Use SmartProxy SSL certs for Salt #3896
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
Needs tech review
|
The PR preview for e8bd040 is available at theforeman-foreman-documentation-preview-pr-3896.surge.sh The following output files are affected by this PR: |
ekohl
requested changes
May 26, 2025
Member
ekohl
left a comment
ekohl
left a comment
There was a problem hiding this comment.
I still don't quite know why the installer doesn't deploy this. It has all the required information.
pr-processor
bot
added
Waiting on contributor
You mean why the installer does not deploy the correct certificates to the foreman.yml file? AFAIK, the installer does not deploy any config files in Salt, just the example file where you need to change the information. I agree, deploying the whole thing on installation would be more convenient but for now, we want to at least document it correctly. |
maximiliankolb
force-pushed
the
salt_certs
branch
from
92ebd98 to
517bb8a
Compare
pr-processor
bot
added
Needs re-review
and removed
Waiting on contributor
Contributor
Author
|
Thanks Ewoud and Nadja, I have rebased to HEAD of "master" and applied your suggestions. I did not know that users should not use those files in |
Lennonka
added
style review done
Contributor
Author
Users have to manually configure the Salt service to use SSL certs of Foreman+Katello. $ ssh foreman-katello.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl" $ ssh smart-proxy.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl"
maximiliankolb
force-pushed
the
salt_certs
branch
from
517bb8a to
e8bd040
Compare
Contributor
Author
|
Thanks for clarifying: You always have to enter the URL for Foreman/Katello, regardless if your Salt Master runs on Foreman Server or a Smart Proxy Server. -> Fixed. |
ekohl
approved these changes
Jun 10, 2025
nadjaheitmann
approved these changes
Jun 10, 2025
maximiliankolb
added
tech review done
maximiliankolb
added a commit
that referenced
this pull request
Jun 10, 2025
You always have to enter the URL for Foreman/Katello, regardless if your Salt Master runs on Foreman Server or a Smart Proxy Server. Users have to manually configure the Salt service to use SSL certs of Foreman+Katello. $ ssh foreman-katello.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl" $ ssh smart-proxy.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl" (cherry picked from commit 5c09d35)
maximiliankolb
added a commit
that referenced
this pull request
Jun 10, 2025
You always have to enter the URL for Foreman/Katello, regardless if your Salt Master runs on Foreman Server or a Smart Proxy Server. Users have to manually configure the Salt service to use SSL certs of Foreman+Katello. $ ssh foreman-katello.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl" $ ssh smart-proxy.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl" (cherry picked from commit 5c09d35)
maximiliankolb
added a commit
that referenced
this pull request
Jun 10, 2025
You always have to enter the URL for Foreman/Katello, regardless if your Salt Master runs on Foreman Server or a Smart Proxy Server. Users have to manually configure the Salt service to use SSL certs of Foreman+Katello. $ ssh foreman-katello.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl" $ ssh smart-proxy.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl" (cherry picked from commit 5c09d35)
maximiliankolb
added a commit
that referenced
this pull request
Jun 10, 2025
You always have to enter the URL for Foreman/Katello, regardless if your Salt Master runs on Foreman Server or a Smart Proxy Server. Users have to manually configure the Salt service to use SSL certs of Foreman+Katello. $ ssh foreman-katello.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl" $ ssh smart-proxy.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl" (cherry picked from commit 5c09d35)
Contributor
Author
jherrman
added a commit
to jherrman/foreman-documentation
that referenced
this pull request
Jun 18, 2025
Squashed commit of the following: commit c8fb643 Author: Maximilian Kolb <[email protected]> Date: Mon Jun 16 15:20:34 2025 +0200 Make multiple CV environments fit for all builds (theforeman#3806) * Fix broken links * Make example activation key italic * Use ProjectWebUI attribute * Use attributes for example content * Use foreman-example-com macro in favor of hardcoded FQDN * Use sentence-case capitalization * Write Hammer CLI in favor of Hammer Refs PR 3609 on GitHub commit 0f7e6b6 Author: Maximilian Kolb <[email protected]> Date: Tue May 20 13:51:26 2025 +0200 Document default resource quota of registered hosts Refs PR 152 on GitHub for foreman_resource_quota commit d9929fd Author: Maximilian Kolb <[email protected]> Date: Thu Jun 12 19:48:29 2025 +0200 Hide foreman_resource_quota plugin for Satellite (theforeman#3934) Satellite 6.17 does not provide the "rubygem-foreman_resource_quota" package. (cherry picked from commit 7c98ae0) Refs PR 3921 on GitHub (cherry picked from commit 95477dc) Refs PR 3934 on GitHub commit ea36e2a Author: Brian Angelica <[email protected]> Date: Thu Jun 12 15:49:00 2025 -0400 Add procedure for Minimal data collection (theforeman#3916) commit 338905f Author: Maximilian Kolb <[email protected]> Date: Thu Jun 12 08:19:25 2025 +0200 Remove unused file (theforeman#3930) Refs b1ce268 commit b5015c4 Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Thu Jun 5 17:18:41 2025 +0200 Build web directory from PR for previews When a PR is submitted against master then it uses the PR to build the web layout rather than what's already in master. This allows making changes to the navigation and previewing them. commit 54e183c Author: Maximilian Kolb <[email protected]> Date: Wed Jun 11 11:48:44 2025 +0200 Omit equal sign for foreman-installer options (theforeman#3809) $ rg "=false" $ rg "=true" * Tested Hammer CLI $ hammer --version | grep "^hammer" hammer (3.12.0) $ hammer settings set --name=remote_execution_global_proxy --value=false Setting [remote_execution_global_proxy] updated to [false]. $ echo $? 0 $ hammer settings set --name remote_execution_global_proxy --value true Setting [remote_execution_global_proxy] updated to [true]. $ echo $? 0 * Tested foreman-installer $ foreman-installer --full-help | grep -A 2 -- "--foreman-proxy-dhcp-ping-free-ip" --foreman-proxy-dhcp-ping-free-ip Perform ICMP and TCP ping when searching free IPs from the pool. This makes sure that active IP address is not suggested as free, however in locked down network environments this can cause no free IPs. (current: true) $ foreman-installer --foreman-proxy-dhcp-ping-free-ip false $ echo $? 0 $ foreman-installer --foreman-proxy-dhcp-ping-free-ip=false $ echo $? 0 fixes theforeman#2881 commit 8671a6f Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Wed Jun 11 09:00:50 2025 +0200 Correct media umount path (theforeman#3864) Since c140d08 the directory is /media/rhel and not /media/rhel8. Fixes: c140d08 ("Add EL9 support for Foreman Server and Smart Proxy Server (theforeman#2805)") commit cfa2509 Author: Lukáš Hellebrandt <[email protected]> Date: Tue Jun 10 17:20:26 2025 +0200 3.15 GA (theforeman#3925) commit 5c09d35 Author: Maximilian Kolb <[email protected]> Date: Tue Jun 10 14:32:20 2025 +0200 Use SmartProxy SSL certs for Salt (theforeman#3896) You always have to enter the URL for Foreman/Katello, regardless if your Salt Master runs on Foreman Server or a Smart Proxy Server. Users have to manually configure the Salt service to use SSL certs of Foreman+Katello. $ ssh foreman-katello.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl" $ ssh smart-proxy.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl" commit b1ce268 Author: Lena Ansorgová <[email protected]> Date: Mon Jun 9 19:33:09 2025 +0200 Drop all oVirt/RHV (theforeman#3800) Co-authored-by: Maximilian Kolb <[email protected]> commit 9b0f02c Author: Evgeni Golov <[email protected]> Date: Thu Jun 5 10:49:34 2025 +0200 Document how to use an http proxy with the ansible collection (theforeman#3881) commit 443a7a7 Author: AkshayGadhaveRH <[email protected]> Date: Wed Jun 4 15:06:28 2025 +0530 Separate installation planning tasks from prerequisites (theforeman#3894) --------- Co-authored-by: Akshay Gadhave <[email protected]> commit 399851d Author: Zuzana Lena Ansorgova <[email protected]> Date: Mon Jun 2 21:03:05 2025 +0200 Retire branches older than 3.9 commit 7bd22c5 Author: Lena Ansorgová <[email protected]> Date: Tue Jun 3 16:19:00 2025 +0200 Use AAP as the value of :awx: attribute for Satellite (theforeman#3887) * Use AAP as the value of :awx: attribute for Satellite * Update AWX example URL commit cf5eba3 Author: Zuzana Lena Ansorgova <[email protected]> Date: Fri May 23 00:31:50 2025 +0200 Mention dbus-tools package required for EL 9 cloud-init images commit 90ed73c Author: Aneta Šteflová Petrová <[email protected]> Date: Tue Jun 3 08:55:09 2025 +0200 Update system architecture diagram for Satellite (theforeman#3900) * Replace RH Portal with RH Customer Portal * Drop RHV from content flow diagram commit 0bbbf7a Author: Lena Ansorgová <[email protected]> Date: Mon Jun 2 17:13:10 2025 +0200 Rephrase registration to load-balanced SmartProxy (theforeman#3889) Co-authored-by: Maximilian Kolb <[email protected]> commit 9ae0097 Author: Aneta Šteflová Petrová <[email protected]> Date: Mon Jun 2 14:49:23 2025 +0200 Adjust link to Insights (theforeman#3909) commit d4175a0 Author: Maximilian Kolb <[email protected]> Date: Fri May 30 16:37:32 2025 +0200 Fix spelling of hosts (theforeman#3908) Refs 723dccd commit a1ce6e6 Author: Aneta Šteflová Petrová <[email protected]> Date: Fri May 30 16:21:32 2025 +0200 Rename server upgrade procedure (theforeman#3903) * Rename server upgrade file to a snippet * Rename upgrade server procedure commit 9c3f94d Author: Maximilian Kolb <[email protected]> Date: Fri May 30 14:30:10 2025 +0200 Use appropriate ProjectServer attribute (theforeman#3893) Refs 6faa2fc commit 1dfa222 Author: Maximilian Kolb <[email protected]> Date: Thu May 22 15:57:10 2025 +0200 Reword a SmartProxyServer For orcharhino builds, this mitigates "a orcharhino Proxy Server". Refs PR 3874 on GitHub commit 723dccd Author: Maximilian Kolb <[email protected]> Date: Fri May 30 11:36:21 2025 +0200 Fix spelling of life cycle (theforeman#3906) Refs 41a73f0 commit f1f430f Author: Aneta Šteflová Petrová <[email protected]> Date: Wed May 28 15:53:52 2025 +0200 Limit SSSD workaround to certain RHEL versions only (theforeman#3898) --------- Co-authored-by: Lena Ansorgová <[email protected]> commit 41a73f0 Author: mmuehlfeldRH <[email protected]> Date: Wed May 28 15:51:12 2025 +0200 Improve intros in "Integrating provisioning infrastructure services" (theforeman#3861) --------- Co-authored-by: Maximilian Kolb <[email protected]> commit 08727d3 Author: Aneta Šteflová Petrová <[email protected]> Date: Wed May 28 14:16:17 2025 +0200 Improve server upgrade procedures (theforeman#3867) This includes: * Removing duplicate steps * Removing obsolete steps * Moving some existing steps to other parts of the guide * Wording changes to improve clarity --------- Co-authored-by: Brian Angelica <[email protected]> Co-authored-by: Ewoud Kohl van Wijngaarden <[email protected]> commit 305707c Author: Akshay Gadhave <[email protected]> Date: Tue May 27 11:24:28 2025 +0530 Fix the binary download procedure To download the binary DVD images, the user now has to perform an additional step to navigate to the RHEL downloads page. JIRA:https://issues.redhat.com/browse/SAT-29878 commit 920d7ec Author: Lena Ansorgová <[email protected]> Date: Mon May 26 16:54:43 2025 +0200 Bump Satellite version (theforeman#3886) * Bump Satellite version to 6.18 * Update ignored Satellite docs commit 30cb33b Author: Maximilian Kolb <[email protected]> Date: Mon May 26 11:17:42 2025 +0200 Fix asciidoc syntax to show numbered steps (theforeman#3891) commit 16e8b7e Author: Aneta Šteflová Petrová <[email protected]> Date: Mon May 26 09:54:02 2025 +0200 Simplify built-in api doc link (theforeman#3863) commit ea651af Author: Aneta Šteflová Petrová <[email protected]> Date: Mon May 26 09:38:38 2025 +0200 Drop proc for preparing the EVR ext for removal (theforeman#3865) Users were instructed to update the permissions in the previous upgrade guide already. commit b151cc4 Author: Maximilian Kolb <[email protected]> Date: Fri May 23 13:53:44 2025 +0200 Do not require Ansible collection on orcharhino (theforeman#3892) On orcharhino, there is a meta package that is always installed which requires the Foreman Ansible collection. On orcharhino Server: $ rpm -qa "ansible-collection-*" Refs PR 3844 on GitHub commit 55acea5 Author: Evgeni Golov <[email protected]> Date: Thu May 22 18:39:59 2025 +0200 Use `hammer flatpak-remote remote-repository list` to list contents (theforeman#3879) Otherwise things fail: # hammer flatpak-remote repository list --flatpak-remote-id=2 Error: No such sub-command 'repository'. See: 'hammer flatpak-remote --help'. Fixes: 2a0e9d2 commit 48967d0 Author: Lukas Hellebrandt <[email protected]> Date: Thu May 22 17:46:52 2025 +0200 Remove guides that are not ready commit 9e540f8 Author: Lukas Hellebrandt <[email protected]> Date: Tue May 13 19:38:55 2025 +0200 3.15 update commit 3513a6b Author: Evgeni Golov <[email protected]> Date: Wed May 21 11:15:43 2025 +0200 clarify that it can be *any* system that can run the ansible modules commit aac7692 Author: Aneta Šteflová Petrová <[email protected]> Date: Thu May 22 11:08:35 2025 +0200 Use attribute for FreeIPA server name (theforeman#3869) commit 94b2537 Author: Aneta Šteflová Petrová <[email protected]> Date: Thu May 22 11:07:48 2025 +0200 Create a section for helper app references (theforeman#3873) commit cf63af7 Author: Lena Ansorgová <[email protected]> Date: Thu May 22 10:59:38 2025 +0200 Add RHEL 10 to Planning guide (theforeman#3877) * Add RHEL 10 to Planning guide * Add note about Puppet agent for RHEL 10 commit 3271d49 Author: Brian Angelica <[email protected]> Date: Wed May 21 08:38:27 2025 -0400 Add link about containers for RHEL 10 (theforeman#3622) commit 535c97c Author: Evgeni Golov <[email protected]> Date: Wed May 21 11:28:34 2025 +0200 add Foreman 3.15/Katello 4.17 and mark 3.14 as the Sat 6.17 base commit 597a39d Author: Aneta Šteflová Petrová <[email protected]> Date: Wed May 21 09:49:40 2025 +0200 Drop upgrade step to upgrade to PostgreSQL 13 (theforeman#3866) commit 16ed4ed Author: Aneta Šteflová Petrová <[email protected]> Date: Wed May 21 07:42:49 2025 +0200 Improve pre-upgrade documentation (theforeman#3855) * Delete obsolete or unnecessary prerequisites * Create "Preparing for upgrade" * Update estimates for upgrade process duration * Drop upgrade prereqs to check space and firewalls * Drop upgrade prereqs for self-registered * Drop prereq on upgrades in FIPS mode * Edit and reduce duplication --------- Co-authored-by: Brian Angelica <[email protected]> Co-authored-by: Evgeni Golov <[email protected]> Co-authored-by: Maximilian Kolb <[email protected]> commit cd048fb Author: Aneta Šteflová Petrová <[email protected]> Date: Tue May 20 16:44:00 2025 +0200 Describe Satellite usage metrics collection (theforeman#3846) --------- Co-authored-by: Maximilian Kolb <[email protected]> Co-authored-by: AkshayGadhaveRH <[email protected]> Co-authored-by: Brian Angelica <[email protected]> commit 6d5171e Author: Aneta Šteflová Petrová <[email protected]> Date: Tue May 20 08:55:57 2025 +0200 Fix a typo (theforeman#3868) commit 6962c69 Author: AkshayGadhaveRH <[email protected]> Date: Tue May 20 01:07:36 2025 +0530 Add a note about RHOKP in the disconnected guides (theforeman#3853) The Red Hat Offline Knowledge Portal (RHOKP) will be included with the Satellite subscription for 6.17. Created a module and added it to the disconnected install and disconnected upgrade guides. JIRA: https://issues.redhat.com/browse/SAT-31163 https://issues.redhat.com/browse/SAT-31164 commit d489460 Author: Aneta Šteflová Petrová <[email protected]> Date: Mon May 19 16:29:20 2025 +0200 Make registering proxy mandatory for katello (theforeman#3856) commit d6a1745 Author: Maximilian Kolb <[email protected]> Date: Mon May 19 15:52:50 2025 +0200 Add instructions to fix Publisher ACL for Salt (theforeman#3850) commit abac21f Author: Maximilian Kolb <[email protected]> Date: Tue May 6 13:54:04 2025 +0200 Reword importing Puppet environments commit ef812da Author: Maximilian Kolb <[email protected]> Date: Mon May 5 13:59:01 2025 +0200 Reword a number of to several Makes vale happy. commit 8a2cb76 Author: Maximilian Kolb <[email protected]> Date: Fri May 2 15:32:25 2025 +0200 Reword external Smart Proxies to Smart Proxy Servers fixes theforeman#2774 commit 2b04b6d Author: Zuzana Lena Ansorgova <[email protected]> Date: Sun May 11 05:33:17 2025 +0200 Remove RHEL 6 support and procedures commit b0addc5 Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Fri May 16 08:47:50 2025 +0200 Correct http-booting anchor (theforeman#3838) In fbc716d the section id was renamed from http-booting-requirements to http-booting. Fixes: fbc716d ("Modularize Planning for Foreman guide (theforeman#3626)") commit c3edd7d Author: Aneta Šteflová Petrová <[email protected]> Date: Wed May 14 13:10:43 2025 +0200 Add Kerberos as an auth method for Ansible modules commit 0f2fdc9 Author: Aneta Šteflová Petrová <[email protected]> Date: Wed May 14 13:08:21 2025 +0200 Improve docs on installing ansible collection * Expand existing docs to cover the end-to-end workflow * Add example playbooks * Multiple improvements Co-authored-by: Evgeni Golov <[email protected]> Co-authored-by: Brian Angelica <[email protected]> commit 9e7fa3f Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Sun May 11 15:10:02 2025 +0200 Drop 'Using TFTP services through NAT' procedure In both the "Enabling connections from a client to {ProjectServer}" and "Enabling connections from {ProjectServer} and clients to a {SmartProxyServer}" procedures there is a --add-service=tftp line so users are already told to open up port 69 from clients. Then the specific part of allowing it through NAT is not something we support anywhere. commit cd5fbea Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Thu May 15 14:04:23 2025 +0200 Remove libvirt specific text from VMware procedure (theforeman#3840) This only works on libvirt, but is in the VMware connection instructions. It was present all the way back in the initial version. Fixes: 156d071 ("Initial version based on 10a10600") commit 9751f32 Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Thu May 15 13:34:56 2025 +0200 Treat unused modules as errors (theforeman#3823) commit 028b746 Author: AkshayGadhaveRH <[email protected]> Date: Thu May 15 12:10:12 2025 +0530 Update postgresql command (theforeman#3833) commit f945f51 Author: Ian Ballou <[email protected]> Date: Wed May 14 03:09:06 2025 -0400 Add bootc transient package installation information (theforeman#3843) commit e4dbee4 Author: Brian Angelica <[email protected]> Date: Tue May 13 08:43:48 2025 -0400 Add step to enable maintenance repo to proxy upgrade (theforeman#3849) commit 8934c81 Author: Brian Angelica <[email protected]> Date: Tue May 13 02:31:26 2025 -0400 Pluralize content view to views (theforeman#3801) Includes other minor changes. commit b02e714 Author: Brian Angelica <[email protected]> Date: Fri May 9 02:35:19 2025 -0400 Add step to enable Satellite repositories (theforeman#3848) commit fb1856c Author: Marc Muehlfeld <[email protected]> Date: Wed May 7 16:38:37 2025 +0200 Restore subtitle of "Integrating provisioning infrastructure services" commit e161f79 Author: Ian Ballou <[email protected]> Date: Wed May 7 10:23:57 2025 -0400 Add container content note to load balancing guide (theforeman#3824) commit 95eb28b Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Wed May 7 16:21:17 2025 +0200 Properly use ifdef to hide Katello content (theforeman#3837) * Remove redundant note about Katello This module is only included in the Satellite build and never rendered. * Hide preparing a synchronized kickstart repo on non-Katello Previously this included notes that Katello provided a feature, but it's better to hide the text altogether on irrelevant builds. That is done around the include statement. * Only link to the content management guide if relevant The content management guide is only for Katello and its derivatives. commit 1c2ba20 Author: AkshayGadhaveRH <[email protected]> Date: Wed May 7 12:20:42 2025 +0530 Add port 9090 for MQTT (theforeman#3835) commit 9a1533e Author: AkshayGadhaveRH <[email protected]> Date: Wed May 7 12:16:37 2025 +0530 Reword the step to reboot (theforeman#3816) commit 8782216 Author: Maximilian Kolb <[email protected]> Date: Wed May 7 08:41:41 2025 +0200 Fix broken links (theforeman#3836) * Fix broken link about containers on RHEL * Replace link to get skopeo on RHEL Refs f1a43d7 commit dc4f5d7 Author: Brian Angelica <[email protected]> Date: Tue May 6 13:09:02 2025 -0400 Add info about tracking subscription usage (theforeman#3702) commit 6bfa7e7 Author: Aneta Šteflová Petrová <[email protected]> Date: Tue May 6 10:16:08 2025 +0200 Add workaround for IPA and AD Kerberos auth (theforeman#3825) * Restructure AD auth source procedure This is so that I can easily add a new substep. * Restructure IPA auth source procedure This is so that the procedure contains a proper step and so that I can easily add a new step. * Add workaround for IPA/AD kinit in IPv6-only networks commit 17c759f Author: mmuehlfeldRH <[email protected]> Date: Tue May 6 08:31:37 2025 +0200 Change guide name in navigation to lowercase (theforeman#3834) commit f1a43d7 Author: Brian Angelica <[email protected]> Date: Mon May 5 15:48:19 2025 -0400 Add install procedures for advisor engine (theforeman#3785) commit ea67081 Author: Brian Angelica <[email protected]> Date: Mon May 5 14:04:28 2025 -0400 Add TP note to 'multiple CV environments' (theforeman#3826) commit 8a9cf3b Author: Brian Angelica <[email protected]> Date: Mon May 5 10:10:22 2025 -0400 Add limitation about IPv6 and proxy (theforeman#3715) * Add note about IPv6 and proxy failing * Clarify it is an HTTP proxy commit d38f624 Author: Maximilian Kolb <[email protected]> Date: Mon May 5 14:29:37 2025 +0200 Fix typos (theforeman#3822) commit ebf8b4b Author: mmuehlfeldRH <[email protected]> Date: Mon May 5 14:23:24 2025 +0200 Rename guide to 'provisioning infrastructure services' (theforeman#3828) commit b3491af Author: Maximilian Kolb <[email protected]> Date: Mon May 5 14:18:10 2025 +0200 Drop unused file (theforeman#3827) Refs 7da8046 commit 2dc3c66 Author: Aneta Šteflová Petrová <[email protected]> Date: Fri May 2 19:50:04 2025 +0200 Specify guideline around non-trivial PRs (theforeman#3819) * Specify how long to keep PRs open if over the weekend * Add examples of non-trivial PRs * Add reasoning for why non-trivial PRs should be kept open commit cc7e3c4 Author: mmuehlfeldRH <[email protected]> Date: Fri May 2 19:16:20 2025 +0200 Add "Configuring DNS, DHCP, and TFTP integration" title to 3.14 and nightly (theforeman#3821) commit abbe3e8 Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Thu Dec 19 14:11:39 2024 +0100 Drop obsolete reference to checkpoint_segments In b7fda4a a note was dropped, but not entirely. Fixes: b7fda4a ("Add feedback from Github") commit 9a14446 Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Thu Dec 19 14:05:34 2024 +0100 Replace health-check with health check This pleases Vale. commit f24a923 Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Thu Dec 19 01:31:17 2024 +0100 Inline applying changes in the tuning guide Rather than referring readers to a chapter that has some generic instructions, this includes them so the procedure is complete. Fixes: d217c11 ("Add procedure to apply changes to configuration (theforeman#1444)") commit 7da8046 Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Thu Dec 19 01:24:49 2024 +0100 Refs #33214 - Drop content around puma threads_min tuning The installer matches threads_min to threads_max and users shouldn't touch this. commit c044d1a Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Thu Dec 19 01:15:41 2024 +0100 Refs #33974 - Drop Puma DB pool tuning The installer now automatically sets the pool size large enough to accommodate the additional connections needed by Katello and users shouldn't touch these values anymore. commit 28c8d8e Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Thu Dec 19 01:13:24 2024 +0100 Remove obsolete Apache tuning Back with Pulp 2 and Passenger were used this was needed, but these days it's no longer needed. commit 6002363 Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Fri May 2 15:09:41 2025 +0200 Avoid running katello-certs-check in most cases (theforeman#3796) * Correctly pass -t {certs-proxy-content} to katello-certs-check Users should always pass this if the target is a proxy. On project servers they can pass -t foreman or the branded equivalent, but not passing it is equivalent and that saves adding another parameters. It was alwas invalid to do this when a wildcard is present. * Avoid running katello-certs-check Users should call foreman-proxy-certs-generate which internally calls katello-certs-check. We already have those commands in the documentation anyway and this simplifies the operation for users. commit ec84751 Author: AkshayGadhaveRH <[email protected]> Date: Fri May 2 11:13:26 2025 +0530 Add Insights prerequisite (theforeman#3735) A note is needed in the Upgrade docs to warn users who use Red Hat Insights to reregister the system with Insights. JIRA: https://issues.redhat.com/browse/SAT-31944 The actual change requires for the host to be reregistered and not the Project server itself. Rewording and moving the text to the Managing hosts guide. Co-authored-by: Akshay Gadhave <[email protected]> Co-authored-by: Brian Angelica <[email protected]> commit 0fd430b Author: Maximilian Kolb <[email protected]> Date: Wed Apr 30 10:38:15 2025 +0200 Remove Foreman on AWS from navigation Refs da81664 on "3.14" Refs b0dd9eb on "master" Refs PR 3815 on GitHub commit d89dbde Author: Lena Ansorgová <[email protected]> Date: Wed Apr 30 17:23:48 2025 +0200 Fix command examples and link target (theforeman#3812) * Fix wording of example Hammer commands * Fix xref target for IPAM info commit ec4d4ef Author: Maximilian Kolb <[email protected]> Date: Wed Apr 30 16:04:59 2025 +0200 Remove snippet that is only used once (theforeman#3794) This snippet is only included once in upstream and downstream docs. Therefore, to allow checking unused modules via GHA, I have moved the content from the snippet to the actual place the snippet was included. This technically does not ensure that the content is rendered in previews for orcharhino on GitHub. Refs PR 3792 on GitHub commit 4c69e2b Author: AkshayGadhaveRH <[email protected]> Date: Wed Apr 30 19:20:34 2025 +0530 Modify production environment backup recommendation (theforeman#3747) Since online backups are supported for production, after snapshot backups were dropped [1], removing the now irrelevant line about online backups being unsupported. [1] https://issues.redhat.com/browse/SAT-25667 JIRA: https://issues.redhat.com/browse/SAT-29507 Co-authored-by: Akshay Gadhave <[email protected]> commit ad03ff1 Author: Maximilian Kolb <[email protected]> Date: Wed Apr 30 13:49:14 2025 +0200 Bump orcharhino version to 7.2 (theforeman#3820) orcharhino 7.2 is EL9 only. source: https://orcharhino.com/en/ressourcen/release-notes/orcharhino-7-2/ commit 8627984 Author: Maximilian Kolb <[email protected]> Date: Wed Apr 30 13:25:14 2025 +0200 Allow italic emphasis for host group CLI command (theforeman#3795) * Make example password italic * Sort attributes in alphabetical order * Use one option per line commit b244eb2 Author: Maximilian Kolb <[email protected]> Date: Wed Apr 30 13:23:26 2025 +0200 Remove unused assemblies and modules (theforeman#3792) Refs PR 3790 on GitHub commit 4c30286 Author: Maximilian Kolb <[email protected]> Date: Wed Apr 30 12:50:30 2025 +0200 Use dashes in file names (theforeman#3803) $ find guides/common/modules/ -type f -iname "*.adoc" -exec basename {} \; | sort -u | sed "s/\(^con_\|^proc_\|^ref_\|^snip_\)//g" | sort -u | rg "_" commit 6faa2fc Author: Lena Ansorgová <[email protected]> Date: Wed Apr 30 10:59:04 2025 +0200 Move DNS, DHCP, and TFTP content to a new guide (theforeman#3530) * Move DNS, DHCP, and TFTP content to a new guide * Rename the new guide * Restructure content * Remove obsolete files * Various updates to old content --------- Co-authored-by: Marc Muehlfeld <[email protected]> Co-authored-by: mmuehlfeldRH <[email protected]> Co-authored-by: Ewoud Kohl van Wijngaarden <[email protected]> Co-authored-by: Aneta Šteflová Petrová <[email protected]> Co-authored-by: Maximilian Kolb <[email protected]> commit b0dd9eb Author: AkshayGadhaveRH <[email protected]> Date: Wed Apr 30 13:48:20 2025 +0530 Delete the AWS deployment guide (theforeman#3815) As the neccessary modules have been relocated to the appropriate guides, deleting the leftover modules as well as the contents of the AWS guide. JIRA: https://issues.redhat.com/browse/SAT-30094 Co-authored-by: Akshay Gadhave <[email protected]> commit 889627f Author: Aneta Šteflová Petrová <[email protected]> Date: Tue Apr 29 15:28:42 2025 +0200 Clean up information on applying custom config (theforeman#3752) commit e199aaa Author: Avital Pinnick <[email protected]> Date: Tue Apr 29 15:41:11 2025 +0300 Removing obsolete RHEL conversion doc (theforeman#3811) commit 99ff40f Author: AkshayGadhaveRH <[email protected]> Date: Mon Apr 28 18:35:14 2025 +0530 Move content from AWS guide (theforeman#3718) Move Prerequisites to the Installation Guide Move Deployment Scenarios to the Planning Guide commit 078a198 Author: mmuehlfeldRH <[email protected]> Date: Mon Apr 28 11:19:11 2025 +0200 Add skeleton of new title: Configuring DNS, DHCP, and TFTP integration (theforeman#3810) This is is an empty title to enable synchronization with downstream before the actual content from theforeman#3530 will be merged. commit 91ce78e Author: Lena Ansorgová <[email protected]> Date: Wed Apr 23 16:02:16 2025 +0200 Fix selection diagram based on whether Foreman manages DHCP (theforeman#3450) * Fix selection based on whether Foreman manages DHCP * Rephrase commit 415fea4 Author: Maximilian Kolb <[email protected]> Date: Tue Apr 22 14:54:56 2025 +0200 Stop services before upgrading Smart Proxy Servers (theforeman#3773) fixes theforeman#3746 commit 7dd23e0 Author: Maximilian Kolb <[email protected]> Date: Tue Apr 22 12:44:38 2025 +0200 Remove trailing underscores from commands (theforeman#3793) Users should only replace the name of the migration directory, but not the name of the PostgreSQL dumps. commit be841bc Author: Maximilian Kolb <[email protected]> Date: Tue Apr 22 08:24:47 2025 +0200 Use long options for curl (theforeman#3788) commit f2e71fc Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Sun Apr 20 15:03:48 2025 +0200 Implement find_unused_modules in CI (theforeman#3790) This rewrites find_unused_modules into Ruby and uses asciidoctor to determine which files are unused. It also adds a workflow that GitHub Actions runs. To make that easier to consume it emits GitHub Annotations with warnings. commit 934d3be Author: AkshayGadhaveRH <[email protected]> Date: Wed Apr 16 18:26:28 2025 +0530 Rename Red Hat OpenStack product name (theforeman#3723) Red Hat OpenStack Platform was rebranded as "Red Hat OpenStack Services on OpenShift" in v.18. Updating the attribute accordingly. JIRA: https://issues.redhat.com/browse/SAT-31474 Co-authored-by: Akshay Gadhave <[email protected]> commit 6a97a5a Author: Lena Ansorgová <[email protected]> Date: Tue Apr 15 17:50:54 2025 +0200 Fix vague AK parameter instruction step (theforeman#3775) Co-authored-by: Maximilian Kolb <[email protected]> commit 2f9e685 Author: Maximilian Kolb <[email protected]> Date: Tue Apr 15 14:01:22 2025 +0200 Use one sentence per line (theforeman#3786) commit 475fa17 Author: Aneta Šteflová Petrová <[email protected]> Date: Tue Apr 15 13:12:58 2025 +0200 Update SMTP configuration for Gmail (theforeman#3779) * Add additional details for gmail.com settings * Add additional details to other email server examples commit 4b61de4 Author: Aneta Šteflová Petrová <[email protected]> Date: Tue Apr 15 12:41:35 2025 +0200 Drop procedures that use an obsolete API endpoint (theforeman#3780) * Remove examples with install_content endpoint * Remove install_content procedures from API guide commit 75fd802 Author: Aneta Šteflová Petrová <[email protected]> Date: Tue Apr 15 12:38:27 2025 +0200 Drop unnecessary plus sign (theforeman#3781) commit f63c697 Author: Aneta Šteflová Petrová <[email protected]> Date: Tue Apr 15 12:37:18 2025 +0200 Clean up master.adoc in Planning (theforeman#3782) This includes 'overview & concepts' and 'deployment planning' as assemblies rather than AsciiDoc parts to ensure The result is a bit cleaner master.adoc and also resolved errors about too many level 0 headings. commit 7909cb1 Author: Lena Ansorgová <[email protected]> Date: Tue Apr 15 08:27:56 2025 +0200 Update AWX/AAP/Ansible docs links (theforeman#3778) Co-authored-by: Maximilian Kolb <[email protected]>
jherrman
added a commit
to jherrman/foreman-documentation
that referenced
this pull request
Jun 30, 2025
Squashed commit of the following: commit c8fb643 Author: Maximilian Kolb <[email protected]> Date: Mon Jun 16 15:20:34 2025 +0200 Make multiple CV environments fit for all builds (theforeman#3806) * Fix broken links * Make example activation key italic * Use ProjectWebUI attribute * Use attributes for example content * Use foreman-example-com macro in favor of hardcoded FQDN * Use sentence-case capitalization * Write Hammer CLI in favor of Hammer Refs PR 3609 on GitHub commit 0f7e6b6 Author: Maximilian Kolb <[email protected]> Date: Tue May 20 13:51:26 2025 +0200 Document default resource quota of registered hosts Refs PR 152 on GitHub for foreman_resource_quota commit d9929fd Author: Maximilian Kolb <[email protected]> Date: Thu Jun 12 19:48:29 2025 +0200 Hide foreman_resource_quota plugin for Satellite (theforeman#3934) Satellite 6.17 does not provide the "rubygem-foreman_resource_quota" package. (cherry picked from commit 7c98ae0) Refs PR 3921 on GitHub (cherry picked from commit 95477dc) Refs PR 3934 on GitHub commit ea36e2a Author: Brian Angelica <[email protected]> Date: Thu Jun 12 15:49:00 2025 -0400 Add procedure for Minimal data collection (theforeman#3916) commit 338905f Author: Maximilian Kolb <[email protected]> Date: Thu Jun 12 08:19:25 2025 +0200 Remove unused file (theforeman#3930) Refs b1ce268 commit b5015c4 Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Thu Jun 5 17:18:41 2025 +0200 Build web directory from PR for previews When a PR is submitted against master then it uses the PR to build the web layout rather than what's already in master. This allows making changes to the navigation and previewing them. commit 54e183c Author: Maximilian Kolb <[email protected]> Date: Wed Jun 11 11:48:44 2025 +0200 Omit equal sign for foreman-installer options (theforeman#3809) $ rg "=false" $ rg "=true" * Tested Hammer CLI $ hammer --version | grep "^hammer" hammer (3.12.0) $ hammer settings set --name=remote_execution_global_proxy --value=false Setting [remote_execution_global_proxy] updated to [false]. $ echo $? 0 $ hammer settings set --name remote_execution_global_proxy --value true Setting [remote_execution_global_proxy] updated to [true]. $ echo $? 0 * Tested foreman-installer $ foreman-installer --full-help | grep -A 2 -- "--foreman-proxy-dhcp-ping-free-ip" --foreman-proxy-dhcp-ping-free-ip Perform ICMP and TCP ping when searching free IPs from the pool. This makes sure that active IP address is not suggested as free, however in locked down network environments this can cause no free IPs. (current: true) $ foreman-installer --foreman-proxy-dhcp-ping-free-ip false $ echo $? 0 $ foreman-installer --foreman-proxy-dhcp-ping-free-ip=false $ echo $? 0 fixes theforeman#2881 commit 8671a6f Author: Ewoud Kohl van Wijngaarden <[email protected]> Date: Wed Jun 11 09:00:50 2025 +0200 Correct media umount path (theforeman#3864) Since c140d08 the directory is /media/rhel and not /media/rhel8. Fixes: c140d08 ("Add EL9 support for Foreman Server and Smart Proxy Server (theforeman#2805)") commit cfa2509 Author: Lukáš Hellebrandt <[email protected]> Date: Tue Jun 10 17:20:26 2025 +0200 3.15 GA (theforeman#3925) commit 5c09d35 Author: Maximilian Kolb <[email protected]> Date: Tue Jun 10 14:32:20 2025 +0200 Use SmartProxy SSL certs for Salt (theforeman#3896) You always have to enter the URL for Foreman/Katello, regardless if your Salt Master runs on Foreman Server or a Smart Proxy Server. Users have to manually configure the Salt service to use SSL certs of Foreman+Katello. $ ssh foreman-katello.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl" $ ssh smart-proxy.example.com cat /etc/foreman-proxy/settings.yml | grep "^:foreman_ssl" commit b1ce268 Author: Lena Ansorgová <[email protected]> Date: Mon Jun 9 19:33:09 2025 +0200 Drop all oVirt/RHV (theforeman#3800) Co-authored-by: Maximilian Kolb <[email protected]> commit 9b0f02c Author: Evgeni Golov <[email protected]> Date: Thu Jun 5 10:49:34 2025 +0200 Document how to use an http proxy with the ansible collection (theforeman#3881) commit 443a7a7 Author: AkshayGadhaveRH <[email protected]> Date: Wed Jun 4 15:06:28 2025 +0530 Separate installation planning tasks from prerequisites (theforeman#3894) --------- Co-authored-by: Akshay Gadhave <[email protected]> commit 399851d Author: Zuzana Lena Ansorgova <[email protected]> Date: Mon Jun 2 21:03:05 2025 +0200 Retire branches older than 3.9 commit 7bd22c5 Author: Lena Ansorgová <[email protected]> Date: Tue Jun 3 16:19:00 2025 +0200 Use AAP as the value of :awx: attribute for Satellite (theforeman#3887) * Use AAP as the value of :awx: attribute for Satellite * Update AWX example URL commit cf5eba3 Author: Zuzana Lena Ansorgova <[email protected]> Date: Fri May 23 00:31:50 2025 +0200 Mention dbus-tools package required for EL 9 cloud-init images commit 90ed73c Author: Aneta Šteflová Petrová <[email protected]> Date: Tue Jun 3 08:55:09 2025 +0200 Update system architecture diagram for Satellite (theforeman#3900) * Replace RH Portal with RH Customer Portal * Drop RHV from content flow diagram commit 0bbbf7a Author: Lena Ansorgová <[email protected]> Date: Mon Jun 2 17:13:10 2025 +0200 Rephrase registration to load-balanced SmartProxy (theforeman#3889) Co-authored-by: Maximilian Kolb <[email protected]> commit 9ae0097 Author: Aneta Šteflová Petrová <[email protected]> Date: Mon Jun 2 14:49:23 2025 +0200 Adjust link to Insights (theforeman#3909) commit d4175a0 Author: Maximilian Kolb <[email protected]> Date: Fri May 30 16:37:32 2025 +0200 Fix spelling of hosts (theforeman#3908) Refs 723dccd commit a1ce6e6 Author: Aneta Šteflová Petrová <[email protected]> Date: Fri May 30 16:21:32 2025 +0200 Rename server upgrade procedure (theforeman#3903) * Rename server upgrade file to a snippet * Rename upgrade server procedure commit 9c3f94d Author: Maximilian Kolb <[email protected]> Date: Fri May 30 14:30:10 2025 +0200 Use appropriate ProjectServer attribute (theforeman#3893) Refs 6faa2fc commit 1dfa222 Author: Maximilian Kolb <[email protected]> Date: Thu May 22 15:57:10 2025 +0200 Reword a SmartProxyServer For orcharhino builds, this mitigates "a orcharhino Proxy Server". Refs PR 3874 on GitHub commit 723dccd Author: Maximilian Kolb <[email protected]> Date: Fri May 30 11:36:21 2025 +0200 Fix spelling of life cycle (theforeman#3906) Refs 41a73f0
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What changes are you introducing?
Ensure that using foreman_salt does not rely on SSL certs created by/used by foreman_puppet.
Why are you introducing these changes? (Explanation, links to references, issues, etc.)
To allow users to use Salt without Puppet.
Anything else to add? (Considerations, potential downsides, alternative solutions you have explored, etc.)
Checklists
Please cherry-pick my commits into: