similar to: using puppet ssl certs for other applications

Me again! I have a recipe that looks like: class postgresql { file { pg_hba_conf: name => "/var/lib/pgsql/data/pg_hba.conf", source => "puppet://puppetmaster/files/workstations/common/var/lib/pgsql/data/pg_hba.conf", owner => postgres, group => postgres, mode => 600, subscribe => [ Package[postgresql] ],

I am using Puppet 3.1.0 on a CentOS 6.3 machines. The puppet master and puppet agents use CentOS 6.3 as their OS. I have a puppet script (init.pp file for the puppet module) that contains the following exec type: exec { "postgres init": cwd => "/applications/module", command => "bash initializePostgres.sh", user => "postgres", group =>

Puppet 3.3.1 // CentOS release 6.4 (Final) rpm -qa | grep puppet puppetlabs-release-6-7.noarch puppet-3.1.1-1.el6.noarch puppetdb-1.3.0-1.el6.noarch puppet-server-3.1.1-1.el6.noarch puppetdb-terminus-1.3.0-1.el6.noarch Installed from yum packages: Running Transaction Installing : puppetdb-1.3.0-1.el6.noarch

Hello. I use puppet 2.6.3-rc2 Now I try move my classes to modules. But I got a problem that Puppet does not sees modules. in puppet.conf: [main] logdir = /var/log/puppet rundir = /var/run/puppet ssldir = $vardir/ssl libdir = /opt/puppet-dashboard/lib/puppet modulepath=$confdir/modules In nodes : node postgres { include basesystem include postgres } In

I''m trying to change the password complexity requirements in pam.d/system-auth using augeas. I can append the values (lcredit=-1, ucredit=-1, etc) onto the correct place, but if another value is already present (i.e. lcredit=-2), the onlyif match statement doesn''t seem to support checking regular expressions inside of strings. How do I check that any numeric value exists in the

Here''s what I''m using: exec { "cert-fix": command => "curl http://curl.haxx.se/ca/cacert.pem -o /etc/pki/tls/certs/ca-bundle.crt", onlyif => "test -e /etc/pki/tls/certs/ca-bundle.crt", } But it keeps on failing: > [default] Running Puppet with /tmp/vagrant-puppet/manifests/acid.pp... > Parameter onlyif failed: ''test -e

Does facter support NICs that are not named ethX? I happen to use custom names on my systems. Just a quick look at the code I don''t see why it wouldn''t but the behavior I am seeing is very different. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To

Hmmm.... So I was just trying the extlookup function that comes with puppet 2.6.1. It now lets you do this: $version = extlookup("rsyslog_version", "present", "packages") which, according to the documentation: # This will look for a version configured in packages.csv and then in the rest as configured # by $extlookup_precedence if it''s not found anywhere

I downloaded the puppet-dashboard.git from http://github.com/puppetlabs/puppet-dashboard and did the installation in my ubuntu lucid puppet server following the steps in "Installation". Now I can run it fine using the WEBrick like this root@sys-ubuntu { ~/git/puppet-dashboard }$ ./script/server -e production => Booting WEBrick => Rails 2.3.5 application starting on

Hi all, Am starting to look at managing some of the extended Solaris authorisations starting with /etc/user_attr. Has anyone looked at this before? File is similar in format to a passwd file. Heres a couple of examples from a default file: adm::::profiles=Log Management lp::::profiles=Printer Management postgres::::type=role;profiles=Postgres Administration,All Has anyone looked at this

How can I configure F5 load balancer to be infront of multiple puppet masters? The SSL will break as the server name if different, hostname of the VIP on the LB vs hostnames of each masters, right? Can you shed some light? Thanks. -- Hai Tao -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to

I was wondering how to configure the puppet clients to only listen, not to periodically pull configs down from the puppetmaster. I''d rather push the configs out from the puppetmaster with puppetrun... At a guess I need to set runinterval to 0 in /etc/puppet/puppet.conf? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hello, I read and find a way (well, there seems to be several equal implementations) to collect the ssh keys of machines. However they all give only the choice to choose between the key formats. But is there a way to collect both keys of a machine, the rsa _and_ the dss key (and maybe the rsa1 too)? I didn''t find a way to solve this as

Hello, I have configured puppet and puppetdb (storeconfig) with postgresql and the service run and the collecting are good for example: I can make query with the next command and responds ok . [.........................] [root@master]# curl -X GET -H ''Accept: application/json'' http://127.0.0.1:8080/v2/facts --data-urlencode ''query=["=", "name",

Hello, I''m currently trying to deploy puppetdb to my environment but I''m having difficulties and am unsure on how to proceed. I have 1300+ nodes checking in at 15 minute intervals (3.7 million resources in the population). The load is spread across 6 puppet masters. I requisitioned what I thought would be a powerful enough machine for the puppetdb/postgres server. A machine

Hi all, i'' m trying to configure puppet to use rails with postgresql. I'' m having troubles to make it work. Got no error when running puppetmasterd but nothing is being populated in the DB. Is anybody using puppet with postgres ? my config (in puppet.conf) [rails] dbadapter = postgresql dbname = mydb dbserver = localhost dbuser = user dbpassword = password

* Aki Tuomi <aki.tuomi at dovecot.fi>: > > > On 20.03.2017 14:30, Ralf Hildebrandt wrote: > > ssl_client_ca_file = </etc/ssl/certs/ca-certificates.crt > > Leave the < out. It is misleading, I know, but it does say file. =) Makes no difference: # doveconf |fgrep ssl_client_ca ssl_client_ca_dir = ssl_client_ca_file = /etc/ssl/certs/ca-certificates.crt and with

Hi Experts, I''m trying to generate my own certificates (all of them, including certs for CA, server and client) for puppet to use. and I''m getting "Could not run: Could not retrieve certificate for puppetsrv and not running on a valid certificate authority" Just wondering what the problem could be? What I did is: 1. generate a self signed CA cert, and save the

packages.debian.org is lagging in terms of what it''s showing, but.... $ rmadison -u debian {puppet,facter} | grep unstable puppet | 0.25.4-1 | unstable | source, all facter | 1.5.7-1 | unstable | source, all they''re both up there now. -- nigel -- You received this message because you are subscribed to the Google Groups "Puppet Users" group.

Hi all, Thanks for all your suggestions. Here's where I'm at with this. Can you give details about your puppetmasterd setup ? it seems that > you're using Foreman as puppet ENC. > Yes, I'm on foreman 1.7.4 and puppet 3.75. You are correct that I'm using foreman, sorry I hadn't thought to mention it! > Foreman works fine with selinux enabled : that's what