diff --git a/cookbooks/apt/files/default/15update-stamp b/cookbooks/apt/files/default/15update-stamp deleted file mode 100644 index 14ead83..0000000 --- a/cookbooks/apt/files/default/15update-stamp +++ /dev/null @@ -1 +0,0 @@ -APT::Update::Post-Invoke-Success {"touch /var/lib/apt/periodic/update-success-stamp 2>/dev/null || true";}; diff --git a/cookbooks/apt/files/default/apt-proxy-v2.conf b/cookbooks/apt/files/default/apt-proxy-v2.conf deleted file mode 100644 index 6954004..0000000 --- a/cookbooks/apt/files/default/apt-proxy-v2.conf +++ /dev/null @@ -1,50 +0,0 @@ -[DEFAULT] -;; All times are in seconds, but you can add a suffix -;; for minutes(m), hours(h) or days(d) - -;; commented out address so apt-proxy will listen on all IPs -;; address = 127.0.0.1 -port = 9999 -cache_dir = /var/cache/apt-proxy - -;; Control files (Packages/Sources/Contents) refresh rate -min_refresh_delay = 1s -complete_clientless_downloads = 1 - -;; Debugging settings. -debug = all:4 db:0 - -time = 30 -passive_ftp = on - -;;-------------------------------------------------------------- -;; Cache housekeeping - -cleanup_freq = 1d -max_age = 120d -max_versions = 3 - -;;--------------------------------------------------------------- -;; Backend servers -;; -;; Place each server in its own [section] - -[ubuntu] -; Ubuntu archive -backends = - http://us.archive.ubuntu.com/ubuntu - -[ubuntu-security] -; Ubuntu security updates -backends = http://security.ubuntu.com/ubuntu - -[debian] -;; Backend servers, in order of preference -backends = - http://debian.osuosl.org/debian/ - -[security] -;; Debian security archive -backends = - http://security.debian.org/debian-security - http://ftp2.de.debian.org/debian-security diff --git a/cookbooks/apt/libraries/matchers.rb b/cookbooks/apt/libraries/matchers.rb deleted file mode 100644 index aafce4d..0000000 --- a/cookbooks/apt/libraries/matchers.rb +++ /dev/null @@ -1,17 +0,0 @@ -if defined?(ChefSpec) - def add_apt_preference(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:apt_preference, :add, resource_name) - end - - def remove_apt_preference(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:apt_preference, :remove, resource_name) - end - - def add_apt_repository(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:apt_repository, :add, resource_name) - end - - def remove_apt_repository(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:apt_repository, :remove, resource_name) - end -end diff --git a/cookbooks/apt/libraries/network.rb b/cookbooks/apt/libraries/network.rb deleted file mode 100644 index 828bf03..0000000 --- a/cookbooks/apt/libraries/network.rb +++ /dev/null @@ -1,31 +0,0 @@ -# -# Cookbook Name:: apt -# library:: network -# -# Copyright 2013, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -module ::Apt - def interface_ipaddress(host, interface) - if interface - addresses = host['network']['interfaces'][interface]['addresses'] - addresses.select do |ip, data| - return ip if data['family'].eql?('inet') - end - else - return host.ipaddress - end - end -end diff --git a/cookbooks/apt/providers/preference.rb b/cookbooks/apt/providers/preference.rb deleted file mode 100644 index 20ca079..0000000 --- a/cookbooks/apt/providers/preference.rb +++ /dev/null @@ -1,84 +0,0 @@ -# -# Cookbook Name:: apt -# Provider:: preference -# -# Copyright 2010-2011, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -use_inline_resources if defined?(use_inline_resources) - -def whyrun_supported? - true -end - -# Build preferences.d file contents -def build_pref(package_name, pin, pin_priority) - "Package: #{package_name}\nPin: #{pin}\nPin-Priority: #{pin_priority}\n" -end - -def safe_name(name) - name.tr('.', '_').gsub('*', 'wildcard') -end - -action :add do - preference = build_pref( - new_resource.glob || new_resource.package_name, - new_resource.pin, - new_resource.pin_priority - ) - - directory '/etc/apt/preferences.d' do - owner 'root' - group 'root' - mode 00755 - recursive true - action :create - end - - name = safe_name(new_resource.name) - - file "/etc/apt/preferences.d/#{new_resource.name}.pref" do - action :delete - if ::File.exist?("/etc/apt/preferences.d/#{new_resource.name}.pref") - Chef::Log.warn "Replacing #{new_resource.name}.pref with #{name}.pref in /etc/apt/preferences.d/" - end - only_if { name != new_resource.name } - end - - file "/etc/apt/preferences.d/#{new_resource.name}" do - action :delete - if ::File.exist?("/etc/apt/preferences.d/#{new_resource.name}") - Chef::Log.warn "Replacing #{new_resource.name} with #{new_resource.name}.pref in /etc/apt/preferences.d/" - end - end - - file "/etc/apt/preferences.d/#{name}.pref" do - owner 'root' - group 'root' - mode 00644 - content preference - action :create - end -end - -action :remove do - name = safe_name(new_resource.name) - if ::File.exist?("/etc/apt/preferences.d/#{name}.pref") - Chef::Log.info "Un-pinning #{name} from /etc/apt/preferences.d/" - file "/etc/apt/preferences.d/#{name}.pref" do - action :delete - end - end -end diff --git a/cookbooks/apt/providers/repository.rb b/cookbooks/apt/providers/repository.rb deleted file mode 100644 index 28efefe..0000000 --- a/cookbooks/apt/providers/repository.rb +++ /dev/null @@ -1,246 +0,0 @@ -# -# Cookbook Name:: apt -# Provider:: repository -# -# Copyright 2010-2011, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -use_inline_resources if defined?(use_inline_resources) - -def whyrun_supported? - true -end - -# install apt key from keyserver -def install_key_from_keyserver(key, keyserver, key_proxy) - execute "install-key #{key}" do - if keyserver.start_with?('hkp://') - command "apt-key adv --keyserver #{keyserver} --recv #{key}" - elsif key_proxy.empty? - command "apt-key adv --keyserver hkp://#{keyserver}:80 --recv #{key}" - else - command "apt-key adv --keyserver-options http-proxy=#{key_proxy} --keyserver hkp://#{keyserver}:80 --recv #{key}" - end - sensitive new_resource.sensitive if respond_to?(:sensitive) - action :run - not_if do - key_present = extract_fingerprints_from_cmd('apt-key finger').any? do |fingerprint| - fingerprint.end_with?(key.upcase) - end - - key_present && key_is_valid('apt-key list', key.upcase) - end - end - - ruby_block "validate-key #{key}" do - block do - fail "The key #{key} is no longer valid and cannot be used for an apt repository." - end - not_if { key_is_valid('apt-key list', key.upcase) } - end -end - -# run command and extract gpg ids -def extract_fingerprints_from_cmd(cmd) - so = Mixlib::ShellOut.new(cmd, env: { 'LANG' => 'en_US', 'LANGUAGE' => 'en_US' }) - so.run_command - so.stdout.split(/\n/).map do |t| - if z = t.match(/^ +Key fingerprint = ([0-9A-F ]+)/) - z[1].split.join - end - end.compact -end - -# determine whether apt thinks the key is still valid -def key_is_valid(cmd, key) - valid = true - - so = Mixlib::ShellOut.new(cmd, env: { 'LANG' => 'en_US', 'LANGUAGE' => 'en_US' }) - so.run_command - # rubocop:disable Style/Next - so.stdout.split(/\n/).map do |t| - if t.match(%r{^\/#{key}.*\[expired: .*\]$}) - Chef::Log.debug "Found expired key: #{t}" - valid = false - break - end - end - - Chef::Log.debug "key #{key} validity: #{valid}" - valid -end - -# install apt key from URI -def install_key_from_uri(uri) - key_name = uri.split(%r{\/}).last - cached_keyfile = "#{Chef::Config[:file_cache_path]}/#{key_name}" - if new_resource.key =~ /http/ - remote_file cached_keyfile do - source new_resource.key - mode 00644 - sensitive new_resource.sensitive if respond_to?(:sensitive) - action :create - end - else - cookbook_file cached_keyfile do - source new_resource.key - cookbook new_resource.cookbook - mode 00644 - sensitive new_resource.sensitive if respond_to?(:sensitive) - action :create - end - - ruby_block "validate-key #{cached_keyfile}" do - block do - fail "The key #{cached_keyfile} is no longer valid and cannot be used for an apt repository." unless key_is_valid("gpg #{cached_keyfile}", '') - end - end - end - - execute "install-key #{key_name}" do - command "apt-key add #{cached_keyfile}" - sensitive new_resource.sensitive if respond_to?(:sensitive) - action :run - not_if do - installed_keys = extract_fingerprints_from_cmd('apt-key finger') - proposed_keys = extract_fingerprints_from_cmd("gpg --with-fingerprint #{cached_keyfile}") - (installed_keys & proposed_keys).sort == proposed_keys.sort - end - end -end - -# build repo file contents -def build_repo(uri, distribution, components, trusted, arch, add_deb_src) - uri = '"' + uri + '"' unless uri.start_with?("\"", "'") - components = components.join(' ') if components.respond_to?(:join) - repo_options = [] - repo_options << "arch=#{arch}" if arch - repo_options << 'trusted=yes' if trusted - repo_opts = '[' + repo_options.join(' ') + ']' unless repo_options.empty? - repo_info = "#{repo_opts} #{uri} #{distribution} #{components}\n".lstrip - repo = "deb #{repo_info}" - repo << "deb-src #{repo_info}" if add_deb_src - repo -end - -def get_ppa_key(ppa_owner, ppa_repo, key_proxy) - # Launchpad has currently only one stable API which is marked as EOL April 2015. - # The new api in devel still uses the same api call for +archive, so I made the version - # configurable to provide some sort of workaround if api 1.0 ceases to exist. - # See https://launchpad.net/+apidoc/ - launchpad_ppa_api = "https://launchpad.net/api/#{node['apt']['launchpad_api_version']}/~%s/+archive/%s" - default_keyserver = 'keyserver.ubuntu.com' - - require 'open-uri' - api_query = format("#{launchpad_ppa_api}/signing_key_fingerprint", ppa_owner, ppa_repo) - begin - key_id = open(api_query).read.delete('"') - rescue OpenURI::HTTPError => e - error = 'Could not access launchpad ppa key api: HttpError: ' + e.message - raise error - rescue SocketError => e - error = 'Could not access launchpad ppa key api: SocketError: ' + e.message - raise error - end - - install_key_from_keyserver(key_id, default_keyserver, key_proxy) -end - -# fetch ppa key, return full repo url -def get_ppa_url(ppa, key_proxy) - repo_schema = 'http://ppa.launchpad.net/%s/%s/ubuntu' - - # ppa:user/repo logic ported from - # http://bazaar.launchpad.net/~ubuntu-core-dev/software-properties/main/view/head:/softwareproperties/ppa.py#L86 - return false unless ppa.start_with?('ppa:') - - ppa_name = ppa.split(':')[1] - ppa_owner = ppa_name.split('/')[0] - ppa_repo = ppa_name.split('/')[1] - ppa_repo = 'ppa' if ppa_repo.nil? - - get_ppa_key(ppa_owner, ppa_repo, key_proxy) - - format(repo_schema, ppa_owner, ppa_repo) -end - -action :add do - # add key - if new_resource.keyserver && new_resource.key - install_key_from_keyserver(new_resource.key, new_resource.keyserver, new_resource.key_proxy) - elsif new_resource.key - install_key_from_uri(new_resource.key) - end - - file '/var/lib/apt/periodic/update-success-stamp' do - action :nothing - end - - execute 'apt-cache gencaches' do - ignore_failure true - action :nothing - end - - execute 'apt-get update' do - command "apt-get update -o Dir::Etc::sourcelist='sources.list.d/#{new_resource.name}.list' -o Dir::Etc::sourceparts='-' -o APT::Get::List-Cleanup='0'" - ignore_failure true - sensitive new_resource.sensitive if respond_to?(:sensitive) - action :nothing - notifies :run, 'execute[apt-cache gencaches]', :immediately - end - - if new_resource.uri.start_with?('ppa:') - # build ppa repo file - repository = build_repo( - get_ppa_url(new_resource.uri, new_resource.key_proxy), - new_resource.distribution, - 'main', - new_resource.trusted, - new_resource.arch, - new_resource.deb_src - ) - else - # build repo file - repository = build_repo( - new_resource.uri, - new_resource.distribution, - new_resource.components, - new_resource.trusted, - new_resource.arch, - new_resource.deb_src - ) - end - - file "/etc/apt/sources.list.d/#{new_resource.name}.list" do - owner 'root' - group 'root' - mode 00644 - content repository - sensitive new_resource.sensitive if respond_to?(:sensitive) - action :create - notifies :delete, 'file[/var/lib/apt/periodic/update-success-stamp]', :immediately - notifies :run, 'execute[apt-get update]', :immediately if new_resource.cache_rebuild - end -end - -action :remove do - if ::File.exist?("/etc/apt/sources.list.d/#{new_resource.name}.list") - Chef::Log.info "Removing #{new_resource.name} repository from /etc/apt/sources.list.d/" - file "/etc/apt/sources.list.d/#{new_resource.name}.list" do - sensitive new_resource.sensitive if respond_to?(:sensitive) - action :delete - end - end -end diff --git a/cookbooks/apt/resources/preference.rb b/cookbooks/apt/resources/preference.rb deleted file mode 100644 index a1fdf3b..0000000 --- a/cookbooks/apt/resources/preference.rb +++ /dev/null @@ -1,37 +0,0 @@ -# -# Cookbook Name:: apt -# Resource:: preference -# -# Copyright 2010-2013, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -actions :add, :remove -default_action :add if defined?(default_action) # Chef > 10.8 - -# Needed for Chef versions < 0.10.10 -def initialize(*args) - super - @action = :add -end - -state_attrs :glob, - :package_name, - :pin, - :pin_priority - -attribute :package_name, kind_of: String, name_attribute: true, regex: [/^([a-z]|[A-Z]|[0-9]|_|-|\.|\*)+$/] -attribute :glob, kind_of: String -attribute :pin, kind_of: String -attribute :pin_priority, kind_of: String diff --git a/cookbooks/apt/resources/repository.rb b/cookbooks/apt/resources/repository.rb deleted file mode 100644 index 8d3b3fc..0000000 --- a/cookbooks/apt/resources/repository.rb +++ /dev/null @@ -1,60 +0,0 @@ -# -# Cookbook Name:: apt -# Resource:: repository -# -# Copyright 2010-2013, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -actions :add, :remove -default_action :add if defined?(default_action) # Chef > 10.8 - -# Needed for Chef versions < 0.10.10 -def initialize(*args) - super - @action = :add -end - -state_attrs :arch, - :cache_rebuild, - :components, - :cookbook, - :deb_src, - :distribution, - :key, - :keyserver, - :key_proxy, - :repo_name, - :trusted, - :uri, - :sensitive - -# name of the repo, used for source.list filename -attribute :repo_name, kind_of: String, name_attribute: true, regex: [/^([a-z]|[A-Z]|[0-9]|_|-|\.)+$/] -attribute :uri, kind_of: String -attribute :distribution, kind_of: String -attribute :components, kind_of: Array, default: [] -attribute :arch, kind_of: String, default: nil -attribute :trusted, kind_of: [TrueClass, FalseClass], default: false -# whether or not to add the repository as a source repo as well -attribute :deb_src, default: false -attribute :keyserver, kind_of: String, default: nil -attribute :key, kind_of: String, default: nil -attribute :key_proxy, kind_of: String, default: node['apt']['key_proxy'] -attribute :cookbook, kind_of: String, default: nil -# trigger cache rebuild -# If not you can trigger in the recipe itself after checking the status of resource.updated{_by_last_action}? -attribute :cache_rebuild, kind_of: [TrueClass, FalseClass], default: true -# Hide content of the source file, don't show output for commands being run, etc. -attribute :sensitive, kind_of: [TrueClass, FalseClass], default: false diff --git a/cookbooks/apt/templates/debian-6.0/acng.conf.erb b/cookbooks/apt/templates/debian-6.0/acng.conf.erb deleted file mode 100644 index 98a681c..0000000 --- a/cookbooks/apt/templates/debian-6.0/acng.conf.erb +++ /dev/null @@ -1,173 +0,0 @@ -# Letter case in directive names does not matter. Must be separated with colons. -# Valid boolean values are a zero number for false, non-zero numbers for true. - -CacheDir: <%= node['apt']['cacher_dir'] %> - -# set empty to disable logging -LogDir: /var/log/apt-cacher-ng - -# TCP (http) port -# Set to 9999 to emulate apt-proxy -Port:<%= node['apt']['cacher_port'] %> - -# Addresses or hostnames to listen on. Multiple addresses must be separated by -# spaces. Each entry must be associated with a local interface. DNS resolution -# is performed using getaddrinfo(3) for all available protocols (i.e. IPv4 and -# IPv6 if available). -# -# Default: not set, will listen on all interfaces. -# -# BindAddress: localhost 192.168.7.254 publicNameOnMainInterface - -#Proxy: http://www-proxy.example.net:80 -#proxy: http://username:proxypassword@proxy.example.net:3128 - -# Repository remapping. See manual for details. -# In this example, backends file is generated during package installation. -Remap-debrep: file:deb_mirror*.gz /debian ; file:backends_debian -Remap-uburep: file:ubuntu_mirrors /ubuntu ; file:backends_ubuntu -Remap-debvol: file:debvol_mirror*.gz /debian-volatile ; file:backends_debvol -Remap-cygwin: file:cygwin_mirrors /cygwin # ; file:backends_cygwin # incomplete, please create this file - -# Virtual page accessible in a web browser to see statistics and status -# information, i.e. under http://localhost:3142/acng-report.html -ReportPage: acng-report.html - -# Socket file for accessing through local UNIX socket instead of TCP/IP. Can be -# used with inetd bridge or cron client. -# SocketPath:/var/run/apt-cacher-ng/socket - -# Forces log file to be written to disk after every line when set to 1. Default -# is 0, buffer flush happens after client disconnects. -# -# (technically, this is an alias to the Debug option provided for convenience) -# -# UnbufferLogs: 0 - -# Set to 0 to store only type, time and transfer sizes. -# 1 -> client IP and relative local path are logged too -# VerboseLog: 1 - -# Don't detach from the console -# ForeGround: 0 - -# Store the pid of the daemon process therein -# PidFile: /var/run/apt-cacher-ng/pid - -# Forbid outgoing connections, work around them or respond with 503 error -# offlinemode:0 - -# Forbid all downloads that don't run through preconfigured backends (.where) -#ForceManaged: 0 - -# Days before considering an unreferenced file expired (to be deleted). -# Warning: if the value is set too low and particular index files are not -# available for some days (mirror downtime) there is a risk of deletion of -# still usefull package files. -ExTreshold: 4 - -# Stop expiration when a critical problem appeared. Currently only failed -# refresh of an index file is considered as critical. -# -# WARNING: don't touch this option or set to a non-zero number. -# Anything else is DANGEROUS and may cause data loss. -# -# ExAbortOnProblems: 1 - -# Replace some Windows/DOS-FS incompatible chars when storing -# StupidFs: 0 - -# Experimental feature for apt-listbugs: pass-through SOAP requests and -# responses to/from bugs.debian.org. If not set, default is true if -# ForceManaged is enabled and false otherwise. -# ForwardBtsSoap: 1 - -# The daemon has a small cache for DNS data, to speed up resolution. The -# expiration time of the DNS entries can be configured in seconds. -# DnsCacheSeconds: 3600 - -# Don't touch the following values without good consideration! -# -# Max. count of connection threads kept ready (for faster response in the -# future). Should be a sane value between 0 and average number of connections, -# and depend on the amount of spare RAM. -# MaxStandbyConThreads: 8 -# -# Hard limit of active thread count for incomming connections, i.e. operation -# is refused when this value is reached (below zero = unlimited). -# MaxConThreads: -1 -# -#VfilePattern = (^|.*?/)(Index|Packages\.bz2|Packages\.gz|Packages|Release|Release\.gpg|Sources\.bz2|Sources\.gz|Sources|release|index\.db-.*\.gz|Contents-[^/]*\.gz|pkglist[^/]*\.bz2|rclist[^/]*\.bz2|/meta-release[^/]*|Translation[^/]*\.bz2)$ -#PfilePattern = .*(\.deb|\.rpm|\.dsc|\.tar\.gz\.gpg|\.tar\.gz|\.diff\.gz|\.diff\.bz2|\.jigdo|\.template|changelog|copyright|\.udeb|\.diff/.*\.gz|vmlinuz|initrd\.gz|(Devel)?ReleaseAnnouncement(\\?.*)?)$ -# Whitelist for expiration, file types not to be removed even when being -# unreferenced. Default: same as VfilePattern which is a safe bed. When and -# only when the only used mirrors are official repositories (with working -# Release files) then it might be set to something more restrictive, like -# (^|.*?/)(Release|Release\.gpg|release|meta-release|Translation[^/]*\.bz2)$ -#WfilePattern = (^|.*?/)(Index|Packages\.bz2|Packages\.gz|Packages|Release|Release\.gpg|Sources\.bz2|Sources\.gz|Sources|release|index\.db-.*\.gz|Contents-[^/]*\.gz|pkglist[^/]*\.bz2|rclist[^/]*\.bz2|/meta-release[^/]*|Translation[^/]*\.bz2)$ - -# Higher modes only working with the debug version -# Warning, writes a lot into apt-cacher.err logfile -# Value overwrites UnbufferLogs setting (aliased) -# Debug:3 - -# Usually, general purpose proxies like Squid expose the IP adress of the -# client user to the remote server using the X-Forwarded-For HTTP header. This -# behaviour can be optionally turned on with the Expose-Origin option. -# ExposeOrigin: 0 - -# When logging the originating IP address, trust the information supplied by -# the client in the X-Forwarded-For header. -# LogSubmittedOrigin: 0 - -# The version string reported to the peer, to be displayed as HTTP client (and -# version) in the logs of the mirror. -# WARNING: some archives use this header to detect/guess capabilities of the -# client (i.e. redirection support) and change the behaviour accordingly, while -# ACNG might not support the expected features. Expect side effects. -# -# UserAgent: Yet Another HTTP Client/1.2.3p4 - -# In some cases the Import and Expiration tasks might create fresh volatile -# data for internal use by reconstructing them using patch files. This -# by-product might be recompressed with bzip2 and with some luck the resulting -# file becomes identical to the *.bz2 file on the server, usable for APT -# clients trying to fetch the full .bz2 compressed version. Injection of the -# generated files into the cache has however a disadvantage on underpowered -# servers: bzip2 compession can create high load on the server system and the -# visible download of the busy .bz2 files also becomes slower. -# -# RecompBz2: 0 - -# Network timeout for outgoing connections. -# NetworkTimeout: 60 - -# Sometimes it makes sense to not store the data in cache and just return the -# package data to client as it comes in. DontCache parameters can enable this -# behaviour for certain URL types. The tokens are extended regular expressions -# that URLs are matched against. -# -# DontCacheRequested is applied to the URL as it comes in from the client. -# Example: exclude packages built with kernel-package for x86 -# DontCacheRequested: linux-.*_10\...\.Custo._i386 -# Example usecase: exclude popular private IP ranges from caching -# DontCacheRequested: 192.168.0 ^10\..* 172.30 -# -# DontCacheResolved is applied to URLs after mapping to the target server. If -# multiple backend servers are specified then it's only matched against the -# download link for the FIRST possible source (due to implementation limits). -# Example usecase: all Ubuntu stuff comes from a local mirror (specified as -# backend), don't cache it again: -# DontCacheResolved: ubuntumirror.local.net -# -# DontCache directive sets (overrides) both, DontCacheResolved and -# DontCacheRequested. Provided for convenience, see those directives for -# details. -# -# Default permission set of freshly created files and directories, as octal -# numbers (see chmod(1) for details). -# Can by limited by the umask value (see umask(2) for details) if it's set in -# the environment of the starting shell, e.g. in apt-cacher-ng init script or -# in its configuration file. -# DirPerms: 00755 -# FilePerms: 00664 diff --git a/cookbooks/apt/templates/default/01proxy.erb b/cookbooks/apt/templates/default/01proxy.erb deleted file mode 100644 index 1cd2256..0000000 --- a/cookbooks/apt/templates/default/01proxy.erb +++ /dev/null @@ -1,9 +0,0 @@ -Acquire::http::Proxy "http://<%= @proxy %>:<%= @port %>"; -<% if @proxy_ssl %> -Acquire::https::Proxy "http://<%= @proxy %>:<%= @port %>"; -<% else %> -Acquire::https::Proxy "DIRECT"; -<% end %> -<% @bypass.each do |bypass, type| %> -Acquire::<%= type %>::Proxy::<%= bypass %> "DIRECT"; -<% end %> diff --git a/cookbooks/apt/templates/default/10recommends.erb b/cookbooks/apt/templates/default/10recommends.erb deleted file mode 100644 index 16b3664..0000000 --- a/cookbooks/apt/templates/default/10recommends.erb +++ /dev/null @@ -1,3 +0,0 @@ -# Managed by Chef -APT::Install-Recommends "<%= node['apt']['confd']['install_recommends'] ? 1 : 0 %>"; -APT::Install-Suggests "<%= node['apt']['confd']['install_suggests'] ? 1 : 0 %>"; diff --git a/cookbooks/apt/templates/default/20auto-upgrades.erb b/cookbooks/apt/templates/default/20auto-upgrades.erb deleted file mode 100644 index 54449b6..0000000 --- a/cookbooks/apt/templates/default/20auto-upgrades.erb +++ /dev/null @@ -1,2 +0,0 @@ -APT::Periodic::Update-Package-Lists "<%= node['apt']['unattended_upgrades']['update_package_lists'] ? 1 : 0 %>"; -APT::Periodic::Unattended-Upgrade "<%= node['apt']['unattended_upgrades']['enable'] ? 1 : 0 %>"; diff --git a/cookbooks/apt/templates/default/50unattended-upgrades.erb b/cookbooks/apt/templates/default/50unattended-upgrades.erb deleted file mode 100644 index 9984973..0000000 --- a/cookbooks/apt/templates/default/50unattended-upgrades.erb +++ /dev/null @@ -1,68 +0,0 @@ -// Automatically upgrade packages from these (origin:archive) pairs -Unattended-Upgrade::Allowed-Origins { -<% unless node['apt']['unattended_upgrades']['allowed_origins'].empty? -%> -<% node['apt']['unattended_upgrades']['allowed_origins'].each do |origin| -%> - "<%= origin %>"; -<% end -%> -<% end -%> -}; - - -// List of packages to not update -Unattended-Upgrade::Package-Blacklist { -<% unless node['apt']['unattended_upgrades']['package_blacklist'].empty? -%> -<% node['apt']['unattended_upgrades']['package_blacklist'].each do |package| -%> - "<%= package %>"; -<% end -%> -<% end -%> -}; - -// This option allows you to control if on a unclean dpkg exit -// unattended-upgrades will automatically run -// dpkg --force-confold --configure -a -// The default is true, to ensure updates keep getting installed -Unattended-Upgrade::AutoFixInterruptedDpkg "<%= node['apt']['unattended_upgrades']['auto_fix_interrupted_dpkg'] ? 'true' : 'false' %>"; - -// Split the upgrade into the smallest possible chunks so that -// they can be interrupted with SIGUSR1. This makes the upgrade -// a bit slower but it has the benefit that shutdown while a upgrade -// is running is possible (with a small delay) -Unattended-Upgrade::MinimalSteps "<%= node['apt']['unattended_upgrades']['minimal_steps'] ? 'true' : 'false' %>"; - -// Install all unattended-upgrades when the machine is shuting down -// instead of doing it in the background while the machine is running -// This will (obviously) make shutdown slower -Unattended-Upgrade::InstallOnShutdown "<%= node['apt']['unattended_upgrades']['install_on_shutdown'] ? 'true' : 'false' %>"; - -// Send email to this address for problems or packages upgrades -// If empty or unset then no email is sent, make sure that you -// have a working mail setup on your system. A package that provides -// 'mailx' must be installed. -<% if node['apt']['unattended_upgrades']['mail'] -%> -Unattended-Upgrade::Mail "<%= node['apt']['unattended_upgrades']['mail'] %>"; -<% end -%> - -// Set this value to "true" to get emails only on errors. Default -// is to always send a mail if Unattended-Upgrade::Mail is set -Unattended-Upgrade::MailOnlyOnError "<%= node['apt']['unattended_upgrades']['mail_only_on_error'] ? 'true' : 'false' %>"; - -// Do automatic removal of new unused dependencies after the upgrade -// (equivalent to apt-get autoremove) -Unattended-Upgrade::Remove-Unused-Dependencies "<%= node['apt']['unattended_upgrades']['remove_unused_dependencies'] ? 'true' : 'false' %>"; - -// Automatically reboot *WITHOUT CONFIRMATION* if a -// the file /var/run/reboot-required is found after the upgrade -Unattended-Upgrade::Automatic-Reboot "<%= node['apt']['unattended_upgrades']['automatic_reboot'] ? 'true' : 'false' %>"; - -// If automatic reboot is enabled and needed, reboot at the specific -// time instead of immediately -// Default: "now" -<% if node['apt']['unattended_upgrades']['automatic_reboot'] -%> -Unattended-Upgrade::Automatic-Reboot-Time "<%= node['apt']['unattended_upgrades']['automatic_reboot_time'] %>"; -<% end %> - -// Use apt bandwidth limit feature, this example limits the download -// speed to 70kb/sec -<% if node['apt']['unattended_upgrades']['dl_limit'] -%> -Acquire::http::Dl-Limit "<%= node['apt']['unattended_upgrades']['dl_limit'] %>"; -<% end -%> diff --git a/cookbooks/apt/templates/default/acng.conf.erb b/cookbooks/apt/templates/default/acng.conf.erb deleted file mode 100644 index 3aa0c92..0000000 --- a/cookbooks/apt/templates/default/acng.conf.erb +++ /dev/null @@ -1,275 +0,0 @@ -# Letter case in directive names does not matter. Must be separated with colons. -# Valid boolean values are a zero number for false, non-zero numbers for true. - -CacheDir: <%= node['apt']['cacher_dir'] %> - -# set empty to disable logging -LogDir: /var/log/apt-cacher-ng - -# place to look for additional configuration and resource files if they are not -# found in the configuration directory -# SupportDir: /usr/lib/apt-cacher-ng - -# TCP (http) port -# Set to 9999 to emulate apt-proxy -Port:<%= node['apt']['cacher_port'] %> - -# Addresses or hostnames to listen on. Multiple addresses must be separated by -# spaces. Each entry must be an exact local address which is associated with a -# local interface. DNS resolution is performed using getaddrinfo(3) for all -# available protocols (IPv4, IPv6, ...). Using a protocol specific format will -# create binding(s) only on protocol specific socket(s) (e.g. 0.0.0.0 will listen -# only to IPv4). -# -# Default: not set, will listen on all interfaces and protocols -# -# BindAddress: localhost 192.168.7.254 publicNameOnMainInterface - -# The specification of another proxy which shall be used for downloads. -# Username and password are, and see manual for limitations. -# -#Proxy: http://www-proxy.example.net:80 -#proxy: username:proxypassword@proxy.example.net:3128 - -# Repository remapping. See manual for details. -# In this example, some backends files might be generated during package -# installation using information collected on the system. -Remap-debrep: file:deb_mirror*.gz /debian ; file:backends_debian # Debian Archives -Remap-uburep: file:ubuntu_mirrors /ubuntu ; file:backends_ubuntu # Ubuntu Archives -Remap-debvol: file:debvol_mirror*.gz /debian-volatile ; file:backends_debvol # Debian Volatile Archives -Remap-cygwin: file:cygwin_mirrors /cygwin # ; file:backends_cygwin # incomplete, please create this file or specify preferred mirrors here -Remap-sfnet: file:sfnet_mirrors # ; file:backends_sfnet # incomplete, please create this file or specify preferred mirrors here -Remap-alxrep: file:archlx_mirrors /archlinux # ; file:backend_archlx # Arch Linux -Remap-fedora: file:fedora_mirrors # Fedora Linux -Remap-epel: file:epel_mirrors # Fedora EPEL -Remap-slrep: file:sl_mirrors # Scientific Linux - -# This is usually not needed for security.debian.org because it's always the -# same DNS hostname. However, it might be enabled in order to use hooks, -# ForceManaged mode or special flags in this context. -# Remap-secdeb: security.debian.org - -# Virtual page accessible in a web browser to see statistics and status -# information, i.e. under http://localhost:3142/acng-report.html -ReportPage: acng-report.html - -# Socket file for accessing through local UNIX socket instead of TCP/IP. Can be -# used with inetd bridge or cron client. -# SocketPath:/var/run/apt-cacher-ng/socket - -# Forces log file to be written to disk after every line when set to 1. Default -# is 0, buffers are flushed when the client disconnects. -# -# (technically, alias to the Debug option, see its documentation for details) -# -# UnbufferLogs: 0 - -# Set to 0 to store only type, time and transfer sizes. -# 1 -> client IP and relative local path are logged too -# VerboseLog: 1 - -# Don't detach from the console -# ForeGround: 0 - -# Store the pid of the daemon process therein -# PidFile: /var/run/apt-cacher-ng/pid - -# Forbid outgoing connections, work around them or respond with 503 error -# offlinemode:0 - -# Forbid all downloads that don't run through preconfigured backends (.where) -#ForceManaged: 0 - -# Days before considering an unreferenced file expired (to be deleted). -# Warning: if the value is set too low and particular index files are not -# available for some days (mirror downtime) there is a risk of deletion of -# still useful package files. -ExTreshold: 4 - -# Stop expiration when a critical problem appeared. Currently only failed -# refresh of an index file is considered as critical. -# -# WARNING: don't touch this option or set to zero. -# Anything else is DANGEROUS and may cause data loss. -# -# ExAbortOnProblems: 1 - -# Replace some Windows/DOS-FS incompatible chars when storing -# StupidFs: 0 - -# Experimental feature for apt-listbugs: pass-through SOAP requests and -# responses to/from bugs.debian.org. If not set, default is true if -# ForceManaged is enabled and false otherwise. -# ForwardBtsSoap: 1 - -# The daemon has a small cache for DNS data, to speed up resolution. The -# expiration time of the DNS entries can be configured in seconds. -# DnsCacheSeconds: 3600 - -# Don't touch the following values without good consideration! -# -# Max. count of connection threads kept ready (for faster response in the -# future). Should be a sane value between 0 and average number of connections, -# and depend on the amount of spare RAM. -# MaxStandbyConThreads: 8 -# -# Hard limit of active thread count for incoming connections, i.e. operation -# is refused when this value is reached (below zero = unlimited). -# MaxConThreads: -1 -# -# Pigeonholing files with regular expressions (static/volatile). Can be -# overriden here but not should not be done permanently because future update -# of default settings would not be applied later. -# VfilePattern = (^|.*?/)(Index|Packages(\.gz|\.bz2|\.lzma|\.xz)?|InRelease|Release|Release\.gpg|Sources(\.gz|\.bz2|\.lzma|\.xz)?|release|index\.db-.*\.gz|Contents-[^/]*(\.gz|\.bz2|\.lzma|\.xz)?|pkglist[^/]*\.bz2|rclist[^/]*\.bz2|/meta-release[^/]*|Translation[^/]*(\.gz|\.bz2|\.lzma|\.xz)?|MD5SUMS|SHA1SUMS|((setup|setup-legacy)(\.ini|\.bz2|\.hint)(\.sig)?)|mirrors\.lst|repo(index|md)\.xml(\.asc|\.key)?|directory\.yast|products|content(\.asc|\.key)?|media|filelists\.xml\.gz|filelists\.sqlite\.bz2|repomd\.xml|packages\.[a-zA-Z][a-zA-Z]\.gz|info\.txt|license\.tar\.gz|license\.zip|.*\.db(\.tar\.gz)?|.*\.files\.tar\.gz|.*\.abs\.tar\.gz|metalink\?repo|.*prestodelta\.xml\.gz)$|/dists/.*/installer-[^/]+/[^0-9][^/]+/images/.* -# PfilePattern = .*(\.d?deb|\.rpm|\.dsc|\.tar(\.gz|\.bz2|\.lzma|\.xz)(\.gpg)?|\.diff(\.gz|\.bz2|\.lzma|\.xz)|\.jigdo|\.template|changelog|copyright|\.udeb|\.debdelta|\.diff/.*\.gz|(Devel)?ReleaseAnnouncement(\?.*)?|[a-f0-9]+-(susedata|updateinfo|primary|deltainfo).xml.gz|fonts/(final/)?[a-z]+32.exe(\?download.*)?|/dists/.*/installer-[^/]+/[0-9][^/]+/images/.*)$ -# Whitelist for expiration, file types not to be removed even when being -# unreferenced. Default: many parts from VfilePattern where no parent index -# exists or might be unknown. -# WfilePattern = (^|.*?/)(Release|InRelease|Release\.gpg|(Packages|Sources)(\.gz|\.bz2|\.lzma|\.xz)?|Translation[^/]*(\.gz|\.bz2|\.lzma|\.xz)?|MD5SUMS|SHA1SUMS|.*\.xml|.*\.db\.tar\.gz|.*\.files\.tar\.gz|.*\.abs\.tar\.gz|[a-z]+32.exe)$|/dists/.*/installer-.*/images/.* - -# Higher modes only working with the debug version -# Warning, writes a lot into apt-cacher.err logfile -# Value overwrites UnbufferLogs setting (aliased) -# Debug:3 - -# Usually, general purpose proxies like Squid expose the IP address of the -# client user to the remote server using the X-Forwarded-For HTTP header. This -# behaviour can be optionally turned on with the Expose-Origin option. -# ExposeOrigin: 0 - -# When logging the originating IP address, trust the information supplied by -# the client in the X-Forwarded-For header. -# LogSubmittedOrigin: 0 - -# The version string reported to the peer, to be displayed as HTTP client (and -# version) in the logs of the mirror. -# WARNING: some archives use this header to detect/guess capabilities of the -# client (i.e. redirection support) and change the behaviour accordingly, while -# ACNG might not support the expected features. Expect side effects. -# -# UserAgent: Yet Another HTTP Client/1.2.3p4 - -# In some cases the Import and Expiration tasks might create fresh volatile -# data for internal use by reconstructing them using patch files. This -# by-product might be recompressed with bzip2 and with some luck the resulting -# file becomes identical to the *.bz2 file on the server, usable for APT -# clients trying to fetch the full .bz2 compressed version. Injection of the -# generated files into the cache has however a disadvantage on underpowered -# servers: bzip2 compression can create high load on the server system and the -# visible download of the busy .bz2 files also becomes slower. -# -# RecompBz2: 0 - -# Network timeout for outgoing connections. -# NetworkTimeout: 60 - -# Sometimes it makes sense to not store the data in cache and just return the -# package data to client as it comes in. DontCache parameters can enable this -# behaviour for certain URL types. The tokens are extended regular expressions -# that URLs are matched against. -# -# DontCacheRequested is applied to the URL as it comes in from the client. -# Example: exclude packages built with kernel-package for x86 -# DontCacheRequested: linux-.*_10\...\.Custo._i386 -# Example usecase: exclude popular private IP ranges from caching -# DontCacheRequested: 192.168.0 ^10\..* 172.30 -# -# DontCacheResolved is applied to URLs after mapping to the target server. If -# multiple backend servers are specified then it's only matched against the -# download link for the FIRST possible source (due to implementation limits). -# Example usecase: all Ubuntu stuff comes from a local mirror (specified as -# backend), don't cache it again: -# DontCacheResolved: ubuntumirror.local.net -# -# DontCache directive sets (overrides) both, DontCacheResolved and -# DontCacheRequested. Provided for convenience, see those directives for -# details. -# -# Default permission set of freshly created files and directories, as octal -# numbers (see chmod(1) for details). -# Can by limited by the umask value (see umask(2) for details) if it's set in -# the environment of the starting shell, e.g. in apt-cacher-ng init script or -# in its configuration file. -# DirPerms: 00755 -# FilePerms: 00664 -# -# -# It's possible to use use apt-cacher-ng as a regular web server with limited -# feature set, i.e. -# including directory browsing and download of any file; -# excluding sorting, mime types/encodings, CGI execution, index page -# redirection and other funny things. -# To get this behavior, mappings between virtual directories and real -# directories on the server must be defined with the LocalDirs directive. -# Virtual and real dirs are separated by spaces, multiple pairs are separated -# by semi-colons. Real directories must be absolute paths. -# NOTE: Since the names of that key directories share the same namespace as -# repository names (see Remap-...) it's administrators job to avoid such -# collisions on them (unless created deliberately). -# -# LocalDirs: woo /data/debarchive/woody ; hamm /data/debarchive/hamm - -# Precache a set of files referenced by specified index files. This can be used -# to create a partial mirror usable for offline work. There are certain limits -# and restrictions on the path specification, see manual for details. A list of -# (maybe) relevant index files could be retrieved via -# "apt-get --print-uris update" on a client machine. -# -# PrecacheFor: debrep/dists/unstable/*/source/Sources* debrep/dists/unstable/*/binary-amd64/Packages* - -# Arbitrary set of data to append to request headers sent over the wire. Should -# be a well formated HTTP headers part including newlines (DOS style) which -# can be entered as escape sequences (\r\n). -# RequestAppendix: X-Tracking-Choice: do-not-track\r\n - -# Specifies the IP protocol families to use for remote connections. Order does -# matter, first specified are considered first. Possible combinations: -# v6 v4 -# v4 v6 -# v6 -# v4 -# (empty or not set: use system default) -# -# ConnectProto: v6 v4 - -# Regular expiration algorithm finds package files which are no longer listed -# in any index file and removes them of them after a safety period. -# This option allows to keep more versions of a package in the cache after -# safety period is over. -# KeepExtraVersions: 1 - -# Optionally uses TCP access control provided by libwrap, see hosts_access(5) -# for details. Daemon name is apt-cacher-ng. Default if not set: decided on -# startup by looking for explicit mentioning of apt-cacher-ng in -# /etc/hosts.allow or /etc/hosts.deny files. -# UseWrap: 0 - -# If many machines from the same local network attempt to update index files -# (apt-get update) at nearly the same time, the known state of these index file -# is temporarily frozen and multiple requests receive the cached response -# without contacting the server. This parameter (in seconds) specifies the -# length of this period before the files are considered outdated. -# Setting it too low transfers more data and increases remote server load, -# setting it too high (more than a couple of minutes) increases the risk of -# delivering inconsistent responses to the clients. -# FreshIndexMaxAge: 27 - -# Usually the users are not allowed to specify custom TCP ports of remote -# mirrors in the requests, only the default HTTP port can be used (instead, -# proxy administrator can create Remap- rules with custom ports). This -# restriction can be disabled by specifying a list of allowed ports or 0 for -# any port. -# -# AllowUserPorts: 80 - -# Normally the HTTP redirection responses are forwarded to the original caller -# (i.e. APT) which starts a new download attempt from the new URL. This -# solution is ok for client configurations with proxy mode but doesn't work -# well with configurations using URL prefixes. To work around this the server -# can restart its own download with another URL. However, this might be used to -# circumvent download source policies by malicious users. -# The RedirMax option specifies how many such redirects the server should -# follow per request, 0 disables the internal redirection. If not set, -# default value is 0 if ForceManaged is used and 5 otherwise. -# -# RedirMax: 5 diff --git a/cookbooks/apt/templates/default/unattended-upgrades.seed.erb b/cookbooks/apt/templates/default/unattended-upgrades.seed.erb deleted file mode 100644 index 5ee5e93..0000000 --- a/cookbooks/apt/templates/default/unattended-upgrades.seed.erb +++ /dev/null @@ -1 +0,0 @@ -unattended-upgrades unattended-upgrades/enable_auto_updates boolean <%= node['apt']['unattended_upgrades']['enable'] ? 'true' : 'false' %> diff --git a/cookbooks/apt/templates/ubuntu-10.04/acng.conf.erb b/cookbooks/apt/templates/ubuntu-10.04/acng.conf.erb deleted file mode 100644 index 0e7c779..0000000 --- a/cookbooks/apt/templates/ubuntu-10.04/acng.conf.erb +++ /dev/null @@ -1,269 +0,0 @@ -# Letter case in directive names does not matter. Must be separated with colons. -# Valid boolean values are a zero number for false, non-zero numbers for true. - -CacheDir: <%= node['apt']['cacher_dir'] %> - -# set empty to disable logging -LogDir: /var/log/apt-cacher-ng - -# place to look for additional configuration and resource files if they are not -# found in the configuration directory -# SupportDir: /usr/lib/apt-cacher-ng - -# TCP (http) port -# Set to 9999 to emulate apt-proxy -Port:<%= node['apt']['cacher_port'] %> - -# Addresses or hostnames to listen on. Multiple addresses must be separated by -# spaces. Each entry must be an exact local address which is associated with a -# local interface. DNS resolution is performed using getaddrinfo(3) for all -# available protocols (IPv4, IPv6, ...). Using a protocol specific format will -# create binding(s) only on protocol specific socket(s) (e.g. 0.0.0.0 will listen -# only to IPv4). -# -# Default: not set, will listen on all interfaces and protocols -# -# BindAddress: localhost 192.168.7.254 publicNameOnMainInterface - -# The specification of another proxy which shall be used for downloads. -# Username and password are, and see manual for limitations. -# -#Proxy: http://www-proxy.example.net:80 -#proxy: username:proxypassword@proxy.example.net:3128 - -# Repository remapping. See manual for details. -# In this example, some backends files might be generated during package -# installation using information collected on the system. -Remap-debrep: file:deb_mirror*.gz /debian ; file:backends_debian # Debian Archives -Remap-uburep: file:ubuntu_mirrors /ubuntu ; file:backends_ubuntu # Ubuntu Archives -Remap-debvol: file:debvol_mirror*.gz /debian-volatile ; file:backends_debvol # Debian Volatile Archives - -# This is usually not needed for security.debian.org because it's always the -# same DNS hostname. However, it might be enabled in order to use hooks, -# ForceManaged mode or special flags in this context. -# Remap-secdeb: security.debian.org - -# Virtual page accessible in a web browser to see statistics and status -# information, i.e. under http://localhost:3142/acng-report.html -ReportPage: acng-report.html - -# Socket file for accessing through local UNIX socket instead of TCP/IP. Can be -# used with inetd bridge or cron client. -# SocketPath:/var/run/apt-cacher-ng/socket - -# Forces log file to be written to disk after every line when set to 1. Default -# is 0, buffers are flushed when the client disconnects. -# -# (technically, alias to the Debug option, see its documentation for details) -# -# UnbufferLogs: 0 - -# Set to 0 to store only type, time and transfer sizes. -# 1 -> client IP and relative local path are logged too -# VerboseLog: 1 - -# Don't detach from the console -# ForeGround: 0 - -# Store the pid of the daemon process therein -# PidFile: /var/run/apt-cacher-ng/pid - -# Forbid outgoing connections, work around them or respond with 503 error -# offlinemode:0 - -# Forbid all downloads that don't run through preconfigured backends (.where) -#ForceManaged: 0 - -# Days before considering an unreferenced file expired (to be deleted). -# Warning: if the value is set too low and particular index files are not -# available for some days (mirror downtime) there is a risk of deletion of -# still useful package files. -ExTreshold: 4 - -# Stop expiration when a critical problem appeared. Currently only failed -# refresh of an index file is considered as critical. -# -# WARNING: don't touch this option or set to zero. -# Anything else is DANGEROUS and may cause data loss. -# -# ExAbortOnProblems: 1 - -# Replace some Windows/DOS-FS incompatible chars when storing -# StupidFs: 0 - -# Experimental feature for apt-listbugs: pass-through SOAP requests and -# responses to/from bugs.debian.org. If not set, default is true if -# ForceManaged is enabled and false otherwise. -# ForwardBtsSoap: 1 - -# The daemon has a small cache for DNS data, to speed up resolution. The -# expiration time of the DNS entries can be configured in seconds. -# DnsCacheSeconds: 3600 - -# Don't touch the following values without good consideration! -# -# Max. count of connection threads kept ready (for faster response in the -# future). Should be a sane value between 0 and average number of connections, -# and depend on the amount of spare RAM. -# MaxStandbyConThreads: 8 -# -# Hard limit of active thread count for incoming connections, i.e. operation -# is refused when this value is reached (below zero = unlimited). -# MaxConThreads: -1 -# -# Pigeonholing files with regular expressions (static/volatile). Can be -# overriden here but not should not be done permanently because future update -# of default settings would not be applied later. -# VfilePattern = (^|.*?/)(Index|Packages(\.gz|\.bz2|\.lzma|\.xz)?|InRelease|Release|Release\.gpg|Sources(\.gz|\.bz2|\.lzma|\.xz)?|release|index\.db-.*\.gz|Contents-[^/]*(\.gz|\.bz2|\.lzma|\.xz)?|pkglist[^/]*\.bz2|rclist[^/]*\.bz2|/meta-release[^/]*|Translation[^/]*(\.gz|\.bz2|\.lzma|\.xz)?|MD5SUMS|SHA1SUMS|((setup|setup-legacy)(\.ini|\.bz2|\.hint)(\.sig)?)|mirrors\.lst|repo(index|md)\.xml(\.asc|\.key)?|directory\.yast|products|content(\.asc|\.key)?|media|filelists\.xml\.gz|filelists\.sqlite\.bz2|repomd\.xml|packages\.[a-zA-Z][a-zA-Z]\.gz|info\.txt|license\.tar\.gz|license\.zip|.*\.db(\.tar\.gz)?|.*\.files\.tar\.gz|.*\.abs\.tar\.gz|metalink\?repo|.*prestodelta\.xml\.gz)$|/dists/.*/installer-[^/]+/[^0-9][^/]+/images/.* -# PfilePattern = .*(\.d?deb|\.rpm|\.dsc|\.tar(\.gz|\.bz2|\.lzma|\.xz)(\.gpg)?|\.diff(\.gz|\.bz2|\.lzma|\.xz)|\.jigdo|\.template|changelog|copyright|\.udeb|\.debdelta|\.diff/.*\.gz|(Devel)?ReleaseAnnouncement(\?.*)?|[a-f0-9]+-(susedata|updateinfo|primary|deltainfo).xml.gz|fonts/(final/)?[a-z]+32.exe(\?download.*)?|/dists/.*/installer-[^/]+/[0-9][^/]+/images/.*)$ -# Whitelist for expiration, file types not to be removed even when being -# unreferenced. Default: many parts from VfilePattern where no parent index -# exists or might be unknown. -# WfilePattern = (^|.*?/)(Release|InRelease|Release\.gpg|(Packages|Sources)(\.gz|\.bz2|\.lzma|\.xz)?|Translation[^/]*(\.gz|\.bz2|\.lzma|\.xz)?|MD5SUMS|SHA1SUMS|.*\.xml|.*\.db\.tar\.gz|.*\.files\.tar\.gz|.*\.abs\.tar\.gz|[a-z]+32.exe)$|/dists/.*/installer-.*/images/.* - -# Higher modes only working with the debug version -# Warning, writes a lot into apt-cacher.err logfile -# Value overwrites UnbufferLogs setting (aliased) -# Debug:3 - -# Usually, general purpose proxies like Squid expose the IP address of the -# client user to the remote server using the X-Forwarded-For HTTP header. This -# behaviour can be optionally turned on with the Expose-Origin option. -# ExposeOrigin: 0 - -# When logging the originating IP address, trust the information supplied by -# the client in the X-Forwarded-For header. -# LogSubmittedOrigin: 0 - -# The version string reported to the peer, to be displayed as HTTP client (and -# version) in the logs of the mirror. -# WARNING: some archives use this header to detect/guess capabilities of the -# client (i.e. redirection support) and change the behaviour accordingly, while -# ACNG might not support the expected features. Expect side effects. -# -# UserAgent: Yet Another HTTP Client/1.2.3p4 - -# In some cases the Import and Expiration tasks might create fresh volatile -# data for internal use by reconstructing them using patch files. This -# by-product might be recompressed with bzip2 and with some luck the resulting -# file becomes identical to the *.bz2 file on the server, usable for APT -# clients trying to fetch the full .bz2 compressed version. Injection of the -# generated files into the cache has however a disadvantage on underpowered -# servers: bzip2 compression can create high load on the server system and the -# visible download of the busy .bz2 files also becomes slower. -# -# RecompBz2: 0 - -# Network timeout for outgoing connections. -# NetworkTimeout: 60 - -# Sometimes it makes sense to not store the data in cache and just return the -# package data to client as it comes in. DontCache parameters can enable this -# behaviour for certain URL types. The tokens are extended regular expressions -# that URLs are matched against. -# -# DontCacheRequested is applied to the URL as it comes in from the client. -# Example: exclude packages built with kernel-package for x86 -# DontCacheRequested: linux-.*_10\...\.Custo._i386 -# Example usecase: exclude popular private IP ranges from caching -# DontCacheRequested: 192.168.0 ^10\..* 172.30 -# -# DontCacheResolved is applied to URLs after mapping to the target server. If -# multiple backend servers are specified then it's only matched against the -# download link for the FIRST possible source (due to implementation limits). -# Example usecase: all Ubuntu stuff comes from a local mirror (specified as -# backend), don't cache it again: -# DontCacheResolved: ubuntumirror.local.net -# -# DontCache directive sets (overrides) both, DontCacheResolved and -# DontCacheRequested. Provided for convenience, see those directives for -# details. -# -# Default permission set of freshly created files and directories, as octal -# numbers (see chmod(1) for details). -# Can by limited by the umask value (see umask(2) for details) if it's set in -# the environment of the starting shell, e.g. in apt-cacher-ng init script or -# in its configuration file. -# DirPerms: 00755 -# FilePerms: 00664 -# -# -# It's possible to use use apt-cacher-ng as a regular web server with limited -# feature set, i.e. -# including directory browsing and download of any file; -# excluding sorting, mime types/encodings, CGI execution, index page -# redirection and other funny things. -# To get this behavior, mappings between virtual directories and real -# directories on the server must be defined with the LocalDirs directive. -# Virtual and real dirs are separated by spaces, multiple pairs are separated -# by semi-colons. Real directories must be absolute paths. -# NOTE: Since the names of that key directories share the same namespace as -# repository names (see Remap-...) it's administrators job to avoid such -# collisions on them (unless created deliberately). -# -# LocalDirs: woo /data/debarchive/woody ; hamm /data/debarchive/hamm - -# Precache a set of files referenced by specified index files. This can be used -# to create a partial mirror usable for offline work. There are certain limits -# and restrictions on the path specification, see manual for details. A list of -# (maybe) relevant index files could be retrieved via -# "apt-get --print-uris update" on a client machine. -# -# PrecacheFor: debrep/dists/unstable/*/source/Sources* debrep/dists/unstable/*/binary-amd64/Packages* - -# Arbitrary set of data to append to request headers sent over the wire. Should -# be a well formated HTTP headers part including newlines (DOS style) which -# can be entered as escape sequences (\r\n). -# RequestAppendix: X-Tracking-Choice: do-not-track\r\n - -# Specifies the IP protocol families to use for remote connections. Order does -# matter, first specified are considered first. Possible combinations: -# v6 v4 -# v4 v6 -# v6 -# v4 -# (empty or not set: use system default) -# -# ConnectProto: v6 v4 - -# Regular expiration algorithm finds package files which are no longer listed -# in any index file and removes them of them after a safety period. -# This option allows to keep more versions of a package in the cache after -# safety period is over. -# KeepExtraVersions: 1 - -# Optionally uses TCP access control provided by libwrap, see hosts_access(5) -# for details. Daemon name is apt-cacher-ng. Default if not set: decided on -# startup by looking for explicit mentioning of apt-cacher-ng in -# /etc/hosts.allow or /etc/hosts.deny files. -# UseWrap: 0 - -# If many machines from the same local network attempt to update index files -# (apt-get update) at nearly the same time, the known state of these index file -# is temporarily frozen and multiple requests receive the cached response -# without contacting the server. This parameter (in seconds) specifies the -# length of this period before the files are considered outdated. -# Setting it too low transfers more data and increases remote server load, -# setting it too high (more than a couple of minutes) increases the risk of -# delivering inconsistent responses to the clients. -# FreshIndexMaxAge: 27 - -# Usually the users are not allowed to specify custom TCP ports of remote -# mirrors in the requests, only the default HTTP port can be used (instead, -# proxy administrator can create Remap- rules with custom ports). This -# restriction can be disabled by specifying a list of allowed ports or 0 for -# any port. -# -# AllowUserPorts: 80 - -# Normally the HTTP redirection responses are forwarded to the original caller -# (i.e. APT) which starts a new download attempt from the new URL. This -# solution is ok for client configurations with proxy mode but doesn't work -# well with configurations using URL prefixes. To work around this the server -# can restart its own download with another URL. However, this might be used to -# circumvent download source policies by malicious users. -# The RedirMax option specifies how many such redirects the server should -# follow per request, 0 disables the internal redirection. If not set, -# default value is 0 if ForceManaged is used and 5 otherwise. -# -# RedirMax: 5 diff --git a/cookbooks/build-essential/.foodcritic b/cookbooks/build-essential/.foodcritic deleted file mode 100644 index b9f8767..0000000 --- a/cookbooks/build-essential/.foodcritic +++ /dev/null @@ -1 +0,0 @@ -~FC016 diff --git a/cookbooks/build-essential/MAINTAINERS.md b/cookbooks/build-essential/MAINTAINERS.md deleted file mode 100644 index 645ed14..0000000 --- a/cookbooks/build-essential/MAINTAINERS.md +++ /dev/null @@ -1,15 +0,0 @@ - - -# Maintainers - -This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead. - -Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead. - -# Project Maintainer -* [Tim Smith](https://github.com/tas50) - -# Maintainers -* [Jennifer Davis](https://github.com/sigje) -* [Tim Smith](https://github.com/tas50) -* [Thom May](https://github.com/thommay) diff --git a/cookbooks/build-essential/libraries/matchers.rb b/cookbooks/build-essential/libraries/matchers.rb deleted file mode 100644 index d4d1bd4..0000000 --- a/cookbooks/build-essential/libraries/matchers.rb +++ /dev/null @@ -1,9 +0,0 @@ -if defined?(ChefSpec) - def install_xcode_command_line_tools(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:xcode_command_line_tools, :install, resource_name) - end - - def install_build_essential(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:build_essential, :install, resource_name) - end -end diff --git a/cookbooks/nodejs/Gemfile b/cookbooks/nodejs/Gemfile deleted file mode 100644 index 367391d..0000000 --- a/cookbooks/nodejs/Gemfile +++ /dev/null @@ -1,20 +0,0 @@ -source 'https://rubygems.org' - -gem 'rake' -gem 'stove' - -group :lint do - gem 'foodcritic', '~> 8.1' - gem 'cookstyle' -end - -group :unit do - gem 'berkshelf', '~> 5.1' - gem 'chefspec', '~> 5.2' -end - -group :kitchen do - gem 'test-kitchen', '~> 1.13' - gem 'kitchen-vagrant', '~> 0.20' - gem 'kitchen-inspec', '~> 0.15' -end diff --git a/cookbooks/nodejs/LICENSE b/cookbooks/nodejs/LICENSE deleted file mode 100644 index 8f71f43..0000000 --- a/cookbooks/nodejs/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright {yyyy} {name of copyright owner} - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - diff --git a/cookbooks/nodejs/chefignore b/cookbooks/nodejs/chefignore deleted file mode 100644 index a976917..0000000 --- a/cookbooks/nodejs/chefignore +++ /dev/null @@ -1,102 +0,0 @@ -# Put files/directories that should be ignored in this file when uploading -# to a chef-server or supermarket. -# Lines that start with '# ' are comments. - -# OS generated files # -###################### -.DS_Store -Icon? -nohup.out -ehthumbs.db -Thumbs.db - -# SASS # -######## -.sass-cache - -# EDITORS # -########### -\#* -.#* -*~ -*.sw[a-z] -*.bak -REVISION -TAGS* -tmtags -*_flymake.* -*_flymake -*.tmproj -.project -.settings -mkmf.log - -## COMPILED ## -############## -a.out -*.o -*.pyc -*.so -*.com -*.class -*.dll -*.exe -*/rdoc/ - -# Testing # -########### -.watchr -.rspec -spec/* -spec/fixtures/* -test/* -features/* -examples/* -Guardfile -Procfile -.kitchen* -.rubocop.yml -spec/* -Rakefile -.travis.yml -.foodcritic -.codeclimate.yml - -# SCM # -####### -.git -*/.git -.gitignore -.gitmodules -.gitconfig -.gitattributes -.svn -*/.bzr/* -*/.hg/* -*/.svn/* - -# Berkshelf # -############# -Berksfile -Berksfile.lock -cookbooks/* -tmp - -# Cookbooks # -############# -CONTRIBUTING* -CHANGELOG* -TESTING* -MAINTAINERS.toml - -# Strainer # -############ -Colanderfile -Strainerfile -.colander -.strainer - -# Vagrant # -########### -.vagrant -Vagrantfile diff --git a/cookbooks/nodejs/libraries/matchers.rb b/cookbooks/nodejs/libraries/matchers.rb deleted file mode 100644 index 32f4704..0000000 --- a/cookbooks/nodejs/libraries/matchers.rb +++ /dev/null @@ -1,11 +0,0 @@ -if defined?(ChefSpec) - ChefSpec.define_matcher :nodejs_npm - - def install_nodejs_npm(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:nodejs_npm, :install, resource_name) - end - - def uninstall_nodejs_npm(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:nodejs_npm, :uninstall, resource_name) - end -end diff --git a/cookbooks/nodejs/providers/npm.rb b/cookbooks/nodejs/providers/npm.rb deleted file mode 100644 index f8a407d..0000000 --- a/cookbooks/nodejs/providers/npm.rb +++ /dev/null @@ -1,64 +0,0 @@ -include NodeJs::Helper - -use_inline_resources - -action :install do - execute "install NPM package #{new_resource.name}" do - cwd new_resource.path - command "npm install #{npm_options}" - user new_resource.user - group new_resource.group - environment npm_env_vars - not_if { package_installed? } - end -end - -action :uninstall do - execute "uninstall NPM package #{new_resource.package}" do - cwd new_resource.path - command "npm uninstall #{npm_options}" - user new_resource.user - group new_resource.group - environment npm_env_vars - only_if { package_installed? } - end -end - -def npm_env_vars - env_vars = {} - env_vars['HOME'] = ::Dir.home(new_resource.user) if new_resource.user - env_vars['USER'] = new_resource.user if new_resource.user - env_vars['NPM_TOKEN'] = new_resource.npm_token if new_resource.npm_token - - env_vars -end - -def package_installed? - new_resource.package && npm_package_installed?(new_resource.package, new_resource.version, new_resource.path, new_resource.npm_token) -end - -def npm_options - options = '' - options << ' -global' unless new_resource.path - new_resource.options.each do |option| - options << " #{option}" - end - options << " #{npm_package}" -end - -def npm_package - if new_resource.json - return new_resource.json.is_a?(String) ? new_resource.json : nil - elsif new_resource.url - return new_resource.url - elsif new_resource.package - return new_resource.version ? "#{new_resource.package}@#{new_resource.version}" : new_resource.package - else - Chef::Log.error("No good options found to install #{new_resource.name}") - end -end - -def initialize(*args) - super - @run_context.include_recipe 'nodejs::npm' -end diff --git a/cookbooks/nodejs/resources/npm.rb b/cookbooks/nodejs/resources/npm.rb deleted file mode 100644 index d7a5ecb..0000000 --- a/cookbooks/nodejs/resources/npm.rb +++ /dev/null @@ -1,34 +0,0 @@ -# -# Cookbook Name:: nodejs -# Resource:: npm -# -# Author:: Sergey Balbeko -# -# Copyright 2012, Sergey Balbeko -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -actions :install, :uninstall -default_action :install - -attribute :package, name_attribute: true -attribute :version, kind_of: String -attribute :path, kind_of: String -attribute :url, kind_of: String -attribute :json, kind_of: [String, TrueClass] -attribute :npm_token, kind_of: String -attribute :options, kind_of: Array, default: [] - -attribute :user, kind_of: String -attribute :group, kind_of: String diff --git a/cookbooks/poise-javascript/LICENSE b/cookbooks/poise-javascript/LICENSE deleted file mode 100644 index 11069ed..0000000 --- a/cookbooks/poise-javascript/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - -2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - -3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - -4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - -5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - -6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - -8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - -Copyright [yyyy] [name of copyright owner] - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/sudo/MAINTAINERS.md b/cookbooks/sudo/MAINTAINERS.md deleted file mode 100644 index 645ed14..0000000 --- a/cookbooks/sudo/MAINTAINERS.md +++ /dev/null @@ -1,15 +0,0 @@ - - -# Maintainers - -This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead. - -Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead. - -# Project Maintainer -* [Tim Smith](https://github.com/tas50) - -# Maintainers -* [Jennifer Davis](https://github.com/sigje) -* [Tim Smith](https://github.com/tas50) -* [Thom May](https://github.com/thommay) diff --git a/cookbooks/sudo/libraries/matchers.rb b/cookbooks/sudo/libraries/matchers.rb deleted file mode 100644 index 3f3ec4b..0000000 --- a/cookbooks/sudo/libraries/matchers.rb +++ /dev/null @@ -1,9 +0,0 @@ -if defined?(ChefSpec) - def install_sudo(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:sudo, :install, resource_name) - end - - def remove_sudo(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:sudo, :remove, resource_name) - end -end diff --git a/cookbooks/sudo/providers/default.rb b/cookbooks/sudo/providers/default.rb deleted file mode 100644 index 03e0a2b..0000000 --- a/cookbooks/sudo/providers/default.rb +++ /dev/null @@ -1,165 +0,0 @@ -# -# Author:: Bryan W. Berry () -# Author:: Seth Vargo () -# Cookbook:: sudo -# Provider:: default -# -# Copyright:: 2011-2016, Bryan w. Berry -# Copyright:: 2012-2016, Seth Vargo -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -use_inline_resources - -# This LWRP supports whyrun mode -def whyrun_supported? - true -end - -# Ensure that the inputs are valid (we cannot just use the resource for this) -def check_inputs(user, group, foreign_template, _foreign_vars) - # if group, user, and template are nil, throw an exception - if user.nil? && group.nil? && foreign_template.nil? - raise 'You must provide a user, group, or template!' - elsif !user.nil? && !group.nil? && !template.nil? - raise 'You cannot specify user, group, and template!' - end -end - -# Validate the given resource (template) by writing it out to a file and then -# ensuring that file's contents pass `visudo -c` -def validate_fragment!(resource) - file = Tempfile.new('sudoer') - - begin - file.write(capture(resource)) - file.rewind - - cmd = Mixlib::ShellOut.new("visudo -cf #{file.path}").run_command - unless cmd.exitstatus == 0 - Chef::Log.error("Fragment validation failed: \n\n") - Chef::Log.error(file.read) - Chef::Application.fatal!("Template #{file.path} failed fragment validation!") - end - ensure - file.close - file.unlink - end -end - -# Render a single sudoer template. This method has two modes: -# 1. using the :template option - the user can specify a template -# that exists in the local cookbook for writing out the attributes -# 2. using the built-in template (recommended) - simply pass the -# desired variables to the method and the correct template will be -# written out for the user -def render_sudoer - if new_resource.template - Chef::Log.debug('Template attribute provided, all other attributes ignored.') - - resource = template "#{node['authorization']['sudo']['prefix']}/sudoers.d/#{sudo_filename}" do - source new_resource.template - owner 'root' - group node['root_group'] - mode '0440' - variables new_resource.variables - action :nothing - end - else - sudoer = new_resource.user || ("%#{new_resource.group}".squeeze('%') if new_resource.group) - - resource = template "#{node['authorization']['sudo']['prefix']}/sudoers.d/#{sudo_filename}" do - source 'sudoer.erb' - cookbook 'sudo' - owner 'root' - group node['root_group'] - mode '0440' - variables sudoer: sudoer, - host: new_resource.host, - runas: new_resource.runas, - nopasswd: new_resource.nopasswd, - noexec: new_resource.noexec, - commands: new_resource.commands, - command_aliases: new_resource.command_aliases, - defaults: new_resource.defaults, - setenv: new_resource.setenv, - env_keep_add: new_resource.env_keep_add, - env_keep_subtract: new_resource.env_keep_subtract - action :nothing - end - end - - # Ensure that, adding this sudoer, would not break sudo - validate_fragment!(resource) - - resource.run_action(:create) - - # Return whether the resource was updated so we can notify in the action - resource.updated_by_last_action? -end - -# Default action - install a single sudoer -action :install do - target = "#{node['authorization']['sudo']['prefix']}/sudoers.d/" - - package 'sudo' do - not_if 'which sudo' - end - - unless ::File.exist?(target) - sudoers_dir = directory target - sudoers_dir.run_action(:create) - end - - Chef::Log.warn("#{sudo_filename} will be rendered, but will not take effect because node['authorization']['sudo']['include_sudoers_d'] is set to false!") unless node['authorization']['sudo']['include_sudoers_d'] - new_resource.updated_by_last_action(true) if render_sudoer -end - -# Removes a user from the sudoers group -action :remove do - resource = file "#{node['authorization']['sudo']['prefix']}/sudoers.d/#{sudo_filename}" do - action :nothing - end - resource.run_action(:delete) - new_resource.updated_by_last_action(true) if resource.updated_by_last_action? -end - -private - -# acording to the sudo man pages sudo will ignore files in an include dir that have a `.` or `~` -# We convert either to `__` -def sudo_filename - new_resource.name.gsub(/[\.~]/, '__') -end - -# Capture a template to a string -def capture(template) - context = {} - context.merge!(template.variables) - context[:node] = node - - eruby = Erubis::Eruby.new(::File.read(template_location(template))) - eruby.evaluate(context) -end - -# Find the template -def template_location(template) - if template.local - template.source - else - context = template.instance_variable_get('@run_context') - cookbook = context.cookbook_collection[template.cookbook || template.cookbook_name] - cookbook.preferred_filename_on_disk_location(node, :templates, template.source) - end -end diff --git a/cookbooks/users/MAINTAINERS.md b/cookbooks/users/MAINTAINERS.md deleted file mode 100644 index 03c819f..0000000 --- a/cookbooks/users/MAINTAINERS.md +++ /dev/null @@ -1,15 +0,0 @@ - - -# Maintainers - -This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead. - -Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead. - -# Project Maintainer -* [Jennifer Davis](https://github.com/sigje) - -# Maintainers -* [Jennifer Davis](https://github.com/sigje) -* [Tim Smith](https://github.com/tas50) -* [Thom May](https://github.com/thommay)