augeasproviders: alternative Augeas-based providers for Puppet

This module provides alternative providers for core Puppet types such as host and mailalias using the Augeas configuration library. It also adds some of its own types for new functionality.

The advantage of using Augeas over the default Puppet parsedfile implementations is that Augeas will go to great lengths to preserve file formatting and comments, while also failing safely when needed.

These providers will hide all of the Augeas commands etc., you don’t need to know anything about Augeas to make use of it.

If you want to make changes to config files in your own way, you should use the augeas type directly. For more information about Augeas, see the web site or the Puppet/Augeas wiki page.

Types and providers

The following builtin types have an Augeas-based provider implemented:

host
mailalias

The following other types have a provider implemented:

mounttab from puppetlabs-mount_providers

The module adds the following new types:

apache_setenv for updating SetEnv entries in Apache HTTP Server configs
kernel_parameter for adding kernel parameters to GRUB Legacy or GRUB 2 configs
nrpe_command for setting command entries in Nagios NRPE’s nrpe.cfg
puppet_auth for authentication rules in Puppet’s auth.conf
shellvar for shell variables in /etc/sysconfig or /etc/default etc.
sshd_config for setting configuration entries in OpenSSH’s sshd_config
sshd_config_subsystem for setting subsystem entries in OpenSSH’s sshd_config
sysctl for entries inside Linux’s sysctl.conf
syslog for entries inside syslog.conf

Lots of examples are provided in the accompanying documentation (see docs/examples.html) and are also published on the web site. If this is a git checkout, you will need to run make in docs/ to generate the HTML pages.

Type documentation can be generated with puppet doc -r type or viewed on the Puppet Forge page.

For builtin types and mounttab, the default provider will automatically become the augeas provider once the module is installed. This can be changed back to parsed where necessary.

Requirements

Ensure both Augeas and ruby-augeas 0.3.0+ bindings are installed and working as normal.

See Puppet/Augeas pre-requisites.

Installing

On Puppet 2.7.14+, the module can be installed easily (documentation):

puppet module install domcleal/augeasproviders

You may see an error similar to this on Puppet 2.x (#13858):

Error 400 on SERVER: Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid resource type `kernel_parameter` at ...

Ensure the module is present in your puppetmaster’s own environment (it doesn’t have to use it) and that the master has pluginsync enabled. Run the agent on the puppetmaster to cause the custom types to be synced to its local libdir (puppet master --configprint libdir) and then restart the puppetmaster so it loads them.

Planned

The following builtin types have Augeas-based providers planned:

ssh_authorized_key
port, once #5660 is done
yumrepo, once #8758 is done

Other ideas for new types are:

/etc/system types

Issues

Please file any issues or suggestions on GitHub.

augeasproviders: alternative Augeas-based providers for Puppet

Copyright (c) 2012 Dominic Cleal

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

sshd_config
- Description
  
  Manages settings in an OpenSSH sshd_config file.
  
  The resource name is used for the setting name, but if the condition is given, then the name can be something else and the key given as the name of the setting.
  
  Subsystem entries are not managed by this type. There is a specific sshd_config_subsystem type to manage these entries.
- Parameters
  name
  
  The name of the setting, or a unique string if condition given.
  
  key
  
  Overrides setting name to prevent resource conflicts if condition is given.
  
  target
  
  The file in which to store the settings, defaults to /etc/ssh/sshd_config.
  
  condition
  Match group condition for the entry, in the format:
```
sshd_config { 'PermitRootLogin':
  value     => 'without-password',
  condition => 'Host example.net',
}
```
  The value can contain multiple conditions, concatenated together with whitespace. This is used if the Match block has multiple criteria.
```
condition => 'Host example.net User root'
```
- Properties
  ensure
  
  The basic property that the resource should be in. Valid values are present, absent.
  
  value
  Value to change the setting to. The follow parameters take an array of values:
  - MACs;
  - AcceptEnv;
  - AllowGroups;
  - AllowUsers;
  - DenyGroups;
  - DenyUsers.
  All other parameters take a string. When passing an array to other parameters, only the first value in the array will be considered.
- Providers
  
  sshd_config
  
  Uses Augeas API to update an sshd_config parameter
sysctl
- Description
  
  Manages entries in /etc/sysctl.conf.
- Parameters
  
  name
  
  The name of the setting, e.g. net.ipv4.ip_forward
  
  target
  
  The file in which to store the settings, defaults to /etc/sysctl.conf.
- Properties
  
  ensure
  
  The basic property that the resource should be in. Valid values are present, absent.
  
  value
  
  Value to change the setting to. Settings with multiple values (such as net.ipv4.tcp_mem are represented as a single whitespace separated string.
  
  comment
  
  Text to be stored in a comment immediately above the entry. It will be automatically prepended with the name of the setting in order for the provider to know whether it controls the comment or not.
- Providers
  
  sysctl
  
  Uses Augeas API to update sysctl settings
kernel_parameter
- Description
  
  Manages kernel parameters stored in bootloaders.
- Parameters
  
  name
  
  The parameter name, e.g. ‘quiet’ or ‘vga’.
  
  target
  
  The bootloader configuration file, if in a non-default location for the provider.
  
  bootmode
  
  Boot mode(s) to apply the parameter to. Either ‘all’ (default) to use the parameter on all boots (normal and recovery mode), ‘normal’ for just normal boots or ‘recovery’ for just recovery boots. Valid values are all, normal, recovery.
- Properties
  
  ensure
  
  The basic property that the resource should be in. Valid values are present, absent.
  
  value
  
  Value of the parameter if applicable. Many parameters are just keywords so this must be left blank, while others (e.g. ‘vga’) will take a value.
- Providers
  
  grub
  
  Uses Augeas API to update kernel parameters in GRUB’s menu.lst
  
  grub2
  
  Uses Augeas API to update kernel parameters in GRUB2’s /etc/default/grub
  
  Required binaries: /usr/sbin/grub2-mkconfig.
sshd_config_subsystem
- Description
  
  Manages Subsystem settings in an OpenSSH sshd_config file.
- Parameters
  
  name
  
  The name of the subsystem to set.
  
  target
  
  The file in which to store the settings, defaults to /etc/ssh/sshd_config.
- Properties
  
  ensure
  
  The basic property that the resource should be in. Valid values are present, absent.
  
  command
  
  The command to execute upon subsystem request.
- Providers
  
  sshd_config_subsystem
  
  Uses Augeas API to update a Subsystem parameter in sshd_config.
apache_setenv
- Description
  
  Manages SetEnv entries in a Apache config
- Parameters
  
  name
  
  The variable name to set
  
  target
  
  The config file to use
- Properties
  
  ensure
  
  The basic property that the resource should be in. Valid values are present, absent.
  
  value
  
  The value to set it to
- Providers
  
  apache_setenv
  
  Use Augeas API to update SetEnv in Apache
nrpe_command
- Description
  
  Manages commands in /etc/nagios/nrpe.cfg.
- Parameters
  
  name
  
  The name of the command, e.g. check_my_stuff
  
  target
  
  The file in which to store the command, defaults to /etc/nagios/nrpe.cfg.
- Properties
  
  ensure
  
  The basic property that the resource should be in. Valid values are present, absent.
  
  command
  
  Check command to run on the system, with arguments
- Providers
  
  nrpe_command
  
  Uses Augeas API to update nrpe commands
puppet_auth
- Description
  
  Manages settings in Puppet’s auth.conf.
- Parameters
  name
  
  The name of the resource.
  
  path
  
  The path for the auth rule.
  
  path_regex
  
  Whether the path is specified as a regex. Valid values are true, false.
  
  ins_before
  Optional XPath expression to specify where to insert the auth rule.
  
  This parameter takes special values working as aliases:
  - first allow, mapping to path[allow][1];
  - last allow, mapping to path[allow][last()];
  - first deny, mapping to path[count(allow)=0][1];
  - last deny, mapping to path[count(allow)=0][last()]`
  ins_after
  Optional XPath expression to specify where to insert the auth rule.
  
  This parameter takes special values working as aliases:
  - first allow, mapping to path[allow][1];
  - last allow, mapping to path[allow][last()];
  - first deny, mapping to path[count(allow)=0][1];
  - last deny, mapping to path[count(allow)=0][last()]`
  target
  
  The file in which to store the settings, defaults to /etc/puppet/auth.conf.
- Properties
  ensure
  
  The basic property that the resource should be in. Valid values are present, absent.
  
  environments
  
  The list of environments the rule applies to.
  
  methods
  The list of methods the rule applies to. Possible values are:
  - find;
  - search;
  - save;
  - destroy.
  allow
  
  The list of hosts allowed for this rule, specified by hostname or cername. Regexes are allowed, as well as the special value *.
  
  allow_ip
  
  The list of IPs allowed for this rule. Requires Puppet 3.0.0 or greater.
  
  authenticated
  The type of authentication for the rule. Possible values are:
  - yes;
  - no;
  - on;
  - off;
  - any.
- Providers
  
  puppet_auth
  
  Uses Augeas API to update a rule in Puppet’s auth.conf.
shellvar
- Description
  
  Manages variables in simple shell scripts.
- Parameters
  variable
  
  The name of the variable, e.g. OPTIONS
  
  quoted
  Quoting method to use, defaults to auto.
  - auto will quote only if necessary, leaving existing quotes as-is
  - double and single will always quotes
  - none will remove quotes, which may result in save failures Valid values are auto, double, single, none, false, true.
  target
  
  The file in which to store the variable.
- Properties
  
  ensure
  
  The basic property that the resource should be in. Valid values are present, absent.
  
  value
  
  Value to change the variable to.
  
  comment
  
  Text to be stored in a comment immediately above the entry. It will be automatically prepended with the name of the variable in order for the provider to know whether it controls the comment or not.
- Providers
  
  shellvar
  
  Uses Augeas API to update shell script variables
syslog
- Description
  
  Manages settings in syslog.conf.
- Parameters
  
  name
  
  The name of the resource.
  
  facility
  
  The syslog facility for the selector.
  
  level
  
  The syslog level for the selector.
  
  action_type
  
  The type of action: file, hostname, user or program.
  
  action
  
  The action for the entry.
  
  target
  
  The file in which to store the settings, defaults to /etc/syslog.conf.
  
  lens
  
  The augeas lens used to parse the file
- Properties
  
  ensure
  
  The basic property that the resource should be in. Valid values are present, absent.
  
  no_sync
  
  Whether to omit syncing the file after every logging, ony when action_type is file. Valid values are true, false.
- Providers
  
  syslog
  
  Uses Augeas API to update a syslog.conf entry
  
  rsyslog
  
  Uses Augeas API to update an rsyslog.conf entry

Pulled from GitHub

domcleal/augeasproviders

How to Install

augeasproviders: alternative Augeas-based providers for Puppet

Types and providers

Requirements

Installing

Planned

Issues

sshd_config

Description

Parameters

Properties

Providers

sysctl

Description

Parameters

Properties

Providers

kernel_parameter

Description

Parameters

Properties

Providers

sshd_config_subsystem

Description

Parameters

Properties

Providers

apache_setenv

Description

Parameters

Properties

Providers

nrpe_command

Description

Parameters

Properties

Providers

puppet_auth

Description

Parameters

Properties

Providers

shellvar

Description

Parameters

Properties

Providers

syslog

Description

Parameters

Properties

Providers

Find Modules

Popular Tags