puppet 7.6.1-universal-darwin → 7.10.0-universal-darwin
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of puppet might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +7 -7
- data/Gemfile +2 -1
- data/Gemfile.lock +18 -18
- data/README.md +4 -4
- data/{ext → examples/enc}/regexp_nodes/classes/databases +0 -0
- data/{ext → examples/enc}/regexp_nodes/classes/webservers +0 -0
- data/{ext → examples/enc}/regexp_nodes/environment/development +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/prod +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/qa +0 -0
- data/{ext → examples/enc}/regexp_nodes/parameters/service/sandbox +0 -0
- data/{ext → examples/enc}/regexp_nodes/regexp_nodes.rb +0 -0
- data/{ext → examples}/nagios/check_puppet.rb +2 -2
- data/ext/README.md +13 -0
- data/ext/osx/puppet.plist +2 -0
- data/ext/project_data.yaml +1 -0
- data/install.rb +11 -15
- data/lib/hiera_puppet.rb +1 -1
- data/lib/puppet.rb +40 -40
- data/lib/puppet/agent.rb +6 -6
- data/lib/puppet/agent/disabler.rb +1 -1
- data/lib/puppet/agent/locker.rb +2 -2
- data/lib/puppet/application.rb +6 -6
- data/lib/puppet/application/agent.rb +18 -11
- data/lib/puppet/application/apply.rb +6 -5
- data/lib/puppet/application/catalog.rb +1 -1
- data/lib/puppet/application/config.rb +1 -1
- data/lib/puppet/application/describe.rb +1 -1
- data/lib/puppet/application/device.rb +8 -7
- data/lib/puppet/application/doc.rb +7 -7
- data/lib/puppet/application/epp.rb +2 -2
- data/lib/puppet/application/face_base.rb +2 -2
- data/lib/puppet/application/facts.rb +1 -1
- data/lib/puppet/application/filebucket.rb +3 -2
- data/lib/puppet/application/generate.rb +1 -1
- data/lib/puppet/application/help.rb +1 -1
- data/lib/puppet/application/indirection_base.rb +1 -1
- data/lib/puppet/application/lookup.rb +6 -6
- data/lib/puppet/application/module.rb +1 -1
- data/lib/puppet/application/node.rb +1 -1
- data/lib/puppet/application/parser.rb +2 -2
- data/lib/puppet/application/plugin.rb +1 -1
- data/lib/puppet/application/report.rb +1 -1
- data/lib/puppet/application/resource.rb +18 -4
- data/lib/puppet/application/script.rb +6 -5
- data/lib/puppet/application/ssl.rb +3 -2
- data/lib/puppet/application_support.rb +4 -4
- data/lib/puppet/compilable_resource_type.rb +1 -1
- data/lib/puppet/concurrent/lock.rb +1 -1
- data/lib/puppet/configurer.rb +159 -50
- data/lib/puppet/configurer/downloader.rb +4 -3
- data/lib/puppet/configurer/fact_handler.rb +3 -3
- data/lib/puppet/configurer/plugin_handler.rb +1 -1
- data/lib/puppet/confine.rb +1 -1
- data/lib/puppet/confine/boolean.rb +1 -1
- data/lib/puppet/confine/exists.rb +1 -1
- data/lib/puppet/confine/false.rb +1 -1
- data/lib/puppet/confine/feature.rb +1 -1
- data/lib/puppet/confine/true.rb +1 -1
- data/lib/puppet/confine/variable.rb +1 -1
- data/lib/puppet/confine_collection.rb +1 -1
- data/lib/puppet/confiner.rb +1 -1
- data/lib/puppet/context.rb +2 -2
- data/lib/puppet/context/trusted_information.rb +1 -1
- data/lib/puppet/daemon.rb +2 -2
- data/lib/puppet/data_binding.rb +1 -1
- data/lib/puppet/datatypes/error.rb +1 -1
- data/lib/puppet/defaults.rb +67 -33
- data/lib/puppet/environments.rb +76 -26
- data/lib/puppet/etc.rb +1 -1
- data/lib/puppet/external/pson/common.rb +1 -1
- data/lib/puppet/external/pson/pure.rb +3 -3
- data/lib/puppet/face.rb +1 -1
- data/lib/puppet/face/catalog.rb +1 -1
- data/lib/puppet/face/config.rb +2 -2
- data/lib/puppet/face/epp.rb +6 -6
- data/lib/puppet/face/facts.rb +2 -2
- data/lib/puppet/face/generate.rb +2 -2
- data/lib/puppet/face/help.rb +3 -3
- data/lib/puppet/face/help/action.erb +1 -0
- data/lib/puppet/face/help/face.erb +1 -0
- data/lib/puppet/face/module.rb +3 -3
- data/lib/puppet/face/module/install.rb +2 -2
- data/lib/puppet/face/node.rb +1 -1
- data/lib/puppet/face/node/clean.rb +1 -1
- data/lib/puppet/face/parser.rb +4 -4
- data/lib/puppet/face/plugin.rb +2 -2
- data/lib/puppet/face/report.rb +1 -1
- data/lib/puppet/face/resource.rb +1 -1
- data/lib/puppet/feature/base.rb +2 -2
- data/lib/puppet/feature/bolt.rb +1 -1
- data/lib/puppet/feature/cfpropertylist.rb +1 -1
- data/lib/puppet/feature/eventlog.rb +1 -1
- data/lib/puppet/feature/hiera_eyaml.rb +1 -1
- data/lib/puppet/feature/hocon.rb +1 -1
- data/lib/puppet/feature/libuser.rb +2 -2
- data/lib/puppet/feature/msgpack.rb +1 -1
- data/lib/puppet/feature/pe_license.rb +1 -1
- data/lib/puppet/feature/selinux.rb +1 -1
- data/lib/puppet/feature/ssh.rb +1 -1
- data/lib/puppet/feature/telnet.rb +1 -1
- data/lib/puppet/feature/zlib.rb +1 -1
- data/lib/puppet/ffi/posix.rb +2 -2
- data/lib/puppet/ffi/posix/constants.rb +1 -1
- data/lib/puppet/ffi/posix/functions.rb +1 -1
- data/lib/puppet/ffi/windows.rb +4 -4
- data/lib/puppet/ffi/windows/api_types.rb +2 -2
- data/lib/puppet/ffi/windows/constants.rb +1 -1
- data/lib/puppet/ffi/windows/functions.rb +1 -1
- data/lib/puppet/ffi/windows/structs.rb +1 -1
- data/lib/puppet/file_bucket/dipper.rb +4 -4
- data/lib/puppet/file_bucket/file.rb +3 -3
- data/lib/puppet/file_serving/base.rb +2 -2
- data/lib/puppet/file_serving/configuration.rb +12 -10
- data/lib/puppet/file_serving/configuration/parser.rb +4 -2
- data/lib/puppet/file_serving/content.rb +3 -3
- data/lib/puppet/file_serving/fileset.rb +16 -4
- data/lib/puppet/file_serving/http_metadata.rb +1 -1
- data/lib/puppet/file_serving/metadata.rb +6 -6
- data/lib/puppet/file_serving/mount.rb +4 -4
- data/lib/puppet/file_serving/mount/file.rb +1 -1
- data/lib/puppet/file_serving/mount/locales.rb +1 -1
- data/lib/puppet/file_serving/mount/modules.rb +1 -1
- data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -1
- data/lib/puppet/file_serving/mount/plugins.rb +1 -1
- data/lib/puppet/file_serving/mount/scripts.rb +24 -0
- data/lib/puppet/file_serving/mount/tasks.rb +1 -1
- data/lib/puppet/file_serving/terminus_helper.rb +2 -2
- data/lib/puppet/file_serving/terminus_selector.rb +1 -1
- data/lib/puppet/file_system.rb +9 -9
- data/lib/puppet/file_system/file_impl.rb +1 -1
- data/lib/puppet/file_system/jruby.rb +1 -1
- data/lib/puppet/file_system/path_pattern.rb +1 -1
- data/lib/puppet/file_system/uniquefile.rb +1 -1
- data/lib/puppet/file_system/windows.rb +4 -4
- data/lib/puppet/forge.rb +8 -8
- data/lib/puppet/forge/cache.rb +2 -2
- data/lib/puppet/forge/errors.rb +3 -3
- data/lib/puppet/forge/repository.rb +4 -4
- data/lib/puppet/functions/all.rb +1 -1
- data/lib/puppet/functions/camelcase.rb +1 -1
- data/lib/puppet/functions/capitalize.rb +2 -2
- data/lib/puppet/functions/downcase.rb +2 -2
- data/lib/puppet/functions/empty.rb +8 -0
- data/lib/puppet/functions/find_template.rb +2 -2
- data/lib/puppet/functions/get.rb +5 -5
- data/lib/puppet/functions/group_by.rb +13 -5
- data/lib/puppet/functions/lest.rb +1 -1
- data/lib/puppet/functions/new.rb +100 -100
- data/lib/puppet/functions/partition.rb +4 -4
- data/lib/puppet/functions/require.rb +5 -5
- data/lib/puppet/functions/sort.rb +3 -3
- data/lib/puppet/functions/strftime.rb +1 -0
- data/lib/puppet/functions/tree_each.rb +7 -9
- data/lib/puppet/functions/type.rb +4 -4
- data/lib/puppet/functions/unwrap.rb +17 -2
- data/lib/puppet/functions/upcase.rb +2 -2
- data/lib/puppet/functions/versioncmp.rb +1 -1
- data/lib/puppet/generate/models/type/type.rb +1 -1
- data/lib/puppet/generate/type.rb +2 -2
- data/lib/puppet/gettext/config.rb +3 -3
- data/lib/puppet/gettext/module_translations.rb +1 -1
- data/lib/puppet/graph.rb +6 -6
- data/lib/puppet/graph/simple_graph.rb +2 -2
- data/lib/puppet/http.rb +26 -26
- data/lib/puppet/http/factory.rb +2 -2
- data/lib/puppet/http/proxy.rb +1 -1
- data/lib/puppet/http/resolver/server_list.rb +15 -4
- data/lib/puppet/http/service/compiler.rb +79 -2
- data/lib/puppet/http/service/file_server.rb +3 -2
- data/lib/puppet/indirector.rb +5 -5
- data/lib/puppet/indirector/catalog/compiler.rb +28 -9
- data/lib/puppet/indirector/catalog/json.rb +2 -2
- data/lib/puppet/indirector/catalog/msgpack.rb +2 -2
- data/lib/puppet/indirector/catalog/rest.rb +3 -2
- data/lib/puppet/indirector/catalog/store_configs.rb +2 -2
- data/lib/puppet/indirector/catalog/yaml.rb +2 -2
- data/lib/puppet/indirector/code.rb +1 -1
- data/lib/puppet/indirector/data_binding/hiera.rb +1 -1
- data/lib/puppet/indirector/data_binding/none.rb +1 -1
- data/lib/puppet/indirector/direct_file_server.rb +2 -2
- data/lib/puppet/indirector/envelope.rb +1 -1
- data/lib/puppet/indirector/errors.rb +1 -1
- data/lib/puppet/indirector/exec.rb +2 -2
- data/lib/puppet/indirector/face.rb +1 -1
- data/lib/puppet/indirector/facts/facter.rb +2 -2
- data/lib/puppet/indirector/facts/json.rb +3 -3
- data/lib/puppet/indirector/facts/memory.rb +2 -2
- data/lib/puppet/indirector/facts/network_device.rb +2 -2
- data/lib/puppet/indirector/facts/rest.rb +2 -2
- data/lib/puppet/indirector/facts/store_configs.rb +2 -2
- data/lib/puppet/indirector/facts/yaml.rb +3 -3
- data/lib/puppet/indirector/file_bucket_file/file.rb +4 -4
- data/lib/puppet/indirector/file_bucket_file/rest.rb +2 -2
- data/lib/puppet/indirector/file_bucket_file/selector.rb +1 -1
- data/lib/puppet/indirector/file_content.rb +1 -1
- data/lib/puppet/indirector/file_content/file.rb +3 -3
- data/lib/puppet/indirector/file_content/file_server.rb +3 -3
- data/lib/puppet/indirector/file_content/rest.rb +3 -3
- data/lib/puppet/indirector/file_content/selector.rb +4 -4
- data/lib/puppet/indirector/file_metadata.rb +1 -1
- data/lib/puppet/indirector/file_metadata/file.rb +3 -3
- data/lib/puppet/indirector/file_metadata/file_server.rb +3 -3
- data/lib/puppet/indirector/file_metadata/http.rb +3 -3
- data/lib/puppet/indirector/file_metadata/rest.rb +4 -3
- data/lib/puppet/indirector/file_metadata/selector.rb +4 -4
- data/lib/puppet/indirector/file_server.rb +4 -4
- data/lib/puppet/indirector/generic_http.rb +1 -1
- data/lib/puppet/indirector/hiera.rb +1 -1
- data/lib/puppet/indirector/indirection.rb +5 -5
- data/lib/puppet/indirector/json.rb +2 -2
- data/lib/puppet/indirector/memory.rb +1 -1
- data/lib/puppet/indirector/msgpack.rb +2 -2
- data/lib/puppet/indirector/node/exec.rb +2 -2
- data/lib/puppet/indirector/node/json.rb +2 -2
- data/lib/puppet/indirector/node/memory.rb +2 -2
- data/lib/puppet/indirector/node/msgpack.rb +2 -2
- data/lib/puppet/indirector/node/plain.rb +2 -2
- data/lib/puppet/indirector/node/rest.rb +2 -2
- data/lib/puppet/indirector/node/store_configs.rb +2 -2
- data/lib/puppet/indirector/node/yaml.rb +2 -2
- data/lib/puppet/indirector/none.rb +1 -1
- data/lib/puppet/indirector/plain.rb +1 -1
- data/lib/puppet/indirector/report/json.rb +2 -2
- data/lib/puppet/indirector/report/msgpack.rb +2 -2
- data/lib/puppet/indirector/report/processor.rb +3 -3
- data/lib/puppet/indirector/report/rest.rb +1 -1
- data/lib/puppet/indirector/report/yaml.rb +2 -2
- data/lib/puppet/indirector/request.rb +3 -3
- data/lib/puppet/indirector/resource/ral.rb +7 -2
- data/lib/puppet/indirector/resource/store_configs.rb +2 -2
- data/lib/puppet/indirector/terminus.rb +9 -5
- data/lib/puppet/indirector/yaml.rb +2 -2
- data/lib/puppet/info_service.rb +3 -3
- data/lib/puppet/info_service/class_information_service.rb +3 -3
- data/lib/puppet/info_service/plan_information_service.rb +1 -1
- data/lib/puppet/info_service/task_information_service.rb +1 -1
- data/lib/puppet/interface.rb +10 -10
- data/lib/puppet/interface/documentation.rb +2 -1
- data/lib/puppet/loaders.rb +21 -21
- data/lib/puppet/metatype/manager.rb +3 -3
- data/lib/puppet/module.rb +4 -4
- data/lib/puppet/module/plan.rb +1 -2
- data/lib/puppet/module/task.rb +2 -2
- data/lib/puppet/module_tool.rb +10 -10
- data/lib/puppet/module_tool/applications.rb +7 -7
- data/lib/puppet/module_tool/applications/application.rb +2 -2
- data/lib/puppet/module_tool/applications/checksummer.rb +2 -2
- data/lib/puppet/module_tool/applications/installer.rb +19 -11
- data/lib/puppet/module_tool/applications/unpacker.rb +2 -2
- data/lib/puppet/module_tool/applications/upgrader.rb +5 -5
- data/lib/puppet/module_tool/checksums.rb +1 -1
- data/lib/puppet/module_tool/contents_description.rb +1 -1
- data/lib/puppet/module_tool/dependency.rb +2 -2
- data/lib/puppet/module_tool/errors.rb +6 -6
- data/lib/puppet/module_tool/errors/shared.rb +17 -0
- data/lib/puppet/module_tool/install_directory.rb +2 -2
- data/lib/puppet/module_tool/installed_modules.rb +2 -2
- data/lib/puppet/module_tool/local_tarball.rb +2 -2
- data/lib/puppet/module_tool/metadata.rb +3 -3
- data/lib/puppet/module_tool/tar.rb +4 -4
- data/lib/puppet/module_tool/tar/mini.rb +1 -1
- data/lib/puppet/network/format.rb +1 -1
- data/lib/puppet/network/format_handler.rb +3 -3
- data/lib/puppet/network/format_support.rb +1 -1
- data/lib/puppet/network/formats.rb +2 -2
- data/lib/puppet/network/http.rb +12 -12
- data/lib/puppet/network/http/api.rb +1 -1
- data/lib/puppet/network/http/api/indirected_routes.rb +2 -2
- data/lib/puppet/network/http/api/master.rb +1 -1
- data/lib/puppet/network/http/api/master/v3.rb +2 -2
- data/lib/puppet/network/http/api/master/v3/environments.rb +2 -2
- data/lib/puppet/network/http/api/server/v3.rb +2 -2
- data/lib/puppet/network/http/api/server/v3/environments.rb +1 -1
- data/lib/puppet/network/http/connection.rb +1 -1
- data/lib/puppet/network/http/error.rb +1 -1
- data/lib/puppet/network/http/handler.rb +3 -3
- data/lib/puppet/network/http_pool.rb +1 -1
- data/lib/puppet/node.rb +3 -3
- data/lib/puppet/node/environment.rb +13 -14
- data/lib/puppet/node/facts.rb +3 -3
- data/lib/puppet/pal/pal_api.rb +10 -10
- data/lib/puppet/pal/pal_impl.rb +3 -3
- data/lib/puppet/parameter.rb +4 -4
- data/lib/puppet/parameter/boolean.rb +1 -1
- data/lib/puppet/parameter/package_options.rb +1 -1
- data/lib/puppet/parameter/path.rb +1 -1
- data/lib/puppet/parameter/value.rb +1 -1
- data/lib/puppet/parameter/value_collection.rb +1 -1
- data/lib/puppet/parser.rb +10 -10
- data/lib/puppet/parser/ast.rb +8 -8
- data/lib/puppet/parser/ast/hostclass.rb +1 -1
- data/lib/puppet/parser/ast/pops_bridge.rb +2 -2
- data/lib/puppet/parser/catalog_compiler.rb +2 -2
- data/lib/puppet/parser/compiler.rb +5 -5
- data/lib/puppet/parser/e4_parser_adapter.rb +1 -1
- data/lib/puppet/parser/functions.rb +4 -4
- data/lib/puppet/parser/functions/digest.rb +1 -1
- data/lib/puppet/parser/functions/file.rb +1 -1
- data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
- data/lib/puppet/parser/functions/versioncmp.rb +1 -1
- data/lib/puppet/parser/parser_factory.rb +2 -2
- data/lib/puppet/parser/resource.rb +3 -3
- data/lib/puppet/parser/scope.rb +3 -3
- data/lib/puppet/parser/script_compiler.rb +2 -2
- data/lib/puppet/parser/templatewrapper.rb +2 -2
- data/lib/puppet/parser/type_loader.rb +1 -1
- data/lib/puppet/plugins/configuration.rb +5 -5
- data/lib/puppet/pops.rb +57 -57
- data/lib/puppet/pops/evaluator/deferred_resolver.rb +1 -1
- data/lib/puppet/pops/evaluator/evaluator_impl.rb +7 -7
- data/lib/puppet/pops/evaluator/external_syntax_support.rb +1 -1
- data/lib/puppet/pops/loader/task_instantiator.rb +1 -1
- data/lib/puppet/pops/lookup/invocation.rb +1 -1
- data/lib/puppet/pops/model/ast_transformer.rb +1 -1
- data/lib/puppet/pops/model/pn_transformer.rb +1 -1
- data/lib/puppet/pops/parser/eparser.rb +2 -2
- data/lib/puppet/pops/parser/evaluating_parser.rb +1 -1
- data/lib/puppet/pops/parser/lexer2.rb +5 -5
- data/lib/puppet/pops/parser/lexer_support.rb +1 -1
- data/lib/puppet/pops/parser/parser_support.rb +4 -4
- data/lib/puppet/pops/puppet_stack.rb +1 -1
- data/lib/puppet/pops/serialization/json.rb +1 -1
- data/lib/puppet/pops/serialization/json_path.rb +1 -1
- data/lib/puppet/pops/serialization/to_data_converter.rb +18 -6
- data/lib/puppet/pops/time/timespan.rb +1 -1
- data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
- data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
- data/lib/puppet/pops/types/string_converter.rb +1 -1
- data/lib/puppet/pops/types/type_calculator.rb +1 -1
- data/lib/puppet/pops/types/type_formatter.rb +1 -1
- data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
- data/lib/puppet/pops/types/type_parser.rb +1 -1
- data/lib/puppet/pops/types/types.rb +1 -1
- data/lib/puppet/pops/validation/checker4_0.rb +1 -1
- data/lib/puppet/property.rb +3 -3
- data/lib/puppet/property/boolean.rb +1 -1
- data/lib/puppet/property/ensure.rb +1 -1
- data/lib/puppet/property/keyvalue.rb +1 -1
- data/lib/puppet/property/list.rb +1 -1
- data/lib/puppet/property/ordered_list.rb +1 -1
- data/lib/puppet/provider.rb +2 -2
- data/lib/puppet/provider/confine.rb +2 -2
- data/lib/puppet/provider/exec.rb +2 -2
- data/lib/puppet/provider/exec/posix.rb +17 -5
- data/lib/puppet/provider/exec/windows.rb +1 -1
- data/lib/puppet/provider/file/posix.rb +1 -1
- data/lib/puppet/provider/file/windows.rb +1 -1
- data/lib/puppet/provider/group/aix.rb +1 -1
- data/lib/puppet/provider/group/directoryservice.rb +1 -1
- data/lib/puppet/provider/group/groupadd.rb +2 -2
- data/lib/puppet/provider/group/ldap.rb +1 -1
- data/lib/puppet/provider/group/pw.rb +1 -1
- data/lib/puppet/provider/group/windows_adsi.rb +1 -1
- data/lib/puppet/provider/ldap.rb +2 -2
- data/lib/puppet/provider/nameservice.rb +1 -1
- data/lib/puppet/provider/nameservice/directoryservice.rb +3 -3
- data/lib/puppet/provider/nameservice/objectadd.rb +1 -1
- data/lib/puppet/provider/nameservice/pw.rb +1 -1
- data/lib/puppet/provider/package.rb +1 -1
- data/lib/puppet/provider/package/aix.rb +2 -2
- data/lib/puppet/provider/package/appdmg.rb +2 -2
- data/lib/puppet/provider/package/apple.rb +1 -1
- data/lib/puppet/provider/package/apt.rb +5 -5
- data/lib/puppet/provider/package/dnfmodule.rb +1 -1
- data/lib/puppet/provider/package/dpkg.rb +1 -1
- data/lib/puppet/provider/package/gem.rb +3 -3
- data/lib/puppet/provider/package/hpux.rb +1 -1
- data/lib/puppet/provider/package/macports.rb +2 -2
- data/lib/puppet/provider/package/nim.rb +13 -8
- data/lib/puppet/provider/package/openbsd.rb +1 -1
- data/lib/puppet/provider/package/opkg.rb +1 -1
- data/lib/puppet/provider/package/pacman.rb +1 -1
- data/lib/puppet/provider/package/pip.rb +18 -6
- data/lib/puppet/provider/package/pkg.rb +10 -3
- data/lib/puppet/provider/package/pkgdmg.rb +3 -3
- data/lib/puppet/provider/package/pkgin.rb +1 -1
- data/lib/puppet/provider/package/pkgng.rb +1 -1
- data/lib/puppet/provider/package/portage.rb +1 -1
- data/lib/puppet/provider/package/portupgrade.rb +1 -1
- data/lib/puppet/provider/package/puppetserver_gem.rb +0 -0
- data/lib/puppet/provider/package/rpm.rb +2 -2
- data/lib/puppet/provider/package/sun.rb +1 -1
- data/lib/puppet/provider/package/windows.rb +17 -4
- data/lib/puppet/provider/package/windows/exe_package.rb +31 -2
- data/lib/puppet/provider/package/windows/msi_package.rb +1 -1
- data/lib/puppet/provider/package/windows/package.rb +6 -5
- data/lib/puppet/provider/package/yum.rb +6 -6
- data/lib/puppet/provider/package/zypper.rb +3 -3
- data/lib/puppet/provider/package_targetable.rb +1 -1
- data/lib/puppet/provider/parsedfile.rb +6 -3
- data/lib/puppet/provider/service/base.rb +6 -4
- data/lib/puppet/provider/service/daemontools.rb +0 -1
- data/lib/puppet/provider/service/debian.rb +3 -5
- data/lib/puppet/provider/service/freebsd.rb +1 -1
- data/lib/puppet/provider/service/init.rb +1 -1
- data/lib/puppet/provider/service/launchd.rb +10 -4
- data/lib/puppet/provider/service/service.rb +28 -3
- data/lib/puppet/provider/service/smf.rb +0 -24
- data/lib/puppet/provider/service/src.rb +2 -2
- data/lib/puppet/provider/service/systemd.rb +18 -8
- data/lib/puppet/provider/service/windows.rb +38 -0
- data/lib/puppet/provider/user/aix.rb +2 -2
- data/lib/puppet/provider/user/directoryservice.rb +26 -13
- data/lib/puppet/provider/user/ldap.rb +1 -1
- data/lib/puppet/provider/user/openbsd.rb +1 -1
- data/lib/puppet/provider/user/pw.rb +1 -1
- data/lib/puppet/provider/user/user_role_add.rb +2 -2
- data/lib/puppet/provider/user/useradd.rb +45 -12
- data/lib/puppet/provider/user/windows_adsi.rb +1 -1
- data/lib/puppet/reference/configuration.rb +1 -1
- data/lib/puppet/reference/indirection.rb +4 -4
- data/lib/puppet/reference/report.rb +1 -1
- data/lib/puppet/reports.rb +1 -1
- data/lib/puppet/reports/http.rb +2 -2
- data/lib/puppet/reports/log.rb +1 -1
- data/lib/puppet/reports/store.rb +2 -2
- data/lib/puppet/resource.rb +4 -4
- data/lib/puppet/resource/catalog.rb +5 -5
- data/lib/puppet/resource/status.rb +2 -2
- data/lib/puppet/resource/type.rb +4 -4
- data/lib/puppet/resource/type_collection.rb +6 -4
- data/lib/puppet/runtime.rb +1 -1
- data/lib/puppet/scheduler.rb +4 -4
- data/lib/puppet/settings.rb +58 -35
- data/lib/puppet/settings/autosign_setting.rb +1 -1
- data/lib/puppet/settings/base_setting.rb +2 -2
- data/lib/puppet/settings/certificate_revocation_setting.rb +1 -1
- data/lib/puppet/settings/config_file.rb +2 -9
- data/lib/puppet/settings/errors.rb +1 -1
- data/lib/puppet/settings/priority_setting.rb +3 -3
- data/lib/puppet/settings/value_translator.rb +0 -1
- data/lib/puppet/ssl.rb +11 -11
- data/lib/puppet/ssl/base.rb +3 -3
- data/lib/puppet/ssl/certificate.rb +1 -1
- data/lib/puppet/ssl/certificate_request.rb +2 -2
- data/lib/puppet/ssl/certificate_request_attributes.rb +2 -2
- data/lib/puppet/ssl/oids.rb +1 -1
- data/lib/puppet/ssl/openssl_loader.rb +1 -1
- data/lib/puppet/ssl/ssl_context.rb +1 -1
- data/lib/puppet/ssl/ssl_provider.rb +1 -1
- data/lib/puppet/ssl/state_machine.rb +2 -2
- data/lib/puppet/ssl/verifier.rb +5 -1
- data/lib/puppet/syntax_checkers/base64.rb +1 -1
- data/lib/puppet/syntax_checkers/epp.rb +1 -1
- data/lib/puppet/syntax_checkers/json.rb +1 -1
- data/lib/puppet/syntax_checkers/pp.rb +1 -1
- data/lib/puppet/transaction.rb +11 -11
- data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
- data/lib/puppet/transaction/event.rb +4 -4
- data/lib/puppet/transaction/event_manager.rb +1 -1
- data/lib/puppet/transaction/persistence.rb +12 -2
- data/lib/puppet/transaction/report.rb +17 -3
- data/lib/puppet/transaction/resource_harness.rb +1 -1
- data/lib/puppet/type.rb +15 -15
- data/lib/puppet/type/component.rb +3 -3
- data/lib/puppet/type/exec.rb +26 -4
- data/lib/puppet/type/file.rb +43 -25
- data/lib/puppet/type/file/checksum.rb +1 -1
- data/lib/puppet/type/file/checksum_value.rb +2 -2
- data/lib/puppet/type/file/content.rb +2 -2
- data/lib/puppet/type/file/data_sync.rb +2 -2
- data/lib/puppet/type/file/ensure.rb +1 -1
- data/lib/puppet/type/file/group.rb +1 -1
- data/lib/puppet/type/file/mode.rb +7 -1
- data/lib/puppet/type/file/selcontext.rb +2 -2
- data/lib/puppet/type/file/source.rb +4 -4
- data/lib/puppet/type/filebucket.rb +3 -3
- data/lib/puppet/type/group.rb +2 -2
- data/lib/puppet/type/package.rb +2 -2
- data/lib/puppet/type/resources.rb +2 -2
- data/lib/puppet/type/service.rb +18 -38
- data/lib/puppet/type/tidy.rb +25 -6
- data/lib/puppet/type/user.rb +43 -25
- data/lib/puppet/util.rb +43 -34
- data/lib/puppet/util/at_fork.rb +3 -3
- data/lib/puppet/util/at_fork/solaris.rb +1 -1
- data/lib/puppet/util/autoload.rb +4 -4
- data/lib/puppet/util/checksums.rb +3 -3
- data/lib/puppet/util/colors.rb +1 -1
- data/lib/puppet/util/command_line.rb +6 -6
- data/lib/puppet/util/command_line/puppet_option_parser.rb +2 -2
- data/lib/puppet/util/execution.rb +2 -2
- data/lib/puppet/util/feature.rb +2 -2
- data/lib/puppet/util/filetype.rb +1 -1
- data/lib/puppet/util/http_proxy.rb +1 -1
- data/lib/puppet/util/inifile.rb +2 -2
- data/lib/puppet/util/instance_loader.rb +3 -3
- data/lib/puppet/util/json_lockfile.rb +1 -1
- data/lib/puppet/util/ldap/connection.rb +1 -1
- data/lib/puppet/util/ldap/generator.rb +1 -1
- data/lib/puppet/util/ldap/manager.rb +3 -3
- data/lib/puppet/util/limits.rb +1 -1
- data/lib/puppet/util/log.rb +6 -6
- data/lib/puppet/util/log/destinations.rb +1 -1
- data/lib/puppet/util/logging.rb +2 -2
- data/lib/puppet/util/metric.rb +2 -2
- data/lib/puppet/util/monkey_patches.rb +9 -20
- data/lib/puppet/util/network_device/base.rb +3 -3
- data/lib/puppet/util/network_device/config.rb +2 -2
- data/lib/puppet/util/network_device/transport.rb +1 -1
- data/lib/puppet/util/network_device/transport/base.rb +2 -2
- data/lib/puppet/util/package/version/range.rb +6 -6
- data/lib/puppet/util/package/version/range/eq.rb +1 -1
- data/lib/puppet/util/package/version/range/gt.rb +1 -1
- data/lib/puppet/util/package/version/range/gt_eq.rb +1 -1
- data/lib/puppet/util/package/version/range/lt.rb +1 -1
- data/lib/puppet/util/package/version/range/lt_eq.rb +1 -1
- data/lib/puppet/util/package/version/range/min_max.rb +1 -1
- data/lib/puppet/util/package/version/range/simple.rb +1 -1
- data/lib/puppet/util/package/version/rpm.rb +1 -1
- data/lib/puppet/util/pidlock.rb +1 -1
- data/lib/puppet/util/plist.rb +1 -1
- data/lib/puppet/util/posix.rb +1 -1
- data/lib/puppet/util/profiler.rb +3 -3
- data/lib/puppet/util/profiler/aggregate.rb +2 -2
- data/lib/puppet/util/profiler/object_counts.rb +1 -1
- data/lib/puppet/util/profiler/wall_clock.rb +1 -1
- data/lib/puppet/util/provider_features.rb +2 -2
- data/lib/puppet/util/rdoc.rb +2 -2
- data/lib/puppet/util/rdoc/generators/puppet_generator.rb +2 -2
- data/lib/puppet/util/rdoc/parser.rb +6 -6
- data/lib/puppet/util/rdoc/parser/puppet_parser_rdoc2.rb +1 -1
- data/lib/puppet/util/reference.rb +1 -1
- data/lib/puppet/util/resource_template.rb +2 -2
- data/lib/puppet/util/rubygems.rb +1 -1
- data/lib/puppet/util/selinux.rb +30 -4
- data/lib/puppet/util/skip_tags.rb +1 -1
- data/lib/puppet/util/storage.rb +1 -1
- data/lib/puppet/util/suidmanager.rb +2 -2
- data/lib/puppet/util/symbolic_file_mode.rb +30 -18
- data/lib/puppet/util/tag_set.rb +1 -1
- data/lib/puppet/util/tagging.rb +1 -1
- data/lib/puppet/util/watched_file.rb +1 -1
- data/lib/puppet/util/watcher.rb +3 -3
- data/lib/puppet/util/windows.rb +20 -20
- data/lib/puppet/util/windows/access_control_entry.rb +1 -1
- data/lib/puppet/util/windows/adsi.rb +1 -1
- data/lib/puppet/util/windows/daemon.rb +1 -1
- data/lib/puppet/util/windows/error.rb +2 -2
- data/lib/puppet/util/windows/file.rb +1 -1
- data/lib/puppet/util/windows/monkey_patches/process.rb +2 -2
- data/lib/puppet/util/windows/principal.rb +1 -1
- data/lib/puppet/util/windows/process.rb +2 -2
- data/lib/puppet/util/windows/registry.rb +1 -1
- data/lib/puppet/util/windows/root_certs.rb +2 -2
- data/lib/puppet/util/windows/security.rb +1 -1
- data/lib/puppet/util/windows/security_descriptor.rb +1 -1
- data/lib/puppet/util/windows/service.rb +1 -1
- data/lib/puppet/util/windows/sid.rb +4 -2
- data/lib/puppet/util/windows/user.rb +1 -1
- data/lib/puppet/vendor.rb +1 -1
- data/lib/puppet/version.rb +1 -1
- data/lib/puppet/x509.rb +4 -4
- data/lib/puppet/x509/cert_provider.rb +4 -22
- data/lib/puppet/x509/pem_store.rb +1 -1
- data/lib/puppet_pal.rb +2 -2
- data/locales/puppet.pot +441 -357
- data/man/man5/puppet.conf.5 +322 -264
- data/man/man8/puppet-agent.8 +1 -1
- data/man/man8/puppet-apply.8 +1 -1
- data/man/man8/puppet-catalog.8 +9 -9
- data/man/man8/puppet-config.8 +1 -1
- data/man/man8/puppet-describe.8 +1 -1
- data/man/man8/puppet-device.8 +1 -1
- data/man/man8/puppet-doc.8 +1 -1
- data/man/man8/puppet-epp.8 +1 -1
- data/man/man8/puppet-facts.8 +7 -7
- data/man/man8/puppet-filebucket.8 +1 -1
- data/man/man8/puppet-generate.8 +1 -1
- data/man/man8/puppet-help.8 +1 -1
- data/man/man8/puppet-lookup.8 +1 -1
- data/man/man8/puppet-module.8 +3 -3
- data/man/man8/puppet-node.8 +5 -5
- data/man/man8/puppet-parser.8 +1 -1
- data/man/man8/puppet-plugin.8 +1 -1
- data/man/man8/puppet-report.8 +5 -5
- data/man/man8/puppet-resource.8 +1 -1
- data/man/man8/puppet-script.8 +1 -1
- data/man/man8/puppet-ssl.8 +1 -1
- data/man/man8/puppet.8 +2 -2
- data/spec/fixtures/integration/application/agent/lib/facter/agent_spec_role.rb +3 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Gemfile +4 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/Rakefile +3 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/lib/puppet/functions/l10n.rb +8 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/config.yaml +25 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/ja/puppet-l10n.po +19 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/locales/puppet-l10n.pot +20 -0
- data/spec/fixtures/integration/l10n/envs/prod/modules/demo/metadata.json +8 -0
- data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
- data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
- data/spec/fixtures/ssl/ca.pem +57 -35
- data/spec/fixtures/ssl/crl.pem +28 -18
- data/spec/fixtures/ssl/ec-key-openssl.pem +8 -0
- data/spec/fixtures/ssl/ec-key-pk8.pem +5 -0
- data/spec/fixtures/ssl/ec-key.pem +11 -11
- data/spec/fixtures/ssl/ec.pem +33 -24
- data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
- data/spec/fixtures/ssl/encrypted-key.pem +108 -58
- data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
- data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
- data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
- data/spec/fixtures/ssl/intermediate.pem +57 -36
- data/spec/fixtures/ssl/oid-key.pem +117 -0
- data/spec/fixtures/ssl/oid.pem +69 -0
- data/spec/fixtures/ssl/pluto-key.pem +107 -57
- data/spec/fixtures/ssl/pluto.pem +52 -30
- data/spec/fixtures/ssl/request-key.pem +107 -57
- data/spec/fixtures/ssl/request.pem +47 -26
- data/spec/fixtures/ssl/revoked-key.pem +107 -57
- data/spec/fixtures/ssl/revoked.pem +52 -30
- data/spec/fixtures/ssl/signed-key.pem +107 -57
- data/spec/fixtures/ssl/signed.pem +52 -30
- data/spec/fixtures/ssl/tampered-cert.pem +52 -30
- data/spec/fixtures/ssl/tampered-csr.pem +47 -26
- data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
- data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
- data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
- data/spec/fixtures/ssl/unknown-ca.pem +55 -33
- data/spec/integration/application/agent_spec.rb +102 -52
- data/spec/integration/application/filebucket_spec.rb +16 -0
- data/spec/integration/application/module_spec.rb +21 -0
- data/spec/integration/application/resource_spec.rb +64 -0
- data/spec/integration/application/ssl_spec.rb +20 -0
- data/spec/integration/configurer_spec.rb +17 -1
- data/spec/integration/defaults_spec.rb +5 -0
- data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
- data/spec/integration/indirector/facts/facter_spec.rb +90 -36
- data/spec/integration/l10n/compiler_spec.rb +37 -0
- data/spec/integration/type/exec_spec.rb +70 -45
- data/spec/integration/type/file_spec.rb +5 -5
- data/spec/lib/puppet/test_ca.rb +7 -2
- data/spec/lib/puppet_spec/files.rb +1 -1
- data/spec/lib/puppet_spec/modules.rb +13 -2
- data/spec/lib/puppet_spec/puppetserver.rb +15 -0
- data/spec/lib/puppet_spec/settings.rb +1 -0
- data/spec/shared_behaviours/documentation_on_faces.rb +0 -2
- data/spec/shared_contexts/l10n.rb +27 -0
- data/spec/shared_contexts/provider.rb +16 -0
- data/spec/spec_helper.rb +1 -10
- data/spec/unit/application/agent_spec.rb +7 -2
- data/spec/unit/configurer/downloader_spec.rb +6 -0
- data/spec/unit/configurer_spec.rb +288 -54
- data/spec/unit/environments_spec.rb +184 -0
- data/spec/unit/file_bucket/dipper_spec.rb +1 -1
- data/spec/unit/file_serving/configuration/parser_spec.rb +23 -0
- data/spec/unit/file_serving/configuration_spec.rb +12 -4
- data/spec/unit/file_serving/fileset_spec.rb +60 -0
- data/spec/unit/file_serving/mount/scripts_spec.rb +69 -0
- data/spec/unit/file_system_spec.rb +6 -0
- data/spec/unit/functions/assert_type_spec.rb +1 -1
- data/spec/unit/functions/empty_spec.rb +10 -0
- data/spec/unit/functions/logging_spec.rb +1 -0
- data/spec/unit/functions/lookup_spec.rb +23 -0
- data/spec/unit/functions/unwrap_spec.rb +8 -0
- data/spec/unit/functions4_spec.rb +19 -10
- data/spec/unit/gettext/config_spec.rb +12 -0
- data/spec/unit/http/service/compiler_spec.rb +131 -0
- data/spec/unit/indirector/catalog/compiler_spec.rb +101 -10
- data/spec/unit/indirector/catalog/rest_spec.rb +8 -0
- data/spec/unit/indirector/resource/ral_spec.rb +40 -75
- data/spec/unit/interface/action_spec.rb +0 -9
- data/spec/unit/module_spec.rb +14 -0
- data/spec/unit/module_tool/applications/installer_spec.rb +52 -14
- data/spec/unit/parser/compiler_spec.rb +29 -0
- data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
- data/spec/unit/parser/templatewrapper_spec.rb +12 -2
- data/spec/unit/pops/loaders/dependency_loader_spec.rb +0 -9
- data/spec/unit/pops/lookup/context_spec.rb +1 -1
- data/spec/unit/pops/parser/lexer2_spec.rb +0 -4
- data/spec/unit/pops/parser/parse_containers_spec.rb +0 -11
- data/spec/unit/pops/serialization/to_from_hr_spec.rb +58 -0
- data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
- data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
- data/spec/unit/provider/package/dnfmodule_spec.rb +3 -3
- data/spec/unit/provider/package/gem_spec.rb +3 -1
- data/spec/unit/provider/package/nim_spec.rb +42 -0
- data/spec/unit/provider/package/pip2_spec.rb +3 -1
- data/spec/unit/provider/package/pip3_spec.rb +3 -1
- data/spec/unit/provider/package/pip_spec.rb +40 -1
- data/spec/unit/provider/package/pkg_spec.rb +63 -49
- data/spec/unit/provider/package/puppet_gem_spec.rb +3 -1
- data/spec/unit/provider/package/puppetserver_gem_spec.rb +2 -0
- data/spec/unit/provider/package/windows/exe_package_spec.rb +17 -0
- data/spec/unit/provider/parsedfile_spec.rb +10 -0
- data/spec/unit/provider/service/base_spec.rb +8 -8
- data/spec/unit/provider/service/bsd_spec.rb +0 -4
- data/spec/unit/provider/service/daemontools_spec.rb +1 -1
- data/spec/unit/provider/service/debian_spec.rb +15 -17
- data/spec/unit/provider/service/freebsd_spec.rb +1 -1
- data/spec/unit/provider/service/gentoo_spec.rb +19 -14
- data/spec/unit/provider/service/init_spec.rb +29 -20
- data/spec/unit/provider/service/launchd_spec.rb +21 -12
- data/spec/unit/provider/service/openbsd_spec.rb +21 -35
- data/spec/unit/provider/service/openrc_spec.rb +15 -14
- data/spec/unit/provider/service/openwrt_spec.rb +3 -1
- data/spec/unit/provider/service/redhat_spec.rb +20 -19
- data/spec/unit/provider/service/smf_spec.rb +6 -5
- data/spec/unit/provider/service/src_spec.rb +5 -10
- data/spec/unit/provider/service/systemd_spec.rb +70 -30
- data/spec/unit/provider/service/upstart_spec.rb +25 -20
- data/spec/unit/provider/service/windows_spec.rb +202 -0
- data/spec/unit/provider/user/directoryservice_spec.rb +67 -35
- data/spec/unit/provider/user/useradd_spec.rb +3 -2
- data/spec/unit/resource/catalog_spec.rb +1 -1
- data/spec/unit/resource/type_collection_spec.rb +16 -0
- data/spec/unit/resource/type_spec.rb +2 -2
- data/spec/unit/settings/config_file_spec.rb +1 -11
- data/spec/unit/settings/value_translator_spec.rb +4 -5
- data/spec/unit/settings_spec.rb +120 -79
- data/spec/unit/ssl/ssl_provider_spec.rb +18 -16
- data/spec/unit/ssl/state_machine_spec.rb +19 -5
- data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
- data/spec/unit/transaction_spec.rb +18 -20
- data/spec/unit/type/exec_spec.rb +76 -29
- data/spec/unit/type/file/selinux_spec.rb +3 -3
- data/spec/unit/type/file/source_spec.rb +4 -4
- data/spec/unit/type/service_spec.rb +59 -188
- data/spec/unit/type/tidy_spec.rb +24 -7
- data/spec/unit/type/user_spec.rb +45 -0
- data/spec/unit/util/at_fork_spec.rb +9 -9
- data/spec/unit/util/ldap/connection_spec.rb +10 -10
- data/spec/unit/util/ldap/manager_spec.rb +2 -2
- data/spec/unit/util/posix_spec.rb +1 -1
- data/spec/unit/util/selinux_spec.rb +87 -16
- data/spec/unit/util/windows/sid_spec.rb +39 -4
- data/spec/unit/util_spec.rb +1 -3
- data/spec/unit/x509/cert_provider_spec.rb +9 -1
- data/tasks/generate_cert_fixtures.rake +12 -3
- metadata +52 -95
- data/ext/README.environment +0 -8
- data/ext/dbfix.sql +0 -132
- data/ext/debian/README.Debian +0 -8
- data/ext/debian/README.source +0 -2
- data/ext/debian/TODO.Debian +0 -1
- data/ext/debian/changelog.erb +0 -1122
- data/ext/debian/compat +0 -1
- data/ext/debian/control +0 -144
- data/ext/debian/copyright +0 -339
- data/ext/debian/docs +0 -1
- data/ext/debian/fileserver.conf +0 -41
- data/ext/debian/puppet-common.dirs +0 -13
- data/ext/debian/puppet-common.install +0 -3
- data/ext/debian/puppet-common.lintian-overrides +0 -5
- data/ext/debian/puppet-common.manpages +0 -28
- data/ext/debian/puppet-common.postinst +0 -35
- data/ext/debian/puppet-common.postrm +0 -33
- data/ext/debian/puppet-el.dirs +0 -1
- data/ext/debian/puppet-el.emacsen-install +0 -25
- data/ext/debian/puppet-el.emacsen-remove +0 -11
- data/ext/debian/puppet-el.emacsen-startup +0 -9
- data/ext/debian/puppet-el.install +0 -1
- data/ext/debian/puppet-testsuite.install +0 -2
- data/ext/debian/puppet-testsuite.lintian-overrides +0 -4
- data/ext/debian/puppet.lintian-overrides +0 -3
- data/ext/debian/puppet.logrotate +0 -20
- data/ext/debian/puppet.postinst +0 -20
- data/ext/debian/puppet.postrm +0 -20
- data/ext/debian/puppet.preinst +0 -20
- data/ext/debian/puppetmaster-common.install +0 -2
- data/ext/debian/puppetmaster-common.manpages +0 -2
- data/ext/debian/puppetmaster-common.postinst +0 -6
- data/ext/debian/puppetmaster-passenger.dirs +0 -4
- data/ext/debian/puppetmaster-passenger.postinst +0 -162
- data/ext/debian/puppetmaster-passenger.postrm +0 -61
- data/ext/debian/puppetmaster.README.debian +0 -17
- data/ext/debian/puppetmaster.default +0 -14
- data/ext/debian/puppetmaster.init +0 -137
- data/ext/debian/puppetmaster.lintian-overrides +0 -3
- data/ext/debian/puppetmaster.postinst +0 -20
- data/ext/debian/puppetmaster.postrm +0 -5
- data/ext/debian/puppetmaster.preinst +0 -22
- data/ext/debian/rules +0 -132
- data/ext/debian/source/format +0 -1
- data/ext/debian/source/options +0 -1
- data/ext/debian/vim-puppet.README.Debian +0 -13
- data/ext/debian/vim-puppet.dirs +0 -5
- data/ext/debian/vim-puppet.yaml +0 -7
- data/ext/debian/watch +0 -2
- data/ext/freebsd/puppetd +0 -26
- data/ext/freebsd/puppetmasterd +0 -26
- data/ext/gentoo/conf.d/puppet +0 -5
- data/ext/gentoo/conf.d/puppetmaster +0 -12
- data/ext/gentoo/init.d/puppet +0 -38
- data/ext/gentoo/init.d/puppetmaster +0 -51
- data/ext/gentoo/puppet/fileserver.conf +0 -41
- data/ext/ips/puppet-agent +0 -44
- data/ext/ips/puppet-master +0 -44
- data/ext/ips/puppet.p5m.erb +0 -12
- data/ext/ips/puppetagent.xml +0 -42
- data/ext/ips/puppetmaster.xml +0 -42
- data/ext/ips/rules +0 -19
- data/ext/ips/transforms +0 -34
- data/ext/ldap/puppet.schema +0 -24
- data/ext/logcheck/puppet +0 -23
- data/ext/osx/file_mapping.yaml +0 -28
- data/ext/osx/postflight.erb +0 -109
- data/ext/osx/preflight.erb +0 -52
- data/ext/osx/prototype.plist.erb +0 -38
- data/ext/redhat/fileserver.conf +0 -41
- data/ext/redhat/logrotate +0 -21
- data/ext/redhat/puppet.spec.erb +0 -841
- data/ext/redhat/server.init +0 -128
- data/ext/redhat/server.sysconfig +0 -13
- data/ext/solaris/pkginfo +0 -6
- data/ext/solaris/smf/puppetd.xml +0 -77
- data/ext/solaris/smf/puppetmasterd.xml +0 -77
- data/ext/solaris/smf/svc-puppetd +0 -71
- data/ext/solaris/smf/svc-puppetmasterd +0 -67
- data/ext/suse/puppet.spec +0 -310
- data/ext/suse/server.init +0 -173
- data/ext/yaml_nodes.rb +0 -105
- data/spec/unit/indirector/store_configs_spec.rb +0 -7
data/man/man5/puppet.conf.5
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "PUPPETCONF" "5" "
|
4
|
+
.TH "PUPPETCONF" "5" "August 2021" "Puppet, Inc." "Puppet manual"
|
5
5
|
\fBThis page is autogenerated; any changes will get overwritten\fR
|
6
6
|
.
|
7
7
|
.SH "Configuration settings"
|
@@ -42,7 +42,7 @@ See the configuration guide \fIhttps://puppet\.com/docs/puppet/latest/config_abo
|
|
42
42
|
A lock file to indicate that a puppet agent catalog run is currently in progress\. The file contains the pid of the process that holds the lock on the catalog run\.
|
43
43
|
.
|
44
44
|
.IP "\(bu" 4
|
45
|
-
\fIDefault\fR: $statedir/agent_catalog_run\.lock
|
45
|
+
\fIDefault\fR: \fB$statedir/agent_catalog_run\.lock\fR
|
46
46
|
.
|
47
47
|
.IP "" 0
|
48
48
|
.
|
@@ -50,7 +50,7 @@ A lock file to indicate that a puppet agent catalog run is currently in progress
|
|
50
50
|
A lock file to indicate that puppet agent runs have been administratively disabled\. File contains a JSON object with state information\.
|
51
51
|
.
|
52
52
|
.IP "\(bu" 4
|
53
|
-
\fIDefault\fR: $statedir/agent_disabled\.lock
|
53
|
+
\fIDefault\fR: \fB$statedir/agent_disabled\.lock\fR
|
54
54
|
.
|
55
55
|
.IP "" 0
|
56
56
|
.
|
@@ -58,7 +58,7 @@ A lock file to indicate that puppet agent runs have been administratively disabl
|
|
58
58
|
Whether to allow a new certificate request to overwrite an existing certificate request\. If true, then the old certificate must be cleaned using \fBpuppetserver ca clean\fR, and the new request signed using \fBpuppetserver ca sign\fR\.
|
59
59
|
.
|
60
60
|
.IP "\(bu" 4
|
61
|
-
\fIDefault\fR:
|
61
|
+
\fIDefault\fR: \fBfalse\fR
|
62
62
|
.
|
63
63
|
.IP "" 0
|
64
64
|
.
|
@@ -69,7 +69,7 @@ Affects how we cache attempts to load Puppet resource types and features\. If tr
|
|
69
69
|
If this setting is set to false, then types and features will only be checked once, and if they are not available, the negative result is cached and returned for all subsequent attempts to load the type or feature\. This behavior is almost always appropriate for the server, and can result in a significant performance improvement for types and features that are checked frequently\.
|
70
70
|
.
|
71
71
|
.IP "\(bu" 4
|
72
|
-
\fIDefault\fR:
|
72
|
+
\fIDefault\fR: \fBtrue\fR
|
73
73
|
.
|
74
74
|
.IP "" 0
|
75
75
|
.
|
@@ -77,12 +77,12 @@ If this setting is set to false, then types and features will only be checked on
|
|
77
77
|
Whether log files should always flush to disk\.
|
78
78
|
.
|
79
79
|
.IP "\(bu" 4
|
80
|
-
\fIDefault\fR:
|
80
|
+
\fIDefault\fR: \fBtrue\fR
|
81
81
|
.
|
82
82
|
.IP "" 0
|
83
83
|
.
|
84
84
|
.SS "autosign"
|
85
|
-
Whether (and how) to autosign certificate requests\. This setting is only relevant on a
|
85
|
+
Whether (and how) to autosign certificate requests\. This setting is only relevant on a Puppet Server acting as a certificate authority (CA)\.
|
86
86
|
.
|
87
87
|
.P
|
88
88
|
Valid values are true (autosigns all certificate requests; not recommended), false (disables autosigning certificates), or the absolute path to a file\.
|
@@ -91,7 +91,7 @@ Valid values are true (autosigns all certificate requests; not recommended), fal
|
|
91
91
|
The file specified in this setting may be either a \fBconfiguration file\fR or a \fBcustom policy executable\.\fR Puppet will automatically determine what it is: If the Puppet user (see the \fBuser\fR setting) can execute the file, it will be treated as a policy executable; otherwise, it will be treated as a config file\.
|
92
92
|
.
|
93
93
|
.P
|
94
|
-
If a custom policy executable is configured, the CA
|
94
|
+
If a custom policy executable is configured, the CA Puppet Server will run it every time it receives a CSR\. The executable will be passed the subject CN of the request \fIas a command line argument,\fR and the contents of the CSR in PEM format \fIon stdin\.\fR It should exit with a status of 0 if the cert should be autosigned and non\-zero if the cert should not be autosigned\.
|
95
95
|
.
|
96
96
|
.P
|
97
97
|
If a certificate request is not autosigned, it will persist for review\. An admin user can use the \fBpuppetserver ca sign\fR command to manually sign it, or can delete the request\.
|
@@ -100,7 +100,7 @@ If a certificate request is not autosigned, it will persist for review\. An admi
|
|
100
100
|
For info on autosign configuration files, see the guide to Puppet\'s config files \fIhttps://puppet\.com/docs/puppet/latest/config_file_autosign\.html\fR\.
|
101
101
|
.
|
102
102
|
.IP "\(bu" 4
|
103
|
-
\fIDefault\fR: $confdir/autosign\.conf
|
103
|
+
\fIDefault\fR: \fB$confdir/autosign\.conf\fR
|
104
104
|
.
|
105
105
|
.IP "" 0
|
106
106
|
.
|
@@ -111,37 +111,39 @@ The search path for \fBglobal\fR modules\. Should be specified as a list of dire
|
|
111
111
|
These are the modules that will be used by \fIall\fR environments\. Note that the \fBmodules\fR directory of the active environment will have priority over any global directories\. For more info, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
|
112
112
|
.
|
113
113
|
.IP "\(bu" 4
|
114
|
-
\fIDefault\fR: $codedir/modules:/opt/puppetlabs/puppet/modules
|
114
|
+
\fIDefault\fR: \fB$codedir/modules:/opt/puppetlabs/puppet/modules\fR
|
115
115
|
.
|
116
116
|
.IP "" 0
|
117
117
|
.
|
118
118
|
.SS "binder_config"
|
119
119
|
The binder configuration file\. Puppet reads this file on each request to configure the bindings system\. If set to nil (the default), a $confdir/binder_config\.yaml is optionally loaded\. If it does not exists, a default configuration is used\. If the setting :binding_config is specified, it must reference a valid and existing yaml file\.
|
120
120
|
.
|
121
|
-
.
|
122
|
-
\fIDefault\fR:
|
123
|
-
|
121
|
+
.IP "\(bu" 4
|
122
|
+
\fIDefault\fR: ``
|
123
|
+
.
|
124
|
+
.IP "" 0
|
124
125
|
.
|
125
126
|
.SS "bucketdir"
|
126
127
|
Where FileBucket files are stored\.
|
127
128
|
.
|
128
129
|
.IP "\(bu" 4
|
129
|
-
\fIDefault\fR: $vardir/bucket
|
130
|
+
\fIDefault\fR: \fB$vardir/bucket\fR
|
130
131
|
.
|
131
132
|
.IP "" 0
|
132
133
|
.
|
133
134
|
.SS "ca_fingerprint"
|
134
135
|
The expected fingerprint of the CA certificate\. If specified, the agent will compare the CA certificate fingerprint that it downloads against this value and reject the CA certificate if the values do not match\. This only applies during the first download of the CA certificate\.
|
135
136
|
.
|
136
|
-
.
|
137
|
-
\fIDefault\fR:
|
138
|
-
|
137
|
+
.IP "\(bu" 4
|
138
|
+
\fIDefault\fR: ``
|
139
|
+
.
|
140
|
+
.IP "" 0
|
139
141
|
.
|
140
142
|
.SS "ca_name"
|
141
143
|
The name to use the Certificate Authority certificate\.
|
142
144
|
.
|
143
145
|
.IP "\(bu" 4
|
144
|
-
\fIDefault\fR:
|
146
|
+
\fIDefault\fR: \fBPuppet CA: $certname\fR
|
145
147
|
.
|
146
148
|
.IP "" 0
|
147
149
|
.
|
@@ -149,7 +151,7 @@ The name to use the Certificate Authority certificate\.
|
|
149
151
|
The port to use for the certificate authority\.
|
150
152
|
.
|
151
153
|
.IP "\(bu" 4
|
152
|
-
\fIDefault\fR: $serverport
|
154
|
+
\fIDefault\fR: \fB$serverport\fR
|
153
155
|
.
|
154
156
|
.IP "" 0
|
155
157
|
.
|
@@ -157,7 +159,7 @@ The port to use for the certificate authority\.
|
|
157
159
|
The server to use for certificate authority requests\. It\'s a separate server because it cannot and does not need to horizontally scale\.
|
158
160
|
.
|
159
161
|
.IP "\(bu" 4
|
160
|
-
\fIDefault\fR: $server
|
162
|
+
\fIDefault\fR: \fB$server\fR
|
161
163
|
.
|
162
164
|
.IP "" 0
|
163
165
|
.
|
@@ -165,7 +167,7 @@ The server to use for certificate authority requests\. It\'s a separate server b
|
|
165
167
|
The default TTL for new certificates\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
166
168
|
.
|
167
169
|
.IP "\(bu" 4
|
168
|
-
\fIDefault\fR:
|
170
|
+
\fIDefault\fR: \fB5y\fR
|
169
171
|
.
|
170
172
|
.IP "" 0
|
171
173
|
.
|
@@ -173,7 +175,7 @@ The default TTL for new certificates\. This setting can be a time interval in se
|
|
173
175
|
The CA certificate\.
|
174
176
|
.
|
175
177
|
.IP "\(bu" 4
|
176
|
-
\fIDefault\fR: $cadir/ca_crt\.pem
|
178
|
+
\fIDefault\fR: \fB$cadir/ca_crt\.pem\fR
|
177
179
|
.
|
178
180
|
.IP "" 0
|
179
181
|
.
|
@@ -181,7 +183,7 @@ The CA certificate\.
|
|
181
183
|
The certificate revocation list (CRL) for the CA\.
|
182
184
|
.
|
183
185
|
.IP "\(bu" 4
|
184
|
-
\fIDefault\fR: $cadir/ca_crl\.pem
|
186
|
+
\fIDefault\fR: \fB$cadir/ca_crl\.pem\fR
|
185
187
|
.
|
186
188
|
.IP "" 0
|
187
189
|
.
|
@@ -189,7 +191,7 @@ The certificate revocation list (CRL) for the CA\.
|
|
189
191
|
The root directory for the certificate authority\.
|
190
192
|
.
|
191
193
|
.IP "\(bu" 4
|
192
|
-
\fIDefault\fR: /etc/puppetlabs/puppetserver/ca
|
194
|
+
\fIDefault\fR: \fB/etc/puppetlabs/puppetserver/ca\fR
|
193
195
|
.
|
194
196
|
.IP "" 0
|
195
197
|
.
|
@@ -197,7 +199,7 @@ The root directory for the certificate authority\.
|
|
197
199
|
The CA private key\.
|
198
200
|
.
|
199
201
|
.IP "\(bu" 4
|
200
|
-
\fIDefault\fR: $cadir/ca_key\.pem
|
202
|
+
\fIDefault\fR: \fB$cadir/ca_key\.pem\fR
|
201
203
|
.
|
202
204
|
.IP "" 0
|
203
205
|
.
|
@@ -205,22 +207,23 @@ The CA private key\.
|
|
205
207
|
The CA public key\.
|
206
208
|
.
|
207
209
|
.IP "\(bu" 4
|
208
|
-
\fIDefault\fR: $cadir/ca_pub\.pem
|
210
|
+
\fIDefault\fR: \fB$cadir/ca_pub\.pem\fR
|
209
211
|
.
|
210
212
|
.IP "" 0
|
211
213
|
.
|
212
214
|
.SS "catalog_cache_terminus"
|
213
215
|
How to store cached catalogs\. Valid values are \'json\', \'msgpack\' and \'yaml\'\. The agent application defaults to \'json\'\.
|
214
216
|
.
|
215
|
-
.
|
216
|
-
\fIDefault\fR:
|
217
|
-
|
217
|
+
.IP "\(bu" 4
|
218
|
+
\fIDefault\fR: ``
|
219
|
+
.
|
220
|
+
.IP "" 0
|
218
221
|
.
|
219
222
|
.SS "catalog_terminus"
|
220
223
|
Where to get node catalogs\. This is useful to change if, for instance, you\'d like to pre\-compile catalogs and store them in memcached or some other easily\-accessed store\.
|
221
224
|
.
|
222
225
|
.IP "\(bu" 4
|
223
|
-
\fIDefault\fR:
|
226
|
+
\fIDefault\fR: \fBcompiler\fR
|
224
227
|
.
|
225
228
|
.IP "" 0
|
226
229
|
.
|
@@ -228,7 +231,7 @@ Where to get node catalogs\. This is useful to change if, for instance, you\'d l
|
|
228
231
|
The inventory file\. This is a text file to which the CA writes a complete listing of all certificates\.
|
229
232
|
.
|
230
233
|
.IP "\(bu" 4
|
231
|
-
\fIDefault\fR: $cadir/inventory\.txt
|
234
|
+
\fIDefault\fR: \fB$cadir/inventory\.txt\fR
|
232
235
|
.
|
233
236
|
.IP "" 0
|
234
237
|
.
|
@@ -236,7 +239,7 @@ The inventory file\. This is a text file to which the CA writes a complete listi
|
|
236
239
|
The certificate directory\.
|
237
240
|
.
|
238
241
|
.IP "\(bu" 4
|
239
|
-
\fIDefault\fR: $ssldir/certs
|
242
|
+
\fIDefault\fR: \fB$ssldir/certs\fR
|
240
243
|
.
|
241
244
|
.IP "" 0
|
242
245
|
.
|
@@ -256,12 +259,12 @@ When certificate_revocation is set to \'leaf\', Puppet verifies certs against th
|
|
256
259
|
When certificate_revocation is set to \'false\', Puppet disables all certificate revocation checking and does not attempt to download the CRL\.
|
257
260
|
.
|
258
261
|
.IP "\(bu" 4
|
259
|
-
\fIDefault\fR:
|
262
|
+
\fIDefault\fR: \fBchain\fR
|
260
263
|
.
|
261
264
|
.IP "" 0
|
262
265
|
.
|
263
266
|
.SS "certname"
|
264
|
-
The name to use when handling certificates\. When a node requests a certificate from the CA
|
267
|
+
The name to use when handling certificates\. When a node requests a certificate from the CA Puppet Server, it uses the value of the \fBcertname\fR setting as its requested Subject CN\.
|
265
268
|
.
|
266
269
|
.P
|
267
270
|
This is the name used when managing a node\'s permissions in Puppet Server\'s auth\.conf \fIhttps://puppet\.com/docs/puppetserver/latest/config_file_auth\.html\fR\. In most cases, it is also used as the node\'s name when matching node definitions \fIhttps://puppet\.com/docs/puppet/latest/lang_node_definitions\.html\fR and requesting data from an ENC\. (This can be changed with the \fBnode_name_value\fR and \fBnode_name_fact\fR settings, although you should only do so if you have a compelling reason\.)
|
@@ -284,7 +287,7 @@ The special value \fBca\fR is reserved, and can\'t be used as the certname for a
|
|
284
287
|
Defaults to the node\'s fully qualified domain name\.
|
285
288
|
.
|
286
289
|
.IP "\(bu" 4
|
287
|
-
\fIDefault\fR:
|
290
|
+
\fIDefault\fR: \fBthe Host\'s fully qualified domain name, as determined by Facter\fR
|
288
291
|
.
|
289
292
|
.IP "" 0
|
290
293
|
.
|
@@ -292,7 +295,7 @@ Defaults to the node\'s fully qualified domain name\.
|
|
292
295
|
The list of ciphersuites for TLS connections initiated by puppet\. The default value is chosen to support TLS 1\.0 and up, but can be made more restrictive if needed\. The ciphersuites must be specified in OpenSSL format, not IANA\.
|
293
296
|
.
|
294
297
|
.IP "\(bu" 4
|
295
|
-
\fIDefault\fR:
|
298
|
+
\fIDefault\fR: \fBECDHE\-ECDSA\-AES128\-GCM\-SHA256:ECDHE\-RSA\-AES128\-GCM\-SHA256:ECDHE\-ECDSA\-AES256\-GCM\-SHA384:ECDHE\-RSA\-AES256\-GCM\-SHA384:ECDHE\-ECDSA\-CHACHA20\-POLY1305:ECDHE\-RSA\-CHACHA20\-POLY1305:DHE\-RSA\-AES128\-GCM\-SHA256:DHE\-RSA\-AES256\-GCM\-SHA384:DHE\-RSA\-CHACHA20\-POLY1305:ECDHE\-ECDSA\-AES128\-SHA256:ECDHE\-RSA\-AES128\-SHA256:ECDHE\-ECDSA\-AES128\-SHA:ECDHE\-RSA\-AES128\-SHA:ECDHE\-ECDSA\-AES256\-SHA384:ECDHE\-RSA\-AES256\-SHA384:ECDHE\-ECDSA\-AES256\-SHA:ECDHE\-RSA\-AES256\-SHA:DHE\-RSA\-AES128\-SHA256:DHE\-RSA\-AES256\-SHA256:AES128\-GCM\-SHA256:AES256\-GCM\-SHA384:AES128\-SHA256:AES256\-SHA256\fR
|
296
299
|
.
|
297
300
|
.IP "" 0
|
298
301
|
.
|
@@ -300,7 +303,7 @@ The list of ciphersuites for TLS connections initiated by puppet\. The default v
|
|
300
303
|
The file in which puppet agent stores a list of the classes associated with the retrieved configuration\. Can be loaded in the separate \fBpuppet\fR executable using the \fB\-\-loadclasses\fR option\.
|
301
304
|
.
|
302
305
|
.IP "\(bu" 4
|
303
|
-
\fIDefault\fR: $statedir/classes\.txt
|
306
|
+
\fIDefault\fR: \fB$statedir/classes\.txt\fR
|
304
307
|
.
|
305
308
|
.IP "" 0
|
306
309
|
.
|
@@ -308,7 +311,7 @@ The file in which puppet agent stores a list of the classes associated with the
|
|
308
311
|
The directory in which serialized data is stored on the client\.
|
309
312
|
.
|
310
313
|
.IP "\(bu" 4
|
311
|
-
\fIDefault\fR: $vardir/client_data
|
314
|
+
\fIDefault\fR: \fB$vardir/client_data\fR
|
312
315
|
.
|
313
316
|
.IP "" 0
|
314
317
|
.
|
@@ -316,7 +319,7 @@ The directory in which serialized data is stored on the client\.
|
|
316
319
|
Where FileBucket files are stored locally\.
|
317
320
|
.
|
318
321
|
.IP "\(bu" 4
|
319
|
-
\fIDefault\fR: $vardir/clientbucket
|
322
|
+
\fIDefault\fR: \fB$vardir/clientbucket\fR
|
320
323
|
.
|
321
324
|
.IP "" 0
|
322
325
|
.
|
@@ -324,7 +327,7 @@ Where FileBucket files are stored locally\.
|
|
324
327
|
The directory in which client\-side YAML data is stored\.
|
325
328
|
.
|
326
329
|
.IP "\(bu" 4
|
327
|
-
\fIDefault\fR: $vardir/client_yaml
|
330
|
+
\fIDefault\fR: \fB$vardir/client_yaml\fR
|
328
331
|
.
|
329
332
|
.IP "" 0
|
330
333
|
.
|
@@ -335,7 +338,7 @@ Code to parse directly\. This is essentially only used by \fBpuppet\fR, and shou
|
|
335
338
|
The main Puppet code directory\. The default for this setting is calculated based on the user\. If the process is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it\'s running as any other user, it defaults to being in the user\'s home directory\.
|
336
339
|
.
|
337
340
|
.IP "\(bu" 4
|
338
|
-
\fIDefault\fR:
|
341
|
+
\fIDefault\fR: \fBUnix/Linux: /etc/puppetlabs/code \-\- Windows: C:\eProgramData\ePuppetLabs\ecode \-\- Non\-root user: ~/\.puppetlabs/etc/code\fR
|
339
342
|
.
|
340
343
|
.IP "" 0
|
341
344
|
.
|
@@ -343,7 +346,7 @@ The main Puppet code directory\. The default for this setting is calculated base
|
|
343
346
|
Whether to use colors when logging to the console\. Valid values are \fBansi\fR (equivalent to \fBtrue\fR), \fBhtml\fR, and \fBfalse\fR, which produces no color\.
|
344
347
|
.
|
345
348
|
.IP "\(bu" 4
|
346
|
-
\fIDefault\fR:
|
349
|
+
\fIDefault\fR: \fBansi\fR
|
347
350
|
.
|
348
351
|
.IP "" 0
|
349
352
|
.
|
@@ -351,7 +354,7 @@ Whether to use colors when logging to the console\. Valid values are \fBansi\fR
|
|
351
354
|
The main Puppet configuration directory\. The default for this setting is calculated based on the user\. If the process is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it\'s running as any other user, it defaults to being in the user\'s home directory\.
|
352
355
|
.
|
353
356
|
.IP "\(bu" 4
|
354
|
-
\fIDefault\fR:
|
357
|
+
\fIDefault\fR: \fBUnix/Linux: /etc/puppetlabs/puppet \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\eetc \-\- Non\-root user: ~/\.puppetlabs/etc/puppet\fR
|
355
358
|
.
|
356
359
|
.IP "" 0
|
357
360
|
.
|
@@ -359,7 +362,7 @@ The main Puppet configuration directory\. The default for this setting is calcul
|
|
359
362
|
The configuration file for the current puppet application\.
|
360
363
|
.
|
361
364
|
.IP "\(bu" 4
|
362
|
-
\fIDefault\fR: $confdir/${config_file_name}
|
365
|
+
\fIDefault\fR: \fB$confdir/${config_file_name}\fR
|
363
366
|
.
|
364
367
|
.IP "" 0
|
365
368
|
.
|
@@ -367,7 +370,7 @@ The configuration file for the current puppet application\.
|
|
367
370
|
The name of the puppet config file\.
|
368
371
|
.
|
369
372
|
.IP "\(bu" 4
|
370
|
-
\fIDefault\fR:
|
373
|
+
\fIDefault\fR: \fBpuppet\.conf\fR
|
371
374
|
.
|
372
375
|
.IP "" 0
|
373
376
|
.
|
@@ -389,12 +392,13 @@ In general, the duration should be greater than the \fBruninterval\fR\. Setting
|
|
389
392
|
.P
|
390
393
|
If the agent downloads a new CRL, the agent will use it for subsequent network requests\. If the refresh request fails or if the CRL is unchanged on the server, then the agent run will continue using the local CRL it already has\.This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
391
394
|
.
|
392
|
-
.
|
393
|
-
\fIDefault\fR:
|
394
|
-
|
395
|
+
.IP "\(bu" 4
|
396
|
+
\fIDefault\fR: ``
|
397
|
+
.
|
398
|
+
.IP "" 0
|
395
399
|
.
|
396
400
|
.SS "csr_attributes"
|
397
|
-
An optional file containing custom attributes to add to certificate signing requests (CSRs)\. You should ensure that this file does not exist on your CA
|
401
|
+
An optional file containing custom attributes to add to certificate signing requests (CSRs)\. You should ensure that this file does not exist on your CA Puppet Server; if it does, unwanted certificate extensions may leak into certificates created with the \fBpuppetserver ca generate\fR command\.
|
398
402
|
.
|
399
403
|
.P
|
400
404
|
If present, this file must be a YAML hash containing a \fBcustom_attributes\fR key and/or an \fBextension_requests\fR key\. The value of each key must be a hash, where each key is a valid OID and each value is an object that can be cast to a string\.
|
@@ -406,7 +410,7 @@ Custom attributes can be used by the CA when deciding whether to sign the certif
|
|
406
410
|
Extension requests will be permanently embedded in the final certificate\. Extension OIDs must be in the "ppRegCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.1\fR), "ppPrivCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.2\fR), or "ppAuthCertExt" (\fB1\.3\.6\.1\.4\.1\.34380\.1\.3\fR) OID arcs\. The ppRegCertExt arc is reserved for four of the most common pieces of data to embed: \fBpp_uuid\fR (\fB\.1\fR), \fBpp_instance_id\fR (\fB\.2\fR), \fBpp_image_name\fR (\fB\.3\fR), and \fBpp_preshared_key\fR (\fB\.4\fR) \-\-\- in the YAML file, these can be referred to by their short descriptive names instead of their full OID\. The ppPrivCertExt arc is unregulated, and can be used for site\-specific extensions\. The ppAuthCert arc is reserved for two pieces of data to embed: \fBpp_authorization\fR (\fB\.1\fR) and \fBpp_auth_role\fR (\fB\.13\fR)\. As with ppRegCertExt, in the YAML file, these can be referred to by their short descriptive name instead of their full OID\.
|
407
411
|
.
|
408
412
|
.IP "\(bu" 4
|
409
|
-
\fIDefault\fR: $confdir/csr_attributes\.yaml
|
413
|
+
\fIDefault\fR: \fB$confdir/csr_attributes\.yaml\fR
|
410
414
|
.
|
411
415
|
.IP "" 0
|
412
416
|
.
|
@@ -414,7 +418,7 @@ Extension requests will be permanently embedded in the final certificate\. Exten
|
|
414
418
|
Where the CA stores certificate requests\.
|
415
419
|
.
|
416
420
|
.IP "\(bu" 4
|
417
|
-
\fIDefault\fR: $cadir/requests
|
421
|
+
\fIDefault\fR: \fB$cadir/requests\fR
|
418
422
|
.
|
419
423
|
.IP "" 0
|
420
424
|
.
|
@@ -422,7 +426,7 @@ Where the CA stores certificate requests\.
|
|
422
426
|
Whether to send the process into the background\. This defaults to true on POSIX systems, and to false on Windows (where Puppet currently cannot daemonize)\.
|
423
427
|
.
|
424
428
|
.IP "\(bu" 4
|
425
|
-
\fIDefault\fR:
|
429
|
+
\fIDefault\fR: \fBtrue\fR
|
426
430
|
.
|
427
431
|
.IP "" 0
|
428
432
|
.
|
@@ -430,7 +434,7 @@ Whether to send the process into the background\. This defaults to true on POSIX
|
|
430
434
|
This setting has been deprecated\. Use of any value other than \'hiera\' should instead be configured in a version 5 hiera\.yaml\. Until this setting is removed, it controls which data binding terminus to use for global automatic data binding (across all environments)\. By default this value is \'hiera\'\. A value of \'none\' turns off the global binding\.
|
431
435
|
.
|
432
436
|
.IP "\(bu" 4
|
433
|
-
\fIDefault\fR:
|
437
|
+
\fIDefault\fR: \fBhiera\fR
|
434
438
|
.
|
435
439
|
.IP "" 0
|
436
440
|
.
|
@@ -438,7 +442,7 @@ This setting has been deprecated\. Use of any value other than \'hiera\' should
|
|
438
442
|
The default source for files if no server is given in a uri, e\.g\. puppet:///file\. The default of \fBrest\fR causes the file to be retrieved using the \fBserver\fR setting\. When running \fBapply\fR the default is \fBfile_server\fR, causing requests to be filled locally\.
|
439
443
|
.
|
440
444
|
.IP "\(bu" 4
|
441
|
-
\fIDefault\fR:
|
445
|
+
\fIDefault\fR: \fBrest\fR
|
442
446
|
.
|
443
447
|
.IP "" 0
|
444
448
|
.
|
@@ -452,7 +456,7 @@ This setting\'s value can be an absolute or relative path\. An absolute path wil
|
|
452
456
|
In either case, the path can point to a single file or to a directory of manifests to be evaluated in alphabetical order\.
|
453
457
|
.
|
454
458
|
.IP "\(bu" 4
|
455
|
-
\fIDefault\fR: \./manifests
|
459
|
+
\fIDefault\fR: \fB\./manifests\fR
|
456
460
|
.
|
457
461
|
.IP "" 0
|
458
462
|
.
|
@@ -460,7 +464,7 @@ In either case, the path can point to a single file or to a directory of manifes
|
|
460
464
|
Boolean; whether to generate the default schedule resources\. Setting this to false is useful for keeping external report processors clean of skipped schedule resources\.
|
461
465
|
.
|
462
466
|
.IP "\(bu" 4
|
463
|
-
\fIDefault\fR:
|
467
|
+
\fIDefault\fR: \fBtrue\fR
|
464
468
|
.
|
465
469
|
.IP "" 0
|
466
470
|
.
|
@@ -468,7 +472,7 @@ Boolean; whether to generate the default schedule resources\. Setting this to fa
|
|
468
472
|
The root directory of devices\' $confdir\.
|
469
473
|
.
|
470
474
|
.IP "\(bu" 4
|
471
|
-
\fIDefault\fR: $confdir/devices
|
475
|
+
\fIDefault\fR: \fB$confdir/devices\fR
|
472
476
|
.
|
473
477
|
.IP "" 0
|
474
478
|
.
|
@@ -476,7 +480,7 @@ The root directory of devices\' $confdir\.
|
|
476
480
|
Path to the device config file for puppet device\.
|
477
481
|
.
|
478
482
|
.IP "\(bu" 4
|
479
|
-
\fIDefault\fR: $confdir/device\.conf
|
483
|
+
\fIDefault\fR: \fB$confdir/device\.conf\fR
|
480
484
|
.
|
481
485
|
.IP "" 0
|
482
486
|
.
|
@@ -484,7 +488,7 @@ Path to the device config file for puppet device\.
|
|
484
488
|
The root directory of devices\' $vardir\.
|
485
489
|
.
|
486
490
|
.IP "\(bu" 4
|
487
|
-
\fIDefault\fR: $vardir/devices
|
491
|
+
\fIDefault\fR: \fB$vardir/devices\fR
|
488
492
|
.
|
489
493
|
.IP "" 0
|
490
494
|
.
|
@@ -492,7 +496,7 @@ The root directory of devices\' $vardir\.
|
|
492
496
|
Which diff command to use when printing differences between files\. This setting has no default value on Windows, as standard \fBdiff\fR is not available, but Puppet can use many third\-party diff tools\.
|
493
497
|
.
|
494
498
|
.IP "\(bu" 4
|
495
|
-
\fIDefault\fR:
|
499
|
+
\fIDefault\fR: \fBdiff\fR
|
496
500
|
.
|
497
501
|
.IP "" 0
|
498
502
|
.
|
@@ -500,7 +504,7 @@ Which diff command to use when printing differences between files\. This setting
|
|
500
504
|
Which arguments to pass to the diff command when printing differences between files\. The command to use can be chosen with the \fBdiff\fR setting\.
|
501
505
|
.
|
502
506
|
.IP "\(bu" 4
|
503
|
-
\fIDefault\fR: \-u
|
507
|
+
\fIDefault\fR: \fB\-u\fR
|
504
508
|
.
|
505
509
|
.IP "" 0
|
506
510
|
.
|
@@ -508,7 +512,7 @@ Which arguments to pass to the diff command when printing differences between fi
|
|
508
512
|
Which digest algorithm to use for file resources and the filebucket\. Valid values are sha256, sha384, sha512, sha224, md5\. Default is sha256\.
|
509
513
|
.
|
510
514
|
.IP "\(bu" 4
|
511
|
-
\fIDefault\fR:
|
515
|
+
\fIDefault\fR: \fBsha256\fR
|
512
516
|
.
|
513
517
|
.IP "" 0
|
514
518
|
.
|
@@ -516,7 +520,7 @@ Which digest algorithm to use for file resources and the filebucket\. Valid valu
|
|
516
520
|
If true, turns off all translations of Puppet and module log messages, which affects error, warning, and info log messages, as well as any translations in the report and CLI\.
|
517
521
|
.
|
518
522
|
.IP "\(bu" 4
|
519
|
-
\fIDefault\fR:
|
523
|
+
\fIDefault\fR: \fBtrue\fR
|
520
524
|
.
|
521
525
|
.IP "" 0
|
522
526
|
.
|
@@ -527,7 +531,7 @@ Whether to disallow an environment\-specific main manifest\. When set to \fBtrue
|
|
527
531
|
This setting requires \fBdefault_manifest\fR to be set to an absolute path\.
|
528
532
|
.
|
529
533
|
.IP "\(bu" 4
|
530
|
-
\fIDefault\fR:
|
534
|
+
\fIDefault\fR: \fBfalse\fR
|
531
535
|
.
|
532
536
|
.IP "" 0
|
533
537
|
.
|
@@ -550,7 +554,7 @@ Valid values for this setting are:
|
|
550
554
|
\fBundefined_resources\fR \-\-\- disables warnings about non existing resources\.
|
551
555
|
.
|
552
556
|
.IP "\(bu" 4
|
553
|
-
\fIDefault\fR: []
|
557
|
+
\fIDefault\fR: \fB[]\fR
|
554
558
|
.
|
555
559
|
.IP "" 0
|
556
560
|
.
|
@@ -561,7 +565,7 @@ A comma\-separated list of alternate DNS names for Puppet Server\. These are ext
|
|
561
565
|
In order to handle agent requests at a given hostname (like "puppet\.example\.com"), Puppet Server needs a certificate that proves it\'s allowed to use that name; if a server shows a certificate that doesn\'t include its hostname, Puppet agents will refuse to trust it\. If you use a single hostname for Puppet traffic but load\-balance it to multiple Puppet Servers, each of those servers needs to include the official hostname in its list of extra names\.
|
562
566
|
.
|
563
567
|
.P
|
564
|
-
\fBNote:\fR The list of alternate names is locked in when the server\'s certificate is signed\. If you need to change the list later, you can\'t just change this setting; you also need to regenerate the certificate\. For more information on that process, see the
|
568
|
+
\fBNote:\fR The list of alternate names is locked in when the server\'s certificate is signed\. If you need to change the list later, you can\'t just change this setting; you also need to regenerate the certificate\. For more information on that process, see the cert regen docs \fIhttps://puppet\.com/docs/puppet/latest/ssl_regenerate_certificates\.html\fR\.
|
565
569
|
.
|
566
570
|
.P
|
567
571
|
To see all the alternate names your servers are using, log into your CA server and run \fBpuppetserver ca list \-\-all\fR, then check the output for \fB(alt names: \.\.\.)\fR\. Most agent nodes should NOT have alternate names; the only certs that should have them are Puppet Server nodes that you want other agents to trust\.
|
@@ -570,15 +574,15 @@ To see all the alternate names your servers are using, log into your CA server a
|
|
570
574
|
Whether to document all resources when using \fBpuppet doc\fR to generate manifest documentation\.
|
571
575
|
.
|
572
576
|
.IP "\(bu" 4
|
573
|
-
\fIDefault\fR:
|
577
|
+
\fIDefault\fR: \fBfalse\fR
|
574
578
|
.
|
575
579
|
.IP "" 0
|
576
580
|
.
|
577
581
|
.SS "environment"
|
578
|
-
The environment in which Puppet is running\. For clients, such as \fBpuppet agent\fR, this determines the environment itself, which Puppet uses to find modules and much more\. For servers, such as \fBpuppet
|
582
|
+
The environment in which Puppet is running\. For clients, such as \fBpuppet agent\fR, this determines the environment itself, which Puppet uses to find modules and much more\. For servers, such as \fBpuppet server\fR, this provides the default environment for nodes that Puppet knows nothing about\.
|
579
583
|
.
|
580
584
|
.P
|
581
|
-
When defining an environment in the \fB[agent]\fR section, this refers to the environment that the agent requests from the
|
585
|
+
When defining an environment in the \fB[agent]\fR section, this refers to the environment that the agent requests from the primary server\. The environment doesn\'t have to exist on the local filesystem because the agent fetches it from the primary server\. This definition is used when running \fBpuppet agent\fR\.
|
582
586
|
.
|
583
587
|
.P
|
584
588
|
When defined in the \fB[user]\fR section, the environment refers to the path that Puppet uses to search for code and modules related to its execution\. This requires the environment to exist locally on the filesystem where puppet is being executed\. Puppet subcommands, including \fBpuppet module\fR and \fBpuppet apply\fR, use this definition\.
|
@@ -587,16 +591,17 @@ When defined in the \fB[user]\fR section, the environment refers to the path tha
|
|
587
591
|
Given that the context and effects vary depending on the config section \fIhttps://puppet\.com/docs/puppet/latest/config_file_main\.html#config\-sections\fR in which the \fBenvironment\fR setting is defined, do not set it globally\.
|
588
592
|
.
|
589
593
|
.IP "\(bu" 4
|
590
|
-
\fIDefault\fR:
|
594
|
+
\fIDefault\fR: \fBproduction\fR
|
591
595
|
.
|
592
596
|
.IP "" 0
|
593
597
|
.
|
594
598
|
.SS "environment_data_provider"
|
595
599
|
The name of a registered environment data provider used when obtaining environment specific data\. The three built in and registered providers are \'none\' (no data), \'function\' (data obtained by calling the function \'environment::data()\') and \'hiera\' (data obtained using a data provider configured using a hiera\.yaml file in root of the environment)\. Other environment data providers may be registered in modules on the module path\. For such custom data providers see the respective module documentation\. This setting is deprecated\.
|
596
600
|
.
|
597
|
-
.
|
598
|
-
\fIDefault\fR:
|
599
|
-
|
601
|
+
.IP "\(bu" 4
|
602
|
+
\fIDefault\fR: ``
|
603
|
+
.
|
604
|
+
.IP "" 0
|
600
605
|
.
|
601
606
|
.SS "environment_timeout"
|
602
607
|
How long the Puppet server should cache data it loads from an environment\.
|
@@ -619,7 +624,7 @@ Setting this to a number that will keep your most actively used environments cac
|
|
619
624
|
Once you set \fBenvironment_timeout\fR to a non\-zero value, you need to tell Puppet server to read new code from disk using the \fBenvironment\-cache\fR API endpoint after you deploy new code\. See the docs for the Puppet Server administrative API \fIhttps://puppet\.com/docs/puppetserver/latest/admin\-api/v1/environment\-cache\.html\fR\.
|
620
625
|
.
|
621
626
|
.IP "\(bu" 4
|
622
|
-
\fIDefault\fR:
|
627
|
+
\fIDefault\fR: \fB0\fR
|
623
628
|
.
|
624
629
|
.IP "" 0
|
625
630
|
.
|
@@ -630,7 +635,7 @@ A search path for directory environments, as a list of directories separated by
|
|
630
635
|
This setting must have a value set to enable \fBdirectory environments\.\fR The recommended value is \fB$codedir/environments\fR\. For more details, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
|
631
636
|
.
|
632
637
|
.IP "\(bu" 4
|
633
|
-
\fIDefault\fR: $codedir/environments
|
638
|
+
\fIDefault\fR: \fB$codedir/environments\fR
|
634
639
|
.
|
635
640
|
.IP "" 0
|
636
641
|
.
|
@@ -638,7 +643,7 @@ This setting must have a value set to enable \fBdirectory environments\.\fR The
|
|
638
643
|
Whether each resource should log when it is being evaluated\. This allows you to interactively see exactly what is being done\.
|
639
644
|
.
|
640
645
|
.IP "\(bu" 4
|
641
|
-
\fIDefault\fR:
|
646
|
+
\fIDefault\fR: \fBfalse\fR
|
642
647
|
.
|
643
648
|
.IP "" 0
|
644
649
|
.
|
@@ -680,7 +685,23 @@ Generally, an ENC script makes requests to an external data source\.
|
|
680
685
|
For more info, see the ENC documentation \fIhttps://puppet\.com/docs/puppet/latest/nodes_external\.html\fR\.
|
681
686
|
.
|
682
687
|
.IP "\(bu" 4
|
683
|
-
\fIDefault\fR:
|
688
|
+
\fIDefault\fR: \fBnone\fR
|
689
|
+
.
|
690
|
+
.IP "" 0
|
691
|
+
.
|
692
|
+
.SS "fact_name_length_soft_limit"
|
693
|
+
The soft limit for the length of a fact name\.
|
694
|
+
.
|
695
|
+
.IP "\(bu" 4
|
696
|
+
\fIDefault\fR: \fB2560\fR
|
697
|
+
.
|
698
|
+
.IP "" 0
|
699
|
+
.
|
700
|
+
.SS "fact_value_length_soft_limit"
|
701
|
+
The soft limit for the length of a fact value\.
|
702
|
+
.
|
703
|
+
.IP "\(bu" 4
|
704
|
+
\fIDefault\fR: \fB4096\fR
|
684
705
|
.
|
685
706
|
.IP "" 0
|
686
707
|
.
|
@@ -688,7 +709,7 @@ For more info, see the ENC documentation \fIhttps://puppet\.com/docs/puppet/late
|
|
688
709
|
Where Puppet should look for facts\. Multiple directories should be separated by the system path separator character\. (The POSIX path separator is \':\', and the Windows path separator is \';\'\.)
|
689
710
|
.
|
690
711
|
.IP "\(bu" 4
|
691
|
-
\fIDefault\fR: $vardir/lib/facter:$vardir/facts
|
712
|
+
\fIDefault\fR: \fB$vardir/lib/facter:$vardir/facts\fR
|
692
713
|
.
|
693
714
|
.IP "" 0
|
694
715
|
.
|
@@ -696,7 +717,7 @@ Where Puppet should look for facts\. Multiple directories should be separated by
|
|
696
717
|
The node facts terminus\.
|
697
718
|
.
|
698
719
|
.IP "\(bu" 4
|
699
|
-
\fIDefault\fR:
|
720
|
+
\fIDefault\fR: \fBfacter\fR
|
700
721
|
.
|
701
722
|
.IP "" 0
|
702
723
|
.
|
@@ -704,7 +725,7 @@ The node facts terminus\.
|
|
704
725
|
Where the fileserver configuration is stored\.
|
705
726
|
.
|
706
727
|
.IP "\(bu" 4
|
707
|
-
\fIDefault\fR: $confdir/fileserver\.conf
|
728
|
+
\fIDefault\fR: \fB$confdir/fileserver\.conf\fR
|
708
729
|
.
|
709
730
|
.IP "" 0
|
710
731
|
.
|
@@ -712,22 +733,23 @@ Where the fileserver configuration is stored\.
|
|
712
733
|
The minimum time to wait between checking for updates in configuration files\. This timeout determines how quickly Puppet checks whether a file (such as manifests or puppet\.conf) has changed on disk\. The default will change in a future release to be \'unlimited\', requiring a reload of the Puppet service to pick up changes to its internal configuration\. Currently we do not accept a value of \'unlimited\'\. To reparse files within an environment in Puppet Server please use the environment_cache endpoint
|
713
734
|
.
|
714
735
|
.IP "\(bu" 4
|
715
|
-
\fIDefault\fR:
|
736
|
+
\fIDefault\fR: \fB15s\fR
|
716
737
|
.
|
717
738
|
.IP "" 0
|
718
739
|
.
|
719
740
|
.SS "forge_authorization"
|
720
741
|
The authorization key to connect to the Puppet Forge\. Leave blank for unauthorized or license based connections
|
721
742
|
.
|
722
|
-
.
|
723
|
-
\fIDefault\fR:
|
724
|
-
|
743
|
+
.IP "\(bu" 4
|
744
|
+
\fIDefault\fR: ``
|
745
|
+
.
|
746
|
+
.IP "" 0
|
725
747
|
.
|
726
748
|
.SS "freeze_main"
|
727
749
|
Freezes the \'main\' class, disallowing any code to be added to it\. This essentially means that you can\'t have any code outside of a node, class, or definition other than in the site manifest\.
|
728
750
|
.
|
729
751
|
.IP "\(bu" 4
|
730
|
-
\fIDefault\fR:
|
752
|
+
\fIDefault\fR: \fBfalse\fR
|
731
753
|
.
|
732
754
|
.IP "" 0
|
733
755
|
.
|
@@ -735,7 +757,7 @@ Freezes the \'main\' class, disallowing any code to be added to it\. This essent
|
|
735
757
|
When true, causes Puppet applications to print an example config file to stdout and exit\. The example will include descriptions of each setting, and the current (or default) value of each setting, incorporating any settings overridden on the CLI (with the exception of \fBgenconfig\fR itself)\. This setting only makes sense when specified on the command line as \fB\-\-genconfig\fR\.
|
736
758
|
.
|
737
759
|
.IP "\(bu" 4
|
738
|
-
\fIDefault\fR:
|
760
|
+
\fIDefault\fR: \fBfalse\fR
|
739
761
|
.
|
740
762
|
.IP "" 0
|
741
763
|
.
|
@@ -743,7 +765,7 @@ When true, causes Puppet applications to print an example config file to stdout
|
|
743
765
|
Whether to just print a manifest to stdout and exit\. Only makes sense when specified on the command line as \fB\-\-genmanifest\fR\. Takes into account arguments specified on the CLI\.
|
744
766
|
.
|
745
767
|
.IP "\(bu" 4
|
746
|
-
\fIDefault\fR:
|
768
|
+
\fIDefault\fR: \fBfalse\fR
|
747
769
|
.
|
748
770
|
.IP "" 0
|
749
771
|
.
|
@@ -760,7 +782,7 @@ The \fBgraphdir\fR setting determines where Puppet will save graphs\. Note that
|
|
760
782
|
See your graphing software\'s documentation for details on opening \.dot files\. If you\'re using GraphViz\'s \fBdot\fR command, you can do a quick PNG render with \fBdot \-Tpng <DOT FILE> \-o <OUTPUT FILE>\fR\.
|
761
783
|
.
|
762
784
|
.IP "\(bu" 4
|
763
|
-
\fIDefault\fR:
|
785
|
+
\fIDefault\fR: \fBfalse\fR
|
764
786
|
.
|
765
787
|
.IP "" 0
|
766
788
|
.
|
@@ -768,7 +790,7 @@ See your graphing software\'s documentation for details on opening \.dot files\.
|
|
768
790
|
Where to save \.dot\-format graphs (when the \fBgraph\fR setting is enabled)\.
|
769
791
|
.
|
770
792
|
.IP "\(bu" 4
|
771
|
-
\fIDefault\fR: $statedir/graphs
|
793
|
+
\fIDefault\fR: \fB$statedir/graphs\fR
|
772
794
|
.
|
773
795
|
.IP "" 0
|
774
796
|
.
|
@@ -776,7 +798,7 @@ Where to save \.dot\-format graphs (when the \fBgraph\fR setting is enabled)\.
|
|
776
798
|
The group Puppet Server will run as\. Used to ensure the agent side processes (agent, apply, etc) create files and directories readable by Puppet Server when necessary\.
|
777
799
|
.
|
778
800
|
.IP "\(bu" 4
|
779
|
-
\fIDefault\fR:
|
801
|
+
\fIDefault\fR: \fBpuppet\fR
|
780
802
|
.
|
781
803
|
.IP "" 0
|
782
804
|
.
|
@@ -784,7 +806,7 @@ The group Puppet Server will run as\. Used to ensure the agent side processes (a
|
|
784
806
|
The hiera configuration file\. Puppet only reads this file on startup, so you must restart the puppet server every time you edit it\.
|
785
807
|
.
|
786
808
|
.IP "\(bu" 4
|
787
|
-
\fIDefault\fR: $confdir/hiera\.yaml\. However, for backwards compatibility, if a file exists at $codedir/hiera\.yaml, Puppet uses that instead
|
809
|
+
\fIDefault\fR: \fB$confdir/hiera\.yaml\. However, for backwards compatibility, if a file exists at $codedir/hiera\.yaml, Puppet uses that instead\.\fR
|
788
810
|
.
|
789
811
|
.IP "" 0
|
790
812
|
.
|
@@ -792,7 +814,7 @@ The hiera configuration file\. Puppet only reads this file on startup, so you mu
|
|
792
814
|
Where individual hosts store and look for their certificates\.
|
793
815
|
.
|
794
816
|
.IP "\(bu" 4
|
795
|
-
\fIDefault\fR: $certdir/$certname\.pem
|
817
|
+
\fIDefault\fR: \fB$certdir/$certname\.pem\fR
|
796
818
|
.
|
797
819
|
.IP "" 0
|
798
820
|
.
|
@@ -800,7 +822,7 @@ Where individual hosts store and look for their certificates\.
|
|
800
822
|
Where the host\'s certificate revocation list can be found\. This is distinct from the certificate authority\'s CRL\.
|
801
823
|
.
|
802
824
|
.IP "\(bu" 4
|
803
|
-
\fIDefault\fR: $ssldir/crl\.pem
|
825
|
+
\fIDefault\fR: \fB$ssldir/crl\.pem\fR
|
804
826
|
.
|
805
827
|
.IP "" 0
|
806
828
|
.
|
@@ -808,7 +830,7 @@ Where the host\'s certificate revocation list can be found\. This is distinct fr
|
|
808
830
|
Where individual hosts store their certificate request (CSR) while waiting for the CA to issue their certificate\.
|
809
831
|
.
|
810
832
|
.IP "\(bu" 4
|
811
|
-
\fIDefault\fR: $requestdir/$certname\.pem
|
833
|
+
\fIDefault\fR: \fB$requestdir/$certname\.pem\fR
|
812
834
|
.
|
813
835
|
.IP "" 0
|
814
836
|
.
|
@@ -816,7 +838,7 @@ Where individual hosts store their certificate request (CSR) while waiting for t
|
|
816
838
|
Where individual hosts store and look for their private key\.
|
817
839
|
.
|
818
840
|
.IP "\(bu" 4
|
819
|
-
\fIDefault\fR: $privatekeydir/$certname\.pem
|
841
|
+
\fIDefault\fR: \fB$privatekeydir/$certname\.pem\fR
|
820
842
|
.
|
821
843
|
.IP "" 0
|
822
844
|
.
|
@@ -824,7 +846,7 @@ Where individual hosts store and look for their private key\.
|
|
824
846
|
Where individual hosts store and look for their public key\.
|
825
847
|
.
|
826
848
|
.IP "\(bu" 4
|
827
|
-
\fIDefault\fR: $publickeydir/$certname\.pem
|
849
|
+
\fIDefault\fR: \fB$publickeydir/$certname\.pem\fR
|
828
850
|
.
|
829
851
|
.IP "" 0
|
830
852
|
.
|
@@ -832,7 +854,7 @@ Where individual hosts store and look for their public key\.
|
|
832
854
|
The maximum amount of time to wait when establishing an HTTP connection\. The default value is 2 minutes\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
833
855
|
.
|
834
856
|
.IP "\(bu" 4
|
835
|
-
\fIDefault\fR:
|
857
|
+
\fIDefault\fR: \fB2m\fR
|
836
858
|
.
|
837
859
|
.IP "" 0
|
838
860
|
.
|
@@ -840,15 +862,15 @@ The maximum amount of time to wait when establishing an HTTP connection\. The de
|
|
840
862
|
Whether to write HTTP request and responses to stderr\. This should never be used in a production environment\.
|
841
863
|
.
|
842
864
|
.IP "\(bu" 4
|
843
|
-
\fIDefault\fR:
|
865
|
+
\fIDefault\fR: \fBfalse\fR
|
844
866
|
.
|
845
867
|
.IP "" 0
|
846
868
|
.
|
847
869
|
.SS "http_extra_headers"
|
848
|
-
The list of extra headers that will be sent with http requests to the
|
870
|
+
The list of extra headers that will be sent with http requests to the primary server\. The header definition consists of a name and a value separated by a colon\.
|
849
871
|
.
|
850
872
|
.IP "\(bu" 4
|
851
|
-
\fIDefault\fR: []
|
873
|
+
\fIDefault\fR: \fB[]\fR
|
852
874
|
.
|
853
875
|
.IP "" 0
|
854
876
|
.
|
@@ -856,7 +878,7 @@ The list of extra headers that will be sent with http requests to the master\. T
|
|
856
878
|
The maximum amount of time a persistent HTTP connection can remain idle in the connection pool, before it is closed\. This timeout should be shorter than the keepalive timeout used on the HTTP server, e\.g\. Apache KeepAliveTimeout directive\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
857
879
|
.
|
858
880
|
.IP "\(bu" 4
|
859
|
-
\fIDefault\fR:
|
881
|
+
\fIDefault\fR: \fB4s\fR
|
860
882
|
.
|
861
883
|
.IP "" 0
|
862
884
|
.
|
@@ -864,7 +886,7 @@ The maximum amount of time a persistent HTTP connection can remain idle in the c
|
|
864
886
|
The HTTP proxy host to use for outgoing connections\. The proxy will be bypassed if the server\'s hostname matches the NO_PROXY environment variable or \fBno_proxy\fR setting\. Note: You may need to use a FQDN for the server hostname when using a proxy\. Environment variable http_proxy or HTTP_PROXY will override this value\.
|
865
887
|
.
|
866
888
|
.IP "\(bu" 4
|
867
|
-
\fIDefault\fR:
|
889
|
+
\fIDefault\fR: \fBnone\fR
|
868
890
|
.
|
869
891
|
.IP "" 0
|
870
892
|
.
|
@@ -875,7 +897,7 @@ The password for the user of an authenticated HTTP proxy\. Requires the \fBhttp_
|
|
875
897
|
Note that passwords must be valid when used as part of a URL\. If a password contains any characters with special meanings in URLs (as specified by RFC 3986 section 2\.2), they must be URL\-encoded\. (For example, \fB#\fR would become \fB%23\fR\.)
|
876
898
|
.
|
877
899
|
.IP "\(bu" 4
|
878
|
-
\fIDefault\fR:
|
900
|
+
\fIDefault\fR: \fBnone\fR
|
879
901
|
.
|
880
902
|
.IP "" 0
|
881
903
|
.
|
@@ -883,7 +905,7 @@ Note that passwords must be valid when used as part of a URL\. If a password con
|
|
883
905
|
The HTTP proxy port to use for outgoing connections
|
884
906
|
.
|
885
907
|
.IP "\(bu" 4
|
886
|
-
\fIDefault\fR:
|
908
|
+
\fIDefault\fR: \fB3128\fR
|
887
909
|
.
|
888
910
|
.IP "" 0
|
889
911
|
.
|
@@ -891,7 +913,7 @@ The HTTP proxy port to use for outgoing connections
|
|
891
913
|
The user name for an authenticated HTTP proxy\. Requires the \fBhttp_proxy_host\fR setting\.
|
892
914
|
.
|
893
915
|
.IP "\(bu" 4
|
894
|
-
\fIDefault\fR:
|
916
|
+
\fIDefault\fR: \fBnone\fR
|
895
917
|
.
|
896
918
|
.IP "" 0
|
897
919
|
.
|
@@ -899,7 +921,7 @@ The user name for an authenticated HTTP proxy\. Requires the \fBhttp_proxy_host\
|
|
899
921
|
The time to wait for data to be read from an HTTP connection\. If nothing is read after the elapsed interval then the connection will be closed\. The default value is 10 minutes\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
900
922
|
.
|
901
923
|
.IP "\(bu" 4
|
902
|
-
\fIDefault\fR:
|
924
|
+
\fIDefault\fR: \fB10m\fR
|
903
925
|
.
|
904
926
|
.IP "" 0
|
905
927
|
.
|
@@ -907,7 +929,7 @@ The time to wait for data to be read from an HTTP connection\. If nothing is rea
|
|
907
929
|
The HTTP User\-Agent string to send when making network requests\.
|
908
930
|
.
|
909
931
|
.IP "\(bu" 4
|
910
|
-
\fIDefault\fR:
|
932
|
+
\fIDefault\fR: \fBPuppet/7\.10\.0 Ruby/2\.5\.1\-p57 (x86_64\-linux)\fR
|
911
933
|
.
|
912
934
|
.IP "" 0
|
913
935
|
.
|
@@ -915,15 +937,15 @@ The HTTP User\-Agent string to send when making network requests\.
|
|
915
937
|
Whether the puppet run should ignore errors during pluginsync\. If the setting is false and there are errors during pluginsync, then the agent will abort the run and submit a report containing information about the failed run\.
|
916
938
|
.
|
917
939
|
.IP "\(bu" 4
|
918
|
-
\fIDefault\fR:
|
940
|
+
\fIDefault\fR: \fBfalse\fR
|
919
941
|
.
|
920
942
|
.IP "" 0
|
921
943
|
.
|
922
944
|
.SS "ignoremissingtypes"
|
923
|
-
Skip searching for classes and definitions that were missing during a prior compilation\. The list of missing objects is maintained per\-environment and persists until the environment is cleared or the
|
945
|
+
Skip searching for classes and definitions that were missing during a prior compilation\. The list of missing objects is maintained per\-environment and persists until the environment is cleared or the primary server is restarted\.
|
924
946
|
.
|
925
947
|
.IP "\(bu" 4
|
926
|
-
\fIDefault\fR:
|
948
|
+
\fIDefault\fR: \fBfalse\fR
|
927
949
|
.
|
928
950
|
.IP "" 0
|
929
951
|
.
|
@@ -931,7 +953,7 @@ Skip searching for classes and definitions that were missing during a prior comp
|
|
931
953
|
Boolean; whether puppet agent should ignore schedules\. This is useful for initial puppet agent runs\.
|
932
954
|
.
|
933
955
|
.IP "\(bu" 4
|
934
|
-
\fIDefault\fR:
|
956
|
+
\fIDefault\fR: \fBfalse\fR
|
935
957
|
.
|
936
958
|
.IP "" 0
|
937
959
|
.
|
@@ -939,7 +961,7 @@ Boolean; whether puppet agent should ignore schedules\. This is useful for initi
|
|
939
961
|
The type of private key\. Valid values are \fBrsa\fR and \fBec\fR\. Default is \fBrsa\fR\.
|
940
962
|
.
|
941
963
|
.IP "\(bu" 4
|
942
|
-
\fIDefault\fR:
|
964
|
+
\fIDefault\fR: \fBrsa\fR
|
943
965
|
.
|
944
966
|
.IP "" 0
|
945
967
|
.
|
@@ -947,7 +969,7 @@ The type of private key\. Valid values are \fBrsa\fR and \fBec\fR\. Default is \
|
|
947
969
|
The bit length of keys\.
|
948
970
|
.
|
949
971
|
.IP "\(bu" 4
|
950
|
-
\fIDefault\fR:
|
972
|
+
\fIDefault\fR: \fB4096\fR
|
951
973
|
.
|
952
974
|
.IP "" 0
|
953
975
|
.
|
@@ -955,7 +977,7 @@ The bit length of keys\.
|
|
955
977
|
Where puppet agent stores the last run report summary in yaml format\.
|
956
978
|
.
|
957
979
|
.IP "\(bu" 4
|
958
|
-
\fIDefault\fR: $publicdir/last_run_summary\.yaml
|
980
|
+
\fIDefault\fR: \fB$publicdir/last_run_summary\.yaml\fR
|
959
981
|
.
|
960
982
|
.IP "" 0
|
961
983
|
.
|
@@ -963,7 +985,7 @@ Where puppet agent stores the last run report summary in yaml format\.
|
|
963
985
|
Where Puppet Agent stores the last run report, by default, in yaml format\. The format of the report can be changed by setting the \fBcache\fR key of the \fBreport\fR terminus in the routes\.yaml \fIhttps://puppet\.com/docs/puppet/latest/config_file_routes\.html\fR file\. To avoid mismatches between content and file extension, this setting needs to be manually updated to reflect the terminus changes\.
|
964
986
|
.
|
965
987
|
.IP "\(bu" 4
|
966
|
-
\fIDefault\fR: $statedir/last_run_report\.yaml
|
988
|
+
\fIDefault\fR: \fB$statedir/last_run_report\.yaml\fR
|
967
989
|
.
|
968
990
|
.IP "" 0
|
969
991
|
.
|
@@ -971,7 +993,7 @@ Where Puppet Agent stores the last run report, by default, in yaml format\. The
|
|
971
993
|
The LDAP attributes to include when querying LDAP for nodes\. All returned attributes are set as variables in the top\-level scope\. Multiple values should be comma\-separated\. The value \'all\' returns all attributes\.
|
972
994
|
.
|
973
995
|
.IP "\(bu" 4
|
974
|
-
\fIDefault\fR:
|
996
|
+
\fIDefault\fR: \fBall\fR
|
975
997
|
.
|
976
998
|
.IP "" 0
|
977
999
|
.
|
@@ -982,7 +1004,7 @@ The search base for LDAP searches\. It\'s impossible to provide a meaningful def
|
|
982
1004
|
The LDAP attributes to use to define Puppet classes\. Values should be comma\-separated\.
|
983
1005
|
.
|
984
1006
|
.IP "\(bu" 4
|
985
|
-
\fIDefault\fR:
|
1007
|
+
\fIDefault\fR: \fBpuppetclass\fR
|
986
1008
|
.
|
987
1009
|
.IP "" 0
|
988
1010
|
.
|
@@ -990,7 +1012,7 @@ The LDAP attributes to use to define Puppet classes\. Values should be comma\-se
|
|
990
1012
|
The attribute to use to define the parent node\.
|
991
1013
|
.
|
992
1014
|
.IP "\(bu" 4
|
993
|
-
\fIDefault\fR:
|
1015
|
+
\fIDefault\fR: \fBparentnode\fR
|
994
1016
|
.
|
995
1017
|
.IP "" 0
|
996
1018
|
.
|
@@ -1001,7 +1023,7 @@ The password to use to connect to LDAP\.
|
|
1001
1023
|
The LDAP port\.
|
1002
1024
|
.
|
1003
1025
|
.IP "\(bu" 4
|
1004
|
-
\fIDefault\fR:
|
1026
|
+
\fIDefault\fR: \fB389\fR
|
1005
1027
|
.
|
1006
1028
|
.IP "" 0
|
1007
1029
|
.
|
@@ -1009,7 +1031,7 @@ The LDAP port\.
|
|
1009
1031
|
The LDAP server\.
|
1010
1032
|
.
|
1011
1033
|
.IP "\(bu" 4
|
1012
|
-
\fIDefault\fR:
|
1034
|
+
\fIDefault\fR: \fBldap\fR
|
1013
1035
|
.
|
1014
1036
|
.IP "" 0
|
1015
1037
|
.
|
@@ -1017,7 +1039,7 @@ The LDAP server\.
|
|
1017
1039
|
Whether SSL should be used when searching for nodes\. Defaults to false because SSL usually requires certificates to be set up on the client side\.
|
1018
1040
|
.
|
1019
1041
|
.IP "\(bu" 4
|
1020
|
-
\fIDefault\fR:
|
1042
|
+
\fIDefault\fR: \fBfalse\fR
|
1021
1043
|
.
|
1022
1044
|
.IP "" 0
|
1023
1045
|
.
|
@@ -1025,7 +1047,7 @@ Whether SSL should be used when searching for nodes\. Defaults to false because
|
|
1025
1047
|
The LDAP attributes that should be stacked to arrays by adding the values in all hierarchy elements of the tree\. Values should be comma\-separated\.
|
1026
1048
|
.
|
1027
1049
|
.IP "\(bu" 4
|
1028
|
-
\fIDefault\fR:
|
1050
|
+
\fIDefault\fR: \fBpuppetvar\fR
|
1029
1051
|
.
|
1030
1052
|
.IP "" 0
|
1031
1053
|
.
|
@@ -1033,7 +1055,7 @@ The LDAP attributes that should be stacked to arrays by adding the values in all
|
|
1033
1055
|
The search string used to find an LDAP node\.
|
1034
1056
|
.
|
1035
1057
|
.IP "\(bu" 4
|
1036
|
-
\fIDefault\fR: (&(objectclass=puppetClient)(cn=%s))
|
1058
|
+
\fIDefault\fR: \fB(&(objectclass=puppetClient)(cn=%s))\fR
|
1037
1059
|
.
|
1038
1060
|
.IP "" 0
|
1039
1061
|
.
|
@@ -1041,7 +1063,7 @@ The search string used to find an LDAP node\.
|
|
1041
1063
|
Whether TLS should be used when searching for nodes\. Defaults to false because TLS usually requires certificates to be set up on the client side\.
|
1042
1064
|
.
|
1043
1065
|
.IP "\(bu" 4
|
1044
|
-
\fIDefault\fR:
|
1066
|
+
\fIDefault\fR: \fBfalse\fR
|
1045
1067
|
.
|
1046
1068
|
.IP "" 0
|
1047
1069
|
.
|
@@ -1052,7 +1074,7 @@ The user to use to connect to LDAP\. Must be specified as a full DN\.
|
|
1052
1074
|
An extra search path for Puppet\. This is only useful for those files that Puppet will load on demand, and is only guaranteed to work for those cases\. In fact, the autoload mechanism is responsible for making sure this directory is in Ruby\'s search path
|
1053
1075
|
.
|
1054
1076
|
.IP "\(bu" 4
|
1055
|
-
\fIDefault\fR: $vardir/lib
|
1077
|
+
\fIDefault\fR: \fB$vardir/lib\fR
|
1056
1078
|
.
|
1057
1079
|
.IP "" 0
|
1058
1080
|
.
|
@@ -1060,7 +1082,7 @@ An extra search path for Puppet\. This is only useful for those files that Puppe
|
|
1060
1082
|
Where each client stores the CA certificate\.
|
1061
1083
|
.
|
1062
1084
|
.IP "\(bu" 4
|
1063
|
-
\fIDefault\fR: $certdir/ca\.pem
|
1085
|
+
\fIDefault\fR: \fB$certdir/ca\.pem\fR
|
1064
1086
|
.
|
1065
1087
|
.IP "" 0
|
1066
1088
|
.
|
@@ -1068,7 +1090,7 @@ Where each client stores the CA certificate\.
|
|
1068
1090
|
Where Puppet should store translation files that it pulls down from the central server\.
|
1069
1091
|
.
|
1070
1092
|
.IP "\(bu" 4
|
1071
|
-
\fIDefault\fR: $vardir/locales
|
1093
|
+
\fIDefault\fR: \fB$vardir/locales\fR
|
1072
1094
|
.
|
1073
1095
|
.IP "" 0
|
1074
1096
|
.
|
@@ -1076,7 +1098,7 @@ Where Puppet should store translation files that it pulls down from the central
|
|
1076
1098
|
From where to retrieve translation files\. The standard Puppet \fBfile\fR type is used for retrieval, so anything that is a valid file source can be used here\.
|
1077
1099
|
.
|
1078
1100
|
.IP "\(bu" 4
|
1079
|
-
\fIDefault\fR:
|
1101
|
+
\fIDefault\fR: \fBpuppet:///locales\fR
|
1080
1102
|
.
|
1081
1103
|
.IP "" 0
|
1082
1104
|
.
|
@@ -1108,22 +1130,23 @@ emerg
|
|
1108
1130
|
crit
|
1109
1131
|
.
|
1110
1132
|
.IP "\(bu" 4
|
1111
|
-
\fIDefault\fR:
|
1133
|
+
\fIDefault\fR: \fBnotice\fR
|
1112
1134
|
.
|
1113
1135
|
.IP "" 0
|
1114
1136
|
.
|
1115
1137
|
.SS "logdest"
|
1116
1138
|
Where to send log messages\. Choose between \'syslog\' (the POSIX syslog service), \'eventlog\' (the Windows Event Log), \'console\', or the path to a log file\. Multiple destinations can be set using a comma separated list (eg: \fB/path/file1,console,/path/file2\fR)
|
1117
1139
|
.
|
1118
|
-
.
|
1119
|
-
\fIDefault\fR:
|
1120
|
-
|
1140
|
+
.IP "\(bu" 4
|
1141
|
+
\fIDefault\fR: ``
|
1142
|
+
.
|
1143
|
+
.IP "" 0
|
1121
1144
|
.
|
1122
1145
|
.SS "logdir"
|
1123
1146
|
The directory in which to store log files
|
1124
1147
|
.
|
1125
1148
|
.IP "\(bu" 4
|
1126
|
-
\fIDefault\fR:
|
1149
|
+
\fIDefault\fR: \fBUnix/Linux: /var/log/puppetlabs/puppet \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\evar\elog \-\- Non\-root user: ~/\.puppetlabs/var/log\fR
|
1127
1150
|
.
|
1128
1151
|
.IP "" 0
|
1129
1152
|
.
|
@@ -1131,25 +1154,26 @@ The directory in which to store log files
|
|
1131
1154
|
Whether Puppet should manage the owner, group, and mode of files it uses internally\. \fBNote\fR: For Windows agents, the default is \fBfalse\fR for versions 4\.10\.13 and greater, versions 5\.5\.6 and greater, and versions 6\.0 and greater\.
|
1132
1155
|
.
|
1133
1156
|
.IP "\(bu" 4
|
1134
|
-
\fIDefault\fR:
|
1157
|
+
\fIDefault\fR: \fBtrue\fR
|
1135
1158
|
.
|
1136
1159
|
.IP "" 0
|
1137
1160
|
.
|
1138
1161
|
.SS "manifest"
|
1139
|
-
The entry\-point manifest for
|
1162
|
+
The entry\-point manifest for the primary server\. This can be one file or a directory of manifests to be evaluated in alphabetical order\. Puppet manages this path as a directory if one exists or if the path ends with a / or \.
|
1140
1163
|
.
|
1141
1164
|
.P
|
1142
1165
|
Setting a global value for \fBmanifest\fR in puppet\.conf is not allowed (but it can be overridden from the commandline)\. Please use directory environments instead\. If you need to use something other than the environment\'s \fBmanifests\fR directory as the main manifest, you can set \fBmanifest\fR in environment\.conf\. For more info, see \fIhttps://puppet\.com/docs/puppet/latest/environments_about\.html\fR
|
1143
1166
|
.
|
1144
|
-
.
|
1145
|
-
\fIDefault\fR:
|
1146
|
-
|
1167
|
+
.IP "\(bu" 4
|
1168
|
+
\fIDefault\fR: ``
|
1169
|
+
.
|
1170
|
+
.IP "" 0
|
1147
1171
|
.
|
1148
1172
|
.SS "masterport"
|
1149
1173
|
The default port puppet subcommands use to communicate with Puppet Server\. (eg \fBpuppet facts upload\fR, \fBpuppet agent\fR)\. May be overridden by more specific settings (see \fBca_port\fR, \fBreport_port\fR)\.
|
1150
1174
|
.
|
1151
1175
|
.IP "\(bu" 4
|
1152
|
-
\fIDefault\fR:
|
1176
|
+
\fIDefault\fR: \fB8140\fR
|
1153
1177
|
.
|
1154
1178
|
.IP "" 0
|
1155
1179
|
.
|
@@ -1157,7 +1181,7 @@ The default port puppet subcommands use to communicate with Puppet Server\. (eg
|
|
1157
1181
|
Sets the max number of logged/displayed parser validation deprecation warnings in case multiple deprecation warnings have been detected\. A value of 0 blocks the logging of deprecation warnings\. The count is per manifest\.
|
1158
1182
|
.
|
1159
1183
|
.IP "\(bu" 4
|
1160
|
-
\fIDefault\fR:
|
1184
|
+
\fIDefault\fR: \fB10\fR
|
1161
1185
|
.
|
1162
1186
|
.IP "" 0
|
1163
1187
|
.
|
@@ -1165,7 +1189,7 @@ Sets the max number of logged/displayed parser validation deprecation warnings i
|
|
1165
1189
|
Sets the max number of logged/displayed parser validation errors in case multiple errors have been detected\. A value of 0 is the same as a value of 1; a minimum of one error is always raised\. The count is per manifest\.
|
1166
1190
|
.
|
1167
1191
|
.IP "\(bu" 4
|
1168
|
-
\fIDefault\fR:
|
1192
|
+
\fIDefault\fR: \fB10\fR
|
1169
1193
|
.
|
1170
1194
|
.IP "" 0
|
1171
1195
|
.
|
@@ -1173,7 +1197,7 @@ Sets the max number of logged/displayed parser validation errors in case multipl
|
|
1173
1197
|
Sets the max number of logged/displayed parser validation warnings in case multiple warnings have been detected\. A value of 0 blocks logging of warnings\. The count is per manifest\.
|
1174
1198
|
.
|
1175
1199
|
.IP "\(bu" 4
|
1176
|
-
\fIDefault\fR:
|
1200
|
+
\fIDefault\fR: \fB10\fR
|
1177
1201
|
.
|
1178
1202
|
.IP "" 0
|
1179
1203
|
.
|
@@ -1181,7 +1205,7 @@ Sets the max number of logged/displayed parser validation warnings in case multi
|
|
1181
1205
|
The maximum allowed UID\. Some platforms use negative UIDs but then ship with tools that do not know how to handle signed ints, so the UIDs show up as huge numbers that can then not be fed back into the system\. This is a hackish way to fail in a slightly more useful way when that happens\.
|
1182
1206
|
.
|
1183
1207
|
.IP "\(bu" 4
|
1184
|
-
\fIDefault\fR:
|
1208
|
+
\fIDefault\fR: \fB4294967290\fR
|
1185
1209
|
.
|
1186
1210
|
.IP "" 0
|
1187
1211
|
.
|
@@ -1189,7 +1213,7 @@ The maximum allowed UID\. Some platforms use negative UIDs but then ship with to
|
|
1189
1213
|
The maximum amount of time the Puppet agent should wait for its certificate request to be signed\. A value of \fBunlimited\fR will cause puppet agent to ask for a signed certificate indefinitely\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
1190
1214
|
.
|
1191
1215
|
.IP "\(bu" 4
|
1192
|
-
\fIDefault\fR:
|
1216
|
+
\fIDefault\fR: \fBunlimited\fR
|
1193
1217
|
.
|
1194
1218
|
.IP "" 0
|
1195
1219
|
.
|
@@ -1197,7 +1221,7 @@ The maximum amount of time the Puppet agent should wait for its certificate requ
|
|
1197
1221
|
The maximum amount of time the puppet agent should wait for an already running puppet agent to finish before starting a new one\. This is set by default to 1 minute\. A value of \fBunlimited\fR will cause puppet agent to wait indefinitely\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
1198
1222
|
.
|
1199
1223
|
.IP "\(bu" 4
|
1200
|
-
\fIDefault\fR:
|
1224
|
+
\fIDefault\fR: \fB1m\fR
|
1201
1225
|
.
|
1202
1226
|
.IP "" 0
|
1203
1227
|
.
|
@@ -1211,7 +1235,7 @@ When a class has a failed dependency, every resource in the class generates a no
|
|
1211
1235
|
If true, all messages caused by a class dependency failure are merged into one message associated with the class\.
|
1212
1236
|
.
|
1213
1237
|
.IP "\(bu" 4
|
1214
|
-
\fIDefault\fR:
|
1238
|
+
\fIDefault\fR: \fBfalse\fR
|
1215
1239
|
.
|
1216
1240
|
.IP "" 0
|
1217
1241
|
.
|
@@ -1219,22 +1243,23 @@ If true, all messages caused by a class dependency failure are merged into one m
|
|
1219
1243
|
Whether to create the necessary user and group that puppet agent will run as\.
|
1220
1244
|
.
|
1221
1245
|
.IP "\(bu" 4
|
1222
|
-
\fIDefault\fR:
|
1246
|
+
\fIDefault\fR: \fBfalse\fR
|
1223
1247
|
.
|
1224
1248
|
.IP "" 0
|
1225
1249
|
.
|
1226
1250
|
.SS "module_groups"
|
1227
1251
|
Extra module groups to request from the Puppet Forge\. This is an internal setting, and users should never change it\.
|
1228
1252
|
.
|
1229
|
-
.
|
1230
|
-
\fIDefault\fR:
|
1231
|
-
|
1253
|
+
.IP "\(bu" 4
|
1254
|
+
\fIDefault\fR: ``
|
1255
|
+
.
|
1256
|
+
.IP "" 0
|
1232
1257
|
.
|
1233
1258
|
.SS "module_repository"
|
1234
1259
|
The module repository
|
1235
1260
|
.
|
1236
1261
|
.IP "\(bu" 4
|
1237
|
-
\fIDefault\fR:
|
1262
|
+
\fIDefault\fR: \fBhttps://forgeapi\.puppet\.com\fR
|
1238
1263
|
.
|
1239
1264
|
.IP "" 0
|
1240
1265
|
.
|
@@ -1242,7 +1267,7 @@ The module repository
|
|
1242
1267
|
The directory into which module tool data is stored
|
1243
1268
|
.
|
1244
1269
|
.IP "\(bu" 4
|
1245
|
-
\fIDefault\fR: $vardir/puppet\-module
|
1270
|
+
\fIDefault\fR: \fB$vardir/puppet\-module\fR
|
1246
1271
|
.
|
1247
1272
|
.IP "" 0
|
1248
1273
|
.
|
@@ -1255,15 +1280,16 @@ Setting a global value for \fBmodulepath\fR in puppet\.conf is not allowed (but
|
|
1255
1280
|
.SS "name"
|
1256
1281
|
The name of the application, if we are running as one\. The default is essentially $0 without the path or \fB\.rb\fR\.
|
1257
1282
|
.
|
1258
|
-
.
|
1259
|
-
\fIDefault\fR:
|
1260
|
-
|
1283
|
+
.IP "\(bu" 4
|
1284
|
+
\fIDefault\fR: ``
|
1285
|
+
.
|
1286
|
+
.IP "" 0
|
1261
1287
|
.
|
1262
1288
|
.SS "named_curve"
|
1263
1289
|
The short name for the EC curve used to generate the EC private key\. Valid values must be one of the curves in \fBOpenSSL::PKey::EC\.builtin_curves\fR\. Default is \fBprime256v1\fR\.
|
1264
1290
|
.
|
1265
1291
|
.IP "\(bu" 4
|
1266
|
-
\fIDefault\fR:
|
1292
|
+
\fIDefault\fR: \fBprime256v1\fR
|
1267
1293
|
.
|
1268
1294
|
.IP "" 0
|
1269
1295
|
.
|
@@ -1271,25 +1297,26 @@ The short name for the EC curve used to generate the EC private key\. Valid valu
|
|
1271
1297
|
List of host or domain names that should not go through \fBhttp_proxy_host\fR\. Environment variable no_proxy or NO_PROXY will override this value\. Names can be specified as an FQDN \fBhost\.example\.com\fR, wildcard \fB*\.example\.com\fR, dotted domain \fB\.example\.com\fR, or suffix \fBexample\.com\fR\.
|
1272
1298
|
.
|
1273
1299
|
.IP "\(bu" 4
|
1274
|
-
\fIDefault\fR:
|
1300
|
+
\fIDefault\fR: \fBlocalhost, 127\.0\.0\.1\fR
|
1275
1301
|
.
|
1276
1302
|
.IP "" 0
|
1277
1303
|
.
|
1278
1304
|
.SS "node_cache_terminus"
|
1279
1305
|
How to store cached nodes\. Valid values are (none), \'json\', \'msgpack\', or \'yaml\'\.
|
1280
1306
|
.
|
1281
|
-
.
|
1282
|
-
\fIDefault\fR:
|
1283
|
-
|
1307
|
+
.IP "\(bu" 4
|
1308
|
+
\fIDefault\fR: ``
|
1309
|
+
.
|
1310
|
+
.IP "" 0
|
1284
1311
|
.
|
1285
1312
|
.SS "node_name_fact"
|
1286
|
-
The fact name used to determine the node name used for all requests the agent makes to the
|
1313
|
+
The fact name used to determine the node name used for all requests the agent makes to the primary server\. WARNING: This setting is mutually exclusive with node_name_value\. Changing this setting also requires changes to Puppet Server\'s default auth\.conf \fIhttps://puppet\.com/docs/puppetserver/latest/config_file_auth\.html\fR\.
|
1287
1314
|
.
|
1288
1315
|
.SS "node_name_value"
|
1289
|
-
The explicit value used for the node name for all requests the agent makes to the
|
1316
|
+
The explicit value used for the node name for all requests the agent makes to the primary server\. WARNING: This setting is mutually exclusive with node_name_fact\. Changing this setting also requires changes to Puppet Server\'s default auth\.conf \fIhttps://puppet\.com/docs/puppetserver/latest/config_file_auth\.html\fR\.
|
1290
1317
|
.
|
1291
1318
|
.IP "\(bu" 4
|
1292
|
-
\fIDefault\fR: $certname
|
1319
|
+
\fIDefault\fR: \fB$certname\fR
|
1293
1320
|
.
|
1294
1321
|
.IP "" 0
|
1295
1322
|
.
|
@@ -1323,7 +1350,7 @@ The three main node data plugins are:
|
|
1323
1350
|
\fBclassifier\fR (formerly \fBconsole\fR) \-\-\- Specific to Puppet Enterprise\. Uses the PE console for node data\."
|
1324
1351
|
.
|
1325
1352
|
.IP "\(bu" 4
|
1326
|
-
\fIDefault\fR:
|
1353
|
+
\fIDefault\fR: \fBplain\fR
|
1327
1354
|
.
|
1328
1355
|
.IP "" 0
|
1329
1356
|
.
|
@@ -1331,13 +1358,21 @@ The three main node data plugins are:
|
|
1331
1358
|
Whether to apply catalogs in noop mode, which allows Puppet to partially simulate a normal run\. This setting affects puppet agent and puppet apply\.
|
1332
1359
|
.
|
1333
1360
|
.P
|
1334
|
-
When running in noop mode, Puppet will check whether each resource is in sync, like it does when running normally\. However, if a resource attribute is not in the desired state (as declared in the catalog), Puppet will take no action, and will instead report the changes it \fIwould\fR have made\. These simulated changes will appear in the report sent to the
|
1361
|
+
When running in noop mode, Puppet will check whether each resource is in sync, like it does when running normally\. However, if a resource attribute is not in the desired state (as declared in the catalog), Puppet will take no action, and will instead report the changes it \fIwould\fR have made\. These simulated changes will appear in the report sent to the primary Puppet server, or be shown on the console if running puppet agent or puppet apply in the foreground\. The simulated changes will not send refresh events to any subscribing or notified resources, although Puppet will log that a refresh event \fIwould\fR have been sent\.
|
1335
1362
|
.
|
1336
1363
|
.P
|
1337
1364
|
\fBImportant note:\fR The \fBnoop\fR metaparameter \fIhttps://puppet\.com/docs/puppet/latest/metaparameter\.html#noop\fR allows you to apply individual resources in noop mode, and will override the global value of the \fBnoop\fR setting\. This means a resource with \fBnoop => false\fR \fIwill\fR be changed if necessary, even when running puppet agent with \fBnoop = true\fR or \fB\-\-noop\fR\. (Conversely, a resource with \fBnoop => true\fR will only be simulated, even when noop mode is globally disabled\.)
|
1338
1365
|
.
|
1339
1366
|
.IP "\(bu" 4
|
1340
|
-
\fIDefault\fR:
|
1367
|
+
\fIDefault\fR: \fBfalse\fR
|
1368
|
+
.
|
1369
|
+
.IP "" 0
|
1370
|
+
.
|
1371
|
+
.SS "number_of_facts_soft_limit"
|
1372
|
+
The soft limit for the total number of facts\.
|
1373
|
+
.
|
1374
|
+
.IP "\(bu" 4
|
1375
|
+
\fIDefault\fR: \fB2048\fR
|
1341
1376
|
.
|
1342
1377
|
.IP "" 0
|
1343
1378
|
.
|
@@ -1345,7 +1380,7 @@ When running in noop mode, Puppet will check whether each resource is in sync, l
|
|
1345
1380
|
Perform one configuration run and exit, rather than spawning a long\-running daemon\. This is useful for interactively running puppet agent, or running puppet agent from cron\.
|
1346
1381
|
.
|
1347
1382
|
.IP "\(bu" 4
|
1348
|
-
\fIDefault\fR:
|
1383
|
+
\fIDefault\fR: \fBfalse\fR
|
1349
1384
|
.
|
1350
1385
|
.IP "" 0
|
1351
1386
|
.
|
@@ -1353,7 +1388,7 @@ Perform one configuration run and exit, rather than spawning a long\-running dae
|
|
1353
1388
|
Where puppet agent stores the password for its private key\. Generally unused\.
|
1354
1389
|
.
|
1355
1390
|
.IP "\(bu" 4
|
1356
|
-
\fIDefault\fR: $privatedir/password
|
1391
|
+
\fIDefault\fR: \fB$privatedir/password\fR
|
1357
1392
|
.
|
1358
1393
|
.IP "" 0
|
1359
1394
|
.
|
@@ -1364,7 +1399,15 @@ The shell search path\. Defaults to whatever is inherited from the parent proces
|
|
1364
1399
|
This setting can only be set in the \fB[main]\fR section of puppet\.conf; it cannot be set in \fB[server]\fR, \fB[agent]\fR, or an environment config section\.
|
1365
1400
|
.
|
1366
1401
|
.IP "\(bu" 4
|
1367
|
-
\fIDefault\fR:
|
1402
|
+
\fIDefault\fR: \fBnone\fR
|
1403
|
+
.
|
1404
|
+
.IP "" 0
|
1405
|
+
.
|
1406
|
+
.SS "payload_soft_limit"
|
1407
|
+
The soft limit for the size of the payload\.
|
1408
|
+
.
|
1409
|
+
.IP "\(bu" 4
|
1410
|
+
\fIDefault\fR: \fB16777216\fR
|
1368
1411
|
.
|
1369
1412
|
.IP "" 0
|
1370
1413
|
.
|
@@ -1372,7 +1415,7 @@ This setting can only be set in the \fB[main]\fR section of puppet\.conf; it can
|
|
1372
1415
|
The file containing the PID of a running process\. This file is intended to be used by service management frameworks and monitoring systems to determine if a puppet process is still in the process table\.
|
1373
1416
|
.
|
1374
1417
|
.IP "\(bu" 4
|
1375
|
-
\fIDefault\fR: $rundir/${run_mode}\.pid
|
1418
|
+
\fIDefault\fR: \fB$rundir/${run_mode}\.pid\fR
|
1376
1419
|
.
|
1377
1420
|
.IP "" 0
|
1378
1421
|
.
|
@@ -1380,7 +1423,7 @@ The file containing the PID of a running process\. This file is intended to be u
|
|
1380
1423
|
Where Puppet should store plugins that it pulls down from the central server\.
|
1381
1424
|
.
|
1382
1425
|
.IP "\(bu" 4
|
1383
|
-
\fIDefault\fR: $libdir
|
1426
|
+
\fIDefault\fR: \fB$libdir\fR
|
1384
1427
|
.
|
1385
1428
|
.IP "" 0
|
1386
1429
|
.
|
@@ -1388,7 +1431,7 @@ Where Puppet should store plugins that it pulls down from the central server\.
|
|
1388
1431
|
Where Puppet should store external facts that are being handled by pluginsync
|
1389
1432
|
.
|
1390
1433
|
.IP "\(bu" 4
|
1391
|
-
\fIDefault\fR: $vardir/facts\.d
|
1434
|
+
\fIDefault\fR: \fB$vardir/facts\.d\fR
|
1392
1435
|
.
|
1393
1436
|
.IP "" 0
|
1394
1437
|
.
|
@@ -1396,7 +1439,7 @@ Where Puppet should store external facts that are being handled by pluginsync
|
|
1396
1439
|
Where to retrieve external facts for pluginsync
|
1397
1440
|
.
|
1398
1441
|
.IP "\(bu" 4
|
1399
|
-
\fIDefault\fR:
|
1442
|
+
\fIDefault\fR: \fBpuppet:///pluginfacts\fR
|
1400
1443
|
.
|
1401
1444
|
.IP "" 0
|
1402
1445
|
.
|
@@ -1404,7 +1447,7 @@ Where to retrieve external facts for pluginsync
|
|
1404
1447
|
What files to ignore when pulling down plugins\.
|
1405
1448
|
.
|
1406
1449
|
.IP "\(bu" 4
|
1407
|
-
\fIDefault\fR: \.svn CVS \.git \.hg
|
1450
|
+
\fIDefault\fR: \fB\.svn CVS \.git \.hg\fR
|
1408
1451
|
.
|
1409
1452
|
.IP "" 0
|
1410
1453
|
.
|
@@ -1412,7 +1455,7 @@ What files to ignore when pulling down plugins\.
|
|
1412
1455
|
From where to retrieve plugins\. The standard Puppet \fBfile\fR type is used for retrieval, so anything that is a valid file source can be used here\.
|
1413
1456
|
.
|
1414
1457
|
.IP "\(bu" 4
|
1415
|
-
\fIDefault\fR:
|
1458
|
+
\fIDefault\fR: \fBpuppet:///plugins\fR
|
1416
1459
|
.
|
1417
1460
|
.IP "" 0
|
1418
1461
|
.
|
@@ -1420,7 +1463,7 @@ From where to retrieve plugins\. The standard Puppet \fBfile\fR type is used for
|
|
1420
1463
|
Whether plugins should be synced with the central server\. This setting is deprecated\.
|
1421
1464
|
.
|
1422
1465
|
.IP "\(bu" 4
|
1423
|
-
\fIDefault\fR:
|
1466
|
+
\fIDefault\fR: \fBtrue\fR
|
1424
1467
|
.
|
1425
1468
|
.IP "" 0
|
1426
1469
|
.
|
@@ -1431,7 +1474,7 @@ A command to run after every agent run\. If this command returns a non\-zero ret
|
|
1431
1474
|
The preferred means of serializing ruby instances for passing over the wire\. This won\'t guarantee that all instances will be serialized using this method, since not all classes can be guaranteed to support this format, but it will be used for all classes that support it\.
|
1432
1475
|
.
|
1433
1476
|
.IP "\(bu" 4
|
1434
|
-
\fIDefault\fR:
|
1477
|
+
\fIDefault\fR: \fBjson\fR
|
1435
1478
|
.
|
1436
1479
|
.IP "" 0
|
1437
1480
|
.
|
@@ -1442,22 +1485,23 @@ A command to run before every agent run\. If this command returns a non\-zero re
|
|
1442
1485
|
The directory where catalog previews per node are generated\.
|
1443
1486
|
.
|
1444
1487
|
.IP "\(bu" 4
|
1445
|
-
\fIDefault\fR: $vardir/preview
|
1488
|
+
\fIDefault\fR: \fB$vardir/preview\fR
|
1446
1489
|
.
|
1447
1490
|
.IP "" 0
|
1448
1491
|
.
|
1449
1492
|
.SS "priority"
|
1450
1493
|
The scheduling priority of the process\. Valid values are \'high\', \'normal\', \'low\', or \'idle\', which are mapped to platform\-specific values\. The priority can also be specified as an integer value and will be passed as is, e\.g\. \-5\. Puppet must be running as a privileged user in order to increase scheduling priority\.
|
1451
1494
|
.
|
1452
|
-
.
|
1453
|
-
\fIDefault\fR:
|
1454
|
-
|
1495
|
+
.IP "\(bu" 4
|
1496
|
+
\fIDefault\fR: ``
|
1497
|
+
.
|
1498
|
+
.IP "" 0
|
1455
1499
|
.
|
1456
1500
|
.SS "privatedir"
|
1457
1501
|
Where the client stores private certificate information\.
|
1458
1502
|
.
|
1459
1503
|
.IP "\(bu" 4
|
1460
|
-
\fIDefault\fR: $ssldir/private
|
1504
|
+
\fIDefault\fR: \fB$ssldir/private\fR
|
1461
1505
|
.
|
1462
1506
|
.IP "" 0
|
1463
1507
|
.
|
@@ -1465,7 +1509,7 @@ Where the client stores private certificate information\.
|
|
1465
1509
|
The private key directory\.
|
1466
1510
|
.
|
1467
1511
|
.IP "\(bu" 4
|
1468
|
-
\fIDefault\fR: $ssldir/private_keys
|
1512
|
+
\fIDefault\fR: \fB$ssldir/private_keys\fR
|
1469
1513
|
.
|
1470
1514
|
.IP "" 0
|
1471
1515
|
.
|
@@ -1473,7 +1517,7 @@ The private key directory\.
|
|
1473
1517
|
Whether to enable experimental performance profiling
|
1474
1518
|
.
|
1475
1519
|
.IP "\(bu" 4
|
1476
|
-
\fIDefault\fR:
|
1520
|
+
\fIDefault\fR: \fBfalse\fR
|
1477
1521
|
.
|
1478
1522
|
.IP "" 0
|
1479
1523
|
.
|
@@ -1481,7 +1525,7 @@ Whether to enable experimental performance profiling
|
|
1481
1525
|
Where Puppet stores public files\.
|
1482
1526
|
.
|
1483
1527
|
.IP "\(bu" 4
|
1484
|
-
\fIDefault\fR:
|
1528
|
+
\fIDefault\fR: \fBUnix/Linux: /opt/puppetlabs/puppet/public \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\epublic \-\- Non\-root user: ~/\.puppetlabs/opt/puppet/public\fR
|
1485
1529
|
.
|
1486
1530
|
.IP "" 0
|
1487
1531
|
.
|
@@ -1489,7 +1533,7 @@ Where Puppet stores public files\.
|
|
1489
1533
|
The public key directory\.
|
1490
1534
|
.
|
1491
1535
|
.IP "\(bu" 4
|
1492
|
-
\fIDefault\fR: $ssldir/public_keys
|
1536
|
+
\fIDefault\fR: \fB$ssldir/public_keys\fR
|
1493
1537
|
.
|
1494
1538
|
.IP "" 0
|
1495
1539
|
.
|
@@ -1497,7 +1541,7 @@ The public key directory\.
|
|
1497
1541
|
Whether to print the Puppet stack trace on some errors\. This is a noop if \fBtrace\fR is also set\.
|
1498
1542
|
.
|
1499
1543
|
.IP "\(bu" 4
|
1500
|
-
\fIDefault\fR:
|
1544
|
+
\fIDefault\fR: \fBfalse\fR
|
1501
1545
|
.
|
1502
1546
|
.IP "" 0
|
1503
1547
|
.
|
@@ -1505,13 +1549,13 @@ Whether to print the Puppet stack trace on some errors\. This is a noop if \fBtr
|
|
1505
1549
|
The fallback log file\. This is only used when the \fB\-\-logdest\fR option is not specified AND Puppet is running on an operating system where both the POSIX syslog service and the Windows Event Log are unavailable\. (Currently, no supported operating systems match that description\.)
|
1506
1550
|
.
|
1507
1551
|
.P
|
1508
|
-
Despite the name, both puppet agent and puppet
|
1552
|
+
Despite the name, both puppet agent and puppet server will use this file as the fallback logging destination\.
|
1509
1553
|
.
|
1510
1554
|
.P
|
1511
|
-
For control over logging destinations, see the \fB\-\-logdest\fR command line option in the manual pages for puppet
|
1555
|
+
For control over logging destinations, see the \fB\-\-logdest\fR command line option in the manual pages for puppet server, puppet agent, and puppet apply\. You can see man pages by running \fBpuppet <SUBCOMMAND> \-\-help\fR, or read them online at https://puppet\.com/docs/puppet/latest/man/\.
|
1512
1556
|
.
|
1513
1557
|
.IP "\(bu" 4
|
1514
|
-
\fIDefault\fR: $logdir/puppetd\.log
|
1558
|
+
\fIDefault\fR: \fB$logdir/puppetd\.log\fR
|
1515
1559
|
.
|
1516
1560
|
.IP "" 0
|
1517
1561
|
.
|
@@ -1519,7 +1563,7 @@ For control over logging destinations, see the \fB\-\-logdest\fR command line op
|
|
1519
1563
|
Whether to send reports after every transaction\.
|
1520
1564
|
.
|
1521
1565
|
.IP "\(bu" 4
|
1522
|
-
\fIDefault\fR:
|
1566
|
+
\fIDefault\fR: \fBtrue\fR
|
1523
1567
|
.
|
1524
1568
|
.IP "" 0
|
1525
1569
|
.
|
@@ -1527,7 +1571,7 @@ Whether to send reports after every transaction\.
|
|
1527
1571
|
Whether the \'http\' report processor should include the system certificate store when submitting reports to HTTPS URLs\. If false, then the \'http\' processor will only trust HTTPS report servers whose certificates are issued by the puppet CA or one of its intermediate CAs\. If true, the processor will additionally trust CA certificates in the system\'s certificate store\.
|
1528
1572
|
.
|
1529
1573
|
.IP "\(bu" 4
|
1530
|
-
\fIDefault\fR:
|
1574
|
+
\fIDefault\fR: \fBfalse\fR
|
1531
1575
|
.
|
1532
1576
|
.IP "" 0
|
1533
1577
|
.
|
@@ -1535,7 +1579,7 @@ Whether the \'http\' report processor should include the system certificate stor
|
|
1535
1579
|
The port to communicate with the report_server\.
|
1536
1580
|
.
|
1537
1581
|
.IP "\(bu" 4
|
1538
|
-
\fIDefault\fR: $serverport
|
1582
|
+
\fIDefault\fR: \fB$serverport\fR
|
1539
1583
|
.
|
1540
1584
|
.IP "" 0
|
1541
1585
|
.
|
@@ -1543,7 +1587,7 @@ The port to communicate with the report_server\.
|
|
1543
1587
|
The server to send transaction reports to\.
|
1544
1588
|
.
|
1545
1589
|
.IP "\(bu" 4
|
1546
|
-
\fIDefault\fR: $server
|
1590
|
+
\fIDefault\fR: \fB$server\fR
|
1547
1591
|
.
|
1548
1592
|
.IP "" 0
|
1549
1593
|
.
|
@@ -1551,7 +1595,7 @@ The server to send transaction reports to\.
|
|
1551
1595
|
The directory in which to store reports\. Each node gets a separate subdirectory in this directory\. This setting is only used when the \fBstore\fR report processor is enabled (see the \fBreports\fR setting)\.
|
1552
1596
|
.
|
1553
1597
|
.IP "\(bu" 4
|
1554
|
-
\fIDefault\fR: $vardir/reports
|
1598
|
+
\fIDefault\fR: \fB$vardir/reports\fR
|
1555
1599
|
.
|
1556
1600
|
.IP "" 0
|
1557
1601
|
.
|
@@ -1559,13 +1603,16 @@ The directory in which to store reports\. Each node gets a separate subdirectory
|
|
1559
1603
|
The list of report handlers to use\. When using multiple report handlers, their names should be comma\-separated, with whitespace allowed\. (For example, \fBreports = http, store\fR\.)
|
1560
1604
|
.
|
1561
1605
|
.P
|
1562
|
-
This setting is relevant to puppet
|
1606
|
+
This setting is relevant to puppet server and puppet apply\. The primary Puppet server will call these report handlers with the reports it receives from agent nodes, and puppet apply will call them with its own report\. (In all cases, the node applying the catalog must have \fBreport = true\fR\.)
|
1563
1607
|
.
|
1564
1608
|
.P
|
1565
1609
|
See the report reference for information on the built\-in report handlers; custom report handlers can also be loaded from modules\. (Report handlers are loaded from the lib directory, at \fBpuppet/reports/NAME\.rb\fR\.)
|
1566
1610
|
.
|
1611
|
+
.P
|
1612
|
+
To turn off reports entirely, set this to \fBnone\fR
|
1613
|
+
.
|
1567
1614
|
.IP "\(bu" 4
|
1568
|
-
\fIDefault\fR:
|
1615
|
+
\fIDefault\fR: \fBstore\fR
|
1569
1616
|
.
|
1570
1617
|
.IP "" 0
|
1571
1618
|
.
|
@@ -1573,7 +1620,7 @@ See the report reference for information on the built\-in report handlers; custo
|
|
1573
1620
|
The URL that reports should be forwarded to\. This setting is only used when the \fBhttp\fR report processor is enabled (see the \fBreports\fR setting)\.
|
1574
1621
|
.
|
1575
1622
|
.IP "\(bu" 4
|
1576
|
-
\fIDefault\fR:
|
1623
|
+
\fIDefault\fR: \fBhttp://localhost:3000/reports/upload\fR
|
1577
1624
|
.
|
1578
1625
|
.IP "" 0
|
1579
1626
|
.
|
@@ -1581,7 +1628,7 @@ The URL that reports should be forwarded to\. This setting is only used when the
|
|
1581
1628
|
Where host certificate requests are stored\.
|
1582
1629
|
.
|
1583
1630
|
.IP "\(bu" 4
|
1584
|
-
\fIDefault\fR: $ssldir/certificate_requests
|
1631
|
+
\fIDefault\fR: \fB$ssldir/certificate_requests\fR
|
1585
1632
|
.
|
1586
1633
|
.IP "" 0
|
1587
1634
|
.
|
@@ -1589,7 +1636,7 @@ Where host certificate requests are stored\.
|
|
1589
1636
|
The file in which puppet agent stores a list of the resources associated with the retrieved configuration\.
|
1590
1637
|
.
|
1591
1638
|
.IP "\(bu" 4
|
1592
|
-
\fIDefault\fR: $statedir/resources\.txt
|
1639
|
+
\fIDefault\fR: \fB$statedir/resources\.txt\fR
|
1593
1640
|
.
|
1594
1641
|
.IP "" 0
|
1595
1642
|
.
|
@@ -1597,7 +1644,7 @@ The file in which puppet agent stores a list of the resources associated with th
|
|
1597
1644
|
Whether to send updated facts after every transaction\. By default puppet only submits facts at the beginning of the transaction before applying a catalog\. Since puppet can modify the state of the system, the value of the facts may change after puppet finishes\. Therefore, any facts stored in puppetdb may not be consistent until the agent next runs, typically in 30 minutes\. If this feature is enabled, puppet will resubmit facts after applying its catalog, ensuring facts for the node stored in puppetdb are current\. However, this will double the fact submission load on puppetdb, so it is disabled by default\.
|
1598
1645
|
.
|
1599
1646
|
.IP "\(bu" 4
|
1600
|
-
\fIDefault\fR:
|
1647
|
+
\fIDefault\fR: \fBfalse\fR
|
1601
1648
|
.
|
1602
1649
|
.IP "" 0
|
1603
1650
|
.
|
@@ -1605,7 +1652,7 @@ Whether to send updated facts after every transaction\. By default puppet only s
|
|
1605
1652
|
Enables having extended data in the catalog by storing them as a hash with the special key \fB__ptype\fR\. When enabled, resource containing values of the data types \fBBinary\fR, \fBRegexp\fR, \fBSemVer\fR, \fBSemVerRange\fR, \fBTimespan\fR and \fBTimestamp\fR, as well as instances of types derived from \fBObject\fR retain their data type\.
|
1606
1653
|
.
|
1607
1654
|
.IP "\(bu" 4
|
1608
|
-
\fIDefault\fR:
|
1655
|
+
\fIDefault\fR: \fBtrue\fR
|
1609
1656
|
.
|
1610
1657
|
.IP "" 0
|
1611
1658
|
.
|
@@ -1613,7 +1660,7 @@ Enables having extended data in the catalog by storing them as a hash with the s
|
|
1613
1660
|
The YAML file containing indirector route configuration\.
|
1614
1661
|
.
|
1615
1662
|
.IP "\(bu" 4
|
1616
|
-
\fIDefault\fR: $confdir/routes\.yaml
|
1663
|
+
\fIDefault\fR: \fB$confdir/routes\.yaml\fR
|
1617
1664
|
.
|
1618
1665
|
.IP "" 0
|
1619
1666
|
.
|
@@ -1621,7 +1668,7 @@ The YAML file containing indirector route configuration\.
|
|
1621
1668
|
Where Puppet PID files are kept\.
|
1622
1669
|
.
|
1623
1670
|
.IP "\(bu" 4
|
1624
|
-
\fIDefault\fR:
|
1671
|
+
\fIDefault\fR: \fBUnix/Linux: /var/run/puppetlabs \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\evar\erun \-\- Non\-root user: ~/\.puppetlabs/var/run\fR
|
1625
1672
|
.
|
1626
1673
|
.IP "" 0
|
1627
1674
|
.
|
@@ -1629,7 +1676,7 @@ Where Puppet PID files are kept\.
|
|
1629
1676
|
How often puppet agent applies the catalog\. Note that a runinterval of 0 means "run continuously" rather than "never run\." This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
1630
1677
|
.
|
1631
1678
|
.IP "\(bu" 4
|
1632
|
-
\fIDefault\fR:
|
1679
|
+
\fIDefault\fR: \fB30m\fR
|
1633
1680
|
.
|
1634
1681
|
.IP "" 0
|
1635
1682
|
.
|
@@ -1637,7 +1684,7 @@ How often puppet agent applies the catalog\. Note that a runinterval of 0 means
|
|
1637
1684
|
The maximum amount of time an agent run is allowed to take\. A Puppet agent run that exceeds this timeout will be aborted\. A value of 0 disables the timeout\. Defaults to 1 hour\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
1638
1685
|
.
|
1639
1686
|
.IP "\(bu" 4
|
1640
|
-
\fIDefault\fR:
|
1687
|
+
\fIDefault\fR: \fB1h\fR
|
1641
1688
|
.
|
1642
1689
|
.IP "" 0
|
1643
1690
|
.
|
@@ -1645,15 +1692,15 @@ The maximum amount of time an agent run is allowed to take\. A Puppet agent run
|
|
1645
1692
|
Where the serial number for certificates is stored\.
|
1646
1693
|
.
|
1647
1694
|
.IP "\(bu" 4
|
1648
|
-
\fIDefault\fR: $cadir/serial
|
1695
|
+
\fIDefault\fR: \fB$cadir/serial\fR
|
1649
1696
|
.
|
1650
1697
|
.IP "" 0
|
1651
1698
|
.
|
1652
1699
|
.SS "server"
|
1653
|
-
The
|
1700
|
+
The primary Puppet server to which the Puppet agent should connect\.
|
1654
1701
|
.
|
1655
1702
|
.IP "\(bu" 4
|
1656
|
-
\fIDefault\fR:
|
1703
|
+
\fIDefault\fR: \fBpuppet\fR
|
1657
1704
|
.
|
1658
1705
|
.IP "" 0
|
1659
1706
|
.
|
@@ -1661,15 +1708,15 @@ The puppet master server to which the puppet agent should connect\.
|
|
1661
1708
|
The directory in which serialized data is stored, usually in a subdirectory\.
|
1662
1709
|
.
|
1663
1710
|
.IP "\(bu" 4
|
1664
|
-
\fIDefault\fR: $vardir/server_data
|
1711
|
+
\fIDefault\fR: \fB$vardir/server_data\fR
|
1665
1712
|
.
|
1666
1713
|
.IP "" 0
|
1667
1714
|
.
|
1668
1715
|
.SS "server_list"
|
1669
|
-
The list of Puppet
|
1716
|
+
The list of primary Puppet servers to which the Puppet agent should connect, in the order that they will be tried\. Each value should be a fully qualified domain name, followed by an optional \':\' and port number\. If a port is omitted, Puppet uses masterport for that host\.
|
1670
1717
|
.
|
1671
1718
|
.IP "\(bu" 4
|
1672
|
-
\fIDefault\fR: []
|
1719
|
+
\fIDefault\fR: \fB[]\fR
|
1673
1720
|
.
|
1674
1721
|
.IP "" 0
|
1675
1722
|
.
|
@@ -1677,7 +1724,7 @@ The list of Puppet master servers to which the Puppet agent should connect, in t
|
|
1677
1724
|
The default port puppet subcommands use to communicate with Puppet Server\. (eg \fBpuppet facts upload\fR, \fBpuppet agent\fR)\. May be overridden by more specific settings (see \fBca_port\fR, \fBreport_port\fR)\.
|
1678
1725
|
.
|
1679
1726
|
.IP "\(bu" 4
|
1680
|
-
\fIDefault\fR:
|
1727
|
+
\fIDefault\fR: \fB8140\fR
|
1681
1728
|
.
|
1682
1729
|
.IP "" 0
|
1683
1730
|
.
|
@@ -1685,7 +1732,7 @@ The default port puppet subcommands use to communicate with Puppet Server\. (eg
|
|
1685
1732
|
Whether to compile and apply the settings catalog
|
1686
1733
|
.
|
1687
1734
|
.IP "\(bu" 4
|
1688
|
-
\fIDefault\fR:
|
1735
|
+
\fIDefault\fR: \fBtrue\fR
|
1689
1736
|
.
|
1690
1737
|
.IP "" 0
|
1691
1738
|
.
|
@@ -1693,7 +1740,7 @@ Whether to compile and apply the settings catalog
|
|
1693
1740
|
Whether to log and report a contextual diff when files are being replaced\. This causes partial file contents to pass through Puppet\'s normal logging and reporting system, so this setting should be used with caution if you are sending Puppet\'s reports to an insecure destination\. This feature currently requires the \fBdiff/lcs\fR Ruby library\.
|
1694
1741
|
.
|
1695
1742
|
.IP "\(bu" 4
|
1696
|
-
\fIDefault\fR:
|
1743
|
+
\fIDefault\fR: \fBfalse\fR
|
1697
1744
|
.
|
1698
1745
|
.IP "" 0
|
1699
1746
|
.
|
@@ -1701,7 +1748,7 @@ Whether to log and report a contextual diff when files are being replaced\. This
|
|
1701
1748
|
Where the CA stores signed certificates\.
|
1702
1749
|
.
|
1703
1750
|
.IP "\(bu" 4
|
1704
|
-
\fIDefault\fR: $cadir/signed
|
1751
|
+
\fIDefault\fR: \fB$cadir/signed\fR
|
1705
1752
|
.
|
1706
1753
|
.IP "" 0
|
1707
1754
|
.
|
@@ -1711,9 +1758,10 @@ Tags to use to filter resources\. If this is set, then only resources not tagged
|
|
1711
1758
|
.SS "sourceaddress"
|
1712
1759
|
The address the agent should use to initiate requests\.
|
1713
1760
|
.
|
1714
|
-
.
|
1715
|
-
\fIDefault\fR:
|
1716
|
-
|
1761
|
+
.IP "\(bu" 4
|
1762
|
+
\fIDefault\fR: ``
|
1763
|
+
.
|
1764
|
+
.IP "" 0
|
1717
1765
|
.
|
1718
1766
|
.SS "splay"
|
1719
1767
|
Whether to sleep for a random amount of time, ranging from immediately up to its \fB$splaylimit\fR, before performing its first agent run after a service restart\. After this period, the agent runs periodically on its \fB$runinterval\fR\.
|
@@ -1725,10 +1773,10 @@ For example, assume a default 30\-minute \fB$runinterval\fR, \fBsplay\fR set to
|
|
1725
1773
|
With \fBsplay\fR enabled, it waits any amount of time up to its \fB$splaylimit\fR before its first run\. For example, it might randomly wait 8 minutes, then start its first run at :08 past the hour\. With the \fB$runinterval\fR at its default 30 minutes, its next run will be at :38 past the hour\.
|
1726
1774
|
.
|
1727
1775
|
.P
|
1728
|
-
If you restart an agent\'s puppet service with \fBsplay\fR enabled, it recalculates its splay period and delays its first agent run after restarting for this new period\. If you simultaneously restart a group of puppet agents with \fBsplay\fR enabled, their checkins to your
|
1776
|
+
If you restart an agent\'s puppet service with \fBsplay\fR enabled, it recalculates its splay period and delays its first agent run after restarting for this new period\. If you simultaneously restart a group of puppet agents with \fBsplay\fR enabled, their checkins to your primary servers can be distributed more evenly\.
|
1729
1777
|
.
|
1730
1778
|
.IP "\(bu" 4
|
1731
|
-
\fIDefault\fR:
|
1779
|
+
\fIDefault\fR: \fBfalse\fR
|
1732
1780
|
.
|
1733
1781
|
.IP "" 0
|
1734
1782
|
.
|
@@ -1736,7 +1784,7 @@ If you restart an agent\'s puppet service with \fBsplay\fR enabled, it recalcula
|
|
1736
1784
|
The maximum time to delay before an agent\'s first run when \fBsplay\fR is enabled\. Defaults to the agent\'s \fB$runinterval\fR\. The \fBsplay\fR interval is random and recalculated each time the agent is started or restarted\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
1737
1785
|
.
|
1738
1786
|
.IP "\(bu" 4
|
1739
|
-
\fIDefault\fR: $runinterval
|
1787
|
+
\fIDefault\fR: \fB$runinterval\fR
|
1740
1788
|
.
|
1741
1789
|
.IP "" 0
|
1742
1790
|
.
|
@@ -1744,7 +1792,7 @@ The maximum time to delay before an agent\'s first run when \fBsplay\fR is enabl
|
|
1744
1792
|
The domain which will be queried to find the SRV records of servers to use\.
|
1745
1793
|
.
|
1746
1794
|
.IP "\(bu" 4
|
1747
|
-
\fIDefault\fR:
|
1795
|
+
\fIDefault\fR: \fBci\-jenkins\-setup\-platform\.svc\.cluster\.local\fR
|
1748
1796
|
.
|
1749
1797
|
.IP "" 0
|
1750
1798
|
.
|
@@ -1755,7 +1803,7 @@ The header containing an authenticated client\'s SSL DN\. This header must be se
|
|
1755
1803
|
Note that the name of the HTTP header gets munged by the web server common gateway interface: an \fBHTTP_\fR prefix is added, dashes are converted to underscores, and all letters are uppercased\. Thus, to use the \fBX\-Client\-DN\fR header, this setting should be \fBHTTP_X_CLIENT_DN\fR\.
|
1756
1804
|
.
|
1757
1805
|
.IP "\(bu" 4
|
1758
|
-
\fIDefault\fR:
|
1806
|
+
\fIDefault\fR: \fBHTTP_X_CLIENT_DN\fR
|
1759
1807
|
.
|
1760
1808
|
.IP "" 0
|
1761
1809
|
.
|
@@ -1766,7 +1814,7 @@ The header containing the status message of the client verification\. This heade
|
|
1766
1814
|
Note that the name of the HTTP header gets munged by the web server common gateway interface: an \fBHTTP_\fR prefix is added, dashes are converted to underscores, and all letters are uppercased\. Thus, to use the \fBX\-Client\-Verify\fR header, this setting should be \fBHTTP_X_CLIENT_VERIFY\fR\.
|
1767
1815
|
.
|
1768
1816
|
.IP "\(bu" 4
|
1769
|
-
\fIDefault\fR:
|
1817
|
+
\fIDefault\fR: \fBHTTP_X_CLIENT_VERIFY\fR
|
1770
1818
|
.
|
1771
1819
|
.IP "" 0
|
1772
1820
|
.
|
@@ -1774,22 +1822,23 @@ Note that the name of the HTTP header gets munged by the web server common gatew
|
|
1774
1822
|
A lock file to indicate that the ssl bootstrap process is currently in progress\.
|
1775
1823
|
.
|
1776
1824
|
.IP "\(bu" 4
|
1777
|
-
\fIDefault\fR: $ssldir/ssl\.lock
|
1825
|
+
\fIDefault\fR: \fB$ssldir/ssl\.lock\fR
|
1778
1826
|
.
|
1779
1827
|
.IP "" 0
|
1780
1828
|
.
|
1781
1829
|
.SS "ssl_trust_store"
|
1782
1830
|
A file containing CA certificates in PEM format that puppet should trust when making HTTPS requests\. This \fBonly\fR applies to https requests to non\-puppet infrastructure, such as retrieving file metadata and content from https file sources, puppet module tool and the \'http\' report processor\. This setting is ignored when making requests to puppet:// URLs such as catalog and report requests\.
|
1783
1831
|
.
|
1784
|
-
.
|
1785
|
-
\fIDefault\fR:
|
1786
|
-
|
1832
|
+
.IP "\(bu" 4
|
1833
|
+
\fIDefault\fR: ``
|
1834
|
+
.
|
1835
|
+
.IP "" 0
|
1787
1836
|
.
|
1788
1837
|
.SS "ssldir"
|
1789
1838
|
Where SSL certificates are kept\.
|
1790
1839
|
.
|
1791
1840
|
.IP "\(bu" 4
|
1792
|
-
\fIDefault\fR: $confdir/ssl
|
1841
|
+
\fIDefault\fR: \fB$confdir/ssl\fR
|
1793
1842
|
.
|
1794
1843
|
.IP "" 0
|
1795
1844
|
.
|
@@ -1797,15 +1846,15 @@ Where SSL certificates are kept\.
|
|
1797
1846
|
The directory where Puppet state is stored\. Generally, this directory can be removed without causing harm (although it might result in spurious service restarts)\.
|
1798
1847
|
.
|
1799
1848
|
.IP "\(bu" 4
|
1800
|
-
\fIDefault\fR: $vardir/state
|
1849
|
+
\fIDefault\fR: \fB$vardir/state\fR
|
1801
1850
|
.
|
1802
1851
|
.IP "" 0
|
1803
1852
|
.
|
1804
1853
|
.SS "statefile"
|
1805
|
-
Where
|
1854
|
+
Where Puppet agent and Puppet Server store state associated with the running configuration\. In the case of Puppet Server, this file reflects the state discovered through interacting with clients\.
|
1806
1855
|
.
|
1807
1856
|
.IP "\(bu" 4
|
1808
|
-
\fIDefault\fR: $statedir/state\.yaml
|
1857
|
+
\fIDefault\fR: \fB$statedir/state\.yaml\fR
|
1809
1858
|
.
|
1810
1859
|
.IP "" 0
|
1811
1860
|
.
|
@@ -1816,15 +1865,15 @@ How long the Puppet agent should cache when a resource was last checked or synce
|
|
1816
1865
|
This setting affects the usage of \fBschedule\fR resources, as the information about when a resource was last checked (and therefore when it needs to be checked again) is stored in the \fBstatefile\fR\. The \fBstatettl\fR needs to be large enough to ensure that a resource will not trigger multiple times during a schedule due to its entry expiring from the cache\.
|
1817
1866
|
.
|
1818
1867
|
.IP "\(bu" 4
|
1819
|
-
\fIDefault\fR:
|
1868
|
+
\fIDefault\fR: \fB32d\fR
|
1820
1869
|
.
|
1821
1870
|
.IP "" 0
|
1822
1871
|
.
|
1823
1872
|
.SS "static_catalogs"
|
1824
|
-
Whether to compile a static catalog \fIhttps://puppet\.com/docs/puppet/latest/static_catalogs\.html#enabling\-or\-disabling\-static\-catalogs\fR, which occurs only on
|
1873
|
+
Whether to compile a static catalog \fIhttps://puppet\.com/docs/puppet/latest/static_catalogs\.html#enabling\-or\-disabling\-static\-catalogs\fR, which occurs only on Puppet Server when the \fBcode\-id\-command\fR and \fBcode\-content\-command\fR settings are configured in its \fBpuppetserver\.conf\fR file\.
|
1825
1874
|
.
|
1826
1875
|
.IP "\(bu" 4
|
1827
|
-
\fIDefault\fR:
|
1876
|
+
\fIDefault\fR: \fBtrue\fR
|
1828
1877
|
.
|
1829
1878
|
.IP "" 0
|
1830
1879
|
.
|
@@ -1838,7 +1887,7 @@ By default this uses the \'puppetdb\' backend\.
|
|
1838
1887
|
You can adjust the backend using the storeconfigs_backend setting\.
|
1839
1888
|
.
|
1840
1889
|
.IP "\(bu" 4
|
1841
|
-
\fIDefault\fR:
|
1890
|
+
\fIDefault\fR: \fBfalse\fR
|
1842
1891
|
.
|
1843
1892
|
.IP "" 0
|
1844
1893
|
.
|
@@ -1846,7 +1895,7 @@ You can adjust the backend using the storeconfigs_backend setting\.
|
|
1846
1895
|
Configure the backend terminus used for StoreConfigs\. By default, this uses the PuppetDB store, which must be installed and configured before turning on StoreConfigs\.
|
1847
1896
|
.
|
1848
1897
|
.IP "\(bu" 4
|
1849
|
-
\fIDefault\fR:
|
1898
|
+
\fIDefault\fR: \fBpuppetdb\fR
|
1850
1899
|
.
|
1851
1900
|
.IP "" 0
|
1852
1901
|
.
|
@@ -1865,13 +1914,13 @@ error \- perform extra validation, fail with error
|
|
1865
1914
|
.IP "" 0
|
1866
1915
|
.
|
1867
1916
|
.P
|
1868
|
-
The strictness level is for both language semantics and runtime evaluation validation\. In addition to controlling the behavior with this
|
1917
|
+
The strictness level is for both language semantics and runtime evaluation validation\. In addition to controlling the behavior with this primary server switch some individual warnings may also be controlled by the disable_warnings setting\.
|
1869
1918
|
.
|
1870
1919
|
.P
|
1871
1920
|
No new validations will be added to a micro (x\.y\.z) release, but may be added in minor releases (x\.y\.0)\. In major releases it expected that most (if not all) strictness validation become standard behavior\.
|
1872
1921
|
.
|
1873
1922
|
.IP "\(bu" 4
|
1874
|
-
\fIDefault\fR:
|
1923
|
+
\fIDefault\fR: \fBwarning\fR
|
1875
1924
|
.
|
1876
1925
|
.IP "" 0
|
1877
1926
|
.
|
@@ -1879,7 +1928,7 @@ No new validations will be added to a micro (x\.y\.z) release, but may be added
|
|
1879
1928
|
Whether the agent specified environment should be considered authoritative, causing the run to fail if the retrieved catalog does not match it\.
|
1880
1929
|
.
|
1881
1930
|
.IP "\(bu" 4
|
1882
|
-
\fIDefault\fR:
|
1931
|
+
\fIDefault\fR: \fBfalse\fR
|
1883
1932
|
.
|
1884
1933
|
.IP "" 0
|
1885
1934
|
.
|
@@ -1887,7 +1936,7 @@ Whether the agent specified environment should be considered authoritative, caus
|
|
1887
1936
|
Causes an evaluation error when referencing unknown variables\. (This does not affect referencing variables that are explicitly set to undef)\.
|
1888
1937
|
.
|
1889
1938
|
.IP "\(bu" 4
|
1890
|
-
\fIDefault\fR:
|
1939
|
+
\fIDefault\fR: \fBfalse\fR
|
1891
1940
|
.
|
1892
1941
|
.IP "" 0
|
1893
1942
|
.
|
@@ -1895,7 +1944,7 @@ Causes an evaluation error when referencing unknown variables\. (This does not a
|
|
1895
1944
|
Whether to print a transaction summary\.
|
1896
1945
|
.
|
1897
1946
|
.IP "\(bu" 4
|
1898
|
-
\fIDefault\fR:
|
1947
|
+
\fIDefault\fR: \fBfalse\fR
|
1899
1948
|
.
|
1900
1949
|
.IP "" 0
|
1901
1950
|
.
|
@@ -1903,7 +1952,7 @@ Whether to print a transaction summary\.
|
|
1903
1952
|
Checksum types supported by this agent for use in file resources of a static catalog\. Values must be comma\-separated\. Valid types are sha256, sha256lite, sha384, sha512, sha224, sha1, sha1lite, md5, md5lite, mtime, ctime\. Default is sha256, sha384, sha512, sha224, md5\.
|
1904
1953
|
.
|
1905
1954
|
.IP "\(bu" 4
|
1906
|
-
\fIDefault\fR: ["sha256", "sha384", "sha512", "sha224", "md5"]
|
1955
|
+
\fIDefault\fR: \fB["sha256", "sha384", "sha512", "sha224", "md5"]\fR
|
1907
1956
|
.
|
1908
1957
|
.IP "" 0
|
1909
1958
|
.
|
@@ -1911,7 +1960,7 @@ Checksum types supported by this agent for use in file resources of a static cat
|
|
1911
1960
|
What syslog facility to use when logging to syslog\. Syslog has a fixed list of valid facilities, and you must choose one of those; you cannot just make one up\.
|
1912
1961
|
.
|
1913
1962
|
.IP "\(bu" 4
|
1914
|
-
\fIDefault\fR:
|
1963
|
+
\fIDefault\fR: \fBdaemon\fR
|
1915
1964
|
.
|
1916
1965
|
.IP "" 0
|
1917
1966
|
.
|
@@ -1922,7 +1971,15 @@ Tags to use to find resources\. If this is set, then only resources tagged with
|
|
1922
1971
|
Turns on experimental support for tasks and plans in the puppet language\. This is for internal API use only\. Do not change this setting\.
|
1923
1972
|
.
|
1924
1973
|
.IP "\(bu" 4
|
1925
|
-
\fIDefault\fR:
|
1974
|
+
\fIDefault\fR: \fBfalse\fR
|
1975
|
+
.
|
1976
|
+
.IP "" 0
|
1977
|
+
.
|
1978
|
+
.SS "top_level_facts_soft_limit"
|
1979
|
+
The soft limit for the number of top level facts\.
|
1980
|
+
.
|
1981
|
+
.IP "\(bu" 4
|
1982
|
+
\fIDefault\fR: \fB512\fR
|
1926
1983
|
.
|
1927
1984
|
.IP "" 0
|
1928
1985
|
.
|
@@ -1930,7 +1987,7 @@ Turns on experimental support for tasks and plans in the puppet language\. This
|
|
1930
1987
|
Whether to print stack traces on some errors\. Will print internal Ruby stack trace interleaved with Puppet function frames\.
|
1931
1988
|
.
|
1932
1989
|
.IP "\(bu" 4
|
1933
|
-
\fIDefault\fR:
|
1990
|
+
\fIDefault\fR: \fBfalse\fR
|
1934
1991
|
.
|
1935
1992
|
.IP "" 0
|
1936
1993
|
.
|
@@ -1938,7 +1995,7 @@ Whether to print stack traces on some errors\. Will print internal Ruby stack tr
|
|
1938
1995
|
Transactional storage file for persisting data between transactions for the purposes of infering information (such as corrective_change) on new data received\.
|
1939
1996
|
.
|
1940
1997
|
.IP "\(bu" 4
|
1941
|
-
\fIDefault\fR: $statedir/transactionstore\.yaml
|
1998
|
+
\fIDefault\fR: \fB$statedir/transactionstore\.yaml\fR
|
1942
1999
|
.
|
1943
2000
|
.IP "" 0
|
1944
2001
|
.
|
@@ -1959,23 +2016,24 @@ For unknown or invalid nodes, exit with a non\-zero exit code\.
|
|
1959
2016
|
.P
|
1960
2017
|
If the setting points to an executable command, then the external trusted facts will be stored in the \'external\' key of the trusted facts hash\. Otherwise for each executable file in the directory, the external trusted facts will be stored in the \fB<basename>\fR key of the \fBtrusted[\'external\']\fR hash\. For example, if the files foo\.rb and bar\.sh are in the directory, then \fBtrusted[\'external\']\fR will be the hash \fB{ \'foo\' => <foo\.rb output>, \'bar\' => <bar\.sh output> }\fR\.
|
1961
2018
|
.
|
1962
|
-
.
|
1963
|
-
\fIDefault\fR:
|
1964
|
-
|
2019
|
+
.IP "\(bu" 4
|
2020
|
+
\fIDefault\fR: ``
|
2021
|
+
.
|
2022
|
+
.IP "" 0
|
1965
2023
|
.
|
1966
2024
|
.SS "trusted_oid_mapping_file"
|
1967
2025
|
File that provides mapping between custom SSL oids and user\-friendly names
|
1968
2026
|
.
|
1969
2027
|
.IP "\(bu" 4
|
1970
|
-
\fIDefault\fR: $confdir/custom_trusted_oid_mapping\.yaml
|
2028
|
+
\fIDefault\fR: \fB$confdir/custom_trusted_oid_mapping\.yaml\fR
|
1971
2029
|
.
|
1972
2030
|
.IP "" 0
|
1973
2031
|
.
|
1974
2032
|
.SS "use_cached_catalog"
|
1975
|
-
Whether to only use the cached catalog rather than compiling a new catalog on every run\. Puppet can be run with this enabled by default and then selectively disabled when a recompile is desired\. Because a Puppet agent using cached catalogs does not contact the
|
2033
|
+
Whether to only use the cached catalog rather than compiling a new catalog on every run\. Puppet can be run with this enabled by default and then selectively disabled when a recompile is desired\. Because a Puppet agent using cached catalogs does not contact the primary server for a new catalog, it also does not upload facts at the beginning of the Puppet run\.
|
1976
2034
|
.
|
1977
2035
|
.IP "\(bu" 4
|
1978
|
-
\fIDefault\fR:
|
2036
|
+
\fIDefault\fR: \fBfalse\fR
|
1979
2037
|
.
|
1980
2038
|
.IP "" 0
|
1981
2039
|
.
|
@@ -1983,7 +2041,7 @@ Whether to only use the cached catalog rather than compiling a new catalog on ev
|
|
1983
2041
|
Whether the server will search for SRV records in DNS for the current domain\.
|
1984
2042
|
.
|
1985
2043
|
.IP "\(bu" 4
|
1986
|
-
\fIDefault\fR:
|
2044
|
+
\fIDefault\fR: \fBfalse\fR
|
1987
2045
|
.
|
1988
2046
|
.IP "" 0
|
1989
2047
|
.
|
@@ -1991,7 +2049,7 @@ Whether the server will search for SRV records in DNS for the current domain\.
|
|
1991
2049
|
Whether to use the cached configuration when the remote configuration will not compile\. This option is useful for testing new configurations, where you want to fix the broken configuration rather than reverting to a known\-good one\.
|
1992
2050
|
.
|
1993
2051
|
.IP "\(bu" 4
|
1994
|
-
\fIDefault\fR:
|
2052
|
+
\fIDefault\fR: \fBtrue\fR
|
1995
2053
|
.
|
1996
2054
|
.IP "" 0
|
1997
2055
|
.
|
@@ -1999,7 +2057,7 @@ Whether to use the cached configuration when the remote configuration will not c
|
|
1999
2057
|
The user Puppet Server will run as\. Used to ensure the agent side processes (agent, apply, etc) create files and directories readable by Puppet Server when necessary\.
|
2000
2058
|
.
|
2001
2059
|
.IP "\(bu" 4
|
2002
|
-
\fIDefault\fR:
|
2060
|
+
\fIDefault\fR: \fBpuppet\fR
|
2003
2061
|
.
|
2004
2062
|
.IP "" 0
|
2005
2063
|
.
|
@@ -2007,7 +2065,7 @@ The user Puppet Server will run as\. Used to ensure the agent side processes (ag
|
|
2007
2065
|
Where Puppet stores dynamic and growing data\. The default for this setting is calculated specially, like \fBconfdir\fR_\.
|
2008
2066
|
.
|
2009
2067
|
.IP "\(bu" 4
|
2010
|
-
\fIDefault\fR:
|
2068
|
+
\fIDefault\fR: \fBUnix/Linux: /opt/puppetlabs/puppet/cache \-\- Windows: C:\eProgramData\ePuppetLabs\epuppet\ecache \-\- Non\-root user: ~/\.puppetlabs/opt/puppet/cache\fR
|
2011
2069
|
.
|
2012
2070
|
.IP "" 0
|
2013
2071
|
.
|
@@ -2015,7 +2073,7 @@ Where Puppet stores dynamic and growing data\. The default for this setting is c
|
|
2015
2073
|
The directory containing \fBvendored\fR modules\. These modules will be used by \fIall\fR environments like those in the \fBbasemodulepath\fR\. The only difference is that modules in the \fBbasemodulepath\fR are pluginsynced, while vendored modules are not
|
2016
2074
|
.
|
2017
2075
|
.IP "\(bu" 4
|
2018
|
-
\fIDefault\fR: /opt/puppetlabs/puppet/vendor_modules
|
2076
|
+
\fIDefault\fR: \fB/opt/puppetlabs/puppet/vendor_modules\fR
|
2019
2077
|
.
|
2020
2078
|
.IP "" 0
|
2021
2079
|
.
|
@@ -2023,7 +2081,7 @@ The directory containing \fBvendored\fR modules\. These modules will be used by
|
|
2023
2081
|
Whether or not to look for versioned environment directories, symlinked from \fB$environmentpath/<environment>\fR\. This is an experimental feature and should be used with caution\.
|
2024
2082
|
.
|
2025
2083
|
.IP "\(bu" 4
|
2026
|
-
\fIDefault\fR:
|
2084
|
+
\fIDefault\fR: \fBfalse\fR
|
2027
2085
|
.
|
2028
2086
|
.IP "" 0
|
2029
2087
|
.
|
@@ -2031,13 +2089,13 @@ Whether or not to look for versioned environment directories, symlinked from \fB
|
|
2031
2089
|
How frequently puppet agent should ask for a signed certificate\.
|
2032
2090
|
.
|
2033
2091
|
.P
|
2034
|
-
When starting for the first time, puppet agent will submit a certificate signing request (CSR) to the server named in the \fBca_server\fR setting (usually the
|
2092
|
+
When starting for the first time, puppet agent will submit a certificate signing request (CSR) to the server named in the \fBca_server\fR setting (usually the primary Puppet server); this may be autosigned, or may need to be approved by a human, depending on the CA server\'s configuration\.
|
2035
2093
|
.
|
2036
2094
|
.P
|
2037
2095
|
Puppet agent cannot apply configurations until its approved certificate is available\. Since the certificate may or may not be available immediately, puppet agent will repeatedly try to fetch it at this interval\. You can turn off waiting for certificates by specifying a time of 0, or a maximum amount of time to wait in the \fBmaxwaitforcert\fR setting, in which case puppet agent will exit if it cannot get a cert\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
2038
2096
|
.
|
2039
2097
|
.IP "\(bu" 4
|
2040
|
-
\fIDefault\fR:
|
2098
|
+
\fIDefault\fR: \fB2m\fR
|
2041
2099
|
.
|
2042
2100
|
.IP "" 0
|
2043
2101
|
.
|
@@ -2048,7 +2106,7 @@ How frequently puppet agent should try running when there is an already ongoing
|
|
2048
2106
|
This argument is by default disabled (value set to 0)\. In this case puppet agent will immediately exit if it cannot run at that moment\. When a value other than 0 is set, this can also be used in combination with the \fBmaxwaitforlock\fR argument\. This setting can be a time interval in seconds (30 or 30s), minutes (30m), hours (6h), days (2d), or years (5y)\.
|
2049
2107
|
.
|
2050
2108
|
.IP "\(bu" 4
|
2051
|
-
\fIDefault\fR:
|
2109
|
+
\fIDefault\fR: \fB0\fR
|
2052
2110
|
.
|
2053
2111
|
.IP "" 0
|
2054
2112
|
.
|
@@ -2056,7 +2114,7 @@ This argument is by default disabled (value set to 0)\. In this case puppet agen
|
|
2056
2114
|
The directory in which YAML data is stored, usually in a subdirectory\.
|
2057
2115
|
.
|
2058
2116
|
.IP "\(bu" 4
|
2059
|
-
\fIDefault\fR: $vardir/yaml
|
2117
|
+
\fIDefault\fR: \fB$vardir/yaml\fR
|
2060
2118
|
.
|
2061
2119
|
.IP "" 0
|
2062
2120
|
|