On Friday, July 18, 2014 4:32:18 AM UTC-5, robert api wrote: > > Hi, > > i was trying to configure my client with a proxy that requires user > authentication, upon looking through the configuration reference page, i > only found the settings for proxy hostname/port. > as long as the proxy server permits every user without further > authentication everything runs good, but i may need to configure a user > authentication for some nodes, to be able to access to internet and > communicate with my puppetmaster. > >
That's unusual. It's atypical to need to go through a proxy server to get to resources on your own network, and that's normally where the master would reside. It is even more unusual to need to go through an *authenticated* proxy server to get at your own network. > any idea how i would achieve that or is such a feature not implemented > yet? i cant seem to find google hits for my searches. > > You can use an Exec or a custom resource type to authenticate to the proxy server at the beginning of your puppet run (and also to log off at the end). Run stages would serve well to ensure that is done at the appropriate times relative to all your regular classes. The details of the Exec and/or of the operation of a custom type's provider would depend on the implementation of the relevant authentication system. All of that assumes, however, that you're ok with putting the proxy server credentials in your catalogs (probably in plain text), or that you are willing to record them somewhere on each client system. If you need to go through a proxy such as you describe for Puppet to work, but you can't entrust Puppet with the credentials, then automated runs just aren't going to work for you. You would need to go to some scheme around local manifests and data, and 'puppet apply', so that a live user could and would be there to authenticate. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/f274a5e0-98a2-493d-9bc2-4fc84d727912%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
