Keep your puppet manifests under some sort of source code management.
There I said it.
Rolling back will save your bacon at least once, probably more than that.
Here’s how you setup puppet under git on a remote host.
Install gitosis ( a tool for easily managing git repos) – The installation creates user gitosis with homedir /srv/gitosis
sudo apt-get install gitosis cp ~/.ssh/id_rsa.pub /tmp/.a chmod 644 /tmp/.a sudo su - gitosis -c "gitosis-init < /tmp/.a" rm /tmp/.a
Generate an ssh key as the user puppet on your puppet master
sudo su - puppet ssh-keygen
Gitosis is configured as a git repository, so checkout the admin repo and add in the puppet user and the puppet project.
cd SOMEDIR git clone gitosis@:gitosis-admin.git cd gitosis-admin/ cat << EOF >> gitosis.conf [group puppetmasters] members = chris@chimp puppet@PUPPET_MASTER writable = puppet EOF
copy over the puppet key /home/puppet/.ssh/id_rsa.pub into the keydir and push the changes to git
scp puppet@puppet:/home/puppet/.ssh/id_rsa.pub keydir/puppet@PUPPET_MASTER.pub git commit -a -m "puppet added to gitosis" git push
#make sure /etc/puppet is owned by the user puppet on the puppet master
sudo chown -R puppet:puppet /etc/puppet
cd /etc/puppet git init git remote add origin gitosis@:puppet.git git add * git commit -m "initial add" git push origin master:refs/heads/master
Finally, add in the following to crontab on your puppet master to make sure changes get checked out every two minutes
MAITO=chris@EXAMPLE.com */2 * * * * cd /etc/puppet && /usr/bin/git pull origin master:refs/heads/master > /tmp/puppetmaster.log 2>&1
This might seem like a lot of trouble to go to, but it will prove useful in the future,especially when I get to the subjects of environments and testing.
Git will also prove useful when managing large file trees and can also be used as a puppet provider.