Man Linux: Main Page and Category List

This  page  is autogenerated; any changes will get overwritten (last generated
on Sat Aug 28 14:00:20 -0700 2010)

       {:toc}

Specifying Configuration Parameters

       On The Command-Line +++++++++++++++++++ Every Puppet  executable  (with
       the  exception  of  puppetdoc) accepts all of the parameters below, but
       not all of the arguments make sense for every executable.

       I have tried to be as thorough as possible in the descriptions  of  the
       arguments,  so  it should be obvious whether an argument is appropriate
       or not.

       These  parameters  can  be  supplied  to  the  executables  either   as
       command-line  options  or  in the configuration file. For instance, the
       command-line invocation below would set the configuration directory  to
       /private/puppet:

           $ puppet agent --confdir=/private/puppet

       Note  that  boolean  options  are  turned  on  and  off with a slightly
       different syntax on the command line:

           $ puppet agent --storeconfigs

           $ puppet agent --no-storeconfigs

       The invocations  above  will  enable  and  disable,  respectively,  the
       storage of the client configuration.

       Configuration Files +++++++++++++++++++

       As  mentioned above, the configuration parameters can also be stored in
       a configuration file, located in the configuration directory. As  root,
       the  default  configuration  directory is /etc/puppet, and as a regular
       user, the default  configuration  directory  is  ~user/.puppet.  As  of
       0.23.0,  all  executables  look  for puppet.conf in their configuration
       directory (although they previously looked  for  separate  files).  For
       example,  puppet.conf is located at /etc/puppet/puppet.conf as root and
       ~user/.puppet/puppet.conf as a regular user by default.

       All executables will set any parameters set within the [main]  section,
       and each executable will also use one of the [master], [agent].

       File Format '''''''''''

       The  file  follows  INI-style  formatting. Here is an example of a very
       simple puppet.conf file:

           [main]
             confdir = /private/puppet
             storeconfigs = true

       Note that boolean parameters must be explicitly specified  as  true  or
       false as seen above.

       If  you need to change file parameters (e.g., reset the mode or owner),
       do so within curly braces on the same line:

           [main]
             myfile = /tmp/whatever {owner = root, mode = 644}

       If you're starting out with a fresh configuration, you may wish to  let
       the  executable  generate  a  template  configuration  file  for you by
       invoking the executable in question with the --genconfig  command.  The
       executable  will  print  a  template  configuration to standard output,
       which can be redirected to a file like so:

           $ puppet agent --genconfig > /etc/puppet/puppet.conf

       Note that this invocation will replace the contents of any pre-existing
       puppet.conf  file,  so  make  a  backup  of  your  present config if it
       contains valuable information.

       Like  the  --genconfig  argument,  the  executables   also   accept   a
       --genmanifest argument, which will generate a manifest that can be used
       to manage all of Puppet's  directories  and  files  and  prints  it  to
       standard output. This can likewise be redirected to a file:

           $ puppet agent --genmanifest > /etc/puppet/manifests/site.pp

       Puppet  can  also create user and group accounts for itself (one puppet
       group and one puppet user) if it is invoked as root with the  --mkusers
       argument:

           $ puppet agent --mkusers

Signals

       The  puppet  agent and puppet master executables catch some signals for
       special handling. Both daemons catch (SIGHUP), which forces the  server
       to  restart  tself.  Predictably,  interrupt  and terminate (SIGINT and
       SIGTERM) will shut down the server, whether it be an instance of puppet
       agent or puppet master.

       Sending the SIGUSR1 signal to an instance of puppet agent will cause it
       to immediately begin a new configuration transaction with  the  server.
       This signal has no effect on puppet master.

Configuration Parameter Reference

       Below is a list of all documented parameters. Not all of them are valid
       with all Puppet  executables,  but  the  executables  will  ignore  any
       inappropriate values.

       async_storeconfigs ++++++++++++++++++

       Whether  to  use  a  queueing  system  to provide asynchronous database
       integration. Requires that puppetqd be running and that 'PSON'  support
       for ruby be installed.

       o   Default: false

       authconfig ++++++++++

       The  configuration  file  that  defines  the  rights  to  the different
       namespaces  and  methods.  This  can  be  used  as   a   coarse-grained
       authorization system for both puppet agent and puppet master.

       o   Default: $confdir/namespaceauth.conf

       autoflush +++++++++

       Whether log files should always flush to disk.

       o   Default: false

       autosign ++++++++

       Whether  to enable autosign. Valid values are true (which autosigns any
       key request, and is a very bad idea), false (which never autosigns  any
       key  request),  and  the  path to a file, which uses that configuration
       file to determine which keys to sign.

       o   Default: $confdir/autosign.conf

       bindaddress +++++++++++

       The address a listening server should bind to. Mongrel servers  default
       to 127.0.0.1 and WEBrick defaults to 0.0.0.0.

       bucketdir +++++++++

       Where FileBucket files are stored.

       o   Default: $vardir/bucket

       ca ++

       Wether the master should function as a certificate authority.

       o   Default: true

       ca_days +++++++

       How  long  a certificate should be valid. This parameter is deprecated,
       use ca_ttl instead

       ca_md +++++

       The type of hash used in certificates.

       o   Default: md5

       ca_name +++++++

       The name to use the Certificate Authority certificate.

       o   Default: $certname

       ca_port +++++++

       The port to use for the certificate authority.

       o   Default: $masterport

       ca_server +++++++++

       The server to use for certificate authority requests. It's  a  separate
       server because it cannot and does not need to horizontally scale.

       o   Default: $server

       ca_ttl ++++++

       The  default TTL for new certificates; valid values must be an integer,
       optionally followed by one of the units 'y' (years of  365  days),  'd'
       (days), 'h' (hours), or 's' (seconds). The unit defaults to seconds. If
       this parameter is set, ca_days is ignored.  Examples  are  '3600'  (one
       hour) and '1825d', which is the same as '5y' (5 years)

       o   Default: 5y

       cacert ++++++

       The CA certificate.

       o   Default: $cadir/ca_crt.pem

       cacrl +++++

       The  certificate  revocation  list  (CRL)  for  the CA. Will be used if
       present but otherwise ignored.

       o   Default: $cadir/ca_crl.pem

       cadir +++++

       The root directory for the certificate authority.

       o   Default: $ssldir/ca

       cakey +++++

       The CA private key.

       o   Default: $cadir/ca_key.pem

       capass ++++++

       Where the CA stores the password for the private key

       o   Default: $caprivatedir/ca.pass

       caprivatedir ++++++++++++

       Where the CA stores private certificate information.

       o   Default: $cadir/private

       capub +++++

       The CA public key.

       o   Default: $cadir/ca_pub.pem

       catalog_format ++++++++++++++

       (Deprecated for 'preferred_serialization_format') What format to use to
       dump  the  catalog. Only supports 'marshal' and 'yaml'. Only matters on
       the client, since it asks the server for a specific format.

       catalog_terminus ++++++++++++++++

       Where to get node catalogs. This is useful to change if, for  instance,
       you'd  like to pre-compile catalogs and store them in memcached or some
       other easily-accessed store.

       o   Default: compiler

       cert_inventory ++++++++++++++

       A Complete listing of all certificates

       o   Default: $cadir/inventory.txt

       certdir +++++++

       The certificate directory.

       o   Default: $ssldir/certs

       certdnsnames ++++++++++++

       The DNS names on the Server certificate as a colon-separated  list.  If
       it's  anything  other than an empty string, it will be used as an alias
       in the created certificate. By default, only the server gets  an  alias
       set up, and only for 'puppet'.

       certificate_revocation ++++++++++++++++++++++

       Whether  certificate  revocation  should  be supported by downloading a
       Certificate Revocation List  (CRL)  to  all  clients.  If  enabled,  CA
       chaining will almost definitely not work.

       o   Default: true

       certname ++++++++

       The  name  to  use  when  handling  certificates. Defaults to the fully
       qualified domain name.

       o   Default: pelin.members.linode.com

       classfile +++++++++

       The file in which puppet agent stores a list of the classes  associated
       with  the retrieved configuration. Can be loaded in the separate puppet
       executable using the --loadclasses option.

       o   Default: $statedir/classes.txt

       client_datadir ++++++++++++++

       The directory in which serialized data is stored on the client.

       o   Default: $vardir/client_data

       clientbucketdir +++++++++++++++

       Where FileBucket files are stored locally.

       o   Default: $vardir/clientbucket

       clientyamldir +++++++++++++

       The directory in which client-side YAML data is stored.

       o   Default: $vardir/client_yaml

       code ++++

       Code to parse directly. This is essentially only used  by  puppet,  and
       should only be set if you're writing your own Puppet executable

       color +++++

       Whether  to  use  colors  when logging to the console. Valid values are
       ansi (equivalent to  true),  html  (mostly  used  during  testing  with
       TextMate), and false, which produces no color.

       o   Default: ansi

       confdir +++++++

       The main Puppet configuration directory. The default for this parameter
       is calculated based on the user. If the process is running as  root  or
       the  user  that  puppet  master is supposed to run as, it defaults to a
       system directory, but if it's running as any other user, it defaults to
       being in ~.

       o   Default: /etc/puppet

       config ++++++

       The configuration file for doc.

       o   Default: $confdir/puppet.conf

       config_version ++++++++++++++

       How  to determine the configuration version. By default, it will be the
       time that the configuration is parsed, but  you  can  provide  a  shell
       script  to  override  how the version is determined. The output of this
       script will be added to every log message in the reports, allowing  you
       to correlate changes on your hosts to the source version on the server.

       configprint +++++++++++

       Print the value of a specific configuration parameter. If  a  parameter
       is  provided  for  this,  then  the  value is printed and puppet exits.
       Comma-separate multiple values. For  a  list  of  all  values,  specify
       'all'.  This  feature  is only available in Puppet versions higher than
       0.18.4.

       configtimeout +++++++++++++

       How long the client should wait for the configuration to  be  retrieved
       before  considering  it a failure. This can help reduce flapping if too
       many clients contact the server at one time.

       o   Default: 120

       couchdb_url +++++++++++

       The url where the puppet couchdb database will be created

       o   Default: http://127.0.0.1:5984/puppet

       csrdir ++++++

       Where the CA stores certificate requests

       o   Default: $cadir/requests

       daemonize +++++++++

       Send the process into the background. This is the default.

       o   Default: true

       dbadapter +++++++++

       The type of database to use.

       o   Default: sqlite3

       dbconnections +++++++++++++

       The number of database connections. Only used when networked  databases
       are  used.  Will  be ignored if the value is an empty string or is less
       than 1.

       o   Default: 0

       dblocation ++++++++++

       The database cache for client configurations. Used for querying  within
       the language.

       o   Default: $statedir/clientconfigs.sqlite3

       dbmigrate +++++++++

       Whether to automatically migrate the database.

       o   Default: false

       dbname ++++++

       The name of the database to use.

       o   Default: puppet

       dbpassword ++++++++++

       The  database  password for caching. Only used when networked databases
       are used.

       o   Default: puppet

       dbport ++++++

       The database password for caching. Only used when  networked  databases
       are used.

       dbserver ++++++++

       The database server for caching. Only used when networked databases are
       used.

       o   Default: localhost

       dbsocket ++++++++

       The database socket location. Only used when  networked  databases  are
       used. Will be ignored if the value is an empty string.

       dbuser ++++++

       The  database  user for caching. Only used when networked databases are
       used.

       o   Default: puppet

       diff ++++

       Which diff command to use when printing differences between files.

       o   Default: diff

       diff_args +++++++++

       Which arguments to pass to the diff command when  printing  differences
       between files.

       o   Default: -u

       downcasefacts +++++++++++++

       Whether facts should be made all lowercase when sent to the server.

       o   Default: false

       dynamicfacts ++++++++++++

       Facts  that  are  dynamic;  these  facts  will be ignored when deciding
       whether changed facts should result  in  a  recompile.  Multiple  facts
       should be comma-separated.

       o   Default: memorysize,memoryfree,swapsize,swapfree

       environment +++++++++++

       The  environment Puppet is running in. For clients (e.g., puppet agent)
       this determines the environment itself, which is used to  find  modules
       and  much  more.  For  servers  (i.e., puppet master) this provides the
       default environment for nodes we know nothing about.

       o   Default: production

       evaltrace +++++++++

       Whether each resource should log  when  it  is  being  evaluated.  This
       allows you to interactively see exactly what is being done.

       o   Default: false

       external_nodes ++++++++++++++

       An  external command that can produce node information. The output must
       be a YAML dump of a hash, and that  hash  must  have  one  or  both  of
       classes  and  parameters, where classes is an array and parameters is a
       hash. For unknown nodes, the commands should exit with a non-zero  exit
       code.  This command makes it straightforward to store your node mapping
       information in other data sources like databases.

       o   Default: none

       factdest ++++++++

       Where Puppet should store facts that it pulls  down  from  the  central
       server.

       o   Default: $vardir/facts/

       factpath ++++++++

       Where  Puppet  should  look  for  facts. Multiple directories should be
       colon-separated, like normal PATH variables.

       o   Default: $vardir/lib/facter:$vardir/facts

       facts_terminus ++++++++++++++

       The node facts terminus.

       o   Default: facter

       factsignore +++++++++++

       What files to ignore when pulling down facts.

       o   Default: .svn CVS

       factsource ++++++++++

       From where to retrieve facts. The standard Puppet file type is used for
       retrieval, so anything that is a valid file source can be used here.

       o   Default: puppet://$server/facts/

       factsync ++++++++

       Whether facts should be synced with the central server.

       o   Default: false

       fileserverconfig ++++++++++++++++

       Where the fileserver configuration is stored.

       o   Default: $confdir/fileserver.conf

       filetimeout +++++++++++

       The  minimum  time to wait (in seconds) between checking for updates in
       configuration files. This timeout determines how quickly Puppet  checks
       whether a file (such as manifests or templates) has changed on disk.

       o   Default: 15

       freeze_main +++++++++++

       Freezes  the 'main' class, disallowing any code to be added to it. This
       essentially means that you can't have  any  code  outside  of  a  node,
       class, or definition other than in the site manifest.

       o   Default: false

       genconfig +++++++++

       Whether  to  just  print a configuration to stdout and exit. Only makes
       sense when used interactively. Takes into account  arguments  specified
       on the CLI.

       o   Default: false

       genmanifest +++++++++++

       Whether  to  just print a manifest to stdout and exit. Only makes sense
       when used interactively. Takes into account arguments specified on  the
       CLI.

       o   Default: false

       graph +++++

       Whether  to  create  dot  graph  files  for the different configuration
       graphs. These dot files can be interpreted by tools like OmniGraffle or
       dot (which is part of ImageMagick).

       o   Default: false

       graphdir ++++++++

       Where to store dot-outputted graphs.

       o   Default: $statedir/graphs

       group +++++

       The group puppet master should run as.

       o   Default: puppet

       hostcert ++++++++

       Where individual hosts store and look for their certificates.

       o   Default: $certdir/$certname.pem

       hostcrl +++++++

       Where  the  host's  certificate  revocation  list can be found. This is
       distinct from the certificate authority's CRL.

       o   Default: $ssldir/crl.pem

       hostcsr +++++++

       Where individual hosts store and look for their certificate requests.

       o   Default: $ssldir/csr_$certname.pem

       hostprivkey +++++++++++

       Where individual hosts store and look for their private key.

       o   Default: $privatekeydir/$certname.pem

       hostpubkey ++++++++++

       Where individual hosts store and look for their public key.

       o   Default: $publickeydir/$certname.pem

       http_compression ++++++++++++++++

       Allow http compression in REST  communication  with  the  master.  This
       setting  might  improve  performance for agent -> master communications
       over slow WANs. Your puppetmaster needs to support compression (usually
       by  activating  some  settings  in  a  reverse-proxy  in  front  of the
       puppetmaster, which rules out webrick). It is harmless to activate this
       settings if your master doesn't support compression, but if it supports
       it, this setting might reduce performance on high-speed LANs.

       o   Default: false

       http_proxy_host +++++++++++++++

       The HTTP proxy host to use for outgoing connections. Note: You may need
       to use a FQDN for the server hostname when using a proxy.

       o   Default: none

       http_proxy_port +++++++++++++++

       The HTTP proxy port to use for outgoing connections

       o   Default: 3128

       httplog +++++++

       Where the puppet agent web server logs.

       o   Default: $logdir/http.log

       ignorecache +++++++++++

       Ignore cache and always recompile the configuration. This is useful for
       testing new configurations, where the local cache may in fact be  stale
       even  if  the timestamps are up to date - if the facts change or if the
       server changes.

       o   Default: false

       ignoreimport ++++++++++++

       A parameter that can be used in commit hooks, since it enables  you  to
       parse-check a single file rather than requiring that all files exist.

       o   Default: false

       ignoreschedules +++++++++++++++

       Boolean;  whether  puppet agent should ignore schedules. This is useful
       for initial puppet agent runs.

       o   Default: false

       keylength +++++++++

       The bit length of keys.

       o   Default: 1024

       ldapattrs +++++++++

       The LDAP attributes to  include  when  querying  LDAP  for  nodes.  All
       returned  attributes  are  set  as  variables  in  the top-level scope.
       Multiple values should be comma-separated. The value 'all' returns  all
       attributes.

       o   Default: all

       ldapbase ++++++++

       The  search  base  for  LDAP  searches.  It's  impossible  to provide a
       meaningful default here, although the LDAP  libraries  might  have  one
       already  set.  Generally, it should be the 'ou=Hosts' branch under your
       main directory.

       ldapclassattrs ++++++++++++++

       The LDAP attributes to use to define Puppet classes. Values  should  be
       comma-separated.

       o   Default: puppetclass

       ldapnodes +++++++++

       Whether    to   search   for   node   configurations   in   LDAP.   See
       http://projects.puppetlabs.com/projects/puppet/wiki/LDAP_Nodes for more
       information.

       o   Default: false

       ldapparentattr ++++++++++++++

       The attribute to use to define the parent node.

       o   Default: parentnode

       ldappassword ++++++++++++

       The password to use to connect to LDAP.

       ldapport ++++++++

       The LDAP port. Only used if ldapnodes is enabled.

       o   Default: 389

       ldapserver ++++++++++

       The LDAP server. Only used if ldapnodes is enabled.

       o   Default: ldap

       ldapssl +++++++

       Whether  SSL should be used when searching for nodes. Defaults to false
       because SSL usually requires certificates to be set up  on  the  client
       side.

       o   Default: false

       ldapstackedattrs ++++++++++++++++

       The  LDAP  attributes  that  should  be stacked to arrays by adding the
       values in  all  hierarchy  elements  of  the  tree.  Values  should  be
       comma-separated.

       o   Default: puppetvar

       ldapstring ++++++++++

       The search string used to find an LDAP node.

       o   Default: (&(objectclass=puppetClient)(cn=%s))

       ldaptls +++++++

       Whether  TLS should be used when searching for nodes. Defaults to false
       because TLS usually requires certificates to be set up  on  the  client
       side.

       o   Default: false

       ldapuser ++++++++

       The user to use to connect to LDAP. Must be specified as a full DN.

       lexical +++++++

       Whether to use lexical scoping (vs. dynamic).

       o   Default: false

       libdir ++++++

       An  extra  search  path for Puppet. This is only useful for those files
       that Puppet will load on demand, and is only  guaranteed  to  work  for
       those  cases. In fact, the autoload mechanism is responsible for making
       sure this directory is in Ruby's search path

       o   Default: $vardir/lib

       listen ++++++

       Whether puppet agent should listen for connections. If  this  is  true,
       then  by default only the runner server is started, which allows remote
       authorized and authenticated nodes to connect and trigger puppet  agent
       runs.

       o   Default: false

       localcacert +++++++++++

       Where each client stores the CA certificate.

       o   Default: $certdir/ca.pem

       localconfig +++++++++++

       Where  puppet  agent  caches  the  local  configuration.  An  extension
       indicating the cache format is added automatically.

       o   Default: $statedir/localconfig

       logdir ++++++

       The Puppet log directory.

       o   Default: $vardir/log

       manage_internal_file_permissions ++++++++++++++++++++++++++++++++

       Whether Puppet should manage the owner, group, and  mode  of  files  it
       uses internally

       o   Default: true

       manifest ++++++++

       The entry-point manifest for puppet master.

       o   Default: $manifestdir/site.pp

       manifestdir +++++++++++

       Where puppet master looks for its manifests.

       o   Default: $confdir/manifests

       masterhttplog +++++++++++++

       Where the puppet master web server logs.

       o   Default: $logdir/masterhttp.log

       masterlog +++++++++

       Where  puppet  master logs. This is generally not used, since syslog is
       the default log destination.

       o   Default: $logdir/puppetmaster.log

       masterport ++++++++++

       Which port puppet master listens on.

       o   Default: 8140

       maximum_uid +++++++++++

       The maximum allowed UID. Some platforms use negative UIDs but then ship
       with tools that do not know how to handle signed ints, so the UIDs show
       up as huge numbers that can then not be fed back into the system.  This
       is  a  hackish  way  to  fail  in  a slightly more useful way when that
       happens.

       o   Default: 4294967290

       mkusers +++++++

       Whether to create the necessary user and group that puppet  agent  will
       run as.

       o   Default: false

       modulepath ++++++++++

       The search path for modules as a colon-separated list of directories.

       o   Default: $confdir/modules:/usr/share/puppet/modules

       name ++++

       The  name  of the application, if we are running as one. The default is
       essentially $0 without the path or .rb.

       o   Default: doc

       node_name +++++++++

       How the puppetmaster determines the  client's  identity  and  sets  the
       'hostname',  'fqdn'  and  'domain'  facts  for  use in the manifest, in
       particular for  determining  which  'node'  statement  applies  to  the
       client.  Possible  values  are  'cert'  (use  the  subject's  CN in the
       client's certificate) and 'facter' (use the hostname  that  the  client
       reported in its facts)

       o   Default: cert

       node_terminus +++++++++++++

       Where to find information about nodes.

       o   Default: plain

       noop ++++

       Whether puppet agent should be run in noop mode.

       o   Default: false

       onetime +++++++

       Run  the configuration once, rather than as a long-running daemon. This
       is useful for interactively running puppetd.

       o   Default: false

       parseonly +++++++++

       Just check the syntax of the manifests.

       o   Default: false

       passfile ++++++++

       Where puppet agent stores the password for its private  key.  Generally
       unused.

       o   Default: $privatedir/password

       path ++++

       The  shell  search  path.  Defaults  to  whatever is inherited from the
       parent process.

       o   Default: none

       pidfile +++++++

       The pid file

       o   Default: $rundir/$name.pid

       plugindest ++++++++++

       Where Puppet should store plugins that it pulls down from  the  central
       server.

       o   Default: $libdir

       pluginsignore +++++++++++++

       What files to ignore when pulling down plugins.

       o   Default: .svn CVS .git

       pluginsource ++++++++++++

       From  where  to retrieve plugins. The standard Puppet file type is used
       for retrieval, so anything that is a valid  file  source  can  be  used
       here.

       o   Default: puppet://$server/plugins

       pluginsync ++++++++++

       Whether plugins should be synced with the central server.

       o   Default: false

       postrun_command +++++++++++++++

       A  command  to  run  after  every  agent run. If this command returns a
       non-zero return code, the entire Puppet run will be considered to  have
       failed, even though it might have performed work during the normal run.

       preferred_serialization_format ++++++++++++++++++++++++++++++

       The preferred means of serializing ruby instances for passing over  the
       wire.  This won't guarantee that all instances will be serialized using
       this method, since not all classes can be guaranteed  to  support  this
       format, but it will be used for all classes that support it.

       o   Default: pson

       prerun_command ++++++++++++++

       A  command  to  run  before  every agent run. If this command returns a
       non-zero return code, the entire Puppet run will fail.

       privatedir ++++++++++

       Where the client stores private certificate information.

       o   Default: $ssldir/private

       privatekeydir +++++++++++++

       The private key directory.

       o   Default: $ssldir/private_keys

       publickeydir ++++++++++++

       The public key directory.

       o   Default: $ssldir/public_keys

       puppetdlockfile +++++++++++++++

       A lock file to temporarily stop puppet agent from doing anything.

       o   Default: $statedir/puppetdlock

       puppetdlog ++++++++++

       The log file for puppet agent. This is generally not used.

       o   Default: $logdir/puppetd.log

       puppetport ++++++++++

       Which port puppet agent listens on.

       o   Default: 8139

       queue_source ++++++++++++

       Which type of queue to use for asynchronous processing. If  your  stomp
       server  requires  authentication, you can include it in the URI as long
       as your stomp client library is at least 1.1.1

       o   Default: stomp://localhost:61613/

       queue_type ++++++++++

       Which type of queue to use for asynchronous processing.

       o   Default: stomp

       rails_loglevel ++++++++++++++

       The log level for Rails connections. The value  must  be  a  valid  log
       level within Rails. Production environments normally use info and other
       environments normally use debug.

       o   Default: info

       railslog ++++++++

       Where Rails-specific logs are sent

       o   Default: $logdir/rails.log

       report ++++++

       Whether to send reports after every transaction.

       o   Default: false

       report_port +++++++++++

       The port to communicate with the report_server.

       o   Default: $masterport

       report_server +++++++++++++

       The server to which to send transaction reports.

       o   Default: $server

       reportdir +++++++++

       The directory in which to store reports received from the client.  Each
       client gets a separate subdirectory.

       o   Default: $vardir/reports

       reportfrom ++++++++++

       The 'from' email address for the reports.

       o   Default: report@pelin.members.linode.com

       reports +++++++

       The  list  of  reports  to  generate.  All  reports  are  looked for in
       puppet/reports/name.rb,   and   multiple   report   names   should   be
       comma-separated (whitespace is okay).

       o   Default: store

       reportserver ++++++++++++

       (Deprecated   for   'report_server')   The  server  to  which  to  send
       transaction reports.

       o   Default: $server

       reporturl +++++++++

       The URL used by the http reports processor to send reports

       o   Default: http://localhost:3000/reports

       req_bits ++++++++

       The bit length of the certificates.

       o   Default: 2048

       requestdir ++++++++++

       Where host certificate requests are stored.

       o   Default: $ssldir/certificate_requests

       rest_authconfig +++++++++++++++

       The configuration file that defines the rights to  the  different  rest
       indirections.  This  can be used as a fine-grained authorization system
       for puppet master.

       o   Default: $confdir/auth.conf

       rrddir ++++++

       The directory where RRD database files are stored. Directories for each
       reporting host will be created under this directory.

       o   Default: $vardir/rrd

       rrdinterval +++++++++++

       How often RRD should expect data. This should match how often the hosts
       report back to the server.

       o   Default: $runinterval

       run_mode ++++++++

       The effective 'run mode' of the application: master, agent, or user.

       o   Default: master

       rundir ++++++

       Where Puppet PID files are kept.

       o   Default: $vardir/run

       runinterval +++++++++++

       How often puppet agent applies the client configuration; in seconds.

       o   Default: 1800

       sendmail ++++++++

       Where to find the sendmail binary with which to send email.

       o   Default: /usr/sbin/sendmail

       serial ++++++

       Where the serial number for certificates is stored.

       o   Default: $cadir/serial

       server ++++++

       The server to which server puppet agent should connect

       o   Default: puppet

       server_datadir ++++++++++++++

       The directory  in  which  serialized  data  is  stored,  usually  in  a
       subdirectory.

       o   Default: $vardir/server_data

       servertype ++++++++++

       The  type of server to use. Currently supported options are webrick and
       mongrel. If you use mongrel, you will need a  proxy  in  front  of  the
       process or processes, since Mongrel cannot speak SSL.

       o   Default: webrick

       show_diff +++++++++

       Whether  to  print a contextual diff when files are being replaced. The
       diff is printed on stdout, so this option is meaningless unless you are
       running  Puppet  interactively.  This  feature  currently  requires the
       diff/lcs Ruby library.

       o   Default: false

       signeddir +++++++++

       Where the CA stores signed certificates.

       o   Default: $cadir/signed

       smtpserver ++++++++++

       The server through which to send email reports.

       o   Default: none

       splay +++++

       Whether to sleep for a pseudo-random (but consistent)  amount  of  time
       before a run.

       o   Default: false

       splaylimit ++++++++++

       The  maximum  time  to delay before runs. Defaults to being the same as
       the run interval.

       o   Default: $runinterval

       ssl_client_header +++++++++++++++++

       The header containing an authenticated client's SSL DN. Only used  with
       Mongrel.  This  header  must  be  set by the proxy to the authenticated
       client's    SSL    DN    (e.g.,     /CN=puppet.puppetlabs.com).     See
       http://projects.puppetlabs.com/projects/puppet/wiki/Using_Mongrel   for
       more information.

       o   Default: HTTP_X_CLIENT_DN

       ssl_client_verify_header ++++++++++++++++++++++++

       The header containing the status message of  the  client  verification.
       Only  used  with  Mongrel.  This  header  must  be  set by the proxy to
       'SUCCESS' if the client successfully authenticated, and  anything  else
       otherwise.                                                          See
       http://projects.puppetlabs.com/projects/puppet/wiki/Using_Mongrel   for
       more information.

       o   Default: HTTP_X_CLIENT_VERIFY

       ssldir ++++++

       Where SSL certificates are kept.

       o   Default: $confdir/ssl

       statedir ++++++++

       The  directory  where Puppet state is stored. Generally, this directory
       can be removed without  causing  harm  (although  it  might  result  in
       spurious service restarts).

       o   Default: $vardir/state

       statefile +++++++++

       Where  puppet  agent  and puppet master store state associated with the
       running configuration. In the case of puppet master, this file reflects
       the state discovered through interacting with clients.

       o   Default: $statedir/state.yaml

       storeconfigs ++++++++++++

       Whether   to   store   each   client's   configuration.  This  requires
       ActiveRecord from Ruby on Rails.

       o   Default: false

       strict_hostname_checking ++++++++++++++++++++++++

       Whether to only search for the  complete  hostname  as  it  is  in  the
       certificate when searching for node information in the catalogs.

       o   Default: false

       summarize +++++++++

       Whether to print a transaction summary.

       o   Default: false

       syslogfacility ++++++++++++++

       What  syslog facility to use when logging to syslog. Syslog has a fixed
       list of valid facilities, and you must choose one of those; you  cannot
       just make one up.

       o   Default: daemon

       tagmap ++++++

       The mapping between reporting tags and email addresses.

       o   Default: $confdir/tagmail.conf

       tags ++++

       Tags  to  use  to  find  resources. If this is set, then only resources
       tagged with  the  specified  tags  will  be  applied.  Values  must  be
       comma-separated.

       templatedir +++++++++++

       Where Puppet looks for template files. Can be a list of colon-seperated
       directories.

       o   Default: $vardir/templates

       thin_storeconfigs +++++++++++++++++

       Boolean; wether storeconfigs store in the database only the  facts  and
       exported  resources.  If  true,  then  storeconfigs performance will be
       higher and still allow exported/collected resources,  but  other  usage
       external to Puppet might not work

       o   Default: false

       trace +++++

       Whether to print stack traces on some errors

       o   Default: false

       use_cached_catalog ++++++++++++++++++

       Whether  to  only  use  the  cached catalog rather than compiling a new
       catalog on every run. Puppet can be run with this  enabled  by  default
       and then selectively disabled when a recompile is desired.

       o   Default: false

       usecacheonfailure +++++++++++++++++

       Whether  to  use the cached configuration when the remote configuration
       will not compile. This option is useful for testing new configurations,
       where you want to fix the broken configuration rather than reverting to
       a known-good one.

       o   Default: true

       user ++++

       The user puppet master should run as.

       o   Default: puppet

       vardir ++++++

       Where Puppet stores dynamic and growing  data.  The  default  for  this
       parameter is calculated specially, like confdir_.

       o   Default: /var/lib/puppet

       yamldir +++++++

       The  directory in which YAML data is stored, usually in a subdirectory.

       o   Default: $vardir/yaml

       zlib ++++

       Boolean; whether to use the zlib library

       o   Default: true

       This page autogenerated on Sat Aug 28 14:00:20 -0700 2010

                                  August 2010                    PUPPETCONF(5)