X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=input%2Fhowto%2Fpuppet-setup.mdwn;h=243d759d907ce7886b423741b788cb2c508261fa;hb=f4ea7e28a138227dfa183ab828c3ae5a2e0a9001;hp=2ba588d67c197061be8e602c98ceae9a415b2098;hpb=dda7c6ab98a607c865e9f3d569c4e8d7deea0392;p=mirror%2Fdsa-wiki.git diff --git a/input/howto/puppet-setup.mdwn b/input/howto/puppet-setup.mdwn index 2ba588d..243d759 100644 --- a/input/howto/puppet-setup.mdwn +++ b/input/howto/puppet-setup.mdwn @@ -10,12 +10,12 @@ Make sure you have set up the IP address for the new machine in ud-ldap. After that run puppet on puppetmaster once, so the ferm config get adjusted. - : __handel__ && puppet agent -t --environment=production + : __handel__ && puppet agent --no-daemonize --onetime --environment=production : ::client:: && me=$(hostname -f) && [ "$me" != "${me%debian.org}" ] && apt-get update && - apt-get install -y --no-install-recommends puppet libaugeas-ruby1.8 augeas-lenses lsb-release && + apt-get install -y --no-install-recommends puppet ruby-augeas augeas-lenses lsb-release && service puppet stop && - (puppet agent -t || true ) && + (puppet agent --no-daemonize --onetime || true ) && cd /var/lib/puppet/ssl/certificate_requests && echo sha256sum output: && echo && sha256sum $me.pem && @@ -34,7 +34,7 @@ on handel, paste the sha256output:: cd /var/lib/puppet/ssl/ca/requests && ( [ -e $filename ] || (echo "$filename does not exist."; exit 1) ) && echo -e "$sha256 $filename" | sha256sum -c && - puppetca --sign $(basename "$filename" .pem) && + puppet ca sign $(basename "$filename" .pem) && echo && echo && echo && echo 'cat > /var/lib/puppet/ssl/certs/ca.pem << EOF ' && cat /var/lib/puppet/ssl/certs/ca.pem && @@ -42,7 +42,10 @@ on handel, paste the sha256output:: echo "cat > /var/lib/puppet/ssl/certs/$filename << EOF " && cat /var/lib/puppet/ssl/ca/signed/$filename && echo 'EOF' && - cd / + cd / && + echo 'puppet agent --enable' && + echo 'puppet agent --no-daemonize --onetime --pluginsync' && + echo 'puppet agent --no-daemonize --onetime --pluginsync' and execute this on the client. @@ -53,13 +56,13 @@ although the config files should remain identical before and after. Try this once if you're nervous: - : ::client:: && puppet agent -t --pluginsync --noop + : ::client:: && puppet agent --no-daemonize --onetime --pluginsync --noop It will tell you what would have changed without actually doing it. Then run (this will change the configs in /etc): - : ::client:: && puppet agent -t --pluginsync + : ::client:: && puppet agent --no-daemonize --onetime --pluginsync This run will start puppet after reconfiguring it, so if you are unhappy with what just happened, you'll need to stop it again to do