Move the firewall and backup recipes outside of the custom resource

See the comment for more details
2019-12-04 17:33:41 +01:00 · 2019-12-04 17:33:41 +01:00 · 4e7d453942
commit 4e7d453942
parent e24cd01287
2 changed files with 18 additions and 11 deletions
--- a/site-cookbooks/kosmos-dirsrv/recipes/default.rb
+++ b/site-cookbooks/kosmos-dirsrv/recipes/default.rb
@ -31,3 +31,21 @@ dirsrv_instance "master" do
  admin_password credentials['admin_password']
  suffix "dc=kosmos,dc=org"
 end
+
+# FIXME: The firewall and backup recipes do not work in the custom resource, so
+# the code lives here for now. The issue is described here, but I think messing
+# with the run context is confusing:
+#
+# https://github.com/chef-cookbooks/firewall/issues/134
+unless node.chef_environment == "development"
+  include_recipe "firewall"
+  firewall_rule "ldap" do
+    port     [389, 636]
+    protocol :tcp
+    command  :allow
+  end
+
+  # backup the data dir and the config files
+  node.override["backup"]["archives"]["dirsrv"] = ["/etc/dirsrv", "/var/lib/dirsrv"]
+  include_recipe "backup"
+end
--- a/site-cookbooks/kosmos-dirsrv/resources/instance.rb
+++ b/site-cookbooks/kosmos-dirsrv/resources/instance.rb
@ -110,16 +110,5 @@ action :create do
      sensitive true
      action :nothing
    end
-
-    include_recipe "firewall"
-    firewall_rule "ldap" do
-      port     [config[:port], 636]
-      protocol :tcp
-      command  :allow
-    end
-
-    # backup the data dir and the config files
-    node.override["backup"]["archives"]["dirsrv"] = ["/etc/dirsrv", "/var/lib/dirsrv"]
-    include_recipe "backup"
  end
 end