1bcfg2.conf(5) File Formats Manual bcfg2.conf(5)
2
3
4
6 bcfg2.conf - configuration parameters for Bcfg2
7
8
10 bcfg2.conf includes configuration parameters for the Bcfg2 server and
11 client.
12
13
15 The file is INI-style and consists of sections and options. A section
16 begins with the name of the sections in square brackets and continues
17 until the next section begins.
18
19 Options are specified in the form 'name = value'.
20
21 The file is line-based each newline-terminated line represents either a
22 comment, a section name or an option.
23
24 Any line beginning with a hash (#) is ignored, as are lines containing
25 only whitespace.
26
27
28
30 These options are only necessary on the Bcfg2 server. They are speci‐
31 fied in the [server] section of the configuration file.
32
33
34 repository
35 Specifies the path to the Bcfg2 repository containing all of the
36 configuration specifications. The repository should be created
37 using the 'bcfg2-admin init' command.
38
39
40 filemonitor
41 The file monitor used to watch for changes in the repository.
42 Values of 'gamin', 'fam', or 'pseudo' are valid.
43
44
45 plugins
46 A comma-delimited list of enabled server plugins. Currently
47 available plugins are:
48
49 · Account The account plugin manages authentication data,
50 including:
51
52 * /etc/passwd
53 * /etc/group
54 * /etc/security/limits.conf
55 * /etc/sudoers
56 * /root/.ssh/authorized_keys
57
58 · Actions
59
60 Action entries are commands that are executed either before bun‐
61 dle installation, after bundle installation or both. If exit
62 status is observed, a failing pre-action will cause no modifica‐
63 tion of the enclosing bundle to be performed; all entries
64 included in that bundle will not be modified. Failing actions
65 are reported through Bcfg2's reporting system, so they can be
66 centrally observed.
67
68 · BB The BB plugin maps users to machines and metadata to
69 machines. (experimental)
70
71 · Base A structure plugin that provides the ability to add lists
72 of unrelated entries into client configuration entry invento‐
73 ries. Base works much like Bundler in its file format. This
74 structure plugin is good for the pile of independent configs
75 needed for most actual systems.
76
77 · Bundler Bundler is used to describe groups of inter-dependent
78 configuration entries, such as the combination of packages, con‐
79 figuration files, and service activations that comprise typical
80 Unix daemons. Bundles are used to add groups of configuration
81 entries to the inventory of client configurations, as opposed to
82 describing particular versions of those entries.
83
84 · Bzr The Bzr plugin allows you to track changes to your Bcfg2
85 repository using a GNU Bazaar version control backend. Cur‐
86 rently, it enables you to get revision information out of your
87 repository for reporting purposes.
88
89 · Cfg The Cfg plugin provides a repository to describe configu‐
90 ration file contents for clients. In its simplest form, the Cfg
91 repository is just a directory tree modeled off of the directory
92 tree on your client machines.
93
94 · Cvs The Cvs plugin allows you to track changes to your Bcfg2
95 repository using a Concurrent version control backend. Cur‐
96 rently, it enables you to get revision information out of your
97 repository for reporting purposes. (experimental)
98
99 · Darcs The Darcs plugin allows you to track changes to your
100 Bcfg2 repository using a Darcs version control backend. Cur‐
101 rently, it enables you to get revision information out of your
102 repository for reporting purposes. (experimental)
103
104 · DBStats Direct to database statistics plugin. (0.9.6 and
105 later)
106
107 · Decisions The Decisions plugin has support for a centralized
108 set of per-entry installation decisions. This approach is needed
109 when particular changes are deemed "high risk"; this gives the
110 ability to centrally specify these changes, but only install
111 them on clients when administrator supervision is available.
112 (0.9.6 and later)
113
114 · Deps The Deps plugin allows you to make a series of assertions
115 like "Package X requires Package Y (and optionally also Package
116 Z etc.)
117
118 · Editor The Editor plugin allows you to partially manage con‐
119 figuration for a file. Its use is not recommended and not well
120 documented.
121
122 · Fossil The Fossil plugin allows you to track changes to your
123 Bcfg2 repository using a Fossil SCM version control backend.
124 Currently, it enables you to get revision information out of
125 your repository for reporting purposes.
126
127 · Git The Git plugin allows you to track changes to your Bcfg2
128 repository using a Git version control backend. Currently, it
129 enables you to get revision information out of your repository
130 for reporting purposes.
131
132 · GroupPatterns The GroupPatterns plugin is a connector that can
133 assign clients group membership based on patterns in client
134 hostnames.
135
136 · Hg The Hg plugin allows you to track changes to your Bcfg2
137 repository using a Mercurial version control backend. Currently,
138 it enables you to get revision information out of your reposi‐
139 tory for reporting purposes. (experimental)
140
141 · Hostbase The Hostbase plugin is an IP management system built
142 on top of Bcfg2.
143
144 · Metadata The Metadata plugin is the primary method of specify‐
145 ing Bcfg2 server metadata.
146
147 · NagiosGen NagiosGen is a Bcfg2 plugin that dynamically gener‐
148 ates Nagios configuration files based on Bcfg2 data.
149
150 · Ohai The Ohai plugin is used to detect information about the
151 client operating system. The data is reported back to the server
152 using JSON. (experimental)
153
154 · POSIXCompat The POSIXCompat plugin provides a compatibility
155 layer which turns new-style (1.0) POSIX entries into old-style
156 entries which are compatible with previous releases.
157
158 · Packages The Packages plugin is an alternative to Pkgmgr for
159 specifying package entries for clients. Where Pkgmgr explicitly
160 specifies package entry information, Packages delegates control
161 of package version information to the underlying package man‐
162 ager, installing the latest version available from through those
163 channels.
164
165 · Pkgmgr The Pkgmgr plugin resolves the Abstract Configuration
166 Entity "Package" to a package specification that the client can
167 use to detect, verify and install the specified package.
168
169 · Probes The Probes plugin gives you the ability to gather
170 information from a client machine before you generate its con‐
171 figuration. This information can be used with the various tem‐
172 plating systems to generate configuration based on the results.
173
174 · Properties The Properties plugin is a connector plugin that
175 adds information from properties files into client metadata
176 instances. (1.0 and later)
177
178 · Rules The Rules plugin resolves Abstract Configuration Enti‐
179 ties to literal configuration entries suitable for the client
180 drivers to consume.
181
182 · SGenshi (Deprecated) See Bundler.
183
184 · Snapshots The Snapshots plugin stores various aspects of a
185 client's state when the client checks in to the server.
186
187 · SSHbase The SSHbase generator plugin manages ssh host keys
188 (both v1 and v2) for hosts. It also manages the ssh_known_hosts
189 file. It can integrate host keys from other management domains
190 and similarly export its keys.
191
192 · Svn The Svn plugin allows you to track changes to your Bcfg2
193 repository using a Subversion backend. Currently, it enables you
194 to get revision information out of your repository for reporting
195 purposes.
196
197 · TCheetah The TCheetah plugin allows you to use the cheetah
198 templating system to create files. It also allows you to include
199 the results of probes executed on the client in the created
200 files.
201
202 · TGenshi The TGenshi plugin allows you to use the Genshi tem‐
203 plating system to create files. It also allows you to include
204 the results of probes executed on the client in the created
205 files.
206
207 · Trigger Trigger is a plugin that calls external scripts when
208 clients are configured.
209
210
211 prefix Specifies a prefix if the Bcfg2 installation isn't placed in the
212 default location (eg. /usr/local).
213
214
216 These options affect the default metadata settings for Paths with
217 type='file'.
218
219
220 owner Global owner for Paths (defaults to root)
221
222
223 group Global group for Paths (defaults to root)
224
225
226 perms Global permissions for Paths (defaults to 644)
227
228
229 paranoid
230 Global paranoid settings for Paths (defaults to false)
231
232
233
235 These options only affect client functionality, specified in the
236 [client] section.
237
238
239 drivers
240 Specify tool driver set to use. This option can be used to
241 explicitly specify the client tool drivers you want to use when
242 the client is run.
243
244
245 paranoid
246 Run the client in paranoid mode.
247
248
249
251 Server-only, specified in the [statistics] section. These options con‐
252 trol the statistics collection functionality of the server.
253
254
255 database_engine
256 The database engine used by the statistics module. One of either
257
258
259 database_name
260 The name of the database to use for statistics data. If sqlite
261 file and defaults to $REPOSITORY_DIR/etc/brpt.sqlite
262
263
264 database_user
265 User for database connections. Not used for sqlite3.
266
267
268 database_password
269 Password for database connections. Not used for sqlite3.
270
271
272 database_host
273 Host for database connections. Not used for sqlite3.
274
275
276 database_port
277 Port for database connections. Not used for sqlite3.
278
279
280
282 Specified in the [communication] section. These options define settings
283 used for client-server communication.
284
285
286 ca The path to a file containing the CA certificate. This file is
287 required on the server, and optional on clients. However, if the
288 cacert is not present on clients, the server cannot be verified.
289
290
291 certificate
292 The path to a file containing a PEM formatted certificate which
293 signs the key with the ca certificate. This setting is required
294 on the server in all cases, and required on clients if using
295 client certificates.
296
297
298 key Specifies the path to a file containing the SSL Key. This is
299 required on the server in all cases, and required on clients if
300 using client certificates.
301
302
303 password
304 Required on both the server and clients. On the server, sets the
305 password clients need to use to communicate. On a client, sets
306 the password to use to connect to the server.
307
308
309 protocol
310 Communication protocol to use. Defaults to xmlrpc/ssl.
311
312
313 retries
314 A client-only option. Number of times to retry network communi‐
315 cation.
316
317
318 user A client-only option. The UUID of the client.
319
320
322 These options allow for finer-grained control of the paranoid mode on
323 the Bcfg2 client. They are specified in the [paranoid] section of the
324 configuration file.
325
326
327 path Custom path for backups created in paranoid mode. The default is
328 in /var/cache/bcfg2.
329
330
331 max_copies
332 Specify a maximum number of copies for the server to keep when
333 running in paranoid mode. Only the most recent versions of these
334 copies will be kept.
335
336
338 Specified in the [components] section.
339
340
341 bcfg2 URL of the server. On the server this specifies which interface
342 and port the server listens on. On the client, this specifies
343 where the client will attempt to contact the server. eg: bcfg2
344 = https://10.3.1.6:6789
345
346
347 encoding
348 Text encoding of configuration files. Defaults to the system
349 default encoding.
350
351
352
354 Specified in the [logging] section. These options control the server
355 logging functionality.
356
357 path Server log file path.
358
359
361 Specified in the [snapshots] section. These options control the server
362 snapshots functionality.
363
364 driver sqlite
365
366 database The name of the database to use for statistics data. eg:
367 $REPOSITORY_DIR/etc/bcfg2.sqlite
368
369
371 bcfg2(1), bcfg2-server(8)
372
373
374
375
376 bcfg2.conf(5)