TheFlyingCorpse · January 16, 2020 10:48
diff --git a/gistfile1.txt b/gistfile1.txt
 # On PuppetServer (master/ca), restart puppetserver after modifying.
 # vi /etc/puppetlabs/puppetserver/conf.d/auth.conf
        {
            # Allow RUNE to remove shit
            match-request: {
                path: "/puppet-ca/v1/certificate_status"
                type: regex
            }
            allow: "magicscript"
            sort-order: 200
            name: "puppetlabs certificate magic"
        },

        
 # First run, on puppetserver (master/ca)
 puppet cert generate magicscript

 # Copy the certs to the remote endpoint if wanted, update URL's as required.

 # Cert Revoke (PuppetServer)
 curl -v --header "Content-Type: application/json" -X PUT -d '{"desired_state":"revoked"}' "https://puppet:8140/puppet-ca/v1/certificate_status/ryglif13.labdomain.net" --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem --cert /etc/puppetlabs/puppet/ssl/certs/magicscript.pem --key /etc/puppetlabs/puppet/ssl/private_keys/magicscript.pem

 # Cert Delete (PuppetServer)
 curl -v --header "Content-Type: application/json" -X DELETE "https://puppet:8140/puppet-ca/v1/certificate_status/ryglif13.labdomain.net" --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem --cert /etc/puppetlabs/puppet/ssl/certs/magicscript.pem --key /etc/puppetlabs/puppet/ssl/private_keys/magicscript.pem

 # Deactivate node in PuppetDB (removes facts and catalogs):
 curl -X POST http://localhost:8080/pdb/cmd/v1 -H 'Accept: application/json' -H 'Content-Type: application/json' -d '{"command": "deactivate node", "verion": 3, "payload": {"certname":"ryglif13.labdomain.net"}}'
	# On PuppetServer (master/ca), restart puppetserver after modifying.
	# vi /etc/puppetlabs/puppetserver/conf.d/auth.conf
	{
	# Allow RUNE to remove shit
	match-request: {
	path: "/puppet-ca/v1/certificate_status"
	type: regex
	}
	allow: "magicscript"
	sort-order: 200
	name: "puppetlabs certificate magic"
	},


	# First run, on puppetserver (master/ca)
	puppet cert generate magicscript

	# Copy the certs to the remote endpoint if wanted, update URL's as required.

	# Cert Revoke (PuppetServer)
	curl -v --header "Content-Type: application/json" -X PUT -d '{"desired_state":"revoked"}' "https://puppet:8140/puppet-ca/v1/certificate_status/ryglif13.labdomain.net" --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem --cert /etc/puppetlabs/puppet/ssl/certs/magicscript.pem --key /etc/puppetlabs/puppet/ssl/private_keys/magicscript.pem

	# Cert Delete (PuppetServer)
	curl -v --header "Content-Type: application/json" -X DELETE "https://puppet:8140/puppet-ca/v1/certificate_status/ryglif13.labdomain.net" --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem --cert /etc/puppetlabs/puppet/ssl/certs/magicscript.pem --key /etc/puppetlabs/puppet/ssl/private_keys/magicscript.pem

	# Deactivate node in PuppetDB (removes facts and catalogs):
	curl -X POST http://localhost:8080/pdb/cmd/v1 -H 'Accept: application/json' -H 'Content-Type: application/json' -d '{"command": "deactivate node", "verion": 3, "payload": {"certname":"ryglif13.labdomain.net"}}'