gitea-pages/admin-guide/puppet/profiles/networking.rst

profile::networking

This module configures most network-related settings, in particular:

• DNS resolution (/etc/resolv.conf)
• DNS caching (via nscd(8))
• static host entries

Notable exceptions are the firewall and /etc/hosts.{allow,deny}.

It also provides information about networks to other modules through the variables listed below:

• profile::networking::zone

  The name of network zone. This is used by the ntp_client <../profiles/ntp_client> profile, for example, to determine which NTP servers to use.

• profile::networking::use_bastions

  This boolean indicates to the aaa <../profiles/aaa> profile whether SSH access should be restricted to connections coming from the bastion hosts. Override possible with aaa::use_bastions.

Notes:

• the above variables are not configured in hiera, but in the Puppet manifest
• the DNS cache is configured to be persistent, i.e. the cached data will survive restarts of nscd.service. To clear the cache, run nscd -i hosts or systemctl reload nscd.

Parameters

dns_servers

The list of DNS servers (IP addresses) to be configured. This is only effective if the client doesn't use DHCP (see enable_dhcp).

enable_dhcp

If this is true, then settings that are typically configured through DHCP (e.g. DNS servers) are not touched by this module.

enable_dns_caching

This boolean determines whether DNS caching with nscd is enabled (true) or not (false). It is only effective if the client doesn't use DHCP (see enable_dhcp).

static_host_entries

A hash representing static host entries. The keys are the IP addresses, the values are expected to be lists of aliases for the given IP address. Special IP addresses like 127.0.0.1 are not allowed.