Changes between Version 1 and Version 2 of 5+bcfg2.conf

Timestamp:

11/06/09 09:31:45 (2 weeks ago)

Author:

dclark (IP: 72.255.66.205)

Comment:

Update to 1.0.0

5+bcfg2.conf

@@ -15 +15 @@
 
 <DL COMPACT>
-<DT>bcfg2.conf includes configuration parameters for the bcfg2 server and client. <DD>
+<DT>bcfg2.conf includes configuration parameters for the bcfg2 server and client.<DD>
 <P>
 </DL>
@@ -21 +21 @@
 <H2>FILE FORMAT</H2>
 
-The file is INI-style and consists of sections and options. A section begins with the name of the sections in square brackets and continues until the next section begins. 
+The file is INI-style and consists of sections and options. A section begins with the name of the sections in square brackets and continues until the next section begins.
 <P>
 Options are specified in the form 'name = value'.
@@ -28 +28 @@
 <P>
 Any line beginning with a hash (#) is ignored, as are lines containing only whitespace.
+<P>
 <P>
 <A NAME="lbAE">&nbsp;</A>
@@ -40 +41 @@
 Specifies the path to the Bcfg2 repository containing all of the configuration specifications. The repository should be created using the bcfg2-init command.
 <P>
-<DT><B>svn</B>
-
-<DD>
-Set this to yes if the repository is SVN managed.
-<P>
-<DT><B>structures</B>
-
-<DD>
-A comma-delimited list of all the enabled structures plugins. Currently available plugins are Base, Bundler, and SGenshi. Defaults to Bundler and Base.
-<P>
-<DT><B>generators</B>
-
-<DD>
-A comma-delimited list of all enabled generator plugins. Currently available plugins are Actions, Cfg, Deps, Hostbase, Pkgmgr, Rules, SSHbase, TCheetah, and TGenshi. Defaults to SSHbase, Cfg, Pkgmgr, and Rules.
+<DT><B>key</B>
+
+<DD>
+Specifies the path to a file containing the SSL Key. This is required on the server in all cases, and required on clients if using client certificates. 
+<P>
+<DT><B>certificate</B>
+
+<DD>
+The path to a file containing a PEM formatted certificate which signs the key with the ca certificate. This setting is required on the server in all cases, and required on clients if using client certificates. 
+<P>
+<DT><B>ca</B>
+
+<DD>
+The path to a file containing the CA certificate. This file is required on the server, and optional on clients. However, if the cacert is not present on clients, the server cannot be verified. 
+<P>
+<DT><B>filemonitor</B>
+
+<DD>
+The file monitor used to watch for changes in the repository. Values of 'gamin', 'fam', or 'pseudo' are valid.
 <P>
 <DT><B>plugins</B>
 
 <DD>
-A comma-delimited list of enabled server plugins. Currently available plugins are DBStats.
-<P>
-<DT><B>bundles</B>
-
-<DD>
-A list of enabled bundles
-<P>
-<DT><B>filemonitor</B>
-
-<DD>
-The file monitor used to watch for changes in the repository. Values of 'gamin', 'fam', or 'pseudo' are valid.
+A comma-delimited list of enabled server plugins. Currently available plugins are:
+<P>
+&bull;
+<B>Account</B>
+
+The account plugin manages authentication data, including:
+<P>
+<BR>&nbsp;*&nbsp;/etc/passwd
+<BR>&nbsp;*&nbsp;/etc/group
+<BR>&nbsp;*&nbsp;/etc/security/limits.conf
+<BR>&nbsp;*&nbsp;/etc/sudoers
+<BR>&nbsp;*&nbsp;/root/.ssh/authorized_keys
+<P>
+&bull;
+<B>Actions</B>
+
+<P>
+Action entries are commands that are executed either before bundle installation, after bundle installation or both. If exit status is observed, a failing pre-action will cause no modification of the enclosing bundle to be performed; all entries included in that bundle will not be modified. Failing actions are reported through Bcfg2's reporting system, so they can be centrally observed.
+<P>
+&bull;
+<B>BB</B>
+
+<P>
+&bull;
+<B>Base</B>
+
+A structure plugin that provides the ability to add lists of unrelated entries into client configuration entry inventories. Base works much like Bundler in its file format. This structure plugin is good for the pile of independent configs needed for most actual systems.
+<P>
+&bull;
+<B>Bundler</B>
+
+Bundler is used to describe groups of inter-dependent configuration entries, such as the combination of packages, configuration files, and service activations that comprise typical Unix daemons. Bundles are used to add groups of configuration entries to the inventory of client configurations, as opposed to describing particular versions of those
+entries.
+<P>
+&bull;
+<B>Bzr</B>
+
+The Bzr plugin allows you to track changes to your Bcfg2 repository using a GNU Bazaar version control backend. Currently, it enables you to get revision information out of your repository for reporting purposes.
+<P>
+&bull;
+<B>Cfg</B>
+
+The Cfg plugin provides a repository to describe configuration file contents for clients. In its simplest form, the Cfg repository is just a directory tree modeled off of the directory tree on your client machines.
+<P>
+&bull;
+<B>DBStats</B>
+
+Direct to database statistics plugin (0.9.6 and later).
+<P>
+&bull;
+<B>Decisions</B>
+
+The Decisions plugin has support for a centralized set of per-entry installation decisions. This approach is needed when particular changes are deemed &quot;high risk&quot;; this gives the ability to centrally specify these changes, but only install them on clients when administrator supervision is available. (0.9.6 and later)
+<P>
+&bull;
+<B>Deps</B>
+
+The Deps plugin allows you to make a series of assertions like &quot;Package X requires Package Y (and optionally also Package Z etc.)
+<P>
+&bull;
+<B>Editor</B>
+
+The Editor plugin allows you to partially manage configuration for a file. Its use is not recommended and not well documented.
+<P>
+&bull;
+<B>Fossil</B>
+
+The Fossil plugin allows you to track changes to your Bcfg2 repository using a Fossil SCM version control backend. Currently, it enables you to get revision information out of your repository for reporting purposes.
+<P>
+&bull;
+<B>Git</B>
+
+The Git plugin allows you to track changes to your Bcfg2 repository using a git version control backend. Currently, it enables you to get revision information out of your repository for reporting purposes.
+<P>
+&bull;
+<B>GroupPatterns</B>
+
+The GroupPatterns plugin is a connector that can assign clients group membership pased on patterns in client hostnames.
+<P>
+&bull;
+<B>Hostbase</B>
+
+The Hostbase plugin is an IP management system built on top of Bcfg2.
+<P>
+&bull;
+<B>Metadata</B>
+
+The Metadata plugin is the primary method of specifying Bcfg2 server metadata.
+<P>
+&bull;
+<B>NagiosGen</B>
+
+NagiosGen is a Bcfg2 plugin that dynamically generates Nagios configuration files based on Bcfg2 data.
+<P>
+&bull;
+<B>Ohai</B>
+
+<P>
+&bull;
+<B>POSIXCompat</B>
+
+The POSIXCompat plugin provides a compatibility layer which turns new-style (1.0) POSIX entries into old-style entries which are compatible with previous releases.
+<P>
+&bull;
+<B>Packages</B>
+
+The Packages plugin is an alternative to Pkgmgr for specifying package entries for clients. Where Pkgmgr explicitly specifies package entry information, Packages delegates control of package version information to the underlying package manager, installing the latest version available from through those channels.
+<P>
+&bull;
+<B>Pkgmgr</B>
+
+The Pkgmgr plugin resolves the Abstract Configuration Entity &quot;Package&quot; to a package specification that the client can use to detect, verify and install the specified package.
+<P>
+&bull;
+<B>Probes</B>
+
+The Probes plugin gives you the ability to gather information from a client machine before you generate its configuration. This information can be used with the various templating systems to generate configuration based on the results.
+<P>
+&bull;
+<B>Properties</B>
+
+The Properties plugin is a connector plugin that adds information from properties files into client metadata instances. (1.0 and later)
+<P>
+&bull;
+<B>Rules</B>
+
+The Rules plugin resolves Abstract Configuration Entities to literal configuration entries suitable for the client drivers to consume.
+<P>
+&bull;
+<B>SGenshi (Deprecated)</B>
+
+See Bundler.
+<P>
+&bull;
+<B>Snapshots</B>
+
+The Snapshots plugin stores various aspects of a client's state when the client checks in to the server.
+<P>
+&bull;
+<B>SSHbase</B>
+
+The SSHbase generator plugin manages ssh host keys (both v1 and v2) for hosts. It also manages the ssh_known_hosts file. It can integrate host keys from other management domains and similarly export its keys.
+<P>
+&bull;
+<B>Svn</B>
+
+The Svn plugin allows you to track changes to your Bcfg2 repository using a Subversion backend. Currently, it enables you to get revision information out of your repository for reporting purposes.
+<P>
+&bull;
+<B>TCheetah</B>
+
+The TCheetah plugin allows you to use the cheetah templating system to create files. It also allows you to include the results of probes executed on the client in the created files.
+<P>
+&bull;
+<B>TGenshi</B>
+
+The TGenshi plugin allows you to use the Genshi templating system to create files. It also allows you to include the results of probes executed on the client in the created files.
+<P>
+&bull;
+<B>Trigger</B>
+
+Trigger is a plugin that calls external scripts when clients are configured.
+<P>
 <P>
 </DL>
 <A NAME="lbAF">&nbsp;</A>
+<H2>MDATA OPTIONS</H2>
+
+These options affect the default metadata settings for ConfigFiles.
+<P>
+<DL COMPACT>
+<DT><B>owner</B>
+
+<DD>
+Global owner for ConfigFiles (defaults to root)
+<P>
+<DT><B>group</B>
+
+<DD>
+Global group for ConfigFiles (defaults to root)
+<P>
+<DT><B>perms</B>
+
+<DD>
+Global permissions for ConfigFiles (defaults to 644)
+<P>
+<DT><B>paranoid</B>
+
+<DD>
+Global paranoid settings for ConfigFiles (defaults to false)
+<P>
+<P>
+</DL>
+<A NAME="lbAG">&nbsp;</A>
+<H2>CLIENT OPTIONS</H2>
+
+These options only affect client functionality, specified in the [client] section.
+<P>
+<DL COMPACT>
+<DT><B>drivers</B>
+
+<DD>
+Specify tool driver set to use. This option can be used to explicitly specify the client tool drivers you want to use when the client is run.
+<P>
+<DT><B>paranoid</B>
+
+<DD>
+Run the client in paranoid mode.
+<P>
+<P>
+</DL>
+<A NAME="lbAH">&nbsp;</A>
 <H2>STATISTICS OPTIONS</H2>
 
@@ -107 +311 @@
 Port for database connections. Not used for sqlite3.
 <P>
-</DL>
-<A NAME="lbAG">&nbsp;</A>
+<P>
+</DL>
+<A NAME="lbAI">&nbsp;</A>
 <H2>COMMUNICATION OPTIONS</H2>
 
@@ -144 +349 @@
 A client-only option. The UUID of the client.
 <P>
-<DT><B>fingerprint</B>
-
-<DD>
-A client-only option. The fingerprint of the server's SSL certificate. Obtainable by running 'bcfg2-admin fingerprint'.
-<P>
-</DL>
-<A NAME="lbAH">&nbsp;</A>
+</DL>
+<A NAME="lbAJ">&nbsp;</A>
+<H2>PARANOID OPTIONS</H2>
+
+These options allow for finer-grained control of the paranoid mode on the Bcfg2 client. They are specified in the [paranoid] section of the configuration file.
+<P>
+<DL COMPACT>
+<DT><B>path</B>
+
+<DD>
+Custom path for backups created in paranoid mode. The default is in /var/cache/bcfg2.
+<P>
+<DT><B>max_copies</B>
+
+<DD>
+Specify a maximum number of copies for the server to keep when running in paranoid mode. Only the most recent versions of these copies will be kept.
+<P>
+</DL>
+<A NAME="lbAK">&nbsp;</A>
 <H2>COMPONENT OPTIONS</H2>
 
@@ -159 +376 @@
 
 <DD>
-URL of the server. On the server this specifies which interface and port the server listens on. On the client, this specifies where the client will attempt to contact the server. eg: bcfg2 = <A HREF="https://10.3.1.6:6789">https://10.3.1.6:6789</A> 
+URL of the server. On the server this specifies which interface and port the server listens on. On the client, this specifies where the client will attempt to contact the server. eg: bcfg2 = <A HREF="https://10.3.1.6:6789">https://10.3.1.6:6789</A>
 <P>
 <DT><B>encoding</B>
@@ -166 +383 @@
 Text encoding of configuration files. Defaults to the system default encoding.
 <P>
-</DL>
-<A NAME="lbAI">&nbsp;</A>
+<P>
+</DL>
+<A NAME="lbAL">&nbsp;</A>
 <H2>LOGGING OPTIONS</H2>
 
@@ -176 +394 @@
 Server log file path.
 <P>
-<A NAME="lbAJ">&nbsp;</A>
+<P>
+<A NAME="lbAM">&nbsp;</A>
+<H2>SNAPSHOTS OPTIONS</H2>
+
+Specified in the [snapshots] section. These options control the server snapshots functionality.
+<P>
+<B>driver</B>
+
+sqlite
+<P>
+<B>database</B>
+
+The name of the database to use for statistics data. eg: $REPOSITORY_DIR/etc/bcfg2.sqlite
+<P>
+<A NAME="lbAN">&nbsp;</A>
 <H2>SEE ALSO</H2>
 
@@ -193 +425 @@
 <DT><A HREF="#lbAD">FILE FORMAT</A><DD>
 <DT><A HREF="#lbAE">SERVER OPTIONS</A><DD>
-<DT><A HREF="#lbAF">STATISTICS OPTIONS</A><DD>
-<DT><A HREF="#lbAG">COMMUNICATION OPTIONS</A><DD>
-<DT><A HREF="#lbAH">COMPONENT OPTIONS</A><DD>
-<DT><A HREF="#lbAI">LOGGING OPTIONS</A><DD>
-<DT><A HREF="#lbAJ">SEE ALSO</A><DD>
+<DT><A HREF="#lbAF">MDATA OPTIONS</A><DD>
+<DT><A HREF="#lbAG">CLIENT OPTIONS</A><DD>
+<DT><A HREF="#lbAH">STATISTICS OPTIONS</A><DD>
+<DT><A HREF="#lbAI">COMMUNICATION OPTIONS</A><DD>
+<DT><A HREF="#lbAJ">PARANOID OPTIONS</A><DD>
+<DT><A HREF="#lbAK">COMPONENT OPTIONS</A><DD>
+<DT><A HREF="#lbAL">LOGGING OPTIONS</A><DD>
+<DT><A HREF="#lbAM">SNAPSHOTS OPTIONS</A><DD>
+<DT><A HREF="#lbAN">SEE ALSO</A><DD>
 </DL>
 <HR>
@@ -203 +439 @@
 <A HREF="/projects/bcfg2/wiki">man2html</A>,
 using the manual pages.<BR>
-Time: 21:15:34 GMT, January 23, 2009
+Time: 15:26:32 GMT, November 06, 2009
 }}}