Something terminates your connection. Maybe a firewall, load balancer, or http proxy

dumb question ... fact names all share a global namespace. what happens if multiple modules contain the same fact (i.e.

pdk new fact xyz

) ? ... common sense tells me that only one of them would end up in

/opt/puppetlabs/puppet/cache/lib/facter/

on the target machine (even if both are sent, one would overwrite the other), so only one would end up being executed ... i know the "correct" answer is "don't do that", but if somebody does, is there any way to know which one would end up existing on the target machine?

Hi everyone How can we manage this pull request on docker module ? https://github.com/puppetlabs/puppetlabs-docker/pull/965

what do you mean by "manage" it

Hi everyone, I’m building a proof of concept (POC) of Puppet and need to install PuppetServer on an EKS cluster. The server will run on my EC2 instances, and we’re using Puppet Open Source. I haven’t found consistent documentation about Puppet on Kubernetes. The only option I found is to run the PuppetServer on EC2 instances, which we don’t want. Since the official image in the Docker Registry is deprecated, and the Voxpuli Puppet Server image is too, I had to build a Dockerfile. https://hub.docker.com/r/puppet/puppetserver/ https://hub.docker.com/r/voxpupuli/container-puppetserver I noticed the official Puppet Server Helm Chart: https://github.com/puppetlabs/puppetserver-helm-chart, but some of its dependencies reference Bitnami images. Do you have any suggestions for alternatives to this? If you’ve faced a similar challenge (PuppetServer on a Kubernetes cluster) before, please share your experience and knowledge with me. Thank you so much.

@Jason St-Cyr Is there a way to get the puppetlabs-apt module to a better state? Ubuntu 24.04 isn't supported yet, neither Debian Trixie.

Hi everyone. I'm running open source Puppet version 7. I'm using the roles/profiles architecture to manage my configurations. I'm using the puppetlabs/docker module to manage my compose files/services (docker_compose resource definitions) for various application stacks. One of my compose-based application stacks is an nginx reverse proxy for a number of FQDNs. I'm writing a custom module to manage certificates using lego. My lego module loops over a list of domains and uses exec resources to create/renew the certificates. I'm struggling to figure out how to declare the dependencies between my lego module certificate creation and/or renewal with restarting my nginx stack. I'm trying to keep the modules as loosely coupled as possible. I've tried creating File resources for the certificates within the loop and subscribing the nginx docker_compose resource to the certificate File resources. I am getting errors from the nginx docker_compose that the File resources do not exist, presumably because they are dynamically generated in the loop and haven't been actualized yet? I've thought that somehow declaring the dependencies within my profiles is a better approach, but I haven't been able to wrap my head around how to declare a dependency in a class external to both the File or Docker_compose resources. I'm looking for suggestions on the best way to approach this situation. Should I give up the idea of loosely coupling the module? Is there a way to subscribe to resources that are dynamically created within a loop in a different module?

question ... i'm looking at https://help.puppet.com/pe/current/topics/certificate-authority-service-parameters.htm ... i hadn't realized that agent certs are only 90 days and are automatically re-issued, that is cool ... my question is, does the same thing happen for the CA certificate?

Hey everyone ! Trying to understand how the Puppet CA works. When I'm submitting a new CSR as an agent to the Puppet Master, how is the transaction secured ? Most importantly with which certificate ? As far as I'm aware, the certificate exposed by the Puppet Master server is not signed by a trusted CA by the agent (I think) for now. How does this not fail ?

is this an issue with Github, or with access to the modules? (same iwth

$ git clone git@github.com:voxpupuli/voxpupuli-release.git
Cloning into 'voxpupuli-release'...
ERROR: user:1710103:maxadamo
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

I was typing: same with HTTPS. p.s.: one hour ago Codeberg was down. What's wrong today? 🙂

cloudflare was barfing early this morning

Github has issues again

finally they put something up https://www.githubstatus.com/incidents/5q7nmlxz30sk I was seeing weirdness with the web interface an hour ago

yuuup. Just tried an r10k and it failed spectacularly

question ...

puppet strings

generates a

doc/

directory with HTML documentation for the current module ... is there a way to take a collection of all

modules/*/doc/

directories and "combine" their content into a single set of HTML documentation for the entire "code base"?

That's what the puppet strings server can do.

And there is also https://www.puppetmodule.info/modules

is there any documentation about "the puppet strings server"? all i've ever seen is the output from

puppet strings server -h

, which is ... a bit sparse.

Yes that's it

okay ... i just ran

puppet strings server --modulepath $HOME/blah/

... it looks like it went through all the modules, the last thing it printed was

Starting YARD documentation server.

and then it dropped back to a command prompt ... when i try to access

<http://localhost:8808/>

it gets "connection refused", and

netstat -af inet

shows nothing listening on port 8808 ... when i've run similiar things in the past, it would generally print a URL and then wait for incoming connections, rather than dropping back to a command prompt ... did something go wrong and not print an error message?

I am quite sure it should run in foreground

it looks like it created a

doc/

directory, and looking at the files within that directory it looks like there are individual documentation files for each class, defined type, etc... but the

index.html

has "Puppet Class Listing A-Z" but only lists one class (which, coincidentally, looks like the last class it processed)

and actually, what i'm hoping for isn't a running "server" with the docs, but the collection of HTML/CSS/JS/etc. files that appears to be in that

doc/

directory, that i can upload to a directory on an internal web server, to act as static documentation for a specific "version" of the puppet code ... so to me, the broken indexes are a bigger problem than the "web server isn't running" thing.

Hello, i have a question. I'm working in company that has on-premise (VMware) and AWS environments. RHEL 8 and RHEL 9 is used. Company has "Golden" image/template for on-premise RHEL8, where it has 1 bug. Pretty much like this: 1/ AWS RHEL8 (not affected) RHEL9 (not affected) 2/ On-premise VMware RHEL8 (affected ⚠️ ) RHEL9 (not affected) I kind of want to write next logic:

if dig($facts, 'virtual') == 'vmware' and $facts['os']['family'] == 'RedHat' and $facts['os']['release']['major'] == '8' {
    if Deferred('file', ['/etc/yum.repos.d/microsoft-prod.repo']).exist? {
      file_line { 'microsoft_repo_gpgcheck':
        ensure => present,
        path   => '/etc/yum.repos.d/microsoft-prod.repo',
        line   => 'gpgcheck=1',
        match  => '^\s*gpgcheck\s*=.*$',
      }
    }
  }

Basically what makes me somewhat upset is case when in future this file will no longer be there, and from what i remember if file is absent but file_line resource will look for it it will pretty much make "puppet agent -t" fail with ERROR 500 because catalog won't be compiled. I started asking Microsoft Copilot and it gave me code above using "Deffered" to check if file exists on filesystem and only then try to apply "file_line". But Google Gemini says that it will not work and that is not how Deffered is used and pushing me towards using module from Forge with "deffered" in its name. Could someone advice, would code above work? Or what you advice in general for my use case?

IMO: you should know which nodes need that repo, and then use puppet to manage the whole repo. for example with the puppet/yum module

Hmm, sounds like good idea, thanks, will look into it

@josh can you take a quick look at https://github.com/voxpupuli/beaker-hostgenerator/pull/440 ?