puppet 4: webserver configuration
182 views
Skip to first unread message
Sergey Arlashin
Jun 15, 2015, 12:42:12 PM6/15/15
to puppet...@googlegroups.com
Hi!
I'm trying to configure webserver via conf.d/webserver.conf .
The purpose is to add an extra web resource called 'secure-store' that can be used later in 'file' resource type.
This is how webserver.conf looks at the moment:
webserver: {
default: {
access-log-config = /etc/puppetlabs/puppetserver/request-logging.xml
client-auth = want
ssl-host = 0.0.0.0
ssl-port = 8140
default-server: true
}
secure-store: {
access-log-config = /etc/puppetlabs/puppetserver/request-logging.xml
ssl-host = 0.0.0.0
ssl-port = 8141
ssl-cert = /etc/puppetlabs/puppet/ssl/certs/p4server.site.pem
ssl-key = /etc/puppetlabs/puppet/ssl/private_keys/p4server.site.pem
ssl-ca-cert = /etc/puppetlabs/puppet/ssl/ca/ca_crt.pem
client-auth = need
static-content: [{resource: "/etc/puppetlabs/code/secure_store/"
path: "/secure-store"}]
}
}
I can easily get files from there with curl :
# curl -k --key ./private_keys/p4agent.site.pem --cert ./certs/p4agent.site.pem https://p4server:8141/secure-store/testtest.txt
But I cannot get anything using 'file' resource type in my manifests:
This is how it looks:
file { '/tmp/testfile.txt':
ensure => present,
owner => root,
group => root,
mode => '0700',
source => 'puppet://p4server.site:8141/secure-store/testtest.txt'
}
I see the following error when I try to run it:
Error: /Stage[main]/Testfile/File[/tmp/testfile.txt]: Could not evaluate: Could not retrieve information from environment production source(s) puppet://p4server.site:8141/secure-store/testtest.txt
And the following record in puppetserver-access.log:
"GET /puppet/v3/file_metadata/secure-store/testtest.txt?environment=production&links=manage&checksum_type=md5&source_permissions=ignore HTTP/1.1" 0 0 p4agent.site 172.16.15.12 8141 1
Could anyone please tell if I'm doing anything completely wrong or I misunderstood the idea of webserver thing regarding new puppet server ?
Thanks in advance.
--
Best regards,
Sergey Arlashin
I'm trying to configure webserver via conf.d/webserver.conf .
The purpose is to add an extra web resource called 'secure-store' that can be used later in 'file' resource type.
This is how webserver.conf looks at the moment:
webserver: {
default: {
access-log-config = /etc/puppetlabs/puppetserver/request-logging.xml
client-auth = want
ssl-host = 0.0.0.0
ssl-port = 8140
default-server: true
}
secure-store: {
access-log-config = /etc/puppetlabs/puppetserver/request-logging.xml
ssl-host = 0.0.0.0
ssl-port = 8141
ssl-cert = /etc/puppetlabs/puppet/ssl/certs/p4server.site.pem
ssl-key = /etc/puppetlabs/puppet/ssl/private_keys/p4server.site.pem
ssl-ca-cert = /etc/puppetlabs/puppet/ssl/ca/ca_crt.pem
client-auth = need
static-content: [{resource: "/etc/puppetlabs/code/secure_store/"
path: "/secure-store"}]
}
}
I can easily get files from there with curl :
# curl -k --key ./private_keys/p4agent.site.pem --cert ./certs/p4agent.site.pem https://p4server:8141/secure-store/testtest.txt
But I cannot get anything using 'file' resource type in my manifests:
This is how it looks:
file { '/tmp/testfile.txt':
ensure => present,
owner => root,
group => root,
mode => '0700',
source => 'puppet://p4server.site:8141/secure-store/testtest.txt'
}
I see the following error when I try to run it:
Error: /Stage[main]/Testfile/File[/tmp/testfile.txt]: Could not evaluate: Could not retrieve information from environment production source(s) puppet://p4server.site:8141/secure-store/testtest.txt
And the following record in puppetserver-access.log:
"GET /puppet/v3/file_metadata/secure-store/testtest.txt?environment=production&links=manage&checksum_type=md5&source_permissions=ignore HTTP/1.1" 0 0 p4agent.site 172.16.15.12 8141 1
Could anyone please tell if I'm doing anything completely wrong or I misunderstood the idea of webserver thing regarding new puppet server ?
Thanks in advance.
--
Best regards,
Sergey Arlashin
Thomas Müller
Jun 16, 2015, 3:28:00 AM6/16/15
to puppet...@googlegroups.com
I would configure a apache in front of puppetserver (sample vhost: https://groups.google.com/forum/#!topic/puppet-users/ECZ4-9XD7e0) to serve other content.
I suppose that the puppet server is not thought as a general purpose webserver.
- Thomas
Sergey Arlashin
Jun 16, 2015, 6:10:11 AM6/16/15
to puppet...@googlegroups.com
Thomas,
I would configure a apache in front of puppetserver (sample vhost: https://groups.google.com/forum/#!topic/puppet-users/ECZ4-9XD7e0) to serve other content.I suppose that the puppet server is not thought as a general purpose webserver.
I understand that puppet server is not a general purpose web server. And the idea is not to serve ‘other content’ but to mimic puppet 3 fileserver.conf: https://docs.puppetlabs.com/puppet/latest/reference/config_file_fileserver.html
so that I could serve files from some additional location, not from modules/modulename/files
In puppet 3 I could do that with fileserver.conf :
[extra_files]
path /etc/puppetlabs/puppet/extra_files
allow *And then I could get it with ‘file’ resource type:
But with puppet 4 I don’t know how to do that.
Thank you.
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/9ed3aa8d-87fb-4ad5-bf8f-30e61fced02d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages