https://www.puppet.com/community logo
Join Slack
Powered by
# puppet
  • p
    @puppetry has left the channel
  • s
    This message was deleted.
    f
    • 2
    • 3
  • f
    Hello, Puppet server use this release of openssl 
    /opt/puppetlabs/puppet/bin/openssl
    ?
  • f
    I've a error 
    OpenSSL::SSL::SSLError (no cipher match)
    on my vault when I upgrade to puppet 7
  • n
    hi all, while installing the Puppet 7 Windows we forgett to check the MAX_PATH limitation, its possible to set that manually? thanks
  • c
    Is there a module that allows for a function to do a lookup from vault that can run server side using bolt and use approle/secret_id instead of PKI for authentication? I'm not after the deferred method, Im aware that means secrets will end up in the catalog and that's not an issue for my scenario
  • c
    All the vault integrations I've seen so far insist on using PKI auth and not approle
  • b
    the hiera 5 backend for vault supports approle. maybe that works for you?
  • c
    which one? the voxpupuli one?
  • b
  • b
  • b
    Vox Pupuli has a normal function that can be used as deferred as well, but no hiera integration
  • c
    I would rather have a function
  • c
    but the VP one only works on PKI from what I can see
  • b
    I accept patches 😄
  • c
    😉
  • c
    If it would be a wanted feature I'm happy to contribute to make that happen, just didnt want to reinvent the wheel if it already existed.
  • c
    https://forge.puppet.com/modules/puppet/vault_lookup <-- thats the one youre referring to, right?
  • b
    yes. that's the vox pupuli one
  • b
    ideally, both repos would be combined into one and use a shared lib 🤔
    âž• 1
  • c
    yeah, thats the functionality I want, just not the auth mechanism... I guess I can hack something into that and ship it upstream if I get it working
  • b
    yup. maybe you can copy stuff from https://github.com/petems/petems-hiera_vault
  • b
    yup. maybe you can copy stuff from https://github.com/petems/petems-hiera_vault
  • c
    Probably some stuff I can pinch from Jerakia too, it uses approle for transit encryption through vaul t
  • b
    ah neat
  • f
    I'm the only one to have this issue ? I downgrade to puppetserver 
    7.8.0-1
    and it's woks now. I've found https://github.com/hashicorp/vault-ruby/issues/179#issuecomment-1207990965, https://tickets.puppetlabs.com/browse/SERVER-3133 is solve but that not fix this issue ?
  • f
    I'm the only one to have this issue ? I downgrade to puppetserver 
    7.8.0-1
    and it's woks now. I've found https://github.com/hashicorp/vault-ruby/issues/179#issuecomment-1207990965, https://tickets.puppetlabs.com/browse/SERVER-3133 is solve but that not fix this issue ?
  • s
    Hi David @David Sandilands. I am trying to write a single Puppet Class with a changeable array, (the array will have names added over time), that checks to see if that software package is installed. If it’s installed - Puppet via chocolatey - will make sure it’s updated If it’s not installed - we don’t want to install that package. The alternative is that I have to copy and create a puppet class for each department which I have defined right now That’s essentially what I have in place now. Thanks
  • s
    Yes sir.
  • c
    Why don’t you just use a powershell exec that checks for the path to a file that should be in the package? If it’s there, the package is installed. If it isn’t, then it isn’t installed.
1...174175176...428Latest