Foreman » Smart Proxy

Fixes #11323 - fixed PID writing, interrupt trap and daemon logging

Fixes #8905 - bind_port config option

Fixes #7849 - re-factor trusted_hosts handling

On HTTPS we will get the FQDN from the client certificate and check against the
list.

While on HTTP we will perform both reverse DNS and forward DNS lookup to verify
the client may talk to us.

Additionally the forward_verify of DNS can be disabled.

fixes #6589 - add trusted_hosts check back

fixes #6522 - move request code out of chef module

The patch also moves foreman_ssl_ca, foreman_ssl_cert and
foreman_ssl_key config options from Chef plugin config to global config
and adds fallback to the ssl_* options if these are not defined.

Fixes #4866: Breaking up monolithic smart-proxy into modules

Fixes #5712: Limit DHCP subnets for ISC if necessary

Small symantic changes.

fixes #5019 - puppet cert sudo command now configurable and optional

fixes #1809 - freeipa integration to smartproxy

fixes #3991 - dnscmd provider for smart-proxy (Windows)

refs #3699 - update settings.yml.example

fixes #3943 - add simple virsh providers for libvirt DNS/DHCP

fixes #3936 added a method of running a custom tool, to trigger puppet.

fixes #3732 - Saltstack puppet provider, using 'salt host puppet.run'

fixes #3699 - chefproxy feature, proxies facts and reports to Foreman

fixes #3150 - adds ability to specify the user to invoke sudo as when calling mco/puppet kick

fixes #3047 - added puppetrun over ssh support

Fixes #2790 - Optionally set DNS TTL value from settings.yml config file

fixes #2116 - mcollective support for the proxy to initialize puppetrun

fixes #1685 - GSS-TSIG support for DNS updates

fixes #2387 - Add shell provider to the BMC API

• Only Accepts on/off/status/cycle for power commands
• Needs sudo for the proxy to call /sbin/shutdown
• Adds a simple test for calling the shutdown api

Fix a number of tests and settings so tests run from example settings.yml

- enable subsystems being tested before proxy loads code
- fix test assuming /bin/ls is always first in PATH
- dummy puppet.conf file

More detailed log message for puppetca ssldir Add ssldir and puppetdir to config examples Fixes #1104

feature #1829 - add bmc ipmi support to smart proxy

fixes #1548 - Default Settings File Improvments

Signed-off-by: Florian Koch <florian.koch1981@googlemail.com>

fixes #1499 - show puppet environments and classes over the API

Fix log_level comment for settings.yml.example

Logger.constants does not contain Fatal but only FATAL. This change
adjusts the comment for log_level.

Fixes #1055 - SETTINGS.dhcp_subnets

Signed-off-by: Paul kelly <paul.ian.kelly@googlemail.com>

fixes #853 - If used with the proxy, the dhcpd server is open for connections from any server

Fixes Bug #800, Adds support for tftp_servername

Setting this value overrides the value in the subnet
declaration for the name of the tftp server

Signed-off-by: Mark Bainter <mark.bainter@match.com>

fixes #732 - provide better defaults inside rpm package

fixes #752 - Lookup the constant for the log level

As written, the Logger::WARN is just a string, causing a crash when
comparing FIXNUM to String types. Switched to using get_const.
Note that this requires changing the settings.yml file to use just the
constant name, :log_level: WARN instead of Logger::WARN...

fixes #620 - PID file creation under /var/log/foreman-proxy

Fixes #618 - Provide a dns_server setting

fixes #614 - proxy should support Daemon mode

fixes #613 - Allow to use SSL to communicate with the proxy

Sample config file