Appendix C. Applying Custom Configuration to Red Hat Satellite
When you install and configure Satellite for the first time using satellite-installer, you can specify that the DNS and DHCP configuration files are not to be managed by Puppet using --foreman-proxy-dns-managed=false and --foreman-proxy-dhcp-managed=false. If these options are not specified during the initial installer run, any manual changes will be overwritten by a rerun of the installer, for example, rerun for upgrade purposes. If changes are overwritten, you will need to run the restore procedure to restore the manual changes. See Section C.1, “How to restore manual changes overwritten by a Puppet run” for more information.
The installer does not have an option for all configuration files that you may want to manage manually. To specify Satellite configuration values which will not be overwritten by the installer, add entries to the configuration file /etc/foreman-installer/custom-hiera.yaml. This configuration file is in YAML format, consisting of one entry per line in the format of <puppet class>::<parameter name>: <value>. Configuration values specified in this file will persist across installer reruns.
Common examples include:
For Apache, to set the ServerTokens directive to only return the Product name:
apache::server_tokens: Prod
To turn off the Apache server signature entirely:
apache::server_signature: Off
To turn off TRACE:
apache::trace_enable: Off
For Puppet, to enable the future parser:
puppet::server_parser: future
For Pulp, to configure the number of pulp workers:
pulp::num_workers: 8
C.1. How to restore manual changes overwritten by a Puppet run
If your manual configuration has been overwritten by a Puppet run, you can restore the files to the previous state. The following example shows you how to restore a DHCP configuration file overwritten by a Puppet run.
Copy the file you intend to restore. This allows you to compare the files to check for any mandatory changes required by the upgrade. This is not common for DNS or DHCP services.
# cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.backup
Check the log files to note down the md5sum of the overwritten file. For example:
# journalctl -xe ... /Stage[main]/Dhcp/File[/etc/dhcp/dhcpd.conf]: Filebucketed /etc/dhcp/dhcpd.conf to puppet with sum 622d9820b8e764ab124367c68f5fa3a1 ...
Restore the overwritten file:
# puppet filebucket restore --local --bucket \ /var/lib/puppet/clientbucket /etc/dhcp/dhcpd.conf \ 622d9820b8e764ab124367c68f5fa3a1
- Compare the backup file and the restored file, and edit the restored file to include any mandatory changes required by the upgrade.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.