Skip to content

Instantly share code, notes, and snippets.

yum -y install; \
yum -y install; \
yum -y install; \
yum -y install foreman-release-scl; \
yum -y install foreman-installer; \
export IP=`nmcli -f IP4.ADDRESS device show ens33 | tr -s ' ' | cut -d ' ' -f 2 | cut -d '/' -f 1`; \
echo $IP foreman1.test.local foreman1 >> /etc/hosts; \
nmcli con mod "ens33" ipv4.dns-search "test.local"; \
nmcli general hostname foreman1; \
genadipost /
Created Jun 24, 2017
Foreman haproxy config for web SSL certificate with trusted CA (non puppet CA)
  • Port 4000 is dedicated for browser trusted CA
  • Port 5000 is dedicated for Foreman various components SSL client authentication via their puppet-ca certificates
  • If Hproxy is running on a dedicated server, 443 (browser) and 4443 (Foreman components) ports can be used.
  user root
  group root

genadipost /
Last active Jun 24, 2017
foreman add Subject Alternative Name
  • This script will add web-foreman.test.local SAN to the generated certificate
  • When --puppet-dns-alt-names is used, puppet and puppet.test.local SAN are not added to the web certificate, which will cause foreman deployment issues
  • Therefore puppet and puppet.test.local SAN's also added with --puppet-dns-alt-names
foreman-installer --puppet-dns-alt-names=puppet \
                  --puppet-dns-alt-names=puppet.test.local \