Posts

Here is a Puppet module that is a bit of a meta-module. Its only purpose is to create other resources by computing the permutations of parameters and generating new resources. The reason this is useful, is that it allows you to create lots of similar resources that might have some common and some unique parameters. Consider the following PXE example: permute { "Debian Installers": resource => 'pxe::installer', unique => { arch => ["amd64","i386"], ver => ["squeeze","wheezy"], os => "debian" }, common => { file => "os_<%= os %>", kernel => "images/<%= os %>/<%= ver %>/<%= arch %>/linux", append => "initrd=images/<%= os %>/<%= ver %>/<%= arch %>/initrd.gz text", }, } For every key in the unique parameter hash, a resource will be created for every combination of things. The keys in the common parameter hash will get passed through ERB before the resource is created. This allows you to do interesting things like the above that allow you to determine the values of the parameters before the resource is generated. ...

Its time to update TLS ciphers. ssl::ciphers: 'ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384'

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA256 I’ve created a new GnuPG key that, over the next few months, I will be transitioning to use as my primary key for daily use. My old key has not been compromised and will continue to be valid for while during the transition. I’ve begun signing mail with the new key and would prefer that all future correspondence use the new key. The new key is signed by the old key, and would appreciated new signatures against the new key. The details are as follows. ...