Skip to content

Instantly share code, notes, and snippets.

@sgnn7
Last active June 26, 2020 19:57
Show Gist options
  • Save sgnn7/f86104627cce16f035cd2a9b4838925f to your computer and use it in GitHub Desktop.
Save sgnn7/f86104627cce16f035cd2a9b4838925f to your computer and use it in GitHub Desktop.
Install Puppet6 on Ubuntu w/ dev `cyberark-conjur` module script
#!/bin/bash
set -euo pipefail
if [ $EUID != 0 ]; then
echo "Must run this script as root!"
exit 1
fi
PUPPET_VERSION=6
APPROVE_ALL_AGENTS="true" # WARNING: This setting is insecure! Only use this in development!
CONFIG_FILE="/etc/default/puppetserver"
BIN_PATH="/opt/puppetlabs/bin"
VERSION_CODENAME=$(. /etc/os-release; echo $VERSION_CODENAME)
if ! grep puppet /etc/apt/sources.list; then
echo "Getting GPG key..."
wget -q --show-progress http://apt.puppetlabs.com/pubkey.gpg
apt-key add pubkey.gpg
echo "Installing repo..."
apt-add-repository "deb https://apt.puppetlabs.com $VERSION_CODENAME puppet${PUPPET_VERSION}"
fi
echo "Installing puppet server..."
apt-get install -y puppetserver \
puppet-agent \
puppetdb \
puppetdb-termini
echo "Setting server to use only 512MB of RAM in $CONFIG_FILE..."
sed -i'.bak' -e 's/-Xms[0-9]*g -Xmx[0-9]*g/-Xms512m -Xmx512m/' "$CONFIG_FILE"
if [ "$APPROVE_ALL_AGENTS" = "true" ]; then
echo "WARNING: Setting auto-approval on!"
echo "Adding autosign config..."
echo "*" > /etc/puppetlabs/puppet/autosign.conf
fi
echo "Enabling and starting the service..."
systemctl enable puppetserver
systemctl restart puppetserver
echo -n "Waiting until puuppet is up..."
while ! /opt/puppetlabs/bin/puppet module list &>/dev/null; do
echo -n "."
sleep 2
done
echo "OK"
if ! grep 'puppet$' /etc/hosts; then
echo "Setting local hosts link to 'puppet'..."
echo "127.0.0.1 puppet" >> /etc/hosts
fi
echo "Modules:"
$BIN_PATH/puppet module list
# echo "Fetching conjur-puppet..."
# wget -q --show-progress \
# -O cyberark-conjur.tar.gz \
# https://github.com/cyberark/conjur/archive/master.tar.gz
echo "Creating conjur-puppet archive..."
apt-get install -y git \
tar
rm -rf conjur-puppet/
git clone https://github.com/cyberark/conjur-puppet
tar -hzcf cyberark-conjur.tar.gz -C conjur-puppet .
echo "Installing conjur-puppet..."
$BIN_PATH/puppet module install puppetlabs-registry
$BIN_PATH/puppet module install --force cyberark-conjur.tar.gz
echo "======================"
echo "Modules after install:"
$BIN_PATH/puppet module list
echo "======================"
#!/bin/bash
set -euo pipefail
if [ $# -lt 1 ]; then
echo "Must provide puppet server as first arg!"
exit 1
fi
# -v $config_file:/etc/conjur.conf:ro \
# -v $identity_file:/etc/conjur.identity:ro \
docker run --rm -t \
--add-host "puppet:$1" \
--net host \
--hostname "test-agent-$(openssl rand -hex 3)" \
"puppet/puppet-agent-ubuntu:latest" \
agent -t --waitforcert 2 --no-daemonize
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment