diff options
| -rwxr-xr-x | sbin/itzks-puppet-renew-ssl | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/sbin/itzks-puppet-renew-ssl b/sbin/itzks-puppet-renew-ssl index 3b2dcbf..51f2007 100755 --- a/sbin/itzks-puppet-renew-ssl +++ b/sbin/itzks-puppet-renew-ssl @@ -26,13 +26,30 @@ if [[ -z "${HOSTNAME}" ]]; then exit 1 fi +root_can_ssh_into_puppetserver=true +ssh puppetserver -o PasswordAuthentication=no echo "TEST: puppetserver SSH login test successful" 2>/dev/null || { + echo "TEST: puppetserver SSH login not successful" + root_can_ssh_into_puppetserver=false +} + itzks-puppet-reset-ssl -ssh puppetserver itzks-puppetserver-clean-hosts-from-ca "${HOSTNAME}" +if [[ "${root_can_ssh_into_puppetserver}" = "true" ]]; then + ssh puppetserver itzks-puppetserver-clean-hosts-from-ca "${HOSTNAME}" +else + echo "ON PUPPETSERVER: please run as root: 'itzks-puppetserver-clean-hosts-from-ca ${HOSTNAME}'" + read -p "PRESS ANY KEY WHEN DONE" +fi puppet agent --test --waitforcert 0 -ssh puppetserver itzks-puppetserver-autosign-new-hosts-certificates "${HOSTNAME}" + +if [[ "${root_can_ssh_into_puppetserver}" = "true" ]]; then + ssh puppetserver itzks-puppetserver-autosign-new-host-certificates "${HOSTNAME}" +else + echo "ON PUPPETSERVER: please run as root: 'itzks-puppetserver-autosign-new-host-certificates ${HOSTNAME}'" + read -p "PRESS ANY KEY WHEN DONE" +fi puppet agent --test puppet agent --enable |