summaryrefslogtreecommitdiffstats
path: root/lib/puppet/defaults.rb
Commit message (Collapse)AuthorAgeFilesLines
* Set ENV['PATH'] to an empty string if non-existentNigel Kersten2009-06-281-1/+1
| | | | Signed-off-by: Nigel Kersten <nigelk@google.com>
* Change the diff default output to "unified"Stig Sandbeck Mathisen2009-06-261-1/+1
|
* Removing deprecated :pluginpath settingLuke Kanies2009-06-191-6/+0
| | | | Signed-off-by: Luke Kanies <luke@madstop.com>
* Changing the preferred serialization format to jsonLuke Kanies2009-06-061-1/+1
| | | | | | | | | This won't affect most people, but it's a good default to have for those who can support it. Signed-off-by: Luke Kanies <luke@madstop.com> Minor changes to previous commit
* Switching Queueing to using JSON instead of YAMLLuke Kanies2009-06-061-1/+1
| | | | | | This provides about a 75x speedup, so it's totally worth it. The downside is that queueing requires json, but only on the server side.
* Removed extra whitespace from end of linesIan Taylor2009-06-061-14/+14
|
* Added .git to pluginsignore default list of ignoresJames Turnbull2009-05-091-1/+1
|
* Fixing rails feature testLuke Kanies2009-04-241-1/+1
| | | | Signed-off-by: Luke Kanies <luke@madstop.com>
* Failing to enable storeconfigs if ActiveRecord isn't availableLuke Kanies2009-04-251-0/+1
| | | | | | This is the last step to fixing #2189. Signed-off-by: Luke Kanies <luke@madstop.com>
* Fix #1875 - Add a REST authorization systemBrice Figureau2009-04-231-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch introduces a new configuration file (and configuration setting to set it). Each REST request is checked against this configuration file, and is either allowed or denied. The configuration file has the following format: path /uripath method <methods> allow <ip> or <name> deny <ip> or <name> or path ~ <regex> method <methods> allow <ip> or <name> deny <ip> or <name> where regex is a ruby regex. This last syntax allows deny/allow interpolation from the regex captures: path ~ /files[^/]+/files/([^/]+)/([^/])/ method find allow $2.$1 If you arrange your files/ directory to have files in 'domain.com/host/', then only the referenced host will be able to access their files, other hosts will be denied. For instance: files/reductivelabs.com/dns/... files/reductivelabs.com/www/... then only files in dns can be accessible by dns.reductivelabs.com and so on... If the auth.conf file doesn't exist puppet uses sane defaults that allows clients to check-in and ask for their configurations... Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
* Adding support for specifying a preferred serialization formatLuke Kanies2009-04-221-3/+5
| | | | | | | | | | This isn't that great, but at least it provides basic tuning of the format. Also removing the catalog_format default, since it's no longer used. Signed-off-by: Luke Kanies <luke@madstop.com>
* Finishing class renamesLuke Kanies2009-04-221-2/+2
| | | | | | | | | | I missed some of the Catalog mentions, and its constant changed. I've also added tests so this will get caught next time. Signed-off-by: Luke Kanies <luke@madstop.com>
* Adding defaults necessary for queueingLuke Kanies2009-04-221-2/+19
| | | | These are all of the defaults needed to configure queueing.
* Using a setting for configuring queueingLuke Kanies2009-04-221-1/+2
| | | | | | | Removing class methods and such, and switching to relying solely on a setting for the queue configuration. Signed-off-by: Luke Kanies <luke@madstop.com>
* Switching to Indirected ActiveRecordLuke Kanies2009-04-221-4/+18
| | | | | | | | | | | This is mostly a configuration change, with some code getting removed. Also adding an extra require in Format; Puppet::Provider requires Puppet::Provider::Confiner, so the constant lookup is weird. Signed-off-by: Luke Kanies <luke@madstop.com>
* Partially fixing #1765 - node searching supports strict hostname checkingLuke Kanies2009-04-221-1/+4
| | | | | | | | With the new 'strict_hostname_checking' option enabled, the compiler will only search for the literal certificate name in its list of nodes. Signed-off-by: Luke Kanies <luke@madstop.com>
* Merge branch '0.24.x'Luke Kanies2009-04-021-0/+9
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: bin/ralsh lib/puppet/executables/client/certhandler.rb lib/puppet/parser/functions/versioncmp.rb lib/puppet/parser/resource/reference.rb lib/puppet/provider/augeas/augeas.rb lib/puppet/provider/nameservice/directoryservice.rb lib/puppet/provider/ssh_authorized_key/parsed.rb lib/puppet/type.rb lib/puppet/type/file/checksum.rb spec/integration/defaults.rb spec/integration/transaction/report.rb spec/unit/executables/client/certhandler.rb spec/unit/indirector/ssl_rsa/file.rb spec/unit/node/catalog.rb spec/unit/provider/augeas/augeas.rb spec/unit/rails.rb spec/unit/type/ssh_authorized_key.rb spec/unit/type/tidy.rb test/executables/filebucket.rb test/executables/puppetbin.rb
| * Fixing #1631 - adding /sbin and /usr/sbin to PATHLuke Kanies2009-03-241-0/+9
| | | | | | | | | | | | | | This is a trivial fix but seems to crop up more often than it should. Signed-off-by: Luke Kanies <luke@madstop.com>
* | Moving the clientyamldir setting into the puppetd sectionLuke Kanies2009-02-281-2/+2
| | | | | | | | Signed-off-by: Luke Kanies <luke@madstop.com>
* | Fixing #1729 - puppetmasterd can now read certs at startupLuke Kanies2008-12-181-71/+46
| | | | | | | | | | | | | | | | | | | | The main aspect of this solution is to create a site-wide Puppet::SSL::Host instance to cache ssl key and certificate, so that by the time we've switched UIDs, we've got the key and cert in memory. Then webrick just uses that, rather than creating a new Host instance. Signed-off-by: Luke Kanies <luke@madstop.com>
* | Finishing the work to use Puppet::Resource instead of TransObjectLuke Kanies2008-12-181-9/+11
| | | | | | | | | | | | | | | | | | | | | | | | This was a complicated project because TransObject had made its way into too many classes. The usage by Util::Settings was particularly nefarious. Refactoring and fixing this exposed some other issues. The main complication, though, was the extent to which the Puppet::Type class depended on TransObject. Signed-off-by: Luke Kanies <luke@madstop.com>
* | Merge branch '0.24.x'Luke Kanies2008-12-021-1/+1
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: bin/puppetca lib/puppet/type/group.rb lib/puppet/type/tidy.rb lib/puppet/util/settings.rb Also edited the following files so tests will pass: lib/puppet/type/component.rb spec/unit/ssl/certificate_request.rb spec/unit/type/computer.rb spec/unit/type/mcx.rb spec/unit/type/resources.rb spec/unit/util/settings.rb spec/unit/util/storage.rb test/ral/type/zone.rb
* | Fixing :bindaddress setting to work with the new server subsystem.Luke Kanies2008-11-031-3/+6
| | | | | | | | | | | | | | It now automatically switches values depending on server type, while still allowing overriding. Signed-off-by: Luke Kanies <luke@madstop.com>
* | Merge branch '0.24.x' Removed the 'after' blocks that call Type.clear,Luke Kanies2008-10-171-6/+1
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | since that method is deprecated. Conflicts: CHANGELOG bin/puppetca lib/puppet/file_serving/fileset.rb lib/puppet/network/xmlrpc/client.rb lib/puppet/type/file/selcontext.rb spec/unit/file_serving/metadata.rb spec/unit/type/file.rb
| * Fixing #1614 - Environments no longer have to be listed out.Luke Kanies2008-10-031-6/+1
| | | | | | | | Signed-off-by: Luke Kanies <luke@madstop.com>
* | Merge branch '0.24.x'Luke Kanies2008-09-231-1/+2
|\| | | | | | | | | | | | | | | | | | | Conflicts: lib/puppet/metatype/container.rb lib/puppet/metatype/instances.rb lib/puppet/metatype/metaparams.rb lib/puppet/metatype/relationships.rb lib/puppet/metatype/schedules.rb
| * Bug #1550 - Rework to avoid regressing rspec tests, add new rspec tests for ↵Paul Nasrat2008-09-201-1/+2
| | | | | | | | | | | | templatedir as a path Signed-off-by: Paul Nasrat <pnasrat@googlemail.com>
* | Merge branch '0.24.x' into mergingLuke Kanies2008-07-291-1/+4
|\| | | | | | | | | | | Conflicts: test/ral/type/filesources.rb
| * You can now select the encoding format when transferring the catalog,Luke Kanies2008-07-181-1/+4
| | | | | | | | | | | | | | | | | | | | with 'yaml' still being the default but 'marshal' being an option. This is because testing has shown drastic performance differences between the two, with up to 70% of compile time being spent in YAML code. Use the 'catalog_format' setting to choose your format, and the setting must be set on the client. Signed-off-by: Luke Kanies <luke@madstop.com>
* | Merge branch '0.24.x'Luke Kanies2008-07-041-3/+3
|\| | | | | | | | | | | | | | | | | | | Conflicts: lib/puppet/util/settings.rb spec/integration/defaults.rb spec/unit/node/catalog.rb spec/unit/type/interface.rb spec/unit/type/ssh_authorized_key.rb
| * Fixed #1232 - the rundir no longer specifies a user/group,Luke Kanies2008-07-031-3/+3
| | | | | | | | | | | | and there are now client- and server-specific yaml directories. Signed-off-by: Luke Kanies <luke@madstop.com>
* | Merge branch '0.24.x'Luke Kanies2008-06-161-2/+6
|\| | | | | | | | | | | | | | | Conflicts: CHANGELOG lib/puppet/defaults.rb spec/integration/defaults.rb
| * Fixing #1168 (for 0.24.x) -- automatically downcasing the fqdn.Luke Kanies2008-06-151-2/+6
| | | | | | | | | | | | Also requiring that passed in certnames be downcased; the setting system isn't currently flexible enough to automatically downcase it for the user.
* | Merge branch '0.24.x'Luke Kanies2008-05-201-3/+9
|\| | | | | | | | | | | | | | | | | | | Conflicts: CHANGELOG spec/integration/defaults.rb spec/integration/node/catalog.rb spec/unit/rails.rb spec/unit/type/mount.rb
| * Modified the 'factpath' setting to automatically configureLuke Kanies2008-05-161-3/+5
| | | | | | | | | | Facter to load facts there if a new enough version of Facter is used.
| * Added the ability to add arbitrary attributes to ldap.Gunnar Wrobel2008-05-151-0/+4
| | | | | | | | This fixes #1179.
* | The CRL is now automatically used or ignored.Luke Kanies2008-05-071-6/+2
| | | | | | | | | | | | | | | | | | Previously, you had to configure whether you wanted the CRL or not, which resulted in errors all the time when it was configured but unavailable. Now, Puppet will always create and try to use it, but you won't get failures if it's unavailable.
* | The master and client now successfully speak xmlrpc using the new system.Luke Kanies2008-05-071-9/+9
| | | | | | | | | | | | The server is actually serving REST, but the client can't use it until we resolve the format and security issues that REST hasn't yet tackled.
* | Moving some http configuration values to the mainLuke Kanies2008-05-051-14/+14
| | | | | | | | defaults section, rather than the puppetd section.
* | I think I've now got the Webrick SSL support working.Luke Kanies2008-04-281-1/+10
| | | | | | | | | | Now I just need to get xmlrpc working alongside REST in both mongrel and webrick.
* | Adding integration tests for a lot of the SSL code.Luke Kanies2008-04-171-1/+1
| | | | | | | | | | This flushed out some problems, and things mostly look good now, but I don't think we're quite there yet.
* | Changing all of the SSL terminus classes to treat CA files specially.Luke Kanies2008-04-171-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a kind of weird design situation. For instance, we've got a collection of certificates in the :certdir, but then there's a special CA certificate off by itself. Rather than build a whole separate infrastructure for managing those separate files (cert and key, at least), I decided to add special support for specifying where to find the CA-specific bits, and then code for handling them when necessary. This requires that we have a standard way of knowing whether we should be managing the CA bits or normal host files. The Puppet::SSL::Host class now has a 'ca_name' method that returns the string we're using for the CA name; this name is currently 'ca'. We have to use a name, because the name is the only thing that all methods have access to (e.g., when trying to 'find' the right cert, we only have the name available). What this means is that if you want access to the CA key or cert, then create a Puppet::SSL::Host instance with the name 'ca'. You'll still get the CA cert created with the host's :certname; it will just be stored in a different location.
* | Adding he last of the indirection classes for the sslLuke Kanies2008-04-151-0/+1
|/ | | | classes, finally including the certificate requests.
* Changing the default environment to production.Luke Kanies2008-04-081-1/+1
|
* Fixing #1138 -- the yamldir is automatically created by theLuke Kanies2008-03-241-6/+5
| | | | | server now that it's in the :puppetmasterd section rather than a separate :yaml section.
* Ported #198 man page creation functionality to 0.24.x branchJames Turnbull2008-03-221-3/+3
|
* Regression in :node_name functionalityJohn Ferlito2008-03-141-2/+2
| | | | When :node_name="cert" is specified the 'hostname' fact should be set to the SSL certificate common name instead of the results from facter. I've extended this to also set 'domain' and 'fqdn' since that makes a lot of sense to me. This fixes a regression introduced in SVN#1673
* Ticket #1041Andrew Shafer2008-03-051-0/+1
| | | | | | | | | | The CA serial file was getting owned by root because it was using a different method to write to file Pulled the readwritelock out of lib/puppet/sslcertificates/ca.rb into lib/puppet/util/settings.rb Refactored write, writesub and readwritelock a bit to reuse code (write and readwritelock both call writesub) Added a mode to :serial in lib/puppet/util/defaults.rb
* Fixing #1062 by moving the yamldir setting to its own yamlLuke Kanies2008-02-281-2/+5
| | | | | section. This should keep the yamldir from being created on clients.
* Applying patch by Jay to fix #989 -- missing crl files areLuke Kanies2008-02-071-1/+1
| | | | | correctly ignored, and you now use 'false' instead of 'none' to explicitly ignore them.
generated by cgit (git 2.34.1) at 2025-09-26 13:39:16 +0000