{"id":16445242,"url":"https://github.com/dgapitts/puppet-control-repo","last_synced_at":"2025-10-09T16:18:22.703Z","repository":{"id":145829440,"uuid":"334150494","full_name":"dgapitts/puppet-control-repo","owner":"dgapitts","description":null,"archived":false,"fork":false,"pushed_at":"2021-01-31T16:46:48.000Z","size":9,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"production","last_synced_at":"2025-02-26T09:46:43.666Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Puppet","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dgapitts.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-29T13:15:13.000Z","updated_at":"2021-01-31T16:46:50.000Z","dependencies_parsed_at":"2023-04-24T00:15:35.854Z","dependency_job_id":null,"html_url":"https://github.com/dgapitts/puppet-control-repo","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/dgapitts/puppet-control-repo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dgapitts%2Fpuppet-control-repo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dgapitts%2Fpuppet-control-repo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dgapitts%2Fpuppet-control-repo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dgapitts%2Fpuppet-control-repo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dgapitts","download_url":"https://codeload.github.com/dgapitts/puppet-control-repo/tar.gz/refs/heads/production","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dgapitts%2Fpuppet-control-repo/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279001769,"owners_count":26083171,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-09T02:00:07.460Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-11T09:43:45.409Z","updated_at":"2025-10-09T16:18:22.687Z","avatar_url":"https://github.com/dgapitts.png","language":"Puppet","funding_links":[],"categories":[],"sub_categories":[],"readme":"# puppet-control-repo\n\nThis git repo is for my puppet training purposing:\n* I've been following https://www.linkedin.com/learning/learning-puppet \n* This repo is to be used in conjunction with the puppetmaster vagrant vm deployed here https://github.com/dgapitts/vagrant-puppet \n* In v0.02 of the vagrant-pupppet git repo, is hardcoded link to this puppet-control-repo.git repo (this can be relatively easily changed and is acceptible for training purposes)\n```\n  # v0.02 r10k setup and linking to remote github repo\n\n  echo '*** r10k setup and linking to remote repo https://github.com/dgapitts/puppet-control-repo.git'\n  mkdir /etc/puppetlabs/r10k\n  cat /vagrant/r10k.yaml \u003e /etc/puppetlabs/r10k/r10k.yaml\n```\n* v0.01 of this puppet-control-repo covers project covers initial setup - see details below)\n* v0.02 includes hard coding my current puppetmaster public ssh-key into ssh_server role manifests (which is part of the base profle) - again see details below\n\n## ssh bug details (in progress)\n\nUnfortunately the v0.02 release for ssh-key access doesn't quite work.\n\nManually reviewing, it appears the ssh public is added correctly\n\n```\n[puppetmaster:root:~/.ssh] # docker exec -it db01.puppet.vm bash\n[root@db01 /]# puppet agent -t\nInfo: Using configured environment 'production'\nInfo: Retrieving pluginfacts\nInfo: Retrieving plugin\nInfo: Retrieving locales\nInfo: Loading facts\nInfo: Caching catalog for db01.puppet.vm\nInfo: Applying configuration version '1612111107'\nNotice: /Stage[main]/Profile::Ssh_server/Ssh_authorized_key[puppetmaster]/ensure: created (corrective)\nNotice: Applied catalog in 0.19 seconds\n[root@db01 /]# cat ~/.ssh/authorized_keys\n# HEADER: This file was autogenerated at 2021-01-31 16:38:28 +0000\n# HEADER: by puppet.  While it can still be managed manually, it\n# HEADER: is definitely not recommended.\nssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEG0tZUQwPDpOVEgMR+RXoxE5lhjaGVEdHUtsdD5Or70I4C/edvXpPqauKEOAzLjNleTuJmnG+Ozq8bOaSE9NFd758CYqM2swVMfNqvFmilQlg8/yaKF3EzuGdXK5gx6mo/XizkuliCTtX5RxNgmVEIcYzOg/1zx8XSsBiWyHNPax9JX2s00DM4dc1UOssTiwchFjOprhg1cQQETsGnQaLoZHZneWtZYMKZBXjo5BntyIK8KybJLvOyKIXnKYbQ1nO57WbC2U2BXHNjKrts/DXkyW0rK6ljxD3eK04lSkeGT5A5g3/a92LwhesQJDMsi4IUNwNNXO1Onr2hdkJtoiJ puppetmaster\n[root@db01 /]# ls -ltr ~/.ssh/authorized_keys\n-rw-------. 1 root root 567 Jan 31 16:38 /root//.ssh/authorized_keys\n```\n\nbut unfortunately this doesn't quite work\n\n```\n[puppetmaster:root:~/.ssh] # cat ~/.ssh/id_rsa.pub \nssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEG0tZUQwPDpOVEgMR+RXoxE5lhjaGVEdHUtsdD5Or70I4C/edvXpPqauKEOAzLjNleTuJmnG+Ozq8bOaSE9NFd758CYqM2swVMfNqvFmilQlg8/yaKF3EzuGdXK5gx6mo/XizkuliCTtX5RxNgmVEIcYzOg/1zx8XSsBiWyHNPax9JX2s00DM4dc1UOssTiwchFjOprhg1cQQETsGnQaLoZHZneWtZYMKZBXjo5BntyIK8KybJLvOyKIXnKYbQ1nO57WbC2U2BXHNjKrts/DXkyW0rK6ljxD3eK04lSkeGT5A5g3/a92LwhesQJDMsi4IUNwNNXO1Onr2hdkJtoiJ root@puppetmaster\n[puppetmaster:root:~/.ssh] # ssh db01.puppet.vm\nroot@db01.puppet.vm's password: \n```\n\nI can't see any tipo style errors, so reviewing https://stackoverflow.com/questions/18136389/using-ssh-keys-inside-docker-container ...\n\n## v0.02  add ssh key (hard coding) my current puppetmaster public ssh-key into ssh_server role manifest\n\nOn puppetmaster run ssh-keygen (with no passphrase)\n```\n[puppetmaster:root:~] # ssh-keygen \nGenerating public/private rsa key pair.\nEnter file in which to save the key (/root/.ssh/id_rsa): \nCreated directory '/root/.ssh'.\nEnter passphrase (empty for no passphrase): \nEnter same passphrase again: \nYour identification has been saved in /root/.ssh/id_rsa.\nYour public key has been saved in /root/.ssh/id_rsa.pub.\n...\n[puppetmaster:root:~] # cat .ssh/id_rsa.pub\nssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEG0tZUQwPDpOVEgMR+RXoxE5lhjaGVEdHUtsdD5Or70I4C/edvXpPqauKEOAzLjNleTuJmnG+Ozq8bOaSE9NFd758CYqM2swVMfNqvFmilQlg8/yaKF3EzuGdXK5gx6mo/XizkuliCTtX5RxNgmVEIcYzOg/1zx8XSsBiWyHNPax9JX2s00DM4dc1UOssTiwchFjOprhg1cQQETsGnQaLoZHZneWtZYMKZBXjo5BntyIK8KybJLvOyKIXnKYbQ1nO57WbC2U2BXHNjKrts/DXkyW0rK6ljxD3eK04lSkeGT5A5g3/a92LwhesQJDMsi4IUNwNNXO1Onr2hdkJtoiJ root@puppetmaster\n```\n\nthis is public key is added to the ssh_server role manifests\n\n```\n[~/projects/puppet-control-repo] # git diff site/profile/manifests/ssh_server.pp\ndiff --git a/site/profile/manifests/ssh_server.pp b/site/profile/manifests/ssh_server.pp\nindex 532866a..e3fc627 100755\n--- a/site/profile/manifests/ssh_server.pp\n+++ b/site/profile/manifests/ssh_server.pp\n@@ -10,6 +10,6 @@ class profile::ssh_server {\n     ensure =\u003e present,\n     user   =\u003e 'root',\n     type   =\u003e 'ssh-rsa',\n-    key    =\u003e '',\n+    key    =\u003e 'AAAAB3NzaC1yc2EAAAADAQABAAABAQDEG0tZUQwPDpOVEgMR+RXoxE5lhjaGVEdHUtsdD5Or70I4C/edvXpPqauKEOAzLjNleTuJmnG+Ozq8bOaSE9NFd758CYqM2swVMfNqvFmilQlg8/yaKF3EzuGdXK5gx6mo/XizkuliCTtX5RxNgmVEIcYzOg/1zx8XSsBiWyHNPax9JX2s00DM4dc1UOssTiwchFjOprhg1cQQETsGnQaLoZHZneWtZYMKZBXjo5BntyIK8KybJLvOyKIXnKYbQ1nO57WbC2U2BXHNjKrts/DXkyW0rK6ljxD3eK04lSkeGT5A5g3/a92LwhesQJDMsi4IUNwNNXO1Onr2hdkJtoiJ',\n   }  \n }\n\n```\n\nand this is linked to the base profile manifest\n\n```\n[~/projects/puppet-control-repo] # git diff site/profile/manifests/base.pp\ndiff --git a/site/profile/manifests/base.pp b/site/profile/manifests/base.pp\nindex 1243cf8..08a5da6 100755\n--- a/site/profile/manifests/base.pp\n+++ b/site/profile/manifests/base.pp\n@@ -2,4 +2,5 @@ class profile::base {\n   user {'admin':\n     ensure =\u003e present\n   }\n+  include profile::ssh_server\n }\n```\n\n\n\n\n## v0.01  initial setup\n\n### on puppetmaster get latest code (r10k) and run puppet agent\n```\n[puppetmaster:root:~] # r10k deploy environment -p\n[puppetmaster:root:~] # puppet agent -t\nInfo: Using configured environment 'production'\nInfo: Retrieving pluginfacts\nInfo: Retrieving plugin\nNotice: /File[/opt/puppetlabs/puppet/cache/lib/facter]/ensure: created\nNotice: /File[/opt/puppetlabs/puppet/cache/lib/facter/docker.rb]/ensure: defined content as '{md5}747c341ab2327cf5711de2adbfd7afcb'\nNotice: /File[/opt/puppetlabs/puppet/cache/lib/facter/docker_hosts.rb]/ensure: defined content as '{md5}8270534b8b27c695f54498a4a61ac127'\nNotice: /File[/opt/puppetlabs/puppet/cache/lib/facter/facter_dot_d.rb]/ensure: defined content as '{md5}37426ce465bf4a86aef41da3367b7d89'\nNotice: /File[/opt/puppetlabs/puppet/cache/lib/facter/package_provider.rb]/ensure: defined content as '{md5}b17127f4c7f20443f6c85c4836745bac'\n...\n```\n\nthe above two a while to run and I also need to re-run to get past an initial\n\n```\nNotice: /Stage[main]/Dockeragent/Dockeragent::Image[agent]/Docker::Image[agent]/Exec[docker build -t agent /etc/docker/agent/]/returns: executed successfully\nInfo: Class[Dockeragent]: Unscheduling all events on Class[Dockeragent]\nNotice: /Stage[main]/Profile::Agent_nodes/Dockeragent::Node[db01.puppet.vm]/Docker::Run[db01.puppet.vm]/File[/usr/local/bin/docker-run-db01.puppet.vm-start.sh]: Dependency Docker_network[dockeragent-net] has failures: true\nWarning: /Stage[main]/Profile::Agent_nodes/Dockeragent::Node[db01.puppet.vm]/Docker::Run[db01.puppet.vm]/File[/usr/local/bin/docker-run-db01.puppet.vm-start.sh]: Skipping because of failed dependencies\nWarning: /Stage[main]/Profile::Agent_nodes/Dockeragent::Node[db01.puppet.vm]/Docker::Run[db01.puppet.vm]/File[/usr/local/bin/docker-run-db01.puppet.vm-stop.sh]: Skipping because of failed dependencies\nWarning: /Stage[main]/Profile::Agent_nodes/Dockeragent::Node[db01.puppet.vm]/Docker::Run[db01.puppet.vm]/File[/etc/systemd/system/docker-db01.puppet.vm.service]: Skipping because of failed dependencies\nWarning: /Stage[main]/Profile::Agent_nodes/Dockeragent::Node[db01.puppet.vm]/Docker::Run[db01.puppet.vm]/Exec[docker-db01.puppet.vm-systemd-reload]: Skipping because of failed dependencies\n...\n```\n\nI googled for \"Dependency Docker_network[dockeragent-net] has failures\" but didn't find much.\n\nBy chance I reran (to review any 'docker ps' details)  and the second time it worked\n\n```\n[puppetmaster:root:~] # for i in {1..100};do docker ps;sleep 1;done\nCONTAINER ID   IMAGE     COMMAND                  CREATED          STATUS          PORTS     NAMES\nc89d5f577cf3   agent     \"/usr/lib/systemd/sy…\"   32 seconds ago   Up 30 seconds             db02.puppet.vm\n5e713642b7ea   agent     \"/usr/lib/systemd/sy…\"   33 seconds ago   Up 31 seconds             db01.puppet.vm\nCONTAINER ID   IMAGE     COMMAND                  CREATED          STATUS          PORTS     NAMES\nc89d5f577cf3   agent     \"/usr/lib/systemd/sy…\"   33 seconds ago   Up 31 seconds             db02.puppet.vm\n5e713642b7ea   agent     \"/usr/lib/systemd/sy…\"   34 seconds ago   Up 32 seconds             db01.puppet.vm\n```\n\n\n\n### on docker node (on puppet control) get latest code via r10k and run puppet agent\n\n\nThe first run of puppet agent creates a new SSL cert\n```\n[puppetmaster:root:~] # docker exec -it db01.puppet.vm bash\n[root@db01 /]# facter ipaddress\n172.18.0.2\n[root@db01 /]# puppet agent -t\nInfo: Creating a new SSL key for db01.puppet.vm\nInfo: Caching certificate for ca\nInfo: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml\nInfo: Creating a new SSL certificate request for db01.puppet.vm\nInfo: Certificate Request fingerprint (SHA256): 95:E7:90:36:75:7A:59:3F:FF:D5:04:CD:7B:03:D1:D2:69:07:45:5C:61:80:03:F4:1C:05:41:C8:E7:9A:59:21\nInfo: Caching certificate for ca\nExiting; no certificate found and waitforcert is disabled\n```\n\nwe need to switch back to the puppetmaster to add this cert\n\n```\n[root@db01 /]# exit\nexit\n[puppetmaster:root:~] # puppetserver ca list\nRequested Certificates:\n    db01.puppet.vm       (SHA256)  95:E7:90:36:75:7A:59:3F:FF:D5:04:CD:7B:03:D1:D2:69:07:45:5C:61:80:03:F4:1C:05:41:C8:E7:9A:59:21\n[puppetmaster:root:~] # puppetserver ca sign --certname  db01.puppet.vm\nSuccessfully signed certificate request for db01.puppet.vm\n```\nand now we can run puppet \n```\n[puppetmaster:root:~] # docker exec -it db01.puppet.vm bash\n[root@db01 /]# puppet agent -t\nInfo: Caching certificate for db01.puppet.vm\nInfo: Caching certificate_revocation_list for ca\nInfo: Caching certificate for db01.puppet.vm\nInfo: Using configured environment 'production'\nInfo: Retrieving pluginfacts\nInfo: Retrieving plugin\nNotice: /File[/var/opt/lib/pe-puppet/lib/facter]/ensure: created\nNotice: /File[/var/opt/lib/pe-puppet/lib/facter/docker.rb]/ensure: defined content as '{md5}747c341ab2327cf5711de2adbfd7afcb'\nNotice: /File[/var/opt/lib/pe-puppet/lib/facter/docker_hosts.rb]/ensure: defined content as '{md5}8270534b8b27c695f54498a4a61ac127'\nNotice: /File[/var/opt/lib/pe-puppet/lib/facter/facter_dot_d.rb]/ensure: defined content as '{md5}37426ce465bf4a86aef41da3367b7d89'\nNotice: /File[/var/opt/lib/pe-puppet/lib/facter/package_provider.rb]/ensure: defined content as '{md5}b17127f4c7f20443f6c85c4836745bac'\nNotice: /File[/var/opt/lib/pe-puppet/lib/facter/pe_version.rb]/ensure: defined content as '{md5}b2c9b4cbc4b69c2a377770f7189d3e94'\n...\nNotice: /File[/var/opt/lib/pe-puppet/locales/ja]/ensure: created\nNotice: /File[/var/opt/lib/pe-puppet/locales/ja/puppetlabs-concat.po]/ensure: defined content as '{md5}c9dad056a76901974ded7b150267573a'\nNotice: /File[/var/opt/lib/pe-puppet/locales/ja/puppetlabs-stdlib.po]/ensure: defined content as '{md5}805e5d893d2025ad57da8ec0614a6753'\nInfo: Loading facts\nInfo: Caching catalog for db01.puppet.vm\nInfo: Applying configuration version '1612038833'\nNotice: /Stage[main]/Profile::Base/User[admin]/ensure: created\nInfo: Creating state file /var/opt/lib/pe-puppet/state/state.yaml\nNotice: Applied catalog in 0.65 seconds\n```\nand it appears we psql 9.2 installed\n\n```\n[root@db01 /]# psql --version\npsql (PostgreSQL) 9.2.24\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdgapitts%2Fpuppet-control-repo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdgapitts%2Fpuppet-control-repo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdgapitts%2Fpuppet-control-repo/lists"}