Note: So far this procedure had been developed and tested only on CentOS 5.0, therefore it may be completely unsuitable for other operating systems including RHEL5.
One way to enable Puppet to install files of the servers it manages is to have it serve the files with its built-in server.
The file server works by defining “modules” which abstract the underlying file system structure similar manner to the way Samba shares do, configuring the file server is a simple manner of defining the proper modules in the file /etc/puppet/fileserver.conf and restarting the puppetmasterd.
A typical configuration of a dotfiles module looks as follows:
[dotfiles] path /var/lib/puppet/dotfiles allow 192.168.11.0/24 # needed to allow local puppetd allow 127.0.0.1
Where path (obviously) denotes where the shared files are, and allow determines who can access the files.
Access to the files is controlled by deny and allow directives which work in quite similar fashion to the way similar directives work in apache or in the /etc/hosts.allow and /etc/hosts.deny files.
One critical difference of puppet’s allow and deny directives is that deny takes precedence over allow.
In order to use a file share by the puppet file server you specify a puppet URL as a value of a source attribute of a file resource, for example, to pull the oracle_env.sh file form the module dotfiles on the server pmaster:
source => "puppet://pmaster/dotfiles/oracle_env.sh"
You can omit the server hostname to have puppet download automatically from the puppetmaster e.g:
source => "puppet:///dotfiles/oracle_env.sh"