Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1369 from nfagerlund/fileserver_conf
Fileserver conf/auth.conf improvements
- Loading branch information
Showing
7 changed files
with
217 additions
and
86 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,13 +1,41 @@ | ||
# $Id$ | ||
# fileserver.conf | ||
|
||
[dist] | ||
path /dist | ||
allow *.puppetlabs.com | ||
# Puppet automatically serves PLUGINS and FILES FROM MODULES: anything in | ||
# <module name>/files/<file name> is available to authenticated nodes at | ||
# puppet:///modules/<module name>/<file name>. You do not need to edit this | ||
# file to enable this. | ||
|
||
[plugins] | ||
path /var/lib/puppet/plugins | ||
allow *.puppetlabs.com | ||
# MOUNT POINTS | ||
|
||
[facts] | ||
path /var/lib/puppet/facts | ||
allow *.puppetlabs.com | ||
# If you need to serve files from a directory that is NOT in a module, | ||
# you must create a static mount point in this file: | ||
# | ||
# [extra_files] | ||
# path /etc/puppet/files | ||
# allow * | ||
# | ||
# In the example above, anything in /etc/puppet/files/<file name> would be | ||
# available to authenticated nodes at puppet:///extra_files/<file name>. | ||
# | ||
# Mount points may also use three placeholders as part of their path: | ||
# | ||
# %H - The node's certname. | ||
# %h - The portion of the node's certname before the first dot. (Usually the | ||
# node's short hostname.) | ||
# %d - The portion of the node's certname after the first dot. (Usually the | ||
# node's domain name.) | ||
|
||
# PERMISSIONS | ||
|
||
# Every static mount point should have an `allow *` line; setting more | ||
# granular permissions in this file is deprecated. Instead, you can | ||
# control file access in auth.conf by controlling the | ||
# /file_metadata/<mount point> and /file_content/<mount point> paths: | ||
# | ||
# path ~ ^/file_(metadata|content)/extra_files/ | ||
# auth yes | ||
# allow /^(.+)\.example\.com$/ | ||
# allow_ip 192.168.100.0/24 | ||
# | ||
# If added to auth.conf BEFORE the "path /file" rule, the rule above | ||
# will add stricter restrictions to the extra_files mount point. |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,16 @@ | ||
all: user@domain.com | ||
# tagmail.conf | ||
|
||
# This file configures the `tagmail` report, which can be enabled by including | ||
# tagmail in the puppet master's `reports` setting. (`reports = https, tagmail`) | ||
|
||
# Each line in this file should consist of a comma-separated list of tags and/or | ||
# negated tags (`!tag`), a colon, and a comma-separated list of email addresses. | ||
# The `all` psuedo-tag will email all log events. | ||
# See http://docs.puppetlabs.com/guides/configuring.html#tagmailconf for | ||
# a complete description of this file. | ||
|
||
# Example: | ||
|
||
# all: log-archive@example.com | ||
# webserver, !mailserver: httpadmins@example.com | ||
# emerg, crit: james@example.com, zach@example.com, ben@example.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,17 +1,41 @@ | ||
# This file consists of arbitrarily named sections/modules | ||
# defining where files are served from and to whom | ||
# fileserver.conf | ||
|
||
# Define a section 'files' | ||
# Adapt the allow/deny settings to your needs. Order | ||
# for allow/deny does not matter, allow always takes precedence | ||
# over deny | ||
#[files] | ||
# path /etc/puppet/files | ||
# allow *.example.com | ||
# deny *.evil.example.com | ||
# allow 192.168.0.0/24 | ||
# Puppet automatically serves PLUGINS and FILES FROM MODULES: anything in | ||
# <module name>/files/<file name> is available to authenticated nodes at | ||
# puppet:///modules/<module name>/<file name>. You do not need to edit this | ||
# file to enable this. | ||
|
||
#[plugins] | ||
# allow *.example.com | ||
# deny *.evil.example.com | ||
# allow 192.168.0.0/24 | ||
# MOUNT POINTS | ||
|
||
# If you need to serve files from a directory that is NOT in a module, | ||
# you must create a static mount point in this file: | ||
# | ||
# [extra_files] | ||
# path /etc/puppet/files | ||
# allow * | ||
# | ||
# In the example above, anything in /etc/puppet/files/<file name> would be | ||
# available to authenticated nodes at puppet:///extra_files/<file name>. | ||
# | ||
# Mount points may also use three placeholders as part of their path: | ||
# | ||
# %H - The node's certname. | ||
# %h - The portion of the node's certname before the first dot. (Usually the | ||
# node's short hostname.) | ||
# %d - The portion of the node's certname after the first dot. (Usually the | ||
# node's domain name.) | ||
|
||
# PERMISSIONS | ||
|
||
# Every static mount point should have an `allow *` line; setting more | ||
# granular permissions in this file is deprecated. Instead, you can | ||
# control file access in auth.conf by controlling the | ||
# /file_metadata/<mount point> and /file_content/<mount point> paths: | ||
# | ||
# path ~ ^/file_(metadata|content)/extra_files/ | ||
# auth yes | ||
# allow /^(.+)\.example\.com$/ | ||
# allow_ip 192.168.100.0/24 | ||
# | ||
# If added to auth.conf BEFORE the "path /file" rule, the rule above | ||
# will add stricter restrictions to the extra_files mount point. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,41 @@ | ||
# This file consists of arbitrarily named sections/modules | ||
# defining where files are served from and to whom | ||
|
||
# Define a section 'files' | ||
# Adapt the allow/deny settings to your needs. Order | ||
# for allow/deny does not matter, allow always takes precedence | ||
# over deny | ||
[files] | ||
path /var/lib/puppet/files | ||
# allow *.example.com | ||
# deny *.evil.example.com | ||
# allow 192.168.0.0/24 | ||
# fileserver.conf | ||
|
||
# Puppet automatically serves PLUGINS and FILES FROM MODULES: anything in | ||
# <module name>/files/<file name> is available to authenticated nodes at | ||
# puppet:///modules/<module name>/<file name>. You do not need to edit this | ||
# file to enable this. | ||
|
||
# MOUNT POINTS | ||
|
||
# If you need to serve files from a directory that is NOT in a module, | ||
# you must create a static mount point in this file: | ||
# | ||
# [extra_files] | ||
# path /etc/puppet/files | ||
# allow * | ||
# | ||
# In the example above, anything in /etc/puppet/files/<file name> would be | ||
# available to authenticated nodes at puppet:///extra_files/<file name>. | ||
# | ||
# Mount points may also use three placeholders as part of their path: | ||
# | ||
# %H - The node's certname. | ||
# %h - The portion of the node's certname before the first dot. (Usually the | ||
# node's short hostname.) | ||
# %d - The portion of the node's certname after the first dot. (Usually the | ||
# node's domain name.) | ||
|
||
# PERMISSIONS | ||
|
||
# Every static mount point should have an `allow *` line; setting more | ||
# granular permissions in this file is deprecated. Instead, you can | ||
# control file access in auth.conf by controlling the | ||
# /file_metadata/<mount point> and /file_content/<mount point> paths: | ||
# | ||
# path ~ ^/file_(metadata|content)/extra_files/ | ||
# auth yes | ||
# allow /^(.+)\.example\.com$/ | ||
# allow_ip 192.168.100.0/24 | ||
# | ||
# If added to auth.conf BEFORE the "path /file" rule, the rule above | ||
# will add stricter restrictions to the extra_files mount point. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,41 @@ | ||
# This file consists of arbitrarily named sections/modules | ||
# defining where files are served from and to whom | ||
|
||
# Define a section 'files' | ||
# Adapt the allow/deny settings to your needs. Order | ||
# for allow/deny does not matter, allow always takes precedence | ||
# over deny | ||
# [files] | ||
# path /var/lib/puppet/files | ||
# allow *.example.com | ||
# deny *.evil.example.com | ||
# allow 192.168.0.0/24 | ||
# fileserver.conf | ||
|
||
# Puppet automatically serves PLUGINS and FILES FROM MODULES: anything in | ||
# <module name>/files/<file name> is available to authenticated nodes at | ||
# puppet:///modules/<module name>/<file name>. You do not need to edit this | ||
# file to enable this. | ||
|
||
# MOUNT POINTS | ||
|
||
# If you need to serve files from a directory that is NOT in a module, | ||
# you must create a static mount point in this file: | ||
# | ||
# [extra_files] | ||
# path /etc/puppet/files | ||
# allow * | ||
# | ||
# In the example above, anything in /etc/puppet/files/<file name> would be | ||
# available to authenticated nodes at puppet:///extra_files/<file name>. | ||
# | ||
# Mount points may also use three placeholders as part of their path: | ||
# | ||
# %H - The node's certname. | ||
# %h - The portion of the node's certname before the first dot. (Usually the | ||
# node's short hostname.) | ||
# %d - The portion of the node's certname after the first dot. (Usually the | ||
# node's domain name.) | ||
|
||
# PERMISSIONS | ||
|
||
# Every static mount point should have an `allow *` line; setting more | ||
# granular permissions in this file is deprecated. Instead, you can | ||
# control file access in auth.conf by controlling the | ||
# /file_metadata/<mount point> and /file_content/<mount point> paths: | ||
# | ||
# path ~ ^/file_(metadata|content)/extra_files/ | ||
# auth yes | ||
# allow /^(.+)\.example\.com$/ | ||
# allow_ip 192.168.100.0/24 | ||
# | ||
# If added to auth.conf BEFORE the "path /file" rule, the rule above | ||
# will add stricter restrictions to the extra_files mount point. |