REFERENCE.md

Reference

Table of Contents

Classes

• r10k: Main r10k class
• r10k::authorized_key: Define an authorized key on the server
• r10k::gitolite_hooks: this class installs hooks on a gitolite server to trigger r10k updates
• r10k::ssh_key: Generate an SSH authentication key Key generation for (passwordless) authentication to a remote system.
• r10k::user: this class creates an r10k user with ssh key etc.

Classes

r10k

Main r10k class

Parameters

The following parameters are available in the r10k class:

• configdir
• ensure_configdir
• cachedir
• pool_size
• proxy
• deploy
• sources
• git
• forge
• user
• home
• ensure_user
• allowed_keys
• packages
• package_ensure
• package_options
• r10k_command

configdir

Data type: String

where the configfile should be put defaults to '/etc/puppet'

Default value: '/etc/puppet'

ensure_configdir

Data type: Boolean

set this to true to ensure the config direcory exists

Default value: false

cachedir

Data type: Optional[String[1]]

The 'cachedir' setting controls where cached content, such as mirrored Git repositories, are stored on the local machine. This location should be persistent, as environments and modules may rely on these files in order to be updated.

Default value: undef

pool_size

Data type: Optional[Integer]

The pool_size setting is a number to determine how many threads should be spawn while updating modules.

Default value: undef

proxy

Data type: Optional[String[1]]

The 'proxy' setting configures an HTTP proxy to use for all HTTP/HTTPS operations performed by r10k. This includes requests to the Puppet Forge as well as any Git operations performed against an HTTP/HTTPS remote. @see https://github.com/puppetlabs/r10k/blob/main/doc/dynamic-environments/configuration.mkd#proxy

Default value: undef

deploy

Data type: Optional[Hash]

Top level setting for controlling how r10k deploys behave. @see https://github.com/puppetlabs/r10k/blob/main/doc/dynamic-environments/configuration.mkd#deploy Example (hiera, yaml): r10k::deploy: generate_types: true

Default value: undef

sources

Data type: Optional[Hash]

Hash of sources to use, defaults to {} @see https://github.com/puppetlabs/r10k/blob/main/doc/dynamic-environments/configuration.mkd#source-options Example (hiera): r10k::sources: main-puppet: remote: 'git@somewhere:main-puppet' basedir: '/etc/puppet/environments'

Default value: undef

git

Data type: Optional[Hash]

Hash of git configurations, defaults to {} See r10k.yaml file for possible options (section git)

Default value: undef

forge

Data type: Optional[Hash]

Hash of forge configurations, defaults to {} See r10k.yaml file for possible options (section forge)

Default value: undef

user

Data type: String

the r10k user, defaults to 'r10k'

Default value: 'r10k'

home

Data type: String

the home directory of $user

Default value: '/var/lib/r10k'

ensure_user

Data type: Boolean

if we should ensure the r10k user (if true, includes r10k::user) defaults to true

Default value: true

allowed_keys

Data type: Array

Array of ssh keys allowed to execute r10k updates normaly this is the key used by git hooks.

Default value: []

packages

Data type: Array

packages to install

Default value: ['r10k']

package_ensure

Data type: String[1]

what to ensure for packages

Default value: 'installed'

package_options

Data type: Hash[String[1],String[1]]

options to set for the package option used to install $packages. eg. this lets you install r10k from gem by setting this to: { 'provider' => 'gem' }

Default value: {}

r10k_command

Data type: String[1]

r10k command, if it is not saved in path, you can specify the command with the path

Default value: 'r10k'

r10k::authorized_key

Define an authorized key on the server

Parameters

The following parameters are available in the r10k::authorized_key class:

• username
• home
• keys
• destination
• owner
• group
• mode
• command
• options

username

Data type: String[1]

the username to put the file for

home

Data type: String[1]

the users homedirectory

keys

Data type: Array

an array of keys to concat

Default value: []

destination

Data type: Optional[String[1]]

use this if you want to set a different destination than '~/.ssh/authorized_keys'

Default value: undef

owner

Data type: String[1]

owner for the authorized_keys file

Default value: $username

group

Data type: String[1]

group for the authorized_keys file

Default value: $username

mode

Data type: String[1]

mode for the authorized_keys file

Default value: '0644'

command

Data type: String[1]

command to allow defaults to '/var/lib/r10k/update_environment.sh'

Default value: '/var/lib/r10k/update_environment.sh'

options

Data type: Array

defaults to: [no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty]

Default value: ['no-port-forwarding','no-X11-forwarding','no-agent-forwarding','no-pty']

r10k::gitolite_hooks

this class installs hooks on a gitolite server to trigger r10k updates

Parameters

The following parameters are available in the r10k::gitolite_hooks class:

• hook_path
• hook_name
• multihook_name
• multihook_scripts
• gitolite_user
• packages

hook_path

Data type: String

path where to install the hooks defaults to: '/var/lib/gitolite/scripts'

Default value: '/var/lib/gitolite/scripts'

hook_name

Data type: String

filename of the update hook script

Default value: 'update-r10k-branch'

multihook_name

Data type: String

filename of the mutlihook script set to '' if you do not want to install defaults to: '/var/lib/gitolite/scripts/multihook_r10k_email'

Default value: 'multihook_r10k_email'

multihook_scripts

Data type: Array

Array of scripts installed in $hook_path to execute with multihook. defaults to [] $hook_name is added by default.

Default value: []

gitolite_user

Data type: String

gitolite user to be owner of the scripts defaults to 'gitolite'

Default value: 'gitolite'

packages

Data type: Array

additional packages needed for the hooks defaults to ['moreutils'] which contains pee needed for multihook

Default value: ['moreutils']

r10k::ssh_key

Generate an SSH authentication key

Key generation for (passwordless) authentication to a remote system.

Parameters

The following parameters are available in the r10k::ssh_key class:

• filename
• type
• length
• password
• comment
• user

filename

Data type: String

Filename (full path) for the key. Required.

type

Data type: String

Type of key, either dsa, ecdsa or rsa. Defaults to rsa.

Default value: 'rsa'

length

Data type: Integer

Key length. Defaults to 2048. See man ssh-keygen for restrictions regarding non RSA keys.

Default value: 2048

password

Data type: String

Password for the key. Defaults to no password. This is not very secure as the password is visible in plain text in the puppet manifest and as a process parameters when creating the key.

Default value: ''

comment

Data type: String

Comment describing the Key. Defaults to "Automatic authentication key for $user on $fqdn".

Default value: 'undef'

user

Data type: String

User who uses this key. This user must have write access to the directory containing the key. Defaults to "root"

Default value: 'root'

r10k::user

this class creates an r10k user with ssh key etc.

Parameters

The following parameters are available in the r10k::user class:

• user
• home
• allowed_keys

user

Data type: String

the r10k user, defaults to 'r10k'

Default value: 'r10k'

home

Data type: String

the home directory of $user

Default value: '/var/lib/r10k'

allowed_keys

Data type: Array

Array of ssh keys allowed to execute r10k updates normaly this is the key used by git hooks.

Default value: []