|
---
|
|
attributes1:
|
|
name: administrator
|
|
settings_type: string
|
|
category: Setting::General
|
|
default: root@some.host.fqdn
|
|
description: The Default administrator email address
|
|
attributes2:
|
|
name: foreman_url
|
|
category: Setting::General
|
|
default: http://foreman.some.host.fqdn
|
|
description: The URL Foreman should point to in emails etc
|
|
attributes3:
|
|
name: root_pass
|
|
category: Setting::Provisioning
|
|
default: "--- \n"
|
|
description: Default root password on provisioned hosts
|
|
attributes4:
|
|
name: safemode_render
|
|
category: Setting::Provisioning
|
|
default: "true"
|
|
description: Enable safe mode config templates rendinging(recommended)
|
|
attributes5:
|
|
name: ssl_certificate
|
|
category: Setting::Provisioning
|
|
default: /var/lib/puppet/ssl/certs/some.host.fqdn
|
|
description: SSL Certificate path that foreman would use to communicate with its proxies
|
|
attributes6:
|
|
name: ssl_ca_file
|
|
category: Setting::Provisioning
|
|
default: /var/lib/puppet/ssl/certs/ca.pem
|
|
description: SSL CA file that foreman would use to communicate with its proxies
|
|
attributes7:
|
|
name: ssl_priv_key
|
|
category: Setting::Provisioning
|
|
default: /var/lib/puppet/ssl/private_keys/super.some.host.fqdn.pem
|
|
description: SSL Private Key file that foreman would use to communicate with its proxies
|
|
attributes8:
|
|
name: puppet_interval
|
|
settings_type: integer
|
|
category: Setting::Puppet
|
|
default: 30
|
|
description: Setting::Puppet interval in minutes
|
|
attributes9:
|
|
name: default_puppet_environment
|
|
category: Setting::Puppet
|
|
default: production
|
|
description: "The Setting::Puppet environment foreman would default to in case it can't auto detect it"
|
|
attributes10:
|
|
name: modulepath
|
|
category: Setting::Puppet
|
|
default: /etc/puppet/modules
|
|
description: "The Setting::Puppet default module path in case that Foreman can't auto detect it"
|
|
attributes12:
|
|
name: puppet_server
|
|
category: Setting::Puppet
|
|
default: puppet
|
|
description: Default Setting::Puppet Server hostname
|
|
attributes13:
|
|
name: failed_report_email_notification
|
|
category: Setting::Puppet
|
|
default: "false"
|
|
description: Enable Email Alerts per each failed puppet report
|
|
attributes14:
|
|
name: Default_variables_Lookup_Path
|
|
category: Setting::Puppet
|
|
default: ["fqdn", "hostgroup", "os", "domain"]
|
|
description: The Default path in which foreman resolves host specific variables
|
|
attributes15:
|
|
name: manage_puppetca
|
|
category: Setting::Provisioning
|
|
default: "true"
|
|
description: Should Foreman manage host certificates when provisioning hosts
|
|
attributes16:
|
|
name: entries_per_page
|
|
category: Setting::General
|
|
default: 20
|
|
description: The amount of records shown per page in foreman
|
|
attributes17:
|
|
name: update_environment_from_facts
|
|
category: Setting::Puppet
|
|
default: "false"
|
|
description: Foreman will update a hosts environment from its facts
|
|
attributes18:
|
|
name: idle_timeout
|
|
category: Setting::General
|
|
default: 5
|
|
description: idle timeout
|
|
attributes19:
|
|
name: enc_environment
|
|
category: Setting::Puppet
|
|
default: "true"
|
|
description: Should Foreman provide puppet environment in ENC yaml output? (this avoids the mismatch error between puppet.conf and ENC environment)
|
|
attributes20:
|
|
name: use_uuid_for_certificates
|
|
category: Setting::Puppet
|
|
default: "false"
|
|
description: "Should Foreman use random UUID's for certificate signing instead of hostnames"
|
|
attributes21:
|
|
name: query_local_nameservers
|
|
category: Setting::Provisioning
|
|
default: "false"
|
|
description: "Should Foreman query the locally configured name server or the SOA/NS authorities"
|
|
attributes22:
|
|
name: remote_addr
|
|
category: Setting::Provisioning
|
|
default: "127.0.0"
|
|
description: "If Foreman is running behind Passenger or a remote loadbalancer, the ip should be set here"
|
|
attributes23:
|
|
name: authorize_login_delegation
|
|
category: Setting::General
|
|
default: "false"
|
|
description: "Setting::Authorize login delegation with REMOTE_USER environment variable"
|
|
attributes24:
|
|
name: authorize_login_delegation_api
|
|
category: Setting::General
|
|
default: "false"
|
|
description: "Setting::Authorize login delegation with REMOTE_USER environment variable for API calls"
|
|
attributes25:
|
|
name: Parametrized_Classes_in_ENC
|
|
category: Setting::Puppet
|
|
default: "false"
|
|
description: "Should Foreman use the new format (2.6.5+) to answer Setting::Puppet in its ENC yaml output?"
|
|
attribute26:
|
|
name: token_duration
|
|
category: Setting::Provisioning
|
|
default: 0
|
|
description: "Time in minutes installation tokens should be valid for, 0 to disable"
|
|
attribute27:
|
|
name: restrict_registered_smart_proxies
|
|
category: Setting::Auth
|
|
default: "true"
|
|
description: "Only known Smart Proxies may access features that use Smart Proxy authentication"
|
|
attribute28:
|
|
name: require_ssl_smart_proxies
|
|
category: Setting::Auth
|
|
default: "true"
|
|
description: "Client SSL certificates are used to identify Smart Proxies (:require_ssl should also be enabled)"
|
|
attribute29:
|
|
name: ssl_client_dn_env
|
|
category: Setting::Auth
|
|
default: "SSL_CLIENT_S_DN"
|
|
description: "Environment variable containing the subject DN from a client SSL certificate"
|
|
attribute30:
|
|
name: ssl_client_verify_env
|
|
category: Setting::Auth
|
|
default: "SSL_CLIENT_VERIFY"
|
|
description: "Environment variable containing the verification status of a client SSL certificate"
|
|
attribute31:
|
|
name: ssl_client_cert_env
|
|
category: Setting::Auth
|
|
default: "SSL_CLIENT_CERT"
|
|
description: "Environment variable containing a client SSL certificate"
|
|
attribute32:
|
|
name: trusted_hosts
|
|
category: Setting::Auth
|
|
default: []
|
|
description: "Hosts that will be trusted in addition to Smart Proxies for access to fact/report importers and ENC output"
|
|
attribute36:
|
|
name: puppetrun
|
|
category: Setting::Puppet
|
|
default: "true"
|
|
description: "Enables Puppetrun Support"
|
|
attribute37:
|
|
name: create_new_host_when_facts_are_uploaded
|
|
category: Setting::Puppet
|
|
default: "true"
|
|
description: "Foreman will create the host when new facts are received"
|
|
attribute38:
|
|
name: update_ip_from_built_request
|
|
category: Setting::Provisioning
|
|
default: "true"
|
|
description: "Should we use the originating IP of the built request to update the Host's IP?"
|
|
attribute39:
|
|
name: legacy_puppet_hostname
|
|
category: Setting::Puppet
|
|
default: "false"
|
|
description: "Foreman will truncate hostname to 'puppet' if it starts with puppet"
|
|
attribute40:
|
|
name: interpolate_erb_in_parameters
|
|
category: Setting::Puppet
|
|
default: "true"
|
|
description: "Should Foreman parse ERB to return dynamic parameters?"
|
|
attribute41:
|
|
name: use_shortname_for_vms
|
|
category: Setting::Provisioning
|
|
default: "false"
|
|
description: "Should Foreman use the short hostname instead of the FQDN for creating new virtual machines"
|
|
attribute42:
|
|
name: create_new_host_when_report_is_uploaded
|
|
category: Setting::Puppet
|
|
default: "true"
|
|
description: "Foreman will create the host when a report is received"
|
|
attributes43:
|
|
name: unattended_url
|
|
category: Setting::Provisioning
|
|
default: http://foreman.some.host.fqdn
|
|
description: The URL Foreman should point to in templates etc
|
|
attributes44:
|
|
name: default_organization
|
|
category: Setting::Puppet
|
|
default: 'Organization 1'
|
|
description: 'Default organization when importing hosts'
|
|
attributes45:
|
|
name: default_location
|
|
category: Setting::Puppet
|
|
default: 'Location 1'
|
|
description: 'Default location when importing hosts'
|
|
attributes46:
|
|
name: location_fact
|
|
category: Setting::Puppet
|
|
default: 'foreman_location'
|
|
description: 'Fact to set location from when importing hosts'
|
|
attributes47:
|
|
name: organization_fact
|
|
category: Setting::Puppet
|
|
default: 'foreman_organization'
|
|
description: 'Fact to set organization from when importing hosts'
|
|
attributes48:
|
|
name: Enable_Smart_Variables_in_ENC
|
|
category: Setting::Puppet
|
|
default: "true"
|
|
description: "Foreman smart variables will be exposed via the ENC yaml output"
|
|
attributes49:
|
|
name: oauth_active
|
|
category: Setting::Auth
|
|
default: "false"
|
|
description: "Foreman will use OAuth for API authorization"
|
|
attributes50:
|
|
name: oauth_consumer_key
|
|
category: Setting::Auth
|
|
default: "oauth_key"
|
|
description: "OAuth consumer key"
|
|
attributes51:
|
|
name: oauth_consumer_secret
|
|
category: Setting::Auth
|
|
default: "oauth_secret"
|
|
description: "OAuth consumer secret"
|
|
attributes52:
|
|
name: oauth_map_users
|
|
category: Setting::Auth
|
|
default: "true"
|
|
description: "Foreman will map users by username in request-header. If this is set to false, OAuth requests will have admin rights."
|
|
attributes53:
|
|
name: send_welcome_email
|
|
category: Setting::Email
|
|
default: "false"
|
|
description: "Send a welcome email including initial username and password to new users"
|
|
attributes54:
|
|
name: email_subject_prefix
|
|
category: Setting::Email
|
|
default: "[foreman]"
|
|
description: "Prefix to add to all outgoing email"
|
|
attributes55:
|
|
name: outofsync_interval
|
|
settings_type: integer
|
|
category: Setting::Puppet
|
|
default: 5
|
|
description: "Duration in minutes after the Puppet interval for servers to be classed as out of sync."
|
|
attributes56:
|
|
name: email_reply_address
|
|
category: Setting::Email
|
|
default: "foreman-noreply@#{SETTINGS[:domain]}"
|
|
description: 'Email reply address for emails that Foreman is sending'
|
|
attributes57:
|
|
name: clean_up_failed_deployment
|
|
category: Setting::Provisioning
|
|
default: "true"
|
|
description: "Foreman will delete virtual machine if provisioning script ends with non zero exit code"
|
|
attributes58:
|
|
name: ignored_interface_identifiers
|
|
category: Setting::Provisioning
|
|
default: "['lo', 'usb*', 'vnet*', 'macvtap*']"
|
|
description: 'Ignore interfaces that match these values during facts importing, you can use * wildcard to match names with indexes e.g. macvtap*'
|
|
attributes59:
|
|
name: always_show_configuration_status
|
|
category: Setting::Puppet
|
|
default: "false"
|
|
description: 'All hosts will show a configuration status even when a Puppet smart proxy is not assigned'
|
|
attributes60:
|
|
name: max_trend
|
|
category: Setting::General
|
|
default: 30
|
|
description: 'Max days for Trends graphs'
|
|
attributes61:
|
|
name: name_generator_type
|
|
settings_type: string
|
|
category: Setting::Provisioning
|
|
default: "Random-based"
|
|
description: 'Random gives unique names, MAC-based are longer but stable (and only works with bare-metal)'
|
|
attributes62:
|
|
name: bmc_credentials_accessible
|
|
category: Setting::Auth
|
|
default: "true"
|
|
description: 'Permits access to BMC interface passwords through ENC YAML output and in templates'
|
|
attributes63:
|
|
name: password
|
|
category: Setting::Puppet
|
|
default: nil
|
|
description: 'Encrypted password'
|
|
encrypted: true
|
|
attributes64:
|
|
name: access_unattended_without_build
|
|
category: Setting::Provisioning
|
|
default: "false"
|
|
description: 'Allow access to unattended URLs without build mode being used'
|
|
attributes65:
|
|
name: update_subnets_from_facts
|
|
category: Setting::Puppet
|
|
default: "false"
|
|
description: 'Foreman will update a hosts subnets from its facts'
|
|
attributes66:
|
|
name: delivery_method
|
|
category: Setting::Email
|
|
default: :test
|
|
description: 'Method used to deliver e-mail'
|
|
attributes67:
|
|
name: smtp_address
|
|
category: Setting::Email
|
|
default: 'smtp@example.com'
|
|
description: Method used to deliver email'
|
|
attributes68:
|
|
name: smtp_authentication
|
|
category: Setting::Email
|
|
default: 'none'
|
|
description: 'Specify authentication type, if required'
|
|
attributes69:
|
|
name: sendmail_arguments
|
|
category: Setting::Email
|
|
default: 'args'
|
|
description: 'Specify additional options to sendmail'
|
|
attribute70:
|
|
name: ignore_facts_for_operatingsystem
|
|
category: Setting::Provisioning
|
|
default: "false"
|
|
description: 'Stop updating Operating System from facts'
|
|
attribute71:
|
|
name: ignore_facts_for_domain
|
|
category: Setting::Provisioning
|
|
default: "false"
|
|
description: 'Stop updating domain from facts'
|
|
attribute72:
|
|
name: host_owner
|
|
category: Setting::Provisioning
|
|
default: nil
|
|
description: 'Default host owner'
|
|
attribute73:
|
|
name: local_boot_PXELinux
|
|
category: Setting::Provisioning
|
|
default: PXELinux default local boot
|
|
description: 'Set up default local boot template for PXELinux'
|
|
attribute74:
|
|
name: rss_enable
|
|
category: Setting::Notification
|
|
default: true
|
|
description: 'Whether to enable or not RSS feed notifications'
|
|
attribute75:
|
|
name: rss_url
|
|
category: Setting::Notification
|
|
default: "http://theforeman.org/feed.xml"
|
|
description: 'Default URL for RSS feed notifications'
|
|
attribute76:
|
|
name: default_pxe_item_global
|
|
category: Setting::Provisioning
|
|
default: "local"
|
|
description: 'Default PXE global template entry'
|
|
attribute77:
|
|
name: default_pxe_item_local
|
|
category: Setting::Provisioning
|
|
default: "local_chain_hd0"
|
|
description: 'Default PXE local template entry'
|
|
attributes78:
|
|
name: excluded_facts
|
|
category: Setting::Provisioning
|
|
default: "['lo', 'usb*', 'vnet*', 'macvtap*', '_vdsmdummy_', 'veth*', 'docker*', 'tap*', 'qbr*', 'qvb*', 'qvo*', 'qr-*', 'qg-*', 'vlinuxbr*', 'vovsbr*']"
|
|
description: 'Ignore fact names that match these values during facts importing, you can use * wildcard to match names with indexes e.g. macvtap*'
|
|
attribute79:
|
|
name: append_domain_name_for_hosts
|
|
category: Setting::General
|
|
default: "true"
|
|
description: "Should append domain names when new hosts are provisioned"
|
|
attribute80:
|
|
name: failed_login_attempts_limit
|
|
category: Setting::Auth
|
|
default: 30
|
|
description: "Foreman will block user login after this number of failed login attempts for 5 minutes from offending IP address. Set to 0 to disable bruteforce protection"
|
|
attribute81:
|
|
name: login_text
|
|
category: Setting::General
|
|
default: "--- \n"
|
|
description: 'Text to be shown in the login-page footer'
|