1bcfg2.conf(5) File Formats Manual bcfg2.conf(5)
2
6 bcfg2.conf - configuration parameters for Bcfg2
7
10 bcfg2.conf includes configuration parameters for the Bcfg2 server and
11 client.
12
15 The file is INI-style and consists of sections and options. A section
16 begins with the name of the sections in square brackets and continues
17 until the next section begins.
18 Options are specified in the form 'name = value'.
20 The file is line-based each newline-terminated line represents either a
22 comment, a section name or an option.
23 Any line beginning with a hash (#) is ignored, as are lines containing
25 only whitespace.
26
30 These options are only necessary on the Bcfg2 server. They are speci‐
31 fied in the [server] section of the configuration file.
32 repository
35 Specifies the path to the Bcfg2 repository containing all of the
36 configuration specifications. The repository should be created
37 using the 'bcfg2-admin init' command.
38 filemonitor
41 The file monitor used to watch for changes in the repository.
42 Values of 'gamin', 'fam', or 'pseudo' are valid.
43 plugins
46 A comma-delimited list of enabled server plugins. Currently
47 available plugins are:
48 · Account The account plugin manages authentication data,
50 including:
51 * /etc/passwd
53 * /etc/group
54 * /etc/security/limits.conf
55 * /etc/sudoers
56 * /root/.ssh/authorized_keys
57 · Actions
59 Action entries are commands that are executed either before bun‐
61 dle installation, after bundle installation or both. If exit
62 status is observed, a failing pre-action will cause no modifica‐
63 tion of the enclosing bundle to be performed; all entries
64 included in that bundle will not be modified. Failing actions
65 are reported through Bcfg2's reporting system, so they can be
66 centrally observed.
67 · BB The BB plugin maps users to machines and metadata to
69 machines. (experimental)
70 · Base A structure plugin that provides the ability to add lists
72 of unrelated entries into client configuration entry invento‐
73 ries. Base works much like Bundler in its file format. This
74 structure plugin is good for the pile of independent configs
75 needed for most actual systems.
76 · Bundler Bundler is used to describe groups of inter-dependent
78 configuration entries, such as the combination of packages, con‐
79 figuration files, and service activations that comprise typical
80 Unix daemons. Bundles are used to add groups of configuration
81 entries to the inventory of client configurations, as opposed to
82 describing particular versions of those entries.
83 · Bzr The Bzr plugin allows you to track changes to your Bcfg2
85 repository using a GNU Bazaar version control backend. Cur‐
86 rently, it enables you to get revision information out of your
87 repository for reporting purposes.
88 · Cfg The Cfg plugin provides a repository to describe configu‐
90 ration file contents for clients. In its simplest form, the Cfg
91 repository is just a directory tree modeled off of the directory
92 tree on your client machines.
93 · Cvs The Cvs plugin allows you to track changes to your Bcfg2
95 repository using a Concurrent version control backend. Cur‐
96 rently, it enables you to get revision information out of your
97 repository for reporting purposes. (experimental)
98 · Darcs The Darcs plugin allows you to track changes to your
100 Bcfg2 repository using a Darcs version control backend. Cur‐
101 rently, it enables you to get revision information out of your
102 repository for reporting purposes. (experimental)
103 · DBStats Direct to database statistics plugin. (0.9.6 and
105 later)
106 · Decisions The Decisions plugin has support for a centralized
108 set of per-entry installation decisions. This approach is needed
109 when particular changes are deemed "high risk"; this gives the
110 ability to centrally specify these changes, but only install
111 them on clients when administrator supervision is available.
112 (0.9.6 and later)
113 · Deps The Deps plugin allows you to make a series of assertions
115 like "Package X requires Package Y (and optionally also Package
116 Z etc.)
117 · Editor The Editor plugin allows you to partially manage con‐
119 figuration for a file. Its use is not recommended and not well
120 documented.
121 · Fossil The Fossil plugin allows you to track changes to your
123 Bcfg2 repository using a Fossil SCM version control backend.
124 Currently, it enables you to get revision information out of
125 your repository for reporting purposes.
126 · Git The Git plugin allows you to track changes to your Bcfg2
128 repository using a Git version control backend. Currently, it
129 enables you to get revision information out of your repository
130 for reporting purposes.
131 · GroupPatterns The GroupPatterns plugin is a connector that can
133 assign clients group membership based on patterns in client
134 hostnames.
135 · Hg The Hg plugin allows you to track changes to your Bcfg2
137 repository using a Mercurial version control backend. Currently,
138 it enables you to get revision information out of your reposi‐
139 tory for reporting purposes. (experimental)
140 · Hostbase The Hostbase plugin is an IP management system built
142 on top of Bcfg2.
143 · Metadata The Metadata plugin is the primary method of specify‐
145 ing Bcfg2 server metadata.
146 · NagiosGen NagiosGen is a Bcfg2 plugin that dynamically gener‐
148 ates Nagios configuration files based on Bcfg2 data.
149 · Ohai The Ohai plugin is used to detect information about the
151 client operating system. The data is reported back to the server
152 using JSON. (experimental)
153 · POSIXCompat The POSIXCompat plugin provides a compatibility
155 layer which turns new-style (1.0) POSIX entries into old-style
156 entries which are compatible with previous releases.
157 · Packages The Packages plugin is an alternative to Pkgmgr for
159 specifying package entries for clients. Where Pkgmgr explicitly
160 specifies package entry information, Packages delegates control
161 of package version information to the underlying package man‐
162 ager, installing the latest version available from through those
163 channels.
164 · Pkgmgr The Pkgmgr plugin resolves the Abstract Configuration
166 Entity "Package" to a package specification that the client can
167 use to detect, verify and install the specified package.
168 · Probes The Probes plugin gives you the ability to gather
170 information from a client machine before you generate its con‐
171 figuration. This information can be used with the various tem‐
172 plating systems to generate configuration based on the results.
173 · Properties The Properties plugin is a connector plugin that
175 adds information from properties files into client metadata
176 instances. (1.0 and later)
177 · Rules The Rules plugin resolves Abstract Configuration Enti‐
179 ties to literal configuration entries suitable for the client
180 drivers to consume.
181 · SGenshi (Deprecated) See Bundler.
183 · Snapshots The Snapshots plugin stores various aspects of a
185 client's state when the client checks in to the server.
186 · SSHbase The SSHbase generator plugin manages ssh host keys
188 (both v1 and v2) for hosts. It also manages the ssh_known_hosts
189 file. It can integrate host keys from other management domains
190 and similarly export its keys.
191 · Svn The Svn plugin allows you to track changes to your Bcfg2
193 repository using a Subversion backend. Currently, it enables you
194 to get revision information out of your repository for reporting
195 purposes.
196 · TCheetah The TCheetah plugin allows you to use the cheetah
198 templating system to create files. It also allows you to include
199 the results of probes executed on the client in the created
200 files.
201 · TGenshi The TGenshi plugin allows you to use the Genshi tem‐
203 plating system to create files. It also allows you to include
204 the results of probes executed on the client in the created
205 files.
206 · Trigger Trigger is a plugin that calls external scripts when
208 clients are configured.
209 prefix Specifies a prefix if the Bcfg2 installation isn't placed in the
212 default location (eg. /usr/local).
213
216 These options affect the default metadata settings for Paths with
217 type='file'.
218 owner Global owner for Paths (defaults to root)
221 group Global group for Paths (defaults to root)
224 perms Global permissions for Paths (defaults to 644)
227 paranoid
230 Global paranoid settings for Paths (defaults to false)
231
235 These options only affect client functionality, specified in the
236 [client] section.
237 drivers
240 Specify tool driver set to use. This option can be used to
241 explicitly specify the client tool drivers you want to use when
242 the client is run.
243 paranoid
246 Run the client in paranoid mode.
247
251 Server-only, specified in the [statistics] section. These options con‐
252 trol the statistics collection functionality of the server.
253 database_engine
256 The database engine used by the statistics module. One of either
257 database_name
260 The name of the database to use for statistics data. If sqlite
261 file and defaults to $REPOSITORY_DIR/etc/brpt.sqlite
262 database_user
265 User for database connections. Not used for sqlite3.
266 database_password
269 Password for database connections. Not used for sqlite3.
270 database_host
273 Host for database connections. Not used for sqlite3.
274 database_port
277 Port for database connections. Not used for sqlite3.
278
282 Specified in the [communication] section. These options define settings
283 used for client-server communication.
284 ca The path to a file containing the CA certificate. This file is
287 required on the server, and optional on clients. However, if the
288 cacert is not present on clients, the server cannot be verified.
289 certificate
292 The path to a file containing a PEM formatted certificate which
293 signs the key with the ca certificate. This setting is required
294 on the server in all cases, and required on clients if using
295 client certificates.
296 key Specifies the path to a file containing the SSL Key. This is
299 required on the server in all cases, and required on clients if
300 using client certificates.
301 password
304 Required on both the server and clients. On the server, sets the
305 password clients need to use to communicate. On a client, sets
306 the password to use to connect to the server.
307 protocol
310 Communication protocol to use. Defaults to xmlrpc/ssl.
311 retries
314 A client-only option. Number of times to retry network communi‐
315 cation.
316 user A client-only option. The UUID of the client.
319
322 These options allow for finer-grained control of the paranoid mode on
323 the Bcfg2 client. They are specified in the [paranoid] section of the
324 configuration file.
325 path Custom path for backups created in paranoid mode. The default is
328 in /var/cache/bcfg2.
329 max_copies
332 Specify a maximum number of copies for the server to keep when
333 running in paranoid mode. Only the most recent versions of these
334 copies will be kept.
335
338 Specified in the [components] section.
339 bcfg2 URL of the server. On the server this specifies which interface
342 and port the server listens on. On the client, this specifies
343 where the client will attempt to contact the server. eg: bcfg2
344 = https://10.3.1.6:6789
345 encoding
348 Text encoding of configuration files. Defaults to the system
349 default encoding.
350
354 Specified in the [logging] section. These options control the server
355 logging functionality.
356 path Server log file path.
358
361 Specified in the [snapshots] section. These options control the server
362 snapshots functionality.
363 driver sqlite
365 database The name of the database to use for statistics data. eg:
367 $REPOSITORY_DIR/etc/bcfg2.sqlite
368
371 bcfg2(1), bcfg2-server(8)
372 bcfg2.conf(5)