I've noticed two other things that may need fixing:
- It may be a copy and paste error, but you don't close your Match Address
string in the pasted Hiera file above. That would cause your Yaml to be
incorrect, and probably ignored.
- In site.pp, you use the resource-like syntax for including the class.
I'm not sure what this does for automatic hiera parameter lookup, but it's
usually safer to use include syntax instead. I'd change your entry in
site.pp to be
node lhcsrvprdcms01.domain.com {
include permitroot
}
BTW, out of curiosity, are you using the Puppet PDK
<https://puppet.com/docs/pdk/1.x/pdk.html> to develop this module? It
brings *a lot* of boilerplate, but it also brings things like Yaml syntax
validating and syntax validating that might help you out while you're
learning.
On Friday, July 31, 2020 at 10:46:13 AM UTC-4, Dan Crisp wrote:
>
> Thanks for the reply.
>
> Unfortunately although my YAML file didn't have the .yaml suffix and I
> didn't have a data directory, after making the necessary changes, the same
> problem persists:
>
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER:
> Server Error: Evaluation Error: Error while evaluating a Resource
> Statement, Class[Permitroot]: expects a value for parameter
> 'permitroot_config' (file:
> /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 49,
> column: 3) on node lhcsrvprdcms01.fixnetix
>
> # pwd
> /etc/puppetlabs/code/environments/production
>
> # ll data/nodes/lhcsrvprdcms01.fixnetix.com.yaml
> -rw-r--r--. 1 root root 103 Jul 30 12:09
> data/nodes/lhcsrvprdcms01.fixnetix.com.yaml
>
>
> On Friday, July 31, 2020 at 2:15:18 PM UTC+1, A Manzer wrote:
>>
>> You need to put your nodes hiera folder under a data folder. (*All*
>> your hiera data goes under a data folder.)
>>
>> Also, ensure that your yaml file is named lhcsrvprdcms01.domain.com.yaml.
>> You need the *full* node name, *and* the .yaml at the end for hiera to
>> find it. That's tripped me up a few times...
>>
>> On Thursday, July 30, 2020 at 10:43:13 AM UTC-4, Dan Crisp wrote:
>>>
>>> Hello experts,
>>>
>>> I'm struggling with some node specific heria. I basically want to add
>>> the following lines to a number of nodes:
>>>
>>> Match Address xx.xx.xx.xx
>>> PermitRootLogin without-password
>>>
>>> I have the following in place in an attempt to acheive this:
>>>
>>> # pwd
>>> /etc/puppetlabs/code/environments/production/modules/permitroot/manifests
>>>
>>> # more *
>>>
>>> ::::::::::::::
>>> config.pp
>>> ::::::::::::::
>>> class permitroot::config (
>>> $config_path = $permitroot::params::config_path
>>> ) inherits permitroot::params {
>>> if $facts['os']['release']['major'] =~ /7/ {
>>> file { 'Update SSHD PermitRoot':
>>> ensure => $permitroot::config_present,
>>> path => $permitroot::config_path,
>>> content => $permitroot::permitroot_config.join("\n"),
>>> owner => root,
>>> group => root,
>>> mode => '0600'
>>> }
>>> } else {
>>> notice ('Assuming RHEL 6.x thus taking no action')
>>> }
>>> }
>>> ::::::::::::::
>>> init.pp
>>> ::::::::::::::
>>> class permitroot (
>>> $service_name = $permitroot::params::service_name,
>>> $config_path = $permitroot::params::config_path,
>>> Array[String] $permitroot_config,
>>> String $service_ensure,
>>> Boolean $service_enable,
>>> Boolean $service_hasrestart,
>>> ) inherits permitroot::params {
>>> contain permitroot::config
>>> contain permitroot::service
>>>
>>> Class['permitroot::config']
>>> -> Class['permitroot::service']
>>> }
>>> ::::::::::::::
>>> params.pp
>>> ::::::::::::::
>>> class permitroot::params {
>>> $service_name = 'sshd'
>>> $config_path = '/etc/ssh/sshd_config'
>>> }
>>> ::::::::::::::
>>> service.pp
>>> ::::::::::::::
>>> class permitroot::service (
>>> $service_name = $permitroot::params::service_name,
>>> ) inherits permitroot::params {
>>> service {'permitroot_service':
>>> name => $service_name,
>>> ensure => $permitroot::service_ensure,
>>> enable => $permitroot::service_enable,
>>> hasrestart => $permitroot::service_hasrestart,
>>> }
>>> }
>>>
>>> This is probably not the best method and I'm still learning and don't
>>> want to use a module that has already been created by someone else at this
>>> point.
>>>
>>> Here is the node specific heria:
>>>
>>> # pwd
>>> /etc/puppetlabs/code/environments/production/nodes
>>>
>>> # more *
>>> permitroot::permitroot_config:
>>> - 'Match Address xx.xx.xx.xx
>>> - 'PermitRootLogin without-password'
>>>
>>> Hiera file:
>>>
>>> # pwd
>>> /etc/puppetlabs/code/environments/production
>>>
>>> # more hiera.yaml
>>> ---
>>> version: 5
>>> defaults:
>>> # The default value for "datadir" is "data" under the same directory
>>> as the hiera.yaml
>>> # file (this file)
>>> # When specifying a datadir, make sure the directory exists.
>>> # See https://puppet.com/docs/puppet/latest/environments_about.html
>>> for further details on environments.
>>> #datadir: data
>>> data_hash: yaml_data
>>> hierarchy:
>>> - name: "Per-node data" # Human-readable name.
>>> path: "nodes/%{trusted.certname}.yaml" # File path, relative to
>>> datadir.
>>>
>>> - name: "Per-OS defaults"
>>> path: "os/%{facts.os.family}.yaml"
>>>
>>> - name: "Common data"
>>> path: "common.yaml"
>>>
>>> Site.pp file:
>>>
>>> # more site.pp
>>> ...
>>> ...
>>> ...
>>> node lhcsrvprdcms01.domain.com {
>>> class { 'permitroot': }
>>> }
>>>
>>> When I run the puppet agent on the server about were I want the new
>>> vaules added, I see the see returned the following:
>>>
>>> # puppet agent --no-daemonize --onetime --verbose --noop
>>> Info: Using configured environment 'production'
>>> Info: Retrieving pluginfacts
>>> Info: Retrieving plugin
>>> Info: Retrieving locales
>>> Info: Loading facts
>>> Error: Could not retrieve catalog from remote server: Error 500 on
>>> SERVER: Server Error: Evaluation Error: Error while evaluating a Resource
>>> Statement, Class[Permitroot]: expects a value for parameter
>>> 'permitroot_config' (file:
>>> /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 49,
>>> column: 3) on node lhcsrvprdcms01.fixnetix.com
>>> Info: Using cached catalog from environment 'production'
>>> Info: Applying configuration version '1596101172'
>>> Notice: Applied catalog in 2.39 seconds
>>>
>>> Any help here would be appreciated.
>>>
>>> Thanks,
>>> Dan.
>>>
>>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/efab85b2-6c12-43b4-9d77-cf543a8ad2c1o%40googlegroups.com.
