1Configuration(Reference) Configuration(Reference)
2
3
4
6 Configuration Reference -
7
8 This page is autogenerated; any changes will get overwritten (last gen‐
9 erated on Sat Mar 22 17:46:15 +1100 2008)
10
11
12
13
14
16 On The Command-Line
17 Every Puppet executable (with the exception of puppetdoc ) accepts all
18 of the parameters below, but not all of the arguments make sense for
19 every executable. Each parameter has a section listed with it in
20 parentheses; often, that section will map to an executable (e.g., pup‐
21 petd ), in which case it probably only makes sense for that one exe‐
22 cutable. If main
23 is listed as the section, it is most likely an option that is valid
24 for everyone.
25
26 I have tried to be as thorough as possible in the descriptions of the
27 arguments, so it should be obvious whether an argument is appropriate
28 or not.
29
30 These parameters can be supplied to the executables either as com‐
31 mand-line options or in the configuration file. For instance, the com‐
32 mand-line invocation below would set the configuration directory to
33 /private/puppet :
34
35
36 $ puppetd --confdir=/private/puppet
37 Note that boolean options are turned on and off with a slightly differ‐
38 ent syntax on the command line:
39
40
41 $ puppetd --storeconfigs
42
43 $ puppetd --no-storeconfigs
44 The invocations above will enable and disable, respectively, the stor‐
45 age of the client configuration.
46
47
48
49 Configuration Files
50 As mentioned above, the configuration parameters can also be stored in
51 a configuration file, located in the configuration directory. As root,
52 the default configuration directory is /etc/puppet , and as a regular
53 user, the default configuration directory is ~user/.puppet executables
54 look for puppet.conf
55 in their configuration directory (although they previously looked for
56 separate files). For example,
57
58 puppet.conf
59 is located at /etc/puppet/puppet.conf
60 as root and
61
62 ~user/.puppet/puppet.conf
63 as a regular user by default.
64
65 All executables will set any parameters set within the main
66 section, while each executable will also look for a section named for
67 the executable and load those parameters. For example, puppetd
68 will look for a section named puppetd , and puppetmasterd
69 looks for a section named puppetmasterd to customize the settings for
70 all of your executables.
71
72
73
74 File Format
75 The file follows INI-style formatting. Here is an example of a very
76 simple
77
78 puppet.conf
79 file:
80
81
82 [main]
83 confdir = /private/puppet
84 storeconfigs = true
85 Note that boolean parameters must be explicitly specified as true
86 or
87
88 false
89 as seen above.
90
91 If you need to change file parameters (e.g., reset the mode or owner),
92 do so within curly braces on the same line:
93
94
95 [main]
96 myfile = /tmp/whatever {owner = root, mode = 644}
97 If you´re starting out with a fresh configuration, you may wish to let
98 the executable generate a template configuration file for you by invok‐
99 ing the executable in question with the --genconfig
100 command. The executable will print a template configuration to stan‐
101 dard output, which can be redirected to a file like so:
102
103
104 $ puppetd --genconfig > /etc/puppet/puppet.conf
105 Note that this invocation will replace the contents of any pre-existing
106
107 puppet.conf
108 file, so make a backup of your present config if it contains valuable
109 information.
110
111 All parameters will be under a single section heading matching the name
112 of the process used to generate the configuraiton (´puppetd´, in this
113 case).
114
115 Like the --genconfig
116 argument, the executables also accept a --genmanifest
117
118 argument, which will generate a manifest that can be used to manage all
119 of Puppet´s directories and files and prints it to standard output.
120 This can likewise be redirected to a file:
121
122
123 $ puppetd --genmanifest > /etc/puppet/manifests/site.pp
124 Puppet can also create user and group accounts for itself (one puppet
125 group and one puppet
126 user) if it is invoked as root
127 with the --mkusers
128 argument:
129
130
131 $ puppetd --mkusers
132
133
135 The puppetd
136 and puppetmasterd
137 executables catch some signals for special handling. Both daemons
138 catch ( SIGHUP ), which forces the server to restart tself. Pre‐
139 dictably, interrupt and terminate ( SIGINT
140 and SIGHUP ) will shut down the server, whether it be an instance of
141 puppetd
142 or puppetmasterd
143
144 Sending the SIGUSR1
145 signal to an instance of puppetd
146 will cause it to immediately begin a new configuration transaction
147 with the server. This signal has no effect on puppetmasterd
148
149
150
152 Below is a list of all documented parameters. Not all of them are
153 valid with all Puppet executables, but the executables will ignore any
154 inappropriate values.
155
156
157
158 authconfig
159 The configuration file that defines the rights to the different names‐
160 paces and methods. This can be used as a coarse-grained authorization
161 system for both puppetd
162 and puppetmasterd
163
164
165
166 · Default: $confdir/namespaceauth.conf
167
168
169
170 autoflush
171 Whether log files should always flush to disk.
172
173
174
175 · Default: false
176
177
178
179 autosign
180 Whether to enable autosign. Valid values are true (which autosigns any
181 key request, and is a very bad idea), false (which never autosigns any
182 key request), and the path to a file, which uses that configuration
183 file to determine which keys to sign.
184
185
186
187 · Default: $confdir/autosign.conf
188
189
190
191 bindaddress
192 The address to bind to. Mongrel servers default to 127.0.0.1 and
193 WEBrick defaults to 0.0.0.0.
194
195
196
197 bucketdir
198 Where FileBucket files are stored.
199
200
201
202 · Default: $vardir/bucket
203
204
205
206 ca
207 Wether the master should function as a certificate authority.
208
209
210
211 · Default: true
212
213
214
215 ca_days
216 How long a certificate should be valid. This parameter is deprecated,
217 use ca_ttl instead
218
219
220
221 ca_md
222 The type of hash used in certificates.
223
224
225
226 · Default: md5
227
228
229
230 ca_port
231 The port to use for the certificate authority.
232
233
234
235 · Default: $masterport
236
237
238
239 ca_server
240 The server to use for certificate authority requests. It´s a separate
241 server because it cannot and does not need to horizontally scale.
242
243
244
245 · Default: $server
246
247
248
249 ca_ttl
250 The default TTL for new certificates; valid values must be an integer,
251 optionally followed by one of the units ´y´ (years of 365 days), ´d´
252 (days), ´h´ (hours), or ´s´ (seconds). The unit defaults to seconds.
253 If this parameter is set, ca_days is ignored. Examples are ´3600´ (one
254 hour) and ´1825d´, which is the same as ´5y´ (5 years)
255
256
257
258 · Default: 5y
259
260
261
262 cacert
263 The CA certificate.
264
265
266
267 · Default: $cadir/ca_crt.pem
268
269
270
271 cacrl
272 The certificate revocation list (CRL) for the CA. Set this to ´false´
273 if you do not want to use a CRL.
274
275
276
277 · Default: $cadir/ca_crl.pem
278
279
280
281 cadir
282 The root directory for the certificate authority.
283
284
285
286 · Default: $ssldir/ca
287
288
289
290 cakey
291 The CA private key.
292
293
294
295 · Default: $cadir/ca_key.pem
296
297
298
299 capass
300 Where the CA stores the password for the private key
301
302
303
304 · Default: $caprivatedir/ca.pass
305
306
307
308 caprivatedir
309 Where the CA stores private certificate information.
310
311
312
313 · Default: $cadir/private
314
315
316
317 capub
318 The CA public key.
319
320
321
322 · Default: $cadir/ca_pub.pem
323
324
325
326 casesensitive
327 Whether matching in case statements and selectors should be case-sensi‐
328 tive. Case insensitivity is handled by downcasing all values before
329 comparison.
330
331
332
333 · Default: false
334
335
336
337 cert_inventory
338 A Complete listing of all certificates
339
340
341
342 · Default: $cadir/inventory.txt
343
344
345
346 certdir
347 The certificate directory.
348
349
350
351 · Default: $ssldir/certs
352
353
354
355 certdnsnames
356 The DNS names on the Server certificate as a colon-separated list. If
357 it´s anything other than an empty string, it will be used as an alias
358 in the created certificate. By default, only the server gets an alias
359 set up, and only for ´puppet´.
360
361
362
363 certname
364 The name to use when handling certificates. Defaults to the fully
365 qualified domain name.
366
367
368
369 · Default: absinthe.lovedthanlost.net
370
371
372
373 classfile
374 The file in which puppetd stores a list of the classes associated with
375 the retrieved configuration. Can be loaded in the separate puppet
376 executable using the --loadclasses
377 option.
378
379
380
381 · Default: $statedir/classes.txt
382
383
384
385 clientbucketdir
386 Where FileBucket files are stored locally.
387
388
389
390 · Default: $vardir/clientbucket
391
392
393
394 code
395 Code to parse directly. This is essentially only used by puppet , and
396 should only be set if you´re writing your own Puppet executable
397
398
399
400 color
401 Whether to use colors when logging to the console. Valid values are
402 ansi
403 (equivalent to true ), html
404 (mostly used during testing with TextMate), and false , which produces
405 no color.
406
407
408
409 · Default: ansi
410
411
412
413 confdir
414 The main Puppet configuration directory. The default for this parame‐
415 ter is calculated based on the user. If the process is runnig as root
416 or the user that puppetmasterd
417 is supposed to run as, it defaults to a system directory, but if it´s
418 running as any other user, it defaults to being in ~
419
420
421
422 · Default: /etc/puppet
423
424
425
426 config
427 The configuration file for puppetdoc.
428
429
430
431 · Default: $confdir/puppet.conf
432
433
434
435 configprint
436 Print the value of a specific configuration parameter. If a parameter
437 is provided for this, then the value is printed and puppet exits.
438 Comma-separate multiple values. For a list of all values, specify
439 ´all´. This feature is only available in Puppet versions higher than
440 0.18.4.
441
442
443
444 configtimeout
445 How long the client should wait for the configuration to be retrieved
446 before considering it a failure. This can help reduce flapping if too
447 many clients contact the server at one time.
448
449
450
451 · Default: 120
452
453
454
455 csrdir
456 Where the CA stores certificate requests
457
458
459
460 · Default: $cadir/requests
461
462
463
464 daemonize
465 Send the process into the background. This is the default.
466
467
468
469 · Default: true
470
471
472
473 dbadapter
474 The type of database to use.
475
476
477
478 · Default: sqlite3
479
480
481
482 dblocation
483 The database cache for client configurations. Used for querying within
484 the language.
485
486
487
488 · Default: $statedir/clientconfigs.sqlite3
489
490
491
492 dbmigrate
493 Whether to automatically migrate the database.
494
495
496
497 · Default: false
498
499
500
501 dbname
502 The name of the database to use.
503
504
505
506 · Default: puppet
507
508
509
510 dbpassword
511 The database password for Client caching. Only used when networked
512 databases are used.
513
514
515
516 · Default: puppet
517
518
519
520 dbserver
521 The database server for Client caching. Only used when networked data‐
522 bases are used.
523
524
525
526 · Default: localhost
527
528
529
530 dbsocket
531 The database socket location. Only used when networked databases are
532 used. Will be ignored if the value is an empty string.
533
534
535
536 dbuser
537 The database user for Client caching. Only used when networked data‐
538 bases are used.
539
540
541
542 · Default: puppet
543
544
545
546 diff
547 Which diff command to use when printing differences between files.
548
549
550
551 · Default: diff
552
553
554
555 diff_args
556 Which arguments to pass to the diff command when printing differences
557 between files.
558
559
560
561 downcasefacts
562 Whether facts should be made all lowercase when sent to the server.
563
564
565
566 · Default: false
567
568
569
570 dynamicfacts
571 Facts that are dynamic; these facts will be ignored when deciding
572 whether changed facts should result in a recompile. Multiple facts
573 should be comma-separated.
574
575
576
577 · Default: memorysize,memoryfree,swapsize,swapfree
578
579
580
581 environment
582 The environment Puppet is running in. For clients (e.g., puppetd )
583 this determines the environment itself, which is used to find modules
584 and much more. For servers (i.e., puppetmasterd ) this provides the
585 default environment for nodes we know nothing about.
586
587
588
589 · Default: development
590
591
592
593 environments
594 The valid environments for Puppet clients. This is more useful as a
595 server-side setting than client, but any environment chosen must be in
596 this list. Values should be separated by a comma.
597
598
599
600 · Default: production,development
601
602
603
604 evaltrace
605 Whether each resource should log when it is being evaluated. This
606 allows you to interactively see exactly what is being done.
607
608
609
610 · Default: false
611
612
613
614 external_nodes
615 An external command that can produce node information. The output must
616 be a YAML dump of a hash, and that hash must have one or both of
617 classes
618 and parameters , where classes
619 is an array and parameters
620 is a hash. For unknown nodes, the commands should exit with a
621 non-zero exit code. This command makes it straightforward to store your
622 node mapping information in other data sources like databases.
623
624
625
626 · Default: none
627
628
629
630 factdest
631 Where Puppet should store facts that it pulls down from the central
632 server.
633
634
635
636 · Default: $vardir/facts
637
638
639
640 factpath
641 Where Puppet should look for facts. Multiple directories should be
642 colon-separated, like normal PATH variables.
643
644
645
646 · Default: $vardir/facts
647
648
649
650 factsignore
651 What files to ignore when pulling down facts.
652
653
654
655 · Default: .svn CVS
656
657
658
659 factsource
660 From where to retrieve facts. The standard Puppet file
661 type is used for retrieval, so anything that is a valid file source
662 can be used here.
663
664
665
666 · Default: puppet://$server/facts
667
668
669
670 factsync
671 Whether facts should be synced with the central server.
672
673
674
675 · Default: false
676
677
678
679 fileserverconfig
680 Where the fileserver configuration is stored.
681
682
683
684 · Default: $confdir/fileserver.conf
685
686
687
688 filetimeout
689 The minimum time to wait (in seconds) between checking for updates in
690 configuration files. This timeout determines how quickly Puppet checks
691 whether a file (such as manifests or templates) has changed on disk.
692
693
694
695 · Default: 15
696
697
698
699 genconfig
700 Whether to just print a configuration to stdout and exit. Only makes
701 sense when used interactively. Takes into account arguments specified
702 on the CLI.
703
704
705
706 · Default: false
707
708
709
710 genmanifest
711 Whether to just print a manifest to stdout and exit. Only makes sense
712 when used interactively. Takes into account arguments specified on the
713 CLI.
714
715
716
717 · Default: false
718
719
720
721 graph
722 Whether to create dot graph files for the different configuration
723 graphs. These dot files can be interpreted by tools like OmniGraffle
724 or dot (which is part of ImageMagick).
725
726
727
728 · Default: false
729
730
731
732 graphdir
733 Where to store dot-outputted graphs.
734
735
736
737 · Default: $statedir/graphs
738
739
740
741 group
742 The group puppetmasterd should run as.
743
744
745
746 · Default: puppet
747
748
749
750 hostcert
751 Where individual hosts store and look for their certificates.
752
753
754
755 · Default: $certdir/$certname.pem
756
757
758
759 hostcsr
760 Where individual hosts store and look for their certificates.
761
762
763
764 · Default: $ssldir/csr_$certname.pem
765
766
767
768 hostprivkey
769 Where individual hosts store and look for their private key.
770
771
772
773 · Default: $privatekeydir/$certname.pem
774
775
776
777 hostpubkey
778 Where individual hosts store and look for their public key.
779
780
781
782 · Default: $publickeydir/$certname.pem
783
784
785
786 http_enable_post_connection_check
787 Boolean; wheter or not puppetd should validate the server SSL certifi‐
788 cate against the request hostname.
789
790
791
792 · Default: true
793
794
795
796 http_proxy_host
797 The HTTP proxy host to use for outgoing connections. Note: You may
798 need to use a FQDN for the server hostname when using a proxy.
799
800
801
802 · Default: none
803
804
805
806 http_proxy_port
807 The HTTP proxy port to use for outgoing connections
808
809
810
811 · Default: 3128
812
813
814
815 httplog
816 Where the puppetd web server logs.
817
818
819
820 · Default: $logdir/http.log
821
822
823
824 ignorecache
825 Ignore cache and always recompile the configuration. This is useful
826 for testing new configurations, where the local cache may in fact be
827 stale even if the timestamps are up to date - if the facts change or if
828 the server changes.
829
830
831
832 · Default: false
833
834
835
836 ignoreimport
837 A parameter that can be used in commit hooks, since it enables you to
838 parse-check a single file rather than requiring that all files exist.
839
840
841
842 · Default: false
843
844
845
846 ignoreschedules
847 Boolean; whether puppetd should ignore schedules. This is useful for
848 initial puppetd runs.
849
850
851
852 · Default: false
853
854
855
856 keylength
857 The bit length of keys.
858
859
860
861 · Default: 1024
862
863
864
865 ldapattrs
866 The LDAP attributes to include when querying LDAP for nodes. All
867 returned attributes are set as variables in the top-level scope. Multi‐
868 ple values should be comma-separated. The value ´all´ returns all
869 attributes.
870
871
872
873 · Default: all
874
875
876
877 ldapbase
878 The search base for LDAP searches. It´s impossible to provide a mean‐
879 ingful default here, although the LDAP libraries might have one already
880 set. Generally, it should be the ´ou=Hosts´ branch under your main
881 directory.
882
883
884
885 ldapclassattrs
886 The LDAP attributes to use to define Puppet classes. Values should be
887 comma-separated.
888
889
890
891 · Default: puppetclass
892
893
894
895 ldapnodes
896 Whether to search for node configurations in LDAP. See http://reduc‐
897 tivelabs.com/puppet/trac/wiki/LdapNodes/ for more information.
898
899
900
901 · Default: false
902
903
904
905 ldapparentattr
906 The attribute to use to define the parent node.
907
908
909
910 · Default: parentnode
911
912
913
914 ldappassword
915 The password to use to connect to LDAP.
916
917
918
919 ldapport
920 The LDAP port. Only used if ldapnodes
921 is enabled.
922
923
924
925 · Default: 389
926
927
928
929 ldapserver
930 The LDAP server. Only used if ldapnodes
931 is enabled.
932
933
934
935 · Default: ldap
936
937
938
939 ldapssl
940 Whether SSL should be used when searching for nodes. Defaults to false
941 because SSL usually requires certificates to be set up on the client
942 side.
943
944
945
946 · Default: false
947
948
949
950 ldapstring
951 The search string used to find an LDAP node.
952
953
954
955 · Default: (&(objectclass=puppetClient)(cn=%s))
956
957
958
959 ldaptls
960 Whether TLS should be used when searching for nodes. Defaults to false
961 because TLS usually requires certificates to be set up on the client
962 side.
963
964
965
966 · Default: false
967
968
969
970 ldapuser
971 The user to use to connect to LDAP. Must be specified as a full DN.
972
973
974
975 lexical
976 Whether to use lexical scoping (vs. dynamic).
977
978
979
980 · Default: false
981
982
983
984 libdir
985 An extra search path for Puppet. This is only useful for those files
986 that Puppet will load on demand, and is only guaranteed to work for
987 those cases. In fact, the autoload mechanism is responsible for making
988 sure this directory is in Ruby´s search path
989
990
991
992 · Default: $vardir/lib
993
994
995
996 listen
997 Whether puppetd should listen for connections. If this is true, then
998 by default only the runner
999 server is started, which allows remote authorized and authenticated
1000 nodes to connect and trigger puppetd
1001 runs.
1002
1003
1004
1005 · Default: false
1006
1007
1008
1009 localcacert
1010 Where each client stores the CA certificate.
1011
1012
1013
1014 · Default: $certdir/ca.pem
1015
1016
1017
1018 localconfig
1019 Where puppetd caches the local configuration. An extension indicating
1020 the cache format is added automatically.
1021
1022
1023
1024 · Default: $statedir/localconfig
1025
1026
1027
1028 logdir
1029 The Puppet log directory.
1030
1031
1032
1033 · Default: $vardir/log
1034
1035
1036
1037 manifest
1038 The entry-point manifest for puppetmasterd.
1039
1040
1041
1042 · Default: $manifestdir/site.pp
1043
1044
1045
1046 manifestdir
1047 Where puppetmasterd looks for its manifests.
1048
1049
1050
1051 · Default: $confdir/manifests
1052
1053
1054
1055 masterhttplog
1056 Where the puppetmasterd web server logs.
1057
1058
1059
1060 · Default: $logdir/masterhttp.log
1061
1062
1063
1064 masterlog
1065 Where puppetmasterd logs. This is generally not used, since syslog is
1066 the default log destination.
1067
1068
1069
1070 · Default: $logdir/puppetmaster.log
1071
1072
1073
1074 masterport
1075 Which port puppetmasterd listens on.
1076
1077
1078
1079 · Default: 8140
1080
1081
1082
1083 maximum_uid
1084 The maximum allowed UID. Some platforms use negative UIDs but then
1085 ship with tools that do not know how to handle signed ints, so the UIDs
1086 show up as huge numbers that can then not be fed back into the system.
1087 This is a hackish way to fail in a slightly more useful way when that
1088 happens.
1089
1090
1091
1092 · Default: 4294967290
1093
1094
1095
1096 mkusers
1097 Whether to create the necessary user and group that puppetd will run
1098 as.
1099
1100
1101
1102 · Default: false
1103
1104
1105
1106 modulepath
1107 The search path for modules as a colon-separated list of directories.
1108
1109
1110
1111 · Default: $confdir/modules:/usr/share/puppet/modules
1112
1113
1114
1115 name
1116 The name of the service, if we are running as one. The default is
1117 essentially $0 without the path or
1118
1119
1120
1121 · Default: puppetdoc
1122
1123
1124
1125 node_name
1126 How the puppetmaster determines the client´s identity and sets the
1127 ´hostname´, ´fqdn´ and ´domain´ facts for use in the manifest, in par‐
1128 ticular for determining which ´node´ statement applies to the client.
1129 Possible values are ´cert´ (use the subject´s CN in the client´s cer‐
1130 tificate) and ´facter´ (use the hostname that the client reported in
1131 its facts)
1132
1133
1134
1135 · Default: cert
1136
1137
1138
1139 node_terminus
1140 Where to find information about nodes.
1141
1142
1143
1144 · Default: plain
1145
1146
1147
1148 noop
1149 Whether puppetd should be run in noop mode.
1150
1151
1152
1153 · Default: false
1154
1155
1156
1157 paramcheck
1158 Whether to validate parameters during parsing.
1159
1160
1161
1162 · Default: true
1163
1164
1165
1166 parseonly
1167 Just check the syntax of the manifests.
1168
1169
1170
1171 · Default: false
1172
1173
1174
1175 passfile
1176 Where puppetd stores the password for its private key. Generally
1177 unused.
1178
1179
1180
1181 · Default: $privatedir/password
1182
1183
1184
1185 path
1186 The shell search path. Defaults to whatever is inherited from the par‐
1187 ent process.
1188
1189
1190
1191 · Default: none
1192
1193
1194
1195 pidfile
1196 The pid file
1197
1198
1199
1200 plugindest
1201 Where Puppet should store plugins that it pulls down from the central
1202 server.
1203
1204
1205
1206 · Default: $libdir
1207
1208
1209
1210 pluginpath
1211 Where Puppet should look for plugins. Multiple directories should be
1212 colon-separated, like normal PATH variables. As of 0.23.1, this option
1213 is deprecated; download your custom libraries to the $libdir instead.
1214
1215
1216
1217 · Default: $vardir/plugins
1218
1219
1220
1221 pluginsignore
1222 What files to ignore when pulling down plugins.
1223
1224
1225
1226 · Default: .svn CVS
1227
1228
1229
1230 pluginsource
1231 From where to retrieve plugins. The standard Puppet file
1232 type is used for retrieval, so anything that is a valid file source
1233 can be used here.
1234
1235
1236
1237 · Default: puppet://$server/plugins
1238
1239
1240
1241 pluginsync
1242 Whether plugins should be synced with the central server.
1243
1244
1245
1246 · Default: false
1247
1248
1249
1250 privatedir
1251 Where the client stores private certificate information.
1252
1253
1254
1255 · Default: $ssldir/private
1256
1257
1258
1259 privatekeydir
1260 The private key directory.
1261
1262
1263
1264 · Default: $ssldir/private_keys
1265
1266
1267
1268 publickeydir
1269 The public key directory.
1270
1271
1272
1273 · Default: $ssldir/public_keys
1274
1275
1276
1277 puppetdlockfile
1278 A lock file to temporarily stop puppetd from doing anything.
1279
1280
1281
1282 · Default: $statedir/puppetdlock
1283
1284
1285
1286 puppetdlog
1287 The log file for puppetd. This is generally not used.
1288
1289
1290
1291 · Default: $logdir/puppetd.log
1292
1293
1294
1295 puppetport
1296 Which port puppetd listens on.
1297
1298
1299
1300 · Default: 8139
1301
1302
1303
1304 rails_loglevel
1305 The log level for Rails connections. The value must be a valid log
1306 level within Rails. Production environments normally use info
1307 and other environments normally use debug
1308
1309
1310
1311 · Default: info
1312
1313
1314
1315 railslog
1316 Where Rails-specific logs are sent
1317
1318
1319
1320 · Default: $logdir/rails.log
1321
1322
1323
1324 report
1325 Whether to send reports after every transaction.
1326
1327
1328
1329 · Default: false
1330
1331
1332
1333 reportdir
1334 The directory in which to store reports received from the client. Each
1335 client gets a separate subdirectory.
1336
1337
1338
1339 · Default: $vardir/reports
1340
1341
1342
1343 reportfrom
1344 The ´from´ email address for the reports.
1345
1346
1347
1348 · Default: report@absinthe.lovedthanlost.net
1349
1350
1351
1352 reports
1353 The list of reports to generate. All reports are looked for in pup‐
1354 pet/reports/<name>.rb, and multiple report names should be comma-sepa‐
1355 rated (whitespace is okay).
1356
1357
1358
1359 · Default: store
1360
1361
1362
1363 reportserver
1364 The server to which to send transaction reports.
1365
1366
1367
1368 · Default: $server
1369
1370
1371
1372 req_bits
1373 The bit length of the certificates.
1374
1375
1376
1377 · Default: 2048
1378
1379
1380
1381 rrddir
1382 The directory where RRD database files are stored. Directories for each
1383 reporting host will be created under this directory.
1384
1385
1386
1387 · Default: $vardir/rrd
1388
1389
1390
1391 rrdgraph
1392 Whether RRD information should be graphed.
1393
1394
1395
1396 · Default: false
1397
1398
1399
1400 rrdinterval
1401 How often RRD should expect data. This should match how often the hosts
1402 report back to the server.
1403
1404
1405
1406 · Default: $runinterval
1407
1408
1409
1410 rundir
1411 Where Puppet PID files are kept.
1412
1413
1414
1415 · Default: $vardir/run
1416
1417
1418
1419 runinterval
1420 How often puppetd applies the client configuration; in seconds.
1421
1422
1423
1424 · Default: 1800
1425
1426
1427
1428 sendmail
1429 Where to find the sendmail binary with which to send email.
1430
1431
1432
1433 serial
1434 Where the serial number for certificates is stored.
1435
1436
1437
1438 · Default: $cadir/serial
1439
1440
1441
1442 server
1443 The server to which server puppetd should connect
1444
1445
1446
1447 · Default: puppet
1448
1449
1450
1451 servertype
1452 The type of server to use. Currently supported options are webrick and
1453 mongrel. If you use mongrel, you will need a proxy in front of the
1454 process or processes, since Mongrel cannot speak SSL.
1455
1456
1457
1458 · Default: webrick
1459
1460
1461
1462 show_diff
1463 Whether to print a contextual diff when files are being replaced. The
1464 diff is printed on stdout, so this option is meaningless unless you are
1465 running Puppet interactively. This feature currently requires the
1466 diff/lcs
1467 Ruby library.
1468
1469
1470
1471 · Default: false
1472
1473
1474
1475 signeddir
1476 Where the CA stores signed certificates.
1477
1478
1479
1480 · Default: $cadir/signed
1481
1482
1483
1484 smtpserver
1485 The server through which to send email reports.
1486
1487
1488
1489 · Default: none
1490
1491
1492
1493 splay
1494 Whether to sleep for a pseudo-random (but consistent) amount of time
1495 before a run.
1496
1497
1498
1499 · Default: false
1500
1501
1502
1503 splaylimit
1504 The maximum time to delay before runs. Defaults to being the same as
1505 the run interval.
1506
1507
1508
1509 · Default: $runinterval
1510
1511
1512
1513 ssl_client_header
1514 The header containing an authenticated client´s SSL DN. Only used with
1515 Mongrel. This header must be set by the proxy to the authenticated
1516 client´s SSL DN (e.g., /CN=puppet.reductivelabs.com ). See
1517 http://reductivelabs.com/puppet/trac/wiki/UsingMongrel for more infor‐
1518 mation.
1519
1520
1521
1522 · Default: HTTP_X_CLIENT_DN
1523
1524
1525
1526 ssl_client_verify_header
1527 The header containing the status message of the client verification.
1528 Only used with Mongrel. This header must be set by the proxy to ´SUC‐
1529 CESS´ if the client successfully authenticated, and anything else oth‐
1530 erwise. See http://reductivelabs.com/puppet/trac/wiki/UsingMongrel for
1531 more information.
1532
1533
1534
1535 · Default: HTTP_X_CLIENT_VERIFY
1536
1537
1538
1539 ssldir
1540 Where SSL certificates are kept.
1541
1542
1543
1544 · Default: $confdir/ssl
1545
1546
1547
1548 statedir
1549 The directory where Puppet state is stored. Generally, this directory
1550 can be removed without causing harm (although it might result in spuri‐
1551 ous service restarts).
1552
1553
1554
1555 · Default: $vardir/state
1556
1557
1558
1559 statefile
1560 Where puppetd and puppetmasterd store state associated with the running
1561 configuration. In the case of puppetmasterd, this file reflects the
1562 state discovered through interacting with clients.
1563
1564
1565
1566 · Default: $statedir/state.yaml
1567
1568
1569
1570 storeconfigs
1571 Whether to store each client´s configuration. This requires ActiveRe‐
1572 cord from Ruby on Rails.
1573
1574
1575
1576 · Default: false
1577
1578
1579
1580 summarize
1581 Whether to print a transaction summary.
1582
1583
1584
1585 · Default: false
1586
1587
1588
1589 syslogfacility
1590 What syslog facility to use when logging to syslog. Syslog has a fixed
1591 list of valid facilities, and you must choose one of those; you cannot
1592 just make one up.
1593
1594
1595
1596 · Default: daemon
1597
1598
1599
1600 tagmap
1601 The mapping between reporting tags and email addresses.
1602
1603
1604
1605 · Default: $confdir/tagmail.conf
1606
1607
1608
1609 tags
1610 Tags to use to find resources. If this is set, then only resources
1611 tagged with the specified tags will be applied. Values must be
1612 comma-separated.
1613
1614
1615
1616 templatedir
1617 Where Puppet looks for template files.
1618
1619
1620
1621 · Default: $vardir/templates
1622
1623
1624
1625 trace
1626 Whether to print stack traces on some errors
1627
1628
1629
1630 · Default: false
1631
1632
1633
1634 typecheck
1635 Whether to validate types during parsing.
1636
1637
1638
1639 · Default: true
1640
1641
1642
1643 usecacheonfailure
1644 Whether to use the cached configuration when the remote configuration
1645 will not compile. This option is useful for testing new configura‐
1646 tions, where you want to fix the broken configuration rather than
1647 reverting to a known-good one.
1648
1649
1650
1651 · Default: true
1652
1653
1654
1655 user
1656 The user puppetmasterd should run as.
1657
1658
1659
1660 · Default: puppet
1661
1662
1663
1664 vardir
1665 Where Puppet stores dynamic and growing data. The default for this
1666 parameter is calculated specially, like confdir.
1667
1668
1669
1670 · Default: /var/puppet
1671
1672
1673
1674 yamldir
1675 The directory in which YAML data is stored, usually in a subdirectory.
1676
1677
1678
1679 · Default: $vardir/yaml
1680
1681
1682
1683 ----
1684
1685
1686
1687 This page autogenerated on Sat Mar 22 17:46:15 +1100 2008
1688
1689
1690
1691
1692
1693
1694 Configuration(Reference)