-
-
Save arubdesu/0c76fb5b28abfcb2f9d6 to your computer and use it in GitHub Desktop.
Both ends, quick n dirty
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
sudo puppet cert generate $SERIAL | |
declare -xr DS_REPOSITORY_PATH=/foo | |
declare -xr SSLDIR=/private/etc/puppet/ssl/ | |
mkdir /$DS_REPOSITORY_PATH/PuppetCerts/$SERIAL | |
mv $SSLDIR/ca/signed/$SERIAL.pem /$DS_REPOSITORY_PATH/PuppetCerts/$SERIAL/cert-$SERIAL.pem | |
mv $SSLDIR/private_keys/$SERIAL.pem /$DS_REPOSITORY_PATH/PuppetCerts/$SERIAL/priv-key-$SERIAL.pem | |
mv $SSLDIR/public_keys/$SERIAL.pem /$DS_REPOSITORY_PATH/PuppetCerts/$SERIAL/pub-key-$SERIAL.pem |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# testing target volume, my boot drive | |
DS_LAST_RESTORED_VOLUME="/Volumes/Mac95GB" | |
declare -x TARGETED_INTERNAL_DRIVE="$DS_LAST_RESTORED_VOLUME" | |
declare -x PUPPET_CLIENT_CERTS_DIR="$DS_REPOSITORY_PATH/PuppetCerts" | |
cp "$PUPPET_CLIENT_CERTS_DIR"/$DS_SERIAL_NUMBER/cert-$DS_SERIAL_NUMBER.pem "$TARGETED_INTERNAL_DRIVE"/var/lib/ssl/certs/$DS_SERIAL_NUMBER.pem " | |
echo "$PUPPET_CLIENT_CERTS_DIR"/priv-key-"$DS_SERIAL_NUMBER".pem "$TARGETED_INTERNAL_DRIVE"/var/lib/ssl/private_keys/$DS_SERIAL_NUMBER.pem | |
echo "$PUPPET_CLIENT_CERTS_DIR"/pub-key-"$DS_SERIAL_NUMBER".pem "$TARGETED_INTERNAL_DRIVE"/var/lib/ssl/public_keys/$DS_SERIAL_NUMBER.pem | |
# chown -R root:wheel /var/lib/ssl | |
while getopts "v" opt; do | |
case "$opt" in | |
v) DS_LAST_RESTORED_VOLUME="$OPTARG";; | |
esac | |
done | |
exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This would work as long as you're running
puppet cert generate
on the Puppet master and that $SERIAL were also being set as the certname for the agent.