editfile is a simple Puppet module to edit files through Puppet manifests. It is intended to be a Ruby-native replacement for Augeas.
- Homepage
From the root directory of your Puppet repository:
git clone https://github.com/mstrauss/puppet-editfile.git modules/editfile
If you use submodules:
git submodule add https://github.com/mstrauss/puppet-editfile.git modules/editfile
editfile::config is a define (manifests/config.pp) which makes use of the custom type editfile. It manages files with entries like
-
Parameter=Valueor -
Parameter Valueor -
Parameter="Value"or -
Parameter "Value"
To set a specific parameter:
editfile::config { 'sshd: disallow root':
path => '/etc/ssh/sshd_config',
entry => 'PermitRootLogin',
ensure => 'no', # the value shall be 'no'
quote => false, # not quoted (that's the default)
sep => ' ', # use space to separate the parameter from its value
# (default is '=')
}
To remove a specific parameter:
editfile::config { 'sshd: revert PermitRootLogin back to defaults':
path => '/etc/ssh/sshd_config',
entry => 'PermitRootLogin',
ensure => absent, # the parameter be removed
}
editfile is a custom type (lib/puppet/type/editfile.rb) with a single custom provider (lib/puppet/provider/editfile/regexp.rb). The regexp provider can replace lines matching a regular expression with given content.
The example from above without the editfile::config wrapper:
editfile { 'sshd: disallow root': # use a unique, descriptive name
provider => regexp, # that's the default provider
path => '/etc/ssh/sshd_config',
match => '^#?\s*PermitRootLogin\s?\s', # match all these lines
ensure => 'PermitRootLogin no', # and replace with this
}
The basic motivation for creating editfile was to have a simple, Ruby-native way of modifying system configuration files with Puppet.
editfile should support the most important use cases for which you would have used Augeas before.
-
On some (older) systems it may be very difficult to get Augeas up-and-running. You may need to build Augeas from sources and you may not want to have development files and/or build tools on your production machines. So you would need to manage your own Augeas RPM/DEBs/whatever.
-
Augeas often seems way too impractical. When there is no “Lens” for the file format you have on hands, there is no way to use Augeas. Even if there is a Lens, but the source path of your file is not hard coded (yuck!!!) into the Lens, it is very difficult to make Puppet/Augeas manage that file.
-
Even if you managed to get Puppet/Augeas working with your file, it sometimes -seemingly randomly and mostly silently- refuses to apply changes. This can be a very frustrating experience.
-
Augeas is Linux-only. Puppet supports way more platforms (e.g. Windows).
-
Augeas is usually overkill for the tasks generally at hand.
TBD.
- Author
-
Markus Strauss ([email protected])
- Copyright
-
Copyright © 2011 by Markus Strauss
- License
-
Attached