Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Format:
- # <classname>: false - don't include this class
- # <classname>: true - include and use the defaults
- # <classname>:
- # <param>: <value> - include and override the default(s)
- #
- # See params.pp in each class for what options are available
- ---
- certs:
- log_dir: /var/log/certs
- node_fqdn: katello-master.domain.internal
- cname: foreman-dev-webui.domain.internal
- generate: true
- regenerate: false
- regenerate_ca: false
- deploy: true
- ca_common_name: katello-master.domain.internal
- country: AU
- state: Western Australia
- city: Perth
- org: ORG
- org_unit: UNIT
- expiration: '7300'
- ca_expiration: '36500'
- server_cert: /root/ssl-doe-pki/katello-certs/katello-master/katello-master.domain.internal-cert.pem
- server_key: /root/ssl-doe-pki/katello-certs/katello-master/katello-master.domain.internal-key.pem
- server_cert_req: /root/ssl-doe-pki/katello-certs/katello-master/katello-master.domain.internal-csr.pem
- server_ca_cert: /root/ssl-doe-pki/katello-certs/testeducation-ca-chain.pem
- pki_dir: /etc/pki/katello
- ssl_build_dir: /root/ssl-build
- user: root
- group: foreman
- default_ca_name: katello-default-ca
- server_ca_name: katello-server-ca
- foreman:
- foreman_url: https://katello-master.domain.internal
- puppetrun: true
- unattended: true
- authentication: true
- passenger: true
- passenger_ruby: /usr/bin/tfm-ruby
- passenger_ruby_package: tfm-rubygem-passenger-native
- plugin_prefix: tfm-rubygem-foreman_
- use_vhost: true
- servername: katello-master.domain.internal
- serveraliases:
- - foreman
- ssl: true
- custom_repo: true
- repo: stable
- configure_epel_repo: false
- configure_scl_repo: false
- selinux:
- gpgcheck: true
- version: present
- plugin_version: present
- db_manage: false
- db_type: postgresql
- db_adapter: postgresql
- db_host: postgresql-host.domain.internal
- db_port: 5432
- db_database: foreman
- db_username: foreman
- db_password: 'Password'
- db_sslmode:
- db_root_cert:
- db_pool: 5
- db_manage_rake: true
- app_root: /usr/share/foreman
- manage_user: true
- user: foreman
- group: foreman
- user_groups:
- - puppet
- rails_env: production
- puppet_home: /var/lib/puppet
- puppet_ssldir: /etc/puppetlabs/puppet/ssl
- locations_enabled: true
- organizations_enabled: true
- passenger_interface:
- vhost_priority: '05'
- server_port: 80
- server_ssl_port: 443
- server_ssl_ca: /etc/pki/katello/certs/katello-default-ca.crt
- server_ssl_chain: /etc/pki/katello/certs/katello-server-ca.crt
- server_ssl_cert: /etc/pki/katello/certs/katello-apache.crt
- server_ssl_certs_dir: ''
- server_ssl_key: /etc/pki/katello/private/katello-apache.key
- server_ssl_crl: ''
- client_ssl_ca: /etc/foreman/proxy_ca.pem
- client_ssl_cert: /etc/foreman/client_cert.pem
- client_ssl_key: /etc/foreman/client_key.pem
- keepalive: true
- max_keepalive_requests: 10000
- keepalive_timeout: 5
- oauth_active: true
- oauth_map_users: false
- passenger_prestart: true
- passenger_min_instances: 1
- passenger_start_timeout: 600
- admin_username: admin
- admin_password: password
- admin_first_name:
- admin_last_name:
- admin_email:
- initial_organization: ORG
- initial_location: Office
- ipa_authentication: false
- http_keytab: /etc/httpd/conf/http.keytab
- pam_service: foreman
- ipa_manage_sssd: true
- websockets_encrypt: true
- websockets_ssl_key: /etc/pki/katello/private/katello-apache.key
- websockets_ssl_cert: /etc/pki/katello/certs/katello-apache.crt
- logging_level: info
- loggers: {}
- email_config_method: file
- email_conf: email.yaml
- email_source: email.yaml.erb
- email_delivery_method:
- email_smtp_address:
- email_smtp_port: 25
- email_smtp_domain:
- email_smtp_authentication: none
- email_smtp_user_name:
- email_smtp_password:
- dynflow_pool_size: 5
- foreman::cli:
- foreman_url: https://katello-master.domain.internal
- version: installed
- manage_root_config: true
- username:
- password:
- refresh_cache: false
- request_timeout: 120
- ssl_ca_file:
- hammer_plugin_prefix: tfm-rubygem-hammer_cli_
- foreman::compute::ec2: false
- foreman::compute::gce: false
- foreman::compute::libvirt:
- version: installed
- foreman::compute::openstack: false
- foreman::compute::ovirt: false
- foreman::compute::rackspace: false
- foreman::compute::vmware:
- version: installed
- foreman::plugin::ansible: false
- foreman::plugin::azure: {}
- foreman::plugin::bootdisk: false
- foreman::plugin::chef: false
- foreman::plugin::default_hostgroup: false
- foreman::plugin::discovery:
- install_images: false
- tftp_root: /var/lib/tftpboot
- source_url: http://downloads.theforeman.org/discovery/releases/3.4/
- image_name: fdi-image-latest.tar
- foreman::plugin::docker: {}
- foreman::plugin::hooks: false
- foreman::plugin::memcache:
- hosts:
- - memcached.domain.internal
- expires_in: 86400
- namespace: foreman
- compress: true
- foreman::plugin::openscap: false
- foreman::plugin::puppetdb: true
- foreman::plugin::remote_execution: {}
- foreman::plugin::setup: true
- foreman::plugin::tasks:
- package: tfm-rubygem-foreman-tasks
- service: foreman-tasks
- foreman::plugin::templates: {}
- foreman_proxy:
- repo: stable
- gpgcheck: true
- custom_repo: true
- version: present
- ensure_packages_version: present
- plugin_version: installed
- bind_host:
- - '*'
- http_port: 8000
- ssl_port: 9090
- dir: /usr/share/foreman-proxy
- user: foreman-proxy
- groups: []
- log: /var/log/foreman-proxy/proxy.log
- log_level: INFO
- log_buffer: 2000
- log_buffer_errors: 1000
- http: true
- ssl: true
- ssl_ca: /etc/foreman-proxy/ssl_ca.pem
- ssl_cert: /etc/foreman-proxy/ssl_cert.pem
- ssl_key: /etc/foreman-proxy/ssl_key.pem
- foreman_ssl_ca: /etc/foreman-proxy/foreman_ssl_ca.pem
- foreman_ssl_cert: /etc/foreman-proxy/foreman_ssl_cert.pem
- foreman_ssl_key: /etc/foreman-proxy/foreman_ssl_key.pem
- trusted_hosts:
- - katello-master.domain.internal
- ssl_disabled_ciphers: []
- manage_sudoersd: true
- use_sudoersd: true
- use_sudoers: true
- puppetca: true
- puppetca_listen_on: https
- ssldir: /etc/puppetlabs/puppet/ssl
- puppetdir: /etc/puppetlabs/puppet
- puppetca_cmd: /opt/puppetlabs/bin/puppet cert
- puppet_group: puppet
- autosignfile: /etc/puppetlabs/puppet/autosign.conf
- use_autosignfile: false
- manage_puppet_group: true
- puppet: false
- puppet_listen_on: https
- puppetrun_cmd: /opt/puppetlabs/bin/puppet kick
- puppetrun_provider:
- customrun_cmd: /bin/false
- customrun_args: -ay -f -s
- mcollective_user: root
- puppetssh_sudo: false
- puppetssh_command: /opt/puppetlabs/bin/puppet agent --onetime --no-usecacheonfailure
- puppetssh_user: root
- puppetssh_keyfile: /etc/foreman-proxy/id_rsa
- puppetssh_wait: false
- salt_puppetrun_cmd: puppet.run
- puppet_user: root
- puppet_url: https://katello-master.domain.internal:8140
- puppet_ssl_ca: /etc/puppetlabs/puppet/ssl/certs/ca.pem
- puppet_ssl_cert: /etc/puppetlabs/puppet/ssl/certs/katello-master.domain.internal.pem
- puppet_ssl_key: /etc/puppetlabs/puppet/ssl/private_keys/katello-master.domain.internal.pem
- puppet_use_environment_api:
- puppet_api_timeout: 30
- templates: true
- templates_listen_on: both
- template_url: http://katello-master.domain.internal:8000
- logs: true
- logs_listen_on: https
- tftp: true
- tftp_listen_on: https
- tftp_managed: true
- tftp_manage_wget: true
- tftp_syslinux_filenames:
- - /usr/share/syslinux/chain.c32
- - /usr/share/syslinux/mboot.c32
- - /usr/share/syslinux/menu.c32
- - /usr/share/syslinux/memdisk
- - /usr/share/syslinux/pxelinux.0
- tftp_root: /var/lib/tftpboot
- tftp_dirs:
- - /var/lib/tftpboot/pxelinux.cfg
- - /var/lib/tftpboot/grub
- - /var/lib/tftpboot/grub2
- - /var/lib/tftpboot/boot
- - /var/lib/tftpboot/ztp.cfg
- - /var/lib/tftpboot/poap.cfg
- tftp_servername: katello-master.domain.internal
- tftp_replace_grub2_cfg: false
- dhcp: false
- dhcp_listen_on: http
- dhcp_managed: false
- dhcp_provider: isc
- dhcp_subnets: []
- dhcp_option_domain:
- - domain.internal
- dhcp_search_domains:
- dhcp_interface: eth0
- dhcp_gateway: 192.168.100.1
- dhcp_range:
- dhcp_pxeserver:
- dhcp_nameservers: default
- dhcp_server: 127.0.0.1
- dhcp_config: /etc/dhcp/dhcpd.conf
- dhcp_leases: /var/lib/dhcpd/dhcpd.leases
- dhcp_key_name:
- dhcp_key_secret:
- dhcp_omapi_port: 7911
- dhcp_peer_address:
- dhcp_node_type: standalone
- dhcp_failover_address: 10.5.205.100
- dhcp_failover_port: 519
- dhcp_max_response_delay: 30
- dhcp_max_unacked_updates: 10
- dhcp_mclt: 300
- dhcp_load_split: 255
- dhcp_load_balance: 3
- dhcp_manage_acls: true
- dns: false
- dns_listen_on: https
- dns_managed: false
- dns_provider: nsupdate
- dns_interface: eth0
- dns_zone: domain.internal
- dns_reverse:
- dns_server: 127.0.0.1
- dns_ttl: 86400
- dns_tsig_keytab: /etc/foreman-proxy/dns.keytab
- dns_tsig_principal: foremanproxy/katello-master.domain.internal@domain.INTERNAL
- dns_forwarders: []
- libvirt_network: default
- libvirt_connection: qemu:///system
- bmc: false
- bmc_listen_on: https
- bmc_default_provider: ipmitool
- realm: false
- realm_split_config_files: false
- realm_listen_on: https
- realm_provider: freeipa
- realm_keytab: /etc/foreman-proxy/freeipa.keytab
- realm_principal: realm-proxy@EXAMPLE.COM
- freeipa_config: /etc/ipa/default.conf
- freeipa_remove_dns: true
- keyfile: /etc/rndc.key
- register_in_foreman: true
- foreman_base_url: https://katello-master.domain.internal
- registered_name: katello-master.domain.internal
- registered_proxy_url:
- oauth_effective_user: admin
- puppet_use_cache:
- foreman_proxy_content:
- parent_fqdn: katello-master.domain.internal
- certs_tar:
- pulp_master: true
- pulp_oauth_effective_user: admin
- pulp_oauth_key: katello
- pulp_max_speed:
- puppet: false
- reverse_proxy: false
- reverse_proxy_port: 8443
- rhsm_url: /rhsm
- qpid_router: true
- qpid_router_hub_addr: 0.0.0.0
- qpid_router_hub_port: 5646
- qpid_router_agent_addr: 0.0.0.0
- qpid_router_agent_port: 5647
- qpid_router_broker_addr: localhost
- qpid_router_broker_port: 5671
- qpid_router_logging_level: info+
- qpid_router_logging_path: /var/log/qdrouterd
- enable_ostree: false
- foreman_proxy::plugin::ansible: false
- foreman_proxy::plugin::chef: false
- foreman_proxy::plugin::dhcp::infoblox: false
- foreman_proxy::plugin::discovery: false
- foreman_proxy::plugin::dns::infoblox: false
- foreman_proxy::plugin::openscap: false
- foreman_proxy::plugin::pulp:
- enabled: true
- listen_on: https
- pulpnode_enabled: false
- version:
- group:
- pulp_url: https://katello-master.domain.internal/pulp
- pulp_dir: /var/lib/pulp
- pulp_content_dir: /var/lib/pulp/content
- puppet_content_dir: /etc/puppetlabs/code/environments
- mongodb_dir: /var/lib/mongodb
- foreman_proxy::plugin::remote_execution::ssh:
- enabled: true
- listen_on: https
- generate_keys: true
- install_key: true
- ssh_identity_dir: /usr/share/foreman-proxy/.ssh
- ssh_identity_file: id_rsa_foreman_proxy
- ssh_keygen: /usr/bin/ssh-keygen
- local_working_dir: /var/tmp
- remote_working_dir: /var/tmp
- ssh_kerberos_auth: false
- katello:
- user: foreman
- group: foreman
- user_groups:
- - foreman
- oauth_key: katello
- qpid_wcache_page_size: 4
- num_pulp_workers: 2
- max_tasks_per_pulp_worker: 2
- proxy_url: http://proxy-test.det.wa.edu.au
- proxy_port: 9020
- proxy_username:
- proxy_password:
- pulp_max_speed:
- cdn_ssl_version:
- package_names:
- - katello
- - tfm-rubygem-katello
- enable_ostree: false
- repo_export_dir: /var/lib/pulp/katello-export
- manage_repo: false
- repo_version: latest
- repo_gpgcheck: false
- repo_gpgkey:
- candlepin_db_host: postgresql-host.domain.internal
- candlepin_db_port: 5432
- candlepin_db_name: candlepin
- candlepin_db_user: candlepin
- candlepin_db_password: 'password'
- candlepin_db_ssl: false
- candlepin_db_ssl_verify: true
- candlepin_manage_db: false
- puppet:
- version: 5.5.1
- user: puppet
- group: puppet
- dir: /etc/puppetlabs/puppet
- codedir: /etc/puppetlabs/code
- vardir: /opt/puppetlabs/puppet/cache
- logdir: /var/log/puppetlabs/puppet
- rundir: /var/run/puppetlabs
- ssldir: /etc/puppetlabs/puppet/ssl
- sharedir: /opt/puppetlabs/puppet
- manage_packages: true
- dir_owner: root
- dir_group:
- package_provider:
- package_source:
- port: 8140
- listen: false
- listen_to: []
- pluginsync: true
- splay: false
- splaylimit: '1800'
- autosign: /etc/puppetlabs/puppet/autosign.conf
- autosign_entries: []
- autosign_mode: '0664'
- autosign_content:
- autosign_source:
- runinterval: 1800
- usecacheonfailure: true
- runmode: service
- unavailable_runmodes: []
- cron_cmd:
- systemd_cmd:
- agent_noop: false
- show_diff: false
- module_repository:
- configtimeout:
- ca_server: puppet-ca.domain.internal
- ca_port:
- ca_crl_filepath:
- prerun_command:
- postrun_command:
- dns_alt_names: []
- use_srv_records: false
- srv_domain: domain.internal
- pluginsource: puppet:///plugins
- pluginfactsource: puppet:///pluginfacts
- additional_settings: {}
- agent_additional_settings: {}
- agent_restart_command: /usr/bin/systemctl reload-or-restart puppet
- classfile: $statedir/classes.txt
- hiera_config: $confdir/hiera.yaml
- main_template: puppet/puppet.conf.erb
- agent_template: puppet/agent/puppet.conf.erb
- auth_template: puppet/auth.conf.erb
- allow_any_crl_auth: false
- auth_allowed:
- - $1
- client_package:
- - puppet-agent
- agent: true
- remove_lock: true
- client_certname: katello-master.domain.internal
- puppetmaster: puppetmaster.domain.internal
- systemd_unit_name: puppet-run
- service_name: puppet
- syslogfacility:
- environment: development
- server: false
- server_admin_api_whitelist:
- - localhost
- - katello-master.domain.internal
- server_user: puppet
- server_group: puppet
- server_dir: /etc/puppetlabs/puppet
- server_ip: 0.0.0.0
- server_port: 8140
- server_ca: false
- server_ca_crl_sync: false
- server_crl_enable:
- server_ca_auth_required: true
- server_ca_client_whitelist:
- - localhost
- - katello-master.domain.internal
- server_http: false
- server_http_port: 8139
- server_http_allow: []
- server_reports: foreman
- server_implementation: puppetserver
- server_passenger: false
- server_puppetserver_dir: /etc/puppetlabs/puppetserver
- server_puppetserver_vardir: /opt/puppetlabs/server/data/puppetserver
- server_puppetserver_rundir: /var/run/puppetlabs/puppetserver
- server_puppetserver_logdir: /var/log/puppetlabs/puppetserver
- server_puppetserver_version: 5.3.1
- server_service_fallback: true
- server_passenger_min_instances: 2
- server_passenger_pre_start: false
- server_passenger_ruby:
- server_httpd_service: httpd
- server_external_nodes: /etc/puppetlabs/puppet/node.rb
- server_template: puppet/server/puppet.conf.erb
- server_main_template: puppet/server/puppet.conf.main.erb
- server_cipher_suites:
- - TLS_RSA_WITH_AES_256_CBC_SHA256
- - TLS_RSA_WITH_AES_256_CBC_SHA
- - TLS_RSA_WITH_AES_128_CBC_SHA256
- - TLS_RSA_WITH_AES_128_CBC_SHA
- server_config_version:
- server_connect_timeout: 120000
- server_git_repo: false
- server_dynamic_environments: false
- server_directory_environments: true
- server_default_manifest: false
- server_default_manifest_path: /etc/puppet/manifests/default_manifest.pp
- server_default_manifest_content: ''
- server_environments:
- - development
- - production
- server_environments_owner: puppet
- server_environments_group:
- server_environments_mode: '0755'
- server_envs_dir: /etc/puppetlabs/code/environments
- server_envs_target:
- server_common_modules_path:
- - /etc/puppetlabs/code/environments/common
- - /etc/puppetlabs/code/modules
- - /opt/puppetlabs/puppet/modules
- server_git_repo_mode: '0755'
- server_git_repo_path: /opt/puppetlabs/puppet/cache/puppet.git
- server_git_repo_group: puppet
- server_git_repo_user: puppet
- server_git_branch_map: {}
- server_idle_timeout: 1200000
- server_post_hook_content: puppet/server/post-receive.erb
- server_post_hook_name: post-receive
- server_storeconfigs_backend:
- server_app_root: /etc/puppetlabs/puppet/rack
- server_ruby_load_paths:
- - /opt/puppetlabs/puppet/lib/ruby/vendor_ruby
- server_ssl_dir: /etc/puppetlabs/puppet/ssl
- server_ssl_dir_manage: true
- server_ssl_key_manage: true
- server_ssl_protocols:
- - TLSv1.2
- server_ssl_chain_filepath: /etc/puppetlabs/puppet/ssl/ca/ca_crt.pem
- server_package:
- server_version:
- server_certname: katello-master.domain.internal
- server_enc_api: v2
- server_report_api: v2
- server_request_timeout: 60
- server_ca_proxy: puppet-ca.domain.internal
- server_strict_variables: false
- server_additional_settings: {}
- server_rack_arguments: []
- server_foreman: true
- server_foreman_url: https://katello-master.domain.internal
- server_foreman_ssl_ca:
- server_foreman_ssl_cert:
- server_foreman_ssl_key:
- server_foreman_facts: true
- server_puppet_basedir: /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet
- server_puppetdb_host:
- server_puppetdb_port: 8081
- server_puppetdb_swf: false
- server_parser: current
- server_environment_timeout:
- server_jvm_java_bin: /usr/bin/java
- server_jvm_config: /etc/sysconfig/puppetserver
- server_jvm_min_heap_size: 2G
- server_jvm_max_heap_size: 2G
- server_jvm_extra_args: -XX:MaxPermSize=256m
- server_jruby_gem_home: /opt/puppetlabs/server/data/puppetserver/jruby-gems
- server_max_active_instances: 2
- server_max_requests_per_instance: 0
- server_use_legacy_auth_conf: false
- server_check_for_updates: true
- server_environment_class_cache_enabled: false
- server_allow_header_cert_info: false
- server_web_idle_timeout: 30000
- server_puppetserver_jruby9k: false
- server_puppetserver_metrics: false
- server_puppetserver_experimental: true
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement