PuPHPet vs Puppet?

Is PuPHPet intended for basic server settings only?

Puphpet is primarily for development environments, although I have added support for migrating to public servers. I tried to use common sense when it comes to security, such as a firewall and requiring a private key for public servers.

However, Puphpet is supported by one person (me), and it only allows as a server configuration, since I had time to implement it. For things like PHP and Apache, this is fairly detailed. For things like Nginx, Ruby, Python, this is less.

If you need to do more with your configuration, should you use PuPHPet and then manually modify the manifest?

Yes.

Or is it bad because any updates to PuPHPet will overwrite the specified files?

This is not bad, but if you regenerate the archive, then yes, it will not take into account any additional things that you may have done. I would suggest adding a .pp add file to the nodes directory instead of writing to the included ones.

And finally, if you need a finely tuned control, should you just write Puppet configurations from scratch (without using PuPHPet)?

Yes. If you need things that I have not yet implemented, then be sure to write your own Puppet configurations.