|
|
@@ -1,87 +1,89 @@
|
|
|
----
|
|
|
-# cobbler settings file
|
|
|
-# restart cobblerd and run "cobbler sync" after making changes
|
|
|
-# This config file is in YAML 1.0 format
|
|
|
-# see http://yaml.org
|
|
|
-# ==========================================================
|
|
|
-# if 1, cobbler will allow insertions of system records that duplicate
|
|
|
-# the --dns-name information of other system records. In general,
|
|
|
-# this is undesirable and should be left 0.
|
|
|
-allow_duplicate_hostnames: 0
|
|
|
-
|
|
|
-# if 1, cobbler will allow insertions of system records that duplicate
|
|
|
-# the ip address information of other system records. In general,
|
|
|
-# this is undesirable and should be left 0.
|
|
|
-allow_duplicate_ips: 0
|
|
|
-
|
|
|
-# if 1, cobbler will allow insertions of system records that duplicate
|
|
|
-# the mac address information of other system records. In general,
|
|
|
-# this is undesirable.
|
|
|
-allow_duplicate_macs: 0
|
|
|
-
|
|
|
-# if 1, cobbler will allow settings to be changed dynamically without
|
|
|
-# a restart of the cobblerd daemon. You can only change this variable
|
|
|
-# by manually editing the settings file, and you MUST restart cobblerd
|
|
|
-# after changing it.
|
|
|
-allow_dynamic_settings: 0
|
|
|
-
|
|
|
-# by default, installs are *not* set to send installation logs to the cobbler
|
|
|
-# # # server. With 'anamon_enabled', kickstart templates may use the pre_anamon
|
|
|
-# # # snippet to allow remote live monitoring of their installations from the
|
|
|
-# # # cobbler server. Installation logs will be stored under
|
|
|
-# # # /var/log/cobbler/anamon/. NOTE: This does allow an xmlrpc call to send logs
|
|
|
-# # # to this directory, without authentication, so enable only if you are
|
|
|
-# # # ok with this limitation.
|
|
|
-anamon_enabled: 0
|
|
|
-
|
|
|
-# If using authn_pam in the modules.conf, this can be configured
|
|
|
-# to change the PAM service authentication will be tested against.
|
|
|
+# Cobbler settings file
|
|
|
+
|
|
|
+# Restart cobblerd and run "cobbler sync" after making changes.
|
|
|
+# This config file is in YAML 1.2 format; see "http://yaml.org".
|
|
|
+
|
|
|
+# If "true", Cobbler will allow insertions of system records that duplicate the "--dns-name" information of other system
|
|
|
+# records. In general, this is undesirable and should be left "false".
|
|
|
+allow_duplicate_hostnames: false
|
|
|
+
|
|
|
+# If "true", Cobbler will allow insertions of system records that duplicate the ip address information of other system
|
|
|
+# records. In general, this is undesirable and should be left "false".
|
|
|
+allow_duplicate_ips: false
|
|
|
+
|
|
|
+# If "true", Cobbler will allow insertions of system records that duplicate the MAC address information of other system
|
|
|
+# records. In general, this is undesirable.
|
|
|
+allow_duplicate_macs: false
|
|
|
+
|
|
|
+# If "true", Cobbler will allow settings to be changed dynamically without a restart of the cobblerd daemon. You can
|
|
|
+# only change this variable by manually editing the settings file, and you MUST restart cobblerd after changing it.
|
|
|
+allow_dynamic_settings: false
|
|
|
+
|
|
|
+# By default, installs are *not* set to send installation logs to the Cobbler server. With "anamon_enabled", automatic
|
|
|
+# installation templates may use the "pre_anamon" snippet to allow remote live monitoring of their installations from
|
|
|
+# the Cobbler server. Installation logs will be stored under "/var/log/cobbler/anamon/".
|
|
|
+# NOTE: This does allow an xmlrpc call to send logs to this directory, without authentication, so enable only if you are
|
|
|
+# ok with this limitation.
|
|
|
+anamon_enabled: false
|
|
|
+
|
|
|
+# If using "authn_pam" in the "modules.conf", this can be configured to change the PAM service authentication will be
|
|
|
+# tested against.
|
|
|
# The default value is "login".
|
|
|
authn_pam_service: "login"
|
|
|
|
|
|
-# How long the authentication token is valid for, in seconds
|
|
|
+# How long the authentication token is valid for, in seconds.
|
|
|
auth_token_expiration: 3600
|
|
|
|
|
|
-# Email out a report when cobbler finishes installing a system.
|
|
|
-# enabled: set to 1 to turn this feature on
|
|
|
+# This is a directory of files that Cobbler uses to make templating easier. See the Wiki for more information. Changing
|
|
|
+# this directory should not be required.
|
|
|
+autoinstall_snippets_dir: /var/lib/cobbler/snippets
|
|
|
+autoinstall_templates_dir: /var/lib/cobbler/templates
|
|
|
+
|
|
|
+# location of templates used for boot loader config generation
|
|
|
+boot_loader_conf_template_dir: "/etc/cobbler/boot_loader_conf"
|
|
|
+
|
|
|
+# Email out a report when Cobbler finishes installing a system.
|
|
|
+# enabled: set to true to turn this feature on
|
|
|
# sender: optional
|
|
|
# email: which addresses to email
|
|
|
# smtp_server: used to specify another server for an MTA
|
|
|
# subject: use the default subject unless overridden
|
|
|
-build_reporting_enabled: 0
|
|
|
+build_reporting_enabled: false
|
|
|
build_reporting_sender: ""
|
|
|
build_reporting_email: [ 'root@localhost' ]
|
|
|
build_reporting_smtp_server: "localhost"
|
|
|
build_reporting_subject: ""
|
|
|
-build_reporting_ignorelist: [ "" ]
|
|
|
-
|
|
|
-# Cheetah-language kickstart templates can import Python modules.
|
|
|
-# while this is a useful feature, it is not safe to allow them to
|
|
|
-# import anything they want. This whitelists which modules can be
|
|
|
-# imported through Cheetah. Users can expand this as needed but
|
|
|
-# should never allow modules such as subprocess or those that
|
|
|
-# allow access to the filesystem as Cheetah templates are evaluated
|
|
|
-# by cobblerd as code.
|
|
|
+build_reporting_ignorelist: []
|
|
|
+
|
|
|
+# If cache_enabled is true, a cache will keep converted records in memory to make checking them faster. This helps with
|
|
|
+# use cases like writing out large numbers of records. There is a known issue with cache and remote XMLRPC API calls.
|
|
|
+# If you will use Cobbler with config management or infrastructure-as-code tools such as Terraform, it is recommended
|
|
|
+# to disable by setting to false.
|
|
|
+cache_enabled: true
|
|
|
+
|
|
|
+# Cheetah-language autoinstall templates can import Python modules. While this is a useful feature, it is not safe to
|
|
|
+# allow them to import anything they want. This whitelists which modules can be imported through Cheetah. Users can
|
|
|
+# expand this as needed but should never allow modules such as subprocess or those that allow access to the filesystem
|
|
|
+# as Cheetah templates are evaluated by cobblerd as code.
|
|
|
cheetah_import_whitelist:
|
|
|
- "random"
|
|
|
- "re"
|
|
|
- "time"
|
|
|
+ - "netaddr"
|
|
|
|
|
|
-# Default createrepo_flags to use for new repositories. If you have
|
|
|
-# createrepo >= 0.4.10, consider "-c cache --update -C", which can
|
|
|
-# dramatically improve your "cobbler reposync" time. "-s sha"
|
|
|
-# enables working with Fedora repos from F11/F12 from EL-4 or
|
|
|
-# EL-5 without python-hashlib installed (which is not available
|
|
|
-# on EL-4)
|
|
|
+# Default "createrepo_flags" to use for new repositories. If you have createrepo >= 0.4.10, consider
|
|
|
+# "-c cache --update -C", which can dramatically improve your "cobbler reposync" time. "-s sha" enables working with
|
|
|
+# Fedora repos from F11/F12 from EL-4 or EL-5 without python-hashlib installed (which is not available on EL-4)
|
|
|
createrepo_flags: "-c cache -s sha"
|
|
|
|
|
|
-# if no kickstart is specified to profile add, use this template
|
|
|
-default_kickstart: /var/lib/cobbler/kickstarts/default.ks
|
|
|
+# if no autoinstall template is specified to profile add, use this template
|
|
|
+default_autoinstall: /var/lib/cobbler/autoinstall_templates/default.ks
|
|
|
|
|
|
# configure all installed systems to use these nameservers by default
|
|
|
# unless defined differently in the profile. For DHCP configurations
|
|
|
# you probably do /not/ want to supply this.
|
|
|
default_name_servers: []
|
|
|
+default_name_servers_search: []
|
|
|
|
|
|
# if using the authz_ownership module (see the Wiki), objects
|
|
|
# created without specifying an owner are assigned to this
|
|
|
@@ -89,21 +91,21 @@ default_name_servers: []
|
|
|
default_ownership:
|
|
|
- "admin"
|
|
|
|
|
|
-# cobbler has various sample kickstart templates stored
|
|
|
-# in /var/lib/cobbler/kickstarts/. This controls
|
|
|
+# Cobbler has various sample automatic installation templates stored
|
|
|
+# in /var/lib/cobbler/autoinstall_templates/. This controls
|
|
|
# what install (root) password is set up for those
|
|
|
# systems that reference this variable. The factory
|
|
|
-# default is "cobbler" and cobbler check will warn if
|
|
|
+# default is "cobbler" and Cobbler check will warn if
|
|
|
# this is not changed.
|
|
|
# The simplest way to change the password is to run
|
|
|
# openssl passwd -1
|
|
|
# and put the output between the "" below.
|
|
|
-default_password_crypted: "password"
|
|
|
+default_password_crypted: password
|
|
|
|
|
|
# the default template type to use in the absence of any
|
|
|
# other detected template. If you do not specify the template
|
|
|
# with '#template=<template_type>' on the first line of your
|
|
|
-# templates/snippets, cobbler will assume try to use the
|
|
|
+# templates/snippets, Cobbler will assume try to use the
|
|
|
# following template engine to parse the templates.
|
|
|
#
|
|
|
# Current valid values are: cheetah, jinja2
|
|
|
@@ -129,54 +131,30 @@ default_virt_ram: 512
|
|
|
# (NOTE: this does not change what virt_type is chosen by import)
|
|
|
default_virt_type: xenpv
|
|
|
|
|
|
-# enable gPXE booting? Enabling this option will cause cobbler
|
|
|
+# enable gPXE booting? Enabling this option will cause Cobbler
|
|
|
# to copy the undionly.kpxe file to the tftp root directory,
|
|
|
# and if a profile/system is configured to boot via gpxe it will
|
|
|
# chain load off pxelinux.0.
|
|
|
-# Default: 0
|
|
|
-enable_gpxe: 0
|
|
|
+# Default: false
|
|
|
+enable_gpxe: false
|
|
|
|
|
|
-# controls whether cobbler will add each new profile entry to the default
|
|
|
+# controls whether Cobbler will add each new profile entry to the default
|
|
|
# PXE boot menu. This can be over-ridden on a per-profile
|
|
|
-# basis when adding/editing profiles with --enable-menu=0/1. Users
|
|
|
+# basis when adding/editing profiles with --enable-menu=false/true. Users
|
|
|
# should ordinarily leave this setting enabled unless they are concerned
|
|
|
# with accidental reinstalls from users who select an entry at the PXE
|
|
|
# boot menu. Adding a password to the boot menus templates
|
|
|
# may also be a good solution to prevent unwanted reinstallations
|
|
|
-enable_menu: 1
|
|
|
-
|
|
|
-# enable Func-integration? This makes sure each installed machine is set up
|
|
|
-# to use func out of the box, which is a powerful way to script and control
|
|
|
-# remote machines.
|
|
|
-# Func lives at http://fedorahosted.org/func
|
|
|
-# read more at https://github.com/cobbler/cobbler/wiki/Func-integration
|
|
|
-# you will need to mirror Fedora/EPEL packages for this feature, so see
|
|
|
-# https://github.com/cobbler/cobbler/wiki/Manage-yum-repos if you want cobbler
|
|
|
-# to help you with this
|
|
|
-func_auto_setup: 0
|
|
|
-func_master: overlord.example.org
|
|
|
+enable_menu: true
|
|
|
|
|
|
# change this port if Apache is not running plaintext on port
|
|
|
# 80. Most people can leave this alone.
|
|
|
http_port: 80
|
|
|
|
|
|
-# kernel options that should be present in every cobbler installation.
|
|
|
+# kernel options that should be present in every Cobbler installation.
|
|
|
# kernel options can also be applied at the distro/profile/system
|
|
|
# level.
|
|
|
-kernel_options:
|
|
|
- ksdevice: link
|
|
|
- lang: 'en_US '
|
|
|
- text: ~
|
|
|
-
|
|
|
-# s390 systems require additional kernel options in addition to the
|
|
|
-# above defaults
|
|
|
-kernel_options_s390x:
|
|
|
- RUNKS: 1
|
|
|
- ramdisk_size: 40000
|
|
|
- root: /dev/ram0
|
|
|
- ro: ~
|
|
|
- ip: off
|
|
|
- vnc: ~
|
|
|
+kernel_options: {}
|
|
|
|
|
|
# configuration options if using the authn_ldap module. See the
|
|
|
# the Wiki for details. This can be ignored if you are not using
|
|
|
@@ -184,8 +162,8 @@ kernel_options_s390x:
|
|
|
ldap_server: "ldap.example.com"
|
|
|
ldap_base_dn: "DC=example,DC=com"
|
|
|
ldap_port: 389
|
|
|
-ldap_tls: 1
|
|
|
-ldap_anonymous_bind: 1
|
|
|
+ldap_tls: true
|
|
|
+ldap_anonymous_bind: true
|
|
|
ldap_search_bind_dn: ''
|
|
|
ldap_search_passwd: ''
|
|
|
ldap_search_prefix: 'uid='
|
|
|
@@ -193,26 +171,26 @@ ldap_tls_cacertfile: ''
|
|
|
ldap_tls_keyfile: ''
|
|
|
ldap_tls_certfile: ''
|
|
|
|
|
|
-# cobbler has a feature that allows for integration with config management
|
|
|
+# Cobbler has a feature that allows for integration with config management
|
|
|
# systems such as Puppet. The following parameters work in conjunction with
|
|
|
-# --mgmt-classes and are described in furhter detail at:
|
|
|
+# --mgmt-classes and are described in further detail at:
|
|
|
# https://github.com/cobbler/cobbler/wiki/Using-cobbler-with-a-configuration-management-system
|
|
|
mgmt_classes: []
|
|
|
mgmt_parameters:
|
|
|
- from_cobbler: 1
|
|
|
+ from_cobbler: true
|
|
|
|
|
|
# if enabled, this setting ensures that puppet is installed during
|
|
|
# machine provision, a client certificate is generated and a
|
|
|
# certificate signing request is made with the puppet master server
|
|
|
-puppet_auto_setup: 0
|
|
|
+puppet_auto_setup: false
|
|
|
|
|
|
# when puppet starts on a system after installation it needs to have
|
|
|
# its certificate signed by the puppet master server. Enabling the
|
|
|
# following feature will ensure that the puppet server signs the
|
|
|
# certificate after installation if the puppet master server is
|
|
|
-# running on the same machine as cobbler. This requires
|
|
|
+# running on the same machine as Cobbler. This requires
|
|
|
# puppet_auto_setup above to be enabled
|
|
|
-sign_puppet_certs_automatically: 0
|
|
|
+sign_puppet_certs_automatically: false
|
|
|
|
|
|
# location of the puppet executable, used for revoking certificates
|
|
|
puppetca_path: "/usr/bin/puppet"
|
|
|
@@ -222,28 +200,28 @@ puppetca_path: "/usr/bin/puppet"
|
|
|
# new certificate is signed (see above). Enabling the following
|
|
|
# feature will ensure that the certificate for the machine to be
|
|
|
# installed is removed from the puppet master server if the puppet
|
|
|
-# master server is running on the same machine as cobbler. This
|
|
|
+# master server is running on the same machine as Cobbler. This
|
|
|
# requires puppet_auto_setup above to be enabled
|
|
|
-remove_old_puppet_certs_automatically: 0
|
|
|
+remove_old_puppet_certs_automatically: false
|
|
|
|
|
|
-# choose a --server argument when running puppetd/puppet agent during kickstart
|
|
|
+# choose a --server argument when running puppetd/puppet agent during autoinstall
|
|
|
#puppet_server: 'puppet'
|
|
|
|
|
|
-# let cobbler know that you're using a newer version of puppet
|
|
|
+# let Cobbler know that you're using a newer version of puppet
|
|
|
# choose version 3 to use: 'puppet agent'; version 2 uses status quo: 'puppetd'
|
|
|
#puppet_version: 2
|
|
|
|
|
|
# choose whether to enable puppet parameterized classes or not.
|
|
|
# puppet versions prior to 2.6.5 do not support parameters
|
|
|
-#puppet_parameterized_classes: 1
|
|
|
+puppet_parameterized_classes: true
|
|
|
|
|
|
-# set to 1 to enable Cobbler's DHCP management features.
|
|
|
+# set to true to enable Cobbler's DHCP management features.
|
|
|
# the choice of DHCP management engine is in /etc/cobbler/modules.conf
|
|
|
-manage_dhcp: 1
|
|
|
+manage_dhcp: true
|
|
|
|
|
|
-# set to 1 to enable Cobbler's DNS management features.
|
|
|
+# set to true to enable Cobbler's DNS management features.
|
|
|
# the choice of DNS mangement engine is in /etc/cobbler/modules.conf
|
|
|
-manage_dns: 0
|
|
|
+manage_dns: false
|
|
|
|
|
|
# set to path of bind chroot to create bind-chroot compatible bind
|
|
|
# configuration files. This should be automatically detected.
|
|
|
@@ -253,104 +231,87 @@ bind_chroot_path: ""
|
|
|
# bind configuration files
|
|
|
bind_master: 127.0.0.1
|
|
|
|
|
|
-# manage_genders - Bool to enable/disable managing an /etc/genders file for use with pdsh and others.
|
|
|
-manage_genders: 0
|
|
|
-
|
|
|
-# bind_manage_ipmi - used to let bind manage IPMI addresses if the power management address is an IP and if manage_bind is set.
|
|
|
-bind_manage_ipmi: 0
|
|
|
-
|
|
|
-# set to 1 to enable Cobbler's TFTP management features.
|
|
|
+# set to true to enable Cobbler's TFTP management features.
|
|
|
# the choice of TFTP mangement engine is in /etc/cobbler/modules.conf
|
|
|
-manage_tftpd: 1
|
|
|
+manage_tftpd: true
|
|
|
|
|
|
-# set to 1 to enable Cobbler's RSYNC management features.
|
|
|
-manage_rsync: 0
|
|
|
+# This variable contains the location of the tftpboot directory. If this directory is not present Cobbler does not
|
|
|
+# start.
|
|
|
+# Default: /var/lib/tftpboot
|
|
|
+tftpboot_location: "/var/lib/tftpboot"
|
|
|
+
|
|
|
+# set to true to enable Cobbler's RSYNC management features.
|
|
|
+manage_rsync: true
|
|
|
|
|
|
# if using BIND (named) for DNS management in /etc/cobbler/modules.conf
|
|
|
# and manage_dns is enabled (above), this lists which zones are managed
|
|
|
# See the Wiki (https://github.com/cobbler/cobbler/wiki/Dns-management) for more info
|
|
|
manage_forward_zones: []
|
|
|
-manage_reverse_zones: ['172.17']
|
|
|
+manage_reverse_zones: []
|
|
|
|
|
|
-# if using cobbler with manage_dhcp, put the IP address
|
|
|
-# of the cobbler server here so that PXE booting guests can find it
|
|
|
+# if using Cobbler with manage_dhcp, put the IP address
|
|
|
+# of the Cobbler server here so that PXE booting guests can find it
|
|
|
# if you do not set this correctly, this will be manifested in TFTP open timeouts.
|
|
|
-next_server: ip
|
|
|
+next_server: 127.0.0.1
|
|
|
|
|
|
# settings for power management features. optional.
|
|
|
# see https://github.com/cobbler/cobbler/wiki/Power-management to learn more
|
|
|
# choices (refer to codes.py):
|
|
|
# apc_snmp bladecenter bullpap drac ether_wake ilo integrity
|
|
|
-# ipmilan ipmitool lpar rsa virsh wti
|
|
|
-power_management_default_type: 'ipmitool'
|
|
|
-
|
|
|
-# the commands used by the power management module are sourced
|
|
|
-# from what directory?
|
|
|
-power_template_dir: "/etc/cobbler/power"
|
|
|
+# ipmilan lpar rsa virsh wti
|
|
|
+power_management_default_type: 'ipmilan'
|
|
|
|
|
|
-# if this setting is set to 1, cobbler systems that pxe boot
|
|
|
+# if this setting is set to true, Cobbler systems that pxe boot
|
|
|
# will request at the end of their installation to toggle the
|
|
|
-# --netboot-enabled record in the cobbler system record. This eliminates
|
|
|
+# --netboot-enabled record in the Cobbler system record. This eliminates
|
|
|
# the potential for a PXE boot loop if the system is set to PXE
|
|
|
# first in it's BIOS order. Enable this if PXE is first in your BIOS
|
|
|
# boot order, otherwise leave this disabled. See the manpage
|
|
|
# for --netboot-enabled.
|
|
|
-pxe_just_once: 1
|
|
|
-
|
|
|
-# the templates used for PXE config generation are sourced
|
|
|
-# from what directory?
|
|
|
-pxe_template_dir: "/etc/cobbler/pxe"
|
|
|
-
|
|
|
-# Path to where system consoles are
|
|
|
-consoles: "/var/consoles"
|
|
|
-
|
|
|
-# Are you using a Red Hat management platform in addition to Cobbler?
|
|
|
-# Cobbler can help you register to it. Choose one of the following:
|
|
|
-# "off" : I'm not using Red Hat Network, Satellite, or Spacewalk
|
|
|
-# "hosted" : I'm using Red Hat Network
|
|
|
-# "site" : I'm using Red Hat Satellite Server or Spacewalk
|
|
|
-# You will also want to read: https://github.com/cobbler/cobbler/wiki/Tips-for-RHN
|
|
|
-redhat_management_type: "off"
|
|
|
-
|
|
|
-# if redhat_management_type is enabled, choose your server
|
|
|
-# "management.example.org" : For Satellite or Spacewalk
|
|
|
-# "xmlrpc.rhn.redhat.com" : For Red Hat Network
|
|
|
-# This setting is also used by the code that supports using Spacewalk/Satellite users/passwords
|
|
|
-# within Cobbler Web and Cobbler XMLRPC. Using RHN Hosted for this is not supported.
|
|
|
-# This feature can be used even if redhat_management_type is off, you just have
|
|
|
-# to have authn_spacewalk selected in modules.conf
|
|
|
-redhat_management_server: "xmlrpc.rhn.redhat.com"
|
|
|
+pxe_just_once: true
|
|
|
|
|
|
-# specify the default Red Hat authorization key to use to register
|
|
|
-# system. If left blank, no registration will be attempted. Similarly
|
|
|
-# you can set the --redhat-management-key to blank on any system to
|
|
|
-# keep it from trying to register.
|
|
|
-redhat_management_key: ""
|
|
|
+# if this setting is set to one, triggers will be executed when systems
|
|
|
+# will request to toggle the --netboot-enabled record at the end of their installation.
|
|
|
+nopxe_with_triggers: true
|
|
|
|
|
|
-# if using authn_spacewalk in modules.conf to let cobbler authenticate
|
|
|
+# This setting is only used by the code that supports using Spacewalk/Satellite
|
|
|
+# authentication within Cobbler Web and Cobbler XMLRPC.
|
|
|
+redhat_management_server: "xmlrpc.rhn.redhat.com"
|
|
|
+
|
|
|
+# if using authn_spacewalk in modules.conf to let Cobbler authenticate
|
|
|
# against Satellite/Spacewalk's auth system, by default it will not allow per user
|
|
|
# access into Cobbler Web and Cobbler XMLRPC.
|
|
|
# in order to permit this, the following setting must be enabled HOWEVER
|
|
|
# doing so will permit all Spacewalk/Satellite users of certain types to edit all
|
|
|
-# of cobbler's configuration.
|
|
|
+# of Cobbler's configuration.
|
|
|
# these roles are: config_admin and org_admin
|
|
|
# users should turn this on only if they want this behavior and
|
|
|
# do not have a cross-multi-org seperation concern. If you have
|
|
|
# a single org in your satellite, it's probably safe to turn this
|
|
|
# on and then you can use CobblerWeb alongside a Satellite install.
|
|
|
-redhat_management_permissive: 0
|
|
|
+redhat_management_permissive: false
|
|
|
+
|
|
|
+# specify the default Red Hat authorization key to use to register
|
|
|
+# system. If left blank, no registration will be attempted. Similarly
|
|
|
+# you can set the --redhat-management-key to blank on any system to
|
|
|
+# keep it from trying to register.
|
|
|
+redhat_management_key: ""
|
|
|
|
|
|
-# if set to 1, allows /usr/bin/cobbler-register (part of the koan package)
|
|
|
-# to be used to remotely add new cobbler system records to cobbler.
|
|
|
+# if set to true, allows /usr/bin/cobbler-register (part of the koan package)
|
|
|
+# to be used to remotely add new Cobbler system records to Cobbler.
|
|
|
# this effectively allows for registration of new hardware from system
|
|
|
# records.
|
|
|
-register_new_installs: 0
|
|
|
+register_new_installs: false
|
|
|
|
|
|
# Flags to use for yum's reposync. If your version of yum reposync
|
|
|
# does not support -l, you may need to remove that option.
|
|
|
reposync_flags: "-l -n -d"
|
|
|
|
|
|
-# when DHCP and DNS management are enabled, cobbler sync can automatically
|
|
|
+# Flags to use for rysync's reposync. If flag 'a' is used then createrepo
|
|
|
+# is not ran after the rsync
|
|
|
+reposync_rsync_flags: "-rltDv --copy-unsafe-links"
|
|
|
+
|
|
|
+# when DHCP and DNS management are enabled, Cobbler sync can automatically
|
|
|
# restart those services to apply changes. The exception for this is
|
|
|
# if using ISC for DHCP, then omapi eliminates the need for a restart.
|
|
|
# omapi, however, is experimental and not recommended for most configurations.
|
|
|
@@ -361,86 +322,92 @@ reposync_flags: "-l -n -d"
|
|
|
# Note that if manage_dhcp and manage_dns are disabled, the respective
|
|
|
# parameter will have no effect. Most users should not need to change
|
|
|
# this.
|
|
|
-restart_dns: 1
|
|
|
-restart_dhcp: 1
|
|
|
+restart_dns: true
|
|
|
+restart_dhcp: true
|
|
|
|
|
|
# install triggers are scripts in /var/lib/cobbler/triggers/install
|
|
|
-# that are triggered in kickstart pre and post sections. Any
|
|
|
+# that are triggered in autoinstall pre and post sections. Any
|
|
|
# executable script in those directories is run. They can be used
|
|
|
# to send email or perform other actions. They are currently
|
|
|
# run as root so if you do not need this functionality you can
|
|
|
# disable it, though this will also disable "cobbler status" which
|
|
|
# uses a logging trigger to audit install progress.
|
|
|
-run_install_triggers: 1
|
|
|
+run_install_triggers: true
|
|
|
|
|
|
# enables a trigger which version controls all changes to /var/lib/cobbler
|
|
|
# when add, edit, or sync events are performed. This can be used
|
|
|
# to revert to previous database versions, generate RSS feeds, or for
|
|
|
# other auditing or backup purposes. "git" and "hg" are currently suported,
|
|
|
# but git is the recommend SCM for use with this feature.
|
|
|
-scm_track_enabled: 0
|
|
|
+scm_track_enabled: false
|
|
|
scm_track_mode: "git"
|
|
|
+scm_track_author: "cobbler <cobbler@localhost>"
|
|
|
+scm_push_script: "/bin/true"
|
|
|
|
|
|
-# this is the address of the cobbler server -- as it is used
|
|
|
+# this is the address of the Cobbler server -- as it is used
|
|
|
# by systems during the install process, it must be the address
|
|
|
# or hostname of the system as those systems can see the server.
|
|
|
# if you have a server that appears differently to different subnets
|
|
|
# (dual homed, etc), you need to read the --server-override section
|
|
|
# of the manpage for how that works.
|
|
|
-server: ip
|
|
|
+server: 127.0.0.1
|
|
|
|
|
|
-# If set to 1, all commands will be forced to use the localhost address
|
|
|
+# If set to true, all commands will be forced to use the localhost address
|
|
|
# instead of using the above value which can force commands like
|
|
|
# cobbler sync to open a connection to a remote address if one is in the
|
|
|
# configuration and would traceback.
|
|
|
-client_use_localhost: 0
|
|
|
-
|
|
|
-# If set to 1, all commands to the API (not directly to the XMLRPC
|
|
|
-# server) will go over HTTPS instead of plaintext. Be sure to change
|
|
|
-# the http_port setting to the correct value for the web server
|
|
|
-client_use_https: 0
|
|
|
-
|
|
|
-# this is a directory of files that cobbler uses to make
|
|
|
-# templating easier. See the Wiki for more information. Changing
|
|
|
-# this directory should not be required.
|
|
|
-snippetsdir: /var/lib/cobbler/snippets
|
|
|
-
|
|
|
-# Normally if a kickstart is specified at a remote location, this
|
|
|
-# URL will be passed directly to the kickstarting system, thus bypassing
|
|
|
-# the usual snippet templating Cobbler does for local kickstart files. If
|
|
|
-# this option is enabled, Cobbler will fetch the file contents internally
|
|
|
-# and serve a templated version of the file to the client.
|
|
|
-template_remote_kickstarts: 0
|
|
|
-
|
|
|
-# should new profiles for virtual machines default to auto booting with the physical host when the physical host reboots?
|
|
|
-# this can be overridden on each profile or system object.
|
|
|
-virt_auto_boot: 1
|
|
|
-
|
|
|
-# cobbler's web directory. Don't change this setting -- see the
|
|
|
-# Wiki on "relocating your cobbler install" if your /var partition
|
|
|
-# is not large enough.
|
|
|
-webdir: /var/www/cobbler
|
|
|
-
|
|
|
-# cobbler's public XMLRPC listens on this port. Change this only
|
|
|
+client_use_localhost: false
|
|
|
+
|
|
|
+# If set to "true", all commands to the API (not directly to the XMLRPC server) will go over HTTPS instead of plaintext.
|
|
|
+# Be sure to change the "http_port" setting to the correct value for the web server.
|
|
|
+client_use_https: false
|
|
|
+
|
|
|
+# Should new profiles for virtual machines default to auto booting with the physical host when the physical host
|
|
|
+# reboots? This can be overridden on each profile or system object.
|
|
|
+virt_auto_boot: true
|
|
|
+
|
|
|
+# Cobbler's web directory. Don't change this setting -- see the Wiki on "Relocating your Cobbler install" if your "/var"
|
|
|
+# partition is not large enough.
|
|
|
+webdir: "/var/www/cobbler"
|
|
|
+
|
|
|
+# Directories that will not get wiped and recreated on a "cobbler sync".
|
|
|
+webdir_whitelist:
|
|
|
+ - misc
|
|
|
+ - web
|
|
|
+ - webui
|
|
|
+ - localmirror
|
|
|
+ - repo_mirror
|
|
|
+ - distro_mirror
|
|
|
+ - images
|
|
|
+ - links
|
|
|
+ - pub
|
|
|
+ - repo_profile
|
|
|
+ - repo_system
|
|
|
+ - svc
|
|
|
+ - rendered
|
|
|
+ - .link_cache
|
|
|
+
|
|
|
+# Cobbler's public XMLRPC listens on this port. Change this only
|
|
|
# if absolutely needed, as you'll have to start supplying a new
|
|
|
# port option to koan if it is not the default.
|
|
|
xmlrpc_port: 25151
|
|
|
|
|
|
-# "cobbler repo add" commands set cobbler up with repository
|
|
|
-# information that can be used during kickstart and is automatically
|
|
|
-# set up in the cobbler kickstart templates. By default, these
|
|
|
+# "cobbler repo add" commands set Cobbler up with repository
|
|
|
+# information that can be used during autoinstall and is automatically
|
|
|
+# set up in the Cobbler autoinstall templates. By default, these
|
|
|
# are only available at install time. To make these repositories
|
|
|
-# usable on installed systems (since cobbler makes a very convient)
|
|
|
-# mirror, set this to 1. Most users can safely set this to 1. Users
|
|
|
-# who have a dual homed cobbler server, or are installing laptops that
|
|
|
-# will not always have access to the cobbler server may wish to leave
|
|
|
-# this as 0. In that case, the cobbler mirrored yum repos are still
|
|
|
+# usable on installed systems (since Cobbler makes a very convenient
|
|
|
+# mirror) set this to true. Most users can safely set this to true. Users
|
|
|
+# who have a dual homed Cobbler server, or are installing laptops that
|
|
|
+# will not always have access to the Cobbler server may wish to leave
|
|
|
+# this as false. In that case, the Cobbler mirrored yum repos are still
|
|
|
# accessable at http://cobbler.example.org/cblr/repo_mirror and yum
|
|
|
# configuration can still be done manually. This is just a shortcut.
|
|
|
-yum_post_install_mirror: 1
|
|
|
+yum_post_install_mirror: true
|
|
|
|
|
|
-# the default yum priority for all the distros. This is only used
|
|
|
-# if yum-priorities plugin is used. 1=maximum. Tweak with caution.
|
|
|
+# the default yum priority for all the distros. This is only used if yum-priorities plugin is used.
|
|
|
+# 1=maximum
|
|
|
+# Tweak with caution!
|
|
|
yum_distro_priority: 1
|
|
|
|
|
|
# Flags to use for yumdownloader. Not all versions may support
|
|
|
@@ -448,22 +415,52 @@ yum_distro_priority: 1
|
|
|
yumdownloader_flags: "--resolve"
|
|
|
|
|
|
# sort and indent JSON output to make it more human-readable
|
|
|
-serializer_pretty_json: 0
|
|
|
+serializer_pretty_json: false
|
|
|
|
|
|
-# replication rsync options for distros, kickstarts, snippets set to override default value of "-avzH"
|
|
|
+# replication rsync options for distros, autoinstalls, snippets set to override default value of "-avzH"
|
|
|
replicate_rsync_options: "-avzH"
|
|
|
|
|
|
# replication rsync options for repos set to override default value of "-avzH"
|
|
|
replicate_repo_rsync_options: "-avzH"
|
|
|
|
|
|
# always write DHCP entries, regardless if netboot is enabled
|
|
|
-always_write_dhcp_entries: 0
|
|
|
+always_write_dhcp_entries: false
|
|
|
|
|
|
-# external proxy - used by: get-loaders, reposync, signature update
|
|
|
-# eg: proxy_url_ext: "http://192.168.1.1:8080"
|
|
|
+# External proxy - used by: "get-loaders", "reposync", "signature update"
|
|
|
+# Eg: "http://192.168.1.1:8080" (HTTP), "https://192.168.1.1:8443" (HTTPS)
|
|
|
proxy_url_ext: ""
|
|
|
|
|
|
-# internal proxy - used by systems to reach cobbler for kickstarts
|
|
|
-# eg: proxy_url_int: "http://10.0.0.1:8080"
|
|
|
+# Internal proxy - used by systems to reach Cobbler for templates
|
|
|
+# Eg: proxy_url_int: "http://10.0.0.1:8080"
|
|
|
proxy_url_int: ""
|
|
|
|
|
|
+# This is a directory of files that Cobbler uses to include
|
|
|
+# files into Jinja2 templates
|
|
|
+jinja2_includedir: "/var/lib/cobbler/jinja2"
|
|
|
+
|
|
|
+# Up to now, cobblerd used $server's IP address instead of the DNS name in autoinstallation
|
|
|
+# file settings (pxelinux.cfg files) to save bytes, which seemed required for S/390 systems.
|
|
|
+# This behavior can have negative impact on installs with multi-homed Cobbler servers, because
|
|
|
+# not all of the IP addresses may be reachable during system install.
|
|
|
+# This behavior was now made conditional, with default being "off".
|
|
|
+convert_server_to_ip: false
|
|
|
+
|
|
|
+# Leftover settings
|
|
|
+bootloaders_dir: "/var/lib/cobbler/loaders"
|
|
|
+buildisodir: "/var/cache/cobbler/buildiso"
|
|
|
+cobbler_master: ""
|
|
|
+default_virt_disk_driver: "raw"
|
|
|
+grubconfig_dir: "/var/lib/cobbler/grub_config"
|
|
|
+iso_template_dir: "/etc/cobbler/iso"
|
|
|
+
|
|
|
+# Puppet
|
|
|
+puppet_server: ""
|
|
|
+puppet_version: 2
|
|
|
+
|
|
|
+# Signatures
|
|
|
+signature_path: "/var/lib/cobbler/distro_signatures.json"
|
|
|
+signature_url: "https://cobbler.github.io/signatures/3.0.x/latest.json"
|
|
|
+
|
|
|
+# Include other configuration snippets. Overwriting a key from this file in a childfile will overwrite the value from
|
|
|
+# this file.
|
|
|
+include: [ "/etc/cobbler/settings.d/*.settings" ]
|
shubhangi_srivastava