[Puppet Users] Re: firewalld module configuration issue

Don't worry too much about the "Failed Dependency"; that's a red-herring in this case. It's not saying that you missed some configuration, it's saying that firewalld::reload class failed because something it was dependent on (the port) failed. Looks like the fix should be easy: your code has t

[Puppet Users] Re: [RFC] Changes to open-source container versioning

I find this scheme confusing. I would be hard pressed to explain the difference between :6.7, built from *source*, and :6.7.0, built from a *package*. I also don't think it's clear that :6.7 would advance past :6.7.0 in time. I like the :edge and :latest tags. But I think I'd be happier with

Re: [Puppet Users] Re: [RFC] Changes to open-source container versioning

On Wednesday, October 16, 2019 at 5:44:27 PM UTC-4, Morgan Rhodes wrote: > > > Is your confusion mostly around the fact that one of them is built from > source and one from package, or that 6.7 is more of a floating tag? I know > I've seen that pattern in some other upstream repos like centos, po

Re: [Puppet Users] Re: [RFC] Changes to open-source container versioning

On Thursday, October 17, 2019 at 3:10:36 PM UTC-4, Morgan Rhodes wrote: > > The "from source" builds aren't quite nightlies, since they get built on > every commit/PR into master, so depending on how much development is > happening it could end up built more often, and there's certainly more risk

[Puppet Users] PE 2019.2 with Puppet Agent 5.x (CA issue?)

I've been using Puppet Enterprise at work quite successfully for a long time. So I finally decided to take advantage of the "Run 10 nodes for free" offer and run PE at home. I've set up my PE server using the latest 2019.2.1. My desktop computer runs Ubuntu 18.04, and I was able to `curl | su

Re: [Puppet Users] PE 2019.2 with Puppet Agent 5.x (CA issue?)

one of it has tried to contact us." > > Bill Waterson (Calvin & Hobbes) > > On Nov 16, 2019, at 6:50 AM, A Manzer > > wrote: > >  > I've been using Puppet Enterprise at work quite successfully for a long > time. So I finally decided to take advantage of the &

Re: [Puppet Users] Managing a local users password with puppet on EL7

It's probably ok to reuse the same salt; it's just to defeat pre-computation attacks. But if you really don't want to, you could: - Use the username as the salt. That'll be static, so idempotent, and different for every user. Not as great as random salt, but better than no salt.

Re: [Puppet Users] PE 2019.2 with Puppet Agent 5.x (Turn off new Intermediate CA architecture)

onto an existing > ssldir). > > hth > > On Sat, Nov 16, 2019 at 4:33 AM A Manzer > > wrote: > >> Using the LTS is one option. >> >> I disagree that it says that pre-6 agents won't play with a 6 server. On >> that page I linked, there

Re: [Puppet Users] PE 2019.2 with Puppet Agent 5.x (Turn off new Intermediate CA architecture)

with my new PE installation. On Tuesday, November 19, 2019 at 5:11:50 PM UTC-5, Justin Stoller wrote: > > sorry for the delay, kid got sick. > > On Sun, Nov 17, 2019 at 3:13 AM A Manzer > > wrote: > >> From what I saw, the new architecture is an Intermediate Signing Cert

[Puppet Users] Re: [Roles/Profiles] when a technology module doesn't already exist - seeking opinions

Option A, 100%. Why change your coding pattern just because a module isn't from the Forge? Who knows, maybe one day you'll post it yourself on the Forge! Sometimes I do the full parameter workup like in your example, and sometimes I just use `include` and let Hiera fill in the parameters, wit

[Puppet Users] Re: [Roles/Profiles] when a technology module doesn't already exist - seeking opinions

> > > I've done the same thing in the past, just use Hiera to provide params to > technology modules. It feels a little off, it seems like the "right" way > is to wrap a technology module in a profile and then put the profile:: > params in Hiera. > Yeah, you're right that the "right" way is w

[Puppet Users] Re: I'm struggling with some node specific heria

You need to put your nodes hiera folder under a data folder. (*All* your hiera data goes under a data folder.) Also, ensure that your yaml file is named lhcsrvprdcms01.domain.com.yaml. You need the *full* node name, *and* the .yaml at the end for hiera to find it. That's tripped me up a few

[Puppet Users] Re: I'm struggling with some node specific heria

> column: 3) on node lhcsrvprdcms01.fixnetix > > # pwd > /etc/puppetlabs/code/environments/production > > # ll data/nodes/lhcsrvprdcms01.fixnetix.com.yaml > -rw-r--r--. 1 root root 103 Jul 30 12:09 > data/nodes/lhcsrvprdcms01.fixnetix.com.yaml > > > On Friday, July 31,

[Puppet Users] Re: I'm struggling with some node specific heria

; > - 'PermitRootLogin without-password' > > From: > > permitroot:permitroot_config > - 'Match Address xx.xx.xx.xx' > - 'PermitRootLogin without-password' > > Thanks for the tip! I have been using PDK. > > On Friday, July 31, 2020 at 4:25:13 PM UTC+1, A

[Puppet Users] Re: I'm struggling with some node specific heria

# pwd > /etc/puppetlabs/code/environments/production/data/nodes > > # cat * > permitroot::permitroot_config: > - 'Match Address 10.20.232.21' > - 'PermitRootLogin without-password' > > Still no joy though. > > On Friday, July 31, 2020 at 4:47:40 PM UTC+1, A

[Puppet Users] Re: refactor use of ensure_packages to install new versions of php packages

Seems pretty smart to me, tbh. The only problem is that $myPackages is constant, so already includes the "7.4" values from $php_version. You'll need to declare a new list (because you can't change variables) inside your .each block. $php_remove.each | String $php_str_remove | { $myRemove

Re: [Puppet Users] refactor use of ensure_packages to install new versions of php packages

I will definitely fuck this up regularly… and that’s back to > the root of my problem… I would like to somehow reuse the $myPackages > structure with different values for $php_version. > > Mhmm… as I write this this sounds like a use for a template… > > Regards > Jochen &

Re: [Puppet Users] refactor use of ensure_packages to install new versions of php packages

ages to be installed and another for the ones to be removed. > > But I want to manage only one list of packages… more save against errors > managing the list… I have those packages all over the place... > > I will have to think along the lines of single and double quoting… thx > &g

Re: [Puppet Users] refactor use of ensure_packages to install new versions of php packages

Glad you managed to figure it out, and thanks for posting your solution for posterity! On Tuesday, October 13, 2020 at 12:26:35 PM UTC-4 jochen@gmail.com wrote: > Hi all, > > I solved this with the use of puppet iteration functions: > > class profile::software::apache ( > $php_version

[Puppet Users] Re: Nonconformist Ubuntu based distro users

I'm currently using Puppet Enterprise (under 10 nodes) on my personal network. I've run into some of the same issues that you have. I run Kubuntu on my desktop, which works perfectly as an Ubuntu derivative. I've used KDE Neon (another Ubuntu derivative) briefly in the past too, and from what

[Puppet Users] Re: Puppet Enterprise 2021.5 is now available!

Thanks for the new platform support. Any idea on when we'll see Ubuntu 20.04 as a supported platform for the main PE server? On Tuesday, February 15, 2022 at 6:58:50 PM UTC-5 Puppet Product Updates wrote: > The latest release for the Puppet Enterprise release track, PE 2021.5, is > now availa

[Puppet Users] Re: Problems with Forge Module puppet-firewall on RHEL 8.5

I posted on the GitHub issue, but I'll TL;DR it here for future searchers: I recommended setting the `module` parameter to `netbios-ns` which is in line with how RedHat recommended fixing the underlying firewall issue. It's probably just a case of differences between RHEL 7 and RHEL 8, and the

Re: [Puppet Users] saz-ssh, hiera and options

You can easily do that with an Operating System-specific layer to your hiera. Add something like `os/$facts['osfamily'].yaml` to your hiera.yaml. Then, you can have a FreeBSD.yaml, and a Debian.yaml in your hiera data. (Ubuntu is part of the Debian OS Family.) Put the proper parameter block in