HTTP backend for Hiera
Ruby Puppet
Failed to load latest commit information.
lib/hiera/backend dont pass paths to lookup_http Oct 7, 2015
pkg Forge release 1.2.0 Jul 9, 2014
LICENSE Added apache 2.0 license Mar 18, 2015 changelog Oct 7, 2015 2.0.0 - see release notes Oct 7, 2015
Rakefile 2.0.0 - see release notes Oct 7, 2015

hiera_http : a HTTP back end for Hiera

Join the chat at


This is a back end plugin for Hiera that allows lookup to be sourced from HTTP queries. The intent is to make this backend adaptable to allow you to query any data stored in systems with a RESTful API such as CouchDB or even a custom store with a web front-end


The following is an example hiera.yaml configuration for use with hiera-http

  - http

  :port: 5984
  :output: json
  :cache_timeout: 10
  :failure: graceful
    :X-Token: my-token
    - /configuration/%{fqdn}
    - /configuration/%{env}
    - /configuration/common

The following are optional configuration parameters

:output: : Specify what handler to use for the output of the request. Currently supported outputs are plain, which will just return the whole document, or YAML and JSON which parse the data and try to look up the key

:http_connect_timeout: : Timeout in seconds for the HTTP connect (default 10)

:http_read_timeout: : Timeout in seconds for waiting for a HTTP response (default 10)

:cache_timeout: : Timeout in seconds for HTTP requests to a same path (default 10), set to 0 to disable the cache

:cache_clean_interval: : Interval (in secs) to clean the cache (default 3600), set to 0 to disable cache cleaning

:confine_to_keys: : Only use this backend if the key matches one of the regexes in the array

    - "application.*"
    - "apache::.*"

:failure: : When set to graceful will stop hiera-http from throwing an exception in the event of a connection error, timeout or invalid HTTP response and move on. Without this option set hiera-http will throw an exception in such circumstances

:ignore_404: : If failure is not set to graceful then any error code received from the HTTP response will throw an exception. This option makes 404 responses exempt from exceptions. This is useful if you expect to get 404's for data items not in a certain part of the hierarchy and need to fall back to the next level in the hierarchy, but you still want to bomb out on other errors.

The :paths: parameter can also parse the lookup key, eg:


:use_ssl:: When set to true, enable SSL (default: false)

:ssl_ca_cert: Specify a CA cert for use with SSL

:ssl_cert: Specify location of SSL certificate

:ssl_key: Specify location of SSL key

:ssl_verify: Specify whether to verify SSL certificates (default: true)

:use_auth:: When set to true, enable basic auth (default: false)

:auth_user:: The user for basic auth

:auth_pass:: The password for basic auth

:headers:: Hash of headers to send in the request


Theres a few things still on my list that I'm going to be adding, including

  • Add HTTP basic auth support
  • Add proxy support
  • Add further handlers (eg: XML)



Change Log



  • Confine keys feature to restrct when the backend is used
  • Bug fixes
  • Documentation updates


  • Bugfix release for ruby 1.8.7 support


  • Added lookup caching features


  • Support for SSL verify options
  • Support for HTTP auth


  • 1.0 release
  • Support for ignoring 404's when failure is not set to graceful


  • Stable
  • Puppet Forge release


  • Added SSL support


  • Initial release