Puppet Enterprise MASTER for Ubuntu 14.04 LTS

1. #!/bin/bash
2. # puppet enterprise master for ubuntu 14.04 LTS server for developers
3. # pre-install
4. sudo apt-get update -y && sudo apt-get upgrade -y
5. #
6. # change hostname
7. sudo hostname puppet
8. #
9. # To change the name permanently, run command to edit the host files:
10. sudo sed -i 's/ubuntu/puppet/g' /etc/hosts
11. sudo sed -i 's/ubuntu/puppet/g' /etc/hostname
12. #
13. # To disable the reboot action taken by pressing the Ctrl+Alt+Delete key combination, comment out the following line in the file /etc/init/control-alt-delete.conf.
14. sudo sed -i 's!#exec shutdown -r now "Control-Alt-Delete pressed"!exec shutdown -r now "Control-Alt-Delete pressed"!g' /etc/init/control-alt-delete.conf
15. #
16. # Edit /etc/network/interfaces to meet your requirements.
17. #
18. sudo sed -i 's!dhcp!static!g' /etc/network/interfaces
19. sudo sed -i '$ a\address 192.168.0.2' /etc/network/interfaces
20. sudo sed -i '$ a\netmask 255.255.255.0' /etc/network/interfaces
21. sudo sed -i '$ a\network 192.168.0.0' /etc/network/interfaces
22. sudo sed -i '$ a\broadcast 192.168.0.255' /etc/network/interfaces
23. sudo sed -i '$ a\gateway 192.168.0.1' /etc/network/interfaces
24. #
25. # Name resolution: Every node must have a unique hostname.
26. # Forward and reverse DNS must both be configured correctly.
27. # (If your site lacks DNS, you must write an /etc/hosts file on each node.)
28. # Note: The default puppet master hostname is puppet.
29. # Your agent nodes can be ready sooner if this hostname resolves to your puppet master.
30. sudo sed -i '$ a\dns-nameservers 192.168.0.1' /etc/network/interfaces
31. #
32. sudo apt-get install ntp -y
33. #
34. # install LAMP server
35. # https://help.ubuntu.com/lts/serverguide/httpd.html
36. # https://help.ubuntu.com/lts/serverguide/php5.html
37. # https://help.ubuntu.com/lts/serverguide/mysql.html
38. sudo apt-get install apache2 -y
39. sudo apt-get install mysql-server libapache2-mod-auth-mysql php5-mysql -y
40. sudo mysql_install_db
41. sudo apt-get install php5 libapache2-mod-php5 php5-mcrypt -y
42. sudo a2enmod ssl
43. sudo a2ensite default-ssl
44. sudo service apache2 restart
45. # disable apache directory listing
46. sudo sed -i 's!Options Indexes FollowSymLinks MultiViews!Options All FollowSymLinks MultiViews -Indexes!g' /etc/apache2/sites-available/default
47. sudo sed -i 's!Options Indexes FollowSymLinks MultiViews!Options All FollowSymLinks MultiViews -Indexes!g' /etc/apache2/sites-available/default-ssl            
48. sudo service apache2 restart
49. #
50. # install webbased admin for MySQL
51. sudo apt-get install phpmyadmin -y
52. # install mediawiki for documentation and phpbb for forum discussion
53. sudo apt-get install mediawiki imagemagick mediawiki-math php5-gd -y
54. sudo apt-get install phpbb3 -y
55. #
56. # install munin monitoring
57. # https://help.ubuntu.com/lts/serverguide/munin.html
58. # http://munin-monitoring.org/
59. # https://www.digitalocean.com/community/articles/how-to-install-munin-on-an-ubuntu-vps
60. sudo apt-get install sysstat -y
61. sudo apt-get install munin -y
62. sudo apt-get install munin-node -y
63. sudo apt-get install munin-plugins-extra -y
64. sudo mkdir /var/www/munin
65. sudo chown munin:munin /var/www/munin
66. #
67. sudo sed -i 's!# dbdir!dbdir!g' /etc/munin/munin.conf
68. sudo sed -i 's!# htmldir /var/cache/munin/www!htmldir /var/cache/munin/www!g' /etc/munin/munin.conf
69. sudo sed -i 's!# logdir /var/log/munin!logdir /var/log/munin!g' /etc/munin/munin.conf
70. sudo sed -i 's!# rundir  /var/run/munin!rundir  /var/run/munin!g' /etc/munin/munin.conf
71. #
72. sudo sed -i '$ a\tmpldir /etc/munin/templates'  /etc/munin/munin.conf
73. sudo sed -i '$ a\[ServerMonitor]'  /etc/munin/munin.conf
74. sudo sed -i '$ a\address 127.0.0.1'  /etc/munin/munin.conf
75. sudo sed -i '$ a\use_node_name yes'  /etc/munin/munin.conf
76. #
77. sudo sed -i 's!localhost 127.0.0.0/8 ::1!all!g' /etc/munin/apache.conf
78. #
79. sudo sed -i '$ a\[iostat]'  /etc/munin/plugin-conf.d/munin-node
80. sudo sed -i '$ a\env.SHOW_NUMBERED 1'  /etc/munin/plugin-conf.d/munin-node
81. #
82. #
83. sudo service munin-node restart
84. sudo service apache2 restart
85. #
86. # install nagios
87. ### op server:
88. sudo apt-get install nagios-nrpe-server -y
89. # op remote host:
90. sudo apt-get install nagios3 nagios-nrpe-plugin -y
91. # change the password for the nagiosadmin user:
92. sudo htpasswd /etc/nagios3/htpasswd.users nagiosadmin
93. # add a user:
94. sudo htpasswd /etc/nagios3/htpasswd.users henry
95. #
96. # https://docs.puppetlabs.com/guides/install_puppet/post_install.html#configure-a-puppet-master-server
97. #
98. wget https://apt.puppetlabs.com/puppetlabs-release-trusty.deb
99. sudo dpkg -i puppetlabs-release-precise.deb
100. sudo apt-get update
101. sudo apt-get install puppetmaster-passenger -y
102. sudo apt-get install puppetmaster -y
103. # upgrade!
104. # sudo apt-get update
105. # sudo puppet resource package puppetmaster ensure=latest
106. #
107. # SSH security
108. # install OpenSSH server
109. sudo apt-get install openssh-server -y
110. sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.factory-defaults
111. sudo chmod a-w /etc/ssh/sshd_config.factory-defaults
112. sudo sed -i '$ a\ClientAliveInterval 300'  /etc/ssh/sshd_config
113. sudo sed -i '$ a\ClientAliveCountMax 0'  /etc/ssh/sshd_config
114. #
115. # configuratie firewall (ip4+ip6) https://help.ubuntu.com/14.04/serverguide/firewall.html
116. sudo ufw enable
117. sudo ufw logging on
118. sudo ufw allow 22
119. sudo ufw allow 80
120. sudo ufw allow 443
121. sudo ufw allow 8140
122. #
123. sudo reboot