Project

General

Profile

« Previous | Next » 

Revision 7c288f9c

Added by Michael Moll over 5 years ago

reduce diff to Puppet distributed files

View differences:

templates/auth.conf.erb
# otherwise, the general rules may "steal" requests that should be
# governed by the specific rules.
#
# See https://docs.puppetlabs.com/puppet/latest/reference/config_file_auth.html
# See https://puppet.com/docs/puppet/latest/config_file_auth.html
# for a more complete description of auth.conf's behavior.
#
# Supported syntax:
......
# (ie exactly as if auth yes was present).
#
# CONTROLLING FILE ACCESS (previously in fileserver.conf)
# In previous versions of Puppet, you controlled file access by adding
# rules to fileserver.conf. In Puppet 5 with Puppet Server, you can control
# file access in auth.conf by controlling the /file_metadata(s)/<mount point>,
# /file_content(s)/<mount point>, and /static_file_content/<file> paths. See the
# Puppet Server documentation at
# https://puppet.com/docs/puppetserver/latest/config_file_auth.html.
#
# If you are not using Puppet Server, or are using Puppet Server but with the
# "jruby-puppet.use-legacy-auth-conf" setting set to "true", you could set the
# desired file access in a new rule in this file. For example:
#
# path ~ ^/file_(metadata|content)s?/extra_files/
# auth yes
# allow /^(.+)\.example\.com$/
# allow_ip 192.168.100.0/24
#
# If added to auth.conf BEFORE the default "path /file" rule, this rule
# will add stricter restrictions to the extra_files mount point.
### Authenticated ACLs - these rules apply only when the client
### has a valid certificate and is thus authenticated
......
auth any
method find, save
allow *
<% if scope.lookupvar('::puppet::listen') -%>
path /run
auth any
method save

Also available in: Unified diff