summaryrefslogtreecommitdiff
path: root/sbin
diff options
context:
space:
mode:
Diffstat (limited to 'sbin')
-rwxr-xr-xsbin/itzks-puppet-renew-ssl21
1 files changed, 19 insertions, 2 deletions
diff --git a/sbin/itzks-puppet-renew-ssl b/sbin/itzks-puppet-renew-ssl
index 3b2dcbf..51f2007 100755
--- a/sbin/itzks-puppet-renew-ssl
+++ b/sbin/itzks-puppet-renew-ssl
@@ -26,13 +26,30 @@ if [[ -z "${HOSTNAME}" ]]; then
exit 1
fi
+root_can_ssh_into_puppetserver=true
+ssh puppetserver -o PasswordAuthentication=no echo "TEST: puppetserver SSH login test successful" 2>/dev/null || {
+ echo "TEST: puppetserver SSH login not successful"
+ root_can_ssh_into_puppetserver=false
+}
+
itzks-puppet-reset-ssl
-ssh puppetserver itzks-puppetserver-clean-hosts-from-ca "${HOSTNAME}"
+if [[ "${root_can_ssh_into_puppetserver}" = "true" ]]; then
+ ssh puppetserver itzks-puppetserver-clean-hosts-from-ca "${HOSTNAME}"
+else
+ echo "ON PUPPETSERVER: please run as root: 'itzks-puppetserver-clean-hosts-from-ca ${HOSTNAME}'"
+ read -p "PRESS ANY KEY WHEN DONE"
+fi
puppet agent --test --waitforcert 0
-ssh puppetserver itzks-puppetserver-autosign-new-hosts-certificates "${HOSTNAME}"
+
+if [[ "${root_can_ssh_into_puppetserver}" = "true" ]]; then
+ ssh puppetserver itzks-puppetserver-autosign-new-host-certificates "${HOSTNAME}"
+else
+ echo "ON PUPPETSERVER: please run as root: 'itzks-puppetserver-autosign-new-host-certificates ${HOSTNAME}'"
+ read -p "PRESS ANY KEY WHEN DONE"
+fi
puppet agent --test
puppet agent --enable
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 15:53:14 +0000