diff --git a/man/man5/puppet.conf.5 b/man/man5/puppet.conf.5 index 930cec533..aa747bdd4 100644 --- a/man/man5/puppet.conf.5 +++ b/man/man5/puppet.conf.5 @@ -1,1608 +1,1521 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPETCONF" "5" "April 2011" "Puppet Labs, LLC" "Puppet manual" -\fBThis page is autogenerated; any changes will get overwritten\fR \fI(last generated on Wed Apr 13 14:24:43 \-0700 2011)\fR +.TH "PUPPETCONF" "5" "June 2011" "Puppet Labs, LLC" "Puppet manual" +\fBThis page is autogenerated; any changes will get overwritten\fR \fI(last generated on Wed Jun 08 17:09:41 \-0700 2011)\fR . -.SH "Specifying Configuration Parameters" +.SH "Configuration Settings" . -.SS "On The Command\-Line" -Every Puppet executable (with the exception of \fBpuppetdoc\fR) accepts all of the parameters below, but not all of the arguments make sense for every executable\. -. -.P -I have tried to be as thorough as possible in the descriptions of the arguments, so it should be obvious whether an argument is appropriate or not\. -. -.P -These parameters can be supplied to the executables either as command\-line options or in the configuration file\. For instance, the command\-line invocation below would set the configuration directory to \fB/private/puppet\fR: -. -.IP "" 4 -. -.nf - -$ puppet agent \-\-confdir=/private/puppet -. -.fi -. -.IP "" 0 -. -.P -Note that boolean options are turned on and off with a slightly different syntax on the command line: -. -.IP "" 4 -. -.nf - -$ puppet agent \-\-storeconfigs - -$ puppet agent \-\-no\-storeconfigs -. -.fi -. -.IP "" 0 -. -.P -The invocations above will enable and disable, respectively, the storage of the client configuration\. -. -.SS "Configuration Files" -As mentioned above, the configuration parameters can also be stored in a configuration file, located in the configuration directory\. As root, the default configuration directory is \fB/etc/puppet\fR, and as a regular user, the default configuration directory is \fB~user/\.puppet\fR\. As of 0\.23\.0, all executables look for \fBpuppet\.conf\fR in their configuration directory (although they previously looked for separate files)\. For example, \fBpuppet\.conf\fR is located at \fB/etc/puppet/puppet\.conf\fR as \fBroot\fR and \fB~user/\.puppet/puppet\.conf\fR as a regular user by default\. -. -.P -All executables will set any parameters set within the \fB[main]\fR section, and each executable will also use one of the \fB[master]\fR, \fB[agent]\fR\. -. -.P -The file follows INI\-style formatting\. Here is an example of a very simple \fBpuppet\.conf\fR file: -. -.IP "" 4 -. -.nf - -[main] - confdir = /private/puppet - storeconfigs = true -. -.fi -. -.IP "" 0 -. -.P -Note that boolean parameters must be explicitly specified as \fBtrue\fR or \fBfalse\fR as seen above\. -. -.P -If you need to change file or directory parameters (e\.g\., reset the mode or owner), do so within curly braces on the same line: -. -.IP "" 4 -. -.nf - -[main] - vardir = /new/vardir {owner = root, mode = 644} -. -.fi -. -.IP "" 0 -. -.P -If you\'re starting out with a fresh configuration, you may wish to let the executable generate a template configuration file for you by invoking the executable in question with the \fB\-\-genconfig\fR command\. The executable will print a template configuration to standard output, which can be redirected to a file like so: -. -.IP "" 4 -. -.nf - -$ puppet agent \-\-genconfig > /etc/puppet/puppet\.conf -. -.fi -. -.IP "" 0 -. -.P -Note that this invocation will replace the contents of any pre\-existing \fBpuppet\.conf\fR file, so make a backup of your present config if it contains valuable information\. -. -.P -Like the \fB\-\-genconfig\fR argument, the executables also accept a \fB\-\-genmanifest\fR argument, which will generate a manifest that can be used to manage all of Puppet\'s directories and files and prints it to standard output\. This can likewise be redirected to a file: -. -.IP "" 4 -. -.nf - -$ puppet agent \-\-genmanifest > /etc/puppet/manifests/site\.pp -. -.fi +.IP "\(bu" 4 +Each of these settings can be specified in \fBpuppet\.conf\fR or on the command line\. . -.IP "" 0 +.IP "\(bu" 4 +When using boolean settings on the command line, use \fB\-\-setting\fR and \fB\-\-no\-setting\fR instead of \fB\-\-setting (true|false)\fR\. . -.P -Puppet can also create user and group accounts for itself (one \fBpuppet\fR group and one \fBpuppet\fR user) if it is invoked as \fBroot\fR with the \fB\-\-mkusers\fR argument: +.IP "\(bu" 4 +Settings can be interpolated as \fB$variables\fR in other settings; \fB$environment\fR is special, in that puppet master will interpolate each agent node\'s environment instead of its own\. . -.IP "" 4 +.IP "\(bu" 4 +Multiple values should be specified as comma\-separated lists; multiple directories should be separated with the system path separator (usually a colon)\. . -.nf - -$ puppet master \-\-mkusers +.IP "\(bu" 4 +Settings that take a single file or directory can optionally set the owner, group, and mode for their value: \fBrundir = $vardir/run { owner = puppet, group = puppet, mode = 644 }\fR . -.fi +.IP "\(bu" 4 +The Puppet executables will ignore any setting that isn\'t relevant to their function\. . .IP "" 0 . -.SH "Signals" -The \fBpuppet agent\fR and \fBpuppet master\fR executables catch some signals for special handling\. Both daemons catch (\fBSIGHUP\fR), which forces the server to restart tself\. Predictably, interrupt and terminate (\fBSIGINT\fR and \fBSIGTERM\fR) will shut down the server, whether it be an instance of \fBpuppet agent\fR or \fBpuppet master\fR\. -. .P -Sending the \fBSIGUSR1\fR signal to an instance of \fBpuppet agent\fR will cause it to immediately begin a new configuration transaction with the server\. This signal has no effect on \fBpuppet master\fR\. -. -.SH "Configuration Parameter Reference" -Below is a list of all documented parameters\. Not all of them are valid with all Puppet executables, but the executables will ignore any inappropriate values\. +See the configuration guide \fIhttp://docs\.puppetlabs\.com/guides/configuring\.html\fR for more details\. . .SS "allow_duplicate_certs" Whether to allow a new certificate request to overwrite an existing certificate\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "archive_file_server" During an inspect run, the file bucket server to archive files to if archive_files is set\. . .IP "\(bu" 4 \fIDefault\fR: $server . .IP "" 0 . .SS "archive_files" During an inspect run, whether to archive files whose contents are audited to a file bucket\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "async_storeconfigs" Whether to use a queueing system to provide asynchronous database integration\. Requires that \fBpuppetqd\fR be running and that \'PSON\' support for ruby be installed\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "authconfig" The configuration file that defines the rights to the different namespaces and methods\. This can be used as a coarse\-grained authorization system for both \fBpuppet agent\fR and \fBpuppet master\fR\. . .IP "\(bu" 4 \fIDefault\fR: $confdir/namespaceauth\.conf . .IP "" 0 . .SS "autoflush" Whether log files should always flush to disk\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "autosign" Whether to enable autosign\. Valid values are true (which autosigns any key request, and is a very bad idea), false (which never autosigns any key request), and the path to a file, which uses that configuration file to determine which keys to sign\. . .IP "\(bu" 4 \fIDefault\fR: $confdir/autosign\.conf . .IP "" 0 . .SS "bindaddress" The address a listening server should bind to\. Mongrel servers default to 127\.0\.0\.1 and WEBrick defaults to 0\.0\.0\.0\. . .SS "bucketdir" Where FileBucket files are stored\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/bucket . .IP "" 0 . .SS "ca" Wether the master should function as a certificate authority\. . .IP "\(bu" 4 \fIDefault\fR: true . .IP "" 0 . .SS "ca_days" How long a certificate should be valid\. This parameter is deprecated, use ca_ttl instead . .SS "ca_md" The type of hash used in certificates\. . .IP "\(bu" 4 \fIDefault\fR: md5 . .IP "" 0 . .SS "ca_name" The name to use the Certificate Authority certificate\. . .IP "\(bu" 4 \fIDefault\fR: Puppet CA: $certname . .IP "" 0 . .SS "ca_port" The port to use for the certificate authority\. . .IP "\(bu" 4 \fIDefault\fR: $masterport . .IP "" 0 . .SS "ca_server" The server to use for certificate authority requests\. It\'s a separate server because it cannot and does not need to horizontally scale\. . .IP "\(bu" 4 \fIDefault\fR: $server . .IP "" 0 . .SS "ca_ttl" The default TTL for new certificates; valid values must be an integer, optionally followed by one of the units \'y\' (years of 365 days), \'d\' (days), \'h\' (hours), or \'s\' (seconds)\. The unit defaults to seconds\. If this parameter is set, ca_days is ignored\. Examples are \'3600\' (one hour) and \'1825d\', which is the same as \'5y\' (5 years) . .IP "\(bu" 4 \fIDefault\fR: 5y . .IP "" 0 . .SS "cacert" The CA certificate\. . .IP "\(bu" 4 \fIDefault\fR: $cadir/ca_crt\.pem . .IP "" 0 . .SS "cacrl" The certificate revocation list (CRL) for the CA\. Will be used if present but otherwise ignored\. . .IP "\(bu" 4 \fIDefault\fR: $cadir/ca_crl\.pem . .IP "" 0 . .SS "cadir" The root directory for the certificate authority\. . .IP "\(bu" 4 \fIDefault\fR: $ssldir/ca . .IP "" 0 . .SS "cakey" The CA private key\. . .IP "\(bu" 4 \fIDefault\fR: $cadir/ca_key\.pem . .IP "" 0 . .SS "capass" Where the CA stores the password for the private key . .IP "\(bu" 4 \fIDefault\fR: $caprivatedir/ca\.pass . .IP "" 0 . .SS "caprivatedir" Where the CA stores private certificate information\. . .IP "\(bu" 4 \fIDefault\fR: $cadir/private . .IP "" 0 . .SS "capub" The CA public key\. . .IP "\(bu" 4 \fIDefault\fR: $cadir/ca_pub\.pem . .IP "" 0 . .SS "catalog_format" (Deprecated for \'preferred_serialization_format\') What format to use to dump the catalog\. Only supports \'marshal\' and \'yaml\'\. Only matters on the client, since it asks the server for a specific format\. . .SS "catalog_terminus" Where to get node catalogs\. This is useful to change if, for instance, you\'d like to pre\-compile catalogs and store them in memcached or some other easily\-accessed store\. . .IP "\(bu" 4 \fIDefault\fR: compiler . .IP "" 0 . .SS "cert_inventory" A Complete listing of all certificates . .IP "\(bu" 4 \fIDefault\fR: $cadir/inventory\.txt . .IP "" 0 . .SS "certdir" The certificate directory\. . .IP "\(bu" 4 \fIDefault\fR: $ssldir/certs . .IP "" 0 . .SS "certdnsnames" The DNS names on the Server certificate as a colon\-separated list\. If it\'s anything other than an empty string, it will be used as an alias in the created certificate\. By default, only the server gets an alias set up, and only for \'puppet\'\. . .SS "certificate_revocation" Whether certificate revocation should be supported by downloading a Certificate Revocation List (CRL) to all clients\. If enabled, CA chaining will almost definitely not work\. . .IP "\(bu" 4 \fIDefault\fR: true . .IP "" 0 . .SS "certname" The name to use when handling certificates\. Defaults to the fully qualified domain name\. . .IP "\(bu" 4 -\fIDefault\fR: nick\-lewiss\-macbook\-pro\.local +\fIDefault\fR: magpie\.puppetlabs\.lan . .IP "" 0 . .SS "classfile" The file in which puppet agent stores a list of the classes associated with the retrieved configuration\. Can be loaded in the separate \fBpuppet\fR executable using the \fB\-\-loadclasses\fR option\. . .IP "\(bu" 4 \fIDefault\fR: $statedir/classes\.txt . .IP "" 0 . .SS "client_datadir" The directory in which serialized data is stored on the client\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/client_data . .IP "" 0 . .SS "clientbucketdir" Where FileBucket files are stored locally\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/clientbucket . .IP "" 0 . .SS "clientyamldir" The directory in which client\-side YAML data is stored\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/client_yaml . .IP "" 0 . .SS "code" Code to parse directly\. This is essentially only used by \fBpuppet\fR, and should only be set if you\'re writing your own Puppet executable . .SS "color" Whether to use colors when logging to the console\. Valid values are \fBansi\fR (equivalent to \fBtrue\fR), \fBhtml\fR (mostly used during testing with TextMate), and \fBfalse\fR, which produces no color\. . .IP "\(bu" 4 \fIDefault\fR: ansi . .IP "" 0 . .SS "confdir" The main Puppet configuration directory\. The default for this parameter is calculated based on the user\. If the process is running as root or the user that Puppet is supposed to run as, it defaults to a system directory, but if it\'s running as any other user, it defaults to being in the user\'s home directory\. . .IP "\(bu" 4 \fIDefault\fR: /etc/puppet . .IP "" 0 . .SS "config" The configuration file for doc\. . .IP "\(bu" 4 \fIDefault\fR: $confdir/puppet\.conf . .IP "" 0 . .SS "config_version" How to determine the configuration version\. By default, it will be the time that the configuration is parsed, but you can provide a shell script to override how the version is determined\. The output of this script will be added to every log message in the reports, allowing you to correlate changes on your hosts to the source version on the server\. . .SS "configprint" Print the value of a specific configuration parameter\. If a parameter is provided for this, then the value is printed and puppet exits\. Comma\-separate multiple values\. For a list of all values, specify \'all\'\. This feature is only available in Puppet versions higher than 0\.18\.4\. . .SS "configtimeout" How long the client should wait for the configuration to be retrieved before considering it a failure\. This can help reduce flapping if too many clients contact the server at one time\. . .IP "\(bu" 4 \fIDefault\fR: 120 . .IP "" 0 . .SS "couchdb_url" The url where the puppet couchdb database will be created . .IP "\(bu" 4 \fIDefault\fR: http://127\.0\.0\.1:5984/puppet . .IP "" 0 . .SS "csrdir" Where the CA stores certificate requests . .IP "\(bu" 4 \fIDefault\fR: $cadir/requests . .IP "" 0 . .SS "daemonize" Send the process into the background\. This is the default\. . .IP "\(bu" 4 \fIDefault\fR: true . .IP "" 0 . .SS "dbadapter" The type of database to use\. . .IP "\(bu" 4 \fIDefault\fR: sqlite3 . .IP "" 0 . .SS "dbconnections" The number of database connections for networked databases\. Will be ignored unless the value is a positive integer\. . .SS "dblocation" The database cache for client configurations\. Used for querying within the language\. . .IP "\(bu" 4 \fIDefault\fR: $statedir/clientconfigs\.sqlite3 . .IP "" 0 . .SS "dbmigrate" Whether to automatically migrate the database\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "dbname" The name of the database to use\. . .IP "\(bu" 4 \fIDefault\fR: puppet . .IP "" 0 . .SS "dbpassword" The database password for caching\. Only used when networked databases are used\. . .IP "\(bu" 4 \fIDefault\fR: puppet . .IP "" 0 . .SS "dbport" The database password for caching\. Only used when networked databases are used\. . .SS "dbserver" The database server for caching\. Only used when networked databases are used\. . .IP "\(bu" 4 \fIDefault\fR: localhost . .IP "" 0 . .SS "dbsocket" The database socket location\. Only used when networked databases are used\. Will be ignored if the value is an empty string\. . .SS "dbuser" The database user for caching\. Only used when networked databases are used\. . .IP "\(bu" 4 \fIDefault\fR: puppet . .IP "" 0 . +.SS "deviceconfig" +Path to the device config file for puppet device +. +.IP "\(bu" 4 +\fIDefault\fR: $confdir/device\.conf +. +.IP "" 0 +. +.SS "devicedir" +The root directory of devices\' $vardir +. +.IP "\(bu" 4 +\fIDefault\fR: $vardir/devices +. +.IP "" 0 +. .SS "diff" Which diff command to use when printing differences between files\. . .IP "\(bu" 4 \fIDefault\fR: diff . .IP "" 0 . .SS "diff_args" Which arguments to pass to the diff command when printing differences between files\. . .IP "\(bu" 4 \fIDefault\fR: \-u . .IP "" 0 . .SS "document_all" Document all resources . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "downcasefacts" Whether facts should be made all lowercase when sent to the server\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "dynamicfacts" Facts that are dynamic; these facts will be ignored when deciding whether changed facts should result in a recompile\. Multiple facts should be comma\-separated\. . .IP "\(bu" 4 \fIDefault\fR: memorysize,memoryfree,swapsize,swapfree . .IP "" 0 . .SS "environment" The environment Puppet is running in\. For clients (e\.g\., \fBpuppet agent\fR) this determines the environment itself, which is used to find modules and much more\. For servers (i\.e\., \fBpuppet master\fR) this provides the default environment for nodes we know nothing about\. . .IP "\(bu" 4 \fIDefault\fR: production . .IP "" 0 . .SS "evaltrace" Whether each resource should log when it is being evaluated\. This allows you to interactively see exactly what is being done\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "external_nodes" An external command that can produce node information\. The output must be a YAML dump of a hash, and that hash must have one or both of \fBclasses\fR and \fBparameters\fR, where \fBclasses\fR is an array and \fBparameters\fR is a hash\. For unknown nodes, the commands should exit with a non\-zero exit code\. This command makes it straightforward to store your node mapping information in other data sources like databases\. . .IP "\(bu" 4 \fIDefault\fR: none . .IP "" 0 . .SS "factdest" Where Puppet should store facts that it pulls down from the central server\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/facts/ . .IP "" 0 . .SS "factpath" Where Puppet should look for facts\. Multiple directories should be colon\-separated, like normal PATH variables\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/lib/facter:$vardir/facts . .IP "" 0 . .SS "facts_terminus" The node facts terminus\. . .IP "\(bu" 4 \fIDefault\fR: facter . .IP "" 0 . .SS "factsignore" What files to ignore when pulling down facts\. . .IP "\(bu" 4 \fIDefault\fR: \.svn CVS . .IP "" 0 . .SS "factsource" From where to retrieve facts\. The standard Puppet \fBfile\fR type is used for retrieval, so anything that is a valid file source can be used here\. . .IP "\(bu" 4 \fIDefault\fR: puppet://$server/facts/ . .IP "" 0 . .SS "factsync" Whether facts should be synced with the central server\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "fileserverconfig" Where the fileserver configuration is stored\. . .IP "\(bu" 4 \fIDefault\fR: $confdir/fileserver\.conf . .IP "" 0 . .SS "filetimeout" The minimum time to wait (in seconds) between checking for updates in configuration files\. This timeout determines how quickly Puppet checks whether a file (such as manifests or templates) has changed on disk\. . .IP "\(bu" 4 \fIDefault\fR: 15 . .IP "" 0 . .SS "freeze_main" Freezes the \'main\' class, disallowing any code to be added to it\. This essentially means that you can\'t have any code outside of a node, class, or definition other than in the site manifest\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "genconfig" Whether to just print a configuration to stdout and exit\. Only makes sense when used interactively\. Takes into account arguments specified on the CLI\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "genmanifest" Whether to just print a manifest to stdout and exit\. Only makes sense when used interactively\. Takes into account arguments specified on the CLI\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "graph" Whether to create dot graph files for the different configuration graphs\. These dot files can be interpreted by tools like OmniGraffle or dot (which is part of ImageMagick)\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "graphdir" Where to store dot\-outputted graphs\. . .IP "\(bu" 4 \fIDefault\fR: $statedir/graphs . .IP "" 0 . .SS "group" The group puppet master should run as\. . .IP "\(bu" 4 \fIDefault\fR: puppet . .IP "" 0 . .SS "hostcert" Where individual hosts store and look for their certificates\. . .IP "\(bu" 4 \fIDefault\fR: $certdir/$certname\.pem . .IP "" 0 . .SS "hostcrl" Where the host\'s certificate revocation list can be found\. This is distinct from the certificate authority\'s CRL\. . .IP "\(bu" 4 \fIDefault\fR: $ssldir/crl\.pem . .IP "" 0 . .SS "hostcsr" Where individual hosts store and look for their certificate requests\. . .IP "\(bu" 4 \fIDefault\fR: $ssldir/csr_$certname\.pem . .IP "" 0 . .SS "hostprivkey" Where individual hosts store and look for their private key\. . .IP "\(bu" 4 \fIDefault\fR: $privatekeydir/$certname\.pem . .IP "" 0 . .SS "hostpubkey" Where individual hosts store and look for their public key\. . .IP "\(bu" 4 \fIDefault\fR: $publickeydir/$certname\.pem . .IP "" 0 . .SS "http_compression" -Allow http compression in REST communication with the master\. This setting might improve performance for agent \-> master communications over slow WANs\. Your puppetmaster needs to support compression (usually by activating some settings in a reverse\-proxy in front of the puppetmaster, which rules out webrick)\. It is harmless to activate this settings if your master doesn\'t support compression, but if it supports it, this setting might reduce performance on high\-speed LANs\. +Allow http compression in REST communication with the master\. This setting might improve performance for agent \-> master communications over slow WANs\. Your puppet master needs to support compression (usually by activating some settings in a reverse\-proxy in front of the puppet master, which rules out webrick)\. It is harmless to activate this settings if your master doesn\'t support compression, but if it supports it, this setting might reduce performance on high\-speed LANs\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "http_proxy_host" The HTTP proxy host to use for outgoing connections\. Note: You may need to use a FQDN for the server hostname when using a proxy\. . .IP "\(bu" 4 \fIDefault\fR: none . .IP "" 0 . .SS "http_proxy_port" The HTTP proxy port to use for outgoing connections . .IP "\(bu" 4 \fIDefault\fR: 3128 . .IP "" 0 . .SS "httplog" Where the puppet agent web server logs\. . .IP "\(bu" 4 \fIDefault\fR: $logdir/http\.log . .IP "" 0 . .SS "ignorecache" Ignore cache and always recompile the configuration\. This is useful for testing new configurations, where the local cache may in fact be stale even if the timestamps are up to date \- if the facts change or if the server changes\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "ignoreimport" A parameter that can be used in commit hooks, since it enables you to parse\-check a single file rather than requiring that all files exist\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "ignoreschedules" Boolean; whether puppet agent should ignore schedules\. This is useful for initial puppet agent runs\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "inventory_port" The port to communicate with the inventory_server\. . .IP "\(bu" 4 \fIDefault\fR: $masterport . .IP "" 0 . .SS "inventory_server" The server to send facts to\. . .IP "\(bu" 4 \fIDefault\fR: $server . .IP "" 0 . .SS "inventory_terminus" Should usually be the same as the facts terminus . .IP "\(bu" 4 \fIDefault\fR: $facts_terminus . .IP "" 0 . .SS "keylength" The bit length of keys\. . .IP "\(bu" 4 \fIDefault\fR: 1024 . .IP "" 0 . .SS "lastrunfile" Where puppet agent stores the last run report summary in yaml format\. . .IP "\(bu" 4 \fIDefault\fR: $statedir/last_run_summary\.yaml . .IP "" 0 . .SS "lastrunreport" Where puppet agent stores the last run report in yaml format\. . .IP "\(bu" 4 \fIDefault\fR: $statedir/last_run_report\.yaml . .IP "" 0 . .SS "ldapattrs" The LDAP attributes to include when querying LDAP for nodes\. All returned attributes are set as variables in the top\-level scope\. Multiple values should be comma\-separated\. The value \'all\' returns all attributes\. . .IP "\(bu" 4 \fIDefault\fR: all . .IP "" 0 . .SS "ldapbase" The search base for LDAP searches\. It\'s impossible to provide a meaningful default here, although the LDAP libraries might have one already set\. Generally, it should be the \'ou=Hosts\' branch under your main directory\. . .SS "ldapclassattrs" The LDAP attributes to use to define Puppet classes\. Values should be comma\-separated\. . .IP "\(bu" 4 \fIDefault\fR: puppetclass . .IP "" 0 . .SS "ldapnodes" Whether to search for node configurations in LDAP\. See http://projects\.puppetlabs\.com/projects/puppet/wiki/LDAP_Nodes for more information\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "ldapparentattr" The attribute to use to define the parent node\. . .IP "\(bu" 4 \fIDefault\fR: parentnode . .IP "" 0 . .SS "ldappassword" The password to use to connect to LDAP\. . .SS "ldapport" The LDAP port\. Only used if \fBldapnodes\fR is enabled\. . .IP "\(bu" 4 \fIDefault\fR: 389 . .IP "" 0 . .SS "ldapserver" The LDAP server\. Only used if \fBldapnodes\fR is enabled\. . .IP "\(bu" 4 \fIDefault\fR: ldap . .IP "" 0 . .SS "ldapssl" Whether SSL should be used when searching for nodes\. Defaults to false because SSL usually requires certificates to be set up on the client side\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "ldapstackedattrs" The LDAP attributes that should be stacked to arrays by adding the values in all hierarchy elements of the tree\. Values should be comma\-separated\. . .IP "\(bu" 4 \fIDefault\fR: puppetvar . .IP "" 0 . .SS "ldapstring" The search string used to find an LDAP node\. . .IP "\(bu" 4 \fIDefault\fR: (&(objectclass=puppetClient)(cn=%s)) . .IP "" 0 . .SS "ldaptls" Whether TLS should be used when searching for nodes\. Defaults to false because TLS usually requires certificates to be set up on the client side\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "ldapuser" The user to use to connect to LDAP\. Must be specified as a full DN\. . .SS "lexical" Whether to use lexical scoping (vs\. dynamic)\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "libdir" An extra search path for Puppet\. This is only useful for those files that Puppet will load on demand, and is only guaranteed to work for those cases\. In fact, the autoload mechanism is responsible for making sure this directory is in Ruby\'s search path . .IP "\(bu" 4 \fIDefault\fR: $vardir/lib . .IP "" 0 . .SS "listen" -Whether puppet agent should listen for connections\. If this is true, then by default only the \fBrunner\fR server is started, which allows remote authorized and authenticated nodes to connect and trigger \fBpuppet agent\fR runs\. +Whether puppet agent should listen for connections\. If this is true, then puppet agent will accept incoming REST API requests, subject to the default ACLs and the ACLs set in the \fBrest_authconfig\fR file\. Puppet agent can respond usefully to requests on the \fBrun\fR, \fBfacts\fR, \fBcertificate\fR, and \fBresource\fR endpoints\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "localcacert" Where each client stores the CA certificate\. . .IP "\(bu" 4 \fIDefault\fR: $certdir/ca\.pem . .IP "" 0 . .SS "localconfig" Where puppet agent caches the local configuration\. An extension indicating the cache format is added automatically\. . .IP "\(bu" 4 \fIDefault\fR: $statedir/localconfig . .IP "" 0 . .SS "logdir" The Puppet log directory\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/log . .IP "" 0 . .SS "manage_internal_file_permissions" Whether Puppet should manage the owner, group, and mode of files it uses internally . .IP "\(bu" 4 \fIDefault\fR: true . .IP "" 0 . .SS "manifest" The entry\-point manifest for puppet master\. . .IP "\(bu" 4 \fIDefault\fR: $manifestdir/site\.pp . .IP "" 0 . .SS "manifestdir" Where puppet master looks for its manifests\. . .IP "\(bu" 4 \fIDefault\fR: $confdir/manifests . .IP "" 0 . .SS "masterhttplog" Where the puppet master web server logs\. . .IP "\(bu" 4 \fIDefault\fR: $logdir/masterhttp\.log . .IP "" 0 . .SS "masterlog" Where puppet master logs\. This is generally not used, since syslog is the default log destination\. . .IP "\(bu" 4 \fIDefault\fR: $logdir/puppetmaster\.log . .IP "" 0 . .SS "masterport" Which port puppet master listens on\. . .IP "\(bu" 4 \fIDefault\fR: 8140 . .IP "" 0 . .SS "maximum_uid" The maximum allowed UID\. Some platforms use negative UIDs but then ship with tools that do not know how to handle signed ints, so the UIDs show up as huge numbers that can then not be fed back into the system\. This is a hackish way to fail in a slightly more useful way when that happens\. . .IP "\(bu" 4 \fIDefault\fR: 4294967290 . .IP "" 0 . .SS "mkusers" Whether to create the necessary user and group that puppet agent will run as\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "modulepath" The search path for modules as a colon\-separated list of directories\. . .IP "\(bu" 4 \fIDefault\fR: $confdir/modules:/usr/share/puppet/modules . .IP "" 0 . .SS "name" The name of the application, if we are running as one\. The default is essentially $0 without the path or \fB\.rb\fR\. . .IP "\(bu" 4 \fIDefault\fR: doc . .IP "" 0 . .SS "node_name" -How the puppetmaster determines the client\'s identity and sets the \'hostname\', \'fqdn\' and \'domain\' facts for use in the manifest, in particular for determining which \'node\' statement applies to the client\. Possible values are \'cert\' (use the subject\'s CN in the client\'s certificate) and \'facter\' (use the hostname that the client reported in its facts) +How the puppet master determines the client\'s identity and sets the \'hostname\', \'fqdn\' and \'domain\' facts for use in the manifest, in particular for determining which \'node\' statement applies to the client\. Possible values are \'cert\' (use the subject\'s CN in the client\'s certificate) and \'facter\' (use the hostname that the client reported in its facts) . .IP "\(bu" 4 \fIDefault\fR: cert . .IP "" 0 . .SS "node_terminus" Where to find information about nodes\. . .IP "\(bu" 4 \fIDefault\fR: plain . .IP "" 0 . .SS "noop" Whether puppet agent should be run in noop mode\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "onetime" Run the configuration once, rather than as a long\-running daemon\. This is useful for interactively running puppetd\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "passfile" Where puppet agent stores the password for its private key\. Generally unused\. . .IP "\(bu" 4 \fIDefault\fR: $privatedir/password . .IP "" 0 . .SS "path" The shell search path\. Defaults to whatever is inherited from the parent process\. . .IP "\(bu" 4 \fIDefault\fR: none . .IP "" 0 . .SS "pidfile" The pid file . .IP "\(bu" 4 \fIDefault\fR: $rundir/$name\.pid . .IP "" 0 . .SS "plugindest" Where Puppet should store plugins that it pulls down from the central server\. . .IP "\(bu" 4 \fIDefault\fR: $libdir . .IP "" 0 . .SS "pluginsignore" What files to ignore when pulling down plugins\. . .IP "\(bu" 4 \fIDefault\fR: \.svn CVS \.git . .IP "" 0 . .SS "pluginsource" From where to retrieve plugins\. The standard Puppet \fBfile\fR type is used for retrieval, so anything that is a valid file source can be used here\. . .IP "\(bu" 4 \fIDefault\fR: puppet://$server/plugins . .IP "" 0 . .SS "pluginsync" Whether plugins should be synced with the central server\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "postrun_command" A command to run after every agent run\. If this command returns a non\-zero return code, the entire Puppet run will be considered to have failed, even though it might have performed work during the normal run\. . .SS "preferred_serialization_format" The preferred means of serializing ruby instances for passing over the wire\. This won\'t guarantee that all instances will be serialized using this method, since not all classes can be guaranteed to support this format, but it will be used for all classes that support it\. . .IP "\(bu" 4 \fIDefault\fR: pson . .IP "" 0 . .SS "prerun_command" A command to run before every agent run\. If this command returns a non\-zero return code, the entire Puppet run will fail\. . .SS "privatedir" Where the client stores private certificate information\. . .IP "\(bu" 4 \fIDefault\fR: $ssldir/private . .IP "" 0 . .SS "privatekeydir" The private key directory\. . .IP "\(bu" 4 \fIDefault\fR: $ssldir/private_keys . .IP "" 0 . .SS "publickeydir" The public key directory\. . .IP "\(bu" 4 \fIDefault\fR: $ssldir/public_keys . .IP "" 0 . .SS "puppetdlockfile" A lock file to temporarily stop puppet agent from doing anything\. . .IP "\(bu" 4 \fIDefault\fR: $statedir/puppetdlock . .IP "" 0 . .SS "puppetdlog" The log file for puppet agent\. This is generally not used\. . .IP "\(bu" 4 \fIDefault\fR: $logdir/puppetd\.log . .IP "" 0 . .SS "puppetport" Which port puppet agent listens on\. . .IP "\(bu" 4 \fIDefault\fR: 8139 . .IP "" 0 . .SS "queue_source" Which type of queue to use for asynchronous processing\. If your stomp server requires authentication, you can include it in the URI as long as your stomp client library is at least 1\.1\.1 . .IP "\(bu" 4 \fIDefault\fR: stomp://localhost:61613/ . .IP "" 0 . .SS "queue_type" Which type of queue to use for asynchronous processing\. . .IP "\(bu" 4 \fIDefault\fR: stomp . .IP "" 0 . .SS "rails_loglevel" The log level for Rails connections\. The value must be a valid log level within Rails\. Production environments normally use \fBinfo\fR and other environments normally use \fBdebug\fR\. . .IP "\(bu" 4 \fIDefault\fR: info . .IP "" 0 . .SS "railslog" Where Rails\-specific logs are sent . .IP "\(bu" 4 \fIDefault\fR: $logdir/rails\.log . .IP "" 0 . .SS "report" Whether to send reports after every transaction\. . .IP "\(bu" 4 \fIDefault\fR: true . .IP "" 0 . .SS "report_port" The port to communicate with the report_server\. . .IP "\(bu" 4 \fIDefault\fR: $masterport . .IP "" 0 . .SS "report_server" The server to send transaction reports to\. . .IP "\(bu" 4 \fIDefault\fR: $server . .IP "" 0 . .SS "reportdir" The directory in which to store reports received from the client\. Each client gets a separate subdirectory\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/reports . .IP "" 0 . .SS "reportfrom" The \'from\' email address for the reports\. . .IP "\(bu" 4 -\fIDefault\fR: report@Nick\-Lewiss\-MacBook\-Pro\.local +\fIDefault\fR: report@magpie\.puppetlabs\.lan . .IP "" 0 . .SS "reports" The list of reports to generate\. All reports are looked for in \fBpuppet/reports/name\.rb\fR, and multiple report names should be comma\-separated (whitespace is okay)\. . .IP "\(bu" 4 \fIDefault\fR: store . .IP "" 0 . .SS "reportserver" (Deprecated for \'report_server\') The server to which to send transaction reports\. . .IP "\(bu" 4 \fIDefault\fR: $server . .IP "" 0 . .SS "reporturl" The URL used by the http reports processor to send reports . .IP "\(bu" 4 \fIDefault\fR: http://localhost:3000/reports . .IP "" 0 . .SS "req_bits" The bit length of the certificates\. . .IP "\(bu" 4 \fIDefault\fR: 2048 . .IP "" 0 . .SS "requestdir" Where host certificate requests are stored\. . .IP "\(bu" 4 \fIDefault\fR: $ssldir/certificate_requests . .IP "" 0 . .SS "rest_authconfig" The configuration file that defines the rights to the different rest indirections\. This can be used as a fine\-grained authorization system for \fBpuppet master\fR\. . .IP "\(bu" 4 \fIDefault\fR: $confdir/auth\.conf . .IP "" 0 . .SS "route_file" The YAML file containing indirector route configuration\. . .IP "\(bu" 4 \fIDefault\fR: $confdir/routes\.yaml . .IP "" 0 . .SS "rrddir" The directory where RRD database files are stored\. Directories for each reporting host will be created under this directory\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/rrd . .IP "" 0 . .SS "rrdinterval" How often RRD should expect data\. This should match how often the hosts report back to the server\. . .IP "\(bu" 4 \fIDefault\fR: $runinterval . .IP "" 0 . .SS "run_mode" The effective \'run mode\' of the application: master, agent, or user\. . .IP "\(bu" 4 \fIDefault\fR: master . .IP "" 0 . .SS "rundir" Where Puppet PID files are kept\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/run . .IP "" 0 . .SS "runinterval" How often puppet agent applies the client configuration; in seconds\. . .IP "\(bu" 4 \fIDefault\fR: 1800 . .IP "" 0 . .SS "sendmail" Where to find the sendmail binary with which to send email\. . .IP "\(bu" 4 \fIDefault\fR: /usr/sbin/sendmail . .IP "" 0 . .SS "serial" Where the serial number for certificates is stored\. . .IP "\(bu" 4 \fIDefault\fR: $cadir/serial . .IP "" 0 . .SS "server" The server to which server puppet agent should connect . .IP "\(bu" 4 \fIDefault\fR: puppet . .IP "" 0 . .SS "server_datadir" The directory in which serialized data is stored, usually in a subdirectory\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/server_data . .IP "" 0 . .SS "servertype" The type of server to use\. Currently supported options are webrick and mongrel\. If you use mongrel, you will need a proxy in front of the process or processes, since Mongrel cannot speak SSL\. . .IP "\(bu" 4 \fIDefault\fR: webrick . .IP "" 0 . .SS "show_diff" Whether to print a contextual diff when files are being replaced\. The diff is printed on stdout, so this option is meaningless unless you are running Puppet interactively\. This feature currently requires the \fBdiff/lcs\fR Ruby library\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "signeddir" Where the CA stores signed certificates\. . .IP "\(bu" 4 \fIDefault\fR: $cadir/signed . .IP "" 0 . .SS "smtpserver" The server through which to send email reports\. . .IP "\(bu" 4 \fIDefault\fR: none . .IP "" 0 . .SS "splay" Whether to sleep for a pseudo\-random (but consistent) amount of time before a run\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "splaylimit" The maximum time to delay before runs\. Defaults to being the same as the run interval\. . .IP "\(bu" 4 \fIDefault\fR: $runinterval . .IP "" 0 . .SS "ssl_client_header" The header containing an authenticated client\'s SSL DN\. Only used with Mongrel\. This header must be set by the proxy to the authenticated client\'s SSL DN (e\.g\., \fB/CN=puppet\.puppetlabs\.com\fR)\. See http://projects\.puppetlabs\.com/projects/puppet/wiki/Using_Mongrel for more information\. . .IP "\(bu" 4 \fIDefault\fR: HTTP_X_CLIENT_DN . .IP "" 0 . .SS "ssl_client_verify_header" The header containing the status message of the client verification\. Only used with Mongrel\. This header must be set by the proxy to \'SUCCESS\' if the client successfully authenticated, and anything else otherwise\. See http://projects\.puppetlabs\.com/projects/puppet/wiki/Using_Mongrel for more information\. . .IP "\(bu" 4 \fIDefault\fR: HTTP_X_CLIENT_VERIFY . .IP "" 0 . .SS "ssldir" Where SSL certificates are kept\. . .IP "\(bu" 4 \fIDefault\fR: $confdir/ssl . .IP "" 0 . .SS "statedir" The directory where Puppet state is stored\. Generally, this directory can be removed without causing harm (although it might result in spurious service restarts)\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/state . .IP "" 0 . .SS "statefile" Where puppet agent and puppet master store state associated with the running configuration\. In the case of puppet master, this file reflects the state discovered through interacting with clients\. . .IP "\(bu" 4 \fIDefault\fR: $statedir/state\.yaml . .IP "" 0 . .SS "storeconfigs" Whether to store each client\'s configuration\. This requires ActiveRecord from Ruby on Rails\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "strict_hostname_checking" Whether to only search for the complete hostname as it is in the certificate when searching for node information in the catalogs\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "summarize" Whether to print a transaction summary\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "syslogfacility" What syslog facility to use when logging to syslog\. Syslog has a fixed list of valid facilities, and you must choose one of those; you cannot just make one up\. . .IP "\(bu" 4 \fIDefault\fR: daemon . .IP "" 0 . .SS "tagmap" The mapping between reporting tags and email addresses\. . .IP "\(bu" 4 \fIDefault\fR: $confdir/tagmail\.conf . .IP "" 0 . .SS "tags" Tags to use to find resources\. If this is set, then only resources tagged with the specified tags will be applied\. Values must be comma\-separated\. . .SS "templatedir" Where Puppet looks for template files\. Can be a list of colon\-seperated directories\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/templates . .IP "" 0 . .SS "thin_storeconfigs" Boolean; wether storeconfigs store in the database only the facts and exported resources\. If true, then storeconfigs performance will be higher and still allow exported/collected resources, but other usage external to Puppet might not work . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "trace" Whether to print stack traces on some errors . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "use_cached_catalog" Whether to only use the cached catalog rather than compiling a new catalog on every run\. Puppet can be run with this enabled by default and then selectively disabled when a recompile is desired\. . .IP "\(bu" 4 \fIDefault\fR: false . .IP "" 0 . .SS "usecacheonfailure" Whether to use the cached configuration when the remote configuration will not compile\. This option is useful for testing new configurations, where you want to fix the broken configuration rather than reverting to a known\-good one\. . .IP "\(bu" 4 \fIDefault\fR: true . .IP "" 0 . .SS "user" The user puppet master should run as\. . .IP "\(bu" 4 \fIDefault\fR: puppet . .IP "" 0 . .SS "vardir" Where Puppet stores dynamic and growing data\. The default for this parameter is calculated specially, like \fBconfdir\fR_\. . .IP "\(bu" 4 \fIDefault\fR: /var/lib/puppet . .IP "" 0 . .SS "yamldir" The directory in which YAML data is stored, usually in a subdirectory\. . .IP "\(bu" 4 \fIDefault\fR: $vardir/yaml . .IP "" 0 . .SS "zlib" Boolean; whether to use the zlib library . .IP "\(bu" 4 \fIDefault\fR: true . .IP "" 0 . .P -\fIThis page autogenerated on Wed Apr 13 14:24:43 \-0700 2011\fR +\fIThis page autogenerated on Wed Jun 08 17:09:41 \-0700 2011\fR diff --git a/man/man8/filebucket.8 b/man/man8/filebucket.8 index 7ff0da9af..990756858 100644 --- a/man/man8/filebucket.8 +++ b/man/man8/filebucket.8 @@ -1,81 +1,81 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-FILEBUCKET" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-FILEBUCKET" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-filebucket\fR \- Store and retrieve files in a filebucket . .SH "SYNOPSIS" A stand\-alone Puppet filebucket client\. . .SH "USAGE" puppet filebucket \fImode\fR [\-h|\-\-help] [\-V|\-\-version] [\-d|\-\-debug] [\-v|\-\-verbose] [\-l|\-\-local] [\-r|\-\-remote] [\-s|\-\-server \fIserver\fR] [\-b|\-\-bucket \fIdirectory\fR] \fIfile\fR \fIfile\fR \.\.\. . .P Puppet filebucket can operate in three modes, with only one mode per call: . .P backup: Send one or more files to the specified file bucket\. Each sent file is printed with its resulting md5 sum\. . .P get: Return the text associated with an md5 sum\. The text is printed to stdout, and only one file can be retrieved at a time\. . .P restore: Given a file path and an md5 sum, store the content associated with the sum into the specified file path\. You can specify an entirely new path to this argument; you are not restricted to restoring the content to its original location\. . .SH "DESCRIPTION" This is a stand\-alone filebucket client for sending files to a local or central filebucket\. . .P Note that \'filebucket\' defaults to using a network\-based filebucket available on the server named \'puppet\'\. To use this, you\'ll have to be running as a user with valid Puppet certificates\. Alternatively, you can use your local file bucket by specifying \'\-\-local\'\. . .SH "OPTIONS" Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'ssldir\' is a valid configuration parameter, so you can specify \'\-\-ssldir \fIdirectory\fR\' as an argument\. . .P See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \'\-\-genconfig\'\. . .TP \-\-debug Enable full debugging\. . .TP \-\-help Print this help message . .TP \-\-local Use the local filebucket\. This will use the default configuration information\. . .TP \-\-remote Use a remote filebucket\. This will use the default configuration information\. . .TP \-\-server The server to send the file to, instead of locally\. . .TP \-\-verbose Print extra information\. . .TP \-\-version Print version information\. . .SH "EXAMPLE" . .nf $ puppet filebucket backup /etc/passwd /etc/passwd: 429b225650b912a2ee067b0a4cf1e949 $ puppet filebucket restore /tmp/passwd 429b225650b912a2ee067b0a4cf1e949 . .fi . .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/pi.8 b/man/man8/pi.8 index c54a7bec7..af246f16b 100644 --- a/man/man8/pi.8 +++ b/man/man8/pi.8 @@ -1,51 +1,51 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-DESCRIBE" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-DESCRIBE" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-describe\fR \- Display help about resource types . .SH "SYNOPSIS" Prints help about Puppet resource types, providers, and metaparameters\. . .SH "USAGE" puppet describe [\-h|\-\-help] [\-s|\-\-short] [\-p|\-\-providers] [\-l|\-\-list] [\-m|\-\-meta] . .SH "OPTIONS" . .TP \-\-help Print this help text . .TP \-\-providers Describe providers in detail for each type . .TP \-\-list List all types . .TP \-\-meta List all metaparameters . .TP \-\-short List only parameters without detail . .SH "EXAMPLE" . .nf $ puppet describe \-\-list $ puppet describe file \-\-providers $ puppet describe user \-s \-m . .fi . .SH "AUTHOR" David Lutterkort . .SH "COPYRIGHT" -Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppet-agent.8 b/man/man8/puppet-agent.8 index 3fadd9df7..2e5cedf51 100644 --- a/man/man8/puppet-agent.8 +++ b/man/man8/puppet-agent.8 @@ -1,139 +1,154 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-AGENT" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-AGENT" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-agent\fR \- The puppet agent daemon . .SH "SYNOPSIS" Retrieves the client configuration from the puppet master and applies it to the local host\. . .P This service may be run as a daemon, run periodically using cron (or something similar), or run interactively for testing purposes\. . .SH "USAGE" puppet agent [\-D|\-\-daemonize|\-\-no\-daemonize] [\-d|\-\-debug] [\-\-detailed\-exitcodes] [\-\-disable] [\-\-enable] [\-h|\-\-help] [\-\-certname \fIhost name\fR] [\-l|\-\-logdest syslog|\fIfile\fR|console] [\-o|\-\-onetime] [\-\-serve \fIhandler\fR] [\-t|\-\-test] [\-\-noop] [\-\-digest \fIdigest\fR] [\-\-fingerprint] [\-V|\-\-version] [\-v|\-\-verbose] [\-w|\-\-waitforcert \fIseconds\fR] . .SH "DESCRIPTION" This is the main puppet client\. Its job is to retrieve the local machine\'s configuration from a remote server and apply it\. In order to successfully communicate with the remote server, the client must have a certificate signed by a certificate authority that the server trusts; the recommended method for this, at the moment, is to run a certificate authority as part of the puppet server (which is the default)\. The client will connect and request a signed certificate, and will continue connecting until it receives one\. . .P Once the client has a signed certificate, it will retrieve its configuration and apply it\. . .SH "USAGE NOTES" \'puppet agent\' does its best to find a compromise between interactive use and daemon use\. Run with no arguments and no configuration, it will go into the background, attempt to get a signed certificate, and retrieve and apply its configuration every 30 minutes\. . .P Some flags are meant specifically for interactive use \-\- in particular, \'test\', \'tags\' or \'fingerprint\' are useful\. \'test\' enables verbose logging, causes the daemon to stay in the foreground, exits if the server\'s configuration is invalid (this happens if, for instance, you\'ve left a syntax error on the server), and exits after running the configuration once (rather than hanging around as a long\-running process)\. . .P \'tags\' allows you to specify what portions of a configuration you want to apply\. Puppet elements are tagged with all of the class or definition names that contain them, and you can use the \'tags\' flag to specify one of these names, causing only configuration elements contained within that class or definition to be applied\. This is very useful when you are testing new configurations \-\- for instance, if you are just starting to manage \'ntpd\', you would put all of the new elements into an \'ntpd\' class, and call puppet with \'\-\-tags ntpd\', which would only apply that small portion of the configuration during your testing, rather than applying the whole thing\. . .P \'fingerprint\' is a one\-time flag\. In this mode \'puppet agent\' will run once and display on the console (and in the log) the current certificate (or certificate request) fingerprint\. Providing the \'\-\-digest\' option allows to use a different digest algorithm to generate the fingerprint\. The main use is to verify that before signing a certificate request on the master, the certificate request the master received is the same as the one the client sent (to prevent against man\-in\-the\-middle attacks when signing certificates)\. . .SH "OPTIONS" Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'server\' is a valid configuration parameter, so you can specify \'\-\-server \fIservername\fR\' as an argument\. . .P See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet agent with \'\-\-genconfig\'\. . .TP \-\-daemonize Send the process into the background\. This is the default\. . .TP \-\-no\-daemonize Do not send the process into the background\. . .TP \-\-debug Enable full debugging\. . .TP \-\-digest Change the certificate fingerprinting digest algorithm\. The default is MD5\. Valid values depends on the version of OpenSSL installed, but should always at least contain MD5, MD2, SHA1 and SHA256\. . .TP \-\-detailed\-exitcodes Provide transaction information via exit codes\. If this is enabled, an exit code of \'2\' means there were changes, and an exit code of \'4\' means that there were failures during the transaction\. This option only makes sense in conjunction with \-\-onetime\. . .TP \-\-disable Disable working on the local system\. This puts a lock file in place, causing \'puppet agent\' not to work on the system until the lock file is removed\. This is useful if you are testing a configuration and do not want the central configuration to override the local state until everything is tested and committed\. . .IP \'puppet agent\' uses the same lock file while it is running, so no more than one \'puppet agent\' process is working at a time\. . .IP \'puppet agent\' exits after executing this\. . .TP \-\-enable Enable working on the local system\. This removes any lock file, causing \'puppet agent\' to start managing the local system again (although it will continue to use its normal scheduling, so it might not start for another half hour)\. . .IP \'puppet agent\' exits after executing this\. . .TP \-\-certname Set the certname (unique ID) of the client\. The master reads this unique identifying string, which is usually set to the node\'s fully\-qualified domain name, to determine which configurations the node will receive\. Use this option to debug setup problems or implement unusual node identification schemes\. . .TP \-\-help Print this help message . .TP \-\-logdest Where to send messages\. Choose between syslog, the console, and a log file\. Defaults to sending messages to syslog, or the console if debugging or verbosity is enabled\. . .TP \-\-no\-client Do not create a config client\. This will cause the daemon to run without ever checking for its configuration automatically, and only makes sense . .TP \-\-onetime Run the configuration once\. Runs a single (normally daemonized) Puppet run\. Useful for interactively running puppet agent when used in conjunction with the \-\-no\-daemonize option\. . .TP \-\-fingerprint Display the current certificate or certificate signing request fingerprint and then exit\. Use the \'\-\-digest\' option to change the digest algorithm used\. . .TP \-\-serve Start another type of server\. By default, \'puppet agent\' will start a service handler that allows authenticated and authorized remote nodes to trigger the configuration to be pulled down and applied\. You can specify any handler here that does not require configuration, e\.g\., filebucket, ca, or resource\. The handlers are in \'lib/puppet/network/handler\', and the names must match exactly, both in the call to \'serve\' and in \'namespaceauth\.conf\'\. . .TP \-\-test Enable the most common options used for testing\. These are \'onetime\', \'verbose\', \'ignorecache\', \'no\-daemonize\', \'no\-usecacheonfailure\', \'detailed\-exit\-codes\', \'no\-splay\', and \'show_diff\'\. . .TP \-\-noop Use \'noop\' mode where the daemon runs in a no\-op or dry\-run mode\. This is useful for seeing what changes Puppet will make without actually executing the changes\. . .TP \-\-verbose Turn on verbose reporting\. . .TP \-\-version Print the puppet version number and exit\. . .TP \-\-waitforcert This option only matters for daemons that do not yet have certificates and it is enabled by default, with a value of 120 (seconds)\. This causes \'puppet agent\' to connect to the server every 2 minutes and ask it to sign a certificate request\. This is useful for the initial setup of a puppet client\. You can turn off waiting for certificates by specifying a time of 0\. . .SH "EXAMPLE" . .nf $ puppet agent \-\-server puppet\.domain\.com . .fi . +.SH "DIAGNOSTICS" +Puppet agent accepts the following signals: +. +.TP +SIGHUP +Restart the puppet agent daemon\. +. +.TP +SIGINT and SIGTERM +Shut down the puppet agent daemon\. +. +.TP +SIGUSR1 +Immediately retrieve and apply configurations from the puppet master\. +. .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005, 2006 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppet-apply.8 b/man/man8/puppet-apply.8 index d8d864b56..b93713ff5 100644 --- a/man/man8/puppet-apply.8 +++ b/man/man8/puppet-apply.8 @@ -1,75 +1,75 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-APPLY" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-APPLY" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-apply\fR \- Apply Puppet manifests locally . .SH "SYNOPSIS" Applies a standalone Puppet manifest to the local system\. . .SH "USAGE" puppet apply [\-h|\-\-help] [\-V|\-\-version] [\-d|\-\-debug] [\-v|\-\-verbose] [\-e|\-\-execute] [\-\-detailed\-exitcodes] [\-l|\-\-logdest \fIfile\fR] [\-\-apply \fIcatalog\fR] \fIfile\fR . .SH "DESCRIPTION" This is the standalone puppet execution tool; use it to apply individual manifests\. . .P When provided with a modulepath, via command line or config file, puppet apply can effectively mimic the catalog that would be served by puppet master with access to the same modules, although there are some subtle differences\. When combined with scheduling and an automated system for pushing manifests, this can be used to implement a serverless Puppet site\. . .P Most users should use \'puppet agent\' and \'puppet master\' for site\-wide manifests\. . .SH "OPTIONS" Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'modulepath\' is a valid configuration parameter, so you can specify \'\-\-tags \fIclass\fR,\fItag\fR\' as an argument\. . .P See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \'\-\-genconfig\'\. . .TP \-\-debug Enable full debugging\. . .TP \-\-detailed\-exitcodes Provide transaction information via exit codes\. If this is enabled, an exit code of \'2\' means there were changes, and an exit code of \'4\' means that there were failures during the transaction\. . .TP \-\-help Print this help message . .TP \-\-loadclasses Load any stored classes\. \'puppet agent\' caches configured classes (usually at /etc/puppet/classes\.txt), and setting this option causes all of those classes to be set in your puppet manifest\. . .TP \-\-logdest Where to send messages\. Choose between syslog, the console, and a log file\. Defaults to sending messages to the console\. . .TP \-\-execute Execute a specific piece of Puppet code . .TP \-\-verbose Print extra information\. . .TP \-\-apply Apply a JSON catalog (such as one generated with \'puppet master \-\-compile\')\. You can either specify a JSON file or pipe in JSON from standard input\. . .SH "EXAMPLE" . .nf $ puppet apply \-l /tmp/manifest\.log manifest\.pp $ puppet apply \-\-modulepath=/root/dev/modules \-e "include ntpd::server" . .fi . .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppet-catalog.8 b/man/man8/puppet-catalog.8 new file mode 100644 index 000000000..e06ddefe7 --- /dev/null +++ b/man/man8/puppet-catalog.8 @@ -0,0 +1,286 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-CATALOG" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-catalog\fR \- Compile, save, view, and convert catalogs\. +. +.SH "SYNOPSIS" +puppet catalog \fIaction\fR [\-\-terminus TERMINUS] +. +.SH "DESCRIPTION" +This subcommand deals with catalogs, which are compiled per\-node artifacts generated from a set of Puppet manifests\. By default, it interacts with the compiling subsystem and compiles a catalog using the default manifest and \fBcertname\fR, but you can change the source of the catalog with the \fB\-\-terminus\fR option\. You can also choose to print any catalog in \'dot\' format (for easy graph viewing with OmniGraffle or Graphviz) with \'\-\-render\-as dot\'\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.TP +\-\-terminus TERMINUS +Indirector faces expose indirected subsystems of Puppet\. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR) from an arbitrary number of pluggable backends\. In Puppet parlance, these backends are called terminuses\. +. +.IP +Almost all indirected subsystems have a \fBrest\fR terminus that interacts with the puppet master\'s data\. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request\. +. +.IP +The terminus for an action is often determined by context, but occasionally needs to be set explicitly\. See the "Notes" section of this face\'s manpage for more details\. +. +.SH "ACTIONS" +. +.TP +\fBapply\fR \- Find and apply a catalog\. +\fBSYNOPSIS\fR +. +.IP +puppet catalog apply [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Finds and applies a catalog\. This action takes no arguments, but the source of the catalog can be managed with the \fB\-\-terminus\fR option\. +. +.IP +\fBRETURNS\fR +. +.IP +Nothing\. When used from the Ruby API, returns a Puppet::Transaction::Report object\. +. +.TP +\fBdestroy\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet catalog destroy [\-\-terminus TERMINUS] \fIkey\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBdownload\fR \- Download this node\'s catalog from the puppet master server\. +\fBSYNOPSIS\fR +. +.IP +puppet catalog download [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Retrieves a catalog from the puppet master and saves it to the local yaml cache\. This action always contacts the puppet master and will ignore alternate termini\. +. +.IP +The saved catalog can be used in any subsequent catalog action by specifying \'\-\-terminus yaml\' for that action\. +. +.IP +\fBRETURNS\fR +. +.IP +Nothing\. +. +.IP +\fBNOTES\fR +. +.IP +When used from the Ruby API, this action has a side effect of leaving Puppet::Resource::Catalog\.indirection\.terminus_class set to yaml\. The terminus must be explicitly re\-set for subsequent catalog actions\. +. +.TP +\fBfind\fR \- Retrieve the catalog for a node\. +\fBSYNOPSIS\fR +. +.IP +puppet catalog find [\-\-terminus TERMINUS] \fIcertname\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Retrieve the catalog for a node\. +. +.IP +\fBRETURNS\fR +. +.IP +A serialized catalog\. When used from the Ruby API, returns a Puppet::Resource::Catalog object\. +. +.TP +\fBinfo\fR \- Print the default terminus class for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet catalog info [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Prints the default terminus class for this subcommand\. Note that different run modes may have different default termini; when in doubt, specify the run mode with the \'\-\-mode\' option\. +. +.TP +\fBsave\fR \- API only: create or overwrite an object\. +\fBSYNOPSIS\fR +. +.IP +puppet catalog save [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +API only: create or overwrite an object\. As the Faces framework does not currently accept data from STDIN, save actions cannot currently be invoked from the command line\. +. +.TP +\fBsearch\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet catalog search [\-\-terminus TERMINUS] \fIquery\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBselect\fR \- Retrieve a catalog and filter it for resources of a given type\. +\fBSYNOPSIS\fR +. +.IP +puppet catalog select [\-\-terminus TERMINUS] \fIhost\fR \fIresource_type\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Retrieves a catalog for the specified host, then searches it for all resources of the requested type\. +. +.IP +\fBRETURNS\fR +. +.IP +A list of resource references ("Type[title]")\. When used from the API, returns an array of Puppet::Resource objects excised from a catalog\. +. +.IP +\fBNOTES\fR +. +.IP +By default, this action will retrieve a catalog from Puppet\'s compiler subsystem; you must call the action with \fB\-\-terminus rest\fR if you wish to retrieve a catalog from the puppet master\. +. +.IP +FORMATTING ISSUES: This action cannot currently render useful yaml; instead, it returns an entire catalog\. Use json instead\. +. +.SH "EXAMPLES" +\fBapply\fR +. +.P +Apply the locally cached catalog: +. +.P +$ puppet catalog apply \-\-terminus yaml +. +.P +Retrieve a catalog from the master and apply it, in one step: +. +.P +$ puppet catalog apply \-\-terminus rest +. +.P +From \fBsecret_agent\.rb\fR (API example): +. +.IP "" 4 +. +.nf + +# \.\.\. +Puppet::Face[:catalog, \'0\.0\.1\']\.download +# (Termini are singletons; catalog\.download has a side effect of +# setting the catalog terminus to yaml) +report = Puppet::Face[:catalog, \'0\.0\.1\']\.apply +# \.\.\. +. +.fi +. +.IP "" 0 +. +.P +\fBdownload\fR +. +.P +Retrieve and store a catalog: +. +.P +$ puppet catalog download +. +.P +From \fBsecret_agent\.rb\fR (API example): +. +.IP "" 4 +. +.nf + +Puppet::Face[:plugin, \'0\.0\.1\']\.download +Puppet::Face[:facts, \'0\.0\.1\']\.upload +Puppet::Face[:catalog, \'0\.0\.1\']\.download +# \.\.\. +. +.fi +. +.IP "" 0 +. +.P +\fBselect\fR +. +.P +Ask the puppet master for a list of managed file resources for a node: +. +.P +$ puppet catalog select \-\-terminus rest somenode\.magpie\.lan file +. +.SH "NOTES" +This subcommand is an indirector face, which exposes \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR actions for an indirected subsystem of Puppet\. Valid termini for this face include: +. +.IP "\(bu" 4 +\fBactive_record\fR +. +.IP "\(bu" 4 +\fBcompiler\fR +. +.IP "\(bu" 4 +\fBqueue\fR +. +.IP "\(bu" 4 +\fBrest\fR +. +.IP "\(bu" 4 +\fBstatic_compiler\fR +. +.IP "\(bu" 4 +\fByaml\fR +. +.IP "" 0 +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-cert.8 b/man/man8/puppet-cert.8 index bea7596d4..211f8ca7a 100644 --- a/man/man8/puppet-cert.8 +++ b/man/man8/puppet-cert.8 @@ -1,94 +1,97 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-CERT" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-CERT" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-cert\fR \- Manage certificates and requests . .SH "SYNOPSIS" Standalone certificate authority\. Capable of generating certificates, but mostly used for signing certificate requests from puppet clients\. . .SH "USAGE" -puppet cert [\-h|\-\-help] [\-V|\-\-version] [\-d|\-\-debug] [\-v|\-\-verbose] [\-g|\-\-generate] [\-l|\-\-list] [\-s|\-\-sign] [\-r|\-\-revoke] [\-p|\-\-print] [\-c|\-\-clean] [\-\-verify] [\-\-digest \fIdigest\fR] [\-\-fingerprint] [host] +puppet cert \fIaction\fR [\-h|\-\-help] [\-V|\-\-version] [\-d|\-\-debug] [\-v|\-\-verbose] [\-\-digest \fIdigest\fR] [\fIhost\fR] . .SH "DESCRIPTION" Because the puppet master service defaults to not signing client certificate requests, this script is available for signing outstanding requests\. It can be used to list outstanding requests and then either sign them individually or sign all of them\. . -.SH "OPTIONS" -Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'ssldir\' is a valid configuration parameter, so you can specify \'\-\-ssldir \fIdirectory\fR\' as an argument\. +.SH "ACTIONS" +Every action except \'list\' and \'generate\' requires a hostname to act on, unless the \'\-\-all\' option is set\. . -.P -See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet cert with \'\-\-genconfig\'\. +.TP +clean +Revoke a host\'s certificate (if applicable) and remove all files related to that host from puppet cert\'s storage\. This is useful when rebuilding hosts, since new certificate signing requests will only be honored if puppet cert does not have a copy of a signed certificate for that host\. If \'\-\-all\' is specified then all host certificates, both signed and unsigned, will be removed\. . .TP -\-\-all -Operate on all items\. Currently only makes sense with \'\-\-sign\', \'\-\-clean\', or \'\-\-list\'\. +fingerprint +Print the DIGEST (defaults to md5) fingerprint of a host\'s certificate\. . .TP -\-\-digest -Set the digest for fingerprinting (defaults to md5)\. Valid values depends on your openssl and openssl ruby extension version, but should contain at least md5, sha1, md2, sha256\. +generate +Generate a certificate for a named client\. A certificate/keypair will be generated for each client named on the command line\. . .TP -\-\-clean -Remove all files related to a host from puppet cert\'s storage\. This is useful when rebuilding hosts, since new certificate signing requests will only be honored if puppet cert does not have a copy of a signed certificate for that host\. The certificate of the host is also revoked\. If \'\-\-all\' is specified then all host certificates, both signed and unsigned, will be removed\. +list +List outstanding certificate requests\. If \'\-\-all\' is specified, signed certificates are also listed, prefixed by \'+\', and revoked or invalid certificates are prefixed by \'\-\' (the verification outcome is printed in parenthesis)\. . .TP -\-\-debug -Enable full debugging\. +print +Print the full\-text version of a host\'s certificate\. . .TP -\-\-generate -Generate a certificate for a named client\. A certificate/keypair will be generated for each client named on the command line\. +revoke +Revoke the certificate of a client\. The certificate can be specified either by its serial number (given as a decimal number or a hexadecimal number prefixed by \'0x\') or by its hostname\. The certificate is revoked by adding it to the Certificate Revocation List given by the \'cacrl\' configuration option\. Note that the puppet master needs to be restarted after revoking certificates\. . .TP -\-\-help -Print this help message +sign +Sign an outstanding certificate request\. . .TP -\-\-list -List outstanding certificate requests\. If \'\-\-all\' is specified, signed certificates are also listed, prefixed by \'+\', and revoked or invalid certificates are prefixed by \'\-\' (the verification outcome is printed in parenthesis)\. +verify +Verify the named certificate against the local CA certificate\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'ssldir\' is a valid configuration parameter, so you can specify \'\-\-ssldir \fIdirectory\fR\' as an argument\. +. +.P +See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet cert with \'\-\-genconfig\'\. . .TP -\-\-print -Print the full\-text version of a host\'s certificate\. +\-\-all +Operate on all items\. Currently only makes sense with the \'sign\', \'clean\', \'list\', and \'fingerprint\' actions\. . .TP -\-\-fingerprint -Print the DIGEST (defaults to md5) fingerprint of a host\'s certificate\. +\-\-digest +Set the digest for fingerprinting (defaults to md5)\. Valid values depends on your openssl and openssl ruby extension version, but should contain at least md5, sha1, md2, sha256\. . .TP -\-\-revoke -Revoke the certificate of a client\. The certificate can be specified either by its serial number, given as a decimal number or a hexadecimal number prefixed by \'0x\', or by its hostname\. The certificate is revoked by adding it to the Certificate Revocation List given by the \'cacrl\' config parameter\. Note that the puppetmasterd needs to be restarted after revoking certificates\. +\-\-debug +Enable full debugging\. . .TP -\-\-sign -Sign an outstanding certificate request\. Unless \'\-\-all\' is specified, hosts must be listed after all flags\. +\-\-help +Print this help message . .TP \-\-verbose Enable verbosity\. . .TP \-\-version Print the puppet version number and exit\. . -.TP -\-\-verify -Verify the named certificate against the local CA certificate\. -. .SH "EXAMPLE" . .nf -$ puppet cert \-l +$ puppet cert list culain\.madstop\.com -$ puppet cert \-s culain\.madstop\.com +$ puppet cert sign culain\.madstop\.com . .fi . .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppet-certificate.8 b/man/man8/puppet-certificate.8 new file mode 100644 index 000000000..03f2b55e6 --- /dev/null +++ b/man/man8/puppet-certificate.8 @@ -0,0 +1,229 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-CERTIFICATE" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-certificate\fR \- Provide access to the CA for certificate management\. +. +.SH "SYNOPSIS" +puppet certificate \fIaction\fR [\-\-terminus TERMINUS] [\-\-ca\-location LOCATION] +. +.SH "DESCRIPTION" +This subcommand interacts with a local or remote Puppet certificate authority\. Currently, its behavior is not a full superset of \fBpuppet cert\fR; specifically, it is unable to mimic puppet cert\'s "clean" option, and its "generate" action submits a CSR rather than creating a signed certificate\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.TP +\-\-ca\-location LOCATION +Whether to act on the local certificate authority or one provided by a remote puppet master\. Allowed values are \'local\' and \'remote\.\' +. +.IP +This option is required\. +. +.TP +\-\-terminus TERMINUS +Indirector faces expose indirected subsystems of Puppet\. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR) from an arbitrary number of pluggable backends\. In Puppet parlance, these backends are called terminuses\. +. +.IP +Almost all indirected subsystems have a \fBrest\fR terminus that interacts with the puppet master\'s data\. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request\. +. +.IP +The terminus for an action is often determined by context, but occasionally needs to be set explicitly\. See the "Notes" section of this face\'s manpage for more details\. +. +.SH "ACTIONS" +. +.TP +\fBdestroy\fR \- Delete a certificate\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate destroy [\-\-terminus TERMINUS] [\-\-ca\-location LOCATION] \fIhost\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Deletes a certificate\. This action currently only works on the local CA\. +. +.IP +\fBRETURNS\fR +. +.IP +Nothing\. +. +.TP +\fBfind\fR \- Retrieve a certificate\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate find [\-\-terminus TERMINUS] [\-\-ca\-location LOCATION] \fIhost\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Retrieve a certificate\. +. +.IP +\fBRETURNS\fR +. +.IP +An x509 SSL certificate\. You will usually want to render this as a string (\-\-render\-as s)\. +. +.IP +Note that this action has a side effect of caching a copy of the certificate in Puppet\'s \fBssldir\fR\. +. +.TP +\fBgenerate\fR \- Generate a new certificate signing request\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate generate [\-\-terminus TERMINUS] [\-\-ca\-location LOCATION] \fIhost\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Generates and submits a certificate signing request (CSR) for the specified host\. This CSR will then have to be signed by a user with the proper authorization on the certificate authority\. +. +.IP +Puppet agent usually handles CSR submission automatically\. This action is primarily useful for requesting certificates for individual users and external applications\. +. +.IP +\fBRETURNS\fR +. +.IP +Nothing\. +. +.TP +\fBinfo\fR \- Print the default terminus class for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate info [\-\-terminus TERMINUS] [\-\-ca\-location LOCATION] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Prints the default terminus class for this subcommand\. Note that different run modes may have different default termini; when in doubt, specify the run mode with the \'\-\-mode\' option\. +. +.TP +\fBlist\fR \- List all certificate signing requests\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate list [\-\-terminus TERMINUS] [\-\-ca\-location LOCATION] +. +.IP +\fBDESCRIPTION\fR +. +.IP +List all certificate signing requests\. +. +.IP +\fBRETURNS\fR +. +.IP +An array of #inspect output from CSR objects\. This output is currently messy, but does contain the names of nodes requesting certificates\. This action returns #inspect strings even when used from the Ruby API\. +. +.TP +\fBsave\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate save [\-\-terminus TERMINUS] [\-\-ca\-location LOCATION] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBsearch\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate search [\-\-terminus TERMINUS] [\-\-ca\-location LOCATION] \fIquery\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBsign\fR \- Sign a certificate signing request for HOST\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate sign [\-\-terminus TERMINUS] [\-\-ca\-location LOCATION] \fIhost\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Sign a certificate signing request for HOST\. +. +.IP +\fBRETURNS\fR +. +.IP +A string that appears to be (but isn\'t) an x509 certificate\. +. +.SH "EXAMPLES" +\fBgenerate\fR +. +.P +Request a certificate for "somenode" from the site\'s CA: +. +.P +$ puppet certificate generate somenode\.puppetlabs\.lan \-\-ca\-location remote +. +.P +\fBsign\fR +. +.P +Sign somenode\.puppetlabs\.lan\'s certificate: +. +.P +$ puppet certificate sign somenode\.puppetlabs\.lan \-\-ca\-location remote +. +.SH "NOTES" +This subcommand is an indirector face, which exposes \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR actions for an indirected subsystem of Puppet\. Valid termini for this face include: +. +.IP "\(bu" 4 +\fBca\fR +. +.IP "\(bu" 4 +\fBfile\fR +. +.IP "\(bu" 4 +\fBrest\fR +. +.IP "" 0 +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-certificate_request.8 b/man/man8/puppet-certificate_request.8 new file mode 100644 index 000000000..faeb5a06c --- /dev/null +++ b/man/man8/puppet-certificate_request.8 @@ -0,0 +1,168 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-CERTIFICATE_REQUEST" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-certificate_request\fR \- Manage certificate requests\. +. +.SH "SYNOPSIS" +puppet certificate_request \fIaction\fR [\-\-terminus TERMINUS] +. +.SH "DESCRIPTION" +This subcommand retrieves and submits certificate signing requests (CSRs)\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.TP +\-\-terminus TERMINUS +Indirector faces expose indirected subsystems of Puppet\. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR) from an arbitrary number of pluggable backends\. In Puppet parlance, these backends are called terminuses\. +. +.IP +Almost all indirected subsystems have a \fBrest\fR terminus that interacts with the puppet master\'s data\. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request\. +. +.IP +The terminus for an action is often determined by context, but occasionally needs to be set explicitly\. See the "Notes" section of this face\'s manpage for more details\. +. +.SH "ACTIONS" +. +.TP +\fBdestroy\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate_request destroy [\-\-terminus TERMINUS] \fIkey\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBfind\fR \- Retrieve a single CSR\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate_request find [\-\-terminus TERMINUS] \fIhost\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Retrieve a single CSR\. +. +.IP +\fBRETURNS\fR +. +.IP +A single certificate request\. When used from the Ruby API, returns a Puppet::SSL::CertificateRequest object\. +. +.IP +RENDERING ISSUES: In most cases, you will want to render this as a string (\'\-\-render\-as s\')\. +. +.TP +\fBinfo\fR \- Print the default terminus class for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate_request info [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Prints the default terminus class for this subcommand\. Note that different run modes may have different default termini; when in doubt, specify the run mode with the \'\-\-mode\' option\. +. +.TP +\fBsave\fR \- API only: submit a certificate signing request\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate_request save [\-\-terminus TERMINUS] \fIx509_CSR\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +API only: create or overwrite an object\. As the Faces framework does not currently accept data from STDIN, save actions cannot currently be invoked from the command line\. +. +.TP +\fBsearch\fR \- Retrieve all outstanding CSRs\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate_request search [\-\-terminus TERMINUS] \fIdummy_text\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Retrieve all outstanding CSRs\. +. +.IP +\fBRETURNS\fR +. +.IP +A list of certificate requests; be sure to to render this as a string (\'\-\-render\-as s\')\. When used from the Ruby API, returns an array of Puppet::SSL::CertificateRequest objects\. +. +.IP +\fBNOTES\fR +. +.IP +Although this action always returns all CSRs, it requires a dummy search key; this is a known bug\. +. +.SH "EXAMPLES" +\fBfind\fR +. +.P +Retrieve a single CSR from the puppet master\'s CA: +. +.P +$ puppet certificate_request find somenode\.puppetlabs\.lan \-\-terminus rest +. +.P +\fBsearch\fR +. +.P +Retrieve all CSRs from the local CA (similar to \'puppet cert list\'): +. +.P +$ puppet certificate_request search x \-\-terminus ca +. +.SH "NOTES" +This subcommand is an indirector face, which exposes \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR actions for an indirected subsystem of Puppet\. Valid termini for this face include: +. +.IP "\(bu" 4 +\fBca\fR +. +.IP "\(bu" 4 +\fBfile\fR +. +.IP "\(bu" 4 +\fBrest\fR +. +.IP "" 0 +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-certificate_revocation_list.8 b/man/man8/puppet-certificate_revocation_list.8 new file mode 100644 index 000000000..4a9c856df --- /dev/null +++ b/man/man8/puppet-certificate_revocation_list.8 @@ -0,0 +1,165 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-CERTIFICATE_REVOCATION_LIST" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-certificate_revocation_list\fR \- Manage the list of revoked certificates\. +. +.SH "SYNOPSIS" +puppet certificate_revocation_list \fIaction\fR [\-\-terminus TERMINUS] +. +.SH "DESCRIPTION" +This subcommand is primarily for retrieving the certificate revocation list from the CA\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.TP +\-\-terminus TERMINUS +Indirector faces expose indirected subsystems of Puppet\. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR) from an arbitrary number of pluggable backends\. In Puppet parlance, these backends are called terminuses\. +. +.IP +Almost all indirected subsystems have a \fBrest\fR terminus that interacts with the puppet master\'s data\. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request\. +. +.IP +The terminus for an action is often determined by context, but occasionally needs to be set explicitly\. See the "Notes" section of this face\'s manpage for more details\. +. +.SH "ACTIONS" +. +.TP +\fBdestroy\fR \- Delete the certificate revocation list\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate_revocation_list destroy [\-\-terminus TERMINUS] \fIdummy_text\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Deletes the certificate revocation list\. This cannot be done over REST, but it is possible to delete the locally cached copy or the local CA\'s copy of the CRL\. +. +.IP +\fBRETURNS\fR +. +.IP +Nothing\. +. +.IP +\fBNOTES\fR +. +.IP +Although this action always deletes the CRL from the specified terminus, it requires a dummy argument; this is a known bug\. +. +.TP +\fBfind\fR \- Retrieve the certificate revocation list\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate_revocation_list find [\-\-terminus TERMINUS] \fIdummy_text\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Retrieve the certificate revocation list\. +. +.IP +\fBRETURNS\fR +. +.IP +The certificate revocation list\. When used from the Ruby API: returns an OpenSSL::X509::CRL object\. +. +.IP +RENDERING ISSUES: this should usually be rendered as a string (\'\-\-render\-as s\')\. +. +.IP +\fBNOTES\fR +. +.IP +Although this action always returns the CRL from the specified terminus, it requires a dummy argument; this is a known bug\. +. +.TP +\fBinfo\fR \- Print the default terminus class for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate_revocation_list info [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Prints the default terminus class for this subcommand\. Note that different run modes may have different default termini; when in doubt, specify the run mode with the \'\-\-mode\' option\. +. +.TP +\fBsave\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate_revocation_list save [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBsearch\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet certificate_revocation_list search [\-\-terminus TERMINUS] \fIquery\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.SH "EXAMPLES" +\fBfind\fR +. +.P +Retrieve a copy of the puppet master\'s CRL: +. +.P +$ puppet certificate_revocation_list find crl \-\-terminus rest +. +.SH "NOTES" +This subcommand is an indirector face, which exposes \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR actions for an indirected subsystem of Puppet\. Valid termini for this face include: +. +.IP "\(bu" 4 +\fBca\fR +. +.IP "\(bu" 4 +\fBfile\fR +. +.IP "\(bu" 4 +\fBrest\fR +. +.IP "" 0 +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-config.8 b/man/man8/puppet-config.8 new file mode 100644 index 000000000..f7592a43b --- /dev/null +++ b/man/man8/puppet-config.8 @@ -0,0 +1,80 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-CONFIG" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-config\fR \- Interact with Puppet\'s configuration options\. +. +.SH "SYNOPSIS" +puppet config \fIaction\fR +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.SH "ACTIONS" +. +.TP +\fBprint\fR \- Examine Puppet\'s current configuration settings\. +\fBSYNOPSIS\fR +. +.IP +puppet config print (all | \fIsetting\fR [\fIsetting\fR \.\.\.] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Prints the value of a single configuration option or a list of configuration options\. +. +.IP +This action is an alternate interface to the information available with \fBpuppet \-\-configprint\fR\. +. +.IP +\fBRETURNS\fR +. +.IP +A single value when called with one config setting, and a list of settings and values when called with multiple options or "all\." +. +.IP +\fBNOTES\fR +. +.IP +By default, this action reads the configuration in agent mode\. Use the \'\-\-mode\' and \'\-\-environment\' flags to examine other configuration domains\. +. +.SH "EXAMPLES" +\fBprint\fR +. +.P +Get puppet\'s runfile directory: +. +.P +$ puppet config print rundir +. +.P +Get a list of important directories from the master\'s config: +. +.P +$ puppet config print all \-\-mode master | grep \-E "(path|dir)" +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-describe.8 b/man/man8/puppet-describe.8 index c54a7bec7..af246f16b 100644 --- a/man/man8/puppet-describe.8 +++ b/man/man8/puppet-describe.8 @@ -1,51 +1,51 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-DESCRIBE" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-DESCRIBE" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-describe\fR \- Display help about resource types . .SH "SYNOPSIS" Prints help about Puppet resource types, providers, and metaparameters\. . .SH "USAGE" puppet describe [\-h|\-\-help] [\-s|\-\-short] [\-p|\-\-providers] [\-l|\-\-list] [\-m|\-\-meta] . .SH "OPTIONS" . .TP \-\-help Print this help text . .TP \-\-providers Describe providers in detail for each type . .TP \-\-list List all types . .TP \-\-meta List all metaparameters . .TP \-\-short List only parameters without detail . .SH "EXAMPLE" . .nf $ puppet describe \-\-list $ puppet describe file \-\-providers $ puppet describe user \-s \-m . .fi . .SH "AUTHOR" David Lutterkort . .SH "COPYRIGHT" -Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppet-device.8 b/man/man8/puppet-device.8 new file mode 100644 index 000000000..a63f96ddf --- /dev/null +++ b/man/man8/puppet-device.8 @@ -0,0 +1,86 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-DEVICE" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-device\fR \- Manage remote network devices +. +.SH "SYNOPSIS" +Retrieves all configurations from the puppet master and apply them to the remote devices configured in /etc/puppet/device\.conf\. +. +.P +Currently must be run out periodically, using cron or something similar\. +. +.SH "USAGE" +puppet device [\-d|\-\-debug] [\-\-detailed\-exitcodes] [\-V|\-\-version] +. +.IP "" 4 +. +.nf + + [\-h|\-\-help] [\-l|\-\-logdest syslog||console] + [\-v|\-\-verbose] [\-w|\-\-waitforcert ] +. +.fi +. +.IP "" 0 +. +.SH "DESCRIPTION" +Once the client has a signed certificate for a given remote device, it will retrieve its configuration and apply it\. +. +.SH "USAGE NOTES" +One need a /etc/puppet/device\.conf file with the following content: +. +.P +[remote\.device\.fqdn] type \fItype\fR url \fIurl\fR +. +.P +where: * type: the current device type (the only value at this time is cisco) * url: an url allowing to connect to the device +. +.P +Supported url must conforms to: scheme://user:password@hostname/?query +. +.P +with: * scheme: either ssh or telnet * user: username, can be omitted depending on the switch/router configuration * password: the connection password * query: this is device specific\. Cisco devices supports an enable parameter whose value would be the enable password\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'server\' is a valid configuration parameter, so you can specify \'\-\-server \fIservername\fR\' as an argument\. +. +.TP +\-\-debug +Enable full debugging\. +. +.TP +\-\-detailed\-exitcodes +Provide transaction information via exit codes\. If this is enabled, an exit code of \'2\' means there were changes, and an exit code of \'4\' means that there were failures during the transaction\. This option only makes sense in conjunction with \-\-onetime\. +. +.TP +\-\-help +Print this help message +. +.TP +\-\-logdest +Where to send messages\. Choose between syslog, the console, and a log file\. Defaults to sending messages to syslog, or the console if debugging or verbosity is enabled\. +. +.TP +\-\-verbose +Turn on verbose reporting\. +. +.TP +\-\-waitforcert +This option only matters for daemons that do not yet have certificates and it is enabled by default, with a value of 120 (seconds)\. This causes +puppet agent+ to connect to the server every 2 minutes and ask it to sign a certificate request\. This is useful for the initial setup of a puppet client\. You can turn off waiting for certificates by specifying a time of 0\. +. +.SH "EXAMPLE" +. +.nf + + $ puppet device \-\-server puppet\.domain\.com +. +.fi +. +.SH "AUTHOR" +Brice Figureau +. +.SH "COPYRIGHT" +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppet-doc.8 b/man/man8/puppet-doc.8 index e0cabd5d1..f6de3951a 100644 --- a/man/man8/puppet-doc.8 +++ b/man/man8/puppet-doc.8 @@ -1,101 +1,101 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-DOC" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-DOC" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-doc\fR \- Generate Puppet documentation and references . .SH "SYNOPSIS" Generates a reference for all Puppet types\. Largely meant for internal Puppet Labs use\. . .SH "USAGE" puppet doc [\-a|\-\-all] [\-h|\-\-help] [\-o|\-\-outputdir \fIrdoc\-outputdir\fR] [\-m|\-\-mode text|pdf|rdoc] [\-r|\-\-reference \fIreference\-name\fR] [\-\-charset \fIcharset\fR] [\fImanifest\-file\fR] . .SH "DESCRIPTION" If mode is not \'rdoc\', then this command generates a Markdown document describing all installed Puppet types or all allowable arguments to puppet executables\. It is largely meant for internal use and is used to generate the reference document available on the Puppet Labs web site\. . .P In \'rdoc\' mode, this command generates an html RDoc hierarchy describing the manifests that are in \'manifestdir\' and \'modulepath\' configuration directives\. The generated documentation directory is doc by default but can be changed with the \'outputdir\' option\. . .P If the command is run with the name of a manifest file as an argument, puppet doc will output a single manifest\'s documentation on stdout\. . .SH "OPTIONS" . .TP \-\-all Output the docs for all of the reference types\. In \'rdoc\' modes, this also outputs documentation for all resources . .TP \-\-help Print this help message . .TP \-\-outputdir Specifies the directory where to output the rdoc documentation in \'rdoc\' mode\. . .TP \-\-mode Determine the output mode\. Valid modes are \'text\', \'pdf\' and \'rdoc\'\. The \'pdf\' mode creates PDF formatted files in the /tmp directory\. The default mode is \'text\'\. In \'rdoc\' mode you must provide \'manifests\-path\' . .TP \-\-reference Build a particular reference\. Get a list of references by running \'puppet doc \-\-list\'\. . .TP \-\-charset Used only in \'rdoc\' mode\. It sets the charset used in the html files produced\. . .SH "EXAMPLE" . .nf $ puppet doc \-r type > /tmp/type_reference\.markdown . .fi . .P or . .IP "" 4 . .nf $ puppet doc \-\-outputdir /tmp/rdoc \-\-mode rdoc /path/to/manifests . .fi . .IP "" 0 . .P or . .IP "" 4 . .nf $ puppet doc /etc/puppet/manifests/site\.pp . .fi . .IP "" 0 . .P or . .IP "" 4 . .nf $ puppet doc \-m pdf \-r configuration . .fi . .IP "" 0 . .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005\-2007 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppet-facts.8 b/man/man8/puppet-facts.8 new file mode 100644 index 000000000..25470cc0e --- /dev/null +++ b/man/man8/puppet-facts.8 @@ -0,0 +1,217 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-FACTS" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-facts\fR \- Retrieve and store facts\. +. +.SH "SYNOPSIS" +puppet facts \fIaction\fR [\-\-terminus TERMINUS] +. +.SH "DESCRIPTION" +This subcommand manages facts, which are collections of normalized system information used by Puppet\. It can read facts directly from the local system (with the default \fBfacter\fR terminus), look up facts reported by other systems, and submit facts to the puppet master\. +. +.P +When used with the \fBrest\fR terminus, this subcommand is essentially a front\-end to the inventory service REST API\. See the inventory service documentation at \fIhttp://docs\.puppetlabs\.com/guides/inventory_service\.html\fR for more detail\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.TP +\-\-terminus TERMINUS +Indirector faces expose indirected subsystems of Puppet\. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR) from an arbitrary number of pluggable backends\. In Puppet parlance, these backends are called terminuses\. +. +.IP +Almost all indirected subsystems have a \fBrest\fR terminus that interacts with the puppet master\'s data\. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request\. +. +.IP +The terminus for an action is often determined by context, but occasionally needs to be set explicitly\. See the "Notes" section of this face\'s manpage for more details\. +. +.SH "ACTIONS" +. +.TP +\fBdestroy\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet facts destroy [\-\-terminus TERMINUS] \fIkey\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBfind\fR \- Retrieve a node\'s facts\. +\fBSYNOPSIS\fR +. +.IP +puppet facts find [\-\-terminus TERMINUS] \fInode_certname\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Retrieve a node\'s facts\. +. +.IP +\fBRETURNS\fR +. +.IP +A hash containing some metadata and (under the "values" key) the set of facts for the requested node\. When used from the Ruby API: A Puppet::Node::Facts object\. +. +.IP +RENDERING ISSUES: Facts cannot currently be rendered as a string; use yaml or json\. +. +.IP +\fBNOTES\fR +. +.IP +When using the \fBfacter\fR terminus, the host argument is ignored\. +. +.TP +\fBinfo\fR \- Print the default terminus class for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet facts info [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Prints the default terminus class for this subcommand\. Note that different run modes may have different default termini; when in doubt, specify the run mode with the \'\-\-mode\' option\. +. +.TP +\fBsave\fR \- API only: create or overwrite an object\. +\fBSYNOPSIS\fR +. +.IP +puppet facts save [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +API only: create or overwrite an object\. As the Faces framework does not currently accept data from STDIN, save actions cannot currently be invoked from the command line\. +. +.TP +\fBsearch\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet facts search [\-\-terminus TERMINUS] \fIquery\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBupload\fR \- Upload local facts to the puppet master\. +\fBSYNOPSIS\fR +. +.IP +puppet facts upload [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Reads facts from the local system using the \fBfacter\fR terminus, then saves the returned facts using the rest terminus\. +. +.IP +\fBRETURNS\fR +. +.IP +Nothing\. +. +.IP +\fBNOTES\fR +. +.IP +This action requires that the puppet master\'s \fBauth\.conf\fR file allow save access to the \fBfacts\fR REST terminus\. Puppet agent does not use this facility, and it is turned off by default\. See \fIhttp://docs\.puppetlabs\.com/guides/rest_auth_conf\.html\fR for more details\. +. +.SH "EXAMPLES" +\fBfind\fR +. +.P +Get facts from the local system: +. +.P +$ puppet facts find x +. +.P +Ask the puppet master for facts for an arbitrary node: +. +.P +$ puppet facts find somenode\.puppetlabs\.lan \-\-terminus rest +. +.P +Query a DB\-backed inventory directly (bypassing the REST API): +. +.P +$ puppet facts find somenode\.puppetlabs\.lan \-\-terminus inventory_active_record \-\-mode master +. +.P +\fBupload\fR +. +.P +Upload facts: +. +.P +$ puppet facts upload +. +.SH "NOTES" +This subcommand is an indirector face, which exposes \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR actions for an indirected subsystem of Puppet\. Valid termini for this face include: +. +.IP "\(bu" 4 +\fBactive_record\fR +. +.IP "\(bu" 4 +\fBcouch\fR +. +.IP "\(bu" 4 +\fBfacter\fR +. +.IP "\(bu" 4 +\fBinventory_active_record\fR +. +.IP "\(bu" 4 +\fBmemory\fR +. +.IP "\(bu" 4 +\fBnetwork_device\fR +. +.IP "\(bu" 4 +\fBrest\fR +. +.IP "\(bu" 4 +\fByaml\fR +. +.IP "" 0 +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-file.8 b/man/man8/puppet-file.8 new file mode 100644 index 000000000..1c39df7f3 --- /dev/null +++ b/man/man8/puppet-file.8 @@ -0,0 +1,225 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-FILE" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-file\fR \- Retrieve and store files in a filebucket +. +.SH "SYNOPSIS" +puppet file \fIaction\fR [\-\-terminus TERMINUS] +. +.SH "DESCRIPTION" +This subcommand interacts with objects stored in a local or remote filebucket\. File objects are accessed by their MD5 sum; see the examples for the relevant syntax\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.TP +\-\-terminus TERMINUS +Indirector faces expose indirected subsystems of Puppet\. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR) from an arbitrary number of pluggable backends\. In Puppet parlance, these backends are called terminuses\. +. +.IP +Almost all indirected subsystems have a \fBrest\fR terminus that interacts with the puppet master\'s data\. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request\. +. +.IP +The terminus for an action is often determined by context, but occasionally needs to be set explicitly\. See the "Notes" section of this face\'s manpage for more details\. +. +.SH "ACTIONS" +. +.TP +\fBdestroy\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet file destroy [\-\-terminus TERMINUS] \fIkey\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBdownload\fR \- Download a file into the local filebucket\. +\fBSYNOPSIS\fR +. +.IP +puppet file download [\-\-terminus TERMINUS] ( {md5}\fIchecksum\fR | \fIpuppet_url\fR ) +. +.IP +\fBDESCRIPTION\fR +. +.IP +Downloads a file from the puppet master\'s filebucket and duplicates it in the local filebucket\. This action\'s checksum syntax differs from \fBfind\fR\'s, and it can accept a URL\. +. +.IP +\fBRETURNS\fR +. +.IP +Nothing\. +. +.TP +\fBfind\fR \- Retrieve a file from the filebucket\. +\fBSYNOPSIS\fR +. +.IP +puppet file find [\-\-terminus TERMINUS] md5/\fImd5sum\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Retrieve a file from the filebucket\. +. +.IP +\fBRETURNS\fR +. +.IP +The file object with the specified checksum\. +. +.IP +RENDERING ISSUES: Rendering as a string returns the contents of the file object; rendering as yaml returns a hash of metadata about said file, including but not limited to its contents\. Rendering as json is currently broken, and returns a hash containing only the contents of the file\. +. +.TP +\fBinfo\fR \- Print the default terminus class for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet file info [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Prints the default terminus class for this subcommand\. Note that different run modes may have different default termini; when in doubt, specify the run mode with the \'\-\-mode\' option\. +. +.TP +\fBsave\fR \- API only: create or overwrite an object\. +\fBSYNOPSIS\fR +. +.IP +puppet file save [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +API only: create or overwrite an object\. As the Faces framework does not currently accept data from STDIN, save actions cannot currently be invoked from the command line\. +. +.TP +\fBsearch\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet file search [\-\-terminus TERMINUS] \fIquery\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBstore\fR \- Store a file in the local filebucket\. +\fBSYNOPSIS\fR +. +.IP +puppet file store [\-\-terminus TERMINUS] \fIfile\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Store a file in the local filebucket\. +. +.IP +\fBRETURNS\fR +. +.IP +Nothing\. +. +.TP +\fBupload\fR \- Upload a file to the remote filebucket\. +\fBSYNOPSIS\fR +. +.IP +puppet file upload [\-\-terminus TERMINUS] \fIfile\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Upload a file to the remote filebucket\. +. +.SH "EXAMPLES" +\fBdownload\fR +. +.P +Download a file by URL: +. +.P +$ puppet file download puppet:///modules/editors/vim/\.vimrc +. +.P +Download a file by MD5 sum: +. +.P +$ puppet file download {md5}8f798d4e754db0ac89186bbaeaf0af18 +. +.P +\fBfind\fR +. +.P +Retrieve the contents of a file: +. +.P +$ puppet file find md5/9aedba7f413c97dc65895b1cd9421f2c \-\-render\-as s +. +.P +\fBstore\fR +. +.P +Store a file: +. +.P +$ puppet file store /root/\.bashrc +. +.SH "NOTES" +To retrieve the unmunged contents of a file, you must call find with \-\-render\-as s\. Rendering as yaml will return a hash of metadata about the file, including its contents\. +. +.P +This subcommand does not interact with the \fBclientbucketdir\fR (the default local filebucket for puppet agent); it interacts with the primary "master"\-type filebucket located in the \fBbucketdir\fR\. If you wish to interact with puppet agent\'s default filebucket, you\'ll need to set the \fI\-\-bucketdir\fR option appropriately when invoking actions\. +. +.P +This subcommand is an indirector face, which exposes \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR actions for an indirected subsystem of Puppet\. Valid termini for this face include: +. +.IP "\(bu" 4 +\fBfile\fR +. +.IP "\(bu" 4 +\fBrest\fR +. +.IP "" 0 +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-filebucket.8 b/man/man8/puppet-filebucket.8 index 7ff0da9af..990756858 100644 --- a/man/man8/puppet-filebucket.8 +++ b/man/man8/puppet-filebucket.8 @@ -1,81 +1,81 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-FILEBUCKET" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-FILEBUCKET" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-filebucket\fR \- Store and retrieve files in a filebucket . .SH "SYNOPSIS" A stand\-alone Puppet filebucket client\. . .SH "USAGE" puppet filebucket \fImode\fR [\-h|\-\-help] [\-V|\-\-version] [\-d|\-\-debug] [\-v|\-\-verbose] [\-l|\-\-local] [\-r|\-\-remote] [\-s|\-\-server \fIserver\fR] [\-b|\-\-bucket \fIdirectory\fR] \fIfile\fR \fIfile\fR \.\.\. . .P Puppet filebucket can operate in three modes, with only one mode per call: . .P backup: Send one or more files to the specified file bucket\. Each sent file is printed with its resulting md5 sum\. . .P get: Return the text associated with an md5 sum\. The text is printed to stdout, and only one file can be retrieved at a time\. . .P restore: Given a file path and an md5 sum, store the content associated with the sum into the specified file path\. You can specify an entirely new path to this argument; you are not restricted to restoring the content to its original location\. . .SH "DESCRIPTION" This is a stand\-alone filebucket client for sending files to a local or central filebucket\. . .P Note that \'filebucket\' defaults to using a network\-based filebucket available on the server named \'puppet\'\. To use this, you\'ll have to be running as a user with valid Puppet certificates\. Alternatively, you can use your local file bucket by specifying \'\-\-local\'\. . .SH "OPTIONS" Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'ssldir\' is a valid configuration parameter, so you can specify \'\-\-ssldir \fIdirectory\fR\' as an argument\. . .P See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \'\-\-genconfig\'\. . .TP \-\-debug Enable full debugging\. . .TP \-\-help Print this help message . .TP \-\-local Use the local filebucket\. This will use the default configuration information\. . .TP \-\-remote Use a remote filebucket\. This will use the default configuration information\. . .TP \-\-server The server to send the file to, instead of locally\. . .TP \-\-verbose Print extra information\. . .TP \-\-version Print version information\. . .SH "EXAMPLE" . .nf $ puppet filebucket backup /etc/passwd /etc/passwd: 429b225650b912a2ee067b0a4cf1e949 $ puppet filebucket restore /tmp/passwd 429b225650b912a2ee067b0a4cf1e949 . .fi . .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppet-help.8 b/man/man8/puppet-help.8 new file mode 100644 index 000000000..0f22ca887 --- /dev/null +++ b/man/man8/puppet-help.8 @@ -0,0 +1,71 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-HELP" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-help\fR \- Display Puppet help\. +. +.SH "SYNOPSIS" +puppet help \fIaction\fR +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.SH "ACTIONS" +. +.TP +\fBhelp\fR \- Display help about Puppet subcommands and their actions\. +\fBSYNOPSIS\fR +. +.IP +puppet help [\-\-version VERSION] [\fIsubcommand\fR] [\fIaction\fR] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Display help about Puppet subcommands and their actions\. +. +.IP +\fBOPTIONS\fR +. +.IP +\fI\-\-version VERSION\fR \- The version of the subcommand for which to show help\. +. +.IP +\fBRETURNS\fR +. +.IP +Short help text for the specified subcommand or action\. +. +.SH "EXAMPLES" +\fBhelp\fR +. +.P +Get help for an action: +. +.P +$ puppet help +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-inspect.8 b/man/man8/puppet-inspect.8 index ae19deede..e11c9fe81 100644 --- a/man/man8/puppet-inspect.8 +++ b/man/man8/puppet-inspect.8 @@ -1,28 +1,28 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-INSPECT" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-INSPECT" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-inspect\fR \- Send an inspection report . .SH "SYNOPSIS" Prepares and submits an inspection report to the puppet master\. . .SH "USAGE" puppet inspect . .SH "DESCRIPTION" This command uses the cached catalog from the previous run of \'puppet agent\' to determine which attributes of which resources have been marked as auditable with the \'audit\' metaparameter\. It then examines the current state of the system, writes the state of the specified resource attributes to a report, and submits the report to the puppet master\. . .P Puppet inspect does not run as a daemon, and must be run manually or from cron\. . .SH "OPTIONS" Any configuration setting which is valid in the configuration file is also a valid long argument, e\.g\. \'\-\-server=master\.domain\.com\'\. See the configuration file documentation at http://docs\.puppetlabs\.com/references/latest/configuration\.html for the full list of acceptable settings\. . .SH "AUTHOR" Puppet Labs . .SH "COPYRIGHT" -Copyright (c) 2011 Puppet Labs, LLC Licensed under the GNU General Public License version 2 +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppet-key.8 b/man/man8/puppet-key.8 new file mode 100644 index 000000000..b0812d831 --- /dev/null +++ b/man/man8/puppet-key.8 @@ -0,0 +1,126 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-KEY" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-key\fR \- Create, save, and remove certificate keys\. +. +.SH "SYNOPSIS" +puppet key \fIaction\fR [\-\-terminus TERMINUS] +. +.SH "DESCRIPTION" +This subcommand manages certificate private keys\. Keys are created automatically by puppet agent and when certificate requests are generated with \'puppet certificate generate\'; it should not be necessary to use this subcommand directly\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.TP +\-\-terminus TERMINUS +Indirector faces expose indirected subsystems of Puppet\. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR) from an arbitrary number of pluggable backends\. In Puppet parlance, these backends are called terminuses\. +. +.IP +Almost all indirected subsystems have a \fBrest\fR terminus that interacts with the puppet master\'s data\. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request\. +. +.IP +The terminus for an action is often determined by context, but occasionally needs to be set explicitly\. See the "Notes" section of this face\'s manpage for more details\. +. +.SH "ACTIONS" +. +.TP +\fBdestroy\fR \- Delete an object\. +\fBSYNOPSIS\fR +. +.IP +puppet key destroy [\-\-terminus TERMINUS] \fIkey\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Delete an object\. +. +.TP +\fBfind\fR \- Retrieve an object by name\. +\fBSYNOPSIS\fR +. +.IP +puppet key find [\-\-terminus TERMINUS] \fIkey\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Retrieve an object by name\. +. +.TP +\fBinfo\fR \- Print the default terminus class for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet key info [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Prints the default terminus class for this subcommand\. Note that different run modes may have different default termini; when in doubt, specify the run mode with the \'\-\-mode\' option\. +. +.TP +\fBsave\fR \- API only: create or overwrite an object\. +\fBSYNOPSIS\fR +. +.IP +puppet key save [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +API only: create or overwrite an object\. As the Faces framework does not currently accept data from STDIN, save actions cannot currently be invoked from the command line\. +. +.TP +\fBsearch\fR \- Search for an object or retrieve multiple objects\. +\fBSYNOPSIS\fR +. +.IP +puppet key search [\-\-terminus TERMINUS] \fIquery\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Search for an object or retrieve multiple objects\. +. +.SH "NOTES" +This subcommand is an indirector face, which exposes \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR actions for an indirected subsystem of Puppet\. Valid termini for this face include: +. +.IP "\(bu" 4 +\fBca\fR +. +.IP "\(bu" 4 +\fBfile\fR +. +.IP "" 0 +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-kick.8 b/man/man8/puppet-kick.8 index b6a868918..2b7502310 100644 --- a/man/man8/puppet-kick.8 +++ b/man/man8/puppet-kick.8 @@ -1,115 +1,95 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-KICK" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-KICK" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-kick\fR \- Remotely control puppet agent . .SH "SYNOPSIS" Trigger a puppet agent run on a set of hosts\. . .SH "USAGE" puppet kick [\-a|\-\-all] [\-c|\-\-class \fIclass\fR] [\-d|\-\-debug] [\-f|\-\-foreground] [\-h|\-\-help] [\-\-host \fIhost\fR] [\-\-no\-fqdn] [\-\-ignoreschedules] [\-t|\-\-tag \fItag\fR] [\-\-test] [\-p|\-\-ping] \fIhost\fR [\fIhost\fR [\.\.\.]] . .SH "DESCRIPTION" This script can be used to connect to a set of machines running \'puppet agent\' and trigger them to run their configurations\. The most common usage would be to specify a class of hosts and a set of tags, and \'puppet kick\' would look up in LDAP all of the hosts matching that class, then connect to each host and trigger a run of all of the objects with the specified tags\. . .P If you are not storing your host configurations in LDAP, you can specify hosts manually\. . .P You will most likely have to run \'puppet kick\' as root to get access to the SSL certificates\. . .P \'puppet kick\' reads \'puppet master\'\'s configuration file, so that it can copy things like LDAP settings\. . .SH "USAGE NOTES" -\'puppet kick\' is useless unless \'puppet agent\' is listening\. See its documentation for more information, but the gist is that you must enable \'listen\' on the \'puppet agent\' daemon, either using \'\-\-listen\' on the command line or adding \'listen = true\' in its config file\. In addition, you need to set the daemons up to specifically allow connections by creating the \'namespaceauth\' file, normally at \'/etc/puppet/namespaceauth\.conf\'\. This file specifies who has access to each namespace; if you create the file you must add every namespace you want any Puppet daemon to allow \-\- it is currently global to all Puppet daemons\. +Puppet kick is useless unless puppet agent is listening for incoming connections and allowing access to the \fBrun\fR endpoint\. This entails starting the agent with \fBlisten = true\fR in its puppet\.conf file, and allowing access to the \fB/run\fR path in its auth\.conf file; see \fBhttp://docs\.puppetlabs\.com/guides/rest_auth_conf\.html\fR for more details\. . .P -An example file looks like this: -. -.IP "" 4 -. -.nf - -[fileserver] - allow *\.madstop\.com - -[puppetmaster] - allow *\.madstop\.com - -[puppetrunner] - allow culain\.madstop\.com -. -.fi -. -.IP "" 0 -. -.P -This is what you would install on your Puppet master; non\-master hosts could leave off the \'fileserver\' and \'puppetmaster\' namespaces\. +Additionally, due to a known bug, you must make sure a namespaceauth\.conf file exists in puppet agent\'s $confdir\. This file will not be consulted, and may be left empty\. . .SH "OPTIONS" Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'ssldir\' is a valid configuration parameter, so you can specify \'\-\-ssldir \fIdirectory\fR\' as an argument\. . .P See the configuration file documentation at http://docs\.puppetlabs\.com/references/latest/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet master with \'\-\-genconfig\'\. . .TP \-\-all Connect to all available hosts\. Requires LDAP support at this point\. . .TP \-\-class Specify a class of machines to which to connect\. This only works if you have LDAP configured, at the moment\. . .TP \-\-debug Enable full debugging\. . .TP \-\-foreground Run each configuration in the foreground; that is, when connecting to a host, do not return until the host has finished its run\. The default is false\. . .TP \-\-help Print this help message . .TP \-\-host A specific host to which to connect\. This flag can be specified more than once\. . .TP \-\-ignoreschedules Whether the client should ignore schedules when running its configuration\. This can be used to force the client to perform work it would not normally perform so soon\. The default is false\. . .TP \-\-parallel How parallel to make the connections\. Parallelization is provided by forking for each client to which to connect\. The default is 1, meaning serial execution\. . .TP \-\-tag Specify a tag for selecting the objects to apply\. Does not work with the \-\-test option\. . .TP \-\-test Print the hosts you would connect to but do not actually connect\. This option requires LDAP support at this point\. . .TP \-\-ping Do a ICMP echo against the target host\. Skip hosts that don\'t respond to ping\. . .SH "EXAMPLE" . .nf $ sudo puppet kick \-p 10 \-t remotefile \-t webserver host1 host2 . .fi . .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppet-man.8 b/man/man8/puppet-man.8 new file mode 100644 index 000000000..fe5f375eb --- /dev/null +++ b/man/man8/puppet-man.8 @@ -0,0 +1,74 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-MAN" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-man\fR \- Display Puppet manual pages\. +. +.SH "SYNOPSIS" +puppet man \fIaction\fR +. +.SH "DESCRIPTION" +This subcommand displays manual pages for all Puppet subcommands\. If the \fBronn\fR gem (\fIhttps://github\.com/rtomayko/ronn/\fR) is installed on your system, puppet man will display fully\-formated man pages\. If \fBronn\fR is not available, puppet man will display the raw (but human\-readable) source text in a pager\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.SH "ACTIONS" +. +.TP +\fBman\fR \- Display the manual page for a Puppet subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet man \fIsubcommand\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Display the manual page for a Puppet subcommand\. +. +.IP +\fBRETURNS\fR +. +.IP +The man data, in Markdown format, suitable for consumption by Ronn\. +. +.IP +RENDERING ISSUES: To skip fancy formatting and output the raw Markdown text (e\.g\. for use in a pipeline), call this action with \'\-\-render\-as s\'\. +. +.SH "EXAMPLES" +\fBman\fR +. +.P +View the manual page for a subcommand: +. +.P +$ puppet man facts +. +.SH "NOTES" +The pager used for display will be the first found of \fB$MANPAGER\fR, \fB$PAGER\fR, \fBless\fR, \fBmost\fR, or \fBmore\fR\. +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-master.8 b/man/man8/puppet-master.8 index 9ed2a6ad6..c38d34afa 100644 --- a/man/man8/puppet-master.8 +++ b/man/man8/puppet-master.8 @@ -1,63 +1,74 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-MASTER" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-MASTER" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-master\fR \- The puppet master daemon . .SH "SYNOPSIS" The central puppet server\. Functions as a certificate authority by default\. . .SH "USAGE" puppet master [\-D|\-\-daemonize|\-\-no\-daemonize] [\-d|\-\-debug] [\-h|\-\-help] [\-l|\-\-logdest \fIfile\fR|console|syslog] [\-v|\-\-verbose] [\-V|\-\-version] [\-\-compile \fInode\-name\fR] . .SH "DESCRIPTION" This command starts an instance of puppet master, running as a daemon and using Ruby\'s built\-in Webrick webserver\. Puppet master can also be managed by other application servers; when this is the case, this executable is not used\. . .SH "OPTIONS" Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'ssldir\' is a valid configuration parameter, so you can specify \'\-\-ssldir \fIdirectory\fR\' as an argument\. . .P See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet master with \'\-\-genconfig\'\. . .TP \-\-daemonize Send the process into the background\. This is the default\. . .TP \-\-no\-daemonize Do not send the process into the background\. . .TP \-\-debug Enable full debugging\. . .TP \-\-help Print this help message\. . .TP \-\-logdest Where to send messages\. Choose between syslog, the console, and a log file\. Defaults to sending messages to syslog, or the console if debugging or verbosity is enabled\. . .TP \-\-verbose Enable verbosity\. . .TP \-\-version Print the puppet version number and exit\. . .TP \-\-compile Compile a catalogue and output it in JSON from the puppet master\. Uses facts contained in the $vardir/yaml/ directory to compile the catalog\. . .SH "EXAMPLE" puppet master . +.SH "DIAGNOSTICS" +When running as a standalone daemon, puppet master accepts the following signals: +. +.TP +SIGHUP +Restart the puppet master server\. +. +.TP +SIGINT and SIGTERM +Shut down the puppet master server\. +. .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppet-node.8 b/man/man8/puppet-node.8 new file mode 100644 index 000000000..4da08722f --- /dev/null +++ b/man/man8/puppet-node.8 @@ -0,0 +1,171 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-NODE" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-node\fR \- View and manage node definitions\. +. +.SH "SYNOPSIS" +puppet node \fIaction\fR [\-\-terminus TERMINUS] +. +.SH "DESCRIPTION" +This subcommand interacts with node objects, which are used by Puppet to build a catalog\. A node object consists of the node\'s facts, environment, node parameters (exposed in the parser as top\-scope variables), and classes\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.TP +\-\-terminus TERMINUS +Indirector faces expose indirected subsystems of Puppet\. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR) from an arbitrary number of pluggable backends\. In Puppet parlance, these backends are called terminuses\. +. +.IP +Almost all indirected subsystems have a \fBrest\fR terminus that interacts with the puppet master\'s data\. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request\. +. +.IP +The terminus for an action is often determined by context, but occasionally needs to be set explicitly\. See the "Notes" section of this face\'s manpage for more details\. +. +.SH "ACTIONS" +. +.TP +\fBdestroy\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet node destroy [\-\-terminus TERMINUS] \fIkey\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBfind\fR \- Retrieve a node object\. +\fBSYNOPSIS\fR +. +.IP +puppet node find [\-\-terminus TERMINUS] \fIhost\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Retrieve a node object\. +. +.IP +\fBRETURNS\fR +. +.IP +A hash containing the node\'s \fBclasses\fR, \fBenvironment\fR, \fBexpiration\fR, \fBname\fR, \fBparameters\fR (its facts, combined with any ENC\-set parameters), and \fBtime\fR\. When used from the Ruby API: a Puppet::Node object\. +. +.IP +RENDERING ISSUES: Rendering as string and json are currently broken; node objects can only be rendered as yaml\. +. +.TP +\fBinfo\fR \- Print the default terminus class for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet node info [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Prints the default terminus class for this subcommand\. Note that different run modes may have different default termini; when in doubt, specify the run mode with the \'\-\-mode\' option\. +. +.TP +\fBsave\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet node save [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBsearch\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet node search [\-\-terminus TERMINUS] \fIquery\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.SH "EXAMPLES" +\fBfind\fR +. +.P +Retrieve an "empty" (no classes, no ENC\-imposed parameters, and an environment of "production") node: +. +.P +$ puppet node find somenode\.puppetlabs\.lan \-\-terminus plain \-\-render\-as yaml +. +.P +Retrieve a node using the puppet master\'s configured ENC: +. +.P +$ puppet node find somenode\.puppetlabs\.lan \-\-terminus exec \-\-mode master \-\-render\-as yaml +. +.P +Retrieve the same node from the puppet master: +. +.P +$ puppet node find somenode\.puppetlabs\.lan \-\-terminus rest \-\-render\-as yaml +. +.SH "NOTES" +This subcommand is an indirector face, which exposes \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR actions for an indirected subsystem of Puppet\. Valid termini for this face include: +. +.IP "\(bu" 4 +\fBactive_record\fR +. +.IP "\(bu" 4 +\fBexec\fR +. +.IP "\(bu" 4 +\fBldap\fR +. +.IP "\(bu" 4 +\fBmemory\fR +. +.IP "\(bu" 4 +\fBplain\fR +. +.IP "\(bu" 4 +\fBrest\fR +. +.IP "\(bu" 4 +\fByaml\fR +. +.IP "" 0 +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-parser.8 b/man/man8/puppet-parser.8 new file mode 100644 index 000000000..0029907e6 --- /dev/null +++ b/man/man8/puppet-parser.8 @@ -0,0 +1,71 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-PARSER" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-parser\fR \- Interact directly with the parser\. +. +.SH "SYNOPSIS" +puppet parser \fIaction\fR +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.SH "ACTIONS" +. +.TP +\fBvalidate\fR \- Validate the syntax of one or more Puppet manifests\. +\fBSYNOPSIS\fR +. +.IP +puppet parser validate [\fImanifest\fR] [\fImanifest\fR \.\.\.] +. +.IP +\fBDESCRIPTION\fR +. +.IP +This action validates Puppet DSL syntax without compiling a catalog or syncing any resources\. If no manifest files are provided, it will validate the default site manifest\. +. +.IP +\fBRETURNS\fR +. +.IP +Nothing, or the first syntax error encountered\. +. +.SH "EXAMPLES" +\fBvalidate\fR +. +.P +Validate the default site manifest at /etc/puppet/manifests/site\.pp: +. +.P +$ puppet parser validate +. +.P +Validate two arbitrary manifest files: +. +.P +$ puppet parser validate init\.pp vhost\.pp +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-plugin.8 b/man/man8/puppet-plugin.8 new file mode 100644 index 000000000..05d1af0d5 --- /dev/null +++ b/man/man8/puppet-plugin.8 @@ -0,0 +1,77 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-PLUGIN" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-plugin\fR \- Interact with the Puppet plugin system\. +. +.SH "SYNOPSIS" +puppet plugin \fIaction\fR +. +.SH "DESCRIPTION" +This subcommand provides network access to the puppet master\'s store of plugins\. +. +.P +The puppet master serves Ruby code collected from the \fBlib\fR directories of its modules\. These plugins can be used on agent nodes to extend Facter and implement custom types and providers\. Plugins are normally downloaded by puppet agent during the course of a run\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.SH "ACTIONS" +. +.TP +\fBdownload\fR \- Download plugins from the puppet master\. +\fBSYNOPSIS\fR +. +.IP +puppet plugin download +. +.IP +\fBDESCRIPTION\fR +. +.IP +Downloads plugins from the configured puppet master\. Any plugins downloaded in this way will be used in all subsequent Puppet activity\. This action modifies files on disk\. +. +.IP +\fBRETURNS\fR +. +.IP +A list of the files downloaded, or a confirmation that no files were downloaded\. When used from the Ruby API, this action returns an array of the files downloaded, which will be empty if none were retrieved\. +. +.SH "EXAMPLES" +\fBdownload\fR +. +.P +Retrieve plugins from the puppet master: +. +.P +$ puppet plugin download +. +.P +Retrieve plugins from the puppet master (API example): +. +.P +$ Puppet::Face[:plugin, \'0\.0\.1\']\.download +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-queue.8 b/man/man8/puppet-queue.8 index 7dbd683bf..1a3241c9f 100644 --- a/man/man8/puppet-queue.8 +++ b/man/man8/puppet-queue.8 @@ -1,55 +1,55 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-QUEUE" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-QUEUE" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-queue\fR \- Queuing daemon for asynchronous storeconfigs . .SH "SYNOPSIS" Retrieves serialized storeconfigs records from a queue and processes them in order\. . .SH "USAGE" puppet queue [\-d|\-\-debug] [\-v|\-\-verbose] . .SH "DESCRIPTION" This application runs as a daemon and processes storeconfigs data, retrieving the data from a stomp server message queue and writing it to a database\. . .P For more information, including instructions for properly setting up your puppet master and message queue, see the documentation on setting up asynchronous storeconfigs at: http://projects\.puppetlabs\.com/projects/1/wiki/Using_Stored_Configuration . .SH "OPTIONS" Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'server\' is a valid configuration parameter, so you can specify \'\-\-server \fIservername\fR\' as an argument\. . .P See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet queue with \'\-\-genconfig\'\. . .TP \-\-debug Enable full debugging\. . .TP \-\-help Print this help message . .TP \-\-verbose Turn on verbose reporting\. . .TP \-\-version Print the puppet version number and exit\. . .SH "EXAMPLE" . .nf $ puppet queue . .fi . .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2009 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppet-report.8 b/man/man8/puppet-report.8 new file mode 100644 index 000000000..1c2c236b2 --- /dev/null +++ b/man/man8/puppet-report.8 @@ -0,0 +1,187 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-REPORT" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-report\fR \- Create, display, and submit reports\. +. +.SH "SYNOPSIS" +puppet report \fIaction\fR [\-\-terminus TERMINUS] +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.TP +\-\-terminus TERMINUS +Indirector faces expose indirected subsystems of Puppet\. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR) from an arbitrary number of pluggable backends\. In Puppet parlance, these backends are called terminuses\. +. +.IP +Almost all indirected subsystems have a \fBrest\fR terminus that interacts with the puppet master\'s data\. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request\. +. +.IP +The terminus for an action is often determined by context, but occasionally needs to be set explicitly\. See the "Notes" section of this face\'s manpage for more details\. +. +.SH "ACTIONS" +. +.TP +\fBdestroy\fR \- Invalid for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet report destroy [\-\-terminus TERMINUS] \fIkey\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this face\. +. +.TP +\fBfind\fR \- Invalid for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet report find [\-\-terminus TERMINUS] \fIkey\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this face\. +. +.TP +\fBinfo\fR \- Print the default terminus class for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet report info [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Prints the default terminus class for this subcommand\. Note that different run modes may have different default termini; when in doubt, specify the run mode with the \'\-\-mode\' option\. +. +.TP +\fBsave\fR \- API only: submit a report\. +\fBSYNOPSIS\fR +. +.IP +puppet report save [\-\-terminus TERMINUS] \fIreport\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +API only: create or overwrite an object\. As the Faces framework does not currently accept data from STDIN, save actions cannot currently be invoked from the command line\. +. +.IP +\fBRETURNS\fR +. +.IP +Nothing\. +. +.TP +\fBsearch\fR \- Invalid for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet report search [\-\-terminus TERMINUS] \fIquery\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this face\. +. +.TP +\fBsubmit\fR \- API only: submit a report with error handling\. +\fBSYNOPSIS\fR +. +.IP +puppet report submit [\-\-terminus TERMINUS] \fIreport\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +API only: Submits a report to the puppet master\. This action is essentially a shortcut and wrapper for the \fBsave\fR action with the \fBrest\fR terminus, and provides additional details in the event of a failure\. +. +.SH "EXAMPLES" +\fBsave\fR +. +.P +From the implementation of \fBpuppet report submit\fR (API example): +. +.IP "" 4 +. +.nf + +begin + Puppet::Transaction::Report\.indirection\.terminus_class = :rest + Puppet::Face[:report, "0\.0\.1"]\.save(report) + Puppet\.notice "Uploaded report for #{report\.name}" +rescue => detail + puts detail\.backtrace if Puppet[:trace] + Puppet\.err "Could not send report: #{detail}" +end +. +.fi +. +.IP "" 0 +. +.P +\fBsubmit\fR +. +.P +From secret_agent\.rb (API example): +. +.IP "" 4 +. +.nf + +# \.\.\. +report = Puppet::Face[:catalog, \'0\.0\.1\']\.apply +Puppet::Face[:report, \'0\.0\.1\']\.submit(report) +return report +. +.fi +. +.IP "" 0 +. +.SH "NOTES" +This subcommand is an indirector face, which exposes \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR actions for an indirected subsystem of Puppet\. Valid termini for this face include: +. +.IP "\(bu" 4 +\fBprocessor\fR +. +.IP "\(bu" 4 +\fBrest\fR +. +.IP "\(bu" 4 +\fByaml\fR +. +.IP "" 0 +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-resource.8 b/man/man8/puppet-resource.8 index 738537e84..7e09c0739 100644 --- a/man/man8/puppet-resource.8 +++ b/man/man8/puppet-resource.8 @@ -1,84 +1,84 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-RESOURCE" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-RESOURCE" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-resource\fR \- The resource abstraction layer shell . .SH "SYNOPSIS" Uses the Puppet RAL to directly interact with the system\. . .SH "USAGE" puppet resource [\-h|\-\-help] [\-d|\-\-debug] [\-v|\-\-verbose] [\-e|\-\-edit] [\-H|\-\-host \fIhost\fR] [\-p|\-\-param \fIparameter\fR] [\-t|\-\-types] \fItype\fR [\fIname\fR] [\fIattribute\fR=\fIvalue\fR \.\.\.] . .SH "DESCRIPTION" This command provides simple facilities for converting current system state into Puppet code, along with some ability to modify the current state using Puppet\'s RAL\. . .P By default, you must at least provide a type to list, in which case puppet resource will tell you everything it knows about all resources of that type\. You can optionally specify an instance name, and puppet resource will only describe that single instance\. . .P If given a type, a name, and a series of \fIattribute\fR=\fIvalue\fR pairs, puppet resource will modify the state of the specified resource\. Alternately, if given a type, a name, and the \'\-\-edit\' flag, puppet resource will write its output to a file, open that file in an editor, and then apply the saved file as a Puppet transaction\. . .SH "OPTIONS" Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'ssldir\' is a valid configuration parameter, so you can specify \'\-\-ssldir \fIdirectory\fR\' as an argument\. . .P See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \'\-\-genconfig\'\. . .TP \-\-debug Enable full debugging\. . .TP \-\-edit Write the results of the query to a file, open the file in an editor, and read the file back in as an executable Puppet manifest\. . .TP \-\-host When specified, connect to the resource server on the named host and retrieve the list of resouces of the type specified\. . .TP \-\-help Print this help message\. . .TP \-\-param Add more parameters to be outputted from queries\. . .TP \-\-types List all available types\. . .TP \-\-verbose Print extra information\. . .SH "EXAMPLE" This example uses \fBpuppet resource\fR to return a Puppet configuration for the user \fBluke\fR: . .IP "" 4 . .nf $ puppet resource user luke user { \'luke\': home => \'/home/luke\', uid => \'100\', ensure => \'present\', comment => \'Luke Kanies,,,\', gid => \'1000\', shell => \'/bin/bash\', groups => [\'sysadmin\',\'audio\',\'video\',\'puppet\'] } . .fi . .IP "" 0 . .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005\-2007 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppet-resource_type.8 b/man/man8/puppet-resource_type.8 new file mode 100644 index 000000000..241b68207 --- /dev/null +++ b/man/man8/puppet-resource_type.8 @@ -0,0 +1,214 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-RESOURCE_TYPE" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-resource_type\fR \- View classes, defined resource types, and nodes from all manifests\. +. +.SH "SYNOPSIS" +puppet resource_type \fIaction\fR [\-\-terminus TERMINUS] +. +.SH "DESCRIPTION" +This subcommand reads information about the resource collections (classes, nodes, and defined types) available in Puppet\'s site manifest and modules\. +. +.P +It will eventually be extended to examine native resource types\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.TP +\-\-terminus TERMINUS +Indirector faces expose indirected subsystems of Puppet\. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR) from an arbitrary number of pluggable backends\. In Puppet parlance, these backends are called terminuses\. +. +.IP +Almost all indirected subsystems have a \fBrest\fR terminus that interacts with the puppet master\'s data\. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request\. +. +.IP +The terminus for an action is often determined by context, but occasionally needs to be set explicitly\. See the "Notes" section of this face\'s manpage for more details\. +. +.SH "ACTIONS" +. +.TP +\fBdestroy\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet resource_type destroy [\-\-terminus TERMINUS] \fIkey\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBfind\fR \- Retrieve info about a resource collection\. +\fBSYNOPSIS\fR +. +.IP +puppet resource_type find [\-\-terminus TERMINUS] \fIcollection_name\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Retrieve info about a resource collection\. +. +.IP +\fBRETURNS\fR +. +.IP +A hash of info about the requested resource collection\. When used from the Ruby API: returns a Puppet::Resource::Type object\. +. +.IP +RENDERING ISSUES: yaml and string output for this indirection are currently unusable; use json instead\. +. +.IP +\fBNOTES\fR +. +.IP +If two resource collections share the same name (e\.g\. you have both a node and a class named "default"), \fBfind\fR will only return one of them\. This can be worked around by using \fBsearch\fR instead\. +. +.TP +\fBinfo\fR \- Print the default terminus class for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet resource_type info [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Prints the default terminus class for this subcommand\. Note that different run modes may have different default termini; when in doubt, specify the run mode with the \'\-\-mode\' option\. +. +.TP +\fBsave\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet resource_type save [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBsearch\fR \- Search for collections matching a regular expression\. +\fBSYNOPSIS\fR +. +.IP +puppet resource_type search [\-\-terminus TERMINUS] \fIregular_expression\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Search for collections matching a regular expression\. +. +.IP +\fBRETURNS\fR +. +.IP +An array of hashes of resource collection info\. When used from the Ruby API: returns an array of Puppet::Resource::Type objects\. +. +.IP +RENDERING ISSUES: yaml and string output for this indirection are currently unusable; use json instead\. +. +.SH "EXAMPLES" +\fBfind\fR +. +.P +Retrieve info about a specific locally\-defined class: +. +.P +$ puppet resource_type find ntp::disabled +. +.P +Retrieve info from the puppet master about a specific class: +. +.P +$ puppet resource_type find ntp \-\-terminus rest +. +.P +\fBsearch\fR +. +.P +Retrieve all classes, nodes, and defined types: +. +.P +$ puppet resource_type search \'\.*\' +. +.P +Search for classes related to Nagios: +. +.P +$ puppet resource_type search nagios +. +.SH "NOTES" +The \fBfind\fR and \fBsearch\fR actions return similar hashes of resource collection info\. These hashes will include the following four keys: +. +.IP "\(bu" 4 +\fBfile\fR (a string) +. +.IP "\(bu" 4 +\fBname\fR (a string) +. +.IP "\(bu" 4 +\fBtype\fR (\fIhostclass\fR, \fIdefinition\fR, or \fInode\fR) +. +.IP "\(bu" 4 +\fBline\fR (an integer) +. +.IP "" 0 +. +.P +They may optionally include the following keys: +. +.IP "\(bu" 4 +\fBparent\fR (\fIname_of_resource_collection\fR) +. +.IP "\(bu" 4 +\fBarguments\fR (a hash of parameters and default values) +. +.IP "\(bu" 4 +\fBdoc\fR (a string) +. +.IP "" 0 +. +.P +This subcommand is an indirector face, which exposes \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR actions for an indirected subsystem of Puppet\. Valid termini for this face include: +. +.IP "\(bu" 4 +\fBparser\fR +. +.IP "\(bu" 4 +\fBrest\fR +. +.IP "" 0 +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-secret_agent.8 b/man/man8/puppet-secret_agent.8 new file mode 100644 index 000000000..f2e5c3a1c --- /dev/null +++ b/man/man8/puppet-secret_agent.8 @@ -0,0 +1,74 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-SECRET_AGENT" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-secret_agent\fR \- Mimics puppet agent\. +. +.SH "SYNOPSIS" +puppet secret_agent \fIaction\fR +. +.SH "DESCRIPTION" +This subcommand currently functions as a proof of concept, demonstrating how the Faces API exposes Puppet\'s internal systems to application logic; compare the actual code for puppet agent\. It will eventually replace puppet agent entirely, and can provide a template for users who wish to implement agent\-like functionality with non\-standard application logic\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.SH "ACTIONS" +. +.TP +\fBsynchronize\fR \- Run secret_agent once\. +\fBSYNOPSIS\fR +. +.IP +puppet secret_agent +. +.IP +\fBDESCRIPTION\fR +. +.IP +Mimics a single run of puppet agent\. This action does not currently daemonize, but can download plugins, submit facts, retrieve and apply a catalog, and submit a report to the puppet master\. +. +.IP +\fBRETURNS\fR +. +.IP +Verbose logging from the completed run\. When used from the Ruby API: returns a Puppet::Transaction::Report object\. +. +.IP +\fBNOTES\fR +. +.IP +This action requires that the puppet master\'s \fBauth\.conf\fR file allow save access to the \fBfacts\fR REST terminus\. Puppet agent does not use this facility, and it is turned off by default\. See \fIhttp://docs\.puppetlabs\.com/guides/rest_auth_conf\.html\fR for more details\. +. +.SH "EXAMPLES" +\fBsynchronize\fR +. +.P +Trigger a Puppet run with the configured puppet master: +. +.P +$ puppet secret_agent +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet-status.8 b/man/man8/puppet-status.8 new file mode 100644 index 000000000..c7707497a --- /dev/null +++ b/man/man8/puppet-status.8 @@ -0,0 +1,150 @@ +.\" generated with Ronn/v0.7.3 +.\" http://github.com/rtomayko/ronn/tree/0.7.3 +. +.TH "PUPPET\-STATUS" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" +. +.SH "NAME" +\fBpuppet\-status\fR \- View puppet server status\. +. +.SH "SYNOPSIS" +puppet status \fIaction\fR [\-\-terminus TERMINUS] +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action\. For example, \fBserver\fR is a valid configuration parameter, so you can specify \fB\-\-server \fR as an argument\. +. +.P +See the configuration file documentation at \fIhttp://docs\.puppetlabs\.com/references/stable/configuration\.html\fR for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \fB\-\-genconfig\fR\. +. +.TP +\-\-mode MODE +The run mode to use for the current action\. Valid modes are \fBuser\fR, \fBagent\fR, and \fBmaster\fR\. +. +.TP +\-\-render\-as FORMAT +The format in which to render output\. The most common formats are \fBjson\fR, \fBs\fR (string), \fByaml\fR, and \fBconsole\fR, but other options such as \fBdot\fR are sometimes available\. +. +.TP +\-\-verbose +Whether to log verbosely\. +. +.TP +\-\-debug +Whether to log debug information\. +. +.TP +\-\-terminus TERMINUS +Indirector faces expose indirected subsystems of Puppet\. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR) from an arbitrary number of pluggable backends\. In Puppet parlance, these backends are called terminuses\. +. +.IP +Almost all indirected subsystems have a \fBrest\fR terminus that interacts with the puppet master\'s data\. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request\. +. +.IP +The terminus for an action is often determined by context, but occasionally needs to be set explicitly\. See the "Notes" section of this face\'s manpage for more details\. +. +.SH "ACTIONS" +. +.TP +\fBdestroy\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet status destroy [\-\-terminus TERMINUS] \fIkey\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBfind\fR \- Check status of puppet master server\. +\fBSYNOPSIS\fR +. +.IP +puppet status find [\-\-terminus TERMINUS] \fIdummy_text\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Checks whether a Puppet server is properly receiving and processing HTTP requests\. This action is only useful when used with \'\-\-terminus rest\'; when invoked with the \fBlocal\fR terminus, \fBfind\fR will always return true\. +. +.IP +Over REST, this action will query the configured puppet master by default\. To query other servers, including puppet agent nodes started with the \fI\-\-listen\fR option, you can set set the global \fI\-\-server\fR and \fI\-\-masterport\fR options on the command line; note that agent nodes listen on port 8139\. +. +.IP +\fBRETURNS\fR +. +.IP +A "true" response or a low\-level connection error\. When used from the Ruby API: returns a Puppet::Status object\. +. +.IP +\fBNOTES\fR +. +.IP +This action requires that the server\'s \fBauth\.conf\fR file allow find access to the \fBstatus\fR REST terminus\. Puppet agent does not use this facility, and it is turned off by default\. See \fIhttp://docs\.puppetlabs\.com/guides/rest_auth_conf\.html\fR for more details\. +. +.IP +Although this action always returns an unnamed status object, it requires a dummy argument\. This is a known bug\. +. +.TP +\fBinfo\fR \- Print the default terminus class for this face\. +\fBSYNOPSIS\fR +. +.IP +puppet status info [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Prints the default terminus class for this subcommand\. Note that different run modes may have different default termini; when in doubt, specify the run mode with the \'\-\-mode\' option\. +. +.TP +\fBsave\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet status save [\-\-terminus TERMINUS] +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.TP +\fBsearch\fR \- Invalid for this subcommand\. +\fBSYNOPSIS\fR +. +.IP +puppet status search [\-\-terminus TERMINUS] \fIquery\fR +. +.IP +\fBDESCRIPTION\fR +. +.IP +Invalid for this subcommand\. +. +.SH "EXAMPLES" +\fBfind\fR +. +.P +Check the status of the configured puppet master: +. +.P +$ puppet status find x \-\-terminus rest +. +.SH "NOTES" +This subcommand is an indirector face, which exposes \fBfind\fR, \fBsearch\fR, \fBsave\fR, and \fBdestroy\fR actions for an indirected subsystem of Puppet\. Valid termini for this face include: +. +.IP "\(bu" 4 +\fBlocal\fR +. +.IP "\(bu" 4 +\fBrest\fR +. +.IP "" 0 +. +.SH "COPYRIGHT AND LICENSE" +Copyright 2011 by Puppet Labs Apache 2 license; see COPYING diff --git a/man/man8/puppet.8 b/man/man8/puppet.8 index f58a54d41..ce6b6a458 100644 --- a/man/man8/puppet.8 +++ b/man/man8/puppet.8 @@ -1,10 +1,10 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\fR . .P -Usage: puppet command \fIspace separated arguments\fR Available commands are: agent, apply, cert, describe, doc, filebucket, inspect, kick, master, queue, resource +See \'puppet help\' for help on available puppet subcommands diff --git a/man/man8/puppetca.8 b/man/man8/puppetca.8 index bea7596d4..211f8ca7a 100644 --- a/man/man8/puppetca.8 +++ b/man/man8/puppetca.8 @@ -1,94 +1,97 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-CERT" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-CERT" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-cert\fR \- Manage certificates and requests . .SH "SYNOPSIS" Standalone certificate authority\. Capable of generating certificates, but mostly used for signing certificate requests from puppet clients\. . .SH "USAGE" -puppet cert [\-h|\-\-help] [\-V|\-\-version] [\-d|\-\-debug] [\-v|\-\-verbose] [\-g|\-\-generate] [\-l|\-\-list] [\-s|\-\-sign] [\-r|\-\-revoke] [\-p|\-\-print] [\-c|\-\-clean] [\-\-verify] [\-\-digest \fIdigest\fR] [\-\-fingerprint] [host] +puppet cert \fIaction\fR [\-h|\-\-help] [\-V|\-\-version] [\-d|\-\-debug] [\-v|\-\-verbose] [\-\-digest \fIdigest\fR] [\fIhost\fR] . .SH "DESCRIPTION" Because the puppet master service defaults to not signing client certificate requests, this script is available for signing outstanding requests\. It can be used to list outstanding requests and then either sign them individually or sign all of them\. . -.SH "OPTIONS" -Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'ssldir\' is a valid configuration parameter, so you can specify \'\-\-ssldir \fIdirectory\fR\' as an argument\. +.SH "ACTIONS" +Every action except \'list\' and \'generate\' requires a hostname to act on, unless the \'\-\-all\' option is set\. . -.P -See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet cert with \'\-\-genconfig\'\. +.TP +clean +Revoke a host\'s certificate (if applicable) and remove all files related to that host from puppet cert\'s storage\. This is useful when rebuilding hosts, since new certificate signing requests will only be honored if puppet cert does not have a copy of a signed certificate for that host\. If \'\-\-all\' is specified then all host certificates, both signed and unsigned, will be removed\. . .TP -\-\-all -Operate on all items\. Currently only makes sense with \'\-\-sign\', \'\-\-clean\', or \'\-\-list\'\. +fingerprint +Print the DIGEST (defaults to md5) fingerprint of a host\'s certificate\. . .TP -\-\-digest -Set the digest for fingerprinting (defaults to md5)\. Valid values depends on your openssl and openssl ruby extension version, but should contain at least md5, sha1, md2, sha256\. +generate +Generate a certificate for a named client\. A certificate/keypair will be generated for each client named on the command line\. . .TP -\-\-clean -Remove all files related to a host from puppet cert\'s storage\. This is useful when rebuilding hosts, since new certificate signing requests will only be honored if puppet cert does not have a copy of a signed certificate for that host\. The certificate of the host is also revoked\. If \'\-\-all\' is specified then all host certificates, both signed and unsigned, will be removed\. +list +List outstanding certificate requests\. If \'\-\-all\' is specified, signed certificates are also listed, prefixed by \'+\', and revoked or invalid certificates are prefixed by \'\-\' (the verification outcome is printed in parenthesis)\. . .TP -\-\-debug -Enable full debugging\. +print +Print the full\-text version of a host\'s certificate\. . .TP -\-\-generate -Generate a certificate for a named client\. A certificate/keypair will be generated for each client named on the command line\. +revoke +Revoke the certificate of a client\. The certificate can be specified either by its serial number (given as a decimal number or a hexadecimal number prefixed by \'0x\') or by its hostname\. The certificate is revoked by adding it to the Certificate Revocation List given by the \'cacrl\' configuration option\. Note that the puppet master needs to be restarted after revoking certificates\. . .TP -\-\-help -Print this help message +sign +Sign an outstanding certificate request\. . .TP -\-\-list -List outstanding certificate requests\. If \'\-\-all\' is specified, signed certificates are also listed, prefixed by \'+\', and revoked or invalid certificates are prefixed by \'\-\' (the verification outcome is printed in parenthesis)\. +verify +Verify the named certificate against the local CA certificate\. +. +.SH "OPTIONS" +Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'ssldir\' is a valid configuration parameter, so you can specify \'\-\-ssldir \fIdirectory\fR\' as an argument\. +. +.P +See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet cert with \'\-\-genconfig\'\. . .TP -\-\-print -Print the full\-text version of a host\'s certificate\. +\-\-all +Operate on all items\. Currently only makes sense with the \'sign\', \'clean\', \'list\', and \'fingerprint\' actions\. . .TP -\-\-fingerprint -Print the DIGEST (defaults to md5) fingerprint of a host\'s certificate\. +\-\-digest +Set the digest for fingerprinting (defaults to md5)\. Valid values depends on your openssl and openssl ruby extension version, but should contain at least md5, sha1, md2, sha256\. . .TP -\-\-revoke -Revoke the certificate of a client\. The certificate can be specified either by its serial number, given as a decimal number or a hexadecimal number prefixed by \'0x\', or by its hostname\. The certificate is revoked by adding it to the Certificate Revocation List given by the \'cacrl\' config parameter\. Note that the puppetmasterd needs to be restarted after revoking certificates\. +\-\-debug +Enable full debugging\. . .TP -\-\-sign -Sign an outstanding certificate request\. Unless \'\-\-all\' is specified, hosts must be listed after all flags\. +\-\-help +Print this help message . .TP \-\-verbose Enable verbosity\. . .TP \-\-version Print the puppet version number and exit\. . -.TP -\-\-verify -Verify the named certificate against the local CA certificate\. -. .SH "EXAMPLE" . .nf -$ puppet cert \-l +$ puppet cert list culain\.madstop\.com -$ puppet cert \-s culain\.madstop\.com +$ puppet cert sign culain\.madstop\.com . .fi . .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppetd.8 b/man/man8/puppetd.8 index 3fadd9df7..2e5cedf51 100644 --- a/man/man8/puppetd.8 +++ b/man/man8/puppetd.8 @@ -1,139 +1,154 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-AGENT" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-AGENT" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-agent\fR \- The puppet agent daemon . .SH "SYNOPSIS" Retrieves the client configuration from the puppet master and applies it to the local host\. . .P This service may be run as a daemon, run periodically using cron (or something similar), or run interactively for testing purposes\. . .SH "USAGE" puppet agent [\-D|\-\-daemonize|\-\-no\-daemonize] [\-d|\-\-debug] [\-\-detailed\-exitcodes] [\-\-disable] [\-\-enable] [\-h|\-\-help] [\-\-certname \fIhost name\fR] [\-l|\-\-logdest syslog|\fIfile\fR|console] [\-o|\-\-onetime] [\-\-serve \fIhandler\fR] [\-t|\-\-test] [\-\-noop] [\-\-digest \fIdigest\fR] [\-\-fingerprint] [\-V|\-\-version] [\-v|\-\-verbose] [\-w|\-\-waitforcert \fIseconds\fR] . .SH "DESCRIPTION" This is the main puppet client\. Its job is to retrieve the local machine\'s configuration from a remote server and apply it\. In order to successfully communicate with the remote server, the client must have a certificate signed by a certificate authority that the server trusts; the recommended method for this, at the moment, is to run a certificate authority as part of the puppet server (which is the default)\. The client will connect and request a signed certificate, and will continue connecting until it receives one\. . .P Once the client has a signed certificate, it will retrieve its configuration and apply it\. . .SH "USAGE NOTES" \'puppet agent\' does its best to find a compromise between interactive use and daemon use\. Run with no arguments and no configuration, it will go into the background, attempt to get a signed certificate, and retrieve and apply its configuration every 30 minutes\. . .P Some flags are meant specifically for interactive use \-\- in particular, \'test\', \'tags\' or \'fingerprint\' are useful\. \'test\' enables verbose logging, causes the daemon to stay in the foreground, exits if the server\'s configuration is invalid (this happens if, for instance, you\'ve left a syntax error on the server), and exits after running the configuration once (rather than hanging around as a long\-running process)\. . .P \'tags\' allows you to specify what portions of a configuration you want to apply\. Puppet elements are tagged with all of the class or definition names that contain them, and you can use the \'tags\' flag to specify one of these names, causing only configuration elements contained within that class or definition to be applied\. This is very useful when you are testing new configurations \-\- for instance, if you are just starting to manage \'ntpd\', you would put all of the new elements into an \'ntpd\' class, and call puppet with \'\-\-tags ntpd\', which would only apply that small portion of the configuration during your testing, rather than applying the whole thing\. . .P \'fingerprint\' is a one\-time flag\. In this mode \'puppet agent\' will run once and display on the console (and in the log) the current certificate (or certificate request) fingerprint\. Providing the \'\-\-digest\' option allows to use a different digest algorithm to generate the fingerprint\. The main use is to verify that before signing a certificate request on the master, the certificate request the master received is the same as the one the client sent (to prevent against man\-in\-the\-middle attacks when signing certificates)\. . .SH "OPTIONS" Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'server\' is a valid configuration parameter, so you can specify \'\-\-server \fIservername\fR\' as an argument\. . .P See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet agent with \'\-\-genconfig\'\. . .TP \-\-daemonize Send the process into the background\. This is the default\. . .TP \-\-no\-daemonize Do not send the process into the background\. . .TP \-\-debug Enable full debugging\. . .TP \-\-digest Change the certificate fingerprinting digest algorithm\. The default is MD5\. Valid values depends on the version of OpenSSL installed, but should always at least contain MD5, MD2, SHA1 and SHA256\. . .TP \-\-detailed\-exitcodes Provide transaction information via exit codes\. If this is enabled, an exit code of \'2\' means there were changes, and an exit code of \'4\' means that there were failures during the transaction\. This option only makes sense in conjunction with \-\-onetime\. . .TP \-\-disable Disable working on the local system\. This puts a lock file in place, causing \'puppet agent\' not to work on the system until the lock file is removed\. This is useful if you are testing a configuration and do not want the central configuration to override the local state until everything is tested and committed\. . .IP \'puppet agent\' uses the same lock file while it is running, so no more than one \'puppet agent\' process is working at a time\. . .IP \'puppet agent\' exits after executing this\. . .TP \-\-enable Enable working on the local system\. This removes any lock file, causing \'puppet agent\' to start managing the local system again (although it will continue to use its normal scheduling, so it might not start for another half hour)\. . .IP \'puppet agent\' exits after executing this\. . .TP \-\-certname Set the certname (unique ID) of the client\. The master reads this unique identifying string, which is usually set to the node\'s fully\-qualified domain name, to determine which configurations the node will receive\. Use this option to debug setup problems or implement unusual node identification schemes\. . .TP \-\-help Print this help message . .TP \-\-logdest Where to send messages\. Choose between syslog, the console, and a log file\. Defaults to sending messages to syslog, or the console if debugging or verbosity is enabled\. . .TP \-\-no\-client Do not create a config client\. This will cause the daemon to run without ever checking for its configuration automatically, and only makes sense . .TP \-\-onetime Run the configuration once\. Runs a single (normally daemonized) Puppet run\. Useful for interactively running puppet agent when used in conjunction with the \-\-no\-daemonize option\. . .TP \-\-fingerprint Display the current certificate or certificate signing request fingerprint and then exit\. Use the \'\-\-digest\' option to change the digest algorithm used\. . .TP \-\-serve Start another type of server\. By default, \'puppet agent\' will start a service handler that allows authenticated and authorized remote nodes to trigger the configuration to be pulled down and applied\. You can specify any handler here that does not require configuration, e\.g\., filebucket, ca, or resource\. The handlers are in \'lib/puppet/network/handler\', and the names must match exactly, both in the call to \'serve\' and in \'namespaceauth\.conf\'\. . .TP \-\-test Enable the most common options used for testing\. These are \'onetime\', \'verbose\', \'ignorecache\', \'no\-daemonize\', \'no\-usecacheonfailure\', \'detailed\-exit\-codes\', \'no\-splay\', and \'show_diff\'\. . .TP \-\-noop Use \'noop\' mode where the daemon runs in a no\-op or dry\-run mode\. This is useful for seeing what changes Puppet will make without actually executing the changes\. . .TP \-\-verbose Turn on verbose reporting\. . .TP \-\-version Print the puppet version number and exit\. . .TP \-\-waitforcert This option only matters for daemons that do not yet have certificates and it is enabled by default, with a value of 120 (seconds)\. This causes \'puppet agent\' to connect to the server every 2 minutes and ask it to sign a certificate request\. This is useful for the initial setup of a puppet client\. You can turn off waiting for certificates by specifying a time of 0\. . .SH "EXAMPLE" . .nf $ puppet agent \-\-server puppet\.domain\.com . .fi . +.SH "DIAGNOSTICS" +Puppet agent accepts the following signals: +. +.TP +SIGHUP +Restart the puppet agent daemon\. +. +.TP +SIGINT and SIGTERM +Shut down the puppet agent daemon\. +. +.TP +SIGUSR1 +Immediately retrieve and apply configurations from the puppet master\. +. .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005, 2006 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppetdoc.8 b/man/man8/puppetdoc.8 index e0cabd5d1..f6de3951a 100644 --- a/man/man8/puppetdoc.8 +++ b/man/man8/puppetdoc.8 @@ -1,101 +1,101 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-DOC" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-DOC" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-doc\fR \- Generate Puppet documentation and references . .SH "SYNOPSIS" Generates a reference for all Puppet types\. Largely meant for internal Puppet Labs use\. . .SH "USAGE" puppet doc [\-a|\-\-all] [\-h|\-\-help] [\-o|\-\-outputdir \fIrdoc\-outputdir\fR] [\-m|\-\-mode text|pdf|rdoc] [\-r|\-\-reference \fIreference\-name\fR] [\-\-charset \fIcharset\fR] [\fImanifest\-file\fR] . .SH "DESCRIPTION" If mode is not \'rdoc\', then this command generates a Markdown document describing all installed Puppet types or all allowable arguments to puppet executables\. It is largely meant for internal use and is used to generate the reference document available on the Puppet Labs web site\. . .P In \'rdoc\' mode, this command generates an html RDoc hierarchy describing the manifests that are in \'manifestdir\' and \'modulepath\' configuration directives\. The generated documentation directory is doc by default but can be changed with the \'outputdir\' option\. . .P If the command is run with the name of a manifest file as an argument, puppet doc will output a single manifest\'s documentation on stdout\. . .SH "OPTIONS" . .TP \-\-all Output the docs for all of the reference types\. In \'rdoc\' modes, this also outputs documentation for all resources . .TP \-\-help Print this help message . .TP \-\-outputdir Specifies the directory where to output the rdoc documentation in \'rdoc\' mode\. . .TP \-\-mode Determine the output mode\. Valid modes are \'text\', \'pdf\' and \'rdoc\'\. The \'pdf\' mode creates PDF formatted files in the /tmp directory\. The default mode is \'text\'\. In \'rdoc\' mode you must provide \'manifests\-path\' . .TP \-\-reference Build a particular reference\. Get a list of references by running \'puppet doc \-\-list\'\. . .TP \-\-charset Used only in \'rdoc\' mode\. It sets the charset used in the html files produced\. . .SH "EXAMPLE" . .nf $ puppet doc \-r type > /tmp/type_reference\.markdown . .fi . .P or . .IP "" 4 . .nf $ puppet doc \-\-outputdir /tmp/rdoc \-\-mode rdoc /path/to/manifests . .fi . .IP "" 0 . .P or . .IP "" 4 . .nf $ puppet doc /etc/puppet/manifests/site\.pp . .fi . .IP "" 0 . .P or . .IP "" 4 . .nf $ puppet doc \-m pdf \-r configuration . .fi . .IP "" 0 . .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005\-2007 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppetmasterd.8 b/man/man8/puppetmasterd.8 index 9ed2a6ad6..c38d34afa 100644 --- a/man/man8/puppetmasterd.8 +++ b/man/man8/puppetmasterd.8 @@ -1,63 +1,74 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-MASTER" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-MASTER" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-master\fR \- The puppet master daemon . .SH "SYNOPSIS" The central puppet server\. Functions as a certificate authority by default\. . .SH "USAGE" puppet master [\-D|\-\-daemonize|\-\-no\-daemonize] [\-d|\-\-debug] [\-h|\-\-help] [\-l|\-\-logdest \fIfile\fR|console|syslog] [\-v|\-\-verbose] [\-V|\-\-version] [\-\-compile \fInode\-name\fR] . .SH "DESCRIPTION" This command starts an instance of puppet master, running as a daemon and using Ruby\'s built\-in Webrick webserver\. Puppet master can also be managed by other application servers; when this is the case, this executable is not used\. . .SH "OPTIONS" Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'ssldir\' is a valid configuration parameter, so you can specify \'\-\-ssldir \fIdirectory\fR\' as an argument\. . .P See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet master with \'\-\-genconfig\'\. . .TP \-\-daemonize Send the process into the background\. This is the default\. . .TP \-\-no\-daemonize Do not send the process into the background\. . .TP \-\-debug Enable full debugging\. . .TP \-\-help Print this help message\. . .TP \-\-logdest Where to send messages\. Choose between syslog, the console, and a log file\. Defaults to sending messages to syslog, or the console if debugging or verbosity is enabled\. . .TP \-\-verbose Enable verbosity\. . .TP \-\-version Print the puppet version number and exit\. . .TP \-\-compile Compile a catalogue and output it in JSON from the puppet master\. Uses facts contained in the $vardir/yaml/ directory to compile the catalog\. . .SH "EXAMPLE" puppet master . +.SH "DIAGNOSTICS" +When running as a standalone daemon, puppet master accepts the following signals: +. +.TP +SIGHUP +Restart the puppet master server\. +. +.TP +SIGINT and SIGTERM +Shut down the puppet master server\. +. .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppetqd.8 b/man/man8/puppetqd.8 index 7dbd683bf..1a3241c9f 100644 --- a/man/man8/puppetqd.8 +++ b/man/man8/puppetqd.8 @@ -1,55 +1,55 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-QUEUE" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-QUEUE" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-queue\fR \- Queuing daemon for asynchronous storeconfigs . .SH "SYNOPSIS" Retrieves serialized storeconfigs records from a queue and processes them in order\. . .SH "USAGE" puppet queue [\-d|\-\-debug] [\-v|\-\-verbose] . .SH "DESCRIPTION" This application runs as a daemon and processes storeconfigs data, retrieving the data from a stomp server message queue and writing it to a database\. . .P For more information, including instructions for properly setting up your puppet master and message queue, see the documentation on setting up asynchronous storeconfigs at: http://projects\.puppetlabs\.com/projects/1/wiki/Using_Stored_Configuration . .SH "OPTIONS" Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'server\' is a valid configuration parameter, so you can specify \'\-\-server \fIservername\fR\' as an argument\. . .P See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet queue with \'\-\-genconfig\'\. . .TP \-\-debug Enable full debugging\. . .TP \-\-help Print this help message . .TP \-\-verbose Turn on verbose reporting\. . .TP \-\-version Print the puppet version number and exit\. . .SH "EXAMPLE" . .nf $ puppet queue . .fi . .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2009 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/puppetrun.8 b/man/man8/puppetrun.8 index b6a868918..2b7502310 100644 --- a/man/man8/puppetrun.8 +++ b/man/man8/puppetrun.8 @@ -1,115 +1,95 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-KICK" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-KICK" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-kick\fR \- Remotely control puppet agent . .SH "SYNOPSIS" Trigger a puppet agent run on a set of hosts\. . .SH "USAGE" puppet kick [\-a|\-\-all] [\-c|\-\-class \fIclass\fR] [\-d|\-\-debug] [\-f|\-\-foreground] [\-h|\-\-help] [\-\-host \fIhost\fR] [\-\-no\-fqdn] [\-\-ignoreschedules] [\-t|\-\-tag \fItag\fR] [\-\-test] [\-p|\-\-ping] \fIhost\fR [\fIhost\fR [\.\.\.]] . .SH "DESCRIPTION" This script can be used to connect to a set of machines running \'puppet agent\' and trigger them to run their configurations\. The most common usage would be to specify a class of hosts and a set of tags, and \'puppet kick\' would look up in LDAP all of the hosts matching that class, then connect to each host and trigger a run of all of the objects with the specified tags\. . .P If you are not storing your host configurations in LDAP, you can specify hosts manually\. . .P You will most likely have to run \'puppet kick\' as root to get access to the SSL certificates\. . .P \'puppet kick\' reads \'puppet master\'\'s configuration file, so that it can copy things like LDAP settings\. . .SH "USAGE NOTES" -\'puppet kick\' is useless unless \'puppet agent\' is listening\. See its documentation for more information, but the gist is that you must enable \'listen\' on the \'puppet agent\' daemon, either using \'\-\-listen\' on the command line or adding \'listen = true\' in its config file\. In addition, you need to set the daemons up to specifically allow connections by creating the \'namespaceauth\' file, normally at \'/etc/puppet/namespaceauth\.conf\'\. This file specifies who has access to each namespace; if you create the file you must add every namespace you want any Puppet daemon to allow \-\- it is currently global to all Puppet daemons\. +Puppet kick is useless unless puppet agent is listening for incoming connections and allowing access to the \fBrun\fR endpoint\. This entails starting the agent with \fBlisten = true\fR in its puppet\.conf file, and allowing access to the \fB/run\fR path in its auth\.conf file; see \fBhttp://docs\.puppetlabs\.com/guides/rest_auth_conf\.html\fR for more details\. . .P -An example file looks like this: -. -.IP "" 4 -. -.nf - -[fileserver] - allow *\.madstop\.com - -[puppetmaster] - allow *\.madstop\.com - -[puppetrunner] - allow culain\.madstop\.com -. -.fi -. -.IP "" 0 -. -.P -This is what you would install on your Puppet master; non\-master hosts could leave off the \'fileserver\' and \'puppetmaster\' namespaces\. +Additionally, due to a known bug, you must make sure a namespaceauth\.conf file exists in puppet agent\'s $confdir\. This file will not be consulted, and may be left empty\. . .SH "OPTIONS" Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'ssldir\' is a valid configuration parameter, so you can specify \'\-\-ssldir \fIdirectory\fR\' as an argument\. . .P See the configuration file documentation at http://docs\.puppetlabs\.com/references/latest/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet master with \'\-\-genconfig\'\. . .TP \-\-all Connect to all available hosts\. Requires LDAP support at this point\. . .TP \-\-class Specify a class of machines to which to connect\. This only works if you have LDAP configured, at the moment\. . .TP \-\-debug Enable full debugging\. . .TP \-\-foreground Run each configuration in the foreground; that is, when connecting to a host, do not return until the host has finished its run\. The default is false\. . .TP \-\-help Print this help message . .TP \-\-host A specific host to which to connect\. This flag can be specified more than once\. . .TP \-\-ignoreschedules Whether the client should ignore schedules when running its configuration\. This can be used to force the client to perform work it would not normally perform so soon\. The default is false\. . .TP \-\-parallel How parallel to make the connections\. Parallelization is provided by forking for each client to which to connect\. The default is 1, meaning serial execution\. . .TP \-\-tag Specify a tag for selecting the objects to apply\. Does not work with the \-\-test option\. . .TP \-\-test Print the hosts you would connect to but do not actually connect\. This option requires LDAP support at this point\. . .TP \-\-ping Do a ICMP echo against the target host\. Skip hosts that don\'t respond to ping\. . .SH "EXAMPLE" . .nf $ sudo puppet kick \-p 10 \-t remotefile \-t webserver host1 host2 . .fi . .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License diff --git a/man/man8/ralsh.8 b/man/man8/ralsh.8 index 738537e84..7e09c0739 100644 --- a/man/man8/ralsh.8 +++ b/man/man8/ralsh.8 @@ -1,84 +1,84 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "PUPPET\-RESOURCE" "8" "February 2011" "Puppet Labs, LLC" "Puppet manual" +.TH "PUPPET\-RESOURCE" "8" "June 2011" "Puppet Labs, LLC" "Puppet manual" . .SH "NAME" \fBpuppet\-resource\fR \- The resource abstraction layer shell . .SH "SYNOPSIS" Uses the Puppet RAL to directly interact with the system\. . .SH "USAGE" puppet resource [\-h|\-\-help] [\-d|\-\-debug] [\-v|\-\-verbose] [\-e|\-\-edit] [\-H|\-\-host \fIhost\fR] [\-p|\-\-param \fIparameter\fR] [\-t|\-\-types] \fItype\fR [\fIname\fR] [\fIattribute\fR=\fIvalue\fR \.\.\.] . .SH "DESCRIPTION" This command provides simple facilities for converting current system state into Puppet code, along with some ability to modify the current state using Puppet\'s RAL\. . .P By default, you must at least provide a type to list, in which case puppet resource will tell you everything it knows about all resources of that type\. You can optionally specify an instance name, and puppet resource will only describe that single instance\. . .P If given a type, a name, and a series of \fIattribute\fR=\fIvalue\fR pairs, puppet resource will modify the state of the specified resource\. Alternately, if given a type, a name, and the \'\-\-edit\' flag, puppet resource will write its output to a file, open that file in an editor, and then apply the saved file as a Puppet transaction\. . .SH "OPTIONS" Note that any configuration parameter that\'s valid in the configuration file is also a valid long argument\. For example, \'ssldir\' is a valid configuration parameter, so you can specify \'\-\-ssldir \fIdirectory\fR\' as an argument\. . .P See the configuration file documentation at http://docs\.puppetlabs\.com/references/stable/configuration\.html for the full list of acceptable parameters\. A commented list of all configuration options can also be generated by running puppet with \'\-\-genconfig\'\. . .TP \-\-debug Enable full debugging\. . .TP \-\-edit Write the results of the query to a file, open the file in an editor, and read the file back in as an executable Puppet manifest\. . .TP \-\-host When specified, connect to the resource server on the named host and retrieve the list of resouces of the type specified\. . .TP \-\-help Print this help message\. . .TP \-\-param Add more parameters to be outputted from queries\. . .TP \-\-types List all available types\. . .TP \-\-verbose Print extra information\. . .SH "EXAMPLE" This example uses \fBpuppet resource\fR to return a Puppet configuration for the user \fBluke\fR: . .IP "" 4 . .nf $ puppet resource user luke user { \'luke\': home => \'/home/luke\', uid => \'100\', ensure => \'present\', comment => \'Luke Kanies,,,\', gid => \'1000\', shell => \'/bin/bash\', groups => [\'sysadmin\',\'audio\',\'video\',\'puppet\'] } . .fi . .IP "" 0 . .SH "AUTHOR" Luke Kanies . .SH "COPYRIGHT" -Copyright (c) 2005\-2007 Puppet Labs, LLC Licensed under the GNU Public License +Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2\.0 License