rcrowley/cron

## cron
PATH="$PATH:/var/lib/gems/1.8/bin"
*/30 * * * * root puppet agent --no-daemonize --onetime --splay

## init.d
#!/bin/sh

### BEGIN INIT INFO
# Provides:	  puppet-master
# Required-Start:    $remote_fs $syslog nginx
# Required-Stop:     $remote_fs $syslog nginx
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Puppet master.
# Description:       Puppet master via Nginx and Unicorn.
### END INIT INFO

PID="/var/run/puppet-master.pid"

export PATH="$PATH:/var/lib/gems/1.8/bin"

: ${RACK_ENV:="production"}
export RACK_ENV

case "$1" in
	status)
		test -f "$PID" && test -e /proc/$(cat "$PID")
		;;
	start)
		unicorn -D -c /etc/puppet/unicorn.conf.rb
		;;
	stop)
		test -f "$PID" && kill -QUIT "$(cat "$PID")"
		;;
	restart)
		test -f "$PID" && kill -USR2 "$(cat "$PID")" || $0 start
		;;
	*)
		echo "Usage: $0 {start|stop|restart}" >&2
		exit 3
		;;
esac

## nginx
server {
        listen 8140;

        ssl on;
        ssl_session_timeout 5m;
        ssl_certificate /var/lib/puppet/ssl/certs/vagrant.vagrantup.com.pem;
        ssl_certificate_key /var/lib/puppet/ssl/private_keys/vagrant.vagrantup.com.pem;
        ssl_client_certificate /var/lib/puppet/ssl/ca/ca_crt.pem;
        ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA;
        ssl_verify_client optional;

        proxy_set_header Host $host;
        proxy_set_header X-Client-DN $ssl_client_s_dn;
        proxy_set_header X-Client-Verify $ssl_client_verify;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_read_timeout 120;

        location / {
                proxy_pass http://localhost:8141;
                proxy_redirect off;
        }

}

## postinst
groupadd puppet
useradd -g puppet puppet
puppet master --no-daemonize &
sleep 30
kill $!
ln -s /etc/nginx/sites-available/puppet-master /etc/nginx/sites-enabled/
ln -s /var/lib/gems/1.8/gems/puppet-2.7.0/ext/rack/files/config.ru /etc/puppet/
/etc/init.d/puppet-master start

## unicorn.conf.rb
before_fork do |server, worker|
  old = "/var/run/puppet-master.pid.oldbin"
  if File.exists?(old) && server.pid != old
    begin
      Process.kill("QUIT", File.read(old).to_i)
    rescue Errno::ENOENT, Errno::ESRCH
    end
  end
end

listen "127.0.0.1:8141"

pid "/var/run/puppet-master.pid"

stdout_path "/var/log/puppet-master.log"
stderr_path "/var/log/puppet-master.log"

user "puppet", "puppet"

if "production" == ENV["RACK_ENV"]
  worker_processes 8
else
  worker_processes 2
end

working_directory "/etc/puppet"
	PATH="$PATH:/var/lib/gems/1.8/bin"
	/30 * * * root puppet agent --no-daemonize --onetime --splay
	#!/bin/sh

	### BEGIN INIT INFO
	# Provides: puppet-master
	# Required-Start: $remote_fs $syslog nginx
	# Required-Stop: $remote_fs $syslog nginx
	# Default-Start: 2 3 4 5
	# Default-Stop: 0 1 6
	# Short-Description: Puppet master.
	# Description: Puppet master via Nginx and Unicorn.
	### END INIT INFO

	PID="/var/run/puppet-master.pid"

	export PATH="$PATH:/var/lib/gems/1.8/bin"

	: ${RACK_ENV:="production"}
	export RACK_ENV

	case "$1" in
	status)
	test -f "$PID" && test -e /proc/$(cat "$PID")
	;;
	start)
	unicorn -D -c /etc/puppet/unicorn.conf.rb
	;;
	stop)
	test -f "$PID" && kill -QUIT "$(cat "$PID")"
	;;
	restart)
	test -f "$PID" && kill -USR2 "$(cat "$PID")" \|\| $0 start
	;;
	*)
	echo "Usage: $0 {start\|stop\|restart}" >&2
	exit 3
	;;
	esac
	server {
	listen 8140;

	ssl on;
	ssl_session_timeout 5m;
	ssl_certificate /var/lib/puppet/ssl/certs/vagrant.vagrantup.com.pem;
	ssl_certificate_key /var/lib/puppet/ssl/private_keys/vagrant.vagrantup.com.pem;
	ssl_client_certificate /var/lib/puppet/ssl/ca/ca_crt.pem;
	ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA;
	ssl_verify_client optional;

	proxy_set_header Host $host;
	proxy_set_header X-Client-DN $ssl_client_s_dn;
	proxy_set_header X-Client-Verify $ssl_client_verify;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_read_timeout 120;

	location / {
	proxy_pass http://localhost:8141;
	proxy_redirect off;
	}

	}
	groupadd puppet
	useradd -g puppet puppet
	puppet master --no-daemonize &
	sleep 30
	kill $!
	ln -s /etc/nginx/sites-available/puppet-master /etc/nginx/sites-enabled/
	ln -s /var/lib/gems/1.8/gems/puppet-2.7.0/ext/rack/files/config.ru /etc/puppet/
	/etc/init.d/puppet-master start
	before_fork do \|server, worker\|
	old = "/var/run/puppet-master.pid.oldbin"
	if File.exists?(old) && server.pid != old
	begin
	Process.kill("QUIT", File.read(old).to_i)
	rescue Errno::ENOENT, Errno::ESRCH
	end
	end
	end

	listen "127.0.0.1:8141"

	pid "/var/run/puppet-master.pid"

	stdout_path "/var/log/puppet-master.log"
	stderr_path "/var/log/puppet-master.log"

	user "puppet", "puppet"

	if "production" == ENV["RACK_ENV"]
	worker_processes 8
	else
	worker_processes 2
	end

	working_directory "/etc/puppet"