Canmove, confirm
1,394
edits
Changes
→Variables
This is most useful around the 'staging' aspect, as it means that passwords for staging instances can be specified easily, with no conditionals in the module implementing the functionality.
== Variables Using EYAML ==(This is pending completion of bug 891853) Secrets are accessed via hiera, using hiera-eyaml. That means that the secrets files are regular YAML files, but contain ciphertext enclosed by ENC[..] where secrets are protected. The public and private keys used for this encryption are stored on the puppetmasters themselves. To encrypt a new password, as root on a puppetmaster, give the name of the variable: eyaml -e -o block -p -n 'root_pw_hash!loaner' then copy/paste the result into `/etc/hiera/secrets.yaml` or into your own `/etc/hiera/environments/<username>_secrets.yaml`. To check the value of a secret, use 'hiera': hiera -c /etc/puppet//hiera.yaml root_pw_saltedsha512 == Secrets ==
;'''root_pw_hash'''
:linux md5 password hash for the root password ''(No Default)'' ([[ReleaseEngineering/PuppetAgain/Modules/users#Linux|where to find]])
