Skip to content

Instantly share code, notes, and snippets.

@mccun934

mccun934/help.bash

Created May 17, 2022 19:23
Show Gist options
  • Save mccun934/2fe841fb599fd8539098e46e926bde8c to your computer and use it in GitHub Desktop.
Save mccun934/2fe841fb599fd8539098e46e926bde8c to your computer and use it in GitHub Desktop.
Download ZIP
Raw
help.bash
# satellite-installer --full-help
Usage:
satellite-installer [OPTIONS]
Options:
= Generic:
--[no-]lock-package-versions Let installer lock versions of the installed packages to prevent
unexpected breakages during system updates. The choice is remembered
and used in next installer runs. (default: nil)
--reset-data This option will drop all databases for Foreman and subsequent backend systems. You will lose all data!
Unfortunately, we can't detect a failure, so you should verify success manually.
Dropping can fail when the DB is in use. (default: false)
--detailed-exitcodes Provide transaction information via exit codes, see puppet-agent(8)
for full details. (default: false)
--tuning INSTALLATION_SIZE Tune for an installation size. Choices: default, medium, large, extra-large, extra-extra-large (default: "default")
--disable-system-checks This option will skip the system checks for memory. (default: false)
--certs-update-server This option will enforce an update of the HTTPS certificates (default: false)
--certs-update-server-ca This option will enforce an update of the CA used for HTTPS certificates. (default: false)
--certs-update-all This option will enforce an update of all the certificates for given host (default: false)
--certs-reset This option will reset any custom certificates and use the self-signed CA instead. Note that any clients will need to be updated with the latest katello-ca-consumer RPM, and any external proxies will need to have the certs updated by generating a new certs tarball. (default: false)
--certs-skip-check This option will cause skipping the certificates sanity check. Use with caution (default: false)
--register-with-insights This option will register the system with Red Hat Insights. (default: false)
--[no-]colors Use color output on STDOUT (default: true)
--color-of-background COLOR Your terminal background is :bright or :dark (default: :dark)
--dont-save-answers Skip saving answers to '/etc/foreman-installer/scenarios.d/satellite-answers.yaml'? (default: nil)
--ignore-undocumented Ignore inconsistent parameter documentation (default: nil)
-i, --interactive Run in interactive mode
--log-level LEVEL Log level for log file output (default: "DEBUG")
-n, --noop Run puppet in noop mode? (default: false)
-p, --profile Run puppet in profile mode? (default: false)
-s, --skip-checks-i-know-better Skip all system checks (default: false)
--skip-puppet-version-check Skip check for compatible Puppet versions (default: false)
-v, --[no-]verbose Display log on STDOUT instead of progressbar (default: true)
-l, --verbose-log-level LEVEL Log level for log based terminal output.
The available levels are
ERROR - Only show errors which prevented the installer from completing successfully.
WARN - Deprecation warnings and other information users may want to be aware of.
NOTICE - High level information about installer execution and progress.
INFO - More detailed information about execution and progress. Also shows when the installer makes a change to system configuration.
DEBUG - Show all information about execution, including configuration items where no change was needed. (default: "notice")
-S, --scenario SCENARIO Use installation scenario
--disable-scenario SCENARIO Disable installation scenario
--enable-scenario SCENARIO Enable installation scenario
--list-scenarios List available installation scenarios
--force Force change of installation scenario
--compare-scenarios Show changes between last used scenario and the scenario specified with -S or --scenario argument
--migrations-only Apply migrations to a selected scenario and exit
--[no-]parser-cache Force use or bypass of Puppet module parser cache
-h, --help print help
--full-help print complete help
--[no-]enable-certs Enable 'certs' puppet module (default: true)
--[no-]enable-foreman Enable 'foreman' puppet module (default: true)
--[no-]enable-foreman-cli Enable 'foreman_cli' puppet module (default: true)
--[no-]enable-foreman-cli-ansible Enable 'foreman_cli_ansible' puppet module (default: true)
--[no-]enable-foreman-cli-azure Enable 'foreman_cli_azure' puppet module (default: true)
--[no-]enable-foreman-cli-katello Enable 'foreman_cli_katello' puppet module (default: true)
--[no-]enable-foreman-cli-kubevirt Enable 'foreman_cli_kubevirt' puppet module (default: false)
--[no-]enable-foreman-cli-puppet Enable 'foreman_cli_puppet' puppet module (default: false)
--[no-]enable-foreman-cli-remote-execution Enable 'foreman_cli_remote_execution' puppet module (default: true)
--[no-]enable-foreman-cli-virt-who-configure Enable 'foreman_cli_virt_who_configure' puppet module (default: true)
--[no-]enable-foreman-cli-webhooks Enable 'foreman_cli_webhooks' puppet module (default: true)
--[no-]enable-foreman-compute-ec2 Enable 'foreman_compute_ec2' puppet module (default: false)
--[no-]enable-foreman-compute-gce Enable 'foreman_compute_gce' puppet module (default: false)
--[no-]enable-foreman-compute-libvirt Enable 'foreman_compute_libvirt' puppet module (default: false)
--[no-]enable-foreman-compute-openstack Enable 'foreman_compute_openstack' puppet module (default: false)
--[no-]enable-foreman-compute-ovirt Enable 'foreman_compute_ovirt' puppet module (default: false)
--[no-]enable-foreman-compute-vmware Enable 'foreman_compute_vmware' puppet module (default: false)
--[no-]enable-foreman-plugin-ansible Enable 'foreman_plugin_ansible' puppet module (default: true)
--[no-]enable-foreman-plugin-azure Enable 'foreman_plugin_azure' puppet module (default: true)
--[no-]enable-foreman-plugin-bootdisk Enable 'foreman_plugin_bootdisk' puppet module (default: false)
--[no-]enable-foreman-plugin-discovery Enable 'foreman_plugin_discovery' puppet module (default: true)
--[no-]enable-foreman-plugin-host-reports Enable 'foreman_plugin_host_reports' puppet module (default: false)
--[no-]enable-foreman-plugin-kubevirt Enable 'foreman_plugin_kubevirt' puppet module (default: false)
--[no-]enable-foreman-plugin-leapp Enable 'foreman_plugin_leapp' puppet module (default: true)
--[no-]enable-foreman-plugin-openscap Enable 'foreman_plugin_openscap' puppet module (default: true)
--[no-]enable-foreman-plugin-puppet Enable 'foreman_plugin_puppet' puppet module (default: false)
--[no-]enable-foreman-plugin-remote-execution Enable 'foreman_plugin_remote_execution' puppet module (default: true)
--[no-]enable-foreman-plugin-remote-execution-cockpit Enable 'foreman_plugin_remote_execution_cockpit' puppet module (default: false)
--[no-]enable-foreman-plugin-rh-cloud Enable 'foreman_plugin_rh_cloud' puppet module (default: true)
--[no-]enable-foreman-plugin-tasks Enable 'foreman_plugin_tasks' puppet module (default: true)
--[no-]enable-foreman-plugin-templates Enable 'foreman_plugin_templates' puppet module (default: true)
--[no-]enable-foreman-plugin-virt-who-configure Enable 'foreman_plugin_virt_who_configure' puppet module (default: true)
--[no-]enable-foreman-plugin-webhooks Enable 'foreman_plugin_webhooks' puppet module (default: true)
--[no-]enable-foreman-proxy Enable 'foreman_proxy' puppet module (default: true)
--[no-]enable-foreman-proxy-content Enable 'foreman_proxy_content' puppet module (default: true)
--[no-]enable-foreman-proxy-plugin-ansible Enable 'foreman_proxy_plugin_ansible' puppet module (default: true)
--[no-]enable-foreman-proxy-plugin-dhcp-infoblox Enable 'foreman_proxy_plugin_dhcp_infoblox' puppet module (default: false)
--[no-]enable-foreman-proxy-plugin-dhcp-remote-isc Enable 'foreman_proxy_plugin_dhcp_remote_isc' puppet module (default: false)
--[no-]enable-foreman-proxy-plugin-discovery Enable 'foreman_proxy_plugin_discovery' puppet module (default: true)
--[no-]enable-foreman-proxy-plugin-dns-infoblox Enable 'foreman_proxy_plugin_dns_infoblox' puppet module (default: false)
--[no-]enable-foreman-proxy-plugin-openscap Enable 'foreman_proxy_plugin_openscap' puppet module (default: true)
--[no-]enable-foreman-proxy-plugin-remote-execution-ssh Enable 'foreman_proxy_plugin_remote_execution_ssh' puppet module (default: true)
--[no-]enable-foreman-proxy-plugin-reports Enable 'foreman_proxy_plugin_reports' puppet module (default: false)
--[no-]enable-foreman-proxy-plugin-shellhooks Enable 'foreman_proxy_plugin_shellhooks' puppet module (default: false)
--[no-]enable-katello Enable 'katello' puppet module (default: true)
--[no-]enable-puppet Enable 'puppet' puppet module (default: false)
= Module certs:
== Advanced:
--certs-ca-common-name Common name for the generated CA certificate (current: "sat-r220-07.lab.eng.rdu2.redhat.com")
--reset-certs-ca-common-name Reset ca_common_name to the default value ("sat-r220-07.lab.eng.rdu2.redhat.com")
--certs-ca-expiration CA expiration attribute for managed certificates (current: "36500")
--reset-certs-ca-expiration Reset ca_expiration to the default value ("36500")
--certs-city City attribute for managed certificates (current: "Raleigh")
--reset-certs-city Reset city to the default value ("Raleigh")
--certs-country Country attribute for managed certificates (current: "US")
--reset-certs-country Reset country to the default value ("US")
--certs-default-ca-name The name of the default CA (current: "katello-default-ca")
--reset-certs-default-ca-name Reset default_ca_name to the default value ("katello-default-ca")
--certs-deploy Deploy the certs on the configured system. False means
we want to apply it to a different system (current: true)
--reset-certs-deploy Reset deploy to the default value (true)
--certs-expiration Expiration attribute for managed certificates (current: "7300")
--reset-certs-expiration Reset expiration to the default value ("7300")
--certs-generate Should the generation of the certs be part of the
configuration (current: true)
--reset-certs-generate Reset generate to the default value (true)
--certs-group The group who should own the certs (current: "foreman")
--reset-certs-group Reset group to the default value ("root")
--certs-org Org attribute for managed certificates (current: "Katello")
--reset-certs-org Reset org to the default value ("Katello")
--certs-org-unit Org unit attribute for managed certificates (current: "SomeOrgUnit")
--reset-certs-org-unit Reset org_unit to the default value ("SomeOrgUnit")
--certs-pki-dir The PKI directory under which to place certs (current: "/etc/pki/katello")
--reset-certs-pki-dir Reset pki_dir to the default value ("/etc/pki/katello")
--certs-regenerate Force regeneration of the certificates (excluding
CA certificates) (current: false)
--reset-certs-regenerate Reset regenerate to the default value (false)
--certs-server-ca-name The name of the server CA (used for https) (current: "katello-server-ca")
--reset-certs-server-ca-name Reset server_ca_name to the default value ("katello-server-ca")
--certs-ssl-build-dir The directory where SSL keys, certs and RPMs will be generated (current: "/root/ssl-build")
--reset-certs-ssl-build-dir Reset ssl_build_dir to the default value ("/root/ssl-build")
--certs-state State attribute for managed certificates (current: "North Carolina")
--reset-certs-state Reset state to the default value ("North Carolina")
--certs-user The system user name who should own the certs (current: "root")
--reset-certs-user Reset user to the default value ("root")
== Basic:
--certs-cname The alternative names of the host the generated certificates
should be for (current: [])
--reset-certs-cname Reset cname to the default value ([])
--certs-node-fqdn The fqdn of the host the generated certificates
should be for (current: "sat-r220-07.lab.eng.rdu2.redhat.com")
--reset-certs-node-fqdn Reset node_fqdn to the default value ("sat-r220-07.lab.eng.rdu2.redhat.com")
--certs-server-ca-cert Path to the CA that issued the ssl certificates for https
if not specified, the default CA will be used (current: UNDEF)
--reset-certs-server-ca-cert Reset server_ca_cert to the default value (UNDEF)
--certs-server-cert Path to the ssl certificate for https
if not specified, the default CA will generate one (current: UNDEF)
--reset-certs-server-cert Reset server_cert to the default value (UNDEF)
--certs-server-cert-req Path to the ssl certificate request for https
if not specified, the default CA will generate one (current: UNDEF)
--reset-certs-server-cert-req Reset server_cert_req to the default value (UNDEF)
--certs-server-key Path to the ssl key for https
if not specified, the default CA will generate one (current: UNDEF)
--reset-certs-server-key Reset server_key to the default value (UNDEF)
--certs-tar-file Use a tarball with certificates rather than generate
new ones. This can be used on another node which is
not the CA. (current: UNDEF)
--reset-certs-tar-file Reset tar_file to the default value (UNDEF)
= Module foreman:
== Advanced:
--foreman-apache Configure Apache as a reverse proxy for the Foreman server (current: true)
--reset-foreman-apache Reset apache to the default value (true)
--foreman-client-ssl-ca Defines the SSL CA used to communicate with Foreman Proxies (current: "/etc/foreman/proxy_ca.pem")
--reset-foreman-client-ssl-ca Reset client_ssl_ca to the default value ("/etc/puppetlabs/puppet/ssl/certs/ca.pem")
--foreman-client-ssl-cert Defines the SSL certificate used to communicate with Foreman Proxies (current: "/etc/foreman/client_cert.pem")
--reset-foreman-client-ssl-cert Reset client_ssl_cert to the default value ("/etc/puppetlabs/puppet/ssl/certs/sat-r220-07.lab.eng.rdu2.redhat.com.pem")
--foreman-client-ssl-key Defines the SSL private key used to communicate with Foreman Proxies (current: "/etc/foreman/client_key.pem")
--reset-foreman-client-ssl-key Reset client_ssl_key to the default value ("/etc/puppetlabs/puppet/ssl/private_keys/sat-r220-07.lab.eng.rdu2.redhat.com.pem")
--foreman-cors-domains List of domains that show be allowed for Cross-Origin Resource Sharing (current: [])
--reset-foreman-cors-domains Reset cors_domains to the default value ([])
--foreman-db-database Database 'production' database (e.g. foreman) (current: UNDEF)
--reset-foreman-db-database Reset db_database to the default value (UNDEF)
--foreman-db-host Database 'production' host (current: UNDEF)
--reset-foreman-db-host Reset db_host to the default value (UNDEF)
--foreman-db-manage-rake if enabled, will run rake jobs, which depend on the database (current: true)
--reset-foreman-db-manage-rake Reset db_manage_rake to the default value (true)
--foreman-db-password Database 'production' password, default is randomly generated (current: "neshPiHdvJStCWXpokZhhGv5siUNjQjv")
--reset-foreman-db-password Reset db_password to the default value ("neshPiHdvJStCWXpokZhhGv5siUNjQjv")
--foreman-db-pool Database 'production' size of connection pool. When running as a reverse proxy,
the value of `$foreman_service_puma_threads_max` is used if it's higher than `$db_pool`. (current: 5)
--reset-foreman-db-pool Reset db_pool to the default value (5)
--foreman-db-port Database 'production' port (current: UNDEF)
--reset-foreman-db-port Reset db_port to the default value (UNDEF)
--foreman-db-root-cert Root cert used to verify SSL connection to postgres (current: UNDEF)
--reset-foreman-db-root-cert Reset db_root_cert to the default value (UNDEF)
--foreman-db-sslmode Database 'production' ssl mode (current: UNDEF)
--reset-foreman-db-sslmode Reset db_sslmode to the default value (UNDEF)
--foreman-db-username Database 'production' user (e.g. foreman) (current: "foreman")
--reset-foreman-db-username Reset db_username to the default value ("foreman")
--foreman-foreman-service-puma-threads-max Maximum number of threads for every Puma worker (current: 5)
--reset-foreman-foreman-service-puma-threads-max Reset foreman_service_puma_threads_max to the default value (5)
--foreman-foreman-service-puma-threads-min Minimum number of threads for every Puma worker. If no value is specified, this defaults
to setting min threads to maximum threads. Setting min threads equal to max threads has
been shown to alleviate memory leaks and in some cases produce better performance. (current: UNDEF)
--reset-foreman-foreman-service-puma-threads-min Reset foreman_service_puma_threads_min to the default value (UNDEF)
--foreman-foreman-service-puma-workers Number of workers for Puma.
If not set, the value is dynamically calculated based on available number of
CPUs and memory. (current: UNDEF)
--reset-foreman-foreman-service-puma-workers Reset foreman_service_puma_workers to the default value (UNDEF)
--foreman-foreman-url URL on which foreman is going to run (current: "https://sat-r220-07.lab.eng.rdu2.redhat.com")
--reset-foreman-foreman-url Reset foreman_url to the default value ("https://sat-r220-07.lab.eng.rdu2.redhat.com")
--foreman-hsts-enabled Should HSTS enforcement in https requests be enabled (current: true)
--reset-foreman-hsts-enabled Reset hsts_enabled to the default value (true)
--foreman-http-keytab Path to keytab to be used for Kerberos authentication on the WebUI. If left empty, it will be automatically determined. (current: UNDEF)
--reset-foreman-http-keytab Reset http_keytab to the default value (UNDEF)
--foreman-ipa-manage-sssd If ipa_authentication is true, should the installer manage SSSD? You can disable it
if you use another module for SSSD configuration (current: true)
--reset-foreman-ipa-manage-sssd Reset ipa_manage_sssd to the default value (true)
--foreman-loggers Enable or disable specific loggers, e.g. {"sql" => true} (current: {})
--reset-foreman-loggers Reset loggers to the default value ({})
--foreman-logging-layout Logging layout of the Foreman application (current: "multiline_request_pattern")
--reset-foreman-logging-layout Reset logging_layout to the default value ("multiline_request_pattern")
--foreman-logging-level Logging level of the Foreman application (current: "info")
--reset-foreman-logging-level Reset logging_level to the default value ("info")
--foreman-logging-type Logging type of the Foreman application (current: "file")
--reset-foreman-logging-type Reset logging_type to the default value ("file")
--foreman-oauth-active Enable OAuth authentication for REST API (current: true)
--reset-foreman-oauth-active Reset oauth_active to the default value (true)
--foreman-oauth-consumer-key OAuth consumer key (current: "YQAaBH2mqooJGfC5WDujSzjNLF4a5fmD")
--reset-foreman-oauth-consumer-key Reset oauth_consumer_key to the default value ("YQAaBH2mqooJGfC5WDujSzjNLF4a5fmD")
--foreman-oauth-consumer-secret OAuth consumer secret (current: "GnAqr28cjjX62SdFi2Y8ZhVfzwh45EPm")
--reset-foreman-oauth-consumer-secret Reset oauth_consumer_secret to the default value ("GnAqr28cjjX62SdFi2Y8ZhVfzwh45EPm")
--foreman-oauth-effective-user User to be used for REST interaction (current: "admin")
--reset-foreman-oauth-effective-user Reset oauth_effective_user to the default value ("admin")
--foreman-oauth-map-users Should Foreman use the foreman_user header to identify API user? (current: false)
--reset-foreman-oauth-map-users Reset oauth_map_users to the default value (false)
--foreman-pam-service PAM service used for host-based access control in IPA (current: "foreman")
--reset-foreman-pam-service Reset pam_service to the default value ("foreman")
--foreman-plugin-version Foreman plugins package version, it's passed to ensure parameter of package resource
can be set to 'installed', 'latest', 'present' only (current: "present")
--reset-foreman-plugin-version Reset plugin_version to the default value ("present")
--foreman-rails-cache-store Set rails cache store (current: {"type"=>"file"})
--reset-foreman-rails-cache-store Reset rails_cache_store to the default value ({"type"=>"file"})
--foreman-register-in-foreman Register host in Foreman (current: true)
--reset-foreman-register-in-foreman Reset register_in_foreman to the default value (true)
--foreman-server-port Defines Apache port for HTTP requests (current: 80)
--reset-foreman-server-port Reset server_port to the default value (80)
--foreman-server-ssl-ca Defines Apache mod_ssl SSLCACertificateFile setting in Foreman vhost conf file. (current: "/etc/pki/katello/certs/katello-default-ca.crt")
--reset-foreman-server-ssl-ca Reset server_ssl_ca to the default value ("/etc/puppetlabs/puppet/ssl/certs/ca.pem")
--foreman-server-ssl-cert Defines Apache mod_ssl SSLCertificateFile setting in Foreman vhost conf file. (current: "/etc/pki/katello/certs/katello-apache.crt")
--reset-foreman-server-ssl-cert Reset server_ssl_cert to the default value ("/etc/puppetlabs/puppet/ssl/certs/sat-r220-07.lab.eng.rdu2.redhat.com.pem")
--foreman-server-ssl-chain Defines Apache mod_ssl SSLCertificateChainFile setting in Foreman vhost conf file. (current: "/etc/pki/katello/certs/katello-server-ca.crt")
--reset-foreman-server-ssl-chain Reset server_ssl_chain to the default value ("/etc/puppetlabs/puppet/ssl/certs/ca.pem")
--foreman-server-ssl-crl Defines the Apache mod_ssl SSLCARevocationFile setting in Foreman vhost conf file. (current: "")
--reset-foreman-server-ssl-crl Reset server_ssl_crl to the default value ("/etc/puppetlabs/puppet/ssl/crl.pem")
--foreman-server-ssl-key Defines Apache mod_ssl SSLCertificateKeyFile setting in Foreman vhost conf file. (current: "/etc/pki/katello/private/katello-apache.key")
--reset-foreman-server-ssl-key Reset server_ssl_key to the default value ("/etc/puppetlabs/puppet/ssl/private_keys/sat-r220-07.lab.eng.rdu2.redhat.com.pem")
--foreman-server-ssl-port Defines Apache port for HTTPS requests (current: 443)
--reset-foreman-server-ssl-port Reset server_ssl_port to the default value (443)
--foreman-server-ssl-protocol Defines the Apache mod_ssl SSLProtocol setting in Foreman vhost conf file. (current: UNDEF)
--reset-foreman-server-ssl-protocol Reset server_ssl_protocol to the default value (UNDEF)
--foreman-server-ssl-verify-client Defines the Apache mod_ssl SSLVerifyClient setting in Foreman vhost conf file. (current: "optional")
--reset-foreman-server-ssl-verify-client Reset server_ssl_verify_client to the default value ("optional")
--foreman-serveraliases Server aliases of the VirtualHost in the webserver (current: ["foreman"])
--reset-foreman-serveraliases Reset serveraliases to the default value (["foreman"])
--foreman-servername Server name of the VirtualHost in the webserver (current: "sat-r220-07.lab.eng.rdu2.redhat.com")
--reset-foreman-servername Reset servername to the default value ("sat-r220-07.lab.eng.rdu2.redhat.com")
--foreman-ssl Enable and set require_ssl in Foreman settings (note: requires Apache, SSL does not apply to kickstarts) (current: true)
--reset-foreman-ssl Reset ssl to the default value (true)
--foreman-telemetry-logger-enabled Enable telemetry logs - useful for telemetry debugging (current: false)
--reset-foreman-telemetry-logger-enabled Reset telemetry_logger_enabled to the default value (false)
--foreman-telemetry-logger-level Telemetry debugging logs level (current: "DEBUG")
--reset-foreman-telemetry-logger-level Reset telemetry_logger_level to the default value ("DEBUG")
--foreman-telemetry-prefix Prefix for all metrics (current: "fm_rails")
--reset-foreman-telemetry-prefix Reset telemetry_prefix to the default value ("fm_rails")
--foreman-telemetry-prometheus-enabled Enable prometheus telemetry (current: false)
--reset-foreman-telemetry-prometheus-enabled Reset telemetry_prometheus_enabled to the default value (false)
--foreman-telemetry-statsd-enabled Enable statsd telemetry (current: false)
--reset-foreman-telemetry-statsd-enabled Reset telemetry_statsd_enabled to the default value (false)
--foreman-telemetry-statsd-host Statsd host in format ip:port, do not use DNS (current: "127.0.0.1:8125")
--reset-foreman-telemetry-statsd-host Reset telemetry_statsd_host to the default value ("127.0.0.1:8125")
--foreman-telemetry-statsd-protocol Statsd protocol one of 'statsd', 'statsite' or 'datadog' - currently only statsd is supported (current: "statsd")
--reset-foreman-telemetry-statsd-protocol Reset telemetry_statsd_protocol to the default value ("statsd")
--foreman-trusted-proxies List of trusted IPs / networks. Default: IPv4 and IPV6 localhost addresses.
If overwritten, localhost addresses (127.0.0.1/8, ::1) need to be in trusted_proxies IP list again.
More details: https://api.rubyonrails.org/classes/ActionDispatch/RemoteIp.html (current: [])
--reset-foreman-trusted-proxies Reset trusted_proxies to the default value ([])
--foreman-unattended Should Foreman manage host provisioning as well (current: true)
--reset-foreman-unattended Reset unattended to the default value (true)
--foreman-unattended-url URL hosts will retrieve templates from during build (normally http as many installers don't support https) (current: UNDEF)
--reset-foreman-unattended-url Reset unattended_url to the default value (UNDEF)
--foreman-version Foreman package version, it's passed to ensure parameter of package resource
can be set to specific version number, 'latest', 'present' etc. (current: "present")
--reset-foreman-version Reset version to the default value ("present")
--foreman-websockets-encrypt Whether to encrypt websocket connections (current: true)
--reset-foreman-websockets-encrypt Reset websockets_encrypt to the default value (true)
--foreman-websockets-ssl-cert SSL certificate file to use when encrypting websocket connections (current: UNDEF)
--reset-foreman-websockets-ssl-cert Reset websockets_ssl_cert to the default value (UNDEF)
--foreman-websockets-ssl-key SSL key file to use when encrypting websocket connections (current: UNDEF)
--reset-foreman-websockets-ssl-key Reset websockets_ssl_key to the default value (UNDEF)
== Basic:
--foreman-db-manage If enabled, will install and configure the database server on this host (current: true)
--reset-foreman-db-manage Reset db_manage to the default value (true)
--foreman-email-delivery-method Email delivery method (current: UNDEF)
--reset-foreman-email-delivery-method Reset email_delivery_method to the default value (UNDEF)
--foreman-email-reply-address Email reply address for emails that Foreman is sending (current: UNDEF)
--reset-foreman-email-reply-address Reset email_reply_address to the default value (UNDEF)
--foreman-email-sendmail-arguments The arguments to pass to the sendmail binary. Unused when SMTP delivery is used. (current: UNDEF)
--reset-foreman-email-sendmail-arguments Reset email_sendmail_arguments to the default value (UNDEF)
--foreman-email-sendmail-location The location of the binary to call when sendmail is the delivery method. Unused when SMTP delivery is used. (current: UNDEF)
--reset-foreman-email-sendmail-location Reset email_sendmail_location to the default value (UNDEF)
--foreman-email-smtp-address SMTP server hostname, when delivery method is SMTP (current: UNDEF)
--reset-foreman-email-smtp-address Reset email_smtp_address to the default value (UNDEF)
--foreman-email-smtp-authentication SMTP authentication method (current: "none")
--reset-foreman-email-smtp-authentication Reset email_smtp_authentication to the default value ("none")
--foreman-email-smtp-domain SMTP HELO domain (current: UNDEF)
--reset-foreman-email-smtp-domain Reset email_smtp_domain to the default value (UNDEF)
--foreman-email-smtp-password Password for SMTP server auth, if authentication is enabled (current: UNDEF)
--reset-foreman-email-smtp-password Reset email_smtp_password to the default value (UNDEF)
--foreman-email-smtp-port SMTP port (current: 25)
--reset-foreman-email-smtp-port Reset email_smtp_port to the default value (25)
--foreman-email-smtp-user-name Username for SMTP server auth, if authentication is enabled (current: UNDEF)
--reset-foreman-email-smtp-user-name Reset email_smtp_user_name to the default value (UNDEF)
--foreman-email-subject-prefix Prefix to add to all outgoing email (current: UNDEF)
--reset-foreman-email-subject-prefix Reset email_subject_prefix to the default value (UNDEF)
--foreman-initial-admin-email Initial E-mail address of the admin user (current: UNDEF)
--reset-foreman-initial-admin-email Reset initial_admin_email to the default value (UNDEF)
--foreman-initial-admin-first-name Initial first name of the admin user (current: UNDEF)
--reset-foreman-initial-admin-first-name Reset initial_admin_first_name to the default value (UNDEF)
--foreman-initial-admin-last-name Initial last name of the admin user (current: UNDEF)
--reset-foreman-initial-admin-last-name Reset initial_admin_last_name to the default value (UNDEF)
--foreman-initial-admin-locale Initial locale (= language) of the admin user (current: UNDEF)
--reset-foreman-initial-admin-locale Reset initial_admin_locale to the default value (UNDEF)
--foreman-initial-admin-password Initial password of the admin user, default is randomly generated (current: "TKCAahbtr6VfnoKe")
--reset-foreman-initial-admin-password Reset initial_admin_password to the default value ("TKCAahbtr6VfnoKe")
--foreman-initial-admin-timezone Initial timezone of the admin user (current: UNDEF)
--reset-foreman-initial-admin-timezone Reset initial_admin_timezone to the default value (UNDEF)
--foreman-initial-admin-username Initial username for the admin user account, default is admin (current: "admin")
--reset-foreman-initial-admin-username Reset initial_admin_username to the default value ("admin")
--foreman-initial-location Name of an initial location (current: "Default Location")
--reset-foreman-initial-location Reset initial_location to the default value (UNDEF)
--foreman-initial-organization Name of an initial organization (current: "Default Organization")
--reset-foreman-initial-organization Reset initial_organization to the default value (UNDEF)
--foreman-ipa-authentication Enable configuration for external authentication via IPA (current: false)
--reset-foreman-ipa-authentication Reset ipa_authentication to the default value (false)
== Dynflow:
--foreman-dynflow-manage-services Whether to manage the dynflow services (current: true)
--reset-foreman-dynflow-manage-services Reset dynflow_manage_services to the default value (true)
--foreman-dynflow-orchestrator-ensure The state of the dynflow orchestrator instance (current: "present")
--reset-foreman-dynflow-orchestrator-ensure Reset dynflow_orchestrator_ensure to the default value ("present")
--foreman-dynflow-redis-url If set, the redis server is not managed and we use the defined url to connect (current: UNDEF)
--reset-foreman-dynflow-redis-url Reset dynflow_redis_url to the default value (UNDEF)
--foreman-dynflow-worker-concurrency How many concurrent jobs to handle per worker instance (current: 5)
--reset-foreman-dynflow-worker-concurrency Reset dynflow_worker_concurrency to the default value (5)
--foreman-dynflow-worker-instances The number of worker instances that should be running (current: 1)
--reset-foreman-dynflow-worker-instances Reset dynflow_worker_instances to the default value (1)
== Keycloak:
--foreman-keycloak Enable Keycloak support. Note this is limited
to configuring Apache and still relies on manually
running keycloak-httpd-client-install (current: false)
--reset-foreman-keycloak Reset keycloak to the default value (false)
--foreman-keycloak-app-name The app name as passed to keycloak-httpd-client-install (current: "foreman-openidc")
--reset-foreman-keycloak-app-name Reset keycloak_app_name to the default value ("foreman-openidc")
--foreman-keycloak-realm The realm as passed to keycloak-httpd-client-install (current: "ssl-realm")
--reset-foreman-keycloak-realm Reset keycloak_realm to the default value ("ssl-realm")
= Module foreman_cli:
== Basic:
--foreman-cli-foreman-url URL on which Foreman runs (current: UNDEF)
--reset-foreman-cli-foreman-url Reset foreman_url to the default value (UNDEF)
--foreman-cli-password Password for authentication (current: UNDEF)
--reset-foreman-cli-password Reset password to the default value (UNDEF)
--foreman-cli-username Username for authentication (current: UNDEF)
--reset-foreman-cli-username Reset username to the default value (UNDEF)
== Advanced:
--foreman-cli-manage-root-config Whether to manage /root/.hammer configuration. (current: true)
--reset-foreman-cli-manage-root-config Reset manage_root_config to the default value (true)
--foreman-cli-refresh-cache Check API documentation cache status on each request (current: false)
--reset-foreman-cli-refresh-cache Reset refresh_cache to the default value (false)
--foreman-cli-request-timeout API request timeout, set -1 for infinity (current: 120)
--reset-foreman-cli-request-timeout Reset request_timeout to the default value (120)
--foreman-cli-ssl-ca-file Path to SSL certificate authority (current: UNDEF)
--reset-foreman-cli-ssl-ca-file Reset ssl_ca_file to the default value (UNDEF)
--foreman-cli-use-sessions Enable using sessions (current: false)
--reset-foreman-cli-use-sessions Reset use_sessions to the default value (false)
--foreman-cli-version foreman-cli package version, it's passed to ensure parameter of package resource
can be set to specific version number, 'latest', 'present' etc. (current: "installed")
--reset-foreman-cli-version Reset version to the default value ("installed")
= Module foreman_compute_ec2:
--foreman-compute-ec2-version Package version to install, defaults to installed (current: "installed")
--reset-foreman-compute-ec2-version Reset version to the default value ("installed")
= Module foreman_compute_gce:
--foreman-compute-gce-version Package version to install, defaults to installed (current: "installed")
--reset-foreman-compute-gce-version Reset version to the default value ("installed")
= Module foreman_compute_libvirt:
--foreman-compute-libvirt-version Package version to install, defaults to installed (current: "installed")
--reset-foreman-compute-libvirt-version Reset version to the default value ("installed")
= Module foreman_compute_openstack:
--foreman-compute-openstack-version Package version to install, defaults to installed (current: "installed")
--reset-foreman-compute-openstack-version Reset version to the default value ("installed")
= Module foreman_compute_ovirt:
--foreman-compute-ovirt-version Package version to install, defaults to installed (current: "installed")
--reset-foreman-compute-ovirt-version Reset version to the default value ("installed")
= Module foreman_compute_vmware:
--foreman-compute-vmware-version Package version to install, defaults to installed (current: "installed")
--reset-foreman-compute-vmware-version Reset version to the default value ("installed")
= Module foreman_plugin_tasks:
--foreman-plugin-tasks-automatic-cleanup Enable automatic task cleanup using a cron job (current: true)
--reset-foreman-plugin-tasks-automatic-cleanup Reset automatic_cleanup to the default value (false)
--foreman-plugin-tasks-backup Enable creating a backup of cleaned up tasks in CSV format when automatic_cleanup is enabled (current: false)
--reset-foreman-plugin-tasks-backup Reset backup to the default value (false)
--foreman-plugin-tasks-cron-line Cron line defining when the cleanup cron job should run (current: "45 19 * * *")
--reset-foreman-plugin-tasks-cron-line Reset cron_line to the default value ("45 19 * * *")
= Module foreman_proxy:
== Basic:
--foreman-proxy-autosignfile Hostname-Whitelisting only: Location of puppets autosign.conf (current: "/etc/puppetlabs/puppet/autosign.conf")
--reset-foreman-proxy-autosignfile Reset autosignfile to the default value ("/etc/puppetlabs/puppet/autosign.conf")
--foreman-proxy-bind-host Host to bind ports to, e.g. *, localhost, 0.0.0.0 (current: ["*"])
--reset-foreman-proxy-bind-host Reset bind_host to the default value (["*"])
--foreman-proxy-bmc Enable BMC feature (current: false)
--reset-foreman-proxy-bmc Reset bmc to the default value (false)
--foreman-proxy-bmc-default-provider BMC default provider. (current: "ipmitool")
--reset-foreman-proxy-bmc-default-provider Reset bmc_default_provider to the default value ("ipmitool")
--foreman-proxy-bmc-listen-on BMC proxy to listen on https, http, or both (current: "https")
--reset-foreman-proxy-bmc-listen-on Reset bmc_listen_on to the default value ("https")
--foreman-proxy-bmc-ssh-key BMC SSH key location. (current: "/usr/share/foreman/.ssh/id_rsa")
--reset-foreman-proxy-bmc-ssh-key Reset bmc_ssh_key to the default value ("/usr/share/foreman/.ssh/id_rsa")
--foreman-proxy-bmc-ssh-powercycle BMC SSH powercycle command. (current: "shutdown -r +1")
--reset-foreman-proxy-bmc-ssh-powercycle Reset bmc_ssh_powercycle to the default value ("shutdown -r +1")
--foreman-proxy-bmc-ssh-poweroff BMC SSH poweroff command. (current: "shutdown +1")
--reset-foreman-proxy-bmc-ssh-poweroff Reset bmc_ssh_poweroff to the default value ("shutdown +1")
--foreman-proxy-bmc-ssh-poweron BMC SSH poweron command. (current: "false")
--reset-foreman-proxy-bmc-ssh-poweron Reset bmc_ssh_poweron to the default value ("false")
--foreman-proxy-bmc-ssh-powerstatus BMC SSH powerstatus command. (current: "true")
--reset-foreman-proxy-bmc-ssh-powerstatus Reset bmc_ssh_powerstatus to the default value ("true")
--foreman-proxy-bmc-ssh-user BMC SSH user. (current: "root")
--reset-foreman-proxy-bmc-ssh-user Reset bmc_ssh_user to the default value ("root")
--foreman-proxy-dhcp Enable DHCP feature (current: false)
--reset-foreman-proxy-dhcp Reset dhcp to the default value (false)
--foreman-proxy-dhcp-additional-interfaces Additional DHCP listen interfaces (in addition to dhcp_interface). Note: as opposed to dhcp_interface
*no* subnet will be provisioned for any of the additional DHCP listen interfaces. Please configure any
additional subnets using `dhcp::pool` and related resource types (provided by the theforeman/puppet-dhcp
module). (current: [])
--reset-foreman-proxy-dhcp-additional-interfaces Reset dhcp_additional_interfaces to the default value ([])
--foreman-proxy-dhcp-config DHCP config file path (current: "/etc/dhcp/dhcpd.conf")
--reset-foreman-proxy-dhcp-config Reset dhcp_config to the default value ("/etc/dhcp/dhcpd.conf")
--foreman-proxy-dhcp-gateway DHCP pool gateway (current: UNDEF)
--reset-foreman-proxy-dhcp-gateway Reset dhcp_gateway to the default value (UNDEF)
--foreman-proxy-dhcp-interface DHCP listen interface (current: "em1")
--reset-foreman-proxy-dhcp-interface Reset dhcp_interface to the default value ("em1")
--foreman-proxy-dhcp-key-name DHCP key name (current: UNDEF)
--reset-foreman-proxy-dhcp-key-name Reset dhcp_key_name to the default value (UNDEF)
--foreman-proxy-dhcp-key-secret DHCP password (current: UNDEF)
--reset-foreman-proxy-dhcp-key-secret Reset dhcp_key_secret to the default value (UNDEF)
--foreman-proxy-dhcp-leases DHCP leases file (current: "/var/lib/dhcpd/dhcpd.leases")
--reset-foreman-proxy-dhcp-leases Reset dhcp_leases to the default value ("/var/lib/dhcpd/dhcpd.leases")
--foreman-proxy-dhcp-listen-on DHCP proxy to listen on https, http, or both (current: "https")
--reset-foreman-proxy-dhcp-listen-on Reset dhcp_listen_on to the default value ("https")
--foreman-proxy-dhcp-managed The DHCP daemon is managed by this module (current: true)
--reset-foreman-proxy-dhcp-managed Reset dhcp_managed to the default value (true)
--foreman-proxy-dhcp-nameservers DHCP nameservers, comma-separated (current: "default")
--reset-foreman-proxy-dhcp-nameservers Reset dhcp_nameservers to the default value ("default")
--foreman-proxy-dhcp-netmask DHCP server netmask value, defaults otherwise to value based on IP of dhcp_interface (current: UNDEF)
--reset-foreman-proxy-dhcp-netmask Reset dhcp_netmask to the default value (UNDEF)
--foreman-proxy-dhcp-network DHCP server network value, defaults otherwise to value based on IP of dhcp_interface (current: UNDEF)
--reset-foreman-proxy-dhcp-network Reset dhcp_network to the default value (UNDEF)
--foreman-proxy-dhcp-node-type DHCP node type (current: "standalone")
--reset-foreman-proxy-dhcp-node-type Reset dhcp_node_type to the default value ("standalone")
--foreman-proxy-dhcp-omapi-port DHCP server OMAPI port (current: 7911)
--reset-foreman-proxy-dhcp-omapi-port Reset dhcp_omapi_port to the default value (7911)
--foreman-proxy-dhcp-option-domain DHCP use the dhcpd config option domain-name (current: ["lab.eng.rdu2.redhat.com"])
--reset-foreman-proxy-dhcp-option-domain Reset dhcp_option_domain to the default value (["lab.eng.rdu2.redhat.com"])
--foreman-proxy-dhcp-peer-address The other DHCP servers address (current: UNDEF)
--reset-foreman-proxy-dhcp-peer-address Reset dhcp_peer_address to the default value (UNDEF)
--foreman-proxy-dhcp-ping-free-ip Perform ICMP and TCP ping when searching free IPs from the pool. This makes
sure that active IP address is not suggested as free, however in locked down
network environments this can cause no free IPs. (current: true)
--reset-foreman-proxy-dhcp-ping-free-ip Reset dhcp_ping_free_ip to the default value (true)
--foreman-proxy-dhcp-provider DHCP provider for the DHCP module (current: "isc")
--reset-foreman-proxy-dhcp-provider Reset dhcp_provider to the default value ("isc")
--foreman-proxy-dhcp-pxefilename DHCP "filename" value, defaults otherwise to pxelinux.0 (current: "pxelinux.0")
--reset-foreman-proxy-dhcp-pxefilename Reset dhcp_pxefilename to the default value ("pxelinux.0")
--foreman-proxy-dhcp-pxeserver DHCP "next-server" value, defaults otherwise to IP of dhcp_interface (current: UNDEF)
--reset-foreman-proxy-dhcp-pxeserver Reset dhcp_pxeserver to the default value (UNDEF)
--foreman-proxy-dhcp-range Space-separated DHCP pool range (current: UNDEF)
--reset-foreman-proxy-dhcp-range Reset dhcp_range to the default value (UNDEF)
--foreman-proxy-dhcp-search-domains DHCP search domains option (current: UNDEF)
--reset-foreman-proxy-dhcp-search-domains Reset dhcp_search_domains to the default value (UNDEF)
--foreman-proxy-dhcp-server Address of DHCP server to manage (current: "127.0.0.1")
--reset-foreman-proxy-dhcp-server Reset dhcp_server to the default value ("127.0.0.1")
--foreman-proxy-dhcp-subnets Subnets list to restrict DHCP management to (current: [])
--reset-foreman-proxy-dhcp-subnets Reset dhcp_subnets to the default value ([])
--foreman-proxy-dns Enable DNS feature (current: false)
--reset-foreman-proxy-dns Reset dns to the default value (false)
--foreman-proxy-dns-forwarders DNS forwarders (current: [])
--reset-foreman-proxy-dns-forwarders Reset dns_forwarders to the default value ([])
--foreman-proxy-dns-interface DNS interface (current: "em1")
--reset-foreman-proxy-dns-interface Reset dns_interface to the default value ("em1")
--foreman-proxy-dns-listen-on DNS proxy to listen on https, http, or both (current: "https")
--reset-foreman-proxy-dns-listen-on Reset dns_listen_on to the default value ("https")
--foreman-proxy-dns-managed The DNS daemon is managed by this module. Only supported for the nsupdate and nsupdate_gss DNS providers. (current: true)
--reset-foreman-proxy-dns-managed Reset dns_managed to the default value (true)
--foreman-proxy-dns-provider DNS provider (current: "nsupdate")
--reset-foreman-proxy-dns-provider Reset dns_provider to the default value ("nsupdate")
--foreman-proxy-dns-reverse DNS reverse zone name (current: UNDEF)
--reset-foreman-proxy-dns-reverse Reset dns_reverse to the default value (UNDEF)
--foreman-proxy-dns-server Address of DNS server to manage (current: "127.0.0.1")
--reset-foreman-proxy-dns-server Reset dns_server to the default value ("127.0.0.1")
--foreman-proxy-dns-tsig-keytab Kerberos keytab for DNS updates using GSS-TSIG authentication (current: "/etc/foreman-proxy/dns.keytab")
--reset-foreman-proxy-dns-tsig-keytab Reset dns_tsig_keytab to the default value ("/etc/foreman-proxy/dns.keytab")
--foreman-proxy-dns-tsig-principal Kerberos principal for DNS updates using GSS-TSIG authentication (current: "foremanproxy/sat-r220-07.lab.eng.rdu2.redhat.com@LAB.ENG.RDU2.REDHAT.COM")
--reset-foreman-proxy-dns-tsig-principal Reset dns_tsig_principal to the default value ("foremanproxy/sat-r220-07.lab.eng.rdu2.redhat.com@LAB.ENG.RDU2.REDHAT.COM")
--foreman-proxy-dns-ttl DNS default TTL override (current: 86400)
--reset-foreman-proxy-dns-ttl Reset dns_ttl to the default value (86400)
--foreman-proxy-dns-zone DNS zone name (current: "lab.eng.rdu2.redhat.com")
--reset-foreman-proxy-dns-zone Reset dns_zone to the default value ("lab.eng.rdu2.redhat.com")
--foreman-proxy-ensure-packages-version control extra packages version, it's passed to ensure parameter of package resource (current: "installed")
--reset-foreman-proxy-ensure-packages-version Reset ensure_packages_version to the default value ("installed")
--foreman-proxy-foreman-base-url Base Foreman URL used for REST interaction (current: "https://sat-r220-07.lab.eng.rdu2.redhat.com")
--reset-foreman-proxy-foreman-base-url Reset foreman_base_url to the default value ("https://sat-r220-07.lab.eng.rdu2.redhat.com")
--foreman-proxy-foreman-ssl-ca SSL CA used to verify connections when accessing the Foreman API.
When not specified, the ssl_ca is used instead. (current: "/etc/foreman-proxy/foreman_ssl_ca.pem")
--reset-foreman-proxy-foreman-ssl-ca Reset foreman_ssl_ca to the default value (UNDEF)
--foreman-proxy-foreman-ssl-cert SSL client certificate used when accessing the Foreman API
When not specified, the ssl_cert is used instead. (current: "/etc/foreman-proxy/foreman_ssl_cert.pem")
--reset-foreman-proxy-foreman-ssl-cert Reset foreman_ssl_cert to the default value (UNDEF)
--foreman-proxy-foreman-ssl-key Corresponding key to a foreman_ssl_cert certificate
When not specified, the ssl_key is used instead. (current: "/etc/foreman-proxy/foreman_ssl_key.pem")
--reset-foreman-proxy-foreman-ssl-key Reset foreman_ssl_key to the default value (UNDEF)
--foreman-proxy-freeipa-config Path to FreeIPA default.conf configuration file (current: "/etc/ipa/default.conf")
--reset-foreman-proxy-freeipa-config Reset freeipa_config to the default value ("/etc/ipa/default.conf")
--foreman-proxy-freeipa-remove-dns Remove DNS entries from FreeIPA when deleting hosts from realm (current: true)
--reset-foreman-proxy-freeipa-remove-dns Reset freeipa_remove_dns to the default value (true)
--foreman-proxy-groups Array of additional groups for the foreman proxy user (current: [])
--reset-foreman-proxy-groups Reset groups to the default value ([])
--foreman-proxy-http Enable HTTP (current: false)
--reset-foreman-proxy-http Reset http to the default value (false)
--foreman-proxy-http-port HTTP port to listen on (if http is enabled) (current: 8000)
--reset-foreman-proxy-http-port Reset http_port to the default value (8000)
--foreman-proxy-httpboot Enable HTTPBoot feature. In most deployments this requires HTTP to be enabled as well. (current: false)
--reset-foreman-proxy-httpboot Reset httpboot to the default value (false)
--foreman-proxy-keyfile DNS server keyfile path (current: "/etc/rndc.key")
--reset-foreman-proxy-keyfile Reset keyfile to the default value ("/etc/rndc.key")
--foreman-proxy-libvirt-connection Connection string of libvirt DNS/DHCP provider (e.g. "qemu:///system") (current: "qemu:///system")
--reset-foreman-proxy-libvirt-connection Reset libvirt_connection to the default value ("qemu:///system")
--foreman-proxy-libvirt-network Network for libvirt DNS/DHCP provider (current: "default")
--reset-foreman-proxy-libvirt-network Reset libvirt_network to the default value ("default")
--foreman-proxy-log Foreman proxy log file, 'STDOUT', 'SYSLOG' or 'JOURNAL' (current: "/var/log/foreman-proxy/proxy.log")
--reset-foreman-proxy-log Reset log to the default value ("/var/log/foreman-proxy/proxy.log")
--foreman-proxy-log-buffer Log buffer size (current: 2000)
--reset-foreman-proxy-log-buffer Reset log_buffer to the default value (2000)
--foreman-proxy-log-buffer-errors Additional log buffer size for errors (current: 1000)
--reset-foreman-proxy-log-buffer-errors Reset log_buffer_errors to the default value (1000)
--foreman-proxy-log-level Foreman proxy log level (current: "INFO")
--reset-foreman-proxy-log-level Reset log_level to the default value ("INFO")
--foreman-proxy-logs Enable Logs (log buffer) feature (current: true)
--reset-foreman-proxy-logs Reset logs to the default value (true)
--foreman-proxy-logs-listen-on Logs proxy to listen on https, http, or both (current: "https")
--reset-foreman-proxy-logs-listen-on Reset logs_listen_on to the default value ("https")
--foreman-proxy-manage-puppet-group Whether to ensure the $puppet_group exists. Also ensures group owner of ssl keys and certs is $puppet_group
Not applicable when ssl is false. (current: false)
--reset-foreman-proxy-manage-puppet-group Reset manage_puppet_group to the default value (true)
--foreman-proxy-manage-sudoersd Whether to manage File['/etc/sudoers.d'] or not. When reusing this module, this may be
disabled to let a dedicated sudo module manage it instead. (current: true)
--reset-foreman-proxy-manage-sudoersd Reset manage_sudoersd to the default value (true)
--foreman-proxy-oauth-consumer-key OAuth key to be used for REST interaction (current: "YQAaBH2mqooJGfC5WDujSzjNLF4a5fmD")
--reset-foreman-proxy-oauth-consumer-key Reset oauth_consumer_key to the default value ("YQAaBH2mqooJGfC5WDujSzjNLF4a5fmD")
--foreman-proxy-oauth-consumer-secret OAuth secret to be used for REST interaction (current: "GnAqr28cjjX62SdFi2Y8ZhVfzwh45EPm")
--reset-foreman-proxy-oauth-consumer-secret Reset oauth_consumer_secret to the default value ("GnAqr28cjjX62SdFi2Y8ZhVfzwh45EPm")
--foreman-proxy-oauth-effective-user User to be used for REST interaction (current: "admin")
--reset-foreman-proxy-oauth-effective-user Reset oauth_effective_user to the default value ("admin")
--foreman-proxy-puppet Enable Puppet module for environment imports and Puppet runs (current: false)
--reset-foreman-proxy-puppet Reset puppet to the default value (true)
--foreman-proxy-puppet-api-timeout Timeout in seconds when accessing Puppet environment classes API (current: 30)
--reset-foreman-proxy-puppet-api-timeout Reset puppet_api_timeout to the default value (30)
--foreman-proxy-puppet-group Groups of Foreman proxy user (current: "puppet")
--reset-foreman-proxy-puppet-group Reset puppet_group to the default value ("puppet")
--foreman-proxy-puppet-listen-on Protocols for the Puppet feature to listen on (current: "https")
--reset-foreman-proxy-puppet-listen-on Reset puppet_listen_on to the default value ("https")
--foreman-proxy-puppet-ssl-ca SSL CA used to verify connections when accessing the Puppet master API (current: "/etc/puppetlabs/puppet/ssl/certs/ca.pem")
--reset-foreman-proxy-puppet-ssl-ca Reset puppet_ssl_ca to the default value ("/etc/puppetlabs/puppet/ssl/certs/ca.pem")
--foreman-proxy-puppet-ssl-cert SSL certificate used when accessing the Puppet master API (current: "/etc/puppetlabs/puppet/ssl/certs/sat-r220-07.lab.eng.rdu2.redhat.com.pem")
--reset-foreman-proxy-puppet-ssl-cert Reset puppet_ssl_cert to the default value ("/etc/puppetlabs/puppet/ssl/certs/sat-r220-07.lab.eng.rdu2.redhat.com.pem")
--foreman-proxy-puppet-ssl-key SSL private key used when accessing the Puppet master API (current: "/etc/puppetlabs/puppet/ssl/private_keys/sat-r220-07.lab.eng.rdu2.redhat.com.pem")
--reset-foreman-proxy-puppet-ssl-key Reset puppet_ssl_key to the default value ("/etc/puppetlabs/puppet/ssl/private_keys/sat-r220-07.lab.eng.rdu2.redhat.com.pem")
--foreman-proxy-puppet-url URL of the Puppet master itself for API requests (current: "https://sat-r220-07.lab.eng.rdu2.redhat.com:8140")
--reset-foreman-proxy-puppet-url Reset puppet_url to the default value ("https://sat-r220-07.lab.eng.rdu2.redhat.com:8140")
--foreman-proxy-puppetca Enable Puppet CA feature (current: false)
--reset-foreman-proxy-puppetca Reset puppetca to the default value (true)
--foreman-proxy-puppetca-cmd Puppet CA command to be allowed in sudoers (current: "/opt/puppetlabs/bin/puppet cert")
--reset-foreman-proxy-puppetca-cmd Reset puppetca_cmd to the default value ("/opt/puppetlabs/bin/puppet cert")
--foreman-proxy-puppetca-listen-on Protocols for the Puppet CA feature to listen on (current: "https")
--reset-foreman-proxy-puppetca-listen-on Reset puppetca_listen_on to the default value ("https")
--foreman-proxy-puppetca-tokens-file Token-Whitelisting only: Location of the tokens.yaml (current: "/var/lib/foreman-proxy/tokens.yml")
--reset-foreman-proxy-puppetca-tokens-file Reset puppetca_tokens_file to the default value ("/var/lib/foreman-proxy/tokens.yml")
--foreman-proxy-puppetdir Puppet var directory (current: "/etc/puppetlabs/puppet")
--reset-foreman-proxy-puppetdir Reset puppetdir to the default value ("/etc/puppetlabs/puppet")
--foreman-proxy-realm Enable realm management feature (current: false)
--reset-foreman-proxy-realm Reset realm to the default value (false)
--foreman-proxy-realm-keytab Kerberos keytab path to authenticate realm updates (current: "/etc/foreman-proxy/freeipa.keytab")
--reset-foreman-proxy-realm-keytab Reset realm_keytab to the default value ("/etc/foreman-proxy/freeipa.keytab")
--foreman-proxy-realm-listen-on Realm proxy to listen on https, http, or both (current: "https")
--reset-foreman-proxy-realm-listen-on Reset realm_listen_on to the default value ("https")
--foreman-proxy-realm-principal Kerberos principal for realm updates (current: "realm-proxy@LAB.ENG.RDU2.REDHAT.COM")
--reset-foreman-proxy-realm-principal Reset realm_principal to the default value ("realm-proxy@LAB.ENG.RDU2.REDHAT.COM")
--foreman-proxy-realm-provider Realm management provider (current: "freeipa")
--reset-foreman-proxy-realm-provider Reset realm_provider to the default value ("freeipa")
--foreman-proxy-register-in-foreman Register proxy back in Foreman (current: true)
--reset-foreman-proxy-register-in-foreman Reset register_in_foreman to the default value (true)
--foreman-proxy-registered-name Proxy name which is registered in Foreman (current: "sat-r220-07.lab.eng.rdu2.redhat.com")
--reset-foreman-proxy-registered-name Reset registered_name to the default value ("sat-r220-07.lab.eng.rdu2.redhat.com")
--foreman-proxy-registered-proxy-url Proxy URL which is registered in Foreman (current: UNDEF)
--reset-foreman-proxy-registered-proxy-url Reset registered_proxy_url to the default value (UNDEF)
--foreman-proxy-registration Enable Registration feature (current: false)
--reset-foreman-proxy-registration Reset registration to the default value (false)
--foreman-proxy-registration-listen-on Registration proxy to listen on https, http, or both (current: "https")
--reset-foreman-proxy-registration-listen-on Reset registration_listen_on to the default value ("https")
--foreman-proxy-ssl Enable SSL, ensure feature is added with "https://" protocol if true (current: true)
--reset-foreman-proxy-ssl Reset ssl to the default value (true)
--foreman-proxy-ssl-ca SSL CA to validate the client certificates used to access the proxy (current: "/etc/foreman-proxy/ssl_ca.pem")
--reset-foreman-proxy-ssl-ca Reset ssl_ca to the default value ("/etc/puppetlabs/puppet/ssl/certs/ca.pem")
--foreman-proxy-ssl-cert SSL certificate to be used to run the foreman proxy via https. (current: "/etc/foreman-proxy/ssl_cert.pem")
--reset-foreman-proxy-ssl-cert Reset ssl_cert to the default value ("/etc/puppetlabs/puppet/ssl/certs/sat-r220-07.lab.eng.rdu2.redhat.com.pem")
--foreman-proxy-ssl-disabled-ciphers List of OpenSSL cipher suite names that will be disabled from the default (current: [])
--reset-foreman-proxy-ssl-disabled-ciphers Reset ssl_disabled_ciphers to the default value ([])
--foreman-proxy-ssl-key Corresponding key to a ssl_cert certificate (current: "/etc/foreman-proxy/ssl_key.pem")
--reset-foreman-proxy-ssl-key Reset ssl_key to the default value ("/etc/puppetlabs/puppet/ssl/private_keys/sat-r220-07.lab.eng.rdu2.redhat.com.pem")
--foreman-proxy-ssl-port HTTPS port to listen on (if ssl is enabled) (current: 9090)
--reset-foreman-proxy-ssl-port Reset ssl_port to the default value (8443)
--foreman-proxy-ssldir Puppet CA SSL directory (current: "/etc/puppetlabs/puppet/ssl")
--reset-foreman-proxy-ssldir Reset ssldir to the default value ("/etc/puppetlabs/puppet/ssl")
--foreman-proxy-template-url URL a client should use for provisioning templates (current: "http://sat-r220-07.lab.eng.rdu2.redhat.com:8000")
--reset-foreman-proxy-template-url Reset template_url to the default value ("http://sat-r220-07.lab.eng.rdu2.redhat.com:8000")
--foreman-proxy-templates Enable templates feature (current: false)
--reset-foreman-proxy-templates Reset templates to the default value (false)
--foreman-proxy-templates-listen-on Templates proxy to listen on https, http, or both (current: "both")
--reset-foreman-proxy-templates-listen-on Reset templates_listen_on to the default value ("both")
--foreman-proxy-tftp Enable TFTP feature (current: false)
--reset-foreman-proxy-tftp Reset tftp to the default value (false)
--foreman-proxy-tftp-dirs Directories to be create in $tftp_root (current: UNDEF)
--reset-foreman-proxy-tftp-dirs Reset tftp_dirs to the default value (UNDEF)
--foreman-proxy-tftp-listen-on TFTP proxy to listen on https, http, or both (current: "https")
--reset-foreman-proxy-tftp-listen-on Reset tftp_listen_on to the default value ("https")
--foreman-proxy-tftp-manage-wget If enabled will install the wget package (current: true)
--reset-foreman-proxy-tftp-manage-wget Reset tftp_manage_wget to the default value (true)
--foreman-proxy-tftp-managed The TFTP daemon is managed by this module. (current: true)
--reset-foreman-proxy-tftp-managed Reset tftp_managed to the default value (true)
--foreman-proxy-tftp-replace-grub2-cfg Determines if grub2.cfg will be replaced (current: false)
--reset-foreman-proxy-tftp-replace-grub2-cfg Reset tftp_replace_grub2_cfg to the default value (false)
--foreman-proxy-tftp-root TFTP root directory (current: "/var/lib/tftpboot")
--reset-foreman-proxy-tftp-root Reset tftp_root to the default value ("/var/lib/tftpboot")
--foreman-proxy-tftp-servername Defines the TFTP Servername to use, overrides the name in the subnet declaration (current: UNDEF)
--reset-foreman-proxy-tftp-servername Reset tftp_servername to the default value (UNDEF)
--foreman-proxy-tftp-syslinux-filenames Syslinux files to install on TFTP (full paths) (current: ["/usr/share/syslinux/chain.c32", "/usr/share/syslinux/mboot.c32", "/usr/share/syslinux/menu.c32", "/usr/share/syslinux/memdisk", "/usr/share/syslinux/pxelinux.0"])
--reset-foreman-proxy-tftp-syslinux-filenames Reset tftp_syslinux_filenames to the default value (["/usr/share/syslinux/chain.c32", "/usr/share/syslinux/mboot.c32", "/usr/share/syslinux/menu.c32", "/usr/share/syslinux/memdisk", "/usr/share/syslinux/pxelinux.0"])
--foreman-proxy-tls-disabled-versions List of TLS versions that will be disabled from the default (current: [])
--reset-foreman-proxy-tls-disabled-versions Reset tls_disabled_versions to the default value ([])
--foreman-proxy-trusted-hosts Only hosts listed will be permitted, empty array to disable authorization (current: ["sat-r220-07.lab.eng.rdu2.redhat.com"])
--reset-foreman-proxy-trusted-hosts Reset trusted_hosts to the default value (["sat-r220-07.lab.eng.rdu2.redhat.com"])
--foreman-proxy-use-sudoers Add contents to /etc/sudoers (true). This is ignored if $use_sudoersd is true. (current: true)
--reset-foreman-proxy-use-sudoers Reset use_sudoers to the default value (true)
--foreman-proxy-use-sudoersd Add a file to /etc/sudoers.d (true). (current: true)
--reset-foreman-proxy-use-sudoersd Reset use_sudoersd to the default value (true)
--foreman-proxy-version foreman package version, it's passed to ensure parameter of package resource
can be set to specific version number, 'latest', 'present' etc. (current: "present")
--reset-foreman-proxy-version Reset version to the default value ("present")
== Advanced:
--foreman-proxy-dhcp-failover-address Address for DHCP to listen for connections from its peer (current: "10.8.0.148")
--reset-foreman-proxy-dhcp-failover-address Reset dhcp_failover_address to the default value ("10.8.0.148")
--foreman-proxy-dhcp-failover-port Port for DHCP to listen & communicate with it DHCP peer (current: 519)
--reset-foreman-proxy-dhcp-failover-port Reset dhcp_failover_port to the default value (519)
--foreman-proxy-dhcp-load-balance Cutoff after which load balancing is disabled (current: 3)
--reset-foreman-proxy-dhcp-load-balance Reset dhcp_load_balance to the default value (3)
--foreman-proxy-dhcp-load-split Split leases between Primary and Secondary. 255 means Primary is chiefly responsible. 0 means Secondary is chiefly responsible. (current: 255)
--reset-foreman-proxy-dhcp-load-split Reset dhcp_load_split to the default value (255)
--foreman-proxy-dhcp-manage-acls Whether to manage DHCP directory ACLs. This allows the Foreman Proxy user to access even if the directory mode is 0750. (current: true)
--reset-foreman-proxy-dhcp-manage-acls Reset dhcp_manage_acls to the default value (true)
--foreman-proxy-dhcp-max-response-delay Seconds after it will assume that connection has failed to DHCP peer (current: 30)
--reset-foreman-proxy-dhcp-max-response-delay Reset dhcp_max_response_delay to the default value (30)
--foreman-proxy-dhcp-max-unacked-updates How many BNDUPD messages DHCP can send before it receives a BNDACK from the local system (current: 10)
--reset-foreman-proxy-dhcp-max-unacked-updates Reset dhcp_max_unacked_updates to the default value (10)
--foreman-proxy-dhcp-mclt Seconds for which a lease may be renewed by either failover peer without contacting the other (current: 300)
--reset-foreman-proxy-dhcp-mclt Reset dhcp_mclt to the default value (300)
--foreman-proxy-httpboot-listen-on HTTPBoot proxy to listen on https, http, or both (current: "both")
--reset-foreman-proxy-httpboot-listen-on Reset httpboot_listen_on to the default value ("both")
--foreman-proxy-puppetca-certificate Token-whitelisting only: Certificate to use when encrypting tokens (undef to use SSL certificate) (current: UNDEF)
--reset-foreman-proxy-puppetca-certificate Reset puppetca_certificate to the default value (UNDEF)
--foreman-proxy-puppetca-provider Whether to use puppetca_hostname_whitelisting or puppetca_token_whitelisting (current: "puppetca_hostname_whitelisting")
--reset-foreman-proxy-puppetca-provider Reset puppetca_provider to the default value ("puppetca_hostname_whitelisting")
--foreman-proxy-puppetca-sign-all Token-whitelisting only: Whether to sign all CSRs without checking their token (current: false)
--reset-foreman-proxy-puppetca-sign-all Reset puppetca_sign_all to the default value (false)
--foreman-proxy-puppetca-token-ttl Token-whitelisting only: Fallback time (in minutes) after which tokens will expire (current: 360)
--reset-foreman-proxy-puppetca-token-ttl Reset puppetca_token_ttl to the default value (360)
= Module foreman_proxy_content:
== Basic:
--foreman-proxy-content-enable-ansible Enable the Ansible content feature. This allows syncing, managing, and serving Ansible content. (current: true)
--reset-foreman-proxy-content-enable-ansible Reset enable_ansible to the default value (true)
--foreman-proxy-content-enable-deb Enable the Debian content feature. This allows syncing, managing, and serving Debian content. (current: false)
--reset-foreman-proxy-content-enable-deb Reset enable_deb to the default value (true)
--foreman-proxy-content-enable-docker Enable the container content feature. This allows syncing, managing, and serving container content. (current: true)
--reset-foreman-proxy-content-enable-docker Reset enable_docker to the default value (true)
--foreman-proxy-content-enable-file Enable the file content feature. This allows syncing, managing, and serving file content. (current: true)
--reset-foreman-proxy-content-enable-file Reset enable_file to the default value (true)
--foreman-proxy-content-enable-katello-agent Enable katello-agent for remote yum actions (current: false)
--reset-foreman-proxy-content-enable-katello-agent Reset enable_katello_agent to the default value (false)
--foreman-proxy-content-enable-ostree Enable the OSTree content feature. This allows syncing, managing, and serving OSTree content. This is not available on el7. (current: true)
--reset-foreman-proxy-content-enable-ostree Reset enable_ostree to the default value (false)
--foreman-proxy-content-enable-python Enable the Python content feature. This allows syncing, managing, and serving Python content. (current: false)
--reset-foreman-proxy-content-enable-python Reset enable_python to the default value (true)
--foreman-proxy-content-enable-yum Enable the RPM content feature. This allows syncing, managing and serving RPM content to be consumed by package managers like yum and dnf. (current: true)
--reset-foreman-proxy-content-enable-yum Reset enable_yum to the default value (true)
--foreman-proxy-content-pulpcore-mirror Deploy Pulp to be used as a mirror (current: false)
--reset-foreman-proxy-content-pulpcore-mirror Reset pulpcore_mirror to the default value (false)
== Advanced:
--foreman-proxy-content-pulpcore-allowed-content-checksums List of checksums to use for pulpcore content operations (current: ["md5", "sha1", "sha224", "sha256", "sha384", "sha512"])
--reset-foreman-proxy-content-pulpcore-allowed-content-checksums Reset pulpcore_allowed_content_checksums to the default value (["sha1", "sha224", "sha256", "sha384", "sha512"])
--foreman-proxy-content-pulpcore-api-service-worker-timeout Gunicorn worker timeout in seconds for the pulpcore-api.service (current: 90)
--reset-foreman-proxy-content-pulpcore-api-service-worker-timeout Reset pulpcore_api_service_worker_timeout to the default value (90)
--foreman-proxy-content-pulpcore-cache-enabled Enable Redis based content caching within the Pulp content app. (current: false)
--reset-foreman-proxy-content-pulpcore-cache-enabled Reset pulpcore_cache_enabled to the default value (false)
--foreman-proxy-content-pulpcore-cache-expires-ttl The number of seconds that content should be cached for.
Specify 'None' to never expire the cache. (current: UNDEF)
--reset-foreman-proxy-content-pulpcore-cache-expires-ttl Reset pulpcore_cache_expires_ttl to the default value (UNDEF)
--foreman-proxy-content-pulpcore-content-service-worker-timeout Gunicorn worker timeout in seconds for the pulpcore-content.service (current: 90)
--reset-foreman-proxy-content-pulpcore-content-service-worker-timeout Reset pulpcore_content_service_worker_timeout to the default value (90)
--foreman-proxy-content-pulpcore-django-secret-key Secret key used for cryptographic operations by Pulpcore's django runtime (current: UNDEF)
--reset-foreman-proxy-content-pulpcore-django-secret-key Reset pulpcore_django_secret_key to the default value (UNDEF)
--foreman-proxy-content-pulpcore-manage-postgresql Manage the Pulpcore PostgreSQL database. (current: true)
--reset-foreman-proxy-content-pulpcore-manage-postgresql Reset pulpcore_manage_postgresql to the default value (true)
--foreman-proxy-content-pulpcore-postgresql-db-name Name of the Pulpcore database in PostgreSQL. (current: "pulpcore")
--reset-foreman-proxy-content-pulpcore-postgresql-db-name Reset pulpcore_postgresql_db_name to the default value ("pulpcore")
--foreman-proxy-content-pulpcore-postgresql-host Host of the Pulpcore PostgreSQL database. Must be specified if external/unmanaged. (current: "localhost")
--reset-foreman-proxy-content-pulpcore-postgresql-host Reset pulpcore_postgresql_host to the default value ("localhost")
--foreman-proxy-content-pulpcore-postgresql-password Password of the Pulpcore PostgreSQL database. (current: "QYbxduGYrfiuEC9dzkkctgdAodhkGpPK")
--reset-foreman-proxy-content-pulpcore-postgresql-password Reset pulpcore_postgresql_password to the default value ("QYbxduGYrfiuEC9dzkkctgdAodhkGpPK")
--foreman-proxy-content-pulpcore-postgresql-port Port of the Pulpcore PostgreSQL database. (current: 5432)
--reset-foreman-proxy-content-pulpcore-postgresql-port Reset pulpcore_postgresql_port to the default value (5432)
--foreman-proxy-content-pulpcore-postgresql-ssl Enable SSL connection to the Pulpcore PostgreSQL database. Only meaningful for external/unmanaged DB. (current: false)
--reset-foreman-proxy-content-pulpcore-postgresql-ssl Reset pulpcore_postgresql_ssl to the default value (false)
--foreman-proxy-content-pulpcore-postgresql-ssl-cert Path to SSL certificate to use for Pulpcore connection to PostgreSQL database. (current: "/etc/pki/katello/certs/pulpcore-database.crt")
--reset-foreman-proxy-content-pulpcore-postgresql-ssl-cert Reset pulpcore_postgresql_ssl_cert to the default value ("/etc/pki/katello/certs/pulpcore-database.crt")
--foreman-proxy-content-pulpcore-postgresql-ssl-key Path to key file to use for Pulpcore connection to PostgreSQL database. (current: "/etc/pki/katello/private/pulpcore-database.key")
--reset-foreman-proxy-content-pulpcore-postgresql-ssl-key Reset pulpcore_postgresql_ssl_key to the default value ("/etc/pki/katello/private/pulpcore-database.key")
--foreman-proxy-content-pulpcore-postgresql-ssl-require Configure Pulpcore to require an encrypted connection to the PostgreSQL database. (current: true)
--reset-foreman-proxy-content-pulpcore-postgresql-ssl-require Reset pulpcore_postgresql_ssl_require to the default value (true)
--foreman-proxy-content-pulpcore-postgresql-ssl-root-ca Path to the root certificate authority to validate the certificate supplied by the PostgreSQL database server. (current: "/etc/pki/tls/certs/ca-bundle.crt")
--reset-foreman-proxy-content-pulpcore-postgresql-ssl-root-ca Reset pulpcore_postgresql_ssl_root_ca to the default value ("/etc/pki/tls/certs/ca-bundle.crt")
--foreman-proxy-content-pulpcore-postgresql-user User of the Pulpcore PostgreSQL database. (current: "pulp")
--reset-foreman-proxy-content-pulpcore-postgresql-user Reset pulpcore_postgresql_user to the default value ("pulp")
--foreman-proxy-content-pulpcore-use-rq-tasking-system Use the older RQ workers tasking system instead of the newer PostgreSQL tasking system introduced in Pulpcore 3.14.
Any benchmarking you did to optimize worker_count or other tasking related parameters will no longer be accurate after
changing the tasking system. Do not modify this setting unless you understand the implications for performance and stability. (current: false)
--reset-foreman-proxy-content-pulpcore-use-rq-tasking-system Reset pulpcore_use_rq_tasking_system to the default value (false)
--foreman-proxy-content-pulpcore-worker-count Number of pulpcore workers. Defaults to 8 or the number of CPU cores, whichever is smaller.
Enabling more than 8 workers, even with additional CPU cores available, likely results in performance
degradation due to I/O blocking and is not recommended in most cases. Modifying this parameter should be done
incrementally with benchmarking at each step to determine an optimal value for your deployment. (current: 8)
--reset-foreman-proxy-content-pulpcore-worker-count Reset pulpcore_worker_count to the default value (8)
--foreman-proxy-content-puppet Enable puppet (current: false)
--reset-foreman-proxy-content-puppet Reset puppet to the default value (true)
--foreman-proxy-content-qpid-router-agent-addr Listener address for goferd agents (current: UNDEF)
--reset-foreman-proxy-content-qpid-router-agent-addr Reset qpid_router_agent_addr to the default value (UNDEF)
--foreman-proxy-content-qpid-router-agent-port Listener port for goferd agents (current: 5647)
--reset-foreman-proxy-content-qpid-router-agent-port Reset qpid_router_agent_port to the default value (5647)
--foreman-proxy-content-qpid-router-broker-addr Address of qpidd broker to connect to (current: "localhost")
--reset-foreman-proxy-content-qpid-router-broker-addr Reset qpid_router_broker_addr to the default value ("localhost")
--foreman-proxy-content-qpid-router-broker-port Port of qpidd broker to connect to (current: 5671)
--reset-foreman-proxy-content-qpid-router-broker-port Reset qpid_router_broker_port to the default value (5671)
--foreman-proxy-content-qpid-router-hub-addr Address for dispatch router hub (current: UNDEF)
--reset-foreman-proxy-content-qpid-router-hub-addr Reset qpid_router_hub_addr to the default value (UNDEF)
--foreman-proxy-content-qpid-router-hub-port Port for dispatch router hub (current: 5646)
--reset-foreman-proxy-content-qpid-router-hub-port Reset qpid_router_hub_port to the default value (5646)
--foreman-proxy-content-qpid-router-logging Whether to log to file or syslog. (current: "syslog")
--reset-foreman-proxy-content-qpid-router-logging Reset qpid_router_logging to the default value ("syslog")
--foreman-proxy-content-qpid-router-logging-level Logging level of dispatch router (e.g. info+ or debug+) (current: "info+")
--reset-foreman-proxy-content-qpid-router-logging-level Reset qpid_router_logging_level to the default value ("info+")
--foreman-proxy-content-qpid-router-logging-path Directory for dispatch router logs, if using file logging (current: "/var/log/qdrouterd")
--reset-foreman-proxy-content-qpid-router-logging-path Reset qpid_router_logging_path to the default value ("/var/log/qdrouterd")
--foreman-proxy-content-qpid-router-ssl-ciphers SSL Ciphers to support in dispatch router (current: "ALL:!aNULL:+HIGH:-SSLv3:!IDEA-CBC-SHA")
--reset-foreman-proxy-content-qpid-router-ssl-ciphers Reset qpid_router_ssl_ciphers to the default value ("ALL:!aNULL:+HIGH:-SSLv3:!IDEA-CBC-SHA")
--foreman-proxy-content-qpid-router-ssl-protocols Protocols to support in dispatch router (e.g. TLSv1.2, etc) (current: UNDEF)
--reset-foreman-proxy-content-qpid-router-ssl-protocols Reset qpid_router_ssl_protocols to the default value (UNDEF)
--foreman-proxy-content-reverse-proxy Add reverse proxy to the parent (current: false)
--reset-foreman-proxy-content-reverse-proxy Reset reverse_proxy to the default value (false)
--foreman-proxy-content-reverse-proxy-port Reverse proxy listening port (current: 8443)
--reset-foreman-proxy-content-reverse-proxy-port Reset reverse_proxy_port to the default value (8443)
= Module foreman_proxy_plugin_ansible:
--foreman-proxy-plugin-ansible-ansible-dir Ansible directory to search for available roles (current: "/usr/share/foreman-proxy")
--reset-foreman-proxy-plugin-ansible-ansible-dir Reset ansible_dir to the default value ("/usr/share/foreman-proxy")
--foreman-proxy-plugin-ansible-callback The callback plugin to configure in ansible.cfg (current: "redhat.satellite.foreman")
--reset-foreman-proxy-plugin-ansible-callback Reset callback to the default value ("theforeman.foreman.foreman")
--foreman-proxy-plugin-ansible-collections-paths Paths where to look for ansible collections (current: ["/etc/ansible/collections", "/usr/share/ansible/collections"])
--reset-foreman-proxy-plugin-ansible-collections-paths Reset collections_paths to the default value (["/etc/ansible/collections", "/usr/share/ansible/collections"])
--foreman-proxy-plugin-ansible-enabled Enables/disables the ansible plugin (current: true)
--reset-foreman-proxy-plugin-ansible-enabled Reset enabled to the default value (true)
--foreman-proxy-plugin-ansible-host-key-checking Whether to ignore errors when a host is reinstalled
so it has a different key in ~/.ssh/known_hosts
If a host is not initially in 'known_hosts' setting
this to True will result in prompting for confirmation
of the key, which is not possible from non-interactive
environments like Foreman Remote Execution or cron (current: false)
--reset-foreman-proxy-plugin-ansible-host-key-checking Reset host_key_checking to the default value (false)
--foreman-proxy-plugin-ansible-install-runner If true, installs ansible-runner package to support running ansible by ansible-runner (current: true)
--reset-foreman-proxy-plugin-ansible-install-runner Reset install_runner to the default value (true)
--foreman-proxy-plugin-ansible-listen-on Proxy feature listens on https, http, or both (current: "https")
--reset-foreman-proxy-plugin-ansible-listen-on Reset listen_on to the default value ("https")
--foreman-proxy-plugin-ansible-manage-runner-repo If true, adds upstream repositories to install ansible-runner package from (current: true)
--reset-foreman-proxy-plugin-ansible-manage-runner-repo Reset manage_runner_repo to the default value (true)
--foreman-proxy-plugin-ansible-report-type Set to "foreman" for no changes. If set to "proxy",
the Reports plugin for proxy must be enabled in order
to actually make use of the new format of reports (current: "foreman")
--reset-foreman-proxy-plugin-ansible-report-type Reset report_type to the default value ("foreman")
--foreman-proxy-plugin-ansible-roles-path Paths where we look for ansible roles. (current: ["/etc/ansible/roles", "/usr/share/ansible/roles"])
--reset-foreman-proxy-plugin-ansible-roles-path Reset roles_path to the default value (["/etc/ansible/roles", "/usr/share/ansible/roles"])
--foreman-proxy-plugin-ansible-runner-package-name The name of the ansible-runner package to install (current: "ansible-runner")
--reset-foreman-proxy-plugin-ansible-runner-package-name Reset runner_package_name to the default value ("ansible-runner")
--foreman-proxy-plugin-ansible-ssh-args The ssh_args parameter in ansible.cfg under [ssh_connection] (current: "-o ProxyCommand=none -C -o ControlMaster=auto -o ControlPersist=60s")
--reset-foreman-proxy-plugin-ansible-ssh-args Reset ssh_args to the default value ("-o ProxyCommand=none -C -o ControlMaster=auto -o ControlPersist=60s")
--foreman-proxy-plugin-ansible-stdout-callback Ansible's stdout_callback setting (current: "yaml")
--reset-foreman-proxy-plugin-ansible-stdout-callback Reset stdout_callback to the default value ("yaml")
--foreman-proxy-plugin-ansible-working-dir A directory where the playbooks will be generated.
A tmp directory will be created when left blank (current: "/tmp")
--reset-foreman-proxy-plugin-ansible-working-dir Reset working_dir to the default value ("/tmp")
= Module foreman_proxy_plugin_dhcp_infoblox:
--foreman-proxy-plugin-dhcp-infoblox-dns-view The DNS view to use (current: "default")
--reset-foreman-proxy-plugin-dhcp-infoblox-dns-view Reset dns_view to the default value ("default")
--foreman-proxy-plugin-dhcp-infoblox-network-view The network view to use (current: "default")
--reset-foreman-proxy-plugin-dhcp-infoblox-network-view Reset network_view to the default value ("default")
--foreman-proxy-plugin-dhcp-infoblox-password The password of the Infoblox user (current: UNDEF)
--reset-foreman-proxy-plugin-dhcp-infoblox-password Reset password to the default value (UNDEF)
--foreman-proxy-plugin-dhcp-infoblox-record-type Record type to manage (current: "fixedaddress")
--reset-foreman-proxy-plugin-dhcp-infoblox-record-type Reset record_type to the default value ("fixedaddress")
--foreman-proxy-plugin-dhcp-infoblox-username The username of the Infoblox user (current: UNDEF)
--reset-foreman-proxy-plugin-dhcp-infoblox-username Reset username to the default value (UNDEF)
= Module foreman_proxy_plugin_dhcp_remote_isc:
--foreman-proxy-plugin-dhcp-remote-isc-dhcp-config DHCP config file path (current: "/etc/dhcp/dhcpd.conf")
--reset-foreman-proxy-plugin-dhcp-remote-isc-dhcp-config Reset dhcp_config to the default value ("/etc/dhcp/dhcpd.conf")
--foreman-proxy-plugin-dhcp-remote-isc-dhcp-leases DHCP leases file (current: "/var/lib/dhcpd/dhcpd.leases")
--reset-foreman-proxy-plugin-dhcp-remote-isc-dhcp-leases Reset dhcp_leases to the default value ("/var/lib/dhcpd/dhcpd.leases")
--foreman-proxy-plugin-dhcp-remote-isc-key-name DHCP key name (current: UNDEF)
--reset-foreman-proxy-plugin-dhcp-remote-isc-key-name Reset key_name to the default value (UNDEF)
--foreman-proxy-plugin-dhcp-remote-isc-key-secret DHCP password (current: UNDEF)
--reset-foreman-proxy-plugin-dhcp-remote-isc-key-secret Reset key_secret to the default value (UNDEF)
--foreman-proxy-plugin-dhcp-remote-isc-omapi-port DHCP server OMAPI port (current: 7911)
--reset-foreman-proxy-plugin-dhcp-remote-isc-omapi-port Reset omapi_port to the default value (7911)
= Module foreman_proxy_plugin_discovery:
== Advanced:
--foreman-proxy-plugin-discovery-image-name tarball with images (current: "fdi-image-latest.tar")
--reset-foreman-proxy-plugin-discovery-image-name Reset image_name to the default value ("fdi-image-latest.tar")
--foreman-proxy-plugin-discovery-source-url source URL to download from (current: "http://downloads.theforeman.org/discovery/releases/latest/")
--reset-foreman-proxy-plugin-discovery-source-url Reset source_url to the default value ("http://downloads.theforeman.org/discovery/releases/latest/")
--foreman-proxy-plugin-discovery-tftp-root TFTP root directory where extracted discovery image will be installed (current: "/var/lib/tftpboot")
--reset-foreman-proxy-plugin-discovery-tftp-root Reset tftp_root to the default value ("/var/lib/tftpboot")
== Basic:
--foreman-proxy-plugin-discovery-install-images Download and extract the discovery image (current: false)
--reset-foreman-proxy-plugin-discovery-install-images Reset install_images to the default value (false)
= Module foreman_proxy_plugin_dns_infoblox:
--foreman-proxy-plugin-dns-infoblox-dns-server The address of the Infoblox server (current: UNDEF)
--reset-foreman-proxy-plugin-dns-infoblox-dns-server Reset dns_server to the default value (UNDEF)
--foreman-proxy-plugin-dns-infoblox-dns-view The Infoblox DNS View (current: "default")
--reset-foreman-proxy-plugin-dns-infoblox-dns-view Reset dns_view to the default value ("default")
--foreman-proxy-plugin-dns-infoblox-password The password of the Infoblox user (current: UNDEF)
--reset-foreman-proxy-plugin-dns-infoblox-password Reset password to the default value (UNDEF)
--foreman-proxy-plugin-dns-infoblox-username The username of the Infoblox user (current: UNDEF)
--reset-foreman-proxy-plugin-dns-infoblox-username Reset username to the default value (UNDEF)
= Module foreman_proxy_plugin_openscap:
== Basic:
--foreman-proxy-plugin-openscap-contentdir Directory where OpenSCAP content XML are stored
So we will not request the XML from Foreman each time (current: "/var/lib/foreman-proxy/openscap/content")
--reset-foreman-proxy-plugin-openscap-contentdir Reset contentdir to the default value ("/var/lib/foreman-proxy/openscap/content")
--foreman-proxy-plugin-openscap-corrupted-dir Directory where corrupted OpenSCAP report XML are stored (current: "/var/lib/foreman-proxy/openscap/corrupted")
--reset-foreman-proxy-plugin-openscap-corrupted-dir Reset corrupted_dir to the default value ("/var/lib/foreman-proxy/openscap/corrupted")
--foreman-proxy-plugin-openscap-failed-dir Directory where OpenSCAP report XML are stored
In case sending to Foreman succeeded, yet failed to save to reportsdir (current: "/var/lib/foreman-proxy/openscap/failed")
--reset-foreman-proxy-plugin-openscap-failed-dir Reset failed_dir to the default value ("/var/lib/foreman-proxy/openscap/failed")
--foreman-proxy-plugin-openscap-openscap-send-log-file Log file for the forwarding script (current: "/var/log/foreman-proxy/openscap-send.log")
--reset-foreman-proxy-plugin-openscap-openscap-send-log-file Reset openscap_send_log_file to the default value ("/var/log/foreman-proxy/openscap-send.log")
--foreman-proxy-plugin-openscap-proxy-name Proxy name to send to Foreman with parsed report
Foreman matches it against names of registered proxies to find the report source (current: UNDEF)
--reset-foreman-proxy-plugin-openscap-proxy-name Reset proxy_name to the default value (UNDEF)
--foreman-proxy-plugin-openscap-reportsdir Directory where OpenSCAP report XML are stored
So Foreman can request arf xml reports (current: "/var/lib/foreman-proxy/openscap/reports")
--reset-foreman-proxy-plugin-openscap-reportsdir Reset reportsdir to the default value ("/var/lib/foreman-proxy/openscap/reports")
--foreman-proxy-plugin-openscap-spooldir Directory where OpenSCAP audits are stored
before they are forwarded to Foreman (current: "/var/spool/foreman-proxy/openscap")
--reset-foreman-proxy-plugin-openscap-spooldir Reset spooldir to the default value ("/var/spool/foreman-proxy/openscap")
--foreman-proxy-plugin-openscap-timeout Timeout for sending ARF reports to foreman (current: 60)
--reset-foreman-proxy-plugin-openscap-timeout Reset timeout to the default value (60)
== Advanced:
--foreman-proxy-plugin-openscap-enabled enables/disables the openscap plugin (current: true)
--reset-foreman-proxy-plugin-openscap-enabled Reset enabled to the default value (true)
--foreman-proxy-plugin-openscap-listen-on Proxy feature listens on http, https, or both (current: "https")
--reset-foreman-proxy-plugin-openscap-listen-on Reset listen_on to the default value ("https")
--foreman-proxy-plugin-openscap-version plugin package version, it's passed to ensure parameter of package resource
can be set to specific version number, 'latest', 'present' etc. (current: UNDEF)
--reset-foreman-proxy-plugin-openscap-version Reset version to the default value (UNDEF)
= Module foreman_proxy_plugin_remote_execution_ssh:
== Advanced:
--foreman-proxy-plugin-remote-execution-ssh-async-ssh Whether to run remote execution jobs asynchronously. (current: false)
--reset-foreman-proxy-plugin-remote-execution-ssh-async-ssh Reset async_ssh to the default value (false)
--foreman-proxy-plugin-remote-execution-ssh-enabled Enables/disables the plugin (current: true)
--reset-foreman-proxy-plugin-remote-execution-ssh-enabled Reset enabled to the default value (true)
--foreman-proxy-plugin-remote-execution-ssh-listen-on Proxy feature listens on https, http, or both (current: "https")
--reset-foreman-proxy-plugin-remote-execution-ssh-listen-on Reset listen_on to the default value ("https")
== Basic:
--foreman-proxy-plugin-remote-execution-ssh-generate-keys Automatically generate SSH keys (current: true)
--reset-foreman-proxy-plugin-remote-execution-ssh-generate-keys Reset generate_keys to the default value (true)
--foreman-proxy-plugin-remote-execution-ssh-install-key Automatically install generated SSH key to root authorized keys
which allows managing this host through Remote Execution (current: false)
--reset-foreman-proxy-plugin-remote-execution-ssh-install-key Reset install_key to the default value (false)
--foreman-proxy-plugin-remote-execution-ssh-local-working-dir Local working directory on the smart proxy (current: "/var/tmp")
--reset-foreman-proxy-plugin-remote-execution-ssh-local-working-dir Reset local_working_dir to the default value ("/var/tmp")
--foreman-proxy-plugin-remote-execution-ssh-remote-working-dir Remote working directory on clients (current: "/var/tmp")
--reset-foreman-proxy-plugin-remote-execution-ssh-remote-working-dir Reset remote_working_dir to the default value ("/var/tmp")
--foreman-proxy-plugin-remote-execution-ssh-ssh-identity-dir Directory where SSH keys are stored (current: "/var/lib/foreman-proxy/ssh")
--reset-foreman-proxy-plugin-remote-execution-ssh-ssh-identity-dir Reset ssh_identity_dir to the default value ("/var/lib/foreman-proxy/ssh")
--foreman-proxy-plugin-remote-execution-ssh-ssh-identity-file Provide an alternative name for the SSH keys (current: "id_rsa_foreman_proxy")
--reset-foreman-proxy-plugin-remote-execution-ssh-ssh-identity-file Reset ssh_identity_file to the default value ("id_rsa_foreman_proxy")
--foreman-proxy-plugin-remote-execution-ssh-ssh-kerberos-auth Enable kerberos authentication for SSH (current: false)
--reset-foreman-proxy-plugin-remote-execution-ssh-ssh-kerberos-auth Reset ssh_kerberos_auth to the default value (false)
--foreman-proxy-plugin-remote-execution-ssh-ssh-keygen Location of the ssh-keygen binary (current: "/usr/bin/ssh-keygen")
--reset-foreman-proxy-plugin-remote-execution-ssh-ssh-keygen Reset ssh_keygen to the default value ("/usr/bin/ssh-keygen")
= Module foreman_proxy_plugin_reports:
== Advanced:
--foreman-proxy-plugin-reports-enabled enables/disables the reports plugin (current: true)
--reset-foreman-proxy-plugin-reports-enabled Reset enabled to the default value (true)
--foreman-proxy-plugin-reports-listen-on proxy feature listens on http, https, or both (current: "https")
--reset-foreman-proxy-plugin-reports-listen-on Reset listen_on to the default value ("https")
--foreman-proxy-plugin-reports-proxy-name Proxy hostname to appear in reports JSON (current: UNDEF)
--reset-foreman-proxy-plugin-reports-proxy-name Reset proxy_name to the default value (UNDEF)
--foreman-proxy-plugin-reports-spool-dir Spool directory with processed reports (current: "/var/lib/foreman-proxy/reports")
--reset-foreman-proxy-plugin-reports-spool-dir Reset spool_dir to the default value ("/var/lib/foreman-proxy/reports")
--foreman-proxy-plugin-reports-version plugin package version, it's passed to ensure parameter of package resource
can be set to specific version number, 'latest', 'present' etc. (current: UNDEF)
--reset-foreman-proxy-plugin-reports-version Reset version to the default value (UNDEF)
== Basic:
--foreman-proxy-plugin-reports-keep-reports Keep sent reports in spool_dir directory
when enabled, move files from the place on
a regular basis (e.g. via cronjob). (current: false)
--reset-foreman-proxy-plugin-reports-keep-reports Reset keep_reports to the default value (false)
= Module foreman_proxy_plugin_shellhooks:
== Basic:
--foreman-proxy-plugin-shellhooks-directory Absolute path to directory with executables (current: "/var/lib/foreman-proxy/shellhooks")
--reset-foreman-proxy-plugin-shellhooks-directory Reset directory to the default value ("/var/lib/foreman-proxy/shellhooks")
== Advanced:
--foreman-proxy-plugin-shellhooks-enabled enables/disables the shellhooks plugin (current: true)
--reset-foreman-proxy-plugin-shellhooks-enabled Reset enabled to the default value (true)
--foreman-proxy-plugin-shellhooks-listen-on proxy feature listens on http, https, or both (current: "https")
--reset-foreman-proxy-plugin-shellhooks-listen-on Reset listen_on to the default value ("https")
--foreman-proxy-plugin-shellhooks-version plugin package version, it's passed to ensure parameter of package resource
can be set to specific version number, 'latest', 'present' etc. (current: UNDEF)
--reset-foreman-proxy-plugin-shellhooks-version Reset version to the default value (UNDEF)
= Module katello:
--katello-candlepin-db-host Host with Candlepin DB (current: "localhost")
--reset-katello-candlepin-db-host Reset candlepin_db_host to the default value ("localhost")
--katello-candlepin-db-name Name of the Candlepin DB (current: "candlepin")
--reset-katello-candlepin-db-name Reset candlepin_db_name to the default value ("candlepin")
--katello-candlepin-db-password Candlepin DB password (current: UNDEF)
--reset-katello-candlepin-db-password Reset candlepin_db_password to the default value (UNDEF)
--katello-candlepin-db-port Port accepting connections to Candlepin DB (current: UNDEF)
--reset-katello-candlepin-db-port Reset candlepin_db_port to the default value (UNDEF)
--katello-candlepin-db-ssl Boolean indicating if the connection to the database should be over
an SSL connection. Requires DB host's CA Cert in the system trust (current: false)
--reset-katello-candlepin-db-ssl Reset candlepin_db_ssl to the default value (false)
--katello-candlepin-db-ssl-verify Boolean indicating if the SSL connection to the database should be verified (current: true)
--reset-katello-candlepin-db-ssl-verify Reset candlepin_db_ssl_verify to the default value (true)
--katello-candlepin-db-user Candlepin DB user (current: "candlepin")
--reset-katello-candlepin-db-user Reset candlepin_db_user to the default value ("candlepin")
--katello-candlepin-manage-db Boolean indicating whether a database should be installed, this includes db creation and user (current: true)
--reset-katello-candlepin-manage-db Reset candlepin_manage_db to the default value (true)
--katello-candlepin-oauth-key The OAuth key for talking to the candlepin API (current: UNDEF)
--reset-katello-candlepin-oauth-key Reset candlepin_oauth_key to the default value (UNDEF)
--katello-candlepin-oauth-secret The OAuth secret for talking to the candlepin API (current: UNDEF)
--reset-katello-candlepin-oauth-secret Reset candlepin_oauth_secret to the default value (UNDEF)
--katello-hosts-queue-workers Configures the number of workers handling the hosts_queue queue. (current: 1)
--reset-katello-hosts-queue-workers Reset hosts_queue_workers to the default value (1)
--katello-qpid-hostname Hostname used to connect to qpidd. (current: "localhost")
--reset-katello-qpid-hostname Reset qpid_hostname to the default value ("localhost")
--katello-qpid-interface The interface qpidd listens to. (current: "lo")
--reset-katello-qpid-interface Reset qpid_interface to the default value ("lo")
--katello-qpid-wcache-page-size The size (in KB) of the pages in the write page cache (current: 4)
--reset-katello-qpid-wcache-page-size Reset qpid_wcache_page_size to the default value (4)
--katello-rest-client-timeout Timeout for Katello rest API (current: 3600)
--reset-katello-rest-client-timeout Reset rest_client_timeout to the default value (3600)
= Module puppet:
== Advanced puppet:
--puppet-additional-settings A hash of additional main settings. (current: {})
--reset-puppet-additional-settings Reset additional_settings to the default value ({})
--puppet-auth-template Use a custom template for /etc/puppetlabs/puppet/auth.conf (current: "puppet/auth.conf.erb")
--reset-puppet-auth-template Reset auth_template to the default value ("puppet/auth.conf.erb")
--puppet-autosign If set to a boolean, autosign is enabled or disabled
for all incoming requests. Otherwise this has to be
set to the full file path of an autosign.conf file or
an autosign script. If this is set to a script, make
sure that script considers the content of autosign.conf
as otherwise Foreman functionality might be broken. (current: "/etc/puppetlabs/puppet/autosign.conf")
--reset-puppet-autosign Reset autosign to the default value ("/etc/puppetlabs/puppet/autosign.conf")
--puppet-autosign-content If set, write the autosign file content
using the value of this parameter.
Cannot be used at the same time as autosign_entries
For example, could be a string, or
file('another_module/autosign.sh') or
template('another_module/autosign.sh.erb') (current: UNDEF)
--reset-puppet-autosign-content Reset autosign_content to the default value (UNDEF)
--puppet-autosign-entries A list of certnames or domain name globs
whose certificate requests will automatically be signed.
Defaults to an empty Array. (current: [])
--reset-puppet-autosign-entries Reset autosign_entries to the default value ([])
--puppet-autosign-mode mode of the autosign file/script (current: "0664")
--reset-puppet-autosign-mode Reset autosign_mode to the default value ("0664")
--puppet-autosign-source If set, use this as the source for the autosign file,
instead of autosign_content. (current: UNDEF)
--reset-puppet-autosign-source Reset autosign_source to the default value (UNDEF)
--puppet-ca-crl-filepath Path to CA CRL file, dynamically resolves based on
$::server_ca status. (current: UNDEF)
--reset-puppet-ca-crl-filepath Reset ca_crl_filepath to the default value (UNDEF)
--puppet-ca-port Puppet CA port (current: UNDEF)
--reset-puppet-ca-port Reset ca_port to the default value (UNDEF)
--puppet-classfile The file in which puppet agent stores a list
of the classes associated with the retrieved
configuration. (current: "$statedir/classes.txt")
--reset-puppet-classfile Reset classfile to the default value ("$statedir/classes.txt")
--puppet-codedir Override the puppet code directory. (current: "/etc/puppetlabs/code")
--reset-puppet-codedir Reset codedir to the default value ("/etc/puppetlabs/code")
--puppet-cron-cmd Specify command to launch when runmode is
set 'cron'. (current: UNDEF)
--reset-puppet-cron-cmd Reset cron_cmd to the default value (UNDEF)
--puppet-dir Override the puppet directory. (current: "/etc/puppetlabs/puppet")
--reset-puppet-dir Reset dir to the default value ("/etc/puppetlabs/puppet")
--puppet-dns-alt-names Use additional DNS names when generating a
certificate. Defaults to an empty Array. (current: [])
--reset-puppet-dns-alt-names Reset dns_alt_names to the default value ([])
--puppet-group Override the name of the puppet group. (current: "puppet")
--reset-puppet-group Reset group to the default value ("puppet")
--puppet-hiera-config The hiera configuration file. (current: "$confdir/hiera.yaml")
--reset-puppet-hiera-config Reset hiera_config to the default value ("$confdir/hiera.yaml")
--puppet-http-connect-timeout The maximum amount of time an agent waits
when establishing an HTTP connection. (current: UNDEF)
--reset-puppet-http-connect-timeout Reset http_connect_timeout to the default value (UNDEF)
--puppet-http-read-timeout The time an agent waits for one block to be
read from an HTTP connection. If nothing is
read after the elapsed interval then the
connection will be closed. (current: UNDEF)
--reset-puppet-http-read-timeout Reset http_read_timeout to the default value (UNDEF)
--puppet-logdir Override the log directory. (current: "/var/log/puppetlabs/puppet")
--reset-puppet-logdir Reset logdir to the default value ("/var/log/puppetlabs/puppet")
--puppet-manage-packages Should this module install packages or not.
Can also install only server packages with value
of 'server' or only agent packages with 'agent'. (current: true)
--reset-puppet-manage-packages Reset manage_packages to the default value (true)
--puppet-module-repository Use a different puppet module repository (current: UNDEF)
--reset-puppet-module-repository Reset module_repository to the default value (UNDEF)
--puppet-package-install-options Flags that should be passed to the package manager
during installation. Defaults to undef. May be
a string or a hash, see Puppet Package resource
documentation for the provider matching your package manager (current: UNDEF)
--reset-puppet-package-install-options Reset package_install_options to the default value (UNDEF)
--puppet-package-provider The provider used to install the agent.
Defaults to chocolatey on Windows
Defaults to undef elsewhere (current: UNDEF)
--reset-puppet-package-provider Reset package_provider to the default value (UNDEF)
--puppet-package-source The location of the file to be used by the
agent's package resource.
Defaults to undef. If 'windows' or 'msi' are
used as the provider then this setting is
required. (current: UNDEF)
--reset-puppet-package-source Reset package_source to the default value (UNDEF)
--puppet-pluginfactsource URL to retrieve Puppet facts from during pluginsync (current: "puppet:///pluginfacts")
--reset-puppet-pluginfactsource Reset pluginfactsource to the default value ("puppet:///pluginfacts")
--puppet-pluginsource URL to retrieve Puppet plugins from during pluginsync (current: "puppet:///plugins")
--reset-puppet-pluginsource Reset pluginsource to the default value ("puppet:///plugins")
--puppet-pluginsync Enable pluginsync. (current: true)
--reset-puppet-pluginsync Reset pluginsync to the default value (true)
--puppet-port Override the port of the master we connect to. (current: 8140)
--reset-puppet-port Reset port to the default value (8140)
--puppet-run-hour The hour at which to run the puppet agent
when runmode is cron or systemd.timer. (current: UNDEF)
--reset-puppet-run-hour Reset run_hour to the default value (UNDEF)
--puppet-run-minute The minute at which to run the puppet agent
when runmode is cron or systemd.timer. (current: UNDEF)
--reset-puppet-run-minute Reset run_minute to the default value (UNDEF)
--puppet-rundir Override the PID directory. (current: "/var/run/puppetlabs")
--reset-puppet-rundir Reset rundir to the default value ("/var/run/puppetlabs")
--puppet-runinterval Set up the interval (in seconds) to run
the puppet agent. (current: 1800)
--reset-puppet-runinterval Reset runinterval to the default value (1800)
--puppet-runmode Select the mode to setup the puppet agent. (current: "service")
--reset-puppet-runmode Reset runmode to the default value ("service")
--puppet-sharedir Override the system data directory. (current: "/opt/puppetlabs/puppet")
--reset-puppet-sharedir Reset sharedir to the default value ("/opt/puppetlabs/puppet")
--puppet-splay Switch to enable a random amount of time
to sleep before each run. (current: false)
--reset-puppet-splay Reset splay to the default value (false)
--puppet-splaylimit The maximum time to delay before runs.
Defaults to being the same as the run interval.
This setting can be a time interval in seconds
(30 or 30s), minutes (30m), hours (6h), days (2d),
or years (5y). (current: 1800)
--reset-puppet-splaylimit Reset splaylimit to the default value (1800)
--puppet-srv-domain Search domain for SRV records (current: "lab.eng.rdu2.redhat.com")
--reset-puppet-srv-domain Reset srv_domain to the default value ("lab.eng.rdu2.redhat.com")
--puppet-ssldir Override where SSL certificates are kept. (current: "/etc/puppetlabs/puppet/ssl")
--reset-puppet-ssldir Reset ssldir to the default value ("/etc/puppetlabs/puppet/ssl")
--puppet-syslogfacility Facility name to use when logging to syslog (current: UNDEF)
--reset-puppet-syslogfacility Reset syslogfacility to the default value (UNDEF)
--puppet-systemd-cmd Specify command to launch when runmode is
set 'systemd.timer'. (current: UNDEF)
--reset-puppet-systemd-cmd Reset systemd_cmd to the default value (UNDEF)
--puppet-systemd-randomizeddelaysec Adds a random delay between 0 and this value
(in seconds) to the timer. Only relevant when
runmode is 'systemd.timer'. (current: 0)
--reset-puppet-systemd-randomizeddelaysec Reset systemd_randomizeddelaysec to the default value (0)
--puppet-unavailable-runmodes Runmodes that are not available for the
current system. This module will not try
to disable these modes. Default is []
on Linux, ['cron', 'systemd.timer'] on
Windows and ['systemd.timer'] on other
systems. (current: [])
--reset-puppet-unavailable-runmodes Reset unavailable_runmodes to the default value ([])
--puppet-use-srv-records Whether DNS SRV records will be used to resolve
the Puppet master (current: false)
--reset-puppet-use-srv-records Reset use_srv_records to the default value (false)
--puppet-usecacheonfailure Switch to enable use of cached catalog on
failure of run. (current: true)
--reset-puppet-usecacheonfailure Reset usecacheonfailure to the default value (true)
--puppet-user Override the name of the puppet user. (current: "puppet")
--reset-puppet-user Reset user to the default value ("puppet")
--puppet-vardir Override the puppet var directory. (current: "/opt/puppetlabs/puppet/cache")
--reset-puppet-vardir Reset vardir to the default value ("/opt/puppetlabs/puppet/cache")
--puppet-version Specify a specific version of a package to
install. The version should be the exact
match for your distro.
You can also use certain values like 'latest'.
Note that when you specify exact versions you
should also override $server_version since
that defaults to $version. (current: "present")
--reset-puppet-version Reset version to the default value ("present")
== puppet::agent:
--puppet-agent Should a puppet agent be installed (current: true)
--reset-puppet-agent Reset agent to the default value (true)
--puppet-agent-additional-settings A hash of additional agent settings.
Example: {stringify_facts => true} (current: {})
--reset-puppet-agent-additional-settings Reset agent_additional_settings to the default value ({})
--puppet-agent-noop Run the agent in noop mode. (current: false)
--reset-puppet-agent-noop Reset agent_noop to the default value (false)
--puppet-client-certname The node's certificate name, and the unique
identifier it uses when requesting catalogs. (current: "sat-r220-07.lab.eng.rdu2.redhat.com")
--reset-puppet-client-certname Reset client_certname to the default value ("sat-r220-07.lab.eng.rdu2.redhat.com")
--puppet-environment Default environment of the Puppet agent (current: "production")
--reset-puppet-environment Reset environment to the default value ("production")
--puppet-postrun-command A command which gets excuted after each Puppet run (current: UNDEF)
--reset-puppet-postrun-command Reset postrun_command to the default value (UNDEF)
--puppet-prerun-command A command which gets excuted before each Puppet run (current: UNDEF)
--reset-puppet-prerun-command Reset prerun_command to the default value (UNDEF)
--puppet-puppetmaster Hostname of your puppetmaster (server
directive in puppet.conf) (current: UNDEF)
--reset-puppet-puppetmaster Reset puppetmaster to the default value (UNDEF)
--puppet-report Send reports to the Puppet Master (current: true)
--reset-puppet-report Reset report to the default value (true)
== advanced agent:
--puppet-agent-restart-command The command which gets excuted on puppet service restart (current: "/usr/bin/systemctl reload-or-restart puppet")
--reset-puppet-agent-restart-command Reset agent_restart_command to the default value ("/usr/bin/systemctl reload-or-restart puppet")
--puppet-client-package Install a custom package to provide
the puppet client (current: ["puppet-agent"])
--reset-puppet-client-package Reset client_package to the default value (["puppet-agent"])
--puppet-dir-group Group of the base puppet directory, used when
puppet::server is false. (current: UNDEF)
--reset-puppet-dir-group Reset dir_group to the default value (UNDEF)
--puppet-dir-owner Owner of the base puppet directory, used when
puppet::server is false. (current: "root")
--reset-puppet-dir-owner Reset dir_owner to the default value ("root")
--puppet-remove-lock Remove the agent lock when running. (current: true)
--reset-puppet-remove-lock Reset remove_lock to the default value (true)
--puppet-service-name The name of the puppet agent service. (current: "puppet")
--reset-puppet-service-name Reset service_name to the default value ("puppet")
--puppet-systemd-unit-name The name of the puppet systemd units. (current: "puppet-run")
--reset-puppet-systemd-unit-name Reset systemd_unit_name to the default value ("puppet-run")
== Advanced server:
--puppet-allow-any-crl-auth Allow any authentication for the CRL. This
is needed on the puppet CA to accept clients
from a the puppet CA proxy. (current: false)
--reset-puppet-allow-any-crl-auth Reset allow_any_crl_auth to the default value (false)
--puppet-auth-allowed An array of authenticated nodes allowed to
access all catalog and node endpoints.
default to ['$1'] (current: ["$1"])
--reset-puppet-auth-allowed Reset auth_allowed to the default value (["$1"])
--puppet-server-acceptor-threads This sets the number of threads that the webserver will dedicate to accepting
socket connections for unencrypted HTTP traffic. If not provided, the webserver
defaults to the number of virtual cores on the host divided by 8, with a minimum
of 1 and maximum of 4. (current: UNDEF)
--reset-puppet-server-acceptor-threads Reset server_acceptor_threads to the default value (UNDEF)
--puppet-server-additional-settings A hash of additional settings.
Example: {trusted_node_data => true, ordering => 'manifest'} (current: {})
--reset-puppet-server-additional-settings Reset server_additional_settings to the default value ({})
--puppet-server-admin-api-whitelist The whitelist of clients that
can query the puppet-admin-api endpoint
Defaults to [ '127.0.0.1', '::1', $::ipaddress ] (current: ["localhost", "sat-r220-07.lab.eng.rdu2.redhat.com"])
--reset-puppet-server-admin-api-whitelist Reset server_admin_api_whitelist to the default value (["localhost", "sat-r220-07.lab.eng.rdu2.redhat.com"])
--puppet-server-allow-header-cert-info Enable client authentication over HTTP Headers
Defaults to false, is also activated by the $server_http setting (current: false)
--reset-puppet-server-allow-header-cert-info Reset server_allow_header_cert_info to the default value (false)
--puppet-server-ca-allow-auth-extensions Allow CA to sign certificate requests that have authorization extensions
Defaults to false (current: false)
--reset-puppet-server-ca-allow-auth-extensions Reset server_ca_allow_auth_extensions to the default value (false)
--puppet-server-ca-allow-sans Allow CA to sign certificate requests that have Subject Alternative Names
Defaults to false (current: false)
--reset-puppet-server-ca-allow-sans Reset server_ca_allow_sans to the default value (false)
--puppet-server-ca-auth-required Whether client certificates are needed to access the puppet-admin api
Defaults to true (current: true)
--reset-puppet-server-ca-auth-required Reset server_ca_auth_required to the default value (true)
--puppet-server-ca-client-self-delete Adds a rule to auth.conf, that allows a client to delete its own certificate
Defaults to false (current: false)
--reset-puppet-server-ca-client-self-delete Reset server_ca_client_self_delete to the default value (false)
--puppet-server-ca-client-whitelist The whitelist of client certificates that
can query the certificate-status endpoint
Defaults to [ '127.0.0.1', '::1', $::ipaddress ] (current: ["localhost", "sat-r220-07.lab.eng.rdu2.redhat.com"])
--reset-puppet-server-ca-client-whitelist Reset server_ca_client_whitelist to the default value (["localhost", "sat-r220-07.lab.eng.rdu2.redhat.com"])
--puppet-server-ca-enable-infra-crl Enable the separate CRL for Puppet infrastructure nodes
Defaults to false (current: false)
--reset-puppet-server-ca-enable-infra-crl Reset server_ca_enable_infra_crl to the default value (false)
--puppet-server-check-for-updates Should the puppetserver phone home to check for available updates?
Defaults to true (current: true)
--reset-puppet-server-check-for-updates Reset server_check_for_updates to the default value (true)
--puppet-server-cipher-suites List of SSL ciphers to use in negotiation
Defaults to [ 'TLS_RSA_WITH_AES_256_CBC_SHA256', 'TLS_RSA_WITH_AES_256_CBC_SHA',
'TLS_RSA_WITH_AES_128_CBC_SHA256', 'TLS_RSA_WITH_AES_128_CBC_SHA', ] (current: ["TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"])
--reset-puppet-server-cipher-suites Reset server_cipher_suites to the default value (["TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"])
--puppet-server-compile-mode Used to control JRuby's "CompileMode", which may improve performance.
Defaults to undef (off). (current: UNDEF)
--reset-puppet-server-compile-mode Reset server_compile_mode to the default value (UNDEF)
--puppet-server-config-version How to determine the configuration version. When
using git_repo, by default a git describe
approach will be installed. (current: UNDEF)
--reset-puppet-server-config-version Reset server_config_version to the default value (UNDEF)
--puppet-server-connect-timeout How long the server will wait for a response to a connection attempt (current: 120000)
--reset-puppet-server-connect-timeout Reset server_connect_timeout to the default value (120000)
--puppet-server-custom-trusted-oid-mapping A hash of custom trusted oid mappings. Defaults to undef
Example: { 1.3.6.1.4.1.34380.1.2.1.1 => { shortname => 'myshortname' } } (current: UNDEF)
--reset-puppet-server-custom-trusted-oid-mapping Reset server_custom_trusted_oid_mapping to the default value (UNDEF)
--puppet-server-default-manifest Toggle if default_manifest setting should
be added to the [main] section (current: false)
--reset-puppet-server-default-manifest Reset server_default_manifest to the default value (false)
--puppet-server-default-manifest-content A string to set the content of the default_manifest
If set to '' it will not manage the file (current: "")
--reset-puppet-server-default-manifest-content Reset server_default_manifest_content to the default value ("")
--puppet-server-default-manifest-path A string setting the path to the default_manifest (current: "/etc/puppet/manifests/default_manifest.pp")
--reset-puppet-server-default-manifest-path Reset server_default_manifest_path to the default value ("/etc/puppet/manifests/default_manifest.pp")
--puppet-server-dir Puppet configuration directory (current: "/etc/puppetlabs/puppet")
--reset-puppet-server-dir Reset server_dir to the default value ("/etc/puppetlabs/puppet")
--puppet-server-environment-class-cache-enabled Enable environment class cache in conjunction with the use of the
environment_classes API.
Defaults to false (current: false)
--reset-puppet-server-environment-class-cache-enabled Reset server_environment_class_cache_enabled to the default value (false)
--puppet-server-environment-timeout Timeout for cached compiled catalogs (10s, 5m, ...) (current: UNDEF)
--reset-puppet-server-environment-timeout Reset server_environment_timeout to the default value (UNDEF)
--puppet-server-envs-dir Directory that holds puppet environments (current: "/etc/puppetlabs/code/environments")
--reset-puppet-server-envs-dir Reset server_envs_dir to the default value ("/etc/puppetlabs/code/environments")
--puppet-server-envs-target Indicates that $envs_dir should be
a symbolic link to this target (current: UNDEF)
--reset-puppet-server-envs-target Reset server_envs_target to the default value (UNDEF)
--puppet-server-foreman Should foreman integration be installed (current: true)
--reset-puppet-server-foreman Reset server_foreman to the default value (true)
--puppet-server-foreman-facts Should foreman receive facts from puppet (current: true)
--reset-puppet-server-foreman-facts Reset server_foreman_facts to the default value (true)
--puppet-server-foreman-ssl-ca SSL CA of the Foreman server (current: UNDEF)
--reset-puppet-server-foreman-ssl-ca Reset server_foreman_ssl_ca to the default value (UNDEF)
--puppet-server-foreman-ssl-cert Client certificate for authenticating against Foreman server (current: UNDEF)
--reset-puppet-server-foreman-ssl-cert Reset server_foreman_ssl_cert to the default value (UNDEF)
--puppet-server-foreman-ssl-key Key for authenticating against Foreman server (current: UNDEF)
--reset-puppet-server-foreman-ssl-key Reset server_foreman_ssl_key to the default value (UNDEF)
--puppet-server-foreman-url Foreman URL (current: "https://sat-r220-07.lab.eng.rdu2.redhat.com")
--reset-puppet-server-foreman-url Reset server_foreman_url to the default value ("https://sat-r220-07.lab.eng.rdu2.redhat.com")
--puppet-server-group Name of the puppetmaster group. (current: "puppet")
--reset-puppet-server-group Reset server_group to the default value ("puppet")
--puppet-server-http Should the puppet master listen on HTTP as well as HTTPS.
Useful for load balancer or reverse proxy scenarios. (current: false)
--reset-puppet-server-http Reset server_http to the default value (false)
--puppet-server-http-port Puppet master HTTP port; defaults to 8139. (current: 8139)
--reset-puppet-server-http-port Reset server_http_port to the default value (8139)
--puppet-server-idle-timeout How long the server will wait for a response on an existing connection (current: 1200000)
--reset-puppet-server-idle-timeout Reset server_idle_timeout to the default value (1200000)
--puppet-server-jruby-gem-home Where jruby gems are located for puppetserver (current: "/opt/puppetlabs/server/data/puppetserver/jruby-gems")
--reset-puppet-server-jruby-gem-home Reset server_jruby_gem_home to the default value ("/opt/puppetlabs/server/data/puppetserver/jruby-gems")
--puppet-server-jvm-cli-args Java options to use when using puppetserver
subcommands (eg puppetserver gem). (current: UNDEF)
--reset-puppet-server-jvm-cli-args Reset server_jvm_cli_args to the default value (UNDEF)
--puppet-server-jvm-config Specify the puppetserver jvm configuration file. (current: "/etc/sysconfig/puppetserver")
--reset-puppet-server-jvm-config Reset server_jvm_config to the default value ("/etc/sysconfig/puppetserver")
--puppet-server-jvm-extra-args Additional java options to pass through.
This can be used for Java versions prior to
Java 8 to specify the max perm space to use:
For example: '-XX:MaxPermSize=128m'. (current: UNDEF)
--reset-puppet-server-jvm-extra-args Reset server_jvm_extra_args to the default value (UNDEF)
--puppet-server-jvm-java-bin Set the default java to use. (current: "/usr/bin/java")
--reset-puppet-server-jvm-java-bin Reset server_jvm_java_bin to the default value ("/usr/bin/java")
--puppet-server-jvm-max-heap-size Specify the maximum jvm heap space. (current: "2G")
--reset-puppet-server-jvm-max-heap-size Reset server_jvm_max_heap_size to the default value ("2G")
--puppet-server-jvm-min-heap-size Specify the minimum jvm heap space. (current: "2G")
--reset-puppet-server-jvm-min-heap-size Reset server_jvm_min_heap_size to the default value ("2G")
--puppet-server-manage-user Whether to manage the server user resource (current: true)
--reset-puppet-server-manage-user Reset server_manage_user to the default value (true)
--puppet-server-max-active-instances Max number of active jruby instances. Defaults to
processor count (current: 4)
--reset-puppet-server-max-active-instances Reset server_max_active_instances to the default value (4)
--puppet-server-max-open-files Increase the max open files limit for Puppetserver.
Defaults to undef (current: UNDEF)
--reset-puppet-server-max-open-files Reset server_max_open_files to the default value (UNDEF)
--puppet-server-max-queued-requests The maximum number of requests that may be queued waiting to borrow a
JRuby from the pool. (Puppetserver 5.x only)
Defaults to 0 (disabled) for Puppetserver >= 5.0 (current: 0)
--reset-puppet-server-max-queued-requests Reset server_max_queued_requests to the default value (0)
--puppet-server-max-requests-per-instance Max number of requests a jruby instances will handle. Defaults to 0 (disabled) (current: 0)
--reset-puppet-server-max-requests-per-instance Reset server_max_requests_per_instance to the default value (0)
--puppet-server-max-retry-delay Sets the upper limit for the random sleep set as a Retry-After header on
503 responses returned when max-queued-requests is enabled. (Puppetserver 5.x only)
Defaults to 1800 for Puppetserver >= 5.0 (current: 1800)
--reset-puppet-server-max-retry-delay Reset server_max_retry_delay to the default value (1800)
--puppet-server-max-threads This sets the maximum number of threads assigned to responding to HTTP and/or
HTTPS requests for a single webserver, effectively changing how many
concurrent requests can be made at one time. If not provided, the
webserver defaults to 200. (current: UNDEF)
--reset-puppet-server-max-threads Reset server_max_threads to the default value (UNDEF)
--puppet-server-metrics-allowed Specify metrics to allow in addition to those in the default list
Defaults to undef (current: UNDEF)
--reset-puppet-server-metrics-allowed Reset server_metrics_allowed to the default value (UNDEF)
--puppet-server-metrics-graphite-enable Enable or disable Graphite metrics reporter. Defaults to false (current: false)
--reset-puppet-server-metrics-graphite-enable Reset server_metrics_graphite_enable to the default value (false)
--puppet-server-metrics-graphite-host Graphite server host. Defaults to "127.0.0.1" (current: "127.0.0.1")
--reset-puppet-server-metrics-graphite-host Reset server_metrics_graphite_host to the default value ("127.0.0.1")
--puppet-server-metrics-graphite-interval How often to send metrics to graphite (in seconds)
Defaults to 5 (current: 5)
--reset-puppet-server-metrics-graphite-interval Reset server_metrics_graphite_interval to the default value (5)
--puppet-server-metrics-graphite-port Graphite server port. Defaults to 2003 (current: 2003)
--reset-puppet-server-metrics-graphite-port Reset server_metrics_graphite_port to the default value (2003)
--puppet-server-metrics-jmx-enable Enable or disable JMX metrics reporter. Defaults to true (current: true)
--reset-puppet-server-metrics-jmx-enable Reset server_metrics_jmx_enable to the default value (true)
--puppet-server-metrics-server-id A server id that will be used as part of the namespace for metrics produced
Defaults to $fqdn (current: "sat-r220-07.lab.eng.rdu2.redhat.com")
--reset-puppet-server-metrics-server-id Reset server_metrics_server_id to the default value ("sat-r220-07.lab.eng.rdu2.redhat.com")
--puppet-server-multithreaded Use multithreaded jruby. (Puppetserver >= 6.8 only). Defaults to false. (current: false)
--reset-puppet-server-multithreaded Reset server_multithreaded to the default value (false)
--puppet-server-package Custom package name for puppet master (current: UNDEF)
--reset-puppet-server-package Reset server_package to the default value (UNDEF)
--puppet-server-parser Sets the parser to use. Valid options are 'current' or 'future'.
Defaults to 'current'. (current: "current")
--reset-puppet-server-parser Reset server_parser to the default value ("current")
--puppet-server-post-hook-content Which template to use for git post hook (current: "puppet/server/post-receive.erb")
--reset-puppet-server-post-hook-content Reset server_post_hook_content to the default value ("puppet/server/post-receive.erb")
--puppet-server-post-hook-name Name of a git hook (current: "post-receive")
--reset-puppet-server-post-hook-name Reset server_post_hook_name to the default value ("post-receive")
--puppet-server-puppet-basedir Where is the puppet code base located (current: "/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet")
--reset-puppet-server-puppet-basedir Reset server_puppet_basedir to the default value ("/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet")
--puppet-server-puppetserver-auth-template Template for generating /etc/puppetlabs/puppetserver/conf.d/auth.conf (current: UNDEF)
--reset-puppet-server-puppetserver-auth-template Reset server_puppetserver_auth_template to the default value (UNDEF)
--puppet-server-puppetserver-dir The path of the puppetserver config dir (current: "/etc/puppetlabs/puppetserver")
--reset-puppet-server-puppetserver-dir Reset server_puppetserver_dir to the default value ("/etc/puppetlabs/puppetserver")
--puppet-server-puppetserver-experimental For Puppetserver 5, enable the /puppet/experimental route? Defaults to true (current: true)
--reset-puppet-server-puppetserver-experimental Reset server_puppetserver_experimental to the default value (true)
--puppet-server-puppetserver-jruby9k For Puppetserver 5, use JRuby 9k? Defaults to false (current: false)
--reset-puppet-server-puppetserver-jruby9k Reset server_puppetserver_jruby9k to the default value (false)
--puppet-server-puppetserver-logdir The path of the puppetserver log dir (current: "/var/log/puppetlabs/puppetserver")
--reset-puppet-server-puppetserver-logdir Reset server_puppetserver_logdir to the default value ("/var/log/puppetlabs/puppetserver")
--puppet-server-puppetserver-metrics Enable puppetserver http-client metrics
Defaults to false because that's the Puppet Inc. default behaviour. (current: false)
--reset-puppet-server-puppetserver-metrics Reset server_puppetserver_metrics to the default value (false)
--puppet-server-puppetserver-profiler Enable JRuby profiling.
Defaults to false because that's the Puppet Inc. default behaviour. (current: false)
--reset-puppet-server-puppetserver-profiler Reset server_puppetserver_profiler to the default value (false)
--puppet-server-puppetserver-rundir The path of the puppetserver run dir (current: "/var/run/puppetlabs/puppetserver")
--reset-puppet-server-puppetserver-rundir Reset server_puppetserver_rundir to the default value ("/var/run/puppetlabs/puppetserver")
--puppet-server-puppetserver-trusted-agents Certificate names of puppet agents that are allowed to fetch *all* catalogs
Defaults to [] and all agents are only allowed to fetch their own catalogs. (current: [])
--reset-puppet-server-puppetserver-trusted-agents Reset server_puppetserver_trusted_agents to the default value ([])
--puppet-server-puppetserver-trusted-certificate-extensions An array of hashes of certificate extensions and values to be used in auth.conf (current: [])
--reset-puppet-server-puppetserver-trusted-certificate-extensions Reset server_puppetserver_trusted_certificate_extensions to the default value ([])
--puppet-server-puppetserver-vardir The path of the puppetserver var dir (current: "/opt/puppetlabs/server/data/puppetserver")
--reset-puppet-server-puppetserver-vardir Reset server_puppetserver_vardir to the default value ("/opt/puppetlabs/server/data/puppetserver")
--puppet-server-puppetserver-version The version of puppetserver installed (or being installed)
Unfortunately, different versions of puppetserver need
configuring differently. The default is derived from the
installed puppet version. Generally it's not needed to
override this but when upgrading it might be. (current: UNDEF)
--reset-puppet-server-puppetserver-version Reset server_puppetserver_version to the default value (UNDEF)
--puppet-server-request-timeout Timeout in node.rb script for fetching
catalog from Foreman (in seconds). (current: 60)
--reset-puppet-server-request-timeout Reset server_request_timeout to the default value (60)
--puppet-server-ruby-load-paths List of ruby paths
Defaults based on $::puppetversion (current: ["/opt/puppetlabs/puppet/lib/ruby/vendor_ruby"])
--reset-puppet-server-ruby-load-paths Reset server_ruby_load_paths to the default value (["/opt/puppetlabs/puppet/lib/ruby/vendor_ruby"])
--puppet-server-selector-threads This sets the number of selectors that the webserver will dedicate to processing
events on connected sockets for unencrypted HTTPS traffic. If not provided,
the webserver defaults to the minimum of: virtual cores on the host divided by 2
or max-threads divided by 16, with a minimum of 1. (current: UNDEF)
--reset-puppet-server-selector-threads Reset server_selector_threads to the default value (UNDEF)
--puppet-server-ssl-acceptor-threads This sets the number of threads that the webserver will dedicate to accepting
socket connections for encrypted HTTPS traffic. If not provided, defaults to
the number of virtual cores on the host divided by 8, with a minimum of 1 and maximum of 4. (current: UNDEF)
--reset-puppet-server-ssl-acceptor-threads Reset server_ssl_acceptor_threads to the default value (UNDEF)
--puppet-server-ssl-chain-filepath Path to certificate chain for puppetserver
Only used when $ca is true
Defaults to "${ssl_dir}/ca/ca_crt.pem" (current: UNDEF)
--reset-puppet-server-ssl-chain-filepath Reset server_ssl_chain_filepath to the default value (UNDEF)
--puppet-server-ssl-dir SSL directory (current: "/etc/puppetlabs/puppet/ssl")
--reset-puppet-server-ssl-dir Reset server_ssl_dir to the default value ("/etc/puppetlabs/puppet/ssl")
--puppet-server-ssl-dir-manage Toggle if ssl_dir should be added to the [master]
configuration section. This is necessary to
disable in case CA is delegated to a separate instance (current: true)
--reset-puppet-server-ssl-dir-manage Reset server_ssl_dir_manage to the default value (true)
--puppet-server-ssl-key-manage Toggle if "private_keys/${::puppet::server::certname}.pem"
should be created with default user and group. This is used in
the default Forman setup to reuse the key for TLS communication. (current: true)
--reset-puppet-server-ssl-key-manage Reset server_ssl_key_manage to the default value (true)
--puppet-server-ssl-protocols Array of SSL protocols to use.
Defaults to [ 'TLSv1.2' ] (current: ["TLSv1.2"])
--reset-puppet-server-ssl-protocols Reset server_ssl_protocols to the default value (["TLSv1.2"])
--puppet-server-ssl-selector-threads This sets the number of selectors that the webserver will dedicate to processing
events on connected sockets for encrypted HTTPS traffic. Defaults to the number of
virtual cores on the host divided by 2, with a minimum of 1 and maximum of 4.
The number of selector threads actually used by Jetty is twice the number of selectors
requested. For example, if a value of 3 is specified for the ssl-selector-threads setting,
Jetty will actually use 6 selector threads. (current: UNDEF)
--reset-puppet-server-ssl-selector-threads Reset server_ssl_selector_threads to the default value (UNDEF)
--puppet-server-strict-variables if set to true, it will throw parse errors
when accessing undeclared variables. (current: false)
--reset-puppet-server-strict-variables Reset server_strict_variables to the default value (false)
--puppet-server-use-legacy-auth-conf Should the puppetserver use the legacy puppet auth.conf?
Defaults to false (the puppetserver will use its own conf.d/auth.conf)
Note that Puppetserver 7 has dropped this option. (current: false)
--reset-puppet-server-use-legacy-auth-conf Reset server_use_legacy_auth_conf to the default value (false)
--puppet-server-user Name of the puppetmaster user. (current: "puppet")
--reset-puppet-server-user Reset server_user to the default value ("puppet")
--puppet-server-version Custom package version for puppet master (current: UNDEF)
--reset-puppet-server-version Reset server_version to the default value (UNDEF)
--puppet-server-versioned-code-content Contains the path to an executable script that Puppet Server
invokes when on static_file_content requests.
Defaults to undef (current: UNDEF)
--reset-puppet-server-versioned-code-content Reset server_versioned_code_content to the default value (UNDEF)
--puppet-server-versioned-code-id The path to an executable script that Puppet Server invokes to generate a code_id
Defaults to undef (current: UNDEF)
--reset-puppet-server-versioned-code-id Reset server_versioned_code_id to the default value (UNDEF)
--puppet-server-web-idle-timeout Time in ms that Jetty allows a socket to be idle, after processing has
completed.
Defaults to 30000, using the Jetty default of 30s (current: 30000)
--reset-puppet-server-web-idle-timeout Reset server_web_idle_timeout to the default value (30000)
== Basic:
--puppet-ca-server Use a different ca server. Should be either
a string with the location of the ca_server
or 'false'. (current: UNDEF)
--reset-puppet-ca-server Reset ca_server to the default value (UNDEF)
--puppet-show-diff Show and report changed files with diff output (current: false)
--reset-puppet-show-diff Reset show_diff to the default value (false)
== puppet::server:
--puppet-server Should a puppet master be installed as well as the client (current: false)
--reset-puppet-server Reset server to the default value (false)
--puppet-server-ca Provide puppet CA (current: true)
--reset-puppet-server-ca Reset server_ca to the default value (true)
--puppet-server-ca-crl-sync Sync puppet CA crl file to compile masters, Puppet CA Must be the Puppetserver
for the compile masters. Defaults to false. (current: false)
--reset-puppet-server-ca-crl-sync Reset server_ca_crl_sync to the default value (false)
--puppet-server-certname The name to use when handling certificates. (current: "sat-r220-07.lab.eng.rdu2.redhat.com")
--reset-puppet-server-certname Reset server_certname to the default value ("sat-r220-07.lab.eng.rdu2.redhat.com")
--puppet-server-common-modules-path Common modules paths (current: ["/etc/puppetlabs/code/environments/common", "/etc/puppetlabs/code/modules", "/opt/puppetlabs/puppet/modules", "/usr/share/puppet/modules"])
--reset-puppet-server-common-modules-path Reset server_common_modules_path to the default value (["/etc/puppetlabs/code/environments/common", "/etc/puppetlabs/code/modules", "/opt/puppetlabs/puppet/modules", "/usr/share/puppet/modules"])
--puppet-server-crl-enable Turn on crl checking. Defaults to true when server_ca is true. Otherwise
Defaults to false. Note unless you are using an external CA. It is recommended
to set this to true. See $server_ca_crl_sync to enable syncing from CA Puppet Master (current: UNDEF)
--reset-puppet-server-crl-enable Reset server_crl_enable to the default value (UNDEF)
--puppet-server-environments-group The group owning the environments directory (current: UNDEF)
--reset-puppet-server-environments-group Reset server_environments_group to the default value (UNDEF)
--puppet-server-environments-mode Environments directory mode. (current: "0755")
--reset-puppet-server-environments-mode Reset server_environments_mode to the default value ("0755")
--puppet-server-environments-owner The owner of the environments directory (current: "puppet")
--reset-puppet-server-environments-owner Reset server_environments_owner to the default value ("puppet")
--puppet-server-external-nodes External nodes classifier executable (current: "/etc/puppetlabs/puppet/node.rb")
--reset-puppet-server-external-nodes Reset server_external_nodes to the default value ("/etc/puppetlabs/puppet/node.rb")
--puppet-server-git-branch-map Git branch to puppet env mapping for the
default post receive hook (current: {})
--reset-puppet-server-git-branch-map Reset server_git_branch_map to the default value ({})
--puppet-server-git-repo Use git repository as a source of modules (current: false)
--reset-puppet-server-git-repo Reset server_git_repo to the default value (false)
--puppet-server-git-repo-group Git repository group (current: "puppet")
--reset-puppet-server-git-repo-group Reset server_git_repo_group to the default value ("puppet")
--puppet-server-git-repo-mode Git repository mode (current: "0755")
--reset-puppet-server-git-repo-mode Reset server_git_repo_mode to the default value ("0755")
--puppet-server-git-repo-path Git repository path (current: "/opt/puppetlabs/puppet/cache/puppet.git")
--reset-puppet-server-git-repo-path Reset server_git_repo_path to the default value ("/opt/puppetlabs/puppet/cache/puppet.git")
--puppet-server-git-repo-user Git repository user (current: "puppet")
--reset-puppet-server-git-repo-user Reset server_git_repo_user to the default value ("puppet")
--puppet-server-ip Bind ip address of the puppetmaster (current: "0.0.0.0")
--reset-puppet-server-ip Reset server_ip to the default value ("0.0.0.0")
--puppet-server-port Puppet master port (current: 8140)
--reset-puppet-server-port Reset server_port to the default value (8140)
--puppet-server-reports List of report types to include on the puppetmaster (current: "foreman")
--reset-puppet-server-reports Reset server_reports to the default value ("foreman")
--puppet-server-storeconfigs Whether to enable storeconfigs (current: false)
--reset-puppet-server-storeconfigs Reset server_storeconfigs to the default value (false)
--puppet-server-trusted-external-command The external trusted facts script to use.
(Puppet >= 6.11 only). (current: UNDEF)
--reset-puppet-server-trusted-external-command Reset server_trusted_external_command to the default value (UNDEF)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment