On Mon, Jun 27, 2011 at 5:55 PM, <zu...@puzzle.ch> wrote:
>> On Mon, Jun 27, 2011 at 7:27 AM, <zu...@puzzle.ch> wrote:
>>
>>> I don't know if i got the URL right, i did not find any examples on the
>>> REST API documentation for the fileserver.
>>>
>>
>> This should cover it.
>>
>> http://docs.puppetlabs.com/guides/rest_api.html#file-server
>
> This isn't still clear to me. Would appreciate if someone could give a
> concrete example how a path in a module or in the filepath would tanslate.
>
> Here is what i try:
>
> fileserver.conf
> [files]
> path /etc/puppet/manifests/files
> allow 127.0.0.1
> allow *.smobi.mobicorp.test
>
>
> The file is located at /etc/puppet/manifests/files/sudo/sudoers
>
>
> [root@foo me]# ./puppet-wget file_content/sudo/sudoers
> https://foo.bar:8140/file_content/sudo/sudoers
> warning: peer certificate won't be verified in this SSL session
> /usr/lib/ruby/1.8/net/http.rb:2099:in `error!': 403 "Forbidden request:
> foo.bar(10.2.3.4) access to /sudo/sudoers [find] authenticated at line 93
> " (Net::HTTPServerException)
> from ./puppet-wget:56
> from ./puppet-wget:43:in `each'
> from ./puppet-wget:43
>
>
> AFAIK if something is wrong with the certs the server would answer with a
> 401 and not 403. It really looks to me as if i get that path wrong.
>
> ------------------
> #!/bin/env ruby
> #
> # Puppet Wget
> #
> # Downloads files from the puppetmaster without the puppet agent
>
>
> require 'optparse'
> require 'puppet/rails'
> require 'uri'
> require 'net/https'
>
>
> # Parse all Options
> options = {}
> OptionParser.new do |opts|
> opts.banner = "Usage: puppet-wget [options] module/path/to/file"
>
> opts.on("-r", "--recursive", "Download directory recursively") do |r|
> options[:recursive] = r
> end
> end.parse!
>
>
> # Get some settings for the puppet config
> Puppet[:config] = "/etc/puppet/puppet.conf"
> Puppet.parse_config
> puppet_conf = Puppet.settings.instance_variable_get(:@values)[:main]
>
>
> # default values
> puppet_conf[:server] ||= 'puppet'
> puppet_conf[:masterport] ||= '8140'
> puppet_conf[:ssldir] ||= '/etc/puppet/ssl'
>
>
> server = puppet_conf[:server]
> port = puppet_conf[:masterport]
> certpath = puppet_conf[:ssldir] + '/certs/' + ENV['HOSTNAME'] +
> '.pem'
> pkey_path = puppet_conf[:ssldir] + '/private_keys/' + ENV['HOSTNAME'] +
> '.pem'
>
>
> ARGV.each do |filepath|
> url = URI.parse("https://#{server}:#{port}/#{filepath}";)
> req = Net::HTTP::Get.new("#{url.path}?#{url.query}", "Accept" => 's')
>
> puts url
>
> # make ssl request
> connection = Net::HTTP.new(url.host, url.port)
> connection.use_ssl = true
> connection.cert = OpenSSL::X509::Certificate.new(File.read(certpath))
> connection.key = OpenSSL::PKey::RSA.new(File.read(pkey_path))
you are missing the CA file... something like
connection.ca_file = Puppet[:localcacert]
> res = connection.start { |http| http.request(req) }
>
> res.error! unless res.code_type == Net::HTTPOK
> puts res.body
>
> end
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
