Foreman configuration » History » Version 13
Configuration is broken into two parts. The config/settings.yaml file and the SETTINGS/Foreman Settings page. The configuration file contains a few low-level options that need to be set before Foreman starts but the majority of Foreman customization is managed from within the program on the Foreman Settings page.
The config/settings.yaml file¶
The first non-comment line of this file must be three dashes.
This boolean option configures whether Foreman requires users to to login. If it is set then each user will be expected to authenticate themselves and all operations will occur, and be audited, under their identity. When this option is false then all activity will be executed under the admin account.
This boolean option configures whether Foreman insists on using only https/ssl encrypted communication channels in the web interface. This does not configure the channels used to contact the smart-proxies. Note that certain operations will still accept a http connection even if this is set, for example, the downloading of a finish script.
This boolean option configures whether Foreman will act as a simple node classifier for puppet, or support the full spectrum of operations required for managing a host's lifecycle. When set to true then foreman will provide full host building facilities for various operating systems.
The 'SETTINGS/Foreman Settings' page¶
When Foreman needs to mail the administrator then this is the email address that it will contact.
Default: root@<your domain>.
When Foreman receives a fact upload from a machine that it has not previously come across it will create a host in its database. If the facts from that host did not contain information about the puppet environment then it will assign the default_puppet_environment environment to this host.
A Smart-variable's match criteria are evaluated in a specific order and if this search order is not provided then Default_variables_Lookup_Path is used.
Default: ["fqdn", "hostgroup", "os", "domain"]
This is the directory into which the rake puppet:rdoc:generate task will place the web-based on-line documentation for your puppet classes. It should be under a web server's control and the default location is served by Foreman's own web server.
The return address applied to outgoing emails.
Default: Foreman-noreply@<your domain>
Whether Smart-variables should be included in the yaml node information provided to puppet.
The number of entries that will be shown in the web interface for list operations.
If this option is set to true then an email will be sent to the host's owner whenever a report is received that contains errors. If the host is not owned or Foreman is not configured to use logins then send the email to the administrator.
Emails may contain embedded references to Foreman's web interface. This option allows the hostname component of the URL to be configured.
Default: foreman.<your domain>
If this option is set to true then Foreman will not update a host's IP and MAC with the values that it receives in a host's facts and it will also include Foreman's values for IP and MAC to puppet in its node information.
If this option is set to true then Foreman will manage a host's Puppet certificate signing. If it is set to false then some external mechanism is required to ensure that the host's certificate request is signed.
This it the modulepath that foreman uses when processing puppet modules. It is usually able to determine this itself at runtime but if it is not able to find a value then modulepath is used.
This is the number of minutes between each run of puppet.
The default puppet server hostname. For larger organizations this is often a non fqdn so that a name like puppet can be a different host within each DNS domain.
Path to puppet.conf.
If this option is set to true then Foreman will be able to trigger a puppet run on any host that it manages.
If a root password is not provided whilst configuring a host then this encrypted password is used when building the machine. The plain text password "123123" has been encrypted to produce the default value.
(To generate a new one you should use: openssl passwd "your_password" )
The default templating system used within Foreman allows unlimited interpolated variables and expressions. This could obviously be abused so a evaluation environment is provided that restricts the template variables and expressions to a whitelist. When this option is true then only known helper methods and instance variables will be available in template expansion.
The SSL Certificate Authority file that Foreman will use when connecting to its smart-proxies.
Default: The CA file used by puppet
The SSL certificate that Foreman will use when connecting to its smart-proxies.
Default: The host certificate used by puppet
The SSL private key file that Foreman will use when connecting to its smart-proxies.
Default: The private key file used by puppet
If Foreman receives an environment fact from one of its hosts and if this option is true, it will update the host's environment with the new value. By default this is not the case as Foreman should manage the host's environment.
Set this option to true if your Foreman installation shares puppet's storeconfig database.
Default: true if puppet uses store configs otherwise false.