[Puppet Users] Re: puppet SSHD port based on hostname

[John Baird]

Honestly, I believe you would benefit from reading this over a bit...

https://docs.puppet.com/puppet/5.0/lang_template_erb.html


On Tuesday, August 22, 2017 at 4:37:35 PM UTC-5, John wrote:
>
> So I added the following to sshd_config.erb
>
> <%- if hostname = MyHost -%>
> Port = 
> <%- end -%>
>
> But it did not provide the expected results.  The puppet run finished 
> cleanly, but the sshd_config remained unchanged.
>
> Does that syntax look alright?
>
> TIA
>
> On Tuesday, August 22, 2017 at 12:36:15 PM UTC-4, John wrote:
>>
>> I've pulled down the SAZ SSH module and implemented across my network. 
>>  It works great.
>>
>> However, I need to implement the following change:
>>
>> If hostname = host1 or host2 or host3
>>   then
>> port = 
>> fi
>>
>> I just want to change the default sshd port for a few hosts.
>>
>> How do I do that?
>> 
>>
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/4a22f5df-272b-4ce6-9cad-fd60e564440f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Hiera 5 + Puppet 5 File Backend

[John Baird]

Henrik,

Thanks for the feedback.  My concern stems, really, from being able to use 
this with Puppet.  I would think that I should be able to specify a 
filename and/or filepath that contain a "." without having to escape those 
myself.  The backend should handle that, in my opinion.  You can image if a 
user/developer wanted to have a domain-oriented folder structure with 
multiple domains, how that could get extremely hard to read quickly... 
"/path/to/file/domain1\.example\.com" and then the variable would have to 
be unescaped for all other references to that variable.  That seems silly. 
 I appreciate your time on this, but I feel like there has to be a better 
solution, I just haven't found it yet.  I am still working on making this 
code work...

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/049d195d-1ea0-4c00-9165-c195bf67ed01%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] [join us] Virtual Puppet User Group: PDK Edition on Thursday!

[Meg Hartley]

Hi Everyone,

You’re invited to join our next Virtual Puppet User Group. This meetup is 
online only, so you can attend from the comfort of your computer.  Stay in 
the loop on upcoming meetings by becoming a member. 

Sign up for the Virtual Puppet User Group: Puppet Development Kit Edition 
on Thursday, 24 August, at 9 am PDT with David Schmitt, Senior Software 
Engineer (Puppet) and Rick Monro, Principal UX Designer (Puppet). Spots are 
limited so be sure to register to save your spot. 


https://www.meetup.com/Virtual-Puppet-User-Group/events/242294972/

See you there,

Meg Hartley

Community Manager, Puppet

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/f3942de6-ffd3-4ab7-9988-2c95ad616f18%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Hiera 5 + Puppet 5 File Backend

[Henrik Lindberg]

On 22/08/17 18:30, John Baird wrote:

Henrik,


I have something that appears to be at least "attempting" to find the 
proper files.  The issue I am currently running into is that the "key" 
or file that I am looking for is being "chopped" at the first ".", which 
in this case is actually in a folder name, not the file extension.  Do 
you know how to avoid that?


*# File Backend for Hiera*
*Puppet::Functions.create_function(:'file_backend') do*
*
*
*  dispatch :file_backend do*
*    param "String", :key*
*    param "Hash", :options*
*    param "Puppet::LookupContext", :context*
*  end*
*
*
*  argument_mismatch :missing_path do*
*    param 'Hash', :options*
*    param 'Puppet::LookupContext', :context*
*  end*
*
*
*  def file_backend(key, options, context)*
*    hieradir   = context.interpolate(options['hieradir'])*
*    searchroot = context.interpolate(options['searchroot'])*
*    searchpath = hieradir + searchroot*
*    if (File.exists?("#{searchpath}/#{key}"))*
*      data = File.read("#{searchpath}/#{key}")*
*    else*
*      context.explain() { "SearchPath: #{searchpath}, Key: #{key}"}*
*      context.not_found()*
*    end*
*  end*
*
*
*  def missing_path(options, context)*
*    "one of 'path', 'paths', 'glob', 'globs', or 'mapped_paths' must be 
declared in hiera.yaml when using this file_backend function"*

*  end*
*end*
*
*
When looking up '*/etc/dd-agent/checks.d/filename.py'* I receive a 
`*Function lookup() did not find a value for the name 
'/etc/dd-agent/checks.d/filename.py*`.


The debugging from the puppet lookup outputs *KEY: /etc/dd-agent/checks 
*which does not contain the rest of the filename or path.


Only had a quick look at the code. I think the issue you are seeing is 
that a '.' has special meaning - it navigates into a structure, you need 
to escape dots in the key - IIRC by quoting them. Try with a key that 
does not have a '.', and then try with quoting the dot with "" or ''


The dot-syntax is typically used to navigate into arrays and hashes.

Best,
- henrik


Thoughts ?

--
You received this message because you are subscribed to the Google 
Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to puppet-users+unsubscr...@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7a86b718-434c-42ff-ad50-649f276c75ba%40googlegroups.com 
.

For more options, visit https://groups.google.com/d/optout.



--

Visit my Blog "Puppet on the Edge"
http://puppet-on-the-edge.blogspot.se/

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/onifdt%24ia6%241%40blaine.gmane.org.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: puppet SSHD port based on hostname

[John]

So I added the following to sshd_config.erb

<%- if hostname = MyHost -%>
Port = 
<%- end -%>

But it did not provide the expected results.  The puppet run finished 
cleanly, but the sshd_config remained unchanged.

Does that syntax look alright?

TIA

On Tuesday, August 22, 2017 at 12:36:15 PM UTC-4, John wrote:
>
> I've pulled down the SAZ SSH module and implemented across my network.  It 
> works great.
>
> However, I need to implement the following change:
>
> If hostname = host1 or host2 or host3
>   then
> port = 
> fi
>
> I just want to change the default sshd port for a few hosts.
>
> How do I do that?
> 
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/467a45f7-1171-4d7e-9a00-3c715db82790%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: puppet SSHD port based on hostname

[John Baird]

It looks like you should be able to pass it as a Hash of "options"... 

https://github.com/saz/puppet-ssh/search?utf8=%E2%9C%93=port=

On Tuesday, August 22, 2017 at 11:36:15 AM UTC-5, John wrote:
>
> I've pulled down the SAZ SSH module and implemented across my network.  It 
> works great.
>
> However, I need to implement the following change:
>
> If hostname = host1 or host2 or host3
>   then
> port = 
> fi
>
> I just want to change the default sshd port for a few hosts.
>
> How do I do that?
> 
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/1c86488f-7d74-4b8f-a93f-5682e71d12e7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] puppet SSHD port based on hostname

[John]

I've pulled down the SAZ SSH module and implemented across my network.  It 
works great.

However, I need to implement the following change:

If hostname = host1 or host2 or host3
  then
port = 
fi

I just want to change the default sshd port for a few hosts.

How do I do that?



-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/07b2f4be-f286-401a-8538-d4cde4f06308%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Hiera 5 + Puppet 5 File Backend

[John Baird]

>
> Henrik,


I have something that appears to be at least "attempting" to find the 
proper files.  The issue I am currently running into is that the "key" or 
file that I am looking for is being "chopped" at the first ".", which in 
this case is actually in a folder name, not the file extension.  Do you 
know how to avoid that?

*# File Backend for Hiera*
*Puppet::Functions.create_function(:'file_backend') do*

*  dispatch :file_backend do*
*param "String", :key*
*param "Hash", :options*
*param "Puppet::LookupContext", :context*
*  end*

*  argument_mismatch :missing_path do*
*param 'Hash', :options*
*param 'Puppet::LookupContext', :context*
*  end*

*  def file_backend(key, options, context)*
*hieradir   = context.interpolate(options['hieradir'])*
*searchroot = context.interpolate(options['searchroot'])*
*searchpath = hieradir + searchroot*
*if (File.exists?("#{searchpath}/#{key}"))*
*  data = File.read("#{searchpath}/#{key}")*
*else*
*  context.explain() { "SearchPath: #{searchpath}, Key: #{key}"}*
*  context.not_found()*
*end*
*  end*

*  def missing_path(options, context)*
*"one of 'path', 'paths', 'glob', 'globs', or 'mapped_paths' must be 
declared in hiera.yaml when using this file_backend function"*
*  end*
*end*

When looking up '*/etc/dd-agent/checks.d/filename.py'* I receive a `*Function 
lookup() did not find a value for the name 
'/etc/dd-agent/checks.d/filename.py*`.

The debugging from the puppet lookup outputs *KEY: /etc/dd-agent/checks *which 
does not contain the rest of the filename or path.

Thoughts ?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7a86b718-434c-42ff-ad50-649f276c75ba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Data in Modules: Fail on unsupported OS

[Henrik Lindberg]

On 22/08/17 10:42, plapper...@gmail.com wrote:

Good morning :)

I'm currently writing a puppet module for the OpenBSD specific 
implementation of SNMPd, and was wondering if there is any elegant way 
  for the module to fail on unsupported operating systems?


With the params.pp-pattern, you can fail as the default of the 
OS-specific configuration; but how would I do this with the data comes 
via Hiera from the module itself 
(https://docs.puppet.com/puppet/4.10/hiera_migrate_modules.html#module-data-with-yaml-data-files)? 



Of course I can simply leave the common.yaml empty and the module will 
fail with missing variables, but I'd rather have a helpful error message 
about an unsupported OS (which will be less confusing, should this 
module be used by someone else but me).



How about setting a value that represents a "poison pill" as the default 
(for example "not supported"). Then for all supported the value would be 
something other than the "poison pill". You then check if you got the 
"poison" and then error with a descriptive error message.



- henrik
--

Visit my Blog "Puppet on the Edge"
http://puppet-on-the-edge.blogspot.se/

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/onhi9g%24m38%242%40blaine.gmane.org.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Hiera 5 + Puppet 5 File Backend

[Henrik Lindberg]

On 22/08/17 16:57, John Baird wrote:

Henrik,

Whether the existing YAML/JSON/HOCON backend is referenced, everything 
is using the context of `path` to do the lookups.  The issues with this 
in regards to a file backend, is I am unsure as to how to access the 
value or file being looked up.  The `path` for the other backends is 
statically defined and they load the content accordingly.  Do you know 
how to access the value being looked up or if that is even possible in 
this context ?


*context.cached_file_data(path) do |content|
*

Path in this case is the full URI to the YAML file being ingested, for 
instance. But I need to append the variable being looked up to that in 
order to find the file I am seeking.
I believe that is the missing piece I need to make this all work. Any 
insight would be appreciated. Thanks!




What you want to do is to use the kind of function that handles lookup 
key by key. You would otherwise have to load all the data files and 
return all of them as a hash. That would mean that it is very slow the 
first time, and that you may waste lots of memory if only looking up 
some of the values.


The cache that is available can be used if you want to keep contents in 
memory. That is only of value if the content is used many times as is 
the case if a backend function reads a yaml or json file containing a 
hash. I suggest skipping trying to cache in your first implementation 
(guessing that the same key is typically not looked up over and over again).


Simply resolve the name of the key into a path and read that file and 
return the value. (Alternatibely, if there is no such file call the 
not_found on the context).


There is support for reading binary files. The result is an instance of 
Binary. That data type is not fully supported everywhere, but I think it 
is fine to use as content of a File data type. (There is a file() 
function that reads a text file and a binary_file that reads it as a 
binary).


Hope this helps you get a bit further. Keep the questions coming...

Best,
- henrik


--
You received this message because you are subscribed to the Google 
Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to puppet-users+unsubscr...@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/28c0c2d2-b350-47d6-a775-e282abd4f158%40googlegroups.com 
.

For more options, visit https://groups.google.com/d/optout.



--

Visit my Blog "Puppet on the Edge"
http://puppet-on-the-edge.blogspot.se/

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/onhi4p%24m38%241%40blaine.gmane.org.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Re: Hiera 5 + Puppet 5 File Backend

[John Baird]

Henrik,

Whether the existing YAML/JSON/HOCON backend is referenced, everything is 
using the context of `path` to do the lookups.  The issues with this in 
regards to a file backend, is I am unsure as to how to access the value or 
file being looked up.  The `path` for the other backends is statically 
defined and they load the content accordingly.  Do you know how to access 
the value being looked up or if that is even possible in this context ?


*context.cached_file_data(path) do |content|*

Path in this case is the full URI to the YAML file being ingested, for 
instance. But I need to append the variable being looked up to that in 
order to find the file I am seeking.
I believe that is the missing piece I need to make this all work. Any 
insight would be appreciated. Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/28c0c2d2-b350-47d6-a775-e282abd4f158%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Data in Modules: Fail on unsupported OS

[plapperkfr]

Good morning :)

I'm currently writing a puppet module for the OpenBSD specific 
implementation of SNMPd, and was wondering if there is any elegant way  for 
the module to fail on unsupported operating systems?

With the params.pp-pattern, you can fail as the default of the OS-specific 
configuration; but how would I do this with the data comes via Hiera from 
the module itself 
(https://docs.puppet.com/puppet/4.10/hiera_migrate_modules.html#module-data-with-yaml-data-files)?
 

Of course I can simply leave the common.yaml empty and the module will fail 
with missing variables, but I'd rather have a helpful error message about 
an unsupported OS (which will be less confusing, should this module be used 
by someone else but me).




Kind regards, 

Jake

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/b6b45cad-f287-4ac8-862c-06915564f9cb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Attempt to override an already evaluated resource

[Martijn Grendelman]

Since a recent Puppet  update, my logs contain a lot of these warnings:

2017-08-21 14:03:20,146 WARN [qtp2051525912-14813] [puppetserver] Puppet 
> Attempt to override an already evaluated resource, defined at 
> /etc/puppetlabs/code/environments/production/modules/puppet/manifests/collections.pp:45,
>  
> with new values at 
> /etc/puppetlabs/code/environments/production/modules/puppet/manifests/collections.pp:40



The code leading to these warnings is this:

if $::operatingsystem == 'Debian' {


> $remove_packages = [

'facter',

'hiera',

'puppet',

'puppet-common'

]


> linux::package { $remove_packages: ensure => purged }


> Linux::Package['puppet-agent'] {

require => Linux::Package[$remove_packages],

}

}


> linux::package { 'puppet-agent':

ensure  => installed,

}

 


I found PUP-6290 , which 
seems related to this, but I am not sure the use case described in that 
ticket is the same. Also, I don't think that adding a 'require' metaparam 
to an already evaluated resource should require a re-evaluation of the 
resource body.

If my pattern of conditionally adding to a resource's parameters is wrong, 
how should I go about this?

Best regards,
Martijn.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/e3f1b536-8ac3-4d10-bbbf-088e8b9784c3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.