amosshapira/aws-bootstrap-puppetmaster

## aws-bootstrap-puppetmaster
#!/bin/sh

# create custom fact to identify the role of this server
mkdir -p /etc/facter/facts.d/
echo "server_role=puppetmaster" >> /etc/facter/facts.d/server_role.txt

# make sure everything is up to date
wget http://apt.puppetlabs.com/puppetlabs-release-raring.deb
dpkg -i puppetlabs-release-raring.deb
apt-get update
apt-get dist-upgrade -y

# install puppet and dependencies
apt-get install -y unattended-upgrades puppetmaster git rubygems
gem install r10k

# configure r10k and deploy puppet environments
cat <<EOF > /etc/r10k.yaml
:cachedir: '/var/cache/r10k'
:sources:
  :plops:
    remote: 'https://github.com/gehel/puppetmaster.git'
    basedir: '/etc/puppet/environments'
:purgedirs:
  - '/etc/puppet/environments'
EOF
r10k deploy environment

# deploy keys for hiera
cat <<EOF > /etc/puppet/private_key.pkcs7.pem
-----BEGIN RSA PRIVATE KEY-----
[...]
-----END RSA PRIVATE KEY-----
EOF
cat <<EOF > /etc/puppet/public_key.pkcs7.pem
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
EOF

# puppet run to ensure basic configuration
cat <<EOF > /tmp/puppet.pp
class { 'puppet':
  mode          => 'server',
  server        => 'puppet.ledcom.ch',
  dns_alt_names => 'puppet.ledcom.ch',
  environment   => 'production',
  manifest_path => '\$confdir/environments/\$environment/site/site.pp',
  module_path   => '\$confdir/environments/\$environment/modules:\$confdir/environments/\$environment/dist',
}
EOF
service puppetmaster stop
puppet apply --modulepath=/etc/puppet/environments/production/modules /tmp/puppet.pp
rm /tmp/puppet.pp

# remove current puppet certificate, they will be regenerated with correct alt_names
find $(puppet master --configprint ssldir) -name "$(puppet master --configprint certname).pem" -delete
service puppetmaster restart

# full puppet run to ensure server is completely created
puppet agent -t
	#!/bin/sh

	# create custom fact to identify the role of this server
	mkdir -p /etc/facter/facts.d/
	echo "server_role=puppetmaster" >> /etc/facter/facts.d/server_role.txt

	# make sure everything is up to date
	wget http://apt.puppetlabs.com/puppetlabs-release-raring.deb
	dpkg -i puppetlabs-release-raring.deb
	apt-get update
	apt-get dist-upgrade -y

	# install puppet and dependencies
	apt-get install -y unattended-upgrades puppetmaster git rubygems
	gem install r10k

	# configure r10k and deploy puppet environments
	cat <<EOF > /etc/r10k.yaml
	:cachedir: '/var/cache/r10k'
	:sources:
	:plops:
	remote: 'https://github.com/gehel/puppetmaster.git'
	basedir: '/etc/puppet/environments'
	:purgedirs:
	- '/etc/puppet/environments'
	EOF
	r10k deploy environment

	# deploy keys for hiera
	cat <<EOF > /etc/puppet/private_key.pkcs7.pem
	-----BEGIN RSA PRIVATE KEY-----
	[...]
	-----END RSA PRIVATE KEY-----
	EOF
	cat <<EOF > /etc/puppet/public_key.pkcs7.pem
	-----BEGIN CERTIFICATE-----
	[...]
	-----END CERTIFICATE-----
	EOF

	# puppet run to ensure basic configuration
	cat <<EOF > /tmp/puppet.pp
	class { 'puppet':
	mode => 'server',
	server => 'puppet.ledcom.ch',
	dns_alt_names => 'puppet.ledcom.ch',
	environment => 'production',
	manifest_path => '\$confdir/environments/\$environment/site/site.pp',
	module_path => '\$confdir/environments/\$environment/modules:\$confdir/environments/\$environment/dist',
	}
	EOF
	service puppetmaster stop
	puppet apply --modulepath=/etc/puppet/environments/production/modules /tmp/puppet.pp
	rm /tmp/puppet.pp

	# remove current puppet certificate, they will be regenerated with correct alt_names
	find $(puppet master --configprint ssldir) -name "$(puppet master --configprint certname).pem" -delete
	service puppetmaster restart

	# full puppet run to ensure server is completely created
	puppet agent -t