-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Alternatively to using auto-sign, you can do server-side cert generation with puppetca -g, then figure a good secure way to transfer that stuff during OS install.
On 11/14/2010 01:09 PM, Matthew Macdonald-Wallace wrote: > Hi all, > > I'm trying to work out the best way to ensure that my systems run puppet at > first boot without having to run puppetca --sign or have wildcards in my > auth file. > > All nodes are stored in an external database so what I want to tell puppet > is "if it's in the database, authenticate it, othwise ignore it". Is this > possible using the "external-node" classifier? > > Thanks in advance, > > Matt > - -- Joe McDonagh AIM: YoosingYoonickz IRC: joe-mac on freenode L'ennui est contre-révolutionnaire -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJM4LXdAAoJEFKvc4++22tcPjkP/1F4WraUcgvq2V6L9ZnafZij LV2WrA0ogZGWTdmpOuSCkUFSj9HOex29vPE7rIA4DMPs0wXOXj/ETVPhq2KLUbnR +YwPj7y6jFCrQ63fSOTGpsgfBSnqgplSnXqi9Lc6Gg89SAtzARsrhUjb6rjSDb1e ATB62IJt1pJQVqtFo+/J9PMC3Me6QWAdLJwZIauERgIpnTjws/0bGc+yhZYHP1xn mEusS6gvyNxny/SirZq6H/x8FiMud6bOj+8gUM8lcl+XgJaDKCW08TZVMqvgQmZT U82B9jW8dodFj8Zg6pguVJZ6mTIfjKvdS/51RsAxChnMLrc+y5sW5veeO27odcGd ScVPa8TCmP24xoxWgNY7KQB+t2sSXBPueYczzCpPzmmlXKB16aSIAL4cgc51wUBn WnwJNce51qJVpbABxEF4HwQEAdpgW40UJJ3Eq8fvdhJdbTJ6RR3Cvs91xsrgmiWk X6XbdqqRRnfmXiB+PKP/YnihECdfYVEZslNWoEVWXC8NTwHsoIs+C6uGIKwge92d Qns9pboOvImbvgWLuLYsSYxSdCOPWfTypQKJUqUtbLU7OMcZS9OopeiKMRWMkFR6 BfzSs8KEIQSoslKTtr0BICy81zG1qOiUBu+PpAMwJpzYy84sNoanU3eEp2BQwQST xr2nx5oQt++50KrUOHPj =ftkI -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.