blob: 937152058bf694fd55d432c3d1ba012b397cfc6c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
#! /usr/bin/env ruby
# this scripts calls a client and ask him to trigger a puppetd run
# uses SSL for communication based on the puppet infrastructure
# the client allows access based on the namespaceauth
# ohadlevy@gmail.com
port = 8139
if ARGV[0].nil?
warn "Usage: hostname to run against"
exit 1
else
host = ARGV[0]
end
require 'puppet/sslcertificates/support'
require 'socket'
# load puppet configuration, needed to find ssl certificates
Puppet[:config] = "/etc/puppet/puppet.conf"
Puppet.parse_config
# establish the certificate
ctx = OpenSSL::SSL::SSLContext.new()
ctx.key = OpenSSL::PKey::RSA.new(File::read(Puppet[:hostprivkey]))
ctx.cert = OpenSSL::X509::Certificate.new(File::read(Puppet[:hostcert]))
ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
ctx.ca_file = Puppet[:localcacert]
# establish the connection
s = TCPSocket.new(host, port)
ssl = OpenSSL::SSL::SSLSocket.new(s, ctx)
ssl.connect # start SSL session
ssl.sync_close = true # if true the underlying socket will be
# closed in SSLSocket#close. (default: false)
while (line = ssl.gets)
puts line
end
ssl.close
|