Hi Matt, I've not tried it myself, but https://puppet.com/docs/puppetserver/5.3/config_file_auth.html#hocon-example with a `match-request` selecting the hostname and a backreference in the `allow` section seems the new way to do this.
Cheers, David On Thu, Nov 15, 2018 at 9:44 PM Matt Zagrabelny <[email protected]> wrote: > Greetings! > > I'm working on migrating my puppet 3.7 environment to puppet 5.5 (Debian > testing.) > > How are folks serving private per-node data in puppet 5? (i.e. ssh keys, > apache cert and key, etc.) > > In both puppet 2.7 and 3.7 I've used: > > $ cat /etc/puppet/fileserver.conf > # This file consists of arbitrarily named sections/modules > # defining where files are served from and to whom > > [private] > path /etc/puppet/environments/production/private/%H > allow * > > Have things changed since then? Are there better (or more idiomatic) ways > of serving up private per-node files? > > Ideally I would also be able to use the environment to adjust the mount > point. Hand-wavy magic: > path /etc/puppet/environments/%E/private/%H > > Hiera has support for top level variables. Our ENC exposes the > environmentt: > "environments/%{::environment}/node/%{clientcert}" > > Thanks for any hints, help, or discussion! > > -m > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/CAOLfK3V1Ff9%3DQo%2BAUO72_UEvJE%2BakR6eKgTmW_PVr021Y8zcvg%40mail.gmail.com > <https://groups.google.com/d/msgid/puppet-users/CAOLfK3V1Ff9%3DQo%2BAUO72_UEvJE%2BakR6eKgTmW_PVr021Y8zcvg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- Cheers, David https://twitter.com/dev_el_ops -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CALF7fHYK%3DvAp19mHN-mcHtCHtw9uQsGsf30EcL1n6YAqRrRQXA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
