diff --git a/9781430260400.jpg b/9781430260400.jpg
new file mode 100644
index 0000000..8301fbe
Binary files /dev/null and b/9781430260400.jpg differ
diff --git a/LICENSE.txt b/LICENSE.txt
new file mode 100644
index 0000000..821b9a2
--- /dev/null
+++ b/LICENSE.txt
@@ -0,0 +1,27 @@
+Freeware License, some rights reserved
+
+Copyright (c) 2013 Spencer Krum, William Van Hevelingen, Ben Kero, James Turnbull, and Jeffrey McCune
+
+Permission is hereby granted, free of charge, to anyone obtaining a copy
+of this software and associated documentation files (the "Software"),
+to work with the Software within the limits of freeware distribution and fair use.
+This includes the rights to use, copy, and modify the Software for personal use.
+Users are also allowed and encouraged to submit corrections and modifications
+to the Software for the benefit of other users.
+
+It is not allowed to reuse, modify, or redistribute the Software for
+commercial use in any way, or for a user’s educational materials such as books
+or blog articles without prior permission from the copyright holder.
+
+The above copyright notice and this permission notice need to be included
+in all copies or substantial portions of the software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS OR APRESS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..484f882
--- /dev/null
+++ b/README.md
@@ -0,0 +1,15 @@
+#Apress Source Code
+
+This repository accompanies [*Pro Puppet*](http://www.apress.com/9781430260400) by Spencer Krum, William Van Hevelingen, Ben Kero, James Turnbull, and Jeffrey McCune (Apress, 2013).
+
+
+
+Download the files as a zip using the green button, or clone the repository to your machine using Git.
+
+##Releases
+
+Release v1.0 corresponds to the code in the published book, without corrections or updates.
+
+##Contributions
+
+See the file Contributing.md for more information on how you can contribute to this repository.
diff --git a/contributing.md b/contributing.md
new file mode 100644
index 0000000..f6005ad
--- /dev/null
+++ b/contributing.md
@@ -0,0 +1,14 @@
+# Contributing to Apress Source Code
+
+Copyright for Apress source code belongs to the author(s). However, under fair use you are encouraged to fork and contribute minor corrections and updates for the benefit of the author(s) and other readers.
+
+## How to Contribute
+
+1. Make sure you have a GitHub account.
+2. Fork the repository for the relevant book.
+3. Create a new branch on which to make your change, e.g.
+`git checkout -b my_code_contribution`
+4. Commit your change. Include a commit message describing the correction. Please note that if your commit message is not clear, the correction will not be accepted.
+5. Submit a pull request.
+
+Thank you for your contribution!
\ No newline at end of file
diff --git a/source-code-master/ch01/bootstrap.sh b/source-code-master/ch01/bootstrap.sh
new file mode 100644
index 0000000..5346d1a
--- /dev/null
+++ b/source-code-master/ch01/bootstrap.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+# short script to install puppet on a few different system
+
+#Debian Squeeze:
+
+tempdir=/tmp/pro-puppet
+
+pushd $tempdir
+
+wget http://apt.puppetlabs.com/puppetlabs-release-squeeze.deb
+dpkg -i puppetlabs-release-squeeze.deb
+apt-get update
+
+#Ubuntu Precise:
+
+wget http://apt.puppetlabs.com/puppetlabs-release-precise.deb
+dpkg -i puppetlabs-release-precise.deb
+apt-get update
+
+
+rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
+
+#Enterprise Linux 6:
+
+rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
+vh http://yum.puppetlabs.com/el/5/products/i386/puppetlabs-release-5-7.noarch.rpm
+
+Enterprise Linux 6:
+
+rpm -ivh http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm
+
+popd
+
+rm -fr $tempdir
+
diff --git a/source-code-master/ch01/site.pp b/source-code-master/ch01/site.pp
new file mode 100644
index 0000000..ff73478
--- /dev/null
+++ b/source-code-master/ch01/site.pp
@@ -0,0 +1,28 @@
+
+
+node ' node1.pro-puppet.com ' {
+ package { 'vim':
+ ensure => present,
+ }
+}
+
+node /^www\d+\.pro-puppet\.com/
+{
+...
+}
+
+
+node 'node1.pro-puppet.com' {
+ include sudo
+}
+
+node /node1/ {
+ include ::sudo
+}
+node /node2/ {
+ class { '::sudo':
+ users => ['tom', 'jerry'],
+ }
+}
+
+
diff --git a/source-code-master/ch01/sudo/manifests/init.pp b/source-code-master/ch01/sudo/manifests/init.pp
new file mode 100644
index 0000000..e48cd5a
--- /dev/null
+++ b/source-code-master/ch01/sudo/manifests/init.pp
@@ -0,0 +1,21 @@
+class sudo {
+
+ package { 'sudo':
+ ensure => present,
+ }
+
+ if $::osfamily == 'Debian' {
+ package { 'sudo-ldap':
+ ensure => present,
+ require => Package['sudo'],
+ }
+ }
+
+ file { '/etc/sudoers':
+ owner => 'root',
+ group => 'root',
+ mode => '0440',
+ source => "puppet://$::server/modules/sudo/etc/sudoers",
+ require => Package['sudo'],
+ }
+}
diff --git a/source-code-master/ch02/apache/manifests/init.pp b/source-code-master/ch02/apache/manifests/init.pp
new file mode 100644
index 0000000..e69de29
diff --git a/source-code-master/ch02/apache/manifests/install.pp b/source-code-master/ch02/apache/manifests/install.pp
new file mode 100644
index 0000000..76f8d1f
--- /dev/null
+++ b/source-code-master/ch02/apache/manifests/install.pp
@@ -0,0 +1,5 @@
+class apache::install {
+ package { [ 'apache2' ]:
+ ensure => present,
+ }
+}
diff --git a/source-code-master/ch02/apache/manifests/service.pp b/source-code-master/ch02/apache/manifests/service.pp
new file mode 100644
index 0000000..852a317
--- /dev/null
+++ b/source-code-master/ch02/apache/manifests/service.pp
@@ -0,0 +1,9 @@
+class apache::service {
+ service { "apache2":
+ ensure => running,
+ hasstatus => true,
+ hasrestart => true,
+ enable => true,
+ require => Class['apache::install'],
+ }
+}
diff --git a/source-code-master/ch02/apache/manifests/vhost.pp b/source-code-master/ch02/apache/manifests/vhost.pp
new file mode 100644
index 0000000..44d6ade
--- /dev/null
+++ b/source-code-master/ch02/apache/manifests/vhost.pp
@@ -0,0 +1,18 @@
+define apache::vhost(
+ $docroot,
+ $port,
+ $priority,
+ $ssl=true,
+ $serveraliases = '',
+ $template='apache/vhost.conf.erb',
+){
+ include apache
+ file {"/etc/apache2/sites-enabled/${priority}-${name}":
+ content => template($template),
+ owner => 'root',
+ group => 'root',
+ mode => '0640',
+ require => Class['apache::install'],
+ notify => Class['apache::service'],
+ }
+}
diff --git a/source-code-master/ch02/apache/template/vhost.erb b/source-code-master/ch02/apache/template/vhost.erb
new file mode 100644
index 0000000..51cb6e3
--- /dev/null
+++ b/source-code-master/ch02/apache/template/vhost.erb
@@ -0,0 +1,32 @@
+NameVirtualHost *:<%= @port %>
+>
+ServerName <%= @name %>
+<%if @serveraliases.is_a? Array -%>
+<% @serveraliases.each do |name| -%><%= " ServerAlias #{@name}\n" %><% end
+-%>
+<% elsif @serveraliases != '' -%>
+<%= " ServerAlias #{@serveraliases}" -%>
+<% end -%>
+DocumentRoot <%= @docroot %>
+>
+Options Indexes FollowSymLinks MultiViews
+AllowOverride None
+Order allow,deny
+allow from all
+
+ErrorLog /var/log/apache2/<%= @name %>_error.log
+LogLevel warn
+CustomLog /var/log/apache2/<%= @name %>_access.log combined
+ServerSignature On
+
+Each parameter specified in the definition is used, including the
+$name
+variable to name the virtual host
+we’re creating.
+You can also see some embedded Ruby in our ERB template :
+<%if @serveraliases.is_a? Array -%>
+<% @serveraliases.each do |name| -%><%= " ServerAlias #{@name}\n" %><% end
+-%>
+<% elsif @serveraliases != '' -%>
+<%= " ServerAlias #{@serveraliases}" -%>
+<% end -%>
diff --git a/source-code-master/ch02/kickstart.ks b/source-code-master/ch02/kickstart.ks
new file mode 100644
index 0000000..fcfbba6
--- /dev/null
+++ b/source-code-master/ch02/kickstart.ks
@@ -0,0 +1,30 @@
+# Add Puppetlabs apt-repo gpg key
+gpg --keyserver pgp.mit.edu --recv-keys 4BD6EC30 && gpg --export --armor 4BD6EC30 | apt-key add -
+# Add Puppetlabs apt repo
+cat > /etc/apt/sources.list.d/puppetlabs.list <<-EOF
+CHAPTER 2 â– BUILDING HOSTS WITH PUPPET
+3
+# puppetlabs
+deb http://apt.puppetlabs.com precise main
+deb-src http://apt.puppetlabs.com precise main
+EOF
+# Install puppet
+/usr/bin/apt-get -y install puppet
+# Make puppet startable
+/bin/sed -i 's/START\=no/START\=yes/' '/etc/default/puppet'
+# Create a puppet.conf file
+cat > /etc/puppet/puppet.conf <<-EOF
+[main]
+logdir=/var/log/puppet
+vardir=/var/lib/puppet
+ssldir=/var/lib/puppet/ssl
+rundir=/var/run/puppet
+factpath=$vardir/lib/facter
+pluginsync=true
+runinterval=1380
+configtimeout=600
+splay=true
+report=true
+server = puppet.example.com
+ca_server = puppetca.example.com
+EOF
diff --git a/source-code-master/ch02/mysql/manifests/config.pp b/source-code-master/ch02/mysql/manifests/config.pp
new file mode 100644
index 0000000..9a9947f
--- /dev/null
+++ b/source-code-master/ch02/mysql/manifests/config.pp
@@ -0,0 +1,19 @@
+class mysql::config (
+ $user,
+ $group,
+){
+ file { '/opt/csw/mysql5/my.cnf':
+ ensure => present,
+ source => 'puppet:///modules/mysql/my.cnf',
+ owner => $user,
+ group => $group,
+ require => Class['mysql::install'],
+ notify => Class['mysql::service'],
+ }
+ file { '/opt/csw/mysql5/var':
+ group => $user,
+ owner => $group,
+ recurse => true,
+ require => File['/opt/csw/mysql5/my.cnf'],
+ }
+}
diff --git a/source-code-master/ch02/mysql/manifests/init.pp b/source-code-master/ch02/mysql/manifests/init.pp
new file mode 100644
index 0000000..8c0b439
--- /dev/null
+++ b/source-code-master/ch02/mysql/manifests/init.pp
@@ -0,0 +1,19 @@
+class mysql (
+ $group = 'mysql',
+ $service_enabled = true,
+ $service_running = true,
+ $user = 'mysql'
+){
+ class { 'mysql::install':
+ user => $user,
+ group => $group,
+ }
+ class { 'mysql::config':
+ user => $user,
+ group => $group,
+ }
+ class { 'mysql::service':
+ ensure => $service_running,
+ enabled => $service_enabled,
+ }
+}
diff --git a/source-code-master/ch02/mysql/manifests/install.pp b/source-code-master/ch02/mysql/manifests/install.pp
new file mode 100644
index 0000000..2ac059d
--- /dev/null
+++ b/source-code-master/ch02/mysql/manifests/install.pp
@@ -0,0 +1,26 @@
+class mysql::install (
+ $user,
+ $group
+){
+
+ $mysql_pkgs = ['mysql5',
+ 'mysql5client',
+ 'mysql5rt',
+ 'mysql5test',
+ 'mysql5devel' ]
+
+ package { $mysql_pkgs:
+ ensure => present,
+ require => User[$user],
+ }
+ user { $user:
+ ensure => present,
+ comment => 'MySQL user',
+ gid => $group,
+ shell => '/bin/false',
+ require => Group[$group],
+ }
+ group { $group:
+ ensure => present,
+ }
+}
diff --git a/source-code-master/ch02/mysql/manifests/service.pp b/source-code-master/ch02/mysql/manifests/service.pp
new file mode 100644
index 0000000..c9db3a3
--- /dev/null
+++ b/source-code-master/ch02/mysql/manifests/service.pp
@@ -0,0 +1,12 @@
+class mysql::service (
+ enabled,
+ ensure,
+){
+ service { 'cswmysql5':
+ ensure => $ensure,
+ hasstatus => true,
+ hasrestart => true,
+ enabled => $enabled,
+ require => Class['mysql::config'],
+ }
+}
diff --git a/source-code-master/ch02/postfix/manifests/config.pp b/source-code-master/ch02/postfix/manifests/config.pp
new file mode 100644
index 0000000..aadb609
--- /dev/null
+++ b/source-code-master/ch02/postfix/manifests/config.pp
@@ -0,0 +1,19 @@
+class postfix::config {
+ File {
+ owner => 'postfix',
+ group => 'postfix',
+ mode => 0644,
+ }
+ file { '/etc/postfix/master.cf':
+ ensure => present,
+ source => 'puppet:///modules/postfix/master.cf',
+ require => Class['postfix::install'],
+ notify => Class['postfix::service'],
+ }
+ file { '/etc/postfix/main.cf':
+ ensure => present,
+ content => template('postfix/main.cf.erb'),
+ require => Class['postfix::install'],
+ notify => Class['postfix::service'],
+ }
+}
diff --git a/source-code-master/ch02/postfix/manifests/init.pp b/source-code-master/ch02/postfix/manifests/init.pp
new file mode 100644
index 0000000..e5789d2
--- /dev/null
+++ b/source-code-master/ch02/postfix/manifests/init.pp
@@ -0,0 +1,5 @@
+class postfix {
+ include postfix::install
+ include postfix::config
+ include postfix::service
+}
diff --git a/source-code-master/ch02/postfix/manifests/package.pp b/source-code-master/ch02/postfix/manifests/package.pp
new file mode 100644
index 0000000..23ee121
--- /dev/null
+++ b/source-code-master/ch02/postfix/manifests/package.pp
@@ -0,0 +1,5 @@
+class postfix::package {
+ package { [ "postfix", "mailx" ]:
+ ensure => present,
+ }
+}
diff --git a/source-code-master/ch02/postfix/manifests/service.pp b/source-code-master/ch02/postfix/manifests/service.pp
new file mode 100644
index 0000000..abc34c3
--- /dev/null
+++ b/source-code-master/ch02/postfix/manifests/service.pp
@@ -0,0 +1,9 @@
+class postfix::service {
+ service { 'postfix':
+ ensure => running,
+ hasstatus => true,
+ hasrestart => true,
+ enable => true,
+ require => Class['postfix::config'],
+ }
+}
diff --git a/source-code-master/ch02/postfix/templates/postfix.cf.erb b/source-code-master/ch02/postfix/templates/postfix.cf.erb
new file mode 100644
index 0000000..a451c20
--- /dev/null
+++ b/source-code-master/ch02/postfix/templates/postfix.cf.erb
@@ -0,0 +1,14 @@
+soft_bounce = no
+command_directory = /usr/sbin
+daemon_directory = /usr/libexec/postfix
+mail_owner = postfix
+myhostname = <%= @hostname %>
+mydomain = <%= @domain %>
+myorigin = $mydomain
+mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
+unknown_local_recipient_reject_code = 550
+relay_domains = $mydestination
+smtpd_reject_unlisted_recipient = yes
+unverified_recipient_reject_code = 550
+smtpd_banner = $myhostname ESMTP
+setgid_group = postdrop
diff --git a/source-code-master/ch02/site.pp b/source-code-master/ch02/site.pp
new file mode 100644
index 0000000..b4ce7df
--- /dev/null
+++ b/source-code-master/ch02/site.pp
@@ -0,0 +1,57 @@
+node 'puppet.example.com'
+{
+# Puppet code wll go here
+}
+node 'web.example.com'
+{
+# Puppet code will go here
+}
+node 'db.example.com'
+{
+# Puppet code will go here
+}
+node 'mail.example.com'
+{
+# Puppet code will go here
+}
+
+
+node 'web1.example.com',
+ 'web2.example.com',
+ 'web3.example.com'
+{
+# Puppet code goes here
+}
+
+
+node /^web\d+\.example\.com$/
+{
+# Puppet code goes here
+}
+
+node default {
+ include defaultclass
+}
+
+
+
+
+node 'db.example.com' {
+ class { 'mysql':
+ user => 'staging-mysql',
+ service_running => false,
+ service_enabled => false,
+ }
+}
+
+node 'www.something.com' {
+
+ apache::vhost { 'www.example.com':
+ port => '80',
+ docroot => '/var/www/www.example.com',
+ ssl => false,
+ priority => '10',
+ serveraliases => 'home.example.com', }
+ }
+
+}
diff --git a/source-code-master/ch02/ssh/manifests/config.pp b/source-code-master/ch02/ssh/manifests/config.pp
new file mode 100644
index 0000000..c0a111f
--- /dev/null
+++ b/source-code-master/ch02/ssh/manifests/config.pp
@@ -0,0 +1,11 @@
+class ssh::config {
+ file { "/etc/ssh/sshd_config":
+ ensure => present,
+ owner => 'root',
+ group => 'root',
+ mode => 0600,
+ source => "puppet:///modules/ssh/sshd_config",
+ require => Class["ssh::package"],
+ notify => Class["ssh::service"],
+ }
+}
diff --git a/source-code-master/ch02/ssh/manifests/init.pp b/source-code-master/ch02/ssh/manifests/init.pp
new file mode 100644
index 0000000..dad57b4
--- /dev/null
+++ b/source-code-master/ch02/ssh/manifests/init.pp
@@ -0,0 +1,6 @@
+class ssh {
+ class { '::ssh::package': } ->
+ class { '::ssh::config': } ->
+ class { '::ssh::service':} ->
+ Class['ssh']
+}
diff --git a/source-code-master/ch02/ssh/manifests/install.pp b/source-code-master/ch02/ssh/manifests/install.pp
new file mode 100644
index 0000000..d33d4f8
--- /dev/null
+++ b/source-code-master/ch02/ssh/manifests/install.pp
@@ -0,0 +1,6 @@
+class ssh::install {
+ package { "openssh":
+ ensure => present,
+ }
+}
+
diff --git a/source-code-master/ch02/ssh/manifests/params.pp b/source-code-master/ch02/ssh/manifests/params.pp
new file mode 100644
index 0000000..535e257
--- /dev/null
+++ b/source-code-master/ch02/ssh/manifests/params.pp
@@ -0,0 +1,16 @@
+class ssh::params {
+ case $::osfamily {
+ Solaris: {
+ $ssh_package_name = 'openssh'
+ }
+ Debian: {
+ $ssh_package_name = 'openssh-server'
+ }
+ RedHat: {
+ $ssh_package_name = 'openssh-server'
+ }
+ default: {
+ fail("Module propuppet-ssh does not support osfamily: ${::osfamily}")
+ }
+ }
+}
diff --git a/source-code-master/ch02/ssh/manifests/service.pp b/source-code-master/ch02/ssh/manifests/service.pp
new file mode 100644
index 0000000..1e96f6d
--- /dev/null
+++ b/source-code-master/ch02/ssh/manifests/service.pp
@@ -0,0 +1,9 @@
+class ssh::service {
+ service { "sshd":
+ ensure => running,
+ hasstatus => true,
+ hasrestart => true,
+ enable => true,
+ require => Class["ssh::config"],
+ }
+}
diff --git a/source-code-master/ch03/post-receive.sh b/source-code-master/ch03/post-receive.sh
new file mode 100644
index 0000000..95d7ccc
--- /dev/null
+++ b/source-code-master/ch03/post-receive.sh
@@ -0,0 +1,69 @@
+#
+# Hook to update the /etc/puppetlabs/puppet with the lastest git changes.
+# Licensed Apache 2.0
+#
+# To enable this hook, name this file "post-receive".
+syncuser="puppetsync"
+gituser="gitolite"
+gitserver="hostname.example.com"
+gitrepo="puppet.git"
+destination="/etc/puppetlabs/puppet/environments"
+puppetmasters="pm1.example.com pm2.example.com"
+
+## repo information
+BRANCH_DIR=$destination
+SSH_ARGS="-o ConnectTimeout=10 -o StrictHostKeyChecking=no"
+
+## Functions
+function update_puppet () {
+ ## Git update for us-east puppetmaster
+
+ server=$1
+ BRANCH=`echo $2 | sed -n 's/^refs\/heads\///p'`
+ REPO="${gituser}@${gitserver}:${gitrepo}"
+ echo "INFO: updating puppet repo on $server"
+
+ if [ "$newrev" -eq 0 ] 2> /dev/null ; then
+ # branch is being deleted
+ echo "Deleting remote branch $BRANCH_DIR/$BRANCH"
+ ssh $SSH_ARGS ${syncuser}@${server} /bin/sh <<-EOF
+ cd $BRANCH_DIR && rm -rf $BRANCH
+EOF
+ else
+ # branch is being updated
+ echo "Updating remote branch $BRANCH_DIR/$BRANCH"
+ ssh $SSH_ARGS ${syncuser}@${server} /bin/sh <<-EOF
+ { cd $BRANCH_DIR/$BRANCH 2> /dev/null \
+ && git fetch --all \
+ && git reset --hard 'origin/$BRANCH' \
+ && git submodule sync \
+ && git submodule update --init ; } \
+ || { mkdir -p $BRANCH_DIR \
+ && cd $BRANCH_DIR \
+ && git clone $REPO $BRANCH --branch $BRANCH \
+ && cd $BRANCH \
+ && git submodule update --init; }
+EOF
+ fi
+
+ stat=$?
+ if [[ $stat != 0 ]] ; then
+ echo -e "ERROR: unable to update ${server}:${destination}"
+ echo -e "INFO:check the configuration and run the update on the server again"
+ exit $status
+ else
+ echo
+ echo "INFO: update of puppet repo on $server complete"
+ echo
+ fi
+
+}
+
+## Script
+while read oldrev newrev refname; do
+ for host in $puppetmasters ; do
+ update_puppet $host $refname
+ done
+done
+
+exit $stat
diff --git a/source-code-master/ch04/Vagrantfile b/source-code-master/ch04/Vagrantfile
new file mode 100644
index 0000000..697ec8e
--- /dev/null
+++ b/source-code-master/ch04/Vagrantfile
@@ -0,0 +1,26 @@
+Vagrant::Config.run do |config|
+# centos64 base box is from https://cat.pdx.edu/~nibz/vagrant/centos-6.4-amd64.box
+# but basically any (functional) centos6 box should work
+# the centos6 box on vagrantbox.es was broken at time of writing
+ config.vm.define :puppet_master_1 do |puppet_master_1|
+ puppet_master_1.vm.box = "centos64"
+ puppet_master_1.vm.network :hostonly, "192.168.1.10"
+ end
+
+ config.vm.define :puppet_master_2 do |puppet_master_2|
+ puppet_master_2.vm.box = "centos64"
+ puppet_master_2.vm.network :hostonly, "192.168.1.11"
+ end
+ config.vm.define :puppet_client_1 do |puppet_client_1|
+ puppet_client_1.vm.box = "centos64"
+ puppet_client_1.vm.network :hostonly, "192.168.1.12"
+ end
+ config.vm.define :puppet_ca_1 do |puppet_ca_1|
+ puppet_ca_1.vm.box = "centos64"
+ puppet_ca_1.vm.network :hostonly, "192.168.1.13"
+ end
+ config.vm.define :puppet_ca_2 do |puppet_ca_2|
+ puppet_ca_2.vm.box = "centos64"
+ puppet_ca_2.vm.network :hostonly, "192.168.1.14"
+ end
+end
diff --git a/source-code-master/ch04/puppet_master_fast.sh b/source-code-master/ch04/puppet_master_fast.sh
new file mode 100644
index 0000000..2fad780
--- /dev/null
+++ b/source-code-master/ch04/puppet_master_fast.sh
@@ -0,0 +1,123 @@
+rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
+
+rpm -ivh http://yum.puppetlabs.com/el/6/products/i386/puppetlabs-release-6-7.noarch.rpm
+
+yum install -y puppet-server
+puppet master
+pgrep -lf puppet
+ls /etc/init.d/puppet*
+/etc/init.d/puppet stop
+/etc/init.d/puppetmaster stop
+/etc/init.d/puppetqueue stop
+chkconfig puppetmaster off
+
+puppet resource package httpd ensure=present
+
+puppet resource package mod_ssl ensure=present
+
+puppet resource service httpd ensure=stopped
+
+puppet resource package rubygems ensure=present
+
+puppet resource package rack ensure=present provider=gem
+puppet resource package passenger ensure=present provider=gem
+
+yum install -y curl-devel ruby-devel httpd-devel apr-devel apr-util-devel make
+
+
+passenger-install-apache2-module
+
+
+cat > /etc/httpd/conf.d/passenger.conf << EOF
+LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10/buildout/apache2/mod_passenger.so
+PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-4.0.10
+PassengerRuby /usr/bin/ruby
+
+# And the passenger performance tuning settings:
+PassengerHighPerformance On
+# Set this to about 1.5 times the number of CPU cores in your master:
+PassengerMaxPoolSize 6
+# Recycle master processes after they service 1000 requests
+PassengerMaxRequests 1000
+# Stop processes if they sit idle for 10 minutes
+PassengerPoolIdleTime 600
+
+Listen 8140
+
+ SSLEngine On
+
+ # Only allow high security cryptography. Alter if needed for compatibility.
+ SSLProtocol All -SSLv2
+ SSLCipherSuite HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP
+ SSLCertificateFile /var/lib/puppet/ssl/certs/pro-puppet-master-centos.pem
+ SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/pro-puppet-master-centos.pem
+ SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
+ SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
+ SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
+ SSLVerifyClient optional
+ SSLVerifyDepth 1
+ SSLOptions +StdEnvVars +ExportCertData
+
+ # These request headers are used to pass the client certificate
+ # authentication information on to the puppet master process
+ RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
+ RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
+ RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
+
+ PassengerEnabled On
+ DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/
+
+ Options None
+ AllowOverride None
+ Order Allow,Deny
+ Allow from All
+
+
+
+EOF
+
+
+mkdir -p /usr/share/puppet/rack/puppetmasterd/{public,tmp}
+
+
+
+cat > /usr/share/puppet/rack/puppetmasterd/config.ru << EOF
+# a config.ru, for use with every rack-compatible webserver.
+# SSL needs to be handled outside this, though.
+
+# if puppet is not in your RUBYLIB:
+# \$LOAD_PATH.unshift('/opt/puppet/lib')
+
+\$0 = "master"
+
+# if you want debugging:
+# ARGV << "--debug"
+
+ARGV << "--rack"
+
+# Rack applications typically don't start as root. Set --confdir and --vardir
+# to prevent reading configuration from ~puppet/.puppet/puppet.conf and writing
+# to ~puppet/.puppet
+ARGV << "--confdir" << "/etc/puppet"
+ARGV << "--vardir" << "/var/lib/puppet"
+
+# NOTE: it's unfortunate that we have to use the "CommandLine" class
+# here to launch the app, but it contains some initialization logic
+# (such as triggering the parsing of the config file) that is very
+# important. We should do something less nasty here when we've
+# gotten our API and settings initialization logic cleaned up.
+#
+# Also note that the "\$0 = master" line up near the top here is
+# the magic that allows the CommandLine class to know that it's
+# supposed to be running master.
+#
+# --cprice 2012-05-22
+
+require 'puppet/util/command_line'
+# we're usually running inside a Rack::Builder.new {} block,
+# therefore we need to call run *here*.
+run Puppet::Util::CommandLine.new.execute
+
+EOF
+
+chown puppet /usr/share/puppet/rack/puppetmasterd/config.ru