confdir is the main directory for the Puppet configuration. It contains config
files and the SSL data.
*nix root users:
is running as
a Windows user with administrator
privileges, or the
puppet user, it uses a system-wide confdir. When running as a non-root
user, it uses a confdir in that user's home directory.
When running Puppet commands and
usually you want to use the system codedir. To use the same codedir as the Puppet agent or Puppet master, run admin commands, such
config.rufile must explicitly set
--confdirto the system confdir. The example
config.rufile provided with the Puppet source does this.
Puppet’s confdir can’t be set in the
puppet.conf, because Puppet needs the confdir to locate that
config file. Instead, run commands with the
--confdir parameter to specify the confdir.
--confdir isn’t specified when a Puppet application is started,
the command will use the default confdir location.
Puppet Server uses the
jruby-puppet.master-conf-dir setting in
to configure its confdir. If you are using a non-default confdir, you must
--confdir when you run commands like
puppet cert to ensure they use the same directories
as Puppet Server.
The value of the confdir is discovered before
other settings, so you can reference it, using the
$confdir variable, in the value of
any other setting in
If you need to set nonstandard
values for some settings, using the
$confdir variable allows you to avoid absolute paths and
keep your Puppet-related files
The confdir contains several config files and the SSL data. You can change their locations, but unless you have a technical reason that prevents it, use the default structure. Click the links to see documentation for the files and directories in the codedir.
auth.conf: Access control rules for the master’s network services.
fileserver.conf: Configuration for additional fileserver mount points.
hiera.yaml: The global configuration for Hiera data lookup. Environments and modules can also have their own
hiera.yamlfiles.Note: To provide backward compatibility for Puppet versions 4.0 to 4.4, if a
hiera.yamlfile exists in the global codedir, it takes precedence over the
hiera.yamlin the global confdir. For Puppet to honor the
hiera.yamlin the confdir, there must be no
hiera.yamlfile in the codedir.
routes.yaml: Advanced configuration of indirector behavior.
autosign.conf: List of pre-approved certificate requests.
device.conf: Configuration for network devices managed by the