Ask Your Question
0

PuppetDB's puppetdb-ssl-setup script does not work when the PuppetDB is not on the Puppetmaster

asked 2013-09-26 10:30:44 -0500

Jeffrey Watts gravatar image

updated 2013-09-26 10:31:26 -0500

The puppetdb-ssl-setup script has a bug. It assumes that the PuppetDB resides on the Puppetmaster. Here is the output:

# /usr/sbin/puppetdb-ssl-setup -f
PEM files in /etc/puppetdb/ssl are missing, we will move them into place for you
Copying files: /var/lib/puppet/ssl/certs/ca.pem, /var/lib/puppet/ssl/private_keys/puppetmaster.example.com.pem and /var/lib/puppet/ssl/certs/puppetmaster.example.com.pem to /etc/puppetdb/ssl
cp: cannot stat `/var/lib/puppet/ssl/private_keys/puppetmaster.example.com.pem': No such file or directory
edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2013-09-26 10:31:36 -0500

Jeffrey Watts gravatar image

The problem is that it uses the 'puppet master' command to get the certificates. I've fixed it in my RPMs by using the following command in the SPECfile:

sed -i 's;`puppet master;`puppet agent;g' $RPM_BUILD_DIR/%{realname}-%{realversion}/ext/files/puppetdb-ssl-setup

If it's already installed, you can fix it with the following command:

sed -i 's;`puppet master;`puppet agent;g' /usr/sbin/puppetdb-ssl-setup

Once this is done it will work:

# /usr/sbin/puppetdb-ssl-setup -f
PEM files in /etc/puppetdb/ssl are missing, we will move them into place for you
Copying files: /var/lib/puppet/ssl ...
(more)
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2013-09-26 10:30:44 -0500

Seen: 693 times

Last updated: Sep 26 '13