Provided by: puppet-common_0.25.4-2ubuntu6_all bug

NAME

       Configuration Reference -

       This  page  is  autogenerated;  any  changes will get overwritten (last
       generated on Mon Feb 08 23:57:07 +1100 2010)

   Contents
       · Specifying Configuration Parameters

       · Signals

       · Configuration Parameter Reference

SPECIFYING CONFIGURATION PARAMETERS

   On The Command-Line
       Every Puppet executable (with the exception of puppetdoc)  accepts  all
       of  the  parameters  below, but not all of the arguments make sense for
       every executable.

       I have tried to be as thorough as possible in the descriptions  of  the
       arguments,  so  it should be obvious whether an argument is appropriate
       or not.

       These  parameters  can  be  supplied  to  the  executables  either   as
       command-line  options  or in the configuration file.  For instance, the
       command-line invocation below would set the configuration directory  to
       /private/puppet:

       $ puppetd --confdir=/private/puppet

       Note  that  boolean  options  are  turned  on  and  off with a slightly
       different syntax on the command line:

       $ puppetd --storeconfigs

       $ puppetd --no-storeconfigs

       The invocations  above  will  enable  and  disable,  respectively,  the
       storage of the client configuration.

   Configuration Files
       As  mentioned above, the configuration parameters can also be stored in
       a configuration file, located in the configuration directory.  As root,
       the  default  configuration  directory is /etc/puppet, and as a regular
       user, the default configuration  directory  is  ~user/.puppet.   As  of
       0.23.0,  all  executables  look  for puppet.conf in their configuration
       directory (although they previously looked for  separate  files).   For
       example,  puppet.conf is located at /etc/puppet/puppet.conf as root and
       ~user/.puppet/puppet.conf as a regular user by default.

       All executables will set any parameters set within  the  main  section,
       while  each  executable  will  also  look  for  a section named for the
       executable and load those parameters.  For example, puppetd  will  look
       for  a  section  named  puppetd,  and puppetmasterd looks for a section
       named puppetmasterd.  This allows you to  use  a  single  configuration
       file to customize the settings for all of your executables.

   File Format
       The  file  follows  INI-style formatting.  Here is an example of a very
       simple puppet.conf file:

       [main]
           confdir = /private/puppet
           storeconfigs = true

       Note that boolean parameters must be explicitly specified  as  true  or
       false as seen above.

       If  you need to change file parameters (e.g., reset the mode or owner),
       do so within curly braces on the same line:

       [main]
           myfile = /tmp/whatever {owner = root, mode = 644}

       If you're starting out with a fresh configuration, you may wish to  let
       the  executable  generate  a  template  configuration  file  for you by
       invoking the executable in question with the --genconfig command.   The
       executable  will  print  a  template  configuration to standard output,
       which can be redirected to a file like so:

       $ puppetd --genconfig > /etc/puppet/puppet.conf

       Note that this invocation will replace the contents of any pre-existing
       puppet.conf  file,  so  make  a  backup  of  your  present config if it
       contains valuable information.

       Like  the  --genconfig  argument,  the  executables   also   accept   a
       --genmanifest argument, which will generate a manifest that can be used
       to manage all of Puppet's  directories  and  files  and  prints  it  to
       standard output.  This can likewise be redirected to a file:

       $ puppetd --genmanifest > /etc/puppet/manifests/site.pp

       Puppet  can  also create user and group accounts for itself (one puppet
       group and one puppet user) if it is invoked as root with the  --mkusers
       argument:

       $ puppetd --mkusers

SIGNALS

       The  puppetd  and  puppetmasterd  executables  catch  some  signals for
       special handling.  Both daemons catch (SIGHUP), which forces the server
       to  restart  tself.   Predictably,  interrupt and terminate (SIGINT and
       SIGTERM) will shut down the  server,  whether  it  be  an  instance  of
       puppetd or puppetmasterd.

       Sending  the  SIGUSR1 signal to an instance of puppetd will cause it to
       immediately begin a new  configuration  transaction  with  the  server.
       This signal has no effect on puppetmasterd.

CONFIGURATION PARAMETER REFERENCE

       Below  is  a  list  of  all documented parameters.  Not all of them are
       valid with all Puppet executables, but the executables will ignore  any
       inappropriate values.

   async_storeconfigs
       Whether  to  use  a  queueing  system  to provide asynchronous database
       integration. Requires that puppetqd be running and that 'PSON'  support
       for ruby be installed.

       · Default: false

   authconfig
       The  configuration  file  that  defines  the  rights  to  the different
       namespaces  and  methods.   This  can  be  used  as  a   coarse-grained
       authorization system for both puppetd and puppetmasterd.

       · Default: $confdir/namespaceauth.conf

   autoflush
       Whether log files should always flush to disk.

       · Default: false

   autosign
       Whether to enable autosign.  Valid values are true (which autosigns any
       key request, and is a very bad idea), false (which never autosigns  any
       key  request),  and  the  path to a file, which uses that configuration
       file to determine which keys to sign.

       · Default: $confdir/autosign.conf

   bindaddress
       The address a listening server should bind to.  Mongrel servers default
       to 127.0.0.1 and WEBrick defaults to 0.0.0.0.

   bucketdir
       Where FileBucket files are stored.

       · Default: $vardir/bucket

   ca
       Wether the master should function as a certificate authority.

       · Default: true

   ca_days
       How  long  a certificate should be valid. This parameter is deprecated,
       use ca_ttl instead

   ca_md
       The type of hash used in certificates.

       · Default: md5

   ca_port
       The port to use for the certificate authority.

       · Default: $masterport

   ca_server
       The server to use for certificate authority requests.  It's a  separate
       server because it cannot and does not need to horizontally scale.

       · Default: $server

   ca_ttl
       The  default TTL for new certificates; valid values must be an integer,
       optionally followed by one of the units 'y' (years of  365  days),  'd'
       (days), 'h' (hours), or 's' (seconds). The unit defaults to seconds. If
       this parameter is set, ca_days is ignored.  Examples  are  '3600'  (one
       hour) and '1825d', which is the same as '5y' (5 years)

       · Default: 5y

   cacert
       The CA certificate.

       · Default: $cadir/ca_crt.pem

   cacrl
       The  certificate  revocation  list  (CRL)  for  the CA. Will be used if
       present but otherwise ignored.

       · Default: $cadir/ca_crl.pem

   cadir
       The root directory for the certificate authority.

       · Default: $ssldir/ca

   cakey
       The CA private key.

       · Default: $cadir/ca_key.pem

   capass
       Where the CA stores the password for the private key

       · Default: $caprivatedir/ca.pass

   caprivatedir
       Where the CA stores private certificate information.

       · Default: $cadir/private

   capub
       The CA public key.

       · Default: $cadir/ca_pub.pem

   casesensitive
       Whether  matching  in  case  statements   and   selectors   should   be
       case-sensitive.  Case insensitivity is handled by downcasing all values
       before comparison.

       · Default: false

   catalog_format
       (Deprecated for 'preferred_serialization_format') What format to use to
       dump the catalog.  Only supports 'marshal' and 'yaml'.  Only matters on
       the client, since it asks the server for a specific format.

   cert_inventory
       A Complete listing of all certificates

       · Default: $cadir/inventory.txt

   certdir
       The certificate directory.

       · Default: $ssldir/certs

   certdnsnames
       The DNS names on the Server certificate as a colon-separated  list.  If
       it's  anything  other than an empty string, it will be used as an alias
       in the created certificate.  By default, only the server gets an  alias
       set up, and only for 'puppet'.

   certname
       The  name  to  use  when  handling certificates.  Defaults to the fully
       qualified domain name.

       · Default: absinthe.lovedthanlost.net

   classfile
       The file in which puppetd stores a list of the classes associated  with
       the  retrieved  configuration.   Can  be  loaded in the separate puppet
       executable using the --loadclasses option.

       · Default: $statedir/classes.txt

   clientbucketdir
       Where FileBucket files are stored locally.

       · Default: $vardir/clientbucket

   clientyamldir
       The directory in which client-side YAML data is stored.

       · Default: $vardir/client_yaml

   code
       Code to parse directly.  This is essentially only used by  puppet,  and
       should only be set if you're writing your own Puppet executable

   color
       Whether  to  use  colors  when logging to the console. Valid values are
       ansi (equivalent to  true),  html  (mostly  used  during  testing  with
       TextMate), and false, which produces no color.

       · Default: ansi

   confdir
       The   main  Puppet  configuration  directory.   The  default  for  this
       parameter is calculated based on the user.  If the process is runnig as
       root  or the user that puppetmasterd is supposed to run as, it defaults
       to a system directory, but if  it's  running  as  any  other  user,  it
       defaults to being in ~.

       · Default: /etc/puppet

   config
       The configuration file for puppetdoc.

       · Default: $confdir/puppet.conf

   config_version
       How to determine the configuration version.  By default, it will be the
       time that the configuration is parsed, but  you  can  provide  a  shell
       script  to  override how the version is determined.  The output of this
       script will be added to every log message in the reports, allowing  you
       to correlate changes on your hosts to the source version on the server.

   configprint
       Print the value of a specific configuration parameter.  If a  parameter
       is  provided  for  this,  then  the  value is printed and puppet exits.
       Comma-separate multiple values.  For a  list  of  all  values,  specify
       'all'.   This  feature is only available in Puppet versions higher than
       0.18.4.

   configtimeout
       How long the client should wait for the configuration to  be  retrieved
       before  considering it a failure.  This can help reduce flapping if too
       many clients contact the server at one time.

       · Default: 120

   csrdir
       Where the CA stores certificate requests

       · Default: $cadir/requests

   daemonize
       Send the process into the background.  This is the default.

       · Default: true

   dbadapter
       The type of database to use.

       · Default: sqlite3

   dblocation
       The database cache for client configurations.  Used for querying within
       the language.

       · Default: $statedir/clientconfigs.sqlite3

   dbmigrate
       Whether to automatically migrate the database.

       · Default: false

   dbname
       The name of the database to use.

       · Default: puppet

   dbpassword
       The  database  password  for  Client  caching. Only used when networked
       databases are used.

       · Default: puppet

   dbserver
       The database server  for  Client  caching.  Only  used  when  networked
       databases are used.

       · Default: localhost

   dbsocket
       The  database  socket  location. Only used when networked databases are
       used.  Will be ignored if the value is an empty string.

   dbuser
       The  database  user  for  Client  caching.  Only  used  when  networked
       databases are used.

       · Default: puppet

   diff
       Which diff command to use when printing differences between files.

       · Default: diff

   diff_args
       Which  arguments  to pass to the diff command when printing differences
       between files.

       · Default: -u

   downcasefacts
       Whether facts should be made all lowercase when sent to the server.

       · Default: false

   dynamicfacts
       Facts that are dynamic; these  facts  will  be  ignored  when  deciding
       whether  changed  facts  should  result in a recompile.  Multiple facts
       should be comma-separated.

       · Default: memorysize,memoryfree,swapsize,swapfree

   environment
       The environment Puppet is running in.  For clients (e.g., puppetd) this
       determines  the  environment  itself, which is used to find modules and
       much more.  For servers (i.e., puppetmasterd) this provides the default
       environment for nodes we know nothing about.

       · Default: production

   evaltrace
       Whether  each  resource  should  log  when it is being evaluated.  This
       allows you to interactively see exactly what is being done.

       · Default: false

   external_nodes
       An external command that can produce node information.  The output must
       be  a  YAML  dump  of  a  hash,  and that hash must have one or both of
       classes and parameters, where classes is an array and parameters  is  a
       hash.  For unknown nodes, the commands should exit with a non-zero exit
       code. This command makes it straightforward to store your node  mapping
       information in other data sources like databases.

       · Default: none

   factdest
       Where  Puppet  should  store  facts that it pulls down from the central
       server.

       · Default: $vardir/facts/

   factpath
       Where Puppet should look for facts.   Multiple  directories  should  be
       colon-separated, like normal PATH variables.

       · Default: $vardir/facts/

   factsignore
       What files to ignore when pulling down facts.

       · Default: .svn CVS

   factsource
       From  where  to  retrieve facts.  The standard Puppet file type is used
       for retrieval, so anything that is a valid  file  source  can  be  used
       here.

       · Default: puppet://$server/facts/

   factsync
       Whether facts should be synced with the central server.

       · Default: false

   fileserverconfig
       Where the fileserver configuration is stored.

       · Default: $confdir/fileserver.conf

   filetimeout
       The  minimum  time to wait (in seconds) between checking for updates in
       configuration files.  This timeout determines how quickly Puppet checks
       whether a file (such as manifests or templates) has changed on disk.

       · Default: 15

   genconfig
       Whether  to  just print a configuration to stdout and exit.  Only makes
       sense when used interactively.  Takes into account arguments  specified
       on the CLI.

       · Default: false

   genmanifest
       Whether  to just print a manifest to stdout and exit.  Only makes sense
       when used interactively.  Takes into account arguments specified on the
       CLI.

       · Default: false

   graph
       Whether  to  create  dot  graph  files  for the different configuration
       graphs.  These dot files can be interpreted by tools  like  OmniGraffle
       or dot (which is part of ImageMagick).

       · Default: false

   graphdir
       Where to store dot-outputted graphs.

       · Default: $statedir/graphs

   group
       The group puppetmasterd should run as.

       · Default: puppet

   hostcert
       Where individual hosts store and look for their certificates.

       · Default: $certdir/$certname.pem

   hostcrl
       Where  the  host's  certificate  revocation  list can be found. This is
       distinct from the certificate authority's CRL.

       · Default: $ssldir/crl.pem

   hostcsr
       Where individual hosts store and look for their certificate requests.

       · Default: $ssldir/csr_$certname.pem

   hostprivkey
       Where individual hosts store and look for their private key.

       · Default: $privatekeydir/$certname.pem

   hostpubkey
       Where individual hosts store and look for their public key.

       · Default: $publickeydir/$certname.pem

   http_proxy_host
       The HTTP proxy host to use for outgoing  connections.   Note:  You  may
       need to use a FQDN for the server hostname when using a proxy.

       · Default: none

   http_proxy_port
       The HTTP proxy port to use for outgoing connections

       · Default: 3128

   httplog
       Where the puppetd web server logs.

       · Default: $logdir/http.log

   ignorecache
       Ignore  cache  and  always recompile the configuration.  This is useful
       for testing new configurations, where the local cache may  in  fact  be
       stale even if the timestamps are up to date - if the facts change or if
       the server changes.

       · Default: false

   ignoreimport
       A parameter that can be used in commit hooks, since it enables  you  to
       parse-check a single file rather than requiring that all files exist.

       · Default: false

   ignoreschedules
       Boolean;  whether  puppetd should ignore schedules.  This is useful for
       initial puppetd runs.

       · Default: false

   keylength
       The bit length of keys.

       · Default: 1024

   ldapattrs
       The LDAP attributes to include  when  querying  LDAP  for  nodes.   All
       returned  attributes  are  set  as  variables  in  the top-level scope.
       Multiple values should be comma-separated.  The value 'all' returns all
       attributes.

       · Default: all

   ldapbase
       The  search  base  for  LDAP  searches.   It's  impossible to provide a
       meaningful default here, although the LDAP  libraries  might  have  one
       already  set.  Generally, it should be the 'ou=Hosts' branch under your
       main directory.

   ldapclassattrs
       The LDAP attributes to use to define Puppet classes.  Values should  be
       comma-separated.

       · Default: puppetclass

   ldapnodes
       Whether   to   search   for   node   configurations   in   LDAP.    See
       http://reductivelabs.com/trac/puppet/wiki/LDAPNodes      for       more
       information.

       · Default: false

   ldapparentattr
       The attribute to use to define the parent node.

       · Default: parentnode

   ldappassword
       The password to use to connect to LDAP.

   ldapport
       The LDAP port.  Only used if ldapnodes is enabled.

       · Default: 389

   ldapserver
       The LDAP server.  Only used if ldapnodes is enabled.

       · Default: ldap

   ldapssl
       Whether  SSL should be used when searching for nodes. Defaults to false
       because SSL usually requires certificates to be set up  on  the  client
       side.

       · Default: false

   ldapstackedattrs
       The  LDAP  attributes  that  should  be stacked to arrays by adding the
       values in all  hierarchy  elements  of  the  tree.   Values  should  be
       comma-separated.

       · Default: puppetvar

   ldapstring
       The search string used to find an LDAP node.

       · Default: (&(objectclass=puppetClient)(cn=%s))

   ldaptls
       Whether  TLS should be used when searching for nodes. Defaults to false
       because TLS usually requires certificates to be set up  on  the  client
       side.

       · Default: false

   ldapuser
       The user to use to connect to LDAP.  Must be specified as a full DN.

   lexical
       Whether to use lexical scoping (vs. dynamic).

       · Default: false

   libdir
       An  extra  search path for Puppet.  This is only useful for those files
       that Puppet will load on demand, and is only  guaranteed  to  work  for
       those cases.  In fact, the autoload mechanism is responsible for making
       sure this directory is in Ruby's search path

       · Default: $vardir/lib

   listen
       Whether puppetd should listen for connections.  If this is  true,  then
       by  default  only  the  runner  server  is started, which allows remote
       authorized and authenticated nodes to connect and trigger puppetd runs.

       · Default: false

   localcacert
       Where each client stores the CA certificate.

       · Default: $certdir/ca.pem

   localconfig
       Where  puppetd caches the local configuration.  An extension indicating
       the cache format is added automatically.

       · Default: $statedir/localconfig

   logdir
       The Puppet log directory.

       · Default: $vardir/log

   manage_internal_file_permissions
       Whether Puppet should manage the owner, group, and mode  of  files   it
       uses internally

       · Default: true

   manifest
       The entry-point manifest for puppetmasterd.

       · Default: $manifestdir/site.pp

   manifestdir
       Where puppetmasterd looks for its manifests.

       · Default: $confdir/manifests

   masterhttplog
       Where the puppetmasterd web server logs.

       · Default: $logdir/masterhttp.log

   masterlog
       Where  puppetmasterd logs.  This is generally not used, since syslog is
       the default log destination.

       · Default: $logdir/puppetmaster.log

   masterport
       Which port puppetmasterd listens on.

       · Default: 8140

   maximum_uid
       The maximum allowed UID.  Some platforms use  negative  UIDs  but  then
       ship with tools that do not know how to handle signed ints, so the UIDs
       show up as huge numbers that can then not be fed back into the  system.
       This  is  a hackish way to fail in a slightly more useful way when that
       happens.

       · Default: 4294967290

   mkusers
       Whether to create the necessary user and group that  puppetd  will  run
       as.

       · Default: false

   modulepath
       The search path for modules as a colon-separated list of directories.

       · Default: $confdir/modules:/usr/share/puppet/modules

   name
       The  name  of  the  service,  if we are running as one.  The default is
       essentially $0 without the path or .rb.

       · Default: puppetdoc

   node_name
       How the puppetmaster determines the  client's  identity  and  sets  the
       'hostname',  'fqdn'  and  'domain'  facts  for  use in the manifest, in
       particular for  determining  which  'node'  statement  applies  to  the
       client.  Possible  values  are  'cert'  (use  the  subject's  CN in the
       client's certificate) and 'facter' (use the hostname  that  the  client
       reported in its facts)

       · Default: cert

   node_terminus
       Where to find information about nodes.

       · Default: plain

   noop
       Whether puppetd should be run in noop mode.

       · Default: false

   paramcheck
       Whether to validate parameters during parsing.

       · Default: true

   parseonly
       Just check the syntax of the manifests.

       · Default: false

   passfile
       Where  puppetd  stores  the  password  for  its  private key. Generally
       unused.

       · Default: $privatedir/password

   path
       The shell search path.  Defaults to  whatever  is  inherited  from  the
       parent process.

       · Default: none

   pidfile
       The pid file

       · Default: $rundir/$name.pid

   plugindest
       Where  Puppet  should store plugins that it pulls down from the central
       server.

       · Default: $libdir

   pluginsignore
       What files to ignore when pulling down plugins.

       · Default: .svn CVS .git

   pluginsource
       From where to retrieve plugins.  The standard Puppet file type is  used
       for  retrieval,  so  anything  that  is a valid file source can be used
       here.

       · Default: puppet://$server/plugins

   pluginsync
       Whether plugins should be synced with the central server.

       · Default: false

   postrun_command
       A command to run after every agent run.   If  this  command  returns  a
       non-zero  return code, the entire Puppet run will be considered to have
       failed, even though it might have performed work during the normal run.

   preferred_serialization_format
       The  preferred means of serializing ruby instances for passing over the
       wire.  This won't guarantee that all instances will be serialized using
       this  method,  since  not all classes can be guaranteed to support this
       format, but it will be used for all classes that support it.

       · Default: pson

   prerun_command
       A command to run before every agent run.  If  this  command  returns  a
       non-zero return code, the entire Puppet run will fail.

   privatedir
       Where the client stores private certificate information.

       · Default: $ssldir/private

   privatekeydir
       The private key directory.

       · Default: $ssldir/private_keys

   publickeydir
       The public key directory.

       · Default: $ssldir/public_keys

   puppetdlockfile
       A lock file to temporarily stop puppetd from doing anything.

       · Default: $statedir/puppetdlock

   puppetdlog
       The log file for puppetd.  This is generally not used.

       · Default: $logdir/puppetd.log

   puppetport
       Which port puppetd listens on.

       · Default: 8139

   queue_source
       Which  type of queue to use for asynchronous processing.  If your stomp
       server requires authentication, you can include it in the URI  as  long
       as your stomp client library is at least 1.1.1

       · Default: stomp://localhost:61613/

   queue_type
       Which type of queue to use for asynchronous processing.

       · Default: stomp

   rails_loglevel
       The  log  level  for  Rails connections.  The value must be a valid log
       level within Rails.  Production  environments  normally  use  info  and
       other environments normally use debug.

       · Default: info

   railslog
       Where Rails-specific logs are sent

       · Default: $logdir/rails.log

   report
       Whether to send reports after every transaction.

       · Default: false

   report_port
       The port to communicate with the report_server.

       · Default: $masterport

   report_server
       The server to which to send transaction reports.

       · Default: $server

   reportdir
       The directory in which to store reports received from the client.  Each
       client gets a separate subdirectory.

       · Default: $vardir/reports

   reportfrom
       The 'from' email address for the reports.

       · Default: report@absinthe.lovedthanlost.net

   reports
       The list of reports  to  generate.   All  reports  are  looked  for  in
       puppet/reports/<name>.rb,   and   multiple   report   names  should  be
       comma-separated (whitespace is okay).

       · Default: store

   reportserver
       (Deprecated  for  'report_server')  The  server  to   which   to   send
       transaction reports.

       · Default: $server

   req_bits
       The bit length of the certificates.

       · Default: 2048

   requestdir
       Where host certificate requests are stored.

       · Default: $ssldir/certificate_requests

   rest_authconfig
       The  configuration  file  that defines the rights to the different rest
       indirections.  This can be used as a fine-grained authorization  system
       for puppetmasterd.

       · Default: $confdir/auth.conf

   rrddir
       The directory where RRD database files are stored. Directories for each
       reporting host will be created under this directory.

       · Default: $vardir/rrd

   rrdinterval
       How often RRD should expect data. This should match how often the hosts
       report back to the server.

       · Default: $runinterval

   rundir
       Where Puppet PID files are kept.

       · Default: $vardir/run

   runinterval
       How often puppetd applies the client configuration; in seconds.

       · Default: 1800

   sendmail
       Where to find the sendmail binary with which to send email.

       · Default: /usr/sbin/sendmail

   serial
       Where the serial number for certificates is stored.

       · Default: $cadir/serial

   server
       The server to which server puppetd should connect

       · Default: puppet

   servertype
       The type of server to use.  Currently supported options are webrick and
       mongrel.  If you use mongrel, you will need a proxy  in  front  of  the
       process or processes, since Mongrel cannot speak SSL.

       · Default: webrick

   show_diff
       Whether  to print a contextual diff when files are being replaced.  The
       diff is printed on stdout, so this option is meaningless unless you are
       running  Puppet  interactively.  This  feature  currently  requires the
       diff/lcs Ruby library.

       · Default: false

   signeddir
       Where the CA stores signed certificates.

       · Default: $cadir/signed

   smtpserver
       The server through which to send email reports.

       · Default: none

   splay
       Whether to sleep for a pseudo-random (but consistent)  amount  of  time
       before a run.

       · Default: false

   splaylimit
       The  maximum  time to delay before runs.  Defaults to being the same as
       the run interval.

       · Default: $runinterval

   ssl_client_header
       The header containing an authenticated client's SSL DN.  Only used with
       Mongrel.   This  header  must  be set by the proxy to the authenticated
       client's   SSL    DN    (e.g.,    /CN=puppet.reductivelabs.com).    See
       http://reductivelabs.com/puppet/trac/wiki/UsingMongrel     for     more
       information.

       · Default: HTTP_X_CLIENT_DN

   ssl_client_verify_header
       The header containing the status message of  the  client  verification.
       Only  used  with  Mongrel.   This  header  must  be set by the proxy to
       'SUCCESS' if the client successfully authenticated, and  anything  else
       otherwise.  See  http://reductivelabs.com/puppet/trac/wiki/UsingMongrel
       for more information.

       · Default: HTTP_X_CLIENT_VERIFY

   ssldir
       Where SSL certificates are kept.

       · Default: $confdir/ssl

   statedir
       The directory where Puppet state is stored.  Generally, this  directory
       can  be  removed  without  causing  harm  (although  it might result in
       spurious service restarts).

       · Default: $vardir/state

   statefile
       Where puppetd and puppetmasterd store state associated with the running
       configuration.   In  the  case of puppetmasterd, this file reflects the
       state discovered through interacting with clients.

       · Default: $statedir/state.yaml

   storeconfigs
       Whether  to  store  each   client's   configuration.    This   requires
       ActiveRecord from Ruby on Rails.

       · Default: false

   strict_hostname_checking
       Whether  to  only  search  for  the  complete  hostname as it is in the
       certificate when searching for node information in the catalogs.

       · Default: false

   summarize
       Whether to print a transaction summary.

       · Default: false

   syslogfacility
       What syslog facility to use when logging to syslog.  Syslog has a fixed
       list  of valid facilities, and you must choose one of those; you cannot
       just make one up.

       · Default: daemon

   tagmap
       The mapping between reporting tags and email addresses.

       · Default: $confdir/tagmail.conf

   tags
       Tags to use to find resources.  If this is  set,  then  only  resources
       tagged  with  the  specified  tags  will  be  applied.  Values  must be
       comma-separated.

   templatedir
       Where  Puppet  looks  for  template  files.    Can   be   a   list   of
       colon-seperated directories.

       · Default: $vardir/templates

   thin_storeconfigs
       Boolean;  wether  storeconfigs store in the database only the facts and
       exported resources. If true,  then  storeconfigs  performance  will  be
       higher  and  still  allow exported/collected resources, but other usage
       external to Puppet might not work

       · Default: false

   trace
       Whether to print stack traces on some errors

       · Default: false

   typecheck
       Whether to validate types during parsing.

       · Default: true

   usecacheonfailure
       Whether to use the cached configuration when the  remote  configuration
       will   not   compile.    This   option   is   useful  for  testing  new
       configurations, where you want to fix the broken  configuration  rather
       than reverting to a known-good one.

       · Default: true

   user
       The user puppetmasterd should run as.

       · Default: puppet

   vardir
       Where  Puppet  stores  dynamic  and growing data.  The default for this
       parameter is calculated specially, like confdir.

       · Default: /var/puppet

   yamldir
       The directory in which YAML data is stored, usually in a  subdirectory.

       · Default: $vardir/yaml

   zlib
       Boolean; whether to use the zlib library

       · Default: true

                                         ----

         This page autogenerated on Mon Feb 08 23:57:07 +1100 2010

                                                      CONFIGURATION(REFERENCE)