## mark a section (Learn more)

blade01-sles-tsm:/var/lib/puppet # puppetd --genconfig # The configuration file for puppetd. Note that this file # is likely to have unused configuration parameters in it; any parameter that's # valid anywhere in Puppet can be in any config file, even if it's not used. # # Every section can specify three special parameters: owner, group, and mode. # These parameters affect the required permissions of any files specified after # their specification. Puppet will sometimes use these parameters to check its # own configured state, so they can be used to make Puppet a bit more self-managing. # # Note also that the section names are entirely for human-level organizational # purposes; they don't provide separate namespaces. All parameters are in a # single namespace. # # Generated on Tue Aug 26 14:14:22 CEST 2008. # [puppetd] # The LDAP port. Only used if ``ldapnodes`` is enabled. # The default value is '389'. # ldapport = 389 # The LDAP attributes to include when querying LDAP for nodes. All # returned attributes are set as variables in the top-level scope. # Multiple values should be comma-separated. The value 'all' returns # all attributes. # The default value is 'all'. # ldapattrs = all # The password to use to connect to LDAP. # The default value is ''. # ldappassword = # Whether TLS should be used when searching for nodes. # Defaults to false because TLS usually requires certificates # to be set up on the client side. # ldaptls = false # The search string used to find an LDAP node. # The default value is '(&(objectclass=puppetClient)(cn=%s))'. # ldapstring = (&(objectclass=puppetClient)(cn=%s)) # The attribute to use to define the parent node. # The default value is 'parentnode'. # ldapparentattr = parentnode # The search base for LDAP searches. It's impossible to provide # a meaningful default here, although the LDAP libraries might # have one already set. Generally, it should be the 'ou=Hosts' # branch under your main directory. # The default value is ''. # ldapbase = # Whether to search for node configurations in LDAP. See # http://reductivelabs.com/puppet/trac/wiki/LdapNodes/ for more information. # ldapnodes = false # The LDAP server. Only used if ``ldapnodes`` is enabled. # The default value is 'ldap'. # ldapserver = ldap # The LDAP attributes to use to define Puppet classes. Values # should be comma-separated. # The default value is 'puppetclass'. # ldapclassattrs = puppetclass # The user to use to connect to LDAP. Must be specified as a # full DN. # The default value is ''. # ldapuser = # Whether SSL should be used when searching for nodes. # Defaults to false because SSL usually requires certificates # to be set up on the client side. # ldapssl = false # The maximum allowed UID. Some platforms use negative UIDs # but then ship with tools that do not know how to handle signed ints, so the UIDs show up as # huge numbers that can then not be fed back into the system. This is a hackish way to fail in a # slightly more useful way when that happens. # The default value is '4294967290'. # maximum_uid = 4294967290 # Send the process into the background. This is the default. # The default value is 'true'. # daemonize = true # From where to retrieve plugins. The standard Puppet ``file`` type # is used for retrieval, so anything that is a valid file source can # be used here. # The default value is 'puppet://$server/plugins'. pluginsource = puppet://puppet/plugins # Where Puppet should look for facts. Multiple directories should # be colon-separated, like normal PATH variables. # The default value is '$vardir/facts'. factpath = /var/lib/puppet/facts # Whether facts should be synced with the central server. # factsync = false # Whether to just print a configuration to stdout and exit. Only makes # sense when used interactively. Takes into account arguments specified # on the CLI. genconfig = true # Where Puppet stores dynamic and growing data. The default for this parameter is calculated specially, like `confdir`_. # The default value is '/var/puppet'. vardir = /var/lib/puppet # Where Puppet PID files are kept. # The default value is '$vardir/run'. rundir = /var/run/puppet # Whether to print a contextual diff when files are being replaced. The diff # is printed on stdout, so this option is meaningless unless you are running Puppet interactively. # This feature currently requires the ``diff/lcs`` Ruby library. # show_diff = false # An external command that can produce node information. The output # must be a YAML dump of a hash, and that hash must have one or both of # ``classes`` and ``parameters``, where ``classes`` is an array and # ``parameters`` is a hash. For unknown nodes, the commands should # exit with a non-zero exit code. # This command makes it straightforward to store your node mapping # information in other data sources like databases. # The default value is 'none'. # external_nodes = none # Where Puppet should look for plugins. Multiple directories should # be colon-separated, like normal PATH variables. As of 0.23.1, this # option is deprecated; download your custom libraries to the $libdir # instead. # The default value is '$vardir/plugins'. pluginpath = /var/lib/puppet/plugins # Which diff command to use when printing differences between files. # The default value is 'diff'. # diff = diff # Where to find information about nodes. # The default value is 'plain'. # node_terminus = plain # The environment Puppet is running in. For clients # (e.g., ``puppetd``) this determines the environment itself, which # is used to find modules and much more. For servers (i.e., # ``puppetmasterd``) this provides the default environment for nodes # we know nothing about. # The default value is 'development'. # environment = development # Whether plugins should be synced with the central server. pluginsync = true # Whether to print stack traces on some errors # trace = false # The name of the service, if we are running as one. The # default is essentially $0 without the path or ``.rb``. # The default value is 'puppetd'. # name = puppetd # Whether to create the necessary user and group that puppetd will # run as. # mkusers = false # Where Puppet should store facts that it pulls down from the central # server. # The default value is '$vardir/facts'. factdest = /var/lib/puppet/facts # What files to ignore when pulling down facts. # The default value is '.svn CVS'. # factsignore = .svn CVS # Whether to use colors when logging to the console. # Valid values are ``ansi`` (equivalent to ``true``), ``html`` (mostly # used during testing with TextMate), and ``false``, which produces # no color. # The default value is 'ansi'. # color = ansi # Whether to just print a manifest to stdout and exit. Only makes # sense when used interactively. Takes into account arguments specified # on the CLI. # genmanifest = false # An extra search path for Puppet. This is only useful # for those files that Puppet will load on demand, and is only # guaranteed to work for those cases. In fact, the autoload # mechanism is responsible for making sure this directory # is in Ruby's search path # The default value is '$vardir/lib'. libdir = /var/lib/puppet/lib # What syslog facility to use when logging to # syslog. Syslog has a fixed list of valid facilities, and you must # choose one of those; you cannot just make one up. # The default value is 'daemon'. # syslogfacility = daemon # The directory where Puppet state is stored. Generally, # this directory can be removed without causing harm (although it # might result in spurious service restarts). # The default value is '$vardir/state'. statedir = /var/lib/puppet/state # A parameter that can be used in commit # hooks, since it enables you to parse-check a single file rather # than requiring that all files exist. # ignoreimport = false # Print the value of a specific configuration parameter. If a # parameter is provided for this, then the value is printed and puppet # exits. Comma-separate multiple values. For a list of all values, # specify 'all'. This feature is only available in Puppet versions # higher than 0.18.4. # The default value is ''. # configprint = # Where Puppet should store plugins that it pulls down from the central # server. # The default value is '$libdir'. plugindest = /var/lib/puppet/lib # Which arguments to pass to the diff command when printing differences between files. # The default value is ''. # diff_args = # What files to ignore when pulling down plugins. # The default value is '.svn CVS'. # pluginsignore = .svn CVS # The main Puppet configuration directory. The default for this parameter is calculated based on the user. If the process # is runnig as root or the user that ``puppetmasterd`` is supposed to run as, it defaults to a system directory, but if it's running as any other user, # it defaults to being in ``~``. # The default value is '/etc/puppet'. # confdir = /etc/puppet # From where to retrieve facts. The standard Puppet ``file`` type # is used for retrieval, so anything that is a valid file source can # be used here. # The default value is 'puppet://$server/facts'. factsource = puppet://puppet/facts # The Puppet log directory. # The default value is '$vardir/log'. logdir = /var/log/puppet # The configuration file that defines the rights to the different # namespaces and methods. This can be used as a coarse-grained # authorization system for both ``puppetd`` and ``puppetmasterd``. # The default value is '$confdir/namespaceauth.conf'. authconfig = /etc/puppet/namespaceauth.conf # The minimum time to wait (in seconds) between checking for updates in # configuration files. This timeout determines how quickly Puppet checks whether # a file (such as manifests or templates) has changed on disk. # The default value is '15'. # filetimeout = 15 # Whether matching in case statements and selectors # should be case-sensitive. Case insensitivity is # handled by downcasing all values before comparison. # casesensitive = false # Where SSL certificates are kept. # The default value is '$confdir/ssl'. ssldir = /var/lib/puppet/ssl # The valid environments for Puppet clients. # This is more useful as a server-side setting than client, but any # environment chosen must be in this list. Values should be # separated by a comma. # The default value is 'production,development'. # environments = production,development # Whether log files should always flush to disk. # autoflush = false # The shell search path. Defaults to whatever is inherited # from the parent process. # The default value is 'none'. # path = none # Which port puppetmasterd listens on. # The default value is '8140'. # masterport = 8140 # Where FileBucket files are stored. # The default value is '$vardir/bucket'. bucketdir = /var/lib/puppet/bucket # The directory in which YAML data is stored, usually in a subdirectory. # The default value is '$vardir/yaml'. yamldir = /var/lib/puppet/yaml # The user puppetmasterd should run as. # The default value is 'puppet'. # user = puppet # Where puppetmasterd logs. This is generally not used, # since syslog is the default log destination. # The default value is '$logdir/puppetmaster.log'. masterlog = /var/log/puppet/puppetmaster.log # Just check the syntax of the manifests. # parseonly = false # Whether to store each client's configuration. This # requires ActiveRecord from Ruby on Rails. # storeconfigs = false # Wether the master should function as a certificate authority. # The default value is 'true'. # ca = true # The header containing an authenticated # client's SSL DN. Only used with Mongrel. This header must be set by the proxy # to the authenticated client's SSL DN (e.g., ``/CN=puppet.reductivelabs.com``). # See http://reductivelabs.com/puppet/trac/wiki/UsingMongrel for more information. # The default value is 'HTTP_X_CLIENT_DN'. # ssl_client_header = HTTP_X_CLIENT_DN # Code to parse directly. This is essentially only used # by ``puppet``, and should only be set if you're writing your own Puppet # executable # The default value is ''. # code = # Where the puppetmasterd web server logs. # The default value is '$logdir/masterhttp.log'. masterhttplog = /var/log/puppet/masterhttp.log # The entry-point manifest for puppetmasterd. # The default value is '$manifestdir/site.pp'. manifest = /etc/puppet/manifests/site.pp # The group puppetmasterd should run as. # The default value is 'puppet'. # group = puppet # How the puppetmaster determines the client's identity # and sets the 'hostname', 'fqdn' and 'domain' facts for use in the manifest, # in particular for determining which 'node' statement applies to the client. # Possible values are 'cert' (use the subject's CN in the client's # certificate) and 'facter' (use the hostname that the client # reported in its facts) # The default value is 'cert'. # node_name = cert # The header containing the status # message of the client verification. Only used with Mongrel. This header must be set by the proxy # to 'SUCCESS' if the client successfully authenticated, and anything else otherwise. # See http://reductivelabs.com/puppet/trac/wiki/UsingMongrel for more information. # The default value is 'HTTP_X_CLIENT_VERIFY'. # ssl_client_verify_header = HTTP_X_CLIENT_VERIFY # The search path for modules as a colon-separated list of # directories. # The default value is '$confdir/modules:/usr/share/puppet/modules'. modulepath = /etc/puppet/modules:/usr/share/puppet/modules # Where puppetmasterd looks for its manifests. # The default value is '$confdir/manifests'. manifestdir = /etc/puppet/manifests # The database password for Client caching. Only # used when networked databases are used. # The default value is 'puppet'. # dbpassword = puppet # The log level for Rails connections. The value must be # a valid log level within Rails. Production environments normally use ``info`` # and other environments normally use ``debug``. # The default value is 'info'. # rails_loglevel = info # The type of database to use. # The default value is 'sqlite3'. # dbadapter = sqlite3 # The database server for Client caching. Only # used when networked databases are used. # The default value is 'localhost'. # dbserver = localhost # The database socket location. Only used when networked # databases are used. Will be ignored if the value is an empty string. # The default value is ''. # dbsocket = # Whether to automatically migrate the database. # dbmigrate = false # The database user for Client caching. Only # used when networked databases are used. # The default value is 'puppet'. # dbuser = puppet # Where Rails-specific logs are sent # The default value is '$logdir/rails.log'. railslog = /var/log/puppet/rails.log # The database cache for client configurations. Used for # querying within the language. # The default value is '$statedir/clientconfigs.sqlite3'. dblocation = /var/lib/puppet/state/clientconfigs.sqlite3 # The name of the database to use. # The default value is 'puppet'. # dbname = puppet # Where FileBucket files are stored locally. # The default value is '$vardir/clientbucket'. clientbucketdir = /var/lib/puppet/clientbucket # Where the CA stores signed certificates. # The default value is '$cadir/signed'. signeddir = /var/lib/puppet/ssl/ca/signed # Whether to enable autosign. Valid values are true (which # autosigns any key request, and is a very bad idea), false (which # never autosigns any key request), and the path to a file, which # uses that configuration file to determine which keys to sign. # The default value is '$confdir/autosign.conf'. autosign = /etc/puppet/autosign.conf # The type of hash used in certificates. # The default value is 'md5'. # ca_md = md5 # A Complete listing of all certificates # The default value is '$cadir/inventory.txt'. cert_inventory = /var/lib/puppet/ssl/ca/inventory.txt # The certificate revocation list (CRL) for the CA. Set this to 'false' if you do not want to use a CRL. # The default value is '$cadir/ca_crl.pem'. cacrl = /var/lib/puppet/ssl/ca/ca_crl.pem # The CA certificate. # The default value is '$cadir/ca_crt.pem'. cacert = /var/lib/puppet/ssl/ca/ca_crt.pem # Where the CA stores private certificate information. # The default value is '$cadir/private'. caprivatedir = /var/lib/puppet/ssl/ca/private # Where the CA stores the password for the private key # The default value is '$caprivatedir/ca.pass'. capass = /var/lib/puppet/ssl/ca/private/ca.pass # How long a certificate should be valid. # This parameter is deprecated, use ca_ttl instead # The default value is ''. # ca_days = # The bit length of the certificates. # The default value is '2048'. # req_bits = 2048 # The CA private key. # The default value is '$cadir/ca_key.pem'. cakey = /var/lib/puppet/ssl/ca/ca_key.pem # Where the CA stores certificate requests # The default value is '$cadir/requests'. csrdir = /var/lib/puppet/ssl/ca/requests # Where the serial number for certificates is stored. # The default value is '$cadir/serial'. serial = /var/lib/puppet/ssl/ca/serial # The default TTL for new certificates; valid values # must be an integer, optionally followed by one of the units # 'y' (years of 365 days), 'd' (days), 'h' (hours), or # 's' (seconds). The unit defaults to seconds. If this parameter # is set, ca_days is ignored. Examples are '3600' (one hour) # and '1825d', which is the same as '5y' (5 years) # The default value is '5y'. # ca_ttl = 5y # The bit length of keys. # The default value is '1024'. # keylength = 1024 # The root directory for the certificate authority. # The default value is '$ssldir/ca'. cadir = /var/lib/puppet/ssl/ca # The CA public key. # The default value is '$cadir/ca_pub.pem'. capub = /var/lib/puppet/ssl/ca/ca_pub.pem # The DNS names on the Server certificate as a colon-separated list. # If it's anything other than an empty string, it will be used as an alias in the created # certificate. By default, only the server gets an alias set up, and only for 'puppet'. # The default value is ''. # certdnsnames = # The private key directory. # The default value is '$ssldir/private_keys'. privatekeydir = /var/lib/puppet/ssl/private_keys # Where individual hosts store and look for their certificates. # The default value is '$ssldir/csr_$certname.pem'. hostcsr = /var/lib/puppet/ssl/csr_blade01-sles-tsm.punchtelematix.net.pem # Where individual hosts store and look for their public key. # The default value is '$publickeydir/$certname.pem'. hostpubkey = /var/lib/puppet/ssl/public_keys/blade01-sles-tsm.punchtelematix.net.pem # The certificate directory. # The default value is '$ssldir/certs'. certdir = /var/lib/puppet/ssl/certs # Where the client stores private certificate information. # The default value is '$ssldir/private'. privatedir = /var/lib/puppet/ssl/private # Where individual hosts store and look for their certificates. # The default value is '$certdir/$certname.pem'. hostcert = /var/lib/puppet/ssl/certs/blade01-sles-tsm.punchtelematix.net.pem # Where each client stores the CA certificate. # The default value is '$certdir/ca.pem'. localcacert = /var/lib/puppet/ssl/certs/ca.pem # The name to use when handling certificates. Defaults # to the fully qualified domain name. # The default value is 'blade01-sles-tsm.punchtelematix.net'. # certname = blade01-sles-tsm.punchtelematix.net # The public key directory. # The default value is '$ssldir/public_keys'. publickeydir = /var/lib/puppet/ssl/public_keys # Where puppetd stores the password for its private key. # Generally unused. # The default value is '$privatedir/password'. passfile = /var/lib/puppet/ssl/private/password # Where individual hosts store and look for their private key. # The default value is '$privatekeydir/$certname.pem'. hostprivkey = /var/lib/puppet/ssl/private_keys/blade01-sles-tsm.punchtelematix.net.pem # Where to store dot-outputted graphs. # The default value is '$statedir/graphs'. graphdir = /var/lib/puppet/state/graphs # Whether to create dot graph files for the different # configuration graphs. These dot files can be interpreted by tools # like OmniGraffle or dot (which is part of ImageMagick). # graph = false # A lock file to temporarily stop puppetd from doing anything. # The default value is '$statedir/puppetdlock'. puppetdlockfile = /var/lib/puppet/state/puppetdlock # Where puppetd and puppetmasterd store state associated # with the running configuration. In the case of puppetmasterd, # this file reflects the state discovered through interacting # with clients. # The default value is '$statedir/state.yaml'. statefile = /var/lib/puppet/state/state.yaml # Whether facts should be made all lowercase when sent to the server. # downcasefacts = false # Where the puppetd web server logs. # The default value is '$logdir/http.log'. httplog = /var/log/puppet/http.log # How often puppetd applies the client configuration; in seconds. # The default value is '1800'. # runinterval = 1800 # Whether to sleep for a pseudo-random (but consistent) amount of time before # a run. # splay = false # The type of server to use. Currently supported # options are webrick and mongrel. If you use mongrel, you will need # a proxy in front of the process or processes, since Mongrel cannot # speak SSL. # The default value is 'webrick'. # servertype = webrick # Boolean; wheter or not puppetd should validate the server # SSL certificate against the request hostname. # The default value is 'true'. # http_enable_post_connection_check = true # The port to use for the certificate authority. # The default value is '$masterport'. ca_port = 8140 # Whether to use the cached configuration when the remote # configuration will not compile. This option is useful for testing # new configurations, where you want to fix the broken configuration # rather than reverting to a known-good one. # The default value is 'true'. # usecacheonfailure = true # The file in which puppetd stores a list of the classes # associated with the retrieved configuration. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is '$statedir/classes.txt'. classfile = /var/lib/puppet/classes.txt # Whether puppetd should listen for # connections. If this is true, then by default only the # ``runner`` server is started, which allows remote authorized # and authenticated nodes to connect and trigger ``puppetd`` # runs. # listen = false # Facts that are dynamic; these facts will be ignored when deciding whether # changed facts should result in a recompile. Multiple facts should be # comma-separated. # The default value is 'memorysize,memoryfree,swapsize,swapfree'. # dynamicfacts = memorysize,memoryfree,swapsize,swapfree # The pid file # The default value is ''. # pidfile = # The HTTP proxy host to use for outgoing connections. Note: You # may need to use a FQDN for the server hostname when using a proxy. # The default value is 'none'. # http_proxy_host = none # How long the client should wait for the configuration to be retrieved # before considering it a failure. This can help reduce flapping if too # many clients contact the server at one time. # The default value is '120'. # configtimeout = 120 # Boolean; whether puppetd should ignore schedules. This is useful # for initial puppetd runs. # ignoreschedules = false # Which port puppetd listens on. # The default value is '8139'. # puppetport = 8139 # Whether to send reports after every transaction. # report = false # The configuration file for puppetd. # The default value is '$confdir/puppet.conf'. config = /etc/puppet/puppet.conf # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is '$statedir/localconfig'. localconfig = /var/lib/puppet/localconfig # Whether puppetd should be run in noop mode. # noop = false # Ignore cache and always recompile the configuration. This is # useful for testing new configurations, where the local cache may in # fact be stale even if the timestamps are up to date - if the facts # change or if the server changes. # ignorecache = false # The log file for puppetd. This is generally not used. # The default value is '$logdir/puppetd.log'. puppetdlog = /var/log/puppet/puppetd.log # The server to which server puppetd should connect # The default value is 'puppet'. # server = puppet # The maximum time to delay before runs. Defaults to being the same as the # run interval. # The default value is '$runinterval'. splaylimit = 1800 # The address to bind to. Mongrel servers # default to 127.0.0.1 and WEBrick defaults to 0.0.0.0. # The default value is ''. # bindaddress = # The HTTP proxy port to use for outgoing connections # The default value is '3128'. # http_proxy_port = 3128 # The server to which to send transaction reports. # The default value is '$server'. reportserver = puppet # The server to use for certificate # authority requests. It's a separate server because it cannot # and does not need to horizontally scale. # The default value is '$server'. ca_server = puppet # Where Puppet looks for template files. # The default value is '$vardir/templates'. templatedir = /var/lib/puppet/templates # Whether to validate types during parsing. # The default value is 'true'. # typecheck = true # Whether to validate parameters during parsing. # The default value is 'true'. # paramcheck = true # Whether to use lexical scoping (vs. dynamic). # lexical = false # The mapping between reporting tags and email addresses. # The default value is '$confdir/tagmail.conf'. tagmap = /etc/puppet/tagmail.conf # The server through which to send email reports. # The default value is 'none'. # smtpserver = none # Where to find the sendmail binary with which to send email. # The default value is '/usr/sbin/sendmail'. # sendmail = /usr/sbin/sendmail # The 'from' email address for the reports. # The default value is 'report@blade01-sles-tsm.punchtelematix.net'. # reportfrom = report@blade01-sles-tsm.punchtelematix.net # Whether RRD information should be graphed. # rrdgraph = false # How often RRD should expect data. # This should match how often the hosts report back to the server. # The default value is '$runinterval'. rrdinterval = 1800 # The directory where RRD database files are stored. # Directories for each reporting host will be created under # this directory. # The default value is '$vardir/rrd'. rrddir = /var/lib/puppet/rrd # The list of reports to generate. All reports are looked for # in puppet/reports/<name>.rb, and multiple report names should be # comma-separated (whitespace is okay). # The default value is 'store'. # reports = store # The directory in which to store reports # received from the client. Each client gets a separate # subdirectory. # The default value is '$vardir/reports'. reportdir = /var/lib/puppet/reports # Whether each resource should log when it is # being evaluated. This allows you to interactively see exactly # what is being done. # evaltrace = false # Whether to print a transaction summary. # summarize = false # Tags to use to find resources. If this is set, then # only resources tagged with the specified tags will be applied. # Values must be comma-separated. # The default value is ''. # tags = # Where the fileserver configuration is stored. # The default value is '$confdir/fileserver.conf'. fileserverconfig = /etc/puppet/fileserver.conf

This paste will be private.