Provided by: puppet-common_2.6.1-0ubuntu2_all bug

This  page  is autogenerated; any changes will get overwritten (last generated
on Sat Aug 28 14:00:20 -0700 2010)

       {:toc}

Specifying Configuration Parameters

       On The Command-Line +++++++++++++++++++ Every Puppet  executable  (with
       the  exception  of  puppetdoc) accepts all of the parameters below, but
       not all of the arguments make sense for every executable.

       I have tried to be as thorough as possible in the descriptions  of  the
       arguments,  so  it should be obvious whether an argument is appropriate
       or not.

       These  parameters  can  be  supplied  to  the  executables  either   as
       command-line  options  or  in the configuration file. For instance, the
       command-line invocation below would set the configuration directory  to
       /private/puppet:

           $ puppet agent --confdir=/private/puppet

       Note  that  boolean  options  are  turned  on  and  off with a slightly
       different syntax on the command line:

           $ puppet agent --storeconfigs

           $ puppet agent --no-storeconfigs

       The invocations  above  will  enable  and  disable,  respectively,  the
       storage of the client configuration.

       Configuration Files +++++++++++++++++++

       As  mentioned above, the configuration parameters can also be stored in
       a configuration file, located in the configuration directory. As  root,
       the  default  configuration  directory is /etc/puppet, and as a regular
       user, the default  configuration  directory  is  ~user/.puppet.  As  of
       0.23.0,  all  executables  look  for puppet.conf in their configuration
       directory (although they previously looked  for  separate  files).  For
       example,  puppet.conf is located at /etc/puppet/puppet.conf as root and
       ~user/.puppet/puppet.conf as a regular user by default.

       All executables will set any parameters set within the [main]  section,
       and each executable will also use one of the [master], [agent].

       File Format '''''''''''

       The  file  follows  INI-style  formatting. Here is an example of a very
       simple puppet.conf file:

           [main]
             confdir = /private/puppet
             storeconfigs = true

       Note that boolean parameters must be explicitly specified  as  true  or
       false as seen above.

       If  you need to change file parameters (e.g., reset the mode or owner),
       do so within curly braces on the same line:

           [main]
             myfile = /tmp/whatever {owner = root, mode = 644}

       If you're starting out with a fresh configuration, you may wish to  let
       the  executable  generate  a  template  configuration  file  for you by
       invoking the executable in question with the --genconfig  command.  The
       executable  will  print  a  template  configuration to standard output,
       which can be redirected to a file like so:

           $ puppet agent --genconfig > /etc/puppet/puppet.conf

       Note that this invocation will replace the contents of any pre-existing
       puppet.conf  file,  so  make  a  backup  of  your  present config if it
       contains valuable information.

       Like  the  --genconfig  argument,  the  executables   also   accept   a
       --genmanifest argument, which will generate a manifest that can be used
       to manage all of Puppet's  directories  and  files  and  prints  it  to
       standard output. This can likewise be redirected to a file:

           $ puppet agent --genmanifest > /etc/puppet/manifests/site.pp

       Puppet  can  also create user and group accounts for itself (one puppet
       group and one puppet user) if it is invoked as root with the  --mkusers
       argument:

           $ puppet agent --mkusers

Signals

       The  puppet  agent and puppet master executables catch some signals for
       special handling. Both daemons catch (SIGHUP), which forces the  server
       to  restart  tself.  Predictably,  interrupt  and terminate (SIGINT and
       SIGTERM) will shut down the server, whether it be an instance of puppet
       agent or puppet master.

       Sending the SIGUSR1 signal to an instance of puppet agent will cause it
       to immediately begin a new configuration transaction with  the  server.
       This signal has no effect on puppet master.

Configuration Parameter Reference

       Below is a list of all documented parameters. Not all of them are valid
       with all Puppet  executables,  but  the  executables  will  ignore  any
       inappropriate values.

       async_storeconfigs ++++++++++++++++++

       Whether  to  use  a  queueing  system  to provide asynchronous database
       integration. Requires that puppetqd be running and that 'PSON'  support
       for ruby be installed.

       o   Default: false

       authconfig ++++++++++

       The  configuration  file  that  defines  the  rights  to  the different
       namespaces  and  methods.  This  can  be  used  as   a   coarse-grained
       authorization system for both puppet agent and puppet master.

       o   Default: $confdir/namespaceauth.conf

       autoflush +++++++++

       Whether log files should always flush to disk.

       o   Default: false

       autosign ++++++++

       Whether  to enable autosign. Valid values are true (which autosigns any
       key request, and is a very bad idea), false (which never autosigns  any
       key  request),  and  the  path to a file, which uses that configuration
       file to determine which keys to sign.

       o   Default: $confdir/autosign.conf

       bindaddress +++++++++++

       The address a listening server should bind to. Mongrel servers  default
       to 127.0.0.1 and WEBrick defaults to 0.0.0.0.

       bucketdir +++++++++

       Where FileBucket files are stored.

       o   Default: $vardir/bucket

       ca ++

       Wether the master should function as a certificate authority.

       o   Default: true

       ca_days +++++++

       How  long  a certificate should be valid. This parameter is deprecated,
       use ca_ttl instead

       ca_md +++++

       The type of hash used in certificates.

       o   Default: md5

       ca_name +++++++

       The name to use the Certificate Authority certificate.

       o   Default: $certname

       ca_port +++++++

       The port to use for the certificate authority.

       o   Default: $masterport

       ca_server +++++++++

       The server to use for certificate authority requests. It's  a  separate
       server because it cannot and does not need to horizontally scale.

       o   Default: $server

       ca_ttl ++++++

       The  default TTL for new certificates; valid values must be an integer,
       optionally followed by one of the units 'y' (years of  365  days),  'd'
       (days), 'h' (hours), or 's' (seconds). The unit defaults to seconds. If
       this parameter is set, ca_days is ignored.  Examples  are  '3600'  (one
       hour) and '1825d', which is the same as '5y' (5 years)

       o   Default: 5y

       cacert ++++++

       The CA certificate.

       o   Default: $cadir/ca_crt.pem

       cacrl +++++

       The  certificate  revocation  list  (CRL)  for  the CA. Will be used if
       present but otherwise ignored.

       o   Default: $cadir/ca_crl.pem

       cadir +++++

       The root directory for the certificate authority.

       o   Default: $ssldir/ca

       cakey +++++

       The CA private key.

       o   Default: $cadir/ca_key.pem

       capass ++++++

       Where the CA stores the password for the private key

       o   Default: $caprivatedir/ca.pass

       caprivatedir ++++++++++++

       Where the CA stores private certificate information.

       o   Default: $cadir/private

       capub +++++

       The CA public key.

       o   Default: $cadir/ca_pub.pem

       catalog_format ++++++++++++++

       (Deprecated for 'preferred_serialization_format') What format to use to
       dump  the  catalog. Only supports 'marshal' and 'yaml'. Only matters on
       the client, since it asks the server for a specific format.

       catalog_terminus ++++++++++++++++

       Where to get node catalogs. This is useful to change if, for  instance,
       you'd  like to pre-compile catalogs and store them in memcached or some
       other easily-accessed store.

       o   Default: compiler

       cert_inventory ++++++++++++++

       A Complete listing of all certificates

       o   Default: $cadir/inventory.txt

       certdir +++++++

       The certificate directory.

       o   Default: $ssldir/certs

       certdnsnames ++++++++++++

       The DNS names on the Server certificate as a colon-separated  list.  If
       it's  anything  other than an empty string, it will be used as an alias
       in the created certificate. By default, only the server gets  an  alias
       set up, and only for 'puppet'.

       certificate_revocation ++++++++++++++++++++++

       Whether  certificate  revocation  should  be supported by downloading a
       Certificate Revocation List  (CRL)  to  all  clients.  If  enabled,  CA
       chaining will almost definitely not work.

       o   Default: true

       certname ++++++++

       The  name  to  use  when  handling  certificates. Defaults to the fully
       qualified domain name.

       o   Default: pelin.members.linode.com

       classfile +++++++++

       The file in which puppet agent stores a list of the classes  associated
       with  the retrieved configuration. Can be loaded in the separate puppet
       executable using the --loadclasses option.

       o   Default: $statedir/classes.txt

       client_datadir ++++++++++++++

       The directory in which serialized data is stored on the client.

       o   Default: $vardir/client_data

       clientbucketdir +++++++++++++++

       Where FileBucket files are stored locally.

       o   Default: $vardir/clientbucket

       clientyamldir +++++++++++++

       The directory in which client-side YAML data is stored.

       o   Default: $vardir/client_yaml

       code ++++

       Code to parse directly. This is essentially only used  by  puppet,  and
       should only be set if you're writing your own Puppet executable

       color +++++

       Whether  to  use  colors  when logging to the console. Valid values are
       ansi (equivalent to  true),  html  (mostly  used  during  testing  with
       TextMate), and false, which produces no color.

       o   Default: ansi

       confdir +++++++

       The main Puppet configuration directory. The default for this parameter
       is calculated based on the user. If the process is running as  root  or
       the  user  that  puppet  master is supposed to run as, it defaults to a
       system directory, but if it's running as any other user, it defaults to
       being in ~.

       o   Default: /etc/puppet

       config ++++++

       The configuration file for doc.

       o   Default: $confdir/puppet.conf

       config_version ++++++++++++++

       How  to determine the configuration version. By default, it will be the
       time that the configuration is parsed, but  you  can  provide  a  shell
       script  to  override  how the version is determined. The output of this
       script will be added to every log message in the reports, allowing  you
       to correlate changes on your hosts to the source version on the server.

       configprint +++++++++++

       Print  the  value of a specific configuration parameter. If a parameter
       is provided for this, then the  value  is  printed  and  puppet  exits.
       Comma-separate  multiple  values.  For  a  list  of all values, specify
       'all'. This feature is only available in Puppet  versions  higher  than
       0.18.4.

       configtimeout +++++++++++++

       How  long  the client should wait for the configuration to be retrieved
       before considering it a failure. This can help reduce flapping  if  too
       many clients contact the server at one time.

       o   Default: 120

       couchdb_url +++++++++++

       The url where the puppet couchdb database will be created

       o   Default: http://127.0.0.1:5984/puppet

       csrdir ++++++

       Where the CA stores certificate requests

       o   Default: $cadir/requests

       daemonize +++++++++

       Send the process into the background. This is the default.

       o   Default: true

       dbadapter +++++++++

       The type of database to use.

       o   Default: sqlite3

       dbconnections +++++++++++++

       The  number of database connections. Only used when networked databases
       are used. Will be ignored if the value is an empty string  or  is  less
       than 1.

       o   Default: 0

       dblocation ++++++++++

       The  database cache for client configurations. Used for querying within
       the language.

       o   Default: $statedir/clientconfigs.sqlite3

       dbmigrate +++++++++

       Whether to automatically migrate the database.

       o   Default: false

       dbname ++++++

       The name of the database to use.

       o   Default: puppet

       dbpassword ++++++++++

       The database password for caching. Only used when  networked  databases
       are used.

       o   Default: puppet

       dbport ++++++

       The  database  password for caching. Only used when networked databases
       are used.

       dbserver ++++++++

       The database server for caching. Only used when networked databases are
       used.

       o   Default: localhost

       dbsocket ++++++++

       The  database  socket  location. Only used when networked databases are
       used. Will be ignored if the value is an empty string.

       dbuser ++++++

       The database user for caching. Only used when networked  databases  are
       used.

       o   Default: puppet

       diff ++++

       Which diff command to use when printing differences between files.

       o   Default: diff

       diff_args +++++++++

       Which  arguments  to pass to the diff command when printing differences
       between files.

       o   Default: -u

       downcasefacts +++++++++++++

       Whether facts should be made all lowercase when sent to the server.

       o   Default: false

       dynamicfacts ++++++++++++

       Facts that are dynamic; these  facts  will  be  ignored  when  deciding
       whether  changed  facts  should  result  in a recompile. Multiple facts
       should be comma-separated.

       o   Default: memorysize,memoryfree,swapsize,swapfree

       environment +++++++++++

       The environment Puppet is running in. For clients (e.g., puppet  agent)
       this  determines  the environment itself, which is used to find modules
       and much more. For servers (i.e.,  puppet  master)  this  provides  the
       default environment for nodes we know nothing about.

       o   Default: production

       evaltrace +++++++++

       Whether  each  resource  should  log  when  it is being evaluated. This
       allows you to interactively see exactly what is being done.

       o   Default: false

       external_nodes ++++++++++++++

       An external command that can produce node information. The output  must
       be  a  YAML  dump  of  a  hash,  and that hash must have one or both of
       classes and parameters, where classes is an array and parameters  is  a
       hash.  For unknown nodes, the commands should exit with a non-zero exit
       code. This command makes it straightforward to store your node  mapping
       information in other data sources like databases.

       o   Default: none

       factdest ++++++++

       Where  Puppet  should  store  facts that it pulls down from the central
       server.

       o   Default: $vardir/facts/

       factpath ++++++++

       Where Puppet should look for  facts.  Multiple  directories  should  be
       colon-separated, like normal PATH variables.

       o   Default: $vardir/lib/facter:$vardir/facts

       facts_terminus ++++++++++++++

       The node facts terminus.

       o   Default: facter

       factsignore +++++++++++

       What files to ignore when pulling down facts.

       o   Default: .svn CVS

       factsource ++++++++++

       From where to retrieve facts. The standard Puppet file type is used for
       retrieval, so anything that is a valid file source can be used here.

       o   Default: puppet://$server/facts/

       factsync ++++++++

       Whether facts should be synced with the central server.

       o   Default: false

       fileserverconfig ++++++++++++++++

       Where the fileserver configuration is stored.

       o   Default: $confdir/fileserver.conf

       filetimeout +++++++++++

       The minimum time to wait (in seconds) between checking for  updates  in
       configuration  files. This timeout determines how quickly Puppet checks
       whether a file (such as manifests or templates) has changed on disk.

       o   Default: 15

       freeze_main +++++++++++

       Freezes the 'main' class, disallowing any code to be added to it.  This
       essentially  means  that  you  can't  have  any code outside of a node,
       class, or definition other than in the site manifest.

       o   Default: false

       genconfig +++++++++

       Whether to just print a configuration to stdout and  exit.  Only  makes
       sense  when  used interactively. Takes into account arguments specified
       on the CLI.

       o   Default: false

       genmanifest +++++++++++

       Whether to just print a manifest to stdout and exit. Only  makes  sense
       when  used interactively. Takes into account arguments specified on the
       CLI.

       o   Default: false

       graph +++++

       Whether to create dot  graph  files  for  the  different  configuration
       graphs. These dot files can be interpreted by tools like OmniGraffle or
       dot (which is part of ImageMagick).

       o   Default: false

       graphdir ++++++++

       Where to store dot-outputted graphs.

       o   Default: $statedir/graphs

       group +++++

       The group puppet master should run as.

       o   Default: puppet

       hostcert ++++++++

       Where individual hosts store and look for their certificates.

       o   Default: $certdir/$certname.pem

       hostcrl +++++++

       Where the host's certificate revocation list  can  be  found.  This  is
       distinct from the certificate authority's CRL.

       o   Default: $ssldir/crl.pem

       hostcsr +++++++

       Where individual hosts store and look for their certificate requests.

       o   Default: $ssldir/csr_$certname.pem

       hostprivkey +++++++++++

       Where individual hosts store and look for their private key.

       o   Default: $privatekeydir/$certname.pem

       hostpubkey ++++++++++

       Where individual hosts store and look for their public key.

       o   Default: $publickeydir/$certname.pem

       http_compression ++++++++++++++++

       Allow  http  compression  in  REST  communication with the master. This
       setting might improve performance for agent  ->  master  communications
       over slow WANs. Your puppetmaster needs to support compression (usually
       by activating  some  settings  in  a  reverse-proxy  in  front  of  the
       puppetmaster, which rules out webrick). It is harmless to activate this
       settings if your master doesn't support compression, but if it supports
       it, this setting might reduce performance on high-speed LANs.

       o   Default: false

       http_proxy_host +++++++++++++++

       The HTTP proxy host to use for outgoing connections. Note: You may need
       to use a FQDN for the server hostname when using a proxy.

       o   Default: none

       http_proxy_port +++++++++++++++

       The HTTP proxy port to use for outgoing connections

       o   Default: 3128

       httplog +++++++

       Where the puppet agent web server logs.

       o   Default: $logdir/http.log

       ignorecache +++++++++++

       Ignore cache and always recompile the configuration. This is useful for
       testing  new configurations, where the local cache may in fact be stale
       even if the timestamps are up to date - if the facts change or  if  the
       server changes.

       o   Default: false

       ignoreimport ++++++++++++

       A  parameter  that can be used in commit hooks, since it enables you to
       parse-check a single file rather than requiring that all files exist.

       o   Default: false

       ignoreschedules +++++++++++++++

       Boolean; whether puppet agent should ignore schedules. This  is  useful
       for initial puppet agent runs.

       o   Default: false

       keylength +++++++++

       The bit length of keys.

       o   Default: 1024

       ldapattrs +++++++++

       The  LDAP  attributes  to  include  when  querying  LDAP for nodes. All
       returned attributes are  set  as  variables  in  the  top-level  scope.
       Multiple  values should be comma-separated. The value 'all' returns all
       attributes.

       o   Default: all

       ldapbase ++++++++

       The search base  for  LDAP  searches.  It's  impossible  to  provide  a
       meaningful  default  here,  although  the LDAP libraries might have one
       already set. Generally, it should be the 'ou=Hosts' branch  under  your
       main directory.

       ldapclassattrs ++++++++++++++

       The  LDAP  attributes to use to define Puppet classes. Values should be
       comma-separated.

       o   Default: puppetclass

       ldapnodes +++++++++

       Whether   to   search   for   node   configurations   in   LDAP.    See
       http://projects.puppetlabs.com/projects/puppet/wiki/LDAP_Nodes for more
       information.

       o   Default: false

       ldapparentattr ++++++++++++++

       The attribute to use to define the parent node.

       o   Default: parentnode

       ldappassword ++++++++++++

       The password to use to connect to LDAP.

       ldapport ++++++++

       The LDAP port. Only used if ldapnodes is enabled.

       o   Default: 389

       ldapserver ++++++++++

       The LDAP server. Only used if ldapnodes is enabled.

       o   Default: ldap

       ldapssl +++++++

       Whether SSL should be used when searching for nodes. Defaults to  false
       because  SSL  usually  requires certificates to be set up on the client
       side.

       o   Default: false

       ldapstackedattrs ++++++++++++++++

       The LDAP attributes that should be stacked  to  arrays  by  adding  the
       values  in  all  hierarchy  elements  of  the  tree.  Values  should be
       comma-separated.

       o   Default: puppetvar

       ldapstring ++++++++++

       The search string used to find an LDAP node.

       o   Default: (&(objectclass=puppetClient)(cn=%s))

       ldaptls +++++++

       Whether TLS should be used when searching for nodes. Defaults to  false
       because  TLS  usually  requires certificates to be set up on the client
       side.

       o   Default: false

       ldapuser ++++++++

       The user to use to connect to LDAP. Must be specified as a full DN.

       lexical +++++++

       Whether to use lexical scoping (vs. dynamic).

       o   Default: false

       libdir ++++++

       An extra search path for Puppet. This is only useful  for  those  files
       that  Puppet  will  load  on demand, and is only guaranteed to work for
       those cases. In fact, the autoload mechanism is responsible for  making
       sure this directory is in Ruby's search path

       o   Default: $vardir/lib

       listen ++++++

       Whether  puppet  agent  should listen for connections. If this is true,
       then by default only the runner server is started, which allows  remote
       authorized  and authenticated nodes to connect and trigger puppet agent
       runs.

       o   Default: false

       localcacert +++++++++++

       Where each client stores the CA certificate.

       o   Default: $certdir/ca.pem

       localconfig +++++++++++

       Where  puppet  agent  caches  the  local  configuration.  An  extension
       indicating the cache format is added automatically.

       o   Default: $statedir/localconfig

       logdir ++++++

       The Puppet log directory.

       o   Default: $vardir/log

       manage_internal_file_permissions ++++++++++++++++++++++++++++++++

       Whether  Puppet  should  manage  the owner, group, and mode of files it
       uses internally

       o   Default: true

       manifest ++++++++

       The entry-point manifest for puppet master.

       o   Default: $manifestdir/site.pp

       manifestdir +++++++++++

       Where puppet master looks for its manifests.

       o   Default: $confdir/manifests

       masterhttplog +++++++++++++

       Where the puppet master web server logs.

       o   Default: $logdir/masterhttp.log

       masterlog +++++++++

       Where puppet master logs. This is generally not used, since  syslog  is
       the default log destination.

       o   Default: $logdir/puppetmaster.log

       masterport ++++++++++

       Which port puppet master listens on.

       o   Default: 8140

       maximum_uid +++++++++++

       The maximum allowed UID. Some platforms use negative UIDs but then ship
       with tools that do not know how to handle signed ints, so the UIDs show
       up  as huge numbers that can then not be fed back into the system. This
       is a hackish way to fail in  a  slightly  more  useful  way  when  that
       happens.

       o   Default: 4294967290

       mkusers +++++++

       Whether  to  create the necessary user and group that puppet agent will
       run as.

       o   Default: false

       modulepath ++++++++++

       The search path for modules as a colon-separated list of directories.

       o   Default: $confdir/modules:/usr/share/puppet/modules

       name ++++

       The name of the application, if we are running as one. The  default  is
       essentially $0 without the path or .rb.

       o   Default: doc

       node_name +++++++++

       How  the  puppetmaster  determines  the  client's identity and sets the
       'hostname', 'fqdn' and 'domain' facts  for  use  in  the  manifest,  in
       particular  for  determining  which  'node'  statement  applies  to the
       client. Possible values  are  'cert'  (use  the  subject's  CN  in  the
       client's  certificate)  and  'facter' (use the hostname that the client
       reported in its facts)

       o   Default: cert

       node_terminus +++++++++++++

       Where to find information about nodes.

       o   Default: plain

       noop ++++

       Whether puppet agent should be run in noop mode.

       o   Default: false

       onetime +++++++

       Run the configuration once, rather than as a long-running daemon.  This
       is useful for interactively running puppetd.

       o   Default: false

       parseonly +++++++++

       Just check the syntax of the manifests.

       o   Default: false

       passfile ++++++++

       Where  puppet  agent stores the password for its private key. Generally
       unused.

       o   Default: $privatedir/password

       path ++++

       The shell search path. Defaults  to  whatever  is  inherited  from  the
       parent process.

       o   Default: none

       pidfile +++++++

       The pid file

       o   Default: $rundir/$name.pid

       plugindest ++++++++++

       Where  Puppet  should store plugins that it pulls down from the central
       server.

       o   Default: $libdir

       pluginsignore +++++++++++++

       What files to ignore when pulling down plugins.

       o   Default: .svn CVS .git

       pluginsource ++++++++++++

       From where to retrieve plugins. The standard Puppet file type  is  used
       for  retrieval,  so  anything  that  is a valid file source can be used
       here.

       o   Default: puppet://$server/plugins

       pluginsync ++++++++++

       Whether plugins should be synced with the central server.

       o   Default: false

       postrun_command +++++++++++++++

       A command to run after every agent  run.  If  this  command  returns  a
       non-zero  return code, the entire Puppet run will be considered to have
       failed, even though it might have performed work during the normal run.

       preferred_serialization_format ++++++++++++++++++++++++++++++

       The preferred means of serializing ruby instances for passing over  the
       wire.  This won't guarantee that all instances will be serialized using
       this method, since not all classes can be guaranteed  to  support  this
       format, but it will be used for all classes that support it.

       o   Default: pson

       prerun_command ++++++++++++++

       A  command  to  run  before  every agent run. If this command returns a
       non-zero return code, the entire Puppet run will fail.

       privatedir ++++++++++

       Where the client stores private certificate information.

       o   Default: $ssldir/private

       privatekeydir +++++++++++++

       The private key directory.

       o   Default: $ssldir/private_keys

       publickeydir ++++++++++++

       The public key directory.

       o   Default: $ssldir/public_keys

       puppetdlockfile +++++++++++++++

       A lock file to temporarily stop puppet agent from doing anything.

       o   Default: $statedir/puppetdlock

       puppetdlog ++++++++++

       The log file for puppet agent. This is generally not used.

       o   Default: $logdir/puppetd.log

       puppetport ++++++++++

       Which port puppet agent listens on.

       o   Default: 8139

       queue_source ++++++++++++

       Which type of queue to use for asynchronous processing. If  your  stomp
       server  requires  authentication, you can include it in the URI as long
       as your stomp client library is at least 1.1.1

       o   Default: stomp://localhost:61613/

       queue_type ++++++++++

       Which type of queue to use for asynchronous processing.

       o   Default: stomp

       rails_loglevel ++++++++++++++

       The log level for Rails connections. The value  must  be  a  valid  log
       level within Rails. Production environments normally use info and other
       environments normally use debug.

       o   Default: info

       railslog ++++++++

       Where Rails-specific logs are sent

       o   Default: $logdir/rails.log

       report ++++++

       Whether to send reports after every transaction.

       o   Default: false

       report_port +++++++++++

       The port to communicate with the report_server.

       o   Default: $masterport

       report_server +++++++++++++

       The server to which to send transaction reports.

       o   Default: $server

       reportdir +++++++++

       The directory in which to store reports received from the client.  Each
       client gets a separate subdirectory.

       o   Default: $vardir/reports

       reportfrom ++++++++++

       The 'from' email address for the reports.

       o   Default: report@pelin.members.linode.com

       reports +++++++

       The  list  of  reports  to  generate.  All  reports  are  looked for in
       puppet/reports/name.rb,   and   multiple   report   names   should   be
       comma-separated (whitespace is okay).

       o   Default: store

       reportserver ++++++++++++

       (Deprecated   for   'report_server')   The  server  to  which  to  send
       transaction reports.

       o   Default: $server

       reporturl +++++++++

       The URL used by the http reports processor to send reports

       o   Default: http://localhost:3000/reports

       req_bits ++++++++

       The bit length of the certificates.

       o   Default: 2048

       requestdir ++++++++++

       Where host certificate requests are stored.

       o   Default: $ssldir/certificate_requests

       rest_authconfig +++++++++++++++

       The configuration file that defines the rights to  the  different  rest
       indirections.  This  can be used as a fine-grained authorization system
       for puppet master.

       o   Default: $confdir/auth.conf

       rrddir ++++++

       The directory where RRD database files are stored. Directories for each
       reporting host will be created under this directory.

       o   Default: $vardir/rrd

       rrdinterval +++++++++++

       How often RRD should expect data. This should match how often the hosts
       report back to the server.

       o   Default: $runinterval

       run_mode ++++++++

       The effective 'run mode' of the application: master, agent, or user.

       o   Default: master

       rundir ++++++

       Where Puppet PID files are kept.

       o   Default: $vardir/run

       runinterval +++++++++++

       How often puppet agent applies the client configuration; in seconds.

       o   Default: 1800

       sendmail ++++++++

       Where to find the sendmail binary with which to send email.

       o   Default: /usr/sbin/sendmail

       serial ++++++

       Where the serial number for certificates is stored.

       o   Default: $cadir/serial

       server ++++++

       The server to which server puppet agent should connect

       o   Default: puppet

       server_datadir ++++++++++++++

       The directory  in  which  serialized  data  is  stored,  usually  in  a
       subdirectory.

       o   Default: $vardir/server_data

       servertype ++++++++++

       The  type of server to use. Currently supported options are webrick and
       mongrel. If you use mongrel, you will need a  proxy  in  front  of  the
       process or processes, since Mongrel cannot speak SSL.

       o   Default: webrick

       show_diff +++++++++

       Whether  to  print a contextual diff when files are being replaced. The
       diff is printed on stdout, so this option is meaningless unless you are
       running  Puppet  interactively.  This  feature  currently  requires the
       diff/lcs Ruby library.

       o   Default: false

       signeddir +++++++++

       Where the CA stores signed certificates.

       o   Default: $cadir/signed

       smtpserver ++++++++++

       The server through which to send email reports.

       o   Default: none

       splay +++++

       Whether to sleep for a pseudo-random (but consistent)  amount  of  time
       before a run.

       o   Default: false

       splaylimit ++++++++++

       The  maximum  time  to delay before runs. Defaults to being the same as
       the run interval.

       o   Default: $runinterval

       ssl_client_header +++++++++++++++++

       The header containing an authenticated client's SSL DN. Only used  with
       Mongrel.  This  header  must  be  set by the proxy to the authenticated
       client's    SSL    DN    (e.g.,     /CN=puppet.puppetlabs.com).     See
       http://projects.puppetlabs.com/projects/puppet/wiki/Using_Mongrel   for
       more information.

       o   Default: HTTP_X_CLIENT_DN

       ssl_client_verify_header ++++++++++++++++++++++++

       The header containing the status message of  the  client  verification.
       Only  used  with  Mongrel.  This  header  must  be  set by the proxy to
       'SUCCESS' if the client successfully authenticated, and  anything  else
       otherwise.                                                          See
       http://projects.puppetlabs.com/projects/puppet/wiki/Using_Mongrel   for
       more information.

       o   Default: HTTP_X_CLIENT_VERIFY

       ssldir ++++++

       Where SSL certificates are kept.

       o   Default: $confdir/ssl

       statedir ++++++++

       The  directory  where Puppet state is stored. Generally, this directory
       can be removed without  causing  harm  (although  it  might  result  in
       spurious service restarts).

       o   Default: $vardir/state

       statefile +++++++++

       Where  puppet  agent  and puppet master store state associated with the
       running configuration. In the case of puppet master, this file reflects
       the state discovered through interacting with clients.

       o   Default: $statedir/state.yaml

       storeconfigs ++++++++++++

       Whether   to   store   each   client's   configuration.  This  requires
       ActiveRecord from Ruby on Rails.

       o   Default: false

       strict_hostname_checking ++++++++++++++++++++++++

       Whether to only search for the  complete  hostname  as  it  is  in  the
       certificate when searching for node information in the catalogs.

       o   Default: false

       summarize +++++++++

       Whether to print a transaction summary.

       o   Default: false

       syslogfacility ++++++++++++++

       What  syslog facility to use when logging to syslog. Syslog has a fixed
       list of valid facilities, and you must choose one of those; you  cannot
       just make one up.

       o   Default: daemon

       tagmap ++++++

       The mapping between reporting tags and email addresses.

       o   Default: $confdir/tagmail.conf

       tags ++++

       Tags  to  use  to  find  resources. If this is set, then only resources
       tagged with  the  specified  tags  will  be  applied.  Values  must  be
       comma-separated.

       templatedir +++++++++++

       Where Puppet looks for template files. Can be a list of colon-seperated
       directories.

       o   Default: $vardir/templates

       thin_storeconfigs +++++++++++++++++

       Boolean; wether storeconfigs store in the database only the  facts  and
       exported  resources.  If  true,  then  storeconfigs performance will be
       higher and still allow exported/collected resources,  but  other  usage
       external to Puppet might not work

       o   Default: false

       trace +++++

       Whether to print stack traces on some errors

       o   Default: false

       use_cached_catalog ++++++++++++++++++

       Whether  to  only  use  the  cached catalog rather than compiling a new
       catalog on every run. Puppet can be run with this  enabled  by  default
       and then selectively disabled when a recompile is desired.

       o   Default: false

       usecacheonfailure +++++++++++++++++

       Whether  to  use the cached configuration when the remote configuration
       will not compile. This option is useful for testing new configurations,
       where you want to fix the broken configuration rather than reverting to
       a known-good one.

       o   Default: true

       user ++++

       The user puppet master should run as.

       o   Default: puppet

       vardir ++++++

       Where Puppet stores dynamic and growing  data.  The  default  for  this
       parameter is calculated specially, like confdir_.

       o   Default: /var/lib/puppet

       yamldir +++++++

       The directory in which YAML data is stored, usually in a subdirectory.

       o   Default: $vardir/yaml

       zlib ++++

       Boolean; whether to use the zlib library

       o   Default: true

       This page autogenerated on Sat Aug 28 14:00:20 -0700 2010

                                  August 2010                    PUPPETCONF(5)