Last active
June 26, 2020 19:57
-
-
Save sgnn7/f86104627cce16f035cd2a9b4838925f to your computer and use it in GitHub Desktop.
Install Puppet6 on Ubuntu w/ dev `cyberark-conjur` module script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail | |
| if [ $EUID != 0 ]; then | |
| echo "Must run this script as root!" | |
| exit 1 | |
| fi | |
| PUPPET_VERSION=6 | |
| APPROVE_ALL_AGENTS="true" # WARNING: This setting is insecure! Only use this in development! | |
| CONFIG_FILE="/etc/default/puppetserver" | |
| BIN_PATH="/opt/puppetlabs/bin" | |
| VERSION_CODENAME=$(. /etc/os-release; echo $VERSION_CODENAME) | |
| if ! grep puppet /etc/apt/sources.list; then | |
| echo "Getting GPG key..." | |
| wget -q --show-progress http://apt.puppetlabs.com/pubkey.gpg | |
| apt-key add pubkey.gpg | |
| echo "Installing repo..." | |
| apt-add-repository "deb https://apt.puppetlabs.com $VERSION_CODENAME puppet${PUPPET_VERSION}" | |
| fi | |
| echo "Installing puppet server..." | |
| apt-get install -y puppetserver \ | |
| puppet-agent \ | |
| puppetdb \ | |
| puppetdb-termini | |
| echo "Setting server to use only 512MB of RAM in $CONFIG_FILE..." | |
| sed -i'.bak' -e 's/-Xms[0-9]*g -Xmx[0-9]*g/-Xms512m -Xmx512m/' "$CONFIG_FILE" | |
| if [ "$APPROVE_ALL_AGENTS" = "true" ]; then | |
| echo "WARNING: Setting auto-approval on!" | |
| echo "Adding autosign config..." | |
| echo "*" > /etc/puppetlabs/puppet/autosign.conf | |
| fi | |
| echo "Enabling and starting the service..." | |
| systemctl enable puppetserver | |
| systemctl restart puppetserver | |
| echo -n "Waiting until puuppet is up..." | |
| while ! /opt/puppetlabs/bin/puppet module list &>/dev/null; do | |
| echo -n "." | |
| sleep 2 | |
| done | |
| echo "OK" | |
| if ! grep 'puppet$' /etc/hosts; then | |
| echo "Setting local hosts link to 'puppet'..." | |
| echo "127.0.0.1 puppet" >> /etc/hosts | |
| fi | |
| echo "Modules:" | |
| $BIN_PATH/puppet module list | |
| # echo "Fetching conjur-puppet..." | |
| # wget -q --show-progress \ | |
| # -O cyberark-conjur.tar.gz \ | |
| # https://github.com/cyberark/conjur/archive/master.tar.gz | |
| echo "Creating conjur-puppet archive..." | |
| apt-get install -y git \ | |
| tar | |
| rm -rf conjur-puppet/ | |
| git clone https://github.com/cyberark/conjur-puppet | |
| tar -hzcf cyberark-conjur.tar.gz -C conjur-puppet . | |
| echo "Installing conjur-puppet..." | |
| $BIN_PATH/puppet module install puppetlabs-registry | |
| $BIN_PATH/puppet module install --force cyberark-conjur.tar.gz | |
| echo "======================" | |
| echo "Modules after install:" | |
| $BIN_PATH/puppet module list | |
| echo "======================" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail | |
| if [ $# -lt 1 ]; then | |
| echo "Must provide puppet server as first arg!" | |
| exit 1 | |
| fi | |
| # -v $config_file:/etc/conjur.conf:ro \ | |
| # -v $identity_file:/etc/conjur.identity:ro \ | |
| docker run --rm -t \ | |
| --add-host "puppet:$1" \ | |
| --net host \ | |
| --hostname "test-agent-$(openssl rand -hex 3)" \ | |
| "puppet/puppet-agent-ubuntu:latest" \ | |
| agent -t --waitforcert 2 --no-daemonize |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment