ReleaseEngineering/PuppetAgain/Modules/security
From MozillaWiki
< ReleaseEngineering | PuppetAgain | Modules
Every host has a "security level", one of low, medium, high, or maximum.
Setting The Level
The default level for all hosts is given by $config::default_security_level, which defaults to medium. This can be overridden on a per-node basis with $node_security_level:
node 'foo.bar.com" { $node_security_level = 'high' include toplevel::server::thingie }
Getting The Level
All PuppetAgain modules are encouraged to configure themselves differently depending on the security level. This can be done either with the string in $security::level:
class "something" { include ::security case $::security::level { low: {..} medium: {..} high: {..} maximum: {..} } }
or with booleans for each level (which have an implicit "or higher"):
class "something" { include ::security if $::security::high { .. # do this on high and maximum hosts only } }