{"id":13501834,"url":"https://github.com/adfinis/foreman-yml","last_synced_at":"2025-10-05T22:30:35.091Z","repository":{"id":8871117,"uuid":"57975131","full_name":"adfinis/foreman-yml","owner":"adfinis","description":"Make automated Foreman configuration as easy as pie.","archived":true,"fork":false,"pushed_at":"2019-11-01T15:57:02.000Z","size":316,"stargazers_count":27,"open_issues_count":0,"forks_count":25,"subscribers_count":19,"default_branch":"master","last_synced_at":"2024-09-26T09:01:10.414Z","etag":null,"topics":["automation","configuration","foreman","python","yml"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/adfinis.png","metadata":{"files":{"readme":"README.rst","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-05-03T14:22:25.000Z","updated_at":"2023-01-27T23:56:02.000Z","dependencies_parsed_at":"2022-08-28T03:02:01.279Z","dependency_job_id":null,"html_url":"https://github.com/adfinis/foreman-yml","commit_stats":null,"previous_names":["adfinis-sygroup/foreman-yml"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adfinis%2Fforeman-yml","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adfinis%2Fforeman-yml/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adfinis%2Fforeman-yml/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adfinis%2Fforeman-yml/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/adfinis","download_url":"https://codeload.github.com/adfinis/foreman-yml/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":219877064,"owners_count":16554821,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","configuration","foreman","python","yml"],"created_at":"2024-07-31T22:01:52.526Z","updated_at":"2025-10-05T22:30:29.831Z","avatar_url":"https://github.com/adfinis.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"foreman-yml\n===========\n\n|PyPi| |License|\n\n.. |PyPi| image:: https://img.shields.io/pypi/v/foreman-yml.svg?style=flat-square\n :target: https://pypi.python.org/pypi/foreman-yml\n.. |License| image:: https://img.shields.io/badge/license-GPLv3-blue.svg?style=flat-square\n :target: LICENSE\n\nMake automated foreman configuration as easy as pie.\n\nThis script automatically resolves names so you can link templates,\nhosts, domains with only using their names. It's not required to know\ntheir ids beforehand.\n\nInstallation\n------------\n\n::\n\n git clone https://github.com/adfinis-sygroup/foreman-yml --recursive\n cd foreman-yml\n sudo pip install .\n\nNote CentOS/RHEL\n~~~~~~~~~~~~~~~~\n\n::\n sudo yum install gcc python-devel python-pip python-argparse -y\n\nUsage\n-----\n\n::\n\n foreman-yml [import|dump|cleanup] /path/to/config.yaml\n\nConfiguration\n~~~~~~~~~~~~~\n\nRoot node of YAML is always ``foreman``. You can find an configuration\nexample under ``config/example.yml``\n\nDump current configuration\n~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nforeman-yml supports dumping the whole configuration of a remote foreman\ninstance to stdout. Use ``foreman-yml dump`` for this feauture.\n\nFor dumping, provide an config file with auth settings:\n\n.. code:: yaml\n\n foreman:\n auth:\n url: \"https://foreman.lab.local\"\n user: username\n pass: password\n\nThen run foreman-yml like this to dump configuration:\n\n::\n\n foreman-yml dump /path/to/config.yml \u003e foreman_dump.yml\n\nImport settings into foreman\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nIf no keyword or ``import`` is provided to ``foreman-yml``, the script\ntries to import settings provided by yaml-file.\n\n::\n\n foreman-yml /path/to/config.yml\n foreman-yml dump /path/to/config.yml\n\nThe following config sections are supported:\n\nSection ``auth``\n^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n auth:\n url: \"https://foreman.lab.local\"\n user: username\n pass: password\n\n- **url** URL of your foreman instance\n- **user** Username for connecting to the API. User should have\n administrative rights\n- **pass** Password for the User\n\nSection ``setting``\n^^^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n setting:\n - name: entries_per_page\n value: 42\n - name: safemode_render\n value: false\n\nKey/Value pair for global foreman settings\n\n- **name** Key\n- **value** Value\n\nSection ``architecture``\n^^^^^^^^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n architecture:\n - name: x86_64\n - name: i386\n\n- **name** Architecture string (Example: 'x86\\_64')\n\nSection ``environment``\n^^^^^^^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n environment:\n - name: production\n - name: development\n - name: staging\n\n- **name** Environment name\n\nSection ``smart-proxy``\n^^^^^^^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n smart-proxy:\n - name: smproxy01\n url: \"http://localhost:8000/\"\n\n- **name** Smart proxy name\n- **url** Smart proxy url\n\nSection ``domain``\n^^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n domain:\n - name: lab.local\n fullname: lab.local is a test domain\n dns-proxy: smproxy01\n parameters:\n - name: keyname\n value: keyvalue\n\n- **name** Domain name\n- **fullname** Detailed description\n- **dns-proxy** DNS proxy for the domain. Maps to ``smart-proxy.name``\n- **parameters** Extra parameters, key/value pair\n- **name** Key\n- **value** Value\n\nSection ``subnet``\n^^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n subnet:\n - name: lab\n network: 192.168.122.0\n mask: 255.255.255.0\n gateway: 192.168.122.1\n dns-primary: 192.168.122.1\n dns-secondary: 8.8.8.8\n ipam: DHCP\n from: 192.168.122.10\n to: 192.168.122.50\n vlanid:\n domain:\n - name: lab.local\n dhcp-proxy: Smart Proxy\n tftp-proxy: Smart Proxy\n dns-proxy:\n boot-mode: DHCP\n network-type: IPv4\n\n- **name** Subnet name\n- **network** Network address\n- **mask** Network Netmask\n- **gateway** Network gateway\n- **dns-primary** Primary DNS server\n- **dns-secondary** Secondary DNS server\n- **ipam** IP Address auto suggestion mode for this subnet, valid\n values are \"DHCP\", \"Internal DB\", \"None\"\n- **from** Starting IP Address for IP auto suggestion\n- **to** Ending IP Address for IP auto suggestion\n- **vlanid** VLAN ID for this subnet\n- **domain** Domains in which this subnet is part\n- **name** Domain name, maps to ``domain.name``\n- **dhcp-proxy** DHCP Proxy to use within this subnet, maps to\n ``smart-proxy.name``\n- **tftp-proxy** TFTP Proxy to use within this subnet, maps to\n ``smart-proxy.name``\n- **dns-proxy** DNS Proxy to use within this subnet, maps to\n ``smart-proxy.name``\n- **boot-mode** Default boot mode for interfaces assigned to this\n subnet, valid values are \"Static\", \"DHCP\"\n- **network-type** Type or protocol, IPv4 or IPv6, defaults to IPv4,\n valid values are \"IPv4\", \"IPv6\"\n\nSection ``model``\n^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n model:\n - name: libvirt\n info: Virtual Machine\n vendor-class: vmware\n hardware-model: esxi6\n\n- **name** Model name\n- **info** Detailed description\n- **vendor-class** Hardware vendor\n- **hardware-model** Hardware model\n\nSection ``medium``\n^^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n medium:\n - name: Ubuntu Mirror\n path: \"http://archive.ubuntu.com/ubuntu\"\n os-family: Debian\n\n- **name** Model name\n- **path** The path to the medium, can be a URL or a valid NFS server\n (exclusive of the architecture)\n- **os-family** Operating system family, available values: AIX,\n Altlinux, Archlinux, Coreos, Debian, Freebsd, Gentoo, Junos, NXOS,\n Redhat, Solaris, Suse, Windows\n\nSection ``partition-table``\n^^^^^^^^^^^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n partition-table:\n - name: Ubuntu Default\n os-family: Debian\n audit-comment: initial import\n layout: |\n #!ipxe\n \u003c%#\n kind: iPXE\n name: RLC iPXE\n oses:\n - Ubuntu 14.04\n %\u003e\n [...]\n locked: false\n\n- **name** Partition table name\n- **os-family** Operating system family, available values: AIX,\n Altlinux, Archlinux, Coreos, Debian, Freebsd, Gentoo, Junos, NXOS,\n Redhat, Solaris, Suse, Windows\n- **audit-comment** Comment for the audit log\n- **layout** Partition layout\n- **locked** Whether or not the template is locked for editing\n\nSection ``provisioning-template``\n^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n provisioning-template:\n name: Ubuntu Preseed\n template: |\n \u003c%#\n kind: provision\n name: Ubuntu Preseed\n oses:\n - Debian 8.\n %\u003e\n [...]\n snippet: false\n audit-comment: initial import\n template-kind-id: 3\n template-combination-attribute:\n os:\n - name: Debian 8\n locked: false\n\n- **name** Partition table name\n- **template** The provisioning template itself\n- **snippet** Set to true if template is a snippet only\n- **audit-comment** Comment for the audit log\n- **template\\_kind\\_id** Template kind id\n- **os**\n- **name** Operating system name, maps to ``os.name``\n- **locked** Whether or not the template is locked for editing\n\nSection ``os``\n^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n os:\n - name: Ubuntu\n major: 14\n minor: 4\n description: Ubuntu 14.04 LTS\n family: Debian\n release-name: trusty\n password-hash: SHA512\n architecture:\n - name: x86_64\n provisioning-template:\n - name: Ubuntu PXE\n - name: Ubuntu Preseed\n medium:\n - name: Ubuntu Mirror\n partition-table:\n - name: Ubuntu Default\n parameters:\n version: \"14.04\"\n codename: \"trusty\"\n\n- **name** Operating system table name\n- **major** The provisioning template itself\n- **minor** Set to true if template is a snippet only\n- **description** Comment for the audit log\n- **family** Operating system family, available values: AIX, Altlinux,\n Archlinux, Coreos, Debian, Freebsd, Gentoo, Junos, NXOS, Redhat,\n Solaris, Suse, Windows\n- **release-name** OS release name\n- **password-hash** Root password hash function to use, one of MD5,\n SHA256, SHA512, Base64\n- **architecture**\n- **name** Architecture name, maps to ``architecture.name``\n- **provisioning-template**\n- **name** Provisioning template name, maps to\n ``provisioning-template.name``\n- **medium**\n- \\_\\_ name\\_\\_ Medium name, maps to ``medium.name``\n- **partition-table**\n- **name** Ptable name, maps to ``partition-table.name``\n- **parameters**\n- \\_\\_ key\\_\\_ Additional OS settings in format 'keyname': 'keyvalue'\n\nSection ``hostgroup``\n^^^^^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n hostgroup:\n - name: switzerland\n parent:\n environment: production\n os: Ubuntu 14.04 LTS\n architecture: x86_64\n medium: Ubuntu Mirror\n partition-table: Ubuntu Default\n subnet: lab\n domain: lab.local\n parameters:\n - keyname: keyvalue\n\n- **name** Hostgroup name\n- **parent** Parent hostgroup\n- **environment** Environment name, maps to ``environment.name``\n- **os** Operating system name, maps to ``os.name``\n- **architecture** Architecture name, maps to ``architecture.name``\n- **medium** Media name, maps to ``medium.name``\n- **partition-table** Ptable name, maps to ``partition-table.name``\n- **subnet** Subnet name, maps to ``subnet.name``\n- **domain** Domain name, maps to ``domain.name``\n- **parameters** Dict of params -**keyname** Value of param\n\nSection ``host``\n^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n host:\n - name: testhost\n domain: lab.local\n architecture: x86_64\n hostgroup: switzerland\n environment: production\n os: Ubuntu 14.04 LTS\n media: Ubuntu Mirror\n partition: Ubuntu Default\n model: VMWare VM\n mac: 00:11:22:33:44:55\n root-pass: supersecret42\n parameters:\n env: prod\n kernel_params: quiet\n\n- **name** Host name\n- **domain** Domain name, maps to ``domain.name``\n- **architecture** Architecture name, maps to ``architecture.name``\n- **hostgroup** Hostgroup name, maps to ``hostgroup.name``\n- **environment** Environment name, maps to ``environment.name``\n- **os** Operating system name, maps to ``os.name``\n- **media** Media name, maps to ``medium.name``\n- **partition** Ptable name, maps to ``partition.name``\n- **model** Hardware model name, maps to ``model.name``\n- **mac** MAC address\n- **root-pass** Root password\n- **parameters** Dict of params\n- **keyname** Value of param\n\nSection ``roles``\n^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n roles:\n - name: testrole\n permissions:\n architecture:\n - view_architectures\n - edit_architectures\n compute_resources:\n - view_compute_resources\n - create_compute_resources\n - destroy_compute_resources\n\n- **name** Role name\n- **permissions**\n- **groupname** Name of permission group (not applied to foreman), only\n for clarity\n\n - **permission\\_name** Permission name, maps to ``permission.name``\n - **permission\\_name** Permission name, maps to ``permission.name``\n - **permission\\_name** Permission name, maps to ``permission.name``\n - ... ...\n\nSection ``users``\n^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n users:\n - login: testhaaaans\n password: schmetterling42\n mail: haaaans@example.com\n auth-source: ldap-is-not-web-scale\n firstname: Test\n lastname: Haaaaaans\n admin: true\n timezone: UTC\n locale: en\n\n- **login** User login\n- **password** Password of user\n- **auth-source** Name of auth source or 'INTERNAL' for foreman-own\n auth source\n- **firstname** First name of user\n- **lastname** Last name of user\n- **admin** If ``true``, user will be created with admin permissions\n- **timezone** Timezone for the user\n- **locale** WebUI locale for the user\n\nSection ``usergroups``\n^^^^^^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n usergroups:\n - name: api-test2\n admin: false\n users:\n - name: foo\n - name: burlson\n groups:\n - name: api-testgroup\n ext-usergroups:\n - name: foremangroup\n auth-source-ldap: ldap-is-not-web-scale\n roles:\n - name: foo\n\n- **name** Usergroup name\n- **admin** If set to true or 1, group is has admin permissions\n- **users** List of users\n- **name** Username, maps to ``users.name``\n- **groups** List of groups\n- **name** Groupname, maps to ``usergroups.name``\n- **ext-usergroups** List of external usergroups\n- **name** Name of the external usergroup\n- **auth-source-ldap** Name of the external auth source, maps to\n ``auth-source-ldap.name``\n- **roles** List of roles\n- **name** Role name, maps to ``role.name``\n\nSection ``auth-source-ldap``\n^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n auth-source-ldap:\n - name: ldap-is-not-web-scale\n host: 10.11.12.13\n port: 389\n account: uid=binduser,cn=users,dc=test,dc=example,dc=com\n account-password: 123qwe\n base-dn: dc=test,dc=example,dc=com\n attr-login: uid\n attr-firstname: firstName\n attr-lastname: lastName\n attr-mail: mail\n attr-photo: picture\n onthefly-register: false\n usergroup-sync: false\n tls: false\n groups-base: cn=groups,dc=test,dc=example,dc=com\n ldap-filter:\n server-type: posix\n\n- **name** Name of the authsource\n- **host** LDAP host\n- **port** Server port\n- **account** Bind account user\n- **account-password** Bind account password\n- **base-dn** LDAP Base DN\n- **attr-login** LDAP attribute for username, required if\n onthefly-register is true\n- **attr-firstname** LDAP attribute for first name, required if\n onthefly-register is true\n- **attr-lastname** LDAP attribute for last name, required if\n onthefly-register is true\n- **attr-mail** LDAP attribute for mail, required if onthefly-register\n is true\n- **attr-photo** LDAP attribute for user photo\n- **onthefly-register** Register users on the fly if ``true`` or ``1``\n- **usergroup-sync** Sync external user groups on login if ``true`` or\n ``1``\n- **tls** If ``true`` or ``1``, use SSL to connect to the server\n- **groups-base** groups base DN\n- **ldap-filter** LDAP filter\n- **server-type** LDAP Server type, valid are ``free_ipa``,\n ``active_directory`` and ``posix``\n\nCleanup (delete) settings\n~~~~~~~~~~~~~~~~~~~~~~~~~\n\nIf the keyword ``cleanup`` is provided to foreman-yml, it will try to\ndelete items specified by its name.\n\n::\n\n foreman-yml cleanup /path/to/config.yml\n\nSection ``cleanup-[architecture|compute-profile|partition-table|provisioning-template]``\n^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n\n.. code:: yaml\n\n cleanup-[architecture|compute-profile|partition-table|provisioning-template]:\n - name: foo\n - name: bar\n\nRemoves specified objects, mapping to object.name - **name**\narchitecture\\|compute-profile\\|partition-table\\|provisioning-template\nname to delete\n\nHacking\n-------\n\n::\n\n virtualenv --system-site-packages venv-dev\n source venv-dev/bin/activate\n pip install -e .\n\nDocker\n------\n\n::\n\n docker build -t foreman-yml .\n docker run foreman-yml dump my-server-config.yml \u003e my-server.dump\n # specific snowflake configuration\n docker run -ti -v $(pwd)/configs:/foreman-yml/configs foreman-yml dump configs/snowflake.yml\n\nFuture\n------\n\n- Dump current settings\n- Better documentaion\n\nLicense\n-------\n\nGNU GENERAL PUBLIC LICENSE Version 3\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadfinis%2Fforeman-yml","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadfinis%2Fforeman-yml","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadfinis%2Fforeman-yml/lists"}