- create instance
- add role::puppetmaster::pontoon to horizon
- run-puppet-agent (x2)
- https://wikitech.wikimedia.org/wiki/Help:Standalone_puppetmaster#Push_using_a_single_branch
- push local pontoon branch to server
- add pontoon::stack: STACK to horizon
- add puppetmaster: MASTER_FQDN to horizon
- run puppet agent
- find /var/lib/puppet/ssl/ -type f -exec rm -v {} \;
- rm /var/lib/puppet/server/ssl/ca/signed/$(hostname -f).pem
- cp -v /var/lib/puppet/{server/,}ssl/private_keys/$(hostname -f).pem
- cp -v /var/lib/puppet/{server/,}ssl/certs/$(hostname -f).pem
- systemctl restart apache2
- run puppet agent