From b3da29d54a4a7d976d2ae94d0c70578add70aea1 Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Sat, 27 Mar 2010 16:12:06 +0100
Subject: [PATCH] puppet from bpo

---
 input/howto/puppet-setup.mdwn | 62 ++++++++++++++++++++++++++++++-----
 1 file changed, 53 insertions(+), 9 deletions(-)

diff --git a/input/howto/puppet-setup.mdwn b/input/howto/puppet-setup.mdwn
index 821e98d..deb4b88 100644
--- a/input/howto/puppet-setup.mdwn
+++ b/input/howto/puppet-setup.mdwn
@@ -10,9 +10,51 @@ Make sure you have set up the IP address for the new machine in ud-ldap.
 After that run puppet on puppetmaster once, so the ferm config get
 adjusted.
 
-	: __handel__ && puppetd -w 5 -t --factsync --environment=production
-
-	: ::client:: && apt-get install --no-install-recommends puppet &&
+        : __handel__ && puppetd -w 5 -t --factsync --environment=production
+
+        : ::client:: && echo 'deb http://mirror.netcologne.de/debian-backports/ lenny-backports main' > /etc/apt/sources.list.d/backports.org.list &&
+                apt-key add - << EOF &&
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.9 (GNU/Linux)
+
+mQGiBEMIgw4RBADueqAzlq+rQT9JYSSWnNzo6C+9crI8lzW/fcl2Q3PO97MOQTOx
+Qsf/lOh0Ku7O+VdBa+BwVPuUkSw6wTY5Ku1y/6r1BQzJ9oHkryDDJXsHzKhpdyFc
+/lD4hNGqRkiNg5ulwAI0O1eqffPWDmeR9ZzSsqM40f1U4TNLfPAu1viWxwCgnbWz
+onY6RqSYlRsDQaPsNTwieVEEAJeX2FGgNepD1SvfEremAkWCrYYlSZI76iTIf6bd
+kGkWqIT0vJyE2MNenhDJ2ebbHJVFmL9x8S3m1daC4Zwnacm7aoCY/QgMJ+Js1Fex
+Acev48W9KHgpVbFMd1t8KAwRbmFcQf0C/FZUbE7xScpTxS4z3SsMOuRyfnGpDOi6
+m/SnA/9wpquf3pPwbPykzKWNJEDouiJgt0zaFLauKDPeyTWeJ6htaAPDglArewdq
+bJ9M8QgLFtzjhg/fBQlRRUk7YP4OYtp1OdPkg2D/1rPQNySWlDf21T3N/K8ydKhR
+bYi+AsPuJLQUi3d+lVTFOebaL9felePvDC2/Eod7PSD1/rnkZ7Q0QmFja3BvcnRz
+Lm9yZyBBcmNoaXZlIEtleSA8ZnRwLW1hc3RlckBiYWNrcG9ydHMub3JnPohGBBAR
+AgAGBQJDgImkAAoJEHFe1qB+e4rJ2x4An2oI4xJpDvOx8uDIo9ihG1M0MpUqAJ9S
+cqVUmiyYSPtu8MwcZecy9kmOIYheBBMRAgAeBQJDCIMOAhsDBgsJCAcDAgMVAgMD
+FgIBAh4BAheAAAoJEOqOiyEWuhNsDt4AniaEBvlr4oVFMrGgPiye7iE/jv68AJ48
+OkIfwcKJt7N8ImPAboeimFvWgIheBBMRAgAeBQJDCIMOAhsDBgsJCAcDAgMVAgMD
+FgIBAh4BAheAAAoJEOqOiyEWuhNsDt4AnjdB14rGa/rzz1ohwsi1oEnDRYuyAJ44
+Nv8MTPjOaeEZArQ0flg8OXwF34hGBBARAgAGBQJEeI+KAAoJEHvDNTBle/A9pDwA
+mwVpbaoH1hebV4MgXIpRvTQiL2keAJ9ryd2LvhbPd5EZM1C3Nsar2/2CgIhGBBAR
+AgAGBQJHE7HYAAoJEGvFvIY3KyPVlwEAoJyGuJ/SsJTlyIVbulWYp3U/uZQTAJ4l
+40SrE/wwDeSIrhWNkmmNPbnz54hGBBARAgAGBQJHKneLAAoJEBRrPPJWJbOATcsA
+n3I8y3pJN6jkmnhUQepfa7jJoDY2AKClHVXYuNZpc2jZKyruwgwck+jCabkCDQRD
+CIMREAgAzXu6DGSDAz4JH+mlthtiQwNZFU8bjWanGT3DL6zubxwc3ZQmRaMOiVuv
+JUuaJv8fdGRSvp09dP2/x5mzq2rACiEnDwZssNSK5sigxgy2W9zeO9bOtg6bhqZL
+wlsL8Y2xZhyGL3qGeP4zL1QbXZ1QdJuO90Xu7GWYS6Wsj+Y6dUsZFYvTZwSiLkEm
+gFUTxkNue3DQtZ/KNkwoKc+aqU+S7gDNStQDvTNtR6IV11KbKcY1iQ0B2bkh4zSh
+WwloIr83V6huAhfH8GA7UW6saRJAof5DJWUb+PRmU2TAOOlyZoM4nMH+sFFDPOeG
+8fbecwlox5BRTMqcCB5ELbQXoVZT+wADBQf/ffI9R53f9USQkhsSak+k82JjRo9h
+qKAvPwBv3fDhMYqX3XRmwgNeax2y6Ub0AQkDhIC6eJILP5hTb2gjpmYYP7YE/7F1
+h37lUg7dDYeyPQF54mUXPnIg3uQ/V9HBTY+ZW8rsVe1KRvPAuVFU77FfCvIFdLSX
+Vi1HSUcGv9Y7Kk4Tkr7vzKshlcIp6zZrO0Y3t/+ekBwTTQqEoUylVYkCSt3z6bjp
+VWbepkL88rbqJnPueTATw9shjbFYaND8cXZox9tQmlOIZ6gDeH1YvFf7ObRLxULm
+7C6hwik6agtXWkNABVXSxM6MB4hcP9QC+FEhK6y/7wC3SyNRBuFujDG1aohJBBgR
+AgAJBQJDCIMRAhsMAAoJEOqOiyEWuhNsVVMAoJ1gbL0PHVf7yDwMjO3HuJBErxLd
+AJ4v9ojJnvJu2yUl4W586soBm+wsLg==
+=n4L0
+-----END PGP PUBLIC KEY BLOCK-----
+EOF
+                apt-get update &&
+                apt-get install --no-install-recommends puppet/lenny-backports &&
                 /etc/init.d/puppet stop &&
                 puppetd -w 5 --debug -t --factsync
 
@@ -22,20 +64,20 @@ client cert.  Now is the time to abort if you are getting cold feet.
 Compare incoming csr request:
 on handel:
 
-	: __handel__ && echo -n 'Client name: ' && read client &&
+        : __handel__ && echo -n 'Client name: ' && read client &&
                 sha1sum /var/lib/puppet/ssl/ca/requests/$client.debian.org.pem
 on new client:
 
-	: ::client:: && sha1sum /var/lib/puppet/ssl/csr_$(hostname).debian.org.pem
+        : ::client:: && sha1sum /var/lib/puppet/ssl/csr_$(hostname).debian.org.pem
 
 If you're satisfied, sign the request on handel with:
 
-	: __handel__ && puppetca --sign $client.debian.org
+        : __handel__ && puppetca --sign $client.debian.org
 
 bootstrap client knowledge of puppet ca:
 on handel:
 
-	: __handel__ && echo 'cat > /var/lib/puppet/ssl/certs/ca.pem << EOF ' &&
+        : __handel__ && echo 'cat > /var/lib/puppet/ssl/certs/ca.pem << EOF ' &&
                 cat /var/lib/puppet/ssl/certs/ca.pem &&
                 echo 'EOF' &&
                 echo "cat > /var/lib/puppet/ssl/certs/$client.debian.org.pem << EOF " &&
@@ -44,14 +86,14 @@ on handel:
 
 and execute this on the client.
 
-	: ::client:: copy paste the thing you just created on handel
+        : ::client:: copy paste the thing you just created on handel
 
 If this is a busy mail host, you might want to stop exim before proceeding
 although the config files should remain identical before and after.
 
 Then run (this will change the configs in /etc):
 
-	: ::client:: && puppetd -w 5 --debug -t --factsync
+        : ::client:: && puppetd -w 5 --debug -t --factsync
 
 This run will start puppet after reconfiguring it, so if you are 
 unhappy with what just happened, you'll need to stop it again to do 
@@ -65,3 +107,5 @@ We ship a samhain config file that includes /lib and /usr/lib.  This will
 almost certainly be different than the config file on the machine, so it
 will result in 1000s of files changed.
 You may need to run samhain update after getting puppet going.
+
+# vim:textwidth=72 sw=8 ts=8 et
-- 
2.20.1