Configure Foreman

  1. Act as with /etc/puppet

  2. /etc/foreman/settings.yaml

    ---
    #your default puppet server - can be overridden in the host level
    #if none specified, plain "puppet" will be used.
    #:puppet_server: puppet
    :unattended: true
    :puppetconfdir: /etc/puppet/puppet.conf
    :login: true
    :require_ssl: false
    	  

  3. /etc/foreman/database.yml

    production:
      adapter: postgresql
      database: puppetdb
      username: puppetdb
      password: 6QuI4O9aSyJDFkxpQrJ6sTRiHRsZuKmpMd5CVkNy
      host: localhost
      encoding: unicode
    	  

    /etc/default/foreman>:

    START=yes
    	  

  4. /etc/default/foreman-proxy:

    DAEMON_USER="foreman-proxy:foreman-proxy"
    DAEMON_HOME="/usr/share/foreman-proxy"
    DAEMON_ARGS=""
    	  

    /etc/foreman-proxy/settings.yml:

    ---
    # SSL Setup
    
    :trusted_hosts:
    - localhost
    - foreman.service.rug.nl
    
    # enable the daemon to run in the background
    :daemon: true
    :daemon_pid: /var/run/foreman-proxy/foreman-proxy.pid
    
    # port used by the proxy
    :port: 8443
    
    # Enable TFTP management
    :tftp: false
    
    # Enable DNS management
    :dns: false
    
    # Enable DHCP management
    :dhcp: false
    # The vendor can be either isc or native_ms
    :dhcp_vendor: isc
    
    # enable PuppetCA management
    :puppetca: false
    
    # enable Puppet management
    :puppet: true
    
    # Where our proxy log files are stored
    # filename or STDOUT
    :log_file: /var/log/foreman-proxy/foreman-proxy.log
    # valid options are
    # WARN, DEBUG, Error, FATAL, INFO, UNKNOWN
    :log_level: INFO
    	  

  5. (This here only for reference, it works, but I didn't actually use it this time.) /etc/apache2/sites-available/foreman

    <VirtualHost *:443>
        ServerName puppet.servers.mydomain.com
     
        RailsAutoDetect On
        RailsEnv production
        DocumentRoot /usr/share/foreman/public
     
        # Use puppet certificates for SSL
        SSLEngine On
        SSLCertificateFile /etc/foreman/ssl/public/cert-11048-puppet.servers.mydomain.com.pem
        SSLCertificateKeyFile /etc/foreman/ssl/private/1353341774-key
        SSLCertificateChainFile /etc/foreman/ssl/public/chain-11048-puppet.servers.mydomain.com-3-AddTrust_External_CA_Root.pem
        SSLCertificateChainFile /etc/foreman/ssl/public/chain-11048-puppet.servers.mydomain.com-2-UTN-USERFirst-Hardware.pem
        SSLCertificateChainFile /etc/foreman/ssl/public/chain-11048-puppet.servers.mydomain.com-1-TERENA_SSL_CA.pem
        #SSLCACertificateFile /var/lib/puppet/ssl/certs/ca.pem
        #SSLVerifyClient optional
        SSLVerifyClient none
        SSLOptions +StdEnvVars
        SSLVerifyDepth 3
    </VirtualHost>
    	  

    apprentice@puppet:~$ sudo a2ensite foreman
    apprentice@puppet:~$ sudo service apache2 reload

    (Getting the actual certificates is not documented here.)

  6. apprentice@puppet:~$ sudo service foreman start
    apprentice@puppet:~$ sudo service foreman-proxy start

    Foreman fails to start

  7. I tried

    apprentice@puppet:/usr/share/foreman$ sudo RAILS_ENV=production bundle exec rake db:migrate
    /usr/share/foreman/vendor/ruby/1.9.1/gems/activerecord-3.0.17/lib/active_record/connection_adapters/postgresql_adapter.rb:518:in `xec': PG::Error: ERROR:  relation "template_kinds" does not exist (ActiveRecord::StatementInvalid)
    LINE 1: SELECT "template_kinds".* FROM "template_kinds" WHERE (name ...
                                           ^
    : SELECT "template_kinds".* FROM "template_kinds" WHERE (name LIKE 'pxelinux')
            from /usr/share/foreman/vendor/ruby/1.9.1/gems/activerecord-3.0.17/lib/active_record/connection_adapters/postgresql_adapter.rb:518:in lock in execute'

    Then I tried:

    apprentice@puppet:/usr/share/foreman$ sudo RAILS_ENV=production bundle exec rake db:migrate
    rake aborted!
    An error has occurred, this and all later migrations canceled:

    PG::Error: ERROR:  integer out of range
    : INSERT INTO "schema_migrations" ("version") VALUES (20090714132448)
    Tasks: TOP => db:migrate

  8. Use a bigint if an integer doesn't cut it...

    apprentice@puppet:~$ sudo sed -i 's/t.column\ :version,\ :integer,/t.column :version, :bigint,/g' /usr/share/foreman/db/migrate/*_add_audits_table.rb
    apprentice@puppet:~$ sudo -u puppetdb psql puppetdb
    Password: 
    psql (9.1.6)
    Type "help" for help.

    puppetdb=> ALTER TABLE schema_migrations ALTER COLUMN version TYPE bigint;
    ALTER TABLE
    puppetdb=> ALTER TABLE schema_migrations ALTER COLUMN time SET DEFAULT now();
    ALTER TABLE
    puppetdb=> \q
    could not save history to file "/usr/share/puppetdb/.psql_history": Permission denied
    apprentice@puppet:~$ sudo RAILS_ENV=production bundle exec rake db:migrate
    apprentice@puppet:~$ sudo service foreman start
    apprentice@puppet:~$ sudo service foreman stop

  9. The GUI just saye there's an error, so we try the command line for more verbosity:

    apprentice@puppet:/usr/share/foreman$ sudo rake puppet:import:puppet_classes[batch] RAILS_ENV=production
    Evaluating possible changes to your installation
    Problems were detected during the evaluation phase

    undefined method 'importClasses' for #<Class:0x00000007175870>

    Please fix these issues and try again

    [Note]Note

    without the [batch] it breaks even sooner.

    At this point I gave up.