chef/README.md

### Install Chef Workstation

* macOS, Windows, RHEL, Ubuntu: https://docs.chef.io/workstation/install_workstation/
* Arch Linux: https://aur.archlinux.org/packages/chef-workstation

#### rbenv

If you use rbenv to manage Ruby versions on your system, install the
(rbenv-chef-workstation)[https://github.com/docwhat/rbenv-chef-workstation]
plugin.

### Install gem dependencies

    bundle install

### Bootstrap a new server

    knife zero bootstrap root@dev.kosmos.org --run-list "recipe[kosmos-base],..." -j '{"example_cookbook":{"memory_max":"256M"}}' --secret-file .chef/encrypted_data_bag_secret

### Bootstrap a new VM

    knife zero bootstrap ubuntu@zerotier-ip-address -x ubuntu --sudo --run-list "recipe[kosmos-base]" --secret-file .chef/encrypted_data_bag_secret

### Run Chef Zero

    knife zero converge name:dev.kosmos.org

### Run Chef Zero on a VM

    knife zero converge -a knife_zero.host name:vm-name-23

### Update Chef Client on a server:

    knife zero converge name:dev.kosmos.org --client-version 15.3.14

### Managing cookbooks

Cookbooks are managed via Berkshelf. Run `berks --help` for command help.

Install cookbooks listed in Berksfile:

    berks install

Vendor installed cookbooks to the `cookbooks/` dir:

    berks vendor cookbooks/ --delete

### "Expired" TLS certificates

If you encounter expired TLS certificates during a Chef run (e.g. for remote
files), the issue is likely that the certificate has been issued by Let's
Encrypt and Chef is still using its own, outdated CA cert store (see
[here](https://github.com/chef/chef/issues/12126#issuecomment-932067530) for
example).

As a hotfix, you can manually remove the "DST Root CA X3" cert from
`/opt/chef/embedded/ssl/cert.pem` on the machine you're trying to converge.
Update README Add some info about Chef Workstation and rbenv. 2021-05-28 14:51:42 +02:00			`### Install Chef Workstation`

			`* macOS, Windows, RHEL, Ubuntu: https://docs.chef.io/workstation/install_workstation/`
			`* Arch Linux: https://aur.archlinux.org/packages/chef-workstation`

			`#### rbenv`

			`If you use rbenv to manage Ruby versions on your system, install the`
			`(rbenv-chef-workstation)[https://github.com/docwhat/rbenv-chef-workstation]`
			`plugin.`

			`### Install gem dependencies`
Initial Chef repository 2015-07-21 19:45:23 +02:00
Update README 2016-01-20 21:19:14 -05:00			`bundle install`
Initial Chef repository 2015-07-21 19:45:23 +02:00
Add commands for running Chef against VMs 2020-12-10 23:39:59 +01:00			`### Bootstrap a new server`

			`knife zero bootstrap root@dev.kosmos.org --run-list "recipe[kosmos-base],..." -j '{"example_cookbook":{"memory_max":"256M"}}' --secret-file .chef/encrypted_data_bag_secret`

			`### Bootstrap a new VM`

			`knife zero bootstrap ubuntu@zerotier-ip-address -x ubuntu --sudo --run-list "recipe[kosmos-base]" --secret-file .chef/encrypted_data_bag_secret`

			`### Run Chef Zero`
Initial Chef repository 2015-07-21 19:45:23 +02:00
Update the README for Knife-Zero 2019-10-08 18:17:57 +02:00			`knife zero converge name:dev.kosmos.org`
Initial Chef repository 2015-07-21 19:45:23 +02:00
Add commands for running Chef against VMs 2020-12-10 23:39:59 +01:00			`### Run Chef Zero on a VM`
Add the command to update Chef Client 2019-10-10 12:43:47 +02:00
Add commands for running Chef against VMs 2020-12-10 23:39:59 +01:00			`knife zero converge -a knife_zero.host name:vm-name-23`
Add the command to update Chef Client 2019-10-10 12:43:47 +02:00
Add commands for running Chef against VMs 2020-12-10 23:39:59 +01:00			`### Update Chef Client on a server:`
Initial Chef repository 2015-07-21 19:45:23 +02:00
Add commands for running Chef against VMs 2020-12-10 23:39:59 +01:00			`knife zero converge name:dev.kosmos.org --client-version 15.3.14`
Add Berkshelf help to the README 2018-06-01 16:13:50 +02:00
			`### Managing cookbooks`

			Cookbooks are managed via Berkshelf. Run `berks --help` for command help.

			`Install cookbooks listed in Berksfile:`

			`berks install`

			Vendor installed cookbooks to the `cookbooks/` dir:

Update the README for Knife-Zero 2019-10-08 18:17:57 +02:00			`berks vendor cookbooks/ --delete`
Update README 2021-11-25 19:37:48 -06:00
			`### "Expired" TLS certificates`

			`If you encounter expired TLS certificates during a Chef run (e.g. for remote`
			`files), the issue is likely that the certificate has been issued by Let's`
			`Encrypt and Chef is still using its own, outdated CA cert store (see`
			`[here](https://github.com/chef/chef/issues/12126#issuecomment-932067530) for`
			`example).`

			`As a hotfix, you can manually remove the "DST Root CA X3" cert from`
			`/opt/chef/embedded/ssl/cert.pem` on the machine you're trying to converge.