1 = how to add a new machine =
3 Note: this has recently been changed to rely more on [[puppet|howto/puppet-setup]]. If stuff breaks fix it.
8 apt-get install --no-install-recommends ssh vim &&
9 echo -n > /etc/environment &&
10 echo -n > /etc/default/locale &&
11 apt-get install --no-install-recommends dialog &&
12 echo "debconf debconf/priority select high" | debconf-set-selections &&
13 echo "debconf debconf/frontend select Dialog" | debconf-set-selections
16 * unless we want to keep it:
18 dpkg -l postfix | grep '^ii postfix' && (dpkg --purge postfix && rm /etc/aliases)
21 * on draghi, add the host to the ldap using ud-host. Set the ssh key and the IP Address attributes.
23 * run generate, or wait until cron runs it for you. Update DNS.
25 : :: draghi :: && sudo -u sshdist ud-generate && sudo -H ud-replicate && sudo -H puppetd --no-daemonize --onetime
26 : :: denis :: && sudo -H ud-replicate
29 * setup [[puppet|howto/puppet-setup]] (run the puppet client two or three times until things converge.)
31 * on the host, run ud-replicate and check if it worked
37 * install debian.org which brings you shells and much other fun
39 apt-get install -y debian.org debian.org-recommended
42 * run puppet a couple times
44 puppet agent --no-daemonize --onetime; puppet agent --no-daemonize --onetime; puppet agent --no-daemonize --onetime; puppet agent --no-daemonize --onetime
47 * install security updates etc.
49 apt-get update && apt-get dist-upgrade && apt-get clean
52 * try to login using your user and ssh key. you should get a homedir.
54 * try to become root using sudo.
56 * make ca-certificates sane: (choose to *not* trust new certs, and we only want the spi cert activated)
58 echo "ca-certificates ca-certificates/trust_new_crts select no" | debconf-set-selections
59 sed -i -e 's/^[^#!].*/!&/; s#^!spi-inc.org/spi-cacert-2008.crt#spi-inc.org/spi-cacert-2008.crt#' /etc/ca-certificates.conf
60 dpkg-reconfigure ca-certificates
63 * Add debian-admin@debian.org to root in /etc/aliases
65 if ! egrep '^root:' /etc/aliases > /dev/null; then
66 echo "root: debian-admin@debian.org" >> /etc/aliases
67 elif ! egrep '^root:.*debian-admin@debian.org' /etc/aliases > /dev/null; then
68 sed -i -e 's/^root: .*/&, debian-admin@debian.org/' /etc/aliases
73 * install samhain and get puppet to configure it
75 apt-get install -y samhain &&
76 ( puppet agent --no-daemonize --onetime || true ) &&
77 service samhain stop &&
78 rm /var/state/samhain/samhain_file &&
79 samhain --foreground -t init -p none -s none -l none -m none &&
83 * if it is a HP Proliant, or has other management fu, read [[howto/ilo-https]]
85 * edit dedication into in $DSA-PUPPET/modules/debian-org/misc/local.yaml
89 -- weasel, Wed, 04 Jun 2008 20:52:56 +0200