Bootstrap step client

2024-10-08 14:09:44 +02:00 · 2024-10-08 14:09:44 +02:00 · 8d4d1841c4
commit 8d4d1841c4
parent 44001514de
2 changed files with 18 additions and 0 deletions
--- a/global/overlay/etc/puppet/modules/cdn/files/bootstrap-client
+++ b/global/overlay/etc/puppet/modules/cdn/files/bootstrap-client
@ -0,0 +1,5 @@
+#!/bin/bash
+
+# Create /root/.step, executed by puppet
+CA_FINGERPRINT=$(step certificate fingerprint /opt/step-ca/data/certs/root_ca.crt)
+step ca bootstrap --ca-url https://localhost:9000 --fingerprint "$CA_FINGERPRINT"
--- a/global/overlay/etc/puppet/modules/cdn/manifests/ca.pp
+++ b/global/overlay/etc/puppet/modules/cdn/manifests/ca.pp
@ -51,6 +51,14 @@ class cdn::ca(
    content => file('cdn/ca/set-provisioner-pw'),
  }

+  file { '/opt/step-ca/init/scripts/bootstrap-client':
+    ensure  => file,
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0755',
+    content => file('cdn/ca/bootstrap-client'),
+  }
+
  file { '/opt/step-ca/init/deb':
    ensure => directory,
    owner  => 'root',
@ -103,4 +111,9 @@ class cdn::ca(
    compose_filename => 'docker-compose.yml',
    description      => 'SUNET CDN CA',
  }
+
+  exec { '/opt/step-ca/init/scripts/bootstrap-client':
+    creates => '/root/.step/config/defaults.json',
+    onlyif  => 'test -f /opt/step-ca/data/certs/root_ca.crt'
+  }
 }