Still no luck. Hiera is now matching (it wasn't before):
root@puppet:/# puppet lookup permitroot_config --node
lhcsrvprdcms01.fixnetix.com
---
- Match Address xx.xx.xx.xx
- PermitRootLogin without-password
I had to change the YAML file slightly to:
permitroot_config:
- 'Match Address xx.xx.xx.xx'
- 'PermitRootLogin without-password'
From:
permitroot:permitroot_config
- 'Match Address xx.xx.xx.xx'
- 'PermitRootLogin without-password'
Thanks for the tip! I have been using PDK.
On Friday, July 31, 2020 at 4:25:13 PM UTC+1, A Manzer wrote:
>
> I've noticed two other things that may need fixing:
>
> - It may be a copy and paste error, but you don't close your Match
> Address string in the pasted Hiera file above. That would cause your Yaml
> to be incorrect, and probably ignored.
> - In site.pp, you use the resource-like syntax for including the class.
> I'm not sure what this does for automatic hiera parameter lookup, but it's
> usually safer to use include syntax instead. I'd change your entry in
> site.pp to be
>
>
> node lhcsrvprdcms01.domain.com {
> include permitroot
> }
>
> BTW, out of curiosity, are you using the Puppet PDK
> <https://puppet.com/docs/pdk/1.x/pdk.html> to develop this module? It
> brings *a lot* of boilerplate, but it also brings things like Yaml syntax
> validating and syntax validating that might help you out while you're
> learning.
>
> On Friday, July 31, 2020 at 10:46:13 AM UTC-4, Dan Crisp wrote:
>>
>> Thanks for the reply.
>>
>> Unfortunately although my YAML file didn't have the .yaml suffix and I
>> didn't have a data directory, after making the necessary changes, the same
>> problem persists:
>>
>> Error: Could not retrieve catalog from remote server: Error 500 on
>> SERVER: Server Error: Evaluation Error: Error while evaluating a Resource
>> Statement, Class[Permitroot]: expects a value for parameter
>> 'permitroot_config' (file:
>> /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 49,
>> column: 3) on node lhcsrvprdcms01.fixnetix
>>
>> # pwd
>> /etc/puppetlabs/code/environments/production
>>
>> # ll data/nodes/lhcsrvprdcms01.fixnetix.com.yaml
>> -rw-r--r--. 1 root root 103 Jul 30 12:09
>> data/nodes/lhcsrvprdcms01.fixnetix.com.yaml
>>
>>
>> On Friday, July 31, 2020 at 2:15:18 PM UTC+1, A Manzer wrote:
>>>
>>> You need to put your nodes hiera folder under a data folder. (*All*
>>> your hiera data goes under a data folder.)
>>>
>>> Also, ensure that your yaml file is named lhcsrvprdcms01.domain.com.yaml.
>>> You need the *full* node name, *and* the .yaml at the end for hiera to
>>> find it. That's tripped me up a few times...
>>>
>>> On Thursday, July 30, 2020 at 10:43:13 AM UTC-4, Dan Crisp wrote:
>>>>
>>>> Hello experts,
>>>>
>>>> I'm struggling with some node specific heria. I basically want to add
>>>> the following lines to a number of nodes:
>>>>
>>>> Match Address xx.xx.xx.xx
>>>> PermitRootLogin without-password
>>>>
>>>> I have the following in place in an attempt to acheive this:
>>>>
>>>> # pwd
>>>>
>>>> /etc/puppetlabs/code/environments/production/modules/permitroot/manifests
>>>>
>>>> # more *
>>>>
>>>> ::::::::::::::
>>>> config.pp
>>>> ::::::::::::::
>>>> class permitroot::config (
>>>> $config_path = $permitroot::params::config_path
>>>> ) inherits permitroot::params {
>>>> if $facts['os']['release']['major'] =~ /7/ {
>>>> file { 'Update SSHD PermitRoot':
>>>> ensure => $permitroot::config_present,
>>>> path => $permitroot::config_path,
>>>> content => $permitroot::permitroot_config.join("\n"),
>>>> owner => root,
>>>> group => root,
>>>> mode => '0600'
>>>> }
>>>> } else {
>>>> notice ('Assuming RHEL 6.x thus taking no action')
>>>> }
>>>> }
>>>> ::::::::::::::
>>>> init.pp
>>>> ::::::::::::::
>>>> class permitroot (
>>>> $service_name = $permitroot::params::service_name,
>>>> $config_path = $permitroot::params::config_path,
>>>> Array[String] $permitroot_config,
>>>> String $service_ensure,
>>>> Boolean $service_enable,
>>>> Boolean $service_hasrestart,
>>>> ) inherits permitroot::params {
>>>> contain permitroot::config
>>>> contain permitroot::service
>>>>
>>>> Class['permitroot::config']
>>>> -> Class['permitroot::service']
>>>> }
>>>> ::::::::::::::
>>>> params.pp
>>>> ::::::::::::::
>>>> class permitroot::params {
>>>> $service_name = 'sshd'
>>>> $config_path = '/etc/ssh/sshd_config'
>>>> }
>>>> ::::::::::::::
>>>> service.pp
>>>> ::::::::::::::
>>>> class permitroot::service (
>>>> $service_name = $permitroot::params::service_name,
>>>> ) inherits permitroot::params {
>>>> service {'permitroot_service':
>>>> name => $service_name,
>>>> ensure => $permitroot::service_ensure,
>>>> enable => $permitroot::service_enable,
>>>> hasrestart => $permitroot::service_hasrestart,
>>>> }
>>>> }
>>>>
>>>> This is probably not the best method and I'm still learning and don't
>>>> want to use a module that has already been created by someone else at this
>>>> point.
>>>>
>>>> Here is the node specific heria:
>>>>
>>>> # pwd
>>>> /etc/puppetlabs/code/environments/production/nodes
>>>>
>>>> # more *
>>>> permitroot::permitroot_config:
>>>> - 'Match Address xx.xx.xx.xx
>>>> - 'PermitRootLogin without-password'
>>>>
>>>> Hiera file:
>>>>
>>>> # pwd
>>>> /etc/puppetlabs/code/environments/production
>>>>
>>>> # more hiera.yaml
>>>> ---
>>>> version: 5
>>>> defaults:
>>>> # The default value for "datadir" is "data" under the same directory
>>>> as the hiera.yaml
>>>> # file (this file)
>>>> # When specifying a datadir, make sure the directory exists.
>>>> # See https://puppet.com/docs/puppet/latest/environments_about.html
>>>> for further details on environments.
>>>> #datadir: data
>>>> data_hash: yaml_data
>>>> hierarchy:
>>>> - name: "Per-node data" # Human-readable name.
>>>> path: "nodes/%{trusted.certname}.yaml" # File path, relative to
>>>> datadir.
>>>>
>>>> - name: "Per-OS defaults"
>>>> path: "os/%{facts.os.family}.yaml"
>>>>
>>>> - name: "Common data"
>>>> path: "common.yaml"
>>>>
>>>> Site.pp file:
>>>>
>>>> # more site.pp
>>>> ...
>>>> ...
>>>> ...
>>>> node lhcsrvprdcms01.domain.com {
>>>> class { 'permitroot': }
>>>> }
>>>>
>>>> When I run the puppet agent on the server about were I want the new
>>>> vaules added, I see the see returned the following:
>>>>
>>>> # puppet agent --no-daemonize --onetime --verbose --noop
>>>> Info: Using configured environment 'production'
>>>> Info: Retrieving pluginfacts
>>>> Info: Retrieving plugin
>>>> Info: Retrieving locales
>>>> Info: Loading facts
>>>> Error: Could not retrieve catalog from remote server: Error 500 on
>>>> SERVER: Server Error: Evaluation Error: Error while evaluating a Resource
>>>> Statement, Class[Permitroot]: expects a value for parameter
>>>> 'permitroot_config' (file:
>>>> /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 49,
>>>> column: 3) on node lhcsrvprdcms01.fixnetix.com
>>>> Info: Using cached catalog from environment 'production'
>>>> Info: Applying configuration version '1596101172'
>>>> Notice: Applied catalog in 2.39 seconds
>>>>
>>>> Any help here would be appreciated.
>>>>
>>>> Thanks,
>>>> Dan.
>>>>
>>>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/eff35ada-b1af-44e7-81d4-49db44fe4fdeo%40googlegroups.com.
