diff options
-rwxr-xr-x | share/hydractl/puppet-clean-stored | 91 | ||||
-rwxr-xr-x | share/hydractl/puppet-finger | 74 | ||||
-rwxr-xr-x | share/hydractl/puppet-initialize | 20 | ||||
-rwxr-xr-x | share/hydractl/puppet-install | 20 | ||||
-rwxr-xr-x | share/hydractl/puppet-reset-agent | 21 | ||||
-rwxr-xr-x | share/hydractl/puppet-reset-master | 52 | ||||
-rwxr-xr-x | share/hydractl/puppet-reset-stored | 23 | ||||
-rwxr-xr-x | share/hydractl/puppet-setup-stored | 24 | ||||
-rwxr-xr-x | share/hydractl/puppet-trigger | 23 | ||||
-rwxr-xr-x | share/hydractl/puppet-update | 28 |
10 files changed, 0 insertions, 376 deletions
diff --git a/share/hydractl/puppet-clean-stored b/share/hydractl/puppet-clean-stored deleted file mode 100755 index dcbefa8..0000000 --- a/share/hydractl/puppet-clean-stored +++ /dev/null @@ -1,91 +0,0 @@ -#!/usr/bin/env ruby - -# Script to clean up stored configs for (a) given host(s) -# -# Credits: -# Script was taken from http://reductivelabs.com/trac/puppet/attachment/wiki/UsingStoredConfiguration/kill_node_in_storedconfigs_db.rb (link no longer valid), -# which haven been initially posted by James Turnbull -# duritong adapted and improved the script a bit. - -require 'getoptlong' -config = '/etc/puppet/puppet.conf' - -def printusage(error_code) - puts "Usage: #{$0} [ list of hostnames as stored in hosts table ]" - puts "\n Options:" - puts "--config <puppet config file>" - exit(error_code) -end - - - opts = GetoptLong.new( - - [ "--config", "-c", GetoptLong::REQUIRED_ARGUMENT ], - [ "--help", "-h", GetoptLong::NO_ARGUMENT ], - [ "--usage", "-u", GetoptLong::NO_ARGUMENT ], - - [ "--version", "-v", GetoptLong::NO_ARGUMENT ] -) - -begin - opts.each do |opt, arg| - case opt - when "--config" - config = arg - - when "--help" - printusage(0) - - when "--usage" - printusage(0) - - when "--version" - puts "#{Puppet.version}" - exit - end - end -rescue GetoptLong::InvalidOption => detail - $stderr.puts "Try '#{$0} --help'" - exit(1) -end - -printusage(1) unless ARGV.size > 0 - -require 'puppet/rails' -Puppet[:config] = config -Puppet.parse_config -pm_conf = Puppet.settings.instance_variable_get(:@values)[:master] - -adapter = pm_conf[:dbadapter] -args = {:adapter => adapter, :log_level => pm_conf[:rails_loglevel]} - -case adapter - when "sqlite3" - args[:dbfile] = pm_conf[:dblocation] - when "mysql", "postgresql" - args[:host] = pm_conf[:dbserver] unless pm_conf[:dbserver].to_s.empty? - args[:username] = pm_conf[:dbuser] unless pm_conf[:dbuser].to_s.empty? - args[:password] = pm_conf[:dbpassword] unless pm_conf[:dbpassword].to_s.empty? - args[:database] = pm_conf[:dbname] unless pm_conf[:dbname].to_s.empty? - args[:port] = pm_conf[:dbport] unless pm_conf[:dbport].to_s.empty? - socket = pm_conf[:dbsocket] - args[:socket] = socket unless socket.to_s.empty? - else - raise ArgumentError, "Invalid db adapter #{adapter}" -end - -args[:database] = "puppet" unless not args[:database].to_s.empty? - -ActiveRecord::Base.establish_connection(args) - -ARGV.each { |hostname| - if @host = Puppet::Rails::Host.find_by_name(hostname.strip) - print "Killing #{hostname}..." - $stdout.flush - @host.destroy - puts "done." - else - puts "Can't find host #{hostname}." - end -} -exit 0 diff --git a/share/hydractl/puppet-finger b/share/hydractl/puppet-finger deleted file mode 100755 index af83cc9..0000000 --- a/share/hydractl/puppet-finger +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/bash -# -# Check puppet fingerprints, hydractl perspective. -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as -# published by the Free Software Foundation, either version 3 of the -# License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public -# License along with this program. If not, see -# <http://www.gnu.org/licenses/>. - -# Load -source $APP_BASE/lib/hydra/functions || exit 1 -hydra_config_load - -# Command line arguments -BASENAME="`basename $0`" - -# Execute openssl -function puppet_openssl { - if [ -z "$1" ]; then - return - fi - - openssl x509 -text -noout -fingerprint -in $1 | grep "^SHA1 Fingerprint=" | \ - sed -e 's/^SHA1 Fingerprint=//' -} - -# Print a fingerprint with correct padding. -function print_fingerprint { - if [ -z "$2" ]; then - return - fi - - len="`echo $1 | wc -c`" - offset="$((85 - $len))" - printf "$1: %${offset}s\n" "$2" -} - -# Master: -# -# openssl x509 -text -noout -fingerprint -in /var/lib/puppetmaster/ssl/ca/signed/fqdn.pem -# openssl x509 -text -noout -fingerprint -in /var/lib/puppetmaster/ssl/certs/ca.pem -# -if [ -d "/var/lib/puppetmaster/ssl" ]; then - if [ -d "/var/lib/puppetmaster/ssl/ca/signed" ]; then - for file in `ls /var/lib/puppetmaster/ssl/ca/signed`; do - fp="`puppet_openssl /var/lib/puppetmaster/ssl/ca/signed/$file`" - print_fingerprint `basename $file .pem` $fp - done - fi - - if [ -f "/var/lib/puppetmaster/ssl/certs/ca.pem" ]; then - print_fingerprint ca `puppet_openssl /var/lib/puppetmaster/ssl/certs/ca.pem` - fi -fi - -# Node: -# -# openssl x509 -text -noout -fingerprint -in /var/lib/puppet/ssl/certs/fqdn.pem -# openssl x509 -text -noout -fingerprint -in /var/lib/puppet/ssl/certs/ca.pem -# -if [ -d "/var/lib/puppet/ssl" ]; then - fqdn="`facter fqdn`" - print_fingerprint $fqdn `puppet_openssl /var/lib/puppet/ssl/certs/$fqdn.pem` - print_fingerprint ca `puppet_openssl /var/lib/puppet/ssl/certs/ca.pem` -fi diff --git a/share/hydractl/puppet-initialize b/share/hydractl/puppet-initialize deleted file mode 100755 index 26b0165..0000000 --- a/share/hydractl/puppet-initialize +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# -# Make puppet agent first connection with the master node. -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as -# published by the Free Software Foundation, either version 3 of the -# License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public -# License along with this program. If not, see -# <http://www.gnu.org/licenses/>. - -puppet agent --server puppet.`facter domain` --pluginsync true --waitforcert 60 --test \ - --vardir /var/lib/puppet --ssldir /var/lib/puppet/ssl $* diff --git a/share/hydractl/puppet-install b/share/hydractl/puppet-install deleted file mode 100755 index 63027b0..0000000 --- a/share/hydractl/puppet-install +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# -# Install puppet and puppetmaster. -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as -# published by the Free Software Foundation, either version 3 of the -# License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public -# License along with this program. If not, see -# <http://www.gnu.org/licenses/>. - -apt-get update -apt-get install puppet puppetmaster diff --git a/share/hydractl/puppet-reset-agent b/share/hydractl/puppet-reset-agent deleted file mode 100755 index 2c7b724..0000000 --- a/share/hydractl/puppet-reset-agent +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# -# Reset puppet SSL setup and register again. -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as -# published by the Free Software Foundation, either version 3 of the -# License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public -# License along with this program. If not, see -# <http://www.gnu.org/licenses/>. - -/etc/init.d/puppet stop -rm -rf /var/lib/puppet/ssl -hydractl puppet-initialize diff --git a/share/hydractl/puppet-reset-master b/share/hydractl/puppet-reset-master deleted file mode 100755 index 99dd7ae..0000000 --- a/share/hydractl/puppet-reset-master +++ /dev/null @@ -1,52 +0,0 @@ -#!/bin/bash -# -# Reset puppet master and start over again. -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as -# published by the Free Software Foundation, either version 3 of the -# License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public -# License along with this program. If not, see -# <http://www.gnu.org/licenses/>. - -# Stop agent -/etc/init.d/puppet stop - -# Stop master -if [ -e "/etc/init.d/puppetmaster" ]; then - /etc/init.d/puppetmaster stop - /etc/init.d/nginx stop -else - /etc/init.d/apache2 stop -fi - -# Reset configuration -hydractl puppet-reset-stored -rm -rf /var/lib/puppetmaster/ssl - -# Generate new certificate -# See http://blkperl.github.io/replace-puppet-ca.html -# http://docs.puppetlabs.com/puppet/latest/reference/ssl_regenerate_certificates.html -puppet cert --generate puppet.`facter domain` -hydractl puppet-finger - -# Get fresh config -rm -rf /etc/puppet/ && git clone /var/git/repositories/puppet.git/ /etc/puppet -( cd /etc/puppet/ && git submodule update --init ) -chown -R puppet.puppet /etc/puppet/ - -# Start master -if [ -e "/etc/init.d/puppetmaster" ]; then - /etc/init.d/puppetmaster start - sleep 5 - /etc/init.d/nginx start -else - /etc/init.d/apache2 start -fi diff --git a/share/hydractl/puppet-reset-stored b/share/hydractl/puppet-reset-stored deleted file mode 100755 index ec7cea7..0000000 --- a/share/hydractl/puppet-reset-stored +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# -# Reset puppet stored configs. -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as -# published by the Free Software Foundation, either version 3 of the -# License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public -# License along with this program. If not, see -# <http://www.gnu.org/licenses/>. - -# Load. -source $APP_BASE/lib/hydra/functions || exit 1 -hydra_config_load - -hydra_truncate_database puppet diff --git a/share/hydractl/puppet-setup-stored b/share/hydractl/puppet-setup-stored deleted file mode 100755 index 8e04261..0000000 --- a/share/hydractl/puppet-setup-stored +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -# -# Setup puppet stored configs. -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as -# published by the Free Software Foundation, either version 3 of the -# License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public -# License along with this program. If not, see -# <http://www.gnu.org/licenses/>. - -# Load. -source $APP_BASE/lib/hydra/functions || exit 1 -hydra_config_load - -# TODO -echo "TODO!" diff --git a/share/hydractl/puppet-trigger b/share/hydractl/puppet-trigger deleted file mode 100755 index 1f964db..0000000 --- a/share/hydractl/puppet-trigger +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# -# Triggers puppet agend execution. -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as -# published by the Free Software Foundation, either version 3 of the -# License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public -# License along with this program. If not, see -# <http://www.gnu.org/licenses/>. - -if [ -e '/var/run/puppet/agent.pid' ]; then - kill -USR1 `cat /var/run/puppet/agent.pid` -elif [ -e '/var/run/puppet/puppetd.pid' ]; then - kill -USR1 `cat /var/run/puppet/puppetd.pid` -fi diff --git a/share/hydractl/puppet-update b/share/hydractl/puppet-update deleted file mode 100755 index 0e9e8fe..0000000 --- a/share/hydractl/puppet-update +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# -# Update puppet repository. -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as -# published by the Free Software Foundation, either version 3 of the -# License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public -# License along with this program. If not, see -# <http://www.gnu.org/licenses/>. - -if [ -x '/usr/local/sbin/update-puppet-conf.sh' ]; then - /usr/local/sbin/update-puppet-conf.sh - - # Avoid reparsing of puppet config by just fixing perms if needed. - chown --from=root:root -R puppet.puppet /etc/puppet/* - chown --from=root:root -R puppet.puppet /etc/puppet/.git -else - echo "Could not find /usr/local/sbin/update-puppet-conf.sh" - exit 1 -fi |