1PUPPETCONF(5) PUPPETCONF(5)
2
7 {:toc}
9
11 On The Command-Line +++++++++++++++++++ Every Puppet executable (with
12 the exception of puppetdoc) accepts all of the parameters below, but
13 not all of the arguments make sense for every executable.
14 I have tried to be as thorough as possible in the descriptions of the
16 arguments, so it should be obvious whether an argument is appropriate
17 or not.
18 These parameters can be supplied to the executables either as com‐
20 mand-line options or in the configuration file. For instance, the com‐
21 mand-line invocation below would set the configuration directory to
22 /private/puppet:
23 $ puppet agent --confdir=/private/puppet
27 Note that boolean options are turned on and off with a slightly differ‐
31 ent syntax on the command line:
32 $ puppet agent --storeconfigs
36 $ puppet agent --no-storeconfigs
38 The invocations above will enable and disable, respectively, the stor‐
42 age of the client configuration.
43 Configuration Files +++++++++++++++++++
45 As mentioned above, the configuration parameters can also be stored in
47 a configuration file, located in the configuration directory. As root,
48 the default configuration directory is /etc/puppet, and as a regular
49 user, the default configuration directory is ~user/.puppet. As of
50 0.23.0, all executables look for puppet.conf in their configuration
51 directory (although they previously looked for separate files). For
52 example, puppet.conf is located at /etc/puppet/puppet.conf as root and
53 ~user/.puppet/puppet.conf as a regular user by default.
54 All executables will set any parameters set within the [main] section,
56 and each executable will also use one of the [master], [agent].
57 File Format ´´´´´´´´´´´
59 The file follows INI-style formatting. Here is an example of a very
61 simple puppet.conf file:
62 [main]
66 confdir = /private/puppet
67 storeconfigs = true
68 Note that boolean parameters must be explicitly specified as true or
72 false as seen above.
73 If you need to change file parameters (e.g., reset the mode or owner),
75 do so within curly braces on the same line:
76 [main]
80 myfile = /tmp/whatever {owner = root, mode = 644}
81 If you´re starting out with a fresh configuration, you may wish to let
85 the executable generate a template configuration file for you by invok‐
86 ing the executable in question with the --genconfig command. The exe‐
87 cutable will print a template configuration to standard output, which
88 can be redirected to a file like so:
89 $ puppet agent --genconfig > /etc/puppet/puppet.conf
93 Note that this invocation will replace the contents of any pre-existing
97 puppet.conf file, so make a backup of your present config if it con‐
98 tains valuable information.
99 Like the --genconfig argument, the executables also accept a --genmani‐
101 fest argument, which will generate a manifest that can be used to man‐
102 age all of Puppet´s directories and files and prints it to standard
103 output. This can likewise be redirected to a file:
104 $ puppet agent --genmanifest > /etc/puppet/manifests/site.pp
108 Puppet can also create user and group accounts for itself (one puppet
112 group and one puppet user) if it is invoked as root with the --mkusers
113 argument:
114 $ puppet agent --mkusers
118
122 The puppet agent and puppet master executables catch some signals for
123 special handling. Both daemons catch (SIGHUP), which forces the server
124 to restart tself. Predictably, interrupt and terminate (SIGINT and
125 SIGTERM) will shut down the server, whether it be an instance of puppet
126 agent or puppet master.
127 Sending the SIGUSR1 signal to an instance of puppet agent will cause it
129 to immediately begin a new configuration transaction with the server.
130 This signal has no effect on puppet master.
131
133 Below is a list of all documented parameters. Not all of them are valid
134 with all Puppet executables, but the executables will ignore any inap‐
135 propriate values.
136 async_storeconfigs ++++++++++++++++++
138 Whether to use a queueing system to provide asynchronous database inte‐
140 gration. Requires that puppetqd be running and that ´PSON´ support for
141 ruby be installed.
142 · Default: false
144 authconfig ++++++++++
148 The configuration file that defines the rights to the different names‐
150 paces and methods. This can be used as a coarse-grained authorization
151 system for both puppet agent and puppet master.
152 · Default: $confdir/namespaceauth.conf
154 autoflush +++++++++
158 Whether log files should always flush to disk.
160 · Default: false
162 autosign ++++++++
166 Whether to enable autosign. Valid values are true (which autosigns any
168 key request, and is a very bad idea), false (which never autosigns any
169 key request), and the path to a file, which uses that configuration
170 file to determine which keys to sign.
171 · Default: $confdir/autosign.conf
173 bindaddress +++++++++++
177 The address a listening server should bind to. Mongrel servers default
179 to 127.0.0.1 and WEBrick defaults to 0.0.0.0.
180 bucketdir +++++++++
182 Where FileBucket files are stored.
184 · Default: $vardir/bucket
186 ca ++
190 Wether the master should function as a certificate authority.
192 · Default: true
194 ca_days +++++++
198 How long a certificate should be valid. This parameter is deprecated,
200 use ca_ttl instead
201 ca_md +++++
203 The type of hash used in certificates.
205 · Default: md5
207 ca_name +++++++
211 The name to use the Certificate Authority certificate.
213 · Default: $certname
215 ca_port +++++++
219 The port to use for the certificate authority.
221 · Default: $masterport
223 ca_server +++++++++
227 The server to use for certificate authority requests. It´s a separate
229 server because it cannot and does not need to horizontally scale.
230 · Default: $server
232 ca_ttl ++++++
236 The default TTL for new certificates; valid values must be an integer,
238 optionally followed by one of the units ´y´ (years of 365 days), ´d´
239 (days), ´h´ (hours), or ´s´ (seconds). The unit defaults to seconds. If
240 this parameter is set, ca_days is ignored. Examples are ´3600´ (one
241 hour) and ´1825d´, which is the same as ´5y´ (5 years)
242 · Default: 5y
244 cacert ++++++
248 The CA certificate.
250 · Default: $cadir/ca_crt.pem
252 cacrl +++++
256 The certificate revocation list (CRL) for the CA. Will be used if
258 present but otherwise ignored.
259 · Default: $cadir/ca_crl.pem
261 cadir +++++
265 The root directory for the certificate authority.
267 · Default: $ssldir/ca
269 cakey +++++
273 The CA private key.
275 · Default: $cadir/ca_key.pem
277 capass ++++++
281 Where the CA stores the password for the private key
283 · Default: $caprivatedir/ca.pass
285 caprivatedir ++++++++++++
289 Where the CA stores private certificate information.
291 · Default: $cadir/private
293 capub +++++
297 The CA public key.
299 · Default: $cadir/ca_pub.pem
301 catalog_format ++++++++++++++
305 (Deprecated for ´preferred_serialization_format´) What format to use to
307 dump the catalog. Only supports ´marshal´ and ´yaml´. Only matters on
308 the client, since it asks the server for a specific format.
309 catalog_terminus ++++++++++++++++
311 Where to get node catalogs. This is useful to change if, for instance,
313 you´d like to pre-compile catalogs and store them in memcached or some
314 other easily-accessed store.
315 · Default: compiler
317 cert_inventory ++++++++++++++
321 A Complete listing of all certificates
323 · Default: $cadir/inventory.txt
325 certdir +++++++
329 The certificate directory.
331 · Default: $ssldir/certs
333 certdnsnames ++++++++++++
337 The DNS names on the Server certificate as a colon-separated list. If
339 it´s anything other than an empty string, it will be used as an alias
340 in the created certificate. By default, only the server gets an alias
341 set up, and only for ´puppet´.
342 certificate_revocation ++++++++++++++++++++++
344 Whether certificate revocation should be supported by downloading a
346 Certificate Revocation List (CRL) to all clients. If enabled, CA chain‐
347 ing will almost definitely not work.
348 · Default: true
350 certname ++++++++
354 The name to use when handling certificates. Defaults to the fully qual‐
356 ified domain name.
357 · Default: pelin.members.linode.com
359 classfile +++++++++
363 The file in which puppet agent stores a list of the classes associated
365 with the retrieved configuration. Can be loaded in the separate puppet
366 executable using the --loadclasses option.
367 · Default: $statedir/classes.txt
369 client_datadir ++++++++++++++
373 The directory in which serialized data is stored on the client.
375 · Default: $vardir/client_data
377 clientbucketdir +++++++++++++++
381 Where FileBucket files are stored locally.
383 · Default: $vardir/clientbucket
385 clientyamldir +++++++++++++
389 The directory in which client-side YAML data is stored.
391 · Default: $vardir/client_yaml
393 code ++++
397 Code to parse directly. This is essentially only used by puppet, and
399 should only be set if you´re writing your own Puppet executable
400 color +++++
402 Whether to use colors when logging to the console. Valid values are
404 ansi (equivalent to true), html (mostly used during testing with Text‐
405 Mate), and false, which produces no color.
406 · Default: ansi
408 confdir +++++++
412 The main Puppet configuration directory. The default for this parameter
414 is calculated based on the user. If the process is running as root or
415 the user that puppet master is supposed to run as, it defaults to a
416 system directory, but if it´s running as any other user, it defaults to
417 being in ~.
418 · Default: /etc/puppet
420 config ++++++
424 The configuration file for doc.
426 · Default: $confdir/puppet.conf
428 config_version ++++++++++++++
432 How to determine the configuration version. By default, it will be the
434 time that the configuration is parsed, but you can provide a shell
435 script to override how the version is determined. The output of this
436 script will be added to every log message in the reports, allowing you
437 to correlate changes on your hosts to the source version on the server.
438 configprint +++++++++++
440 Print the value of a specific configuration parameter. If a parameter
442 is provided for this, then the value is printed and puppet exits.
443 Comma-separate multiple values. For a list of all values, specify
444 ´all´. This feature is only available in Puppet versions higher than
445 0.18.4.
446 configtimeout +++++++++++++
448 How long the client should wait for the configuration to be retrieved
450 before considering it a failure. This can help reduce flapping if too
451 many clients contact the server at one time.
452 · Default: 120
454 couchdb_url +++++++++++
458 The url where the puppet couchdb database will be created
460 · Default: http://127.0.0.1:5984/puppet
462 csrdir ++++++
466 Where the CA stores certificate requests
468 · Default: $cadir/requests
470 daemonize +++++++++
474 Send the process into the background. This is the default.
476 · Default: true
478 dbadapter +++++++++
482 The type of database to use.
484 · Default: sqlite3
486 dbconnections +++++++++++++
490 The number of database connections. Only used when networked databases
492 are used. Will be ignored if the value is an empty string or is less
493 than 1.
494 · Default: 0
496 dblocation ++++++++++
500 The database cache for client configurations. Used for querying within
502 the language.
503 · Default: $statedir/clientconfigs.sqlite3
505 dbmigrate +++++++++
509 Whether to automatically migrate the database.
511 · Default: false
513 dbname ++++++
517 The name of the database to use.
519 · Default: puppet
521 dbpassword ++++++++++
525 The database password for caching. Only used when networked databases
527 are used.
528 · Default: puppet
530 dbport ++++++
534 The database password for caching. Only used when networked databases
536 are used.
537 dbserver ++++++++
539 The database server for caching. Only used when networked databases are
541 used.
542 · Default: localhost
544 dbsocket ++++++++
548 The database socket location. Only used when networked databases are
550 used. Will be ignored if the value is an empty string.
551 dbuser ++++++
553 The database user for caching. Only used when networked databases are
555 used.
556 · Default: puppet
558 diff ++++
562 Which diff command to use when printing differences between files.
564 · Default: diff
566 diff_args +++++++++
570 Which arguments to pass to the diff command when printing differences
572 between files.
573 · Default: -u
575 downcasefacts +++++++++++++
579 Whether facts should be made all lowercase when sent to the server.
581 · Default: false
583 dynamicfacts ++++++++++++
587 Facts that are dynamic; these facts will be ignored when deciding
589 whether changed facts should result in a recompile. Multiple facts
590 should be comma-separated.
591 · Default: memorysize,memoryfree,swapsize,swapfree
593 environment +++++++++++
597 The environment Puppet is running in. For clients (e.g., puppet agent)
599 this determines the environment itself, which is used to find modules
600 and much more. For servers (i.e., puppet master) this provides the
601 default environment for nodes we know nothing about.
602 · Default: production
604 evaltrace +++++++++
608 Whether each resource should log when it is being evaluated. This
610 allows you to interactively see exactly what is being done.
611 · Default: false
613 external_nodes ++++++++++++++
617 An external command that can produce node information. The output must
619 be a YAML dump of a hash, and that hash must have one or both of
620 classes and parameters, where classes is an array and parameters is a
621 hash. For unknown nodes, the commands should exit with a non-zero exit
622 code. This command makes it straightforward to store your node mapping
623 information in other data sources like databases.
624 · Default: none
626 factdest ++++++++
630 Where Puppet should store facts that it pulls down from the central
632 server.
633 · Default: $vardir/facts/
635 factpath ++++++++
639 Where Puppet should look for facts. Multiple directories should be
641 colon-separated, like normal PATH variables.
642 · Default: $vardir/lib/facter:$vardir/facts
644 facts_terminus ++++++++++++++
648 The node facts terminus.
650 · Default: facter
652 factsignore +++++++++++
656 What files to ignore when pulling down facts.
658 · Default: .svn CVS
660 factsource ++++++++++
664 From where to retrieve facts. The standard Puppet file type is used for
666 retrieval, so anything that is a valid file source can be used here.
667 · Default: puppet://$server/facts/
669 factsync ++++++++
673 Whether facts should be synced with the central server.
675 · Default: false
677 fileserverconfig ++++++++++++++++
681 Where the fileserver configuration is stored.
683 · Default: $confdir/fileserver.conf
685 filetimeout +++++++++++
689 The minimum time to wait (in seconds) between checking for updates in
691 configuration files. This timeout determines how quickly Puppet checks
692 whether a file (such as manifests or templates) has changed on disk.
693 · Default: 15
695 freeze_main +++++++++++
699 Freezes the ´main´ class, disallowing any code to be added to it. This
701 essentially means that you can´t have any code outside of a node,
702 class, or definition other than in the site manifest.
703 · Default: false
705 genconfig +++++++++
709 Whether to just print a configuration to stdout and exit. Only makes
711 sense when used interactively. Takes into account arguments specified
712 on the CLI.
713 · Default: false
715 genmanifest +++++++++++
719 Whether to just print a manifest to stdout and exit. Only makes sense
721 when used interactively. Takes into account arguments specified on the
722 CLI.
723 · Default: false
725 graph +++++
729 Whether to create dot graph files for the different configuration
731 graphs. These dot files can be interpreted by tools like OmniGraffle or
732 dot (which is part of ImageMagick).
733 · Default: false
735 graphdir ++++++++
739 Where to store dot-outputted graphs.
741 · Default: $statedir/graphs
743 group +++++
747 The group puppet master should run as.
749 · Default: puppet
751 hostcert ++++++++
755 Where individual hosts store and look for their certificates.
757 · Default: $certdir/$certname.pem
759 hostcrl +++++++
763 Where the host´s certificate revocation list can be found. This is dis‐
765 tinct from the certificate authority´s CRL.
766 · Default: $ssldir/crl.pem
768 hostcsr +++++++
772 Where individual hosts store and look for their certificate requests.
774 · Default: $ssldir/csr_$certname.pem
776 hostprivkey +++++++++++
780 Where individual hosts store and look for their private key.
782 · Default: $privatekeydir/$certname.pem
784 hostpubkey ++++++++++
788 Where individual hosts store and look for their public key.
790 · Default: $publickeydir/$certname.pem
792 http_compression ++++++++++++++++
796 Allow http compression in REST communication with the master. This set‐
798 ting might improve performance for agent -> master communications over
799 slow WANs. Your puppetmaster needs to support compression (usually by
800 activating some settings in a reverse-proxy in front of the puppetmas‐
801 ter, which rules out webrick). It is harmless to activate this settings
802 if your master doesn´t support compression, but if it supports it, this
803 setting might reduce performance on high-speed LANs.
804 · Default: false
806 http_proxy_host +++++++++++++++
810 The HTTP proxy host to use for outgoing connections. Note: You may need
812 to use a FQDN for the server hostname when using a proxy.
813 · Default: none
815 http_proxy_port +++++++++++++++
819 The HTTP proxy port to use for outgoing connections
821 · Default: 3128
823 httplog +++++++
827 Where the puppet agent web server logs.
829 · Default: $logdir/http.log
831 ignorecache +++++++++++
835 Ignore cache and always recompile the configuration. This is useful for
837 testing new configurations, where the local cache may in fact be stale
838 even if the timestamps are up to date - if the facts change or if the
839 server changes.
840 · Default: false
842 ignoreimport ++++++++++++
846 A parameter that can be used in commit hooks, since it enables you to
848 parse-check a single file rather than requiring that all files exist.
849 · Default: false
851 ignoreschedules +++++++++++++++
855 Boolean; whether puppet agent should ignore schedules. This is useful
857 for initial puppet agent runs.
858 · Default: false
860 keylength +++++++++
864 The bit length of keys.
866 · Default: 1024
868 ldapattrs +++++++++
872 The LDAP attributes to include when querying LDAP for nodes. All
874 returned attributes are set as variables in the top-level scope. Multi‐
875 ple values should be comma-separated. The value ´all´ returns all
876 attributes.
877 · Default: all
879 ldapbase ++++++++
883 The search base for LDAP searches. It´s impossible to provide a mean‐
885 ingful default here, although the LDAP libraries might have one already
886 set. Generally, it should be the ´ou=Hosts´ branch under your main
887 directory.
888 ldapclassattrs ++++++++++++++
890 The LDAP attributes to use to define Puppet classes. Values should be
892 comma-separated.
893 · Default: puppetclass
895 ldapnodes +++++++++
899 Whether to search for node configurations in LDAP. See
901 http://projects.puppetlabs.com/projects/puppet/wiki/LDAP_Nodes for more
902 information.
903 · Default: false
905 ldapparentattr ++++++++++++++
909 The attribute to use to define the parent node.
911 · Default: parentnode
913 ldappassword ++++++++++++
917 The password to use to connect to LDAP.
919 ldapport ++++++++
921 The LDAP port. Only used if ldapnodes is enabled.
923 · Default: 389
925 ldapserver ++++++++++
929 The LDAP server. Only used if ldapnodes is enabled.
931 · Default: ldap
933 ldapssl +++++++
937 Whether SSL should be used when searching for nodes. Defaults to false
939 because SSL usually requires certificates to be set up on the client
940 side.
941 · Default: false
943 ldapstackedattrs ++++++++++++++++
947 The LDAP attributes that should be stacked to arrays by adding the val‐
949 ues in all hierarchy elements of the tree. Values should be comma-sepa‐
950 rated.
951 · Default: puppetvar
953 ldapstring ++++++++++
957 The search string used to find an LDAP node.
959 · Default: (&(objectclass=puppetClient)(cn=%s))
961 ldaptls +++++++
965 Whether TLS should be used when searching for nodes. Defaults to false
967 because TLS usually requires certificates to be set up on the client
968 side.
969 · Default: false
971 ldapuser ++++++++
975 The user to use to connect to LDAP. Must be specified as a full DN.
977 lexical +++++++
979 Whether to use lexical scoping (vs. dynamic).
981 · Default: false
983 libdir ++++++
987 An extra search path for Puppet. This is only useful for those files
989 that Puppet will load on demand, and is only guaranteed to work for
990 those cases. In fact, the autoload mechanism is responsible for making
991 sure this directory is in Ruby´s search path
992 · Default: $vardir/lib
994 listen ++++++
998 Whether puppet agent should listen for connections. If this is true,
1000 then by default only the runner server is started, which allows remote
1001 authorized and authenticated nodes to connect and trigger puppet agent
1002 runs.
1003 · Default: false
1005 localcacert +++++++++++
1009 Where each client stores the CA certificate.
1011 · Default: $certdir/ca.pem
1013 localconfig +++++++++++
1017 Where puppet agent caches the local configuration. An extension indi‐
1019 cating the cache format is added automatically.
1020 · Default: $statedir/localconfig
1022 logdir ++++++
1026 The Puppet log directory.
1028 · Default: $vardir/log
1030 manage_internal_file_permissions ++++++++++++++++++++++++++++++++
1034 Whether Puppet should manage the owner, group, and mode of files it
1036 uses internally
1037 · Default: true
1039 manifest ++++++++
1043 The entry-point manifest for puppet master.
1045 · Default: $manifestdir/site.pp
1047 manifestdir +++++++++++
1051 Where puppet master looks for its manifests.
1053 · Default: $confdir/manifests
1055 masterhttplog +++++++++++++
1059 Where the puppet master web server logs.
1061 · Default: $logdir/masterhttp.log
1063 masterlog +++++++++
1067 Where puppet master logs. This is generally not used, since syslog is
1069 the default log destination.
1070 · Default: $logdir/puppetmaster.log
1072 masterport ++++++++++
1076 Which port puppet master listens on.
1078 · Default: 8140
1080 maximum_uid +++++++++++
1084 The maximum allowed UID. Some platforms use negative UIDs but then ship
1086 with tools that do not know how to handle signed ints, so the UIDs show
1087 up as huge numbers that can then not be fed back into the system. This
1088 is a hackish way to fail in a slightly more useful way when that hap‐
1089 pens.
1090 · Default: 4294967290
1092 mkusers +++++++
1096 Whether to create the necessary user and group that puppet agent will
1098 run as.
1099 · Default: false
1101 modulepath ++++++++++
1105 The search path for modules as a colon-separated list of directories.
1107 · Default: $confdir/modules:/usr/share/puppet/modules
1109 name ++++
1113 The name of the application, if we are running as one. The default is
1115 essentially $0 without the path or .rb.
1116 · Default: doc
1118 node_name +++++++++
1122 How the puppetmaster determines the client´s identity and sets the
1124 ´hostname´, ´fqdn´ and ´domain´ facts for use in the manifest, in par‐
1125 ticular for determining which ´node´ statement applies to the client.
1126 Possible values are ´cert´ (use the subject´s CN in the client´s cer‐
1127 tificate) and ´facter´ (use the hostname that the client reported in
1128 its facts)
1129 · Default: cert
1131 node_terminus +++++++++++++
1135 Where to find information about nodes.
1137 · Default: plain
1139 noop ++++
1143 Whether puppet agent should be run in noop mode.
1145 · Default: false
1147 onetime +++++++
1151 Run the configuration once, rather than as a long-running daemon. This
1153 is useful for interactively running puppetd.
1154 · Default: false
1156 parseonly +++++++++
1160 Just check the syntax of the manifests.
1162 · Default: false
1164 passfile ++++++++
1168 Where puppet agent stores the password for its private key. Generally
1170 unused.
1171 · Default: $privatedir/password
1173 path ++++
1177 The shell search path. Defaults to whatever is inherited from the par‐
1179 ent process.
1180 · Default: none
1182 pidfile +++++++
1186 The pid file
1188 · Default: $rundir/$name.pid
1190 plugindest ++++++++++
1194 Where Puppet should store plugins that it pulls down from the central
1196 server.
1197 · Default: $libdir
1199 pluginsignore +++++++++++++
1203 What files to ignore when pulling down plugins.
1205 · Default: .svn CVS .git
1207 pluginsource ++++++++++++
1211 From where to retrieve plugins. The standard Puppet file type is used
1213 for retrieval, so anything that is a valid file source can be used
1214 here.
1215 · Default: puppet://$server/plugins
1217 pluginsync ++++++++++
1221 Whether plugins should be synced with the central server.
1223 · Default: false
1225 postrun_command +++++++++++++++
1229 A command to run after every agent run. If this command returns a
1231 non-zero return code, the entire Puppet run will be considered to have
1232 failed, even though it might have performed work during the normal run.
1233 preferred_serialization_format ++++++++++++++++++++++++++++++
1235 The preferred means of serializing ruby instances for passing over the
1237 wire. This won´t guarantee that all instances will be serialized using
1238 this method, since not all classes can be guaranteed to support this
1239 format, but it will be used for all classes that support it.
1240 · Default: pson
1242 prerun_command ++++++++++++++
1246 A command to run before every agent run. If this command returns a
1248 non-zero return code, the entire Puppet run will fail.
1249 privatedir ++++++++++
1251 Where the client stores private certificate information.
1253 · Default: $ssldir/private
1255 privatekeydir +++++++++++++
1259 The private key directory.
1261 · Default: $ssldir/private_keys
1263 publickeydir ++++++++++++
1267 The public key directory.
1269 · Default: $ssldir/public_keys
1271 puppetdlockfile +++++++++++++++
1275 A lock file to temporarily stop puppet agent from doing anything.
1277 · Default: $statedir/puppetdlock
1279 puppetdlog ++++++++++
1283 The log file for puppet agent. This is generally not used.
1285 · Default: $logdir/puppetd.log
1287 puppetport ++++++++++
1291 Which port puppet agent listens on.
1293 · Default: 8139
1295 queue_source ++++++++++++
1299 Which type of queue to use for asynchronous processing. If your stomp
1301 server requires authentication, you can include it in the URI as long
1302 as your stomp client library is at least 1.1.1
1303 · Default: stomp://localhost:61613/
1305 queue_type ++++++++++
1309 Which type of queue to use for asynchronous processing.
1311 · Default: stomp
1313 rails_loglevel ++++++++++++++
1317 The log level for Rails connections. The value must be a valid log
1319 level within Rails. Production environments normally use info and other
1320 environments normally use debug.
1321 · Default: info
1323 railslog ++++++++
1327 Where Rails-specific logs are sent
1329 · Default: $logdir/rails.log
1331 report ++++++
1335 Whether to send reports after every transaction.
1337 · Default: false
1339 report_port +++++++++++
1343 The port to communicate with the report_server.
1345 · Default: $masterport
1347 report_server +++++++++++++
1351 The server to which to send transaction reports.
1353 · Default: $server
1355 reportdir +++++++++
1359 The directory in which to store reports received from the client. Each
1361 client gets a separate subdirectory.
1362 · Default: $vardir/reports
1364 reportfrom ++++++++++
1368 The ´from´ email address for the reports.
1370 · Default: report@pelin.members.linode.com
1372 reports +++++++
1376 The list of reports to generate. All reports are looked for in pup‐
1378 pet/reports/name.rb, and multiple report names should be comma-sepa‐
1379 rated (whitespace is okay).
1380 · Default: store
1382 reportserver ++++++++++++
1386 (Deprecated for ´report_server´) The server to which to send transac‐
1388 tion reports.
1389 · Default: $server
1391 reporturl +++++++++
1395 The URL used by the http reports processor to send reports
1397 · Default: http://localhost:3000/reports
1399 req_bits ++++++++
1403 The bit length of the certificates.
1405 · Default: 2048
1407 requestdir ++++++++++
1411 Where host certificate requests are stored.
1413 · Default: $ssldir/certificate_requests
1415 rest_authconfig +++++++++++++++
1419 The configuration file that defines the rights to the different rest
1421 indirections. This can be used as a fine-grained authorization system
1422 for puppet master.
1423 · Default: $confdir/auth.conf
1425 rrddir ++++++
1429 The directory where RRD database files are stored. Directories for each
1431 reporting host will be created under this directory.
1432 · Default: $vardir/rrd
1434 rrdinterval +++++++++++
1438 How often RRD should expect data. This should match how often the hosts
1440 report back to the server.
1441 · Default: $runinterval
1443 run_mode ++++++++
1447 The effective ´run mode´ of the application: master, agent, or user.
1449 · Default: master
1451 rundir ++++++
1455 Where Puppet PID files are kept.
1457 · Default: $vardir/run
1459 runinterval +++++++++++
1463 How often puppet agent applies the client configuration; in seconds.
1465 · Default: 1800
1467 sendmail ++++++++
1471 Where to find the sendmail binary with which to send email.
1473 · Default: /usr/sbin/sendmail
1475 serial ++++++
1479 Where the serial number for certificates is stored.
1481 · Default: $cadir/serial
1483 server ++++++
1487 The server to which server puppet agent should connect
1489 · Default: puppet
1491 server_datadir ++++++++++++++
1495 The directory in which serialized data is stored, usually in a subdi‐
1497 rectory.
1498 · Default: $vardir/server_data
1500 servertype ++++++++++
1504 The type of server to use. Currently supported options are webrick and
1506 mongrel. If you use mongrel, you will need a proxy in front of the
1507 process or processes, since Mongrel cannot speak SSL.
1508 · Default: webrick
1510 show_diff +++++++++
1514 Whether to print a contextual diff when files are being replaced. The
1516 diff is printed on stdout, so this option is meaningless unless you are
1517 running Puppet interactively. This feature currently requires the
1518 diff/lcs Ruby library.
1519 · Default: false
1521 signeddir +++++++++
1525 Where the CA stores signed certificates.
1527 · Default: $cadir/signed
1529 smtpserver ++++++++++
1533 The server through which to send email reports.
1535 · Default: none
1537 splay +++++
1541 Whether to sleep for a pseudo-random (but consistent) amount of time
1543 before a run.
1544 · Default: false
1546 splaylimit ++++++++++
1550 The maximum time to delay before runs. Defaults to being the same as
1552 the run interval.
1553 · Default: $runinterval
1555 ssl_client_header +++++++++++++++++
1559 The header containing an authenticated client´s SSL DN. Only used with
1561 Mongrel. This header must be set by the proxy to the authenticated
1562 client´s SSL DN (e.g., /CN=puppet.puppetlabs.com). See
1563 http://projects.puppetlabs.com/projects/puppet/wiki/Using_Mongrel for
1564 more information.
1565 · Default: HTTP_X_CLIENT_DN
1567 ssl_client_verify_header ++++++++++++++++++++++++
1571 The header containing the status message of the client verification.
1573 Only used with Mongrel. This header must be set by the proxy to ´SUC‐
1574 CESS´ if the client successfully authenticated, and anything else oth‐
1575 erwise. See http://projects.puppetlabs.com/projects/pup‐
1576 pet/wiki/Using_Mongrel for more information.
1577 · Default: HTTP_X_CLIENT_VERIFY
1579 ssldir ++++++
1583 Where SSL certificates are kept.
1585 · Default: $confdir/ssl
1587 statedir ++++++++
1591 The directory where Puppet state is stored. Generally, this directory
1593 can be removed without causing harm (although it might result in spuri‐
1594 ous service restarts).
1595 · Default: $vardir/state
1597 statefile +++++++++
1601 Where puppet agent and puppet master store state associated with the
1603 running configuration. In the case of puppet master, this file reflects
1604 the state discovered through interacting with clients.
1605 · Default: $statedir/state.yaml
1607 storeconfigs ++++++++++++
1611 Whether to store each client´s configuration. This requires ActiveRe‐
1613 cord from Ruby on Rails.
1614 · Default: false
1616 strict_hostname_checking ++++++++++++++++++++++++
1620 Whether to only search for the complete hostname as it is in the cer‐
1622 tificate when searching for node information in the catalogs.
1623 · Default: false
1625 summarize +++++++++
1629 Whether to print a transaction summary.
1631 · Default: false
1633 syslogfacility ++++++++++++++
1637 What syslog facility to use when logging to syslog. Syslog has a fixed
1639 list of valid facilities, and you must choose one of those; you cannot
1640 just make one up.
1641 · Default: daemon
1643 tagmap ++++++
1647 The mapping between reporting tags and email addresses.
1649 · Default: $confdir/tagmail.conf
1651 tags ++++
1655 Tags to use to find resources. If this is set, then only resources
1657 tagged with the specified tags will be applied. Values must be
1658 comma-separated.
1659 templatedir +++++++++++
1661 Where Puppet looks for template files. Can be a list of colon-seperated
1663 directories.
1664 · Default: $vardir/templates
1666 thin_storeconfigs +++++++++++++++++
1670 Boolean; wether storeconfigs store in the database only the facts and
1672 exported resources. If true, then storeconfigs performance will be
1673 higher and still allow exported/collected resources, but other usage
1674 external to Puppet might not work
1675 · Default: false
1677 trace +++++
1681 Whether to print stack traces on some errors
1683 · Default: false
1685 use_cached_catalog ++++++++++++++++++
1689 Whether to only use the cached catalog rather than compiling a new cat‐
1691 alog on every run. Puppet can be run with this enabled by default and
1692 then selectively disabled when a recompile is desired.
1693 · Default: false
1695 usecacheonfailure +++++++++++++++++
1699 Whether to use the cached configuration when the remote configuration
1701 will not compile. This option is useful for testing new configurations,
1702 where you want to fix the broken configuration rather than reverting to
1703 a known-good one.
1704 · Default: true
1706 user ++++
1710 The user puppet master should run as.
1712 · Default: puppet
1714 vardir ++++++
1718 Where Puppet stores dynamic and growing data. The default for this
1720 parameter is calculated specially, like confdir_.
1721 · Default: /var/lib/puppet
1723 yamldir +++++++
1727 The directory in which YAML data is stored, usually in a subdirectory.
1729 · Default: $vardir/yaml
1731 zlib ++++
1735 Boolean; whether to use the zlib library
1737 · Default: true
1739 This page autogenerated on Sat Aug 28 14:00:20 -0700 2010
1743 August 2010 PUPPETCONF(5)