Project

General

Profile

Foreman configuration » History » Version 13

« Previous - Version 13/14 (diff) - Next » - Current version
Thom Carlin, 07/10/2014 01:41 PM


Foreman configuration

Configuration is broken into two parts. The config/settings.yaml file and the SETTINGS/Foreman Settings page. The configuration file contains a few low-level options that need to be set before Foreman starts but the majority of Foreman customization is managed from within the program on the Foreman Settings page.

The config/settings.yaml file

YAML start

The first non-comment line of this file must be three dashes.

---

login

This boolean option configures whether Foreman requires users to to login. If it is set then each user will be expected to authenticate themselves and all operations will occur, and be audited, under their identity. When this option is false then all activity will be executed under the admin account.

:login: true

require_ssl

This boolean option configures whether Foreman insists on using only https/ssl encrypted communication channels in the web interface. This does not configure the channels used to contact the smart-proxies. Note that certain operations will still accept a http connection even if this is set, for example, the downloading of a finish script.

:require_ssl: true

unattended

This boolean option configures whether Foreman will act as a simple node classifier for puppet, or support the full spectrum of operations required for managing a host's lifecycle. When set to true then foreman will provide full host building facilities for various operating systems.

:unattended: true

The 'SETTINGS/Foreman Settings' page

administrator

When Foreman needs to mail the administrator then this is the email address that it will contact.
Default: root@<your domain>.

default_puppet_environment

When Foreman receives a fact upload from a machine that it has not previously come across it will create a host in its database. If the facts from that host did not contain information about the puppet environment then it will assign the default_puppet_environment environment to this host.
Default: production

Default_variables_Lookup_Path

A Smart-variable's match criteria are evaluated in a specific order and if this search order is not provided then Default_variables_Lookup_Path is used.
Default: ["fqdn", "hostgroup", "os", "domain"]

document_root

This is the directory into which the rake puppet:rdoc:generate task will place the web-based on-line documentation for your puppet classes. It should be under a web server's control and the default location is served by Foreman's own web server.
Default: public/puppet/rdoc

email_reply_address

The return address applied to outgoing emails.
Default: Foreman-noreply@<your domain>

Enable_Smart_Variables_in_ENC

Whether Smart-variables should be included in the yaml node information provided to puppet.
Default: true

entries_per_page

The number of entries that will be shown in the web interface for list operations.
Default: 20

failed_report_email_notification

If this option is set to true then an email will be sent to the host's owner whenever a report is received that contains errors. If the host is not owned or Foreman is not configured to use logins then send the email to the administrator.
Default: false

foreman_url

Emails may contain embedded references to Foreman's web interface. This option allows the hostname component of the URL to be configured.
Default: foreman.<your domain>

ignore_puppet_facts_for_provisioning

If this option is set to true then Foreman will not update a host's IP and MAC with the values that it receives in a host's facts and it will also include Foreman's values for IP and MAC to puppet in its node information.
Default: false

manage_puppetca

If this option is set to true then Foreman will manage a host's Puppet certificate signing. If it is set to false then some external mechanism is required to ensure that the host's certificate request is signed.
Default: true

modulepath

This it the modulepath that foreman uses when processing puppet modules. It is usually able to determine this itself at runtime but if it is not able to find a value then modulepath is used.
Default: /etc/puppet/modules

puppet_interval

This is the number of minutes between each run of puppet.
Default: 30

puppet_server

The default puppet server hostname. For larger organizations this is often a non fqdn so that a name like puppet can be a different host within each DNS domain.
Default: puppet

puppetconfdir
Path to puppet.conf.
Default: /etc/puppet/puppet.conf

puppetrun

If this option is set to true then Foreman will be able to trigger a puppet run on any host that it manages.
Default: false

root_pass

If a root password is not provided whilst configuring a host then this encrypted password is used when building the machine. The plain text password "123123" has been encrypted to produce the default value.
Default: xybxa6JUkz63w
(To generate a new one you should use: openssl passwd "your_password" )

safemode_render

The default templating system used within Foreman allows unlimited interpolated variables and expressions. This could obviously be abused so a evaluation environment is provided that restricts the template variables and expressions to a whitelist. When this option is true then only known helper methods and instance variables will be available in template expansion.
Default: true

ssl_ca_file

The SSL Certificate Authority file that Foreman will use when connecting to its smart-proxies.
Default: The CA file used by puppet

ssl_certificate

The SSL certificate that Foreman will use when connecting to its smart-proxies.
Default: The host certificate used by puppet

ssl_priv_key

The SSL private key file that Foreman will use when connecting to its smart-proxies.
Default: The private key file used by puppet

update_environment_from_facts

If Foreman receives an environment fact from one of its hosts and if this option is true, it will update the host's environment with the new value. By default this is not the case as Foreman should manage the host's environment.
Default: false

using_storeconfigs

Set this option to true if your Foreman installation shares puppet's storeconfig database.
Default: true if puppet uses store configs otherwise false.