You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.markdown
+17Lines changed: 17 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -47,6 +47,7 @@ The `puppet` class installs puppet from packages available to whichever reposito
47
47
***pluginsync**: If this is set to `true` then plugins from modules will be synchronised from the puppetmaster. The default value is `false`.
48
48
***showdiff**: If this is set to `true` file changes will be reported as diffs in the puppet agent reports. The default value is `false`. **WARNING**: Enabling this may expose sensitive information as clear text in puppet reports, this setting should only be used for debugging and testing purposes.
49
49
***environment**: This sets the environment in the agent block. The default value is the same as the `environment` fact provided by facter.
50
+
***dns_alt_names**: Expects an array of names to add to the puppet master's certificate as aliases. The default is undefined which leaves this unconfigured.
50
51
51
52
## `puppet::conf`
52
53
@@ -94,6 +95,11 @@ This class installs a Puppetmaster on [Passenger](https://www.phusionpassenger.c
94
95
***storeconfigs**: If this is set to `true` the puppetmaster wills store all puppet clients' configuration, which allows exchanging resources between nodes (i.e. virtual and exported resources). The default value is `false`.
95
96
***storeconfigs_backend**: Setting this will configure the backend terminus for `storedconfigs`. The default omits the setting enabling the default ActiveRecord store. Setting this parameter automatically sets `storeconfigs` to `true.
96
97
***regenerate_certs**: When set to true the `puppet::master` class will regenerate the puppetmaster SSL certificates post install, which [can resolve some SSL issues](#Troubleshooting).
98
+
***environmentpath**: This sets the path to a directory containing a collection of [directory environments](https://docs.puppetlabs.com/puppet/latest/reference/environments_configuring.html). This can use the internal puppet variables like `$confdir`. The default is undefined and leaves this value unconfigured.
99
+
***default_manifest**: This sets the default main manifest for directory environments, any environment that does not set a manifest will use this manifest. The default is undefined, which will revert to the puppet default of `./manifests`.
100
+
***basemodulepaths**: This expects an array of paths for a Puppetmaster to look for Puppet Modules. This list must include `/usr/share/puppet/modules` and will append it if omitted. The default is undefined, which will revert to the puppet default.
101
+
***autosign**: This sets the path to either an `autosign.conf` whitelist of approved domain names and globs, or an executable that can verifiy host names for [policy based autosigning](https://docs.puppetlabs.com/puppet/latest/reference/ssl_autosign.html). The default is undefined, which will use the whitelist in `$confdir/autosign.conf` by default.
102
+
***autosign_conf_path**: This sets the path to the `autosign.conf` whitelist file if the default path of `$confdir/autosign.conf` is not desired.
97
103
98
104
**NOTE**: Setting the `http` report handler without providing a reporting URL to the `reporturl` parameter may lead to unexpected behaviour by the Puppetmaster.
99
105
@@ -170,6 +176,17 @@ The `puppet::auth::header` resource inserts header comments into the `auth.conf`
170
176
***order** (required) : This sets the insert order of the header comment.
171
177
***content** (required) : This is the text for the header comment.
172
178
179
+
## `puppet::autosign`
180
+
181
+
The `puppet::autosign` resource inserts it's name as a whitelist entry into the `autosign.conf` file given by the `autosign_conf_path` paramter of the `puppet::master` class. This class has no parameters. This class performs a regular expression validation of the name which should be of the form of a fully qualified domain name, but can use a leading `*` prefix to as a glob matcher for sub-domains.
182
+
183
+
### Usage
184
+
185
+
```puppet
186
+
puppet::autosign{'*.local': }
187
+
puppet::autosign{'puppet.example.com': }
188
+
```
189
+
173
190
## `puppet::fileserver`
174
191
175
192
The `puppet::fileserver` resource inserts fileserver declarations into the `fileserver.conf` file. By default these entries will be entered in alphabetical order by their name. More details on the the `fileserver.conf` file can be found in the [PuppetLabs Documentation](http://docs.puppetlabs.com/puppet/latest/reference/config_file_fileserver.html).
0 commit comments