After that run puppet on puppetmaster once, so the ferm config get
adjusted.
- : __handel__ && puppetd -t --environment=production
+ : __handel__ && puppet agent -t --environment=production
- : ::client:: && apt-get update &&
- apt-get install --no-install-recommends puppet libaugeas-ruby1.8 augeas-lenses lsb-release &&
- /etc/init.d/puppet stop &&
- (puppetd -t || true ) &&
+ : ::client:: && me=$(hostname -f) && [ "$me" != "${me%debian.org}" ] && apt-get update &&
+ apt-get install -y --no-install-recommends puppet libaugeas-ruby1.8 augeas-lenses lsb-release &&
+ service puppet stop &&
+ (puppet agent -t || true ) &&
cd /var/lib/puppet/ssl/certificate_requests &&
echo sha256sum output: && echo &&
- sha256sum $(hostname -f).pem &&
+ sha256sum $me.pem &&
echo && echo && cd /
This will not overwrite anything yet, since handel has not signed the
Compare incoming csr request:
on handel, paste the sha256output::
- : __handel__ && echo "paste sha256sum output now:" &&
+ : __handel__ &&
+ ud-replicate && sudo -u puppet make -C /srv/puppet.debian.org/ca/ install &&
+ echo "paste sha256sum output now:" &&
read sha256 filename &&
cd /var/lib/puppet/ssl/ca/requests &&
( [ -e $filename ] || (echo "$filename does not exist."; exit 1) ) &&
Then run (this will change the configs in /etc):
- : ::client:: && puppetd -t
+ : ::client:: && puppet agent -t --pluginsync
-This run will start puppet after reconfiguring it, so if you are
-unhappy with what just happened, you'll need to stop it again to do
+This run will start puppet after reconfiguring it, so if you are
+unhappy with what just happened, you'll need to stop it again to do
repair.
Double check apt - the puppet setup usually results in duplicate apt
sources, since we ship a few under sources.list.d. Remove any unnecessary
entries from sources.list.
+On handel, make sure the certs exist for the new host
+
+
We ship a samhain config file that includes /lib and /usr/lib. This will
almost certainly be different than the config file on the machine, so it
will result in 1000s of files changed.