Skip to content

Instantly share code, notes, and snippets.

View jessereynolds's full-sized avatar

Jesse Reynolds jessereynolds

36 followers · 41 following
  • Puppet
  • Melbourne, Victoria, Australia
View GitHub Profile
@jessereynolds
jessereynolds / 0-puppet-node-purging-via-api.md
Last active March 21, 2022 09:42
Puppet - Node Purging via APIs

Puppet Node Purging via API

When you're decomissioning a machine that has been managed by Puppet you may want to programatically clean up the node. There are two parts to this:

  • revoking and deleting the certificate of the node in Puppet's CA
  • deactivating the node in PuppetDB

The following should work for Puppet 4.x and Puppet DB 4.x (including Puppet Enterprise 2016.4.x, 2017.1.x, 2017.2.x).

I've used certificate based auth, and the examples are being run from the puppet master so make use of existing certificates for authentication. When run remotely the cacert, certificate and corresponding private key for authentication will need to be present.

@jessereynolds
jessereynolds / puppet-proxy-config.md
Last active June 21, 2021 11:29
Puppet Proxy Configuration

Puppet and Puppet Enterprise Proxy Configuration

There are a few places you can configure proxies with Puppet. This doc will try and list each of the places that they can be configured, and which components will use it.

This is a work in progress and will no doubt change over time. Please add comments if you've got additional info, or found something incorrect.

Methods of Configuring Proxies

/etc/puppetlabs/puppet/puppet.conf

@jessereynolds
jessereynolds / multiple default routes on mac
Created October 3, 2011 23:42
Problem with multiple default routes on mac os x 10.7.1 (Lion)
Well this is annoying.
Today I am using USB to my iPhone 3GS for internet access on Telstra next-g. Things work fine. Network System Preferences says "iPhone USB is currently active and has the IP address 172.20.10.2.".
Here's the routing table:
Destination Gateway Flags Refs Use Netif Expire
default 172.20.10.1 UGSc 77 6 en3
127 127.0.0.1 UCS 0 0 lo0
127.0.0.1 127.0.0.1 UH 9 8776 lo0
@jessereynolds
jessereynolds / read_puppet_report.rb
Last active November 6, 2020 06:41
read a puppet report yaml file with ruby
#!/usr/bin/env ruby
require 'yaml'
report_file = '/opt/puppetlabs/puppet/cache/state/last_run_report.yaml'
report = YAML.parse(File.read(report_file))
# nuke the yaml document tag that sets the ruby object
report.root.tag = ''
report_hash = report.root.to_ruby
@jessereynolds
jessereynolds / bundler-tmpdir-error.markdown
Created May 21, 2020 14:25
bundler cannot find a temporary directory

I am encountering the following issue with bundler 1.17.3 and 2.1.4 when executing in a ruby:2.5.8 docker container on Ubuntu 18 with kernel 4.15.0-101-generic. The same project does not exhibit the error on an equivalent container built and run on CentOS 7 with kernel 3.10.0-1127.el7.x86_64.

ArgumentError: could not find a temporary directory
  /usr/local/lib/ruby/2.5.0/tmpdir.rb:35:in `tmpdir'
  /usr/local/lib/ruby/2.5.0/tmpdir.rb:112:in `tmpdir'
  /usr/local/lib/ruby/2.5.0/tmpdir.rb:120:in `create'
  /usr/local/lib/ruby/2.5.0/tmpdir.rb:87:in `mktmpdir'
  /usr/local/bundle/gems/bundler-2.1.4/lib/bundler/compact_index_client/updater.rb:31:in `update'
@jessereynolds
jessereynolds / download_pe.sh
Last active March 30, 2020 05:42
Puppet Enterprise download script
#!/bin/bash
# find the latest version here: https://puppet.com/misc/version-history
# release notes: https://puppet.com/docs/pe/latest/release_notes_pe.html
# this script: https://gist.github.com/jessereynolds/750bd4394c42f3ab06dad35a95793073
#version="2019.5.0"
version="latest"
#dist="ubuntu"
@jessereynolds
jessereynolds / os_compliance-example-suse-sle-12.yaml
Created July 8, 2019 09:21
os_compliance example fact suse sle 12
---
os_compliance:
cis_level_1:
version: cis_sle_12_server_2.1.0
percent_compliant: 94.7
counts_by_state:
compliant: 178
noncompliant: 10
number_controls: 188
controls:
@jessereynolds
jessereynolds / gist:5082b82216989d9e0bba7c1ca1828963
Last active July 3, 2019 17:38
pe-orchestration-services sql ssl error after restore PE 2017.2.2

pe-orchestration-services sql ssl error after restore PE 2017.2.2

2017-07-06 13:02:36,858 ERROR [p.o.api] Failed to make a connection to the database
java.sql.SQLTransientConnectionException: Timeout waiting for the database pool to become ready.
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
        at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
        at clojure.lang.Reflector.invokeConstructor(Reflector.java:180)
@jessereynolds
jessereynolds / os_compliance_fact.yaml
Last active June 21, 2019 14:13
Example output of the os_compliance fact on Windows 2016 when run with details enabled and debug enabled
os_compliance:
cis_level_1:
version: cis_windows_2016rtm1607_member_server_1.1.0
percent_compliant: 21.03448275862069
percent_implemented: 32.75862068965517
counts_by_state:
noncompliant: 34
compliant: 61
unimplemented: 195
number_controls: 290
@jessereynolds
jessereynolds / create_repo_on_tfs.rb
Last active May 17, 2019 13:22
TFS - create repo curl examples
#!/usr/bin/env ruby
require 'net/http'
require 'openssl'
require 'json'
# Create a new git repo on TFS (aka VSTS, aka Azure DevOps Server soon)
# This works with TFS 2017 (on prem). It differs from the official API documentation
# in that the string "repos/" is not present in the URLs.