cluePrints · June 18, 2012 20:39
diff --git a/puppet_client_install_centos.sh b/puppet_client_install_centos.sh
 EXPORT CLIENT_FQDN="my.client.com"
 EXPORT SERVER_FQDN="my.server.com"
 EXPORT CLIENT_IP=". . ."
 EXPORT SERVER_IP=". . ."


 cat > /etc/sysconfig/network << EOF
 NETWORKING=yes
 NETWORKING_IPV6=no
 HOSTNAME=$CLIENT_FQDN
 EOF

 service iptables save
 service iptables stop
 chkconfig iptables off



 cat > /etc/selinux/config << EOF
 # This file controls the state of SELinux on the system.
 # SELINUX= can take one of these three values:
 #       enforcing - SELinux security policy is enforced.
 #       permissive - SELinux prints warnings instead of enforcing.
 #       disabled - SELinux is fully disabled.
 SELINUX=disabled
 # SELINUXTYPE= type of policy in use. Possible values are:
 #       targeted - Only targeted network daemons are protected.
 #       strict - Full SELinux protection.
 SELINUXTYPE=targeted
 EOF

 cat > /etc/yum.repos.d/puppet.repo << EOF
 [puppetlabs]
 name=Puppet Labs Packages
 baseurl=http://yum.puppetlabs.com/el/\$releasever/products/\$basearch/
 enabled=1
 gpgcheck=1
 gpgkey=http://yum.puppetlabs.com/RPM-GPG-KEY-puppetlabs
 EOF

 rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm

 yum install puppet -y

 cat > /etc/puppet/puppet.conf << EOF
 [main]
    # The Puppet log directory.
    # The default value is '$vardir/log'.
    logdir = /var/log/puppet

    # Where Puppet PID files are kept.
    # The default value is '$vardir/run'.
    rundir = /var/run/puppet

    # Where SSL certificates are kept.
    # The default value is '$confdir/ssl'.
    ssldir = \$vardir/ssl

 [agent]
    server = $SERVER_FQDN
    listen = true
    # The file in which puppetd stores a list of the classes
    # associated with the retrieved configuratiion.  Can be loaded in
    # the separate ``puppet`` executable using the ``--loadclasses``
    # option.
    # The default value is '$confdir/classes.txt'.
    classfile = \$vardir/classes.txt

    # Where puppetd caches the local configuration.  An
    # extension indicating the cache format is added automatically.
    # The default value is '$confdir/localconfig'.
    localconfig = \$vardir/localconfig
 EOF

 cat > /etc/hosts << EOF
 127.0.0.1       localhost.localdomain localhost
 ::1             localhost6.localdomain6 localhost6
 $CLIENT_IP  $CLIENT_FQDN
 $SERVER_IP  $SERVER_FQDN
 EOF

 chmod u+x /etc/rc.local
 echo "service puppet start" >> /etc/rc.local

 reboot

 ###################################################
 # Manual part
 ####################################################

 # On client:
 puppetd --test --waitforcert

 # On master:
 puppetca --sign :all
	EXPORT CLIENT_FQDN="my.client.com"
	EXPORT SERVER_FQDN="my.server.com"
	EXPORT CLIENT_IP=". . ."
	EXPORT SERVER_IP=". . ."


	cat > /etc/sysconfig/network << EOF
	NETWORKING=yes
	NETWORKING_IPV6=no
	HOSTNAME=$CLIENT_FQDN
	EOF

	service iptables save
	service iptables stop
	chkconfig iptables off



	cat > /etc/selinux/config << EOF
	# This file controls the state of SELinux on the system.
	# SELINUX= can take one of these three values:
	# enforcing - SELinux security policy is enforced.
	# permissive - SELinux prints warnings instead of enforcing.
	# disabled - SELinux is fully disabled.
	SELINUX=disabled
	# SELINUXTYPE= type of policy in use. Possible values are:
	# targeted - Only targeted network daemons are protected.
	# strict - Full SELinux protection.
	SELINUXTYPE=targeted
	EOF

	cat > /etc/yum.repos.d/puppet.repo << EOF
	[puppetlabs]
	name=Puppet Labs Packages
	baseurl=http://yum.puppetlabs.com/el/\$releasever/products/\$basearch/
	enabled=1
	gpgcheck=1
	gpgkey=http://yum.puppetlabs.com/RPM-GPG-KEY-puppetlabs
	EOF

	rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm

	yum install puppet -y

	cat > /etc/puppet/puppet.conf << EOF
	[main]
	# The Puppet log directory.
	# The default value is '$vardir/log'.
	logdir = /var/log/puppet

	# Where Puppet PID files are kept.
	# The default value is '$vardir/run'.
	rundir = /var/run/puppet

	# Where SSL certificates are kept.
	# The default value is '$confdir/ssl'.
	ssldir = \$vardir/ssl

	[agent]
	server = $SERVER_FQDN
	listen = true
	# The file in which puppetd stores a list of the classes
	# associated with the retrieved configuratiion. Can be loaded in
	# the separate ``puppet`` executable using the ``--loadclasses``
	# option.
	# The default value is '$confdir/classes.txt'.
	classfile = \$vardir/classes.txt

	# Where puppetd caches the local configuration. An
	# extension indicating the cache format is added automatically.
	# The default value is '$confdir/localconfig'.
	localconfig = \$vardir/localconfig
	EOF

	cat > /etc/hosts << EOF
	127.0.0.1 localhost.localdomain localhost
	::1 localhost6.localdomain6 localhost6
	$CLIENT_IP $CLIENT_FQDN
	$SERVER_IP $SERVER_FQDN
	EOF

	chmod u+x /etc/rc.local
	echo "service puppet start" >> /etc/rc.local

	reboot

	###################################################
	# Manual part
	####################################################

	# On client:
	puppetd --test --waitforcert

	# On master:
	puppetca --sign :all