|
#
|
|
# Managed by Puppet
|
|
#
|
|
# configuration for the JRuby interpreters
|
|
jruby-puppet: {
|
|
# Where the puppet-agent dependency places puppet, facter, etc...
|
|
# Puppet server expects to load Puppet from this location
|
|
ruby-load-path: [
|
|
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby,
|
|
/opt/puppetlabs/puppet/cache/lib,
|
|
]
|
|
|
|
# This setting determines where JRuby will install gems. It is used for loading gems,
|
|
# and also by the `puppetserver gem` command line tool.
|
|
gem-home: /opt/puppetlabs/server/data/puppetserver/jruby-gems
|
|
|
|
# This setting defines the complete "GEM_PATH" for jruby. If set, it should include
|
|
# the gem-home directory as well as any other directories that gems can be loaded
|
|
# from (including the vendored gems directory for gems that ship with puppetserver)
|
|
gem-path: [${jruby-puppet.gem-home}, "/opt/puppetlabs/server/data/puppetserver/vendored-jruby-gems", "/opt/puppetlabs/puppet/lib/ruby/vendor_gems"]
|
|
|
|
# PLEASE NOTE: Use caution when modifying the below settings. Modifying
|
|
# these settings will change the value of the corresponding Puppet settings
|
|
# for Puppet Server, but not for the Puppet CLI tools. This likely will not
|
|
# be a problem with master-var-dir, master-run-dir, or master-log-dir unless
|
|
# some critical setting in puppet.conf is interpolating the value of one
|
|
# of the corresponding settings, but it is important that any changes made to
|
|
# master-conf-dir and master-code-dir are also made to the corresponding Puppet
|
|
# settings when running the Puppet CLI tools. See
|
|
# https://docs.puppetlabs.com/puppetserver/latest/puppet_conf_setting_diffs.html#overriding-puppet-settings-in-puppet-server
|
|
# for more information.
|
|
|
|
# (optional) path to puppet conf dir; if not specified, will use
|
|
# the puppet default
|
|
master-conf-dir: /etc/puppetlabs/puppet
|
|
|
|
# (optional) path to puppet code dir; if not specified, will use
|
|
# the puppet default
|
|
master-code-dir: /etc/puppetlabs/code
|
|
|
|
# (optional) path to puppet var dir; if not specified, will use
|
|
# the puppet default
|
|
master-var-dir: /opt/puppetlabs/server/data/puppetserver
|
|
|
|
# (optional) path to puppet run dir; if not specified, will use
|
|
# the puppet default
|
|
master-run-dir: /var/run/puppetlabs/puppetserver
|
|
|
|
# (optional) path to puppet log dir; if not specified, will use
|
|
# the puppet default
|
|
master-log-dir: /var/log/puppetlabs/puppetserver
|
|
|
|
# (optional) maximum number of JRuby instances to allow
|
|
max-active-instances: 4
|
|
|
|
# (optional) the number of HTTP requests a given JRuby instance will handle in its lifetime.
|
|
max-requests-per-instance: 0
|
|
|
|
# (optional) The maximum number of requests that may be queued waiting to borrow a JRuby from the pool.
|
|
max-queued-requests: 0
|
|
|
|
# (optional) Sets the upper limit for the random sleep set as a Retry-After header on 503 responses returned when max-queued-requests is enabled.
|
|
max-retry-delay: 1800
|
|
|
|
# (optional) Authorize access to Puppet master endpoints via rules
|
|
# specified in the legacy Puppet auth.conf file (if true) or via rules
|
|
# specified in the Puppet Server HOCON-formatted auth.conf (if false or not
|
|
# specified).
|
|
use-legacy-auth-conf: false
|
|
|
|
# (optional) enable or disable environment class cache
|
|
environment-class-cache-enabled: false
|
|
}
|
|
|
|
# settings related to HTTPS client requests made by Puppet Server
|
|
http-client: {
|
|
# A list of acceptable protocols for making HTTPS requests
|
|
ssl-protocols: [
|
|
TLSv1.2,
|
|
]
|
|
|
|
# A list of acceptable cipher suites for making HTTPS requests
|
|
cipher-suites: [
|
|
TLS_RSA_WITH_AES_256_CBC_SHA256,
|
|
TLS_RSA_WITH_AES_256_CBC_SHA,
|
|
TLS_RSA_WITH_AES_128_CBC_SHA256,
|
|
TLS_RSA_WITH_AES_128_CBC_SHA,
|
|
]
|
|
|
|
# Whether to enable http-client metrics; defaults to 'true'.
|
|
metrics-enabled: true
|
|
|
|
# The amount of time, in milliseconds, that an outbound HTTP connection
|
|
# will wait for data to be available before closing the socket. If not
|
|
# defined, defaults to 20 minutes. If 0, the timeout is infinite and if
|
|
# negative, the value is undefined by the application and governed by the
|
|
# system default behavior.
|
|
idle-timeout-milliseconds: 1200000
|
|
|
|
# The amount of time, in milliseconds, that an outbound HTTP connection will
|
|
# wait to connect before giving up. Defaults to 2 minutes if not set. If 0,
|
|
# the timeout is infinite and if negative, the value is undefined in the
|
|
# application and governed by the system default behavior.
|
|
connect-timeout-milliseconds: 120000
|
|
}
|
|
|
|
# settings related to profiling the puppet Ruby code
|
|
profiler: {
|
|
# enable or disable profiling for the Ruby code;
|
|
enabled: true
|
|
}
|
