dgrstl/AWS Deployment UserData Script

## AWS Deployment UserData Script
#!/bin/bash

#Only edit these two lines:
#username for the console:
PUPPET_PE_CONSOLEPWD='puppetlabs'
PUPPET_PE_VERSION='2015.3.2'

# STOP DO NOT EDIT BELOW THIS LINE
MD="http://169.254.169.254/latest/meta-data/"
PUBLIC_HOSTNAME=$(curl -fs $MD/public-hostname)
INTERNAL_HOSTNAME=$(curl -fs $MD/hostname)

# We are RHEL only here, baby
EL_VERSION=`rpm -q --qf "%{VERSION}" $(rpm -q --whatprovides redhat-release) | cut -f1 -d. | cut -f1 -dS`

function write_masteranswers() {
  cat > /opt/masteranswers.txt << ANSWERS
q_activity_database_name=pe-activity
q_activity_database_password=$PUPPET_PE_CONSOLEPWD
q_activity_database_user=pe-activity
q_all_in_one_install=y
q_backup_and_purge_old_configuration=n
q_backup_and_purge_old_database_directory=n
q_classifier_database_name=pe-classifier
q_classifier_database_password=$PUPPET_PE_CONSOLEPWD
q_classifier_database_user=pe-classifier
q_database_host=$PUBLIC_HOSTNAME
q_database_install=y
q_database_port=5432
q_database_root_password=$PUPPET_PE_CONSOLEPWD
q_database_root_user=pe-postgres
q_enable_future_parser=n
q_install=y
q_orchestrator_database_name=pe-orchestrator
q_orchestrator_database_password=$PUPPET_PE_CONSOLEPWD
q_orchestrator_database_user=pe-orchestrator
q_pe_database=y
q_puppet_cloud_install=y
q_puppet_enterpriseconsole_auth_password=$PUPPET_PE_CONSOLEPWD
q_puppet_enterpriseconsole_httpd_port=443
q_puppet_enterpriseconsole_install=y
q_puppet_enterpriseconsole_master_hostname=$PUBLIC_HOSTNAME
q_puppet_enterpriseconsole_smtp_host=localhost
q_puppet_enterpriseconsole_smtp_password=$PUPPET_PE_CONSOLEPWD
q_puppet_enterpriseconsole_smtp_port=25
q_puppet_enterpriseconsole_smtp_use_tls=n
q_puppet_enterpriseconsole_smtp_user_auth=n
q_puppet_enterpriseconsole_smtp_username=
q_puppet_symlinks_install=y
q_puppetagent_certname=$PUBLIC_HOSTNAME
q_puppetagent_install=y
q_puppetagent_server=$PUBLIC_HOSTNAME
q_puppetca_hostname=$PUBLIC_HOSTNAME
q_puppetdb_database_name=pe-puppetdb
q_puppetdb_database_password=$PUPPET_PE_CONSOLEPWD
q_puppetdb_database_user=pe-puppetdb
q_puppetdb_hostname=$PUBLIC_HOSTNAME
q_puppetdb_install=y
q_puppetdb_plaintext_port=8080
q_puppetdb_port=8081
q_puppetmaster_certname=$PUBLIC_HOSTNAME
q_puppetmaster_dnsaltnames=$INTERNAL_HOSTNAME,puppet,$PUBLIC_HOSTNAME
q_puppetmaster_enterpriseconsole_certname=$PUBLIC_HOSTNAME
q_puppetmaster_enterpriseconsole_hostname=$PUBLIC_HOSTNAME
q_puppetmaster_enterpriseconsole_port=443
q_puppetmaster_file_sync_service_enabled=y
q_puppetmaster_install=y
q_rbac_database_name=pe-rbac
q_rbac_database_password=$PUPPET_PE_CONSOLEPWD
q_rbac_database_user=pe-rbac
q_run_updtvpkg=n
q_vendor_packages_install=y
ANSWERS
}

function install_puppetmaster() {
  if [ ! -d /opt/puppet-enterprise ]; then
    mkdir -p /opt/puppet-enterprise
  fi
  if [ ! -f /opt/puppet-enterprise/puppet-enterprise-installer ]; then
    curl -L -o /opt/pe-installer.tar.gz "https://pm.puppetlabs.com/cgi-bin/download.cgi?ver=$PUPPET_PE_VERSION&dist=el&arch=x86_64&rel=$EL_VERSION"
    tar --extract --file=/opt/pe-installer.tar.gz --strip-components=1 --directory=/opt/puppet-enterprise
  fi
  write_masteranswers
  /opt/puppet-enterprise/puppet-enterprise-installer -a /opt/masteranswers.txt

  # nuke autosign for right now, we might fix this with a module later for certsigner
  echo "*" > /etc/puppetlabs/puppet/autosign.conf
}

function format_partition {
  /sbin/parted -s /dev/xvdb mklabel gpt
  /sbin/parted -s /dev/xvdb mkpart primary 0% 100%
  /sbin/mkfs.ext4 /dev/xvdb1
  mount /dev/xvdb1 /opt
  echo "/dev/xvdb1              /opt                    ext4    defaults        0 2" >> /etc/fstab
  lsblk
}

function configure_redhat() {
  setenforce 0

  #living on the edge
  sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config

  ntpdate -u 0.amazon.pool.ntp.org
}

function provision_puppet() {

  echo "Disabling SELinux, setting time"
  configure_redhat

  echo "Formatting / mounting /dev/xvdb as /opt"
  format_partition

  echo "Installing Puppet Enterprise ${PUPPET_PE_VERSION}"
  install_puppetmaster

}

provision_puppet
	#!/bin/bash

	#Only edit these two lines:
	#username for the console:
	PUPPET_PE_CONSOLEPWD='puppetlabs'
	PUPPET_PE_VERSION='2015.3.2'

	# STOP DO NOT EDIT BELOW THIS LINE
	MD="http://169.254.169.254/latest/meta-data/"
	PUBLIC_HOSTNAME=$(curl -fs $MD/public-hostname)
	INTERNAL_HOSTNAME=$(curl -fs $MD/hostname)

	# We are RHEL only here, baby
	EL_VERSION=`rpm -q --qf "%{VERSION}" $(rpm -q --whatprovides redhat-release) \| cut -f1 -d. \| cut -f1 -dS`

	function write_masteranswers() {
	cat > /opt/masteranswers.txt << ANSWERS
	q_activity_database_name=pe-activity
	q_activity_database_password=$PUPPET_PE_CONSOLEPWD
	q_activity_database_user=pe-activity
	q_all_in_one_install=y
	q_backup_and_purge_old_configuration=n
	q_backup_and_purge_old_database_directory=n
	q_classifier_database_name=pe-classifier
	q_classifier_database_password=$PUPPET_PE_CONSOLEPWD
	q_classifier_database_user=pe-classifier
	q_database_host=$PUBLIC_HOSTNAME
	q_database_install=y
	q_database_port=5432
	q_database_root_password=$PUPPET_PE_CONSOLEPWD
	q_database_root_user=pe-postgres
	q_enable_future_parser=n
	q_install=y
	q_orchestrator_database_name=pe-orchestrator
	q_orchestrator_database_password=$PUPPET_PE_CONSOLEPWD
	q_orchestrator_database_user=pe-orchestrator
	q_pe_database=y
	q_puppet_cloud_install=y
	q_puppet_enterpriseconsole_auth_password=$PUPPET_PE_CONSOLEPWD
	q_puppet_enterpriseconsole_httpd_port=443
	q_puppet_enterpriseconsole_install=y
	q_puppet_enterpriseconsole_master_hostname=$PUBLIC_HOSTNAME
	q_puppet_enterpriseconsole_smtp_host=localhost
	q_puppet_enterpriseconsole_smtp_password=$PUPPET_PE_CONSOLEPWD
	q_puppet_enterpriseconsole_smtp_port=25
	q_puppet_enterpriseconsole_smtp_use_tls=n
	q_puppet_enterpriseconsole_smtp_user_auth=n
	q_puppet_enterpriseconsole_smtp_username=
	q_puppet_symlinks_install=y
	q_puppetagent_certname=$PUBLIC_HOSTNAME
	q_puppetagent_install=y
	q_puppetagent_server=$PUBLIC_HOSTNAME
	q_puppetca_hostname=$PUBLIC_HOSTNAME
	q_puppetdb_database_name=pe-puppetdb
	q_puppetdb_database_password=$PUPPET_PE_CONSOLEPWD
	q_puppetdb_database_user=pe-puppetdb
	q_puppetdb_hostname=$PUBLIC_HOSTNAME
	q_puppetdb_install=y
	q_puppetdb_plaintext_port=8080
	q_puppetdb_port=8081
	q_puppetmaster_certname=$PUBLIC_HOSTNAME
	q_puppetmaster_dnsaltnames=$INTERNAL_HOSTNAME,puppet,$PUBLIC_HOSTNAME
	q_puppetmaster_enterpriseconsole_certname=$PUBLIC_HOSTNAME
	q_puppetmaster_enterpriseconsole_hostname=$PUBLIC_HOSTNAME
	q_puppetmaster_enterpriseconsole_port=443
	q_puppetmaster_file_sync_service_enabled=y
	q_puppetmaster_install=y
	q_rbac_database_name=pe-rbac
	q_rbac_database_password=$PUPPET_PE_CONSOLEPWD
	q_rbac_database_user=pe-rbac
	q_run_updtvpkg=n
	q_vendor_packages_install=y
	ANSWERS
	}

	function install_puppetmaster() {
	if [ ! -d /opt/puppet-enterprise ]; then
	mkdir -p /opt/puppet-enterprise
	fi
	if [ ! -f /opt/puppet-enterprise/puppet-enterprise-installer ]; then
	curl -L -o /opt/pe-installer.tar.gz "https://pm.puppetlabs.com/cgi-bin/download.cgi?ver=$PUPPET_PE_VERSION&dist=el&arch=x86_64&rel=$EL_VERSION"
	tar --extract --file=/opt/pe-installer.tar.gz --strip-components=1 --directory=/opt/puppet-enterprise
	fi
	write_masteranswers
	/opt/puppet-enterprise/puppet-enterprise-installer -a /opt/masteranswers.txt

	# nuke autosign for right now, we might fix this with a module later for certsigner
	echo "*" > /etc/puppetlabs/puppet/autosign.conf
	}

	function format_partition {
	/sbin/parted -s /dev/xvdb mklabel gpt
	/sbin/parted -s /dev/xvdb mkpart primary 0% 100%
	/sbin/mkfs.ext4 /dev/xvdb1
	mount /dev/xvdb1 /opt
	echo "/dev/xvdb1 /opt ext4 defaults 0 2" >> /etc/fstab
	lsblk
	}

	function configure_redhat() {
	setenforce 0

	#living on the edge
	sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config

	ntpdate -u 0.amazon.pool.ntp.org
	}

	function provision_puppet() {

	echo "Disabling SELinux, setting time"
	configure_redhat

	echo "Formatting / mounting /dev/xvdb as /opt"
	format_partition

	echo "Installing Puppet Enterprise ${PUPPET_PE_VERSION}"
	install_puppetmaster

	}

	provision_puppet