The Foreman project runs a number of different servers for testing, packaging, and continuous integration. Most of these servers are available as Jenkins build slaves for A listing of machines is below.


This list is out of date.

Name Hostname IP address OS Purpose Owner
CI Ubuntu 12.04 Jenkins front-end and build Sam Kottler
server2 Ubuntu 12.04 web server for (not the wiki) Brian Gupta
server3 Fedora 16 Puppetmaster and internal Foreman instance Brian Gupta
server06 CentOS 6.3 Runs the majority of the tests and has mock for RPM packaging Sam Kottler
server09 Debian 6.05 Debian packaging and repository creation/promotion Sam Kottler


Access to Foreman project infrastructure is available for those who wish to assist in building packages, testing, and building Jenkins jobs. Fork and add an ssh_user resource to the users module (see puppet/modules/users/manifests/init.pp) and your key into the files directory. Submit a pull request to the infrastructure project and then talk to samkottler or gwmngilfen in #theforeman on One of them can merge your change and update the puppetmaster.

Puppetmaster and Foreman

Puppet and Foreman are of course used to manage the machines. The Foreman instance is accessible only to those with SSH access to Add the following snippet to ~/.ssh/config:

Host foreman-pm
User <your SSH user>
LocalForward localhost:3080
ExitOnForwardFailure yes

and then run:

ssh foreman-pm

and open http://localhost:3080 in your browser.

Host notes

Web server

The main web server hosts:


/var/www is mounted on a separate 100GB block device via LVM. /var/www/freight* contain the staging areas for freight (deb), and /var/www/vhosts contain the web roots themselves.

It has the following customisations:

  • firewalld is configured with TCP ports 22, 80, 443 and 873 open - should be Puppetised
  • /home/freight* has go+x to permit the deb deploy script (running under the freight user) to read both freight and freightstage config files - should be rolled into secure_ssh or freight Puppet module
  • slave01's SSH key is added to permit yum uploads - should be moved to a separate secure_ssh user
  • freight and freightstage users have private auto-signing GPG key imported

In case of maintenance, a template page and config file snippet are under /var/www/503. The config should be copied into each vhost.