ahoiHGF
November 10, 2022, 12:31pm
#1
Problem:
I want to install the remote execution plugin on a foreman-proxy, which fails during installation.
2022-11-10 13:26:29 [ERROR ] [configure] Evaluation Error: Error while evaluating a Method call, 'regsubst' parameter 'target' expects a value of type Array or String, got Undef (file: /usr/share/foreman-installer/modules/foreman/manifests/plugin/tasks.pp, line: 18, column: 56) on node proxy1.example.org
and
2022-11-10 13:26:29 [DEBUG ] [configure] Unknown variable: 'foreman::params::plugin_prefix'. (file: /usr/share/foreman-installer/modules/foreman/manifests/plugin/tasks.pp, line: 18, column: 16)
2022-11-10 13:26:29 [ERROR ] [configure] Evaluation Error: Error while evaluating a Method call, 'regsubst' parameter 'target' expects a value of type Array or String, got Undef (file: /usr/share/foreman-installer/modules/foreman/manifests/plugin/tasks.pp, line: 18, column: 56) on proxy1.example.org
Expected outcome:
Working remote execution plugin.
Foreman and Proxy versions:
Version
3.0.2
Active features
Discovery
Dynflow
Logs
Puppet
Puppet CA
Registration
SSH
Templates
TFTP
Foreman and Proxy plugin versions:
Version
1.0.5
Version
0.5.2
Version
3.0.2
Version
0.4.1
Version
3.0.2
TFTP server
false
Version
3.0.2
Distribution and version:
Other relevant data:
evgeni
November 10, 2022, 12:32pm
#2
The proxy only needs the proxy plugin, not the foreman plugin which you seem to be enabling.
What is your Installer command line?
ahoiHGF
November 10, 2022, 12:39pm
#3
I used:
foreman-installer --enable-foreman-plugin-remote-execution --enable-foreman-proxy-plugin-remote-execution-ssh
This is the /etc/foreman-installer/scenarios.d/foreman-answers.yaml
# Format:
# <classname>: false - don't include this class
# <classname>: true - include and use the defaults
# <classname>:
# <param>: <value> - include and override the default(s)
#
# See params.pp in each class for what options are available
---
foreman: false
foreman::cli: false
foreman::cli::ansible: false
foreman::cli::azure: false
foreman::cli::discovery: false
foreman::cli::kubevirt: false
foreman::cli::openscap: false
foreman::cli::puppet: false
foreman::cli::remote_execution: false
foreman::cli::tasks: false
foreman::cli::templates: false
foreman::cli::webhooks: false
foreman_proxy:
version: present
ensure_packages_version: present
bind_host:
- "*"
http_port: 8000
ssl_port: 8443
groups: []
log: "/var/log/foreman-proxy/proxy.log"
log_level: INFO
log_buffer: 2000
log_buffer_errors: 1000
http: true
ssl: true
ssl_ca: "/etc/foreman-proxy/ca.pem"
ssl_cert: "/etc/foreman-proxy/cert.pem"
ssl_key: "/etc/foreman-proxy/key.pem"
foreman_ssl_ca: "/etc/foreman-proxy/ca.pem"
foreman_ssl_cert: "/etc/foreman-proxy/cert.pem"
foreman_ssl_key: "/etc/foreman-proxy/key.pem"
trusted_hosts:
- foreman.example.org
ssl_disabled_ciphers: []
tls_disabled_versions: []
manage_sudoersd: true
use_sudoersd: true
use_sudoers: true
puppetca: true
puppetca_listen_on: https
ssldir: "/etc/puppetlabs/puppet/ssl"
puppetdir: "/etc/puppetlabs/puppet"
puppetca_cmd: "/opt/puppetlabs/bin/puppet cert"
puppet_group: puppet
puppetca_provider: puppetca_hostname_whitelisting
autosignfile: "/etc/puppetlabs/puppet/autosign.conf"
puppetca_sign_all: false
puppetca_tokens_file: "/var/lib/foreman-proxy/tokens.yml"
puppetca_token_ttl: 360
puppetca_certificate:
manage_puppet_group: true
puppet: true
puppet_listen_on: https
puppet_url: https://proxy1.example.org:8140
puppet_ssl_ca: "/etc/puppetlabs/puppet/ssl/certs/ca.pem"
puppet_ssl_cert: "/etc/puppetlabs/puppet/ssl/certs/proxy1.example.org.pem"
puppet_ssl_key: "/etc/puppetlabs/puppet/ssl/private_keys/proxy1.example.org.pem"
puppet_api_timeout: 30
templates: true
templates_listen_on: both
template_url: http://proxy1.example.org:8000
registration: true
registration_listen_on: https
logs: true
logs_listen_on: https
httpboot: false
httpboot_listen_on: both
tftp: true
tftp_listen_on: https
tftp_managed: true
tftp_manage_wget: true
tftp_syslinux_filenames:
- "/usr/share/syslinux/chain.c32"
- "/usr/share/syslinux/mboot.c32"
- "/usr/share/syslinux/menu.c32"
- "/usr/share/syslinux/memdisk"
- "/usr/share/syslinux/pxelinux.0"
tftp_root: "/var/lib/tftpboot"
tftp_dirs:
- "/var/lib/tftpboot/pxelinux.cfg"
- "/var/lib/tftpboot/grub"
- "/var/lib/tftpboot/grub2"
- "/var/lib/tftpboot/boot"
- "/var/lib/tftpboot/ztp.cfg"
- "/var/lib/tftpboot/poap.cfg"
tftp_servername:
tftp_replace_grub2_cfg: false
dhcp: false
dhcp_listen_on: https
dhcp_managed: true
dhcp_provider: isc
dhcp_subnets: []
dhcp_ping_free_ip: true
dhcp_option_domain:
- example.org
dhcp_search_domains:
dhcp_interface: ens32
dhcp_additional_interfaces: []
dhcp_gateway:
dhcp_range:
dhcp_pxeserver:
dhcp_pxefilename: pxelinux.0
dhcp_network:
dhcp_netmask:
dhcp_nameservers: default
dhcp_server: 127.0.0.1
dhcp_config: "/etc/dhcp/dhcpd.conf"
dhcp_leases: "/var/lib/dhcpd/dhcpd.leases"
dhcp_key_name:
dhcp_key_secret:
dhcp_omapi_port: 7911
dhcp_peer_address:
dhcp_node_type: standalone
dhcp_failover_address: 10.11.50.50
dhcp_failover_port: 519
dhcp_max_response_delay: 30
dhcp_max_unacked_updates: 10
dhcp_mclt: 300
dhcp_load_split: 255
dhcp_load_balance: 3
dhcp_manage_acls: true
dns: false
dns_listen_on: https
dns_managed: true
dns_provider: nsupdate
dns_interface: ens32
dns_zone: example.org
dns_reverse:
dns_server: 127.0.0.1
dns_ttl: 86400
dns_tsig_keytab: "/etc/foreman-proxy/dns.keytab"
dns_tsig_principal: foremanproxy/proxy1.example.org@HOGREFE.DE
dns_forwarders: []
libvirt_network: default
libvirt_connection: qemu:///system
bmc: false
bmc_listen_on: https
bmc_default_provider: ipmitool
bmc_ssh_user: root
bmc_ssh_key: "/usr/share/foreman/.ssh/id_rsa"
bmc_ssh_powerstatus: 'true'
bmc_ssh_powercycle: shutdown -r +1
bmc_ssh_poweroff: shutdown +1
bmc_ssh_poweron: 'false'
realm: false
realm_listen_on: https
realm_provider: freeipa
realm_keytab: "/etc/foreman-proxy/freeipa.keytab"
realm_principal: realm-proxy@EXAMPLE.COM
freeipa_config: "/etc/ipa/default.conf"
freeipa_remove_dns: true
keyfile: "/etc/rndc.key"
register_in_foreman: true
foreman_base_url: https://foreman.example.org
registered_name: proxy1.example.org
registered_proxy_url:
oauth_effective_user: admin
oauth_consumer_key: c4ay2TbSGSaF4nMZ9wYR3Hs7em8Mpaw2
oauth_consumer_secret: JKVPDK23GtU52yyUZXB4PQqfuFp9Htg2
puppet:
version: present
user: puppet
group: puppet
dir: "/etc/puppetlabs/puppet"
codedir: "/etc/puppetlabs/code"
vardir: "/opt/puppetlabs/puppet/cache"
logdir: "/var/log/puppetlabs/puppet"
rundir: "/var/run/puppetlabs"
ssldir: "/etc/puppetlabs/puppet/ssl"
sharedir: "/opt/puppetlabs/puppet"
manage_packages: true
dir_owner: root
dir_group:
package_provider:
package_install_options:
package_source:
port: 8140
pluginsync: true
splay: false
splaylimit: 1800
autosign: "/etc/puppetlabs/puppet/autosign.conf"
autosign_entries: []
autosign_mode: '0664'
autosign_content:
autosign_source:
runinterval: 1800
usecacheonfailure: true
runmode: service
run_hour:
run_minute:
unavailable_runmodes: []
cron_cmd:
systemd_cmd:
systemd_randomizeddelaysec: 0
agent_noop: false
show_diff: false
module_repository:
http_connect_timeout:
http_read_timeout:
ca_server:
ca_port:
ca_crl_filepath:
prerun_command:
postrun_command:
dns_alt_names: []
use_srv_records: false
srv_domain: example.org
pluginsource: puppet:///plugins
pluginfactsource: puppet:///pluginfacts
additional_settings: {}
agent_additional_settings: {}
agent_restart_command: "/usr/bin/systemctl reload-or-restart puppet"
classfile: "$statedir/classes.txt"
hiera_config: "$confdir/hiera.yaml"
auth_template: puppet/auth.conf.erb
allow_any_crl_auth: false
auth_allowed:
- "$1"
client_package:
- puppet-agent
agent: true
remove_lock: true
report: true
client_certname: proxy1.example.org
puppetmaster:
systemd_unit_name: puppet-run
service_name: puppet
syslogfacility:
environment: production
server: true
server_admin_api_whitelist:
- localhost
- proxy1.example.org
server_manage_user: true
server_user: puppet
server_group: puppet
server_dir: "/etc/puppetlabs/puppet"
server_ip: 0.0.0.0
server_port: 8140
server_ca: true
server_ca_crl_sync: false
server_crl_enable:
server_ca_auth_required: true
server_ca_client_self_delete: false
server_ca_client_whitelist:
- localhost
- proxy1.example.org
server_custom_trusted_oid_mapping:
server_http: false
server_http_port: 8139
server_reports: foreman
server_puppetserver_dir: "/etc/puppetlabs/puppetserver"
server_puppetserver_vardir: "/opt/puppetlabs/server/data/puppetserver"
server_puppetserver_rundir: "/var/run/puppetlabs/puppetserver"
server_puppetserver_logdir: "/var/log/puppetlabs/puppetserver"
server_puppetserver_version:
server_external_nodes: "/etc/puppetlabs/puppet/node.rb"
server_trusted_external_command:
server_cipher_suites:
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA
server_config_version:
server_connect_timeout: 120000
server_git_repo: false
server_default_manifest: false
server_default_manifest_path: "/etc/puppet/manifests/default_manifest.pp"
server_default_manifest_content: ''
server_environments_owner: puppet
server_environments_group:
server_environments_mode: '0755'
server_envs_dir: "/etc/puppetlabs/code/environments"
server_envs_target:
server_common_modules_path:
- "/etc/puppetlabs/code/environments/common"
- "/etc/puppetlabs/code/modules"
- "/opt/puppetlabs/puppet/modules"
- "/usr/share/puppet/modules"
server_git_repo_mode: '0755'
server_git_repo_path: "/opt/puppetlabs/puppet/cache/puppet.git"
server_git_repo_group: puppet
server_git_repo_user: puppet
server_git_branch_map: {}
server_idle_timeout: 1200000
server_post_hook_content: puppet/server/post-receive.erb
server_post_hook_name: post-receive
server_storeconfigs: false
server_ruby_load_paths:
- "/opt/puppetlabs/puppet/lib/ruby/vendor_ruby"
server_ssl_dir: "/etc/puppetlabs/puppet/ssl"
server_ssl_dir_manage: true
server_ssl_key_manage: true
server_ssl_protocols:
- TLSv1.2
server_ssl_chain_filepath:
server_package:
server_version:
server_certname: proxy1.example.org
server_request_timeout: 60
server_strict_variables: false
server_additional_settings: {}
server_foreman: true
server_foreman_url: https://foreman.example.org
server_foreman_ssl_ca: "/etc/foreman-proxy/ca.pem"
server_foreman_ssl_cert: "/etc/foreman-proxy/cert.pem"
server_foreman_ssl_key: "/etc/foreman-proxy/key.pem"
server_foreman_facts: true
server_puppet_basedir: "/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet"
server_parser: current
server_environment_timeout:
server_jvm_java_bin: "/usr/bin/java"
server_jvm_config: "/etc/sysconfig/puppetserver"
server_jvm_min_heap_size: 2G
server_jvm_max_heap_size: 2G
server_jvm_extra_args:
- "-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"
- "-XX:ReservedCodeCacheSize=512m"
server_jvm_cli_args:
server_jruby_gem_home: "/opt/puppetlabs/server/data/puppetserver/jruby-gems"
server_max_active_instances: 4
server_max_requests_per_instance: 0
server_max_queued_requests: 0
server_max_retry_delay: 1800
server_multithreaded: false
server_use_legacy_auth_conf: false
server_check_for_updates: true
server_environment_class_cache_enabled: false
server_allow_header_cert_info: false
server_web_idle_timeout: 30000
server_puppetserver_jruby9k: false
server_puppetserver_metrics: false
server_puppetserver_profiler: false
server_metrics_jmx_enable: true
server_metrics_graphite_enable: false
server_metrics_graphite_host: 127.0.0.1
server_metrics_graphite_port: 2003
server_metrics_server_id: proxy1.example.org
server_metrics_graphite_interval: 5
server_metrics_allowed:
server_puppetserver_experimental: true
server_puppetserver_auth_template:
server_puppetserver_trusted_agents: []
server_puppetserver_trusted_certificate_extensions: []
server_compile_mode:
server_acceptor_threads:
server_selector_threads:
server_ssl_acceptor_threads:
server_ssl_selector_threads:
server_max_threads:
server_ca_allow_sans: false
server_ca_allow_auth_extensions: false
server_ca_enable_infra_crl: false
server_max_open_files:
server_versioned_code_id:
server_versioned_code_content:
foreman::plugin::acd: false
foreman::plugin::ansible: false
foreman::plugin::azure: false
foreman::plugin::bootdisk: false
foreman::plugin::chef: false
foreman::plugin::column_view: false
foreman::plugin::default_hostgroup: false
foreman::plugin::dhcp_browser: false
foreman::plugin::discovery: false
foreman::plugin::expire_hosts: false
foreman::plugin::hooks: false
foreman::plugin::host_extra_validator: false
foreman::plugin::kubevirt: false
foreman::plugin::leapp: false
foreman::plugin::memcache: false
foreman::plugin::monitoring: false
foreman::plugin::omaha: false
foreman::plugin::openscap: false
foreman::plugin::ovirt_provision: false
foreman::plugin::puppet: false
foreman::plugin::puppetdb: false
foreman::plugin::remote_execution: {}
foreman::plugin::remote_execution::cockpit: false
foreman::plugin::salt: false
foreman::plugin::setup: false
foreman::plugin::snapshot_management: false
foreman::plugin::statistics: false
foreman::plugin::tasks: false
foreman::plugin::templates: false
foreman::plugin::webhooks: false
foreman::compute::ec2: false
foreman::compute::gce: false
foreman::compute::libvirt: false
foreman::compute::openstack: false
foreman::compute::ovirt: false
foreman::compute::vmware: false
foreman_proxy::plugin::acd: false
foreman_proxy::plugin::ansible: false
foreman_proxy::plugin::chef: false
foreman_proxy::plugin::dhcp::infoblox: false
foreman_proxy::plugin::dhcp::remote_isc: false
foreman_proxy::plugin::discovery:
install_images: true
tftp_root: "/var/lib/tftpboot"
source_url: http://downloads.theforeman.org/discovery/releases/latest/
image_name: fdi-image-latest.tar
foreman_proxy::plugin::dns::infoblox: false
foreman_proxy::plugin::dns::powerdns: false
foreman_proxy::plugin::dynflow: false
foreman_proxy::plugin::monitoring: false
foreman_proxy::plugin::omaha: false
foreman_proxy::plugin::openscap: false
foreman_proxy::plugin::remote_execution::ssh:
enabled: true
listen_on: https
generate_keys: true
install_key: false
ssh_identity_dir: "/var/lib/foreman-proxy/ssh"
ssh_identity_file: id_rsa_foreman_proxy
ssh_keygen: "/usr/bin/ssh-keygen"
local_working_dir: "/var/tmp"
remote_working_dir: "/var/tmp"
ssh_kerberos_auth: false
async_ssh: false
foreman_proxy::plugin::salt: false
foreman_proxy::plugin::shellhooks: false
and this is the version I used before trying to install the plugin: This does not produce any errors:
# Format:
# <classname>: false - don't include this class
# <classname>: true - include and use the defaults
# <classname>:
# <param>: <value> - include and override the default(s)
#
# See params.pp in each class for what options are available
---
foreman: false
foreman::cli: false
foreman::cli::ansible: false
foreman::cli::azure: false
foreman::cli::discovery: false
foreman::cli::kubevirt: false
foreman::cli::openscap: false
foreman::cli::puppet: false
foreman::cli::remote_execution: false
foreman::cli::tasks: false
foreman::cli::templates: false
foreman::cli::webhooks: false
foreman_proxy:
version: present
ensure_packages_version: present
bind_host:
- "*"
http_port: 8000
ssl_port: 8443
groups: []
log: "/var/log/foreman-proxy/proxy.log"
log_level: INFO
log_buffer: 2000
log_buffer_errors: 1000
http: true
ssl: true
ssl_ca: "/etc/foreman-proxy/ca.pem"
ssl_cert: "/etc/foreman-proxy/cert.pem"
ssl_key: "/etc/foreman-proxy/key.pem"
foreman_ssl_ca: "/etc/foreman-proxy/ca.pem"
foreman_ssl_cert: "/etc/foreman-proxy/cert.pem"
foreman_ssl_key: "/etc/foreman-proxy/key.pem"
trusted_hosts:
- foreman.example.org
ssl_disabled_ciphers: []
tls_disabled_versions: []
manage_sudoersd: true
use_sudoersd: true
use_sudoers: true
puppetca: true
puppetca_listen_on: https
ssldir: "/etc/puppetlabs/puppet/ssl"
puppetdir: "/etc/puppetlabs/puppet"
puppetca_cmd: "/opt/puppetlabs/bin/puppet cert"
puppet_group: puppet
puppetca_provider: puppetca_hostname_whitelisting
autosignfile: "/etc/puppetlabs/puppet/autosign.conf"
puppetca_sign_all: false
puppetca_tokens_file: "/var/lib/foreman-proxy/tokens.yml"
puppetca_token_ttl: 360
puppetca_certificate:
manage_puppet_group: true
puppet: true
puppet_listen_on: https
puppet_url: https://proxy1.example.org:8140
puppet_ssl_ca: "/etc/puppetlabs/puppet/ssl/certs/ca.pem"
puppet_ssl_cert: "/etc/puppetlabs/puppet/ssl/certs/proxy1.example.org.pem"
puppet_ssl_key: "/etc/puppetlabs/puppet/ssl/private_keys/proxy1.example.org.pem"
puppet_api_timeout: 30
templates: true
templates_listen_on: both
template_url: http://proxy1.example.org:8000
registration: true
registration_listen_on: https
logs: true
logs_listen_on: https
httpboot: false
httpboot_listen_on: both
tftp: true
tftp_listen_on: https
tftp_managed: true
tftp_manage_wget: true
tftp_syslinux_filenames:
- "/usr/share/syslinux/chain.c32"
- "/usr/share/syslinux/mboot.c32"
- "/usr/share/syslinux/menu.c32"
- "/usr/share/syslinux/memdisk"
- "/usr/share/syslinux/pxelinux.0"
tftp_root: "/var/lib/tftpboot"
tftp_dirs:
- "/var/lib/tftpboot/pxelinux.cfg"
- "/var/lib/tftpboot/grub"
- "/var/lib/tftpboot/grub2"
- "/var/lib/tftpboot/boot"
- "/var/lib/tftpboot/ztp.cfg"
- "/var/lib/tftpboot/poap.cfg"
tftp_servername:
tftp_replace_grub2_cfg: false
dhcp: false
dhcp_listen_on: https
dhcp_managed: true
dhcp_provider: isc
dhcp_subnets: []
dhcp_ping_free_ip: true
dhcp_option_domain:
- example.org
dhcp_search_domains:
dhcp_interface: ens32
dhcp_additional_interfaces: []
dhcp_gateway:
dhcp_range:
dhcp_pxeserver:
dhcp_pxefilename: pxelinux.0
dhcp_network:
dhcp_netmask:
dhcp_nameservers: default
dhcp_server: 127.0.0.1
dhcp_config: "/etc/dhcp/dhcpd.conf"
dhcp_leases: "/var/lib/dhcpd/dhcpd.leases"
dhcp_key_name:
dhcp_key_secret:
dhcp_omapi_port: 7911
dhcp_peer_address:
dhcp_node_type: standalone
dhcp_failover_address: 10.11.50.50
dhcp_failover_port: 519
dhcp_max_response_delay: 30
dhcp_max_unacked_updates: 10
dhcp_mclt: 300
dhcp_load_split: 255
dhcp_load_balance: 3
dhcp_manage_acls: true
dns: false
dns_listen_on: https
dns_managed: true
dns_provider: nsupdate
dns_interface: ens32
dns_zone: example.org
dns_reverse:
dns_server: 127.0.0.1
dns_ttl: 86400
dns_tsig_keytab: "/etc/foreman-proxy/dns.keytab"
dns_tsig_principal: foremanproxy/proxy1.example.org@HOGREFE.DE
dns_forwarders: []
libvirt_network: default
libvirt_connection: qemu:///system
bmc: false
bmc_listen_on: https
bmc_default_provider: ipmitool
bmc_ssh_user: root
bmc_ssh_key: "/usr/share/foreman/.ssh/id_rsa"
bmc_ssh_powerstatus: 'true'
bmc_ssh_powercycle: shutdown -r +1
bmc_ssh_poweroff: shutdown +1
bmc_ssh_poweron: 'false'
realm: false
realm_listen_on: https
realm_provider: freeipa
realm_keytab: "/etc/foreman-proxy/freeipa.keytab"
realm_principal: realm-proxy@EXAMPLE.COM
freeipa_config: "/etc/ipa/default.conf"
freeipa_remove_dns: true
keyfile: "/etc/rndc.key"
register_in_foreman: true
foreman_base_url: https://foreman.example.org
registered_name: proxy1.example.org
registered_proxy_url:
oauth_effective_user: admin
oauth_consumer_key: c4ay2TbSGSaF4nMZ9wYR3Hs7em8Mpaw2
oauth_consumer_secret: JKVPDK23GtU52yyUZXB4PQqfuFp9Htg2
puppet:
version: present
user: puppet
group: puppet
dir: "/etc/puppetlabs/puppet"
codedir: "/etc/puppetlabs/code"
vardir: "/opt/puppetlabs/puppet/cache"
logdir: "/var/log/puppetlabs/puppet"
rundir: "/var/run/puppetlabs"
ssldir: "/etc/puppetlabs/puppet/ssl"
sharedir: "/opt/puppetlabs/puppet"
manage_packages: true
dir_owner: root
dir_group:
package_provider:
package_install_options:
package_source:
port: 8140
pluginsync: true
splay: false
splaylimit: 1800
autosign: "/etc/puppetlabs/puppet/autosign.conf"
autosign_entries: []
autosign_mode: '0664'
autosign_content:
autosign_source:
runinterval: 1800
usecacheonfailure: true
runmode: service
run_hour:
run_minute:
unavailable_runmodes: []
cron_cmd:
systemd_cmd:
systemd_randomizeddelaysec: 0
agent_noop: false
show_diff: false
module_repository:
http_connect_timeout:
http_read_timeout:
ca_server:
ca_port:
ca_crl_filepath:
prerun_command:
postrun_command:
dns_alt_names: []
use_srv_records: false
srv_domain: example.org
pluginsource: puppet:///plugins
pluginfactsource: puppet:///pluginfacts
additional_settings: {}
agent_additional_settings: {}
agent_restart_command: "/usr/bin/systemctl reload-or-restart puppet"
classfile: "$statedir/classes.txt"
hiera_config: "$confdir/hiera.yaml"
auth_template: puppet/auth.conf.erb
allow_any_crl_auth: false
auth_allowed:
- "$1"
client_package:
- puppet-agent
agent: true
remove_lock: true
report: true
client_certname: proxy1.example.org
puppetmaster:
systemd_unit_name: puppet-run
service_name: puppet
syslogfacility:
environment: production
server: true
server_admin_api_whitelist:
- localhost
- proxy1.example.org
server_manage_user: true
server_user: puppet
server_group: puppet
server_dir: "/etc/puppetlabs/puppet"
server_ip: 0.0.0.0
server_port: 8140
server_ca: true
server_ca_crl_sync: false
server_crl_enable:
server_ca_auth_required: true
server_ca_client_self_delete: false
server_ca_client_whitelist:
- localhost
- proxy1.example.org
server_custom_trusted_oid_mapping:
server_http: false
server_http_port: 8139
server_reports: foreman
server_puppetserver_dir: "/etc/puppetlabs/puppetserver"
server_puppetserver_vardir: "/opt/puppetlabs/server/data/puppetserver"
server_puppetserver_rundir: "/var/run/puppetlabs/puppetserver"
server_puppetserver_logdir: "/var/log/puppetlabs/puppetserver"
server_puppetserver_version:
server_external_nodes: "/etc/puppetlabs/puppet/node.rb"
server_trusted_external_command:
server_cipher_suites:
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_128_CBC_SHA256
- TLS_RSA_WITH_AES_128_CBC_SHA
server_config_version:
server_connect_timeout: 120000
server_git_repo: false
server_default_manifest: false
server_default_manifest_path: "/etc/puppet/manifests/default_manifest.pp"
server_default_manifest_content: ''
server_environments_owner: puppet
server_environments_group:
server_environments_mode: '0755'
server_envs_dir: "/etc/puppetlabs/code/environments"
server_envs_target:
server_common_modules_path:
- "/etc/puppetlabs/code/environments/common"
- "/etc/puppetlabs/code/modules"
- "/opt/puppetlabs/puppet/modules"
- "/usr/share/puppet/modules"
server_git_repo_mode: '0755'
server_git_repo_path: "/opt/puppetlabs/puppet/cache/puppet.git"
server_git_repo_group: puppet
server_git_repo_user: puppet
server_git_branch_map: {}
server_idle_timeout: 1200000
server_post_hook_content: puppet/server/post-receive.erb
server_post_hook_name: post-receive
server_storeconfigs: false
server_ruby_load_paths:
- "/opt/puppetlabs/puppet/lib/ruby/vendor_ruby"
server_ssl_dir: "/etc/puppetlabs/puppet/ssl"
server_ssl_dir_manage: true
server_ssl_key_manage: true
server_ssl_protocols:
- TLSv1.2
server_ssl_chain_filepath:
server_package:
server_version:
server_certname: proxy1.example.org
server_request_timeout: 60
server_strict_variables: false
server_additional_settings: {}
server_foreman: true
server_foreman_url: https://foreman.example.org
server_foreman_ssl_ca: "/etc/foreman-proxy/ca.pem"
server_foreman_ssl_cert: "/etc/foreman-proxy/cert.pem"
server_foreman_ssl_key: "/etc/foreman-proxy/key.pem"
server_foreman_facts: true
server_puppet_basedir: "/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet"
server_parser: current
server_environment_timeout:
server_jvm_java_bin: "/usr/bin/java"
server_jvm_config: "/etc/sysconfig/puppetserver"
server_jvm_min_heap_size: 2G
server_jvm_max_heap_size: 2G
server_jvm_extra_args:
- "-Djruby.logger.class=com.puppetlabs.jruby_utils.jruby.Slf4jLogger"
- "-XX:ReservedCodeCacheSize=512m"
server_jvm_cli_args:
server_jruby_gem_home: "/opt/puppetlabs/server/data/puppetserver/jruby-gems"
server_max_active_instances: 4
server_max_requests_per_instance: 0
server_max_queued_requests: 0
server_max_retry_delay: 1800
server_multithreaded: false
server_use_legacy_auth_conf: false
server_check_for_updates: true
server_environment_class_cache_enabled: false
server_allow_header_cert_info: false
server_web_idle_timeout: 30000
server_puppetserver_jruby9k: false
server_puppetserver_metrics: false
server_puppetserver_profiler: false
server_metrics_jmx_enable: true
server_metrics_graphite_enable: false
server_metrics_graphite_host: 127.0.0.1
server_metrics_graphite_port: 2003
server_metrics_server_id: proxy1.example.org
server_metrics_graphite_interval: 5
server_metrics_allowed:
server_puppetserver_experimental: true
server_puppetserver_auth_template:
server_puppetserver_trusted_agents: []
server_puppetserver_trusted_certificate_extensions: []
server_compile_mode:
server_acceptor_threads:
server_selector_threads:
server_ssl_acceptor_threads:
server_ssl_selector_threads:
server_max_threads:
server_ca_allow_sans: false
server_ca_allow_auth_extensions: false
server_ca_enable_infra_crl: false
server_max_open_files:
server_versioned_code_id:
server_versioned_code_content:
foreman::plugin::acd: false
foreman::plugin::ansible: false
foreman::plugin::azure: false
foreman::plugin::bootdisk: false
foreman::plugin::chef: false
foreman::plugin::column_view: false
foreman::plugin::default_hostgroup: false
foreman::plugin::dhcp_browser: false
foreman::plugin::discovery: false
foreman::plugin::expire_hosts: false
foreman::plugin::hooks: false
foreman::plugin::host_extra_validator: false
foreman::plugin::kubevirt: false
foreman::plugin::leapp: false
foreman::plugin::memcache: false
foreman::plugin::monitoring: false
foreman::plugin::omaha: false
foreman::plugin::openscap: false
foreman::plugin::ovirt_provision: false
foreman::plugin::puppet: false
foreman::plugin::puppetdb: false
foreman::plugin::remote_execution: false
foreman::plugin::remote_execution::cockpit: false
foreman::plugin::salt: false
foreman::plugin::setup: false
foreman::plugin::snapshot_management: false
foreman::plugin::statistics: false
foreman::plugin::tasks: false
foreman::plugin::templates: false
foreman::plugin::webhooks: false
foreman::compute::ec2: false
foreman::compute::gce: false
foreman::compute::libvirt: false
foreman::compute::openstack: false
foreman::compute::ovirt: false
foreman::compute::vmware: false
foreman_proxy::plugin::acd: false
foreman_proxy::plugin::ansible: false
foreman_proxy::plugin::chef: false
foreman_proxy::plugin::dhcp::infoblox: false
foreman_proxy::plugin::dhcp::remote_isc: false
foreman_proxy::plugin::discovery:
install_images: true
tftp_root: "/var/lib/tftpboot"
source_url: http://downloads.theforeman.org/discovery/releases/latest/
image_name: fdi-image-latest.tar
foreman_proxy::plugin::dns::infoblox: false
foreman_proxy::plugin::dns::powerdns: false
foreman_proxy::plugin::dynflow: false
foreman_proxy::plugin::monitoring: false
foreman_proxy::plugin::omaha: false
foreman_proxy::plugin::openscap: false
foreman_proxy::plugin::remote_execution::ssh: false
foreman_proxy::plugin::salt: false
foreman_proxy::plugin::shellhooks: false
evgeni
November 11, 2022, 9:08am
#4
Right, but --enable-foreman-plugin-remote-execution is for the Foreman plugin, you do not want that. You only need --enable-foreman-proxy-plugin-remote-execution-ssh.
Can you give it another run with --no-enable-foreman-plugin-remote-execution?
1 Like
