Skip to content

Instantly share code, notes, and snippets.

View justinstoller's full-sized avatar

Justin Stoller justinstoller

49 followers · 24 following
View GitHub Profile
@justinstoller
justinstoller / 1. steps
Last active May 13, 2020 04:16
Potential 2018.1 patches to aid JRuby 1.7 vs 9k performance disparity
# Steps are to:
# 1. Use `wget` to download the raw content of one of the two included changesets
# 2. Use `patch` to install
#
# Patches can be optionally reverted with `patch` by adding the `--reverse` flag
# The two patches in this gist are mutually exclusive (full-changeset.patch is a superset of the unasserted-iterables.patch).
# The PR corresponding to the unasserted-iterables.patch is here:
# https://github.com/puppetlabs/puppet/pull/8150
# The full-changeset.patch includes the above plus the contents of these PRs (as of 12 May):
# https://github.com/puppetlabs/puppet/pull/8151
@justinstoller
justinstoller / pave.rb
Last active August 19, 2020 15:42
Revoke and Clean Certs in Certdir
require 'optparse'
require 'openssl'
require 'fileutils'
options = {
crl: '/etc/puppetlabs/puppet/ssl/ca/ca_crl.pem',
signeddir: '/etc/puppetlabs/puppet/ssl/ca/signed',
ca_key_path: '/etc/puppetlabs/puppet/ssl/ca/ca_key.pem',
certs_to_skip: ['ca.pem', "`hostname -f`.pem"],
timing: false,
@justinstoller
justinstoller / r10k-4.0.md
Last active February 27, 2024 16:35
support discussion

7 Things to know about r10k 4 in PE 2023.4

(From the PE documentation at: https://www.puppet.com/docs/pe/2023.4/upgrading_pe#upgrade_cautions-r10k-4-upgrade)

  1. Starting in PE 2023.4, if you use Code Manager or r10k, with SSH protocol for remote Git repository access, you must set up SSH host key verification.

To manage the known_hosts file and enable host key verification for Code Manager or r10k, you must define the puppet_enterprise::profile::master::r10k_known_hosts paramet er with an array of hashes specifying "name", "type", and "key" with your hostname, key type, and public key, respectively.

This is the error message you will see if running code deploy:

@justinstoller
justinstoller / manual.sh
Last active October 13, 2023 18:39
This script, if given a host, will create or update a konwn_hosts file that r10k can use in PE 2023.3 or greater.
# These are the four pertinent lines from the script if folks would rather do it themselves:
mkdir -p /opt/puppetlabs/server/data/puppetserver/.ssh
touch /opt/puppetlabs/server/data/puppetserver/.ssh/known_hosts
ssh-keyscan <additional ssh-keyscan args> <hostname> 2>/dev/null | grep -v '# ' >> /opt/puppetlabs/server/data/puppetserver/.ssh/known_hosts
chown -R pe-puppet:pe-puppet /opt/puppetlabs/server/data/puppetserver/.ssh