Let’s say you wanted to tie into Puppet’s inventory service from a PHP app.
I wanted to do just that, so I started googling around to see if someone already done it. I found an Ubersmith plugin that had some code and a great writeup on generating the certificate, which I’ll paraphrase here.
To generate a certificate called
somecert on your puppetmaster, run this:
puppet cert generate somecert cat /var/lib/puppet/ssl/private_keys/somecert.pem /var/lib/puppet/ssl/certs/somecert.pem > /tmp/testcert.txt
Then you’ll need to copy testcert.txt off to the machine where you’ll be running the php code.
Here’s some code to run on the php server. Depending on your environment, you might need to replace the puppetmaster’s hostname. Replace server.example.com with the name of one of your puppet-controlled nodes.
<?php $curl = curl_init('https://puppet:8140/production/facts/server.example.com'); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_SSLCERT, '/tmp/testcert.txt'); curl_setopt($curl, CURLOPT_HEADER, 0); $extraHeaders = array( 'Accept: yaml', ); curl_setopt($curl, CURLOPT_HTTPHEADER, $extraHeaders); $response = curl_exec($curl); $parsed = yaml_parse($response); print_r($parsed);
Note that this is razor-blade code. There’s no error checking or anything. Just a quick example to get you off the ground.