Ask Your Question
0

HOCON auth.conf - how to edit?

asked 2018-10-31 11:01:47 -0600

gilbo gravatar image

Hello.

As the title says really - I seem to be able to have the ability to edit some entries in the HOCON auth.conf with this hiera entry:

puppet_enterprise::profile::certificate_authority::client_whitelist:
 - node1
 - node2
 - node3
 - node4

which, on a puppet agent run on the MoM, gives the result in auth.conf:

   {
        "allow" : [
                "node1"
                "node2"
                "node3"
                "node4"
        ],
        "match-request" : {
            "method" : [
                "get",
                "put",
                "delete"
            ],
            "path" : "/puppet-ca/v1/certificate_status",
            "query-params" : {},
            "type" : "path"
        },
        "name" : "puppetlabs certificate status",
        "sort-order" : 500
    }

which is really useful! Now I can't find any documentation or any code within any of the modules on how this actually works. I say this because I want to modify more entries of the auth.conf namely this one, which i want to rip apart and modify heavily:

    {
        "allow-unauthenticated" : true,
        "match-request" : {
            "method" : [
                "get",
                "put"
            ],
            "path" : "/puppet-ca/v1/certificate_request",
            "query-params" : {},
            "type" : "path"
        },
        "name" : "puppetlabs csr",
        "sort-order" : 500
    }

so - anyone know what hiera entries are available to me to actually do that? obviously i could do this manually but a) this is puppet and b) where's the fun in that?!

Cheers!

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-11-16 16:59:27 -0600

vicinus gravatar image

The puppet_authorization module should allow you to configure what you want. If not the hocon module allows an more low level access to hocon files (The puppet_authorization module uses internal the hocon module).

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-10-31 11:01:47 -0600

Seen: 72 times

Last updated: Nov 16