From b5649fe666ff08cce58f1f90a9bc82cd348e43af Mon Sep 17 00:00:00 2001 From: Julien Escario Date: Fri, 13 Aug 2021 16:33:44 +0200 Subject: [PATCH 1/7] Added support for bullseye (very)quiet apt --- foreman/altinea_puppet_install.sh | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/foreman/altinea_puppet_install.sh b/foreman/altinea_puppet_install.sh index cd113ba..35d7357 100644 --- a/foreman/altinea_puppet_install.sh +++ b/foreman/altinea_puppet_install.sh @@ -1,6 +1,14 @@ #!/bin/sh -apt install -y lsb-release curl && curl -sL -o /var/cache/apt/archives/puppet7-release-`lsb_release -c -s`.deb https://apt.puppet.com/puppet7-release-`lsb_release -c -s`.deb && dpkg -i /var/cache/apt/archives/puppet7-release-`lsb_release -c -s`.deb && apt update && apt install -y puppet-agent && apt clean +apt -qqq install lsb-release curl +if [ `lsb_release -sc` = 'bullseye' ]; then + echo "Bullseye detected, installing repository directly" + echo "# Puppet 7 buster Repository +deb http://apt.puppetlabs.com bullseye puppet7" > /etc/apt/sources.list.d/puppet7.list +else + curl -sL -o /var/cache/apt/archives/puppet7-release-`lsb_release -c -s`.deb https://apt.puppet.com/puppet7-release-`lsb_release -c -s`.deb && dpkg -i /var/cache/apt/archives/puppet7-release-`lsb_release -c -s`.deb +fi +apt -qq update && apt -qqq install puppet-agent && apt clean echo "[agent] server = foreman.altinea.fr runinterval = 600 From cb49670f5795a0a5bebb5e9f19b9bb8205f67cf6 Mon Sep 17 00:00:00 2001 From: Julien Escario Date: Fri, 13 Aug 2021 17:22:28 +0200 Subject: [PATCH 2/7] Secured package signature handle --- foreman/altinea_puppet_install.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/foreman/altinea_puppet_install.sh b/foreman/altinea_puppet_install.sh index 35d7357..a72f4c6 100644 --- a/foreman/altinea_puppet_install.sh +++ b/foreman/altinea_puppet_install.sh @@ -4,7 +4,12 @@ apt -qqq install lsb-release curl if [ `lsb_release -sc` = 'bullseye' ]; then echo "Bullseye detected, installing repository directly" echo "# Puppet 7 buster Repository -deb http://apt.puppetlabs.com bullseye puppet7" > /etc/apt/sources.list.d/puppet7.list + Types: deb + URIs: http://apt.puppetlabs.com + Suites: bullseye + Components: puppet7 + Signed-By: /usr/share/keyrings/puppet-keyring.gpg" > /etc/apt/sources.list.d/puppet7.list + curl -o /usr/share/keyrings/puppet-keyring.gpg https://apt.puppet.com/keyring.gpg else curl -sL -o /var/cache/apt/archives/puppet7-release-`lsb_release -c -s`.deb https://apt.puppet.com/puppet7-release-`lsb_release -c -s`.deb && dpkg -i /var/cache/apt/archives/puppet7-release-`lsb_release -c -s`.deb fi From bd63dff767988ba092e6a8a5f17f6a246f263078 Mon Sep 17 00:00:00 2001 From: Julien Escario Date: Fri, 13 Aug 2021 17:24:00 +0200 Subject: [PATCH 3/7] Fixed error in source file extension --- foreman/altinea_puppet_install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/foreman/altinea_puppet_install.sh b/foreman/altinea_puppet_install.sh index a72f4c6..65d9476 100644 --- a/foreman/altinea_puppet_install.sh +++ b/foreman/altinea_puppet_install.sh @@ -8,7 +8,7 @@ if [ `lsb_release -sc` = 'bullseye' ]; then URIs: http://apt.puppetlabs.com Suites: bullseye Components: puppet7 - Signed-By: /usr/share/keyrings/puppet-keyring.gpg" > /etc/apt/sources.list.d/puppet7.list + Signed-By: /usr/share/keyrings/puppet-keyring.gpg" > /etc/apt/sources.list.d/puppet7.sources curl -o /usr/share/keyrings/puppet-keyring.gpg https://apt.puppet.com/keyring.gpg else curl -sL -o /var/cache/apt/archives/puppet7-release-`lsb_release -c -s`.deb https://apt.puppet.com/puppet7-release-`lsb_release -c -s`.deb && dpkg -i /var/cache/apt/archives/puppet7-release-`lsb_release -c -s`.deb From bf24edbcd81f9c3bf0a1f4820a3919e00e41adab Mon Sep 17 00:00:00 2001 From: Julien Escario Date: Fri, 13 Aug 2021 17:25:36 +0200 Subject: [PATCH 4/7] Removed breaking whitespace at beginning in sources file --- foreman/altinea_puppet_install.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/foreman/altinea_puppet_install.sh b/foreman/altinea_puppet_install.sh index 65d9476..519a152 100644 --- a/foreman/altinea_puppet_install.sh +++ b/foreman/altinea_puppet_install.sh @@ -4,11 +4,11 @@ apt -qqq install lsb-release curl if [ `lsb_release -sc` = 'bullseye' ]; then echo "Bullseye detected, installing repository directly" echo "# Puppet 7 buster Repository - Types: deb - URIs: http://apt.puppetlabs.com - Suites: bullseye - Components: puppet7 - Signed-By: /usr/share/keyrings/puppet-keyring.gpg" > /etc/apt/sources.list.d/puppet7.sources +Types: deb +URIs: http://apt.puppetlabs.com +Suites: bullseye +Components: puppet7 +Signed-By: /usr/share/keyrings/puppet-keyring.gpg" > /etc/apt/sources.list.d/puppet7.sources curl -o /usr/share/keyrings/puppet-keyring.gpg https://apt.puppet.com/keyring.gpg else curl -sL -o /var/cache/apt/archives/puppet7-release-`lsb_release -c -s`.deb https://apt.puppet.com/puppet7-release-`lsb_release -c -s`.deb && dpkg -i /var/cache/apt/archives/puppet7-release-`lsb_release -c -s`.deb From f764d3114fbd97b3bb70f45ba261c42bc5f52b81 Mon Sep 17 00:00:00 2001 From: Sebastien Date: Fri, 10 Sep 2021 14:02:54 +0200 Subject: [PATCH 5/7] renew cert zimbra acme.sh ver 1.0 --- zimbra/certificat/renew_cert_acmesh_zimbra.sh | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 zimbra/certificat/renew_cert_acmesh_zimbra.sh diff --git a/zimbra/certificat/renew_cert_acmesh_zimbra.sh b/zimbra/certificat/renew_cert_acmesh_zimbra.sh new file mode 100644 index 0000000..2c396aa --- /dev/null +++ b/zimbra/certificat/renew_cert_acmesh_zimbra.sh @@ -0,0 +1,34 @@ +su zimbra /opt/zimbra/bin/zmproxyctl stop +/root/.acme.sh/acme.sh --issue --standalone -d replace_host +cd /etc/myacme/replace_host/ +mkdir /opt/zimbra/ssl/letsencrypt +echo '-----BEGIN CERTIFICATE----- +MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ +MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT +DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow +PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD +Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O +rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq +OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b +xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw +7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD +aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV +HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG +SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 +ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr +AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz +R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 +JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo +Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ +-----END CERTIFICATE-----' >> fullchain.cer +cp /etc/myacme/replace_host/* /opt/zimbra/ssl/letsencrypt/ +chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/* +chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/ +cp -a /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date "+%Y%m%d") +cp /opt/zimbra/ssl/letsencrypt/replace_host.key /opt/zimbra/ssl/zimbra/commercial/commercial.key +su - zimbra -c " +cd /opt/zimbra/ssl/letsencrypt/ +/opt/zimbra/bin/zmcertmgr verifycrt comm replace_host.key replace_host.cer fullchain.cer +/opt/zimbra/bin/zmcertmgr deploycrt comm replace_host.cer fullchain.cer +zmcontrol restart" From 014a2acf4280b86e12c0c4762476c3c1aca84a67 Mon Sep 17 00:00:00 2001 From: Sebastien Date: Fri, 10 Sep 2021 14:09:59 +0200 Subject: [PATCH 6/7] ver 1.1 --- zimbra/certificat/renew_cert_acmesh_zimbra.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/zimbra/certificat/renew_cert_acmesh_zimbra.sh b/zimbra/certificat/renew_cert_acmesh_zimbra.sh index 2c396aa..22c5118 100644 --- a/zimbra/certificat/renew_cert_acmesh_zimbra.sh +++ b/zimbra/certificat/renew_cert_acmesh_zimbra.sh @@ -1,3 +1,5 @@ +#!/bin/bash + su zimbra /opt/zimbra/bin/zmproxyctl stop /root/.acme.sh/acme.sh --issue --standalone -d replace_host cd /etc/myacme/replace_host/ From fdab18c0096c5bc27e099e51d45575af123ebc57 Mon Sep 17 00:00:00 2001 From: Julien Escario Date: Fri, 10 Sep 2021 14:10:28 +0200 Subject: [PATCH 7/7] Try another method to call puppet agent bash profile --- foreman/altinea_puppet_install.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/foreman/altinea_puppet_install.sh b/foreman/altinea_puppet_install.sh index f115112..0053d10 100644 --- a/foreman/altinea_puppet_install.sh +++ b/foreman/altinea_puppet_install.sh @@ -20,5 +20,4 @@ echo "[agent] listen = false pluginsync = true report = true"> /etc/puppetlabs/puppet/puppet.conf -/opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true -. /etc/profile.d/puppet-agent.sh +/opt/puppetlabs/bin/puppet resource service puppet ensure=running enable=true && source /etc/profile.d/puppet-agent.sh