Foreman 1.23 install with separate puppet server

foreman-install.sh

# Start with puppet-install.sh first

export PUPPET_FQDN=puppet.example.com

sudo groupadd puppet # Otherwise error during install

sudo foreman-installer \
--no-enable-foreman-proxy \
--puppet-server false \
--puppet-puppetmaster ${PUPPET_FQDN}

# Above actually fails (unreported) to start apache2 on https port due to missing certificates, carry on

# You need the below to finish puppet-install.sh
sudo foreman-rake config -- -k oauth_consumer_key
sudo foreman-rake config -- -k oauth_consumer_secret

# Finish puppet-install.sh

puppet-install.sh

export FOREMAN_FQDN=foreman.example.com

sudo foreman-installer \
--no-enable-foreman \
--puppet-server true \
--puppet-server-foreman-url https://${FOREMAN_FQDN} \
--puppet-autosign-entries ${FOREMAN_FQDN} \
--enable-foreman-proxy \
--foreman-proxy-tftp false \
--foreman-proxy-puppet true \
--foreman-proxy-puppetca true \
--foreman-proxy-foreman-base-url https://${FOREMAN_FQDN} \
--foreman-proxy-trusted-hosts ${FOREMAN_FQDN} \
--foreman-proxy-register-in-foreman false

sudo ln -s /opt/puppetlabs/bin/puppet /usr/local/sbin/puppet
sudo ln -s /opt/puppetlabs/bin/puppetserver /usr/local/sbin/puppetserver

# Now run through foreman-install.sh

# Replace OAUTH_KEY and OAUTH_SECRET with values from foreman-install.sh
sudo foreman-installer \
--foreman-proxy-oauth-consumer-key OAUTH_KEY \
--foreman-proxy-oauth-consumer-secret OAUTH_SECRET \
--foreman-proxy-register-in-foreman true \
--reset-puppet-autosign-entries