From 1dd26d4b0030bdb04f072398ea0d77e78c00615d Mon Sep 17 00:00:00 2001
From: =?utf8?q?Franti=C5=A1ek=20Dvo=C5=99=C3=A1k?= <valtri@civ.zcu.cz>
Date: Thu, 10 Dec 2015 20:22:47 +0100
Subject: [PATCH] Enable puppet, enable kerberos ssh.

---
 lxc.sh      |  8 ++++++--
 puppet.conf | 14 ++++++++++++++
 2 files changed, 20 insertions(+), 2 deletions(-)
 create mode 100644 puppet.conf

diff --git a/lxc.sh b/lxc.sh
index 3de64fa..c181fe2 100755
--- a/lxc.sh
+++ b/lxc.sh
@@ -99,9 +99,13 @@ valtri@ADMIN.META
 xparak@ADMIN.META
 __EOF__
 
-  rm -rf /var/lib/puppet/ssl/* || :
+    cp -v `dirname $0`/puppet.conf etc/puppet/
+    sed -i -e 's/^\(START\)=.*/\1=yes/' /etc/default/puppet
+    rm -rf /var/lib/puppet/ssl/* || :
 
-  cd
+    sed -i -e 's/^#\(GSSAPIAuthentication\).*/\1 yes/' /etc/ssh/sshd_config
+
+    cd
 }
 
 
diff --git a/puppet.conf b/puppet.conf
new file mode 100644
index 0000000..d02e10a
--- /dev/null
+++ b/puppet.conf
@@ -0,0 +1,14 @@
+[main]
+logdir=/var/log/puppet
+vardir=/var/lib/puppet
+ssldir=/var/lib/puppet/ssl
+rundir=/var/run/puppet
+factpath=$vardir/lib/facter
+templatedir=$confdir/templates
+server = myriad7.zcu.cz
+
+[master]
+# These are needed when the puppetmaster is run by passenger
+# and can safely be removed if webrick is used.
+ssl_client_header = SSL_CLIENT_S_DN 
+ssl_client_verify_header = SSL_CLIENT_VERIFY
-- 
1.8.2.3