this repository contains all of the puppet manifests that i have written / ripped off.

also how to install the fucker

• yum update -y
• shutdown -r now
• sudo rpm -ivh http://mirror.bytemark.co.uk/fedora/epel/6/i386/epel-release-6-8.noarch.rpm
• sudo rpm -ivh http://yum.puppetlabs.com/puppetlabs-release-el-6.noarch.rpm
• sudo yum install puppet-server -y

• ensure that puppet is included in /etc/hosts for the ip address of eth0 along with hostname and fqdn.
• add dns_alt_names = puppet,yalson,yalson.okayalright.co.uk to the [main] section of /etc/puppet/puppet.conf
• puppet master --verbose --no-daemonize

ctrl + c the above when you see Starting Puppet master version X.X. think of this as a syntax check of sorts, i suppose? it does a bunch of inital cert generating, too.

chuck in /etc/puppet/puppet.conf:

• create a [master] section
• move the dns_alt_names directive down to to [master]
• environmentpath = $confdir/environments
• basemodulepath = $confdir/modules:/usr/share/puppet/modules

• mkdir -p /etc/puppet/environments/production/modules
• mkdir -p /etc/puppet/environments/production/manifests

• yum install httpd httpd-devel mod_ssl ruby-devel rubygems gcc curl-devel openssl-devel zlib-devel gcc-c++ -y
• gem install rack passenger
• passenger-install-apache2-module
• mkdir -p /usr/share/puppet/rack/puppetmasterd
• mkdir /usr/share/puppet/rack/puppetmasterd/public
• mkdir /usr/share/puppet/rack/puppetmasterd/tmp
• cp /usr/share/puppet/ext/rack/config.ru /usr/share/puppet/rack/puppetmasterd/
• chown puppet:puppet /usr/share/puppet/rack/puppetmasterd/config.ru
• copy the contents of install_files/puppetmaster.conf to /etc/httpd/conf.d/

disables:

• chkconfig puppetmaster off
• service puppetmaster stop

enables:

• chkconfig httpd on
• chkconfig puppet on
• service httpd start
• service puppet start

• https://yalson:8140 should actually be listening, although i do not think you will be able to get anything useful out of it.
• puppet agent test - should return all green and compile catalogues etc.

when i applied it, the agent decided to generate a new cert
for itself because my search domain had changed. the server
thought it was yalson.okayalright.co.uk instead of its classic
yalson.

so i had two certs for one host and was a clever boy, deciding to:

rm -rf /var/lib/puppet/ssl

little did i know that is where the master certs lived too. sigh

regenerate them by

service httpd stop
puppet master --no-daemonize --verbose

and stop the temporary master when it gets to the notice: Starting Puppet master version X.X.X part.

after that you will probably need to edit the certificate paths in
the httpd config around here: /etc/httpd/conf.d/puppetmaster.conf

after that:

service httpd start
puppet cert list
puppet cert sign 'yalson.okayalright.co.uk'
puppet agent -t 

puppet hates when you use symlinks with environments. well, not hate exactly. more like completely ignores them.

i made my $confdir/environments/production/modules and $confdir/environments/production/manifests directories both symlinks to somewhere in my homedir and spent fucking hours trying to figure out what happened. i suspect it was the manifests dir which hated this, secretly.

i solved this by cloning my repo into $confdir instead.

cd /etc/puppet/environments
git clone [email protected]:hybby/puppet.git
mv puppet production
puppet agent --test --noop