Hello experts, I'm struggling with some node specific heria. I basically want to add the following lines to a number of nodes:
Match Address xx.xx.xx.xx PermitRootLogin without-password I have the following in place in an attempt to acheive this: # pwd /etc/puppetlabs/code/environments/production/modules/permitroot/manifests # more * :::::::::::::: config.pp :::::::::::::: class permitroot::config ( $config_path = $permitroot::params::config_path ) inherits permitroot::params { if $facts['os']['release']['major'] =~ /7/ { file { 'Update SSHD PermitRoot': ensure => $permitroot::config_present, path => $permitroot::config_path, content => $permitroot::permitroot_config.join("\n"), owner => root, group => root, mode => '0600' } } else { notice ('Assuming RHEL 6.x thus taking no action') } } :::::::::::::: init.pp :::::::::::::: class permitroot ( $service_name = $permitroot::params::service_name, $config_path = $permitroot::params::config_path, Array[String] $permitroot_config, String $service_ensure, Boolean $service_enable, Boolean $service_hasrestart, ) inherits permitroot::params { contain permitroot::config contain permitroot::service Class['permitroot::config'] -> Class['permitroot::service'] } :::::::::::::: params.pp :::::::::::::: class permitroot::params { $service_name = 'sshd' $config_path = '/etc/ssh/sshd_config' } :::::::::::::: service.pp :::::::::::::: class permitroot::service ( $service_name = $permitroot::params::service_name, ) inherits permitroot::params { service {'permitroot_service': name => $service_name, ensure => $permitroot::service_ensure, enable => $permitroot::service_enable, hasrestart => $permitroot::service_hasrestart, } } This is probably not the best method and I'm still learning and don't want to use a module that has already been created by someone else at this point. Here is the node specific heria: # pwd /etc/puppetlabs/code/environments/production/nodes # more * permitroot::permitroot_config: - 'Match Address xx.xx.xx.xx - 'PermitRootLogin without-password' Hiera file: # pwd /etc/puppetlabs/code/environments/production # more hiera.yaml --- version: 5 defaults: # The default value for "datadir" is "data" under the same directory as the hiera.yaml # file (this file) # When specifying a datadir, make sure the directory exists. # See https://puppet.com/docs/puppet/latest/environments_about.html for further details on environments. #datadir: data data_hash: yaml_data hierarchy: - name: "Per-node data" # Human-readable name. path: "nodes/%{trusted.certname}.yaml" # File path, relative to datadir. - name: "Per-OS defaults" path: "os/%{facts.os.family}.yaml" - name: "Common data" path: "common.yaml" Site.pp file: # more site.pp ... ... ... node lhcsrvprdcms01.domain.com { class { 'permitroot': } } When I run the puppet agent on the server about were I want the new vaules added, I see the see returned the following: # puppet agent --no-daemonize --onetime --verbose --noop Info: Using configured environment 'production' Info: Retrieving pluginfacts Info: Retrieving plugin Info: Retrieving locales Info: Loading facts Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Class[Permitroot]: expects a value for parameter 'permitroot_config' (file: /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 49, column: 3) on node lhcsrvprdcms01.fixnetix.com Info: Using cached catalog from environment 'production' Info: Applying configuration version '1596101172' Notice: Applied catalog in 2.39 seconds Any help here would be appreciated. Thanks, Dan. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/92247132-e001-4dfe-bd31-5ff64dd9904bo%40googlegroups.com.