Search code examples
puppet

puppet epp template error (Invalid EPP: Syntax error at)

I'll try migrate erb to epp and deprecated hiera_hash to lookup. Current error:

Error: Could not retrieve catalog from remote server: 
Error 500 on SERVER: Server Error: Evaluation Error: 
Error while evaluating a Function Call, epp(): Invalid EPP: 
Syntax error at 'Port ' at /etc/puppetlabs/code/environments/production/modules/sshd/templates/sshd_config.epp:4:24 
at /etc/puppetlabs/code/environments/production/modules/sshd/manifests/init.pp:23:16 on node puppettestnode

my init.pp:

class sshd {
  #$sshd_config = hiera_hash('sshd')
  $sshd=lookup('sshd', {merge => 'hash'})

  package { 'openssh-server':
    ensure => present,
    before => Service['sshd'],
  }

  file { '/etc/ssh':
    ensure  => directory,
    owner   => 'root',
    group => 'root',
    mode => '0755',
    require => Package['openssh-server']
  }->

  file { '/etc/ssh/sshd_config':
    owner   => 'root',
    group => 'root',
    mode => '0644',
    ensure  => file,
    content => epp("${module_name}/sshd_config.epp"),
  }~>

  service { 'sshd':
    ensure => running,
    require => [
      Package['openssh-server'],
      File['/etc/ssh/sshd_config'],
    ],
  }
}

sshd_config.epp:

###Managed by Puppet###

# What ports, IPs and protocols we listen for
<% if $sshd["port"] -%>
Port <%= $sshd["port"] %>
<% else -%>
Port 22
<% end -%>

# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
<% if $sshd['listen'] -%>
ListenAddress <%= $sshd['listen'] %>
<% else -%>
ListenAddress 0.0.0.0
<% end -%>

common.yml:

---
sshd:
  port: '22'
  listen: '0.0.0.0'

puppet lookup from puppet server: 

puppet lookup sshd --merge unique --environment production --explain
Searching for "sshd"
  Global Data Provider (hiera configuration version 5)
    Using configuration "/etc/puppetlabs/puppet/hiera.yaml"
    Merge strategy unique
      Hierarchy entry "Per-node data"
        Path "/etc/puppetlabs/code/environments/production/hiera/nodes/puppettestserver"
          Original path: "nodes/%{::fqdn}"
          Path not found
      Hierarchy entry "Common data"
        Path "/etc/puppetlabs/code/environments/production/hiera/common.yaml"
          Original path: "common.yaml"
          Found key: "sshd" value: {
            "port" => "22",
            "listen" => "0.0.0.0"
          }
      Merged result: [
        {
          "port" => "22",
          "listen" => "0.0.0.0"
        }
      ]

Please help if it's possible.

Solution

  • The if statements are using a Ruby syntax rather than Puppet DSL syntax, which is causing the unusual error message.

    The template should be:

    ###Managed by Puppet###

# What ports, IPs and protocols we listen for
<% if $sshd["port"] { -%>
Port <%= $sshd["port"] %>
<% } else { -%>
Port 22
<% } -%>

# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
<% if $sshd['listen'] { -%>
ListenAddress <%= $sshd['listen'] %>
<% } else { -%>
ListenAddress 0.0.0.0
<% } -%>

    Remember that in the Puppet DSL (which EPP is very much based on), these would look like:

    if $sshd["port"] {
  # Port
} else {
  # Port 22
}

    so you must use the same curly braces in EPP. (Documentation: Conditional statements).