diff options
Diffstat (limited to 'share/hydractl')
-rwxr-xr-x | share/hydractl/puppet-finger | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/share/hydractl/puppet-finger b/share/hydractl/puppet-finger new file mode 100755 index 0000000..ff935de --- /dev/null +++ b/share/hydractl/puppet-finger @@ -0,0 +1,47 @@ +#!/bin/bash +# +# Check puppet fingerprints, hydractl perspective. +# + +# Load +source $APP_BASE/lib/hydra/functions || exit 1 +hydra_config_load + +# Command line arguments +BASENAME="`basename $0`" + +# Execute openssl +function puppet_openssl { + if [ -z "$1" ]; then + return + fi + + openssl x509 -text -noout -fingerprint -in $1 | grep "^SHA1 Fingerprint=" +} + +# Master: +# +# openssl x509 -text -noout -fingerprint -in /var/lib/puppetmaster/ssl/ca/signed/fqdn.pem +# openssl x509 -text -noout -fingerprint -in /var/lib/puppetmaster/ssl/certs/ca.pem +# +if [ -d "/var/lib/puppetmaster/ssl/" ]; then + for file in `ls /var/lib/puppetmaster/ssl/ca/signed/*pem`; do + fp="`puppet_openssl /var/lib/puppetmaster/ssl/ca/signed/$file`" + echo "`basename $file .pem`: $fp" + done + + echo "ca: `puppet_openssl /var/lib/puppetmaster/ssl/certs/ca.pem`" +fi + +# Node: +# +# openssl x509 -text -noout -fingerprint -in /var/lib/puppet/ssl/certs/fqdn.pem +# openssl x509 -text -noout -fingerprint -in /var/lib/puppet/ssl/certs/ca.pem +# +if [ -d "/var/lib/puppet/ssl/" ]; then + fqdn="`facter fqdn`" + fp="`puppet_openssl /var/lib/puppetmaster/ssl/ca/signed/$fqdn.pem`" + echo "$fqdn: $fp" + + echo "ca: `puppet_openssl /var/lib/puppet/ssl/certs/ca.pem`" +fi |