Created
October 26, 2011 09:15
-
-
Save devkato/1315853 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| usage() { | |
| echo "Usage: hoge.sh -h hostname -m master_hostname -p puppet_port" | |
| exit 2 | |
| } | |
| params=`getopt "h:m:p:i:k:" $*` | |
| set -- $params | |
| for i in $params; do | |
| case $i in | |
| -h) hostname=$2; shift 2;; | |
| -i) host_ipaddress=$2; shift 2;; | |
| -m) master_hostname=$2; shift 2;; | |
| -k) master_ipaddress=$2; shift 2;; | |
| -p) puppet_port=$2; shift 2;; | |
| --) shift; break;; | |
| esac | |
| done | |
| if [ ! "${hostname}" ] || [ ! "${master_hostname}" ] || [ ! "${puppet_port}" ]; then | |
| usage | |
| exit 1 | |
| fi | |
| mkdir /etc/puppet | |
| # -------------------------------------------------- | |
| # Hostname | |
| # -------------------------------------------------- | |
| cat <<_EOF_ >> /etc/hosts | |
| ${master_ipaddress} ${master_hostname} | |
| ${host_ipaddress} ${hostname} | |
| _EOF_ | |
| # -------------------------------------------------- | |
| # user | |
| # -------------------------------------------------- | |
| useradd puppet | |
| # -------------------------------------------------- | |
| # iptables | |
| # -------------------------------------------------- | |
| cat <<_EOF_ > /etc/sysconfig/iptables | |
| *filter | |
| :INPUT DROP [0:0] | |
| :FORWARD DROP [0:0] | |
| :OUTPUT ACCEPT [0:0] | |
| -A INPUT -i lo -j ACCEPT | |
| -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT | |
| -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT | |
| -A INPUT -p tcp -m state --state NEW -m tcp --dport ${puppet_port} -j ACCEPT | |
| -A OUTPUT -j ACCEPT | |
| COMMIT | |
| _EOF_ | |
| service iptables restart | |
| # -------------------------------------------------- | |
| # puppet configurations | |
| # -------------------------------------------------- | |
| cat <<_EOF_ > /etc/puppet/auth.conf | |
| path /run | |
| method save | |
| allow ${master_hostname} | |
| _EOF_ | |
| cat <<_EOF_ > /etc/puppet/namespaceauth.conf | |
| [puppetrunner] | |
| allow ${master_hostname} | |
| _EOF_ | |
| cat <<_EOF_ > /etc/puppet/puppet.conf | |
| [main] | |
| logdir = /var/log/puppet | |
| rundir = /var/run/puppet | |
| ssldir = \$vardir/ssl | |
| [puppetd] | |
| classfile = \$vardir/classes.txt | |
| localconfig = \$vardir/localconfig | |
| listen = true | |
| autoflush = true | |
| _EOF_ | |
| cat <<_EOF_ > /etc/sysconfig/puppet | |
| PUPPET_SERVER=${master_hostname} | |
| PUPPET_LOG=/var/log/puppet/puppet.log | |
| PUPPET_EXTRA_OPTS="--fqdn=${hostname} --verbose --no-client --listen --puppetport=${puppet_port}" | |
| _EOF_ | |
| service puppet start |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment