1. prereq

curl -s http://d01cid.ddns.net/sharel/bin/inst-httpd | sh

2. installation

yum -y install http://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm
yum -y install http://yum.theforeman.org/releases/latest/el7/x86_64/foreman-release.rpm
yum -y install foreman-installer
Tip replace latest with nightly

3. configuration

foreman-installer
Installing             Done
  Success!
  * Foreman is running at https://srv121.d01.net
      Initial credentials are admin / 4HcX6rpUoeAVyEPT
  * Foreman Proxy is running at https://srv121.d01.net:8443
  * Puppetmaster is running at port 8140
  The full log is at /var/log/foreman-installer/foreman.log
Note patient, this will take 3 minutes.
Tip to (re)generate the password: foreman-rake permissions:reset

https://srv121.d01.net

puppet agent -td

4. certificates

sed -i "s/\[main\]/\[main\]\n    certname = puppet/" /etc/puppet/puppet.conf
sed -i "s/\[main\]/\[main\]\n    dns_alt_names = foreman.d01.net/" /etc/puppet/puppet.conf
sudo -u puppet puppet master --no-deamonize --verbose

5. new host/client

on the master

puppet cert clean srv122.d01.net

on the client

yum -y install http://yum.puppetlabs.com/puppetlabs-release-el-7.noarch.rpm
yum -y install puppet
sed -i "s/\[agent\]/\[agent\]\n    server = foreman.d01.net/" /etc/puppet/puppet.conf
systemctl enable puppet.service
systemctl start puppet.service
rm -fr /var/lib/puppet/ssl/*
systemctl restart puppet.service
puppet agent -td
puppet agent --fingerprint

on the master

puppet cert list
puppet cert sign srv122.d01.net
Tip puppet cert sign --all

6. others

cube /etc/puppet/puppet.conf "show_diff = false" with "show_diff = true"
puppet agent --test
foreman-installer \\
  --enable-foreman-proxy \\
  --foreman-proxy-tftp=true \\
  --foreman-proxy-tftp-servername=192.168.122.130 \\
  --foreman-proxy-dhcp=true \\
  --foreman-proxy-dhcp-interface=eth2 \\
  --foreman-proxy-dhcp-gateway=192.168.122.1 \\
  --foreman-proxy-dhcp-range="192.168.122.21 192.168.122.51" \\
  --foreman-proxy-dhcp-nameservers="192.168.122.1" \\
  --foreman-proxy-dns=true \\
  --foreman-proxy-dns-interface=eth2 \\
  --foreman-proxy-dns-zone=localdomain \\
  --foreman-proxy-dns-reverse=65.6.10.in-addr.arpa \\
  --foreman-proxy-dns-forwarders=192.168.122.1 \\
  --foreman-proxy-foreman-base-url=https://localhost \\
  --foreman-proxy-oauth-consumer-key=ag9QcrzYTZQVhsnuEb8zYVc6taL4jmXj \\
  --foreman-proxy-oauth-consumer-secret=CWieWvBUMrfsvSc88UcmNTtrGtSzUCCf

7. modules

puppet module install -i /etc/puppet/environments/production/modules saz/ntp

8. mariadb

curl -s http://d01cid.ddns.net/sharel/bin/inst-mariadb-server | sh
mysql -u'root' -p'Passw0rd' -e "create database foreman;"
yum -y install foreman-mysql
vi /etc/foreman/database.yml
#
production:
    adapter: mysql2
    database: foreman
    username: root
    password: Passw0rd
    host: localhost
    socket: "/var/lib/mysql/mysql.sock"
foreman-rake db:migrate
foreman-rake db:seed
systemctl stop postgresql.service
systemctl disable postgresql.service

9. debug

find ~/.mozilla/ -name cert8.db | xargs rm -v

10. references

https://www.linuxtechi.com/bare-metal-provisioning-through-foreman-server/