Skip to content

How To Authenticate Hiera Editor

Jump to bottom
Alex Siryi edited this page Apr 26, 2019 · 4 revisions

Authenticate Hiera Editor

Hiera Editor needs to interact with Puppet Server in order to retrieve information about nodes and their facts.

To do so, you would need to edit file auth.conf on the Puppet Server:

nano /etc/puppetlabs/puppetserver/conf.d/auth.conf

Step 1

Scroll down (with arrow keys) until you see a section called puppetlabs node:

# Allow nodes to retrieve only their own node definition
match-request: {
    path: "^/puppet/v3/node/([^/]+)$"
    type: regex
    method: get
}
allow: $1
sort-order: 500
name: "puppetlabs node"

Replace the $1 with ["$1", {extensions: {pp_project: hiera_editor}}] in that section.

So the whole line would be:

allow: ["$1", {extensions: {pp_project: hiera_editor}}]

Step 2

Add a new block to the beginning of the rules section:

{
    match-request: {
        path: "/puppet-ca/v1/certificate_statuses/statuses"
        type: path
        method: get
    }
    allow: {extensions: {pp_project: hiera_editor}}
    sort-order: 400
    name: "puppetlabs certificate list"
},

Step 3

Reboot the Puppet Server:

/etc/init.d/puppetserver restart

You only need to do this once for all instances of Hiera Editor.

#f03c15 Password to complete workspace setup:

MASTER

Clone this wiki locally