# puppet
- s
Slackbot
09/21/2022, 9:48 PMThis message was deleted.bh+2- 5
- 9
- h
hbui
09/22/2022, 2:28 AMwhat types of things do folks plan on working on? - g
Giovanni Bechis
09/22/2022, 5:50 AM@Giovanni Bechis has left the channel - b
bastelfreak
09/22/2022, 7:20 AMor more interesting/challenging stuff like enhancing https://github.com/voxpupuli/puppet_metadata so our acceptance testing does work on alma/rocky linux as well, or setup beaker integration for google. If you're interested in any of that, let me know and I can provide some guidance - s
Slackbot
09/22/2022, 1:38 PMThis message was deleted.jp- 3
- 3
- p
Puli Hari Krishna
09/22/2022, 1:45 PM👋 Hello, team! Glad to join this community, I am trying to reverse proxy using Cloudflare tunnel for puppet server, As puppet uses mTLS authentication mechanism, using reverse proxy is not usable solution unles we have header based mTLS. - p
Puli Hari Krishna
09/22/2022, 1:49 PM👋 Hello, team! Glad to join this community, I am trying to reverse proxy using Cloudflare tunnel for puppet server, As puppet uses mTLS authentication mechanism, using reverse proxy is not usable solution unless we have header based mTLS. I would to check if there is a support having a reverse-proxy in front. I went through https://puppet.com/docs/puppet/7/server/external_ssl_termination.html but looks like it is not secure. Hence seeking for help here... thank you in advance. - p
Pavlos Parissis
09/22/2022, 3:37 PMI have a question about versioning in package resource. if I pin foopkg to
version but the latest version of the package in the security repo is1.1.0
, then this will cause package installation failures as that version of the package is not available anymore in the security repo and also in the archive repo1.1.1 - p
Pavlos Parissis
09/22/2022, 3:39 PMfor instance, let's see apache2 http://changelogs.ubuntu.com/changelogs/pool/main/a/apache2/apache2_2.4.29-1ubuntu4.25/changelog, current release 2.4.29-1ubuntu4.25 and previous security release 2.4.29-1ubuntu4.24Copy codeapt policy apache2 apache2: Installed: (none) Candidate: 2.4.29-1ubuntu4.25 Version table: 2.4.29-1ubuntu4.25 500 500 <http://archive.ubuntu.com/ubuntu> bionic-updates/main amd64 Packages 500 <http://security.ubuntu.com/ubuntu> bionic-security/main amd64 Packages 2.4.29-1ubuntu4 500 500 <http://archive.ubuntu.com/ubuntu> bionic/main amd64 Packages - p
Pavlos Parissis
09/22/2022, 3:39 PMtrying to install
fails as it is not available anymore2.4.29-1ubuntu4.24Copy codeapt install apache2=2.4.29-1ubuntu4.24 Reading package lists... Done Building dependency tree Reading state information... Done E: Version '2.4.29-1ubuntu4.24' for 'apache2' was not found - p
Pavlos Parissis
09/22/2022, 3:41 PMso if I pin the version of PKG and a new security release takes place then the puppet agent will report errors when it will try to install it on new system, for existing systems that have the package isn't a problem - p
Pavlos Parissis
09/22/2022, 3:41 PMso if I pin the version of PKG and a new security release takes place then the puppet agent will report errors when it will try to install it on new system, for existing systems that have the package isn't a problem - p
Pavlos Parissis
09/22/2022, 3:41 PMhow can I address this error in a soft way? Like ok apt fails to find the package, I will notify the error but it will not break the catalog - h
hbui
09/22/2022, 3:45 PMIf you have a need for packages to be at a set version and your upstream isn't keeping old versions, you're kind of stuck maintaining a local mirror. If you know you have a business requirement to be at 1.1.0 and you appropriately tell puppet keep it at version 1.1.0, then you're stuck providing a mechanism for the system to get version 1.1.0 of the package. - h
hbui
09/22/2022, 3:47 PMIf your business rule is "use 1.1.0 or just accept whatever is current" then you'd use
and it will justensure => presentapt install <package> - p
Pavlos Parissis
09/22/2022, 3:48 PMI see - h
hbui
09/22/2022, 3:48 PMpuppet is all about enforcing the state you've told it to enforce - h
hbui
09/22/2022, 3:49 PMand if you need version 1.1.0, then it should fail if it can't enforce that configuration - p
Pavlos Parissis
09/22/2022, 3:49 PMTrue - p
Pavlos Parissis
09/22/2022, 3:50 PMwhat is the difference between
andpresent
? both will install what is the current latest version, right?latest - p
Pavlos Parissis
09/22/2022, 3:52 PMto me
is the same aspresent
, if the package is not install, just install it if it is installed then do not anythinginstalled - p
Pavlos Parissis
09/22/2022, 3:53 PMI see this in the code https://github.com/puppetlabs/puppet/blob/main/lib/puppet/type/package.rb#L114 - p
Pavlos Parissis
09/22/2022, 3:53 PMI see this in the code https://github.com/puppetlabs/puppet/blob/main/lib/puppet/type/package.rb#L114 - r
Robert Vincent
09/22/2022, 4:00 PM
is the same aspresentinstalled - h
hbui
09/22/2022, 4:01 PMpresent and installed are the same, so it will basically just
and if it is there do nothing latest means "update this as soon as you see an update for it"dpkg -l <package> - r
Robert Vincent
09/22/2022, 4:01 PM
will attempt to reinstall an installed package with a different version;latest
orpresent
will not.installed - r
Robert Vincent
09/22/2022, 4:01 PM
will attempt to upgrade an installed package;latest
orpresent
will not.installed - h
hbui
09/22/2022, 4:02 PMin general, if you need a specific version of a package, I'd make sure to have a mechanism for installing it that didn't depend on the vendor - r
Robert Vincent
09/22/2022, 4:02 PM
will attempt to upgrade an installed package with an older version;latest
orpresent
will not.installed - r
Robert Vincent
09/22/2022, 4:03 PM
will attempt to reinstall an installed package with a different version;latest
orpresent
will not.installed