On Fri, Jul 3, 2009 at 9:12 AM, Gary Larizza<glari...@mac.com> wrote: > > I love where this thread is going, I too share in this problem. > > Kurt: Puppet is still being run on the client because the client is > using a cached config (am I right on this guys?). > > I love the scripted ssh key, but ALSO love the PHP script that could > be CURL-ed from the client. Will a PHP script be able to capture the > hostname of a connecting client? From there, the php script could > call puppetca to clean the cert and create a new one...would this be > cleaner than bundling a cert with your base-image? Unfortunately, I'm > not that versed in PHP to hash a script out from scratch. Does anyone > have a rough outline that we could steal?
We use a script like this, but we make it a Custom 404 in Apache. When a machine installs, it requests its keys and if they don't exist the 404 handler gets called. It then creates the key and spits it out as if it had been there the whole time. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
