feat: add puppet-initial package
- deploy the puppet-initial service - deploy the puppet-initial script - prepare puppet service for puppet-initial - ensure cert installed
This commit is contained in:
@@ -0,0 +1,41 @@
|
||||
# nfpm.yaml
|
||||
|
||||
name: puppet-initial
|
||||
version: ${PACKAGE_VERSION}
|
||||
release: ${PACKAGE_RELEASE}
|
||||
arch: amd64
|
||||
platform: linux
|
||||
section: default
|
||||
priority: extra
|
||||
description: "A script and service to initialise puppet for the unkin environmnet."
|
||||
|
||||
maintainer: UNKIN
|
||||
license: MIT
|
||||
|
||||
disable_globbing: false
|
||||
|
||||
depends:
|
||||
- unkin-ca-certificates
|
||||
- puppet-agent
|
||||
|
||||
# Files to include in the package
|
||||
contents:
|
||||
- src: /app/resources/puppet-initial
|
||||
dst: /usr/local/bin/puppet-initial
|
||||
file_info:
|
||||
mode: 0755
|
||||
owner: root
|
||||
group: root
|
||||
- src: /app/resources/puppet-initial.service
|
||||
dst: /usr/lib/systemd/system/puppet-initial.service
|
||||
file_info:
|
||||
mode: 0644
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
# Scripts to run during installation/removal (optional)
|
||||
scripts:
|
||||
postinstall: ./scripts/postinstall.sh
|
||||
preremove: ./scripts/preremove.sh
|
||||
postremove: ./scripts/postremove.sh
|
||||
preinstall: ./scripts/preinstall.sh
|
||||
@@ -0,0 +1,21 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Install CA for Puppet
|
||||
test -f /etc/puppetlabs/puppet/ssl/certs/ca.pem || mkdir -p /etc/puppetlabs/puppet/ssl/certs && wget --no-check-certificate https://puppetca.query.consul:8140/puppet-ca/v1/certificate/ca -O /etc/puppetlabs/puppet/ssl/certs/ca.pem
|
||||
|
||||
# Registering to Puppet server
|
||||
/opt/puppetlabs/bin/puppet agent --test --server puppetca.query.consul --noop --onetime --no-daemonize --verbose
|
||||
|
||||
# Running Puppet agent five times with a 30-second gap between each run, stop puppet service at the end of each run
|
||||
for i in {1..5}; do
|
||||
/opt/puppetlabs/bin/puppet agent -t --server puppet.query.consul
|
||||
systemctl stop puppet
|
||||
sleep 30
|
||||
done
|
||||
|
||||
# Start and enable the puppet service at the end
|
||||
systemctl start puppet.service
|
||||
systemctl enable puppet.service
|
||||
|
||||
# Disable the systemd service at the end
|
||||
systemctl disable puppet-initial.service
|
||||
@@ -0,0 +1,13 @@
|
||||
[Unit]
|
||||
Description=Puppet Initial Service
|
||||
After=network-online.target
|
||||
Wants=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStart=/usr/local/bin/puppet-initial
|
||||
RemainAfterExit=true
|
||||
ExecStop=/bin/true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
Reference in New Issue
Block a user