on one file consistently impacts the other
one.
Help ?!
On Tuesday, February 2, 2021 at 3:18:17 PM UTC+11 comport3 wrote:
> EDIT: Do NOT use the previously provided workaround. For reasons I DO NOT
> currently understand, it's also changing the ownership of the private key
> located
2021 at 11:12:04 AM UTC+11 comport3 wrote:
> Here is a workaround for anyone else affected by the same issue, noting
> the caveat is it will apply on every run -
>
> class profile::puppetdb inherits puppetdb {
> contain puppetdb
> contain puppetdb::master::config
&g
group => $puppetdb_group,
mode=> '0644';
$ssl_ca_cert_path:
ensure => file,
owner => $puppetdb_user,
group => $puppetdb_group,
mode=> '0644';
}
}
On Tuesday, February 2, 2021 at 10:00:43 AM UTC+11 comport3 wrote:
> Tryi
o
'puppet' failed: Failed to set group to '998': Operation not permitted @
apply2files - /etc/puppetlabs/puppet/ssl/certs/ca.pem
```
On Monday, February 1, 2021 at 1:35:02 PM UTC+11 comport3 wrote:
>
> It seems the puppet agent, when invoked by the service or manually, is
> resett
It seems the puppet agent, when invoked by the service or manually, is
resetting the permissions on the files in the puppetdb ssldir
(/etc/puppetlabs/puppetdb/ssl/*.pem) from puppetdb:puppetdb to
puppet:puppet AND the mode on the
mode on the 'private.pem' file to 0640, which means the next
You will need to enable DNS alt names in your CA config, and issue a few
names per server - likely including a common one shared by all nodes such
as "puppetdb.domain.example".
https://puppet.com/docs/puppetserver/6.12.2/scaling_puppet_server.html =>
dns_alt_names
Then you'll need to go through
Whilst trying to test a new Puppet v7.0.0 master (which is OK) and
PuppetDB, I get the following on PuppetDB:
Error: Could not retrieve catalog from remote server: Error 500 on SERVER:
Internal Server Error: org.jruby.exceptions.LoadError: (LoadError) no such
file to load --
Puppet bolt might be what you're after if there's a privileged key trust in
place..
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
nd another in the planning
stage.
On Thursday, April 30, 2020 at 3:20:17 AM UTC+10, Justin Stoller wrote:
>
>
>
> On Tue, Apr 28, 2020 at 4:46 PM comport3 >
> wrote:
>
>> Thanks for the update Gabriel, appreciated. Do you know when v6.15.0 is
>> expected to be release, ev
use the nightly builds in the meantime:
> http://nightlies.puppet.com/apt/
>
> Thanks,
> Gabriel
>
>
> On Sun, Apr 26, 2020, 10:55 comport3 >
> wrote:
>
>> This is the same as my experience on Friday - the release file is there
>> but the packages are not ye
"Redo SSL setup after changing certificates
If you’ve recently changed the certificates in use by the PuppetDB server,
you’ll also need to update the SSL configuration for PuppetDB itself.
If you’ve installed PuppetDB from Puppet packages, you can simply re-run
the puppetdb ssl-setup command.
This is the same as my experience on Friday - the release file is there but
the packages are not yet available.
The 'bionic' release and binaries work perfectly well though if it gets you
past this step...
On Sunday, April 26, 2020 at 1:07:14 AM UTC+10, Arpit sharma wrote:
>
>
> Actually I am
Actually attempting to add the mentioned config to file
'/etc/puppetlabs/puppetserver/conf.d/metrics.conf' results in the
puppetserver service being unable to start, and this is logged -
clojure.lang.ExceptionInfo: Value does not match schema:
{:metrics-webservice {:mbeans disallowed-key}}
--
Thanks for this info, I think it points in the right direction.
Are you able to provide any example config or a link to how to action this?
It's not immediately obvious.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this
The latest version of PuppetDB v6.9.1 has removed localhost access to the
v1 API metrics.
Ref https://puppet.com/security/cve/CVE-2020-7943/
https://puppet.com/docs/puppet/latest/release_notes_puppet.html#puppet-resolved-issues-x.12.0
Given it's only "disabled by default", this suggests there is
What are the server specs? Any clues in /var/log/messages or
/var/log/syslog to give clues if it's an OOM error?
On Thursday, September 5, 2019 at 5:16:26 AM UTC+10, Prentice Bisbal wrote:
>
> I'm doing a fresh install of Puppet6 on CentOS 7.6:
>
> # rpm -qa | grep puppet
>
https://tickets.puppetlabs.com/browse/PA-2809
On Wednesday, July 24, 2019 at 6:34:19 AM UTC+10, Puppet Product Updates
wrote:
>
> This release contains bug fixes and enhancements, notably:
>
> Puppet 6.7 adds new `ca_fingerprint` setting verifies the CA bundle
> download against a fingerprint.
https://tickets.puppetlabs.com/browse/PA-2809
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion
The new version has introduced a regression that has broken our MTA
(Postfix), based on the camptocamp-postfix module.
Steps to reproduce on Ubuntu 18.04 LTS:
```
https://apt.puppetlabs.com/puppet6-release-bionic.deb
dpkg -i puppet6-release-bionic.deb
apt update;apt install -y puppet-agent
This has introduced a regression that has broken our MTA (Postfix), based
on the camptocamp-postfix module.
Steps to reproduce on Ubuntu 18.04 LTS:
```
https://apt.puppetlabs.com/puppet6-release-bionic.deb
dpkg -i puppet6-release-bionic.deb
apt update;apt install -y puppet-agent
puppet module
Thanks Martin, the PSIC repos are excellent - thanks!
And Tim, the logic of having the p_ modules avoiding namespace collisions
also makes perfect sense at scale.
I was thinking more of a searchable, more goal oriented view of sharing
Profiles that implement 1 or more technologies to form a
Presumably the majority of participants in this group are using the 'Roles
and Profiles' patterns in their Puppet deployments.
Although there is little to be gained from the Roles portion, often the way
technologies are integrated is driven by the logic in the Profiles section.
Has there been
Is there anything else that is needed to have a custom facter fact as a
batch file?
cat lib/facter/ssh_hostkey.bat
```
@ECHO OFF
for /f "tokens=2" %%a in ('type C:\ProgramData\ssh\ssh_host_ecdsa_key.pub')
do (set hostkey=%%a)
Echo ssh_hostkey=%hostkey%
```
Executes fine on the Windows host
You require Package[azurerepo] but haven't declared it anywhere.
Try either changing:
require => Package['azurerepo']
to
require => Yumrepo['azurerepo']
or add a package definition, eg.
package { 'azurerepo': ensure => present}
On Tuesday, March 26, 2019 at 9:11:17 PM UTC+11,
2019 at 8:43:55 PM UTC+11, Henrik Lindberg wrote:
>
> On 2019-03-08 03:13, comport3 wrote:
> > Hi Henrik,
> >
> > Thanks for your reply.
> >
> > I still don't really understand how to use your example - is it an
> > additional custom function written
root: message => $secret_lookup[mysql_root_password]}
}
Help?! :-)
On Thursday, February 28, 2019 at 4:29:15 AM UTC+11, Henrik Lindberg wrote:
>
> On 2019-02-27 00:01, comport3 wrote:
> > Hi Henrik and Group,
> >
> > Thank you very much, this sounds like exactly what
Hi Henrik and Group,
Thank you very much, this sounds like exactly what we are after. After
reviewing https://puppet.com/docs/puppet/6.3/hiera_custom_backends.html we
are a little lost as to how to get started. Does anyone have any example
code of using a Customer Backend or Puppet Function in
:
>
>
>
> On Sun, Feb 17, 2019 at 4:17 PM comport3 >
> wrote:
>
>> Does anyone have any real world examples of referencing Deferred lookups,
>> either in Puppet code or Hiera that you could share?
>>
>
> Ben Ford just gave a talk on this at Config Mana
Does anyone have any real world examples of referencing Deferred lookups,
either in Puppet code or Hiera that you could share?
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it,
```
Any ideas?
On Tuesday, October 9, 2018 at 11:12:39 PM UTC+11, comport3 wrote:
>
> Mentioned in the Puppet 6 release notes are the ability for a client to
> lookup secret data from Vault.
>
> Is there any more info on how to implement this?
>
> I have done extensive wo
We've made some more progress integrating Puppet 6+ Deferred lookups with
Vault for secrets storage.
The basic principle we've used for the isolation is to upload and sync a
Puppet TLS certificate per host, and lookup the relevant keys under there
for the secret storage.
```
vault write
as any advice it would be welcome.
On Monday, November 5, 2018 at 4:56:36 PM UTC+11, comport3 wrote:
>
> Hi Lindsay and Thomas,
>
> Thanks for your documentation - I'm having some problems getting the
> client lookup to work.
>
> I have the Puppetserver CA setup in Vault, and
issing?
On Saturday, October 13, 2018 at 2:20:02 AM UTC+11, Lindsey Smith wrote:
>
>
>
> On Wed, Oct 10, 2018 at 5:28 AM Thomas Müller > wrote:
>
>>
>>
>> Am Dienstag, 9. Oktober 2018 14:12:39 UTC+2 schrieb comport3:
>>>
>>> Mentioned in the
Hi All,
We are testing some Nagios stuff on Puppet 6 and it seems all the
previously native functionality was completely removed.
Is it available to be re-added via a Module? If not, why was it removed -
technical issues, etc??
Example to reproduce:
(on server to be monitored, exporting it's
Hopefully this helps someone in the future.
On Thursday, October 18, 2018 at 7:43:55 PM UTC+11, comport3 wrote:
>
> Hi All,
>
> When testing the latest version of ' puppetlabs-apache', in default mode
> and settings on Ubuntu 18.04 it works fine.
>
> When changing the mpm +
Hi John,
Thank you for your response. I tried putting the parameters directly into
Hiera as suggested and nothing happened.
I don't fully understand Part 2: "2. You need any applicable resource-like
declaration of class postgresql::server in the manifest set to not itself
bind a value to the
Hi All,
When testing the latest version of ' puppetlabs-apache', in default mode
and settings on Ubuntu 18.04 it works fine.
When changing the mpm + php + cgi it all ends in tears when the PHP version
mysteriously tries to go from 7.2 (available and default on OS) to 7.0.
Ala -
```
class {
Hi All,
We are integrating a new PuppetDB role, and note that there are some key
tuning parameters we'd like to modify to optimise the performance, such as
'shared_buffers' and 'work_mem'. Normally the methods to do this would be a
straight parameter lookup in Hiera, however these values are
Hi Eirik,
I think I understand what you want to do - set some sensible defaults, and just
get the most specific or unique parameters from Hiera.
This article by RIP helped me a lot to understand how to do that:
https://www.devco.net/archives/2015/12/16/iterating-in-puppet.php ' wildcard
and
not appear in logs and
reports, but do not want to continue deploying this methodology if it's not the
way the technology is headed.
https://github.com/comport3/puppet5-hiera-vault-poc
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To u
Using the latest Puppet 5.5+ and puppetlabs/mysql module 5.4.0, is there a
way to change the 'localhost' host portion of the root user?
Post deployment, I can use the following MySQL commands to change it, but
it breaks the Puppet module:
UPDATE mysql.user SET Host='%' WHERE Host='localhost'
41 matches
Mail list logo