Page Comparison

...

Site administrators are responsible to manage and distribute the hiera-eyaml key files (independently of SIMP)
- key files must exist at the paths hiera.yaml expects them on compile masters
simp_apache, when $simp_apache::web_root is true: https://github.com/simp/pupmod-simp-simp_apache/blob/6.2.0/manifests/init.pp#L140
This approach is not possible for some SIMP users
- The SIMP codebase doesn't expose every use of of simplib::passgen() as an overridable parameter
- Depending on the way your site is configured, you may not be avoid SIMP code
- Affected modules are:Modules that cannot be configured to avoid simplib::passgen() under some conditions in SIMP 6.4.0:
  - dhcp, when $dhcp::is_server is true, or dhcp::dhcpd is classified: https://github.com/simp/pupmod-simp-dhcp/blob/6.1.1/manifests/dhcpd.pp#L74
  - simp_apache, when $simp_apache::web_root is true: https://github.com/simp/pupmod-simp-simp_apache/blob/6.2.0/manifests/init.pp#L140
  - simp_gitlab, when the gitlab package is first installed: https://github.com/simp/pupmod-simp-simp_gitlab/blob/0.4.0/manifests/init.pp#L180
    - Note: This use of simplib::passgen is not currently harmful in SIMP 6.4.0 only used during the RPM installation
  - tftpboot, when $::tftpboot::rsync_enabled is true: https://github.com/simp/pupmod-simp-tftpboot/blob/6.2.2/manifests/config.pp
  - named, unavoidable once classified
    - https://github.com/simp/pupmod-simp-named/blob/6.2.0/manifests/chroot.pp#L81
    - https://github.com/simp/pupmod-simp-named/blob/6.2.0/manifests/non_chroot.pp#L51-L61
- Modules that can be configured to avoid simplib::passgen() in SIMP 6.4.0:
  - simp_pki_service
    - Hash parameter simp_pki_server::ds_config
      - Define the key 'admin_password'
    - Hash parameter simp_pki_service::cas
      - Define the key 'simp-pki-root'
    - Both Hash parameters require many other key/value pairs. See: https://github.com/simp/pupmod-simp-simp_pki_service/blob/0.2.0/manifests/init.pp#L30-L69
  - simp_snmpd
    - Provide data for the parameter $simp_snmpd::v3_users_hash
      - Define the keys authpass and privpass for each user defined
  - rsync
    - When using the defined types rsync::push or rsync::retrieve, set the Optional[String] parameter $pass.

Suggested improvements

Status
colour Red
title FUTURE
Expose all uses of simp::passgen() in SIMP classes as parameter defaults, so users can override them via hiera-eyaml

...

Versions Compared

Old Version 11

New Version 12

Key

Suggested improvements