[Pkg-puppet-devel] Bug#514550: cannot use different certnames for puppetmaster/puppet on the same host

Matthew Palmer mpalmer at debian.org
Sun Feb 8 22:53:09 UTC 2009


On Sun, Feb 08, 2009 at 05:33:05PM -0500, Micah Anderson wrote:
> * Matthew Palmer <mpalmer at debian.org> [2009-02-08 16:54-0500]:
> > On Sun, Feb 08, 2009 at 10:16:57PM +0100, martin f krafft wrote:
> > > also sprach Matthew Palmer <mpalmer at debian.org> [2009.02.08.2203 +0100]:
> > > > That's how I do it (puppetmaster SSL in a separate directory),
> > > 
> > > I'd like that to be default!
> > 
> > And I'd like a pony.
> 
> I'll take a unicorn!

Yeah, sign me up for one of them too.

> > I'm not the package maintainer, so exclaiming at me isn't going to help your
> > case any.  I'm merely stating that this configuration *can* work, and has
> > worked for me in production environments, so you can use that argument if
> > anyone says "that's not possible", or wants a reference implementation.
> 
> One's default preferences, is another's pain in the ass to migrate
> everyone who has it setup the way it is now. Since I find the defaults
> perfectly fine, I'm happy to entertain that as a default, if you wanna
> come up with how to handle the migration of everyone has things setup
> the way things are now.

Yeah, migrating anything sucks nuts (see my dire attempts at moving config
file locations, which was almost certainly an easier move).

> There probably is one thing that we can all agree on, this should be
> installed right away: http://cornify.com/

I've already cornified a bunch of sites.  It is invariably an improvement.

- Matt





More information about the Pkg-puppet-devel mailing list