Custom config settings for satellite-installer (puppet.conf and apache conf)

Latest response

We are using an existing external Puppet CA solution with our satellite so I need to some extra options for puppet and apache for this to work, see below, however the satellite-installer program overwrites these settings when it´s run.

/etc/httpd/conf.d/25-puppet.conf
Change:
SSLVerifyDepth 1
To:
SSLVerifyDepth 3

/etc/puppet/puppet.conf
Add to [main] section:
certificate_revocation = false

Looks like this comes from some kind of puppet erb templates. Where can I find the templates and adjust them, and will the templates be overwritten as well when the rpm packages are updated?

Thanks ...

Responses

The ERB templates are provided by the foreman-installer package. Though modifying the template (or your puppet.conf) directly only works until

  • the foreman-installer package is updated
  • the installer is invoked again.

Would it be possible to add my own ruby script to something like /usr/share/foreman-installer/hooks/post/ or would that probably be wiped as well? (Can´t find any /etc/foreman-installer/hooks dir )

I should add that it is possible to pass hiera parameters to the installer´s puppet modules using the /etc/foreman-installer/custom-hiera.yaml file. Examples:

puppet::server_additional_settings:
  data_binding_terminus: 'none'
puppet::agent_additional_settings:
  puppet::environment: 'satellite_master'

Some stuff can´t be changed though, like the ssl_verify_depth parameter for the puppet apache vhost , since it is hard coded in a define in /usr/share/foreman-installer/modules/puppet/manifests/server/passenger.pp ... This will need to be handled in some kind of post script that I run after satellite-installer ...

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.