bunny-lab/docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Servers & Workflows/Linux/Automation/Puppet/Puppet Deployment.md

Browse Source
This commit is contained in:
Nicole Rappe
2024-10-03 19:13:50 -06:00
parent b0349c5f12
commit 4a19b147d1
1 changed files with 30 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
Servers & Workflows/Linux/Automation/Puppet/Puppet Deployment.md
View File

@ -99,7 +99,7 @@ sudo gem install r10k
r10k version
```
## Configure r10k
### Configure r10k
``` sh
# Create the r10k Configuration Directory
sudo mkdir -p /etc/puppetlabs/r10k
@ -121,20 +121,47 @@ sources:
```
``` sh
# Lockdown the Permissions of the Configuration File
chmod 600 /etc/puppetlabs/r10k/r10k.yaml
# Create r10k Cache Directory
sudo mkdir -p /var/cache/r10k
sudo chown -R puppet:puppet /var/cache/r10k
```
## Configure Gitea
### Configure Gitea
At this point, we need to set up the branches and file/folder structure of the Puppet repository on Gitea.
!!! warning "Incomplete"
This section needs a copy of all of the folder structure explained, as well as the branch structure, and example files for things like `site.pp`, `environment.conf`, and `init.pp`. That will be added at a later time soon.
## Storing Credentials to Gitea
### Storing Credentials to Gitea
We need to be able to pull down the data from Gitea's Puppet repository under the root user so that r10k can automatically pull down any changes made to the Puppet environments (e.g. `Production` and `Development`). Each Git branch represents a different Puppet environment. We will use an application token to do this.
Navigate to "**Gitea > User (Top-Right) > Settings > Applications
- Token Name: `Puppet r10k`
- Permissions: `Repository > Read Only`
- Click the "**Generate Token**" button to finish.
!!! warning "Securely Store the Application Token"
It is critical that you store the token somewhere safe like a password manager as you will need to reference it later and might need it in the future if you re-build the r10k environment.
Now we want to configure Gitea to store the credentials for later use by r10k:
``` sh
# Enable Stored Credentials (We will address security concerns further down...)
git config --global credential.helper store
# Clone the Git Repository Once to Store the Credentials (Use the Application Token as the password)
# Username: nicole.rappe
# Password: <Application Token Value>
git clone https://git.bunny-lab.io/GitOps/Puppet.git /tmp/PuppetTest
# Verify the Credentials are Stored
cat /root/.git-credentials
# Lockdown Permissions
chmod 600 /root/.git-credentials
# Cleanup After Ourselves
rm -rf /tmp/PuppetTest