
@@ -300,7 +311,7 @@ The file in which puppet agent stores a list of the classes associated with the
|
|
300
311
|
The directory in which serialized data is stored on the client\.
|
301
312
|
.
|
302
313
|
.IP "\(bu" 4
|
303
|
-
\fIDefault\fR: $vardir/client_data
|
314
|
+
\fIDefault\fR: \fB$vardir/client_data\fR
|
304
315
|
.
|
305
316
|
.IP "" 0
|
306
317
|
.
|
@@ -308,7 +319,7 @@ The directory in which serialized data is stored on the client\.
|
|
308
319
|
Where FileBucket files are stored locally\.
|
309
320
|
.
|
310
321
|
.IP "\(bu" 4
|
311
|
-
\fIDefault\fR: $vardir/clientbucket
|
322
|
+
\fIDefault\fR: \fB$vardir/clientbucket\fR
|
312
323
|
.
|
313
324
|
.IP "" 0
|
314
325
|
.
|
@@ -316,7 +327,7 @@ Where FileBucket files are stored locally\.
|
|
316
327
|
The directory in which client\-side YAML data is stored\.
|
317
328
|
.
|
318
329
|
.IP "\(bu" 4
|
319
|
-
\fIDefault\fR: $vardir/client_yaml
|
330
|
+
\fIDefault\fR: \fB$vardir/client_yaml\fR
|
320
331
|
.
|
321
332
|
.IP "" 0
|
322
333
|
.
|
@@ -327,7 +338,7 @@ Code to parse directly\. This is essentially only used by \fBpuppet\fR, and shou
|
|
327
338
|
The main Puppet code directory\. The default for this setting is calculated based on the user\. If the process is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it\'s running as any other user, it defaults to being in the user\'s home directory\.
|
328
339
|
.
|
329
340
|
.IP "\(bu" 4
|
330
|
-
\fIDefault\fR:
|
341
|
+
\fIDefault\fR: \fBUnix/Linux: /etc/puppetlabs/code \-\- Windows: C:\eProgramData\ePuppetLabs\ecode \-\- Non\-root user: ~/\.puppetlabs/etc/code\fR
|
331
342
|
.
|
332
343
|
.IP "" 0
|
333
344
|
.
|
@@ -335,7 +346,7 @@ The main Puppet code directory\. The default for this setting is calculated base
|
|
335
346
|
Whether to use colors when logging to the console\. Valid values are \fBansi\fR (equivalent to \fBtrue\fR), \fBhtml\fR, and \fBfalse\fR, which produces no color\.
|
336
347
|
.
|
337
348
|
.IP "\(bu" 4
|
338
|
-
\fIDefault\fR:
|
349
|
+
\fIDefault\fR: \fBansi\fR
|
339
350
|
.
|
340
351
|
.IP "" 0
|
341
352
|
.
|
@@ -343,7 +354,7 @@ Whether to use colors when logging to the console\. Valid values are \fBansi\fR
|
|
343
354
|
The main Puppet configuration directory\. The default for this setting is calculated based on the user\. If the process is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it\'s running as any other user, it defaults to being in the user\'s home directory\.
|
344
355
|
.
|
345
356
|
.IP "\(bu" 4
|
346
|
-
\fIDefault\fR:
|
357
|
+
\fIDefault\fR: \fBUnix/Linux: /etc/puppetlabs/puppet \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\eetc \-\- Non\-root user: ~/\.puppetlabs/etc/puppet\fR
|
347
358
|
.
|
348
359
|
.IP "" 0
|
349
360
|
.
|
@@ -351,7 +362,7 @@ The main Puppet configuration directory\. The default for this setting is calcul
|
|
351
362
|
The configuration file for the current puppet application\.
|
352
363
|
.
|
353
364
|
.IP "\(bu" 4
|
354
|
-
\fIDefault\fR: $confdir/${config_file_name}
|
365
|
+
\fIDefault\fR: \fB$confdir/${config_file_name}\fR
|
355
366
|
.
|
356
367
|
.IP "" 0
|
357
368
|
.
|
@@ -359,7 +370,7 @@ The configuration file for the current puppet application\.
|
|
359
370
|
The name of the puppet config file\.
|
360
371
|
.
|
361
372
|
.IP "\(bu" 4
|
362
|
-
\fIDefault\fR:
|
373
|
+
\fIDefault\fR: \fBpuppet\.conf\fR
|
363
374
|
.
|
364
375
|
.IP "" 0
|
365
376
|
.
|
@@ -381,9 +392,10 @@ In general, the duration should be greater than the \fBruninterval\fR\. Setting
|
|
381
392
|
.P
|
382
393
|
If the agent downloads a new CRL, the agent will use it for subsequent network requests\. If the refresh request fails or if the CRL is unchanged on the server, then the agent run will continue using the local CRL it already has\.This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
383
394
|
.
|
384
|
-
.
|
385
|
-
\fIDefault\fR:
|
386
|
-
|
395
|
+
.IP "\(bu" 4
|
396
|
+
\fIDefault\fR: ``
|
397
|
+
.
|
398
|
+
.IP "" 0
|
387
399
|
.
|
388
400
|
.SS "csr_attributes"
|
389
401
|
An optional file containing custom attributes to add to certificate signing requests (CSRs)\. You should ensure that this file does not exist on your CA puppet master; if it does, unwanted certificate extensions may leak into certificates created with the \fBpuppetserver ca generate\fR command\.
|
@@ -398,7 +410,7 @@ Custom attributes can be used by the CA when deciding whether to sign the certif
|
|
398
410
|
Extension requests will be permanently embedded in the final certificate\. Extension OIDs must be in the "ppRegCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.1\fR), "ppPrivCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.2\fR), or "ppAuthCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.3\fR) OID arcs\. The ppRegCertExt arc is reserved for four of the most common pieces of data to embed: \fBpp_uuid\fR (\fB\.1\fR), \fBpp_instance_id\fR (\fB\.2\fR), \fBpp_image_name\fR (\fB\.3\fR), and \fBpp_preshared_key\fR (\fB\.4\fR) \-\-\- in the YAML file, these can be referred to by their short descriptive names instead of their full OID\. The ppPrivCertExt arc is unregulated, and can be used for site\-specific extensions\. The ppAuthCert arc is reserved for two pieces of data to embed: \fBpp_authorization\fR (\fB\.1\fR) and \fBpp_auth_role\fR (\fB\.13\fR)\. As with ppRegCertExt, in the YAML file, these can be referred to by their short descriptive name instead of their full OID\.
|
399
411
|
.
|
400
412
|
.IP "\(bu" 4
|
401
|
-
\fIDefault\fR: $confdir/csr_attributes\.yaml
|
413
|
+
\fIDefault\fR: \fB$confdir/csr_attributes\.yaml\fR
|
402
414
|
.
|
403
415
|
.IP "" 0
|
404
416
|
.
|
@@ -406,7 +418,7 @@ Extension requests will be permanently embedded in the final certificate\. Exten
|
|
406
418
|
Where the CA stores certificate requests\.
|
407
419
|
.
|
408
420
|
.IP "\(bu" 4
|
409
|
-
\fIDefault\fR: $cadir/requests
|
421
|
+
\fIDefault\fR: \fB$cadir/requests\fR
|
410
422
|
.
|
411
423
|
.IP "" 0
|
412
424
|
.
|
@@ -414,7 +426,7 @@ Where the CA stores certificate requests\.
|
|
414
426
|
Whether to send the process into the background\. This defaults to true on POSIX systems, and to false on Windows (where Puppet currently cannot daemonize)\.
|
415
427
|
.
|
416
428
|
.IP "\(bu" 4
|
417
|
-
\fIDefault\fR:
|
429
|
+
\fIDefault\fR: \fBtrue\fR
|
418
430
|
.
|
419
431
|
.IP "" 0
|
420
432
|
.
|
@@ -422,7 +434,7 @@ Whether to send the process into the background\. This defaults to true on POSIX
|
|
422
434
|
This setting has been deprecated\. Use of any value other than \'hiera\' should instead be configured in a version 5 hiera\.yaml\. Until this setting is removed, it controls which data binding terminus to use for global automatic data binding (across all environments)\. By default this value is \'hiera\'\. A value of \'none\' turns off the global binding\.
|
423
435
|
.
|
424
436
|
.IP "\(bu" 4
|
425
|
-
\fIDefault\fR:
|
437
|
+
\fIDefault\fR: \fBhiera\fR
|
426
438
|
.
|
427
439
|
.IP "" 0
|
428
440
|
.
|
@@ -430,7 +442,7 @@ This setting has been deprecated\. Use of any value other than \'hiera\' should
|
|
430
442
|
The default source for files if no server is given in a uri, e\.g\. puppet:///file\. The default of \fBrest\fR causes the file to be retrieved using the \fBserver\fR setting\. When running \fBapply\fR the default is \fBfile_server\fR, causing requests to be filled locally\.
|
431
443
|
.
|
432
444
|
.IP "\(bu" 4
|
433
|
-
\fIDefault\fR:
|
445
|
+
\fIDefault\fR: \fBrest\fR
|
434
446
|
.
|
435
447
|
.IP "" 0
|
436
448
|
.
|
@@ -444,7 +456,7 @@ This setting\'s value can be an absolute or relative path\. An absolute path wil
|
|
444
456
|
In either case, the path can point to a single file or to a directory of manifests to be evaluated in alphabetical order\.
|
445
457
|
.
|
446
458
|
.IP "\(bu" 4
|
447
|
-
\fIDefault\fR: \./manifests
|
459
|
+
\fIDefault\fR: \fB\./manifests\fR
|
448
460
|
.
|
449
461
|
.IP "" 0
|
450
462
|
.
|
@@ -452,7 +464,7 @@ In either case, the path can point to a single file or to a directory of manifes
|
|
452
464
|
Boolean; whether to generate the default schedule resources\. Setting this to false is useful for keeping external report processors clean of skipped schedule resources\.
|
453
465
|
.
|
454
466
|
.IP "\(bu" 4
|
455
|
-
\fIDefault\fR:
|
467
|
+
\fIDefault\fR: \fBtrue\fR
|
456
468
|
.
|
457
469
|
.IP "" 0
|
458
470
|
.
|
@@ -460,7 +472,7 @@ Boolean; whether to generate the default schedule resources\. Setting this to fa
|
|
460
472
|
The root directory of devices\' $confdir\.
|
461
473
|
.
|
462
474
|
.IP "\(bu" 4
|
463
|
-
\fIDefault\fR: $confdir/devices
|
475
|
+
\fIDefault\fR: \fB$confdir/devices\fR
|
464
476
|
.
|
465
477
|
.IP "" 0
|
466
478
|
.
|
@@ -468,7 +480,7 @@ The root directory of devices\' $confdir\.
|
|
468
480
|
Path to the device config file for puppet device\.
|
469
481
|
.
|
470
482
|
.IP "\(bu" 4
|
471
|
-
\fIDefault\fR: $confdir/device\.conf
|
483
|
+
\fIDefault\fR: \fB$confdir/device\.conf\fR
|
472
484
|
.
|
473
485
|
.IP "" 0
|
474
486
|
.
|
@@ -476,7 +488,7 @@ Path to the device config file for puppet device\.
|
|
476
488
|
The root directory of devices\' $vardir\.
|
477
489
|
.
|
478
490
|
.IP "\(bu" 4
|
479
|
-
\fIDefault\fR: $vardir/devices
|
491
|
+
\fIDefault\fR: \fB$vardir/devices\fR
|
480
492
|
.
|
481
493
|
.IP "" 0
|
482
494
|
.
|
@@ -484,7 +496,7 @@ The root directory of devices\' $vardir\.
|
|
484
496
|
Which diff command to use when printing differences between files\. This setting has no default value on Windows, as standard \fBdiff\fR is not available, but Puppet can use many third\-party diff tools\.
|
485
497
|
.
|
486
498
|
.IP "\(bu" 4
|
487
|
-
\fIDefault\fR:
|
499
|
+
\fIDefault\fR: \fBdiff\fR
|
488
500
|
.
|
489
501
|
.IP "" 0
|
490
502
|
.
|
@@ -492,7 +504,7 @@ Which diff command to use when printing differences between files\. This setting
|
|
492
504
|
Which arguments to pass to the diff command when printing differences between files\. The command to use can be chosen with the \fBdiff\fR setting\.
|
493
505
|
.
|
494
506
|
.IP "\(bu" 4
|
495
|
-
\fIDefault\fR: \-u
|
507
|
+
\fIDefault\fR: \fB\-u\fR
|
496
508
|
.
|
497
509
|
.IP "" 0
|
498
510
|
.
|
@@ -500,7 +512,7 @@ Which arguments to pass to the diff command when printing differences between fi
|
|
500
512
|
Which digest algorithm to use for file resources and the filebucket\. Valid values are sha256, sha384, sha512, sha224, md5\. Default is sha256\.
|
501
513
|
.
|
502
514
|
.IP "\(bu" 4
|
503
|
-
\fIDefault\fR:
|
515
|
+
\fIDefault\fR: \fBsha256\fR
|
504
516
|
.
|
505
517
|
.IP "" 0
|
506
518
|
.
|
@@ -508,7 +520,7 @@ Which digest algorithm to use for file resources and the filebucket\. Valid valu
|
|
508
520
|
If true, turns off all translations of Puppet and module log messages, which affects error, warning, and info log messages, as well as any translations in the report and CLI\.
|
509
521
|
.
|
510
522
|
.IP "\(bu" 4
|
511
|
-
\fIDefault\fR:
|
523
|
+
\fIDefault\fR: \fBtrue\fR
|
512
524
|
.
|
513
525
|
.IP "" 0
|
514
526
|
.
|
@@ -519,7 +531,7 @@ Whether to disallow an environment\-specific main manifest\. When set to \fBtrue
|
|
519
531
|
This setting requires \fBdefault_manifest\fR to be set to an absolute path\.
|
520
532
|
.
|
521
533
|
.IP "\(bu" 4
|
522
|
-
\fIDefault\fR:
|
534
|
+
\fIDefault\fR: \fBfalse\fR
|
523
535
|
.
|
524
536
|
.IP "" 0
|
525
537
|
.
|
@@ -542,7 +554,7 @@ Valid values for this setting are:
|
|
542
554
|
\fBundefined_resources\fR \-\-\- disables warnings about non existing resources\.
|
543
555
|
.
|
544
556
|
.IP "\(bu" 4
|
545
|
-
\fIDefault\fR: []
|
557
|
+
\fIDefault\fR: \fB[]\fR
|
546
558
|
.
|
547
559
|
.IP "" 0
|
548
560
|
.
|
@@ -553,7 +565,7 @@ A comma\-separated list of alternate DNS names for Puppet Server\. These are ext
|
|
553
565
|
In order to handle agent requests at a given hostname (like "puppet\.example\.com"), Puppet Server needs a certificate that proves it\'s allowed to use that name; if a server shows a certificate that doesn\'t include its hostname, Puppet agents will refuse to trust it\. If you use a single hostname for Puppet traffic but load\-balance it to multiple Puppet Servers, each of those servers needs to include the official hostname in its list of extra names\.
|
554
566
|
.
|
555
567
|
.P
|
556
|
-
\fBNote:\fR The list of alternate names is locked in when the server\'s certificate is signed\. If you need to change the list later, you can\'t just change this setting; you also need to regenerate the certificate\. For more information on that process, see the
|
568
|
+
\fBNote:\fR The list of alternate names is locked in when the server\'s certificate is signed\. If you need to change the list later, you can\'t just change this setting; you also need to regenerate the certificate\. For more information on that process, see the cert regen docs \fIhttps://puppet\.com/docs/puppet/latest/ssl_regenerate_certificates\.html\fR\.
|
557
569
|
.
|
558
570
|
.P
|
559
571
|
To see all the alternate names your servers are using, log into your CA server and run \fBpuppetserver ca list \-\-all\fR, then check the output for \fB(alt names: \.\.\.)\fR\. Most agent nodes should NOT have alternate names; the only certs that should have them are Puppet Server nodes that you want other agents to trust\.
|
@@ -562,7 +574,7 @@ To see all the alternate names your servers are using, log into your CA server a
|
|
562
574
|
Whether to document all resources when using \fBpuppet doc\fR to generate manifest documentation\.
|
563
575
|
.
|
564
576
|
.IP "\(bu" 4
|
565
|
-
\fIDefault\fR:
|
577
|
+
\fIDefault\fR: \fBfalse\fR
|
566
578
|
.
|
567
579
|
.IP "" 0
|
568
580
|
.
|
@@ -579,16 +591,17 @@ When defined in the \fB[user]\fR section, the environment refers to the path tha
|
|
579
591
|
Given that the context and effects vary depending on the config section \fIhttps://puppet\.com/docs/puppet/latest/config_file_main\.html#config\-sections\fR in which the \fBenvironment\fR setting is defined, do not set it globally\.
|
580
592
|
.
|
581
593
|
.IP "\(bu" 4
|
582
|
-
\fIDefault\fR:
|
594
|
+
\fIDefault\fR: \fBproduction\fR
|
583
595
|
.
|
584
596
|
.IP "" 0
|
585
597
|
.
|
586
598
|
.SS "environment_data_provider"
|
587
599
|
The name of a registered environment data provider used when obtaining environment specific data\. The three built in and registered providers are \'none\' (no data), \'function\' (data obtained by calling the function \'environment::data()\') and \'hiera\' (data obtained using a data provider configured using a hiera\.yaml file in root of the environment)\. Other environment data providers may be registered in modules on the module path\. For such custom data providers see the respective module documentation\. This setting is deprecated\.
|
588
600
|
.
|
589
|
-
.
|
590
|
-
\fIDefault\fR:
|
591
|
-
|
601
|
+
.IP "\(bu" 4
|
602
|
+
\fIDefault\fR: ``
|
603
|
+
.
|
604
|
+
.IP "" 0
|
592
605
|
.
|
593
606
|
.SS "environment_timeout"
|
594
607
|
How long the Puppet server should cache data it loads from an environment\.
|
@@ -611,7 +624,7 @@ Setting this to a number that will keep your most actively used environments cac
|
|
611
624
|
Once you set \fBenvironment_timeout\fR to a non\-zero value, you need to tell Puppet server to read new code from disk using the \fBenvironment\-cache\fR API endpoint after you deploy new code\. See the docs for the Puppet Server administrative API \fIhttps://puppet\.com/docs/puppetserver/latest/admin\-api/v1/environment\-cache\.html\fR\.
|
612
625
|
.
|
613
626
|
.IP "\(bu" 4
|
614
|
-
\fIDefault\fR:
|
627
|
+
\fIDefault\fR: \fB0\fR
|
615
628
|
.
|
616
629
|
.IP "" 0
|
617
630
|
.
|
@@ -622,7 +635,7 @@ A search path for directory environments, as a list of directories separated by
|
|
622
635
|
This setting must have a value set to enable \fBdirectory environments\.\fR The recommended value is \fB$codedir/environments\fR\. For more details, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
|
623
636
|
.
|
624
637
|
.IP "\(bu" 4
|
625
|
-
\fIDefault\fR: $codedir/environments
|
638
|
+
\fIDefault\fR: \fB$codedir/environments\fR
|
626
639
|
.
|
627
640
|
.IP "" 0
|
628
641
|
.
|
@@ -630,7 +643,7 @@ This setting must have a value set to enable \fBdirectory environments\.\fR The
|
|
630
643
|
Whether each resource should log when it is being evaluated\. This allows you to interactively see exactly what is being done\.
|
631
644
|
.
|
632
645
|
.IP "\(bu" 4
|
633
|
-
\fIDefault\fR:
|
646
|
+
\fIDefault\fR: \fBfalse\fR
|
634
647
|
.
|
635
648
|
.IP "" 0
|
636
649
|
.
|
@@ -672,7 +685,7 @@ Generally, an ENC script makes requests to an external data source\.
|
|
672
685
|
For more info, see the ENC documentation \fIhttps://puppet\.com/docs/puppet/latest/nodes_external\.html\fR\.
|
673
686
|
.
|
674
687
|
.IP "\(bu" 4
|
675
|
-
\fIDefault\fR:
|
688
|
+
\fIDefault\fR: \fBnone\fR
|
676
689
|
.
|
677
690
|
.IP "" 0
|
678
691
|
.
|
@@ -680,7 +693,7 @@ For more info, see the ENC documentation \fIhttps://puppet\.com/docs/puppet/late
|
|
680
693
|
Where Puppet should look for facts\. Multiple directories should be separated by the system path separator character\. (The POSIX path separator is \':\', and the Windows path separator is \';\'\.)
|
681
694
|
.
|
682
695
|
.IP "\(bu" 4
|
683
|
-
\fIDefault\fR: $vardir/lib/facter:$vardir/facts
|
696
|
+
\fIDefault\fR: \fB$vardir/lib/facter:$vardir/facts\fR
|
684
697
|
.
|
685
698
|
.IP "" 0
|
686
699
|
.
|
@@ -688,7 +701,7 @@ Where Puppet should look for facts\. Multiple directories should be separated by
|
|
688
701
|
The node facts terminus\.
|
689
702
|
.
|
690
703
|
.IP "\(bu" 4
|
691
|
-
\fIDefault\fR:
|
704
|
+
\fIDefault\fR: \fBfacter\fR
|
692
705
|
.
|
693
706
|
.IP "" 0
|
694
707
|
.
|
@@ -696,7 +709,7 @@ The node facts terminus\.
|
|
696
709
|
Where the fileserver configuration is stored\.
|
697
710
|
.
|
698
711
|
.IP "\(bu" 4
|
699
|
-
\fIDefault\fR: $confdir/fileserver\.conf
|
712
|
+
\fIDefault\fR: \fB$confdir/fileserver\.conf\fR
|
700
713
|
.
|
701
714
|
.IP "" 0
|
702
715
|
.
|
@@ -704,22 +717,23 @@ Where the fileserver configuration is stored\.
|
|
704
717
|
The minimum time to wait between checking for updates in configuration files\. This timeout determines how quickly Puppet checks whether a file (such as manifests or puppet\.conf) has changed on disk\. The default will change in a future release to be \'unlimited\', requiring a reload of the Puppet service to pick up changes to its internal configuration\. Currently we do not accept a value of \'unlimited\'\. To reparse files within an environment in Puppet Server please use the environment_cache endpoint
|
705
718
|
.
|
706
719
|
.IP "\(bu" 4
|
707
|
-
\fIDefault\fR:
|
720
|
+
\fIDefault\fR: \fB15s\fR
|
708
721
|
.
|
709
722
|
.IP "" 0
|
710
723
|
.
|
711
724
|
.SS "forge_authorization"
|
712
725
|
The authorization key to connect to the Puppet Forge\. Leave blank for unauthorized or license based connections
|
713
726
|
.
|
714
|
-
.
|
715
|
-
\fIDefault\fR:
|
716
|
-
|
727
|
+
.IP "\(bu" 4
|
728
|
+
\fIDefault\fR: ``
|
729
|
+
.
|
730
|
+
.IP "" 0
|
717
731
|
.
|
718
732
|
.SS "freeze_main"
|
719
733
|
Freezes the \'main\' class, disallowing any code to be added to it\. This essentially means that you can\'t have any code outside of a node, class, or definition other than in the site manifest\.
|
720
734
|
.
|
721
735
|
.IP "\(bu" 4
|
722
|
-
\fIDefault\fR:
|
736
|
+
\fIDefault\fR: \fBfalse\fR
|
723
737
|
.
|
724
738
|
.IP "" 0
|
725
739
|
.
|
@@ -727,7 +741,7 @@ Freezes the \'main\' class, disallowing any code to be added to it\. This essent
|
|
727
741
|
When true, causes Puppet applications to print an example config file to stdout and exit\. The example will include descriptions of each setting, and the current (or default) value of each setting, incorporating any settings overridden on the CLI (with the exception of \fBgenconfig\fR itself)\. This setting only makes sense when specified on the command line as \fB\-\-genconfig\fR\.
|
728
742
|
.
|
729
743
|
.IP "\(bu" 4
|
730
|
-
\fIDefault\fR:
|
744
|
+
\fIDefault\fR: \fBfalse\fR
|
731
745
|
.
|
732
746
|
.IP "" 0
|
733
747
|
.
|
@@ -735,7 +749,7 @@ When true, causes Puppet applications to print an example config file to stdout
|
|
735
749
|
Whether to just print a manifest to stdout and exit\. Only makes sense when specified on the command line as \fB\-\-genmanifest\fR\. Takes into account arguments specified on the CLI\.
|
736
750
|
.
|
737
751
|
.IP "\(bu" 4
|
738
|
-
\fIDefault\fR:
|
752
|
+
\fIDefault\fR: \fBfalse\fR
|
739
753
|
.
|
740
754
|
.IP "" 0
|
741
755
|
.
|
@@ -752,7 +766,7 @@ The \fBgraphdir\fR setting determines where Puppet will save graphs\. Note that
|
|
752
766
|
See your graphing software\'s documentation for details on opening \.dot files\. If you\'re using GraphViz\'s \fBdot\fR command, you can do a quick PNG render with \fBdot \-Tpng <DOT FILE> \-o <OUTPUT FILE>\fR\.
|
753
767
|
.
|
754
768
|
.IP "\(bu" 4
|
755
|
-
\fIDefault\fR:
|
769
|
+
\fIDefault\fR: \fBfalse\fR
|
756
770
|
.
|
757
771
|
.IP "" 0
|
758
772
|
.
|
@@ -760,7 +774,7 @@ See your graphing software\'s documentation for details on opening \.dot files\.
|
|
760
774
|
Where to save \.dot\-format graphs (when the \fBgraph\fR setting is enabled)\.
|
761
775
|
.
|
762
776
|
.IP "\(bu" 4
|
763
|
-
\fIDefault\fR: $statedir/graphs
|
777
|
+
\fIDefault\fR: \fB$statedir/graphs\fR
|
764
778
|
.
|
765
779
|
.IP "" 0
|
766
780
|
.
|
@@ -768,7 +782,7 @@ Where to save \.dot\-format graphs (when the \fBgraph\fR setting is enabled)\.
|
|
768
782
|
The group Puppet Server will run as\. Used to ensure the agent side processes (agent, apply, etc) create files and directories readable by Puppet Server when necessary\.
|
769
783
|
.
|
770
784
|
.IP "\(bu" 4
|
771
|
-
\fIDefault\fR:
|
785
|
+
\fIDefault\fR: \fBpuppet\fR
|
772
786
|
.
|
773
787
|
.IP "" 0
|
774
788
|
.
|
@@ -776,7 +790,7 @@ The group Puppet Server will run as\. Used to ensure the agent side processes (a
|
|
776
790
|
The hiera configuration file\. Puppet only reads this file on startup, so you must restart the puppet server every time you edit it\.
|
777
791
|
.
|
778
792
|
.IP "\(bu" 4
|
779
|
-
\fIDefault\fR: $confdir/hiera\.yaml\. However, for backwards compatibility, if a file exists at $codedir/hiera\.yaml, Puppet uses that instead
|
793
|
+
\fIDefault\fR: \fB$confdir/hiera\.yaml\. However, for backwards compatibility, if a file exists at $codedir/hiera\.yaml, Puppet uses that instead\.\fR
|
780
794
|
.
|
781
795
|
.IP "" 0
|
782
796
|
.
|
@@ -784,7 +798,7 @@ The hiera configuration file\. Puppet only reads this file on startup, so you mu
|
|
784
798
|
Where individual hosts store and look for their certificates\.
|
785
799
|
.
|
786
800
|
.IP "\(bu" 4
|
787
|
-
\fIDefault\fR: $certdir/$certname\.pem
|
801
|
+
\fIDefault\fR: \fB$certdir/$certname\.pem\fR
|
788
802
|
.
|
789
803
|
.IP "" 0
|
790
804
|
.
|
@@ -792,7 +806,7 @@ Where individual hosts store and look for their certificates\.
|
|
792
806
|
Where the host\'s certificate revocation list can be found\. This is distinct from the certificate authority\'s CRL\.
|
793
807
|
.
|
794
808
|
.IP "\(bu" 4
|
795
|
-
\fIDefault\fR: $ssldir/crl\.pem
|
809
|
+
\fIDefault\fR: \fB$ssldir/crl\.pem\fR
|
796
810
|
.
|
797
811
|
.IP "" 0
|
798
812
|
.
|
@@ -800,7 +814,7 @@ Where the host\'s certificate revocation list can be found\. This is distinct fr
|
|
800
814
|
Where individual hosts store their certificate request (CSR) while waiting for the CA to issue their certificate\.
|
801
815
|
.
|
802
816
|
.IP "\(bu" 4
|
803
|
-
\fIDefault\fR: $requestdir/$certname\.pem
|
817
|
+
\fIDefault\fR: \fB$requestdir/$certname\.pem\fR
|
804
818
|
.
|
805
819
|
.IP "" 0
|
806
820
|
.
|
@@ -808,7 +822,7 @@ Where individual hosts store their certificate request (CSR) while waiting for t
|
|
808
822
|
Where individual hosts store and look for their private key\.
|
809
823
|
.
|
810
824
|
.IP "\(bu" 4
|
811
|
-
\fIDefault\fR: $privatekeydir/$certname\.pem
|
825
|
+
\fIDefault\fR: \fB$privatekeydir/$certname\.pem\fR
|
812
826
|
.
|
813
827
|
.IP "" 0
|
814
828
|
.
|
@@ -816,7 +830,7 @@ Where individual hosts store and look for their private key\.
|
|
816
830
|
Where individual hosts store and look for their public key\.
|
817
831
|
.
|
818
832
|
.IP "\(bu" 4
|
819
|
-
\fIDefault\fR: $publickeydir/$certname\.pem
|
833
|
+
\fIDefault\fR: \fB$publickeydir/$certname\.pem\fR
|
820
834
|
.
|
821
835
|
.IP "" 0
|
822
836
|
.
|
@@ -824,7 +838,7 @@ Where individual hosts store and look for their public key\.
|
|
824
838
|
The maximum amount of time to wait when establishing an HTTP connection\. The default value is 2 minutes\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
825
839
|
.
|
826
840
|
.IP "\(bu" 4
|
827
|
-
\fIDefault\fR:
|
841
|
+
\fIDefault\fR: \fB2m\fR
|
828
842
|
.
|
829
843
|
.IP "" 0
|
830
844
|
.
|
@@ -832,7 +846,7 @@ The maximum amount of time to wait when establishing an HTTP connection\. The de
|
|
832
846
|
Whether to write HTTP request and responses to stderr\. This should never be used in a production environment\.
|
833
847
|
.
|
834
848
|
.IP "\(bu" 4
|
835
|
-
\fIDefault\fR:
|
849
|
+
\fIDefault\fR: \fBfalse\fR
|
836
850
|
.
|
837
851
|
.IP "" 0
|
838
852
|
.
|
@@ -840,7 +854,7 @@ Whether to write HTTP request and responses to stderr\. This should never be use
|
|
840
854
|
The list of extra headers that will be sent with http requests to the master\. The header definition consists of a name and a value separated by a colon\.
|
841
855
|
.
|
842
856
|
.IP "\(bu" 4
|
843
|
-
\fIDefault\fR: []
|
857
|
+
\fIDefault\fR: \fB[]\fR
|
844
858
|
.
|
845
859
|
.IP "" 0
|
846
860
|
.
|
@@ -848,7 +862,7 @@ The list of extra headers that will be sent with http requests to the master\. T
|
|
848
862
|
The maximum amount of time a persistent HTTP connection can remain idle in the connection pool, before it is closed\. This timeout should be shorter than the keepalive timeout used on the HTTP server, e\.g\. Apache KeepAliveTimeout directive\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
849
863
|
.
|
850
864
|
.IP "\(bu" 4
|
851
|
-
\fIDefault\fR:
|
865
|
+
\fIDefault\fR: \fB4s\fR
|
852
866
|
.
|
853
867
|
.IP "" 0
|
854
868
|
.
|
@@ -856,7 +870,7 @@ The maximum amount of time a persistent HTTP connection can remain idle in the c
|
|
856
870
|
The HTTP proxy host to use for outgoing connections\. The proxy will be bypassed if the server\'s hostname matches the NO_PROXY environment variable or \fBno_proxy\fR setting\. Note: You may need to use a FQDN for the server hostname when using a proxy\. Environment variable http_proxy or HTTP_PROXY will override this value\.
|
857
871
|
.
|
858
872
|
.IP "\(bu" 4
|
859
|
-
\fIDefault\fR:
|
873
|
+
\fIDefault\fR: \fBnone\fR
|
860
874
|
.
|
861
875
|
.IP "" 0
|
862
876
|
.
|
@@ -867,7 +881,7 @@ The password for the user of an authenticated HTTP proxy\. Requires the \fBhttp_
|
|
867
881
|
Note that passwords must be valid when used as part of a URL\. If a password contains any characters with special meanings in URLs (as specified by RFC 3986 section 2\.2), they must be URL\-encoded\. (For example, \fB#\fR would become \fB%23\fR\.)
|
868
882
|
.
|
869
883
|
.IP "\(bu" 4
|
870
|
-
\fIDefault\fR:
|
884
|
+
\fIDefault\fR: \fBnone\fR
|
871
885
|
.
|
872
886
|
.IP "" 0
|
873
887
|
.
|
@@ -875,7 +889,7 @@ Note that passwords must be valid when used as part of a URL\. If a password con
|
|
875
889
|
The HTTP proxy port to use for outgoing connections
|
876
890
|
.
|
877
891
|
.IP "\(bu" 4
|
878
|
-
\fIDefault\fR:
|
892
|
+
\fIDefault\fR: \fB3128\fR
|
879
893
|
.
|
880
894
|
.IP "" 0
|
881
895
|
.
|
@@ -883,7 +897,7 @@ The HTTP proxy port to use for outgoing connections
|
|
883
897
|
The user name for an authenticated HTTP proxy\. Requires the \fBhttp_proxy_host\fR setting\.
|
884
898
|
.
|
885
899
|
.IP "\(bu" 4
|
886
|
-
\fIDefault\fR:
|
900
|
+
\fIDefault\fR: \fBnone\fR
|
887
901
|
.
|
888
902
|
.IP "" 0
|
889
903
|
.
|
@@ -891,7 +905,7 @@ The user name for an authenticated HTTP proxy\. Requires the \fBhttp_proxy_host\
|
|
891
905
|
The time to wait for data to be read from an HTTP connection\. If nothing is read after the elapsed interval then the connection will be closed\. The default value is 10 minutes\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
892
906
|
.
|
893
907
|
.IP "\(bu" 4
|
894
|
-
\fIDefault\fR:
|
908
|
+
\fIDefault\fR: \fB10m\fR
|
895
909
|
.
|
896
910
|
.IP "" 0
|
897
911
|
.
|
@@ -899,7 +913,7 @@ The time to wait for data to be read from an HTTP connection\. If nothing is rea
|
|
899
913
|
The HTTP User\-Agent string to send when making network requests\.
|
900
914
|
.
|
901
915
|
.IP "\(bu" 4
|
902
|
-
\fIDefault\fR:
|
916
|
+
\fIDefault\fR: \fBPuppet/7\.7\.0 Ruby/2\.5\.1\-p57 (x86_64\-linux)\fR
|
903
917
|
.
|
904
918
|
.IP "" 0
|
905
919
|
.
|
@@ -907,7 +921,7 @@ The HTTP User\-Agent string to send when making network requests\.
|
|
907
921
|
Whether the puppet run should ignore errors during pluginsync\. If the setting is false and there are errors during pluginsync, then the agent will abort the run and submit a report containing information about the failed run\.
|
908
922
|
.
|
909
923
|
.IP "\(bu" 4
|
910
|
-
\fIDefault\fR:
|
924
|
+
\fIDefault\fR: \fBfalse\fR
|
911
925
|
.
|
912
926
|
.IP "" 0
|
913
927
|
.
|
@@ -915,7 +929,7 @@ Whether the puppet run should ignore errors during pluginsync\. If the setting i
|
|
915
929
|
Skip searching for classes and definitions that were missing during a prior compilation\. The list of missing objects is maintained per\-environment and persists until the environment is cleared or the master is restarted\.
|
916
930
|
.
|
917
931
|
.IP "\(bu" 4
|
918
|
-
\fIDefault\fR:
|
932
|
+
\fIDefault\fR: \fBfalse\fR
|
919
933
|
.
|
920
934
|
.IP "" 0
|
921
935
|
.
|
@@ -923,7 +937,7 @@ Skip searching for classes and definitions that were missing during a prior comp
|
|
923
937
|
Boolean; whether puppet agent should ignore schedules\. This is useful for initial puppet agent runs\.
|
924
938
|
.
|
925
939
|
.IP "\(bu" 4
|
926
|
-
\fIDefault\fR:
|
940
|
+
\fIDefault\fR: \fBfalse\fR
|
927
941
|
.
|
928
942
|
.IP "" 0
|
929
943
|
.
|
@@ -931,7 +945,7 @@ Boolean; whether puppet agent should ignore schedules\. This is useful for initi
|
|
931
945
|
The type of private key\. Valid values are \fBrsa\fR and \fBec\fR\. Default is \fBrsa\fR\.
|
932
946
|
.
|
933
947
|
.IP "\(bu" 4
|
934
|
-
\fIDefault\fR:
|
948
|
+
\fIDefault\fR: \fBrsa\fR
|
935
949
|
.
|
936
950
|
.IP "" 0
|
937
951
|
.
|
@@ -939,7 +953,7 @@ The type of private key\. Valid values are \fBrsa\fR and \fBec\fR\. Default is \
|
|
939
953
|
The bit length of keys\.
|
940
954
|
.
|
941
955
|
.IP "\(bu" 4
|
942
|
-
\fIDefault\fR:
|
956
|
+
\fIDefault\fR: \fB4096\fR
|
943
957
|
.
|
944
958
|
.IP "" 0
|
945
959
|
.
|
@@ -947,7 +961,7 @@ The bit length of keys\.
|
|
947
961
|
Where puppet agent stores the last run report summary in yaml format\.
|
948
962
|
.
|
949
963
|
.IP "\(bu" 4
|
950
|
-
\fIDefault\fR: $publicdir/last_run_summary\.yaml
|
964
|
+
\fIDefault\fR: \fB$publicdir/last_run_summary\.yaml\fR
|
951
965
|
.
|
952
966
|
.IP "" 0
|
953
967
|
.
|
@@ -955,7 +969,7 @@ Where puppet agent stores the last run report summary in yaml format\.
|
|
955
969
|
Where Puppet Agent stores the last run report, by default, in yaml format\. The format of the report can be changed by setting the \fBcache\fR key of the \fBreport\fR terminus in the routes\.yaml \fIhttps://puppet\.com/docs/puppet/latest/config_file_routes\.html\fR file\. To avoid mismatches between content and file extension, this setting needs to be manually updated to reflect the terminus changes\.
|
956
970
|
.
|
957
971
|
.IP "\(bu" 4
|
958
|
-
\fIDefault\fR: $statedir/last_run_report\.yaml
|
972
|
+
\fIDefault\fR: \fB$statedir/last_run_report\.yaml\fR
|
959
973
|
.
|
960
974
|
.IP "" 0
|
961
975
|
.
|
@@ -963,7 +977,7 @@ Where Puppet Agent stores the last run report, by default, in yaml format\. The
|
|
963
977
|
The LDAP attributes to include when querying LDAP for nodes\. All returned attributes are set as variables in the top\-level scope\. Multiple values should be comma\-separated\. The value \'all\' returns all attributes\.
|
964
978
|
.
|
965
979
|
.IP "\(bu" 4
|
966
|
-
\fIDefault\fR:
|
980
|
+
\fIDefault\fR: \fBall\fR
|
967
981
|
.
|
968
982
|
.IP "" 0
|
969
983
|
.
|
@@ -974,7 +988,7 @@ The search base for LDAP searches\. It\'s impossible to provide a meaningful def
|
|
974
988
|
The LDAP attributes to use to define Puppet classes\. Values should be comma\-separated\.
|
975
989
|
.
|
976
990
|
.IP "\(bu" 4
|
977
|
-
\fIDefault\fR:
|
991
|
+
\fIDefault\fR: \fBpuppetclass\fR
|
978
992
|
.
|
979
993
|
.IP "" 0
|
980
994
|
.
|
@@ -982,7 +996,7 @@ The LDAP attributes to use to define Puppet classes\. Values should be comma\-se
|
|
982
996
|
The attribute to use to define the parent node\.
|
983
997
|
.
|
984
998
|
.IP "\(bu" 4
|
985
|
-
\fIDefault\fR:
|
999
|
+
\fIDefault\fR: \fBparentnode\fR
|
986
1000
|
.
|
987
1001
|
.IP "" 0
|
988
1002
|
.
|
@@ -993,7 +1007,7 @@ The password to use to connect to LDAP\.
|
|
993
1007
|
The LDAP port\.
|
994
1008
|
.
|
995
1009
|
.IP "\(bu" 4
|
996
|
-
\fIDefault\fR:
|
1010
|
+
\fIDefault\fR: \fB389\fR
|
997
1011
|
.
|
998
1012
|
.IP "" 0
|
999
1013
|
.
|
@@ -1001,7 +1015,7 @@ The LDAP port\.
|
|
1001
1015
|
The LDAP server\.
|
1002
1016
|
.
|
1003
1017
|
.IP "\(bu" 4
|
1004
|
-
\fIDefault\fR:
|
1018
|
+
\fIDefault\fR: \fBldap\fR
|
1005
1019
|
.
|
1006
1020
|
.IP "" 0
|
1007
1021
|
.
|
@@ -1009,7 +1023,7 @@ The LDAP server\.
|
|
1009
1023
|
Whether SSL should be used when searching for nodes\. Defaults to false because SSL usually requires certificates to be set up on the client side\.
|
1010
1024
|
.
|
1011
1025
|
.IP "\(bu" 4
|
1012
|
-
\fIDefault\fR:
|
1026
|
+
\fIDefault\fR: \fBfalse\fR
|
1013
1027
|
.
|
1014
1028
|
.IP "" 0
|
1015
1029
|
.
|
@@ -1017,7 +1031,7 @@ Whether SSL should be used when searching for nodes\. Defaults to false because
|
|
1017
1031
|
The LDAP attributes that should be stacked to arrays by adding the values in all hierarchy elements of the tree\. Values should be comma\-separated\.
|
1018
1032
|
.
|
1019
1033
|
.IP "\(bu" 4
|
1020
|
-
\fIDefault\fR:
|
1034
|
+
\fIDefault\fR: \fBpuppetvar\fR
|
1021
1035
|
.
|
1022
1036
|
.IP "" 0
|
1023
1037
|
.
|
@@ -1025,7 +1039,7 @@ The LDAP attributes that should be stacked to arrays by adding the values in all
|
|
1025
1039
|
The search string used to find an LDAP node\.
|
1026
1040
|
.
|
1027
1041
|
.IP "\(bu" 4
|
1028
|
-
\fIDefault\fR: (&(objectclass=puppetClient)(cn=%s))
|
1042
|
+
\fIDefault\fR: \fB(&(objectclass=puppetClient)(cn=%s))\fR
|
1029
1043
|
.
|
1030
1044
|
.IP "" 0
|
1031
1045
|
.
|
@@ -1033,7 +1047,7 @@ The search string used to find an LDAP node\.
|
|
1033
1047
|
Whether TLS should be used when searching for nodes\. Defaults to false because TLS usually requires certificates to be set up on the client side\.
|
1034
1048
|
.
|
1035
1049
|
.IP "\(bu" 4
|
1036
|
-
\fIDefault\fR:
|
1050
|
+
\fIDefault\fR: \fBfalse\fR
|
1037
1051
|
.
|
1038
1052
|
.IP "" 0
|
1039
1053
|
.
|
@@ -1044,7 +1058,7 @@ The user to use to connect to LDAP\. Must be specified as a full DN\.
|
|
1044
1058
|
An extra search path for Puppet\. This is only useful for those files that Puppet will load on demand, and is only guaranteed to work for those cases\. In fact, the autoload mechanism is responsible for making sure this directory is in Ruby\'s search path
|
1045
1059
|
.
|
1046
1060
|
.IP "\(bu" 4
|
1047
|
-
\fIDefault\fR: $vardir/lib
|
1061
|
+
\fIDefault\fR: \fB$vardir/lib\fR
|
1048
1062
|
.
|
1049
1063
|
.IP "" 0
|
1050
1064
|
.
|
@@ -1052,7 +1066,7 @@ An extra search path for Puppet\. This is only useful for those files that Puppe
|
|
1052
1066
|
Where each client stores the CA certificate\.
|
1053
1067
|
.
|
1054
1068
|
.IP "\(bu" 4
|
1055
|
-
\fIDefault\fR: $certdir/ca\.pem
|
1069
|
+
\fIDefault\fR: \fB$certdir/ca\.pem\fR
|
1056
1070
|
.
|
1057
1071
|
.IP "" 0
|
1058
1072
|
.
|
@@ -1060,7 +1074,7 @@ Where each client stores the CA certificate\.
|
|
1060
1074
|
Where Puppet should store translation files that it pulls down from the central server\.
|
1061
1075
|
.
|
1062
1076
|
.IP "\(bu" 4
|
1063
|
-
\fIDefault\fR: $vardir/locales
|
1077
|
+
\fIDefault\fR: \fB$vardir/locales\fR
|
1064
1078
|
.
|
1065
1079
|
.IP "" 0
|
1066
1080
|
.
|
@@ -1068,7 +1082,7 @@ Where Puppet should store translation files that it pulls down from the central
|
|
1068
1082
|
From where to retrieve translation files\. The standard Puppet \fBfile\fR type is used for retrieval, so anything that is a valid file source can be used here\.
|
1069
1083
|
.
|
1070
1084
|
.IP "\(bu" 4
|
1071
|
-
\fIDefault\fR:
|
1085
|
+
\fIDefault\fR: \fBpuppet:///locales\fR
|
1072
1086
|
.
|
1073
1087
|
.IP "" 0
|
1074
1088
|
.
|
@@ -1100,22 +1114,23 @@ emerg
|
|
1100
1114
|
crit
|
1101
1115
|
.
|
1102
1116
|
.IP "\(bu" 4
|
1103
|
-
\fIDefault\fR:
|
1117
|
+
\fIDefault\fR: \fBnotice\fR
|
1104
1118
|
.
|
1105
1119
|
.IP "" 0
|
1106
1120
|
.
|
1107
1121
|
.SS "logdest"
|
1108
1122
|
Where to send log messages\. Choose between \'syslog\' (the POSIX syslog service), \'eventlog\' (the Windows Event Log), \'console\', or the path to a log file\. Multiple destinations can be set using a comma separated list (eg: \fB/path/file1,console,/path/file2\fR)
|
1109
1123
|
.
|
1110
|
-
.
|
1111
|
-
\fIDefault\fR:
|
1112
|
-
|
1124
|
+
.IP "\(bu" 4
|
1125
|
+
\fIDefault\fR: ``
|
1126
|
+
.
|
1127
|
+
.IP "" 0
|
1113
1128
|
.
|
1114
1129
|
.SS "logdir"
|
1115
1130
|
The directory in which to store log files
|
1116
1131
|
.
|
1117
1132
|
.IP "\(bu" 4
|
1118
|
-
\fIDefault\fR:
|
1133
|
+
\fIDefault\fR: \fBUnix/Linux: /var/log/puppetlabs/puppet \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\evar\elog \-\- Non\-root user: ~/\.puppetlabs/var/log\fR
|
1119
1134
|
.
|
1120
1135
|
.IP "" 0
|
1121
1136
|
.
|
@@ -1123,7 +1138,7 @@ The directory in which to store log files
|
|
1123
1138
|
Whether Puppet should manage the owner, group, and mode of files it uses internally\. \fBNote\fR: For Windows agents, the default is \fBfalse\fR for versions 4\.10\.13 and greater, versions 5\.5\.6 and greater, and versions 6\.0 and greater\.
|
1124
1139
|
.
|
1125
1140
|
.IP "\(bu" 4
|
1126
|
-
\fIDefault\fR:
|
1141
|
+
\fIDefault\fR: \fBtrue\fR
|
1127
1142
|
.
|
1128
1143
|
.IP "" 0
|
1129
1144
|
.
|
@@ -1133,15 +1148,16 @@ The entry\-point manifest for puppet master\. This can be one file or a director
|
|
1133
1148
|
.P
|
1134
1149
|
Setting a global value for \fBmanifest\fR in puppet\.conf is not allowed (but it can be overridden from the commandline)\. Please use directory environments instead\. If you need to use something other than the environment\'s \fBmanifests\fR directory as the main manifest, you can set \fBmanifest\fR in environment\.conf\. For more info, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
|
1135
1150
|
.
|
1136
|
-
.
|
1137
|
-
\fIDefault\fR:
|
1138
|
-
|
1151
|
+
.IP "\(bu" 4
|
1152
|
+
\fIDefault\fR: ``
|
1153
|
+
.
|
1154
|
+
.IP "" 0
|
1139
1155
|
.
|
1140
1156
|
.SS "masterport"
|
1141
1157
|
The default port puppet subcommands use to communicate with Puppet Server\. (eg \fBpuppet facts upload\fR, \fBpuppet agent\fR)\. May be overridden by more specific settings (see \fBca_port\fR, \fBreport_port\fR)\.
|
1142
1158
|
.
|
1143
1159
|
.IP "\(bu" 4
|
1144
|
-
\fIDefault\fR:
|
1160
|
+
\fIDefault\fR: \fB8140\fR
|
1145
1161
|
.
|
1146
1162
|
.IP "" 0
|
1147
1163
|
.
|
@@ -1149,7 +1165,7 @@ The default port puppet subcommands use to communicate with Puppet Server\. (eg
|
|
1149
1165
|
Sets the max number of logged/displayed parser validation deprecation warnings in case multiple deprecation warnings have been detected\. A value of 0 blocks the logging of deprecation warnings\. The count is per manifest\.
|
1150
1166
|
.
|
1151
1167
|
.IP "\(bu" 4
|
1152
|
-
\fIDefault\fR:
|
1168
|
+
\fIDefault\fR: \fB10\fR
|
1153
1169
|
.
|
1154
1170
|
.IP "" 0
|
1155
1171
|
.
|
@@ -1157,7 +1173,7 @@ Sets the max number of logged/displayed parser validation deprecation warnings i
|
|
1157
1173
|
Sets the max number of logged/displayed parser validation errors in case multiple errors have been detected\. A value of 0 is the same as a value of 1; a minimum of one error is always raised\. The count is per manifest\.
|
1158
1174
|
.
|
1159
1175
|
.IP "\(bu" 4
|
1160
|
-
\fIDefault\fR:
|
1176
|
+
\fIDefault\fR: \fB10\fR
|
1161
1177
|
.
|
1162
1178
|
.IP "" 0
|
1163
1179
|
.
|
@@ -1165,7 +1181,7 @@ Sets the max number of logged/displayed parser validation errors in case multipl
|
|
1165
1181
|
Sets the max number of logged/displayed parser validation warnings in case multiple warnings have been detected\. A value of 0 blocks logging of warnings\. The count is per manifest\.
|
1166
1182
|
.
|
1167
1183
|
.IP "\(bu" 4
|
1168
|
-
\fIDefault\fR:
|
1184
|
+
\fIDefault\fR: \fB10\fR
|
1169
1185
|
.
|
1170
1186
|
.IP "" 0
|
1171
1187
|
.
|
@@ -1173,7 +1189,7 @@ Sets the max number of logged/displayed parser validation warnings in case multi
|
|
1173
1189
|
The maximum allowed UID\. Some platforms use negative UIDs but then ship with tools that do not know how to handle signed ints, so the UIDs show up as huge numbers that can then not be fed back into the system\. This is a hackish way to fail in a slightly more useful way when that happens\.
|
1174
1190
|
.
|
1175
1191
|
.IP "\(bu" 4
|
1176
|
-
\fIDefault\fR:
|
1192
|
+
\fIDefault\fR: \fB4294967290\fR
|
1177
1193
|
.
|
1178
1194
|
.IP "" 0
|
1179
1195
|
.
|
@@ -1181,7 +1197,7 @@ The maximum allowed UID\. Some platforms use negative UIDs but then ship with to
|
|
1181
1197
|
The maximum amount of time the Puppet agent should wait for its certificate request to be signed\. A value of \fBunlimited\fR will cause puppet agent to ask for a signed certificate indefinitely\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
1182
1198
|
.
|
1183
1199
|
.IP "\(bu" 4
|
1184
|
-
\fIDefault\fR:
|
1200
|
+
\fIDefault\fR: \fBunlimited\fR
|
1185
1201
|
.
|
1186
1202
|
.IP "" 0
|
1187
1203
|
.
|
@@ -1189,7 +1205,7 @@ The maximum amount of time the Puppet agent should wait for its certificate requ
|
|
1189
1205
|
The maximum amount of time the puppet agent should wait for an already running puppet agent to finish before starting a new one\. This is set by default to 1 minute\. A value of \fBunlimited\fR will cause puppet agent to wait indefinitely\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
1190
1206
|
.
|
1191
1207
|
.IP "\(bu" 4
|
1192
|
-
\fIDefault\fR:
|
1208
|
+
\fIDefault\fR: \fB1m\fR
|
1193
1209
|
.
|
1194
1210
|
.IP "" 0
|
1195
1211
|
.
|
@@ -1203,7 +1219,7 @@ When a class has a failed dependency, every resource in the class generates a no
|
|
1203
1219
|
If true, all messages caused by a class dependency failure are merged into one message associated with the class\.
|
1204
1220
|
.
|
1205
1221
|
.IP "\(bu" 4
|
1206
|
-
\fIDefault\fR:
|
1222
|
+
\fIDefault\fR: \fBfalse\fR
|
1207
1223
|
.
|
1208
1224
|
.IP "" 0
|
1209
1225
|
.
|
@@ -1211,22 +1227,23 @@ If true, all messages caused by a class dependency failure are merged into one m
|
|
1211
1227
|
Whether to create the necessary user and group that puppet agent will run as\.
|
1212
1228
|
.
|
1213
1229
|
.IP "\(bu" 4
|
1214
|
-
\fIDefault\fR:
|
1230
|
+
\fIDefault\fR: \fBfalse\fR
|
1215
1231
|
.
|
1216
1232
|
.IP "" 0
|
1217
1233
|
.
|
1218
1234
|
.SS "module_groups"
|
1219
1235
|
Extra module groups to request from the Puppet Forge\. This is an internal setting, and users should never change it\.
|
1220
1236
|
.
|
1221
|
-
.
|
1222
|
-
\fIDefault\fR:
|
1223
|
-
|
1237
|
+
.IP "\(bu" 4
|
1238
|
+
\fIDefault\fR: ``
|
1239
|
+
.
|
1240
|
+
.IP "" 0
|
1224
1241
|
.
|
1225
1242
|
.SS "module_repository"
|
1226
1243
|
The module repository
|
1227
1244
|
.
|
1228
1245
|
.IP "\(bu" 4
|
1229
|
-
\fIDefault\fR:
|
1246
|
+
\fIDefault\fR: \fBhttps://forgeapi\.puppet\.com\fR
|
1230
1247
|
.
|
1231
1248
|
.IP "" 0
|
1232
1249
|
.
|
@@ -1234,7 +1251,7 @@ The module repository
|
|
1234
1251
|
The directory into which module tool data is stored
|
1235
1252
|
.
|
1236
1253
|
.IP "\(bu" 4
|
1237
|
-
\fIDefault\fR: $vardir/puppet\-module
|
1254
|
+
\fIDefault\fR: \fB$vardir/puppet\-module\fR
|
1238
1255
|
.
|
1239
1256
|
.IP "" 0
|
1240
1257
|
.
|
@@ -1247,15 +1264,16 @@ Setting a global value for \fBmodulepath\fR in puppet\.conf is not allowed (but
|
|
1247
1264
|
.SS "name"
|
1248
1265
|
The name of the application, if we are running as one\. The default is essentially $0 without the path or \fB\.rb\fR\.
|
1249
1266
|
.
|
1250
|
-
.
|
1251
|
-
\fIDefault\fR:
|
1252
|
-
|
1267
|
+
.IP "\(bu" 4
|
1268
|
+
\fIDefault\fR: ``
|
1269
|
+
.
|
1270
|
+
.IP "" 0
|
1253
1271
|
.
|
1254
1272
|
.SS "named_curve"
|
1255
1273
|
The short name for the EC curve used to generate the EC private key\. Valid values must be one of the curves in \fBOpenSSL::PKey::EC\.builtin_curves\fR\. Default is \fBprime256v1\fR\.
|
1256
1274
|
.
|
1257
1275
|
.IP "\(bu" 4
|
1258
|
-
\fIDefault\fR:
|
1276
|
+
\fIDefault\fR: \fBprime256v1\fR
|
1259
1277
|
.
|
1260
1278
|
.IP "" 0
|
1261
1279
|
.
|
@@ -1263,16 +1281,17 @@ The short name for the EC curve used to generate the EC private key\. Valid valu
|
|
1263
1281
|
List of host or domain names that should not go through \fBhttp_proxy_host\fR\. Environment variable no_proxy or NO_PROXY will override this value\. Names can be specified as an FQDN \fBhost\.example\.com\fR, wildcard \fB*\.example\.com\fR, dotted domain \fB\.example\.com\fR, or suffix \fBexample\.com\fR\.
|
1264
1282
|
.
|
1265
1283
|
.IP "\(bu" 4
|
1266
|
-
\fIDefault\fR:
|
1284
|
+
\fIDefault\fR: \fBlocalhost, 127\.0\.0\.1\fR
|
1267
1285
|
.
|
1268
1286
|
.IP "" 0
|
1269
1287
|
.
|
1270
1288
|
.SS "node_cache_terminus"
|
1271
1289
|
How to store cached nodes\. Valid values are (none), \'json\', \'msgpack\', or \'yaml\'\.
|
1272
1290
|
.
|
1273
|
-
.
|
1274
|
-
\fIDefault\fR:
|
1275
|
-
|
1291
|
+
.IP "\(bu" 4
|
1292
|
+
\fIDefault\fR: ``
|
1293
|
+
.
|
1294
|
+
.IP "" 0
|
1276
1295
|
.
|
1277
1296
|
.SS "node_name_fact"
|
1278
1297
|
The fact name used to determine the node name used for all requests the agent makes to the master\. WARNING: This setting is mutually exclusive with node_name_value\. Changing this setting also requires changes to Puppet Server\'s default auth\.conf \fIhttps://puppet\.com/docs/puppetserver/latest/config_file_auth\.html\fR\.
|
@@ -1281,7 +1300,7 @@ The fact name used to determine the node name used for all requests the agent ma
|
|
1281
1300
|
The explicit value used for the node name for all requests the agent makes to the master\. WARNING: This setting is mutually exclusive with node_name_fact\. Changing this setting also requires changes to Puppet Server\'s default auth\.conf \fIhttps://puppet\.com/docs/puppetserver/latest/config_file_auth\.html\fR\.
|
1282
1301
|
.
|
1283
1302
|
.IP "\(bu" 4
|
1284
|
-
\fIDefault\fR: $certname
|
1303
|
+
\fIDefault\fR: \fB$certname\fR
|
1285
1304
|
.
|
1286
1305
|
.IP "" 0
|
1287
1306
|
.
|
@@ -1315,7 +1334,7 @@ The three main node data plugins are:
|
|
1315
1334
|
\fBclassifier\fR (formerly \fBconsole\fR) \-\-\- Specific to Puppet Enterprise\. Uses the PE console for node data\."
|
1316
1335
|
.
|
1317
1336
|
.IP "\(bu" 4
|
1318
|
-
\fIDefault\fR:
|
1337
|
+
\fIDefault\fR: \fBplain\fR
|
1319
1338
|
.
|
1320
1339
|
.IP "" 0
|
1321
1340
|
.
|
@@ -1329,7 +1348,7 @@ When running in noop mode, Puppet will check whether each resource is in sync, l
|
|
1329
1348
|
\fBImportant note:\fR The \fBnoop\fR metaparameter \fIhttps://puppet\.com/docs/puppet/latest/metaparameter\.html#noop\fR allows you to apply individual resources in noop mode, and will override the global value of the \fBnoop\fR setting\. This means a resource with \fBnoop => false\fR \fIwill\fR be changed if necessary, even when running puppet agent with \fBnoop = true\fR or \fB\-\-noop\fR\. (Conversely, a resource with \fBnoop => true\fR will only be simulated, even when noop mode is globally disabled\.)
|
1330
1349
|
.
|
1331
1350
|
.IP "\(bu" 4
|
1332
|
-
\fIDefault\fR:
|
1351
|
+
\fIDefault\fR: \fBfalse\fR
|
1333
1352
|
.
|
1334
1353
|
.IP "" 0
|
1335
1354
|
.
|
@@ -1337,7 +1356,7 @@ When running in noop mode, Puppet will check whether each resource is in sync, l
|
|
1337
1356
|
Perform one configuration run and exit, rather than spawning a long\-running daemon\. This is useful for interactively running puppet agent, or running puppet agent from cron\.
|
1338
1357
|
.
|
1339
1358
|
.IP "\(bu" 4
|
1340
|
-
\fIDefault\fR:
|
1359
|
+
\fIDefault\fR: \fBfalse\fR
|
1341
1360
|
.
|
1342
1361
|
.IP "" 0
|
1343
1362
|
.
|
@@ -1345,7 +1364,7 @@ Perform one configuration run and exit, rather than spawning a long\-running dae
|
|
1345
1364
|
Where puppet agent stores the password for its private key\. Generally unused\.
|
1346
1365
|
.
|
1347
1366
|
.IP "\(bu" 4
|
1348
|
-
\fIDefault\fR: $privatedir/password
|
1367
|
+
\fIDefault\fR: \fB$privatedir/password\fR
|
1349
1368
|
.
|
1350
1369
|
.IP "" 0
|
1351
1370
|
.
|
@@ -1356,7 +1375,7 @@ The shell search path\. Defaults to whatever is inherited from the parent proces
|
|
1356
1375
|
This setting can only be set in the \fB[main]\fR section of puppet\.conf; it cannot be set in \fB[server]\fR, \fB[agent]\fR, or an environment config section\.
|
1357
1376
|
.
|
1358
1377
|
.IP "\(bu" 4
|
1359
|
-
\fIDefault\fR:
|
1378
|
+
\fIDefault\fR: \fBnone\fR
|
1360
1379
|
.
|
1361
1380
|
.IP "" 0
|
1362
1381
|
.
|
@@ -1364,7 +1383,7 @@ This setting can only be set in the \fB[main]\fR section of puppet\.conf; it can
|
|
1364
1383
|
The file containing the PID of a running process\. This file is intended to be used by service management frameworks and monitoring systems to determine if a puppet process is still in the process table\.
|
1365
1384
|
.
|
1366
1385
|
.IP "\(bu" 4
|
1367
|
-
\fIDefault\fR: $rundir/${run_mode}\.pid
|
1386
|
+
\fIDefault\fR: \fB$rundir/${run_mode}\.pid\fR
|
1368
1387
|
.
|
1369
1388
|
.IP "" 0
|
1370
1389
|
.
|
@@ -1372,7 +1391,7 @@ The file containing the PID of a running process\. This file is intended to be u
|
|
1372
1391
|
Where Puppet should store plugins that it pulls down from the central server\.
|
1373
1392
|
.
|
1374
1393
|
.IP "\(bu" 4
|
1375
|
-
\fIDefault\fR: $libdir
|
1394
|
+
\fIDefault\fR: \fB$libdir\fR
|
1376
1395
|
.
|
1377
1396
|
.IP "" 0
|
1378
1397
|
.
|
@@ -1380,7 +1399,7 @@ Where Puppet should store plugins that it pulls down from the central server\.
|
|
1380
1399
|
Where Puppet should store external facts that are being handled by pluginsync
|
1381
1400
|
.
|
1382
1401
|
.IP "\(bu" 4
|
1383
|
-
\fIDefault\fR: $vardir/facts\.d
|
1402
|
+
\fIDefault\fR: \fB$vardir/facts\.d\fR
|
1384
1403
|
.
|
1385
1404
|
.IP "" 0
|
1386
1405
|
.
|
@@ -1388,7 +1407,7 @@ Where Puppet should store external facts that are being handled by pluginsync
|
|
1388
1407
|
Where to retrieve external facts for pluginsync
|
1389
1408
|
.
|
1390
1409
|
.IP "\(bu" 4
|
1391
|
-
\fIDefault\fR:
|
1410
|
+
\fIDefault\fR: \fBpuppet:///pluginfacts\fR
|
1392
1411
|
.
|
1393
1412
|
.IP "" 0
|
1394
1413
|
.
|
@@ -1396,7 +1415,7 @@ Where to retrieve external facts for pluginsync
|
|
1396
1415
|
What files to ignore when pulling down plugins\.
|
1397
1416
|
.
|
1398
1417
|
.IP "\(bu" 4
|
1399
|
-
\fIDefault\fR: \.svn CVS \.git \.hg
|
1418
|
+
\fIDefault\fR: \fB\.svn CVS \.git \.hg\fR
|
1400
1419
|
.
|
1401
1420
|
.IP "" 0
|
1402
1421
|
.
|
@@ -1404,7 +1423,7 @@ What files to ignore when pulling down plugins\.
|
|
1404
1423
|
From where to retrieve plugins\. The standard Puppet \fBfile\fR type is used for retrieval, so anything that is a valid file source can be used here\.
|
1405
1424
|
.
|
1406
1425
|
.IP "\(bu" 4
|
1407
|
-
\fIDefault\fR:
|
1426
|
+
\fIDefault\fR: \fBpuppet:///plugins\fR
|
1408
1427
|
.
|
1409
1428
|
.IP "" 0
|
1410
1429
|
.
|
@@ -1412,7 +1431,7 @@ From where to retrieve plugins\. The standard Puppet \fBfile\fR type is used for
|
|
1412
1431
|
Whether plugins should be synced with the central server\. This setting is deprecated\.
|
1413
1432
|
.
|
1414
1433
|
.IP "\(bu" 4
|
1415
|
-
\fIDefault\fR:
|
1434
|
+
\fIDefault\fR: \fBtrue\fR
|
1416
1435
|
.
|
1417
1436
|
.IP "" 0
|
1418
1437
|
.
|
@@ -1423,7 +1442,7 @@ A command to run after every agent run\. If this command returns a non\-zero ret
|
|
1423
1442
|
The preferred means of serializing ruby instances for passing over the wire\. This won\'t guarantee that all instances will be serialized using this method, since not all classes can be guaranteed to support this format, but it will be used for all classes that support it\.
|
1424
1443
|
.
|
1425
1444
|
.IP "\(bu" 4
|
1426
|
-
\fIDefault\fR:
|
1445
|
+
\fIDefault\fR: \fBjson\fR
|
1427
1446
|
.
|
1428
1447
|
.IP "" 0
|
1429
1448
|
.
|
@@ -1434,22 +1453,23 @@ A command to run before every agent run\. If this command returns a non\-zero re
|
|
1434
1453
|
The directory where catalog previews per node are generated\.
|
1435
1454
|
.
|
1436
1455
|
.IP "\(bu" 4
|
1437
|
-
\fIDefault\fR: $vardir/preview
|
1456
|
+
\fIDefault\fR: \fB$vardir/preview\fR
|
1438
1457
|
.
|
1439
1458
|
.IP "" 0
|
1440
1459
|
.
|
1441
1460
|
.SS "priority"
|
1442
1461
|
The scheduling priority of the process\. Valid values are \'high\', \'normal\', \'low\', or \'idle\', which are mapped to platform\-specific values\. The priority can also be specified as an integer value and will be passed as is, e\.g\. \-5\. Puppet must be running as a privileged user in order to increase scheduling priority\.
|
1443
1462
|
.
|
1444
|
-
.
|
1445
|
-
\fIDefault\fR:
|
1446
|
-
|
1463
|
+
.IP "\(bu" 4
|
1464
|
+
\fIDefault\fR: ``
|
1465
|
+
.
|
1466
|
+
.IP "" 0
|
1447
1467
|
.
|
1448
1468
|
.SS "privatedir"
|
1449
1469
|
Where the client stores private certificate information\.
|
1450
1470
|
.
|
1451
1471
|
.IP "\(bu" 4
|
1452
|
-
\fIDefault\fR: $ssldir/private
|
1472
|
+
\fIDefault\fR: \fB$ssldir/private\fR
|
1453
1473
|
.
|
1454
1474
|
.IP "" 0
|
1455
1475
|
.
|
@@ -1457,7 +1477,7 @@ Where the client stores private certificate information\.
|
|
1457
1477
|
The private key directory\.
|
1458
1478
|
.
|
1459
1479
|
.IP "\(bu" 4
|
1460
|
-
\fIDefault\fR: $ssldir/private_keys
|
1480
|
+
\fIDefault\fR: \fB$ssldir/private_keys\fR
|
1461
1481
|
.
|
1462
1482
|
.IP "" 0
|
1463
1483
|
.
|
@@ -1465,7 +1485,7 @@ The private key directory\.
|
|
1465
1485
|
Whether to enable experimental performance profiling
|
1466
1486
|
.
|
1467
1487
|
.IP "\(bu" 4
|
1468
|
-
\fIDefault\fR:
|
1488
|
+
\fIDefault\fR: \fBfalse\fR
|
1469
1489
|
.
|
1470
1490
|
.IP "" 0
|
1471
1491
|
.
|
@@ -1473,7 +1493,7 @@ Whether to enable experimental performance profiling
|
|
1473
1493
|
Where Puppet stores public files\.
|
1474
1494
|
.
|
1475
1495
|
.IP "\(bu" 4
|
1476
|
-
\fIDefault\fR:
|
1496
|
+
\fIDefault\fR: \fBUnix/Linux: /opt/puppetlabs/puppet/public \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\epublic \-\- Non\-root user: ~/\.puppetlabs/opt/puppet/public\fR
|
1477
1497
|
.
|
1478
1498
|
.IP "" 0
|
1479
1499
|
.
|
@@ -1481,7 +1501,7 @@ Where Puppet stores public files\.
|
|
1481
1501
|
The public key directory\.
|
1482
1502
|
.
|
1483
1503
|
.IP "\(bu" 4
|
1484
|
-
\fIDefault\fR: $ssldir/public_keys
|
1504
|
+
\fIDefault\fR: \fB$ssldir/public_keys\fR
|
1485
1505
|
.
|
1486
1506
|
.IP "" 0
|
1487
1507
|
.
|
@@ -1489,7 +1509,7 @@ The public key directory\.
|
|
1489
1509
|
Whether to print the Puppet stack trace on some errors\. This is a noop if \fBtrace\fR is also set\.
|
1490
1510
|
.
|
1491
1511
|
.IP "\(bu" 4
|
1492
|
-
\fIDefault\fR:
|
1512
|
+
\fIDefault\fR: \fBfalse\fR
|
1493
1513
|
.
|
1494
1514
|
.IP "" 0
|
1495
1515
|
.
|
@@ -1503,7 +1523,7 @@ Despite the name, both puppet agent and puppet master will use this file as the
|
|
1503
1523
|
For control over logging destinations, see the \fB\-\-logdest\fR command line option in the manual pages for puppet master, puppet agent, and puppet apply\. You can see man pages by running \fBpuppet <SUBCOMMAND> \-\-help\fR, or read them online at https://puppet\.com/docs/puppet/latest/man/\.
|
1504
1524
|
.
|
1505
1525
|
.IP "\(bu" 4
|
1506
|
-
\fIDefault\fR: $logdir/puppetd\.log
|
1526
|
+
\fIDefault\fR: \fB$logdir/puppetd\.log\fR
|
1507
1527
|
.
|
1508
1528
|
.IP "" 0
|
1509
1529
|
.
|
@@ -1511,7 +1531,7 @@ For control over logging destinations, see the \fB\-\-logdest\fR command line op
|
|
1511
1531
|
Whether to send reports after every transaction\.
|
1512
1532
|
.
|
1513
1533
|
.IP "\(bu" 4
|
1514
|
-
\fIDefault\fR:
|
1534
|
+
\fIDefault\fR: \fBtrue\fR
|
1515
1535
|
.
|
1516
1536
|
.IP "" 0
|
1517
1537
|
.
|
@@ -1519,7 +1539,7 @@ Whether to send reports after every transaction\.
|
|
1519
1539
|
Whether the \'http\' report processor should include the system certificate store when submitting reports to HTTPS URLs\. If false, then the \'http\' processor will only trust HTTPS report servers whose certificates are issued by the puppet CA or one of its intermediate CAs\. If true, the processor will additionally trust CA certificates in the system\'s certificate store\.
|
1520
1540
|
.
|
1521
1541
|
.IP "\(bu" 4
|
1522
|
-
\fIDefault\fR:
|
1542
|
+
\fIDefault\fR: \fBfalse\fR
|
1523
1543
|
.
|
1524
1544
|
.IP "" 0
|
1525
1545
|
.
|
@@ -1527,7 +1547,7 @@ Whether the \'http\' report processor should include the system certificate stor
|
|
1527
1547
|
The port to communicate with the report_server\.
|
1528
1548
|
.
|
1529
1549
|
.IP "\(bu" 4
|
1530
|
-
\fIDefault\fR: $serverport
|
1550
|
+
\fIDefault\fR: \fB$serverport\fR
|
1531
1551
|
.
|
1532
1552
|
.IP "" 0
|
1533
1553
|
.
|
@@ -1535,7 +1555,7 @@ The port to communicate with the report_server\.
|
|
1535
1555
|
The server to send transaction reports to\.
|
1536
1556
|
.
|
1537
1557
|
.IP "\(bu" 4
|
1538
|
-
\fIDefault\fR: $server
|
1558
|
+
\fIDefault\fR: \fB$server\fR
|
1539
1559
|
.
|
1540
1560
|
.IP "" 0
|
1541
1561
|
.
|
@@ -1543,7 +1563,7 @@ The server to send transaction reports to\.
|
|
1543
1563
|
The directory in which to store reports\. Each node gets a separate subdirectory in this directory\. This setting is only used when the \fBstore\fR report processor is enabled (see the \fBreports\fR setting)\.
|
1544
1564
|
.
|
1545
1565
|
.IP "\(bu" 4
|
1546
|
-
\fIDefault\fR: $vardir/reports
|
1566
|
+
\fIDefault\fR: \fB$vardir/reports\fR
|
1547
1567
|
.
|
1548
1568
|
.IP "" 0
|
1549
1569
|
.
|
@@ -1557,7 +1577,7 @@ This setting is relevant to puppet master and puppet apply\. The puppet master w
|
|
1557
1577
|
See the report reference for information on the built\-in report handlers; custom report handlers can also be loaded from modules\. (Report handlers are loaded from the lib directory, at \fBpuppet/reports/NAME\.rb\fR\.)
|
1558
1578
|
.
|
1559
1579
|
.IP "\(bu" 4
|
1560
|
-
\fIDefault\fR:
|
1580
|
+
\fIDefault\fR: \fBstore\fR
|
1561
1581
|
.
|
1562
1582
|
.IP "" 0
|
1563
1583
|
.
|
@@ -1565,7 +1585,7 @@ See the report reference for information on the built\-in report handlers; custo
|
|
1565
1585
|
The URL that reports should be forwarded to\. This setting is only used when the \fBhttp\fR report processor is enabled (see the \fBreports\fR setting)\.
|
1566
1586
|
.
|
1567
1587
|
.IP "\(bu" 4
|
1568
|
-
\fIDefault\fR:
|
1588
|
+
\fIDefault\fR: \fBhttp://localhost:3000/reports/upload\fR
|
1569
1589
|
.
|
1570
1590
|
.IP "" 0
|
1571
1591
|
.
|
@@ -1573,7 +1593,7 @@ The URL that reports should be forwarded to\. This setting is only used when the
|
|
1573
1593
|
Where host certificate requests are stored\.
|
1574
1594
|
.
|
1575
1595
|
.IP "\(bu" 4
|
1576
|
-
\fIDefault\fR: $ssldir/certificate_requests
|
1596
|
+
\fIDefault\fR: \fB$ssldir/certificate_requests\fR
|
1577
1597
|
.
|
1578
1598
|
.IP "" 0
|
1579
1599
|
.
|
@@ -1581,7 +1601,7 @@ Where host certificate requests are stored\.
|
|
1581
1601
|
The file in which puppet agent stores a list of the resources associated with the retrieved configuration\.
|
1582
1602
|
.
|
1583
1603
|
.IP "\(bu" 4
|
1584
|
-
\fIDefault\fR: $statedir/resources\.txt
|
1604
|
+
\fIDefault\fR: \fB$statedir/resources\.txt\fR
|
1585
1605
|
.
|
1586
1606
|
.IP "" 0
|
1587
1607
|
.
|
@@ -1589,7 +1609,7 @@ The file in which puppet agent stores a list of the resources associated with th
|
|
1589
1609
|
Whether to send updated facts after every transaction\. By default puppet only submits facts at the beginning of the transaction before applying a catalog\. Since puppet can modify the state of the system, the value of the facts may change after puppet finishes\. Therefore, any facts stored in puppetdb may not be consistent until the agent next runs, typically in 30 minutes\. If this feature is enabled, puppet will resubmit facts after applying its catalog, ensuring facts for the node stored in puppetdb are current\. However, this will double the fact submission load on puppetdb, so it is disabled by default\.
|
1590
1610
|
.
|
1591
1611
|
.IP "\(bu" 4
|
1592
|
-
\fIDefault\fR:
|
1612
|
+
\fIDefault\fR: \fBfalse\fR
|
1593
1613
|
.
|
1594
1614
|
.IP "" 0
|
1595
1615
|
.
|
@@ -1597,7 +1617,7 @@ Whether to send updated facts after every transaction\. By default puppet only s
|
|
1597
1617
|
Enables having extended data in the catalog by storing them as a hash with the special key \fB__ptype\fR\. When enabled, resource containing values of the data types \fBBinary\fR, \fBRegexp\fR, \fBSemVer\fR, \fBSemVerRange\fR, \fBTimespan\fR and \fBTimestamp\fR, as well as instances of types derived from \fBObject\fR retain their data type\.
|
1598
1618
|
.
|
1599
1619
|
.IP "\(bu" 4
|
1600
|
-
\fIDefault\fR:
|
1620
|
+
\fIDefault\fR: \fBtrue\fR
|
1601
1621
|
.
|
1602
1622
|
.IP "" 0
|
1603
1623
|
.
|
@@ -1605,7 +1625,7 @@ Enables having extended data in the catalog by storing them as a hash with the s
|
|
1605
1625
|
The YAML file containing indirector route configuration\.
|
1606
1626
|
.
|
1607
1627
|
.IP "\(bu" 4
|
1608
|
-
\fIDefault\fR: $confdir/routes\.yaml
|
1628
|
+
\fIDefault\fR: \fB$confdir/routes\.yaml\fR
|
1609
1629
|
.
|
1610
1630
|
.IP "" 0
|
1611
1631
|
.
|
@@ -1613,7 +1633,7 @@ The YAML file containing indirector route configuration\.
|
|
1613
1633
|
Where Puppet PID files are kept\.
|
1614
1634
|
.
|
1615
1635
|
.IP "\(bu" 4
|
1616
|
-
\fIDefault\fR:
|
1636
|
+
\fIDefault\fR: \fBUnix/Linux: /var/run/puppetlabs \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\evar\erun \-\- Non\-root user: ~/\.puppetlabs/var/run\fR
|
1617
1637
|
.
|
1618
1638
|
.IP "" 0
|
1619
1639
|
.
|
@@ -1621,7 +1641,7 @@ Where Puppet PID files are kept\.
|
|
1621
1641
|
How often puppet agent applies the catalog\. Note that a runinterval of 0 means "run continuously" rather than "never run\." This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
1622
1642
|
.
|
1623
1643
|
.IP "\(bu" 4
|
1624
|
-
\fIDefault\fR:
|
1644
|
+
\fIDefault\fR: \fB30m\fR
|
1625
1645
|
.
|
1626
1646
|
.IP "" 0
|
1627
1647
|
.
|
@@ -1629,7 +1649,7 @@ How often puppet agent applies the catalog\. Note that a runinterval of 0 means
|
|
1629
1649
|
The maximum amount of time an agent run is allowed to take\. A Puppet agent run that exceeds this timeout will be aborted\. A value of 0 disables the timeout\. Defaults to 1 hour\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
1630
1650
|
.
|
1631
1651
|
.IP "\(bu" 4
|
1632
|
-
\fIDefault\fR:
|
1652
|
+
\fIDefault\fR: \fB1h\fR
|
1633
1653
|
.
|
1634
1654
|
.IP "" 0
|
1635
1655
|
.
|
@@ -1637,7 +1657,7 @@ The maximum amount of time an agent run is allowed to take\. A Puppet agent run
|
|
1637
1657
|
Where the serial number for certificates is stored\.
|
1638
1658
|
.
|
1639
1659
|
.IP "\(bu" 4
|
1640
|
-
\fIDefault\fR: $cadir/serial
|
1660
|
+
\fIDefault\fR: \fB$cadir/serial\fR
|
1641
1661
|
.
|
1642
1662
|
.IP "" 0
|
1643
1663
|
.
|
@@ -1645,7 +1665,7 @@ Where the serial number for certificates is stored\.
|
|
1645
1665
|
The puppet master server to which the puppet agent should connect\.
|
1646
1666
|
.
|
1647
1667
|
.IP "\(bu" 4
|
1648
|
-
\fIDefault\fR:
|
1668
|
+
\fIDefault\fR: \fBpuppet\fR
|
1649
1669
|
.
|
1650
1670
|
.IP "" 0
|
1651
1671
|
.
|
@@ -1653,7 +1673,7 @@ The puppet master server to which the puppet agent should connect\.
|
|
1653
1673
|
The directory in which serialized data is stored, usually in a subdirectory\.
|
1654
1674
|
.
|
1655
1675
|
.IP "\(bu" 4
|
1656
|
-
\fIDefault\fR: $vardir/server_data
|
1676
|
+
\fIDefault\fR: \fB$vardir/server_data\fR
|
1657
1677
|
.
|
1658
1678
|
.IP "" 0
|
1659
1679
|
.
|
@@ -1661,7 +1681,7 @@ The directory in which serialized data is stored, usually in a subdirectory\.
|
|
1661
1681
|
The list of Puppet master servers to which the Puppet agent should connect, in the order that they will be tried\. Each value should be a fully qualified domain name, followed by an optional \':\' and port number\. If a port is omitted, Puppet uses masterport for that host\.
|
1662
1682
|
.
|
1663
1683
|
.IP "\(bu" 4
|
1664
|
-
\fIDefault\fR: []
|
1684
|
+
\fIDefault\fR: \fB[]\fR
|
1665
1685
|
.
|
1666
1686
|
.IP "" 0
|
1667
1687
|
.
|
@@ -1669,7 +1689,7 @@ The list of Puppet master servers to which the Puppet agent should connect, in t
|
|
1669
1689
|
The default port puppet subcommands use to communicate with Puppet Server\. (eg \fBpuppet facts upload\fR, \fBpuppet agent\fR)\. May be overridden by more specific settings (see \fBca_port\fR, \fBreport_port\fR)\.
|
1670
1690
|
.
|
1671
1691
|
.IP "\(bu" 4
|
1672
|
-
\fIDefault\fR:
|
1692
|
+
\fIDefault\fR: \fB8140\fR
|
1673
1693
|
.
|
1674
1694
|
.IP "" 0
|
1675
1695
|
.
|
@@ -1677,7 +1697,7 @@ The default port puppet subcommands use to communicate with Puppet Server\. (eg
|
|
1677
1697
|
Whether to compile and apply the settings catalog
|
1678
1698
|
.
|
1679
1699
|
.IP "\(bu" 4
|
1680
|
-
\fIDefault\fR:
|
1700
|
+
\fIDefault\fR: \fBtrue\fR
|
1681
1701
|
.
|
1682
1702
|
.IP "" 0
|
1683
1703
|
.
|
@@ -1685,7 +1705,7 @@ Whether to compile and apply the settings catalog
|
|
1685
1705
|
Whether to log and report a contextual diff when files are being replaced\. This causes partial file contents to pass through Puppet\'s normal logging and reporting system, so this setting should be used with caution if you are sending Puppet\'s reports to an insecure destination\. This feature currently requires the \fBdiff/lcs\fR Ruby library\.
|
1686
1706
|
.
|
1687
1707
|
.IP "\(bu" 4
|
1688
|
-
\fIDefault\fR:
|
1708
|
+
\fIDefault\fR: \fBfalse\fR
|
1689
1709
|
.
|
1690
1710
|
.IP "" 0
|
1691
1711
|
.
|
@@ -1693,7 +1713,7 @@ Whether to log and report a contextual diff when files are being replaced\. This
|
|
1693
1713
|
Where the CA stores signed certificates\.
|
1694
1714
|
.
|
1695
1715
|
.IP "\(bu" 4
|
1696
|
-
\fIDefault\fR: $cadir/signed
|
1716
|
+
\fIDefault\fR: \fB$cadir/signed\fR
|
1697
1717
|
.
|
1698
1718
|
.IP "" 0
|
1699
1719
|
.
|
@@ -1703,9 +1723,10 @@ Tags to use to filter resources\. If this is set, then only resources not tagged
|
|
1703
1723
|
.SS "sourceaddress"
|
1704
1724
|
The address the agent should use to initiate requests\.
|
1705
1725
|
.
|
1706
|
-
.
|
1707
|
-
\fIDefault\fR:
|
1708
|
-
|
1726
|
+
.IP "\(bu" 4
|
1727
|
+
\fIDefault\fR: ``
|
1728
|
+
.
|
1729
|
+
.IP "" 0
|
1709
1730
|
.
|
1710
1731
|
.SS "splay"
|
1711
1732
|
Whether to sleep for a random amount of time, ranging from immediately up to its \fB$splaylimit\fR, before performing its first agent run after a service restart\. After this period, the agent runs periodically on its \fB$runinterval\fR\.
|
@@ -1720,7 +1741,7 @@ With \fBsplay\fR enabled, it waits any amount of time up to its \fB$splaylimit\f
|
|
1720
1741
|
If you restart an agent\'s puppet service with \fBsplay\fR enabled, it recalculates its splay period and delays its first agent run after restarting for this new period\. If you simultaneously restart a group of puppet agents with \fBsplay\fR enabled, their checkins to your puppet masters can be distributed more evenly\.
|
1721
1742
|
.
|
1722
1743
|
.IP "\(bu" 4
|
1723
|
-
\fIDefault\fR:
|
1744
|
+
\fIDefault\fR: \fBfalse\fR
|
1724
1745
|
.
|
1725
1746
|
.IP "" 0
|
1726
1747
|
.
|
@@ -1728,7 +1749,7 @@ If you restart an agent\'s puppet service with \fBsplay\fR enabled, it recalcula
|
|
1728
1749
|
The maximum time to delay before an agent\'s first run when \fBsplay\fR is enabled\. Defaults to the agent\'s \fB$runinterval\fR\. The \fBsplay\fR interval is random and recalculated each time the agent is started or restarted\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
1729
1750
|
.
|
1730
1751
|
.IP "\(bu" 4
|
1731
|
-
\fIDefault\fR: $runinterval
|
1752
|
+
\fIDefault\fR: \fB$runinterval\fR
|
1732
1753
|
.
|
1733
1754
|
.IP "" 0
|
1734
1755
|
.
|
@@ -1736,7 +1757,7 @@ The maximum time to delay before an agent\'s first run when \fBsplay\fR is enabl
|
|
1736
1757
|
The domain which will be queried to find the SRV records of servers to use\.
|
1737
1758
|
.
|
1738
1759
|
.IP "\(bu" 4
|
1739
|
-
\fIDefault\fR:
|
1760
|
+
\fIDefault\fR: \fBci\-jenkins\-setup\-platform\.svc\.cluster\.local\fR
|
1740
1761
|
.
|
1741
1762
|
.IP "" 0
|
1742
1763
|
.
|
@@ -1747,7 +1768,7 @@ The header containing an authenticated client\'s SSL DN\. This header must be se
|
|
1747
1768
|
Note that the name of the HTTP header gets munged by the web server common gateway interface: an \fBHTTP_\fR prefix is added, dashes are converted to underscores, and all letters are uppercased\. Thus, to use the \fBX\-Client\-DN\fR header, this setting should be \fBHTTP_X_CLIENT_DN\fR\.
|
1748
1769
|
.
|
1749
1770
|
.IP "\(bu" 4
|
1750
|
-
\fIDefault\fR:
|
1771
|
+
\fIDefault\fR: \fBHTTP_X_CLIENT_DN\fR
|
1751
1772
|
.
|
1752
1773
|
.IP "" 0
|
1753
1774
|
.
|
@@ -1758,7 +1779,7 @@ The header containing the status message of the client verification\. This heade
|
|
1758
1779
|
Note that the name of the HTTP header gets munged by the web server common gateway interface: an \fBHTTP_\fR prefix is added, dashes are converted to underscores, and all letters are uppercased\. Thus, to use the \fBX\-Client\-Verify\fR header, this setting should be \fBHTTP_X_CLIENT_VERIFY\fR\.
|
1759
1780
|
.
|
1760
1781
|
.IP "\(bu" 4
|
1761
|
-
\fIDefault\fR:
|
1782
|
+
\fIDefault\fR: \fBHTTP_X_CLIENT_VERIFY\fR
|
1762
1783
|
.
|
1763
1784
|
.IP "" 0
|
1764
1785
|
.
|
@@ -1766,22 +1787,23 @@ Note that the name of the HTTP header gets munged by the web server common gatew
|
|
1766
1787
|
A lock file to indicate that the ssl bootstrap process is currently in progress\.
|
1767
1788
|
.
|
1768
1789
|
.IP "\(bu" 4
|
1769
|
-
\fIDefault\fR: $ssldir/ssl\.lock
|
1790
|
+
\fIDefault\fR: \fB$ssldir/ssl\.lock\fR
|
1770
1791
|
.
|
1771
1792
|
.IP "" 0
|
1772
1793
|
.
|
1773
1794
|
.SS "ssl_trust_store"
|
1774
1795
|
A file containing CA certificates in PEM format that puppet should trust when making HTTPS requests\. This \fBonly\fR applies to https requests to non\-puppet infrastructure, such as retrieving file metadata and content from https file sources, puppet module tool and the \'http\' report processor\. This setting is ignored when making requests to puppet:// URLs such as catalog and report requests\.
|
1775
1796
|
.
|
1776
|
-
.
|
1777
|
-
\fIDefault\fR:
|
1778
|
-
|
1797
|
+
.IP "\(bu" 4
|
1798
|
+
\fIDefault\fR: ``
|
1799
|
+
.
|
1800
|
+
.IP "" 0
|
1779
1801
|
.
|
1780
1802
|
.SS "ssldir"
|
1781
1803
|
Where SSL certificates are kept\.
|
1782
1804
|
.
|
1783
1805
|
.IP "\(bu" 4
|
1784
|
-
\fIDefault\fR: $confdir/ssl
|
1806
|
+
\fIDefault\fR: \fB$confdir/ssl\fR
|
1785
1807
|
.
|
1786
1808
|
.IP "" 0
|
1787
1809
|
.
|
@@ -1789,7 +1811,7 @@ Where SSL certificates are kept\.
|
|
1789
1811
|
The directory where Puppet state is stored\. Generally, this directory can be removed without causing harm (although it might result in spurious service restarts)\.
|
1790
1812
|
.
|
1791
1813
|
.IP "\(bu" 4
|
1792
|
-
\fIDefault\fR: $vardir/state
|
1814
|
+
\fIDefault\fR: \fB$vardir/state\fR
|
1793
1815
|
.
|
1794
1816
|
.IP "" 0
|
1795
1817
|
.
|
@@ -1797,7 +1819,7 @@ The directory where Puppet state is stored\. Generally, this directory can be re
|
|
1797
1819
|
Where puppet agent and puppet master store state associated with the running configuration\. In the case of puppet master, this file reflects the state discovered through interacting with clients\.
|
1798
1820
|
.
|
1799
1821
|
.IP "\(bu" 4
|
1800
|
-
\fIDefault\fR: $statedir/state\.yaml
|
1822
|
+
\fIDefault\fR: \fB$statedir/state\.yaml\fR
|
1801
1823
|
.
|
1802
1824
|
.IP "" 0
|
1803
1825
|
.
|
@@ -1808,7 +1830,7 @@ How long the Puppet agent should cache when a resource was last checked or synce
|
|
1808
1830
|
This setting affects the usage of \fBschedule\fR resources, as the information about when a resource was last checked (and therefore when it needs to be checked again) is stored in the \fBstatefile\fR\. The \fBstatettl\fR needs to be large enough to ensure that a resource will not trigger multiple times during a schedule due to its entry expiring from the cache\.
|
1809
1831
|
.
|
1810
1832
|
.IP "\(bu" 4
|
1811
|
-
\fIDefault\fR:
|
1833
|
+
\fIDefault\fR: \fB32d\fR
|
1812
1834
|
.
|
1813
1835
|
.IP "" 0
|
1814
1836
|
.
|
@@ -1816,7 +1838,7 @@ This setting affects the usage of \fBschedule\fR resources, as the information a
|
|
1816
1838
|
Whether to compile a static catalog \fIhttps://puppet\.com/docs/puppet/latest/static_catalogs\.html#enabling\-or\-disabling\-static\-catalogs\fR, which occurs only on a Puppet Server master when the \fBcode\-id\-command\fR and \fBcode\-content\-command\fR settings are configured in its \fBpuppetserver\.conf\fR file\.
|
1817
1839
|
.
|
1818
1840
|
.IP "\(bu" 4
|
1819
|
-
\fIDefault\fR:
|
1841
|
+
\fIDefault\fR: \fBtrue\fR
|
1820
1842
|
.
|
1821
1843
|
.IP "" 0
|
1822
1844
|
.
|
@@ -1830,7 +1852,7 @@ By default this uses the \'puppetdb\' backend\.
|
|
1830
1852
|
You can adjust the backend using the storeconfigs_backend setting\.
|
1831
1853
|
.
|
1832
1854
|
.IP "\(bu" 4
|
1833
|
-
\fIDefault\fR:
|
1855
|
+
\fIDefault\fR: \fBfalse\fR
|
1834
1856
|
.
|
1835
1857
|
.IP "" 0
|
1836
1858
|
.
|
@@ -1838,7 +1860,7 @@ You can adjust the backend using the storeconfigs_backend setting\.
|
|
1838
1860
|
Configure the backend terminus used for StoreConfigs\. By default, this uses the PuppetDB store, which must be installed and configured before turning on StoreConfigs\.
|
1839
1861
|
.
|
1840
1862
|
.IP "\(bu" 4
|
1841
|
-
\fIDefault\fR:
|
1863
|
+
\fIDefault\fR: \fBpuppetdb\fR
|
1842
1864
|
.
|
1843
1865
|
.IP "" 0
|
1844
1866
|
.
|
@@ -1863,7 +1885,7 @@ The strictness level is for both language semantics and runtime evaluation valid
|
|
1863
1885
|
No new validations will be added to a micro (x\.y\.z) release, but may be added in minor releases (x\.y\.0)\. In major releases it expected that most (if not all) strictness validation become standard behavior\.
|
1864
1886
|
.
|
1865
1887
|
.IP "\(bu" 4
|
1866
|
-
\fIDefault\fR:
|
1888
|
+
\fIDefault\fR: \fBwarning\fR
|
1867
1889
|
.
|
1868
1890
|
.IP "" 0
|
1869
1891
|
.
|
@@ -1871,7 +1893,7 @@ No new validations will be added to a micro (x\.y\.z) release, but may be added
|
|
1871
1893
|
Whether the agent specified environment should be considered authoritative, causing the run to fail if the retrieved catalog does not match it\.
|
1872
1894
|
.
|
1873
1895
|
.IP "\(bu" 4
|
1874
|
-
\fIDefault\fR:
|
1896
|
+
\fIDefault\fR: \fBfalse\fR
|
1875
1897
|
.
|
1876
1898
|
.IP "" 0
|
1877
1899
|
.
|
@@ -1879,7 +1901,7 @@ Whether the agent specified environment should be considered authoritative, caus
|
|
1879
1901
|
Causes an evaluation error when referencing unknown variables\. (This does not affect referencing variables that are explicitly set to undef)\.
|
1880
1902
|
.
|
1881
1903
|
.IP "\(bu" 4
|
1882
|
-
\fIDefault\fR:
|
1904
|
+
\fIDefault\fR: \fBfalse\fR
|
1883
1905
|
.
|
1884
1906
|
.IP "" 0
|
1885
1907
|
.
|
@@ -1887,7 +1909,7 @@ Causes an evaluation error when referencing unknown variables\. (This does not a
|
|
1887
1909
|
Whether to print a transaction summary\.
|
1888
1910
|
.
|
1889
1911
|
.IP "\(bu" 4
|
1890
|
-
\fIDefault\fR:
|
1912
|
+
\fIDefault\fR: \fBfalse\fR
|
1891
1913
|
.
|
1892
1914
|
.IP "" 0
|
1893
1915
|
.
|
@@ -1895,7 +1917,7 @@ Whether to print a transaction summary\.
|
|
1895
1917
|
Checksum types supported by this agent for use in file resources of a static catalog\. Values must be comma\-separated\. Valid types are sha256, sha256lite, sha384, sha512, sha224, sha1, sha1lite, md5, md5lite, mtime, ctime\. Default is sha256, sha384, sha512, sha224, md5\.
|
1896
1918
|
.
|
1897
1919
|
.IP "\(bu" 4
|
1898
|
-
\fIDefault\fR: ["sha256", "sha384", "sha512", "sha224", "md5"]
|
1920
|
+
\fIDefault\fR: \fB["sha256", "sha384", "sha512", "sha224", "md5"]\fR
|
1899
1921
|
.
|
1900
1922
|
.IP "" 0
|
1901
1923
|
.
|
@@ -1903,7 +1925,7 @@ Checksum types supported by this agent for use in file resources of a static cat
|
|
1903
1925
|
What syslog facility to use when logging to syslog\. Syslog has a fixed list of valid facilities, and you must choose one of those; you cannot just make one up\.
|
1904
1926
|
.
|
1905
1927
|
.IP "\(bu" 4
|
1906
|
-
\fIDefault\fR:
|
1928
|
+
\fIDefault\fR: \fBdaemon\fR
|
1907
1929
|
.
|
1908
1930
|
.IP "" 0
|
1909
1931
|
.
|
@@ -1914,7 +1936,7 @@ Tags to use to find resources\. If this is set, then only resources tagged with
|
|
1914
1936
|
Turns on experimental support for tasks and plans in the puppet language\. This is for internal API use only\. Do not change this setting\.
|
1915
1937
|
.
|
1916
1938
|
.IP "\(bu" 4
|
1917
|
-
\fIDefault\fR:
|
1939
|
+
\fIDefault\fR: \fBfalse\fR
|
1918
1940
|
.
|
1919
1941
|
.IP "" 0
|
1920
1942
|
.
|
@@ -1922,7 +1944,7 @@ Turns on experimental support for tasks and plans in the puppet language\. This
|
|
1922
1944
|
Whether to print stack traces on some errors\. Will print internal Ruby stack trace interleaved with Puppet function frames\.
|
1923
1945
|
.
|
1924
1946
|
.IP "\(bu" 4
|
1925
|
-
\fIDefault\fR:
|
1947
|
+
\fIDefault\fR: \fBfalse\fR
|
1926
1948
|
.
|
1927
1949
|
.IP "" 0
|
1928
1950
|
.
|
@@ -1930,7 +1952,7 @@ Whether to print stack traces on some errors\. Will print internal Ruby stack tr
|
|
1930
1952
|
Transactional storage file for persisting data between transactions for the purposes of infering information (such as corrective_change) on new data received\.
|
1931
1953
|
.
|
1932
1954
|
.IP "\(bu" 4
|
1933
|
-
\fIDefault\fR: $statedir/transactionstore\.yaml
|
1955
|
+
\fIDefault\fR: \fB$statedir/transactionstore\.yaml\fR
|
1934
1956
|
.
|
1935
1957
|
.IP "" 0
|
1936
1958
|
.
|
@@ -1951,15 +1973,16 @@ For unknown or invalid nodes, exit with a non\-zero exit code\.
|
|
1951
1973
|
.P
|
1952
1974
|
If the setting points to an executable command, then the external trusted facts will be stored in the \'external\' key of the trusted facts hash\. Otherwise for each executable file in the directory, the external trusted facts will be stored in the \fB<basename>\fR key of the \fBtrusted[\'external\']\fR hash\. For example, if the files foo\.rb and bar\.sh are in the directory, then \fBtrusted[\'external\']\fR will be the hash \fB{ \'foo\' => <foo\.rb output>, \'bar\' => <bar\.sh output> }\fR\.
|
1953
1975
|
.
|
1954
|
-
.
|
1955
|
-
\fIDefault\fR:
|
1956
|
-
|
1976
|
+
.IP "\(bu" 4
|
1977
|
+
\fIDefault\fR: ``
|
1978
|
+
.
|
1979
|
+
.IP "" 0
|
1957
1980
|
.
|
1958
1981
|
.SS "trusted_oid_mapping_file"
|
1959
1982
|
File that provides mapping between custom SSL oids and user\-friendly names
|
1960
1983
|
.
|
1961
1984
|
.IP "\(bu" 4
|
1962
|
-
\fIDefault\fR: $confdir/custom_trusted_oid_mapping\.yaml
|
1985
|
+
\fIDefault\fR: \fB$confdir/custom_trusted_oid_mapping\.yaml\fR
|
1963
1986
|
.
|
1964
1987
|
.IP "" 0
|
1965
1988
|
.
|
@@ -1967,7 +1990,7 @@ File that provides mapping between custom SSL oids and user\-friendly names
|
|
1967
1990
|
Whether to only use the cached catalog rather than compiling a new catalog on every run\. Puppet can be run with this enabled by default and then selectively disabled when a recompile is desired\. Because a Puppet agent using cached catalogs does not contact the master for a new catalog, it also does not upload facts at the beginning of the Puppet run\.
|
1968
1991
|
.
|
1969
1992
|
.IP "\(bu" 4
|
1970
|
-
\fIDefault\fR:
|
1993
|
+
\fIDefault\fR: \fBfalse\fR
|
1971
1994
|
.
|
1972
1995
|
.IP "" 0
|
1973
1996
|
.
|
@@ -1975,7 +1998,7 @@ Whether to only use the cached catalog rather than compiling a new catalog on ev
|
|
1975
1998
|
Whether the server will search for SRV records in DNS for the current domain\.
|
1976
1999
|
.
|
1977
2000
|
.IP "\(bu" 4
|
1978
|
-
\fIDefault\fR:
|
2001
|
+
\fIDefault\fR: \fBfalse\fR
|
1979
2002
|
.
|
1980
2003
|
.IP "" 0
|
1981
2004
|
.
|
@@ -1983,7 +2006,7 @@ Whether the server will search for SRV records in DNS for the current domain\.
|
|
1983
2006
|
Whether to use the cached configuration when the remote configuration will not compile\. This option is useful for testing new configurations, where you want to fix the broken configuration rather than reverting to a known\-good one\.
|
1984
2007
|
.
|
1985
2008
|
.IP "\(bu" 4
|
1986
|
-
\fIDefault\fR:
|
2009
|
+
\fIDefault\fR: \fBtrue\fR
|
1987
2010
|
.
|
1988
2011
|
.IP "" 0
|
1989
2012
|
.
|
@@ -1991,7 +2014,7 @@ Whether to use the cached configuration when the remote configuration will not c
|
|
1991
2014
|
The user Puppet Server will run as\. Used to ensure the agent side processes (agent, apply, etc) create files and directories readable by Puppet Server when necessary\.
|
1992
2015
|
.
|
1993
2016
|
.IP "\(bu" 4
|
1994
|
-
\fIDefault\fR:
|
2017
|
+
\fIDefault\fR: \fBpuppet\fR
|
1995
2018
|
.
|
1996
2019
|
.IP "" 0
|
1997
2020
|
.
|
@@ -1999,7 +2022,7 @@ The user Puppet Server will run as\. Used to ensure the agent side processes (ag
|
|
1999
2022
|
Where Puppet stores dynamic and growing data\. The default for this setting is calculated specially, like \fBconfdir\fR_\.
|
2000
2023
|
.
|
2001
2024
|
.IP "\(bu" 4
|
2002
|
-
\fIDefault\fR:
|
2025
|
+
\fIDefault\fR: \fBUnix/Linux: /opt/puppetlabs/puppet/cache \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\ecache \-\- Non\-root user: ~/\.puppetlabs/opt/puppet/cache\fR
|
2003
2026
|
.
|
2004
2027
|
.IP "" 0
|
2005
2028
|
.
|
@@ -2007,7 +2030,7 @@ Where Puppet stores dynamic and growing data\. The default for this setting is c
|
|
2007
2030
|
The directory containing \fBvendored\fR modules\. These modules will be used by \fIall\fR environments like those in the \fBbasemodulepath\fR\. The only difference is that modules in the \fBbasemodulepath\fR are pluginsynced, while vendored modules are not
|
2008
2031
|
.
|
2009
2032
|
.IP "\(bu" 4
|
2010
|
-
\fIDefault\fR: /opt/puppetlabs/puppet/vendor_modules
|
2033
|
+
\fIDefault\fR: \fB/opt/puppetlabs/puppet/vendor_modules\fR
|
2011
2034
|
.
|
2012
2035
|
.IP "" 0
|
2013
2036
|
.
|
@@ -2015,7 +2038,7 @@ The directory containing \fBvendored\fR modules\. These modules will be used by
|
|
2015
2038
|
Whether or not to look for versioned environment directories, symlinked from \fB$environmentpath/<environment>\fR\. This is an experimental feature and should be used with caution\.
|
2016
2039
|
.
|
2017
2040
|
.IP "\(bu" 4
|
2018
|
-
\fIDefault\fR:
|
2041
|
+
\fIDefault\fR: \fBfalse\fR
|
2019
2042
|
.
|
2020
2043
|
.IP "" 0
|
2021
2044
|
.
|
@@ -2029,7 +2052,7 @@ When starting for the first time, puppet agent will submit a certificate signing
|
|
2029
2052
|
Puppet agent cannot apply configurations until its approved certificate is available\. Since the certificate may or may not be available immediately, puppet agent will repeatedly try to fetch it at this interval\. You can turn off waiting for certificates by specifying a time of 0, or a maximum amount of time to wait in the \fBmaxwaitforcert\fR setting, in which case puppet agent will exit if it cannot get a cert\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
2030
2053
|
.
|
2031
2054
|
.IP "\(bu" 4
|
2032
|
-
\fIDefault\fR:
|
2055
|
+
\fIDefault\fR: \fB2m\fR
|
2033
2056
|
.
|
2034
2057
|
.IP "" 0
|
2035
2058
|
.
|
@@ -2040,7 +2063,7 @@ How frequently puppet agent should try running when there is an already ongoing
|
|
2040
2063
|
This argument is by default disabled (value set to 0)\. In this case puppet agent will immediately exit if it cannot run at that moment\. When a value other than 0 is set, this can also be used in combination with the \fBmaxwaitforlock\fR argument\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
2041
2064
|
.
|
2042
2065
|
.IP "\(bu" 4
|
2043
|
-
\fIDefault\fR:
|
2066
|
+
\fIDefault\fR: \fB0\fR
|
2044
2067
|
.
|
2045
2068
|
.IP "" 0
|
2046
2069
|
.
|
@@ -2048,7 +2071,7 @@ This argument is by default disabled (value set to 0)\. In this case puppet agen
|
|
2048
2071
|
The directory in which YAML data is stored, usually in a subdirectory\.
|
2049
2072
|
.
|
2050
2073
|
.IP "\(bu" 4
|
2051
|
-
\fIDefault\fR: $vardir/yaml
|
2074
|
+
\fIDefault\fR: \fB$vardir/yaml\fR
|
2052
2075
|
.
|
2053
2076
|
.IP "" 0
|
2054
2077
|
|