this list is likely to get out of date quickly).
To set up a new host to be a puppet client, do the following:
+
: ::client:: && apt-get install puppet &&
/etc/init.d/puppet stop &&
puppetd -w 5 --debug -t --factsync
Compare incoming csr request:
on handel:
+
: __handel__ && echo -n 'Client name: ' && read client &&
sha1sum /var/lib/puppet/ssl/ca/requests/$client.debian.org.pem
on new client:
+
: ::client:: && sha1sum /var/lib/puppet/ssl/csr_$(hostname).debian.org.pem
If you're satisfied, sign the request on handel with:
+
: __handel__ && puppetca --sign $client.debian.org
bootstrap client knowledge of puppet ca:
on handel:
+
: __handel__ && echo 'cat > /var/lib/puppet/ssl/certs/ca.pem << EOF ' &&
cat /var/lib/puppet/ssl/certs/ca.pem &&
echo 'EOF' &&
echo 'EOF'
and execute this on the client.
+
: ::client:: copy paste the thing you just created on handel
If this is a busy mail host, you might want to stop exim before proceeding
although the config files should remain identical before and after.
Then run (this will change the configs in /etc):
+
: ::client:: && puppetd -w 5 --debug -t --factsync
This run will start puppet after reconfiguring it, so if you are