from:"Darin Perusich"

Re: [Puppet Users] Using Puppetdb-terminus via rubygems...?

2014-12-09 Thread Darin Perusich

I contacted the gem owner requesting that he remove this gem.
--
Later,
Darin

On Tue, Dec 9, 2014 at 12:48 AM, Spencer Krum n...@spencerkrum.com wrote:
The gem owner would be the only one who could remote the gem. That,
obviously, is not puppetlabs.

--
Spencer Krum
n...@spencerkrum.com

On Mon, Dec 8, 2014, at 09:19 PM, Matt Wise wrote:

Matt Wise
Sr. Systems Architect
Nextdoor.com

On Mon, Dec 8, 2014 at 9:34 AM, Darin Perusich da...@darins.net wrote:

On Mon, Dec 8, 2014 at 5:01 AM, Ken Barber k...@puppetlabs.com wrote:
We have entirely-gem based Puppet masters (no Ubuntu packages installing
Puppet)... we're trying to add in the puppetdb-terminus gemfile. We have
it
configured, and installed:

# gem list | grep -i puppet
hiera-puppet (1.0.0)
puppet (3.7.3)
puppet-catalog-test (0.3.1)
puppet-lint (1.0.1)
puppet-syntax (1.3.0)
puppetdb-terminus (1.0)
puppetlabs_spec_helper (0.8.2)
rspec-hiera-puppet (1.0.0)

That is not an official gem for puppetdb-terminus :-). Someone
uploaded it in the past, I think its a dud.

If this isn't official, would Puppet Labs be willing to have it
removed or publish the gem?

We don't really ship a rubygem, we do have a gemfile however:
https://github.com/puppetlabs/puppetdb/tree/master/contrib/gem

That can be used to create your own gem.

We're running into a problem with our Unicorn/Nginx config though...

puppet-master[17213]: Could not configure routes from
/etc/puppet/routes.yaml: Could not find terminus puppetdb for indirection
facts

Is there something special we need to do to the config.ru or something so
that it can find the puppetdb terminus from the gem thats installed?

That just looks like the necessary ruby library files aren't in place,
probably due to the bad gem.

ken.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAE4bNTnH4ZQXnsGJpxB-W6SAypsJAsXtU0F%3DFoFXtcoRmTJbTA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to a topic in the
Google Groups Puppet Users group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/puppet-users/830HwH-1JCY/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CADaviKuX8s3cUms_d7LP7QHR-dtyT%3DMG%3D%3DPz85WJrohiVPqUJA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAOHkZxOi0g3Ey%3Dj2r0SDAHhgF5JBVX4wLRWLRwOPaBYfd9GmCw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CADaviKtUS%3DBAprxb%3DegO13Si902Q8F5ZESA25408%2BhLqepw8HQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Using Puppetdb-terminus via rubygems...?

2014-12-08 Thread Darin Perusich

That is not an official gem for puppetdb-terminus :-). Someone
uploaded it in the past, I think its a dud.

If this isn't official, would Puppet Labs be willing to have it
removed or publish the gem?

We don't really ship a rubygem, we do have a gemfile however:
https://github.com/puppetlabs/puppetdb/tree/master/contrib/gem

That can be used to create your own gem.

We're running into a problem with our Unicorn/Nginx config though...

puppet-master[17213]: Could not configure routes from
/etc/puppet/routes.yaml: Could not find terminus puppetdb for indirection
facts

Is there something special we need to do to the config.ru or something so
that it can find the puppetdb terminus from the gem thats installed?

That just looks like the necessary ruby library files aren't in place,
probably due to the bad gem.

ken.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CADaviKuX8s3cUms_d7LP7QHR-dtyT%3DMG%3D%3DPz85WJrohiVPqUJA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] how to force a zypper refresh?

2014-08-25 Thread Darin Perusich

Use the zypprepo module to managing your zypper repositories.

https://forge.puppetlabs.com/darin/zypprepo

puppet module install darin-zypprepo
--
Later,
Darin


On Mon, Aug 25, 2014 at 10:35 AM, randal cobb rco...@gmail.com wrote:
 Hello all,

 I'm trying to solve an issue with Puppet and I'm hoping you can help guide
 me.  We have an internal YUM repository that we build/deploy to quite
 frequently, and several of the artifacts we publish to that repository need
 to be pushed out (via puppet) to servers a couple of times per day.   All of
 my servers are SLES or openSuse based, and thus use Zypper.  My question is,
 since the repository gets updated frequently and zypper doesn't refresh
 repository indexes by itself, is there a way to force a zypper refresh
 ALWAYS as the first task in a manifest?

 I've tried adding an exec item in a sample machine's manifest and having all
 the packages require it, but it isn't doing what I expect.  It never seems
 to run the refresh prior to trying to install any packages.  Here are a
 few snippets from my manifest structure:

 in base.pp:
 exec { zypper-refresh:
 command = 'zypper --no-gpg-checks refresh',
 path = [/usr/bin, /bin, /sbin],
 }


 package { puppet:
 ensure = installed,
 require = Exec['zypper-refresh'],
 }


 package { augeas:
 ensure = present,
 require = Package['puppet'],
 }


 package { rubygem-ruby-augeas:
 ensure = present,
 require = Package['augeas'],
 }


 in test-server.pp (which inherits base.pp)
 package { 'geany':
 ensure = installed,
 require = Exec['zypper-refresh'],
 }

 package { 'myjavamodule_xx':
 ensure = installed,
 require = Exec['zypper-refresh'],
 }


 etc.

 Any suggestions?

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/puppet-users/a98d4d09-c0a0-480e-8904-adf075179a8e%40googlegroups.com.
 For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CADaviKsO4GOt%3D9v-bQnW3jduAUR_q%2B1BiuUuTcNJDyjAZcuHoQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Encrypting /var/lib/puppet directory on clients

2014-08-21 Thread Darin Perusich

As mentioned, you'll gain no additional security while the volume
since anyone who can log into the machine and switch to the
root/puppet users will be able to access said data.

However there are solutions which provide encryption and fine grained
access control which remove the ability for any unauthorized process
to access your data, such as the root user. I use one of these
solutions to protect ePHI, but am not a fan of it so wont' promote
it on this list but ping me off list if you're interested. Personally
I'd never use it for my puppet data/config and would think there are
other ways of ensuring it's integrity.

--
Later,
Darin

On Wed, Aug 20, 2014 at 1:18 PM, Brian Mathis
brian.mat...@betteradmin.com wrote:
The only way to mount an encrypted volume on boot is if the password is
stored somewhere on the server itself, such as in /etc/crypttab. Maybe you
could come up with a system that uses ssh to login and manually mount the
volume with a password after the system is booted.

One thing to be aware of is that disk encryption at this level provides no
additional security within the system -- anyone logged in can see and access
all the files (subject to standard file permissions). It does help with
data on the underlying disk, which is only really of use when the machine is
completely turned off, protecting it from an administrator on the VM host
(though they would have full access to your system anyway), or from a SAN
admin.

❧ Brian Mathis
@orev

On Wed, Aug 20, 2014 at 1:07 PM, Eugene Sapozhnikov eugenes...@gmail.com
wrote:

I have been given a project to secure our client hosts.

One of the requirements was to setup an encrypted volume and mount it over
/var/puppet/lib .

the other requirement was to have the encryption key reside only on the
puppet master.

I have been able to use cryptsetup to have puppet configure and mount the
encrypted volume successfully.

But I am running into a roadblock when the client server reboots and the
volume is unmounted. I can't use puppet to mount the volume as the puppet
agent will not connect successfully without the /var/lib/puppet being
mounted so it can use original SSl cert.

Wanted to see if anyone here have tried any similar setups to what i am
trying to achieve.

Thanks.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/a532006d-e3cd-4c1b-bd6f-91a388e68fb0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CADaviKshwO4sb85qthN7ATJbgtjegpMWCwUizDQ%2BN6o1PnZ9%2Bw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] puppet CLA

2014-08-14 Thread Darin Perusich

I'm trying to sign this new github linked CLA and it's saying the my
email address is already taken, which I'm guessing is because my
puppetlabs and github accounts share a common email address. How can I
get around this annoyance?

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CADaviKu05tHvBuV2aq5jYN%3Dr2YVLs33xgywiHa6%2BBgk-B9rFcQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] puppet CLA

2014-08-14 Thread Darin Perusich

https://tickets.puppetlabs.com/browse/CLA-4
--
Later,
Darin


On Thu, Aug 14, 2014 at 8:59 AM, Ken Barber k...@puppetlabs.com wrote:
 I'm trying to sign this new github linked CLA and it's saying the my
 email address is already taken, which I'm guessing is because my
 puppetlabs and github accounts share a common email address. How can I
 get around this annoyance?

 Can you try logging a ticket here?

 https://tickets.puppetlabs.com/browse/CLA

 ken.

 --
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/puppet-users/CAE4bNTnpy-J33CjSuvJDoNJYky6noROBF0GOc%3DFaJpUuah6cjA%40mail.gmail.com.
 For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CADaviKuPc_8-Za1NPQJ9Y1Z%3D5Y226mQT%2BJ6Ly%2Bw1auTdgnt%2BLg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] SuSe SLES: error when refreshing puppet yum repository

2014-06-13 Thread Darin Perusich

rubygem-ruby-shadow is available in the repo so I don't know what
could be causing that.

I just added that repo to a SLES box, installed puppet and it pulled
down the dependencies without issue, the the output below.

What the output you get from zypper info rubygem-ruby-shadow and
zypper lr -d ?

slestest:~ # zypper ar
http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_11_SP3
puppet
Adding repository 'puppet' [done]
Repository 'puppet' successfully added
Enabled: Yes
Autorefresh: No
GPG check: Yes
URI: 
http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_11_SP3

slestest:~ # zypper in puppet
Loading repository data...
Reading installed packages...
Resolving package dependencies...

The following NEW packages are going to be installed:
  facter puppet ruby rubygem-hiera rubygem-json_pure
rubygem-ruby-shadow rubygems

7 new packages to install.
Overall download size: 4.9 MiB. After the operation, additional 17.8
MiB will be used.
Continue? [y/n/? shows all options] (y):
Retrieving package ruby-1.8.7.p357-0.9.15.1.x86_64 (1/7), 1.8 MiB (6.4
MiB unpacked)
Retrieving: ruby-1.8.7.p357-0.9.15.1.x86_64.rpm [done]
Retrieving package facter-2.0.1-2.1.x86_64 (2/7), 80.0 KiB (222.0 KiB unpacked)
Retrieving: facter-2.0.1-2.1.x86_64.rpm [done]
Retrieving package rubygems-1.8.15-0.14.1.x86_64 (3/7), 181.0 KiB
(558.0 KiB unpacked)
Retrieving: rubygems-1.8.15-0.14.1.x86_64.rpm [done]
Retrieving package rubygem-ruby-shadow-2.3.4-21.1.x86_64 (4/7), 23.0
KiB (89.0 KiB unpacked)
Retrieving: rubygem-ruby-shadow-2.3.4-21.1.x86_64.rpm [done]
Retrieving package rubygem-json_pure-1.8.1-28.12.x86_64 (5/7), 276.0
KiB (759.0 KiB unpacked)
Retrieving: rubygem-json_pure-1.8.1-28.12.x86_64.rpm [done]
Retrieving package rubygem-hiera-1.2.1-11.11.x86_64 (6/7), 46.0 KiB
(115.0 KiB unpacked)
Retrieving: rubygem-hiera-1.2.1-11.11.x86_64.rpm [done]
Retrieving package puppet-3.6.2-2.1.x86_64 (7/7), 2.6 MiB (9.6 MiB unpacked)
Retrieving: puppet-3.6.2-2.1.x86_64.rpm [done (1.0 MiB/s)]
Installing: ruby-1.8.7.p357-0.9.15.1 [done]
Installing: facter-2.0.1-2.1 [done]
Installing: rubygems-1.8.15-0.14.1 [done]
Installing: rubygem-ruby-shadow-2.3.4-21.1 [done]
Installing: rubygem-json_pure-1.8.1-28.12 [done]
Installing: rubygem-hiera-1.2.1-11.11 [done]
Installing: puppet-3.6.2-2.1 [done]
Additional rpm output:
%{1} puppet.service
warning: /etc/puppet/puppet.conf saved as /etc/puppet/puppet.conf.rpmorig
%{1} puppet.service
--
Later,
Darin


On Fri, Jun 13, 2014 at 6:03 AM, Torsten Kleiber
torsten.klei...@googlemail.com wrote:
 Thanks for this!
 zypper refresh with this repo is now successful.
 But now I get another error:

 myserver:~ # zypper --non-interactive install --repo puppet puppet
 Loading repository data...
 Reading installed packages...
 Resolving package dependencies...
 Problem: nothing provides rubygems needed by
 rubygem-ruby-shadow-2.3.4-21.1.x86_64
  Solution 1: do not ask to install a solvable providing puppet
  Solution 2: break rubygem-ruby-shadow by ignoring some of its dependencies
 Choose from above solutions by number or cancel [1/2/c] (c): c

 Am Donnerstag, 12. Juni 2014 18:09:14 UTC+2 schrieb Darin Perusich:

 build.opensuse.org is the OBS project location where the packages are
 managed/built. Successfully built packages are published at
 download.opensuse.org, so for SLES use the below repo URL.


 http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_11_SP3/

 --
 Later,
 Darin

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/puppet-users/18f47009-68f3-4eb3-9ff4-375da38d7d94%40googlegroups.com.
 For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CADaviKvH5dAy%3DRybHqGbrjv-2RE%2B2G49bdgcoo%3Dyj4XgUEq5aQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Could not find or load main class com.puppetlabs.puppetdb.core

2014-06-13 Thread Darin Perusich

Hello,

I'm attempting to build puppetdb-2.0.0 from source and the resulting
jar fails to start and errors with Could not find or load main class
com.puppetlabs.puppetdb.core. When inspecting the puppetdb.jar it
doesn't contain any of the classes so it would appear that 'lein
uberhar' is failing to build said classes. When listing the content of
puppetdb-2.0.0-standalone.jar the do not exist. Also compiling the
source, 'lein compile' doesn't appear to be compiling the classes, no
Compiling com.puppetlabs.puppetdb.core or Compiling clj-time.core
output like when I build 1.6.3 and nothing created under
target/classes.

Any thoughts on what might be causing this?

This system is openSUSE 13.1, puppet-3.0.2, and Oracle java 1.7.0_55-b13.

To recreate do:

wget https://github.com/puppetlabs/puppetdb/archive/2.0.0/puppetdb-2.0.0.tar.gz
tar -zxf puppetdb-2.0.0.tar.gz
cd puppetdb-2.0.0/
echo 2.0.0 version
lein uberjar

Check for puppetdb.core in resulting jar:
jar tf target/puppetdb-2.0.0-standalone.jar |grep puppetdb.core
com/puppetlabs/puppetdb/core.clj

--
Later,
Darin

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CADaviKv3z69S86eJBzaE%2B5dK%2BOWmGEX_Mc2DQ0O_mV8Yo1tokw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] SuSe SLES: error when refreshing puppet yum repository

2014-06-12 Thread Darin Perusich

build.opensuse.org is the OBS project location where the packages are
managed/built. Successfully built packages are published at
download.opensuse.org, so for SLES use the below repo URL.

http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_11_SP3/

--
Later,
Darin

On Thu, Jun 12, 2014 at 9:15 AM, Torsten Kleiber
torsten.klei...@googlemail.com wrote:
Thank you!

But now I get another error:

vdu10272:~ # zypper --non-interactive refresh
Retrieving repository 'puppet' metadata [/]
Download (curl) error for
'https://build.opensuse.org/project/show/systemsmanagement:puppet/repodata/repomd.xml':
Error code: Unrecognized error
Error message: SSL certificate problem, verify that the CA cert is OK.
Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed
Abort, retry, ignore? [a/r/i/?] (a): a
Abort, retry, ignore? [a/r/i/?] (a): a
Retrieving repository 'puppet' metadata [error]
Repository 'puppet' is invalid.
Can't provide /repodata/repomd.xml : Media Exception
Please check if the URIs defined for this repository are pointing to a valid
repository.
Skipping repository 'puppet' because of the above error.
Some of the repositories have not been refreshed because of an error.

Am Donnerstag, 12. Juni 2014 14:38:43 UTC+2 schrieb Jesse Throwe:

Torsten,

The puppetlabs yum repository is for EL releases only. Because SLES
is 'special' you need to use a repo with RPMS (and metadata) tailored
for zypper and its ilk.

https://build.opensuse.org/project/show/systemsmanagement:puppet

- Jesse

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CADaviKvYN_kBB_rEGHeH0f2Fkg4twAdwd9KgaTpC1_Hgcvk--A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Heartbleed and Puppet-Supported Operating Systems

2014-04-10 Thread Darin Perusich

You've listed SLES 11 as vulnerable, it is not. However OpenSUSE 12.3 and
13.1 are affected and patches have been released.

http://support.novell.com/security/cve/CVE-2014-0160.html
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg5.html
On Apr 10, 2014 1:22 AM, Eric Sorenson eric.soren...@puppetlabs.com
wrote:

 Like you, we are still learning about the full extent of the OpenSSL
 security bug dubbed Heartbleed, and what we need to do to help Puppet users
 remediate the vulnerability. We published step-by-step documentation for
 remediating yesterday [
 http://puppetlabs.com/blog/heartbleed-security-bug-update-puppet-users],
 and we will continue to update you as we learn more and develop new
 resources.

 We've finalized a list of vulnerable operating systems supported by Puppet
 Enterprise, noting the versions of OpenSSL they shipped with. If you are
 also running open source Puppet, be aware that the range of operating
 systems you can use is much wider, so not every vulnerable OS is on this
 list.

 Keep in mind, regardless of the OS involved, you must check whether you
 are running OpenSSL versions 1.0.1 and 1.0.2 on your systems. Both are
 vulnerable.

 Documentation for remediating the Heartbleed issue is linked below the
 lists. For more help, check out the Heartbleed and certificate discussions
 here on the email list
 Vulnerable Operating Systems and their versions of OpenSSL
 Debian Wheezy (stable)
 * OpenSSL 1.0.1e-2+deb7u4
 Ubuntu 12.04.4 (precise) LTS
 * OpenSSL 1.0.1-4ubuntu5.11
 RHEL / CentOS / Scientific 6.5
 * OpenSSL 1.0.1e-15
 Operating Systems that are Not Vulnerable
 * RHEL / CentOS / OEL / Scientific 6 (other than 6.5)
 * RHEL / CentOS / OEL / Scientific 5 (all versions)
 * RHEL / CentOS 4
 * SLES 11
 * AIX 5, 6, 7
 * Solaris 10, 11
 * Windows (all)
 * Debian Squeeze (old-stable)
 * Ubuntu 10.04 (Lucid)

 Step-by-Step Documentation for Remediating the Vulnerability

 Puppet Enterprise 3.x:  Regenerating Certs and Security Credentials in
 Split Puppet Enterprise Deployments
 http://docs.puppetlabs.com/pe/3.2/trouble_regenerate_certs_split.html

 Puppet Enterprise 3.x:  Regenerating Certs and Security Credentials in
 Monolithic Puppet Enterprise Deployments

 http://docs.puppetlabs.com/pe/latest/trouble_regenerate_certs_monolithic.html

 Puppet Enterprise 2.x:  Regenerating Certs and Security Credentials in
 Split Puppet Enterprise Deployments
 http://docs.puppetlabs.com/pe/2.8/trouble_regenerate_certs_split.html

 Puppet Enterprise 2.x:  Regenerating Certs and Security Credentials in
 Monolithic Puppet Enterprise Deployments
 http://docs.puppetlabs.com/pe/2.8/trouble_regenerate_certs_monolithic.html

 Puppet SSL:  Regenerating All Certificates in a Puppet Deployment

 http://docs.puppetlabs.com/puppet/latest/reference/ssl_regenerate_certificates.html

 Eric Sorenson - eric.soren...@puppetlabs.com - freenode #puppet: eric0
 puppet platform // coffee // techno // bicycles

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/puppet-users/86C75987-61F4-4205-AFF5-5AD25A7946F6%40puppetlabs.com
 .
 For more options, visit https://groups.google.com/d/optout.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CADaviKtQGxn41o04-rFdfeU2ewFVAQkNPRrCqmr6OgfSaaTLqw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Ideas to allow users only on certain servers

2014-03-13 Thread Darin Perusich

Use LDAP so you have a single source for users and limit access w/groups
and ssh allowgroups. Check out OpenDJ if you need a powerful and easy to
setup LDAP server.
On Mar 13, 2014 5:52 PM, Philippe Conway philippe.con...@gmail.com
wrote:

So at my organization, we have different departments that should only have
access to certain servers.

For example:

Dev Team: Dev Servers
Tech Support: Production Server
Admins: All servers

How Puppet manages our users now, is once you add the user to the user
manifest, it adds them too *all *the servers.

I've tried adding an if/else statement as sort of mentioned here:

https://groups.google.com/forum/#!topic/puppet-users/EA1LKmaFFJ4

But I learned that wasn't best practice.

I've also tried putting users in different classes such as:

users::dev
users::ts
users::admins

However that gets a little redundant...Is there another way to do this
through Puppet? Or am I better off using something like Active Directory to
authenticate and manage groups?

Any advice is much appreciated. Thanks!

- Philippe

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/cafd5282-53c2-4d21-a833-6384bbe396c6%40googlegroups.comhttps://groups.google.com/d/msgid/puppet-users/cafd5282-53c2-4d21-a833-6384bbe396c6%40googlegroups.com?utm_medium=emailutm_source=footer
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CADaviKsULpvvhQJq3aH74LWVBXBVWANOZyWL10mG%3DKqO5JTcbw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: introducing puppetboard 0.0.1

2014-02-13 Thread Darin Perusich

You should SR it for the OpenSUSE systems:management:puppet repo so its
available along with puppetdb and puppet.
On Feb 13, 2014 5:32 PM, Niels Abspoel abo...@gmail.com wrote:

Hi Daniele,

Thanks for the update in the Readme with the Archlinux Packages.

Would you like to have opensuse/suse support packages as well?

I'm building these on opensuse build server:
https://build.opensuse.org/project/show/home:aboe76
Please do not link from that repository, it's my own rpm build
environment.

If you want I can push these into the devel:languages:python repository of
opensuse/suse, that way more people
can test this software, and from that repository it is even possible to
add them to the next version of opensuse in the default repositories.

with regards,
Niels

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/a0e4ac7d-f470-48ad-8c0e-0ac3817aee40%40googlegroups.com
.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CADaviKvjv7BXk61vE4m4za8Jc1PemNocfO%3DvmeJcp-E5_RDCyA%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Reg : War deployment with Puppet

2014-01-30 Thread Darin Perusich

Usually package into an RPM, but not always, which installs into
something like /usr/{lib|share}/package/something.war and then create
a link to it from the tomcat webapps directory. Tomcat's autodeploy
will take care of unpacking it.

--
Later,
Darin


On Thu, Jan 30, 2014 at 3:13 PM, Matthew Schmitt killas...@gmail.com wrote:
 We package the war into a RPM and then use an exec statement to extract the
 war.

 Matt

 On Jan 30, 2014, at 3:50 AM, PaulC paul.can...@gmail.com wrote:

 Must admit i would be interested in seeing what other peoples approaches has
 been for this, we have been thinking about going down the route of getting
 the war files and any relevant library files put into a rpm/deb package and
 getting puppet to install the rpm though the OS package manager.

 Paul C.

 On Thursday, 30 January 2014 06:54:26 UTC, krishna bhaskara rao wrote:

 Hi,

 Can any one share me sample snippets to deploy war in tomcat. if
 deployment fails, how to rollback.

 With Regards,
 Krishna.


 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/puppet-users/241ed902-f5c6-4f83-a2de-85a13b1948ed%40googlegroups.com.
 For more options, visit https://groups.google.com/groups/opt_out.


 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/puppet-users/BFC7346E-5E79-480C-B4C1-7B996B34ADDC%40gmail.com.

 For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CADaviKuy%2BSutrtegW0d1LAirTo_8FnT1VpJ377eZGK%2BM0PGZJQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Puppet User Administration, set password only at creating of user-accounts

2014-01-13 Thread Darin Perusich

I filed a feature request for this about a year ago.

https://tickets.puppetlabs.com/browse/PUP-1331
https://projects.puppetlabs.com/issues/15037
--
Later,
Darin


On Mon, Jan 13, 2014 at 2:56 PM, Jose Luis Ledesma
joseluis.lede...@gmail.com wrote:
 Would be nice to have something like 'initial_password' in the user resource.

 Perhaps a solution could be create a custom fact with all the users of the 
 server, and set an 'if' statement before the user resource.

 Hth

 --
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/puppet-users/bc2b23e8-2020-47e9-a103-794ef3f5cc8b%40googlegroups.com.
 For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CADaviKva1wO-9QdCX1Kn7Szu5K8-o%3DP4SA9bZhBG98umr71ZhA%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Puppetlabs/Apache 0.10.0 Release

2013-12-11 Thread Darin Perusich

On Tue, Dec 10, 2013 at 10:42 PM, William Van Hevelingen
wva...@gmail.com wrote:
I opened an issue for SUSE/SLES support to track it's progress.

https://github.com/puppetlabs/puppetlabs-apache/issues/525

Got some email from github on this early, thanks. Where does
discussion on this module take place, this mailing list, dev mailing
list, issue system? I just took a look at the module and see a message
the a2mod type's being depreciated and to use apache::mod instead.
SuSE needs this type/provider as well as another, a2flag which I've
written, for managing apache modules and setting command line flags
for httpd2.

On Tue, Dec 10, 2013 at 5:18 AM, Darin Perusich da...@darins.net wrote:

On Tue, Dec 10, 2013 at 3:58 AM, William Van Hevelingen
wva...@gmail.com wrote:
A couple of days ago we released puppetlabs/apache 0.10.0, and as busy
as
all involved people were we were to accomplish the release they are now
equally
busy to do other amazing things.

http://forge.puppetlabs.com/puppetlabs/apache/0.10.0

Among the endless (22) features that we've added in this release two big
accomplishments shine, making this an important milestone:

added FreeBSD as a supported Platform (Special Thanks to ptomulik)
made sure that a great number of tests are /actually/ executed
(Special
Thanks to Aethylred)

The latter really guarantees that this release and the ones coming will
be
truely backwards compatible.

Check out the CHANGELOG for all the changes in this release.

https://github.com/puppetlabs/puppetlabs-apache/blob/0.10.0/CHANGELOG.md

Moving forward

tampakrap is working on OpenSuse/SLES and Gentoo osfamily support.

I can contribute to openSUSE/SLES support. My apache module is based
on the puppetlabs module and fully supports the SUSE osfamily. If
there's a forked repo someone could point me at I can compare it with
the work I've already done.

The module team is working hard on a new systems test framework:
[Beaker](https://github.com/puppetlabs/beaker) that will expand upon our
rspec-system tests allowing use to support multinode tests, as well as
the
ability to test platforms that are usually out of reach for normal
developers (AIX…).

For the bigger changes we need to make some hard decisions. We know that
we need to get started on support for httpd 2.4 as more distributions
are
finally picking it up. But we don't know yet how to get there exactly.

We thus want to ask you to participate in discussions on the issue
tracker:

https://github.com/puppetlabs/puppetlabs-apache/issues/477
https://github.com/puppetlabs/puppetlabs-apache/issues/337

As we approach a 1.0 release we want to know what features we need to
support
and what breakage you as the user are willing to take. Please send us
feedback
if you have use cases for the puppetlabs/apache module that we are not
aware
of:

your most treasured feature here

Proxy

SSL termination

Apache HTTPd as Application Container

puppetlabs/apache consumed by other modules

Cheers,
igalic and blkperl

https://groups.google.com/d/msgid/puppet-users/CAEXKxLz1LNPkaK_jtyE6%3DnPJv1hy4zyLK4HVEgRwM_Lk6eWjbw%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CADaviKtGJnOz_85BGxrr3WzdjDWdxaYGumrczBwR8kZs%2B%2BbX8A%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
Thanks,
William

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAEXKxLyi9HTZU9dci%2ByB6K%3DzoTNTS9zt7TDTaxXOj0NfzJ7eNQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CADaviKtkbUZx%2B7XOnFVQPY6huxHVFb5j7wH7Pd2DhUrBTJDW%3Dg%40mail.gmail.com.
For more options, visit https://groups.google.com

Re: [Puppet Users] Puppetlabs/Apache 0.10.0 Release

2013-12-10 Thread Darin Perusich

On Tue, Dec 10, 2013 at 3:58 AM, William Van Hevelingen
wva...@gmail.com wrote:
A couple of days ago we released puppetlabs/apache 0.10.0, and as busy as
all involved people were we were to accomplish the release they are now
equally
busy to do other amazing things.

http://forge.puppetlabs.com/puppetlabs/apache/0.10.0

Among the endless (22) features that we've added in this release two big
accomplishments shine, making this an important milestone:

added FreeBSD as a supported Platform (Special Thanks to ptomulik)
made sure that a great number of tests are /actually/ executed (Special
Thanks to Aethylred)

The latter really guarantees that this release and the ones coming will be
truely backwards compatible.

Check out the CHANGELOG for all the changes in this release.

https://github.com/puppetlabs/puppetlabs-apache/blob/0.10.0/CHANGELOG.md

Moving forward

tampakrap is working on OpenSuse/SLES and Gentoo osfamily support.

The module team is working hard on a new systems test framework:
[Beaker](https://github.com/puppetlabs/beaker) that will expand upon our
rspec-system tests allowing use to support multinode tests, as well as the
ability to test platforms that are usually out of reach for normal
developers (AIX…).

For the bigger changes we need to make some hard decisions. We know that
we need to get started on support for httpd 2.4 as more distributions are
finally picking it up. But we don't know yet how to get there exactly.

We thus want to ask you to participate in discussions on the issue tracker:

https://github.com/puppetlabs/puppetlabs-apache/issues/477
https://github.com/puppetlabs/puppetlabs-apache/issues/337

your most treasured feature here

Proxy

SSL termination

Apache HTTPd as Application Container

puppetlabs/apache consumed by other modules

Cheers,
igalic and blkperl

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAEXKxLz1LNPkaK_jtyE6%3DnPJv1hy4zyLK4HVEgRwM_Lk6eWjbw%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CADaviKtGJnOz_85BGxrr3WzdjDWdxaYGumrczBwR8kZs%2B%2BbX8A%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Problem with PuppetDB and OpenSSL

2013-11-27 Thread Darin Perusich

On Wed, Nov 27, 2013 at 9:55 AM, Ken Barber k...@puppetlabs.com wrote:
I run all my Puppetised servers on CentOS 6.4. Overnight there were a load
of updates for CentOS including an update to openssl-1.0.1e-15.el6. Since
installing the updates, PuppetDB is no longer working and seems to be having
troubles with SSL.

All my puppet nodes show:

Error: Could not retrieve catalog from remote server: Error 400 on SERVER:
Failed to submit 'replace facts' command for
radius-dev.nomadic-core.bris.ac.uk to PuppetDB at
puppetdb.resnet.bris.ac.uk:8081: Connection refused - connect(2)

The PuppetDB server shows:

2013-11-27 12:09:58,347 WARN [qtp1710594959-45] [io.nio]
javax.net.ssl.SSLException: Inbound closed before receiving peer's
close_notify: possible truncation attack?

Has anyone else had this problem? Any tips? I recreated the PuppetDB certs
but this didn't help.

This all sounds pretty serious, but something isn't quite right here
with the information you have provided. This error:

puppetdb.resnet.bris.ac.uk:8081: Connection refused - connect(2)

Its very rare that a bug in a running piece of code/framework whatever
will cause a connection refused (destination port unreachable) message
on its own, its usually because the port and IP you are connecting to
is wrong and your client never got to connect to your application.
Thus its the kernel that returns the error, not the application.

So generally, this doesn't marry up in my mind with this error message:

2013-11-27 12:09:58,347 WARN [qtp1710594959-45] [io.nio]
javax.net.ssl.SSLException: Inbound closed before receiving peer's
close_notify: possible truncation attack?

This implies you _did_ connect. In short I almost believe these are
somehow unrelated, or we're mixing errors here. The SSL error is most
definitely concerning, but doesn't make sense with the connection
refused message. A connection refused usually happens long before the
client gets to the serving application, if you see what I mean :-).

Can you test the port with 'telnet puppetdb.resnet.bris.ac.uk 8081'
from the puppet master and confirm the connection refused manually?
Also - can you make sure these errors truly to correlate? Try to
reproduce both at the same time if you can. Also make sure no other
traffic is going to the PuppetDB web server at the same time.

The details for how the master connects to the PuppetDB instance is in
/etc/puppet/puppetdb.conf, double check these are correct and that the
hostname resolves to what you think it does. Also check you don't have
any firewalling enabled, its rare but firewalls can throw destination
port unreachable also.

Now the SSL error is valid and concerning to me on a separate level. I
have a whole bunch of questions though:

* What _exact_ version of the JDK is PuppetDB using? The output of
'jinfo pid' (pid of the jvm process for puppetdb) would be helpful
here, and the exact package revision from Centos.
* What exact version of PuppetDB are you running?
* Are you sure it was just openssl that was upgraded? Not java as
well? Double check your yum.log or whatever.
* Have you tried downgrading the recently upgraded packages to see if
it solves it? If it was an upgrade that caused it, a downgrade and
restart of PuppetDB should solve it in theory. I'd be interested if
this works, and what packages you downgraded to.
* Can you show the full stack trace from the PuppetDB log, if there is
more to it.

If your runnning jdk 6u26 or older you're probably hitting these bugs.
I had this same error with the OpenDJ LDAP server a few years back and
upgrading the JDK fixed it.

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6932403
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7025227

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CADaviKt5DNnOGb31_-1dWeXpEGX7L3eG34RBx5%3DYPGcCwXgDZQ%40mail.gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] PuppetDB 1.4.0 on OpenSuSE

2013-09-26 Thread Darin Perusich

Jeff,

I've packaged puppetdb for OpenSUSE/SLES. all versions, and it's
available in the systemsmanagement:puppet repository. It builds
puppetdb fully from source, no binary blobs, has SuSE compatible
init/systemd scripts, etc.

Download Top level for all repos:
http://download.opensuse.org/repositories/systemsmanagement:puppet/

Build Project:
https://build.opensuse.org/package/show/systemsmanagement:puppet/puppetdb
--
Later,
Darin

On Thu, Sep 26, 2013 at 11:51 AM, Jeffrey Watts
jeffrey.w.wa...@gmail.com wrote:
I just built the PuppetDB 1.4.0 RPMs on OpenSuSE 12.1. The specfile works
much better on OpenSuSE now. Two issues came up, however:

The 'BuildRequires:sles-release' needs to have a conditional around it so
that it can tell between SLES and OpenSuSE. I think this works (I don't
have a SLES box to test against):
%if 0%{?sles_version}
BuildRequires: sles-release
%else
BuildRequires: openSUSE-release
%endif

Lastly, the puppetdb-ssl-setup script still does not work when the PuppetDB
does not reside on the Puppetmaster. The fix is pretty simple, and the
issue is in the bug tracker. I created a question and answer on
ask.puppetlabs.com to try and help others that run into it:
https://ask.puppetlabs.com/question//puppetdbs-puppetdb-ssl-setup-script-does-not-work-when-the-puppetdb-is-not-on-the-puppetmaster/

I'd like to thank the PuppetLabs folks for making the specfile MUCH more
OpenSuSE friendly. It only took me ten minutes this time to fix the
problems in the specfile - 1.3.0 took a lot longer.

Thanks!
Jeffrey.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an
email to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Array being flattened

2013-09-19 Thread Darin Perusich

Hello All,

I've run into an issue where an array that's being passed into a
defined type is being flattened when it's inclosed in double quotes
and I'm not sure how to get around this. This is happening a the
pdxcat/amanda module and I've raised an github issues for this but
wanted to query the community as a whole. The issue and my branch of
the code are below.

The amanda::server or amanda::configs class/defined type allow you to
populate amanda configuration directories from files,
/etc/amanda/$configs, by setting configs = [ daily, weekly ] in
the manifest. In my defined type, amanda::disklist, the parameter
$configs needs to be used to set the correct target path to a file
which I'm using contact::fragment to modify. When $configs is a single
value, say daily, everything works as expected. But then $configs is
an array, daily and weekly, it's flattened to dailyweekly which
results in an Invalid relationship: error.

Can anyone provide some guidance on how to get around this? I've been
banging on this for a few days and my heads really starting to hurt.

define amanda::disklist (
$configs,
$diskdevice = undef,
$dumptype,
$ensure = present,
$interface  = undef,
$order  = 20,
$spindle= undef
) {
include amanda::params
include amanda::virtual

concat::fragment { amanda::disklist/$title:
target  = $amanda::params::configs_directory/$configs/disklist,
ensure  = $ensure,
order   = $order,
content = $fqdn $name $diskdevice $dumptype $spindle $interface\n,
tag = amanda_dle,
}

https://github.com/pdxcat/puppet-module-amanda/issues/12
https://github.com/deadpoint/puppet-amanda/tree/disklist

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: Array being flattened

2013-09-19 Thread Darin Perusich

On Thu, Sep 19, 2013 at 3:33 PM, jcbollinger john.bollin...@stjude.org wrote:


 On Thursday, September 19, 2013 9:13:59 AM UTC-5, Darin Perusich wrote:

 Hello All,

 I've run into an issue where an array that's being passed into a
 defined type is being flattened when it's inclosed in double quotes
 and I'm not sure how to get around this.



 You get around it by not referencing the variable inside double quotes.
 Putting the variable reference inside double quotes indicates that you want
 to interpolate its (one) string value into the (one) larger string.

Yes I'm aware.



 This is happening a the
 pdxcat/amanda module and I've raised an github issues for this but
 wanted to query the community as a whole. The issue and my branch of
 the code are below.

 The amanda::server or amanda::configs class/defined type allow you to
 populate amanda configuration directories from files,
 /etc/amanda/$configs, by setting configs = [ daily, weekly ] in
 the manifest. In my defined type, amanda::disklist, the parameter
 $configs needs to be used to set the correct target path to a file
 which I'm using contact::fragment to modify. When $configs is a single
 value, say daily, everything works as expected. But then $configs is
 an array, daily and weekly, it's flattened to dailyweekly which
 results in an Invalid relationship: error.



 What is the desired behavior in this case?  Choose the first element?  The
 last?  A random one?  Perhaps do something for each element?

The desired behavior is to add/remove entries in the disklist file for
each $configs specified. For example your daily backups might run
weekdays and only do incremental dumps, but the weekly backups run
on weekends and are archived and sent off site.




 Can anyone provide some guidance on how to get around this? I've been
 banging on this for a few days and my heads really starting to hurt.

 define amanda::disklist (
 $configs,
 $diskdevice = undef,
 $dumptype,
 $ensure = present,
 $interface  = undef,
 $order  = 20,
 $spindle= undef
 ) {
 include amanda::params
 include amanda::virtual

 concat::fragment { amanda::disklist/$title:
 target  = $amanda::params::configs_directory/$configs/disklist,
 ensure  = $ensure,
 order   = $order,
 content = $fqdn $name $diskdevice $dumptype $spindle
 $interface\n,
 tag = amanda_dle,
 }

 https://github.com/pdxcat/puppet-module-amanda/issues/12
 https://github.com/deadpoint/puppet-amanda/tree/disklist



 Your definition seems generally ill-conceived, or at least ill-named, in the
 face of a $configs variable containing multiple elements.  The only sensible
 thing I can see in that case would be for multiple files to be managed,
 whereas your defined type represents only one.

I thought about creating multiple files but values in amanda.conf are
not managed by puppet, other than being copied to the server, so the
admin would need to know to add/set disklist value which is typically
not present. I see this as being a future enhancement to the module.

 What is the relationship between your defined type and amanda::dle?  The
 latter appears to be doing about the same thing, but seems to get it right.
 The key difference there is that amanda::dle makes use of the $configs array
 directly as a resource title.  When an array literal or an array-valued
 variable is used as a resource title, it serves as shorthand for multiple
 resource declarations, one for each array element, all with the same
 parameters.  This behavior is often leveraged for splitting arrays into
 multiple elements, just as amanda::dle does.

With amanda::dle I was trying another approach, but it causes
duplicate definitions so I wouldn't say it got it right;-)

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: SSH configuration Question

2013-09-16 Thread Darin Perusich

I wrote an ssh_config defined type, unpublished, to manage every sshd
config value. This allowed me to set custom options like $port,
$allowgroups, create $match and $match_conditions, etc, on a server by
servers basis.
--
Later,
Darin


On Mon, Sep 16, 2013 at 12:02 PM, jcbollinger john.bollin...@stjude.org wrote:


 On Sunday, September 15, 2013 10:00:16 PM UTC-5, John.1209 wrote:

 I'm somewhat new to puppet and I have this issue with SSH.

 Let's say I have 6 different SSH configurations.  How do I get puppet to
 install or upgrade SSH based on the configurations?  Assume the O/S and SSHD
 versions are all the same.

 So let's say I have different configurations that run SSHD with the
 following ports:

 Port 22
 Port 
 Port 1000, and so on.

 How can I write or modify the puppet openssh module to update the
 different configurations?

 Thanks in advance.



 There are two separate issues here: how to provide for variation in
 machine-to-machine configuration details within a single module, and how to
 make Puppet choose the correct configuration for each machine.  These are
 not completely separate.  But I will start by focusing on the former.

 Basically, the problem you are asking about is that of site-specific module
 data.  You need to be able to feed data about your site and the machine
 being configured into your module in order for the managed resources to be
 configured correctly.  This is where Puppet variables come in.  You can rely
 on variables defined by any declared class (including the one wherein you
 are declaring the needed resources), by the relevant node block (if any), or
 at top scope.  You can use these variables directly as or in resource
 parameter values, or you can use them in ERB templates evaluated via the
 template() or inline_template() functions.  Templates are often used for the
 content of configuration files.

 The next question, then, is how variables get their values.  There are
 several ways:

 node facts are exposed as global variables; their values are provided by the
 client as part of the catalog request
 node-scope variables are defined by node blocks, typically based on the
 target node's identity
 variables at any level can be set to the results of Puppet functions.  This
 is particularly powerful, as functions can compute their results by any
 means.  Some, such as hiera() and its siblings, are specifically designed to
 look up values in external files.
 variables that happen to be class or definition parameters can receive their
 values from explicit class or resource declarations or from default values;
 class parameters can also receive their values from an external node
 classifier (ENC) or from automated data binding via the hiera external
 data subsystem.

 As far as the module design goes, the best approach would probably be to
 rely on external data, with sensible default values declared where there are
 any.  For example,

 class ssh_server::config {
   # ...
   $port = hiera('ssh_server::config::port', 22)
   # ...
   file { '/etc/ssh/sshd_config':
 ensure = file,
 uid = 0,
 gid = 0,
 mode = 0600,
 content = template('sshd_config.tmpl')
   }
 }

 Then, somewhere in the template you have
 #...
 Port %= @port %
 #...

 Note that it is quite popular these days to make class parameters out of the
 characteristic data of your classes.  The practice is more popular than I
 think is warranted its technical merits, but if you wanted to go that route
 then the beginning of the above class might look something like this:

 class ssh_server::config (
   # ... maybe other parameters ...
   $port = 22
 ) {
   # ...
   file { '/etc/ssh/sshd_config':
   #...


 John

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Puppet SSL cipher suites

2013-09-12 Thread Darin Perusich

If you're running your puppet master via apache +passenger set in your
apache configuration.
On Sep 12, 2013 5:41 PM, Gabriel Filion lelu...@gmail.com wrote:

 Hey there,

 I looked up puppet.conf documentation and there doesn't seem to be any
 option to choose which SSL cipher suites are used for communication.

 Is there some way to configure which cipher suites are preferred?

 --
 Gabriel Filion



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] migrating to puppetdb

2013-09-06 Thread Darin Perusich

Hi Ken,

Adding the storeconfigs setting to [main] got things working. This
sounds like an bug/issue to me, or at a minimum something that needs
to be specified int he documentation. I'll file and issue.

Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] migrating to puppetdb

2013-09-05 Thread Darin Perusich

Hello All,

I'm looking to migrate from ActiveRecord to PuppetDB for storeconfigs
and was going to export the existing data with puppet storeconfigs
export, sounds simple enough. The problem I'm hitting is the export
attempts to connect to a sqlite3 DB but I'm using mysql for
storeconfigs. The help and man page for puppet storeconfigs aren't
very helpful.

Anyone know what's causing this?

PuppetDB 1.4.0
Puppet 3.2.4

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Announce: Puppet 3.2.3 Available

2013-07-19 Thread Darin Perusich

FWIW Puppet Labs could really simplify the creation of packages for
linux distributions by leveraging the Open Build Service, formerly
OpenSUSE Build Service. All you need to do to add a distribution is
check a box and which architectures and the systems will automagically
build and deploy the packages for you. For a company that deals in
automation I'd think such a tool would be right up your alley;-)

You can find the documentation and software http://openbuildservice.org/

--
Later,
Darin


On Fri, Jul 19, 2013 at 11:21 AM, Moses Mendoza mo...@puppetlabs.com wrote:
 Hi Justin,

 Yes, I'll try to get those up today.

 Moses

 On Wed, Jul 17, 2013 at 3:37 PM, Justin Brown justin.br...@fandingo.org 
 wrote:
 Moses,

 The Fedora 19 packages have not been updated. Could you issue packages for
 http://yum.puppetlabs.com/fedora/f19/?

 Thanks,
 Justin


 On Mon, Jul 15, 2013 at 2:18 PM, Moses Mendoza mo...@puppetlabs.com wrote:

 3.2.3 is a bugfix release of the Puppet 3.2 series. It fixes some
 Windows bugs introduced in 3.2.0, as well as a few performance
 problems and miscellaneous bugs.

 ===
 ## Puppet 3.2.3 Downloads ##
 ===

 Source: https://downloads.puppetlabs.com/puppet/puppet-3.2.3.tar.gz

 RPM and deb packages available in the Puppet Labs repositories at:
 http://yum.puppetlabs.com and http://apt.puppetlabs.com

 Gems are available via rubygems at
 https://rubygems.org/downloads/puppet-3.2.3.gem
   or by using `gem install puppet`

 Mac package is available at
 https://downloads.puppetlabs.com/mac/puppet-3.2.3.dmg

 Windows package is available at
 https://downloads.puppetlabs.com/windows/puppet-3.2.3.msi

 Please report feedback via the Puppet Labs Redmine site, using an
 affected puppet version of 3.2.3:
 https://projects.puppetlabs.com/projects/puppet/

 
 ## Puppet 3.2.3 Contributors ##
 

 Adrien Thebo, Andrew Parker, Dustin J. Mitchell, Josh Cooper, Josh
 Partlow, Justin Stoller, Matthaus Owens, Moses Mendoza, Nick
 Fagerlund, Patrick Carlisle

 =
 ## Puppet 3.2.3 Release Notes ##
 =

 ### Windows Fixes

 This release fixes several Windows bugs that couldn't be targeted for
 earlier 3.2 releases.

 * [#20768: windows user provider can not manage password or home
 directory](https://projects.puppetlabs.com/issues/20768) --- This was
 a regression in 3.2.0/3.2.1.
 * [#21043: setting in puppet.conf ignored on Windows in Puppet
 3.2.1](https://projects.puppetlabs.com/issues/21043) --- This was a
 regression in 3.2.0/3.2.1.
 * [#16080: Service provider broken in Windows Server
 2012](https://projects.puppetlabs.com/issues/16080) --- This affected
 all previous Puppet versions.
 * [#20787: 'puppet resource group' takes incredibly long on
 Windows](https://projects.puppetlabs.com/issues/20787) --- This
 affected all previous Puppet versions.
 * [#20302: Windows File.executable? now returns false on ruby
 1.9](https://projects.puppetlabs.com/issues/20302)
 * [#21280: Don't create c:\dev\null in windows
 specs](https://projects.puppetlabs.com/issues/21280) --- This was only
 relevant to Puppet developers.

 ### Logging and Reporting Fixes

 * [#20383: Bring back helpful error messages like prior to Puppet
 3](https://projects.puppetlabs.com/issues/20383) --- This was a
 regression from 3.0.0, which caused file names and line numbers to
 disappear from duplicate resource declaration errors.
 * [#20900: tagmail triggers in --onetime mode without changes after
 upgrade from 3.1.1 to
 3.2.1](https://projects.puppetlabs.com/issues/20900) --- This was a
 regression in 3.2.0/3.2.1.
 * [#20919: Logging behaviour issues in
 3.2.1](https://projects.puppetlabs.com/issues/20919) --- This was a
 regression in 3.2.0/3.2.1, which caused noisy logging to the console
 even if the `--logdest` option was set.

 ### Performance Fixes

 * [#21376: Stack level too deep after updating from 3.1.1 to
 3.2.2](https://projects.puppetlabs.com/issues/21376) --- This would
 sometimes cause total failures when importing a large number of
 manifest files (such as with the `import nodes/*.pp` idiom).
 * [#21320: Puppet daemon may sleep for 100 years after receiving USR1
 on 64 bit systems](https://projects.puppetlabs.com/issues/21320) ---
 MCollective's Puppet plugin uses puppet agent's USR1 signal to trigger
 a run if the agent is running; on 64-bit systems, this could cause
 puppet agent to keep running, but stop doing scheduled configuration
 runs. This was caused by a bug in Ruby \ 2.0, but we modified Puppet
 to work around it.
 * [#20901: `puppet --version` is unnecessarily
 slow](https://projects.puppetlabs.com/issues/20901) --- This was a
 regression in 3.2.0/3.2.1.

 ### Misc Fixes

 * [#21264: parser = future breaks executing functions as class
 defaults](https://projects.puppetlabs.com/issues/21264)

 ### All 3.2.3 Changes

 [See here for a list of all changes in the 3.2.3

[Puppet Users] [Announce] Puppet Request Tracker Module

2013-05-14 Thread Darin Perusich

This is a cross-list post.

I'd like to announce the initial release of a puppet request-tracker
module, darin-rt, for managing Request Tracker. The module will
install request-tracker and database packages, install request-tracker
extensions (if packages are available in the repo), and create basic
request-tracker queues.

This is also a request for help in extending the module to support
more operating systems! Currently it only supports SuSE systems, my
distro of choice, so I'm hopeful people from the community who use RT
and Puppet will extend this module to support a more verbose set of
operating systems. If you're interested in contributing please contact
me off-list and I'll help get you up to speed.

Enjoy!

Puppet Forge: http://forge.puppetlabs.com/darin/rt
GitHub: https://github.com/deadpoint/puppet-rt
Installation: puppet module install darin-rt

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: Installing on SLES 11.2?

2013-02-15 Thread Darin Perusich

There should be no reason to add any repo's other then
systemsmanagement:puppet for dependencies. The deps should be created
as packages links to the which ever development repo they reside in.

Any discussion regarding this should be taken off the puppet list and
moved onto the opensuse-buildservice list or directed at the
repository maintainers.

--
Later,
Darin


On Fri, Feb 15, 2013 at 1:46 AM, Niels Abspoel abo...@gmail.com wrote:
 For the ruby depencies you need the following repositories on SLE_11_SP2:

 devel:languages:ruby:backports/SLE_11_SP2

 and of course:
 SUSE:SLE-11:SP2/standard

 See for more information:
 https://build.opensuse.org/project/repositories?project=systemsmanagement%3Apuppet

 Hope this helps.

 Op vrijdag 15 februari 2013 02:18:33 UTC+1 schreef JB Bell het volgende:

 I've been unable to get puppet installed on SLES 11.2 by the recommended
 method.

 I've set up the repo at
 http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_11_SP2/,
 but when I do zypper install puppet I get multiple dependency errors,
 e.g.:

 Problem: nothing provides rubygems needed by
 rubygem-hiera-1.1.2-8.1.x86_64

 I had a prior install of puppet kind of working without that repo, but I
 need to have the ruby-shadow package. A good number of articles and bug
 reports online talk about this, and supposedly that repo is the solution. I
 don't find any docs at all on the official puppetlabs site, and the old wiki
 references a repo that doesn't seem to exist anymore; at any rate, it's for
 SLES 10.2.

 Any clues? I don't want to have to install from source--we have dozens of
 SLES servers.

 Thanks for any help you can provide. Ideally I'd like a step-by-step for
 SLES, but anything would be good.


 J B Bell
 Test Environment Professional
 Ericsson ITTE

 4333 Still Creek Drive
 Burnaby, BC  V5C 6S6, Canada
 Phone +1 778.373.7150
 jb@ericsson.com
 www.ericsson.com




 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users?hl=en.
 For more options, visit https://groups.google.com/groups/opt_out.



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] shared header across multiple defined types via concat

2013-02-15 Thread Darin Perusich

Hi Felix,

On Thu, Feb 14, 2013 at 7:07 AM, Felix Frank
felix.fr...@alumni.tu-berlin.de wrote:
 So basically you want all generated files to use the same header
 template? Hmm.

This is correct.

 I believe what you want is another defined type that represents the
 header snippet for a specific pam config file and declares a
 concat::fragment $name-header or somesuch. Each of the other defined
 types then contains an instance of this new type, probably not passing
 more than the name.

I've tried this approach and the problem you run into is when defining
multiple pam::limits you create a duplicate declaration caused by
pam::header being called for each instance. It attempts to create
multiple headers.

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] shared header across multiple defined types via concat

2013-02-15 Thread Darin Perusich

On Fri, Feb 15, 2013 at 10:12 AM, Felix Frank
felix.fr...@alumni.tu-berlin.de wrote:
 Hi,

 it's paramount that you generate a unique $name for each invocation of
 your defined type, e.g.

 pam::header { limits-$name: }

 You can take advantage of the fact that the calling defines have
 unique names of their own.

Right, that was my dump mistake. It still doesn't take away from the
fact that the header will be added multiple times.

 HTH,
 Felix

 On 02/15/2013 03:31 PM, Darin Perusich wrote:
  I believe what you want is another defined type that represents the
  header snippet for a specific pam config file and declares a
  concat::fragment $name-header or somesuch. Each of the other defined
  types then contains an instance of this new type, probably not passing
  more than the name.
 I've tried this approach and the problem you run into is when defining
 multiple pam::limits you create a duplicate declaration caused by
 pam::header being called for each instance. It attempts to create
 multiple headers.

 --
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users?hl=en.
 For more options, visit https://groups.google.com/groups/opt_out.



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] shared header across multiple defined types via concat

2013-02-12 Thread Darin Perusich

Hello All,

I have two defined types which I'd like to share a common, realized
header concat resource but when both are declared in a manifest the
header is only applied to one of the types. When the headers are
declared independently for each type the work but that's is a bunch of
nearly identical code that should be able to be reused, but i'm
missing whatever magic is needed to accomplish it.

The class is pam and the defined types are pam::access and
pam::limits. I've only included init.pp and limits.pp since access.pp
is nearly identical but the full module can be found at
https://github.com/deadpoint/puppet-module-pam.

Any thoughts on how to accomplish this?

init.pp:
class pam {
  include concat::setup
  $access_conf = '/etc/security/access.conf'
  $limits_conf = '/etc/security/limits.conf'

  @concat { $limits_conf:
owner  = 'root',
group  = 'root',
mode   = '0644',
  }
  # header
  @concat::fragment { header:
target  = undef,
name= undef,
order   = 01,
content = template(pam/header.erb),
  }
}

limits.pp:
define pam::limits ( $domain, $type, $item, $value, $ensure   =
present, $priority = '10' )
 {
  include pam
$limits_conf = $pam::limits_conf
realize ( Concat[$limits_conf] )
Concat::Fragment | title == 'header' | { target = $limits_conf,
name = limits }
  concat::fragment { pam::limits ${domain}-${type}-${item}-${value}:
ensure  = $ensure,
target  = $limits_conf,
content = ${domain} ${type} ${item} ${value}\n,
order   = $priority,
  }
}

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] changing the root password on PUPPET master and init.pp

2013-01-11 Thread Darin Perusich

You need to supply the encrypted password in the manifest.

--
Later,
Darin


On Thu, Jan 10, 2013 at 4:55 PM, DJames dominicrja...@gmail.com wrote:
 I understand that you must change the password on the host itself first,
 then change the password in /etc/puppet/modules/users/manifests/init.pp

 what makes the password encrypted? Do i just put the non-encrypted new root
 password in the following sections? then puppet encrypts it?


 lass users {
case $operatingsystem {
   'RedHat', 'CentOS': {
  user {
 root:
comment  = '[ROOT]',
uid  = 0,
gid  = root,
home = /root,

 password = $ ? {
   4 = '',
   5 = '',
   6 = '',




 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/mEeGNkFMgusJ.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Splunk Module Development Recommendations

2013-01-08 Thread Darin Perusich

I've broken my splunk module in splunk::client for the forwarder and
splunk::server for the server. Both inherit splunk which realizes the
user and group, i don't let the splunk packages create them cuz
they're created as non-system accounts which collide with ldap
accounts, and creates the init script, again modified since I don't
like the supplied one. The client also creates the
deploymentclient.conf so we can push what to monitor from the splunk
server.

No need to add forward-server or any of that other stuff.

--
Later,
Darin


On Tue, Jan 8, 2013 at 10:01 AM, Brendan Murtagh
brendan.r.murt...@gmail.com wrote:
 Good morning,

 We've been testing PE and beginning developing modules for our
 infrastructure. One of the modules I'm looking to create is an installation
 for Splunk, with the primary focus at this time, on the Forwarder. I already
 have the splunkforwarder-5.0.1-143156-linux-2.6-amd64.deb package being
 fetched from the Master and also performing the installation via dpkg. I
 need help brainstorming/figuring out the best way to handle the rest of the
 installation/configuration commands. Here is the guide I was given to
 complete the installation for the Splunk Forwarder:

 dpkg -i splunkforwarder-5.0.1-143156-linux-2.6-amd64.deb

 source /opt/splunkforwarder/bin/setSplunkEnv

 splunk start

 splunk add forward-server 10.1.1.45:9996
 Splunk username: admin
 Password: password

 splunk restart

 splunk enable boot-start

 cd /data/apps/ror/pws/current/log

 splunk add monitor .

 edit /opt/splunkforwarder/etc/apps/search/local/inputs.conf

 Add the following lines:

 inputs.conf for the web servers
 [monitor:///var/log]
 disabled = false

 [monitor:///data/apps/ror/pws/shared/log/leads.log]
 disabled = false
 sourcetype = est_appts

 [monitor:///data/apps/ror/pws/shared/log/audit.log]
 disabled = false
 sourcetype = salesbooks

 [monitor:///data/apps/ror/pws/shared/log/production.log]
 disabled = false
 sourcetype = rails

 [monitor:///data/apps/ror/pws/shared/log/call_attempts.log]
 disabled = false
 sourcetype = call_attempts

 [monitor:///data/apps/ror/pws/shared/log/call_selection.log]
 disabled = false
 sourcetype = call_selection


 I'm ok using a template/content parameter for handling the
 /opt/splunkforwarder/etc/apps/search/local/inputs.conf file. What are some
 of the recommended ways for handling the install steps prior to the
 inputs.conf edits?

 Thanks,

 Brendan

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/J01GCHL_T7MJ.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] puppetlabs-mysql module

2013-01-03 Thread Darin Perusich

Hello All,

I'm never really sure whether to email the maintainers for modules or
the list so I figure posting to the list is a good place to start;-)

So I've started testing out the puppetlabs-mysql module today and I
like what I'm seeing but have a few questions/critiques/concerns
regarding the types/providers. I'm finding the names, database,
database_user, and database_grant rather generic. Unless there are
plans to merge mysql, postgresql, etc, into a single database module
shouldn't they be a bit more specific like mysql_db, mysql_user, and
mysql_grant?

Also, what about supplying my.cnf instead of creating from a template
which is the default action? I see you can use mysql::server::config,
which I haven't tried yet, to add additional params but I'm thinking
that could lead to a rather large/unwieldy manifest given the vast
number of options available.

Nice work and I hope to see my pull request for SuSE support accepted soon;-)

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Problems building puppet 3.x for SLES

2012-12-27 Thread Darin Perusich

Working packages for SLES, and all current SuSE releases, are available in
open build service. These are the packages that feed the distributions.

https://build.opensuse.org/package/show?package=puppetproject=systemsmanagement%3Apuppet

--
Later,
Darin


On Wed, Dec 26, 2012 at 10:53 PM, Jagga Soorma jagg...@gmail.com wrote:

 Hi Guys,

 I am new to puppet and have a mix of both RHEL5.x and SLES11.x servers in
 my environment.  I have been able to build the puppet client with some
 modifications on RHEL5.x with the spec files just fine but can't seem to
 build for SLES11.x.  I was wondering if anyone here is using the puppet 3.x
 client with SLES11 yet?  If so, do you know what the best way is to install
 all the dependencies and the puppet client for SLES11.x.

 Any help would be appreciated.

 Thanks,
 -J

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/UrZPC54IbswJ.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet on OpenSuSE SLES

2012-12-03 Thread Darin Perusich

EOL distro's can be enabled manually but you'll need to contact one of the
the repo maintainers to do so. Click on the users tab in the webui and
email one or all of the maintainers.

--
Later,
Darin


On Fri, Nov 30, 2012 at 7:08 PM, Ashley Gould ago...@ucop.edu wrote:

 On Mon, Nov 26, 2012 at 10:35:55PM -0800, Niels Abspoel wrote:
  Darin has given the right answer,
 
  Just branch the package, and submit a request.
  Don't forget to add a comment in puppet.changes file before you submit
 it.
 

 Thank you for this tip.  OBS is sweet, but I'm still feeling my way around.

 I have branched and built locally with modified puppet-3.0.1-init.diff.
 I will let my patched init script run in the wild for a week or so
 and then (figure out how to) submit.

 Are you aware of anyone building puppet 3.0.* for SLES10?  Can we
 add a SLES10 repo to the systemsmanagement:puppet project?


 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet on OpenSuSE SLES

2012-11-21 Thread Darin Perusich

Ashley,

One of the nice things about OBS is you can branch the package,
update it, and submit your changes back and if/once accepted they'll
be built, packed and available in the repo for general consumption.

--
Later,
Darin

On Wed, Nov 21, 2012 at 3:59 PM, Ashley Gould ago...@ucop.edu wrote:
Hello Niels,

I found this thread and I am installing puppet-3.0.1-2.1.x86_64.rpm from
http://download.opensuse.org/repositories/systemsmanagement:/puppet/SLE_11_SP2/

The init script /etc/init.d/puppet in this rpm has an error and will not run
on
puppet 3.0, because the script sets the puppet binary to /usr/sbin/puppetd,
which no longer is used.

I have revised the script for my site, but I would like to see this fixed
in the OBS repo as well. Who should I contact to help contribute changes?
I have not use OBS before to maintain packages.

On Mon, Oct 22, 2012 at 08:08:50AM -0700, Niels Abspoel wrote:
If you don't want to compile it yourself:

Look at these:
home project:
https://build.opensuse.org/package/show?package=puppetproject=home%3Aaboe76%3Abranches%3Asystemsmanagement%3Apuppet%3Adevel

devel project maintainer opensuse
https://build.opensuse.org/project/show?project=systemsmanagement%3Apuppet%3Adevel

official maintainer project:
https://build.opensuse.org/package/show?package=puppetproject=systemsmanagement%3Apuppet

Op donderdag 29 maart 2012 15:03:36 UTC+2 schreef Darin Perusich het
volgende:

You can grab the .spec from the build service project or the srpm links
below.

http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/

https://build.opensuse.org/project/show?project=home%3Aeclipseagent%3Apuppet

--
Later,
Darin

On Thu, Mar 29, 2012 at 5:03 AM, r0k5t4r oliver_...@gmx.de javascript:
wrote:
Hi,

would you mind sharing the specfile you have used to build ruby-shadow?

Regards,
Oliver

Am Montag, 12. März 2012 17:46:17 UTC+1 schrieb Jeffrey Watts:

I took the RHEL/EPEL RPMs for ruby-shadow and puppet and rebuilt them
for
SLES. There are very few things that need changing. The RHEL/EPEL RPMs
have really well put together SPECfiles.

I believe I posted the SPECfile diff for puppet to this list a month or
so
ago. You might search the archives. Mostly what I did was comment out
the
Red Hat specific dependencies - it was really easy. You can build
without
Augeas if you're not using it.

Good luck.
Jeffrey.

On Mon, Mar 12, 2012 at 5:19 AM, Julien C.
corn...@gmail.comjavascript:
wrote:

Hi,

I'm a big fan of Puppet and managed to have my company accept it.
However, I'm having issues deploying it (I'm used to the debian version
which works perfectly out of the box) :

- There doesn't seem to be an official repository for Suse (I've seen
it
mentionned in the bugtracker but yum.puppetlabs.com doesn't contain
SUSE
packages).
- I can't find a package for ruby-shadow.
- I can't find a package for augeas either.

I circumvented these problems by installing Puppet by hand (tarball)
and
writing ugly code (execs) to manage config files and user passwords.
However, I'd like to know if I missed anything or if you can suggest
solutions for any of these 3 issues...

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/z_oXvCuaLJsJ.

To post to this group, send email to
puppet...@googlegroups.comjavascript:
.
To unsubscribe from this group, send email to
puppet-users...@googlegroups.com javascript:.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/jTcQeG0uAvwJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

-ashley

Did you try poking at it with a stick?

--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet client won't autostart

2012-11-13 Thread Darin Perusich

This is systemd weirdness. I've run into this error before on SuSE
with other init scripts and the fix was to reboot the machine. Then
you won't get the Loaded: error (Reason: No such file or directory)
anymore.

--
Later,
Darin


On Tue, Nov 13, 2012 at 9:29 AM, Bret Wortman b...@thewortmans.org wrote:
 It does not (and this is odd since I'm using F17):

 # service puppet status
 Redirecting to /bin/systemctl  status puppet.service
 puppet.service
  Loaded: error (Reason: No such file or directory)
  Active: inactive (dead)

 and yet ps still shows it running.

 But with your help, this at least starts it now, but I can't get the
 ensure bit working, and that's the really critical piece for us. Looks
 like Puppet is expecting to chkconfig this and that's not working. I also
 have no file in /etc/init.d at all, so there's apparently no start script on
 my system at all. I installed from the Puppetlabs repos.

 # puppet resource service puppet hasstatus=false ensure=running enable=true
 Error: Could not enable puppet: Execution of '/sbin/chkconfig puppet on'
 returned 1: error reading information on service puppet: No such file or
 directory
 :
 :
 service { 'puppet':
   ensure = running,
   enable = false,
 }
 #

 On Tuesday, November 13, 2012 8:40:08 AM UTC-5, Martin Alfke wrote:

 Hi Bret,

 On 13.11.2012, at 13:18, Bret Wortman wrote:

 I'm getting this problem on all the puppet client's I've been setting up
 and it's got me both scratching my head (because I'm not seeing anything
 obvious in any system logs) and pausing in my rollout until I get it solved:

 # puppet resource service puppet ensure=running enable=true


 does the service script has a status option and does the status deliver
 proper results?

 service puppet status

 Some service scripts do not check properly for the status or they deliver
 wrong exit codes.
 If this is the case you can set
 hasstatus = false

 hth,

 Martin

 Error: Could not start Service[puppet]: Execution of '/sbin/service puppet
 start' returned 1:
 Error: /Service[puppet]/ensure: change from stopped to running failed:
 Could not start Service[puppet]: Execution of '/sbin/service puppet start'
 returned 1:
 service { 'puppet':
   ensure = 'stopped',
   enable = 'false',
 }
 # ps aux | grep 'puppet agent' | grep -v grep
 # puppet agent
 # ps aux | grep 'puppet agent' | grep -v grep
 root 55055 12.4  0.1 383924 45928 ?   Ssl   07:150:01
 /usr/bin/ruby /bin/puppet agent
 #

 Where should I look first? I'm not sure why this will start for me
 interactively but not from the agent (this also fails if the agent is
 already running in exactly the same fashion).

 Thanks!


 Bret Wortman

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/Craxa7MPMXUJ.
 To post to this group, send email to puppet...@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.


 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/62Ns4IuyUJgJ.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet modules for suse / sles !!!

2012-11-02 Thread Darin Perusich

Here's a couple types that you'll find useful. The
puppet-apache-modules type provides support for adding/removing apache
flags and modules on SuSE, you'll need to write an apache module but
I'm sure you can merge it into other modules. Any of the puppet
modules on my github have been had suse support added and pushed
upstream.

https://github.com/deadpoint/puppet-zypprepo
https://github.com/deadpoint/puppet-apache-modules

--
Later,
Darin


On Fri, Nov 2, 2012 at 5:55 AM, Rakesh Kathpal rkath...@gmail.com wrote:
 Hi,

 I am a sysadmin and currently evaluating puppet. I am not a programmer so
 generally use ready modules from Lab42 or other contributors on puppet forge
 / github. Currently I am looking for Apache / Mysql and Php puppet modules
 for SLES, I have got the modules working for rhel/ububtu and centos.

 Really appreciate any help on this.

 Thanks  Regards,

 Rakesh K.

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet on OpenSuSE SLES

2012-10-30 Thread Darin Perusich

Why did they put it in systemsmanagement:puppet:devel instead of
systemsmanagement:puppet? Having a separate devel project seems kinda
fragmented and unnecessary to me.

Is the a reason for packaging it as a gem? I haven't done any ruby
packaging in OBS, only perl, so i dont' know if that's preferred. The
spec should also be updated with a Provides: ruby-shadow so any
systems that have a ruby-shadow package installed trigger a conflict.

--
Later,
Darin


On Mon, Oct 29, 2012 at 2:32 AM, Niels Abspoel abo...@gmail.com wrote:
 Hi Darin,

 The puppet package has been updated in systemsmanagement:puppet:devel in
 opensuse build service to include ruby-shadow.
 Hope this package will become the new puppet package in opensuse 12.3. en
 SLES.

 It works great on my own machine. Maybe we can update the spec file with the
 spec file from opensuse build service?

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/LujHjEL98JwJ.

 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet on OpenSuSE SLES

2012-10-22 Thread Darin Perusich

Hi Niels,

The only thing those SuSE packages are missing, imo, is the
ruby-shadow packages and dependency.  I've been meaning to submit
ruby-shadow and an updated spec to systemsmanagement:puppet just
haven't had the time.

--
Later,
Darin


On Mon, Oct 22, 2012 at 1:18 AM, Niels Abspoel abo...@gmail.com wrote:
 Or you can go to https://build.opensuse.org/

 They have two projects running:
 2.7.19: systemsmanagement-puppet

 3.0.0:  systemsmanagement-puppet-devel-package=puppet

 and my own
 3.0.1: home-Aaboe76-branches-systemsmanagement-puppet-devel

 These are packages build for suse and tested on my machine.

 Greetz,
 Niels


 Op donderdag 29 maart 2012 15:03:36 UTC+2 schreef Darin Perusich het
 volgende:

 You can grab the .spec from the build service project or the srpm links
 below.

 http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/

 https://build.opensuse.org/project/show?project=home%3Aeclipseagent%3Apuppet

 --
 Later,
 Darin

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/-vYDo6vaqmIJ.

 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: how to stop puppet from checking a service

2012-10-02 Thread Darin Perusich

On Mon, Oct 1, 2012 at 6:03 PM, jcbollinger john.bollin...@stjude.org wrote:


 On Monday, October 1, 2012 3:56:42 PM UTC-5, Darin Perusich wrote:

 Is there an way for puppet to not check whether a service is running
 or not? I'm basically looking for the equivalent of enable = manual
 for Linux systems, I think. This would be useful when the service
 itself is under the control of a CRM like Pacemaker or I want to give
 control of the service to an end user, say both tomcat and glassfish
 are on the same box and they want to run one instead of the other.



 I suspect it's not possible to prevent Puppet from checking whether a
 managed service is running, but it may be possible to prevent it from
 managing whether the service is running.  Try omitting the 'ensure'
 parameter altogether.

You are correct...by omitting the ensure the service is no longer
checked to if it's running or not.

Thanks!

 Note that if you're not managing whether the service is running, then the
 only other thing about it you can be managing is whether it starts at boot
 (via the 'enable' parameter).  If you don't want to manage that either, then
 just don't declare a Service resource in the first place.



 Supposedly the Example42 modules support this by disableboot=true,
 but that doesn't appear to do anything other than set enable =
 false for the service and I don't see how that stops Puppet from
 checking whether the service is up or down.


 It doesn't, but what's the harm in just checking?

 I haven't looked at the modules you're talking about, but perhaps they do as
 I suggested?  It would be fairly easy to overlook complete omission of a
 parameter -- much more so than to overlook a special parameter value.


 John

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/GdMKCawsHsoJ.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] how to stop puppet from checking a service

2012-10-01 Thread Darin Perusich

Is there an way for puppet to not check whether a service is running
or not? I'm basically looking for the equivalent of enable = manual
for Linux systems, I think. This would be useful when the service
itself is under the control of a CRM like Pacemaker or I want to give
control of the service to an end user, say both tomcat and glassfish
are on the same box and they want to run one instead of the other.

Supposedly the Example42 modules support this by disableboot=true,
but that doesn't appear to do anything other than set enable =
false for the service and I don't see how that stops Puppet from
checking whether the service is up or down.

Thanks!

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] writing providers

2012-09-25 Thread Darin Perusich

Hello All,

Does anyone have any good documentation, with examples, on writing
providers? I have both the puppet books and I've been reviewing the
various providers that are distributed w/puppet and modules but I'm
not seeing things like how to properly execute commands, best  way to
parse output, or how to debug them during development.

Thanks!

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] writing providers

2012-09-25 Thread Darin Perusich

HI Justin,

I have reviewed those documents and the Provider Development doc
doesn't tell me much more than what a provider does. There are no
example other than how to set a command or limit to a certain system
type. Take for example the docs on Using Parameterized Classes. I can
take that document and after reading it can start writing a
parameterized class to fit most situations, you can't do that with the
provider docs.

--
Later,
Darin


On Tue, Sep 25, 2012 at 2:14 PM, Justin Stoller jus...@puppetlabs.com wrote:
 I know that yours was more a question for the community but have you
 checked out:
 http://docs.puppetlabs.com/puppet/#hacking-and-extending

 If those aren't super helpful we'd love to make them better.


 HTH,
 Justin


 On Tue, Sep 25, 2012 at 10:47 AM, Jakov Sosic jso...@srce.hr wrote:
 On 09/25/2012 05:09 PM, Darin Perusich wrote:
 Hello All,

 Does anyone have any good documentation, with examples, on writing
 providers? I have both the puppet books and I've been reviewing the
 various providers that are distributed w/puppet and modules but I'm
 not seeing things like how to properly execute commands, best  way to
 parse output, or how to debug them during development.

 Thanks!

 I can send you my providers for Cobbler that I am writing.


 They are kinda simple so you can get around? Drop me a private mail if
 you want.

 --
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.


 --
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Nagios and www-data users.

2012-09-05 Thread Darin Perusich

There should be a nagcmd group which both nagios and your apache
user are members of. The nagios.cmd pipe should have permission of
0660 and ownership of nagios:nagcmd. If you were using check_mk
livestatus then the livestatus.cmd socket would have the same perms
and ownership.

Usually this is taken care of by the nagios packages.

--
Later,
Darin


On Wed, Sep 5, 2012 at 12:33 PM, Douglas Garstang
doug.garst...@gmail.com wrote:
 I'm sure people have hit this problem before. In my nagios module, the
 nagios command pipe file at /var/lib/nagios3/rw/nagios.cmd is owned by
 the nagios user, but needs to be written to by the www-data user.
 Adding the www-user to the nagios group is one solution, but that
 requires that the nagios module potentially modify the www-data user,
 which seems bad.

 What's the best way to do this? I tried to explicitly define the
 www-data user in it's own class, and then create another nagios class
 that inherits from that so that I could do plusignment, but I
 obviously have the syntax wrong. Puppet doesn't like this.

 class nagios::users inherits users::www-data {
  User['www-data'] { group + ['nagios'] }
 }

 Doug

 --
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Determining the syslog provider

2012-06-12 Thread Darin Perusich

On SuSE systems the init script determines which syslog daemon by the
value of SYSLOG_DAEMON in /etc/sysconfig/syslog, the values can be
syslogd, syslog-ng, rsyslogd or  for autodetect. You should be
able to leverage those to determine which logger to use.

--
Later,
Darin


On Tue, Jun 12, 2012 at 8:45 AM, Julien C. cornu...@gmail.com wrote:
 Thanks to both of you for your answers.
 I am aware of the operatingsystem and release variables, but I can't rely on
 them because servers don't always use the default syslog provider, as stated
 in my original post.
 I can't enforce the same provider on every node because it would destroy any
 customization made in the original provider's configuration.

 I need to know which is the running logger and add my configuration in its
 config files.
 The first step to do this is to identify it, hence this post's title.

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/9J4Tgh7fTUAJ.

 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Trying to get tagmail to work

2012-06-12 Thread Darin Perusich

Add tagmail to reports in puppet.conf on the server.

--
Later,
Darin


On Tue, Jun 12, 2012 at 2:49 PM, Jason Knudsen jason.knud...@gmail.com wrote:
 Hey guys,

 Relatively new to Puppet and I'm trying to setup tagmail to send all emails
 to me: at one point I'll filter that down to errors and whatnot (based on
 tags) but for now I just want to get it working.

 Master Puppet server is setup with Passengers, all works well:

 /etc/puppet/puppet.conf
 [main]
     # The Puppet log directory.
     # The default value is '$vardir/log'.
     logdir = /var/log/puppet

     # Where Puppet PID files are kept.
     # The default value is '$vardir/run'.
     rundir = /var/run/puppet

     # Where SSL certificates are kept.
     # The default value is '$confdir/ssl'.
     ssldir = /etc/puppet/ssl

 [agent]
     # The file in which puppetd stores a list of the classes
     # associated with the retrieved configuratiion.  Can be loaded in
     # the separate ``puppet`` executable using the ``--loadclasses``
     # option.
     # The default value is '$confdir/classes.txt'.
     classfile = $vardir/classes.txt

     # Where puppetd caches the local configuration.  An
     # extension indicating the cache format is added automatically.
     # The default value is '$confdir/localconfig'.
     localconfig = $vardir/localconfig

     # Turn on Reporting
     report = true

 [master]
     reports = tagmail
     ssl_client_header = SSL_CLIENT_S_DN
     ssl_client_verify_header = SSL_CLIENT_VERIFY

 And my /etc/puppet/tagmail.conf:
 all: m...@email.com

 On the slave, I have this setup in my puppet.conf:
 [main]
     # The Puppet log directory.
     # The default value is '$vardir/log'.
     logdir = /var/log/puppet

     # Where Puppet PID files are kept.
     # The default value is '$vardir/run'.
     rundir = /var/run/puppet

     # Where SSL certificates are kept.
     # The default value is '$confdir/ssl'.
     ssldir = $vardir/ssl

     # Stuff
     server = puppet

 [agent]
     # The file in which puppetd stores a list of the classes
     # associated with the retrieved configuratiion.  Can be loaded in
     # the separate ``puppet`` executable using the ``--loadclasses``
     # option.
     # The default value is '$confdir/classes.txt'.
     classfile = $vardir/classes.txt

     # Where puppetd caches the local configuration.  An
     # extension indicating the cache format is added automatically.
     # The default value is '$confdir/localconfig'.
     localconfig = $vardir/localconfig

     # Enable Reporting
     report = true



 The reporting seems to work fine, my /var/lib/puppet/reports directory is
 populated every time the agent is run. But I never receive an email, and
 I've checked the /var/log/maillog (no event occurs).

 I'm sure I'm missing something stupid here -- been banging my head on it for
 awhile. Any idea?

 Thanks,

 Jason

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/i1l6ylp8XXsJ.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] puppetdb build fails on OpenSUSE systems with undefined method

2012-05-21 Thread Darin Perusich

Hello All,

I'm attempting to build puppetdb on opensuse it's failing with the
error undefined method `downcase' for nil:NilClass. The Rakefile is
setting @plibdir based on osfamily =
Facter.value(:osfamily).downcase and osfamily is not a fact on
OpenSUSE/SUSE systems. How should I work around this?

Code block from Rakefile:

require 'facter'
osfamily = Facter.value(:osfamily).downcase
if osfamily.downcase =~ /debian/and PE_BUILD == ''
  @plibdir = '/usr/lib/ruby/1.8'
elsif osfamily.downcase =~ /debian/ and PE_BUILD.downcase == true
  @plibdir = '/opt/puppet/lib/ruby/1.8'
elsif osfamily.downcase =~ /redhat/ and PE_BUILD == ''
  @plibdir = '/usr/lib/ruby/site_ruby/1.8'
elsif osfamily.downcase =~ /redhat/ and PE_BUILD.downcase == true
  @plibdir = '/opt/puppet/lib/ruby/site_ruby/1.8'
end


--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppetdb build fails on OpenSUSE systems with undefined method

2012-05-21 Thread Darin Perusich

Hi Deepak,

On Mon, May 21, 2012 at 12:28 PM, Deepak Giridharagopal
dee...@puppetlabs.com wrote:
 Hi Darin,

 On Mon, May 21, 2012 at 9:39 AM, Darin Perusich da...@darins.net wrote:

 Hello All,

 I'm attempting to build puppetdb on opensuse it's failing with the
 error undefined method `downcase' for nil:NilClass. The Rakefile is
 setting @plibdir based on osfamily =
 Facter.value(:osfamily).downcase and osfamily is not a fact on
 OpenSUSE/SUSE systems. How should I work around this?

 Code block from Rakefile:

 require 'facter'
 osfamily = Facter.value(:osfamily).downcase
 if osfamily.downcase =~ /debian/    and PE_BUILD == ''
  @plibdir = '/usr/lib/ruby/1.8'
 elsif osfamily.downcase =~ /debian/ and PE_BUILD.downcase == true
  @plibdir = '/opt/puppet/lib/ruby/1.8'
 elsif osfamily.downcase =~ /redhat/ and PE_BUILD == ''
  @plibdir = '/usr/lib/ruby/site_ruby/1.8'
 elsif osfamily.downcase =~ /redhat/ and PE_BUILD.downcase == true
  @plibdir = '/opt/puppet/lib/ruby/site_ruby/1.8'
 end


 That sounds like a bug to me! I've file
 http://projects.puppetlabs.com/issues/14607 to track the issue. A few
 questions:

I've updated the ticket with this info already, but for those on the list.

 1) Is there a different fact we should be using on SUSE that mentions that
 the box is actually a SUSE system?

Here are the facts which mention suse on an OpenSUSE and SLES, and a
SLES for vmware system. Looks like OpenSuSE is missing osfamily which
seems odd. This is the case on OpenSUSE 11.3 (facter 1.5.7) and 12.1
(facter 1.6.0) using the stock facter. Looks like lsbdistid is the
only commonality across the systems.

OpenSuSE:
facter |grep -i suse
lsbdistdescription = openSUSE 12.1 (i586)
lsbdistid = SUSE LINUX
operatingsystem = OpenSuSE

SLES:
facter | grep -i suse
lsbdistdescription = SUSE Linux Enterprise Server 11 (x86_64)
lsbdistid = SUSE LINUX
osfamily = Suse

SLES for VMWARE:
facter |grep -i suse
lsbdistdescription = SUSE Linux Enterprise Server 11 (x86_64)
lsbdistid = SUSE LINUX

 2) What is the ruby library path on a SUSE system using the stock ruby
 packages?

The ruby library path from the stock package depends on architecture
but will be one of the following:

i586: /usr/lib/ruby/site_ruby/1.8/
x86_64: /usr/lib64/ruby/site_ruby/1.8/

 Thanks!
 deepak

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Regression in SUSE package for puppet-dashboard-1.2.7

2012-04-23 Thread Darin Perusich

Actually ruby(abi) is defined as a Provides in ruby.spec for SuSE, see
link below, but I don't know why it fails to pick it up. You can
simply force the puppet-dashboard package with --nodeps and it works
just fine.

https://build.opensuse.org/package/view_file?file=ruby.specpackage=rubyproject=openSUSE%3A12.1%3AUpdaterev=dbf21799e3d1bb8b3b21b5aa109d7530

--
Later,
Darin



On Fri, Apr 20, 2012 at 11:54 AM, Jeffrey Watts
jeffrey.w.wa...@gmail.com wrote:
 SuSE doesn't use the ruby(abi) dependencies.  That's a Red Hat thing.  The
 good news is that it's trivial to rebuild the RPM so that it works with
 SLES.  I posted a diff a while back on this list - it's what I use.

 Keep in mind that this was for an older version, so YMMV.  Good luck.
 Jeffrey.

 $ diff puppet-dashboard.spec puppet-dashboard.spec-sles
 2c2
  %global initrddir /etc/rc.d/init.d
 ---
 %global initrddir /etc/init.d
 9c9
  Release:        1%{?dist}
 ---
 Release:        2%{?dist}
 17,18c17,18
  Requires:       ruby(abi) = 1.8, rubygems, ruby-mysql
  Requires:       ruby  1.8.7, rubygem(rake)
 ---
 Requires:       rubygems, ruby-mysql
 Requires:       ruby  1.8.7, rubygem-rake
 22,25d21
  Requires(post):   chkconfig
  Requires(preun):  chkconfig
  Requires(preun):  initscripts
  Requires(postun): initscripts
 137a134,136
 * Wed Dec 07 2011 Jeffrey Watts jwa...@adknowledge.com - 1.2.3-2
 - Modified it to work on SLES


 On Fri, Apr 20, 2012 at 2:44 AM, Julien C. cornu...@gmail.com wrote:

 Hi,

 I'm using the following repository :

 http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/openSUSE_12.1/

 And I'm having a weird error when I try to update puppet-dashboard :
 Problem: nothing provides ruby(abi) = 1.8.7 needed by
 puppet-dashboard-1.2.7-6.1.noarch

 My ruby (1.8.7.p357-2.3.1.i586) seems up-to-date and I didn't have this
 message when I installed 1.2.6
 Any idea what I'm missing ?

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet on OpenSuSE SLES

2012-03-29 Thread Darin Perusich

You can grab the .spec from the build service project or the srpm links below.

http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/
https://build.opensuse.org/project/show?project=home%3Aeclipseagent%3Apuppet

--
Later,
Darin



On Thu, Mar 29, 2012 at 5:03 AM, r0k5t4r oliver_weinm...@gmx.de wrote:
 Hi,

 would you mind sharing the specfile you have used to build ruby-shadow?

 Regards,
 Oliver

 Am Montag, 12. März 2012 17:46:17 UTC+1 schrieb Jeffrey Watts:

 I took the RHEL/EPEL RPMs for ruby-shadow and puppet and rebuilt them for
 SLES.  There are very few things that need changing.  The RHEL/EPEL RPMs
 have really well put together SPECfiles.

 I believe I posted the SPECfile diff for puppet to this list a month or so
 ago.  You might search the archives.  Mostly what I did was comment out the
 Red Hat specific dependencies - it was really easy.  You can build without
 Augeas if you're not using it.

 Good luck.
 Jeffrey.

 On Mon, Mar 12, 2012 at 5:19 AM, Julien C. cornu...@gmail.com wrote:

 Hi,

 I'm a big fan of Puppet and managed to have my company accept it.
 However, I'm having issues deploying it (I'm used to the debian version
 which works perfectly out of the box) :

 - There doesn't seem to be an official repository for Suse (I've seen it
 mentionned in the bugtracker but yum.puppetlabs.com doesn't contain SUSE
 packages).
 - I can't find a package for ruby-shadow.
 - I can't find a package for augeas either.

 I circumvented these problems by installing Puppet by hand (tarball) and
 writing ugly code (execs) to manage config files and user passwords.
 However, I'd like to know if I missed anything or if you can suggest
 solutions for any of these 3 issues...

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/z_oXvCuaLJsJ.

 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet on OpenSuSE SLES

2012-03-14 Thread Darin Perusich

The package has been updated to 2.7.14 in the repo.

--
Later,
Darin



On Tue, Mar 13, 2012 at 7:38 AM, Julien C. cornu...@gmail.com wrote:
 By the way, I just noticed the version in your repo is 2.7.10, which
 shouldn't be used according to puppetlabs.
 Any chance you can make the time to push a new version ?

 Le lundi 12 mars 2012 15:26:19 UTC+1, Darin Perusich a écrit :

 You can still build for unsupported SuSE distro's via the build
 service, we're doing this in the server:monitoring repo for SLES10,
 you just need to manually add. them. It shouldn't be a problem as long
 as all the ruby requirements are there. I'll take a look at enabling
 this.

 --
 Later,
 Darin

 On Mon, Mar 12, 2012 at 9:47 AM, Julien C. cornu...@gmail.com wrote:
  Hi, thank you for your answer, I didn't know about your repository. It
  will
  definitely help on my most recent servers.
 
  However, that only solves part of my problem : about two thirds of my
  servers still run SLES 10.
  Even if SLES 10 isn't listed in the Supported Operating Systems page,
  puppet
  (installed by hand) runs fine on it.
 
  Le lundi 12 mars 2012 14:03:20 UTC+1, Darin Perusich a écrit :
 
  http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/
  http://download.opensuse.org/repositories/systemsmanagement/
  http://forge.puppetlabs.com/darin/zypprepo
 
  --
  You received this message because you are subscribed to the Google
  Groups
  Puppet Users group.
  To view this discussion on the web visit
  https://groups.google.com/d/msg/puppet-users/-/viotSZofy8MJ.
 
  To post to this group, send email to puppet-users@googlegroups.com.
  To unsubscribe from this group, send email to
  puppet-users+unsubscr...@googlegroups.com.
  For more options, visit this group at
  http://groups.google.com/group/puppet-users?hl=en.

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/yfkT93nEabAJ.

 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Mcollective for OpenSUSE

2012-03-14 Thread Darin Perusich

There's a .spec in the tarball that builds cleanly when you comment
out the two %defines and manually set the version and release. The
%defines cause a Too many levels of recursion in macro expansion.
error.

--
Later,
Darin



On Wed, Mar 14, 2012 at 12:25 PM, Douglas Garstang
doug.garst...@gmail.com wrote:
 Sorry if there's an mcollective mailing list...

 So, I'm working for a company that using OpenSUSE, which in my opinion
 is a very bad idea.

 Anyway, how can I get collective for OpenSUSE that doesn't involve
 using tarballs? It's not in the standard OpenSUSE repo's. Does someone
 else have a repo? Are there spec files for building RPM's in the
 tarball?

 Doug.

 --
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Mcollective for OpenSUSE

2012-03-14 Thread Darin Perusich

Hi Douglas,


On Wed, Mar 14, 2012 at 3:22 PM, Douglas Garstang
doug.garst...@gmail.com wrote:
 On Wed, Mar 14, 2012 at 9:59 AM, Darin Perusich da...@darins.net wrote:
 There's a .spec in the tarball that builds cleanly when you comment
 out the two %defines and manually set the version and release. The
 %defines cause a Too many levels of recursion in macro expansion.
 error.

 Darin,

 I haven't gone backed and looked at the spec file, but when you
 attempt to install mcollective-common, it barfs because it can't find
 the rubygems-stomp dependency, which doesn't seem to exist on
 OpenSUSE. Since OpenSUSE also uses RPM's, it would be nice if the
 people that wrote the spec file could have written to build clean
 RPM's, not just RPM's that work only on CentOS/Redhat.


rubygems-stomp is available in the devel:languages:ruby:extensions
repository, link below, so you can download/install the rpm from there
or add the repo to you system. I have this repo installed on the
system I built mcollective on so stomp was available.

Also, you can search all the available opensuse repo's for packages at
http://software.opensuse.org/search.

http://download.opensuse.org/repositories/devel:/languages:/ruby:/extensions/

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet on OpenSuSE SLES

2012-03-12 Thread Darin Perusich

Hi Julien,

While there is no official repo from puppet labs for OpenSuSE/SuSE
systems, there is an up to date repo in OBS,
home:/eclipseagent:/puppet, see link below. Ben, the maintainer, and I
make a pretty good effort to ensure the packages are updated, tested,
and include all those dependencies not distributes to SuSE. We've also
had some minimal discussion about pushing these packages into the
sysetmsmanagement OBS repo but we just haven't had the time. I also
maintain the zypprepo module which can be gotten from Puppet Forge,
again link below.

I build the srpm's and deploy from a local repo to all my hosts,
instead of pointing them at OBS. It's a little more work on my part,
but it affords me tighter control on the packages so I can test things
before I deploy.

http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/
http://download.opensuse.org/repositories/systemsmanagement/
http://forge.puppetlabs.com/darin/zypprepo
--
Later,
Darin



On Mon, Mar 12, 2012 at 6:19 AM, Julien C. cornu...@gmail.com wrote:
 Hi,

 I'm a big fan of Puppet and managed to have my company accept it.
 However, I'm having issues deploying it (I'm used to the debian version
 which works perfectly out of the box) :

 - There doesn't seem to be an official repository for Suse (I've seen it
 mentionned in the bugtracker but yum.puppetlabs.com doesn't contain SUSE
 packages).
 - I can't find a package for ruby-shadow.
 - I can't find a package for augeas either.

 I circumvented these problems by installing Puppet by hand (tarball) and
 writing ugly code (execs) to manage config files and user passwords.
 However, I'd like to know if I missed anything or if you can suggest
 solutions for any of these 3 issues...

 Cheers,

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/vbFHM5R8Q_4J.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet on OpenSuSE SLES

2012-03-12 Thread Darin Perusich

You can still build for unsupported SuSE distro's via the build
service, we're doing this in the server:monitoring repo for SLES10,
you just need to manually add. them. It shouldn't be a problem as long
as all the ruby requirements are there. I'll take a look at enabling
this.

--
Later,
Darin



On Mon, Mar 12, 2012 at 9:47 AM, Julien C. cornu...@gmail.com wrote:
 Hi, thank you for your answer, I didn't know about your repository. It will
 definitely help on my most recent servers.

 However, that only solves part of my problem : about two thirds of my
 servers still run SLES 10.
 Even if SLES 10 isn't listed in the Supported Operating Systems page, puppet
 (installed by hand) runs fine on it.

 Le lundi 12 mars 2012 14:03:20 UTC+1, Darin Perusich a écrit :

 http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/
 http://download.opensuse.org/repositories/systemsmanagement/
 http://forge.puppetlabs.com/darin/zypprepo

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/viotSZofy8MJ.

 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] limiting definition variable values

2012-02-20 Thread Darin Perusich

Hello,

Can you limit the values which might be passed to a definition? I
haven't been able to find any examples and anything I've tried based
on reading the docs has been fruitless. I'm creating some templates
for config files and certainly values are only allowed limited values.
like ipv4, ipv6, any, etc. I could always add a note saying see
manpage for proper values but I'm just trying to add some sanity
checks.

simple example:
class config (
 $protocol = any or ipv4 or ipv6
 ) { #pass to a template }


--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet on solaris 11

2012-02-15 Thread Darin Perusich

Puppet package for solaris are available from OpenCSW.org and are kept
up to date by the maintainer. You may find this easier and cleaner
then mucking around with source and gem installs.

--
Later,
Darin



On Wed, Feb 15, 2012 at 4:40 PM, Tim Dunphy bluethu...@gmail.com wrote:
 hello,

  I've been asked to install puppet client onto a solaris 11 machine. I
 found some instructions that referenced a website called
 'codenursary.com' however that website does not appear to be online
 anymore.


 http://projects.puppetlabs.com/projects/1/wiki/Puppet_Solaris


 codenursery.com



 However I attempted both a gem install of puppet as well as a source
 install with ./install.rb and I get the same results whenever I try to
 run a puppet foo command:


 root@sol3:/opt/puppet-2.7.10# puppet file /etc/hosts
 /usr/ruby/1.8/lib/ruby/site_ruby/1.8/puppet/application.rb:219:in
 `find': undefined method `join' for Puppet::Application::File:Class
 (NoMethodError)
        from 
 /usr/ruby/1.8/lib/ruby/site_ruby/1.8/puppet/util/command_line.rb:60:in
 `execute'
        from /usr/ruby/1.8/bin/puppet:4


 So kind puppeteers I would like to know what on earth I am doing wrong
 and how can I get a working puppet installation under Solaris 11 x86?


 Thanks you

 tim
 tim
 --
 GPG me!!

 gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B

 --
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Announce: zypprepo module

2012-02-13 Thread Darin Perusich

Hello All,

I'd like to announce the release of 'zypprepo', a client-side
description of a zypper repository type. This Puppet type is a port of
the 'yumrepo' type from the Puppet 2.7 code based and is available
from Puppet Forge, link below. For those using puppet-module it can be
easily installed via puppet-module install darin/zypprepo.

I've been using it successfully on my systems but I'd be very
interested in receiving some feedback from others.

http://forge.puppetlabs.com/darin/zypprepo

Quick note about puppet-module. I've created an puppet-module rpm
package to simplify it's installation as well. It's available from my
OBS repository for all current OpenSUSE releases, but I'm sure it can
be easily built to support other systems as well.

http://download.opensuse.org/repositories/home:/deadpoint/openSUSE_12.1/

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Announce: zypprepo module

2012-02-13 Thread Darin Perusich

Hello All,

I'd like to announce the release of 'zypprepo', a client-side
description of a zypper repository type. This Puppet type is a port of
the 'yumrepo' type from the Puppet 2.7 code based and is available
from Puppet Forge, link below. For those using puppet-module it can be
easily installed via puppet-module install darin/zypprepo.

I've been using it successfully on my systems but I'd be very
interested in receiving some feedback from others.

http://forge.puppetlabs.com/darin/zypprepo

Quick note about puppet-module. I've created an puppet-module rpm
package to simplify it's installation as well. It's available from my
OBS repository for all current OpenSUSE releases, but I'm sure it can
be easily built to support other systems as well.

http://download.opensuse.org/repositories/home:/deadpoint/openSUSE_12.1/

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet-module-tool question

2012-02-10 Thread Darin Perusich

On Fri, Feb 10, 2012 at 9:05 AM, Kelsey Hightower kel...@puppetlabs.com wrote:
 On Feb 10, 2012, at 8:41 AM, Darin Perusich wrote:

 The puppet-module-tool GIT pages says it's been converted into a
 puppet face and merged into puppet core. Does this make puppet-module
 obsolete or does it still need to be installed?

 The puppet module tool still needs to be installed, sorry for the confusion. 
 If you would like to use it right now, please following the installation 
 instructions on the github page (gem install puppet-module). Once the new 
 version of the module tool is ready for release, we will deprecate the 
 current stand-alone version, but it will stay around to support users running 
 older versions of Puppet.

Thanks for the clarification Kelsey.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] scaling projections for dashboard database?

2012-01-09 Thread Darin Perusich

Hi Jo,

The ibdata1 file only grows and never shrinks so I'd recommend
setting/adding innodb_file_per_table in /etc/my.cnf. You'll need to
go through the steps to purge it first, google is your friend, first
but you'll now longer have the ever growing idbata1 file. You probably
have a bunch of old mysql-bin.0* replication logs that can be nuked as
well.

I'll be happy once the dashboard support PostgreSQL

--
Later,
Darin



On Mon, Jan 9, 2012 at 1:40 PM, Jo Rhett jrh...@netconsonance.com wrote:
 So I got dashboard up and running on our production system on Thursday
 before I left. Within 48 hours it had completed filled the /var filesystem.
  The ibdata1 file is currently at 8GB in size.

 1. What size should I expect for ~500 nodes reporting every 30 minutes?

 2. Are there some database cleanup scripts which I have managed to overlook
 that need to be run?

 --
 Jo Rhett
 Net Consonance : consonant endings by net philanthropy, open source and
 other randomness

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] scaling projections for dashboard database?

2012-01-09 Thread Darin Perusich

When mysql is running with innodb_file_per_table enabled you can use
OPTIMIZE TABLE free space in the table files. When you have a single
ibdata file it does not. I'm not aware of any cleanup scripts or what
size you should expect the db to grow to.

--
Later,
Darin



On Mon, Jan 9, 2012 at 3:43 PM, Jo Rhett jrh...@netconsonance.com wrote:
 On Jan 9, 2012, at 11:30 AM, Darin Perusich wrote:

 The ibdata1 file only grows and never shrinks so I'd recommend
 setting/adding innodb_file_per_table in /etc/my.cnf. You'll need to
 go through the steps to purge it first, google is your friend, first
 but you'll now longer have the ever growing idbata1 file.


 I'm not tracking this answer.  I'm familiar with that option, and it means
 that instead of one I will have eighteen ever-growing files, right?  How
 does this change the total space used?

 I have no problem with the database size never getting smaller on disk, I'm
 just curious what size is expected for it to grow to, and are there any
 cleanup scripts should should be done to free rows?

 --
 Jo Rhett
 Net Consonance : consonant endings by net philanthropy, open source and
 other randomness

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] debugging ldap enc

2012-01-06 Thread Darin Perusich

Hello All,

I'm trying to get LDAP Nodes working but it's failing on my puppet
master with err: Could not find default node or by name with
'node.example.com, node.example, node,' on node node.example.com, the
client of course error's with Could not retrieve catalog from remote
server:. A review of the ldap server access log shows a successfully
query, log entries below, so I'm really at a loss as to why things are
failing. I've pretty much set things up as detail in the LDAP_Nodes
wiki page and from the Pulling strings book.

I'm running Puppet via mod_passenger and I've set rails_loglevel =
debug but it doesn't provide any messages related to why the ldap
lookup is failing. I've start tried starting puppetmasterd with
--no-daemonize --verbose --debug but it also tells me nothing to
point me in the right direction. I've also tried strace'ing
puppetmasterd but again nothing. Is there anyway I can get some useful
debugging enabled?

Puppet 2.7.9 (both client and server)
ruby-ldap 0.9.9
% ruby -rldap -e 'puts :installed'
installed
% ruby -rpuppet -e 'p Puppet.features.ldap?'
true

ldapsearch  -x -LLL -h 1.1.1.2 -b ou=hosts,dc=example,dc=com
((objectclass=puppetClient)(cn=*))
dn: cn=default,ou=hosts,dc=example,dc=com
cn: default
puppetClass: common
objectClass: device
objectClass: puppetClient
objectClass: top

dn: cn=node.example.com,ou=hosts,dc=example,dc=com
parentNode: basenode
objectClass: device
objectClass: puppetClient
objectClass: ipHost
objectClass: top
ipHostNumber: 1.1.1.6
cn: node.example.com

dn: cn=basenode,ou=hosts,dc=example,dc=com
cn: basenode
puppetClass: common
objectClass: device
objectClass: puppetClient
objectClass: top

LDAP Access log entry:
[06/Jan/2012:11:33:12 -0500] CONNECT conn=170 from=1.1.1.6:44213
to=1.1.1.2:389 protocol=LDAP
[06/Jan/2012:11:33:12 -0500] BIND REQ conn=170 op=0 msgID=1 type=SIMPLE dn=
[06/Jan/2012:11:33:12 -0500] BIND RES conn=170 op=0 msgID=1 result=0
authDN= etime=0
[06/Jan/2012:11:33:12 -0500] SEARCH REQ conn=170 op=1 msgID=2
base=ou=hosts,dc=example,dc=com scope=wholeSubtree
filter=((objectclass=puppetClient)(cn=node.example.com))
attrs=ALL
[06/Jan/2012:11:33:12 -0500] SEARCH RES conn=170 op=1 msgID=2 result=0
nentries=1 etime=1
[06/Jan/2012:11:33:12 -0500] SEARCH REQ conn=170 op=2 msgID=3
base=ou=hosts,dc=example,dc=com scope=wholeSubtree
filter=((objectclass=puppetClient)(cn=basenode)) attrs=ALL
[06/Jan/2012:11:33:12 -0500] SEARCH RES conn=170 op=2 msgID=3 result=0
nentries=1 etime=0
[06/Jan/2012:11:33:16 -0500] UNBIND REQ conn=170 op=3 msgID=4
[06/Jan/2012:11:33:16 -0500] DISCONNECT conn=170 reason=Client Unbind

Thanks!
--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: debugging ldap enc

2012-01-06 Thread Darin Perusich

I just added node default {} to the site.pp and LDAP ENC has
magically started working. This is not mentioned nowhere in Pulling
strings, I can't comment on Pro Puppet since I don't have it, and
based on my reading of the LDAP_Nodes wiki page I took the default
nodes section to mean this was only necessary if a node wasn't note
defined, which mine are in LDAP.

It's very frustrating to have wasted hours of time trying to debug a
non-issue when simply stating that you must set node default {} in
site.pp order for this to work. I will clarify this note in the wiki
w/the hopes it will save other such frustrations.

--
Later,
Darin



On Fri, Jan 6, 2012 at 11:56 AM, Darin Perusich da...@darins.net wrote:
 Hello All,

 I'm trying to get LDAP Nodes working but it's failing on my puppet
 master with err: Could not find default node or by name with
 'node.example.com, node.example, node,' on node node.example.com, the
 client of course error's with Could not retrieve catalog from remote
 server:. A review of the ldap server access log shows a successfully
 query, log entries below, so I'm really at a loss as to why things are
 failing. I've pretty much set things up as detail in the LDAP_Nodes
 wiki page and from the Pulling strings book.

 I'm running Puppet via mod_passenger and I've set rails_loglevel =
 debug but it doesn't provide any messages related to why the ldap
 lookup is failing. I've start tried starting puppetmasterd with
 --no-daemonize --verbose --debug but it also tells me nothing to
 point me in the right direction. I've also tried strace'ing
 puppetmasterd but again nothing. Is there anyway I can get some useful
 debugging enabled?

 Puppet 2.7.9 (both client and server)
 ruby-ldap 0.9.9
 % ruby -rldap -e 'puts :installed'
 installed
 % ruby -rpuppet -e 'p Puppet.features.ldap?'
 true

 ldapsearch  -x -LLL -h 1.1.1.2 -b ou=hosts,dc=example,dc=com
 ((objectclass=puppetClient)(cn=*))
 dn: cn=default,ou=hosts,dc=example,dc=com
 cn: default
 puppetClass: common
 objectClass: device
 objectClass: puppetClient
 objectClass: top

 dn: cn=node.example.com,ou=hosts,dc=example,dc=com
 parentNode: basenode
 objectClass: device
 objectClass: puppetClient
 objectClass: ipHost
 objectClass: top
 ipHostNumber: 1.1.1.6
 cn: node.example.com

 dn: cn=basenode,ou=hosts,dc=example,dc=com
 cn: basenode
 puppetClass: common
 objectClass: device
 objectClass: puppetClient
 objectClass: top

 LDAP Access log entry:
 [06/Jan/2012:11:33:12 -0500] CONNECT conn=170 from=1.1.1.6:44213
 to=1.1.1.2:389 protocol=LDAP
 [06/Jan/2012:11:33:12 -0500] BIND REQ conn=170 op=0 msgID=1 type=SIMPLE dn=
 [06/Jan/2012:11:33:12 -0500] BIND RES conn=170 op=0 msgID=1 result=0
 authDN= etime=0
 [06/Jan/2012:11:33:12 -0500] SEARCH REQ conn=170 op=1 msgID=2
 base=ou=hosts,dc=example,dc=com scope=wholeSubtree
 filter=((objectclass=puppetClient)(cn=node.example.com))
 attrs=ALL
 [06/Jan/2012:11:33:12 -0500] SEARCH RES conn=170 op=1 msgID=2 result=0
 nentries=1 etime=1
 [06/Jan/2012:11:33:12 -0500] SEARCH REQ conn=170 op=2 msgID=3
 base=ou=hosts,dc=example,dc=com scope=wholeSubtree
 filter=((objectclass=puppetClient)(cn=basenode)) attrs=ALL
 [06/Jan/2012:11:33:12 -0500] SEARCH RES conn=170 op=2 msgID=3 result=0
 nentries=1 etime=0
 [06/Jan/2012:11:33:16 -0500] UNBIND REQ conn=170 op=3 msgID=4
 [06/Jan/2012:11:33:16 -0500] DISCONNECT conn=170 reason=Client Unbind

 Thanks!
 --
 Later,
 Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: File dependency not found when specified in a define

2011-12-12 Thread Darin Perusich


 In the first place, your definition is a bit screwey in that it cannot
 be instantiated more than once (you would get a duplicate resource
 error on File['sshd_config']).  A definition creates a resource *type*
 but you're using it as if it created a single resource.

 And that leads directly to the crux of your problem: at the point
 where your service resource is parsed, no instance of the definition
 can yet have been created, and therefore File['sshd_config'] cannot
 yet have been declared.  The service cannot declare a dependency on an
 undeclared resource.

 Since you would prefer to put the definition in its own file anyway, I
 recommend you do so.  Then, add include 'ssh' at the beginning of
 its body and re-enable the 'notify' parameter in the file resource.
 Remove the 'subscribe' from the service resource, but add require =
 Package['ssh'].  Then you should be good to go.


 I'll give these changes a try and let you know how things turn out.


I've updated the module using your recommendations and it is working
nicely, however I do get the duplicate resource on File['sshd_config']
if/when it's set multiple times. What would be the recommended way to of
handling this? Other than not duplicating the resource.

Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] LDAP Authentication and puppet?

2011-12-12 Thread Darin Perusich

On Mon, Dec 12, 2011 at 3:24 PM, Peter Berghold salty.cowd...@gmail.comwrote:


 Has anybody managed to come up with a class or define that would query an
 LDAP server for a hostgroup and create the home directories and apply a
 skeleton to those directories based on the users in the host group?


If you're not using autofs for home directories then you'll want to
configure pam_mkhomedir so you're ldap users homedirs are autocreated on
first login. It take care of populating from a skel, sets umask, etc.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet Dashboard or Forman on SLES?

2011-12-11 Thread Darin Perusich

Mike,

I'd recommend pulling down the SRPM from the Open(SuSE) Build Service if
you're thinking about at building packages for SuSE. Ben has put a lot of
work and effort into packaging for Puppet and the dashboard on SuSE
systems. We've SuSE'fied the init scripts, added them for the dashboard
worker processes, etc. Also using the magic of the build service it's
trivial to build the packages for other distributions.

http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/openSUSE_12.1/src/
https://build.opensuse.org/package/show?package=puppet-dashboardproject=home%3Aeclipseagent%3Apuppet

--
Later,
Darin

On Fri, Dec 9, 2011 at 10:18 PM, Michael Stahnke stah...@puppetlabs.comwrote:

Thanks. I'll tackle this next week.

Mike

On Fri, Dec 9, 2011 at 2:42 PM, Jeffrey Watts jeffrey.w.wa...@gmail.com
wrote:
Here you go:

$ diff puppet-dashboard.spec puppet-dashboard.spec-sles
2c2
%global initrddir /etc/rc.d/init.d
---
%global initrddir /etc/init.d
9c9
Release:1%{?dist}
---
Release:2%{?dist}
17,18c17,18
Requires: ruby(abi) = 1.8, rubygems, ruby-mysql
Requires: ruby 1.8.7, rubygem(rake)
---
Requires: rubygems, ruby-mysql
Requires: ruby 1.8.7, rubygem-rake
22,25d21
Requires(post): chkconfig
Requires(preun): chkconfig
Requires(preun): initscripts
Requires(postun): initscripts
137a134,136
* Wed Dec 07 2011 Jeffrey Watts jwa...@adknowledge.com - 1.2.3-2
- Modified it to work on SLES

Jeffrey.

On Fri, Dec 9, 2011 at 3:35 PM, Michael Stahnke
stah...@fedoraproject.org
wrote:

If somebody has a spec file that is working pretty well for SLES and/or
OpenSUSE we'd be glad to look at it and potentially host packages for
it.
It's on the list of things to do, it just hasn't made it to the top yet.

Mike

Re: [Puppet Users] Puppet Dashboard or Forman on SLES?

2011-12-09 Thread Darin Perusich

You can grab puppet-dashboard RPMs/SRPMs from the OpenSuSE build service
for SLES and OpenSUSE. I build and deploy these from a local repository and
they work great. I'm also in contact with the upstream OBS package
maintainer providing patches, scripts, feedback, etc to ensure they're
stable and working as advertised on SuSE/OpenSuSE systems.

http://download.opensuse.org/repositories/home:/eclipseagent:/puppet/

I've recently started porting the foreman and foreman-proxy packages to
SuSE/OpenSuSE. They're not available yet but once they're ready they'll be
available from my personal repo.

https://build.opensuse.org/project/show?project=home%3Adeadpoint
http://download.opensuse.org/repositories/home:/deadpoint/

--
Later,
Darin


On Thu, Dec 8, 2011 at 5:53 AM, Wiesel82 wiese...@gmx.ch wrote:

 Hi all,
 i planned for a startup to install one of this gui tools. But if i
 look in the documentation, or google it, i find no results which
 helps.

 If i would like to install the rpm package i get the following
 dependencies problems

 rpm -i puppet-dashboard-1.2.3-1.el6.noarch.rpm
 warning: puppet-dashboard-1.2.3-1.el6.noarch.rpm: Header V4 RSA/SHA1
 signature: NOKEY, key ID 4bd6ec30
 error: Failed dependencies:
chkconfig is needed by puppet-dashboard-1.2.3-1.el6.noarch
initscripts is needed by puppet-dashboard-1.2.3-1.el6.noarch
rpmlib(FileDigests) = 4.6.0-1 is needed by puppet-
 dashboard-1.2.3-1.el6.noarch
ruby(abi) = 1.8 is needed by puppet-dashboard-1.2.3-1.el6.noarch
ruby-mysql is needed by puppet-dashboard-1.2.3-1.el6.noarch
rubygem(rake) is needed by puppet-dashboard-1.2.3-1.el6.noarch
rpmlib(PayloadIsXz) = 5.2-1 is needed by puppet-
 dashboard-1.2.3-1.el6.noarch

 and for foreman

 rpm -i foreman-0.4-0.2.noarch.rpm
 error: Failed dependencies:
chkconfig is needed by foreman-0.4-0.2.noarch
initscripts is needed by foreman-0.4-0.2.noarch
ruby(abi) = 1.8 is needed by foreman-0.4-0.2.noarch
rubygem(json) is needed by foreman-0.4-0.2.noarch
rubygem(rake) = 0.8.3 is needed by foreman-0.4-0.2.noarch
rubygem(rest-client) is needed by foreman-0.4-0.2.noarch
rubygem(sqlite3-ruby) is needed by foreman-0.4-0.2.noarch

 I don't find some packages for Sles 11 SP1.

 Did anybody installed one of this tools on Sles 11 SP1?

 Best regards

 Wiesel

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: File dependency not found when specified in a define

2011-12-09 Thread Darin Perusich

Hi John,


On Wed, Dec 7, 2011 at 4:58 PM, jcbollinger john.bollin...@stjude.orgwrote:


 On Dec 6, 7:59 am, Darin Perusich da...@darins.net wrote:
  I have tried this by placing the 'define sshd_config' into a separate
 file,
  /etc/puppet/modules/ssh/manifests/sshd_config.pp, and using include
 ssh.
  I prefer this method but I get the same error. I've merged the define
 back
  into init.pp thinking I wouldn't need to explicitly declare the ssh class
  within ssh::sshd_config because of it's inclusion.- Hide quoted text -


 In the first place, your definition is a bit screwey in that it cannot
 be instantiated more than once (you would get a duplicate resource
 error on File['sshd_config']).  A definition creates a resource *type*
 but you're using it as if it created a single resource.


This is my first attempt at setting up a dynamic template so i'm not
surprised it's screwy. It's loosely based on similar modules I've seen
online and what I've gathered from read the documentation.

Basically what i want is to specify a 'default' sshd_config, based on the
template, with the ability to change things like AllowGroups/User,
sftp-server options, etc.


 And that leads directly to the crux of your problem: at the point
 where your service resource is parsed, no instance of the definition
 can yet have been created, and therefore File['sshd_config'] cannot
 yet have been declared.  The service cannot declare a dependency on an
 undeclared resource.

 Since you would prefer to put the definition in its own file anyway, I
 recommend you do so.  Then, add include 'ssh' at the beginning of
 its body and re-enable the 'notify' parameter in the file resource.
 Remove the 'subscribe' from the service resource, but add require =
 Package['ssh'].  Then you should be good to go.


I'll give these changes a try and let you know how things turn out.

Thanks!

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] File dependency not found when specified in a define

2011-12-06 Thread Darin Perusich

Hi Phillip,

On Mon, Dec 5, 2011 at 4:26 PM, Phillip Frost ind...@bitglue.com wrote:


 On Dec 5, 2011, at 4:21 PM, Darin Perusich wrote:

  Hello All,
 
  I'm working on an ssh module and using a define to specify
 non-standard sshd_config options via templates. I basically want to add
 additional entries to the AllowGroups, set or unset Subsystem options, etc.
 Whenever I run puppet  agent --test --noop against this modules is fails
 with err: Failed to apply catalog: Could not find dependency
 File[sshd_config] for Service[sshd] at
 /etc/puppet/modules/ssh/manifests/init.pp:42.
  [...]
  http://pastebin.com/dGwtEEzB

 How are you declaring this ssh::sshd_config resource or the ssh class? I
 suspect you are declaring ssh:sshd_config but not the class, so the sshd
 service and sshd_config file declared therein aren't declared, thus the
 error.


The ssh class, as posted in the pastebin link, is defined in
/etc/puppet/modules/ssh/manifests/init.pp, and given that the
ssh:sshd_config is defined within said init.pp I didn't think I needed to
do anything else.


 If that's the case, one solution is to add include ssh inside
 ssh::ssh_config. This will implicitly declare the ssh class whenever you
 declare a ssh::sshd_config. The other solution (which I'd prefer, because
 explicit is better than implicit) is to declare the ssh class explicitly
 before you declare an ssh:ssh_config, with either:

 include ssh

 or

 class { 'ssh': }


I have tried this by placing the 'define sshd_config' into a separate file,
/etc/puppet/modules/ssh/manifests/sshd_config.pp, and using include ssh.
I prefer this method but I get the same error. I've merged the define back
into init.pp thinking I wouldn't need to explicitly declare the ssh class
within ssh::sshd_config because of it's inclusion.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] File dependency not found when specified in a define

2011-12-05 Thread Darin Perusich

Hello All,

I'm working on an ssh module and using a define to specify non-standard
sshd_config options via templates. I basically want to add additional
entries to the AllowGroups, set or unset Subsystem options, etc. Whenever I
run puppet  agent --test --noop against this modules is fails with err:
Failed to apply catalog: Could not find dependency File[sshd_config] for
Service[sshd] at /etc/puppet/modules/ssh/manifests/init.pp:42.

I've reviewed/compared this modules against other modules which are using
define in the way and have following
http://docs.puppetlabs.com/learning/definedtypes.html but I have no idea
what's causing the client/agent side error. puppet parser --debug
--verbose  validate init.pp doesn't return any errors, or
debugging/verbosity for that matter, so it's syntactically sound.

Puppet version is 2.7.6 on both the client and server.

My ssh class/module can be found at this link. If anyone can provide any
insight as to what the problem is I'd really appreciate it. I've been
banging my head on this for far to long.

http://pastebin.com/dGwtEEzB

--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] storeconfgs not initializing database

2011-11-30 Thread Darin Perusich

Hi Bernd,

I've tried with and without dbsocket being set but it has no affect.

--
Later,
Darin


On Wed, Nov 30, 2011 at 3:53 AM, Bernd Adamowicz 
bernd.adamow...@esailors.de wrote:

 Did you try uncommenting the ‘dbsocket’ line? Maybe you should check where
 the ‘mysql.sock’ file is actually located – it might not be default. For me
 this works pretty good:

 ** **

 [master]

 user = puppet

 group = puppet

 reports = puppet_dashboard

 storeconfigs = true

 dbadapter = mysql

 dbuser = puppet

 dbpassword = xxx

 dbserver = localhost

 dbsocket = /var/lib/mysql/mysql.sock

 ** **

 Bernd

 ** **

 *Von:* puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com]
 *Im Auftrag von *Darin Perusich
 *Gesendet:* Dienstag, 29. November 2011 22:49
 *An:* puppet-users@googlegroups.com
 *Betreff:* [Puppet Users] storeconfgs not initializing database

 ** **

 Hello,

 I'm attempting to setup puppet 2.7.6 to use the storeconfigs but it's
 failing to create the database and I'm not seeing any error or messages in
 the logs related to initializing the database. I'm using mysql and have
 created the user/role and the database and I'm able to connect successfully
 on both localhost and remotely. I'm running the dashboard on the same
 system and it's able to connect to it's db without issue. When I run lsof
 against the master process it hasn't loaded the ruby mysql library, which I
 can see when I lsof the dashboard process.

 Any thoughts?

 System:
 OpenSUSE 11.3
 puppet 2.7.6
 apache2 + passenger-3.0.9

 [master]
 # required for Apache with Passenger (aka mod_rails)
 ssl_client_header = SSL_CLIENT_S_DN
 ssl_client_verify_header = SSL_CLIENT_VERIFY
 #dbmigrate = true
 dbadapter = mysql
 dbname = puppet
 dbuser = puppet
 dbpassword = password
 #dbsocket = /var/run/mysql/mysql.sock
 dbserver = localhost
 storeconfigs = true


 --
 Later,
 Darin

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] storeconfgs not initializing database

2011-11-30 Thread Darin Perusich

Ok, I've resolved this. The reason puppet wasn't able to make the database
connections, any database for that matter, was the rubygem-activerecord
package wasn't installed. I figured this out by switching back to
puppetmasterd and running with --debug --no-daemonize --verbose and
seeing the message ActiveRecord 2.1 or later required for StoreConfigs in
the output. Running puppet via Passenger really didn't provide any useful
logs.

FYI...I getting this packages from this, and Passenger, from the OBS
devel:/languages:/ruby:/extensions repository.
http://download.opensuse.org/repositories/devel:/languages:/ruby:/extensions/openSUSE_11.3/

Thanks!
--
Later,
Darin

On Wed, Nov 30, 2011 at 8:44 AM, Darin Perusich da...@darins.net wrote:

Hi Bernd,

I've tried with and without dbsocket being set but it has no affect.

--
Later,
Darin

On Wed, Nov 30, 2011 at 3:53 AM, Bernd Adamowicz
bernd.adamow...@esailors.de wrote:

Did you try uncommenting the ‘dbsocket’ line? Maybe you should check
where the ‘mysql.sock’ file is actually located – it might not be default.
For me this works pretty good:

** **

[master]

user = puppet

group = puppet

reports = puppet_dashboard

storeconfigs = true

dbadapter = mysql

dbuser = puppet

dbpassword = xxx

dbserver = localhost

dbsocket = /var/lib/mysql/mysql.sock

** **

Bernd

** **

*Von:* puppet-users@googlegroups.com [mailto:
puppet-users@googlegroups.com] *Im Auftrag von *Darin Perusich
*Gesendet:* Dienstag, 29. November 2011 22:49
*An:* puppet-users@googlegroups.com
*Betreff:* [Puppet Users] storeconfgs not initializing database

** **

Hello,

I'm attempting to setup puppet 2.7.6 to use the storeconfigs but it's
failing to create the database and I'm not seeing any error or messages in
the logs related to initializing the database. I'm using mysql and have
created the user/role and the database and I'm able to connect successfully
on both localhost and remotely. I'm running the dashboard on the same
system and it's able to connect to it's db without issue. When I run lsof
against the master process it hasn't loaded the ruby mysql library, which I
can see when I lsof the dashboard process.

Any thoughts?

System:
OpenSUSE 11.3
puppet 2.7.6
apache2 + passenger-3.0.9

[master]
# required for Apache with Passenger (aka mod_rails)
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
#dbmigrate = true
dbadapter = mysql
dbname = puppet
dbuser = puppet
dbpassword = password
#dbsocket = /var/run/mysql/mysql.sock
dbserver = localhost
storeconfigs = true

--
Later,
Darin

[Puppet Users] storeconfgs not initializing database

2011-11-29 Thread Darin Perusich

Hello,

I'm attempting to setup puppet 2.7.6 to use the storeconfigs but it's
failing to create the database and I'm not seeing any error or messages in
the logs related to initializing the database. I'm using mysql and have
created the user/role and the database and I'm able to connect successfully
on both localhost and remotely. I'm running the dashboard on the same
system and it's able to connect to it's db without issue. When I run lsof
against the master process it hasn't loaded the ruby mysql library, which I
can see when I lsof the dashboard process.

Any thoughts?

System:
OpenSUSE 11.3
puppet 2.7.6
apache2 + passenger-3.0.9

[master]
# required for Apache with Passenger (aka mod_rails)
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
#dbmigrate = true
dbadapter = mysql
dbname = puppet
dbuser = puppet
dbpassword = password
#dbsocket = /var/run/mysql/mysql.sock
dbserver = localhost
storeconfigs = true


--
Later,
Darin

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

75 matches

Mail list logo