Re: [Puppet Users] Puppet Server on public host/IP address?

Hi Matthias, I considered this myself some time ago in a project which was later aborted, so here are some unfinished thoughts: * You put all your trust into the cryptography implementation code of the puppetserver process, so that server should always be kept up to date, including the kernel. *

Re: [Puppet Users] FIll array in loop

Hi Helmut, you could take this as a starting point (untested): $profile_logging = $profiles.map | $p_name, $p_data | { $p_data.map | $s_name, $s_data | { $s_data['syslog'] } }.flatten p_ is the outer profile layer, s_ is the inner service layer. Some notes on solving this kind of problems: 1)

Re: [Puppet Users] Hiera data repetition

Hi Martin, regarding your "no lookup" policy, how do you handle for example deep merge lookups. They cannot be used with automatic data binding, or am I wrong? Regards Karsten Am Sa., 27. Feb. 2021 um 13:06 Uhr schrieb Martin Alfke : > Hi > > > On 25. Feb 2021, at 11:59, Dmitry Nurislamov

Re: [Puppet Users] How to deal w/ mutually exclusive classes in roles/profiles

The last part of that sentence was missing: > - pro: It is possible to include the ... include the worker profile in the base.pp Am Mi., 6. Nov. 2019 um 10:54 Uhr schrieb Karsten Heymann < karsten.heym...@gmail.com>: > Am Mi., 6. Nov. 2019 um 01:54 Uhr schrieb Alan Evans >

Re: [Puppet Users] How to deal w/ mutually exclusive classes in roles/profiles

Am Mi., 6. Nov. 2019 um 01:54 Uhr schrieb Alan Evans : > Sorry, I misread. I see what you're saying. This is like what I was proposing w/ hiera. The trouble is that it's not really R then as has been brought up by jcbollinger. I think there are at least three ways to handle this, and all of

Re: [Puppet Users] How to deal w/ mutually exclusive classes in roles/profiles

Hi Alan, I would simply do class profile::base { include profile::wazuh } class profile::wazuh ( Boolean $manager = False ) { if $manager { include profile::wazuh::manager } else { include profiles::wazuh::agent } and be set with it. Then you don't need the following: class

Re: [Puppet Users] LDAP ? User type provider documentation ? Hiera Back End ?

Hi Dan, I understand your request, but I'm not sure it is best performed by the puppet agent directly. As you are not controlling from puppet which users exist on which servers, it would probably make sense to take a indirect approach and use puppet to ship a permission fixing script and a cron

Re: [Puppet Users] How do you keep the forge modules you use up to date (and keep your sanity)

Am Di., 9. Juli 2019 um 10:12 Uhr schrieb Bart-Jan Vrielink : > I share your pain. Thank you :) > https://github.com/voxpupuli/ra10ke > https://voxpupuli.org/plugins/#r10k Thank you for the links. I will check them out, maybe the make the upgrade task a bit easier. Best regards Karsten --

[Puppet Users] How do you keep the forge modules you use up to date (and keep your sanity)

Hi there, once again we are trying to update our set of about 70 external forge modules our puppet codebase uses but we always end up in dependency hell, especially when trying to update central modules like puppetlabs/stdlib or puppetlabs/apt or my special friend puppetlabs/concat. There are

Re: [Puppet Users] Re: SRV-Records and puppetserver

Hi Maggie, thanks for the confirmation, I will certainly keep an eye on that jira issue. In the meantime I'm fine with using the old cli interface. As our puppet master has no access to the internet and only uses an internal mirror of the puppetlabs apt repo, installing gems is usually not

[Puppet Users] Re: SRV-Records and puppetserver

Karsten Heymann: > > Hi everyone, > > I have a question: Is the puppetserver expected to honor the srv > records to find the puppet ca server? We have the problem that since > switching our puppet server detection from explicit settings in the > puppet.conf-File to srv reco

[Puppet Users] SRV-Records and puppetserver

Hi everyone, I have a question: Is the puppetserver expected to honor the srv records to find the puppet ca server? We have the problem that since switching our puppet server detection from explicit settings in the puppet.conf-File to srv records, we cannot remove certificates from puppetserver

Re: [Puppet Users] apt::key and basic auth

Hi Douglas, > Rand wrote: > >> I have a provider that hosts their APT repository behind a basic auth > >> protected website, and I cannot work out how to get apt::key to add their > >> key. more a workaround than a real solution to your problem, but I tend to throw hard-to-reach files like this

Re: [Puppet Users] Referencing Deferred functions in Puppet Code or Hiera YAML

Hi, Am Di., 12. März 2019 um 11:54 Uhr schrieb Henrik Lindberg : > Yeah - sigh... The vault lookup returns an instance of Sensitive which > get / dig cannot dig into. We could possibly allow digging into a > Sensitive value as the result would also be made sensitive, but that > function does not

[Puppet Users] Use resource only if a tag is given at the command line

Hi puppet users, is there an easy way to enable a resource only if a certain tag is given? Something like "refreshOnly", but for tags? I'm aware of --skip_tags, but that would require us to specify that on every normal run where the resource is not wanted. Best regards Karsten -- You

Re: [Puppet Users] Ternary operator in puppet ?

Hi Albert, Am Mi., 16. Jan. 2019 um 11:09 Uhr schrieb Albert Shih : > Is they are something like the ruby ternary operator ?: in puppet ? Sort of, it's called selectors: https://puppet.com/docs/puppet/5.3/lang_conditional.html#selectors Unfortunately one of the most useful cases (inside class

Re: [Puppet Users] A GUI tool for Hiera

Am Mi., 9. Jan. 2019 um 12:48 Uhr schrieb desertkun : > > ** Have you thoght about integrating support for hiera-enc?* > > > > Wasn’t aware of it, so I need time to investigate what it does. > > It allows to encrypt entries (value) in hiera so that they don't end up in clear text for example in

Re: [Puppet Users] A GUI tool for Hiera

Hi Alex, that sounds definitely very interesting, especially for our coworkers that aren't that deep into puppet and for which unerstanding hiera regularly is the most complicated part of the setup. Some questions and remarks: * Have you thoght about integrating support for hiera-enc? * Some

Re: [Puppet Users] python Script with answer file not working

Am Do., 17. Mai 2018 um 16:07 Uhr schrieb Jochen Haeberle < jochen.haebe...@gmail.com>: > I managed to install seafile by now with a lot of puppet support in three phases: > 1) Puppet: install files, prepare db, generate answer file, print reminder > 2) Manual script run, entering db-password >

[Puppet Users] Re: Announce: Puppet Platform 5.3.6

Hi Garrett, Am Mittwoch, 18. April 2018 07:01:15 UTC+2 schrieb Garrett Guillotte: > > Puppet agent 5.3.6 is a bug-fix release that includes updates for Puppet > 5.3.6 , > Is the inclusion of puppet agent 5.3.6 in the PC1 repository