Typically I take the attitude of "manage the whole file" and avoid augeas and ini-style edits.

Oh… do you mean the config file takes multiple options? Possibly more than one line of options? Like this?:

FOO=hello
BAR=one two three
BAZ=world

I think the chrony file is only a one-liner: OPTIONS='-u chrony -l -L'

Let me verify.

Yeah, /etc/sysconfig/chronyd is a one-liner.

beaker 🧑‍🏫PE Console is about to start up in #CFD8Z9A4T

I have a trick though…

You can do as many lines there as you want, but service only uses OPTIONS variable

There any modules out there that supports pulling secrets from google's secret manager service? I've only found ones for aws or vault.

We have a puppet module to update postgressql and each and every puppet pull cycle in the client side creating few files with extention .pref under /etc/apt/preferences.d. After that file creation , using puppet we could not update anyting until and unless we clear those file which are generated.

This message was deleted.

Run your manifest until it "fails" in not doing what you want and then do "echo test >> /etc/pat/preferences.d/<file.pref> " and re-run Puppet. I'd be willing to bet that your manifest then makes the changes you expect because the .pref files will be recreated and the dependency (or "subscribe or "notify") section kicks off.

It sounds like you have a dependency on the .pref files changing and once those .pref files are deleted and (puppet) recreated, then you get your updates.

Run your manifest until it "fails" in not doing what you want and then do "echo test >> /etc/pat/preferences.d/<file.pref> " and re-run Puppet. I'd be willing to bet that your manifest then makes the changes you expect because the .pref files will be recreated and the dependency (or "subscribe or "notify") section kicks off.

What's a good way to apply a value in hiera to a group of unrelated (but deliberately chosen) servers? The only thing they share in common is that they all run apache. I have a new apache config I want to test on a handful of my servers. I have a variable which if set to true, will use the new apache config. I want to set that value in hiera for about 20 different servers. My first thought is to create a custom fact and then modify the hiera config to apply a yaml file to these servers based on the setting of that fact, but is there a better way? P.S. We are using puppet 4.10. I know it's EOL. We're upgrading to 7, but that's not going to happen before I need to make these changes.

you can set apache hiera in common

@John Ratliff, are the server names similar enough that you could write a hackish IF check?

No, there is no good fact that applies to just the subset of servers I want. Server names are all over the map. We just have a lot of apache servers.

You could create a single "nodes/%{trusted.certname}.yaml" file in your hiera hierarchy and then symlink each server's name to the nodes/%{trusted.certname}.yaml file.

That's kinda hackish.

You can create a new hierarchy level for just two groups of servers to reflect that common setting if you like

Yeah, that's what I was thinking. A new hierarchy level and set a custom fact in site_facts/lib/facter where the hiera level would match.

yep, I use

application

to join dns and dhcp servers

some folks use %alias function to avoid copy/paste

define some

common::apache::stuff

and reference it in real

apache::

if it's a one time thing, I'd do the nodes/trusted certname thing

if it's a thing you want to be able to repeat, I'd make a fact called like... canary_node that looks for a file on the filesystem and either returns its content or "true" if it exists

what is the current method of doing

lookup('ntp::service_name')

in a erb template? is it

scope.call_function('lookup',[ntp::service_name'])

or

scope['ntp::service_name']

or somethign else?

none of it 🙂

do APL in the code and pass it to epp template