amosshapira · May 11, 2016 12:24
diff --git a/aws-bootstrap-puppetmaster b/aws-bootstrap-puppetmaster
 #!/bin/sh

 # create custom fact to identify the role of this server
 mkdir -p /etc/facter/facts.d/
 echo "server_role=puppetmaster" >> /etc/facter/facts.d/server_role.txt

 # make sure everything is up to date
 wget http://apt.puppetlabs.com/puppetlabs-release-raring.deb
 dpkg -i puppetlabs-release-raring.deb
 apt-get update
 apt-get dist-upgrade -y

 # install puppet and dependencies
 apt-get install -y unattended-upgrades puppetmaster git rubygems
 gem install r10k

 # configure r10k and deploy puppet environments
 cat <<EOF > /etc/r10k.yaml
 :cachedir: '/var/cache/r10k'
 :sources:
  :plops:
    remote: 'https://github.com/gehel/puppetmaster.git'
    basedir: '/etc/puppet/environments'
 :purgedirs:
  - '/etc/puppet/environments'
 EOF
 r10k deploy environment

 # deploy keys for hiera
 cat <<EOF > /etc/puppet/private_key.pkcs7.pem
 -----BEGIN RSA PRIVATE KEY-----
 [...]
 -----END RSA PRIVATE KEY-----
 EOF
 cat <<EOF > /etc/puppet/public_key.pkcs7.pem
 -----BEGIN CERTIFICATE-----
 [...]
 -----END CERTIFICATE-----
 EOF

 # puppet run to ensure basic configuration
 cat <<EOF > /tmp/puppet.pp
 class { 'puppet':
  mode          => 'server',
  server        => 'puppet.ledcom.ch',
  dns_alt_names => 'puppet.ledcom.ch',
  environment   => 'production',
  manifest_path => '\$confdir/environments/\$environment/site/site.pp',
  module_path   => '\$confdir/environments/\$environment/modules:\$confdir/environments/\$environment/dist',
 }
 EOF
 service puppetmaster stop
 puppet apply --modulepath=/etc/puppet/environments/production/modules /tmp/puppet.pp
 rm /tmp/puppet.pp

 # remove current puppet certificate, they will be regenerated with correct alt_names
 find $(puppet master --configprint ssldir) -name "$(puppet master --configprint certname).pem" -delete
 service puppetmaster restart

 # full puppet run to ensure server is completely created
 puppet agent -t
	#!/bin/sh

	# create custom fact to identify the role of this server
	mkdir -p /etc/facter/facts.d/
	echo "server_role=puppetmaster" >> /etc/facter/facts.d/server_role.txt

	# make sure everything is up to date
	wget http://apt.puppetlabs.com/puppetlabs-release-raring.deb
	dpkg -i puppetlabs-release-raring.deb
	apt-get update
	apt-get dist-upgrade -y

	# install puppet and dependencies
	apt-get install -y unattended-upgrades puppetmaster git rubygems
	gem install r10k

	# configure r10k and deploy puppet environments
	cat <<EOF > /etc/r10k.yaml
	:cachedir: '/var/cache/r10k'
	:sources:
	:plops:
	remote: 'https://github.com/gehel/puppetmaster.git'
	basedir: '/etc/puppet/environments'
	:purgedirs:
	- '/etc/puppet/environments'
	EOF
	r10k deploy environment

	# deploy keys for hiera
	cat <<EOF > /etc/puppet/private_key.pkcs7.pem
	-----BEGIN RSA PRIVATE KEY-----
	[...]
	-----END RSA PRIVATE KEY-----
	EOF
	cat <<EOF > /etc/puppet/public_key.pkcs7.pem
	-----BEGIN CERTIFICATE-----
	[...]
	-----END CERTIFICATE-----
	EOF

	# puppet run to ensure basic configuration
	cat <<EOF > /tmp/puppet.pp
	class { 'puppet':
	mode => 'server',
	server => 'puppet.ledcom.ch',
	dns_alt_names => 'puppet.ledcom.ch',
	environment => 'production',
	manifest_path => '\$confdir/environments/\$environment/site/site.pp',
	module_path => '\$confdir/environments/\$environment/modules:\$confdir/environments/\$environment/dist',
	}
	EOF
	service puppetmaster stop
	puppet apply --modulepath=/etc/puppet/environments/production/modules /tmp/puppet.pp
	rm /tmp/puppet.pp

	# remove current puppet certificate, they will be regenerated with correct alt_names
	find $(puppet master --configprint ssldir) -name "$(puppet master --configprint certname).pem" -delete
	service puppetmaster restart

	# full puppet run to ensure server is completely created
	puppet agent -t