diff --git a/Batali b/Batali index f4c3a18..2e8ac02 100644 --- a/Batali +++ b/Batali @@ -14,11 +14,11 @@ Batali.define do ref: 'relax_dependencies' cookbook 'postfix' cookbook 'unattended-upgrades' - cookbook 'poise-ruby-build', '~> 1.1.0' - cookbook 'application' + cookbook 'poise-ruby-build', '~> 1.1.0' + cookbook 'application', '~> 5.2.0' cookbook 'application_javascript' cookbook 'application_ruby' - cookbook 'application_git' + cookbook 'application_git', '~> 1.1.0' # 1.2.0 doesn't work with knife-solo cookbook 'users' cookbook 'sudo' cookbook 'hostname' @@ -27,7 +27,7 @@ Batali.define do ref: 'v0.5.6' cookbook 'ufw' cookbook 'firewall' - cookbook 'nginx' + cookbook 'chef_nginx' cookbook 'build-essential' cookbook 'mysql' cookbook 'postgresql', '~> 6.1' diff --git a/batali.manifest b/batali.manifest index 532457c..b6dcb72 100644 --- a/batali.manifest +++ b/batali.manifest @@ -21,7 +21,7 @@ "> 0" ], [ - "nginx", + "chef_nginx", "> 0" ], [ @@ -33,10 +33,10 @@ "> 0" ] ], - "version": "0.2.0", + "version": "0.3.0", "source": { "url": "https://github.com/67P/mediawiki-cookbook.git", - "ref": "41d3c5129b5a6cd9c473e99339885bc1feac5d57", + "ref": "8da675abc28b1b1ccf00d32df8a1923208e762c9", "type": "Batali::Source::Git", "subdirectory": null } @@ -361,107 +361,34 @@ } }, { - "name": "nginx", + "name": "chef_nginx", "dependencies": [ - [ - "apt", - "~> 2.2" - ], - [ - "bluepill", - "~> 2.3" - ], [ "build-essential", - "~> 2.0" + ">= 0.0.0" ], [ "ohai", - "~> 2.0" - ], - [ - "runit", - "~> 1.2" + ">= 4.1.0" ], [ "yum-epel", - "~> 0.3" - ] - ], - "version": "2.7.6", - "source": { - "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/nginx/versions/2.7.6/download", - "version": "2.7.6" - } - }, - { - "name": "apt", - "dependencies": [ - - ], - "version": "2.9.2", - "source": { - "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/apt/versions/2.9.2/download", - "version": "2.9.2" - } - }, - { - "name": "bluepill", - "dependencies": [ + ">= 0.0.0" + ], [ - "rsyslog", - ">= 2.0" - ] - ], - "version": "2.4.3", - "source": { - "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/bluepill/versions/2.4.3/download", - "version": "2.4.3" - } - }, - { - "name": "rsyslog", - "dependencies": [ - - ], - "version": "2.2.0", - "source": { - "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/rsyslog/versions/2.2.0/download", - "version": "2.2.0" - } - }, - { - "name": "build-essential", - "dependencies": [ + "compat_resource", + ">= 12.16.3" + ], [ - "7-zip", + "zypper", ">= 0.0.0" ] ], - "version": "2.4.0", + "version": "6.0.2", "source": { "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/build-essential/versions/2.4.0/download", - "version": "2.4.0" - } - }, - { - "name": "7-zip", - "dependencies": [ - [ - "windows", - ">= 1.2.2" - ] - ], - "version": "1.0.2", - "source": { - "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/7-zip/versions/1.0.2/download", - "version": "1.0.2" + "url": "https://supermarket.chef.io:443/api/v1/cookbooks/chef_nginx/versions/6.0.2/download", + "version": "6.0.2" } }, { @@ -469,53 +396,23 @@ "dependencies": [ ], - "version": "2.1.0", + "version": "5.0.4", "source": { "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/ohai/versions/2.1.0/download", - "version": "2.1.0" + "url": "https://supermarket.chef.io:443/api/v1/cookbooks/ohai/versions/5.0.4/download", + "version": "5.0.4" } }, { - "name": "runit", - "dependencies": [ - [ - "packagecloud", - ">= 0.0.0" - ] - ], - "version": "1.7.6", - "source": { - "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/runit/versions/1.7.6/download", - "version": "1.7.6" - } - }, - { - "name": "packagecloud", + "name": "zypper", "dependencies": [ ], - "version": "0.2.0", + "version": "0.4.0", "source": { "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/packagecloud/versions/0.2.0/download", - "version": "0.2.0" - } - }, - { - "name": "yum-epel", - "dependencies": [ - [ - "yum", - ">= 3.6.3" - ] - ], - "version": "0.7.1", - "source": { - "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/yum-epel/versions/0.7.1/download", - "version": "0.7.1" + "url": "https://supermarket.chef.io:443/api/v1/cookbooks/zypper/versions/0.4.0/download", + "version": "0.4.0" } }, { @@ -564,6 +461,18 @@ "version": "0.3.1" } }, + { + "name": "apt", + "dependencies": [ + + ], + "version": "2.9.2", + "source": { + "type": "Batali::Source::Site", + "url": "https://supermarket.chef.io:443/api/v1/cookbooks/apt/versions/2.9.2/download", + "version": "2.9.2" + } + }, { "name": "php-fpm", "dependencies": [ @@ -624,8 +533,8 @@ ">= 0.3.1" ], [ - "nginx", - "~> 2.7.4" + "chef_nginx", + "> 0" ], [ "php-fpm", @@ -636,10 +545,10 @@ "~> 0.7" ] ], - "version": "3.0.0", + "version": "3.1.0", "source": { "url": "https://github.com/67P/wordpress-cookbook.git", - "ref": "d6401db517476e6f3ab36aa92dfc0f5ed6a8a264", + "ref": "a80b8a17fb823a01b769f690349d745c40fff04c", "type": "Batali::Source::Git", "subdirectory": null } @@ -696,22 +605,30 @@ } }, { - "name": "application", + "name": "poise-ruby-build", "dependencies": [ [ "poise", - "~> 2.4" + "~> 2.0" ], [ - "poise-service", + "poise-build-essential", "~> 1.0" + ], + [ + "poise-git", + "~> 1.0" + ], + [ + "poise-ruby", + "~> 2.1" ] ], - "version": "5.1.0", + "version": "1.1.0", "source": { "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/application/versions/5.1.0/download", - "version": "5.1.0" + "url": "https://supermarket.chef.io:443/api/v1/cookbooks/poise-ruby-build/versions/1.1.0/download", + "version": "1.1.0" } }, { @@ -726,6 +643,112 @@ "version": "2.7.2" } }, + { + "name": "poise-build-essential", + "dependencies": [ + [ + "poise", + "~> 2.6" + ] + ], + "version": "1.0.0", + "source": { + "type": "Batali::Source::Site", + "url": "https://supermarket.chef.io:443/api/v1/cookbooks/poise-build-essential/versions/1.0.0/download", + "version": "1.0.0" + } + }, + { + "name": "poise-git", + "dependencies": [ + [ + "poise", + "~> 2.6" + ], + [ + "poise-languages", + "~> 2.1" + ] + ], + "version": "1.0.0", + "source": { + "type": "Batali::Source::Site", + "url": "https://supermarket.chef.io:443/api/v1/cookbooks/poise-git/versions/1.0.0/download", + "version": "1.0.0" + } + }, + { + "name": "poise-languages", + "dependencies": [ + [ + "poise", + "~> 2.5" + ], + [ + "poise-archive", + "~> 1.0" + ] + ], + "version": "2.1.0", + "source": { + "type": "Batali::Source::Site", + "url": "https://supermarket.chef.io:443/api/v1/cookbooks/poise-languages/versions/2.1.0/download", + "version": "2.1.0" + } + }, + { + "name": "poise-archive", + "dependencies": [ + [ + "poise", + "~> 2.6" + ] + ], + "version": "1.4.0", + "source": { + "type": "Batali::Source::Site", + "url": "https://supermarket.chef.io:443/api/v1/cookbooks/poise-archive/versions/1.4.0/download", + "version": "1.4.0" + } + }, + { + "name": "poise-ruby", + "dependencies": [ + [ + "poise", + "~> 2.0" + ], + [ + "poise-languages", + "~> 2.0" + ] + ], + "version": "2.2.0", + "source": { + "type": "Batali::Source::Site", + "url": "https://supermarket.chef.io:443/api/v1/cookbooks/poise-ruby/versions/2.2.0/download", + "version": "2.2.0" + } + }, + { + "name": "application", + "dependencies": [ + [ + "poise", + "~> 2.4" + ], + [ + "poise-service", + "~> 1.0" + ] + ], + "version": "5.2.0", + "source": { + "type": "Batali::Source::Site", + "url": "https://supermarket.chef.io:443/api/v1/cookbooks/application/versions/5.2.0/download", + "version": "5.2.0" + } + }, { "name": "poise-service", "dependencies": [ @@ -787,40 +810,6 @@ "version": "1.1.0" } }, - { - "name": "poise-languages", - "dependencies": [ - [ - "poise", - "~> 2.5" - ], - [ - "poise-archive", - "~> 1.0" - ] - ], - "version": "2.1.0", - "source": { - "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/poise-languages/versions/2.1.0/download", - "version": "2.1.0" - } - }, - { - "name": "poise-archive", - "dependencies": [ - [ - "poise", - "~> 2.6" - ] - ], - "version": "1.4.0", - "source": { - "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/poise-archive/versions/1.4.0/download", - "version": "1.4.0" - } - }, { "name": "application_ruby", "dependencies": [ @@ -848,25 +837,6 @@ "version": "4.0.1" } }, - { - "name": "poise-ruby", - "dependencies": [ - [ - "poise", - "~> 2.0" - ], - [ - "poise-languages", - "~> 2.0" - ] - ], - "version": "2.2.0", - "source": { - "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/poise-ruby/versions/2.2.0/download", - "version": "2.2.0" - } - }, { "name": "application_git", "dependencies": [ @@ -918,11 +888,11 @@ "dependencies": [ ], - "version": "3.1.0", + "version": "4.0.0", "source": { "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/dmg/versions/3.1.0/download", - "version": "3.1.0" + "url": "https://supermarket.chef.io:443/api/v1/cookbooks/dmg/versions/4.0.0/download", + "version": "4.0.0" } }, { @@ -1123,67 +1093,6 @@ "url": "https://supermarket.chef.io:443/api/v1/cookbooks/logrotate/versions/1.9.2/download", "version": "1.9.2" } - }, - { - "name": "poise-ruby-build", - "dependencies": [ - [ - "poise", - "~> 2.0" - ], - [ - "poise-build-essential", - "~> 1.0" - ], - [ - "poise-git", - "~> 1.0" - ], - [ - "poise-ruby", - "~> 2.1" - ] - ], - "version": "1.1.0", - "source": { - "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/poise-ruby-build/versions/1.1.0/download", - "version": "1.1.0" - } - }, - { - "name": "poise-build-essential", - "dependencies": [ - [ - "poise", - "~> 2.6" - ] - ], - "version": "1.0.0", - "source": { - "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/poise-build-essential/versions/1.0.0/download", - "version": "1.0.0" - } - }, - { - "name": "poise-git", - "dependencies": [ - [ - "poise", - "~> 2.6" - ], - [ - "poise-languages", - "~> 2.1" - ] - ], - "version": "1.0.0", - "source": { - "type": "Batali::Source::Site", - "url": "https://supermarket.chef.io:443/api/v1/cookbooks/poise-git/versions/1.0.0/download", - "version": "1.0.0" - } } ] } \ No newline at end of file diff --git a/cookbooks/7-zip/CHANGELOG.md b/cookbooks/7-zip/CHANGELOG.md deleted file mode 100644 index 183bcf7..0000000 --- a/cookbooks/7-zip/CHANGELOG.md +++ /dev/null @@ -1,13 +0,0 @@ -7-zip Cookbook CHANGELOG -======================== -This file is used to list changes made in each version of the 7-zip cookbook. - - -v1.0.2 ------- -### Improvement -- **[COOK-3476](https://tickets.opscode.com/browse/COOK-3476)** - Upgrade to 7-zip 9.22 - -1.0.0 ------ -- initial release diff --git a/cookbooks/7-zip/README.md b/cookbooks/7-zip/README.md deleted file mode 100644 index 4bfd6be..0000000 --- a/cookbooks/7-zip/README.md +++ /dev/null @@ -1,50 +0,0 @@ -7-zip Cookbook -============== -[7-Zip](http://www.7-zip.org/) is a file archiver with a high compression ratio. This cookbook installs the full 7-zip suite of tools (GUI and CLI). - - -Requirements ------------- -### Platform -- Windows XP -- Windows Vista -- Windows Server 2003 R2 -- Windows 7 -- Windows Server 2008 (R1, R2) -- Windows 8 -- Windows Server 2012 - -### Cookbooks -- windows - - -Attributes ----------- -- `node['7-zip']['home']` - location to install 7-zip files to. default is `%SYSTEMDRIVE%\7-zip` - - -Usage ------ -### default -Downloads and installs 7-zip to the location specified by `node['7-zip']['home']`. Also ensures `node['7-zip']['home']` is in the system path. - - -License & Authors ------------------ -- Author:: Seth Chisamore () - -```text -Copyright:: 2011, Opscode, Inc. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -``` diff --git a/cookbooks/7-zip/attributes/default.rb b/cookbooks/7-zip/attributes/default.rb deleted file mode 100644 index adc1903..0000000 --- a/cookbooks/7-zip/attributes/default.rb +++ /dev/null @@ -1,31 +0,0 @@ -# -# Author:: Seth Chisamore () -# Cookbook Name:: 7-zip -# Attribute:: default -# -# Copyright:: Copyright (c) 2011 Opscode, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -if kernel['machine'] =~ /x86_64/ - default['7-zip']['url'] = "http://downloads.sourceforge.net/sevenzip/7z922-x64.msi" - default['7-zip']['checksum'] = "f09bf515289eea45185a4cc673e3bbc18ce608c55b4cf96e77833435c9cdf3dc" - default['7-zip']['package_name'] = "7-Zip 9.22 (x64 edition)" -else - default['7-zip']['url'] = "http://downloads.sourceforge.net/sevenzip/7z922.msi" - default['7-zip']['checksum'] = "86df264d22c3dd3ab80cb55a118da2d41bdd95c2db2cd09a6bbdf48f069e3d7a" - default['7-zip']['package_name'] = "7-Zip 9.22" -end - -default['7-zip']['home'] = "#{ENV['SYSTEMDRIVE']}\\7-zip" diff --git a/cookbooks/7-zip/metadata.json b/cookbooks/7-zip/metadata.json deleted file mode 100644 index 98ab32d..0000000 --- a/cookbooks/7-zip/metadata.json +++ /dev/null @@ -1,31 +0,0 @@ -{ - "name": "7-zip", - "version": "1.0.2", - "description": "Installs/Configures the 7-zip file archiver", - "long_description": "7-zip Cookbook\n==============\n[7-Zip](http://www.7-zip.org/) is a file archiver with a high compression ratio. This cookbook installs the full 7-zip suite of tools (GUI and CLI).\n\n\nRequirements\n------------\n### Platform\n- Windows XP\n- Windows Vista\n- Windows Server 2003 R2\n- Windows 7\n- Windows Server 2008 (R1, R2)\n- Windows 8\n- Windows Server 2012\n\n### Cookbooks\n- windows\n\n\nAttributes\n----------\n- `node['7-zip']['home']` - location to install 7-zip files to. default is `%SYSTEMDRIVE%\\7-zip`\n\n\nUsage\n-----\n### default\nDownloads and installs 7-zip to the location specified by `node['7-zip']['home']`. Also ensures `node['7-zip']['home']` is in the system path.\n\n\nLicense & Authors\n-----------------\n- Author:: Seth Chisamore ()\n\n```text\nCopyright:: 2011, Opscode, Inc.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n", - "maintainer": "Opscode, Inc.", - "maintainer_email": "cookbooks@opscode.com", - "license": "Apache 2.0", - "platforms": { - "windows": ">= 0.0.0" - }, - "dependencies": { - "windows": ">= 1.2.2" - }, - "recommendations": { - }, - "suggestions": { - }, - "conflicting": { - }, - "providing": { - }, - "replacing": { - }, - "attributes": { - }, - "groupings": { - }, - "recipes": { - } -} \ No newline at end of file diff --git a/cookbooks/7-zip/metadata.rb b/cookbooks/7-zip/metadata.rb deleted file mode 100644 index fa83e9f..0000000 --- a/cookbooks/7-zip/metadata.rb +++ /dev/null @@ -1,10 +0,0 @@ -name "7-zip" -maintainer "Opscode, Inc." -maintainer_email "cookbooks@opscode.com" -license "Apache 2.0" -description "Installs/Configures the 7-zip file archiver" -long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version "1.0.2" -supports "windows" - -depends "windows", ">= 1.2.2" diff --git a/cookbooks/7-zip/recipes/default.rb b/cookbooks/7-zip/recipes/default.rb deleted file mode 100644 index 155cbb6..0000000 --- a/cookbooks/7-zip/recipes/default.rb +++ /dev/null @@ -1,31 +0,0 @@ -# -# Author:: Seth Chisamore () -# Cookbook Name:: 7-zip -# Recipe:: default -# -# Copyright 2011, Opscode, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -windows_package node['7-zip']['package_name'] do - source node['7-zip']['url'] - checksum node['7-zip']['checksum'] - options "INSTALLDIR=\"#{node['7-zip']['home']}\"" - action :install -end - -# update path -windows_path node['7-zip']['home'] do - action :add -end diff --git a/cookbooks/application/CHANGELOG.md b/cookbooks/application/CHANGELOG.md index 1a4498d..74c8643 100644 --- a/cookbooks/application/CHANGELOG.md +++ b/cookbooks/application/CHANGELOG.md @@ -1,8 +1,13 @@ # Application Changelog +## v5.2.0 + +* Add `application_directory` resource. +* Chef 13 compatibility. + ## v5.1.0 -* Add `application_cookbook_file`, `application_file`, and `application_template resources. +* Add `application_cookbook_file`, `application_file`, and `application_template` resources. ## v5.0.0 diff --git a/cookbooks/application/README.md b/cookbooks/application/README.md index 6089ca3..3696a6e 100644 --- a/cookbooks/application/README.md +++ b/cookbooks/application/README.md @@ -137,9 +137,9 @@ end * `action_on_update_immediately` – Run the `action_on_update` notification with `:immediately`. *(default: false)* -### `application_cookbook_file`, `application_file`, `application_template` +### `application_cookbook_file`, `application_directory`, `application_file`, `application_template` -The `application_cookbook_file`, `application_file`, and `application_template` +The `application_cookbook_file`, `application_directory`, `application_file`, and `application_template` resources extend the core Chef resources to take some application-level configuration in to account: @@ -148,6 +148,7 @@ application '/opt/myapp' do template 'myapp.conf' do source 'myapp.conf.erb' end + directory 'logs' end ``` @@ -163,9 +164,9 @@ Some test recipes are available as examples for common application frameworks: * [Sinatra](https://github.com/poise/application_ruby/blob/master/test/cookbooks/application_ruby_test/recipes/sinatra.rb) * [Rails](https://github.com/poise/application_ruby/blob/master/test/cookbooks/application_ruby_test/recipes/rails.rb) -* [Flask](https://github.com/poise/application_python/blob/master/test/cookbooks/application_python_test/recipes/flask.rb) -* [Django](https://github.com/poise/application_python/blob/master/test/cookbooks/application_python_test/recipes/django.rb) -* [Express](https://github.com/poise/application_javascript/blob/master/test/cookbooks/application_javascript_test/recipes/express.rb) +* [Flask](https://github.com/poise/application_python/blob/master/test/cookbook/recipes/flask.rb) +* [Django](https://github.com/poise/application_python/blob/master/test/cookbook/recipes/django.rb) +* [Express](https://github.com/poise/application_javascript/blob/master/test/cookbook/recipes/express.rb) ## Upgrading From 4.x @@ -244,7 +245,7 @@ The Poise test server infrastructure is sponsored by [Rackspace](https://rackspa ## License -Copyright 2015, Noah Kantrowitz +Copyright 2015-2016, Noah Kantrowitz Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/cookbooks/application/files/halite_gem/poise_application.rb b/cookbooks/application/files/halite_gem/poise_application.rb index 13c9825..8d771c4 100644 --- a/cookbooks/application/files/halite_gem/poise_application.rb +++ b/cookbooks/application/files/halite_gem/poise_application.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/application/files/halite_gem/poise_application/app_file_mixin.rb b/cookbooks/application/files/halite_gem/poise_application/app_file_mixin.rb index 9f4a377..8ad14a9 100644 --- a/cookbooks/application/files/halite_gem/poise_application/app_file_mixin.rb +++ b/cookbooks/application/files/halite_gem/poise_application/app_file_mixin.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -48,10 +48,13 @@ module PoiseApplication # @return [String, Integer] attribute(:group, kind_of: [String, Integer, NilClass], default: lazy { parent && parent.group }) - # @!attribute user + # @!attribute owner # Override the default user to be the app owner if unspecified. # @return [String, Integer] - attribute(:user, kind_of: [String, Integer, NilClass], default: lazy { parent && parent.owner }) + attribute(:owner, kind_of: [String, Integer, NilClass], default: lazy { parent && parent.owner }) + + # For the forgetful. + alias_method :user, :owner end module Provider diff --git a/cookbooks/application/files/halite_gem/poise_application/app_mixin.rb b/cookbooks/application/files/halite_gem/poise_application/app_mixin.rb index 7ce3d53..611d1f8 100644 --- a/cookbooks/application/files/halite_gem/poise_application/app_mixin.rb +++ b/cookbooks/application/files/halite_gem/poise_application/app_mixin.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/application/files/halite_gem/poise_application/cheftie.rb b/cookbooks/application/files/halite_gem/poise_application/cheftie.rb index 622ba83..52e47b2 100644 --- a/cookbooks/application/files/halite_gem/poise_application/cheftie.rb +++ b/cookbooks/application/files/halite_gem/poise_application/cheftie.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/application/files/halite_gem/poise_application/error.rb b/cookbooks/application/files/halite_gem/poise_application/error.rb index 4156956..ed43760 100644 --- a/cookbooks/application/files/halite_gem/poise_application/error.rb +++ b/cookbooks/application/files/halite_gem/poise_application/error.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/application/files/halite_gem/poise_application/resources.rb b/cookbooks/application/files/halite_gem/poise_application/resources.rb index 4797a80..31129bd 100644 --- a/cookbooks/application/files/halite_gem/poise_application/resources.rb +++ b/cookbooks/application/files/halite_gem/poise_application/resources.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,6 +16,7 @@ require 'poise_application/resources/application' require 'poise_application/resources/application_cookbook_file' +require 'poise_application/resources/application_directory' require 'poise_application/resources/application_file' require 'poise_application/resources/application_template' diff --git a/cookbooks/application/files/halite_gem/poise_application/resources/application.rb b/cookbooks/application/files/halite_gem/poise_application/resources/application.rb index e0efbf2..524a124 100644 --- a/cookbooks/application/files/halite_gem/poise_application/resources/application.rb +++ b/cookbooks/application/files/halite_gem/poise_application/resources/application.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/application/files/halite_gem/poise_application/resources/application_cookbook_file.rb b/cookbooks/application/files/halite_gem/poise_application/resources/application_cookbook_file.rb index bcb6830..aeb6ead 100644 --- a/cookbooks/application/files/halite_gem/poise_application/resources/application_cookbook_file.rb +++ b/cookbooks/application/files/halite_gem/poise_application/resources/application_cookbook_file.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/application/files/halite_gem/poise_application/resources/application_directory.rb b/cookbooks/application/files/halite_gem/poise_application/resources/application_directory.rb new file mode 100644 index 0000000..a32bef5 --- /dev/null +++ b/cookbooks/application/files/halite_gem/poise_application/resources/application_directory.rb @@ -0,0 +1,50 @@ +# +# Copyright 2015-2016, Noah Kantrowitz +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +require 'poise_application/app_file_mixin' + + +module PoiseApplication + module Resources + # (see ApplicationDirectory::Resource) + # @since 5.1.0 + module ApplicationDirectory + # An `application_directory` resource to manage Chef files inside and + # Application cookbook deployment. + # + # @provides application_directory + # @action create + # @action delete + # @example + # application '/srv/myapp' do + # directory 'logs' + # end + class Resource < Chef::Resource::Directory + include PoiseApplication::AppFileMixin + provides(:application_directory) + actions(:create, :delete) + subclass_providers! + + def initialize(*args) + super + # For older Chef. + @resource_name = :application_directory + end + end + + end + end +end diff --git a/cookbooks/application/files/halite_gem/poise_application/resources/application_file.rb b/cookbooks/application/files/halite_gem/poise_application/resources/application_file.rb index a766088..95eac83 100644 --- a/cookbooks/application/files/halite_gem/poise_application/resources/application_file.rb +++ b/cookbooks/application/files/halite_gem/poise_application/resources/application_file.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/application/files/halite_gem/poise_application/resources/application_template.rb b/cookbooks/application/files/halite_gem/poise_application/resources/application_template.rb index 27e7f0b..dff0151 100644 --- a/cookbooks/application/files/halite_gem/poise_application/resources/application_template.rb +++ b/cookbooks/application/files/halite_gem/poise_application/resources/application_template.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/application/files/halite_gem/poise_application/service_mixin.rb b/cookbooks/application/files/halite_gem/poise_application/service_mixin.rb index 176fb29..0649159 100644 --- a/cookbooks/application/files/halite_gem/poise_application/service_mixin.rb +++ b/cookbooks/application/files/halite_gem/poise_application/service_mixin.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/application/files/halite_gem/poise_application/utils.rb b/cookbooks/application/files/halite_gem/poise_application/utils.rb index cc3f874..0a93c77 100644 --- a/cookbooks/application/files/halite_gem/poise_application/utils.rb +++ b/cookbooks/application/files/halite_gem/poise_application/utils.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/application/files/halite_gem/poise_application/version.rb b/cookbooks/application/files/halite_gem/poise_application/version.rb index bb3f482..02c4411 100644 --- a/cookbooks/application/files/halite_gem/poise_application/version.rb +++ b/cookbooks/application/files/halite_gem/poise_application/version.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,5 +16,5 @@ module PoiseApplication - VERSION = '5.1.0' + VERSION = '5.2.0' end diff --git a/cookbooks/application/libraries/default.rb b/cookbooks/application/libraries/default.rb index ebf4f00..21614d8 100644 --- a/cookbooks/application/libraries/default.rb +++ b/cookbooks/application/libraries/default.rb @@ -1,5 +1,5 @@ # -# Copyright 2015, Noah Kantrowitz +# Copyright 2015-2016, Noah Kantrowitz # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/application/metadata.json b/cookbooks/application/metadata.json index a491ee2..02fb71f 100644 --- a/cookbooks/application/metadata.json +++ b/cookbooks/application/metadata.json @@ -1 +1 @@ -{"name":"application","version":"5.1.0","description":"A Chef cookbook for deploying application code.","long_description":"# Application cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/application.svg)](https://travis-ci.org/poise/application)\n[![Gem Version](https://img.shields.io/gem/v/poise-application.svg)](https://rubygems.org/gems/poise-application)\n[![Cookbook Version](https://img.shields.io/cookbook/v/application.svg)](https://supermarket.chef.io/cookbooks/application)\n[![Coverage](https://img.shields.io/codeclimate/coverage/github/poise/application.svg)](https://codeclimate.com/github/poise/application)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/application.svg)](https://gemnasium.com/poise/application)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [Chef](https://www.chef.io/) cookbook to deploy applications.\n\n## Getting Started\n\nThe application cookbook provides a central framework to deploy applications\nusing Chef. Generally this will be web applications using things like Rails,\nDjango, or NodeJS, but the framework makes no specific assumptions. The core\n`application` resource provides DSL support and helpers, but the heavy lifting\nis all done in specific plugins detailed below. Each deployment starts with\nan `application` resource:\n\n```ruby\napplication '/path/to/deploy' do\n owner 'root'\n group 'root'\n\n # ...\nend\n```\n\nThe `application` resource uses the Poise subresource system for plugins. This\nmeans you configure the steps of the deployment like normal recipe code inside\nthe `application` resource, with a few special additions:\n\n```ruby\napplication '/path/to/deploy' do\n # Application resource properties.\n owner 'root'\n group 'root'\n\n # Subresources, like normal recipe code.\n package 'ruby'\n git '/path/to/deploy' do\n repository 'https://github.com/example/myapp.git'\n end\n application_rails '/path/to/deploy' do\n database 'mysql://dbhost/myapp'\n end\nend\n```\n\nWhen evaluating the recipe inside the `application` resource, it first checks\nfor `application_#{resource}`, as well as looking for an LWRP of the same name\nin any cookbook starting with `application_`. This means that a resource named\n`application_foo` can be used as `foo` inside the `application` resource:\n\n```ruby\napplication '/path/to/deploy' do\n owner 'root'\n group 'root'\n\n rails '/path/to/deploy' do\n database 'mysql://dbhost/myapp'\n end\nend\n```\n\nAdditionally if a resource inside the `application` block doesn't have a name,\nit uses the same name as the application resource itself:\n\n```ruby\napplication '/path/to/deploy' do\n owner 'root'\n group 'root'\n\n rails do\n database 'mysql://dbhost/myapp'\n end\nend\n```\n\nOther than those two special features, the recipe code inside the `application`\nresource is processed just like any other recipe.\n\n## Available Plugins\n\n* [`application_git`](https://github.com/poise/application_git) – Deploy\n application code from a git repository.\n* [`application_ruby`](https://github.com/poise/application_ruby) – Manage Ruby\n deployments, such as Rails or Sinatra applications.\n* [`application_python`](https://github.com/poise/application_python) – Manage\n Python deployments, such as Django or Flask applications.\n* [`application_javascript`](https://github.com/poise/application_javascript) –\n Manage server-side JavaScript deployments using Node.js or io.js.\n* `application_java` – *Coming soon!*\n* `application_go` – *Coming soon!*\n* `application_erlang` – *Coming soon!*\n\n## Requirements\n\nChef 12 or newer is required.\n\n## Resources\n\n### `application`\n\nThe `application` resource has top-level configuration properties for each\ndeployment and acts as a container for other deployment plugin resources.\n\n```ruby\napplication '/opt/test_sinatra' do\n git 'https://github.com/example/my_sinatra_app.git'\n bundle_install do\n deployment true\n end\n unicorn do\n port 9000\n end\nend\n```\n\n#### Actions\n\n* `:deploy` – Deploy the application. *(default)*\n* `:start` - Run `:start` on all subresources that support it.\n* `:stop` - Run `:stop` on all subresources that support it.\n* `:restart` - Run `:restart` on all subresources that support it.\n* `:reload` - Run `:reload` on all subresources that support it.\n\n#### Properties\n\n* `path` – Path to deploy the application to. *(name attribute)*\n* `environment` – Environment variables for all application deployment steps.\n* `group` – System group to deploy the application as.\n* `owner` – System user to deploy the application as.\n* `action_on_update` – Action to run on the application resource when any\n subresource is updated. *(default: restart)*\n* `action_on_update_immediately` – Run the `action_on_update` notification with\n `:immediately`. *(default: false)*\n\n### `application_cookbook_file`, `application_file`, `application_template`\n\nThe `application_cookbook_file`, `application_file`, and `application_template`\nresources extend the core Chef resources to take some application-level\nconfiguration in to account:\n\n```ruby\napplication '/opt/myapp' do\n template 'myapp.conf' do\n source 'myapp.conf.erb'\n end\nend\n```\n\nIf the resource name is a relative path, it will be expanded relative to the\napplication path. If an owner or group is declared for the application, those\nwill be the default user and group for the resource.\n\nAll other actions and properties are the same as the similar resource in core Chef.\n\n## Examples\n\nSome test recipes are available as examples for common application frameworks:\n\n* [Sinatra](https://github.com/poise/application_ruby/blob/master/test/cookbooks/application_ruby_test/recipes/sinatra.rb)\n* [Rails](https://github.com/poise/application_ruby/blob/master/test/cookbooks/application_ruby_test/recipes/rails.rb)\n* [Flask](https://github.com/poise/application_python/blob/master/test/cookbooks/application_python_test/recipes/flask.rb)\n* [Django](https://github.com/poise/application_python/blob/master/test/cookbooks/application_python_test/recipes/django.rb)\n* [Express](https://github.com/poise/application_javascript/blob/master/test/cookbooks/application_javascript_test/recipes/express.rb)\n\n## Upgrading From 4.x\n\nWhile the overall design of the revamped application resource is similar to the\n4.x version, some changes will need to be made. The `name` property no longer\nexists, with the name attribute being used as the path to the deployment.\nThe `packages` property has been removed as this is more easily handled via\nnormal recipe code.\n\nThe SCM-related properties like `repository` and `revision` are now handled by\nnormal plugins. If you were deploying from a private git repository you will\nlikely want to use the `application_git` cookbook, otherwise just use the\nbuilt-in `git` or `svn` resources as per normal.\n\nThe properties related to the `deploy` resource like `strategy` and `symlinks`\nhave been removed. The `deploy` resource is no longer used so these aren't\nrelevant. As a side effect of this, you'll likely want to point the upgraded\ndeployment at a new folder or manually clean the `current` and `shared` folders\nfrom the existing folder. The pseudo-Capistrano layout used by the `deploy`\nresource has few benefits in a config-managed world and introduced a lot of\ncomplexity and moving pieces that are no longer required.\n\nWith the removal of the `deploy` resource, the callback properties and commands\nare no longer used as well. Subresources no longer use the complex\nactions-as-callbacks arrangement as existed before, instead following normal\nChef recipe flow. Individual subresources may need to be tweaked to work with\nnewer versions of the cookbooks they come from, though most have stayed similar\nin overall approach.\n\n## Database Migrations and Chef\n\nSeveral of the web application deployment plugins include optional support to\nrun database migrations from Chef. For \"toy\" applications where the app and\ndatabase run together on a single machine, this is fine and is a nice time\nsaver. For anything more complex I highly recommend not running database\nmigrations from Chef. Some initial operations like creating the database and/or\ndatabase user are more reasonable as they tend to be done only once and by their\nnature the application does not yet have users so some level of eventual\nconsistency is more acceptable. With migrations on a production application, I\nencourage using Chef and the application cookbooks to handle deploying the code\nand writing configuration files, but use something more specific to run the\nactual migration task. [Fabric](http://www.fabfile.org/),\n[Capistrano](http://capistranorb.com/), and [Rundeck](http://rundeck.org/) are\nall good choices for this orchestration tooling.\n\nMigrations can generally be applied idempotently but they have unique\nconstraints (pun definitely intended) that make them tricky in a Chef-like,\nconvergence-based system. First and foremost is that many table alterations\nlock the table for updating for at least some period of time. That can mean that\nwhile staging the new code or configuration data can happen within a window, the\nmigration itself needs to be run in careful lockstep with the rest of the\ndeployment process (eg. moving things in and out of load balancers). Beyond\nthat, while most web frameworks have internal idempotence checks for migrations,\nrunning the process on two servers at the same time can have unexpected effects.\n\nOverall migrations are best thought of as a procedural step rather than a\ndeclaratively modeled piece of the system.\n\n## Application Signals and Updates\n\nThe `application` resource exposes `start`, `stop`, `restart`, and `reload`\nactions which will dispatch to any subresources attached to the application.\nThis allows for generic application-level restart or reload signals that will\nwork with any type of deployment.\n\nAdditionally the `action_on_update` property is used to set a default\nnotification so any subresource that updates will trigger an application\nrestart or reload. This can be disabled by setting `action_on_update false` if\nyou want to take manual control of service restarts.\n\n## Sponsors\n\nDevelopment sponsored by [Chef Software](https://www.chef.io/), [Symonds & Son](http://symondsandson.com/), and [Orion](https://www.orionlabs.co/).\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nCopyright 2015, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","maintainer":"Noah Kantrowitz","maintainer_email":"noah@coderanger.net","license":"Apache 2.0","platforms":{},"dependencies":{"poise":"~> 2.4","poise-service":"~> 1.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{}} \ No newline at end of file +{"name":"application","version":"5.2.0","description":"A Chef cookbook for deploying application code.","long_description":"# Application cookbook\n\n[![Build Status](https://img.shields.io/travis/poise/application.svg)](https://travis-ci.org/poise/application)\n[![Gem Version](https://img.shields.io/gem/v/poise-application.svg)](https://rubygems.org/gems/poise-application)\n[![Cookbook Version](https://img.shields.io/cookbook/v/application.svg)](https://supermarket.chef.io/cookbooks/application)\n[![Coverage](https://img.shields.io/codeclimate/coverage/github/poise/application.svg)](https://codeclimate.com/github/poise/application)\n[![Gemnasium](https://img.shields.io/gemnasium/poise/application.svg)](https://gemnasium.com/poise/application)\n[![License](https://img.shields.io/badge/license-Apache_2-blue.svg)](https://www.apache.org/licenses/LICENSE-2.0)\n\nA [Chef](https://www.chef.io/) cookbook to deploy applications.\n\n## Getting Started\n\nThe application cookbook provides a central framework to deploy applications\nusing Chef. Generally this will be web applications using things like Rails,\nDjango, or NodeJS, but the framework makes no specific assumptions. The core\n`application` resource provides DSL support and helpers, but the heavy lifting\nis all done in specific plugins detailed below. Each deployment starts with\nan `application` resource:\n\n```ruby\napplication '/path/to/deploy' do\n owner 'root'\n group 'root'\n\n # ...\nend\n```\n\nThe `application` resource uses the Poise subresource system for plugins. This\nmeans you configure the steps of the deployment like normal recipe code inside\nthe `application` resource, with a few special additions:\n\n```ruby\napplication '/path/to/deploy' do\n # Application resource properties.\n owner 'root'\n group 'root'\n\n # Subresources, like normal recipe code.\n package 'ruby'\n git '/path/to/deploy' do\n repository 'https://github.com/example/myapp.git'\n end\n application_rails '/path/to/deploy' do\n database 'mysql://dbhost/myapp'\n end\nend\n```\n\nWhen evaluating the recipe inside the `application` resource, it first checks\nfor `application_#{resource}`, as well as looking for an LWRP of the same name\nin any cookbook starting with `application_`. This means that a resource named\n`application_foo` can be used as `foo` inside the `application` resource:\n\n```ruby\napplication '/path/to/deploy' do\n owner 'root'\n group 'root'\n\n rails '/path/to/deploy' do\n database 'mysql://dbhost/myapp'\n end\nend\n```\n\nAdditionally if a resource inside the `application` block doesn't have a name,\nit uses the same name as the application resource itself:\n\n```ruby\napplication '/path/to/deploy' do\n owner 'root'\n group 'root'\n\n rails do\n database 'mysql://dbhost/myapp'\n end\nend\n```\n\nOther than those two special features, the recipe code inside the `application`\nresource is processed just like any other recipe.\n\n## Available Plugins\n\n* [`application_git`](https://github.com/poise/application_git) – Deploy\n application code from a git repository.\n* [`application_ruby`](https://github.com/poise/application_ruby) – Manage Ruby\n deployments, such as Rails or Sinatra applications.\n* [`application_python`](https://github.com/poise/application_python) – Manage\n Python deployments, such as Django or Flask applications.\n* [`application_javascript`](https://github.com/poise/application_javascript) –\n Manage server-side JavaScript deployments using Node.js or io.js.\n* `application_java` – *Coming soon!*\n* `application_go` – *Coming soon!*\n* `application_erlang` – *Coming soon!*\n\n## Requirements\n\nChef 12 or newer is required.\n\n## Resources\n\n### `application`\n\nThe `application` resource has top-level configuration properties for each\ndeployment and acts as a container for other deployment plugin resources.\n\n```ruby\napplication '/opt/test_sinatra' do\n git 'https://github.com/example/my_sinatra_app.git'\n bundle_install do\n deployment true\n end\n unicorn do\n port 9000\n end\nend\n```\n\n#### Actions\n\n* `:deploy` – Deploy the application. *(default)*\n* `:start` - Run `:start` on all subresources that support it.\n* `:stop` - Run `:stop` on all subresources that support it.\n* `:restart` - Run `:restart` on all subresources that support it.\n* `:reload` - Run `:reload` on all subresources that support it.\n\n#### Properties\n\n* `path` – Path to deploy the application to. *(name attribute)*\n* `environment` – Environment variables for all application deployment steps.\n* `group` – System group to deploy the application as.\n* `owner` – System user to deploy the application as.\n* `action_on_update` – Action to run on the application resource when any\n subresource is updated. *(default: restart)*\n* `action_on_update_immediately` – Run the `action_on_update` notification with\n `:immediately`. *(default: false)*\n\n### `application_cookbook_file`, `application_directory`, `application_file`, `application_template`\n\nThe `application_cookbook_file`, `application_directory`, `application_file`, and `application_template`\nresources extend the core Chef resources to take some application-level\nconfiguration in to account:\n\n```ruby\napplication '/opt/myapp' do\n template 'myapp.conf' do\n source 'myapp.conf.erb'\n end\n directory 'logs'\nend\n```\n\nIf the resource name is a relative path, it will be expanded relative to the\napplication path. If an owner or group is declared for the application, those\nwill be the default user and group for the resource.\n\nAll other actions and properties are the same as the similar resource in core Chef.\n\n## Examples\n\nSome test recipes are available as examples for common application frameworks:\n\n* [Sinatra](https://github.com/poise/application_ruby/blob/master/test/cookbooks/application_ruby_test/recipes/sinatra.rb)\n* [Rails](https://github.com/poise/application_ruby/blob/master/test/cookbooks/application_ruby_test/recipes/rails.rb)\n* [Flask](https://github.com/poise/application_python/blob/master/test/cookbook/recipes/flask.rb)\n* [Django](https://github.com/poise/application_python/blob/master/test/cookbook/recipes/django.rb)\n* [Express](https://github.com/poise/application_javascript/blob/master/test/cookbook/recipes/express.rb)\n\n## Upgrading From 4.x\n\nWhile the overall design of the revamped application resource is similar to the\n4.x version, some changes will need to be made. The `name` property no longer\nexists, with the name attribute being used as the path to the deployment.\nThe `packages` property has been removed as this is more easily handled via\nnormal recipe code.\n\nThe SCM-related properties like `repository` and `revision` are now handled by\nnormal plugins. If you were deploying from a private git repository you will\nlikely want to use the `application_git` cookbook, otherwise just use the\nbuilt-in `git` or `svn` resources as per normal.\n\nThe properties related to the `deploy` resource like `strategy` and `symlinks`\nhave been removed. The `deploy` resource is no longer used so these aren't\nrelevant. As a side effect of this, you'll likely want to point the upgraded\ndeployment at a new folder or manually clean the `current` and `shared` folders\nfrom the existing folder. The pseudo-Capistrano layout used by the `deploy`\nresource has few benefits in a config-managed world and introduced a lot of\ncomplexity and moving pieces that are no longer required.\n\nWith the removal of the `deploy` resource, the callback properties and commands\nare no longer used as well. Subresources no longer use the complex\nactions-as-callbacks arrangement as existed before, instead following normal\nChef recipe flow. Individual subresources may need to be tweaked to work with\nnewer versions of the cookbooks they come from, though most have stayed similar\nin overall approach.\n\n## Database Migrations and Chef\n\nSeveral of the web application deployment plugins include optional support to\nrun database migrations from Chef. For \"toy\" applications where the app and\ndatabase run together on a single machine, this is fine and is a nice time\nsaver. For anything more complex I highly recommend not running database\nmigrations from Chef. Some initial operations like creating the database and/or\ndatabase user are more reasonable as they tend to be done only once and by their\nnature the application does not yet have users so some level of eventual\nconsistency is more acceptable. With migrations on a production application, I\nencourage using Chef and the application cookbooks to handle deploying the code\nand writing configuration files, but use something more specific to run the\nactual migration task. [Fabric](http://www.fabfile.org/),\n[Capistrano](http://capistranorb.com/), and [Rundeck](http://rundeck.org/) are\nall good choices for this orchestration tooling.\n\nMigrations can generally be applied idempotently but they have unique\nconstraints (pun definitely intended) that make them tricky in a Chef-like,\nconvergence-based system. First and foremost is that many table alterations\nlock the table for updating for at least some period of time. That can mean that\nwhile staging the new code or configuration data can happen within a window, the\nmigration itself needs to be run in careful lockstep with the rest of the\ndeployment process (eg. moving things in and out of load balancers). Beyond\nthat, while most web frameworks have internal idempotence checks for migrations,\nrunning the process on two servers at the same time can have unexpected effects.\n\nOverall migrations are best thought of as a procedural step rather than a\ndeclaratively modeled piece of the system.\n\n## Application Signals and Updates\n\nThe `application` resource exposes `start`, `stop`, `restart`, and `reload`\nactions which will dispatch to any subresources attached to the application.\nThis allows for generic application-level restart or reload signals that will\nwork with any type of deployment.\n\nAdditionally the `action_on_update` property is used to set a default\nnotification so any subresource that updates will trigger an application\nrestart or reload. This can be disabled by setting `action_on_update false` if\nyou want to take manual control of service restarts.\n\n## Sponsors\n\nDevelopment sponsored by [Chef Software](https://www.chef.io/), [Symonds & Son](http://symondsandson.com/), and [Orion](https://www.orionlabs.co/).\n\nThe Poise test server infrastructure is sponsored by [Rackspace](https://rackspace.com/).\n\n## License\n\nCopyright 2015-2016, Noah Kantrowitz\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\nhttp://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","maintainer":"Noah Kantrowitz","maintainer_email":"noah@coderanger.net","license":"Apache-2.0","platforms":{"aix":">= 0.0.0","amazon":">= 0.0.0","arch":">= 0.0.0","centos":">= 0.0.0","chefspec":">= 0.0.0","debian":">= 0.0.0","dragonfly4":">= 0.0.0","fedora":">= 0.0.0","freebsd":">= 0.0.0","gentoo":">= 0.0.0","ios_xr":">= 0.0.0","mac_os_x":">= 0.0.0","nexus":">= 0.0.0","omnios":">= 0.0.0","openbsd":">= 0.0.0","opensuse":">= 0.0.0","oracle":">= 0.0.0","raspbian":">= 0.0.0","redhat":">= 0.0.0","slackware":">= 0.0.0","smartos":">= 0.0.0","solaris2":">= 0.0.0","suse":">= 0.0.0","ubuntu":">= 0.0.0","windows":">= 0.0.0"},"dependencies":{"poise":"~> 2.4","poise-service":"~> 1.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/poise/application","issues_url":"https://github.com/poise/application/issues","chef_version":[["< 14",">= 12"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/bluepill/.foodcritic b/cookbooks/bluepill/.foodcritic deleted file mode 100644 index 6c2ff5a..0000000 --- a/cookbooks/bluepill/.foodcritic +++ /dev/null @@ -1 +0,0 @@ -~FC059 diff --git a/cookbooks/bluepill/CHANGELOG.md b/cookbooks/bluepill/CHANGELOG.md deleted file mode 100644 index 655cf05..0000000 --- a/cookbooks/bluepill/CHANGELOG.md +++ /dev/null @@ -1,87 +0,0 @@ -# bluepill Cookbook CHANGELOG -This file is used to list changes made in each version of the bluepill cookbook. - -## 2.4.3 (04-18-2016) -- Added ChefSpec custom matchers and examples - -## 2.4.2 (02-19-2016) -- Loosened the dependecy on rsyslog so the latest cookbook can be used -- Updated testing dependencies and configurations - -WARNING: It was noted after the release of 2.4.2 that the loosened dependency on rsyslog increased the minimum required Chef release to 12.0 for this cookbook. Chef 11 users will need to use 2.4.1. - -## 2.4.1 (11-10-2015) -- Require rsyslog ~> 2.0.0 to preserve Chef 11 compatibility -- Fix rsyslog restarting on RHEL -- Use platform_family when setting platform specific node attributes and fix bad syntax. This should improve RHEL support - -## v2.4.0 (09-17-2015) -- Updated the LSB Required-Start and Required-Stop comments of the LSB init script template to be valid -- Added name to the bluepill_test cookbook metadata for Chef 12 -- If a defaults file on RHEL or Debian based systems exist for the service source that within the init scripts. Example if /etc/default/bar exists on debian for the bar service then source that -- Added .kitchen.yml file with vagrant based testing for local testing and moved the cloud based kitchen to .kitchen.cloud.yml -- Add Travis CI config -- Added rubocop config -- Updated Berksfile to 3.X format and removed yum cookbook that wasn't used -- Updated contributing.md and added testing.md documentation -- Updated development and testing dependencies in the Gemfile -- Added maintainers.md and .toml and added Rake task for generating the MD file -- Opscode -> Chef Software everywhere -- Added Travis and cookbook version badges to the readme -- Add rake file to easy testing -- Resolved all Rubocop warnings -- Added a chefignore file and added additional files to the gitignore -- Added source_url and issues_url metadata for Supermarket - -## v2.3.2 -- Never actually released - -## v2.3.1 -### New Feature -- **[COOK-3705](https://tickets.chef.io/browse/COOK-3705)** - Add init.d script with LSB style - -## v2.3.0 -### Improvement -- **[COOK-3503](https://tickets.chef.io/browse/COOK-3503)** - Add why-run support - -## v2.2.2 -- [COOK-2507] - stringify language attributes - -## v2.2.0 -- [COOK-547] - Add `load` action to provider to reload services when template changes. - -## v2.1.0 -- [COOK-1295] - The bluepill cookbook does not create the default log file -- [COOK-1840] - Enable bluepill to log to rsyslog - -## v2.0.0 -This version uses platform_family attribute (in the provider), making the cookbook incompatible with older versions of Chef/Ohai, hence the major version bump. -- [COOK-1644] - Bluepill cookbook fails on Redhat due to missing default or redhat template directory. -- [COOK-1920] - init script should have a template file named after platform_family instead of using file specificity - -## v1.1.2 -- [COOK-1730] - Add ability to specify which version of bluepill to install - -## v1.1.0 -- [COOK-1592] - use mixlib-shellout instead of execute, add test-kitchen - -## v1.0.6 -- [COOK-1304] - support amazon linux -- [COOK-1427] - resolve foodcritic warnings - -## v1.0.4 -- [COOK-1106] - fix chkconfig loader for CentOS 5 -- [COOK-1107] - use integer for GID instead of string - -## v1.0.2 -- [COOK-1043] - Bluepill cookbook fails on OS X because it tries to use root group - -## v1.0.0 -- [COOK-943] - add init script for freebsd - -## v0.3.0 -- [COOK-867] - enable bluepill service on RHEL family -- [COOK-550] - add freebsd support - -## v0.2.2 -- Fixes COOK-524, COOK-632 diff --git a/cookbooks/bluepill/README.md b/cookbooks/bluepill/README.md deleted file mode 100644 index 68bfebc..0000000 --- a/cookbooks/bluepill/README.md +++ /dev/null @@ -1,111 +0,0 @@ -# bluepill Cookbook -[![Build Status](https://travis-ci.org/chef-cookbooks/bluepill.svg?branch=master)](https://travis-ci.org/chef-cookbooks/bluepill) [![Cookbook Version](https://img.shields.io/cookbook/v/bluepill.svg)](https://supermarket.chef.io/cookbooks/bluepill) - -Installs bluepill Ruby Gem and configures it to manage services. Also includes a LWRP. - -## Requirements -### Platforms -Bluepill is a pure Ruby service management tool/library, so this cookbook should work on any system. The attributes do set up paths based on FHS locations, see below. - -### Chef -- Chef 12+ - -### Cookbooks -- none - -## Attributes -Default locations for bluepill are in "FHS compliant" locations. -- `node["bluepill"]["bin"]` - Path to bluepill program, default is 'bluepill' in the RubyGems binary directory. -- `node["bluepill"]["logfile"]` - Location of the bluepill log file, default "/var/log/bluepill.log". -- `node["bluepill"]["conf_dir"]` - Location of service config files (pills), default "/etc/bluepill". -- `node["bluepill"]["pid_dir"]` - Location of pidfiles, default "/var/run/bluepill" -- `node["bluepill"]["state_dir"]` - Location of state directory, default "/var/lib/bluepill" -- `node["bluepill"]["init_dir"]` - Location of init script directory, default selected by platform. -- `node["bluepill"]["version"]` - Version of bluepill to install, default is latest. -- `node["bluepill"]["use_rsyslog"]` - Enable configuration and use of rsyslog for bluepill. - -# Custom Resources -This cookbook contains an LWRP, `bluepill_service`. This can be used with the normal Chef service resource, by using the `provider` parameter, or by specifying the `bluepill_service` shortcut. These two resources are equivalent. - -```ruby -service 'my_app' do - provider bluepill_service - action [:enable, :load, :start] -end - -bluepill_service 'my_app' do - action [:enable, :load, :start] -end -``` - -The load action should probably always be specified, to ensure that if bluepill isn't running already it gets started. The - -The recipe using the service must contain a template resource for the pill and it must be named `my_app.pill.erb`, where `my_app` is the service name passed to the bluepill service resource. - -## Usage -Be sure to include the bluepill recipe in the run list to ensure that the gem and bluepill-related directories are created. This will also make the cookbook available on the system and other cookbooks won't need to explicitly depend on it in the metadata. - -If the default directory locations in the attributes/default.rb aren't what you want, change them by setting them either in the attributes file itself, or create attributes in a role applied to any systems that will use bluepill. - -Example pill template resource and .erb file: - -```ruby -template '/etc/bluepill/my_app.pill' do - source 'my_app.pill.erb' -end - -Bluepill.application('my_app') do |app| - app.process('my_app') do |process| - process.pid_file = '/var/run/my_app.pid' - process.start_command = '/usr/bin/my_app' - end -end -``` - -See bluepill's documentation for more information on creating pill templates. - -## Testing -This cookbook has the following [ChefSpec custom matchers](https://github.com/sethvargo/chefspec#packaging-custom-matchers) defined: - -- enable_bluepill_service -- load_bluepill_service -- reload_bluepill_service -- start_bluepill_service -- disable_bluepill_service -- stop_bluepill_service -- restart_bluepill_service - -### ChefSpec Examples: - -``` -it 'enables my_app bluepill service' do - chef_run.converge('my_app::default', described_recipe) - expect(chef_run).to enable_bluepill_service('my_app') -end - -it 'reloads my_app bluepill service when pill file changes' do - chef_run.converge('my_app::default', described_recipe) - expect(chef_run).to create_template('/etc/bluepill/my_app.pill') - my_app_pill = chef_run.template('/etc/bluepill/my_app.pill') - expect(my_app_pill).to notify('bluepill_service[my_app]').to(:reload).delayed -end -``` - -## License & Authors -**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io)) - -**Copyright:** 2010-2015, Chef Software, Inc. - -``` -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -``` diff --git a/cookbooks/bluepill/attributes/default.rb b/cookbooks/bluepill/attributes/default.rb deleted file mode 100644 index abbff66..0000000 --- a/cookbooks/bluepill/attributes/default.rb +++ /dev/null @@ -1,44 +0,0 @@ -# Cookbook Name:: bluepill -# Attributes:: default -# -# Copyright 2010-2015, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -default['bluepill']['bin'] = "#{node['languages']['ruby']['bin_dir']}/bluepill" -default['bluepill']['logfile'] = '/var/log/bluepill.log' -default['bluepill']['pid_dir'] = '/var/run/bluepill' -default['bluepill']['state_dir'] = '/var/lib/bluepill' -default['bluepill']['group'] = 0 -default['bluepill']['use_rsyslog'] = false - -case node['platform_family'] -when 'arch' - default['bluepill']['init_dir'] = '/etc/rc.d' - default['bluepill']['conf_dir'] = '/etc/bluepill' - default['bluepill']['defaults_dir'] = '/etc/default' -when 'freebsd' - default['bluepill']['init_dir'] = '/usr/local/etc/rc.d' - default['bluepill']['conf_dir'] = '/usr/local/etc/bluepill' - default['bluepill']['defaults_dir'] = '/etc/defaults' -else - default['bluepill']['init_dir'] = '/etc/init.d' - default['bluepill']['conf_dir'] = '/etc/bluepill' -end - -case node['platform_family'] -when 'fedora', 'rhel' - default['bluepill']['defaults_dir'] = '/etc/sysconfig' -when 'debian' - default['bluepill']['defaults_dir'] = '/etc/default' -end diff --git a/cookbooks/bluepill/libraries/matchers.rb b/cookbooks/bluepill/libraries/matchers.rb deleted file mode 100644 index da9fe67..0000000 --- a/cookbooks/bluepill/libraries/matchers.rb +++ /dev/null @@ -1,33 +0,0 @@ -if defined?(ChefSpec) - - ChefSpec.define_matcher(:bluepill_service) - - def enable_bluepill_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:bluepill_service, :enable, service) - end - - def load_bluepill_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:bluepill_service, :load, service) - end - - def reload_bluepill_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:bluepill_service, :reload, service) - end - - def start_bluepill_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:bluepill_service, :start, service) - end - - def disable_bluepill_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:bluepill_service, :disable, service) - end - - def stop_bluepill_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:bluepill_service, :stop, service) - end - - def restart_bluepill_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:bluepill_service, :restart, service) - end - -end diff --git a/cookbooks/bluepill/metadata.json b/cookbooks/bluepill/metadata.json deleted file mode 100644 index 9446821..0000000 --- a/cookbooks/bluepill/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"bluepill","version":"2.4.3","description":"Installs bluepill gem and configures to manage services, includes bluepill_service LWRP","long_description":"# bluepill Cookbook\n[![Build Status](https://travis-ci.org/chef-cookbooks/bluepill.svg?branch=master)](https://travis-ci.org/chef-cookbooks/bluepill) [![Cookbook Version](https://img.shields.io/cookbook/v/bluepill.svg)](https://supermarket.chef.io/cookbooks/bluepill)\n\nInstalls bluepill Ruby Gem and configures it to manage services. Also includes a LWRP.\n\n## Requirements\n### Platforms\nBluepill is a pure Ruby service management tool/library, so this cookbook should work on any system. The attributes do set up paths based on FHS locations, see below.\n\n### Chef\n- Chef 12+\n\n### Cookbooks\n- none\n\n## Attributes\nDefault locations for bluepill are in \"FHS compliant\" locations.\n- `node[\"bluepill\"][\"bin\"]` - Path to bluepill program, default is 'bluepill' in the RubyGems binary directory.\n- `node[\"bluepill\"][\"logfile\"]` - Location of the bluepill log file, default \"/var/log/bluepill.log\".\n- `node[\"bluepill\"][\"conf_dir\"]` - Location of service config files (pills), default \"/etc/bluepill\".\n- `node[\"bluepill\"][\"pid_dir\"]` - Location of pidfiles, default \"/var/run/bluepill\"\n- `node[\"bluepill\"][\"state_dir\"]` - Location of state directory, default \"/var/lib/bluepill\"\n- `node[\"bluepill\"][\"init_dir\"]` - Location of init script directory, default selected by platform.\n- `node[\"bluepill\"][\"version\"]` - Version of bluepill to install, default is latest.\n- `node[\"bluepill\"][\"use_rsyslog\"]` - Enable configuration and use of rsyslog for bluepill.\n\n# Custom Resources\nThis cookbook contains an LWRP, `bluepill_service`. This can be used with the normal Chef service resource, by using the `provider` parameter, or by specifying the `bluepill_service` shortcut. These two resources are equivalent.\n\n```ruby\nservice 'my_app' do\n provider bluepill_service\n action [:enable, :load, :start]\nend\n\nbluepill_service 'my_app' do\n action [:enable, :load, :start]\nend\n```\n\nThe load action should probably always be specified, to ensure that if bluepill isn't running already it gets started. The\n\nThe recipe using the service must contain a template resource for the pill and it must be named `my_app.pill.erb`, where `my_app` is the service name passed to the bluepill service resource.\n\n## Usage\nBe sure to include the bluepill recipe in the run list to ensure that the gem and bluepill-related directories are created. This will also make the cookbook available on the system and other cookbooks won't need to explicitly depend on it in the metadata.\n\nIf the default directory locations in the attributes/default.rb aren't what you want, change them by setting them either in the attributes file itself, or create attributes in a role applied to any systems that will use bluepill.\n\nExample pill template resource and .erb file:\n\n```ruby\ntemplate '/etc/bluepill/my_app.pill' do\n source 'my_app.pill.erb'\nend\n\nBluepill.application('my_app') do |app|\n app.process('my_app') do |process|\n process.pid_file = '/var/run/my_app.pid'\n process.start_command = '/usr/bin/my_app'\n end\nend\n```\n\nSee bluepill's documentation for more information on creating pill templates.\n\n## Testing\nThis cookbook has the following [ChefSpec custom matchers](https://github.com/sethvargo/chefspec#packaging-custom-matchers) defined:\n\n- enable_bluepill_service\n- load_bluepill_service\n- reload_bluepill_service\n- start_bluepill_service\n- disable_bluepill_service\n- stop_bluepill_service\n- restart_bluepill_service\n\n### ChefSpec Examples:\n\n```\nit 'enables my_app bluepill service' do\n chef_run.converge('my_app::default', described_recipe)\n expect(chef_run).to enable_bluepill_service('my_app')\nend\n\nit 'reloads my_app bluepill service when pill file changes' do\n chef_run.converge('my_app::default', described_recipe)\n expect(chef_run).to create_template('/etc/bluepill/my_app.pill')\n my_app_pill = chef_run.template('/etc/bluepill/my_app.pill')\n expect(my_app_pill).to notify('bluepill_service[my_app]').to(:reload).delayed\nend\n```\n\n## License & Authors\n**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io))\n\n**Copyright:** 2010-2015, Chef Software, Inc.\n\n```\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache 2.0","platforms":{},"dependencies":{"rsyslog":">= 2.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{"bluepill::default":"Installs bluepill rubygem and sets up management directories"}} \ No newline at end of file diff --git a/cookbooks/bluepill/providers/service.rb b/cookbooks/bluepill/providers/service.rb deleted file mode 100644 index 45e55f1..0000000 --- a/cookbooks/bluepill/providers/service.rb +++ /dev/null @@ -1,172 +0,0 @@ -# -# Cookbook Name:: bluepill -# Provider:: service -# -# Copyright 2010-2015, Chef Software, Inc. -# Copyright 2012, Heavy Water Operations, LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/mixin/shell_out' -require 'chef/mixin/language' - -include Chef::Mixin::ShellOut - -def whyrun_supported? - true -end - -action :enable do - config_file = ::File.join(node['bluepill']['conf_dir'], - "#{new_resource.service_name}.pill") - unless @current_resource.enabled - converge_by("enable #{@new_resource}") do - link "#{node['bluepill']['init_dir']}/#{new_resource.service_name}" do - to node['bluepill']['bin'] - only_if { ::File.exist?(config_file) } - end - template_suffix = case node['platform_family'] - when 'rhel', 'fedora', 'freebsd' then node['platform_family'] - when 'debian' then 'lsb' - end - - template "#{node['bluepill']['init_dir']}/bluepill-#{new_resource.service_name}" do - source "bluepill_init.#{template_suffix}.erb" - cookbook 'bluepill' - owner 'root' - group node['bluepill']['group'] - mode '0755' - variables( - service_name: new_resource.service_name, - config_file: config_file - ) - end if template_suffix - - service "bluepill-#{new_resource.service_name}" do - action [:enable] - end - end - end -end - -action :load do - unless @current_resource.running - converge_by("load #{@new_resource}") do - shell_out!(load_command) - end - end -end - -action :reload do - converge_by("reload #{@new_resource}") do - shell_out!(stop_command) if @current_resource.running - shell_out!(load_command) - end -end - -action :start do - unless @current_resource.running - converge_by("start #{@new_resource}") do - shell_out!(start_command) - end - end -end - -action :disable do - if @current_resource.enabled - converge_by("disable #{@new_resource}") do - file "#{node['bluepill']['conf_dir']}/#{new_resource.service_name}.pill" do - action :delete - end - link "#{node['bluepill']['init_dir']}/#{new_resource.service_name}" do - action :delete - end - end - end -end - -action :stop do - if @current_resource.running - converge_by("stop #{@new_resource}") do - shell_out!(stop_command) - end - end -end - -action :restart do - if @current_resource.running - converge_by("restart #{@new_resource}") do - Chef::Log.debug "Restarting #{new_resource.service_name}" - shell_out!(restart_command) - Chef::Log.debug "Restarted #{new_resource.service_name}" - end - end -end - -def load_current_resource - @current_resource = Chef::Resource::BluepillService.new(new_resource.name) - @current_resource.service_name(new_resource.service_name) - - Chef::Log.debug("Checking status of service #{new_resource.service_name}") - - determine_current_status! - - @current_resource -end - -protected - -def status_command - "#{node['bluepill']['bin']} #{new_resource.service_name} status" -end - -def load_command - "#{node['bluepill']['bin']} load #{node['bluepill']['conf_dir']}/#{new_resource.service_name}.pill" -end - -def start_command - "#{node['bluepill']['bin']} #{new_resource.service_name} start" -end - -def stop_command - "#{node['bluepill']['bin']} #{new_resource.service_name} stop" -end - -def restart_command - "#{node['bluepill']['bin']} #{new_resource.service_name} restart" -end - -def determine_current_status! - service_running? - service_enabled? -end - -def service_running? - if shell_out(status_command).exitstatus == 0 - @current_resource.running true - Chef::Log.debug("#{new_resource} is running") - end -rescue Mixlib::ShellOut::ShellCommandFailed, SystemCallError - @current_resource.running false - nil -end - -def service_enabled? - if ::File.exist?("#{node['bluepill']['conf_dir']}/#{new_resource.service_name}.pill") && - ::File.symlink?("#{node['bluepill']['init_dir']}/#{new_resource.service_name}") - @current_resource.enabled true - else - @current_resource.enabled false - end -end diff --git a/cookbooks/bluepill/recipes/default.rb b/cookbooks/bluepill/recipes/default.rb deleted file mode 100644 index 0ef7b4a..0000000 --- a/cookbooks/bluepill/recipes/default.rb +++ /dev/null @@ -1,45 +0,0 @@ -# -# Cookbook Name:: bluepill -# Recipe:: default -# -# Copyright 2010-2015, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -gem_package 'i18n' - -gem_package 'bluepill' do - version node['bluepill']['version'] if node['bluepill']['version'] -end - -[ - node['bluepill']['conf_dir'], - node['bluepill']['pid_dir'], - node['bluepill']['state_dir'] -].each do |dir| - directory dir do - recursive true - owner 'root' - group node['bluepill']['group'] - end -end - -file node['bluepill']['logfile'] do - owner 'root' - group node['bluepill']['group'] - mode '0755' - action :create_if_missing -end - -include_recipe 'bluepill::rsyslog' if node['bluepill']['use_rsyslog'] diff --git a/cookbooks/bluepill/recipes/rsyslog.rb b/cookbooks/bluepill/recipes/rsyslog.rb deleted file mode 100644 index ea7ad77..0000000 --- a/cookbooks/bluepill/recipes/rsyslog.rb +++ /dev/null @@ -1,28 +0,0 @@ -# -# Cookbook Name:: bluepill -# Recipe:: rsyslog -# -# Copyright 2010-2015, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -include_recipe 'rsyslog::default' - -template '/etc/rsyslog.d/bluepill.conf' do - owner 'root' - group 'root' - mode '0644' - source 'bluepill_rsyslog.conf.erb' - notifies :restart, "service[#{node['rsyslog']['service_name']}]" -end diff --git a/cookbooks/bluepill/resources/service.rb b/cookbooks/bluepill/resources/service.rb deleted file mode 100644 index af93fe4..0000000 --- a/cookbooks/bluepill/resources/service.rb +++ /dev/null @@ -1,27 +0,0 @@ -# -# Cookbook Name:: bluepill -# Resource:: service -# -# Copyright 2010-2015, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -actions :start, :stop, :enable, :disable, :load, :restart, :reload -default_action :start - -attribute :service_name, name_attribute: true -attribute :enabled, default: false -attribute :running, default: false -attribute :variables, kind_of: Hash -attribute :supports, default: { restart: true, status: true } diff --git a/cookbooks/bluepill/templates/default/bluepill_init.fedora.erb b/cookbooks/bluepill/templates/default/bluepill_init.fedora.erb deleted file mode 100644 index 2731a17..0000000 --- a/cookbooks/bluepill/templates/default/bluepill_init.fedora.erb +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh -# -# Author: Jamie Winsor () -# -# chkconfig: 345 99 1 -# Description: Bluepill loader for <%= @service_name %> -# Provides: <%= @service_name %> -# Default-Start: 3 4 5 -# Default-Stop: 0 1 2 6 - -BLUEPILL_BIN=<%= node['bluepill']['bin'] %> -BLUEPILL_CONFIG=<%= @config_file %> -SERVICE_NAME=<%= @service_name %> - -[ -r <%= node['bluepill']['defaults_dir'] %>/$SERVICE_NAME ] && . <%= node['bluepill']['defaults_dir'] %>/$SERVICE_NAME - -case "$1" in - start) - echo "Loading bluepill configuration for $SERVICE_NAME " - $BLUEPILL_BIN load $BLUEPILL_CONFIG - ;; - stop) - $BLUEPILL_BIN $SERVICE_NAME stop - $BLUEPILL_BIN $SERVICE_NAME quit - ;; - restart) - $0 stop - $0 start - ;; - *) - echo "Usage: $0 {start|stop|restart}" - exit 1 - ;; -esac diff --git a/cookbooks/bluepill/templates/default/bluepill_init.freebsd.erb b/cookbooks/bluepill/templates/default/bluepill_init.freebsd.erb deleted file mode 100644 index 697e407..0000000 --- a/cookbooks/bluepill/templates/default/bluepill_init.freebsd.erb +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh -## -# PROVIDE: named -# REQUIRE: SERVERS cleanvar -# KEYWORD: shutdown -# - -. /etc/rc.subr - -name="<%= @service_name %>" -rcvar=`set_rcvar` - -# Set some defaults -<%= @service_name %>_enable=${<%= @service_name %>_enable:-"NO"} - -pidfile="/var/run/<%= @service_name %>.pid" -command="/usr/local/bin/bluepill" - -start_precmd="${command} load <%= node['bluepill']['conf_dir'] %>/<%= @service_name %>.pill" -start_cmd="${command} ${name} start" - -status_cmd="${command} ${name} status" - -stop_cmd="${command} ${name} stop" -stop_postcmd="${command} ${name} quit" - -[ -r <%= node['bluepill']['defaults_dir'] %>/$name ] && . <%= node['bluepill']['defaults_dir'] %>/$name -load_rc_config ${name} - -PATH="${PATH}:/usr/local/bin" - -run_rc_command "$1" diff --git a/cookbooks/bluepill/templates/default/bluepill_init.lsb.erb b/cookbooks/bluepill/templates/default/bluepill_init.lsb.erb deleted file mode 100644 index cd8b95f..0000000 --- a/cookbooks/bluepill/templates/default/bluepill_init.lsb.erb +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/sh -# -### BEGIN INIT INFO -# Provides: <%= @service_name %> -# Required-Start: -# Required-Stop: -# Defalt-Start: 2 3 4 5 -# Default-Stop: 0 1 2 6 -# Description: Bluepill loader for <%= @service_name %> -### END INIT INFO - -BLUEPILL_BIN=<%= node['bluepill']['bin'] %> -BLUEPILL_CONFIG=<%= @config_file %> -SERVICE_NAME=<%= @service_name %> - -[ -r <%= node['bluepill']['defaults_dir'] %>/$SERVICE_NAME ] && . <%= node['bluepill']['defaults_dir'] %>/$SERVICE_NAME - -case "$1" in - start) - echo "Loading bluepill configuration for $SERVICE_NAME " - $BLUEPILL_BIN load $BLUEPILL_CONFIG - ;; - stop) - $BLUEPILL_BIN $SERVICE_NAME stop - $BLUEPILL_BIN $SERVICE_NAME quit - ;; - restart) - $BLUEPILL_BIN $SERVICE_NAME restart - ;; - status) - $BLUEPILL_BIN $SERVICE_NAME status - ;; - *) - echo "Usage: $0 {start|stop|restart}" - exit 1 - ;; -esac diff --git a/cookbooks/bluepill/templates/default/bluepill_init.rhel.erb b/cookbooks/bluepill/templates/default/bluepill_init.rhel.erb deleted file mode 100644 index 2731a17..0000000 --- a/cookbooks/bluepill/templates/default/bluepill_init.rhel.erb +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh -# -# Author: Jamie Winsor () -# -# chkconfig: 345 99 1 -# Description: Bluepill loader for <%= @service_name %> -# Provides: <%= @service_name %> -# Default-Start: 3 4 5 -# Default-Stop: 0 1 2 6 - -BLUEPILL_BIN=<%= node['bluepill']['bin'] %> -BLUEPILL_CONFIG=<%= @config_file %> -SERVICE_NAME=<%= @service_name %> - -[ -r <%= node['bluepill']['defaults_dir'] %>/$SERVICE_NAME ] && . <%= node['bluepill']['defaults_dir'] %>/$SERVICE_NAME - -case "$1" in - start) - echo "Loading bluepill configuration for $SERVICE_NAME " - $BLUEPILL_BIN load $BLUEPILL_CONFIG - ;; - stop) - $BLUEPILL_BIN $SERVICE_NAME stop - $BLUEPILL_BIN $SERVICE_NAME quit - ;; - restart) - $0 stop - $0 start - ;; - *) - echo "Usage: $0 {start|stop|restart}" - exit 1 - ;; -esac diff --git a/cookbooks/bluepill/templates/default/bluepill_rsyslog.conf.erb b/cookbooks/bluepill/templates/default/bluepill_rsyslog.conf.erb deleted file mode 100644 index 6a13f39..0000000 --- a/cookbooks/bluepill/templates/default/bluepill_rsyslog.conf.erb +++ /dev/null @@ -1 +0,0 @@ -local6.* <%= node["bluepill"]["logfile"] %> diff --git a/cookbooks/build-essential/.foodcritic b/cookbooks/build-essential/.foodcritic index be0967f..b9f8767 100644 --- a/cookbooks/build-essential/.foodcritic +++ b/cookbooks/build-essential/.foodcritic @@ -1,2 +1 @@ -~FC052 -~FC057 +~FC016 diff --git a/cookbooks/build-essential/CHANGELOG.md b/cookbooks/build-essential/CHANGELOG.md index 229366d..6a94d15 100644 --- a/cookbooks/build-essential/CHANGELOG.md +++ b/cookbooks/build-essential/CHANGELOG.md @@ -2,6 +2,103 @@ This file is used to list changes made in each version of the build-essential cookbook. +## 8.0.1 (2017-04-14) + +- Test with local delivery and not Rake +- Ensure compatibility with Chef 12.5 +- Update apache2 license string +- Ensure compatibility with Amazon Linux on Chef 13 + +## 8.0.0 (2017-02-14) + +- Require 12.5 or later and remove compat_resource cookbook dependency + +## 7.0.3 (2016-12-22) + +- Require the latest compat_resource +- Cookstyle fixes + +## 7.0.2 (2016-11-07) + +- Fix softwareupdate issue from -v to --verbose + +## 7.0.1 (2016-10-06) + +- Install gcc 4.8 on SUSE < 12 + +## 7.0.0 (2016-09-30) + +- Remove support for OS X < 10.9 and add support for OS X 10.12 +- Refactor the xcode installer resource as a custom resource that does not require updates for each new OS X update +- Use a test recipe with apt_update to avoid needing apt + +## 6.0.6 (2016-09-19) + +- Remove chef 11 compatibility in the metadata +- Solaris 11 needs both make and gnu make + +## 6.0.5 (2016-09-07) + +- Testing updates +- Require the latest compat_resource + +## 6.0.4 (2016-08-19) + +- Install CLTools from dmg with -allowUntrusted on old OSX +- Switch to cookstyle for ruby linting +- Add OS X hosts to the kitchen config +- Remove chefdk included gems from the Gemfile +- Better handle kitchen failures in the Rakefile +- Perform all unit/linting in a single travis job + +## v6.0.3 (2016-07-26) + +- Fix how gcc version specified for Solaris 11 + +## v6.0.2 (2016-07-22) + +- Properly warn on Solaris 10 +- Specify the verson of gcc to install on Solaris 11 + +## v6.0.1 (2016-07-19) + +- Clarify that this cookbook actually required Chef 12.1 or later not 12.0 or later +- Add chef_version metadata + +## v6.0.0 (2016-06-03) + +This cookbook now uses the new msys2 based compiler toolchain on windows. Both 32-bit DW2 and 64-bit SEH based toolchains are available based on the gcc 5.3x series compiler. By default these are located in C:\msys2\mingw32 and C:\msys2\mingw64 + +## v5.0.0 (2016-06-03) + +The cookbook now ships with a 12.5+ style custom resource 'build_essential' which performs the same work that the existing default.rb recipe. The default.rb recipe has been converted to consume that resource to provide backwards compatibility for users that use build-essential::default in their run lists or cookbooks. In converting to this custom resource support for EOL omnios has been removed and warning messages for Solaris 10 users have been removed. See the readme for usage information on the new resource. + +## v4.0.0 (2016-05-12) + +### Breaking change + +This cookbook now requires Chef 12 or later as it includes the new mingw cookbook for installing Windows compilers. Mingw includes 12.5 style custom resources, which will fail to compile on Chef 11\. If you are not running Chef 12 you'll need to pin to 3.x in your environment. + +## v3.2.0 (2016-03-25) + +This version backs out a change in the 3.0 release which attempted to install the version of kernel-devel for the current running kernel on RHEL systems. This change had several unintended consequences and we believe the best solution is to back to change out until a better solution for the original problem is developed. Several of the issues could be resolved by code updates to build-essential, but not all, which complicates rolling forward vs. a roll back. The change caused issues which Chefspec runs on cookbooks where build-essential is a dependency as Fauxhai, used by Chefspec, does not mock out node['virtualization']. Fauxhai is being updated to mock out node['virtualization'], but we'd like to make sure a ChefDK release ships with this new Fauxhai before depending on that change. + +## v3.1.0 (2016-03-23) + +- Install GCC 4.8 if running on OmniOS >= 151008 + +## v3.0.0 (2016-03-23) + +- Install GCC 4.9 on FreeBSD < 10 +- Install the version of kernel-devel that matches the running Kernel on RHEL +- Remove suggests 'pkgutil' from the metadata as suggests does nothing +- Properly warn the user that build-essential does not support Solaris 10 instead of just silently continuing on +- Updated specs to run against more recent OS releases +- Removed the warning for OmniOS users from the Readme as the upstream issue has been resolved +- Switch from 7-zip to seven_zip cookbook as 7-zip has been deprecated +- Add 7-zip to the system path on Windows hosts so the recipe will work out of the box +- Switch from the deprecated 7-zip cookbook to seven_zip + ## v2.4.0 (2016-03-21) - Add gettext package to RHEL / FreeBSD to match other platforms diff --git a/cookbooks/build-essential/attributes/default.rb b/cookbooks/build-essential/attributes/default.rb index 21189fd..e2bf233 100644 --- a/cookbooks/build-essential/attributes/default.rb +++ b/cookbooks/build-essential/attributes/default.rb @@ -1,8 +1,8 @@ # -# Cookbook Name:: build-essential +# Cookbook:: build-essential # Attributes:: default # -# Copyright 2008-2016, Chef Software, Inc. +# Copyright:: 2008-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,4 +18,4 @@ # default['build-essential']['compile_time'] = false -default['build-essential']['msys']['path'] = "#{ENV['SYSTEMDRIVE']}\\msys" +default['build-essential']['msys2']['path'] = "#{ENV['SYSTEMDRIVE']}\\msys2" diff --git a/cookbooks/build-essential/libraries/_msys_helper.rb b/cookbooks/build-essential/libraries/_msys_helper.rb deleted file mode 100644 index e7f60af..0000000 --- a/cookbooks/build-essential/libraries/_msys_helper.rb +++ /dev/null @@ -1,15 +0,0 @@ -module BuildEssential - module MsysHelper - # - # This function returns a struct representing an - # msys package. It has two fields: url and checksum - # - # @return [OpenStruct] - # - def msys_p(url, checksum) - OpenStruct.new(url: url, checksum: checksum) - end - end -end - -Chef::Recipe.send(:include, BuildEssential::MsysHelper) diff --git a/cookbooks/build-essential/libraries/matchers.rb b/cookbooks/build-essential/libraries/matchers.rb index fcc5305..d4d1bd4 100644 --- a/cookbooks/build-essential/libraries/matchers.rb +++ b/cookbooks/build-essential/libraries/matchers.rb @@ -2,4 +2,8 @@ if defined?(ChefSpec) def install_xcode_command_line_tools(resource_name) ChefSpec::Matchers::ResourceMatcher.new(:xcode_command_line_tools, :install, resource_name) end + + def install_build_essential(resource_name) + ChefSpec::Matchers::ResourceMatcher.new(:build_essential, :install, resource_name) + end end diff --git a/cookbooks/build-essential/libraries/timing.rb b/cookbooks/build-essential/libraries/timing.rb deleted file mode 100644 index 654a8dd..0000000 --- a/cookbooks/build-essential/libraries/timing.rb +++ /dev/null @@ -1,124 +0,0 @@ -# -# Cookbook Name:: build-essential -# Library:: timing -# -# Copyright 2014-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# -# This module is used to clean up the recipe DSL and "potentially" execute -# resources at compile time (depending on the value of an attribute). -# -# This library is only for use within the build-essential cookbook. Resources -# inside the potentially_at_compile_time block will not fire notifications in -# some situations. This is fixable, but since none of the resources in this -# cookbook actually use notifications, it is not worth the added technical debt. -# -# TL;DR Don't use this DSL method outside of this cookbook. -# -module BuildEssential - module Timing - # - # Potentially evaluate the given block at compile time, depending on the - # value of the +node['build-essential']['compile_time']+ attribute. - # - # @example - # potentially_at_compile_time do - # package 'apache2' - # end - # - # @param [Proc] block - # the thing to eval - # - def potentially_at_compile_time(&block) - if compile_time? - CompileTime.new(self).evaluate(&block) - else - instance_eval(&block) - end - end - - private - - # - # Checks if the DSL should be evaluated at compile time. - # - # @return [true, false] - # - def compile_time? - check_for_old_attributes! - !!node['build-essential']['compile_time'] - end - - # - # Checks for the presence of the "old" attributes. - # - # @todo Remove in 2.0.0 - # - # @return [void] - # - def check_for_old_attributes! - unless node['build_essential'].nil? - Chef::Log.warn <<-EOH -node['build_essential'] has been changed to node['build-essential'] to match the -cookbook name and community standards. I have gracefully converted the attribute -for you, but this warning and conversion will be removed in the next major -release of the build-essential cookbook. -EOH - node.default['build-essential'] = node['build_essential'] - end - - unless node['build-essential']['compiletime'].nil? - Chef::Log.warn <<-EOH -node['build-essential']['compiletime'] has been deprecated. Please use -node['build-essential']['compile_time'] instead. I have gracefully converted the -attribute for you, but this warning and conversion will be removed in the next -major release of the build-essential cookbook. -EOH - node.default['build-essential']['compile_time'] = node['build-essential']['compiletime'] - end - end - - # - # A class graciously borrowed from Chef Sugar for evaluating a resource at - # compile time in a block. - # - class CompileTime - def initialize(recipe) - @recipe = recipe - end - - def evaluate(&block) - instance_eval(&block) - end - - def method_missing(m, *args, &block) - resource = @recipe.send(m, *args, &block) - if resource.is_a?(Chef::Resource) - actions = Array(resource.action) - resource.action(:nothing) - - actions.each do |action| - resource.run_action(action) - end - end - resource - end - end - end -end - -# Include the timing module into the main recipe DSL -Chef::Recipe.send(:include, BuildEssential::Timing) diff --git a/cookbooks/build-essential/libraries/xcode_command_line_tools.rb b/cookbooks/build-essential/libraries/xcode_command_line_tools.rb deleted file mode 100644 index 30d4511..0000000 --- a/cookbooks/build-essential/libraries/xcode_command_line_tools.rb +++ /dev/null @@ -1,212 +0,0 @@ -# -# Cookbook Name:: build-essential -# Library:: xcode_command_line_tools -# -# Copyright 2014-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class Chef - class Resource::XcodeCommandLineTools < Resource::LWRPBase - def self.resource_name - :xcode_command_line_tools - end - - actions :install - default_action :install - - def initialize(name, run_context = nil) - super - - # => Break down SemVer - major, minor, _patch = node['platform_version'].split('.').map { |v| String(v) } - @provider = case [major, minor].join('.') - when '10.7', '10.8' - Provider::XcodeCommandLineToolsFromDmg - when '10.9', '10.10', '10.11' - Provider::XcodeCommandLineToolsFromSoftwareUpdate - else - Chef::Log.warn <<-EOH -OSX #{node['platform_version']} is not an officially supported platform for the -build-essential cookbook. I am going to try and install the command line tools -from Software Update, but there is a high probability that it will fail... - -If you have tested and verified OSX #{node['platform_version']} and you are sick -of seeing this warning in your Chef Client runs, please submit a Pull Request to -https://github.com/chef-cookbooks/build-essential and add this version of OSX -to provider list. -EOH - Provider::XcodeCommandLineToolsFromSoftwareUpdate - end - end - end -end - -# -# This is a legacy provider for installing OSX from DMGs. It only supports OSX -# versions 10.7 and 10.8 and will (hopefully) be deprecated in the future. It -# downloads a remote .dmg file, mounts it, installs it, and unmounts it -# automatically. In later versions of OSX, the operating system handles this for -# the end user. -# -class Chef - class Provider::XcodeCommandLineToolsFromDmg < Provider::LWRPBase - action(:install) do - if installed? - Chef::Log.debug("#{new_resource} already installed - skipping") - else - converge_by("Install #{new_resource}") do - download - attach - install - detach - end - end - end - - private - - # - # Determine if the XCode Command Line Tools are installed - # - # @return [true, false] - # - def installed? - cmd = Mixlib::ShellOut.new('pkgutil --pkgs=com.apple.pkg.DeveloperToolsCLI') - cmd.run_command - cmd.error! - true - rescue Mixlib::ShellOut::ShellCommandFailed - false - end - - # - # The path where the dmg should be cached on disk. - # - # @return [String] - # - def dmg_cache_path - ::File.join(Chef::Config[:file_cache_path], 'osx-command-line-tools.dmg') - end - - # - # The path where the dmg should be downloaded from. This is intentionally - # not a configurable object by the end user. If you do not like where we - # are downloading XCode from - too bad. - # - # @return [String] - # - def dmg_remote_source - case node['platform_version'].to_f - when 10.7 - 'http://devimages.apple.com/downloads/xcode/command_line_tools_for_xcode_os_x_lion_april_2013.dmg' - when 10.8 - 'http://devimages.apple.com/downloads/xcode/command_line_tools_for_xcode_os_x_mountain_lion_march_2014.dmg' - else - raise "Unknown DMG download URL for OSX #{node['platform_version']}" - end - end - - # - # The path where the volume should be mounted. - # - # @return [String] - # - def mount_path - ::File.join(Chef::Config[:file_cache_path], 'osx-command-line-tools') - end - - # - # Action: download the remote dmg. - # - # @return [void] - # - def download - remote_file = Resource::RemoteFile.new(dmg_cache_path, run_context) - remote_file.source(dmg_remote_source) - remote_file.backup(false) - remote_file.run_action(:create) - end - - # - # Action: attach the dmg (basically, double-click on it) - # - # @return [void] - # - def attach - execute %(hdiutil attach "#{dmg_cache_path}" -mountpoint "#{mount_path}") - end - - # - # Action: install the package inside the dmg - # - # @return [void] - # - def install - execute %|installer -package "$(find '#{mount_path}' -name *.mpkg)" -target "/"| - end - - # - # Action: detach the dmg (basically, drag it to eject on the dock) - # - # @return [void] - # - def detach - execute %(hdiutil detach "#{mount_path}") - end - end -end - -class Chef - class Provider::XcodeCommandLineToolsFromSoftwareUpdate < Provider::LWRPBase - action(:install) do - if installed? - Chef::Log.debug("#{new_resource} already installed - skipping") - else - converge_by("Install #{new_resource}") do - # This script was graciously borrowed and modified from Tim Sutton's - # osx-vm-templates at https://github.com/timsutton/osx-vm-templates/blob/b001475df54a9808d3d56d06e71b8fa3001fff42/scripts/xcode-cli-tools.sh - execute 'install XCode Command Line tools' do - command <<-EOH.gsub(/^ {14}/, '') - # create the placeholder file that's checked by CLI updates' .dist code - # in Apple's SUS catalog - touch /tmp/.com.apple.dt.CommandLineTools.installondemand.in-progress - # find the CLI Tools update - PROD=$(softwareupdate -l | grep "\*.*Command Line" | head -n 1 | awk -F"*" '{print $2}' | sed -e 's/^ *//' | tr -d '\n') - # install it - softwareupdate -i "$PROD" -v - EOH - # rubocop:enable Metrics/LineLength - end - end - end - end - - private - - # - # Determine if the XCode Command Line Tools are installed - # - # @return [true, false] - # - def installed? - cmd = Mixlib::ShellOut.new('pkgutil --pkgs=com.apple.pkg.CLTools_Executables') - cmd.run_command - cmd.error! - true - rescue Mixlib::ShellOut::ShellCommandFailed - false - end - end -end diff --git a/cookbooks/build-essential/metadata.json b/cookbooks/build-essential/metadata.json index 9803c84..9478641 100644 --- a/cookbooks/build-essential/metadata.json +++ b/cookbooks/build-essential/metadata.json @@ -1 +1 @@ -{"name":"build-essential","version":"2.4.0","description":"Installs C compiler / build tools","long_description":"# build-essential Cookbook\n[![Cookbook Version](http://img.shields.io/cookbook/v/build-essential.svg)][cookbook] [![Build Status](http://img.shields.io/travis/chef-cookbooks/build-essential.svg)][travis]\n\nInstalls packages required for compiling C software from source. Use this cookbook if you wish to compile C programs, or install RubyGems with native extensions.\n\n## Requirements\n### Platforms\n- Debian/Ubuntu\n- RHEL/CentOS/Scientific/Amazon/Oracle\n- openSUSE\n- SmartOS\n- Fedora\n- Mac OS X\n- FreeBSD\n\n### Chef\n- Chef 11+\n\n### Cookbooks\n- Suggests pkgutil for Solaris based platforms\n\n\n**Note for Debian platform family:** On Debian platform-family systems, it is recommended that `apt-get update` be run, to ensure that the package cache is updated. It's not in the scope of this cookbook to do that, as it can [create a duplicate resource](https://tickets.chef.io/browse/CHEF-3694). We recommend using the [apt](https://supermarket.chef.io/cookbooks/apt) cookbook to do this.\n\n**Note for OmniOS**: Currently, OmniOS's Ruby package is built with GCC 4.6.3, and the path is hardcoded, as the gcc binaries are not installed in the default $PATH. This means that in order to install RubyGems into the \"system\" Ruby, one must install `developer/gcc46`. [An issue](https://github.com/omniti-labs/omnios-build/issues/19) is open upstream w/ OmniOS to rebuild the Ruby package with GCC 4.7.2.\n\n## Attributes\n\nAttribute | Default | Description\n----------------------------------------- | :--------------------------: | ---------------------------------\n`node['build-essential']['compile_time']` | `false` | Execute resources at compile time\n`node['build-essential']['msys']['path']` | `#{ENV['SYSTEMDRIVE']\\\\msys` | Destination for msys (Windows only)\n\n## Usage\nInclude the build-essential recipe in your run list:\n\n```sh\nknife node run_list add NODE \"recipe[build-essential::default]\"\n```\n\nor add the build-essential recipe as a dependency and include it from inside another cookbook:\n\n```ruby\ninclude_recipe 'build-essential::default'\n```\n\n### Gems with C extensions\nFor RubyGems that include native C extensions you wish to use with Chef, you should do the following.\n- Set the `compile_time` attribute to true in your wrapper cookbook or role:\n\n ```ruby\n # Wrapper attribute\n default['build-essential']['compile_time'] = true\n ```\n\n ```ruby\n # Role\n default_attributes(\n 'build-essential' => {\n 'compile_time' => true\n }\n )\n ```\n\n- Ensure that the C libraries, which include files and other assorted \"dev\"\n\n type packages, are installed in the compile phase after the build-essential\n\n recipe is executed. For example:\n\n ```ruby\n include_recipe 'build-essential::default'\n\n package('mypackage-devel') { action :nothing }.run_action(:install)\n ```\n\n- Use the `chef_gem` resource in your recipe to install the gem with the native\n\n extension:\n\n ```ruby\n chef_gem 'gem-with-native-extension'\n ```\n\n## License & Authors\n**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io))\n\n**Copyright:** 2009-2015, Chef Software, Inc.\n\n```\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n\n[cookbook]: https://supermarket.chef.io/cookbooks/build-essential\n[travis]: http://travis-ci.org/chef-cookbooks/build-essential\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache 2.0","platforms":{"amazon":">= 0.0.0","centos":">= 0.0.0","debian":">= 0.0.0","fedora":">= 0.0.0","freebsd":">= 0.0.0","mac_os_x":">= 10.7.0","mac_os_x_server":">= 10.7.0","oracle":">= 0.0.0","redhat":">= 0.0.0","scientific":">= 0.0.0","smartos":">= 0.0.0","suse":">= 0.0.0","ubuntu":">= 0.0.0","windows":">= 0.0.0"},"dependencies":{"7-zip":">= 0.0.0"},"recommendations":{},"suggestions":{"pkgutil":">= 0.0.0"},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{"build-essential":"Installs packages required for compiling C software from source."}} \ No newline at end of file +{"name":"build-essential","version":"8.0.1","description":"Installs C compiler / build tools","long_description":"# build-essential Cookbook\n\n[![Cookbook Version](http://img.shields.io/cookbook/v/build-essential.svg)][cookbook] [![Build Status](https://travis-ci.org/chef-cookbooks/build-essential.svg?branch=master)](https://travis-ci.org/chef-cookbooks/build-essential)\n\nInstalls packages required for compiling C software from source. Use this cookbook if you wish to compile C programs, or install RubyGems with native extensions. Contains a resource, 'build_essential', as as well as a default recipe that simply calls that same resource.\n\n## Requirements\n\n### Platforms\n\n- Debian/Ubuntu\n- RHEL/CentOS/Scientific/Amazon/Oracle\n- openSUSE / SUSE Enterprise Linux\n- SmartOS\n- Fedora\n- Mac OS X 10.9+\n- FreeBSD\n\n### Chef\n\n- Chef 12.5+\n\n### Cookbooks\n\n- seven_zip\n- mingw\n\n**Note for Debian platform family:** On Debian platform-family systems, it is recommended that `apt-get update` be run, to ensure that the package cache is updated. It's not in the scope of this cookbook to do that, as it can [create a duplicate resource](https://tickets.chef.io/browse/CHEF-3694). We recommend using the [apt](https://supermarket.chef.io/cookbooks/apt) cookbook to do this.\n\n## Attributes\n\nAttribute | Default | Description\n------------------------------------------ | :---------------------------: | -----------------------------------------------------\n`node['build-essential']['compile_time']` | `false` | Execute resources at compile time\n`node['build-essential']['msys2']['path']` | `#{ENV['SYSTEMDRIVE']\\\\msys2` | Destination for msys2 build tool chain (Windows only)\n\n## Usage\n\n### Recipe Usage\n\nThe recipe simply calls the build_essential resource, but it ideal for adding to roles or node run lists.\n\nInclude the build-essential recipe in your run list:\n\n```sh\nknife node run_list add NODE \"recipe[build-essential::default]\"\n```\n\nor add the build-essential recipe as a dependency and include it from inside another cookbook:\n\n```ruby\ninclude_recipe 'build-essential::default'\n```\n\n### Gems with C extensions\n\nFor RubyGems that include native C extensions you wish to use with Chef, you should do the following.\n\n- Set the `compile_time` attribute to true in your wrapper cookbook or role:\n\n ```ruby\n # Wrapper attribute\n default['build-essential']['compile_time'] = true\n ```\n\n ```ruby\n # Role\n default_attributes(\n 'build-essential' => {\n 'compile_time' => true\n }\n )\n ```\n\n- Ensure that the C libraries, which include files and other assorted \"dev\"\n\n type packages, are installed in the compile phase after the build-essential\n\n recipe is executed. For example:\n\n ```ruby\n include_recipe 'build-essential::default'\n\n package('mypackage-devel') { action :nothing }.run_action(:install)\n ```\n\n- Use the `chef_gem` resource in your recipe to install the gem with the native\n\n extension:\n\n ```ruby\n chef_gem 'gem-with-native-extension'\n ```\n\n### Resource Usage\n\nThe cookbook includes a resource 'build_essential' that can be included in your cookbook to install the necessary build-essential packages\n\nSimple package installation during the client run:\n\n```ruby\nbuild_essential 'some name you choose'\n```\n\nPackage installation during the compile phase:\n\n```ruby\nbuild_essential 'some name you choose' do\n compile_time false\nend\n```\n\n## License & Authors\n\n**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io))\n\n**Copyright:** 2009-2016, Chef Software, Inc.\n\n```\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n\n[cookbook]: https://supermarket.chef.io/cookbooks/build-essential\n[travis]: http://travis-ci.org/chef-cookbooks/build-essential\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache-2.0","platforms":{"amazon":">= 0.0.0","centos":">= 0.0.0","debian":">= 0.0.0","fedora":">= 0.0.0","freebsd":">= 0.0.0","mac_os_x":">= 10.9.0","mac_os_x_server":">= 10.9.0","opensuse":">= 0.0.0","opensuseleap":">= 0.0.0","oracle":">= 0.0.0","redhat":">= 0.0.0","scientific":">= 0.0.0","smartos":">= 0.0.0","solaris":">= 0.0.0","suse":">= 0.0.0","ubuntu":">= 0.0.0","windows":">= 0.0.0","zlinux":">= 0.0.0"},"dependencies":{"seven_zip":">= 0.0.0","mingw":">= 1.1"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{"build-essential":"Installs packages required for compiling C software from source."},"source_url":"https://github.com/chef-cookbooks/build-essential","issues_url":"https://github.com/chef-cookbooks/build-essential/issues","chef_version":[[">= 12.5"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/build-essential/providers/msys_archive.rb b/cookbooks/build-essential/providers/msys_archive.rb deleted file mode 100644 index 08f8be9..0000000 --- a/cookbooks/build-essential/providers/msys_archive.rb +++ /dev/null @@ -1,102 +0,0 @@ -# -# Cookbook Name:: build-essential -# Provider:: msys_archive -# -# Copyright 2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -use_inline_resources - -action :unpack do - directory msys_dir do - action :create - end - - directory "dir-#{mingw_dir}" do - action :create - path mingw_dir - only_if do - new_resource.mingw - end - end - - directory cache_dir do - action :create - end - - # Unpacking involves downloading the tar.whatever. - # Then we unpack the tar.whatever with 7z, which - # leaves us with a tar, which can finally be - # untarred with 7z. - - remote_file cache_path do - source new_resource.source - checksum new_resource.checksum - notifies :run, "execute[#{archive_name}]", :immediately - end - - execute archive_name do - command extract_cmd(cache_path, cache_dir) - action :nothing - notifies :run, "execute[#{tar_name}]", :immediately - end - - execute tar_name do - command extract_cmd(tar_path, unpack_root_dir) - action :nothing - end -end - -# msys packages will be extracted into the root dir -# mingw packages will get extracted into the root/mingw dir -def unpack_root_dir - if new_resource.mingw - mingw_dir - else - msys_dir - end -end - -def msys_dir - new_resource.root_dir -end - -def mingw_dir - ::File.join(new_resource.root_dir, 'mingw') -end - -def archive_name - ::File.basename(new_resource.source) -end - -def cache_dir - ::File.join(unpack_root_dir, '.cache') -end - -def cache_path - ::File.join(cache_dir, archive_name) -end - -def tar_name - ::File.basename(archive_name, ::File.extname(archive_name)) -end - -def tar_path - ::File.join(cache_dir, tar_name) -end - -def extract_cmd(source_file, dest_dir) - "7z x #{source_file} -o#{dest_dir} -r -y" -end diff --git a/cookbooks/build-essential/recipes/_debian.rb b/cookbooks/build-essential/recipes/_debian.rb deleted file mode 100644 index ded2d85..0000000 --- a/cookbooks/build-essential/recipes/_debian.rb +++ /dev/null @@ -1,28 +0,0 @@ -# -# Cookbook Name:: build-essential -# Recipe:: debian -# -# Copyright 2008-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -potentially_at_compile_time do - package 'autoconf' - package 'binutils-doc' - package 'bison' - package 'build-essential' - package 'flex' - package 'gettext' - package 'ncurses-dev' -end diff --git a/cookbooks/build-essential/recipes/_fedora.rb b/cookbooks/build-essential/recipes/_fedora.rb deleted file mode 100644 index 296df5c..0000000 --- a/cookbooks/build-essential/recipes/_fedora.rb +++ /dev/null @@ -1,32 +0,0 @@ -# -# Cookbook Name:: build-essential -# Recipe:: fedora -# -# Copyright 2008-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -potentially_at_compile_time do - package 'autoconf' - package 'bison' - package 'flex' - package 'gcc' - package 'gcc-c++' - package 'gettext' - package 'kernel-devel' - package 'make' - package 'm4' - package 'ncurses-devel' - package 'patch' -end diff --git a/cookbooks/build-essential/recipes/_freebsd.rb b/cookbooks/build-essential/recipes/_freebsd.rb deleted file mode 100644 index 350571e..0000000 --- a/cookbooks/build-essential/recipes/_freebsd.rb +++ /dev/null @@ -1,25 +0,0 @@ -# -# Cookbook Name:: build-essential -# Recipe:: freebsd -# -# Copyright 2014-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -potentially_at_compile_time do - package 'devel/gmake' - package 'devel/autoconf' - package 'devel/m4' - package 'devel/gettext' -end diff --git a/cookbooks/build-essential/recipes/_omnios.rb b/cookbooks/build-essential/recipes/_omnios.rb deleted file mode 100644 index 13e0c16..0000000 --- a/cookbooks/build-essential/recipes/_omnios.rb +++ /dev/null @@ -1,33 +0,0 @@ -# -# Cookbook Name:: build-essential -# Recipe:: omnios -# -# Copyright 2013-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -potentially_at_compile_time do - package 'developer/gcc47' - package 'developer/object-file' - package 'developer/linker' - package 'developer/library/lint' - package 'developer/build/gnu-make' - package 'system/header' - package 'system/library/math/header-math' -end - -# Per OmniOS documentation, the gcc bin dir isn't in the default -# $PATH, so add it to the running process environment -# http://omnios.omniti.com/wiki.php/DevEnv -ENV['PATH'] = "#{ENV['PATH']}:/opt/gcc-4.7.2/bin" diff --git a/cookbooks/build-essential/recipes/_smartos.rb b/cookbooks/build-essential/recipes/_smartos.rb deleted file mode 100644 index 7005484..0000000 --- a/cookbooks/build-essential/recipes/_smartos.rb +++ /dev/null @@ -1,27 +0,0 @@ -# -# Cookbook Name:: build-essential -# Recipe:: smartos -# -# Copyright 2008-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -potentially_at_compile_time do - package 'autoconf' - package 'binutils' - package 'build-essential' - package 'gcc47' - package 'gmake' - package 'pkg-config' -end diff --git a/cookbooks/build-essential/recipes/_solaris2.rb b/cookbooks/build-essential/recipes/_solaris2.rb deleted file mode 100644 index 00c845d..0000000 --- a/cookbooks/build-essential/recipes/_solaris2.rb +++ /dev/null @@ -1,48 +0,0 @@ -# -# Cookbook Name:: build-essential -# Recipe:: solaris2 -# -# Copyright 2013-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -case node['platform_version'].to_f -when 5.10 - # You should install the following packages from the Solaris 10 DVD: - # - # SUNWbison - # SUNWgcc - # SUNWggrp - # SUNWgmake - # SUNWgtar - # -when 5.11 - potentially_at_compile_time do - package 'autoconf' - package 'automake' - package 'bison' - package 'gnu-coreutils' - package 'flex' - package 'gcc' - package 'gcc-3' - package 'gnu-grep' - package 'gnu-make' - package 'gnu-patch' - package 'gnu-tar' - package 'pkg-config' - package 'ucb' - end -else - raise "Sorry, we don't support Solaris version #{node['platform_version']} at this juncture." -end diff --git a/cookbooks/build-essential/recipes/_suse.rb b/cookbooks/build-essential/recipes/_suse.rb deleted file mode 100644 index f66bf46..0000000 --- a/cookbooks/build-essential/recipes/_suse.rb +++ /dev/null @@ -1,29 +0,0 @@ -# -# Cookbook Name:: build-essential -# Recipe:: suse -# -# Copyright 2008-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -potentially_at_compile_time do - package 'autoconf' - package 'bison' - package 'flex' - package 'gcc' - package 'gcc-c++' - package 'kernel-default-devel' - package 'make' - package 'm4' -end diff --git a/cookbooks/build-essential/resources/msys_archive.rb b/cookbooks/build-essential/resources/msys_archive.rb deleted file mode 100644 index fe95391..0000000 --- a/cookbooks/build-essential/resources/msys_archive.rb +++ /dev/null @@ -1,7 +0,0 @@ -actions :unpack -default_action :unpack - -attribute :source, kind_of: String, name_attribute: true -attribute :root_dir, kind_of: String, required: true -attribute :mingw, kind_of: [TrueClass, FalseClass], default: false -attribute :checksum, kind_of: String diff --git a/cookbooks/chef_nginx/.foodcritic b/cookbooks/chef_nginx/.foodcritic new file mode 100644 index 0000000..b9f8767 --- /dev/null +++ b/cookbooks/chef_nginx/.foodcritic @@ -0,0 +1 @@ +~FC016 diff --git a/cookbooks/chef_nginx/CHANGELOG.md b/cookbooks/chef_nginx/CHANGELOG.md new file mode 100644 index 0000000..944141f --- /dev/null +++ b/cookbooks/chef_nginx/CHANGELOG.md @@ -0,0 +1,628 @@ +# nginx Cookbook CHANGELOG + +This file is used to list changes made in each version of the nginx cookbook. + +## 6.0.2 (2017-04-27) + +- Resolve name conflicts in the resource + +## 6.0.1 (2017-04-04) + +- double quotes are unnecessary in lua configure flags + +## 6.0.0 (2017-03-25) + +### Breaking change + +- Support for Runit as an init system has been removed. If you require runit you will need to pin to the 5.X cookbook release. We highly recommend using either systemd or upstart instead of Runit. + +### Other changes + +- Install nginx 1.10.3 for source based installs +- Remove freebsd cookbook from testing as it’s not necessary anymore +- Bump OpenSSL to 1.0.2k + +## 5.1.3 (2017-03-24) + +- Update apache2 license string +- Add image/svg+xml to gzip_files defaults +- support `worker_shutdown_timeout` released in 1.11.11 + +## 5.1.2 (2017-03-14) + +- Setup LD options to include /usr/local/lib for libluajit in search path and bump the lua version + +## 5.1.1 (2017-03-02) + +- Add WantedBy to systemd service file so it starts at boot +- Avoid a warning in nginx_site by moving the template check outside the resource +- Allow nginx_site to specify template as an array of templates + +## 5.1.0 (2017-03-01) + +- Support the load_module directive +- Test with Local Delivery and not Rake +- Remove EOL platforms from the kitchen configs + +## 5.0.7 (2017-02-12) + +- Fix Opsworks compatibility +- Resolve a Chef 13 deprecation warning + +## 5.0.6 (2017-01-16) + +- Rebuild shared library cache after installing luajit + +## 5.0.5 (2017-01-09) + +- Fix typo in the pagespeed recipe + +## 5.0.4 (2017-01-04) + +- Avoid deprecation warnings by only defining nginx service once + +## 5.0.3 (2017-01-03) + +- Add ability to write passenger log to another location +- Properly disable the default site with nginx.org packages + +## 5.0.2 (2016-12-22) +- Requite the latest compat_resource + +## 5.0.1 (2016-12-13) + +- Use multipackage in pagespeed module recipe to speed up installs +- Simplify the distro repo setup logic to ensure we're using the correct repos under all conditions. Previously the upstream repo was being missed on Suse systems +- Determine pidfile location correctly via a helper so we correctly set pidfiles when using Upstream packages on Ubuntu 14.04 / 16.04. This involved removing the attribute for the pidfile location, which may cause issues if you relied on that attribute. +- Testing improvements to make sure all suites run and the suites are testing the correct conditions + +## 5.0.0 (2016-12-07) + +### Breaking changes + +- Default to the upstream nginx.org repo for package installs. The official nginx repo gives an improved experience over outdated distro releases. This can be disabled via attribute if you'd like to remain on the distro packages. + +### Other changes + +- Add a deprecation warning when using runit +- Rewrite the readme usage section +- Better document how to compile modules + +## 4.0.2 (2016-12-01) +- Default to openssl 1.0.2j with source installs +- Add cookbook property to the nginx_site resource to allow using templates defined in other cookbooks +- Prevent default docroot index.html on bad url in status +- Readme improvements + +## 4.0.1 (2016-10-31) +- Fix a version check in the realip recipe +- Align the config with the default config a bit +- Fix the ChefSpec matchers now that nginx_site is a custom resource + +## 4.0.0 (2016-10-31) + +### Breaking changes + +The nginx_site definition is now a custom_resource. This improves the overall experience and allows for notifications and reporting on resource updates. It does change the behavior in some circumstances however. Previously to disable a site you would set 'enable false' on your definition. This will still function, but will result in a deprecation warning. Instead you should use 'action :disable' since this is a real resource now. + +### Other changes + +- Avoid splitting on compile params in the ohai plugin, which resulted in some source installs attempting to install on every Chef run. +- Expanded testing and improved kitchen suite setup +- Improved documentation of attributes and cookbook usage + +## 3.2.0 (2016-10-28) + +- Reload nginx on site change + +## 3.1.2 (2016-10-24) + +- [GH-26] Remove guard on package[nginx] resource +- Fix pcre packages on RHEL that prevented pagespeed module compilation + +## 3.1.1 (2016-09-21) + +- Raise on error vs. Chef::Appliation.fatal +- Require compat_resource with notification fixes + +## 3.1.0 (2016-09-14) + +- Resolve FC023 warnings +- FreeBSD fixes +- Fail hard on unsupported platforms in the source recipe +- Install 'ca-certificates' packages with passenger +- Add `passenger_show_version_in_header` config +- Remove chef 11 compatibility +- Replace apt/yum deps with compat_resource +- Fix specs for freebsd source installs +- Remove apt recipe from the repo_passenger recipe +- Switch to += operator as << also incorrectly replaces text in root. + +## 3.0.0 (2016-08-18) + +### Breaking changes + +Ideally we'd offer perfect backwards compatibility forever, but in order to maintain the cookbook going forward we've evaluated the current scope of the cookbook and removed lesser used functionality that added code complexity. + +- The minimum chef-client version is now 12.1 or later, which will enables support for Ohai 7+ plugins, the ohai_plugin custom resource, and automatic init system discovery. +- Support for Gentoo has been removed. Gentoo lacks an official Chef package and there is no Bento image to use for Test Kitchen integration tests. +- Support for the bluepill init system has been removed. Usage of this init system has declined, and supporting it added a cookbook dependency as well as code complexity. +- Ubuntu source installs will no longer default to runit, and will instead use either Upstart or Systemd depending on the release of Ubuntu. You can still force the use of runit by setting default['nginx']['init_style'] to 'runit'. Runit was used historically before reliable init systems were shipped with Ubuntu. Both Upstart and Systemd have the concept of restarting on failure, which was the main reason for choosing Runit over sys-v init. + +### Other changes + +- Don't setup the YUM EPEL repo on Fedora as it's not needed +- Systemd based platforms will now use systemd by default for source installs +- Retry downloads of the nginx source file as the mirror sometimes fails to load +- Download the nginx source from the secure nginx.org site +- Updated the Ohai plugin to avoid deprecation notices and function better on non us-en locale systems +- Install source install pre-reqs using multi-package which speeds up Chef runs +- Add testing in Travis with Kitchen Dokken for full integration testing of each PR +- Add integration test on Chef 12.1 as well as the latest Chef to ensure compatibility with the oldest release we support +- Remove installation of apt-transport-https and instead increase the apt dependency to >= 2.9.1 which includes the installation of apt-transport-https +- Don't try to setup the nginx.org repo on Fedora as this will fail +- Better log when trying to setup repositories on unsupported platforms +- Fixed source_url and issue_url in the metadata to point to the correct URLs +- Removed Chef 10 compatibility code +- Chefspec platform updates and minor fixes +- Replace all usage of node.set with node.normal to avoid deprecation notices +- Remove the suse init script that isn't used anymore +- Speed up the specs with caching +- Move test attributes and runlists out the kitchen.yml files and into a test cookbook + +## 2.9.0 (2016-08-12) + +- Add support for Suse Nginx.org packages + +## v2.8.0 (2016-08-12) + +This is the first release of the nginx codebase under the chef_nginx namespace. We've chosen to bring this cookbook under the direction of the Community Cookbook Team, in order to ship a working 2.X release. The cookbook name has been changed, but all attributes are the same and compatibility has been maintained. After this 2.8.0 release we will release 3.0 as a Chef 12+ version of the cookbook and then work to add additional custom resources for managing nginx with wrapper cookbooks. Expect regular releases as we march towards a resource driven model. + +- Removed the restrictive version constraints for cookbook dependencies that prevented users from utilizing new functionality. Ohai has been pinned to < 4.0 to allow for Chef 11 compatibility, but other cookbooks have no upper limit +- Updated all modules in the source install to their latest releases +- Removed the GeoIP database checksums as these files are constantly updates and this causes Chef run failures +- Updated OpenSSL for source installs to 1.0.1t +- Updated the source install of Nginx to version 1.10.1 +- Updated the ohai recipe to install a Ohai 7+ compatible plugin on systems running Ohai 7+ +- Fixed installation of Passenger version 5.X+ +- Added a http_v2_module recipe +- Replaced node.set usage with node.normal to avoid deprecation warnings +- Removed the apt version pin in the Berkfile that wasn't necessary and constrained the apt version +- Removed the lua-devel package install from the lua recipe that failed chef runs and wasn't necessary +- Removed duplicate packages from the source module installs +- Added a dependency on the yum cookbook which was missing from the metadata +- Updated the mime.types file and added the charset_types configuration option to the nginx config +- Added source_url, issue_url, and chef_version metadata +- Fixed the pid file attribute logic for Ubuntu 16.04 +- Removed the Contributing doc that was for contributing to Opscode cookbooks +- Updated all test dependencies in the Gemfile +- Removed default user/group/mode declarations from resources for simplicity +- Updated documentation for dependencies in the README +- Added a chefignore file to limit the cookbook files that are uploaded to the chef server and speed up cookbook syncs to nodes +- Added additional platforms to the Test Kitchen config and removed the .kitchen.cloud.yml file +- Switched integration tests to Inspec and fixed several non-functional tests +- Switched from Rubocop to Cookstyle and resolved all warnings +- Added the standard Chef Rakefile for simplified testing +- Updated Chefspecs to avoid constant deprecation warnings and converge using chef-zero on a newer Debian 8 system +- Switch Travis CI testing to use ChefDK instead of RVM/Gem installs +- Removed testing dependencies from the Gemfile as testing should be performed via ChefDK. Release gems are still in the Gemfile as they are not shipped with ChefDK +- Added a maintainers.md doc and updated the contributing/testing docs to point to the Chef docs +- Removed Guard as guard-foodcritic doesn't support the latest release which makes guard incompatible with ChefDK + +## v2.7.6 (2015-03-17) + +- Bugfix sites do not need a .conf suffix anymore, [#338][@runningman84] + +## v2.7.5 (2015-03-17) + +**NOTE** As of this release, this cookbook in its current format is deprecated, and only critical bugs and fixes will be added. A complete rewrite is in progress, so we appreciate your patience while we sort things out. The amount of change included here + +- Fix nginx 1.4.4 archive checksum to prevent redownload, [#305][@irontoby] +- Allow setting an empty string to prevent additional repos, [#243][@miketheman] +- Use correct `mime.types` for javascript, [#259][@dwradcliffe] +- Fix `headers_more` module for source installs, [#279], [@josh-padnick] & [@miketheman] +- Remove `libtool` from `geoip` and update download paths & checksums, [@miketheman] +- Fix unquoted URL with params failing geoip module build (and tests!), [#294][@karsten-bruckmann] & [@miketheman] +- Fix typo in `source.rb`, [#205][@gregkare] +- Test updates: ChefSpec, test-kitchen. Lots of help by [@jujugrrr] +- Toolchain updates for testing +- Adds support for `tcp_nopush`, `tcp_nodelay` [@shtouff] + +After merging a ton of pull requests, here's a brief changelog. Click each to read more. + +- Merge pull request [#335] from [@stevenolen] +- Merge pull request [#332] from [@monsterstrike] +- Merge pull request [#331] from [@jalberto] +- Merge pull request [#327] from [@nkadel-skyhook] +- Merge pull request [#326] from [@bchrobot] +- Merge pull request [#325] from [@CanOfSpam3bug324] +- Merge pull request [#321] from [@jalberto] +- Merge pull request [#318] from [@evertrue] +- Merge pull request [#314] from [@bkw] +- Merge pull request [#312] from [@thomasmeeus] +- Merge pull request [#310] from [@morr] +- Merge pull request [#305] from [@irontoby] +- Merge pull request [#302] from [@auth0] +- Merge pull request [#298] from [@Mytho] +- Merge pull request [#269] from [@yveslaroche] +- Merge pull request [#259] from [@dwradcliffe] +- Merge pull request [#254] from [@evertrue] +- Merge pull request [#252] from [@gkra] +- Merge pull request [#249] from [@whatcould] +- Merge pull request [#240] from [@jcoleman] +- Merge pull request [#236] from [@adepue] +- Merge pull request [#230] from [@n1koo] +- Merge pull request [#225] from [@thommay] +- Merge pull request [#223] from [@firmhouse] +- Merge pull request [#220] from [@evertrue] +- Merge pull request [#219] from [@evertrue] +- Merge pull request [#204] from [@usertesting] +- Merge pull request [#200] from [@ffuenf] +- Merge pull request [#188] from [@larkin] +- Merge pull request [#184] from [@tvdinner] +- Merge pull request [#183] from [@jenssegers] +- Merge pull request [#174] from [@9minutesnooze] + + + +## v2.7.4 (2014-06-06) + +- [COOK-4703] Default openssl version to 1.0.1h to address CVE-2014-0224 + +## v2.7.2 (2014-05-27) + +- [COOK-4658] - Nginx::socketproxy if the context is blank or nonexistent, the location in the config file has a double slash at the beginning +- [COOK-4644] - add support to nginx::repo for Amazon Linux +- Allow .kitchen.cloud.yml to use an environment variable for the EC2 Availability Zone + +## v2.7.0 (2014-05-15) + +- [COOK-4643] - Update metadata lock on ohai +- [COOK-4588] - Give more love to FreeBSD +- [COOK-4601] - Add proxy type: Socket + +## v2.6.2 (2014-04-09) + +[COOK-4527] - set default openssl source version to 1.0.1g to address CVE-2014-0160 aka Heartbleed + +## v2.6.0 (2014-04-08) + +- Reverting COOK-4323 + +## v2.5.0 (2014-03-27) + +- [COOK-4323] - Need a resource to easily configure available sites (vhosts) + +## v2.4.4 (2014-03-13) + +- Updating for build-essential 2.0 + +## v2.4.2 (2014-02-28) + +Fixing bad commit from COOK-4330 + +## v2.4.1 (2014-02-27) + +- [COOK-4345] - nginx default recipe include install type recipe directly + +## v2.4.0 (2014-02-27) + +- [COOK-4380] - kitchen.yml platform listings for ubuntu-10.04 and ubuntu-12.04 are missing the dot +- [COOK-4330] - Bump nginx version for security issues (CVE-2013-0337, CVE-2013-4547) + +## v2.3.0 (2014-02-25) + +- **[COOK-4293](https://tickets.chef.io/browse/COOK-4293)** - Update testing Gems in nginx and fix a rubocop warnings +- **[COOK-4237] - Nginx version incorrectly parsed on Ubuntu 13 +- **[COOK-3866] - Nginx default site folder + +## v2.2.2 (2014-01-23) + +[COOK-3672] - Add gzip_static option + +## v2.2.0 + +No changes. Version bump for toolchain + +## v2.1.0 + +[COOK-3923] - Enable the list of packages installed by nginx::passenger to be configurable [COOK-3672] - Nginx should support the gzip_static option Updating for yum ~> 3.0 Fixing up style for rubocop Updating test-kitchen harness + +## v2.0.8 + +fixing metadata version error. locking to 3.0 + +## v2.0.6 + +Locking yum dependency to '< 3' + +## v2.0.4 + +### Bug + +- **[COOK-3808](https://tickets.chef.io/browse/COOK-3808)** - nginx::passenger run fails because of broken installation of package dependencies +- **[COOK-3779](https://tickets.chef.io/browse/COOK-3779)** - Build in master fails due to rubocop error + +## v2.0.2 + +### Bug + +- **[COOK-3808](https://tickets.chef.io/browse/COOK-3808)** - nginx::passenger run fails because of broken installation of package dependencies +- **[COOK-3779](https://tickets.chef.io/browse/COOK-3779)** - Build in master fails due to rubocop error + +## v2.0.0 + +### Improvement + +- **[COOK-3733](https://tickets.chef.io/browse/COOK-3733)** - Add RPM key names and GPG checking +- **[COOK-3687](https://tickets.chef.io/browse/COOK-3687)** - Add support for `http_perl` +- **[COOK-3603](https://tickets.chef.io/browse/COOK-3603)** - Add a recipe for using custom openssl +- **[COOK-3602](https://tickets.chef.io/browse/COOK-3602)** - Use an attribute for the status module port +- **[COOK-3549](https://tickets.chef.io/browse/COOK-3549)** - Refactor custom modules support +- **[COOK-3521](https://tickets.chef.io/browse/COOK-3521)** - Add support for `http_auth_request` +- **[COOK-3520](https://tickets.chef.io/browse/COOK-3520)** - Add support for `spdy` +- **[COOK-3185](https://tickets.chef.io/browse/COOK-3185)** - Add `gzip_*` attributes +- **[COOK-2712](https://tickets.chef.io/browse/COOK-2712)** - Update `upload_progress` version to 0.9.0 + +### Bug + +- **[COOK-3686](https://tickets.chef.io/browse/COOK-3686)** - Remove deprecated 'passenger_use_global_queue' directive +- **[COOK-3626](https://tickets.chef.io/browse/COOK-3626)** - Parameterize hardcoded path to helper scripts +- **[COOK-3571](https://tickets.chef.io/browse/COOK-3571)** - Reloda ohai plugin after installation +- **[COOK-3428](https://tickets.chef.io/browse/COOK-3428)** - Fix an issue where access logs are not disabled when the `disable_access_log` attribute is set to `true` +- **[COOK-3322](https://tickets.chef.io/browse/COOK-3322)** - Fix an issue where `nginx::ohai_plugin` fails when using source recipe +- **[COOK-3241](https://tickets.chef.io/browse/COOK-3241)** - Fix an issue where`nginx::ohai_plugin` fails unless using source recipe + +### New Feature + +- **[COOK-3605](https://tickets.chef.io/browse/COOK-3605)** - Add Lua module + +## v1.8.0 + +### Bug + +- **[COOK-3397](https://tickets.chef.io/browse/COOK-3397)** - Fix user from nginx package on Gentoo +- **[COOK-2968](https://tickets.chef.io/browse/COOK-2968)** - Fix foodcritic failure +- **[COOK-2723](https://tickets.chef.io/browse/COOK-2723)** - Remove duplicate passenger `max_pool_size` + +### Improvement + +- **[COOK-3186](https://tickets.chef.io/browse/COOK-3186)** - Add `client_body_buffer_size` and `server_tokens attributes` +- **[COOK-3080](https://tickets.chef.io/browse/COOK-3080)** - Add rate-limiting support +- **[COOK-2927](https://tickets.chef.io/browse/COOK-2927)** - Add support for `real_ip_recursive` directive +- **[COOK-2925](https://tickets.chef.io/browse/COOK-2925)** - Fix ChefSpec converge +- **[COOK-2724](https://tickets.chef.io/browse/COOK-2724)** - Automatically create directory for PID file +- **[COOK-2472](https://tickets.chef.io/browse/COOK-2472)** - Bump nginx version to 1.2.9 +- **[COOK-2312](https://tickets.chef.io/browse/COOK-2312)** - Add additional `mine_types` to the `gzip_types` value + +### New Feature + +- **[COOK-3183](https://tickets.chef.io/browse/COOK-3183)** - Allow inclusion in extra-cookbook modules + +## v1.7.0 + +### Improvement + +- [COOK-3030]: The repo_source attribute should allow you to not add any additional repositories to your node + +### Sub-task + +- [COOK-2738]: move nginx::passenger attributes to `nginx/attributes/passenger.rb` + +## v1.6.0 + +### Task + +- [COOK-2409]: update nginx::source recipe for new `runit_service` resource +- [COOK-2877]: update nginx cookbook test-kitchen support to 1.0 (alpha) + +### Improvement + +- [COOK-1976]: nginx source should be able to configure binary path +- [COOK-2622]: nginx: add upstart support +- [COOK-2725]: add "configtest" subcommand in initscript + +### Bug + +- [COOK-2398]: nginx_site definition cannot be used to manage the default site +- [COOK-2493]: Resources in nginx::source recipe always use 1.2.6 version, even overriding version attribute +- [COOK-2531]: Remove usage of non-existant attribute "description" for `apt_repository` +- [COOK-2665]: nginx::source install with custom sbin_path breaks ohai data + +## v1.4.0 + +- [COOK-2183] - Install nginx package from nginxyum repo +- [COOK-2311] - headers-more should be updated to the latest version +- [COOK-2455] - Support sendfile option (nginx.conf) + +## v1.3.0 + +- [COOK-1979] - Passenger module requires curl-dev(el) +- [COOK-2219] - Support `proxy_read_timeout` (in nginx.conf) +- [COOK-2220] - Support `client_max_body_size` (in nginx.conf) +- [COOK-2280] - Allow custom timing of nginx_site's reload notification +- [COOK-2304] - nginx cookbook should install 1.2.6 not 1.2.3 for source installs +- [COOK-2309] - checksums for geoip files need to be updated in nginx +- [COOK-2310] - Checksum in the `nginx::upload_progress` recipe is not correct +- [COOK-2314] - nginx::passenger: Install the latest version of passenger +- [COOK-2327] - nginx: passenger recipe should find ruby via Ohai +- [COOK-2328] - nginx: Update mime.types file to the latest +- [COOK-2329] - nginx: Update naxsi rules to the current + +## v1.2.0 + +- [COOK-1752] - Add headers more module to the nginx cookbook +- [COOK-2209] - nginx source recipe should create web user before creating directories +- [COOK-2221] - make nginx::source compatible with gentoo +- [COOK-2267] - add version for runit recommends + +## v1.1.4 + +- [COOK-2168] - specify package name as an attribute + +## v1.1.2 + +- [COOK-1766] - Nginx Source Recipe Rebuilding Source at Every Run +- [COOK-1910] - Add IPv6 module +- [COOK-1966] - nginx cookbook should let you set `gzip_vary` and `gzip_buffers` in nginx.conf +- [COOK-1969]- - nginx::passenger module not included due to use of symbolized `:nginx_configure_flags` +- [COOK-1971] - Template passenger.conf.erb configures key `passenger_max_pool_size` 2 times +- [COOK-1972] - nginx::source compile_nginx_source reports success in spite of failed compilation +- [COOK-1975] - nginx::passenger requires rake gem +- [COOK-1979] - Passenger module requires curl-dev(el) +- [COOK-2080] - Restart nginx on source compilation + +## v1.1.0 + +- [COOK-1263] - Nginx log (and possibly other) directory creations should be recursive +- [COOK-1515] - move creation of `node['nginx']['dir']` out of commons.rb +- [COOK-1523] - nginx `http_geoip_module` requires libtoolize +- [COOK-1524] - nginx checksums are md5 +- [COOK-1641] - add "use", "`multi_accept`" and "`worker_rlimit_nofile`" to nginx cookbook +- [COOK-1683] - Nginx fails Windows nodes just by being required in metadata +- [COOK-1735] - Support Amazon Linux in nginx::source recipe +- [COOK-1753] - Add ability for nginx::passenger recipe to configure more Passenger global settings +- [COOK-1754] - Allow group to be set in nginx.conf file +- [COOK-1770] - nginx cookbook fails on servers that don't have a "cpu" attribute +- [COOK-1781] - Use 'sv' to reload nginx when using runit +- [COOK-1789] - stop depending on bluepill, runit and yum. they are not required by nginx cookbook +- [COOK-1791] - add name attribute to metadata +- [COOK-1837] - nginx::passenger doesn't work on debian family +- [COOK-1956] - update naxsi version due to incompatibility with newer nginx + +## v1.0.2 + +- [COOK-1636] - relax the version constraint on ohai + +## v1.0.0 + +- [COOK-913] - defaults for gzip cause warning on service restart +- [COOK-1020] - duplicate MIME type +- [COOK-1269] - add passenger module support through new recipe +- [COOK-1306] - increment nginx version to 1.2 (now 1.2.3) +- [COOK-1316] - default site should not always be enabled +- [COOK-1417] - resolve errors preventing build from source +- [COOK-1483] - source prefix attribute has no effect +- [COOK-1484] - source relies on /etc/sysconfig +- [COOK-1511] - add support for naxsi module +- [COOK-1525] - nginx source is downloaded every time +- [COOK-1526] - nginx_site does not remove sites +- [COOK-1527] - add `http_echo_module` recipe + +## v0.101.6 + +Erroneous cookbook upload due to timeout. + +Version #'s are cheap. + +## v0.101.4 + +- [COOK-1280] - Improve RHEL family support and fix ohai_plugins recipe bug +- [COOK-1194] - allow installation method via attribute +- [COOK-458] - fix duplicate nginx processes + +## v0.101.2 + +- [COOK-1211] - include the default attributes explicitly so version is available. + +## v0.101.0 + +**Attribute Change**: `node['nginx']['url']` -> `node['nginx']['source']['url']`; see the README.md. + +- [COOK-1115] - daemonize when using init script +- [COOK-477] - module compilation support in nginx::source + +## v0.100.4 + +- [COOK-1126] - source version bump to 1.0.14 + +## v0.100.2 + +- [COOK-1053] - Add :url attribute to nginx cookbook + +## v0.100.0 + +- [COOK-818] - add "application/json" per RFC. +- [COOK-870] - bluepill init style support +- [COOK-957] - Compress application/javascript. +- [COOK-981] - Add reload support to NGINX service + +## v0.99.2 + +- [COOK-809] - attribute to disable access logging +- [COOK-772] - update nginx download source location + + + +[#174]: https://github.com/miketheman/nginx/issues/174 +[#183]: https://github.com/miketheman/nginx/issues/183 +[#184]: https://github.com/miketheman/nginx/issues/184 +[#188]: https://github.com/miketheman/nginx/issues/188 +[#200]: https://github.com/miketheman/nginx/issues/200 +[#204]: https://github.com/miketheman/nginx/issues/204 +[#205]: https://github.com/miketheman/nginx/issues/205 +[#219]: https://github.com/miketheman/nginx/issues/219 +[#220]: https://github.com/miketheman/nginx/issues/220 +[#223]: https://github.com/miketheman/nginx/issues/223 +[#225]: https://github.com/miketheman/nginx/issues/225 +[#230]: https://github.com/miketheman/nginx/issues/230 +[#236]: https://github.com/miketheman/nginx/issues/236 +[#240]: https://github.com/miketheman/nginx/issues/240 +[#243]: https://github.com/miketheman/nginx/issues/243 +[#249]: https://github.com/miketheman/nginx/issues/249 +[#252]: https://github.com/miketheman/nginx/issues/252 +[#254]: https://github.com/miketheman/nginx/issues/254 +[#259]: https://github.com/miketheman/nginx/issues/259 +[#269]: https://github.com/miketheman/nginx/issues/269 +[#279]: https://github.com/miketheman/nginx/issues/279 +[#294]: https://github.com/miketheman/nginx/issues/294 +[#298]: https://github.com/miketheman/nginx/issues/298 +[#302]: https://github.com/miketheman/nginx/issues/302 +[#305]: https://github.com/miketheman/nginx/issues/305 +[#310]: https://github.com/miketheman/nginx/issues/310 +[#312]: https://github.com/miketheman/nginx/issues/312 +[#314]: https://github.com/miketheman/nginx/issues/314 +[#318]: https://github.com/miketheman/nginx/issues/318 +[#321]: https://github.com/miketheman/nginx/issues/321 +[#325]: https://github.com/miketheman/nginx/issues/325 +[#326]: https://github.com/miketheman/nginx/issues/326 +[#327]: https://github.com/miketheman/nginx/issues/327 +[#331]: https://github.com/miketheman/nginx/issues/331 +[#332]: https://github.com/miketheman/nginx/issues/332 +[#335]: https://github.com/miketheman/nginx/issues/335 +[#338]: https://github.com/miketheman/nginx/issues/338 +[@9minutesnooze]: https://github.com/9minutesnooze +[@adepue]: https://github.com/adepue +[@auth0]: https://github.com/auth0 +[@bchrobot]: https://github.com/bchrobot +[@bkw]: https://github.com/bkw +[@canofspam3bug324]: https://github.com/CanOfSpam3bug324 +[@dwradcliffe]: https://github.com/dwradcliffe +[@evertrue]: https://github.com/evertrue +[@ffuenf]: https://github.com/ffuenf +[@firmhouse]: https://github.com/firmhouse +[@gkra]: https://github.com/gkra +[@gregkare]: https://github.com/gregkare +[@irontoby]: https://github.com/irontoby +[@jalberto]: https://github.com/jalberto +[@jcoleman]: https://github.com/jcoleman +[@jenssegers]: https://github.com/jenssegers +[@josh-padnick]: https://github.com/josh-padnick +[@jujugrrr]: https://github.com/jujugrrr +[@karsten-bruckmann]: https://github.com/karsten-bruckmann +[@larkin]: https://github.com/larkin +[@miketheman]: https://github.com/miketheman +[@monsterstrike]: https://github.com/monsterstrike +[@morr]: https://github.com/morr +[@mytho]: https://github.com/Mytho +[@n1koo]: https://github.com/n1koo +[@nkadel-skyhook]: https://github.com/nkadel-skyhook +[@runningman84]: https://github.com/runningman84 +[@shtouff]: https://github.com/shtouff +[@stevenolen]: https://github.com/stevenolen +[@thomasmeeus]: https://github.com/thomasmeeus +[@thommay]: https://github.com/thommay +[@tvdinner]: https://github.com/tvdinner +[@usertesting]: https://github.com/usertesting +[@whatcould]: https://github.com/whatcould +[@yveslaroche]: https://github.com/yveslaroche diff --git a/cookbooks/bluepill/CONTRIBUTING.md b/cookbooks/chef_nginx/CONTRIBUTING.md similarity index 100% rename from cookbooks/bluepill/CONTRIBUTING.md rename to cookbooks/chef_nginx/CONTRIBUTING.md diff --git a/cookbooks/bluepill/MAINTAINERS.md b/cookbooks/chef_nginx/MAINTAINERS.md similarity index 56% rename from cookbooks/bluepill/MAINTAINERS.md rename to cookbooks/chef_nginx/MAINTAINERS.md index 00eed8d..645ed14 100644 --- a/cookbooks/bluepill/MAINTAINERS.md +++ b/cookbooks/chef_nginx/MAINTAINERS.md @@ -1,13 +1,10 @@ # Maintainers -This file lists how this cookbook project is maintained. When making changes to the system, this -file tells you who needs to review your patch - you need a simple majority of maintainers -for the relevant subsystems to provide a :+1: on your pull request. Additionally, you need -to not receive a veto from a Lieutenant or the Project Lead. -Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) -for details on the process and how to become a maintainer or the project lead. +This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead. + +Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead. # Project Maintainer * [Tim Smith](https://github.com/tas50) diff --git a/cookbooks/chef_nginx/README.md b/cookbooks/chef_nginx/README.md new file mode 100644 index 0000000..d049f10 --- /dev/null +++ b/cookbooks/chef_nginx/README.md @@ -0,0 +1,367 @@ +# nginx Cookbook + +[![Cookbook](http://img.shields.io/cookbook/v/chef_nginx.svg)](https://supermarket.chef.io/cookbooks/chef_nginx) [![Build Status](https://travis-ci.org/chef-cookbooks/chef_nginx.svg?branch=master)](https://travis-ci.org/chef-cookbooks/chef_nginx) + +Installs nginx from package OR source code and sets up configuration handling similar to Debian's Apache2 scripts. + +## nginx vs. chef_nginx + +This cookbook is a fork from the 2.7.x branch of the [community nginx cookbook](https://github.com/miketheman/nginx). + +This fork will be actively supported by Chef Software and we will continue to migrate the cookbook to a more resource driven model, with incremental changes following the SemVer model. + +## Requirements + +### Cookbooks + +The following cookbooks are direct dependencies because they're used for common "default" functionality. + +- `build-essential` for source installations +- `ohai` for setting up the ohai plugin +- `compat_resource` for setting up the nginx.org repository on Chef 12.1 - 12.13 +- `yum-epel` for setting up the EPEL repository on RHEL platforms +- `zypper` for setting up the nginx.org repository on Suse platforms + +### Platforms + +The following platforms are supported and tested with Test Kitchen: + +- Ubuntu 12.04+ +- CentOS 5+ +- Debian 7+ +- openSUSE 13.2+ +- FreeBSD 9+ + +Other Debian and RHEL family distributions are assumed to work. + +### Chef + +- Chef 12.1+ + +## Attributes + +Node attributes for this cookbook are logically separated into different files. Some attributes are set only via a specific recipe. + +### chef_nginx::auth_request + +These attributes are used in the `chef_nginx::auth_request` recipe. + +- `node['nginx']['auth_request']['url']` - The url to the auth_request module tar.gz file +- `node['nginx']['auth_request']['checksum']` - The checksum of the auth_request module tar.gz file + +### chef_nginx::default + +Generally used attributes. Some have platform specific values. See `attributes/default.rb`. "The Config" refers to "nginx.conf" the main config file. + +- `node['nginx']['dir']` - Location for nginx configuration. +- `node['nginx']['conf_template']` - The `source` template to use when creating the `nginx.conf`. +- `node['nginx']['conf_cookbook']` - The cookbook where `node['nginx']['conf_template']` resides. +- `node['nginx']['log_dir']` - Location for nginx logs. +- `node['nginx']['log_dir_perm']` - Permissions for nginx logs folder. +- `node['nginx']['user']` - User that nginx will run as. +- `node['nginx']['group']` - Group for nginx. +- `node['nginx']['port']` - Port for nginx to listen on. +- `node['nginx']['binary']` - Path to the nginx binary. +- `node['nginx']['init_style']` - How to run nginx as a service when using `chef_nginx::source`. Values can be "upstart", "systemd", or "init". This attribute is not used in the `package` recipe because the package manager's init script style for the platform is assumed. +- `node['nginx']['upstart']['foreground']` - Set this to true if you want upstart to run nginx in the foreground, set to false if you want upstart to detach and track the process via pid. +- `node['nginx']['upstart']['runlevels']` - String of runlevels in the format '2345' which determines which runlevels nginx will start at when entering and stop at when leaving. +- `node['nginx']['upstart']['respawn_limit']` - Respawn limit in upstart stanza format, count followed by space followed by interval in seconds. +- `node['nginx']['keepalive']` - Whether to use `keepalive_timeout`, any value besides "on" will leave that option out of the config. +- `node['nginx']['keepalive_requests']` - used for config value of `keepalive_requests`. +- `node['nginx']['keepalive_timeout']` - used for config value of `keepalive_timeout`. +- `node['nginx']['worker_processes']` - used for config value of `worker_processes`. +- `node['nginx']['worker_connections']` - used for config value of `events { worker_connections }` +- `node['nginx']['worker_rlimit_nofile']` - used for config value of `worker_rlimit_nofile`. Can replace any "ulimit -n" command. The value depend on your usage (cache or not) but must always be superior than worker_connections. +- `node['nginx']['worker_shutdown_timeout']` - used for config value of `worker_shutdown_timeout`. +- `node['nginx']['worker_connections']` - used for config value of `events { worker_connections }` +- `node['nginx']['multi_accept']` - used for config value of `events { multi_accept }`. Try to accept() as many connections as possible. Disable by default. +- `node['nginx']['event']` - used for config value of `events { use }`. Set the event-model. By default nginx looks for the most suitable method for your OS. +- `node['nginx']['accept_mutex_delay']` - used for config value of `accept_mutex_delay` +- `node['nginx']['server_tokens']` - used for config value of `server_tokens`. +- `node['nginx']['server_names_hash_bucket_size']` - used for config value of `server_names_hash_bucket_size`. +- `node['nginx']['disable_access_log']` - set to true to disable the general access log, may be useful on high traffic sites. +- `node['nginx']['access_log_options']` - Set to a string of additional options to be appended to the access log directive +- `node['nginx']['error_log_options']` - Set to a string of additional options to be appended to the error log directive +- `node['nginx']['default_site_enabled']` - enable the default site +- `node['nginx']['sendfile']` - Whether to use `sendfile`. Defaults to "on". +- `node['nginx']['tcp_nopush']` - Whether to use `tcp_nopush`. Defaults to "on". +- `node['nginx']['tcp_nodelay']` - Whether to use `tcp_nodelay`. Defaults to "on". +- `node['nginx']['install_method']` - Whether nginx is installed from packages or from source. +- `node['nginx']['types_hash_max_size']` - Used for the `types_hash_max_size` configuration directive. +- `node['nginx']['types_hash_bucket_size']` - Used for the `types_hash_bucket_size` configuration directive. +- `node['nginx']['proxy_read_timeout']` - defines a timeout (between two successive read operations) for reading a response from the proxied server. +- `node['nginx']['client_body_buffer_size']` - used for config value of `client_body_buffer_size`. +- `node['nginx']['client_max_body_size']` - specifies the maximum accepted body size of a client request, as indicated by the request header Content-Length. +- `node['nginx']['repo_source']` - when installed from a package this attribute affects which yum repositories, if any, will be added before installing the nginx package. The default value of 'epel' will use the `yum-epel` cookbook, 'nginx' will use the `chef_nginx::repo` recipe, 'passenger' will use the 'chef_nginx::repo_passenger' recipe, and setting no value will not add any additional repositories. +- `node['nginx']['sts_max_age']` - Enable Strict Transport Security for all apps (See: ). This attribute adds the following header: Strict-Transport-Security max-age=SECONDS to all incoming requests and takes an integer (in seconds) as its argument. +- `node['nginx']['default']['modules']` - Array specifying which modules to enable via the conf-enabled config include function. Currently the only valid value is "socketproxy". +- `node['nginx']['load_modules']` - Array of paths to modules to dynamically load on nginx startup using the `load_module` directive. Default is `[]`. + +#### authorized_ips module + +- `node['nginx']['remote_ip_var']` - The remote ip variable name to use. +- `node['nginx']['authorized_ips']` - IPs authorized by the module + +#### gzip module + +- `node['nginx']['gzip']` - Whether to use gzip, can be "on" or "off" +- `node['nginx']['gzip_http_version']` - used for config value of `gzip_http_version`. +- `node['nginx']['gzip_comp_level']` - used for config value of `gzip_comp_level`. +- `node['nginx']['gzip_proxied']` - used for config value of `gzip_proxied`. +- `node['nginx']['gzip_vary']` - used for config value of `gzip_vary`. +- `node['nginx']['gzip_buffers']` - used for config value of `gzip_buffers`. +- `node['nginx']['gzip_types']` - used for config value of `gzip_types` - must be an Array. +- `node['nginx']['gzip_min_length']` - used for config value of `gzip_min_length`. +- `node['nginx']['gzip_disable']` - used for config value of `gzip_disable`. +- `node['nginx']['gzip_static']` - used for config value of `gzip_static` (`http_gzip_static_module` must be enabled) + +#### Other configurations + +- `node['nginx']['extra_configs']` - a Hash of key/values to nginx configuration. + +### chef_nginx::echo + +These attributes are used in the `chef_nginx::http_echo_module` recipe. + +- `node['nginx']['echo']['version']` - The version of `http_echo` you want (default: 0.59) +- `node['nginx']['echo']['url']` - URL for the tarball. +- `node['nginx']['echo']['checksum']` - Checksum of the tarball. + +### chef_nginx::devel + +These attributes are used in the `chef_nginx::ngx_devel_module` recipe. + +- `node['nginx']['devel']['version']` - The version of the nginx devel module +- `node['nginx']['devel']['url']` - The URL of the nginx devel module tar.gz file +- `node['nginx']['devel']['checksum']` - The checksum of the nginx devel module tar.gz file + +### chef_nginx::geoip + +These attributes are used in the `chef_nginx::http_geoip_module` recipe. Please note that the `country_dat_checksum` and `city_dat_checksum` are based on downloads from a datacenter in Fremont, CA, USA. You really should override these with checksums for the geo tarballs from your node location. + +**Note** The upstream, maxmind.com, may block access for repeated downloads of the data files. It is recommended that you download and host the data files, and change the URLs in the attributes. + +- `node['nginx']['geoip']['path']` - Location where to install the geoip libraries. +- `node['nginx']['geoip']['enable_city']` - Whether to enable City data +- `node['nginx']['geoip']['country_dat_url']` - Country data tarball URL +- `node['nginx']['geoip']['country_dat_checksum']` - Country data tarball checksum +- `node['nginx']['geoip']['city_dat_url']` - City data tarball URL +- `node['nginx']['geoip']['city_dat_checksum']` - City data tarball checksum +- `node['nginx']['geoip']['lib_version']` - Version of the GeoIP library to install +- `node['nginx']['geoip']['lib_url']` - (Versioned) Tarball URL of the GeoIP library +- `node['nginx']['geoip']['lib_checksum']` - Checksum of the GeoIP library tarball + +### chef_nginx::http_realip_module + +From: + +- `node['nginx']['realip']['header']` - Header to use for the RealIp Module; only accepts "X-Forwarded-For" or "X-Real-IP" +- `node['nginx']['realip']['addresses']` - Addresses to use for the `http_realip` configuration. +- `node['nginx']['realip']['real_ip_recursive']` - If recursive search is enabled, the original client address that matches one of the trusted addresses is replaced by the last non-trusted address sent in the request header field. Can be on "on" or "off" (default). + +### chef_nginx::passenger + +These attributes are used in the `chef_nginx::passenger` recipe. + +- `node['nginx']['passenger']['version']` - passenger gem version +- `node['nginx']['passenger']['root']` - passenger gem root path +- `node['nginx']['passenger']['install_rake']` - set to false if rake already present on system +- `node['nginx']['passenger']['max_pool_size']` - maximum passenger pool size (default=10) +- `node['nginx']['passenger']['ruby']` - Ruby path for Passenger to use (default=`$(which ruby)`) +- `node['nginx']['passenger']['spawn_method']` - passenger spawn method to use (default=`smart-lv2`) +- `node['nginx']['passenger']['buffer_response']` - turns on or off response buffering (default=`on`) +- `node['nginx']['passenger']['max_pool_size']` - passenger maximum pool size (default=`6`) +- `node['nginx']['passenger']['min_instances']` - minimum instances (default=`1`) +- `node['nginx']['passenger']['max_instances_per_app']` - maximum instances per app (default=`0`) +- `node['nginx']['passenger']['pool_idle_time']` - passenger pool idle time (default=`300`) +- `node['nginx']['passenger']['max_requests']` - maximum requests (default=`0`) +- `node['nginx']['passenger']['nodejs']` - Nodejs path for Passenger to use (default=nil) +- `node['nginx']['passenger']['show_version_in_header']` - Show passenger version in HTTP headers (default=`on`) + +Basic configuration to use the official Phusion Passenger repositories: + +- `node['nginx']['repo_source']` - 'passenger' +- `node['nginx']['package_name']` - 'nginx-extras' +- `node['nginx']['passenger']['install_method']` - 'package' + +### chef_nginx::openssl_source + +These attributes are used in the `chef_nginx::openssl_source` recipe. + +- `node['nginx']['openssl_source']['version']` - The version of OpenSSL you want to download and use (default: 1.0.1t) +- `node['nginx']['openssl_source']['url']` - The url for the OpenSSL source + +### chef_nginx::rate_limiting + +- `node['nginx']['enable_rate_limiting']` - set to true to enable rate limiting (`limit_req_zone` in nginx.conf) +- `node['nginx']['rate_limiting_zone_name']` - sets the zone in `limit_req_zone`. +- `node['nginx']['rate_limiting_backoff']` - sets the backoff time for `limit_req_zone`. +- `node['nginx']['rate_limit']` - set the rate limit amount for `limit_req_zone`. + +### chef_nginx::socketproxy + +These attributes are used in the `chef_nginx::socketproxy` recipe. + +- `node['nginx']['socketproxy']['root']` - The directory (on your server) where socketproxy apps are deployed. +- `node['nginx']['socketproxy']['default_app']` - Static assets directory for requests to "/" that don't meet any proxy_pass filter requirements. +- `node['nginx']['socketproxy']['apps']['app_name']['prepend_slash']` - Prepend a slash to requests to app "app_name" before sending them to the socketproxy socket. +- `node['nginx']['socketproxy']['apps']['app_name']['context_name']` - URI (e.g. "app_name" in order to achieve "") at which to host the application "app_name" +- `node['nginx']['socketproxy']['apps']['app_name']['subdir']` - Directory (under `node['nginx']['socketproxy']['root']`) in which to find the application. + +### chef_nginx::source + +These attributes are used in the `chef_nginx::source` recipe. Some of them are dynamically modified during the run. See `attributes/source.rb` for default values. + +- `node['nginx']['source']['url']` - (versioned) URL for the nginx source code. By default this will use the version specified as `node['nginx']['version']`. +- `node['nginx']['source']['prefix']` - (versioned) prefix for installing nginx from source +- `node['nginx']['source']['conf_path']` - location of the main config file, in `node['nginx']['dir']` by default. +- `node['nginx']['source']['modules']` - Array of modules that should be compiled into nginx by including their recipes in `chef_nginx::source`. +- `node['nginx']['source']['default_configure_flags']` - The default flags passed to the configure script when building nginx. +- `node['nginx']['configure_flags']` - Preserved for compatibility and dynamically generated from the `node['nginx']['source']['default_configure_flags']` in the `chef_nginx::source` recipe. +- `node['nginx']['source']['use_existing_user']` - set to `true` if you do not want `chef_nginx::source` recipe to create system user with name `node['nginx']['user']`. + +### chef_nginx::status + +These attributes are used in the `chef_nginx::http_stub_status_module` recipe. + +- `node['nginx']['status']['port']` - The port on which nginx will serve the status info (default: 8090) + +### chef_nginx::syslog + +These attributes are used in the `chef_nginx::syslog_module` recipe. + +- `node['nginx']['syslog']['git_repo']` - The git repository url to use for the syslog patches. +- `node['nginx']['syslog']['git_revision']` - The revision on the git repository to checkout. + +### chef_nginx::upload_progress + +These attributes are used in the `chef_nginx::upload_progress_module` recipe. + +- `node['nginx']['upload_progress']['url']` - URL for the tarball. +- `node['nginx']['upload_progress']['checksum']` - Checksum of the tarball. +- `node['nginx']['upload_progress']['javascript_output']` - Output in javascript. Default is `true` for backwards compatibility. +- `node['nginx']['upload_progress']['zone_name']` - Zone name which will be used to store the per-connection tracking information. Default is `proxied`. +- `node['nginx']['upload_progress']['zone_size']` - Zone size in bytes. Default is `1m` (1 megabyte). + +## Resources + +### nginx_site + +Enable or disable a Server Block in `#{node['nginx']['dir']}/sites-available` by calling nxensite or nxdissite (introduced by this cookbook) to manage the symbolic link in `#{node['nginx']['dir']}/sites-enabled`. + +### Actions + +- `enable` - Enable the nginx site (default) +- `disable` - Disable the nginx site + +### Properties: + +- `name` - (optional) Name of the site to enable. By default it's assumed that the name of the nginx_site resource is the site name, but this allows overriding that. +- `template` - (optional) Path to the source for the `template` resource. +- `variables` - (optional) Variables to be used with the `template` resource + +## Ohai Plugin + +The `ohai_plugin` recipe includes an Ohai plugin. It will be automatically installed and activated, providing the following attributes via ohai, no matter how nginx is installed (source or package): + +- `node['nginx']['version']` - version of nginx +- `node['nginx']['configure_arguments']` - options passed to `./configure` when nginx was built +- `node['nginx']['prefix']` - installation prefix +- `node['nginx']['conf_path']` - configuration file path + +In the source recipe, it is used to determine whether control attributes for building nginx have changed. + +## Usage + +This cookbook provides three distinct installation methods, all of which are controlled via attributes and executed using the chef_nginx::default recipe. + +### Package installation using the nginx.org repositories + +Nginx provides repositories for RHEL, Debian/Ubuntu, and Suse platforms with up to date packages available on older distributions. Due to the age of many nginx packages shipping with distros we believe this is the ideal installation method. With no attributes set the nginx.org repositories will be added to your system and nginx will be installed via package. This provides a solid out of the box install for most users. + +### Package installation using distro repositories + +If you prefer to use the packages included in your distro or to roll your own packages you'll want to set `node['nginx']['repo_source']` to `nil` or `distro` to skip the repository setup. The default recipe will still install nginx from packages, but you'll retain control over the package location. + +### Source installation to compile non-dynamic modules + +If you need control over how nginx is built, or you need non-dynamic modules to be included you'll need to compile nginx from source. We highly recommend against using this method as it requires the installation of a full compilation toolchain and development dependencies on your nodes. Creating your own packages with nginx compiled as necessary is a preferred option. If that's not possible you can set `node['nginx']['install_method']` to `source` and provide a version in `node['nginx']['version']`. + +#### Specifying Modules to compile + +The following recipes are used to build module support into nginx. To compile a module, add its recipe name to the array attribute `node['nginx']['source']['modules']`. + +- `ipv6.rb` - enables IPv6 support +- `headers_more_module` - +- `http_auth_request_module`` +- `http_echo_module.rb` - downloads the `http_echo_module` module and enables it as a module when compiling nginx. +- `http_geoip_module.rb` - installs the GeoIP libraries and data files and enables the module for compilation. +- `http_gzip_static_module.rb` - enables the module for compilation. Be sure to set `node['nginx']['gzip_static'] = 'yes'`. +- `http_mp4_module` - +- `http_perl_module.rb` - enables embedded Perl for compilation. +- `http_realip_module.rb` - enables the module for compilation and creates the configuration. +- `http_spdy_module` - +- `http_ssl_module.rb` - enables SSL for compilation. +- `http_stub_status_module.rb` - provides `nginx_status` configuration and enables the module for compilation. +- `http_v2_module` +- `ipv6` - +- `naxsi_module` - enables the naxsi module for the web application firewall for nginx. +- `ngx_devel_module` - +- `ngx_lua_module` - +- `openssl_source.rb` - downloads and uses custom OpenSSL source when compiling nginx +- `pagespeed_module`- +- `passenger` - builds the passenger gem and configuration for "`mod_passenger`". +- `set_misc` - +- `syslog_module` - enables syslog support for nginx. This only works with source builds. See - +- `upload_progress_module.rb` - builds the `upload_progress` module and enables it as a module when compiling nginx. + +## Resources + +### nginx_site + +Enable or disable a Server Block in `#{node['nginx']['dir']}/sites-available` by calling nxensite or nxdissite (introduced by this cookbook) to manage the symbolic link in `#{node['nginx']['dir']}/sites-enabled`. + +### Actions + +- `enable` - Enable the nginx site (default) +- `disable` - Disable the nginx site + +### Properties: + +- `name` - (optional) Name of the site to enable. By default it's assumed that the name of the nginx_site resource is the site name, but this allows overriding that. +- `template` - (optional) Path to the source for the `template` resource. +- `cookbook` - (optional) The cookbook that contains the template source. +- `variables` - (optional) Variables to be used with the `template` resource + +## Adding New Modules + +Previously we'd add each possible module to this cookbook itself. That's not necessary using wrapper cookbooks and we'd prefer to not add any addition module recipes at this time. Instead in your nginx wrapper cookbook setup any necessary packages and then include the follow code to add the module to the list of modules to compile: + +```ruby +node.run_state['nginx_configure_flags'] = + node.run_state['nginx_configure_flags'] | ['--with-SOMETHING', "--with-SOME_OPT='things'"] +``` + +## License & Authors + +- Author:: Joshua Timberman ([joshua@chef.io](mailto:joshua@chef.io)) +- Author:: Adam Jacob ([adam@chef.io](mailto:adam@chef.io)) +- Author:: AJ Christensen ([aj@chef.io](mailto:aj@chef.io)) +- Author:: Jamie Winsor ([jamie@vialstudios.com](mailto:jamie@vialstudios.com)) +- Author:: Mike Fiedler ([miketheman@gmail.com](mailto:miketheman@gmail.com)) + +```text +Copyright 2008-2016, Chef Software, Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +``` diff --git a/cookbooks/nginx/attributes/auth_request.rb b/cookbooks/chef_nginx/attributes/auth_request.rb similarity index 74% rename from cookbooks/nginx/attributes/auth_request.rb rename to cookbooks/chef_nginx/attributes/auth_request.rb index c4dbcf0..21eb14f 100644 --- a/cookbooks/nginx/attributes/auth_request.rb +++ b/cookbooks/chef_nginx/attributes/auth_request.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attributes:: auth_request # # Author:: David Radcliffe () # -# Copyright 2013, David Radcliffe +# Copyright:: 2013-2017, David Radcliffe # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,5 +19,5 @@ # limitations under the License. # -default['nginx']['auth_request']['url'] = 'http://mdounin.ru/hg/ngx_http_auth_request_module/archive/ee8ff54f9b66.tar.gz' -default['nginx']['auth_request']['checksum'] = '7ab85e1c350c5a9c60ed1319c45fed144cc3c3e1' +default['nginx']['auth_request']['url'] = 'http://mdounin.ru/hg/ngx_http_auth_request_module/archive/662785733552.tar.gz' +default['nginx']['auth_request']['checksum'] = '2057bdefd2137a5000d9dbdbfca049d1ba7832ad2b9f8855a88ea5dfa70bd8c1' diff --git a/cookbooks/nginx/attributes/default.rb b/cookbooks/chef_nginx/attributes/default.rb similarity index 83% rename from cookbooks/nginx/attributes/default.rb rename to cookbooks/chef_nginx/attributes/default.rb index c3e96fe..e2000eb 100644 --- a/cookbooks/nginx/attributes/default.rb +++ b/cookbooks/chef_nginx/attributes/default.rb @@ -1,11 +1,11 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attributes:: default # # Author:: Adam Jacob () # Author:: Joshua Timberman () # -# Copyright 2009-2013, Chef Software, Inc. +# Copyright:: 2009-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,9 +21,8 @@ # # In order to update the version, the checksum attribute must be changed too. -# This attribute is in the source.rb file, though we recommend overriding -# attributes by modifying a role, or the node itself. -default['nginx']['version'] = '1.6.2' +# This attribute is defined in the source.rb attribute file +default['nginx']['version'] = '1.10.3' default['nginx']['package_name'] = 'nginx' default['nginx']['port'] = '80' default['nginx']['dir'] = '/etc/nginx' @@ -34,22 +33,20 @@ default['nginx']['binary'] = '/usr/sbin/nginx' default['nginx']['default_root'] = '/var/www/nginx-default' default['nginx']['ulimit'] = '1024' -default['nginx']['pid'] = '/var/run/nginx.pid' +# use the upstream nginx repo vs. distro packages +# this enables the use of modern nginx releases +# set this to nil to use the distro packages +# this is ignored if install_method is set to source +default['nginx']['repo_source'] = 'nginx' +default['nginx']['install_method'] = 'package' case node['platform_family'] when 'debian' - default['nginx']['user'] = 'www-data' - default['nginx']['init_style'] = 'runit' - if platform == 'ubuntu' && platform_version == '14.04' - default['nginx']['pid'] = '/run/nginx.pid' - end -when 'rhel', 'fedora' + default['nginx']['user'] = 'www-data' +when 'rhel' + default['nginx']['user'] = 'nginx' +when 'fedora' default['nginx']['user'] = 'nginx' - default['nginx']['init_style'] = 'init' - default['nginx']['repo_source'] = 'epel' -when 'gentoo' - default['nginx']['user'] = 'nginx' - default['nginx']['init_style'] = 'init' when 'freebsd' default['nginx']['package_name'] = 'www/nginx' default['nginx']['user'] = 'www' @@ -59,11 +56,9 @@ when 'freebsd' default['nginx']['default_root'] = '/usr/local/www/nginx-dist' when 'suse' default['nginx']['user'] = 'wwwrun' - default['nginx']['init_style'] = 'init' default['nginx']['group'] = 'www' else default['nginx']['user'] = 'www-data' - default['nginx']['init_style'] = 'init' end default['nginx']['upstart']['runlevels'] = '2345' @@ -87,6 +82,7 @@ default['nginx']['gzip_types'] = %w( application/xml application/rss+xml application/atom+xml + image/svg+xml text/javascript application/javascript application/json @@ -117,7 +113,6 @@ default['nginx']['access_log_options'] = nil default['nginx']['error_log_options'] = nil default['nginx']['disable_access_log'] = false default['nginx']['log_formats'] = {} -default['nginx']['install_method'] = 'package' default['nginx']['default_site_enabled'] = true default['nginx']['types_hash_max_size'] = 2_048 default['nginx']['types_hash_bucket_size'] = 64 @@ -129,3 +124,5 @@ default['nginx']['large_client_header_buffers'] = nil default['nginx']['default']['modules'] = [] default['nginx']['extra_configs'] = {} + +default['nginx']['load_modules'] = [] diff --git a/cookbooks/nginx/attributes/devel.rb b/cookbooks/chef_nginx/attributes/devel.rb similarity index 78% rename from cookbooks/nginx/attributes/devel.rb rename to cookbooks/chef_nginx/attributes/devel.rb index cb193a5..0d3cb72 100644 --- a/cookbooks/nginx/attributes/devel.rb +++ b/cookbooks/chef_nginx/attributes/devel.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attributes:: devel # # Author:: Arthur Freyman () # -# Copyright 2013, Riot Games +# Copyright:: 2013-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,6 +19,6 @@ # limitations under the License. # -default['nginx']['devel']['version'] = '0.2.18' +default['nginx']['devel']['version'] = '0.3.0' default['nginx']['devel']['url'] = "https://github.com/simpl/ngx_devel_kit/archive/v#{node['nginx']['devel']['version']}.tar.gz" -default['nginx']['devel']['checksum'] = 'c9c9f0a1b068d38c6c45b15d9605f1b2344dbcd45abf0764cd8e2ba92d6a3d2c' +default['nginx']['devel']['checksum'] = '88e05a99a8a7419066f5ae75966fb1efc409bad4522d14986da074554ae61619' diff --git a/cookbooks/nginx/attributes/echo.rb b/cookbooks/chef_nginx/attributes/echo.rb similarity index 77% rename from cookbooks/nginx/attributes/echo.rb rename to cookbooks/chef_nginx/attributes/echo.rb index bd9f3f1..78db4d6 100644 --- a/cookbooks/nginx/attributes/echo.rb +++ b/cookbooks/chef_nginx/attributes/echo.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attributes:: echo # # Author:: Danial Pearce () # -# Copyright 2013, Danial Pearce +# Copyright:: 2013-2017, Danial Pearce # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,6 +19,6 @@ # limitations under the License. # -default['nginx']['echo']['version'] = '0.57' +default['nginx']['echo']['version'] = '0.59' default['nginx']['echo']['url'] = "https://github.com/openresty/echo-nginx-module/archive/v#{node['nginx']['echo']['version']}.tar.gz" -default['nginx']['echo']['checksum'] = '8467237ca0fae74ca7a32fbd34fc6044df307098415d48068214c9c235695a07' +default['nginx']['echo']['checksum'] = '9b319ad7836202883128d2b9c24ed818082541df57ef7f2065b7557085c603cd' diff --git a/cookbooks/nginx/attributes/geoip.rb b/cookbooks/chef_nginx/attributes/geoip.rb similarity index 69% rename from cookbooks/nginx/attributes/geoip.rb rename to cookbooks/chef_nginx/attributes/geoip.rb index c72141b..aee552e 100644 --- a/cookbooks/nginx/attributes/geoip.rb +++ b/cookbooks/chef_nginx/attributes/geoip.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attributes:: geoip # # Author:: Jamie Winsor () # -# Copyright 2012-2013, Riot Games +# Copyright:: 2012-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,13 +19,17 @@ # limitations under the License. # +# NOTE: The GeoIP database checksums are nil by default as these files change +# continuously and are not versioned. +# If you self host these files you should create a checksum and set these attributes + default['nginx']['geoip']['path'] = '/srv/geoip' default['nginx']['geoip']['enable_city'] = true default['nginx']['geoip']['country_dat_url'] = 'http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz' -default['nginx']['geoip']['country_dat_checksum'] = '79ff1099e96c2dc1c2539c9a18aaa13a9afd085cae477df60d95f1644d42bc07' +default['nginx']['geoip']['country_dat_checksum'] = nil default['nginx']['geoip']['city_dat_url'] = 'http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz' -default['nginx']['geoip']['city_dat_checksum'] = '8a6467033a528f68b1a97de24d9d0ce86c8e8e83683820e16e433ddbd3f712f7' -default['nginx']['geoip']['lib_version'] = '1.6.3' +default['nginx']['geoip']['city_dat_checksum'] = nil +default['nginx']['geoip']['lib_version'] = '1.6.9' lib_version = node['nginx']['geoip']['lib_version'] # convenience variable for line length default['nginx']['geoip']['lib_url'] = "https://github.com/maxmind/geoip-api-c/releases/download/v#{lib_version}/GeoIP-#{lib_version}.tar.gz" -default['nginx']['geoip']['lib_checksum'] = 'e483839a81a91c3c85df89ef409fc7b526c489e0355d537861cfd1ea9534a8f2' +default['nginx']['geoip']['lib_checksum'] = '4b446491843de67c1af9b887da17a3e5939e0aeed4826923a5f4bf09d845096f' diff --git a/cookbooks/nginx/attributes/headers_more.rb b/cookbooks/chef_nginx/attributes/headers_more.rb similarity index 76% rename from cookbooks/nginx/attributes/headers_more.rb rename to cookbooks/chef_nginx/attributes/headers_more.rb index 18ec681..66f2525 100644 --- a/cookbooks/nginx/attributes/headers_more.rb +++ b/cookbooks/chef_nginx/attributes/headers_more.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attributes:: headers_more # # Author:: Lucas Jandrew () # -# Copyright 2012-2013, Riot Games +# Copyright:: 2012-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,6 +19,6 @@ # limitations under the License. # -default['nginx']['headers_more']['version'] = '0.25' +default['nginx']['headers_more']['version'] = '0.30' default['nginx']['headers_more']['source_url'] = "https://github.com/openresty/headers-more-nginx-module/archive/v#{node['nginx']['headers_more']['version']}.tar.gz" -default['nginx']['headers_more']['source_checksum'] = '1473f96f59dcec9d83ce65d691559993c1f80da8c0a4c0c0a30dae9f969eeabf' +default['nginx']['headers_more']['source_checksum'] = '2aad309a9313c21c7c06ee4e71a39c99d4d829e31c8b3e7d76f8c964ea8047f5' diff --git a/cookbooks/nginx/attributes/lua.rb b/cookbooks/chef_nginx/attributes/lua.rb similarity index 70% rename from cookbooks/nginx/attributes/lua.rb rename to cookbooks/chef_nginx/attributes/lua.rb index effdef9..27327dc 100644 --- a/cookbooks/nginx/attributes/lua.rb +++ b/cookbooks/chef_nginx/attributes/lua.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attributes:: lua # # Author:: Arthur Freyman () # -# Copyright 2013, Riot Games +# Copyright:: 2013-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,10 +19,10 @@ # limitations under the License. # -default['nginx']['lua']['version'] = '0.8.7' +default['nginx']['lua']['version'] = '0.10.7' default['nginx']['lua']['url'] = "https://github.com/chaoslawful/lua-nginx-module/archive/v#{node['nginx']['lua']['version']}.tar.gz" -default['nginx']['lua']['checksum'] = '4b9be3c159b9c884a38e044e07aaf4d06bd2893977d0b0dae02c124d8e907f93' +default['nginx']['lua']['checksum'] = 'c21c8937dcdd6fc2b6a955f929e3f4d1388610f47180e60126e6dcab06786f77' -default['nginx']['luajit']['version'] = '2.0.2' +default['nginx']['luajit']['version'] = '2.0.4' default['nginx']['luajit']['url'] = "http://luajit.org/download/LuaJIT-#{node['nginx']['luajit']['version']}.tar.gz" -default['nginx']['luajit']['checksum'] = 'c05202974a5890e777b181908ac237625b499aece026654d7cc33607e3f46c38' +default['nginx']['luajit']['checksum'] = '620fa4eb12375021bef6e4f237cbd2dd5d49e56beb414bee052c746beef1807d' diff --git a/cookbooks/nginx/attributes/naxsi.rb b/cookbooks/chef_nginx/attributes/naxsi.rb similarity index 77% rename from cookbooks/nginx/attributes/naxsi.rb rename to cookbooks/chef_nginx/attributes/naxsi.rb index 3c03e38..8d0d682 100644 --- a/cookbooks/nginx/attributes/naxsi.rb +++ b/cookbooks/chef_nginx/attributes/naxsi.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attributes:: naxsi # # Author:: Artiom Lunev () # -# Copyright 2012-2013, Artiom Lunev +# Copyright:: 2012-2017, Artiom Lunev # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,6 +19,6 @@ # limitations under the License. # -default['nginx']['naxsi']['version'] = '0.53-2' +default['nginx']['naxsi']['version'] = '0.54' default['nginx']['naxsi']['url'] = "https://github.com/nbs-system/naxsi/archive/#{node['nginx']['naxsi']['version']}.tar.gz" -default['nginx']['naxsi']['checksum'] = '3eadff1d91995beae41b92733ade28091c2075a24ae37058f4d6aa90b0f4b660' +default['nginx']['naxsi']['checksum'] = '9cc2c09405bc71f78ef26a8b6d70afcea3fccbe8125df70cb0cfc480133daba5' diff --git a/cookbooks/nginx/attributes/openssl_source.rb b/cookbooks/chef_nginx/attributes/openssl_source.rb similarity index 86% rename from cookbooks/nginx/attributes/openssl_source.rb rename to cookbooks/chef_nginx/attributes/openssl_source.rb index abe29a4..2368ce3 100644 --- a/cookbooks/nginx/attributes/openssl_source.rb +++ b/cookbooks/chef_nginx/attributes/openssl_source.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attributes:: openssl_source # # Author:: David Radcliffe () # -# Copyright 2013, David Radcliffe +# Copyright:: 2013-2017, David Radcliffe # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,5 +19,5 @@ # limitations under the License. # -default['nginx']['openssl_source']['version'] = '1.0.1h' +default['nginx']['openssl_source']['version'] = '1.0.2k' default['nginx']['openssl_source']['url'] = "http://www.openssl.org/source/openssl-#{node['nginx']['openssl_source']['version']}.tar.gz" diff --git a/cookbooks/nginx/attributes/pagespeed.rb b/cookbooks/chef_nginx/attributes/pagespeed.rb similarity index 53% rename from cookbooks/nginx/attributes/pagespeed.rb rename to cookbooks/chef_nginx/attributes/pagespeed.rb index 48ca814..b32c693 100644 --- a/cookbooks/nginx/attributes/pagespeed.rb +++ b/cookbooks/chef_nginx/attributes/pagespeed.rb @@ -1,9 +1,9 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Recipe:: pagespeed_module # -default['nginx']['pagespeed']['version'] = '1.8.31.4' +default['nginx']['pagespeed']['version'] = '1.11.33.2' default['nginx']['pagespeed']['url'] = "https://github.com/pagespeed/ngx_pagespeed/archive/release-#{node['nginx']['pagespeed']['version']}-beta.tar.gz" default['nginx']['psol']['url'] = "https://dl.google.com/dl/page-speed/psol/#{node['nginx']['pagespeed']['version']}.tar.gz" -default['nginx']['pagespeed']['packages']['rhel'] = %w(gcc-c++ pcre-dev pcre-devel zlib-devel make) -default['nginx']['pagespeed']['packages']['debian'] = %w(build-essential zlib1g-dev libpcre3 libpcre3-dev) +default['nginx']['pagespeed']['packages']['rhel'] = %w(pcre-devel zlib-devel) +default['nginx']['pagespeed']['packages']['debian'] = %w(zlib1g-dev libpcre3 libpcre3-dev) diff --git a/cookbooks/nginx/attributes/passenger.rb b/cookbooks/chef_nginx/attributes/passenger.rb similarity index 77% rename from cookbooks/nginx/attributes/passenger.rb rename to cookbooks/chef_nginx/attributes/passenger.rb index 5478284..8c503e4 100644 --- a/cookbooks/nginx/attributes/passenger.rb +++ b/cookbooks/chef_nginx/attributes/passenger.rb @@ -1,11 +1,11 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attribute:: passenger # # Author:: Alex Dergachev () # -# Copyright 2013, Chef Software, Inc. -# Copyright 2012, Susan Potter +# Copyright:: 2013-2017, Chef Software, Inc. +# Copyright:: 2012-2017, Susan Potter # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -36,11 +36,11 @@ else node.default['nginx']['passenger']['ruby'] = '/usr/bin/ruby' end -if platform_family?('rhel') && node['platform_version'].to_i >= 6 - node.default['nginx']['passenger']['packages']['rhel'] = %w(ruby-devel libcurl-devel) -else - node.default['nginx']['passenger']['packages']['rhel'] = %w(ruby-devel curl-devel) -end +node.default['nginx']['passenger']['packages']['rhel'] = if platform_family?('rhel') && node['platform_version'].to_i >= 6 + %w(ruby-devel libcurl-devel) + else + %w(ruby-devel curl-devel) + end node.default['nginx']['passenger']['packages']['fedora'] = %w(ruby-devel libcurl-devel) node.default['nginx']['passenger']['packages']['debian'] = %w(ruby-dev libcurl4-gnutls-dev) @@ -53,6 +53,9 @@ node.default['nginx']['passenger']['max_instances_per_app'] = 0 node.default['nginx']['passenger']['pool_idle_time'] = 300 node.default['nginx']['passenger']['max_requests'] = 0 node.default['nginx']['passenger']['gem_binary'] = nil +node.default['nginx']['passenger']['show_version_in_header'] = 'on' +# By default, the Passenger log file is the global Nginx error log file. Set this attribute to write passenger log to another location. +node.default['nginx']['passenger']['passenger_log_file'] = nil # NodeJs disable by default node.default['nginx']['passenger']['nodejs'] = nil diff --git a/cookbooks/nginx/attributes/rate_limiting.rb b/cookbooks/chef_nginx/attributes/rate_limiting.rb similarity index 92% rename from cookbooks/nginx/attributes/rate_limiting.rb rename to cookbooks/chef_nginx/attributes/rate_limiting.rb index afa0240..a4db398 100644 --- a/cookbooks/nginx/attributes/rate_limiting.rb +++ b/cookbooks/chef_nginx/attributes/rate_limiting.rb @@ -1,8 +1,8 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attribute:: rate_limiting # -# Copyright 2013, Chef Software, Inc. +# Copyright:: 2013-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/nginx/attributes/repo.rb b/cookbooks/chef_nginx/attributes/repo.rb similarity index 59% rename from cookbooks/nginx/attributes/repo.rb rename to cookbooks/chef_nginx/attributes/repo.rb index 2a69ffd..b170bd8 100644 --- a/cookbooks/nginx/attributes/repo.rb +++ b/cookbooks/chef_nginx/attributes/repo.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Recipe:: repo # # Author:: Nick Rycar # -# Copyright 2008-2013, Chef Software, Inc. +# Copyright:: 2008-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,15 +21,15 @@ case node['platform_family'] when 'rhel', 'fedora' - case node['platform'] - when 'centos' - # See http://wiki.nginx.org/Install - default['nginx']['upstream_repository'] = "http://nginx.org/packages/centos/#{node['platform_version'].to_i}/$basearch/" - when 'amazon' - default['nginx']['upstream_repository'] = 'http://nginx.org/packages/rhel/6/$basearch/' - else - default['nginx']['upstream_repository'] = "http://nginx.org/packages/rhel/#{node['platform_version'].to_i}/$basearch/" - end + default['nginx']['upstream_repository'] = case node['platform'] + when 'centos' + # See http://wiki.nginx.org/Install + "http://nginx.org/packages/centos/#{node['platform_version'].to_i}/$basearch/" + when 'amazon' + 'http://nginx.org/packages/rhel/6/$basearch/' + else + "http://nginx.org/packages/rhel/#{node['platform_version'].to_i}/$basearch/" + end when 'debian' default['nginx']['upstream_repository'] = "http://nginx.org/packages/#{node['platform']}" end diff --git a/cookbooks/chef_nginx/attributes/set_misc.rb b/cookbooks/chef_nginx/attributes/set_misc.rb new file mode 100644 index 0000000..6d8a126 --- /dev/null +++ b/cookbooks/chef_nginx/attributes/set_misc.rb @@ -0,0 +1,8 @@ +# +# Cookbook:: chef_nginx +# Attributes:: set_misc +# + +default['nginx']['set_misc']['version'] = '0.30' +default['nginx']['set_misc']['url'] = "https://github.com/agentzh/set-misc-nginx-module/archive/v#{node['nginx']['set_misc']['version']}.tar.gz" +default['nginx']['set_misc']['checksum'] = '59920dd3f92c2be32627121605751b52eae32b5884be09f2e4c53fb2fae8aabc' diff --git a/cookbooks/nginx/attributes/socketproxy.rb b/cookbooks/chef_nginx/attributes/socketproxy.rb similarity index 89% rename from cookbooks/nginx/attributes/socketproxy.rb rename to cookbooks/chef_nginx/attributes/socketproxy.rb index 17dca60..e680118 100644 --- a/cookbooks/nginx/attributes/socketproxy.rb +++ b/cookbooks/chef_nginx/attributes/socketproxy.rb @@ -1,3 +1,8 @@ +# +# Cookbook:: chef_nginx +# Attributes:: socketproxy.rb +# + default['nginx']['socketproxy']['root'] = '/usr/share/nginx/apps' default['nginx']['socketproxy']['app_owner'] = 'root' default['nginx']['socketproxy']['logname'] = 'socketproxy' diff --git a/cookbooks/nginx/attributes/source.rb b/cookbooks/chef_nginx/attributes/source.rb similarity index 69% rename from cookbooks/nginx/attributes/source.rb rename to cookbooks/chef_nginx/attributes/source.rb index 580eccf..24dce3c 100644 --- a/cookbooks/nginx/attributes/source.rb +++ b/cookbooks/chef_nginx/attributes/source.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attributes:: source # # Author:: Jamie Winsor () # -# Copyright 2012-2013, Riot Games +# Copyright:: 2012-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,7 +19,14 @@ # limitations under the License. # -include_attribute 'nginx::default' +include_attribute 'chef_nginx::default' + +default['nginx']['init_style'] = if node['platform'] == 'ubuntu' && node['platform_version'].to_f <= 14.04 + # init_package identifies 12.04/14.04 as init, but we should be using upstart here + 'upstart' + else + node['init_package'] + end default['nginx']['source']['version'] = node['nginx']['version'] default['nginx']['source']['prefix'] = "/opt/nginx-#{node['nginx']['source']['version']}" @@ -34,9 +41,9 @@ default['nginx']['source']['default_configure_flags'] = %W( default['nginx']['configure_flags'] = [] default['nginx']['source']['version'] = node['nginx']['version'] default['nginx']['source']['url'] = "http://nginx.org/download/nginx-#{node['nginx']['source']['version']}.tar.gz" -default['nginx']['source']['checksum'] = 'b5608c2959d3e7ad09b20fc8f9e5bd4bc87b3bc8ba5936a513c04ed8f1391a18' +default['nginx']['source']['checksum'] = '75020f1364cac459cb733c4e1caed2d00376e40ea05588fb8793076a4c69dd90' default['nginx']['source']['modules'] = %w( - nginx::http_ssl_module - nginx::http_gzip_static_module + chef_nginx::http_ssl_module + chef_nginx::http_gzip_static_module ) default['nginx']['source']['use_existing_user'] = false diff --git a/cookbooks/nginx/attributes/status.rb b/cookbooks/chef_nginx/attributes/status.rb similarity index 91% rename from cookbooks/nginx/attributes/status.rb rename to cookbooks/chef_nginx/attributes/status.rb index b4ad16b..00bbef2 100644 --- a/cookbooks/nginx/attributes/status.rb +++ b/cookbooks/chef_nginx/attributes/status.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attributes:: status # # Author:: David Radcliffe () # -# Copyright 2013, David Radcliffe +# Copyright:: 2013-2017, David Radcliffe # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/nginx/attributes/syslog.rb b/cookbooks/chef_nginx/attributes/syslog.rb similarity index 92% rename from cookbooks/nginx/attributes/syslog.rb rename to cookbooks/chef_nginx/attributes/syslog.rb index e95ce51..707e050 100644 --- a/cookbooks/nginx/attributes/syslog.rb +++ b/cookbooks/chef_nginx/attributes/syslog.rb @@ -1,11 +1,10 @@ - # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attributes:: syslog # # Author:: Bob Ziuchkovski () # -# Copyright 2014, UserTesting +# Copyright:: 2014-2017, UserTesting # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/nginx/attributes/upload_progress.rb b/cookbooks/chef_nginx/attributes/upload_progress.rb similarity index 94% rename from cookbooks/nginx/attributes/upload_progress.rb rename to cookbooks/chef_nginx/attributes/upload_progress.rb index a4e316f..af38586 100644 --- a/cookbooks/nginx/attributes/upload_progress.rb +++ b/cookbooks/chef_nginx/attributes/upload_progress.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: chef_nginx # Attributes:: upload_progress # # Author:: Jamie Winsor () # -# Copyright 2012, Riot Games +# Copyright:: 2012-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/chef_nginx/files/default/mime.types b/cookbooks/chef_nginx/files/default/mime.types new file mode 100644 index 0000000..6b03a32 --- /dev/null +++ b/cookbooks/chef_nginx/files/default/mime.types @@ -0,0 +1,134 @@ +types { + + # Data interchange + + application/atom+xml atom; + application/json json map topojson; + application/ld+json jsonld; + application/rss+xml rss; + application/vnd.geo+json geojson; + application/xml rdf xml; + + + # JavaScript + + # Normalize to standard type. + # https://tools.ietf.org/html/rfc4329#section-7.2 + application/javascript js; + + + # Manifest files + + application/manifest+json webmanifest; + application/x-web-app-manifest+json webapp; + text/cache-manifest appcache; + text/cache.manifest manifest; + + + # Media files + + audio/midi mid midi kar; + audio/mp4 aac f4a f4b m4a; + audio/mpeg mp3; + audio/ogg oga ogg opus; + audio/x-realaudio ra; + audio/x-wav wav; + image/bmp bmp; + image/gif gif; + image/jpeg jpeg jpg; + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-jng jng; + video/3gpp 3gp 3gpp; + video/mp4 f4p f4v m4v mp4; + video/mpeg mpeg mpg; + video/ogg ogv; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-mng mng; + video/x-ms-asf asf asx; + video/x-ms-wmv wmv; + video/x-msvideo avi; + + # Serving `.ico` image files with a different media type + # prevents Internet Explorer from displaying then as images: + # https://github.com/h5bp/html5-boilerplate/commit/37b5fec090d00f38de64b591bcddcb205aadf8ee + + image/x-icon cur ico; + + + # Microsoft Office + + application/msword doc; + application/vnd.ms-excel xls; + application/vnd.ms-powerpoint ppt; + application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; + application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; + + + # Web fonts + + application/font-woff woff; + application/font-woff2 woff2; + application/vnd.ms-fontobject eot; + + # Browsers usually ignore the font media types and simply sniff + # the bytes to figure out the font type. + # https://mimesniff.spec.whatwg.org/#matching-a-font-type-pattern + # + # However, Blink and WebKit based browsers will show a warning + # in the console if the following font types are served with any + # other media types. + + application/x-font-ttf ttc ttf; + font/opentype otf; + + # Other + + application/java-archive ear jar war; + application/mac-binhex40 hqx; + application/octet-stream bin deb dll dmg exe img iso msi msm msp safariextz; + application/pdf pdf; + application/postscript ai eps ps; + application/rtf rtf; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.wap.wmlc wmlc; + application/x-7z-compressed 7z; + application/x-bb-appworld bbaw; + application/x-bittorrent torrent; + application/x-chrome-extension crx; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-opera-extension oex; + application/x-perl pl pm; + application/x-pilot pdb prc; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert crt der pem; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xslt+xml xsl; + application/zip zip; + text/css css; + text/html htm html shtml; + text/mathml mml; + text/plain txt; + text/vcard vcard vcf; + text/vnd.rim.location.xloc xloc; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/vtt vtt; + text/x-component htc; +} diff --git a/cookbooks/nginx/files/default/naxsi_core.rules b/cookbooks/chef_nginx/files/default/naxsi_core.rules similarity index 100% rename from cookbooks/nginx/files/default/naxsi_core.rules rename to cookbooks/chef_nginx/files/default/naxsi_core.rules diff --git a/cookbooks/chef_nginx/libraries/helpers.rb b/cookbooks/chef_nginx/libraries/helpers.rb new file mode 100644 index 0000000..a81413b --- /dev/null +++ b/cookbooks/chef_nginx/libraries/helpers.rb @@ -0,0 +1,38 @@ +# +# Cookbook:: chef_nginx +# Library:: helpers +# +# Author:: Tim Smith () +# +# Copyright:: 2016-2017, Chef Software, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# simple helper module for the nginx cookbook +module NginxRecipeHelpers + # pidfile is hard to determine on Debian systems. + # Upstream packages and older distro releases use '/var/run/nginx.pid' + # systemd based distros and Ubuntu 14.04 use '/run/nginx.pid' for their + # packages + def pidfile_location + if (node['nginx']['repo_source'].nil? || node['nginx']['repo_source'] == 'distro') && + (node['init_package'] == 'systemd' || node['platform_version'].to_f == 14.04) + '/run/nginx.pid' + else + '/var/run/nginx.pid' + end + end +end + +Chef::Resource.send(:include, NginxRecipeHelpers) diff --git a/cookbooks/build-essential/recipes/_rhel.rb b/cookbooks/chef_nginx/libraries/matchers.rb similarity index 53% rename from cookbooks/build-essential/recipes/_rhel.rb rename to cookbooks/chef_nginx/libraries/matchers.rb index 9719a33..1a6acc4 100644 --- a/cookbooks/build-essential/recipes/_rhel.rb +++ b/cookbooks/chef_nginx/libraries/matchers.rb @@ -1,8 +1,10 @@ # -# Cookbook Name:: build-essential -# Recipe:: rhel +# Cookbook:: chef_nginx +# Library:: matchers # -# Copyright 2008-2016, Chef Software, Inc. +# Author:: Tim Smith () +# +# Copyright:: 2016-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,21 +19,17 @@ # limitations under the License. # -potentially_at_compile_time do - package 'autoconf' - package 'bison' - package 'flex' - package 'gcc' - package 'gcc-c++' - package 'kernel-devel' - package 'make' - package 'm4' - package 'patch' - package 'gettext-devel' +if defined?(ChefSpec) + ############# + # nginx_site + ############# + ChefSpec.define_matcher :nginx_site - # Ensure GCC 4 is available on older pre-6 EL - if node['platform_version'].to_i < 6 - package 'gcc44' - package 'gcc44-c++' + def enable_nginx_site(resource_name) + ChefSpec::Matchers::ResourceMatcher.new(:nginx_site, :enable, resource_name) + end + + def disable_nginx_site(resource_name) + ChefSpec::Matchers::ResourceMatcher.new(:nginx_site, :disable, resource_name) end end diff --git a/cookbooks/chef_nginx/metadata.json b/cookbooks/chef_nginx/metadata.json new file mode 100644 index 0000000..2adb415 --- /dev/null +++ b/cookbooks/chef_nginx/metadata.json @@ -0,0 +1 @@ +{"name":"chef_nginx","version":"6.0.2","description":"Installs and configures nginx","long_description":"# nginx Cookbook\n\n[![Cookbook](http://img.shields.io/cookbook/v/chef_nginx.svg)](https://supermarket.chef.io/cookbooks/chef_nginx) [![Build Status](https://travis-ci.org/chef-cookbooks/chef_nginx.svg?branch=master)](https://travis-ci.org/chef-cookbooks/chef_nginx)\n\nInstalls nginx from package OR source code and sets up configuration handling similar to Debian's Apache2 scripts.\n\n## nginx vs. chef_nginx\n\nThis cookbook is a fork from the 2.7.x branch of the [community nginx cookbook](https://github.com/miketheman/nginx).\n\nThis fork will be actively supported by Chef Software and we will continue to migrate the cookbook to a more resource driven model, with incremental changes following the SemVer model.\n\n## Requirements\n\n### Cookbooks\n\nThe following cookbooks are direct dependencies because they're used for common \"default\" functionality.\n\n- `build-essential` for source installations\n- `ohai` for setting up the ohai plugin\n- `compat_resource` for setting up the nginx.org repository on Chef 12.1 - 12.13\n- `yum-epel` for setting up the EPEL repository on RHEL platforms\n- `zypper` for setting up the nginx.org repository on Suse platforms\n\n### Platforms\n\nThe following platforms are supported and tested with Test Kitchen:\n\n- Ubuntu 12.04+\n- CentOS 5+\n- Debian 7+\n- openSUSE 13.2+\n- FreeBSD 9+\n\nOther Debian and RHEL family distributions are assumed to work.\n\n### Chef\n\n- Chef 12.1+\n\n## Attributes\n\nNode attributes for this cookbook are logically separated into different files. Some attributes are set only via a specific recipe.\n\n### chef_nginx::auth_request\n\nThese attributes are used in the `chef_nginx::auth_request` recipe.\n\n- `node['nginx']['auth_request']['url']` - The url to the auth_request module tar.gz file\n- `node['nginx']['auth_request']['checksum']` - The checksum of the auth_request module tar.gz file\n\n### chef_nginx::default\n\nGenerally used attributes. Some have platform specific values. See `attributes/default.rb`. \"The Config\" refers to \"nginx.conf\" the main config file.\n\n- `node['nginx']['dir']` - Location for nginx configuration.\n- `node['nginx']['conf_template']` - The `source` template to use when creating the `nginx.conf`.\n- `node['nginx']['conf_cookbook']` - The cookbook where `node['nginx']['conf_template']` resides.\n- `node['nginx']['log_dir']` - Location for nginx logs.\n- `node['nginx']['log_dir_perm']` - Permissions for nginx logs folder.\n- `node['nginx']['user']` - User that nginx will run as.\n- `node['nginx']['group']` - Group for nginx.\n- `node['nginx']['port']` - Port for nginx to listen on.\n- `node['nginx']['binary']` - Path to the nginx binary.\n- `node['nginx']['init_style']` - How to run nginx as a service when using `chef_nginx::source`. Values can be \"upstart\", \"systemd\", or \"init\". This attribute is not used in the `package` recipe because the package manager's init script style for the platform is assumed.\n- `node['nginx']['upstart']['foreground']` - Set this to true if you want upstart to run nginx in the foreground, set to false if you want upstart to detach and track the process via pid.\n- `node['nginx']['upstart']['runlevels']` - String of runlevels in the format '2345' which determines which runlevels nginx will start at when entering and stop at when leaving.\n- `node['nginx']['upstart']['respawn_limit']` - Respawn limit in upstart stanza format, count followed by space followed by interval in seconds.\n- `node['nginx']['keepalive']` - Whether to use `keepalive_timeout`, any value besides \"on\" will leave that option out of the config.\n- `node['nginx']['keepalive_requests']` - used for config value of `keepalive_requests`.\n- `node['nginx']['keepalive_timeout']` - used for config value of `keepalive_timeout`.\n- `node['nginx']['worker_processes']` - used for config value of `worker_processes`.\n- `node['nginx']['worker_connections']` - used for config value of `events { worker_connections }`\n- `node['nginx']['worker_rlimit_nofile']` - used for config value of `worker_rlimit_nofile`. Can replace any \"ulimit -n\" command. The value depend on your usage (cache or not) but must always be superior than worker_connections.\n- `node['nginx']['worker_shutdown_timeout']` - used for config value of `worker_shutdown_timeout`.\n- `node['nginx']['worker_connections']` - used for config value of `events { worker_connections }`\n- `node['nginx']['multi_accept']` - used for config value of `events { multi_accept }`. Try to accept() as many connections as possible. Disable by default.\n- `node['nginx']['event']` - used for config value of `events { use }`. Set the event-model. By default nginx looks for the most suitable method for your OS.\n- `node['nginx']['accept_mutex_delay']` - used for config value of `accept_mutex_delay`\n- `node['nginx']['server_tokens']` - used for config value of `server_tokens`.\n- `node['nginx']['server_names_hash_bucket_size']` - used for config value of `server_names_hash_bucket_size`.\n- `node['nginx']['disable_access_log']` - set to true to disable the general access log, may be useful on high traffic sites.\n- `node['nginx']['access_log_options']` - Set to a string of additional options to be appended to the access log directive\n- `node['nginx']['error_log_options']` - Set to a string of additional options to be appended to the error log directive\n- `node['nginx']['default_site_enabled']` - enable the default site\n- `node['nginx']['sendfile']` - Whether to use `sendfile`. Defaults to \"on\".\n- `node['nginx']['tcp_nopush']` - Whether to use `tcp_nopush`. Defaults to \"on\".\n- `node['nginx']['tcp_nodelay']` - Whether to use `tcp_nodelay`. Defaults to \"on\".\n- `node['nginx']['install_method']` - Whether nginx is installed from packages or from source.\n- `node['nginx']['types_hash_max_size']` - Used for the `types_hash_max_size` configuration directive.\n- `node['nginx']['types_hash_bucket_size']` - Used for the `types_hash_bucket_size` configuration directive.\n- `node['nginx']['proxy_read_timeout']` - defines a timeout (between two successive read operations) for reading a response from the proxied server.\n- `node['nginx']['client_body_buffer_size']` - used for config value of `client_body_buffer_size`.\n- `node['nginx']['client_max_body_size']` - specifies the maximum accepted body size of a client request, as indicated by the request header Content-Length.\n- `node['nginx']['repo_source']` - when installed from a package this attribute affects which yum repositories, if any, will be added before installing the nginx package. The default value of 'epel' will use the `yum-epel` cookbook, 'nginx' will use the `chef_nginx::repo` recipe, 'passenger' will use the 'chef_nginx::repo_passenger' recipe, and setting no value will not add any additional repositories.\n- `node['nginx']['sts_max_age']` - Enable Strict Transport Security for all apps (See: ). This attribute adds the following header: Strict-Transport-Security max-age=SECONDS to all incoming requests and takes an integer (in seconds) as its argument.\n- `node['nginx']['default']['modules']` - Array specifying which modules to enable via the conf-enabled config include function. Currently the only valid value is \"socketproxy\".\n- `node['nginx']['load_modules']` - Array of paths to modules to dynamically load on nginx startup using the `load_module` directive. Default is `[]`.\n\n#### authorized_ips module\n\n- `node['nginx']['remote_ip_var']` - The remote ip variable name to use.\n- `node['nginx']['authorized_ips']` - IPs authorized by the module\n\n#### gzip module\n\n- `node['nginx']['gzip']` - Whether to use gzip, can be \"on\" or \"off\"\n- `node['nginx']['gzip_http_version']` - used for config value of `gzip_http_version`.\n- `node['nginx']['gzip_comp_level']` - used for config value of `gzip_comp_level`.\n- `node['nginx']['gzip_proxied']` - used for config value of `gzip_proxied`.\n- `node['nginx']['gzip_vary']` - used for config value of `gzip_vary`.\n- `node['nginx']['gzip_buffers']` - used for config value of `gzip_buffers`.\n- `node['nginx']['gzip_types']` - used for config value of `gzip_types` - must be an Array.\n- `node['nginx']['gzip_min_length']` - used for config value of `gzip_min_length`.\n- `node['nginx']['gzip_disable']` - used for config value of `gzip_disable`.\n- `node['nginx']['gzip_static']` - used for config value of `gzip_static` (`http_gzip_static_module` must be enabled)\n\n#### Other configurations\n\n- `node['nginx']['extra_configs']` - a Hash of key/values to nginx configuration.\n\n### chef_nginx::echo\n\nThese attributes are used in the `chef_nginx::http_echo_module` recipe.\n\n- `node['nginx']['echo']['version']` - The version of `http_echo` you want (default: 0.59)\n- `node['nginx']['echo']['url']` - URL for the tarball.\n- `node['nginx']['echo']['checksum']` - Checksum of the tarball.\n\n### chef_nginx::devel\n\nThese attributes are used in the `chef_nginx::ngx_devel_module` recipe.\n\n- `node['nginx']['devel']['version']` - The version of the nginx devel module\n- `node['nginx']['devel']['url']` - The URL of the nginx devel module tar.gz file\n- `node['nginx']['devel']['checksum']` - The checksum of the nginx devel module tar.gz file\n\n### chef_nginx::geoip\n\nThese attributes are used in the `chef_nginx::http_geoip_module` recipe. Please note that the `country_dat_checksum` and `city_dat_checksum` are based on downloads from a datacenter in Fremont, CA, USA. You really should override these with checksums for the geo tarballs from your node location.\n\n**Note** The upstream, maxmind.com, may block access for repeated downloads of the data files. It is recommended that you download and host the data files, and change the URLs in the attributes.\n\n- `node['nginx']['geoip']['path']` - Location where to install the geoip libraries.\n- `node['nginx']['geoip']['enable_city']` - Whether to enable City data\n- `node['nginx']['geoip']['country_dat_url']` - Country data tarball URL\n- `node['nginx']['geoip']['country_dat_checksum']` - Country data tarball checksum\n- `node['nginx']['geoip']['city_dat_url']` - City data tarball URL\n- `node['nginx']['geoip']['city_dat_checksum']` - City data tarball checksum\n- `node['nginx']['geoip']['lib_version']` - Version of the GeoIP library to install\n- `node['nginx']['geoip']['lib_url']` - (Versioned) Tarball URL of the GeoIP library\n- `node['nginx']['geoip']['lib_checksum']` - Checksum of the GeoIP library tarball\n\n### chef_nginx::http_realip_module\n\nFrom: \n\n- `node['nginx']['realip']['header']` - Header to use for the RealIp Module; only accepts \"X-Forwarded-For\" or \"X-Real-IP\"\n- `node['nginx']['realip']['addresses']` - Addresses to use for the `http_realip` configuration.\n- `node['nginx']['realip']['real_ip_recursive']` - If recursive search is enabled, the original client address that matches one of the trusted addresses is replaced by the last non-trusted address sent in the request header field. Can be on \"on\" or \"off\" (default).\n\n### chef_nginx::passenger\n\nThese attributes are used in the `chef_nginx::passenger` recipe.\n\n- `node['nginx']['passenger']['version']` - passenger gem version\n- `node['nginx']['passenger']['root']` - passenger gem root path\n- `node['nginx']['passenger']['install_rake']` - set to false if rake already present on system\n- `node['nginx']['passenger']['max_pool_size']` - maximum passenger pool size (default=10)\n- `node['nginx']['passenger']['ruby']` - Ruby path for Passenger to use (default=`$(which ruby)`)\n- `node['nginx']['passenger']['spawn_method']` - passenger spawn method to use (default=`smart-lv2`)\n- `node['nginx']['passenger']['buffer_response']` - turns on or off response buffering (default=`on`)\n- `node['nginx']['passenger']['max_pool_size']` - passenger maximum pool size (default=`6`)\n- `node['nginx']['passenger']['min_instances']` - minimum instances (default=`1`)\n- `node['nginx']['passenger']['max_instances_per_app']` - maximum instances per app (default=`0`)\n- `node['nginx']['passenger']['pool_idle_time']` - passenger pool idle time (default=`300`)\n- `node['nginx']['passenger']['max_requests']` - maximum requests (default=`0`)\n- `node['nginx']['passenger']['nodejs']` - Nodejs path for Passenger to use (default=nil)\n- `node['nginx']['passenger']['show_version_in_header']` - Show passenger version in HTTP headers (default=`on`)\n\nBasic configuration to use the official Phusion Passenger repositories:\n\n- `node['nginx']['repo_source']` - 'passenger'\n- `node['nginx']['package_name']` - 'nginx-extras'\n- `node['nginx']['passenger']['install_method']` - 'package'\n\n### chef_nginx::openssl_source\n\nThese attributes are used in the `chef_nginx::openssl_source` recipe.\n\n- `node['nginx']['openssl_source']['version']` - The version of OpenSSL you want to download and use (default: 1.0.1t)\n- `node['nginx']['openssl_source']['url']` - The url for the OpenSSL source\n\n### chef_nginx::rate_limiting\n\n- `node['nginx']['enable_rate_limiting']` - set to true to enable rate limiting (`limit_req_zone` in nginx.conf)\n- `node['nginx']['rate_limiting_zone_name']` - sets the zone in `limit_req_zone`.\n- `node['nginx']['rate_limiting_backoff']` - sets the backoff time for `limit_req_zone`.\n- `node['nginx']['rate_limit']` - set the rate limit amount for `limit_req_zone`.\n\n### chef_nginx::socketproxy\n\nThese attributes are used in the `chef_nginx::socketproxy` recipe.\n\n- `node['nginx']['socketproxy']['root']` - The directory (on your server) where socketproxy apps are deployed.\n- `node['nginx']['socketproxy']['default_app']` - Static assets directory for requests to \"/\" that don't meet any proxy_pass filter requirements.\n- `node['nginx']['socketproxy']['apps']['app_name']['prepend_slash']` - Prepend a slash to requests to app \"app_name\" before sending them to the socketproxy socket.\n- `node['nginx']['socketproxy']['apps']['app_name']['context_name']` - URI (e.g. \"app_name\" in order to achieve \"\") at which to host the application \"app_name\"\n- `node['nginx']['socketproxy']['apps']['app_name']['subdir']` - Directory (under `node['nginx']['socketproxy']['root']`) in which to find the application.\n\n### chef_nginx::source\n\nThese attributes are used in the `chef_nginx::source` recipe. Some of them are dynamically modified during the run. See `attributes/source.rb` for default values.\n\n- `node['nginx']['source']['url']` - (versioned) URL for the nginx source code. By default this will use the version specified as `node['nginx']['version']`.\n- `node['nginx']['source']['prefix']` - (versioned) prefix for installing nginx from source\n- `node['nginx']['source']['conf_path']` - location of the main config file, in `node['nginx']['dir']` by default.\n- `node['nginx']['source']['modules']` - Array of modules that should be compiled into nginx by including their recipes in `chef_nginx::source`.\n- `node['nginx']['source']['default_configure_flags']` - The default flags passed to the configure script when building nginx.\n- `node['nginx']['configure_flags']` - Preserved for compatibility and dynamically generated from the `node['nginx']['source']['default_configure_flags']` in the `chef_nginx::source` recipe.\n- `node['nginx']['source']['use_existing_user']` - set to `true` if you do not want `chef_nginx::source` recipe to create system user with name `node['nginx']['user']`.\n\n### chef_nginx::status\n\nThese attributes are used in the `chef_nginx::http_stub_status_module` recipe.\n\n- `node['nginx']['status']['port']` - The port on which nginx will serve the status info (default: 8090)\n\n### chef_nginx::syslog\n\nThese attributes are used in the `chef_nginx::syslog_module` recipe.\n\n- `node['nginx']['syslog']['git_repo']` - The git repository url to use for the syslog patches.\n- `node['nginx']['syslog']['git_revision']` - The revision on the git repository to checkout.\n\n### chef_nginx::upload_progress\n\nThese attributes are used in the `chef_nginx::upload_progress_module` recipe.\n\n- `node['nginx']['upload_progress']['url']` - URL for the tarball.\n- `node['nginx']['upload_progress']['checksum']` - Checksum of the tarball.\n- `node['nginx']['upload_progress']['javascript_output']` - Output in javascript. Default is `true` for backwards compatibility.\n- `node['nginx']['upload_progress']['zone_name']` - Zone name which will be used to store the per-connection tracking information. Default is `proxied`.\n- `node['nginx']['upload_progress']['zone_size']` - Zone size in bytes. Default is `1m` (1 megabyte).\n\n## Resources\n\n### nginx_site\n\nEnable or disable a Server Block in `#{node['nginx']['dir']}/sites-available` by calling nxensite or nxdissite (introduced by this cookbook) to manage the symbolic link in `#{node['nginx']['dir']}/sites-enabled`.\n\n### Actions\n\n- `enable` - Enable the nginx site (default)\n- `disable` - Disable the nginx site\n\n### Properties:\n\n- `name` - (optional) Name of the site to enable. By default it's assumed that the name of the nginx_site resource is the site name, but this allows overriding that.\n- `template` - (optional) Path to the source for the `template` resource.\n- `variables` - (optional) Variables to be used with the `template` resource\n\n## Ohai Plugin\n\nThe `ohai_plugin` recipe includes an Ohai plugin. It will be automatically installed and activated, providing the following attributes via ohai, no matter how nginx is installed (source or package):\n\n- `node['nginx']['version']` - version of nginx\n- `node['nginx']['configure_arguments']` - options passed to `./configure` when nginx was built\n- `node['nginx']['prefix']` - installation prefix\n- `node['nginx']['conf_path']` - configuration file path\n\nIn the source recipe, it is used to determine whether control attributes for building nginx have changed.\n\n## Usage\n\nThis cookbook provides three distinct installation methods, all of which are controlled via attributes and executed using the chef_nginx::default recipe.\n\n### Package installation using the nginx.org repositories\n\nNginx provides repositories for RHEL, Debian/Ubuntu, and Suse platforms with up to date packages available on older distributions. Due to the age of many nginx packages shipping with distros we believe this is the ideal installation method. With no attributes set the nginx.org repositories will be added to your system and nginx will be installed via package. This provides a solid out of the box install for most users.\n\n### Package installation using distro repositories\n\nIf you prefer to use the packages included in your distro or to roll your own packages you'll want to set `node['nginx']['repo_source']` to `nil` or `distro` to skip the repository setup. The default recipe will still install nginx from packages, but you'll retain control over the package location.\n\n### Source installation to compile non-dynamic modules\n\nIf you need control over how nginx is built, or you need non-dynamic modules to be included you'll need to compile nginx from source. We highly recommend against using this method as it requires the installation of a full compilation toolchain and development dependencies on your nodes. Creating your own packages with nginx compiled as necessary is a preferred option. If that's not possible you can set `node['nginx']['install_method']` to `source` and provide a version in `node['nginx']['version']`.\n\n#### Specifying Modules to compile\n\nThe following recipes are used to build module support into nginx. To compile a module, add its recipe name to the array attribute `node['nginx']['source']['modules']`.\n\n- `ipv6.rb` - enables IPv6 support\n- `headers_more_module` -\n- `http_auth_request_module``\n- `http_echo_module.rb` - downloads the `http_echo_module` module and enables it as a module when compiling nginx.\n- `http_geoip_module.rb` - installs the GeoIP libraries and data files and enables the module for compilation.\n- `http_gzip_static_module.rb` - enables the module for compilation. Be sure to set `node['nginx']['gzip_static'] = 'yes'`.\n- `http_mp4_module` -\n- `http_perl_module.rb` - enables embedded Perl for compilation.\n- `http_realip_module.rb` - enables the module for compilation and creates the configuration.\n- `http_spdy_module` -\n- `http_ssl_module.rb` - enables SSL for compilation.\n- `http_stub_status_module.rb` - provides `nginx_status` configuration and enables the module for compilation.\n- `http_v2_module`\n- `ipv6` -\n- `naxsi_module` - enables the naxsi module for the web application firewall for nginx.\n- `ngx_devel_module` -\n- `ngx_lua_module` -\n- `openssl_source.rb` - downloads and uses custom OpenSSL source when compiling nginx\n- `pagespeed_module`-\n- `passenger` - builds the passenger gem and configuration for \"`mod_passenger`\".\n- `set_misc` -\n- `syslog_module` - enables syslog support for nginx. This only works with source builds. See -\n- `upload_progress_module.rb` - builds the `upload_progress` module and enables it as a module when compiling nginx.\n\n## Resources\n\n### nginx_site\n\nEnable or disable a Server Block in `#{node['nginx']['dir']}/sites-available` by calling nxensite or nxdissite (introduced by this cookbook) to manage the symbolic link in `#{node['nginx']['dir']}/sites-enabled`.\n\n### Actions\n\n- `enable` - Enable the nginx site (default)\n- `disable` - Disable the nginx site\n\n### Properties:\n\n- `name` - (optional) Name of the site to enable. By default it's assumed that the name of the nginx_site resource is the site name, but this allows overriding that.\n- `template` - (optional) Path to the source for the `template` resource.\n- `cookbook` - (optional) The cookbook that contains the template source.\n- `variables` - (optional) Variables to be used with the `template` resource\n\n## Adding New Modules\n\nPreviously we'd add each possible module to this cookbook itself. That's not necessary using wrapper cookbooks and we'd prefer to not add any addition module recipes at this time. Instead in your nginx wrapper cookbook setup any necessary packages and then include the follow code to add the module to the list of modules to compile:\n\n```ruby\nnode.run_state['nginx_configure_flags'] =\n node.run_state['nginx_configure_flags'] | ['--with-SOMETHING', \"--with-SOME_OPT='things'\"]\n```\n\n## License & Authors\n\n- Author:: Joshua Timberman ([joshua@chef.io](mailto:joshua@chef.io))\n- Author:: Adam Jacob ([adam@chef.io](mailto:adam@chef.io))\n- Author:: AJ Christensen ([aj@chef.io](mailto:aj@chef.io))\n- Author:: Jamie Winsor ([jamie@vialstudios.com](mailto:jamie@vialstudios.com))\n- Author:: Mike Fiedler ([miketheman@gmail.com](mailto:miketheman@gmail.com))\n\n```text\nCopyright 2008-2016, Chef Software, Inc\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache-2.0","platforms":{"amazon":">= 0.0.0","centos":">= 0.0.0","debian":">= 0.0.0","fedora":">= 0.0.0","oracle":">= 0.0.0","redhat":">= 0.0.0","scientific":">= 0.0.0","ubuntu":">= 0.0.0","suse":">= 0.0.0","opensuse":">= 0.0.0","opensuseleap":">= 0.0.0"},"dependencies":{"build-essential":">= 0.0.0","ohai":">= 4.1.0","yum-epel":">= 0.0.0","compat_resource":">= 12.16.3","zypper":">= 0.0.0"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{"chef_nginx":"Installs nginx package and sets up configuration with Debian apache style with sites-enabled/sites-available","chef_nginx::source":"Installs nginx from source and sets up configuration with Debian apache style with sites-enabled/sites-available"},"source_url":"https://github.com/chef-cookbooks/chef_nginx","issues_url":"https://github.com/chef-cookbooks/chef_nginx/issues","chef_version":[[">= 12.1"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/nginx/recipes/authorized_ips.rb b/cookbooks/chef_nginx/recipes/authorized_ips.rb similarity index 88% rename from cookbooks/nginx/recipes/authorized_ips.rb rename to cookbooks/chef_nginx/recipes/authorized_ips.rb index d6949ae..c11d6dd 100644 --- a/cookbooks/nginx/recipes/authorized_ips.rb +++ b/cookbooks/chef_nginx/recipes/authorized_ips.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: authorized_ips # # Author:: Jamie Winsor () # -# Copyright 2012-2013, Riot Games +# Copyright:: 2012-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,8 +25,5 @@ node.default['nginx']['authorized_ips'] = ['127.0.0.1/32'] template 'authorized_ip' do path "#{node['nginx']['dir']}/authorized_ip" source 'modules/authorized_ip.erb' - owner 'root' - group node['root_group'] - mode '0644' notifies :reload, 'service[nginx]', :delayed end diff --git a/cookbooks/nginx/recipes/commons.rb b/cookbooks/chef_nginx/recipes/commons.rb similarity index 76% rename from cookbooks/nginx/recipes/commons.rb rename to cookbooks/chef_nginx/recipes/commons.rb index 0492bb0..46bdea7 100644 --- a/cookbooks/nginx/recipes/commons.rb +++ b/cookbooks/chef_nginx/recipes/commons.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: commons # # Author:: AJ Christensen # -# Copyright 2008-2013, Chef Software, Inc. +# Copyright:: 2008-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,6 +19,6 @@ # limitations under the License. # -include_recipe 'nginx::commons_dir' -include_recipe 'nginx::commons_script' -include_recipe 'nginx::commons_conf' +include_recipe 'chef_nginx::commons_dir' +include_recipe 'chef_nginx::commons_script' +include_recipe 'chef_nginx::commons_conf' diff --git a/cookbooks/nginx/recipes/commons_conf.rb b/cookbooks/chef_nginx/recipes/commons_conf.rb similarity index 81% rename from cookbooks/nginx/recipes/commons_conf.rb rename to cookbooks/chef_nginx/recipes/commons_conf.rb index fccd470..948e543 100644 --- a/cookbooks/nginx/recipes/commons_conf.rb +++ b/cookbooks/chef_nginx/recipes/commons_conf.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: common/conf # # Author:: AJ Christensen # -# Copyright 2008-2013, Chef Software, Inc. +# Copyright:: 2008-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,20 +23,15 @@ template 'nginx.conf' do path "#{node['nginx']['dir']}/nginx.conf" source node['nginx']['conf_template'] cookbook node['nginx']['conf_cookbook'] - owner 'root' - group node['root_group'] - mode '0644' notifies :reload, 'service[nginx]', :delayed + variables(lazy { { pid_file: pidfile_location } }) end template "#{node['nginx']['dir']}/sites-available/default" do source 'default-site.erb' - owner 'root' - group node['root_group'] - mode '0644' notifies :reload, 'service[nginx]', :delayed end nginx_site 'default' do - enable node['nginx']['default_site_enabled'] + action node['nginx']['default_site_enabled'] ? :enable : :disable end diff --git a/cookbooks/nginx/recipes/commons_dir.rb b/cookbooks/chef_nginx/recipes/commons_dir.rb similarity index 75% rename from cookbooks/nginx/recipes/commons_dir.rb rename to cookbooks/chef_nginx/recipes/commons_dir.rb index bfad3f7..311020c 100644 --- a/cookbooks/nginx/recipes/commons_dir.rb +++ b/cookbooks/chef_nginx/recipes/commons_dir.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: common/dir # # Author:: AJ Christensen # -# Copyright 2008-2013, Chef Software, Inc. +# Copyright:: 2008-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,8 +20,6 @@ # directory node['nginx']['dir'] do - owner 'root' - group node['root_group'] mode '0755' recursive true end @@ -33,22 +31,19 @@ directory node['nginx']['log_dir'] do recursive true end -directory File.dirname(node['nginx']['pid']) do - owner 'root' - group node['root_group'] +directory 'pid file directory' do + path lazy { File.dirname(pidfile_location) } mode '0755' recursive true end %w(sites-available sites-enabled conf.d).each do |leaf| directory File.join(node['nginx']['dir'], leaf) do - owner 'root' - group node['root_group'] mode '0755' end end -if !node['nginx']['default_site_enabled'] && (node['platform_family'] == 'rhel' || node['platform_family'] == 'fedora') +if !node['nginx']['default_site_enabled'] && platform_family?('rhel', 'fedora') %w(default.conf example_ssl.conf).each do |config| file "/etc/nginx/conf.d/#{config}" do action :delete diff --git a/cookbooks/nginx/recipes/commons_script.rb b/cookbooks/chef_nginx/recipes/commons_script.rb similarity index 87% rename from cookbooks/nginx/recipes/commons_script.rb rename to cookbooks/chef_nginx/recipes/commons_script.rb index 324d374..6b051c0 100644 --- a/cookbooks/nginx/recipes/commons_script.rb +++ b/cookbooks/chef_nginx/recipes/commons_script.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: common/script # # Author:: AJ Christensen # -# Copyright 2008-2013, Chef Software, Inc. +# Copyright:: 2008-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,7 +23,5 @@ template "#{node['nginx']['script_dir']}/#{nxscript}" do source "#{nxscript}.erb" mode '0755' - owner 'root' - group node['root_group'] end end diff --git a/cookbooks/nginx/recipes/default.rb b/cookbooks/chef_nginx/recipes/default.rb similarity index 71% rename from cookbooks/nginx/recipes/default.rb rename to cookbooks/chef_nginx/recipes/default.rb index 3f75eec..c0e0d37 100644 --- a/cookbooks/nginx/recipes/default.rb +++ b/cookbooks/chef_nginx/recipes/default.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: default # # Author:: AJ Christensen # -# Copyright 2008-2013, Chef Software, Inc. +# Copyright:: 2008-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,13 +19,8 @@ # limitations under the License. # -include_recipe "nginx::#{node['nginx']['install_method']}" - -service 'nginx' do - supports :status => true, :restart => true, :reload => true - action :start -end +include_recipe "chef_nginx::#{node['nginx']['install_method']}" node['nginx']['default']['modules'].each do |ngx_module| - include_recipe "nginx::#{ngx_module}" + include_recipe "chef_nginx::#{ngx_module}" end diff --git a/cookbooks/nginx/recipes/headers_more_module.rb b/cookbooks/chef_nginx/recipes/headers_more_module.rb similarity index 80% rename from cookbooks/nginx/recipes/headers_more_module.rb rename to cookbooks/chef_nginx/recipes/headers_more_module.rb index 08c586c..cde990f 100644 --- a/cookbooks/nginx/recipes/headers_more_module.rb +++ b/cookbooks/chef_nginx/recipes/headers_more_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: headers_more_module # # Author:: Lucas Jandrew () # -# Copyright 2012-2013, Riot Games +# Copyright:: 2012-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,14 +24,9 @@ module_location = "#{Chef::Config['file_cache_path']}/headers_more/#{node['nginx remote_file tar_location do source node['nginx']['headers_more']['source_url'] checksum node['nginx']['headers_more']['source_checksum'] - owner 'root' - group node['root_group'] - mode '0644' end directory module_location do - owner 'root' - group node['root_group'] mode '0755' recursive true action :create @@ -47,4 +42,4 @@ bash 'extract_headers_more' do end node.run_state['nginx_configure_flags'] = - node.run_state['nginx_configure_flags'] | ["--add-module=#{module_location}/headers-more-nginx-module-#{node['nginx']['headers_more']['version']}/"] + node.run_state['nginx_configure_flags'] | ["--add-module=#{module_location}/headers-more-nginx-module-#{node['nginx']['headers_more']['version']}/"] diff --git a/cookbooks/nginx/recipes/http_auth_request_module.rb b/cookbooks/chef_nginx/recipes/http_auth_request_module.rb similarity index 93% rename from cookbooks/nginx/recipes/http_auth_request_module.rb rename to cookbooks/chef_nginx/recipes/http_auth_request_module.rb index 5283ac5..3a6f6de 100644 --- a/cookbooks/nginx/recipes/http_auth_request_module.rb +++ b/cookbooks/chef_nginx/recipes/http_auth_request_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: http_auth_request_module # # Author:: David Radcliffe () # -# Copyright 2013, David Radcliffe +# Copyright:: 2013-2017, David Radcliffe # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -32,9 +32,6 @@ else remote_file arm_src_filepath do source node['nginx']['auth_request']['url'] checksum node['nginx']['auth_request']['checksum'] - owner 'root' - group node['root_group'] - mode '0644' end bash 'extract_auth_request_module' do diff --git a/cookbooks/nginx/recipes/http_echo_module.rb b/cookbooks/chef_nginx/recipes/http_echo_module.rb similarity index 92% rename from cookbooks/nginx/recipes/http_echo_module.rb rename to cookbooks/chef_nginx/recipes/http_echo_module.rb index 85c2861..a660e5d 100644 --- a/cookbooks/nginx/recipes/http_echo_module.rb +++ b/cookbooks/chef_nginx/recipes/http_echo_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: http_echo_module # # Author:: Danial Pearce () # -# Copyright 2012-2013, CushyCMS +# Copyright:: 2012-2017, CushyCMS # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -26,9 +26,6 @@ echo_extract_path = "#{Chef::Config['file_cache_path']}/nginx_echo_module/#{node remote_file echo_src_filepath do source node['nginx']['echo']['url'] checksum node['nginx']['echo']['checksum'] - owner 'root' - group node['root_group'] - mode '0644' end bash 'extract_http_echo_module' do diff --git a/cookbooks/nginx/recipes/http_geoip_module.rb b/cookbooks/chef_nginx/recipes/http_geoip_module.rb similarity index 86% rename from cookbooks/nginx/recipes/http_geoip_module.rb rename to cookbooks/chef_nginx/recipes/http_geoip_module.rb index f61b711..cba28ab 100644 --- a/cookbooks/nginx/recipes/http_geoip_module.rb +++ b/cookbooks/chef_nginx/recipes/http_geoip_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: http_geoip_module # # Author:: Jamie Winsor () # -# Copyright 2012-2013, Riot Games +# Copyright:: 2012-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -31,9 +31,6 @@ geolib_filepath = "#{Chef::Config['file_cache_path']}/#{geolib_filename}" remote_file geolib_filepath do source node['nginx']['geoip']['lib_url'] checksum node['nginx']['geoip']['lib_checksum'] - owner 'root' - group node['root_group'] - mode '0644' end bash 'extract_geolib' do @@ -50,8 +47,6 @@ bash 'extract_geolib' do end directory node['nginx']['geoip']['path'] do - owner 'root' - group node['root_group'] mode '0755' recursive true end @@ -63,9 +58,6 @@ remote_file country_src_filepath do end source node['nginx']['geoip']['country_dat_url'] checksum node['nginx']['geoip']['country_dat_checksum'] - owner 'root' - group node['root_group'] - mode '0644' end bash 'gunzip_geo_lite_country_dat' do @@ -76,7 +68,7 @@ bash 'gunzip_geo_lite_country_dat' do end if node['nginx']['geoip']['enable_city'] - city_dat = "#{node['nginx']['geoip']['path']}/GeoLiteCity.dat" + city_dat = "#{node['nginx']['geoip']['path']}/GeoLiteCity.dat" remote_file city_src_filepath do not_if do @@ -85,9 +77,6 @@ if node['nginx']['geoip']['enable_city'] end source node['nginx']['geoip']['city_dat_url'] checksum node['nginx']['geoip']['city_dat_checksum'] - owner 'root' - group node['root_group'] - mode '0644' end bash 'gunzip_geo_lite_city_dat' do @@ -100,12 +89,9 @@ end template "#{node['nginx']['dir']}/conf.d/http_geoip.conf" do source 'modules/http_geoip.conf.erb' - owner 'root' - group node['root_group'] - mode '0644' variables( - :country_dat => country_dat, - :city_dat => city_dat + country_dat: country_dat, + city_dat: city_dat ) end diff --git a/cookbooks/nginx/recipes/http_gzip_static_module.rb b/cookbooks/chef_nginx/recipes/http_gzip_static_module.rb similarity index 88% rename from cookbooks/nginx/recipes/http_gzip_static_module.rb rename to cookbooks/chef_nginx/recipes/http_gzip_static_module.rb index 4607c35..d52fadd 100644 --- a/cookbooks/nginx/recipes/http_gzip_static_module.rb +++ b/cookbooks/chef_nginx/recipes/http_gzip_static_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: http_gzip_static_module # # Author:: Jamie Winsor () # -# Copyright 2012-2013, Riot Games +# Copyright:: 2012-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,9 +21,6 @@ template "#{node['nginx']['dir']}/conf.d/http_gzip_static.conf" do source 'modules/http_gzip_static.conf.erb' - owner 'root' - group node['root_group'] - mode '0644' end node.run_state['nginx_configure_flags'] = diff --git a/cookbooks/nginx/recipes/http_mp4_module.rb b/cookbooks/chef_nginx/recipes/http_mp4_module.rb similarity index 100% rename from cookbooks/nginx/recipes/http_mp4_module.rb rename to cookbooks/chef_nginx/recipes/http_mp4_module.rb diff --git a/cookbooks/nginx/recipes/http_perl_module.rb b/cookbooks/chef_nginx/recipes/http_perl_module.rb similarity index 93% rename from cookbooks/nginx/recipes/http_perl_module.rb rename to cookbooks/chef_nginx/recipes/http_perl_module.rb index e4f55d9..8efe202 100644 --- a/cookbooks/nginx/recipes/http_perl_module.rb +++ b/cookbooks/chef_nginx/recipes/http_perl_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: http_perl_module # # Author:: Akzhan Abdulin () # -# Copyright 2012-2013, REG.RU +# Copyright:: 2012-2017, REG.RU # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/nginx/recipes/http_realip_module.rb b/cookbooks/chef_nginx/recipes/http_realip_module.rb similarity index 91% rename from cookbooks/nginx/recipes/http_realip_module.rb rename to cookbooks/chef_nginx/recipes/http_realip_module.rb index 6451bf9..d07ff4e 100644 --- a/cookbooks/nginx/recipes/http_realip_module.rb +++ b/cookbooks/chef_nginx/recipes/http_realip_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: http_realip_module # # Author:: Jamie Winsor () # -# Copyright 2012-2013, Riot Games +# Copyright:: 2012-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -28,9 +28,6 @@ node.default['nginx']['realip']['real_ip_recursive'] = 'off' template "#{node['nginx']['dir']}/conf.d/http_realip.conf" do source 'modules/http_realip.conf.erb' - owner 'root' - group node['root_group'] - mode '0644' notifies :reload, 'service[nginx]', :delayed end diff --git a/cookbooks/nginx/recipes/http_spdy_module.rb b/cookbooks/chef_nginx/recipes/http_spdy_module.rb similarity index 92% rename from cookbooks/nginx/recipes/http_spdy_module.rb rename to cookbooks/chef_nginx/recipes/http_spdy_module.rb index 1eafa9b..e15518e 100644 --- a/cookbooks/nginx/recipes/http_spdy_module.rb +++ b/cookbooks/chef_nginx/recipes/http_spdy_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: http_spdy_module # # Author:: Christoph Buente () # -# Copyright 2013, MeinekleineFarm.org +# Copyright:: 2013-2017, MeinekleineFarm.org # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/nginx/recipes/http_ssl_module.rb b/cookbooks/chef_nginx/recipes/http_ssl_module.rb similarity index 92% rename from cookbooks/nginx/recipes/http_ssl_module.rb rename to cookbooks/chef_nginx/recipes/http_ssl_module.rb index 6ff4f7c..4163a05 100644 --- a/cookbooks/nginx/recipes/http_ssl_module.rb +++ b/cookbooks/chef_nginx/recipes/http_ssl_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: http_ssl_module # # Author:: Jamie Winsor () # -# Copyright 2012-2013, Riot Games +# Copyright:: 2012-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/nginx/recipes/http_stub_status_module.rb b/cookbooks/chef_nginx/recipes/http_stub_status_module.rb similarity index 86% rename from cookbooks/nginx/recipes/http_stub_status_module.rb rename to cookbooks/chef_nginx/recipes/http_stub_status_module.rb index c07243c..fb3fdbd 100644 --- a/cookbooks/nginx/recipes/http_stub_status_module.rb +++ b/cookbooks/chef_nginx/recipes/http_stub_status_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: http_stub_status_module # # Author:: Jamie Winsor () # -# Copyright 2012-2013, Riot Games +# Copyright:: 2012-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,14 +19,11 @@ # limitations under the License. # -include_recipe 'nginx::authorized_ips' +include_recipe 'chef_nginx::authorized_ips' template 'nginx_status' do path "#{node['nginx']['dir']}/sites-available/nginx_status" source 'modules/nginx_status.erb' - owner 'root' - group node['root_group'] - mode '0644' notifies :reload, 'service[nginx]', :delayed end diff --git a/cookbooks/build-essential/recipes/_mac_os_x.rb b/cookbooks/chef_nginx/recipes/http_v2_module.rb similarity index 76% rename from cookbooks/build-essential/recipes/_mac_os_x.rb rename to cookbooks/chef_nginx/recipes/http_v2_module.rb index 1a235a4..0a7148f 100644 --- a/cookbooks/build-essential/recipes/_mac_os_x.rb +++ b/cookbooks/chef_nginx/recipes/http_v2_module.rb @@ -1,8 +1,8 @@ # -# Cookbook Name:: build-essential -# Recipe:: mac_os_x +# Cookbook:: nginx +# Recipe:: http_v2_module +# # -# Copyright 2008-2016, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,6 +17,5 @@ # limitations under the License. # -potentially_at_compile_time do - xcode_command_line_tools 'install' -end +node.run_state['nginx_configure_flags'] = + node.run_state['nginx_configure_flags'] | ['--with-http_v2_module'] diff --git a/cookbooks/nginx/recipes/ipv6.rb b/cookbooks/chef_nginx/recipes/ipv6.rb similarity index 92% rename from cookbooks/nginx/recipes/ipv6.rb rename to cookbooks/chef_nginx/recipes/ipv6.rb index 2c67601..57dba63 100644 --- a/cookbooks/nginx/recipes/ipv6.rb +++ b/cookbooks/chef_nginx/recipes/ipv6.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: ipv6 # # Author:: Alan Harper (alan@sct.com.au) # -# Copyright 2013 Alan Harper +# Copyright:: 2013-2017, Alan Harper # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/nginx/recipes/lua.rb b/cookbooks/chef_nginx/recipes/lua.rb similarity index 79% rename from cookbooks/nginx/recipes/lua.rb rename to cookbooks/chef_nginx/recipes/lua.rb index 9526389..7f3a1a3 100644 --- a/cookbooks/nginx/recipes/lua.rb +++ b/cookbooks/chef_nginx/recipes/lua.rb @@ -1,8 +1,8 @@ # -# Cookbook Name:: nginx -# Recipe:: default +# Cookbook:: nginx +# Recipe:: lua # -# Copyright 2013, Chef Software, Inc. +# Copyright:: 2013-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -24,9 +24,6 @@ luajit_extract_path = "#{Chef::Config['file_cache_path']}/luajit-#{node['nginx'] remote_file luajit_src_filepath do source node['nginx']['luajit']['url'] checksum node['nginx']['luajit']['checksum'] - owner 'root' - group node['root_group'] - mode '0644' end bash 'extract_luajit' do @@ -36,12 +33,14 @@ bash 'extract_luajit' do tar xzf #{luajit_src_filename} -C #{luajit_extract_path} cd luajit-#{node['nginx']['luajit']['version']}/LuaJIT-#{node['nginx']['luajit']['version']} make && make install - export LUAJIT_INC="/usr/local/include/luajit-2.0" - export LUAJIT_LIB="usr/local/lib" EOH not_if { ::File.exist?(luajit_extract_path) } end -package 'lua-devel' do - action :install -end +node.run_state['nginx_source_env'].merge!( + 'LUAJIT_INC' => '/usr/local/include/luajit-2.0', + 'LUAJIT_LIB' => '/usr/local/lib' +) + +node.run_state['nginx_configure_flags'] = + node.run_state['nginx_configure_flags'] | ['--with-ld-opt=-Wl,-rpath,/usr/local/lib'] diff --git a/cookbooks/nginx/recipes/naxsi_module.rb b/cookbooks/chef_nginx/recipes/naxsi_module.rb similarity index 89% rename from cookbooks/nginx/recipes/naxsi_module.rb rename to cookbooks/chef_nginx/recipes/naxsi_module.rb index 063f537..2adbaf6 100644 --- a/cookbooks/nginx/recipes/naxsi_module.rb +++ b/cookbooks/chef_nginx/recipes/naxsi_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: naxsi_module # # Author:: Artiom Lunev () # -# Copyright 2012-2013, Artiom Lunev +# Copyright:: 2012-2017, Artiom Lunev # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,9 +21,6 @@ cookbook_file "#{node['nginx']['dir']}/naxsi_core.rules" do source 'naxsi_core.rules' - owner 'root' - group node['root_group'] - mode '0644' notifies :reload, 'service[nginx]', :delayed end @@ -34,9 +31,6 @@ naxsi_extract_path = "#{Chef::Config['file_cache_path']}/nginx-naxsi-#{node['ngi remote_file naxsi_src_filepath do source node['nginx']['naxsi']['url'] checksum node['nginx']['naxsi']['checksum'] - owner 'root' - group node['root_group'] - mode '0644' end bash 'extract_naxsi_module' do diff --git a/cookbooks/nginx/recipes/ngx_devel_module.rb b/cookbooks/chef_nginx/recipes/ngx_devel_module.rb similarity index 92% rename from cookbooks/nginx/recipes/ngx_devel_module.rb rename to cookbooks/chef_nginx/recipes/ngx_devel_module.rb index 3c15c54..89c9d46 100644 --- a/cookbooks/nginx/recipes/ngx_devel_module.rb +++ b/cookbooks/chef_nginx/recipes/ngx_devel_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipes:: devel # # Author:: Arthur Freyman () # -# Copyright 2013, Riot Games +# Copyright:: 2013-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -26,9 +26,6 @@ devel_extract_path = "#{Chef::Config['file_cache_path']}/nginx-devel-#{node['ngi remote_file devel_src_filepath do source node['nginx']['devel']['url'] checksum node['nginx']['devel']['checksum'] - owner 'root' - group node['root_group'] - mode '0644' end bash 'extract_devel_module' do diff --git a/cookbooks/nginx/recipes/ngx_lua_module.rb b/cookbooks/chef_nginx/recipes/ngx_lua_module.rb similarity index 87% rename from cookbooks/nginx/recipes/ngx_lua_module.rb rename to cookbooks/chef_nginx/recipes/ngx_lua_module.rb index 2371f27..25c09c6 100644 --- a/cookbooks/nginx/recipes/ngx_lua_module.rb +++ b/cookbooks/chef_nginx/recipes/ngx_lua_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx -# Recipes:: lua +# Cookbook:: nginx +# Recipes:: nginx_lua_module # # Author:: Arthur Freyman () # -# Copyright 2013, Riot Games +# Copyright:: 2013-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -26,9 +26,6 @@ lua_extract_path = "#{Chef::Config['file_cache_path']}/nginx-lua-#{node['nginx'] remote_file lua_src_filepath do source node['nginx']['lua']['url'] checksum node['nginx']['lua']['checksum'] - owner 'root' - group node['root_group'] - mode '0644' end bash 'extract_lua_module' do @@ -43,5 +40,5 @@ end node.run_state['nginx_configure_flags'] = node.run_state['nginx_configure_flags'] | ["--add-module=#{lua_extract_path}/lua-nginx-module-#{node['nginx']['lua']['version']}"] -include_recipe 'nginx::lua' -include_recipe 'nginx::ngx_devel_module' +include_recipe 'chef_nginx::lua' +include_recipe 'chef_nginx::ngx_devel_module' diff --git a/cookbooks/nginx/recipes/ohai_plugin.rb b/cookbooks/chef_nginx/recipes/ohai_plugin.rb similarity index 70% rename from cookbooks/nginx/recipes/ohai_plugin.rb rename to cookbooks/chef_nginx/recipes/ohai_plugin.rb index a474d49..a554754 100644 --- a/cookbooks/nginx/recipes/ohai_plugin.rb +++ b/cookbooks/chef_nginx/recipes/ohai_plugin.rb @@ -1,10 +1,11 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: ohai_plugin # # Author:: Jamie Winsor () # -# Copyright 2012-2013, Riot Games +# Copyright:: 2012-2017, Riot Games +# Copyright:: 2016-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,17 +20,14 @@ # limitations under the License. # +# for notification post install / change ohai 'reload_nginx' do plugin 'nginx' action :nothing end -template "#{node['ohai']['plugin_path']}/nginx.rb" do - source 'plugins/nginx.rb.erb' - owner 'root' - group node['root_group'] - mode '0755' - notifies :reload, 'ohai[reload_nginx]', :immediately +ohai_plugin 'nginx' do + source_file 'plugins/ohai-nginx.rb.erb' + variables binary: node['nginx']['binary'] + resource :template end - -include_recipe 'ohai::default' diff --git a/cookbooks/nginx/recipes/openssl_source.rb b/cookbooks/chef_nginx/recipes/openssl_source.rb similarity index 92% rename from cookbooks/nginx/recipes/openssl_source.rb rename to cookbooks/chef_nginx/recipes/openssl_source.rb index f286f3d..01969bb 100644 --- a/cookbooks/nginx/recipes/openssl_source.rb +++ b/cookbooks/chef_nginx/recipes/openssl_source.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: openssl_source # # Author:: David Radcliffe () # -# Copyright 2013, David Radcliffe +# Copyright:: 2013-2017, David Radcliffe # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,9 +25,6 @@ extract_path = "#{Chef::Config['file_cache_path']}/openssl-#{node['nginx']['open remote_file src_filepath do source node['nginx']['openssl_source']['url'] - owner 'root' - group node['root_group'] - mode '0644' not_if { ::File.exist?(src_filepath) } end diff --git a/cookbooks/chef_nginx/recipes/package.rb b/cookbooks/chef_nginx/recipes/package.rb new file mode 100644 index 0000000..f39b375 --- /dev/null +++ b/cookbooks/chef_nginx/recipes/package.rb @@ -0,0 +1,53 @@ +# +# Cookbook:: nginx +# Recipe:: package +# Author:: AJ Christensen +# +# Copyright:: 2008-2017, Chef Software, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +include_recipe 'chef_nginx::ohai_plugin' + +case node['nginx']['repo_source'] +when 'epel' + if platform_family?('rhel') + include_recipe 'yum-epel' + else + Chef::Log.warn("node['nginx']['repo_source'] set to EPEL, but not running on a RHEL platform so skipping EPEL setup") + end +when 'nginx' + include_recipe 'chef_nginx::repo' + package_install_opts = '--disablerepo=* --enablerepo=nginx' if platform_family?('rhel') +when 'passenger' + if platform_family?('debian') + include_recipe 'chef_nginx::repo_passenger' + else + Chef::Log.warn("node['nginx']['repo_source'] set to passenger, but not running on a Debian based platform so skipping repo setup") + end +else + Chef::Log.warn('Unrecognized distro value set, or no value set. Using distro provided packages instead.') +end + +package node['nginx']['package_name'] do + options package_install_opts + notifies :reload, 'ohai[reload_nginx]', :immediately +end + +service 'nginx' do + supports status: true, restart: true, reload: true + action [:start, :enable] +end + +include_recipe 'chef_nginx::commons' diff --git a/cookbooks/nginx/recipes/pagespeed_module.rb b/cookbooks/chef_nginx/recipes/pagespeed_module.rb similarity index 78% rename from cookbooks/nginx/recipes/pagespeed_module.rb rename to cookbooks/chef_nginx/recipes/pagespeed_module.rb index b8fc608..150558b 100644 --- a/cookbooks/nginx/recipes/pagespeed_module.rb +++ b/cookbooks/chef_nginx/recipes/pagespeed_module.rb @@ -1,5 +1,5 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: pagespeed_module # @@ -9,9 +9,6 @@ extract_path = "#{Chef::Config['file_cache_path']}/nginx_pagespeed-#{node['nginx remote_file src_filepath do source node['nginx']['pagespeed']['url'] - owner 'root' - group node['root_group'] - mode '0644' not_if { ::File.exist?(src_filepath) } end @@ -21,22 +18,15 @@ psol_extract_path = "#{Chef::Config['file_cache_path']}/nginx_pagespeed-#{node[' remote_file psol_src_filepath do source node['nginx']['psol']['url'] - owner 'root' - group node['root_group'] - mode '0644' not_if { ::File.exist?(psol_src_filepath) } end -packages = value_for_platform_family( - %w(rhel) => node['nginx']['pagespeed']['packages']['rhel'], - %w(debian) => node['nginx']['pagespeed']['packages']['debian'] +package_array = value_for_platform_family( + %w(rhel) => node['nginx']['pagespeed']['packages']['rhel'], + %w(debian) => node['nginx']['pagespeed']['packages']['debian'] ) -unless packages.empty? - packages.each do |name| - package name - end -end +package package_array unless package_array.empty? bash 'extract_pagespeed' do cwd ::File.dirname(src_filepath) diff --git a/cookbooks/nginx/recipes/passenger.rb b/cookbooks/chef_nginx/recipes/passenger.rb similarity index 70% rename from cookbooks/nginx/recipes/passenger.rb rename to cookbooks/chef_nginx/recipes/passenger.rb index 93a3ae6..7dc27a5 100644 --- a/cookbooks/nginx/recipes/passenger.rb +++ b/cookbooks/chef_nginx/recipes/passenger.rb @@ -1,8 +1,8 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: Passenger # -# Copyright 2013, Chef Software, Inc. +# Copyright:: 2013-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,8 +18,8 @@ # packages = value_for_platform_family( - %w(rhel) => node['nginx']['passenger']['packages']['rhel'], - %w(fedora) => node['nginx']['passenger']['packages']['fedora'], + %w(rhel) => node['nginx']['passenger']['packages']['rhel'], + %w(fedora) => node['nginx']['passenger']['packages']['fedora'], %w(debian) => node['nginx']['passenger']['packages']['debian'] ) @@ -42,15 +42,20 @@ elsif node['nginx']['passenger']['install_method'] == 'source' gem_binary node['nginx']['passenger']['gem_binary'] if node['nginx']['passenger']['gem_binary'] end + passenger_module = node['nginx']['passenger']['root'] + + passenger_module += if Chef::VersionConstraint.new('>= 5.0.19').include?(node['nginx']['passenger']['version']) + '/src/nginx_module' + else + '/ext/nginx' + end + node.run_state['nginx_configure_flags'] = - node.run_state['nginx_configure_flags'] | ["--add-module=#{node['nginx']['passenger']['root']}/ext/nginx"] + node.run_state['nginx_configure_flags'] | ["--add-module=#{passenger_module}"] end template "#{node['nginx']['dir']}/conf.d/passenger.conf" do source 'modules/passenger.conf.erb' - owner 'root' - group node['root_group'] - mode '0644' notifies :reload, 'service[nginx]', :delayed end diff --git a/cookbooks/nginx/recipes/repo.rb b/cookbooks/chef_nginx/recipes/repo.rb similarity index 61% rename from cookbooks/nginx/recipes/repo.rb rename to cookbooks/chef_nginx/recipes/repo.rb index de24b7a..ee44e01 100644 --- a/cookbooks/nginx/recipes/repo.rb +++ b/cookbooks/chef_nginx/recipes/repo.rb @@ -1,9 +1,9 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: repo # Author:: Nick Rycar # -# Copyright 2008-2013, Chef Software, Inc. +# Copyright:: 2008-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,17 +19,24 @@ # case node['platform_family'] -when 'rhel', 'fedora' +when 'rhel' yum_repository 'nginx' do - description 'Nginx.org Repository' - baseurl node['nginx']['upstream_repository'] - gpgkey 'http://nginx.org/keys/nginx_signing.key' - action :create + description 'Nginx.org Repository' + baseurl node['nginx']['upstream_repository'] + gpgkey 'http://nginx.org/keys/nginx_signing.key' + action :create + end + +when 'suse' + + zypper_repo 'nginx' do + repo_name 'Nginx.org Repository' + uri 'http://nginx.org/packages/sles/12' + key 'http://nginx.org/keys/nginx_signing.key' end when 'debian' - include_recipe 'apt::default' apt_repository 'nginx' do uri node['nginx']['upstream_repository'] @@ -38,4 +45,9 @@ when 'debian' deb_src true key 'http://nginx.org/keys/nginx_signing.key' end + +else + log "nginx.org does not maintain packages for platform #{node['platform']}. Cannot setup the upstream repo!" do + level :warn + end end diff --git a/cookbooks/nginx/recipes/repo_passenger.rb b/cookbooks/chef_nginx/recipes/repo_passenger.rb similarity index 75% rename from cookbooks/nginx/recipes/repo_passenger.rb rename to cookbooks/chef_nginx/recipes/repo_passenger.rb index 4b3dad4..e1a54cd 100644 --- a/cookbooks/nginx/recipes/repo_passenger.rb +++ b/cookbooks/chef_nginx/recipes/repo_passenger.rb @@ -1,4 +1,4 @@ -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: repo_passenger # Author:: Jose Alberto Suarez Lopez # @@ -15,16 +15,8 @@ # limitations under the License. # -case node['platform_family'] -when 'rhel', 'fedora' - - log 'There is not official phusion passenger repo for redhat based systems.' do - level :info - end - -when 'debian' - include_recipe 'apt::default' - package 'apt-transport-https' +if platform_family?('debian') + package 'ca-certificates' apt_repository 'phusionpassenger' do uri 'https://oss-binaries.phusionpassenger.com/apt/passenger' @@ -35,5 +27,9 @@ when 'debian' key '561F9B9CAC40B2F7' end - include_recipe 'nginx::passenger' + include_recipe 'chef_nginx::passenger' +else + log "There is not official phusion passenger repo platform #{node['platform']}. Skipping repo setup!" do + level :warn + end end diff --git a/cookbooks/nginx/recipes/set_misc.rb b/cookbooks/chef_nginx/recipes/set_misc.rb similarity index 88% rename from cookbooks/nginx/recipes/set_misc.rb rename to cookbooks/chef_nginx/recipes/set_misc.rb index 53b1060..e38e5f7 100644 --- a/cookbooks/nginx/recipes/set_misc.rb +++ b/cookbooks/chef_nginx/recipes/set_misc.rb @@ -1,5 +1,5 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipes:: set_misc # @@ -10,9 +10,6 @@ set_misc_extract_path = "#{Chef::Config['file_cache_path']}/nginx-set_misc-#{nod remote_file set_misc_src_filepath do source node['nginx']['set_misc']['url'] checksum node['nginx']['set_misc']['checksum'] - owner 'root' - group 'root' - mode '0644' end bash 'extract_set_misc_module' do @@ -27,4 +24,4 @@ end node.run_state['nginx_configure_flags'] = node.run_state['nginx_configure_flags'] | ["--add-module=#{set_misc_extract_path}/set-misc-nginx-module-#{node['nginx']['set_misc']['version']}"] -include_recipe 'nginx::ngx_devel_module' +include_recipe 'chef_nginx::ngx_devel_module' diff --git a/cookbooks/nginx/recipes/socketproxy.rb b/cookbooks/chef_nginx/recipes/socketproxy.rb similarity index 73% rename from cookbooks/nginx/recipes/socketproxy.rb rename to cookbooks/chef_nginx/recipes/socketproxy.rb index 4498922..292142f 100644 --- a/cookbooks/nginx/recipes/socketproxy.rb +++ b/cookbooks/chef_nginx/recipes/socketproxy.rb @@ -1,9 +1,9 @@ -include_recipe 'nginx::commons_dir' +include_recipe 'chef_nginx::commons_dir' directory node['nginx']['socketproxy']['root'] do owner node['nginx']['socketproxy']['app_owner'] group node['nginx']['socketproxy']['app_owner'] - mode 00755 + mode '0755' action :create end @@ -11,13 +11,10 @@ context_names = node['nginx']['socketproxy']['apps'].map do |_app, app_conf| app_conf['context_name'] end -fail 'More than one app has the same context_name configured.' if context_names.uniq.length != context_names.length +raise 'More than one app has the same context_name configured.' if context_names.uniq.length != context_names.length template node['nginx']['dir'] + '/sites-available/socketproxy.conf' do source 'modules/socketproxy.conf.erb' - owner 'root' - group 'root' - mode 00644 notifies :reload, 'service[nginx]', :delayed end diff --git a/cookbooks/nginx/recipes/source.rb b/cookbooks/chef_nginx/recipes/source.rb similarity index 54% rename from cookbooks/nginx/recipes/source.rb rename to cookbooks/chef_nginx/recipes/source.rb index 5f565b6..415fa1e 100644 --- a/cookbooks/nginx/recipes/source.rb +++ b/cookbooks/chef_nginx/recipes/source.rb @@ -1,12 +1,12 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: source # # Author:: Adam Jacob () # Author:: Joshua Timberman () # Author:: Jamie Winsor () # -# Copyright 2009-2013, Chef Software, Inc. +# Copyright:: 2009-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -21,71 +21,59 @@ # limitations under the License. # -# This is for Chef 10 and earlier where attributes aren't loaded -# deterministically (resolved in Chef 11). -node.load_attribute_by_short_filename('source', 'nginx') if node.respond_to?(:load_attribute_by_short_filename) +raise "#{node['platform']} is not a supported platform in the nginx::source recipe" unless platform_family?('rhel', 'fedora', 'debian', 'suse') -nginx_url = node['nginx']['source']['url'] || - "http://nginx.org/download/nginx-#{node['nginx']['source']['version']}.tar.gz" +node.normal['nginx']['binary'] = node['nginx']['source']['sbin_path'] +node.normal['nginx']['daemon_disable'] = true -node.set['nginx']['binary'] = node['nginx']['source']['sbin_path'] -node.set['nginx']['daemon_disable'] = true - -unless node['nginx']['source']['use_existing_user'] - user node['nginx']['user'] do - system true - shell '/bin/false' - home '/var/www' - end +user node['nginx']['user'] do + system true + shell '/bin/false' + home '/var/www' + not_if { node['nginx']['source']['use_existing_user'] } end -include_recipe 'nginx::ohai_plugin' -include_recipe 'nginx::commons_dir' -include_recipe 'nginx::commons_script' +include_recipe 'chef_nginx::ohai_plugin' +include_recipe 'chef_nginx::commons_dir' +include_recipe 'chef_nginx::commons_script' include_recipe 'build-essential::default' -src_filepath = "#{Chef::Config['file_cache_path'] || '/tmp'}/nginx-#{node['nginx']['source']['version']}.tar.gz" -packages = value_for_platform_family( - %w(rhel fedora suse) => %w(pcre-devel openssl-devel), - %w(gentoo) => [], - %w(default) => %w(libpcre3 libpcre3-dev libssl-dev) +src_filepath = "#{Chef::Config['file_cache_path']}/nginx-#{node['nginx']['source']['version']}.tar.gz" + +# install prereqs +package value_for_platform_family( + %w(rhel fedora) => %w(pcre-devel openssl-devel tar), + %w(suse) => %w(pcre-devel libopenssl-devel tar), + %w(debian) => %w(libpcre3 libpcre3-dev libssl-dev tar) ) -packages.each do |name| - package name -end - -remote_file nginx_url do - source nginx_url +remote_file 'nginx source' do + source node['nginx']['source']['url'] checksum node['nginx']['source']['checksum'] path src_filepath backup false + retries 4 end node.run_state['nginx_force_recompile'] = false node.run_state['nginx_configure_flags'] = node['nginx']['source']['default_configure_flags'] | node['nginx']['configure_flags'] +node.run_state['nginx_source_env'] = {} -include_recipe 'nginx::commons_conf' +include_recipe 'chef_nginx::commons_conf' cookbook_file "#{node['nginx']['dir']}/mime.types" do source 'mime.types' - owner 'root' - group node['root_group'] - mode '0644' notifies :reload, 'service[nginx]', :delayed end -# source install depends on the existence of the `tar` package -package 'tar' - # Unpack downloaded source so we could apply nginx patches # in custom modules - example http://yaoweibin.github.io/nginx_tcp_proxy_module/ # patch -p1 < /path/to/nginx_tcp_proxy_module/tcp.patch bash 'unarchive_source' do cwd ::File.dirname(src_filepath) code <<-EOH - tar zxf #{::File.basename(src_filepath)} -C #{::File.dirname(src_filepath)} + tar zxf #{::File.basename(src_filepath)} -C #{::File.dirname(src_filepath)} --no-same-owner EOH not_if { ::File.directory?("#{Chef::Config['file_cache_path'] || '/tmp'}/nginx-#{node['nginx']['source']['version']}") } end @@ -99,6 +87,7 @@ nginx_force_recompile = node.run_state['nginx_force_recompile'] bash 'compile_nginx_source' do cwd ::File.dirname(src_filepath) + environment node.run_state['nginx_source_env'] code <<-EOH cd nginx-#{node['nginx']['source']['version']} && ./configure #{node.run_state['nginx_configure_flags'].join(' ')} && @@ -117,87 +106,65 @@ bash 'compile_nginx_source' do end case node['nginx']['init_style'] -when 'runit' - node.set['nginx']['src_binary'] = node['nginx']['binary'] - include_recipe 'runit::default' - - runit_service 'nginx' - - service 'nginx' do - supports :status => true, :restart => true, :reload => true - reload_command "#{node['runit']['sv_bin']} hup #{node['runit']['service_dir']}/nginx" - end -when 'bluepill' - include_recipe 'bluepill::default' - - template "#{node['bluepill']['conf_dir']}/nginx.pill" do - source 'nginx.pill.erb' - mode '0644' - end - - bluepill_service 'nginx' do - action [:enable, :load] - end - - service 'nginx' do - supports :status => true, :restart => true, :reload => true - reload_command "[[ -f #{node['nginx']['pid']} ]] && kill -HUP `cat #{node['nginx']['pid']}` || true" - action :nothing - end when 'upstart' # we rely on this to set up nginx.conf with daemon disable instead of doing # it in the upstart init script. - node.set['nginx']['daemon_disable'] = node['nginx']['upstart']['foreground'] + node.normal['nginx']['daemon_disable'] = node['nginx']['upstart']['foreground'] template '/etc/init/nginx.conf' do source 'nginx-upstart.conf.erb' - owner 'root' - group node['root_group'] - mode '0644' + variables(lazy { { pid_file: pidfile_location } }) end service 'nginx' do provider Chef::Provider::Service::Upstart - supports :status => true, :restart => true, :reload => true - action :nothing + supports status: true, restart: true, reload: true + action [:start, :enable] + end +when 'systemd' + + systemd_prefix = platform_family?('suse') ? '/usr/lib' : '/lib' + + template "#{systemd_prefix}/systemd/system/nginx.service" do + source 'nginx.service.erb' + end + + service 'nginx' do + provider Chef::Provider::Service::Systemd + supports status: true, restart: true, reload: true + action [:start, :enable] end else - node.set['nginx']['daemon_disable'] = false + node.normal['nginx']['daemon_disable'] = false generate_init = true case node['platform'] - when 'gentoo' - generate_template = false when 'debian', 'ubuntu' generate_template = true - defaults_path = '/etc/default/nginx' + defaults_path = '/etc/default/nginx' when 'freebsd' - generate_init = false + generate_init = false else generate_template = true - defaults_path = '/etc/sysconfig/nginx' + defaults_path = '/etc/sysconfig/nginx' end template '/etc/init.d/nginx' do source 'nginx.init.erb' - owner 'root' - group node['root_group'] mode '0755' + variables(lazy { { pid_file: pidfile_location } }) end if generate_init - if generate_template + if generate_template # ~FC023 template defaults_path do source 'nginx.sysconfig.erb' - owner 'root' - group node['root_group'] - mode '0644' end end service 'nginx' do - supports :status => true, :restart => true, :reload => true - action :enable + supports status: true, restart: true, reload: true + action [:start, :enable] end end diff --git a/cookbooks/nginx/recipes/syslog_module.rb b/cookbooks/chef_nginx/recipes/syslog_module.rb similarity index 71% rename from cookbooks/nginx/recipes/syslog_module.rb rename to cookbooks/chef_nginx/recipes/syslog_module.rb index aea546b..e731910 100644 --- a/cookbooks/nginx/recipes/syslog_module.rb +++ b/cookbooks/chef_nginx/recipes/syslog_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: syslog_module # # Author:: Bob Ziuchkovski () # -# Copyright 2014, UserTesting +# Copyright:: 2014-2017, UserTesting # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,24 +23,24 @@ nginx_src = "#{Chef::Config['file_cache_path']}/nginx-#{node['nginx']['source'][ nginx_syslog_src = "#{Chef::Config['file_cache_path']}/nginx_syslog_module" major, minor, patch = node['nginx']['source']['version'].split('.').map { |s| Integer(s) } -fail 'Unsupported nginx version' if major != 1 +raise 'Unsupported nginx version' if major != 1 case minor when 2 - case patch - when 0..6 - syslog_patch = 'syslog_1.2.0.patch' - else - syslog_patch = 'syslog_1.2.7.patch' - end + syslog_patch = case patch + when 0..6 + 'syslog_1.2.0.patch' + else + 'syslog_1.2.7.patch' + end when 3 - case patch - when 0..9 - syslog_patch = 'syslog_1.2.0.patch' - when 10..13 - syslog_patch = 'syslog_1.3.11.patch' - else - syslog_patch = 'syslog_1.3.14.patch' - end + syslog_patch = case patch + when 0..9 + 'syslog_1.2.0.patch' + when 10..13 + 'syslog_1.3.11.patch' + else + 'syslog_1.3.14.patch' + end when 4 syslog_patch = 'syslog_1.4.0.patch' when 5..6 @@ -48,21 +48,19 @@ when 5..6 when 7 syslog_patch = 'syslog_1.7.0.patch' else - fail 'Unsupported nginx version' + raise 'Unsupported nginx version' end git nginx_syslog_src do repository node['nginx']['syslog']['git_repo'] revision node['nginx']['syslog']['git_revision'] action :sync - user 'root' - group 'root' end execute 'apply_nginx_syslog_patch' do cwd nginx_src command "patch -p1 < #{nginx_syslog_src}/#{syslog_patch}" - not_if "patch -p1 --dry-run --reverse --silent < #{nginx_syslog_src}/#{syslog_patch}", :cwd => nginx_src + not_if "patch -p1 --dry-run --reverse --silent < #{nginx_syslog_src}/#{syslog_patch}", cwd: nginx_src end node.run_state['nginx_configure_flags'] = diff --git a/cookbooks/nginx/recipes/upload_progress_module.rb b/cookbooks/chef_nginx/recipes/upload_progress_module.rb similarity index 89% rename from cookbooks/nginx/recipes/upload_progress_module.rb rename to cookbooks/chef_nginx/recipes/upload_progress_module.rb index ccb1cfb..8a64f07 100644 --- a/cookbooks/nginx/recipes/upload_progress_module.rb +++ b/cookbooks/chef_nginx/recipes/upload_progress_module.rb @@ -1,10 +1,10 @@ # -# Cookbook Name:: nginx +# Cookbook:: nginx # Recipe:: upload_progress_module # # Author:: Jamie Winsor () # -# Copyright 2012-2013, Riot Games +# Copyright:: 2012-2017, Riot Games # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -26,16 +26,10 @@ upm_extract_path = "#{Chef::Config['file_cache_path']}/nginx_upload_progress/#{n remote_file upm_src_filepath do source node['nginx']['upload_progress']['url'] checksum node['nginx']['upload_progress']['checksum'] - owner 'root' - group node['root_group'] - mode '0644' end template "#{node['nginx']['dir']}/conf.d/upload_progress.conf" do source 'modules/upload_progress.erb' - owner 'root' - group node['root_group'] - mode '0644' notifies :reload, 'service[nginx]', :delayed end diff --git a/cookbooks/chef_nginx/resources/site.rb b/cookbooks/chef_nginx/resources/site.rb new file mode 100644 index 0000000..b597036 --- /dev/null +++ b/cookbooks/chef_nginx/resources/site.rb @@ -0,0 +1,81 @@ +# +# Cookbook:: nginx +# Resource:: site +# +# Author:: AJ Christensen +# Author:: Tim Smith +# +# Copyright:: 2008-2017, Chef Software, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +provides :nginx_site + +property :name, String, name_property: true +property :variables, Hash, default: {} +property :cookbook, String +property :template, [String, Array] +property :enable, [String, true, false] + +action :enable do + # this is pretty evil, but gives us backwards compat with the old + # definition where there was an enable property vs a true action + if new_resource.enable + Chef::Log.warn('The "enable" property in nginx_site is deprecated. Use "action :enable" instead.') + elsif new_resource.enable == false || new_resource.enable == 'false' + Chef::Log.warn('The "enable" property in nginx_site is deprecated. Use "action :disable" instead.') + action_disable + return # don't perform the actual enable action afterwards + end + + if new_resource.template + # use declare_resource so we can have a property also named template + declare_resource(:template, "#{node['nginx']['dir']}/sites-available/#{new_resource.name}") do + source new_resource.template + cookbook new_resource.cookbook + variables(new_resource.variables) + notifies :reload, 'service[nginx]' + end + end + + execute "nxensite #{new_resource.name}" do + command "#{node['nginx']['script_dir']}/nxensite #{new_resource.name}" + notifies :reload, 'service[nginx]' + not_if do + ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/#{new_resource.name}") || + ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/000-#{new_resource.name}") + end + end +end + +action :disable do + execute "nxdissite #{new_resource.name}" do + command "#{node['nginx']['script_dir']}/nxdissite #{new_resource.name}" + notifies :reload, 'service[nginx]' + only_if do + ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/#{new_resource.name}") || + ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/000-#{new_resource.name}") + end + end + + # The nginx.org packages store the default site at /etc/nginx/conf.d/default.conf and our + # normal script doesn't disable these. + if new_resource.name == 'default' && ::File.exist?('/etc/nginx/conf.d/default.conf') # ~FC023 + execute 'Move nginx.org package default site config to sites-available' do + command "mv /etc/nginx/conf.d/default.conf #{node['nginx']['dir']}/sites-available/default" + user 'root' + notifies :reload, 'service[nginx]' + end + end +end diff --git a/cookbooks/nginx/templates/debian/nginx.init.erb b/cookbooks/chef_nginx/templates/debian/nginx.init.erb similarity index 98% rename from cookbooks/nginx/templates/debian/nginx.init.erb rename to cookbooks/chef_nginx/templates/debian/nginx.init.erb index 5a3711e..f058d78 100644 --- a/cookbooks/nginx/templates/debian/nginx.init.erb +++ b/cookbooks/chef_nginx/templates/debian/nginx.init.erb @@ -14,7 +14,7 @@ PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin DAEMON=<%= node['nginx']['binary'] %> NAME=nginx DESC=nginx -PID=<%= node['nginx']['pid'] %> +PID=<%= @pid_file %> # Include nginx defaults if available if [ -f /etc/default/nginx ]; then diff --git a/cookbooks/nginx/templates/default/default-site.erb b/cookbooks/chef_nginx/templates/default/default-site.erb similarity index 100% rename from cookbooks/nginx/templates/default/default-site.erb rename to cookbooks/chef_nginx/templates/default/default-site.erb diff --git a/cookbooks/nginx/templates/default/modules/authorized_ip.erb b/cookbooks/chef_nginx/templates/default/modules/authorized_ip.erb similarity index 100% rename from cookbooks/nginx/templates/default/modules/authorized_ip.erb rename to cookbooks/chef_nginx/templates/default/modules/authorized_ip.erb diff --git a/cookbooks/nginx/templates/default/modules/http_geoip.conf.erb b/cookbooks/chef_nginx/templates/default/modules/http_geoip.conf.erb similarity index 100% rename from cookbooks/nginx/templates/default/modules/http_geoip.conf.erb rename to cookbooks/chef_nginx/templates/default/modules/http_geoip.conf.erb diff --git a/cookbooks/nginx/templates/default/modules/http_gzip_static.conf.erb b/cookbooks/chef_nginx/templates/default/modules/http_gzip_static.conf.erb similarity index 100% rename from cookbooks/nginx/templates/default/modules/http_gzip_static.conf.erb rename to cookbooks/chef_nginx/templates/default/modules/http_gzip_static.conf.erb diff --git a/cookbooks/nginx/templates/default/modules/http_realip.conf.erb b/cookbooks/chef_nginx/templates/default/modules/http_realip.conf.erb similarity index 58% rename from cookbooks/nginx/templates/default/modules/http_realip.conf.erb rename to cookbooks/chef_nginx/templates/default/modules/http_realip.conf.erb index 5f9ffd1..3a5180c 100644 --- a/cookbooks/nginx/templates/default/modules/http_realip.conf.erb +++ b/cookbooks/chef_nginx/templates/default/modules/http_realip.conf.erb @@ -1,7 +1,7 @@ -<% node['nginx']['realip']['addresses'].each do |address| %> +<% node['nginx']['realip']['addresses'].each do |address| -%> set_real_ip_from <%= address %>; -<% end %> +<% end -%> real_ip_header <%= node['nginx']['realip']['header'] %>; -<% if node['nginx']['version'] >= '1.2.1' -%> +<% if node['nginx']['version'].to_f >= 1.2 -%> real_ip_recursive <%= node['nginx']['realip']['real_ip_recursive'] %>; <% end -%> diff --git a/cookbooks/nginx/templates/default/modules/nginx_status.erb b/cookbooks/chef_nginx/templates/default/modules/nginx_status.erb similarity index 86% rename from cookbooks/nginx/templates/default/modules/nginx_status.erb rename to cookbooks/chef_nginx/templates/default/modules/nginx_status.erb index 77e295d..eeb6ab5 100644 --- a/cookbooks/nginx/templates/default/modules/nginx_status.erb +++ b/cookbooks/chef_nginx/templates/default/modules/nginx_status.erb @@ -11,4 +11,8 @@ server { stub_status on; access_log off; } + + location / { + return 404; + } } diff --git a/cookbooks/nginx/templates/default/modules/passenger.conf.erb b/cookbooks/chef_nginx/templates/default/modules/passenger.conf.erb similarity index 76% rename from cookbooks/nginx/templates/default/modules/passenger.conf.erb rename to cookbooks/chef_nginx/templates/default/modules/passenger.conf.erb index 992b14f..1de3720 100644 --- a/cookbooks/nginx/templates/default/modules/passenger.conf.erb +++ b/cookbooks/chef_nginx/templates/default/modules/passenger.conf.erb @@ -7,6 +7,10 @@ passenger_min_instances <%= node['nginx']['passenger']['min_instances'] %>; passenger_max_instances_per_app <%= node['nginx']['passenger']['max_instances_per_app'] %>; passenger_pool_idle_time <%= node['nginx']['passenger']['pool_idle_time'] %>; passenger_max_requests <%= node['nginx']['passenger']['max_requests'] %>; +passenger_show_version_in_header <%= node['nginx']['passenger']['show_version_in_header'] %>; +<%- if node['nginx']['passenger']['passenger_log_file'] %> + passenger_log_file <%= node['nginx']['passenger']['passenger_log_file'] %>; +<% end %> <%- if node['nginx']['passenger']['nodejs'] %> passenger_nodejs <%= node['nginx']['passenger']['nodejs'] %>; diff --git a/cookbooks/nginx/templates/default/modules/socketproxy.conf.erb b/cookbooks/chef_nginx/templates/default/modules/socketproxy.conf.erb similarity index 100% rename from cookbooks/nginx/templates/default/modules/socketproxy.conf.erb rename to cookbooks/chef_nginx/templates/default/modules/socketproxy.conf.erb diff --git a/cookbooks/nginx/templates/default/modules/upload_progress.erb b/cookbooks/chef_nginx/templates/default/modules/upload_progress.erb similarity index 100% rename from cookbooks/nginx/templates/default/modules/upload_progress.erb rename to cookbooks/chef_nginx/templates/default/modules/upload_progress.erb diff --git a/cookbooks/nginx/templates/default/nginx-upstart.conf.erb b/cookbooks/chef_nginx/templates/default/nginx-upstart.conf.erb similarity index 74% rename from cookbooks/nginx/templates/default/nginx-upstart.conf.erb rename to cookbooks/chef_nginx/templates/default/nginx-upstart.conf.erb index 35cf867..fa88f24 100644 --- a/cookbooks/nginx/templates/default/nginx-upstart.conf.erb +++ b/cookbooks/chef_nginx/templates/default/nginx-upstart.conf.erb @@ -6,13 +6,13 @@ start on (local-filesystems and net-device-up IFACE=lo and runlevel [<%= node['n stop on runlevel [!<%= node['nginx']['upstart']['runlevels'] %>] env DAEMON=<%= node['nginx']['binary'] %> -env PID=<%= node['nginx']['pid'] %> +env PID=<%= @pid_file %> env CONFIG=<%= node['nginx']['source']['conf_path'] %> respawn -<% if node['nginx']['upstart']['respawn_limit'] %> +<% if node['nginx']['upstart']['respawn_limit'] -%> respawn limit <%= node['nginx']['upstart']['respawn_limit'] %> -<% end %> +<% end -%> pre-start script ${DAEMON} -t @@ -21,19 +21,19 @@ pre-start script fi end script -<% unless node['nginx']['upstart']['foreground'] %> +<% unless node['nginx']['upstart']['foreground'] -%> expect fork -<% else %> +<% else -%> console output -<% end %> +<% end -%> exec ${DAEMON} -c "${CONFIG}" -<% if node.recipe?('nginx::passenger') and not node['nginx']['upstart']['foreground'] %> +<% if node.recipe?('chef_nginx::passenger') && !node['nginx']['upstart']['foreground'] -%> # classic example of why pidfiles should have gone away # with the advent of fork(). we missed that bus a long # time ago so hack around it. post-stop script start-stop-daemon --stop --pidfile ${PID} --name nginx --exec ${DAEMON} --signal QUIT end script -<% end %> +<% end -%> diff --git a/cookbooks/nginx/templates/default/nginx.conf.erb b/cookbooks/chef_nginx/templates/default/nginx.conf.erb similarity index 88% rename from cookbooks/nginx/templates/default/nginx.conf.erb rename to cookbooks/chef_nginx/templates/default/nginx.conf.erb index 169eb24..98cb4a8 100644 --- a/cookbooks/nginx/templates/default/nginx.conf.erb +++ b/cookbooks/chef_nginx/templates/default/nginx.conf.erb @@ -1,15 +1,20 @@ user <%= node['nginx']['user'] %><% if node['nginx']['user'] != node['nginx']['group'] %> <%= node['nginx']['group'] %><% end %>; -worker_processes <%= node['nginx']['worker_processes'] %>; +worker_processes <%= node['nginx']['worker_processes'] %>; <% if node['nginx']['daemon_disable'] -%> daemon off; <% end -%> <% if node['nginx']['worker_rlimit_nofile'] -%> worker_rlimit_nofile <%= node['nginx']['worker_rlimit_nofile'] %>; <% end -%> +<% if node['nginx']['worker_shutdown_timeout'] -%> +worker_shutdown_timeout <%= node['nginx']['worker_shutdown_timeout'] %>; +<% end -%> +<% node['nginx']['load_modules'].each do |module_to_load| %> +load_module <%= module_to_load %>; +<% end -%> error_log <%= node['nginx']['log_dir'] %>/error.log<% if node['nginx']['error_log_options'] %> <%= node['nginx']['error_log_options'] %><% end %>; -pid <%= node['nginx']['pid'] %>; - +pid <%= @pid_file %>; events { worker_connections <%= node['nginx']['worker_connections'] %>; <% if node['nginx']['multi_accept'] -%> @@ -24,12 +29,13 @@ events { } http { - <% if node.recipe?('nginx::naxsi_module') %> + <% if node.recipe?('chef_nginx::naxsi_module') %> include <%= node['nginx']['dir'] %>/naxsi_core.rules; <% end %> include <%= node['nginx']['dir'] %>/mime.types; default_type application/octet-stream; + charset_types text/css text/plain text/vnd.wap.wml application/javascript application/json application/rss+xml application/xml; <% node['nginx']['log_formats'].each do |name, format| %> log_format <%= name %> <%= format %>; diff --git a/cookbooks/nginx/templates/default/nginx.init.erb b/cookbooks/chef_nginx/templates/default/nginx.init.erb similarity index 100% rename from cookbooks/nginx/templates/default/nginx.init.erb rename to cookbooks/chef_nginx/templates/default/nginx.init.erb diff --git a/cookbooks/chef_nginx/templates/default/nginx.service.erb b/cookbooks/chef_nginx/templates/default/nginx.service.erb new file mode 100644 index 0000000..c187ad6 --- /dev/null +++ b/cookbooks/chef_nginx/templates/default/nginx.service.erb @@ -0,0 +1,13 @@ +[Unit] +Description=The nginx HTTP and reverse proxy server +After=network.target remote-fs.target nss-lookup.target + +[Service] +ExecStartPre=<%= node['nginx']['binary'] %> -t +ExecStart=<%= node['nginx']['binary'] %> +ExecReload=/bin/kill -s HUP $MAINPID +ExecStop=/bin/kill -s QUIT $MAINPID +PrivateTmp=true + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/cookbooks/nginx/templates/default/nginx.sysconfig.erb b/cookbooks/chef_nginx/templates/default/nginx.sysconfig.erb similarity index 100% rename from cookbooks/nginx/templates/default/nginx.sysconfig.erb rename to cookbooks/chef_nginx/templates/default/nginx.sysconfig.erb diff --git a/cookbooks/nginx/templates/default/nxdissite.erb b/cookbooks/chef_nginx/templates/default/nxdissite.erb similarity index 100% rename from cookbooks/nginx/templates/default/nxdissite.erb rename to cookbooks/chef_nginx/templates/default/nxdissite.erb diff --git a/cookbooks/nginx/templates/default/nxensite.erb b/cookbooks/chef_nginx/templates/default/nxensite.erb similarity index 100% rename from cookbooks/nginx/templates/default/nxensite.erb rename to cookbooks/chef_nginx/templates/default/nxensite.erb diff --git a/cookbooks/chef_nginx/templates/default/plugins/ohai-nginx.rb.erb b/cookbooks/chef_nginx/templates/default/plugins/ohai-nginx.rb.erb new file mode 100644 index 0000000..a66d65e --- /dev/null +++ b/cookbooks/chef_nginx/templates/default/plugins/ohai-nginx.rb.erb @@ -0,0 +1,82 @@ +# +# Author:: Jamie Winsor () +# +# Copyright 2012, Riot Games +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +Ohai.plugin(:Nginx) do + provides "nginx" + provides "nginx/version" + provides "nginx/configure_arguments" + provides "nginx/prefix" + provides "nginx/conf_path" + + def parse_flags(flags) + prefix = nil + conf_path = nil + + flags.each do |flag| + case flag + when /^--prefix=(.+)$/ + prefix = Regexp.last_match(1) + when /^--conf-path=(.+)$/ + conf_path = Regexp.last_match(1) + end + end + + [prefix, conf_path] + end + + collect_data do + nginx Mash.new unless nginx + # if we fail we should still have these values to avoid nil class errors + # if people try to use them + nginx[:version] = nil unless nginx[:version] + nginx[:configure_arguments] = [] unless nginx[:configure_arguments] + nginx[:prefix] = nil unless nginx[:prefix] + nginx[:conf_path] = nil unless nginx[:conf_path] + + begin + so = shell_out("<%= @binary %> -V") + # Sample output: + # nginx version: nginx/1.10.1 + # built by clang 7.3.0 (clang-703.0.31) + # built with OpenSSL 1.0.2h 3 May 2016 + # TLS SNI support enabled + # configure arguments: --prefix=/usr/local/Cellar/nginx/1.10.1 --with-http_ssl_module --with-pcre --with-ipv6 --sbin-path=/usr/local/Cellar/nginx/1.10.1/bin/nginx --with-cc-opt='-I/usr/local/Cellar/pcre/8.38/include -I/usr/local/Cellar/openssl/1.0.2h_1/include' --with-ld-opt='-L/usr/local/Cellar/pcre/8.38/lib -L/usr/local/Cellar/openssl/1.0.2h_1/lib' --conf-path=/usr/local/etc/nginx/nginx.conf --pid-path=/usr/local/var/run/nginx.pid --lock-path=/usr/local/var/run/nginx.lock --http-client-body-temp-path=/usr/local/var/run/nginx/client_body_temp --http-proxy-temp-path=/usr/local/var/run/nginx/proxy_temp --http-fastcgi-temp-path=/usr/local/var/run/nginx/fastcgi_temp --http-uwsgi-temp-path=/usr/local/var/run/nginx/uwsgi_temp --http-scgi-temp-path=/usr/local/var/run/nginx/scgi_temp --http-log-path=/usr/local/var/log/nginx/access.log --error-log-path=/usr/local/var/log/nginx/error.log --with-http_gzip_static_module + + if so.exitstatus == 0 + so.stderr.split("\n").each do |line| + case line + when /^configure arguments:(.+)/ + # This could be better: I'm splitting on configure arguments which removes them and also + # adds a blank string at index 0 of the array. This is why we drop index 0 and map to + # add the '--' prefix back to the configure argument. + nginx[:configure_arguments] = Regexp.last_match(1).split(/\s--(?!param)/).drop(1).map { |ca| "--#{ca}" } + + prefix, conf_path = parse_flags(nginx[:configure_arguments]) + + nginx[:prefix] = prefix + nginx[:conf_path] = conf_path + when /^nginx version: nginx\/(\d+\.\d+\.\d+)/ + nginx[:version] = Regexp.last_match(1) + end + end + end + rescue + Ohai::Log.debug('Nginx plugin: Could not shell_out "<%= @binary %> -V"') + end + end +end diff --git a/cookbooks/nginx/templates/default/sv-nginx-log-run.erb b/cookbooks/chef_nginx/templates/default/sv-nginx-log-run.erb similarity index 100% rename from cookbooks/nginx/templates/default/sv-nginx-log-run.erb rename to cookbooks/chef_nginx/templates/default/sv-nginx-log-run.erb diff --git a/cookbooks/nginx/templates/default/sv-nginx-run.erb b/cookbooks/chef_nginx/templates/default/sv-nginx-run.erb similarity index 100% rename from cookbooks/nginx/templates/default/sv-nginx-run.erb rename to cookbooks/chef_nginx/templates/default/sv-nginx-run.erb diff --git a/cookbooks/nginx/templates/ubuntu/nginx.init.erb b/cookbooks/chef_nginx/templates/ubuntu/nginx.init.erb similarity index 98% rename from cookbooks/nginx/templates/ubuntu/nginx.init.erb rename to cookbooks/chef_nginx/templates/ubuntu/nginx.init.erb index 5a3711e..f058d78 100644 --- a/cookbooks/nginx/templates/ubuntu/nginx.init.erb +++ b/cookbooks/chef_nginx/templates/ubuntu/nginx.init.erb @@ -14,7 +14,7 @@ PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin DAEMON=<%= node['nginx']['binary'] %> NAME=nginx DESC=nginx -PID=<%= node['nginx']['pid'] %> +PID=<%= @pid_file %> # Include nginx defaults if available if [ -f /etc/default/nginx ]; then diff --git a/cookbooks/dmg/.foodcritic b/cookbooks/dmg/.foodcritic deleted file mode 100644 index 3318b2a..0000000 --- a/cookbooks/dmg/.foodcritic +++ /dev/null @@ -1,4 +0,0 @@ -~FC007 -~FC023 -~FC024 -~FC048 diff --git a/cookbooks/dmg/CHANGELOG.md b/cookbooks/dmg/CHANGELOG.md index 9eed8f2..0890748 100644 --- a/cookbooks/dmg/CHANGELOG.md +++ b/cookbooks/dmg/CHANGELOG.md @@ -2,6 +2,23 @@ This file is used to list changes made in each version of the dmg cookbook. +## 4.0.0 (2017-04-27) + +- Converted the existing LWRP to a custom resource which increases the required chef-client release to 12.5+ +- Added Test Kitchen config with private atlas boxes for 10.10 and 10.11 +- Added a test recipe to installed Tunnelblick +- Added an Inspec test to confirm that Tunnelblick actually installs +- Remove unused attributes and the entire attributes file +- Add a warning if you include the default recipe on your runlist +- Update specs to run on 10.12 and against the test recipe since dmg::default is empty and the existing spec tested nothing + +## 3.1.1 (2017-04-11) + +- Cookstyle updates +- Test with Local Delivery and not Rake +- Update apache2 license string +- Remove foodcritic exclusions + ## 3.1.0 (2017-01-18) - Fixed pkg,mpkg installation when it was using mounted app name while it was actually mounted under different name for some applications diff --git a/cookbooks/dmg/README.md b/cookbooks/dmg/README.md index 7cbbb13..cfe0f85 100644 --- a/cookbooks/dmg/README.md +++ b/cookbooks/dmg/README.md @@ -8,11 +8,11 @@ Resource to install OS X applications (.app) from dmg files. ### Platforms -- Mac OS X +- macOS ### Chef -- Chef 12.1+ +- Chef 12.5+ ### Cookbooks @@ -56,8 +56,8 @@ Install `/Applications/Tunnelblick.app` from the primary download site. ```ruby dmg_package 'Tunnelblick' do - source 'http://tunnelblick.googlecode.com/files/Tunnelblick_3.1.2.dmg' - checksum 'a3fae60b6833175f32df20c90cd3a3603a' + source 'https://tunnelblick.net/release/Tunnelblick_3.7.0_build_4790.dmg' + checksum '5053038aa8caf7dea66dcab11d6d240672216e6546eff4c2622e216c61af85e5' action :install end ``` @@ -129,7 +129,7 @@ end **Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io)) -**Copyright:** 2011-2015, Chef Software, Inc. +**Copyright:** 2011-2017, Chef Software, Inc. ``` Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/cookbooks/dmg/attributes/default.rb b/cookbooks/dmg/attributes/default.rb deleted file mode 100644 index e8cbfae..0000000 --- a/cookbooks/dmg/attributes/default.rb +++ /dev/null @@ -1,20 +0,0 @@ -# -# Cookbook:: dmg -# Attributes:: default -# -# Copyright:: 2011-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -default['dmg']['base_dir'] = '/Applications' -default['dmg']['cache_dir'] = Chef::Config[:file_cache_path] diff --git a/cookbooks/dmg/libraries/matchers.rb b/cookbooks/dmg/libraries/matchers.rb index 5b688c2..c66a086 100644 --- a/cookbooks/dmg/libraries/matchers.rb +++ b/cookbooks/dmg/libraries/matchers.rb @@ -2,7 +2,7 @@ # Cookbook:: dmg # Library:: matchers # -# Copyright:: 2014-2016, Fletcher Nichol +# Copyright:: 2014-2017, Fletcher Nichol # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/cookbooks/dmg/metadata.json b/cookbooks/dmg/metadata.json index 6e9e1e1..05ee917 100644 --- a/cookbooks/dmg/metadata.json +++ b/cookbooks/dmg/metadata.json @@ -1 +1 @@ -{"name":"dmg","version":"3.1.0","description":"LWRP to install OS X applications from dmgs","long_description":"# dmg Cookbook\n\n[![Build Status](https://travis-ci.org/chef-cookbooks/dmg.svg?branch=master)](https://travis-ci.org/chef-cookbooks/dmg) [![Cookbook Version](https://img.shields.io/cookbook/v/dmg.svg)](https://supermarket.chef.io/cookbooks/dmg)\n\nResource to install OS X applications (.app) from dmg files.\n\n## Requirements\n\n### Platforms\n\n- Mac OS X\n\n### Chef\n\n- Chef 12.1+\n\n### Cookbooks\n\n- none\n\n## Resources/Providers\n\n### dmg_package\n\nThis resource will install a DMG \"Package\". It will retrieve the DMG from a remote URL, mount it using OS X's `hdid`, copy the application (.app directory) to the specified destination (/Applications), and detach the image using `hdiutil`. The dmg file will be stored in the `Chef::Config[:file_cache_path]`. If you want to install an application that has already been downloaded (not using the `source` parameter), copy it to the appropriate location. You can find out what directory this is with the following command on the node to run chef:\n\n```bash\nknife exec -E 'p Chef::Config[:file_cache_path]' -c /etc/chef/client.rb\n```\n\nOptionally, the LWRP can install an \"mpkg\" or \"pkg\" package using installer(8).\n\n#### Actions\n\n- :install - Installs the application.\n\n#### Parameter attributes:\n\n- `app` - This is the name of the application used by default for the /Volumes directory and the .app directory copied to /Applications.\n- `source` - remote URL for the dmg to download if specified. Default is nil.\n- `file` - local dmg full file path. Default is nil.\n- `owner` - owner that should own the package installation.\n- `destination` - directory to copy the .app into. Default is /Applications.\n- `checksum` - sha256 checksum of the dmg to download. Default is nil.\n- `type` - type of package, \"app\", \"pkg\" or \"mpkg\". Default is \"app\". When using \"pkg\" or \"mpkg\", the destination must be /Applications.\n- `volumes_dir` - Directory under /Volumes where the dmg is mounted. Not all dmgs are mounted into a /Volumes location matching the name of the dmg. If not specified, this will use the name attribute.\n- `package_id` - Package id registered with pkgutil when a pkg or mpkg is installed\n- `dmg_name` - Specify the name of the dmg if it is not the same as `app`, or if the name has spaces.\n- `dmg_passphrase` - Specify a passphrase to use to unencrypt the dmg while mounting.\n- `accept_eula` - Specify whether to accept the EULA. Certain dmgs require acceptance of EULA before mounting. Can be true or false, defaults to false.\n- `headers` - Allows custom HTTP headers (like cookies) to be set on the remote_file resource.\n\n#### Examples\n\nInstall `/Applications/Tunnelblick.app` from the primary download site.\n\n```ruby\ndmg_package 'Tunnelblick' do\n source 'http://tunnelblick.googlecode.com/files/Tunnelblick_3.1.2.dmg'\n checksum 'a3fae60b6833175f32df20c90cd3a3603a'\n action :install\nend\n```\n\nInstall Google Chrome. Uses the `dmg_name` because the application name has spaces. Installs in `/Applications/Google Chrome.app`.\n\n```ruby\ndmg_package 'Google Chrome' do\n dmg_name 'googlechrome'\n source 'https://dl-ssl.google.com/chrome/mac/stable/GGRM/googlechrome.dmg'\n checksum '7daa2dc5c46d9bfb14f1d7ff4b33884325e5e63e694810adc58f14795165c91a'\n action :install\nend\n```\n\nInstall Dropbox. Uses `volumes_dir` because the mounted directory is different than the name of the application directory. Installs in `/Applications/Dropbox.app`.\n\n```ruby\ndmg_package 'Dropbox' do\n volumes_dir 'Dropbox Installer'\n source 'http://www.dropbox.com/download?plat=mac'\n checksum 'b4ea620ca22b0517b75753283ceb82326aca8bc3c86212fbf725de6446a96a13'\n action :install\nend\n```\n\nInstall MacIrssi to `~/Applications` from the local file downloaded to the cache path into an Applications directory in the current user's home directory. Chef should run as a non-root user for this.\n\n```ruby\ndirectory \"#{ENV['HOME']}/Applications\"\n\ndmg_package 'MacIrssi' do\n destination \"#{ENV['HOME']}/Applications\"\n action :install\nend\n```\n\nInstall Virtualbox to `/Applications` from the .mpkg:\n\n```ruby\ndmg_package 'Virtualbox' do\n source 'http://dlc.sun.com.edgesuite.net/virtualbox/4.0.8/VirtualBox-4.0.8-71778-OSX.dmg'\n type 'mpkg'\nend\n```\n\nInstall pgAdmin to `/Applications` and automatically accept the EULA:\n\n```ruby\ndmg_package 'pgAdmin3' do\n source 'http://wwwmaster.postgresql.org/redir/198/h/pgadmin3/release/v1.12.3/osx/pgadmin3-1.12.3.dmg'\n checksum '9435f79d5b52d0febeddfad392adf82db9df159196f496c1ab139a6957242ce9'\n accept_eula true\nend\n```\n\nInstall Silverlight, with idempotence check based on pkgutil:\n\n```ruby\ndmg_package 'Silerlight' do\n source 'http://silverlight.dlservice.microsoft.com/download/D/C/2/DC2D5838-9138-4D25-AA92-52F61F7C51E6/runtime/Silverlight.dmg'\n type 'pkg'\n checksum '6d4a0ad4552d9815531463eb3f467fb8cf4bffcc'\n package_id 'com.microsoft.installSilverlightPlugin'\nend\n```\n\n## License & Authors\n\n**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io))\n\n**Copyright:** 2011-2015, Chef Software, Inc.\n\n```\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Chef Software, Inc","maintainer_email":"cookbooks@chef.io","license":"Apache 2.0","platforms":{"mac_os_x":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{}} \ No newline at end of file +{"name":"dmg","version":"4.0.0","description":"Resource for installing macOS applications from DMGs","long_description":"# dmg Cookbook\n\n[![Build Status](https://travis-ci.org/chef-cookbooks/dmg.svg?branch=master)](https://travis-ci.org/chef-cookbooks/dmg) [![Cookbook Version](https://img.shields.io/cookbook/v/dmg.svg)](https://supermarket.chef.io/cookbooks/dmg)\n\nResource to install OS X applications (.app) from dmg files.\n\n## Requirements\n\n### Platforms\n\n- macOS\n\n### Chef\n\n- Chef 12.5+\n\n### Cookbooks\n\n- none\n\n## Resources/Providers\n\n### dmg_package\n\nThis resource will install a DMG \"Package\". It will retrieve the DMG from a remote URL, mount it using OS X's `hdid`, copy the application (.app directory) to the specified destination (/Applications), and detach the image using `hdiutil`. The dmg file will be stored in the `Chef::Config[:file_cache_path]`. If you want to install an application that has already been downloaded (not using the `source` parameter), copy it to the appropriate location. You can find out what directory this is with the following command on the node to run chef:\n\n```bash\nknife exec -E 'p Chef::Config[:file_cache_path]' -c /etc/chef/client.rb\n```\n\nOptionally, the LWRP can install an \"mpkg\" or \"pkg\" package using installer(8).\n\n#### Actions\n\n- :install - Installs the application.\n\n#### Parameter attributes:\n\n- `app` - This is the name of the application used by default for the /Volumes directory and the .app directory copied to /Applications.\n- `source` - remote URL for the dmg to download if specified. Default is nil.\n- `file` - local dmg full file path. Default is nil.\n- `owner` - owner that should own the package installation.\n- `destination` - directory to copy the .app into. Default is /Applications.\n- `checksum` - sha256 checksum of the dmg to download. Default is nil.\n- `type` - type of package, \"app\", \"pkg\" or \"mpkg\". Default is \"app\". When using \"pkg\" or \"mpkg\", the destination must be /Applications.\n- `volumes_dir` - Directory under /Volumes where the dmg is mounted. Not all dmgs are mounted into a /Volumes location matching the name of the dmg. If not specified, this will use the name attribute.\n- `package_id` - Package id registered with pkgutil when a pkg or mpkg is installed\n- `dmg_name` - Specify the name of the dmg if it is not the same as `app`, or if the name has spaces.\n- `dmg_passphrase` - Specify a passphrase to use to unencrypt the dmg while mounting.\n- `accept_eula` - Specify whether to accept the EULA. Certain dmgs require acceptance of EULA before mounting. Can be true or false, defaults to false.\n- `headers` - Allows custom HTTP headers (like cookies) to be set on the remote_file resource.\n\n#### Examples\n\nInstall `/Applications/Tunnelblick.app` from the primary download site.\n\n```ruby\ndmg_package 'Tunnelblick' do\n source 'https://tunnelblick.net/release/Tunnelblick_3.7.0_build_4790.dmg'\n checksum '5053038aa8caf7dea66dcab11d6d240672216e6546eff4c2622e216c61af85e5'\n action :install\nend\n```\n\nInstall Google Chrome. Uses the `dmg_name` because the application name has spaces. Installs in `/Applications/Google Chrome.app`.\n\n```ruby\ndmg_package 'Google Chrome' do\n dmg_name 'googlechrome'\n source 'https://dl-ssl.google.com/chrome/mac/stable/GGRM/googlechrome.dmg'\n checksum '7daa2dc5c46d9bfb14f1d7ff4b33884325e5e63e694810adc58f14795165c91a'\n action :install\nend\n```\n\nInstall Dropbox. Uses `volumes_dir` because the mounted directory is different than the name of the application directory. Installs in `/Applications/Dropbox.app`.\n\n```ruby\ndmg_package 'Dropbox' do\n volumes_dir 'Dropbox Installer'\n source 'http://www.dropbox.com/download?plat=mac'\n checksum 'b4ea620ca22b0517b75753283ceb82326aca8bc3c86212fbf725de6446a96a13'\n action :install\nend\n```\n\nInstall MacIrssi to `~/Applications` from the local file downloaded to the cache path into an Applications directory in the current user's home directory. Chef should run as a non-root user for this.\n\n```ruby\ndirectory \"#{ENV['HOME']}/Applications\"\n\ndmg_package 'MacIrssi' do\n destination \"#{ENV['HOME']}/Applications\"\n action :install\nend\n```\n\nInstall Virtualbox to `/Applications` from the .mpkg:\n\n```ruby\ndmg_package 'Virtualbox' do\n source 'http://dlc.sun.com.edgesuite.net/virtualbox/4.0.8/VirtualBox-4.0.8-71778-OSX.dmg'\n type 'mpkg'\nend\n```\n\nInstall pgAdmin to `/Applications` and automatically accept the EULA:\n\n```ruby\ndmg_package 'pgAdmin3' do\n source 'http://wwwmaster.postgresql.org/redir/198/h/pgadmin3/release/v1.12.3/osx/pgadmin3-1.12.3.dmg'\n checksum '9435f79d5b52d0febeddfad392adf82db9df159196f496c1ab139a6957242ce9'\n accept_eula true\nend\n```\n\nInstall Silverlight, with idempotence check based on pkgutil:\n\n```ruby\ndmg_package 'Silerlight' do\n source 'http://silverlight.dlservice.microsoft.com/download/D/C/2/DC2D5838-9138-4D25-AA92-52F61F7C51E6/runtime/Silverlight.dmg'\n type 'pkg'\n checksum '6d4a0ad4552d9815531463eb3f467fb8cf4bffcc'\n package_id 'com.microsoft.installSilverlightPlugin'\nend\n```\n\n## License & Authors\n\n**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io))\n\n**Copyright:** 2011-2017, Chef Software, Inc.\n\n```\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache-2.0","platforms":{"mac_os_x":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/chef-cookbooks/dmg","issues_url":"https://github.com/chef-cookbooks/dmg/issues","chef_version":[[">= 12.5"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/dmg/providers/package.rb b/cookbooks/dmg/providers/package.rb deleted file mode 100644 index ac0bb9a..0000000 --- a/cookbooks/dmg/providers/package.rb +++ /dev/null @@ -1,95 +0,0 @@ -# -# Cookbook:: dmg -# Provider:: package -# -# Copyright:: 2011-2016, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -include Chef::Mixin::ShellOut - -use_inline_resources if defined?(use_inline_resources) - -def load_current_resource - @dmgpkg = Chef::Resource::DmgPackage.new(new_resource.name) - @dmgpkg.app(new_resource.app) - Chef::Log.debug("Checking for application #{new_resource.app}") - @dmgpkg.installed(installed?) -end - -action :install do - unless @dmgpkg.installed - - volumes_dir = new_resource.volumes_dir ? new_resource.volumes_dir : new_resource.app - dmg_name = new_resource.dmg_name ? new_resource.dmg_name : new_resource.app - - dmg_file = if new_resource.file.nil? - "#{Chef::Config[:file_cache_path]}/#{dmg_name}.dmg" - else - new_resource.file - end - - remote_file "#{dmg_file} - #{@dmgpkg.name}" do - path dmg_file - source new_resource.source - headers new_resource.headers if new_resource.headers - checksum new_resource.checksum if new_resource.checksum - end if new_resource.source - - passphrase_cmd = new_resource.dmg_passphrase ? "-passphrase #{new_resource.dmg_passphrase}" : '' - ruby_block "attach #{dmg_file}" do - block do - cmd = shell_out("hdiutil imageinfo #{passphrase_cmd} '#{dmg_file}' | grep -q 'Software License Agreement: true'") - software_license_agreement = cmd.exitstatus.zero? - raise "Requires EULA Acceptance; add 'accept_eula true' to package resource" if software_license_agreement && !new_resource.accept_eula - accept_eula_cmd = new_resource.accept_eula ? 'echo Y | PAGER=true' : '' - shell_out!("#{accept_eula_cmd} hdiutil attach #{passphrase_cmd} '#{dmg_file}' -mountpoint '/Volumes/#{volumes_dir}' -quiet") - end - not_if "hdiutil info #{passphrase_cmd} | grep -q 'image-path.*#{dmg_file}'" - end - - case new_resource.type - when 'app' - execute "rsync --force --recursive --links --perms --executability --owner --group --times '/Volumes/#{volumes_dir}/#{new_resource.app}.app' '#{new_resource.destination}'" do - user new_resource.owner if new_resource.owner - end - - file "#{new_resource.destination}/#{new_resource.app}.app/Contents/MacOS/#{new_resource.app}" do - mode '755' - ignore_failure true - end - when 'mpkg', 'pkg' - execute "installation_file=$(ls '/Volumes/#{volumes_dir}' | grep '.#{new_resource.type}$') && sudo installer -pkg \"/Volumes/#{volumes_dir}/$installation_file\" -target /" do - # Prevent cfprefsd from holding up hdiutil detach for certain disk images - environment('__CFPREFERENCES_AVOID_DAEMON' => '1') if Gem::Version.new(node['platform_version']) >= Gem::Version.new('10.8') - end - end - - execute "hdiutil detach '/Volumes/#{volumes_dir}' || hdiutil detach '/Volumes/#{volumes_dir}' -force" - end -end - -private - -def installed? - if ::File.directory?("#{new_resource.destination}/#{new_resource.app}.app") - Chef::Log.info "Already installed; to upgrade, remove \"#{new_resource.destination}/#{new_resource.app}.app\"" - true - elsif shell_out("pkgutil --pkgs='#{new_resource.package_id}'").exitstatus.zero? - Chef::Log.info "Already installed; to upgrade, try \"sudo pkgutil --forget '#{new_resource.package_id}'\"" - true - else - false - end -end diff --git a/cookbooks/dmg/recipes/default.rb b/cookbooks/dmg/recipes/default.rb index 017b9d8..2690d0c 100644 --- a/cookbooks/dmg/recipes/default.rb +++ b/cookbooks/dmg/recipes/default.rb @@ -1,8 +1,8 @@ # -# Cookbook Name:: dmg +# Cookbook:: dmg # Recipe:: default # -# Copyright 2011-2016, Chef Software, Inc. +# Copyright:: 2011-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,3 +16,5 @@ # See the License for the specific language governing permissions and # limitations under the License. # + +Chef::Log.warn('The dmg::default recipe does not contain any resources and should not be applied to a node') diff --git a/cookbooks/dmg/resources/package.rb b/cookbooks/dmg/resources/package.rb index 4d1a2d8..8a3a089 100644 --- a/cookbooks/dmg/resources/package.rb +++ b/cookbooks/dmg/resources/package.rb @@ -1,8 +1,9 @@ -# Encoding: utf-8 +# +# Author:: Joshua Timberman () # Cookbook:: dmg # Resource:: package # -# Copyright:: 2011-2016, Joshua Timberman +# Copyright:: 2011-2017, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,24 +17,82 @@ # See the License for the specific language governing permissions and # limitations under the License. # -actions :install -attribute :app, kind_of: String, name_attribute: true -attribute :source, kind_of: String, default: nil -attribute :file, kind_of: String, default: nil -attribute :owner, kind_of: String, default: nil -attribute :destination, kind_of: String, default: '/Applications' -attribute :checksum, kind_of: String, default: nil -attribute :volumes_dir, kind_of: String, default: nil -attribute :dmg_name, kind_of: String, default: nil -attribute :type, kind_of: String, default: 'app' -attribute :installed, kind_of: [TrueClass, FalseClass], default: false -attribute :package_id, kind_of: String, default: nil -attribute :dmg_passphrase, kind_of: String, default: nil -attribute :accept_eula, kind_of: [TrueClass, FalseClass], default: false -attribute :headers, kind_of: Hash, default: nil +property :app, String, name_property: true +property :source, String +property :file, String +property :owner, String +property :destination, String, default: '/Applications' +property :checksum, String +property :volumes_dir, String +property :dmg_name, String +property :type, String, default: 'app' +property :installed, [true, false], default: false, desired_state: false +property :package_id, String +property :dmg_passphrase, String +property :accept_eula, [true, false], default: false +property :headers, [Hash, nil], default: nil -def initialize(name, run_context = nil) - super - @action = :install +load_current_value do |new_resource| + if ::File.directory?("#{new_resource.destination}/#{new_resource.app}.app") + Chef::Log.info "Already installed; to upgrade, remove \"#{new_resource.destination}/#{new_resource.app}.app\"" + installed true + elsif shell_out("pkgutil --pkgs='#{new_resource.package_id}'").exitstatus == 0 + Chef::Log.info "Already installed; to upgrade, try \"sudo pkgutil --forget '#{new_resource.package_id}'\"" + installed true + else + installed false + end +end + +action :install do + unless current_resource.installed + + volumes_dir = new_resource.volumes_dir ? new_resource.volumes_dir : new_resource.app + dmg_name = new_resource.dmg_name ? new_resource.dmg_name : new_resource.app + + dmg_file = if new_resource.file.nil? + "#{Chef::Config[:file_cache_path]}/#{dmg_name}.dmg" + else + new_resource.file + end + + remote_file "#{dmg_file} - #{new_resource.name}" do + path dmg_file + source new_resource.source + headers new_resource.headers if new_resource.headers + checksum new_resource.checksum if new_resource.checksum + end if new_resource.source + + passphrase_cmd = new_resource.dmg_passphrase ? "-passphrase #{new_resource.dmg_passphrase}" : '' + ruby_block "attach #{dmg_file}" do + block do + cmd = shell_out("hdiutil imageinfo #{passphrase_cmd} '#{dmg_file}' | grep -q 'Software License Agreement: true'") + software_license_agreement = cmd.exitstatus == 0 + raise "Requires EULA Acceptance; add 'accept_eula true' to package resource" if software_license_agreement && !new_resource.accept_eula + accept_eula_cmd = new_resource.accept_eula ? 'echo Y | PAGER=true' : '' + shell_out!("#{accept_eula_cmd} hdiutil attach #{passphrase_cmd} '#{dmg_file}' -mountpoint '/Volumes/#{volumes_dir}' -quiet") + end + not_if "hdiutil info #{passphrase_cmd} | grep -q 'image-path.*#{dmg_file}'" + end + + case new_resource.type + when 'app' + execute "rsync --force --recursive --links --perms --executability --owner --group --times '/Volumes/#{volumes_dir}/#{new_resource.app}.app' '#{new_resource.destination}'" do + user new_resource.owner if new_resource.owner + end + + declare_resource(:file, "#{new_resource.destination}/#{new_resource.app}.app/Contents/MacOS/#{new_resource.app}") do + mode '755' + ignore_failure true + end + when 'mpkg', 'pkg' + execute "installation_file=$(ls '/Volumes/#{volumes_dir}' | grep '.#{new_resource.type}$') && sudo installer -pkg \"/Volumes/#{volumes_dir}/$installation_file\" -target /" do + # Prevent cfprefsd from holding up hdiutil detach for certain disk images + environment('__CFPREFERENCES_AVOID_DAEMON' => '1') + end + end + + execute "hdiutil detach '/Volumes/#{volumes_dir}' || hdiutil detach '/Volumes/#{volumes_dir}' -force" + end end diff --git a/cookbooks/mediawiki/metadata.rb b/cookbooks/mediawiki/metadata.rb index 169fb66..cafb353 100644 --- a/cookbooks/mediawiki/metadata.rb +++ b/cookbooks/mediawiki/metadata.rb @@ -3,13 +3,13 @@ maintainer 'pulsation' license 'BSD' description 'Installs/Configures mediawiki' long_description 'Installs/Configures mediawiki' -version '0.2.0' +version '0.3.0' depends 'apache2' depends 'php' depends 'mysql' depends 'database' -depends 'nginx' +depends 'chef_nginx' depends 'mysql2_chef_gem' depends 'php-fpm' diff --git a/cookbooks/mediawiki/recipes/nginx.rb b/cookbooks/mediawiki/recipes/nginx.rb index 22ff455..47bf189 100644 --- a/cookbooks/mediawiki/recipes/nginx.rb +++ b/cookbooks/mediawiki/recipes/nginx.rb @@ -25,7 +25,7 @@ php_fpm_pool "mediawiki" do end include_recipe "php::module_mysql" -include_recipe "nginx" +include_recipe "chef_nginx" directory node["mediawiki"]["docroot_dir"] do user node['nginx']['user'] diff --git a/cookbooks/nginx/CHANGELOG.md b/cookbooks/nginx/CHANGELOG.md deleted file mode 100644 index 8d5122b..0000000 --- a/cookbooks/nginx/CHANGELOG.md +++ /dev/null @@ -1,435 +0,0 @@ -nginx Cookbook CHANGELOG -======================== -This file is used to list changes made in each version of the nginx cookbook. - -v2.7.6 / 2015-03-17 -================== - - * Bugfix sites do not need a .conf suffix anymore, [#338][] [@runningman84][] - -v2.7.5 (2015-03-17) -------------------- -**NOTE** As of this release, this cookbook in its current format is deprecated, -and only critical bugs and fixes will be added. -A complete rewrite is in progress, so we appreciate your patience while we sort things out. -The amount of change included here - -* Fix nginx 1.4.4 archive checksum to prevent redownload, [#305][] [@irontoby][] -* Allow setting an empty string to prevent additional repos, [#243][] [@miketheman][] -* Use correct `mime.types` for javascript, [#259][] [@dwradcliffe][] -* Fix `headers_more` module for source installs, [#279][], [@josh-padnick][] & [@miketheman][] -* Remove `libtool` from `geoip` and update download paths & checksums, [@miketheman][] -* Fix unquoted URL with params failing geoip module build (and tests!), [#294][] [@karsten-bruckmann][] & [@miketheman][] -* Fix typo in `source.rb`, [#205][] [@gregkare][] -* Test updates: ChefSpec, test-kitchen. Lots of help by [@jujugrrr][] -* Toolchain updates for testing -* Adds support for `tcp_nopush`, `tcp_nodelay` [@shtouff][] - -After merging a ton of pull requests, here's a brief changelog. Click each to read more. - -* Merge pull request [#335][] from [@stevenolen][] -* Merge pull request [#332][] from [@monsterstrike][] -* Merge pull request [#331][] from [@jalberto][] -* Merge pull request [#327][] from [@nkadel-skyhook][] -* Merge pull request [#326][] from [@bchrobot][] -* Merge pull request [#325][] from [@CanOfSpam3bug324][] -* Merge pull request [#321][] from [@jalberto][] -* Merge pull request [#318][] from [@evertrue][] -* Merge pull request [#314][] from [@bkw][] -* Merge pull request [#312][] from [@thomasmeeus][] -* Merge pull request [#310][] from [@morr][] -* Merge pull request [#305][] from [@irontoby][] -* Merge pull request [#302][] from [@auth0][] -* Merge pull request [#298][] from [@Mytho][] -* Merge pull request [#269][] from [@yveslaroche][] -* Merge pull request [#259][] from [@dwradcliffe][] -* Merge pull request [#254][] from [@evertrue][] -* Merge pull request [#252][] from [@gkra][] -* Merge pull request [#249][] from [@whatcould][] -* Merge pull request [#240][] from [@jcoleman][] -* Merge pull request [#236][] from [@adepue][] -* Merge pull request [#230][] from [@n1koo][] -* Merge pull request [#225][] from [@thommay][] -* Merge pull request [#223][] from [@firmhouse][] -* Merge pull request [#220][] from [@evertrue][] -* Merge pull request [#219][] from [@evertrue][] -* Merge pull request [#204][] from [@usertesting][] -* Merge pull request [#200][] from [@ffuenf][] -* Merge pull request [#188][] from [@larkin][] -* Merge pull request [#184][] from [@tvdinner][] -* Merge pull request [#183][] from [@jenssegers][] -* Merge pull request [#174][] from [@9minutesnooze][] - -https://github.com/miketheman/nginx/compare/v2.7.4...v2.7.5 - -v2.7.4 (2014-06-06) -------------------- -* [COOK-4703] Default openssl version to 1.0.1h to address CVE-2014-0224 - - -v2.7.2 (2014-05-27) -------------------- - -- [COOK-4658] - Nginx::socketproxy if the context is blank or nonexistent, the location in the config file has a double slash at the beginning -- [COOK-4644] - add support to nginx::repo for Amazon Linux -- Allow .kitchen.cloud.yml to use an environment variable for the EC2 Availability Zone - - -v2.7.0 (2014-05-15) -------------------- -- [COOK-4643] - Update metadata lock on ohai -- [COOK-4588] - Give more love to FreeBSD -- [COOK-4601] - Add proxy type: Socket - - -v2.6.2 (2014-04-09) -------------------- -[COOK-4527] - set default openssl source version to 1.0.1g to address CVE-2014-0160 aka Heartbleed - - -v2.6.0 (2014-04-08) -------------------- -- Reverting COOK-4323 - - -v2.5.0 (2014-03-27) -------------------- -- [COOK-4323] - Need a resource to easily configure available sites (vhosts) - - -v2.4.4 (2014-03-13) -------------------- -- Updating for build-essential 2.0 - - -v2.4.2 (2014-02-28) -------------------- -Fixing bad commit from COOK-4330 - - -v2.4.1 (2014-02-27) -------------------- -- [COOK-4345] - nginx default recipe include install type recipe directly - - -v2.4.0 (2014-02-27) -------------------- -- [COOK-4380] - kitchen.yml platform listings for ubuntu-10.04 and ubuntu-12.04 are missing the dot -- [COOK-4330] - Bump nginx version for security issues (CVE-2013-0337, CVE-2013-4547) - - -v2.3.0 (2014-02-25) -------------------- -- **[COOK-4293](https://tickets.chef.io/browse/COOK-4293)** - Update testing Gems in nginx and fix a rubocop warnings -- **[COOK-4237] - Nginx version incorrectly parsed on Ubuntu 13 -- **[COOK-3866] - Nginx default site folder - - -v2.2.2 (2014-01-23) -------------------- -[COOK-3672] - Add gzip_static option - - -v2.2.0 ------- -No changes. Version bump for toolchain - - -v2.1.0 ------- -[COOK-3923] - Enable the list of packages installed by nginx::passenger to be configurable -[COOK-3672] - Nginx should support the gzip_static option -Updating for yum ~> 3.0 -Fixing up style for rubocop -Updating test-kitchen harness - - -v2.0.8 ------- -fixing metadata version error. locking to 3.0 - - -v2.0.6 ------- -Locking yum dependency to '< 3' - - -v2.0.4 ------- -### Bug -- **[COOK-3808](https://tickets.chef.io/browse/COOK-3808)** - nginx::passenger run fails because of broken installation of package dependencies -- **[COOK-3779](https://tickets.chef.io/browse/COOK-3779)** - Build in master fails due to rubocop error - - -v2.0.2 ------- -### Bug -- **[COOK-3808](https://tickets.chef.io/browse/COOK-3808)** - nginx::passenger run fails because of broken installation of package dependencies -- **[COOK-3779](https://tickets.chef.io/browse/COOK-3779)** - Build in master fails due to rubocop error - - -v2.0.0 ------- -### Improvement -- **[COOK-3733](https://tickets.chef.io/browse/COOK-3733)** - Add RPM key names and GPG checking -- **[COOK-3687](https://tickets.chef.io/browse/COOK-3687)** - Add support for `http_perl` -- **[COOK-3603](https://tickets.chef.io/browse/COOK-3603)** - Add a recipe for using custom openssl -- **[COOK-3602](https://tickets.chef.io/browse/COOK-3602)** - Use an attribute for the status module port -- **[COOK-3549](https://tickets.chef.io/browse/COOK-3549)** - Refactor custom modules support -- **[COOK-3521](https://tickets.chef.io/browse/COOK-3521)** - Add support for `http_auth_request` -- **[COOK-3520](https://tickets.chef.io/browse/COOK-3520)** - Add support for `spdy` -- **[COOK-3185](https://tickets.chef.io/browse/COOK-3185)** - Add `gzip_*` attributes -- **[COOK-2712](https://tickets.chef.io/browse/COOK-2712)** - Update `upload_progress` version to 0.9.0 - -### Bug -- **[COOK-3686](https://tickets.chef.io/browse/COOK-3686)** - Remove deprecated 'passenger_use_global_queue' directive -- **[COOK-3626](https://tickets.chef.io/browse/COOK-3626)** - Parameterize hardcoded path to helper scripts -- **[COOK-3571](https://tickets.chef.io/browse/COOK-3571)** - Reloda ohai plugin after installation -- **[COOK-3428](https://tickets.chef.io/browse/COOK-3428)** - Fix an issue where access logs are not disabled when the `disable_access_log` attribute is set to `true` -- **[COOK-3322](https://tickets.chef.io/browse/COOK-3322)** - Fix an issue where `nginx::ohai_plugin` fails when using source recipe -- **[COOK-3241](https://tickets.chef.io/browse/COOK-3241)** - Fix an issue where`nginx::ohai_plugin` fails unless using source recipe - -### New Feature -- **[COOK-3605](https://tickets.chef.io/browse/COOK-3605)** - Add Lua module - - -v1.8.0 ------- -### Bug -- **[COOK-3397](https://tickets.chef.io/browse/COOK-3397)** - Fix user from nginx package on Gentoo -- **[COOK-2968](https://tickets.chef.io/browse/COOK-2968)** - Fix foodcritic failure -- **[COOK-2723](https://tickets.chef.io/browse/COOK-2723)** - Remove duplicate passenger `max_pool_size` - -### Improvement -- **[COOK-3186](https://tickets.chef.io/browse/COOK-3186)** - Add `client_body_buffer_size` and `server_tokens attributes` -- **[COOK-3080](https://tickets.chef.io/browse/COOK-3080)** - Add rate-limiting support -- **[COOK-2927](https://tickets.chef.io/browse/COOK-2927)** - Add support for `real_ip_recursive` directive -- **[COOK-2925](https://tickets.chef.io/browse/COOK-2925)** - Fix ChefSpec converge -- **[COOK-2724](https://tickets.chef.io/browse/COOK-2724)** - Automatically create directory for PID file -- **[COOK-2472](https://tickets.chef.io/browse/COOK-2472)** - Bump nginx version to 1.2.9 -- **[COOK-2312](https://tickets.chef.io/browse/COOK-2312)** - Add additional `mine_types` to the `gzip_types` value - -### New Feature -- **[COOK-3183](https://tickets.chef.io/browse/COOK-3183)** - Allow inclusion in extra-cookbook modules - -v1.7.0 ------- -### Improvement -- [COOK-3030]: The repo_source attribute should allow you to not add any additional repositories to your node - -### Sub-task -- [COOK-2738]: move nginx::passenger attributes to `nginx/attributes/passenger.rb` - -v1.6.0 ------- -### Task -- [COOK-2409]: update nginx::source recipe for new `runit_service` resource -- [COOK-2877]: update nginx cookbook test-kitchen support to 1.0 (alpha) - -### Improvement -- [COOK-1976]: nginx source should be able to configure binary path -- [COOK-2622]: nginx: add upstart support -- [COOK-2725]: add "configtest" subcommand in initscript - -### Bug -- [COOK-2398]: nginx_site definition cannot be used to manage the default site -- [COOK-2493]: Resources in nginx::source recipe always use 1.2.6 version, even overriding version attribute -- [COOK-2531]: Remove usage of non-existant attribute "description" for `apt_repository` -- [COOK-2665]: nginx::source install with custom sbin_path breaks ohai data - -v1.4.0 ------- -- [COOK-2183] - Install nginx package from nginxyum repo -- [COOK-2311] - headers-more should be updated to the latest version -- [COOK-2455] - Support sendfile option (nginx.conf) - -v1.3.0 ------- -- [COOK-1979] - Passenger module requires curl-dev(el) -- [COOK-2219] - Support `proxy_read_timeout` (in nginx.conf) -- [COOK-2220] - Support `client_max_body_size` (in nginx.conf) -- [COOK-2280] - Allow custom timing of nginx_site's reload notification -- [COOK-2304] - nginx cookbook should install 1.2.6 not 1.2.3 for source installs -- [COOK-2309] - checksums for geoip files need to be updated in nginx -- [COOK-2310] - Checksum in the `nginx::upload_progress` recipe is not correct -- [COOK-2314] - nginx::passenger: Install the latest version of passenger -- [COOK-2327] - nginx: passenger recipe should find ruby via Ohai -- [COOK-2328] - nginx: Update mime.types file to the latest -- [COOK-2329] - nginx: Update naxsi rules to the current - -v1.2.0 ------- -- [COOK-1752] - Add headers more module to the nginx cookbook -- [COOK-2209] - nginx source recipe should create web user before creating directories -- [COOK-2221] - make nginx::source compatible with gentoo -- [COOK-2267] - add version for runit recommends - -v1.1.4 ------- -- [COOK-2168] - specify package name as an attribute - -v1.1.2 ------- -- [COOK-1766] - Nginx Source Recipe Rebuilding Source at Every Run -- [COOK-1910] - Add IPv6 module -- [COOK-1966] - nginx cookbook should let you set `gzip_vary` and `gzip_buffers` in nginx.conf -- [COOK-1969]- - nginx::passenger module not included due to use of symbolized `:nginx_configure_flags` -- [COOK-1971] - Template passenger.conf.erb configures key `passenger_max_pool_size` 2 times -- [COOK-1972] - nginx::source compile_nginx_source reports success in spite of failed compilation -- [COOK-1975] - nginx::passenger requires rake gem -- [COOK-1979] - Passenger module requires curl-dev(el) -- [COOK-2080] - Restart nginx on source compilation - -v1.1.0 ------- -- [COOK-1263] - Nginx log (and possibly other) directory creations should be recursive -- [COOK-1515] - move creation of `node['nginx']['dir']` out of commons.rb -- [COOK-1523] - nginx `http_geoip_module` requires libtoolize -- [COOK-1524] - nginx checksums are md5 -- [COOK-1641] - add "use", "`multi_accept`" and "`worker_rlimit_nofile`" to nginx cookbook -- [COOK-1683] - Nginx fails Windows nodes just by being required in metadata -- [COOK-1735] - Support Amazon Linux in nginx::source recipe -- [COOK-1753] - Add ability for nginx::passenger recipe to configure more Passenger global settings -- [COOK-1754] - Allow group to be set in nginx.conf file -- [COOK-1770] - nginx cookbook fails on servers that don't have a "cpu" attribute -- [COOK-1781] - Use 'sv' to reload nginx when using runit -- [COOK-1789] - stop depending on bluepill, runit and yum. they are not required by nginx cookbook -- [COOK-1791] - add name attribute to metadata -- [COOK-1837] - nginx::passenger doesn't work on debian family -- [COOK-1956] - update naxsi version due to incompatibility with newer nginx - -v1.0.2 ------- -- [COOK-1636] - relax the version constraint on ohai - -v1.0.0 ------- -- [COOK-913] - defaults for gzip cause warning on service restart -- [COOK-1020] - duplicate MIME type -- [COOK-1269] - add passenger module support through new recipe -- [COOK-1306] - increment nginx version to 1.2 (now 1.2.3) -- [COOK-1316] - default site should not always be enabled -- [COOK-1417] - resolve errors preventing build from source -- [COOK-1483] - source prefix attribute has no effect -- [COOK-1484] - source relies on /etc/sysconfig -- [COOK-1511] - add support for naxsi module -- [COOK-1525] - nginx source is downloaded every time -- [COOK-1526] - nginx_site does not remove sites -- [COOK-1527] - add `http_echo_module` recipe - -v0.101.6 --------- -Erroneous cookbook upload due to timeout. - -Version #'s are cheap. - -v0.101.4 --------- -- [COOK-1280] - Improve RHEL family support and fix ohai_plugins recipe bug -- [COOK-1194] - allow installation method via attribute -- [COOK-458] - fix duplicate nginx processes - -v0.101.2 --------- -* [COOK-1211] - include the default attributes explicitly so version is available. - -v0.101.0 --------- -**Attribute Change**: `node['nginx']['url']` -> `node['nginx']['source']['url']`; see the README.md. - -- [COOK-1115] - daemonize when using init script -- [COOK-477] - module compilation support in nginx::source - -v0.100.4 --------- -- [COOK-1126] - source version bump to 1.0.14 - -v0.100.2 --------- -- [COOK-1053] - Add :url attribute to nginx cookbook - -v0.100.0 --------- -- [COOK-818] - add "application/json" per RFC. -- [COOK-870] - bluepill init style support -- [COOK-957] - Compress application/javascript. -- [COOK-981] - Add reload support to NGINX service - -v0.99.2 -------- -- [COOK-809] - attribute to disable access logging -- [COOK-772] - update nginx download source location - - -[#174]: https://github.com/miketheman/nginx/issues/174 -[#183]: https://github.com/miketheman/nginx/issues/183 -[#184]: https://github.com/miketheman/nginx/issues/184 -[#188]: https://github.com/miketheman/nginx/issues/188 -[#200]: https://github.com/miketheman/nginx/issues/200 -[#204]: https://github.com/miketheman/nginx/issues/204 -[#205]: https://github.com/miketheman/nginx/issues/205 -[#219]: https://github.com/miketheman/nginx/issues/219 -[#220]: https://github.com/miketheman/nginx/issues/220 -[#223]: https://github.com/miketheman/nginx/issues/223 -[#225]: https://github.com/miketheman/nginx/issues/225 -[#230]: https://github.com/miketheman/nginx/issues/230 -[#236]: https://github.com/miketheman/nginx/issues/236 -[#240]: https://github.com/miketheman/nginx/issues/240 -[#243]: https://github.com/miketheman/nginx/issues/243 -[#249]: https://github.com/miketheman/nginx/issues/249 -[#252]: https://github.com/miketheman/nginx/issues/252 -[#254]: https://github.com/miketheman/nginx/issues/254 -[#259]: https://github.com/miketheman/nginx/issues/259 -[#269]: https://github.com/miketheman/nginx/issues/269 -[#279]: https://github.com/miketheman/nginx/issues/279 -[#294]: https://github.com/miketheman/nginx/issues/294 -[#298]: https://github.com/miketheman/nginx/issues/298 -[#302]: https://github.com/miketheman/nginx/issues/302 -[#305]: https://github.com/miketheman/nginx/issues/305 -[#310]: https://github.com/miketheman/nginx/issues/310 -[#312]: https://github.com/miketheman/nginx/issues/312 -[#314]: https://github.com/miketheman/nginx/issues/314 -[#318]: https://github.com/miketheman/nginx/issues/318 -[#321]: https://github.com/miketheman/nginx/issues/321 -[#325]: https://github.com/miketheman/nginx/issues/325 -[#326]: https://github.com/miketheman/nginx/issues/326 -[#327]: https://github.com/miketheman/nginx/issues/327 -[#331]: https://github.com/miketheman/nginx/issues/331 -[#332]: https://github.com/miketheman/nginx/issues/332 -[#335]: https://github.com/miketheman/nginx/issues/335 -[#338]: https://github.com/miketheman/nginx/issues/338 -[@9minutesnooze]: https://github.com/9minutesnooze -[@CanOfSpam3bug324]: https://github.com/CanOfSpam3bug324 -[@Mytho]: https://github.com/Mytho -[@adepue]: https://github.com/adepue -[@auth0]: https://github.com/auth0 -[@bchrobot]: https://github.com/bchrobot -[@bkw]: https://github.com/bkw -[@dwradcliffe]: https://github.com/dwradcliffe -[@evertrue]: https://github.com/evertrue -[@ffuenf]: https://github.com/ffuenf -[@firmhouse]: https://github.com/firmhouse -[@gkra]: https://github.com/gkra -[@gregkare]: https://github.com/gregkare -[@irontoby]: https://github.com/irontoby -[@jalberto]: https://github.com/jalberto -[@jcoleman]: https://github.com/jcoleman -[@jenssegers]: https://github.com/jenssegers -[@josh-padnick]: https://github.com/josh-padnick -[@jujugrrr]: https://github.com/jujugrrr -[@karsten-bruckmann]: https://github.com/karsten-bruckmann -[@larkin]: https://github.com/larkin -[@miketheman]: https://github.com/miketheman -[@monsterstrike]: https://github.com/monsterstrike -[@morr]: https://github.com/morr -[@n1koo]: https://github.com/n1koo -[@nkadel-skyhook]: https://github.com/nkadel-skyhook -[@runningman84]: https://github.com/runningman84 -[@shtouff]: https://github.com/shtouff -[@stevenolen]: https://github.com/stevenolen -[@thomasmeeus]: https://github.com/thomasmeeus -[@thommay]: https://github.com/thommay -[@tvdinner]: https://github.com/tvdinner -[@usertesting]: https://github.com/usertesting -[@whatcould]: https://github.com/whatcould -[@yveslaroche]: https://github.com/yveslaroche diff --git a/cookbooks/nginx/README.md b/cookbooks/nginx/README.md deleted file mode 100644 index 8281bad..0000000 --- a/cookbooks/nginx/README.md +++ /dev/null @@ -1,521 +0,0 @@ -nginx Cookbook -============== -[![Cookbook](http://img.shields.io/cookbook/v/nginx.svg)](https://github.com/miketheman/nginx) -[![Build Status](https://travis-ci.org/miketheman/nginx.svg?branch=master)](https://travis-ci.org/miketheman/nginx) -[![Gitter chat](https://img.shields.io/badge/Gitter-miketheman%2Fnginx-brightgreen.svg)](https://gitter.im/miketheman/nginx) - -Installs nginx from package OR source code and sets up configuration handling similar to Debian's Apache2 scripts. - -# READ THIS FIRST - -After having struggled with the cookbook format and the interfaces being brittle, the maintainers have decided to begin rewriting the core implmenetation of the nginx cookbook from the ground up, to allow for better flexibility, testability and maintianability. - -To this end, we request that you not open new issues for the existing codebase. - -Pull requests for bugs will be merged, any obvious optimizations and clarifications will be merged, and a 2.7.5 release will be shipped, and we will focus on writing the 3.0.0 version. - -Thank you for your help on this front! - --- The Maintainers - ---- - - -Requirements ------------- -### Cookbooks -The following cookbooks are direct dependencies because they're used for common "default" functionality. - -- build-essential (for nginx::source) -- ohai (for nginx::ohai_plugin) - -The following cookbook is not a strict dependency because its use can be controlled by an attribute, so it may not be a common "default." - -- runit (for nginx::source) -- On RHEL family distros, the "yum" cookbook is required for `recipe[yum::epel]`. -- On Ubuntu, when using Nginx.org's stable package, `recipe[apt::default]` is required. - - -### Platforms -The following platforms are supported and tested under test kitchen: - -- Ubuntu 10.04, Ubuntu 12.04 -- CentOS 5.8, 6.3 - -Other Debian and RHEL family distributions are assumed to work. - - -Attributes ----------- -Node attributes for this cookbook are logically separated into different files. Some attributes are set only via a specific recipe. - -### default -Generally used attributes. Some have platform specific values. See `attributes/default.rb`. "The Config" refers to "nginx.conf" the main config file. - -- `node['nginx']['dir']` - Location for Nginx configuration. -- `node['nginx']['conf_template']` - The `source` template to use when creating the `nginx.conf`. -- `node['nginx']['conf_cookbook']` - The cookbook where `node['nginx']['conf_template']` resides. -- `node['nginx']['log_dir']` - Location for Nginx logs. -- `node['nginx']['log_dir_perm']` - Permissions for Nginx logs folder. -- `node['nginx']['user']` - User that Nginx will run as. -- `node['nginx']['group]` - Group for Nginx. -- `node['nginx']['port']` - Port for nginx to listen on. -- `node['nginx']['binary']` - Path to the Nginx binary. -- `node['nginx']['init_style']` - How to run Nginx as a service when - using `nginx::source`. Values can be "runit", "upstart", "init" or - "bluepill". When using runit or bluepill, those recipes will be - included as well and are dependencies of this cookbook. Recipes - are not included for upstart, it is assumed that upstart is built - into the platform you are using (ubuntu or el6). This attribute is - not used in the `nginx` recipe because the package manager's init - script style for the platform is assumed. Upstart is never set as - a default as this represents a change in behavior, if you are running - ubuntu or el6 and want to use upstart, please set this attribute in - a role or similar. -- `node['nginx']['upstart']['foreground']` - Set this to true if you - want upstart to run nginx in the foreground, set to false if you - want upstart to detach and track the process via pid. -- `node['nginx']['upstart']['runlevels']` - String of runlevels in the - format '2345' which determines which runlevels nginx will start at - when entering and stop at when leaving. -- `node['nginx']['upstart']['respawn_limit']` - Respawn limit in upstart - stanza format, count followed by space followed by interval in seconds. -- `node['nginx']['pid']` - Location of the PID file. -- `node['nginx']['keepalive']` - Whether to use `keepalive_timeout`, - any value besides "on" will leave that option out of the config. -- `node['nginx']['keepalive_requests']` - used for config value of - `keepalive_requests`. -- `node['nginx']['keepalive_timeout']` - used for config value of - `keepalive_timeout`. -- `node['nginx']['worker_processes']` - used for config value of - `worker_processes`. -- `node['nginx']['worker_connections']` - used for config value of - `events { worker_connections }` -- `node['nginx']['worker_rlimit_nofile']` - used for config value of - `worker_rlimit_nofile`. Can replace any "ulimit -n" command. The - value depend on your usage (cache or not) but must always be - superior than worker_connections. -- `node['nginx']['multi_accept']` - used for config value of `events { - multi_accept }`. Try to accept() as many connections as possible. - Disable by default. -- `node['nginx']['event']` - used for config value of `events { use - }`. Set the event-model. By default nginx looks for the most - suitable method for your OS. -- `node['nginx']['accept_mutex_delay']` - used for config value of - `accept_mutex_delay` -- `node['nginx']['server_tokens']` - used for config value of - `server_tokens`. -- `node['nginx']['server_names_hash_bucket_size']` - used for config - value of `server_names_hash_bucket_size`. -- `node['nginx']['disable_access_log']` - set to true to disable the - general access log, may be useful on high traffic sites. -- `node['nginx']['access_log_options']` - Set to a string of additional options - to be appended to the access log directive -- `node['nginx']['error_log_options']` - Set to a string of additional options - to be appended to the error log directive -- `node['nginx']['default_site_enabled']` - enable the default site -- `node['nginx']['sendfile']` - Whether to use `sendfile`. Defaults to "on". -- `node['nginx']['tcp_nopush']` - Whether to use `tcp_nopush`. Defaults to "on". -- `node['nginx']['tcp_nodelay']` - Whether to use `tcp_nodelay`. Defaults to "on". -- `node['nginx']['install_method']` - Whether nginx is installed from - packages or from source. -- `node['nginx']['types_hash_max_size']` - Used for the - `types_hash_max_size` configuration directive. -- `node['nginx']['types_hash_bucket_size']` - Used for the - `types_hash_bucket_size` configuration directive. -- `node['nginx']['proxy_read_timeout']` - defines a timeout (between two - successive read operations) for reading a response from the proxied server. -- `node['nginx']['client_body_buffer_size']` - used for config value of - `client_body_buffer_size`. -- `node['nginx']['client_max_body_size']` - specifies the maximum accepted body - size of a client request, as indicated by the request header Content-Length. -- `node['nginx']['repo_source']` - when installed from a package this attribute affects - which yum repositories, if any, will be added before installing the nginx package. The - default value of 'epel' will use the `yum::epel` recipe, 'nginx' will use the - `nginx::repo` recipe, 'passenger' will use the 'nginx::repo_passenger' recipe, and setting no value will not add any additional repositories. -* `node['nginx']['sts_max_age']` - Enable Strict Transport Security for all apps (See: http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security). This attribute adds the following header: - - Strict-Transport-Security max-age=SECONDS - -to all incoming requests and takes an integer (in seconds) as its argument. -* `node['nginx']['default']['modules']` - Array specifying which -modules to enable via the conf-enabled config include function. -Currently the only valid value is "socketproxy". - -Other configurations - -- `node['nginx']['extra_configs']` - a Hash of key/values to nginx configuration. - -Rate Limiting - -- `node['nginx']['enable_rate_limiting']` - set to true to enable rate - limiting (`limit_req_zone` in nginx.conf) -- `node['nginx']['rate_limiting_zone_name']` - sets the zone in - `limit_req_zone`. -- `node['nginx']['rate_limiting_backoff']` - sets the backoff time for - `limit_req_zone`. -- `node['nginx']['rate_limit']` - set the rate limit amount for - `limit_req_zone`. - -### gzip module - -- `node['nginx']['gzip']` - Whether to use gzip, can be "on" or "off" -- `node['nginx']['gzip_http_version']` - used for config value of `gzip_http_version`. -- `node['nginx']['gzip_comp_level']` - used for config value of `gzip_comp_level`. -- `node['nginx']['gzip_proxied']` - used for config value of `gzip_proxied`. -- `node['nginx']['gzip_vary']` - used for config value of `gzip_vary`. -- `node['nginx']['gzip_buffers']` - used for config value of `gzip_buffers`. -- `node['nginx']['gzip_types']` - used for config value of `gzip_types` - must be an Array. -- `node['nginx']['gzip_min_length']` - used for config value of `gzip_min_length`. -- `node['nginx']['gzip_disable']` - used for config value of `gzip_disable`. -- `node['nginx']['gzip_static']` - used for config value of `gzip_static` (`http_gzip_static_module` must be enabled) -### Attributes set in recipes - -#### nginx::source -- `node['nginx']['daemon_disable']` - Whether the daemon should be - disabled which can be true or false; disable the daemon (run in the - foreground) when using a service supervisor such as runit or - bluepill for "init_style". This is automatically set in the - `nginx::source` recipe when the init style is not bluepill or runit. - -#### nginx::authorized_ips -- `node['nginx']['remote_ip_var']` - The remote ip variable name to - use. -- `node['nginx']['authorized_ips']` - IPs authorized by the module - -#### nginx::http_realip_module -From: http://nginx.org/en/docs/http/ngx_http_realip_module.html - -- `node['nginx']['realip']['header']` - Header to use for the RealIp - Module; only accepts "X-Forwarded-For" or "X-Real-IP" -- `node['nginx']['realip']['addresses']` - Addresses to use for the - `http_realip` configuration. -- `node['nginx']['realip']['real_ip_recursive']` - If recursive search is enabled, the original client address that matches one of the trusted addresses is replaced by the last non-trusted address sent in the request header field. Can be on "on" or "off" (default). - -### source -These attributes are used in the `nginx::source` recipe. Some of them -are dynamically modified during the run. See `attributes/source.rb` -for default values. - -- `node['nginx']['source']['url']` - (versioned) URL for the Nginx - source code. By default this will use the version specified as - `node['nginx']['version']`. -- `node['nginx']['source']['prefix']` - (versioned) prefix for - installing nginx from source -- `node['nginx']['source']['conf_path']` - location of the main config - file, in `node['nginx']['dir']` by default. -- `node['nginx']['source']['modules']` - Array of modules that should - be compiled into Nginx by including their recipes in - `nginx::source`. -- `node['nginx']['source']['default_configure_flags']` - The default - flags passed to the configure script when building Nginx. -- `node['nginx']['configure_flags']` - Preserved for compatibility and - dynamically generated from the - `node['nginx']['source']['default_configure_flags']` in the - `nginx::source` recipe. -* `node['nginx']['source']['use_existing_user']` - set to `true` if you - do not want `nginx::source` recipe to create system user with name - `node['nginx']['user']`. - -### geoip -These attributes are used in the `nginx::http_geoip_module` recipe. -Please note that the `country_dat_checksum` and `city_dat_checksum` -are based on downloads from a datacenter in Fremont, CA, USA. You -really should override these with checksums for the geo tarballs from -your node location. - -**Note** The upstream, maxmind.com, may block access for repeated - downloads of the data files. It is recommended that you download and - host the data files, and change the URLs in the attributes. - -- `node['nginx']['geoip']['path']` - Location where to install the - geoip libraries. -- `node['nginx']['geoip']['enable_city']` - Whether to enable City - data -- `node['nginx']['geoip']['country_dat_url']` - Country data tarball - URL -- `node['nginx']['geoip']['country_dat_checksum']` - Country data - tarball checksum -- `node['nginx']['geoip']['city_dat_url']` - City data tarball URL -- `node['nginx']['geoip']['city_dat_checksum']` - City data tarball - checksum -- `node['nginx']['geoip']['lib_version']` - Version of the GeoIP - library to install -- `node['nginx']['geoip']['lib_url']` - (Versioned) Tarball URL of the - GeoIP library -- `node['nginx']['geoip']['lib_checksum']` - Checksum of the GeoIP - library tarball - -### upload_progress -These attributes are used in the `nginx::upload_progress_module` -recipe. - -- `node['nginx']['upload_progress']['url']` - URL for the tarball. -- `node['nginx']['upload_progress']['checksum']` - Checksum of the - tarball. -- `node['nginx']['upload_progress']['javascript_output']` - Output in javascript. - Default is `true` for backwards compatibility. -- `node['nginx']['upload_progress']['zone_name']` - Zone name which will - be used to store the per-connection tracking information. - Default is `proxied`. -- `node['nginx']['upload_progress']['zone_size']` - Zone size in bytes. - Default is `1m` (1 megabyte). - -### passenger -These attributes are used in the `nginx::passenger` recipe. - -- `node['nginx']['passenger']['version']` - passenger gem version -- `node['nginx']['passenger']['root']` - passenger gem root path -- `node['nginx']['passenger']['install_rake']` - set to false if rake already present on system -- `node['nginx']['passenger']['max_pool_size']` - maximum passenger - pool size (default=10) -- `node['nginx']['passenger']['ruby']` - Ruby path for Passenger to - use (default=`$(which ruby)`) -- `node['nginx']['passenger']['spawn_method']` - passenger spawn - method to use (default=`smart-lv2`) -- `node['nginx']['passenger']['buffer_response']` - turns on or off - response buffering (default=`on`) -- `node['nginx']['passenger']['max_pool_size']` - passenger maximum - pool size (default=`6`) -- `node['nginx']['passenger']['min_instances']` - minimum instances - (default=`1`) -- `node['nginx']['passenger']['max_instances_per_app']` - maximum - instances per app (default=`0`) -- `node['nginx']['passenger']['pool_idle_time']` - passenger pool idle - time (default=`300`) -- `node['nginx']['passenger']['max_requests']` - maximum requests - (default=`0`) -- `node['nginx']['passenger']['nodejs']` - Nodejs path for Passenger to - use (default=nil) - -Basic configuration to use the official Phusion Passenger repositories: -- `node['nginx']['repo_source']` - 'passenger' -- `node['nginx']['package_name']` - 'nginx-extras' -- `node['nginx']['passenger']['install_method']` - 'package' - -### echo -These attributes are used in the `nginx::http_echo_module` recipe. - -- `node['nginx']['echo']['version']` - The version of `http_echo` you - want (default: 0.40) -- `node['nginx']['echo']['url']` - URL for the tarball. -- `node['nginx']['echo']['checksum']` - Checksum of the tarball. - -### status -These attributes are used in the `nginx::http_stub_status_module` recipe. - -- `node['nginx']['status']['port']` - The port on which nginx will - serve the status info (default: 8090) - -### syslog -These attributes are used in the `nginx::syslog_module` recipe. - -- `node['nginx']['syslog']['git_repo']` - The git repository url to use - for the syslog patches. -- `node['nginx']['syslog']['git_revision']` - The revision on the git - repository to checkout. - -### openssl_source -These attributes are used in the `nginx::openssl_source` recipe. - -- `node['nginx']['openssl_source']['version']` - The version of OpenSSL - you want to download and use (default: 1.0.1e) -- `node['nginx']['openssl_source']['url']` - The url for the OpenSSL source - - -## socketproxy.rb - -These attributes are used in the `nginx::socketproxy` recipe. - -* `node['nginx']['socketproxy']['root']` - The directory (on your server) where socketproxy apps are deployed. -* `node['nginx']['socketproxy']['default_app']` - Static assets directory for requests to "/" that don't meet any proxy_pass filter requirements. -* `node['nginx']['socketproxy']['apps']['app_name']['prepend_slash']` - Prepend a slash to requests to app "app_name" before sending them to the socketproxy socket. -* `node['nginx']['socketproxy']['apps']['app_name']['context_name']` - URI (e.g. "app_name" in order to achieve "http://mydomain.com/app_name") at which to host the application "app_name" -* `node['nginx']['socketproxy']['apps']['app_name']['subdir']` - Directory (under `node['nginx']['socketproxy']['root']`) in which to find the application. - -Recipes -------- -This cookbook provides three main recipes for installing Nginx. - -- `default.rb` - *Use this recipe* if you have a native package for - Nginx. -- `repo.rb` - The developer of Nginx also maintain - [stable packages](http://nginx.org/en/download.html) for several - platforms. -- `source.rb` - *Use this recipe* if you do not have a native package for - Nginx, or if you want to install a newer version than is available, - or if you have custom module compilation needs. - -Several recipes are related to the `source` recipe specifically. See -that recipe's section below for a description. - -### default -The default recipe will install Nginx as a native package for the -system through the package manager and sets up the configuration -according to the Debian site enable/disable style with `sites-enabled` -using the `nxensite` and `nxdissite` scripts. The nginx service will -be managed with the normal init scripts that are presumably included -in the native package. - -Includes the `ohai_plugin` recipe so the plugin is available. - -### socketproxy - -This will add socketproxy support to your nginx proxy setup. Do not -include this recipe directly. Instead, add it to the -`node['nginx']['default']['modules']` array (see below). - -### ohai_plugin - -This recipe provides an Ohai plugin as a template. It is included by -both the `default` and `source` recipes. - -### authorized_ips -Sets up configuration for the `authorized_ip` nginx module. - -### source -This recipe is responsible for building Nginx from source. It ensures -that the required packages to build Nginx are installed (pcre, -openssl, compile tools). The source will be downloaded from the -`node['nginx']['source']['url']`. The `node['nginx']['user']` will be -created as a system user. If you want to use existing user set -`node['nginx']['source']['use_existing_user']` to `true`. The appropriate -configuration and log directories and config files will be created -as well according to the attributes `node['nginx']['dir']` and -`node['nginx']['log_dir']`. - -The recipe attempts to detect whether additional modules should be -added to the configure command through recipe inclusion (see below), -and whether the version or configuration flags have changed and should -trigger a recompile. - -The nginx service will be set up according to -`node['nginx']['init_style']`. Available options are: - -- runit: uses runit cookbook and sets up `runit_service`. -- bluepill: uses bluepill cookbook and sets up `bluepill_service`. -- anything else (e.g., "init") will use the nginx init script - template. - -**RHEL/CentOS** This recipe should work on RHEL/CentOS with "init" as - the init style. - -The following recipes are used to build module support into Nginx. To -use a module in the `nginx::source` recipe, add its recipe name to the -attribute `node['nginx']['source']['modules']`. - -- `ipv6.rb` - enables IPv6 support -- `http_echo_module.rb` - downloads the `http_echo_module` module and - enables it as a module when compiling nginx. -- `http_geoip_module.rb` - installs the GeoIP libraries and data files - and enables the module for compilation. -- `http_gzip_static_module.rb` - enables the module for compilation. Be sure to set `node['nginx']['gzip_static'] = 'yes'`. -- `http_perl_module.rb` - enables embedded Perl for compilation. -- `http_realip_module.rb` - enables the module for compilation and - creates the configuration. -- `http_ssl_module.rb` - enables SSL for compilation. -- `http_stub_status_module.rb` - provides `nginx_status` configuration - and enables the module for compilation. -- `naxsi_module` - enables the naxsi module for the web application - firewall for nginx. -- `passenger` - builds the passenger gem and configuration for - "`mod_passenger`". -- `syslog` - enables syslog support for nginx. This only works with - source builds. See https://github.com/yaoweibin/nginx_syslog_patch -- `upload_progress_module.rb` - builds the `upload_progress` module - and enables it as a module when compiling nginx. -- `openssl_source.rb` - downloads and uses custom OpenSSL source - when compiling nginx - -Definitions ------------ - -The cookbook provides a new definition. At some point in the future this definition may be refactored into a lightweight resource and provider as suggested by [foodcritic rule FC015](http://acrmp.github.com/foodcritic/#FC015). - -### nginx\_site - -Enable or disable a Server Block in -`#{node['nginx']['dir']}/sites-available` by calling nxensite or -nxdissite (introduced by this cookbook) to manage the symbolic link in -`#{node['nginx']['dir']}/sites-enabled`. - -The template for the site must be managed as a separate resource. - -### Parameters: - -* `name` - Name of the site. -* `enable` - Default true, which uses `nxensite` to enable the site. If false, the site will be disabled with `nxdissite`. - - -Adding New Modules ------------------- -To add a new module to be compiled into nginx in the source recipe, -the node's run state is manipulated in a recipe, and the module as a -recipe should be added to `node['nginx']['source']['modules']`. For -example: - -```ruby -node.run_state['nginx_configure_flags'] = - node.run_state['nginx_configure_flags'] | ['--with-http_stub_status_module'] -``` - -The recipe will be included by `recipe[nginx::source]` automatically, -adding the configure flags. Add any other configuration templates or -other resources as required. See the recipes described above for -examples. - - -Ohai Plugin ------------ -The `ohai_plugin` recipe includes an Ohai plugin. It will be -automatically installed and activated, providing the following -attributes via ohai, no matter how nginx is installed (source or -package): - -- `node['nginx']['version']` - version of nginx -- `node['nginx']['configure_arguments']` - options passed to - `./configure` when nginx was built -- `node['nginx']['prefix']` - installation prefix -- `node['nginx']['conf_path']` - configuration file path - -In the source recipe, it is used to determine whether control -attributes for building nginx have changed. - - -Usage ------ -Include the recipe on your node or role that fits how you wish to -install Nginx on your system per the recipes section above. Modify the -attributes as required in your role to change how various -configuration is applied per the attributes section above. In general, -override attributes in the role should be used when changing -attributes. - -There's some redundancy in that the config handling hasn't been -separated from the installation method (yet), so use only one of the -recipes, default or source. - - -License & Authors ------------------ -- Author:: Joshua Timberman () -- Author:: Adam Jacob () -- Author:: AJ Christensen () -- Author:: Jamie Winsor () -- Author:: Mike Fiedler () - -```text -Copyright 2008-2014, Chef Software, Inc - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -``` diff --git a/cookbooks/nginx/attributes/set_misc.rb b/cookbooks/nginx/attributes/set_misc.rb deleted file mode 100644 index 33fb21f..0000000 --- a/cookbooks/nginx/attributes/set_misc.rb +++ /dev/null @@ -1,8 +0,0 @@ -# -# Cookbook Name:: nginx -# Attributes:: set_misc -# - -default['nginx']['set_misc']['version'] = '0.24' -default['nginx']['set_misc']['url'] = "https://github.com/agentzh/set-misc-nginx-module/archive/v#{node['nginx']['set_misc']['version']}.tar.gz" -default['nginx']['set_misc']['checksum'] = 'da404a7dac5fa4a0a86f42b4ec7648b607f4cd66' diff --git a/cookbooks/nginx/definitions/nginx_site.rb b/cookbooks/nginx/definitions/nginx_site.rb deleted file mode 100644 index a0e9e5c..0000000 --- a/cookbooks/nginx/definitions/nginx_site.rb +++ /dev/null @@ -1,50 +0,0 @@ -# -# Cookbook Name:: nginx -# Definition:: nginx_site -# -# Author:: AJ Christensen -# -# Copyright 2008-2013, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -define :nginx_site, :enable => true, :timing => :delayed do - if params[:enable] - - if params[:template] - template "#{node['nginx']['dir']}/sites-available/#{params[:name]}" do - source params[:template] - variables(params[:variables]) - end - end - - execute "nxensite #{params[:name]}" do - command "#{node['nginx']['script_dir']}/nxensite #{params[:name]}" - notifies :reload, 'service[nginx]', params[:timing] - not_if do - ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/#{params[:name]}") || - ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/000-#{params[:name]}") - end - end - else - execute "nxdissite #{params[:name]}" do - command "#{node['nginx']['script_dir']}/nxdissite #{params[:name]}" - notifies :reload, 'service[nginx]', params[:timing] - only_if do - ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/#{params[:name]}") || - ::File.symlink?("#{node['nginx']['dir']}/sites-enabled/000-#{params[:name]}") - end - end - end -end diff --git a/cookbooks/nginx/files/default/mime.types b/cookbooks/nginx/files/default/mime.types deleted file mode 100644 index 6437e2d..0000000 --- a/cookbooks/nginx/files/default/mime.types +++ /dev/null @@ -1,78 +0,0 @@ -types { - text/html html htm shtml; - text/css css; - text/xml xml; - image/gif gif; - image/jpeg jpeg jpg; - application/javascript js; - application/json json; - application/atom+xml atom; - application/rss+xml rss; - text/cache.manifest manifest; - text/mathml mml; - text/plain txt; - text/vnd.sun.j2me.app-descriptor jad; - text/vnd.wap.wml wml; - text/x-component htc; - image/png png; - image/tiff tif tiff; - image/vnd.wap.wbmp wbmp; - image/x-icon ico; - image/x-jng jng; - image/x-ms-bmp bmp; - image/svg+xml svg svgz; - image/webp webp; - application/java-archive jar war ear; - application/mac-binhex40 hqx; - application/msword doc; - application/pdf pdf; - application/postscript ps eps ai; - application/rtf rtf; - application/vnd.ms-excel xls; - application/vnd.ms-powerpoint ppt; - application/vnd.wap.wmlc wmlc; - application/vnd.google-earth.kml+xml kml; - application/vnd.google-earth.kmz kmz; - application/x-7z-compressed 7z; - application/x-cocoa cco; - application/x-java-archive-diff jardiff; - application/x-java-jnlp-file jnlp; - application/x-makeself run; - application/x-perl pl pm; - application/x-pilot prc pdb; - application/x-rar-compressed rar; - application/x-redhat-package-manager rpm; - application/x-sea sea; - application/x-shockwave-flash swf; - application/x-stuffit sit; - application/x-tcl tcl tk; - application/x-x509-ca-cert der pem crt; - application/x-xpinstall xpi; - application/xhtml+xml xhtml; - application/zip zip; - application/octet-stream bin exe dll; - application/octet-stream deb; - application/octet-stream dmg; - application/octet-stream iso img; - application/octet-stream msi msp msm; - font/ttf ttf; - font/opentype otf; - application/x-font-woff woff; - application/vnd.ms-fontobject eot; - audio/midi mid midi kar; - audio/mpeg mp3; - audio/ogg ogg; - audio/x-m4a m4a; - audio/x-realaudio ra; - video/3gpp 3gpp 3gp; - video/mp4 mp4; - video/mpeg mpeg mpg; - video/quicktime mov; - video/webm webm; - video/x-flv flv; - video/x-m4v m4v; - video/x-mng mng; - video/x-ms-asf asx asf; - video/x-ms-wmv wmv; - video/x-msvideo avi; -} diff --git a/cookbooks/nginx/libraries/matchers.rb b/cookbooks/nginx/libraries/matchers.rb deleted file mode 100644 index a72f01e..0000000 --- a/cookbooks/nginx/libraries/matchers.rb +++ /dev/null @@ -1,20 +0,0 @@ -if defined?(ChefSpec) - # Custom ChefSpec matchers - module ChefSpec::Matchers - RSpec::Matchers.define :enable_nginx_site do |site| - match do |chef_run| - chef_run.resource_collection.all_resources.any? do |resource| - resource.resource_name == :execute && resource.name =~ /.*nxensite.*#{site}/ - end - end - end - - RSpec::Matchers.define :disable_nginx_site do |site| - match do |chef_run| - chef_run.resource_collection.all_resources.any? do |resource| - resource.resource_name == :execute && resource.name =~ /.*nxdissite.*#{site}/ - end - end - end - end -end diff --git a/cookbooks/nginx/metadata.json b/cookbooks/nginx/metadata.json deleted file mode 100644 index 0daff0e..0000000 --- a/cookbooks/nginx/metadata.json +++ /dev/null @@ -1,351 +0,0 @@ -{ - "name": "nginx", - "description": "Installs and configures nginx", - "long_description": "", - "maintainer": "Chef Software, Inc.", - "maintainer_email": "cookbooks@chef.io", - "license": "Apache 2.0", - "platforms": { - "amazon": ">= 0.0.0", - "centos": ">= 0.0.0", - "debian": ">= 0.0.0", - "fedora": ">= 0.0.0", - "oracle": ">= 0.0.0", - "redhat": ">= 0.0.0", - "scientific": ">= 0.0.0", - "ubuntu": ">= 0.0.0" - }, - "dependencies": { - "apt": "~> 2.2", - "bluepill": "~> 2.3", - "build-essential": "~> 2.0", - "ohai": "~> 2.0", - "runit": "~> 1.2", - "yum-epel": "~> 0.3" - }, - "recommendations": { - - }, - "suggestions": { - - }, - "conflicting": { - - }, - "providing": { - - }, - "replacing": { - - }, - "attributes": { - "nginx/dir": { - "display_name": "Nginx Directory", - "description": "Location of nginx configuration files", - "default": "/etc/nginx", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/log_dir": { - "display_name": "Nginx Log Directory", - "description": "Location for nginx logs", - "default": "/var/log/nginx", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/user": { - "display_name": "Nginx User", - "description": "User nginx will run as", - "default": "www-data", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/binary": { - "display_name": "Nginx Binary", - "description": "Location of the nginx server binary", - "default": "/usr/sbin/nginx", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/gzip": { - "display_name": "Nginx Gzip", - "description": "Whether gzip is enabled", - "default": "on", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/gzip_http_version": { - "display_name": "Nginx Gzip HTTP Version", - "description": "Version of HTTP Gzip", - "default": "1.0", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/gzip_comp_level": { - "display_name": "Nginx Gzip Compression Level", - "description": "Amount of compression to use", - "default": "2", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/gzip_proxied": { - "display_name": "Nginx Gzip Proxied", - "description": "Whether gzip is proxied", - "default": "any", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/gzip_types": { - "display_name": "Nginx Gzip Types", - "description": "Supported MIME-types for gzip", - "type": "array", - "default": [ - "text/plain", - "text/css", - "application/x-javascript", - "text/xml", - "application/xml", - "application/xml+rss", - "text/javascript", - "application/javascript", - "application/json" - ], - "choice": [ - - ], - "calculated": false, - "required": "optional", - "recipes": [ - - ] - }, - "nginx/keepalive": { - "display_name": "Nginx Keepalive", - "description": "Whether to enable keepalive", - "default": "on", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/keepalive_timeout": { - "display_name": "Nginx Keepalive Timeout", - "default": "65", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/worker_processes": { - "display_name": "Nginx Worker Processes", - "description": "Number of worker processes", - "default": "1", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/worker_connections": { - "display_name": "Nginx Worker Connections", - "description": "Number of connections per worker", - "default": "1024", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/server_names_hash_bucket_size": { - "display_name": "Nginx Server Names Hash Bucket Size", - "default": "64", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/types_hash_max_size": { - "display_name": "Nginx Types Hash Max Size", - "default": "2048", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/types_hash_bucket_size": { - "display_name": "Nginx Types Hash Bucket Size", - "default": "64", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/disable_access_log": { - "display_name": "Disable Access Log", - "default": "false", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/default_site_enabled": { - "display_name": "Default site enabled", - "default": "true", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/sendfile": { - "display_name": "Nginx sendfile", - "description": "Whether to enable sendfile", - "default": "on", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/tcp_nopush": { - "display_name": "Nginx tcp_nopush", - "description": "Whether to enable tcp_nopush", - "default": "on", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - }, - "nginx/tcp_nodelay": { - "display_name": "Nginx tcp_nodelay", - "description": "Whether to enable tcp_nodelay", - "default": "on", - "choice": [ - - ], - "calculated": false, - "type": "string", - "required": "optional", - "recipes": [ - - ] - } - }, - "groupings": { - - }, - "recipes": { - "nginx": "Installs nginx package and sets up configuration with Debian apache style with sites-enabled/sites-available", - "nginx::source": "Installs nginx from source and sets up configuration with Debian apache style with sites-enabled/sites-available" - }, - "version": "2.7.6", - "source_url": "", - "issues_url": "" -} diff --git a/cookbooks/nginx/metadata.rb b/cookbooks/nginx/metadata.rb deleted file mode 100644 index 7a66a31..0000000 --- a/cookbooks/nginx/metadata.rb +++ /dev/null @@ -1,125 +0,0 @@ -name 'nginx' -maintainer 'Chef Software, Inc.' -maintainer_email 'cookbooks@chef.io' -license 'Apache 2.0' -description 'Installs and configures nginx' -version '2.7.6' - -recipe 'nginx', 'Installs nginx package and sets up configuration with Debian apache style with sites-enabled/sites-available' -recipe 'nginx::source', 'Installs nginx from source and sets up configuration with Debian apache style with sites-enabled/sites-available' - -depends 'apt', '~> 2.2' -depends 'bluepill', '~> 2.3' -depends 'build-essential', '~> 2.0' -depends 'ohai', '~> 2.0' -depends 'runit', '~> 1.2' -depends 'yum-epel', '~> 0.3' - -supports 'amazon' -supports 'centos' -supports 'debian' -supports 'fedora' -supports 'oracle' -supports 'redhat' -supports 'scientific' -supports 'ubuntu' - -attribute 'nginx/dir', - :display_name => 'Nginx Directory', - :description => 'Location of nginx configuration files', - :default => '/etc/nginx' - -attribute 'nginx/log_dir', - :display_name => 'Nginx Log Directory', - :description => 'Location for nginx logs', - :default => '/var/log/nginx' - -attribute 'nginx/user', - :display_name => 'Nginx User', - :description => 'User nginx will run as', - :default => 'www-data' - -attribute 'nginx/binary', - :display_name => 'Nginx Binary', - :description => 'Location of the nginx server binary', - :default => '/usr/sbin/nginx' - -attribute 'nginx/gzip', - :display_name => 'Nginx Gzip', - :description => 'Whether gzip is enabled', - :default => 'on' - -attribute 'nginx/gzip_http_version', - :display_name => 'Nginx Gzip HTTP Version', - :description => 'Version of HTTP Gzip', - :default => '1.0' - -attribute 'nginx/gzip_comp_level', - :display_name => 'Nginx Gzip Compression Level', - :description => 'Amount of compression to use', - :default => '2' - -attribute 'nginx/gzip_proxied', - :display_name => 'Nginx Gzip Proxied', - :description => 'Whether gzip is proxied', - :default => 'any' - -attribute 'nginx/gzip_types', - :display_name => 'Nginx Gzip Types', - :description => 'Supported MIME-types for gzip', - :type => 'array', - :default => ['text/plain', 'text/css', 'application/x-javascript', 'text/xml', 'application/xml', 'application/xml+rss', 'text/javascript', 'application/javascript', 'application/json'] - -attribute 'nginx/keepalive', - :display_name => 'Nginx Keepalive', - :description => 'Whether to enable keepalive', - :default => 'on' - -attribute 'nginx/keepalive_timeout', - :display_name => 'Nginx Keepalive Timeout', - :default => '65' - -attribute 'nginx/worker_processes', - :display_name => 'Nginx Worker Processes', - :description => 'Number of worker processes', - :default => '1' - -attribute 'nginx/worker_connections', - :display_name => 'Nginx Worker Connections', - :description => 'Number of connections per worker', - :default => '1024' - -attribute 'nginx/server_names_hash_bucket_size', - :display_name => 'Nginx Server Names Hash Bucket Size', - :default => '64' - -attribute 'nginx/types_hash_max_size', - :display_name => 'Nginx Types Hash Max Size', - :default => '2048' - -attribute 'nginx/types_hash_bucket_size', - :display_name => 'Nginx Types Hash Bucket Size', - :default => '64' - -attribute 'nginx/disable_access_log', - :display_name => 'Disable Access Log', - :default => 'false' - -attribute 'nginx/default_site_enabled', - :display_name => 'Default site enabled', - :default => 'true' - -attribute 'nginx/sendfile', - :display_name => 'Nginx sendfile', - :description => 'Whether to enable sendfile', - :default => 'on' - -attribute 'nginx/tcp_nopush', - :display_name => 'Nginx tcp_nopush', - :description => 'Whether to enable tcp_nopush', - :default => 'on' - -attribute 'nginx/tcp_nodelay', - :display_name => 'Nginx tcp_nodelay', - :description => 'Whether to enable tcp_nodelay', - :default => 'on' diff --git a/cookbooks/nginx/recipes/package.rb b/cookbooks/nginx/recipes/package.rb deleted file mode 100644 index eddc8c1..0000000 --- a/cookbooks/nginx/recipes/package.rb +++ /dev/null @@ -1,52 +0,0 @@ -# -# Cookbook Name:: nginx -# Recipe:: package -# Author:: AJ Christensen -# -# Copyright 2008-2013, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -include_recipe 'nginx::ohai_plugin' - -if platform_family?('rhel') - if node['nginx']['repo_source'] == 'epel' - include_recipe 'yum-epel' - elsif node['nginx']['repo_source'] == 'nginx' - include_recipe 'nginx::repo' - package_install_opts = '--disablerepo=* --enablerepo=nginx' - elsif node['nginx']['repo_source'].to_s.empty? - log "node['nginx']['repo_source'] was not set, no additional yum repositories will be installed." do - level :debug - end - else - fail ArgumentError, "Unknown value '#{node['nginx']['repo_source']}' was passed to the nginx cookbook." - end -elsif platform_family?('debian') - include_recipe 'nginx::repo_passenger' if node['nginx']['repo_source'] == 'passenger' - include_recipe 'nginx::repo' if node['nginx']['repo_source'] == 'nginx' -end - -package node['nginx']['package_name'] do - options package_install_opts - notifies :reload, 'ohai[reload_nginx]', :immediately - not_if 'which nginx' -end - -service 'nginx' do - supports :status => true, :restart => true, :reload => true - action :enable -end - -include_recipe 'nginx::commons' diff --git a/cookbooks/nginx/templates/default/nginx.pill.erb b/cookbooks/nginx/templates/default/nginx.pill.erb deleted file mode 100644 index ed90493..0000000 --- a/cookbooks/nginx/templates/default/nginx.pill.erb +++ /dev/null @@ -1,15 +0,0 @@ -Bluepill.application("nginx", :log_file => "<%= node['nginx']['log_dir'] %>/bluepill-nginx.log") do |app| - app.process("nginx") do |process| - process.pid_file = "<%= node['nginx']['pid'] %>" - process.working_dir = "<%= node['nginx']['source']['prefix'] %>" - process.start_command = "<%= node['nginx']['binary'] %> -c <%= node['nginx']['dir'] %>/nginx.conf" - process.stop_command = "kill -QUIT {{PID}}" - process.restart_command = "kill -HUP {{PID}}" - process.daemonize = true - process.stdout = process.stderr = "<%= node['nginx']['log_dir'] %>/nginx.log" - - process.monitor_children do |child_process| - child_process.stop_command = "kill -QUIT {{PID}}" - end - end -end diff --git a/cookbooks/nginx/templates/default/plugins/nginx.rb.erb b/cookbooks/nginx/templates/default/plugins/nginx.rb.erb deleted file mode 100644 index 4e2d4f7..0000000 --- a/cookbooks/nginx/templates/default/plugins/nginx.rb.erb +++ /dev/null @@ -1,66 +0,0 @@ -# -# Author:: Jamie Winsor () -# -# Copyright 2012, Riot Games -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -provides "nginx" -provides "nginx/version" -provides "nginx/configure_arguments" -provides "nginx/prefix" -provides "nginx/conf_path" - -def parse_flags(flags) - prefix = nil - conf_path = nil - - flags.each do |flag| - case flag - when /^--prefix=(.+)$/ - prefix = $1 - when /^--conf-path=(.+)$/ - conf_path = $1 - end - end - - [ prefix, conf_path ] -end - -nginx Mash.new unless nginx -nginx[:version] = nil unless nginx[:version] -nginx[:configure_arguments] = Array.new unless nginx[:configure_arguments] -nginx[:prefix] = nil unless nginx[:prefix] -nginx[:conf_path] = nil unless nginx[:conf_path] - -status, stdout, stderr = run_command(:no_status_check => true, :command => "<%= node['nginx']['binary'] %> -V") - -if status == 0 - stderr.split("\n").each do |line| - case line - when /^configure arguments:(.+)/ - # This could be better: I'm splitting on configure arguments which removes them and also - # adds a blank string at index 0 of the array. This is why we drop index 0 and map to - # add the '--' prefix back to the configure argument. - nginx[:configure_arguments] = $1.split(/\s--/).drop(1).map { |ca| "--#{ca}" } - - prefix, conf_path = parse_flags(nginx[:configure_arguments]) - - nginx[:prefix] = prefix - nginx[:conf_path] = conf_path - when /^nginx version: nginx\/(\d+\.\d+\.\d+)/ - nginx[:version] = $1 - end - end -end diff --git a/cookbooks/nginx/templates/gentoo/nginx.init.erb b/cookbooks/nginx/templates/gentoo/nginx.init.erb deleted file mode 100644 index 57a6c31..0000000 --- a/cookbooks/nginx/templates/gentoo/nginx.init.erb +++ /dev/null @@ -1,87 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2012 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/files/nginx.initd,v 1.1 2012/02/11 10:17:30 hollow Exp $ - -extra_commands="configtest" -extra_started_commands="upgrade reload" - -description="Robust, small and high performance http and reverse proxy server" -description_configtest="Run nginx' internal config check." -description_upgrade="Upgrade the nginx binary without losing connections." -description_reload="Reload the nginx configuration without losing connections." - -nginx_config=<%= node['nginx']['source']['conf_path'] %> - -command=<%= node['nginx']['binary'] %> -command_args="-c ${nginx_config}" -pidfile=<%= node['nginx']['pid'] %> - -depend() { - need net - use dns logger netmount -} - -start_pre() { - if [ "${RC_CMD}" != "restart" ]; then - configtest || return 1 - fi -} - -stop_pre() { - if [ "${RC_CMD}" = "restart" ]; then - configtest || return 1 - fi -} - -stop_post() { - rm -f ${pidfile} -} - -reload() { - configtest || return 1 - ebegin "Refreshing nginx' configuration" - kill -HUP `cat ${pidfile}` &>/dev/null - eend $? "Failed to reload nginx" -} - -upgrade() { - configtest || return 1 - ebegin "Upgrading nginx" - - einfo "Sending USR2 to old binary" - kill -USR2 `cat ${pidfile}` &>/dev/null - - einfo "Sleeping 3 seconds before pid-files checking" - sleep 3 - - if [ ! -f ${pidfile}.oldbin ]; then - eerror "File with old pid not found" - return 1 - fi - - if [ ! -f ${pidfile} ]; then - eerror "New binary failed to start" - return 1 - fi - - einfo "Sleeping 3 seconds before WINCH" - sleep 3 ; kill -WINCH `cat ${pidfile}.oldbin` - - einfo "Sending QUIT to old binary" - kill -QUIT `cat ${pidfile}.oldbin` - - einfo "Upgrade completed" - eend $? "Upgrade failed" -} - -configtest() { - ebegin "Checking nginx' configuration" - ${command} -c ${nginx_config} -t -q - - if [ $? -ne 0 ]; then - ${command} -c ${nginx_config} -t - fi - - eend $? "failed, please correct errors above" -} diff --git a/cookbooks/nginx/templates/suse/nginx.init.erb b/cookbooks/nginx/templates/suse/nginx.init.erb deleted file mode 100644 index e3e6ec9..0000000 --- a/cookbooks/nginx/templates/suse/nginx.init.erb +++ /dev/null @@ -1,115 +0,0 @@ -#!/bin/sh -# -# nginx -# -### BEGIN INIT INFO -# Provides: nginx -# Required-Start: $local_fs $remote_fs $network $syslog -# Required-Stop: $local_fs $remote_fs $network $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: starts the nginx web server -# Description: starts nginx using start-stop-daemon -### END INIT INFO - -# Source function library. -. /etc/rc.status - -rc_reset - -# Check that networking is up. -[ "$NETWORKING" = "no" ] && exit -exec=<%= node['nginx']['binary'] %> -prog=$(basename $exec) - -# default options, overruled by items in sysconfig -NGINX_GLOBAL="" - -[ -e /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx - -lockfile=/var/lock/subsys/nginx - -start() { - [ -x $exec ] || exit 5 - echo -n $"Starting $prog: " - # if not running, start it up here, usually something like "daemon $exec" - options="" - if [ "${NGINX_GLOBAL}" != "" ]; then - options="-g ${NGINX_GLOBAL}" - fi - $exec $options - retval=$? - echo - [ $retval -eq 0 ] && touch $lockfile - rc_status -v -} - -stop() { - echo -n $"Stopping $prog: " - $exec -s stop - retval=$? - echo - [ $retval -eq 0 ] && rm -f $lockfile - rc_status -v -} - -restart() { - stop - start - rc_status -} - -reload() { - echo -n $"Reloading $prog: " - $exec -s reload - retval=$? - echo - [ $retval -eq 0 ] && rm -f $lockfile - rc_status -v -} - -configtest() { - if [ "$#" -ne 0 ] ; then - case "$1" in - -q) - FLAG=$1 - ;; - *) - ;; - esac - shift - fi - ${exec} -t $FLAG - RETVAL=$? - return $RETVAL -} - -# See how we were called. -case "$1" in - start) - start - ;; - stop) - stop - ;; - status) - status nginx - ;; - restart) - restart - ;; - reload|force-reload) - reload - ;; - condrestart) - [ -f $lockfile ] && restart || : - ;; - configtest) - configtest - ;; - *) - echo $"Usage: $0 {start|stop|status|restart|reload|force-reload|condrestart|configtest}" - exit 1 -esac - -exit $? diff --git a/cookbooks/ohai/.foodcritic b/cookbooks/ohai/.foodcritic new file mode 100644 index 0000000..0480ab5 --- /dev/null +++ b/cookbooks/ohai/.foodcritic @@ -0,0 +1,2 @@ +~FC016 +~FC009 diff --git a/cookbooks/ohai/CHANGELOG.md b/cookbooks/ohai/CHANGELOG.md index d4d23ac..d79cc1a 100644 --- a/cookbooks/ohai/CHANGELOG.md +++ b/cookbooks/ohai/CHANGELOG.md @@ -1,7 +1,89 @@ # ohai Cookbook CHANGELOG + This file is used to list changes made in each version of the ohai cookbook. +## 5.0.4 (2017-04-25) + +- Fix lack of .rb extension when deleting plugins. + +## 5.0.3 (2017-04-06) + +- Use class_eval again in the custom resource to provide Chef 12.5/12.6 compatibility +- Remove kind_of and use name_property not name_attribute +- Fix failures on Chef 13 + +## 5.0.2 (2017-03-24) + +- Remove class_eval + +## 5.0.1 (2017-03-14) + +- Test with Delivery Local Mode +- Bump the dependency to 12.7+ due to failures on 12.5-12.6 + +## 5.0.0 (2017-02-23) + +- Require Chef 12.5+ and remove compat_resource dependency + +## 4.2.3 (2016-12-02) +- Prevent chef_version metadata from failing runs in Opsworks +- Better explain how to resolve the plugin_path issue +- Add suse as a supported platform +- Require at least compat_resource 12.14.7 + +## 4.2.2 (2016-09-19) +- Ignore case in plugin path check on Windows + +## 4.2.1 (2016-09-08) +- Fix typo in compile warning text +- Depend on the latest compat_resource (12.14) +- Remove Chef 11 compat in the metadata +- Require Chef 12.1 not 12.0 +- Define ohai_plugin matcher for Chefspec + +## v4.2.0 (2016-07-19) + +- Added the ability to specify the source cookbook for the cookbook_file or template used in the ohai_plugin resource. +- Added chef_version to the metadata +- Added testing on openSUSE and switched from Rubocop to Cookstyle + +## v4.1.1 (2016-06-16) + +- Fixed error in notifies reload for the delete action +- Bump the compat_resource requirement from 12.9+ to 12.10+ to prevent random failures + +## v4.1.0 (2016-05-26) + +- Added the ability to use templates and pass in variables with the plugin custom resource + +## v4.0.2 (2016-05-23) + +- Resolve failures on Windows nodes + +## v4.0.1 (2016-05-19) + +- Added .rb to the name of the plugins so they actually load +- Added testing to ensure the plugins are being loaded in the chef run + +## v4.0.0 (2016-05-18) + +### BREAKING CHANGE: + +The 4.0 release of the Ohai cookbook removes the previous cookbook_file behavior that required forking the cookbook and adding your own plugins. Instead the cookbook ships with a new ohai_plugin custom resource for installing plugins. In addition to this new custom resource the cookbook now requires Chef 12+. See the readme and test recipe for examples. If you require Chef 11 support you'll need to pin to version 3.0 in your environment. + +## v3.0.1 (2016-03-14) + +- Fixed the Chefspec matchers + +## v3.0.0 (2016-03-14) + +- Change the default value for `node['ohai']['hints_path']` to use the Ohai config value. This should be the same value in most use cases, but if a custom path is specified in the chef client config this value will get used automatically by the cookbook. +- Removed backwards compatibility with Chefspec < 4.1 in the matchers library +- Fix bad link to the custom Ohai plugin documentation in the readme +- Improve documentation for `node['ohai']['plugin_path']` + ## v2.1.0 (2016-01-26) + - Properly handle creating ohai hints without specifying the content. Previously if the content wasn't specified a deprecation notice would be thrown and the file would not be created - Simplified the test suite and added inspec tests to ensure hints are created, especially if the content is not specified - Added FreeBSD and Windows as supported platform in the metadata and add them to the Test Kitchen config @@ -9,9 +91,11 @@ This file is used to list changes made in each version of the ohai cookbook. - Updated testing Gems to the latest releases in the Gemfile ## v2.0.4 (2015-10-30) + - Resolved deprecation warnings with the Chefspec matchers ## v2.0.3 (2015-10-21) + - Validate the hints before loading them to avoid failures - Added supported platforms to the metadata - Updated .gitignore file @@ -32,36 +116,47 @@ This file is used to list changes made in each version of the ohai cookbook. - Added basic convergence Chefspec test ## v2.0.1 (2014-06-07) + - [COOK-4683] Remove warnings about reopening resource Please note, this changes the name of a remote_directory resource. It is not expected that anyone would be explicitly notifying this resource but, please review [PR #16](https://github.com/chef-cookbooks/ohai/pull/16/files) for more info. ## v2.0.0 (2014-02-25) + '[COOK-3865] - create lwrp ohai_hint' ## v1.1.12 + - Dummy release due to a Community Site upload failure ## v1.1.10 + ### Bug + - **[COOK-3091](https://tickets.chef.io/browse/COOK-3091)** - Fix checking `Chef::Config[:config_file]` ## v1.1.8 + - [COOK-1918] - Ohai cookbook to distribute plugins fails on windows - [COOK-2096] - Ohai cookbook sets unix-only default path attribute ## v1.1.6 + - [COOK-2057] - distribution from another cookbok fails if ohai attributes are loaded after the other cookbook ## v1.1.4 + - [COOK-1128] - readme update, Replace reference to deprecated chef cookbook with one to chef-client ## v1.1.2 + - [COOK-1424] - prevent plugin_path growth to infinity ## v1.1.0 + - [COOK-1174] - custom_plugins is only conditionally available - [COOK-1383] - allow plugins from other cookbooks ## v1.0.2 + - [COOK-463] ohai cookbook default recipe should only reload plugins if there were updates diff --git a/cookbooks/ohai/MAINTAINERS.md b/cookbooks/ohai/MAINTAINERS.md index c6a51ae..645ed14 100644 --- a/cookbooks/ohai/MAINTAINERS.md +++ b/cookbooks/ohai/MAINTAINERS.md @@ -1,19 +1,15 @@ # Maintainers -This file lists how this cookbook project is maintained. When making changes to the system, this -file tells you who needs to review your patch - you need a simple majority of maintainers -for the relevant subsystems to provide a :+1: on your pull request. Additionally, you need -to not receive a veto from a Lieutenant or the Project Lead. -Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) -for details on the process and how to become a maintainer or the project lead. +This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead. + +Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead. # Project Maintainer * [Tim Smith](https://github.com/tas50) # Maintainers * [Jennifer Davis](https://github.com/sigje) -* [Sean OMeara](https://github.com/someara) * [Tim Smith](https://github.com/tas50) * [Thom May](https://github.com/thommay) diff --git a/cookbooks/ohai/README.md b/cookbooks/ohai/README.md index eca46f7..fdb7180 100644 --- a/cookbooks/ohai/README.md +++ b/cookbooks/ohai/README.md @@ -1,59 +1,120 @@ # ohai Cookbook -[![Build Status](https://travis-ci.org/chef-cookbooks/ohai.svg?branch=master)](https://travis-ci.org/chef-cookbooks/ohai) [![Cookbook Version](https://img.shields.io/cookbook/v/ohai.svg)](https://supermarket.chef.io/cookbooks/ohai) -Creates a configured plugin path for distributing custom Ohai plugins, and reloads them via Ohai within the context of a Chef Client run during the compile phase (if needed). +[![Build Status](https://travis-ci.org/chef-cookbooks/ohai.svg?branch=master)](https://travis-ci.org/chef-cookbooks/ohai) [![Build status](https://ci.appveyor.com/api/projects/status/lgok2kr6l007s8hf/branch/master?svg=true)](https://ci.appveyor.com/project/ChefWindowsCookbooks/ohai/branch/master) [![Cookbook Version](https://img.shields.io/cookbook/v/ohai.svg)](https://supermarket.chef.io/cookbooks/ohai) + +Contains custom resources for adding Ohai hints and installing custom Ohai plugins. Handles path creation as well as the reloading of Ohai so that new data will be available during the same run. ## Requirements + ### Platforms + - Debian/Ubuntu - RHEL/CentOS/Scientific/Amazon/Oracle +- openSUSE / SUSE Enterprise Linux - FreeBSD - Windows ### Chef -- Chef 11+ + +- Chef 12.5+ ### Cookbooks + - none -## Attributes -- `node['ohai']['plugin_path']` - location to drop off plugins directory, default is `/etc/chef/ohai_plugins`. This is not FHS-compliant, an FHS location would be something like `/var/lib/ohai/plugins`, or `/var/lib/chef/ohai_plugins` or similar. +## Custom Resources - Neither an FHS location or the default value of this attribute are in the default Ohai plugin path. Set the Ohai plugin path with the config setting "`Ohai::Config[:plugin_path]`" in the Chef config file (the `chef-client::config` recipe does this automatically for you!). The attribute is not set to the default plugin path that Ohai ships with because we don't want to risk destroying existing essential plugins for Ohai. - -- `node['ohai']['plugins']` - sources of plugins, defaults to the `files/default/plugins` directory of this cookbook. You can add additional cookbooks by adding the name of the cookbook as a key and the path of the files directory as the value. You have to make sure that you don't have any file conflicts between multiple cookbooks. The last one to write wins. -- `node['ohai']['hints_path']` - location to drop off hints directory, default is `/etc/chef/ohai/hints`. - -## Usage -Put the recipe `ohai` at the start of the node's run list to make sure that custom plugins are loaded early on in the Chef run and data is available for later recipes. - -The execution of the custom plugins occurs within the recipe during the compile phase, so you can write new plugins and use the data they return in your Chef recipes. - -For information on how to write custom plugins for Ohai, please see the Chef wiki pages. - -[http://wiki.chef.io/display/chef/Writing+Ohai+Plugins](http://wiki.chef.io/display/chef/Writing+Ohai+Plugins) - -_PLEASE NOTE_ - This recipe reloads the Ohai plugins a 2nd time during the Chef run if: -- The "`Ohai::Config[:plugin_path]`" config setting has _NOT_ been properly set in the Chef config file -- The "`Ohai::Config[:plugin_path]`" config setting has been properly set in the Chef config file and there are updated plugins dropped off at "`node['ohai']['plugin_path']`". - -## LWRP ### `ohai_hint` -Create hints file. You can find usage examples at `test/cookbooks/ohai_test/recipes/*.rb`. + +Creates Ohai hint files, which are consumed by Ohai plugins in order to determine if they should run or not. #### Resource Attributes + - `hint_name` - The name of hints file and key. Should be string, default is name of resource. -- `content` - Values of hints. It will be used as automatic attributes. Should be Hash, default is empty Hash class. +- `content` - Values of hints. It will be used as automatic attributes. Should be Hash, default is empty Hash +- `compile_time` - Should the resource run at compile time. This defaults to true + +#### Examples + +Hint file installed to the default directory: + +```ruby +ohai_hint 'ec2' +``` + +Hint file not installed at compile time: + +```ruby +ohai_hint 'ec2' do + compile_time false +end +``` + +Hint file installed with content: + +```ruby +ohai_hint 'raid_present' do + content Hash[:a, 'test_content'] +end +``` #### ChefSpec Matchers + You can check for the creation or deletion of ohai hints with chefspec using these custom matches: + - create_ohai_hint - delete_ohai_hint -## Example -For an example implementation, inspect the ohai_plugin.rb recipe in the nginx community cookbook. +### `ohai_plugin` + +Installs custom Ohai plugins. + +#### Resource Attributes + +- `plugin_name` - The name to give the plugin on the filesystem. Should be string, default is name of resource. +- `path` - The path to your custom plugin directory. Defaults to a directory named 'plugins' under the directory 'ohai' in the Chef config dir. +- `source_file` - The source file for the plugin in your cookbook if not NAME.rb. +- `cookbook` - The cookbook where the source file exists if not the cookbook where the ohai_plugin resource is running from. +- `resource` - The resource type for the plugin file. Either `:cookbook_file` or `:template`. Defaults to `:cookbook_file`. +- `variables` - Usable only if `resource` is `:template`. Defines the template's variables. +- `compile_time` - Should the resource run at compile time. This defaults to `true`. + +#### examples + +Simple Ohai plugin installation: + +```ruby +ohai_plugin 'my_custom_plugin' +``` + +Installation where the resource doesn't match the filename and you install to a custom plugins dir: + +```ruby +ohai_plugin 'My Ohai Plugin' do + name 'my_custom_plugin' + path '/my/custom/path/' +end +``` + +Installation using a template: + +```ruby +ohai_plugin 'My Templated Plugin' do + name 'templated_plugin' + resource :template + variables node_type: :web_server +end +``` + +#### ChefSpec Matchers + +You can check for the creation or deletion of ohai plugins with chefspec using these custom matches: + +- create_ohai_plugin +- delete_ohai_plugin ## License & Authors + **Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io)) **Copyright:** 2011-2016, Chef Software, Inc. diff --git a/cookbooks/ohai/attributes/default.rb b/cookbooks/ohai/attributes/default.rb deleted file mode 100644 index 6880a48..0000000 --- a/cookbooks/ohai/attributes/default.rb +++ /dev/null @@ -1,31 +0,0 @@ -# -# Cookbook Name:: ohai -# Attribute:: default -# -# Copyright 2010-2016, Chef Software, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# FHS location would be /var/lib/chef/ohai_plugins or similar. -case node['platform_family'] -when 'windows' - default['ohai']['plugin_path'] = "#{ENV['systemdrive']}/chef/ohai_plugins" - default['ohai']['hints_path'] = "#{ENV['systemdrive']}/chef/ohai/hints" -else - default['ohai']['plugin_path'] = '/etc/chef/ohai_plugins' - default['ohai']['hints_path'] = '/etc/chef/ohai/hints' -end - -# The list of plugins and their respective file locations -default['ohai']['plugins']['ohai'] = 'plugins' diff --git a/cookbooks/ohai/files/default/plugins/README b/cookbooks/ohai/files/default/plugins/README deleted file mode 100644 index 72f12e3..0000000 --- a/cookbooks/ohai/files/default/plugins/README +++ /dev/null @@ -1 +0,0 @@ -This directory contains custom plugins for Ohai. diff --git a/cookbooks/ohai/libraries/matchers.rb b/cookbooks/ohai/libraries/matchers.rb index 6f06502..a888dd5 100644 --- a/cookbooks/ohai/libraries/matchers.rb +++ b/cookbooks/ohai/libraries/matchers.rb @@ -1,14 +1,27 @@ -# encoding: utf-8 +# +# Cookbook:: ohai +# Library:: matchers +# +# Author:: Tim Smith () +# +# Copyright:: 2016-2017, Chef Software, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# if defined?(ChefSpec) - if ChefSpec.respond_to?(:define_matcher) - # ChefSpec >= 4.1 - ChefSpec.define_matcher(:ohai_hint) - elsif defined?(ChefSpec::Runner) && - ChefSpec::Runner.respond_to?(:define_runner_method) - # ChefSpec < 4.1 - ChefSpec::Runner.define_runner_method(:ohai_hint) - end + ChefSpec.define_matcher :ohai_hint + ChefSpec.define_matcher :ohai_plugin def create_ohai_hint(resource) ChefSpec::Matchers::ResourceMatcher.new(:ohai_hint, :create, resource) @@ -18,4 +31,11 @@ if defined?(ChefSpec) ChefSpec::Matchers::ResourceMatcher.new(:ohai_hint, :delete, resource) end + def create_ohai_plugin(resource) + ChefSpec::Matchers::ResourceMatcher.new(:ohai_plugin, :create, resource) + end + + def delete_ohai_plugin(resource) + ChefSpec::Matchers::ResourceMatcher.new(:ohai_plugin, :delete, resource) + end end diff --git a/cookbooks/ohai/metadata.json b/cookbooks/ohai/metadata.json index e9fb4ef..e457c14 100644 --- a/cookbooks/ohai/metadata.json +++ b/cookbooks/ohai/metadata.json @@ -1 +1 @@ -{"name":"ohai","version":"2.1.0","description":"Distributes a directory of custom ohai plugins","long_description":"# ohai Cookbook\n[![Build Status](https://travis-ci.org/chef-cookbooks/ohai.svg?branch=master)](https://travis-ci.org/chef-cookbooks/ohai) [![Cookbook Version](https://img.shields.io/cookbook/v/ohai.svg)](https://supermarket.chef.io/cookbooks/ohai)\n\nCreates a configured plugin path for distributing custom Ohai plugins, and reloads them via Ohai within the context of a Chef Client run during the compile phase (if needed).\n\n## Requirements\n### Platforms\n- Debian/Ubuntu\n- RHEL/CentOS/Scientific/Amazon/Oracle\n- FreeBSD\n- Windows\n\n### Chef\n- Chef 11+\n\n### Cookbooks\n- none\n\n## Attributes\n- `node['ohai']['plugin_path']` - location to drop off plugins directory, default is `/etc/chef/ohai_plugins`. This is not FHS-compliant, an FHS location would be something like `/var/lib/ohai/plugins`, or `/var/lib/chef/ohai_plugins` or similar.\n\n Neither an FHS location or the default value of this attribute are in the default Ohai plugin path. Set the Ohai plugin path with the config setting \"`Ohai::Config[:plugin_path]`\" in the Chef config file (the `chef-client::config` recipe does this automatically for you!). The attribute is not set to the default plugin path that Ohai ships with because we don't want to risk destroying existing essential plugins for Ohai.\n\n- `node['ohai']['plugins']` - sources of plugins, defaults to the `files/default/plugins` directory of this cookbook. You can add additional cookbooks by adding the name of the cookbook as a key and the path of the files directory as the value. You have to make sure that you don't have any file conflicts between multiple cookbooks. The last one to write wins.\n- `node['ohai']['hints_path']` - location to drop off hints directory, default is `/etc/chef/ohai/hints`.\n\n## Usage\nPut the recipe `ohai` at the start of the node's run list to make sure that custom plugins are loaded early on in the Chef run and data is available for later recipes.\n\nThe execution of the custom plugins occurs within the recipe during the compile phase, so you can write new plugins and use the data they return in your Chef recipes.\n\nFor information on how to write custom plugins for Ohai, please see the Chef wiki pages.\n\n[http://wiki.chef.io/display/chef/Writing+Ohai+Plugins](http://wiki.chef.io/display/chef/Writing+Ohai+Plugins)\n\n_PLEASE NOTE_ - This recipe reloads the Ohai plugins a 2nd time during the Chef run if:\n- The \"`Ohai::Config[:plugin_path]`\" config setting has _NOT_ been properly set in the Chef config file\n- The \"`Ohai::Config[:plugin_path]`\" config setting has been properly set in the Chef config file and there are updated plugins dropped off at \"`node['ohai']['plugin_path']`\".\n\n## LWRP\n### `ohai_hint`\nCreate hints file. You can find usage examples at `test/cookbooks/ohai_test/recipes/*.rb`.\n\n#### Resource Attributes\n- `hint_name` - The name of hints file and key. Should be string, default is name of resource.\n- `content` - Values of hints. It will be used as automatic attributes. Should be Hash, default is empty Hash class.\n\n#### ChefSpec Matchers\nYou can check for the creation or deletion of ohai hints with chefspec using these custom matches:\n- create_ohai_hint\n- delete_ohai_hint\n\n## Example\nFor an example implementation, inspect the ohai_plugin.rb recipe in the nginx community cookbook.\n\n## License & Authors\n**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io))\n\n**Copyright:** 2011-2016, Chef Software, Inc.\n\n```\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache 2.0","platforms":{"ubuntu":">= 0.0.0","debian":">= 0.0.0","centos":">= 0.0.0","redhat":">= 0.0.0","amazon":">= 0.0.0","scientific":">= 0.0.0","fedora":">= 0.0.0","oracle":">= 0.0.0","freebsd":">= 0.0.0","windows":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{"ohai::default":"Distributes a directory of custom ohai plugins"}} \ No newline at end of file +{"name":"ohai","version":"5.0.4","description":"Provides custom resources for installing Ohai hints and plugins","long_description":"# ohai Cookbook\n\n[![Build Status](https://travis-ci.org/chef-cookbooks/ohai.svg?branch=master)](https://travis-ci.org/chef-cookbooks/ohai) [![Build status](https://ci.appveyor.com/api/projects/status/lgok2kr6l007s8hf/branch/master?svg=true)](https://ci.appveyor.com/project/ChefWindowsCookbooks/ohai/branch/master) [![Cookbook Version](https://img.shields.io/cookbook/v/ohai.svg)](https://supermarket.chef.io/cookbooks/ohai)\n\nContains custom resources for adding Ohai hints and installing custom Ohai plugins. Handles path creation as well as the reloading of Ohai so that new data will be available during the same run.\n\n## Requirements\n\n### Platforms\n\n- Debian/Ubuntu\n- RHEL/CentOS/Scientific/Amazon/Oracle\n- openSUSE / SUSE Enterprise Linux\n- FreeBSD\n- Windows\n\n### Chef\n\n- Chef 12.5+\n\n### Cookbooks\n\n- none\n\n## Custom Resources\n\n### `ohai_hint`\n\nCreates Ohai hint files, which are consumed by Ohai plugins in order to determine if they should run or not.\n\n#### Resource Attributes\n\n- `hint_name` - The name of hints file and key. Should be string, default is name of resource.\n- `content` - Values of hints. It will be used as automatic attributes. Should be Hash, default is empty Hash\n- `compile_time` - Should the resource run at compile time. This defaults to true\n\n#### Examples\n\nHint file installed to the default directory:\n\n```ruby\nohai_hint 'ec2'\n```\n\nHint file not installed at compile time:\n\n```ruby\nohai_hint 'ec2' do\n compile_time false\nend\n```\n\nHint file installed with content:\n\n```ruby\nohai_hint 'raid_present' do\n content Hash[:a, 'test_content']\nend\n```\n\n#### ChefSpec Matchers\n\nYou can check for the creation or deletion of ohai hints with chefspec using these custom matches:\n\n- create_ohai_hint\n- delete_ohai_hint\n\n### `ohai_plugin`\n\nInstalls custom Ohai plugins.\n\n#### Resource Attributes\n\n- `plugin_name` - The name to give the plugin on the filesystem. Should be string, default is name of resource.\n- `path` - The path to your custom plugin directory. Defaults to a directory named 'plugins' under the directory 'ohai' in the Chef config dir.\n- `source_file` - The source file for the plugin in your cookbook if not NAME.rb.\n- `cookbook` - The cookbook where the source file exists if not the cookbook where the ohai_plugin resource is running from.\n- `resource` - The resource type for the plugin file. Either `:cookbook_file` or `:template`. Defaults to `:cookbook_file`.\n- `variables` - Usable only if `resource` is `:template`. Defines the template's variables.\n- `compile_time` - Should the resource run at compile time. This defaults to `true`.\n\n#### examples\n\nSimple Ohai plugin installation:\n\n```ruby\nohai_plugin 'my_custom_plugin'\n```\n\nInstallation where the resource doesn't match the filename and you install to a custom plugins dir:\n\n```ruby\nohai_plugin 'My Ohai Plugin' do\n name 'my_custom_plugin'\n path '/my/custom/path/'\nend\n```\n\nInstallation using a template:\n\n```ruby\nohai_plugin 'My Templated Plugin' do\n name 'templated_plugin'\n resource :template\n variables node_type: :web_server\nend\n```\n\n#### ChefSpec Matchers\n\nYou can check for the creation or deletion of ohai plugins with chefspec using these custom matches:\n\n- create_ohai_plugin\n- delete_ohai_plugin\n\n## License & Authors\n\n**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io))\n\n**Copyright:** 2011-2016, Chef Software, Inc.\n\n```\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache-2.0","platforms":{"ubuntu":">= 0.0.0","debian":">= 0.0.0","centos":">= 0.0.0","redhat":">= 0.0.0","amazon":">= 0.0.0","scientific":">= 0.0.0","fedora":">= 0.0.0","oracle":">= 0.0.0","suse":">= 0.0.0","opensuse":">= 0.0.0","opensuseleap":">= 0.0.0","freebsd":">= 0.0.0","windows":">= 0.0.0","zlinux":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/chef-cookbooks/ohai","issues_url":"https://github.com/chef-cookbooks/ohai/issues","chef_version":[[">= 12.5"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/ohai/providers/hint.rb b/cookbooks/ohai/providers/hint.rb deleted file mode 100644 index c83ea38..0000000 --- a/cookbooks/ohai/providers/hint.rb +++ /dev/null @@ -1,46 +0,0 @@ -def why_run_supported? - true -end - -def ohai_hint_path - ::File.join(node['ohai']['hints_path'], "#{new_resource.name}.json") -end - -def build_content - # passing nil to file produces deprecation warnings so pass an empty string - return '' if new_resource.content.nil? || new_resource.content.empty? - JSON.pretty_generate(new_resource.content) -end - -use_inline_resources - -action :create do - # don't create the file if the existing file was empty and so is the new one - # this avoids bogus content updates on every chef run - unless (@current_resource.content && @current_resource.content.empty?) && new_resource.content.nil? - directory node['ohai']['hints_path'] do - action :create - recursive true - end - - file ohai_hint_path do - action :create - content build_content - end - end -end - -def load_current_resource - @current_resource = Chef::Resource::OhaiHint.new(new_resource.name) - if ::File.exist?(ohai_hint_path) - Chef::Log.debug("Existing ohai hint at #{ohai_hint_path} found. Attempting to parse JSON") - begin - @current_resource.content(JSON.parse(::File.read(ohai_hint_path))) - rescue JSON::ParserError - @current_resource.content({}) - Chef::Log.debug("Could not parse JSON in ohai hint at #{ohai_hint_path}. It's probably an empty hint file") - end - end - - @current_resource -end diff --git a/cookbooks/ohai/recipes/default.rb b/cookbooks/ohai/recipes/default.rb index f54332b..6f83639 100644 --- a/cookbooks/ohai/recipes/default.rb +++ b/cookbooks/ohai/recipes/default.rb @@ -1,8 +1,8 @@ # -# Cookbook Name:: ohai +# Cookbook:: ohai # Recipe:: default # -# Copyright 2011-2016, Chef Software, Inc +# Copyright:: 2011-2017, Chef Software, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,36 +17,4 @@ # limitations under the License. # -reload_ohai = false -# Add plugin_path from node attributes if missing, and ensure a reload of -# ohai in that case -unless Ohai::Config[:plugin_path].include?(node['ohai']['plugin_path']) - Ohai::Config[:plugin_path] = [node['ohai']['plugin_path'], Ohai::Config[:plugin_path]].flatten.compact - reload_ohai ||= true -end -Chef::Log.info("ohai plugins will be at: #{node['ohai']['plugin_path']}") - -# This is done during the compile phase so new plugins can be used in -# resources later in the run. -node['ohai']['plugins'].each_pair do |source_cookbook, path| - rd = remote_directory "#{node['ohai']['plugin_path']} for cookbook #{source_cookbook}" do - path node['ohai']['plugin_path'] - cookbook source_cookbook - source path - mode '0755' unless platform_family?('windows') - recursive true - purge false - action :nothing - end - - rd.run_action(:create) - reload_ohai ||= rd.updated? -end - -resource = ohai 'custom_plugins' do - action :nothing -end - -# Reload ohai if the client's plugin_path did not contain -# node['ohai']['plugin_path'], or new plugins were loaded -resource.run_action(:reload) if reload_ohai +Chef::Log.warn('The Ohai cookbook default recipe has no content as of the 4.0 release. See the readme for instructions on using the custom resources.') diff --git a/cookbooks/ohai/resources/hint.rb b/cookbooks/ohai/resources/hint.rb index abfd70c..02b43c9 100644 --- a/cookbooks/ohai/resources/hint.rb +++ b/cookbooks/ohai/resources/hint.rb @@ -1,5 +1,55 @@ -actions :create, :delete -default_action :create +property :hint_name, String, name_property: true +property :content, Hash +property :compile_time, [true, false], default: true -attribute :hint_name, kind_of: String, name_attribute: true -attribute :content, kind_of: Hash +action :create do + directory ::Ohai::Config.ohai.hints_path.first do + action :create + recursive true + end + + file ohai_hint_path do + action :create + content build_content + end +end + +action :delete do + file ohai_hint_path do + action :delete + notifies :reload, ohai[reload ohai post hint removal] + end + + ohai 'reload ohai post hint removal' do + action :nothing + end +end + +action_class.class_eval do + def ohai_hint_path + path = ::File.join(::Ohai::Config.ohai.hints_path.first, new_resource.hint_name) + path << '.json' unless path.end_with?('.json') + path + end + + def build_content + # passing nil to file produces deprecation warnings so pass an empty string + return nil if new_resource.content.nil? || new_resource.content.empty? + JSON.pretty_generate(new_resource.content) + end + + def file_content(path) + return JSON.parse(::File.read(path)) + rescue JSON::ParserError + Chef::Log.debug("Could not parse JSON in ohai hint at #{ohai_hint_path}. It's probably an empty hint file") + return nil + end +end + +# this resource forces itself to run at compile_time +def after_created + return unless compile_time + Array(action).each do |action| + run_action(action) + end +end diff --git a/cookbooks/ohai/resources/plugin.rb b/cookbooks/ohai/resources/plugin.rb new file mode 100644 index 0000000..734a220 --- /dev/null +++ b/cookbooks/ohai/resources/plugin.rb @@ -0,0 +1,117 @@ +property :plugin_name, String, name_property: true +property :path, String +property :source_file, String +property :cookbook, String +property :resource, [:cookbook_file, :template], default: :cookbook_file +property :variables, Hash +property :compile_time, [true, false], default: true + +action :create do + # why create_if_missing you ask? + # no one can agree on perms and this allows them to manage the perms elsewhere + directory desired_plugin_path do + action :create + recursive true + not_if { ::File.exist?(desired_plugin_path) } + end + + if new_resource.resource.eql?(:cookbook_file) + cookbook_file ::File.join(desired_plugin_path, new_resource.plugin_name + '.rb') do + cookbook new_resource.cookbook + source new_resource.source_file || "#{new_resource.plugin_name}.rb" + notifies :reload, "ohai[#{new_resource.plugin_name}]", :immediately + end + elsif new_resource.resource.eql?(:template) + template ::File.join(desired_plugin_path, new_resource.plugin_name + '.rb') do + cookbook new_resource.cookbook + source new_resource.source_file || "#{new_resource.plugin_name}.rb" + variables new_resource.variables + notifies :reload, "ohai[#{new_resource.plugin_name}]", :immediately + end + end + + # Add the plugin path to the ohai plugin path if need be and warn + # the user that this is going to result in a reload every run + unless in_plugin_path?(desired_plugin_path) + plugin_path_warning + Chef::Log.warn("Adding #{desired_plugin_path} to the Ohai plugin path for this chef-client run only") + add_to_plugin_path(desired_plugin_path) + reload_required = true + end + + ohai new_resource.plugin_name do + action :nothing + action :reload if reload_required + end +end + +action :delete do + file ::File.join(desired_plugin_path, new_resource.plugin_name + '.rb') do + action :delete + notifies :reload, 'ohai[reload ohai post plugin removal]' + end + + ohai 'reload ohai post plugin removal' do + action :nothing + end +end + +action_class.class_eval do + # return the path property if specified or + # CHEF_CONFIG_PATH/ohai/plugins if a path isn't specified + def desired_plugin_path + if new_resource.path + new_resource.path + else + ::File.join(chef_config_path, 'ohai', 'plugins') + end + end + + # return the chef config files dir or fail hard + def chef_config_path + if Chef::Config['config_file'] + ::File.dirname(Chef::Config['config_file']) + else + Chef::Application.fatal!("No chef config file defined. Are you running \ +chef-solo? If so you will need to define a path for the ohai_plugin as the \ +path cannot be determined") + end + end + + # is the desired plugin dir in the ohai config plugin dir array? + def in_plugin_path?(path) + # get the directory where we plan to stick the plugin (not the actual file path) + desired_dir = ::File.directory?(path) ? path : ::File.dirname(path) + + case node['platform'] + when 'windows' + ::Ohai::Config.ohai['plugin_path'].map(&:downcase).include?(desired_dir.downcase) + else + ::Ohai::Config.ohai['plugin_path'].include?(desired_dir) + end + end + + def add_to_plugin_path(path) + ::Ohai::Config.ohai['plugin_path'] << path # new format + end + + # we need to warn the user that unless the path for this plugin is in Ohai's + # plugin path already we're going to have to reload Ohai on every Chef run. + # Ideally in future versions of Ohai /etc/chef/ohai/plugins is in the path. + def plugin_path_warning + Chef::Log.warn("The Ohai plugin_path does not include #{desired_plugin_path}. \ +Ohai will reload on each chef-client run in order to add this directory to the \ +path unless you modify your client.rb configuration to add this directory to \ +plugin_path. The plugin_path can be set via the chef-client::config recipe. \ +See 'Ohai Settings' at https://docs.chef.io/config_rb_client.html#ohai-settings \ +for more details.") + end +end + +# this resource forces itself to run at compile_time +def after_created + return unless compile_time + Array(action).each do |action| + run_action(action) + end +end diff --git a/cookbooks/packagecloud/.gitignore b/cookbooks/packagecloud/.gitignore deleted file mode 100644 index 03daae1..0000000 --- a/cookbooks/packagecloud/.gitignore +++ /dev/null @@ -1,19 +0,0 @@ -*~ -*# -.#* -\#*# -.*.sw[a-z] -*.un~ -pkg/ - -# Berkshelf -.vagrant -/cookbooks -Berksfile.lock - -# Bundler -Gemfile.lock -bin/* -.bundle/* - -.kitchen diff --git a/cookbooks/packagecloud/.kitchen.yml b/cookbooks/packagecloud/.kitchen.yml deleted file mode 100644 index bc6c500..0000000 --- a/cookbooks/packagecloud/.kitchen.yml +++ /dev/null @@ -1,79 +0,0 @@ ---- -driver_plugin: vagrant -driver_config: - require_chef_omnibus: true - -platforms: -- name: ubuntu-10.04 - driver_config: - box: opscode-ubuntu-10.04 - box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/opscode_ubuntu-10.04_provisionerless.box - run_list: - - recipe[packagecloud_test::lucid_deps] - - recipe[packagecloud_test::deb] - - recipe[packagecloud_test::rubygems_private] - -- name: ubuntu-12.04 - driver_config: - box: opscode-ubuntu-12.04 - box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/opscode_ubuntu-12.04_provisionerless.box - run_list: - - recipe[packagecloud_test::precise_deps] - - recipe[packagecloud_test::deb] - - recipe[packagecloud_test::rubygems_private] - -- name: ubuntu-14.04 - driver_config: - box: opscode-ubuntu-14.04 - box_url: http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-14.04_chef-provisionerless.box - run_list: - - recipe[packagecloud_test::trusty_deps] - - recipe[packagecloud_test::deb] - - recipe[packagecloud_test::rubygems] - -- name: centos-without-epel-5.10 - driver_config: - box_url: http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-5.10_chef-provisionerless.box - run_list: - - recipe[packagecloud_test::rpm] - - recipe[packagecloud_test::rubygems] - -- name: centos-with-epel-5.10 - driver_config: - box_url: http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-5.10_chef-provisionerless.box - run_list: - - recipe[packagecloud_test::epel5] - - recipe[packagecloud_test::rpm] - - recipe[packagecloud_test::rubygems_private] - -- name: centos-6.5 - run_list: - - recipe[packagecloud_test::rpm] - - recipe[packagecloud_test::rubygems] - -- name: centos-7.0 - run_list: - - recipe[packagecloud_test::rpm] - - recipe[packagecloud_test::rubygems_private] - -- name: amazon-2014.09 - driver_plugin: ec2 - driver_config: - image_id: ami-b5a7ea85 - username: ec2-user - aws_access_key_id: <%= ENV['AWS_ACCESS_KEY_ID'] %> - aws_secret_access_key: <%= ENV['AWS_SECRET_ACCESS_KEY'] %> - aws_ssh_key_id: <%= ENV['AWS_KEYPAIR_NAME'] %> - ssh_key: <%= ENV['AWS_SSH_KEY_PATH'] %> - availability_zone: us-west-2a - region: us-west-2 - flavor_id: t2.micro - security_group_ids: sg-598e583c - run_list: - - recipe[packagecloud_test::rpm] - - recipe[packagecloud_test::rubygems] - -suites: -- name: default - run_list: - attributes: {} diff --git a/cookbooks/packagecloud/.rubocop.yml b/cookbooks/packagecloud/.rubocop.yml deleted file mode 100644 index 0fde6a5..0000000 --- a/cookbooks/packagecloud/.rubocop.yml +++ /dev/null @@ -1,28 +0,0 @@ -AllCops: - Include: - - Berksfile - - Gemfile - - Rakefile - - Thorfile - - Guardfile - Exclude: - - vendor/** - -ClassLength: - Enabled: false -Documentation: - Enabled: false -Encoding: - Enabled: false -HashSyntax: - Enabled: false -LineLength: - Enabled: false -MethodLength: - Enabled: false -SignalException: - Enabled: false -TrailingComma: - Enabled: false -WordArray: - Enabled: false diff --git a/cookbooks/packagecloud/.travis.yml b/cookbooks/packagecloud/.travis.yml deleted file mode 100644 index 7d2bad2..0000000 --- a/cookbooks/packagecloud/.travis.yml +++ /dev/null @@ -1,7 +0,0 @@ -language: ruby -rvm: - - 1.9.3 - - 2.0.0 -bundler_args: --without integration -script: - - bundle exec rake travis diff --git a/cookbooks/packagecloud/Berksfile b/cookbooks/packagecloud/Berksfile deleted file mode 100644 index 47c2da6..0000000 --- a/cookbooks/packagecloud/Berksfile +++ /dev/null @@ -1,5 +0,0 @@ -source 'https://api.berkshelf.com' - -metadata - -cookbook 'packagecloud_test', :path => 'test/fixtures/cookbooks/packagecloud_test' diff --git a/cookbooks/packagecloud/CHANGELOG.md b/cookbooks/packagecloud/CHANGELOG.md deleted file mode 100644 index a6002f3..0000000 --- a/cookbooks/packagecloud/CHANGELOG.md +++ /dev/null @@ -1,18 +0,0 @@ -packagecloud -=============== -This is the Changelog for the packagecloud cookbook - -v0.2.0 (2015-02-17) -------------------- -Rework GPG paths to support new GPG endpoints for repos with repo-specific GPG -keys. Old endpoints/URLs still work, too. - - -v0.0.1 (2014-06-05) -------------------- -Initial release. - - -v0.0.1 (2014-06-05) -------------------- -Initial release! diff --git a/cookbooks/packagecloud/Gemfile b/cookbooks/packagecloud/Gemfile deleted file mode 100644 index 51dbdc7..0000000 --- a/cookbooks/packagecloud/Gemfile +++ /dev/null @@ -1,16 +0,0 @@ -source 'https://rubygems.org' - -gem 'rake' -gem 'berkshelf', '~> 3.1.4' -gem 'kitchen-ec2' -gem 'stove' - -group :test do - gem 'foodcritic', '~> 4.0.0' - gem 'rubocop', '~> 0.24.1' -end - -group :integration do - gem 'test-kitchen', '~> 1.2.1' - gem 'kitchen-vagrant', '~> 0.15.0' -end diff --git a/cookbooks/packagecloud/LICENSE b/cookbooks/packagecloud/LICENSE deleted file mode 100644 index 56c3277..0000000 --- a/cookbooks/packagecloud/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright (C) 2014 Computology, LLC. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/cookbooks/packagecloud/README.md b/cookbooks/packagecloud/README.md deleted file mode 100644 index f9d32b8..0000000 --- a/cookbooks/packagecloud/README.md +++ /dev/null @@ -1,91 +0,0 @@ -# packagecloud cookbook - -This cookbook provides an LWRP for installing https://packagecloud.io repositories. - -NOTE: Please see the Changelog below for important changes if upgrading from 0.0.19 to 0.1.0. - -## Usage - -Be sure to depend on `packagecloud` in `metadata.rb` so that the packagecloud -resource will be loaded. - -For public repos: - -```ruby -packagecloud_repo "computology/packagecloud-cookbook-test-public" do - type "deb" -end -``` - -For private repos, you need to supply a `master_token`: - -```ruby -packagecloud_repo "computology/packagecloud-cookbook-test-private" do - type "deb" - master_token "762748f7ae0bfdb086dd539575bdc8cffdca78c6a9af0db9" -end -``` - -For packagecloud:enterprise users, add `base_url` to your resource: - -``` -packagecloud_repo "computology/packagecloud-cookbook-test-private" do - base_url "https://packages.example.com" - type "deb" - master_token "762748f7ae0bfdb086dd539575bdc8cffdca78c6a9af0db9" -end -``` - -For forcing the os and dist for repository install: - -``` -packagecloud_repo 'computology/packagecloud-cookbook-test-public' do - type 'rpm' - force_os 'rhel' - force_dist '6.5' -end -``` - -Valid options for `type` include `deb`, `rpm`, and `gem`. - -## Interactions with other cookbooks - -On CentOS 5, the official chef yum cookbook overwrites the file -`/etc/yum.conf` setting some default values. When it does this, the `cachedir` -value is changed from the CentOS5 default to the default value in the -cookbook. The result of this change is that any packagecloud repository -installed *before* a repository installed with the yum cookbook will appear as -though it's gpg keys were not imported. - -There are a few potential workarounds for this: - -- Pass the "-y" flag to package resource using the `options` attribute. This - should cause yum to import the GPG key automatically if it was not imported - already. -- Move your packagecloud repos so that they are installed last, after any/all - repos installed via the yum cookbook. -- Set the cachedir option in the chef yum cookbook to the system default value - of `/var/cache/yum` using the `yum_globalconfig` resource. - -CentOS 6 and 7 are not affected as the default `cachedir` value provided by -the yum chef cookbook is set to the system default, unless you use the -`yum_globalconfig` resource to set a custom cachedir. If you do set a custom -`cachedir`, you should make sure to setup packagecloud repos after that -resource is set so that the GPG keys end up in the right place. - -## Changelog - -packagecloud cookbook versions 0.0.19 used an attribute called -`default['packagecloud']['hostname']` for caching the local machine's hostname -to avoid regenerating read tokens. - -This attribute has been removed as it is confusing and in some edge cases, -buggy. - -Beginning in 0.1.0, you can use -`default['packagecloud']['hostname_override']` to specify a hostname if ohai -is unable to determine the hostname of the node on its own. - - -## Credits -Computology, LLC. diff --git a/cookbooks/packagecloud/Rakefile b/cookbooks/packagecloud/Rakefile deleted file mode 100644 index 0300fef..0000000 --- a/cookbooks/packagecloud/Rakefile +++ /dev/null @@ -1,47 +0,0 @@ -#!/usr/bin/env rake - -# Style tests. Rubocop and Foodcritic -namespace :style do - begin - require 'rubocop/rake_task' - desc 'Run Ruby style checks' - RuboCop::RakeTask.new(:ruby) - rescue LoadError - puts '>>>>> Rubocop gem not loaded, omitting tasks' unless ENV['CI'] - end - - begin - require 'foodcritic' - - desc 'Run Chef style checks' - FoodCritic::Rake::LintTask.new(:chef) do |t| - t.options = { - fail_tags: ['any'], - tags: ['~FC003'] - } - end - rescue LoadError - puts '>>>>> foodcritic gem not loaded, omitting tasks' unless ENV['CI'] - end -end - -desc 'Run all style checks' -task style: ['style:chef', 'style:ruby'] - -# Integration tests. Kitchen.ci -namespace :integration do - begin - require 'kitchen/rake_tasks' - - desc 'Run kitchen integration tests' - Kitchen::RakeTasks.new - rescue LoadError - puts '>>>>> Kitchen gem not loaded, omitting tasks' unless ENV['CI'] - end -end - -desc 'Run all tests on Travis' -task travis: ['style'] - -# Default -task default: ['style', 'integration:kitchen:all'] diff --git a/cookbooks/packagecloud/THANKS b/cookbooks/packagecloud/THANKS deleted file mode 100644 index 81877d1..0000000 --- a/cookbooks/packagecloud/THANKS +++ /dev/null @@ -1,6 +0,0 @@ -The following people have contributed to packagecloud chef cookbook (If you're not listed here and you should be, please let us know!): - -THANKS ------- -Guilhem Lettron (@guilhem) -Michael S. Fischer (@mfischer-zd) diff --git a/cookbooks/packagecloud/Thorfile b/cookbooks/packagecloud/Thorfile deleted file mode 100644 index cb1aeae..0000000 --- a/cookbooks/packagecloud/Thorfile +++ /dev/null @@ -1,5 +0,0 @@ -# encoding: utf-8 - -require 'bundler' -require 'bundler/setup' -require 'berkshelf/thor' diff --git a/cookbooks/packagecloud/Vagrantfile b/cookbooks/packagecloud/Vagrantfile deleted file mode 100644 index e8bfb6c..0000000 --- a/cookbooks/packagecloud/Vagrantfile +++ /dev/null @@ -1,85 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -# Vagrantfile API/syntax version. Don't touch unless you know what you're doing! -VAGRANTFILE_API_VERSION = "2" - -Vagrant.require_version ">= 1.5.0" - -Vagrant.configure(VAGRANTFILE_API_VERSION) do |config| - # All Vagrant configuration is done here. The most common configuration - # options are documented and commented below. For a complete reference, - # please see the online documentation at vagrantup.com. - - config.vm.hostname = "packagecloud-berkshelf" - - # Set the version of chef to install using the vagrant-omnibus plugin - config.omnibus.chef_version = :latest - - # Every Vagrant virtual environment requires a box to build off of. - config.vm.box = "opscode_ubuntu-12.04_provisionerless" - - # The url from where the 'config.vm.box' box will be fetched if it - # doesn't already exist on the user's system. - config.vm.box_url = "https://opscode-vm-bento.s3.amazonaws.com/vagrant/opscode_ubuntu-12.04_provisionerless.box" - - # Assign this VM to a host-only network IP, allowing you to access it - # via the IP. Host-only networks can talk to the host machine as well as - # any other machines on the same network, but cannot be accessed (through this - # network interface) by any external networks. - config.vm.network :private_network, type: "dhcp" - - # Create a forwarded port mapping which allows access to a specific port - # within the machine from a port on the host machine. In the example below, - # accessing "localhost:8080" will access port 80 on the guest machine. - - # Share an additional folder to the guest VM. The first argument is - # the path on the host to the actual folder. The second argument is - # the path on the guest to mount the folder. And the optional third - # argument is a set of non-required options. - # config.vm.synced_folder "../data", "/vagrant_data" - - # Provider-specific configuration so you can fine-tune various - # backing providers for Vagrant. These expose provider-specific options. - # Example for VirtualBox: - # - # config.vm.provider :virtualbox do |vb| - # # Don't boot with headless mode - # vb.gui = true - # - # # Use VBoxManage to customize the VM. For example to change memory: - # vb.customize ["modifyvm", :id, "--memory", "1024"] - # end - # - # View the documentation for the provider you're using for more - # information on available options. - - # The path to the Berksfile to use with Vagrant Berkshelf - # config.berkshelf.berksfile_path = "./Berksfile" - - # Enabling the Berkshelf plugin. To enable this globally, add this configuration - # option to your ~/.vagrant.d/Vagrantfile file - config.berkshelf.enabled = true - - # An array of symbols representing groups of cookbook described in the Vagrantfile - # to exclusively install and copy to Vagrant's shelf. - # config.berkshelf.only = [] - - # An array of symbols representing groups of cookbook described in the Vagrantfile - # to skip installing and copying to Vagrant's shelf. - # config.berkshelf.except = [] - - config.vm.provision :chef_solo do |chef| - chef.json = { - mysql: { - server_root_password: 'rootpass', - server_debian_password: 'debpass', - server_repl_password: 'replpass' - } - } - - chef.run_list = [ - "recipe[packagecloud::default]" - ] - end -end diff --git a/cookbooks/packagecloud/attributes/default.rb b/cookbooks/packagecloud/attributes/default.rb deleted file mode 100644 index 21b1d16..0000000 --- a/cookbooks/packagecloud/attributes/default.rb +++ /dev/null @@ -1,8 +0,0 @@ -default['packagecloud']['base_repo_path'] = "/install/repositories/" -default['packagecloud']['gpg_key_path'] = "/gpgkey" -default['packagecloud']['hostname_override'] = nil - -default['packagecloud']['default_type'] = value_for_platform_family( - 'debian' => 'deb', - ['rhel', 'fedora'] => 'rpm' -) diff --git a/cookbooks/packagecloud/chefignore b/cookbooks/packagecloud/chefignore deleted file mode 100644 index fef04fc..0000000 --- a/cookbooks/packagecloud/chefignore +++ /dev/null @@ -1,98 +0,0 @@ -# Put files/directories that should be ignored in this file when uploading -# or sharing to the community site. -# Lines that start with '# ' are comments. - -# OS generated files # -###################### -.DS_Store -Icon? -nohup.out -ehthumbs.db -Thumbs.db - -# SASS # -######## -.sass-cache - -# EDITORS # -########### -\#* -.#* -*~ -*.sw[a-z] -*.bak -REVISION -TAGS* -tmtags -*_flymake.* -*_flymake -*.tmproj -.project -.settings -mkmf.log - -## COMPILED ## -############## -a.out -*.o -*.pyc -*.so -*.com -*.class -*.dll -*.exe -*/rdoc/ - -# Testing # -########### -.watchr -.rspec -spec/* -spec/fixtures/* -test/* -features/* -Guardfile -Procfile - -# SCM # -####### -.git -*/.git -.gitignore -.gitmodules -.gitconfig -.gitattributes -.svn -*/.bzr/* -*/.hg/* -*/.svn/* - -# Berkshelf # -############# -cookbooks/* -tmp - -# Cookbooks # -############# -CONTRIBUTING -CHANGELOG* - -# Strainer # -############ -Colanderfile -Strainerfile -.colander -.strainer - -# Vagrant # -########### -.vagrant -Vagrantfile - -# Travis # -########## -.travis.yml - -# tmux # -########## -.tmux diff --git a/cookbooks/packagecloud/libraries/helper.rb b/cookbooks/packagecloud/libraries/helper.rb deleted file mode 100644 index e548748..0000000 --- a/cookbooks/packagecloud/libraries/helper.rb +++ /dev/null @@ -1,43 +0,0 @@ -require 'net/https' - -module PackageCloud - module Helper - def get(uri, params) - uri.query = URI.encode_www_form(params) - req = Net::HTTP::Get.new(uri.request_uri) - - req.basic_auth uri.user, uri.password if uri.user - - http = Net::HTTP.new(uri.hostname, uri.port) - http.use_ssl = true - - resp = http.start { |h| h.request(req) } - - case resp - when Net::HTTPSuccess - resp - else - raise resp.inspect - end - end - - def post(uri, params) - req = Net::HTTP::Post.new(uri.request_uri) - req.form_data = params - - req.basic_auth uri.user, uri.password if uri.user - - http = Net::HTTP.new(uri.hostname, uri.port) - http.use_ssl = true - - resp = http.start { |h| h.request(req) } - - case resp - when Net::HTTPSuccess - resp - else - raise resp.inspect - end - end - end -end diff --git a/cookbooks/packagecloud/libraries/matcher.rb b/cookbooks/packagecloud/libraries/matcher.rb deleted file mode 100644 index e518177..0000000 --- a/cookbooks/packagecloud/libraries/matcher.rb +++ /dev/null @@ -1,7 +0,0 @@ -if defined?(ChefSpec) - - def create_packagecloud_repo(resource_name) - ChefSpec::Matchers::ResourceMatcher.new(:packagecloud_repo, :add, resource_name) - end - -end diff --git a/cookbooks/packagecloud/metadata.json b/cookbooks/packagecloud/metadata.json deleted file mode 100644 index e5d00e7..0000000 --- a/cookbooks/packagecloud/metadata.json +++ /dev/null @@ -1,48 +0,0 @@ -{ - "name": "packagecloud", - "description": "Installs/Configures packagecloud.io repositories.", - "long_description": "Installs/Configures packagecloud.io repositories.", - "maintainer": "Joe Damato", - "maintainer_email": "joe@packagecloud.io", - "license": "Apache 2.0", - "platforms": { - - }, - "dependencies": { - - }, - "recommendations": { - - }, - "suggestions": { - - }, - "conflicting": { - - }, - "providing": { - - }, - "replacing": { - - }, - "attributes": { - - }, - "groupings": { - - }, - "recipes": { - - }, - "version": "0.2.0", - "source_url": "https://github.com/computology/packagecloud-cookbook", - "issues_url": "https://github.com/computology/packagecloud-cookbook/issues", - "privacy": false, - "chef_versions": [ - - ], - "ohai_versions": [ - - ] -} diff --git a/cookbooks/packagecloud/metadata.rb b/cookbooks/packagecloud/metadata.rb deleted file mode 100644 index 32e6d79..0000000 --- a/cookbooks/packagecloud/metadata.rb +++ /dev/null @@ -1,9 +0,0 @@ -name 'packagecloud' -maintainer 'Joe Damato' -maintainer_email 'joe@packagecloud.io' -license 'Apache 2.0' -description 'Installs/Configures packagecloud.io repositories.' -long_description 'Installs/Configures packagecloud.io repositories.' -version '0.2.0' -source_url 'https://github.com/computology/packagecloud-cookbook' if respond_to?(:source_url) -issues_url 'https://github.com/computology/packagecloud-cookbook/issues' if respond_to?(:issues_url) diff --git a/cookbooks/packagecloud/providers/repo.rb b/cookbooks/packagecloud/providers/repo.rb deleted file mode 100644 index c6c23e7..0000000 --- a/cookbooks/packagecloud/providers/repo.rb +++ /dev/null @@ -1,224 +0,0 @@ -include ::PackageCloud::Helper - -require 'uri' - -use_inline_resources if defined?(use_inline_resources) - -action :add do - case new_resource.type - when 'deb' - install_deb - when 'rpm' - install_rpm - when 'gem' - install_gem - else - raise "#{new_resource.type} is an unknown package type." - end -end - -def gpg_url(base_url, repo, format, master_token) - base_install_url = ::File.join(base_url, node['packagecloud']['base_repo_path']) - ext = (format == :deb) ? 'list' : 'repo' - gpg_key_url_endpoint = construct_uri_with_options({base_url: base_install_url, repo: repo, endpoint: "gpg_key_url.#{ext}"}) - if !master_token.nil? - gpg_key_url_endpoint.user = master_token - gpg_key_url_endpoint.password = '' - end - - URI(get(gpg_key_url_endpoint, install_endpoint_params).body.chomp) -end - -def install_deb - base_url = new_resource.base_url - repo_url = construct_uri_with_options({base_url: base_url, repo: new_resource.repository, endpoint: node['platform']}) - - Chef::Log.debug("#{new_resource.name} deb repo url = #{repo_url}") - - package 'wget' - package 'apt-transport-https' - - repo_url = read_token(repo_url) - - template "/etc/apt/sources.list.d/#{filename}.list" do - source 'apt.erb' - cookbook 'packagecloud' - mode '0644' - variables :base_url => repo_url.to_s, - :distribution => node['lsb']['codename'], - :component => 'main' - - notifies :run, "execute[apt-key-add-#{filename}]", :immediately - notifies :run, "execute[apt-get-update-#{filename}]", :immediately - end - - gpg_url = gpg_url(new_resource.base_url, new_resource.repository, :deb, new_resource.master_token) - - execute "apt-key-add-#{filename}" do - command "wget --auth-no-challenge -qO - #{gpg_url.to_s} | apt-key add -" - action :nothing - end - - execute "apt-get-update-#{filename}" do - command "apt-get update -o Dir::Etc::sourcelist=\"sources.list.d/#{filename}.list\"" \ - " -o Dir::Etc::sourceparts=\"-\"" \ - " -o APT::Get::List-Cleanup=\"0\"" - action :nothing - end -end - -def install_rpm - given_base_url = new_resource.base_url - base_repo_url = ::File.join(given_base_url, node['packagecloud']['base_repo_path']) - base_url_endpoint = construct_uri_with_options({base_url: base_repo_url, repo: new_resource.repository, endpoint: 'rpm_base_url'}) - - if new_resource.master_token - base_url_endpoint.user = new_resource.master_token - base_url_endpoint.password = '' - end - - base_url = URI(get(base_url_endpoint, install_endpoint_params).body.chomp) - - Chef::Log.debug("#{new_resource.name} rpm base url = #{base_url}") - - package 'pygpgme' do - ignore_failure true - end - - log 'pygpgme_warning' do - message 'The pygpgme package could not be installed. This means GPG verification is not possible for any RPM installed on your system. ' \ - 'To fix this, add a repository with pygpgme. Usualy, the EPEL repository for your system will have this. ' \ - 'More information: https://fedoraproject.org/wiki/EPEL#How_can_I_use_these_extra_packages.3F and https://github.com/opscode-cookbooks/yum-epel' - - level :warn - not_if 'rpm -qa | grep -qw pygpgme' - end - - ruby_block 'disable repo_gpgcheck if no pygpgme' do - block do - template = run_context.resource_collection.find(:template => "/etc/yum.repos.d/#{filename}.repo") - template.variables[:repo_gpgcheck] = 0 - end - not_if 'rpm -qa | grep -qw pygpgme' - end - - gpg_url = gpg_url(new_resource.base_url, new_resource.repository, :rpm, new_resource.master_token) - - template "/etc/yum.repos.d/#{filename}.repo" do - source 'yum.erb' - cookbook 'packagecloud' - mode '0644' - variables :base_url => base_url.to_s, - :name => filename, - :gpg_url => gpg_url.to_s, - :repo_gpgcheck => 1, - :description => filename, - :priority => new_resource.priority, - :metadata_expire => new_resource.metadata_expire - - notifies :run, "execute[yum-makecache-#{filename}]", :immediately - notifies :create, "ruby_block[yum-cache-reload-#{filename}]", :immediately - end - - # get the metadata for this repo only - execute "yum-makecache-#{filename}" do - command "yum -q makecache -y --disablerepo=* --enablerepo=#{filename}" - action :nothing - end - - # reload internal Chef yum cache - ruby_block "yum-cache-reload-#{filename}" do - block { Chef::Provider::Package::Yum::YumCache.instance.reload } - action :nothing - end -end - -def install_gem - base_url = new_resource.base_url - - repo_url = construct_uri_with_options({base_url: base_url, repo: new_resource.repository}) - repo_url = read_token(repo_url, true).to_s - - - execute "install packagecloud #{new_resource.name} repo as gem source" do - command "gem source --add #{repo_url}" - not_if "gem source --list | grep #{repo_url}" - end -end - - -def read_token(repo_url, gems=false) - return repo_url unless new_resource.master_token - - base_url = new_resource.base_url - - base_repo_url = ::File.join(base_url, node['packagecloud']['base_repo_path']) - - uri = construct_uri_with_options({base_url: base_repo_url, repo: new_resource.repository, endpoint: 'tokens.text'}) - uri.user = new_resource.master_token - uri.password = '' - - resp = post(uri, install_endpoint_params) - - Chef::Log.debug("#{new_resource.name} TOKEN = #{resp.body.chomp}") - - if is_rhel5? && !gems - repo_url - else - repo_url.user = resp.body.chomp - repo_url.password = '' - repo_url - end -end - -def install_endpoint_params - dist = new_resource.force_dist || value_for_platform_family( - 'debian' => node['lsb']['codename'], - ['rhel', 'fedora'] => node['platform_version'], - ) - - hostname = node['packagecloud']['hostname_override'] || - node['fqdn'] || - node['hostname'] - - if !hostname - raise("Can't determine hostname! Set node['packagecloud']['hostname_override'] " \ - "if it cannot be automatically determined by Ohai.") - end - - { :os => os_platform, - :dist => dist, - :name => hostname } -end - -def os_platform - new_resource.force_os || node['platform'] -end - -def filename - new_resource.name.gsub(/[^0-9A-z.\-]/, '_') -end - -def is_rhel5? - platform_family?('rhel') && node['platform_version'].to_i == 5 -end - -def construct_uri_with_options(options) - required_options = [:base_url, :repo] - - required_options.each do |opt| - if !options[opt] - raise ArgumentError, - "A required option :#{opt} was not specified" - end - end - - options[:base_url] = append_trailing_slash(options[:base_url]) - options[:repo] = append_trailing_slash(options[:repo]) - - URI.join(options.delete(:base_url), options.inject([]) {|mem, opt| mem << opt[1]}.join) -end - -def append_trailing_slash(str) - str.end_with?("/") ? str : str + "/" -end diff --git a/cookbooks/packagecloud/resources/repo.rb b/cookbooks/packagecloud/resources/repo.rb deleted file mode 100644 index 783223f..0000000 --- a/cookbooks/packagecloud/resources/repo.rb +++ /dev/null @@ -1,11 +0,0 @@ -actions :add -default_action :add - -attribute :repository, :kind_of => String, :name_attribute => true -attribute :master_token, :kind_of => String -attribute :force_os, :kind_of => String -attribute :force_dist, :kind_of => String -attribute :type, :kind_of => String, :equal_to => ['deb', 'rpm', 'gem'], :default => node['packagecloud']['default_type'] -attribute :base_url, :kind_of => String, :default => "https://packagecloud.io" -attribute :priority, :kind_of => [Fixnum, TrueClass, FalseClass], :default => false -attribute :metadata_expire, :kind_of => String, :regex => [/^\d+[d|h|m]?$/], :default => nil diff --git a/cookbooks/packagecloud/templates/default/apt.erb b/cookbooks/packagecloud/templates/default/apt.erb deleted file mode 100644 index a38981c..0000000 --- a/cookbooks/packagecloud/templates/default/apt.erb +++ /dev/null @@ -1,2 +0,0 @@ -deb <%= @base_url %> <%= @distribution %> <%= @component %> -deb-src <%= @base_url %> <%= @distribution %> <%= @component %> diff --git a/cookbooks/packagecloud/templates/default/yum.erb b/cookbooks/packagecloud/templates/default/yum.erb deleted file mode 100644 index 81c3f68..0000000 --- a/cookbooks/packagecloud/templates/default/yum.erb +++ /dev/null @@ -1,15 +0,0 @@ -[<%= @name %>] -name=<%= @description %> -baseurl=<%= @base_url %> -repo_gpgcheck=<%= @repo_gpgcheck %> -<% if @priority -%> -priority=<%=@priority %> -<% end -%> -gpgcheck=0 -enabled=1 -gpgkey=<%= @gpg_url %> -sslverify=1 -sslcacert=/etc/pki/tls/certs/ca-bundle.crt -<% if @metadata_expire %> -metadata_expire=<%= @metadata_expire %> -<% end %> diff --git a/cookbooks/rsyslog/CHANGELOG.md b/cookbooks/rsyslog/CHANGELOG.md deleted file mode 100644 index c718777..0000000 --- a/cookbooks/rsyslog/CHANGELOG.md +++ /dev/null @@ -1,193 +0,0 @@ -rsyslog Cookbook CHANGELOG -========================== -This file is used to list changes made in each version of the rsyslog cookbook. - -v.2.2.0 (2015-10-05) ----------- -- Add why-run support to the file_input LWRP -- Added support for rsyslog under systemd on Ubuntu 15.04+ -- Added new attribute node['rsyslog']['custom_remote']. See readme for additional information -- Added source_url and issues_url metadata for Supermarket -- Fixed 49-relp.conf to honor logs_to_forward so it didn't just forward everything -- Updated contributing and testing docs -- Set the minimum supported Chef release to 11.0 -- Added maintainers.toml and maintainers.md files -- Added Amazon Linux, Oracle, and Scientific Linux to the metadata -- Removed all pre-Ruby 1.9 hash rockets -- Updated development dependencies in the -- Fix a bad example attribute in the readme -- Updated Travis CI config to test on all modern Ruby releases - -v.2.1.0 (2015-07-22) ----------- -- Fixed minor markdown errors in the readme -- Allow the server to listen on both TCP and UDP. For both set node['rsyslog']['protocol'] to 'udptcp' -- Move the include for /etc/rsyslog.d/ to the very end of the rsyslog.conf config -- Added the ability to bind to a specific IP when running the server on UDP with node['rsyslog']['bind'] -- Sync the comments in the rsyslog.conf file with the latest upstream rsyslog release -- Change emerg to log to :omusrmsg:* vs. * on modern rsyslog releases to avoid deprecation warnings - -v.2.0.0 (2015-05-18) --------------------- -Note: This version includes several breaking changes for Ubuntu users. Be sure to take care when deploying these changes to production systems. - -- 49-relp.conf now properly uses the list of servers discovered in the client recipe -- Fixed a typo that prevented file-input.conf from properly templating -- Added allow_non_local attribute to allow non-local messages. This defaults to false, which preserves the previous functionality -- The rsyslog directory permissions are now properly set using the user/group attributes instead of root/root -- Properly drop permissions on Ubuntu systems to syslog/syslog. Introduces 2 new attributes to control the user/group: priv_user and priv_group -- Remove logging to /dev/xconsole in 50-default.conf on Ubuntu systems. This is generally not something you'd want to do and produces error messages at startup. - -v.1.15.0 (2015-02-23) ---------------------- -- Change minimum supported Fedora release to 20 to align with the Fedora product lifecycle -- Add supports CentOS to metadata -- Update Rubocop and Test Kitchen dependencies to the latest versions -- Update Chefspec to 4.0 -- Fix CentOS 5 support in the Kitchen config -- Fix rsyslog service notification in the file_input LWRP - -v.1.14.0 (2015-01-30) ---------------------- -- Don't attempt to use journald on Amazon Linux since Amazon Linux doesn't use systemd -- Fixed setting bad permissions on the working directory by using the rsyslog user/group variables. -- Fixed bad variable in the 49-relp.conf template that prevented Chef converges from completing. -- Removed the 'reload' action from the rsyslog service as newer rsyslog releases don't support reload. -- Updated Chefspecs to remove deprecation warnings and added additional tests. -- Removed node name from the comment block in the config files. -- Added a new file_input LWRP for defining configs. -- Added support for chef solo search cookbook. - -v1.13.0 (2014-11-25) --------------------- -- Rsyslog's working directory is now an attribute and is set to the appropriate directory on RHEL based distros -- The working directory is now 0700 vs 0755 for additional security -- Add the ActionQueueMaxDiskSpace directive with a default of 1GB to prevent out of disk events during large buffering -- Updated RHEL / Fedora facilities to match those shipped by the distros -- Updated modules to match those used by journald (systemd) on Fedora 19+ and CentOS 7 -- Added an attribute additional_directives to pass a hash of configs. This is currently only being used to pass directives necessary for journald support on RHEL 7 / Fedora 19+ -- Added basic SUSE support -- Fixed logic that prevented Ubuntu from properly dropping privileges in Ubuntu >= 11.04 -- Removed references to rsyslog v3 in the config template -- Added a chefignore file -- Updated Gemfile with newer releases of Test Kitchen, Rubocop, and Berkshelf -- Added Fedora 20, Debian 6/7, CentOS 7, and Ubuntu 12.04/14.04 to the Test Kitchen config -- Removed an attribute that was in the Readme twice -- Updated Travis to Ruby 2.1.1 to better match Chef 12 -- Updated the Berksfile to point to Supermarket -- Refactored the specs to be more dry - -v1.12.2 (2014-02-28) --------------------- -Fixing bug fix in rsyslog.conf - - -v1.12.0 (2014-02-27) --------------------- -- [COOK-4021] Allow specifying default templates for local and remote -- [COOK-4126] rsyslog cookbook fails restarts due to not using upstart - - -v1.11.0 (2014-02-19) --------------------- -### Bug -- **[COOK-4256](https://tickets.opscode.com/browse/COOK-4256)** - Fix syntax errors in default.conf on rhel - -### New Feature -- **[COOK-4022](https://tickets.opscode.com/browse/COOK-4022)** - Add use_local_ipv4 option to allow selecting internal interface on cloud systems -- **[COOK-4018](https://tickets.opscode.com/browse/COOK-4018)** - rsyslog TLS encryption support - - -v1.10.2 -------- -No change. Version bump for toolchain. - - -v1.10.0 -------- -### New Feature -- **[COOK-4021](https://tickets.opscode.com/browse/COOK-4021)** - Allow specifying default templates for local and remote - -### Improvement -- **[COOK-3876](https://tickets.opscode.com/browse/COOK-3876)** - Cater for setting rate limits - - -v1.9.0 ------- -### New Feature -- **[COOK-3736](https://tickets.opscode.com/browse/COOK-3736)** - Support OmniOS - -### Improvement -- **[COOK-3609](https://tickets.opscode.com/browse/COOK-3609)** - Add actionqueue to remote rsyslog configurations - -### Bug -- **[COOK-3608](https://tickets.opscode.com/browse/COOK-3608)** - Add 50-default template knobs -- **[COOK-3600](https://tickets.opscode.com/browse/COOK-3600)** - SmartOS support - - -v1.8.0 ------- -### Improvement -- **[COOK-3573](https://tickets.opscode.com/browse/COOK-3573)** - Add Test Kitchen, Specs, and Travis CI - -### New Feature -- **[COOK-3435](https://tickets.opscode.com/browse/COOK-3435)** - Add support for relp - -v1.7.0 ------- -### Improvement -- **[COOK-3253](https://tickets.opscode.com/browse/COOK-3253)** - Enable repeated message reduction -- **[COOK-3190](https://tickets.opscode.com/browse/COOK-3190)** - Allow specifying which logs to send to remote server -- **[COOK-2355](https://tickets.opscode.com/browse/COOK-2355)** - Support forwarding events to more than one server - -v1.6.0 ------- -### New Feature -- [COOK-2831]: enable high precision timestamps - -### Bug -- [COOK-2377]: calling node.save has adverse affects on nodes relying on a searched node's ohai attributes -- [COOK-2521]: rsyslog cookbook incorrectly sets directory ownership to rsyslog user -- [COOK-2540]: Syslogd needs to be disabled before starting rsyslogd on RHEL 5 - -### Improvement -- [COOK-2356]: rsyslog service supports status. Service should use it. -- [COOK-2357]: rsyslog cookbook copies in wrong defaults file on Ubuntu !9.10/10.04 - -v1.5.0 ------- -- [COOK-2141] - Add `$PreserveFQDN` configuration directive - -v1.4.0 ------- -- [COOK-1877] - RHEL 6 support and refactoring - -v1.3.0 ------- -- [COOK-1189] - template change does not restart rsyslog on Ubuntu - -This actually went into 1.2.0 with action `:reload`, but that change has been reverted and the action is back to `:restart`. - -v1.2.0 ------- -- [COOK-1678] - syslog user does not exist on debian 6.0 and ubuntu versions lower than 11.04 -- [COOK-1650] - enable max message size configuration via attribute - -v1.1.0 ------- -Changes from COOK-1167: - -- More versatile server discovery - use the IP as an attribute, or use search (see README) -- Removed cron dependency. -- Removed log archival; logrotate is recommended. -- Add an attribute to select the per-host directory in the log dir -- Works with Chef Solo now. -- Set debian/ubuntu default user and group. Drop privileges to `syslog.adm`. - - -v1.0.0 ------- -- [COOK-836] - use an attribute to specify the role to search for instead of relying on the rsyslog['server'] attribute. -- Clean up attribute usage to use strings instead of symbols. -- Update this README. -- Better handling for chef-solo. diff --git a/cookbooks/rsyslog/README.md b/cookbooks/rsyslog/README.md deleted file mode 100644 index 7dedf03..0000000 --- a/cookbooks/rsyslog/README.md +++ /dev/null @@ -1,276 +0,0 @@ -rsyslog Cookbook -================ -[![Build Status](https://travis-ci.org/chef-cookbooks/rsyslog.svg?branch=master)](http://travis-ci.org/chef-cookbooks/rsyslog) -[![Cookbook Version](https://img.shields.io/cookbook/v/rsyslog.svg)](https://supermarket.chef.io/cookbooks/rsyslog) - -Installs and configures rsyslog to replace sysklogd for client and/or server use. By default, the service will be configured to log to files on local disk. See the Recipes and Examples sections for other uses. - - -Requirements ------------- -#### Platforms -- Debian/Ubuntu -- RHEL/CentOS/Scientific/Amazon/Oracle -- Fedora 20+ -- OmniOS r151006c - -#### Chef -- Chef 11+ - -#### Cookbooks -- none - -#### Other -To use the `recipe[rsyslog::client]` recipe, you'll need to set up the `rsyslog.server_search` or `rsyslog.server_ip` attributes. See the __Recipes__ and __Examples__ sections below. - - -Attributes ----------- -See `attributes/default.rb` for default values. - -* `node['rsyslog']['log_dir']` - If the node is an rsyslog server, this specifies the directory where the logs should be stored. -* `node['rsyslog']['working_dir']` - The temporary working directory where messages are buffered -* `node['rsyslog']['server']` - Determined automatically and set to true on the server. -* `node['rsyslog']['server_ip']` - If not defined then search will be used to determine rsyslog server. Default is `nil`. This can be a string or an array. -* `node['rsyslog']['server_search']` - Specify the criteria for the server search operation. Default is `role:loghost`. -* `node['rsyslog']['protocol']` - Specify whether to use `udp` or `tcp` for remote loghost. Default is `tcp`. To use both specify both in a string e.g. 'udptcp'. -* `node['rsyslog']['bind']` - Specify the address to which the server should be listening; only use with `node['rsyslog']['protocol'] = 'udp'` because the feature does not work with the `tcp` protocol ([more info](http://www.rsyslog.com/doc/master/configuration/modules/imtcp.html#caveats-known-bugs)). -* `node['rsyslog']['port']` - Specify the port which rsyslog should connect to a remote loghost. -* `node['rsyslog']['remote_logs']` - Specify whether to send all logs to a remote server (client option). Default is `true`. -* `node['rsyslog']['per_host_dir']` - "PerHost" directories for template statements in `35-server-per-host.conf`. Default value is the previous cookbook version's value, to preserve compatibility. See __server__ recipe below. -* `node['rsyslog']['priv_seperation']` - Whether to use privilege separation or not. -* `node['rsyslog']['priv_user']` - User to run as when using privilege separation. Defult is `node['rsyslog']['user']` -* `node['rsyslog']['priv_group']` - Group to run as when using privilege separation. Defult is `node['rsyslog']['group']` -* `node['rsyslog']['max_message_size']` - Specify the maximum allowed message size. Default is 2k. -* `node['rsyslog']['user']` - Who should own the configuration files and directories -* `node['rsyslog']['group']` - Who should group-own the configuration files and directories -* `node['rsyslog']['defaults_file']` - The full path to the defaults/sysconfig file for the service. -* `node['rsyslog']['service_name']` - The platform-specific name of the service -* `node['rsyslog']['preserve_fqdn']` - Value of the `$PreserveFQDN` configuration directive in `/etc/rsyslog.conf`. Default is 'off' for compatibility purposes. -* `node['rsyslog']['high_precision_timestamps']` - Enable high precision timestamps, instead of the "old style" format. Default is 'false'. -* `node['rsyslog']['repeated_msg_reduction']` - Value of `$RepeatedMsgReduction` configuration directive in `/etc/rsyslog.conf`. Default is 'on' -* `node['rsyslog']['logs_to_forward']` - Specifies what logs should be sent to the remote rsyslog server. Default is all ( \*.\* ). -* `node['rsyslog']['default_log_dir']` - log directory used in `50-default.conf` template, defaults to `/var/log` -* `node['rsyslog']['default_facility_logs']` - Hash containing log facilities and destinations used in `50-default.conf` template. -* `node['rsyslog']['default_file_template']` - The name of a pre-defined log format template (ie - RSYSLOG_FileFormat), used for local log files. -* `node['rsyslog']['default_remote_template']` - The name of a pre-defined log format template (ie - RSYSLOG_FileFormat), used for sending to remote servers. -* `node['rsyslog']['rate_limit_interval']` - Value of the $SystemLogRateLimitInterval configuration directive in `/etc/rsyslog.conf`. Default is nil, leaving it to the platform default. -* `node['rsyslog']['rate_limit_burst']` - Value of the $SystemLogRateLimitBurst configuration directive in `/etc/rsyslog.conf`. Default is nil, leaving it to the platform default. -* `node['rsyslog']['action_queue_max_disk_space']` - Max amount of disk space the disk-assisted queue is allowed to use ([more info](http://www.rsyslog.com/doc/queues.html)). -* `node['rsyslog']['enable_tls']` - Whether or not to enable TLS encryption. When enabled, forces protocol to `tcp`. Default is `false`. -* `node['rsyslog']['tls_ca_file']` - Path to TLS CA file. Required for both server and clients. -* `node['rsyslog']['tls_certificate_file']` - Path to TLS certificate file. Required for server, optional for clients. -* `node['rsyslog']['tls_key_file']` - Path to TLS key file. Required for server, optional for clients. -* `node['rsyslog']['tls_auth_mode']` - Value for `$InputTCPServerStreamDriverAuthMode`/`$ActionSendStreamDriverAuthMode`, determines whether client certs are validated. Defaults to `anon` (no validation). -* `node['rsyslog']['use_local_ipv4']` - Whether or not to make use the remote local IPv4 address on cloud systems when searching for servers (where available). Default is 'false'. -* `node['rsyslog']['allow_non_local']` - Whether or not to allow non-local messages. If 'false', incoming messages are only allowed from 127.0.0.1. Default is 'false'. -* `node['rsyslog']['custom_remote']` - Array of hashes for configuring custom remote server targets -* `node['rsyslog']['additional_directives']` - Hash of additional directives and their values to place in the main rsyslog config file - -Recipes -------- -### default -Installs the rsyslog package, manages the rsyslog service and sets up basic configuration for a standalone machine. - -### client -Includes `recipe[rsyslog]`. - -Uses `node['rsyslog']['server_ip']` or Chef search (in that precedence order) to determine the remote syslog server's IP address. If search is used, the search query will look for the first `ipaddress` returned from the criteria specified in `node['rsyslog']['server_search']`. - -You can use `node['rsyslog']['custom_config']` to define custom entries for sending logs to remote servers. -Available attributes: -``` - 'server': Ip/hostname of remote syslog server (Required) - 'port': Port to send logs to - 'logs': Syslog log facilities to send (auth, authpriv, daemon, etc) - 'protocol': Can be tcp or udp - 'remote_template': Rsyslog template used for the messages -``` - -Example: - -```ruby -node['rsyslog']['custom_remote'] = [{ 'server' => '10.10.4.4', 'port' => '567', 'logs' => 'auth.*,mail.*', 'protocol' => 'udp', 'remote_template' => 'RSYSLOG_SyslogProtocol23Format'}, - { 'server' => '10.0.0.3', 'port' => '555', 'logs' => 'authpriv,daemon.*' } ] -``` - -The server key is required; if other keys are left out, the default global values will be used (eg `node['rsyslog']['port']` will be used if 'port' is omitted) - - -If the node itself is a rsyslog server ie it has `rsyslog.server` set to true then the configuration is skipped. - -If the node had an `/etc/rsyslog.d/35-server-per-host.conf` file previously configured, this file gets removed to prevent duplicate logging. - -Any previous logs are not cleaned up from the `log_dir`. - -### server -Configures the node to be a rsyslog server. The chosen rsyslog server node should be defined in the `server_ip` attribute or resolvable by the specified search criteria specified in `node['rsyslog']['server_search]` (so that nodes making use of the `client` recipe can find the server to log to). - -This recipe will create the logs in `node['rsyslog']['log_dir']`, and the configuration is in `/etc/rsyslog.d/server.conf`. This recipe also removes any previous configuration to a remote server by removing the `/etc/rsyslog.d/remote.conf` file. - -The cron job used in the previous version of this cookbook is removed, but it does not remove any existing cron job from your system (so it doesn't break anything unexpectedly). We recommend setting up logrotate for the logfiles instead. - -The `log_dir` will be concatenated with `per_host_dir` to store the logs for each client. Modify the attribute to have a value that is allowed by rsyslogs template matching values, see the rsyslog documentation for this. - -Directory structure: - -```erb -<%= @log_dir %>/<%= @per_host_dir %>/"logfile" -``` - -For example for the system with hostname `www`: - -```text -/srv/rsyslog/2011/11/19/www/messages -``` - -For example, to change this to just the hostname, set the attribute `node['rsyslog']['per_host_dir']` via a role: - -```ruby -"rsyslog" => { "per_host_dir" => "%HOSTNAME%" } -``` - -At this time, the server can only listen on UDP *or* TCP. - -Resources -========= - -file_input ----------- - -Configures a [text file input -monitor](http://www.rsyslog.com/doc/imfile.html) to push a log file into -rsyslog. - -Attributes: -* `name`: name of the resource, also used for the syslog tag. Required. -* `file`: file path for input file to monitor. Required. -* `priority`: config order priority. Defaults to `99`. -* `severity`: syslog severity. Must be one of `emergency`, `alert`, -`critical`, `error`, `warning`, `notice`, `info` or `debug`. If -undefined, rsyslog interprets this as `notice`. -* `facility`: syslog facility. Must be one of `auth`, `authpriv`, -`daemon`, `cron`, `ftp`, `lpr`, `kern`, `mail`, `news`, `syslog`, -`user`, `uucp`, `local0`, ... , `local7`. If undefined, rsyslog -interprets this as `local0`. -* `cookbook`: cookbook containing the template. Defaults to `rsyslog`. -* `source`: template file source. Defaults to `file-input.conf.erb` - - -Usage -===== -Use `recipe[rsyslog]` to install and start rsyslog as a basic configured service for standalone systems. - -Use `recipe[rsyslog::client]` to have nodes log to a remote server (which is found via the `server_ip` attribute or by the recipe's search call -- see __client__) - -Use `recipe[rsyslog::server]` to set up a rsyslog server. It will listen on `node['rsyslog']['port']` protocol `node['rsyslog']['protocol']`. - -If you set up a different kind of centralized loghost (syslog-ng, graylog2, logstash, etc), you can still send log messages to it as long as the port and protocol match up with the server software. See __Examples__ - -Use `rsyslog_file_input` within your recipes to forward log files to -your remote syslog server. - - -### Examples -A `base` role (e.g., roles/base.rb), applied to all nodes so they are syslog clients: - -```ruby -name "base" -description "Base role applied to all nodes -run_list("recipe[rsyslog::client]") -``` - -Then, a role for the loghost (should only be one): - -```ruby -name "loghost" -description "Central syslog server" -run_list("recipe[rsyslog::server]") -``` - -By default this will set up the clients search for a node with the `loghost` role to talk to the server on TCP port 514. Change the `protocol` and `port` rsyslog attributes to modify this. - -If you want to specify another syslog compatible server with a role other than loghost, simply fill free to use the `server_ip` attribute or the `server_search` attribute. - -Example role that sets the per host directory: - -```ruby -name "loghost" -description "Central syslog server" -run_list("recipe[rsyslog::server]") -default_attributes( - "rsyslog" => { "per_host_dir" => "%HOSTNAME%" } -) -``` - -Default rsyslog options are rendered for RHEL family platforms, in `/etc/rsyslog.d/50-default.conf` -with other platforms using a configuration like Debian family defaults. You can override these -log facilities and destinations using the `rsyslog['default_facility_logs']` hash. - -```ruby -name "facility_log_example" -run_list("recipe[rsyslog::default]") -default_attributes( - "rsyslog" => { - "default_facility_logs" => { - '*.info;mail.none;authpriv.none;cron.none' => "/var/log/messages", - 'authpriv' => '/var/log/secure', - 'mail.*' => '-/var/log/maillog', - '*.emerg' => '*' - } - } -) -``` - -Development ------------ -This section details "quick development" steps. For a detailed explanation, see [[Contributing.md]]. - -1. Clone this repository from GitHub: - - $ git clone git@github.com:chef-cookbooks/rsyslog.git - -2. Create a git branch - - $ git checkout -b my_bug_fix - -3. Install dependencies: - - $ bundle install - -4. Make your changes/patches/fixes, committing appropriately -5. **Write tests** -6. Run the tests: - - bundle exec foodcritic -f any . - - bundle exec rspec - - bundle exec rubocop - - bundle exec kitchen test - - In detail: - - Foodcritic will catch any Chef-specific style errors - - RSpec will run the unit tests - - Rubocop will check for Ruby-specific style errors - - Test Kitchen will run and converge the recipes - - -License & Authors ------------------ -- Author:: Joshua Timberman () -- Author:: Denis Barishev () -- Author:: Tim Smith () - -```text -Copyright:: 2009-2015, Chef Software, Inc - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -``` diff --git a/cookbooks/rsyslog/attributes/default.rb b/cookbooks/rsyslog/attributes/default.rb deleted file mode 100644 index 1bfe703..0000000 --- a/cookbooks/rsyslog/attributes/default.rb +++ /dev/null @@ -1,131 +0,0 @@ -# -# Cookbook Name:: rsyslog -# Attributes:: default -# -# Copyright 2009-2015, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -default['rsyslog']['default_log_dir'] = '/var/log' -default['rsyslog']['log_dir'] = '/srv/rsyslog' -default['rsyslog']['working_dir'] = '/var/spool/rsyslog' -default['rsyslog']['server'] = false -default['rsyslog']['use_relp'] = false -default['rsyslog']['relp_port'] = 20_514 -default['rsyslog']['protocol'] = 'tcp' -default['rsyslog']['bind'] = '*' -default['rsyslog']['port'] = 514 -default['rsyslog']['server_ip'] = nil -default['rsyslog']['server_search'] = 'role:loghost' -default['rsyslog']['remote_logs'] = true -default['rsyslog']['per_host_dir'] = '%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%' -default['rsyslog']['max_message_size'] = '2k' -default['rsyslog']['preserve_fqdn'] = 'off' -default['rsyslog']['high_precision_timestamps'] = false -default['rsyslog']['repeated_msg_reduction'] = 'on' -default['rsyslog']['logs_to_forward'] = '*.*' -default['rsyslog']['enable_imklog'] = true -default['rsyslog']['config_prefix'] = '/etc' -default['rsyslog']['default_file_template'] = nil -default['rsyslog']['default_remote_template'] = nil -default['rsyslog']['rate_limit_interval'] = nil -default['rsyslog']['rate_limit_burst'] = nil -default['rsyslog']['enable_tls'] = false -default['rsyslog']['action_queue_max_disk_space'] = '1G' -default['rsyslog']['tls_ca_file'] = nil -default['rsyslog']['tls_certificate_file'] = nil -default['rsyslog']['tls_key_file'] = nil -default['rsyslog']['tls_auth_mode'] = 'anon' -default['rsyslog']['use_local_ipv4'] = false -default['rsyslog']['allow_non_local'] = false -default['rsyslog']['custom_remote'] = [{}] -default['rsyslog']['additional_directives'] = {} - -# The most likely platform-specific attributes -default['rsyslog']['service_name'] = 'rsyslog' -default['rsyslog']['user'] = 'root' -default['rsyslog']['group'] = 'adm' -default['rsyslog']['priv_seperation'] = false -default['rsyslog']['priv_user'] = nil -default['rsyslog']['priv_group'] = nil -default['rsyslog']['modules'] = %w(imuxsock imklog) - -# platform family specific attributes -case node['platform_family'] -when 'rhel', 'fedora' - default['rsyslog']['working_dir'] = '/var/lib/rsyslog' - # format { facility => destination } - default['rsyslog']['default_facility_logs'] = { - '*.info;mail.none;authpriv.none;cron.none' => "#{node['rsyslog']['default_log_dir']}/messages", - 'authpriv.*' => "#{node['rsyslog']['default_log_dir']}/secure", - 'mail.*' => "-#{node['rsyslog']['default_log_dir']}/maillog", - 'cron.*' => "#{node['rsyslog']['default_log_dir']}/cron", - '*.emerg' => ':omusrmsg:*', - 'uucp,news.crit' => "#{node['rsyslog']['default_log_dir']}/spooler", - 'local7.*' => "#{node['rsyslog']['default_log_dir']}/boot.log" - } - # RHEL >= 7 and Fedora >= 19 use journald in systemd. Amazon Linux doesn't. - if node['platform'] != 'amazon' && (node['platform_version'].to_i == 7 || node['platform_version'].to_i >= 19) - default['rsyslog']['modules'] = %w(imuxsock imjournal) - default['rsyslog']['additional_directives'] = { 'OmitLocalLogging' => 'on', 'IMJournalStateFile' => 'imjournal.state' } - end -else - # format { facility => destination } - default['rsyslog']['default_facility_logs'] = { - 'auth,authpriv.*' => "#{node['rsyslog']['default_log_dir']}/auth.log", - '*.*;auth,authpriv.none' => "-#{node['rsyslog']['default_log_dir']}/syslog", - 'daemon.*' => "-#{node['rsyslog']['default_log_dir']}/daemon.log", - 'kern.*' => "-#{node['rsyslog']['default_log_dir']}/kern.log", - 'mail.*' => "-#{node['rsyslog']['default_log_dir']}/mail.log", - 'user.*' => "-#{node['rsyslog']['default_log_dir']}/user.log", - 'mail.info' => "-#{node['rsyslog']['default_log_dir']}/mail.info", - 'mail.warn' => "-#{node['rsyslog']['default_log_dir']}/mail.warn", - 'mail.err' => "#{node['rsyslog']['default_log_dir']}/mail.err", - 'news.crit' => "#{node['rsyslog']['default_log_dir']}/news/news.crit", - 'news.err' => "#{node['rsyslog']['default_log_dir']}/news/news.err", - 'news.notice' => "-#{node['rsyslog']['default_log_dir']}/news/news.notice", - '*.=debug;auth,authpriv.none;news.none;mail.none' => "-#{node['rsyslog']['default_log_dir']}/debug", - '*.=info;*.=notice;*.=warn;auth,authpriv.none;cron,daemon.none;mail,news.none' => "-#{node['rsyslog']['default_log_dir']}/messages", - '*.emerg' => ':omusrmsg:*' - } -end - -# rsyslog 3/4 do not support the new :omusrmsg:* format and need * instead -if (node['platform'] == 'ubuntu' && node['platform_version'].to_i < 12) || (node['platform_family'] == 'rhel' && node['platform_version'].to_i < 6) - default['rsyslog']['default_facility_logs']['*.emerg'] = '*' -end - -# platform specific attributes -case node['platform'] -when 'ubuntu' - # syslog user introduced with natty package - if node['platform_version'].to_f >= 11.04 - default['rsyslog']['user'] = 'syslog' - default['rsyslog']['group'] = 'adm' - default['rsyslog']['priv_seperation'] = true - default['rsyslog']['priv_group'] = 'syslog' - end -when 'arch' - default['rsyslog']['service_name'] = 'rsyslogd' -when 'smartos' - default['rsyslog']['config_prefix'] = '/opt/local/etc' - default['rsyslog']['modules'] = %w(immark imsolaris imtcp imudp) - default['rsyslog']['group'] = 'root' -when 'omnios' - default['rsyslog']['service_name'] = 'system/rsyslogd' - default['rsyslog']['modules'] = %w(immark imsolaris imtcp imudp) - default['rsyslog']['group'] = 'root' -when 'suse' - default['rsyslog']['service_name'] = 'syslog' -end diff --git a/cookbooks/rsyslog/libraries/helpers.rb b/cookbooks/rsyslog/libraries/helpers.rb deleted file mode 100644 index 176a6d8..0000000 --- a/cookbooks/rsyslog/libraries/helpers.rb +++ /dev/null @@ -1,25 +0,0 @@ -module RsyslogCookbook - # helpers for the various service providers on Ubuntu systems - module Helpers - def find_provider - if Chef::VersionConstraint.new('>= 15.04').include?(node['platform_version']) - service_provider = Chef::Provider::Service::Systemd - elsif Chef::VersionConstraint.new('>= 12.04').include?(node['platform_version']) - service_provider = Chef::Provider::Service::Upstart - else - service_provider = nil - end - service_provider - end - - def declare_rsyslog_service - service_provider = 'ubuntu' == node['platform'] ? find_provider : nil - - service node['rsyslog']['service_name'] do - supports restart: true, status: true - action [:enable, :start] - provider service_provider - end - end - end -end diff --git a/cookbooks/rsyslog/metadata.json b/cookbooks/rsyslog/metadata.json deleted file mode 100644 index 058e4b1..0000000 --- a/cookbooks/rsyslog/metadata.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"rsyslog","version":"2.2.0","description":"Installs and configures rsyslog","long_description":"rsyslog Cookbook\n================\n[![Build Status](https://travis-ci.org/chef-cookbooks/rsyslog.svg?branch=master)](http://travis-ci.org/chef-cookbooks/rsyslog)\n[![Cookbook Version](https://img.shields.io/cookbook/v/rsyslog.svg)](https://supermarket.chef.io/cookbooks/rsyslog)\n\nInstalls and configures rsyslog to replace sysklogd for client and/or server use. By default, the service will be configured to log to files on local disk. See the Recipes and Examples sections for other uses.\n\n\nRequirements\n------------\n#### Platforms\n- Debian/Ubuntu\n- RHEL/CentOS/Scientific/Amazon/Oracle\n- Fedora 20+\n- OmniOS r151006c\n\n#### Chef\n- Chef 11+\n\n#### Cookbooks\n- none\n\n#### Other\nTo use the `recipe[rsyslog::client]` recipe, you'll need to set up the `rsyslog.server_search` or `rsyslog.server_ip` attributes. See the __Recipes__ and __Examples__ sections below.\n\n\nAttributes\n----------\nSee `attributes/default.rb` for default values.\n\n* `node['rsyslog']['log_dir']` - If the node is an rsyslog server, this specifies the directory where the logs should be stored.\n* `node['rsyslog']['working_dir']` - The temporary working directory where messages are buffered\n* `node['rsyslog']['server']` - Determined automatically and set to true on the server.\n* `node['rsyslog']['server_ip']` - If not defined then search will be used to determine rsyslog server. Default is `nil`. This can be a string or an array.\n* `node['rsyslog']['server_search']` - Specify the criteria for the server search operation. Default is `role:loghost`.\n* `node['rsyslog']['protocol']` - Specify whether to use `udp` or `tcp` for remote loghost. Default is `tcp`. To use both specify both in a string e.g. 'udptcp'.\n* `node['rsyslog']['bind']` - Specify the address to which the server should be listening; only use with `node['rsyslog']['protocol'] = 'udp'` because the feature does not work with the `tcp` protocol ([more info](http://www.rsyslog.com/doc/master/configuration/modules/imtcp.html#caveats-known-bugs)).\n* `node['rsyslog']['port']` - Specify the port which rsyslog should connect to a remote loghost.\n* `node['rsyslog']['remote_logs']` - Specify whether to send all logs to a remote server (client option). Default is `true`.\n* `node['rsyslog']['per_host_dir']` - \"PerHost\" directories for template statements in `35-server-per-host.conf`. Default value is the previous cookbook version's value, to preserve compatibility. See __server__ recipe below.\n* `node['rsyslog']['priv_seperation']` - Whether to use privilege separation or not.\n* `node['rsyslog']['priv_user']` - User to run as when using privilege separation. Defult is `node['rsyslog']['user']`\n* `node['rsyslog']['priv_group']` - Group to run as when using privilege separation. Defult is `node['rsyslog']['group']`\n* `node['rsyslog']['max_message_size']` - Specify the maximum allowed message size. Default is 2k.\n* `node['rsyslog']['user']` - Who should own the configuration files and directories\n* `node['rsyslog']['group']` - Who should group-own the configuration files and directories\n* `node['rsyslog']['defaults_file']` - The full path to the defaults/sysconfig file for the service.\n* `node['rsyslog']['service_name']` - The platform-specific name of the service\n* `node['rsyslog']['preserve_fqdn']` - Value of the `$PreserveFQDN` configuration directive in `/etc/rsyslog.conf`. Default is 'off' for compatibility purposes.\n* `node['rsyslog']['high_precision_timestamps']` - Enable high precision timestamps, instead of the \"old style\" format. Default is 'false'.\n* `node['rsyslog']['repeated_msg_reduction']` - Value of `$RepeatedMsgReduction` configuration directive in `/etc/rsyslog.conf`. Default is 'on'\n* `node['rsyslog']['logs_to_forward']` - Specifies what logs should be sent to the remote rsyslog server. Default is all ( \\*.\\* ).\n* `node['rsyslog']['default_log_dir']` - log directory used in `50-default.conf` template, defaults to `/var/log`\n* `node['rsyslog']['default_facility_logs']` - Hash containing log facilities and destinations used in `50-default.conf` template.\n* `node['rsyslog']['default_file_template']` - The name of a pre-defined log format template (ie - RSYSLOG_FileFormat), used for local log files.\n* `node['rsyslog']['default_remote_template']` - The name of a pre-defined log format template (ie - RSYSLOG_FileFormat), used for sending to remote servers.\n* `node['rsyslog']['rate_limit_interval']` - Value of the $SystemLogRateLimitInterval configuration directive in `/etc/rsyslog.conf`. Default is nil, leaving it to the platform default.\n* `node['rsyslog']['rate_limit_burst']` - Value of the $SystemLogRateLimitBurst configuration directive in `/etc/rsyslog.conf`. Default is nil, leaving it to the platform default.\n* `node['rsyslog']['action_queue_max_disk_space']` - Max amount of disk space the disk-assisted queue is allowed to use ([more info](http://www.rsyslog.com/doc/queues.html)).\n* `node['rsyslog']['enable_tls']` - Whether or not to enable TLS encryption. When enabled, forces protocol to `tcp`. Default is `false`.\n* `node['rsyslog']['tls_ca_file']` - Path to TLS CA file. Required for both server and clients.\n* `node['rsyslog']['tls_certificate_file']` - Path to TLS certificate file. Required for server, optional for clients.\n* `node['rsyslog']['tls_key_file']` - Path to TLS key file. Required for server, optional for clients.\n* `node['rsyslog']['tls_auth_mode']` - Value for `$InputTCPServerStreamDriverAuthMode`/`$ActionSendStreamDriverAuthMode`, determines whether client certs are validated. Defaults to `anon` (no validation).\n* `node['rsyslog']['use_local_ipv4']` - Whether or not to make use the remote local IPv4 address on cloud systems when searching for servers (where available). Default is 'false'.\n* `node['rsyslog']['allow_non_local']` - Whether or not to allow non-local messages. If 'false', incoming messages are only allowed from 127.0.0.1. Default is 'false'.\n* `node['rsyslog']['custom_remote']` - Array of hashes for configuring custom remote server targets\n* `node['rsyslog']['additional_directives']` - Hash of additional directives and their values to place in the main rsyslog config file\n\nRecipes\n-------\n### default\nInstalls the rsyslog package, manages the rsyslog service and sets up basic configuration for a standalone machine.\n\n### client\nIncludes `recipe[rsyslog]`.\n\nUses `node['rsyslog']['server_ip']` or Chef search (in that precedence order) to determine the remote syslog server's IP address. If search is used, the search query will look for the first `ipaddress` returned from the criteria specified in `node['rsyslog']['server_search']`.\n\nYou can use `node['rsyslog']['custom_config']` to define custom entries for sending logs to remote servers.\nAvailable attributes:\n```\n 'server': Ip/hostname of remote syslog server (Required)\n 'port': Port to send logs to\n 'logs': Syslog log facilities to send (auth, authpriv, daemon, etc)\n 'protocol': Can be tcp or udp\n 'remote_template': Rsyslog template used for the messages\n```\n\nExample:\n\n```ruby\nnode['rsyslog']['custom_remote'] = [{ 'server' => '10.10.4.4', 'port' => '567', 'logs' => 'auth.*,mail.*', 'protocol' => 'udp', 'remote_template' => 'RSYSLOG_SyslogProtocol23Format'},\n { 'server' => '10.0.0.3', 'port' => '555', 'logs' => 'authpriv,daemon.*' } ]\n```\n\nThe server key is required; if other keys are left out, the default global values will be used (eg `node['rsyslog']['port']` will be used if 'port' is omitted)\n\n\nIf the node itself is a rsyslog server ie it has `rsyslog.server` set to true then the configuration is skipped.\n\nIf the node had an `/etc/rsyslog.d/35-server-per-host.conf` file previously configured, this file gets removed to prevent duplicate logging.\n\nAny previous logs are not cleaned up from the `log_dir`.\n\n### server\nConfigures the node to be a rsyslog server. The chosen rsyslog server node should be defined in the `server_ip` attribute or resolvable by the specified search criteria specified in `node['rsyslog']['server_search]` (so that nodes making use of the `client` recipe can find the server to log to).\n\nThis recipe will create the logs in `node['rsyslog']['log_dir']`, and the configuration is in `/etc/rsyslog.d/server.conf`. This recipe also removes any previous configuration to a remote server by removing the `/etc/rsyslog.d/remote.conf` file.\n\nThe cron job used in the previous version of this cookbook is removed, but it does not remove any existing cron job from your system (so it doesn't break anything unexpectedly). We recommend setting up logrotate for the logfiles instead.\n\nThe `log_dir` will be concatenated with `per_host_dir` to store the logs for each client. Modify the attribute to have a value that is allowed by rsyslogs template matching values, see the rsyslog documentation for this.\n\nDirectory structure:\n\n```erb\n<%= @log_dir %>/<%= @per_host_dir %>/\"logfile\"\n```\n\nFor example for the system with hostname `www`:\n\n```text\n/srv/rsyslog/2011/11/19/www/messages\n```\n\nFor example, to change this to just the hostname, set the attribute `node['rsyslog']['per_host_dir']` via a role:\n\n```ruby\n\"rsyslog\" => { \"per_host_dir\" => \"%HOSTNAME%\" }\n```\n\nAt this time, the server can only listen on UDP *or* TCP.\n\nResources\n=========\n\nfile_input\n----------\n\nConfigures a [text file input\nmonitor](http://www.rsyslog.com/doc/imfile.html) to push a log file into\nrsyslog.\n\nAttributes:\n* `name`: name of the resource, also used for the syslog tag. Required.\n* `file`: file path for input file to monitor. Required.\n* `priority`: config order priority. Defaults to `99`.\n* `severity`: syslog severity. Must be one of `emergency`, `alert`,\n`critical`, `error`, `warning`, `notice`, `info` or `debug`. If\nundefined, rsyslog interprets this as `notice`.\n* `facility`: syslog facility. Must be one of `auth`, `authpriv`,\n`daemon`, `cron`, `ftp`, `lpr`, `kern`, `mail`, `news`, `syslog`,\n`user`, `uucp`, `local0`, ... , `local7`. If undefined, rsyslog\ninterprets this as `local0`.\n* `cookbook`: cookbook containing the template. Defaults to `rsyslog`.\n* `source`: template file source. Defaults to `file-input.conf.erb`\n\n\nUsage\n=====\nUse `recipe[rsyslog]` to install and start rsyslog as a basic configured service for standalone systems.\n\nUse `recipe[rsyslog::client]` to have nodes log to a remote server (which is found via the `server_ip` attribute or by the recipe's search call -- see __client__)\n\nUse `recipe[rsyslog::server]` to set up a rsyslog server. It will listen on `node['rsyslog']['port']` protocol `node['rsyslog']['protocol']`.\n\nIf you set up a different kind of centralized loghost (syslog-ng, graylog2, logstash, etc), you can still send log messages to it as long as the port and protocol match up with the server software. See __Examples__\n\nUse `rsyslog_file_input` within your recipes to forward log files to\nyour remote syslog server.\n\n\n### Examples\nA `base` role (e.g., roles/base.rb), applied to all nodes so they are syslog clients:\n\n```ruby\nname \"base\"\ndescription \"Base role applied to all nodes\nrun_list(\"recipe[rsyslog::client]\")\n```\n\nThen, a role for the loghost (should only be one):\n\n```ruby\nname \"loghost\"\ndescription \"Central syslog server\"\nrun_list(\"recipe[rsyslog::server]\")\n```\n\nBy default this will set up the clients search for a node with the `loghost` role to talk to the server on TCP port 514. Change the `protocol` and `port` rsyslog attributes to modify this.\n\nIf you want to specify another syslog compatible server with a role other than loghost, simply fill free to use the `server_ip` attribute or the `server_search` attribute.\n\nExample role that sets the per host directory:\n\n```ruby\nname \"loghost\"\ndescription \"Central syslog server\"\nrun_list(\"recipe[rsyslog::server]\")\ndefault_attributes(\n \"rsyslog\" => { \"per_host_dir\" => \"%HOSTNAME%\" }\n)\n```\n\nDefault rsyslog options are rendered for RHEL family platforms, in `/etc/rsyslog.d/50-default.conf`\nwith other platforms using a configuration like Debian family defaults. You can override these\nlog facilities and destinations using the `rsyslog['default_facility_logs']` hash.\n\n```ruby\nname \"facility_log_example\"\nrun_list(\"recipe[rsyslog::default]\")\ndefault_attributes(\n \"rsyslog\" => {\n \"default_facility_logs\" => {\n '*.info;mail.none;authpriv.none;cron.none' => \"/var/log/messages\",\n 'authpriv' => '/var/log/secure',\n 'mail.*' => '-/var/log/maillog',\n '*.emerg' => '*'\n }\n }\n)\n```\n\nDevelopment\n-----------\nThis section details \"quick development\" steps. For a detailed explanation, see [[Contributing.md]].\n\n1. Clone this repository from GitHub:\n\n $ git clone git@github.com:chef-cookbooks/rsyslog.git\n\n2. Create a git branch\n\n $ git checkout -b my_bug_fix\n\n3. Install dependencies:\n\n $ bundle install\n\n4. Make your changes/patches/fixes, committing appropriately\n5. **Write tests**\n6. Run the tests:\n - bundle exec foodcritic -f any .\n - bundle exec rspec\n - bundle exec rubocop\n - bundle exec kitchen test\n\n In detail:\n - Foodcritic will catch any Chef-specific style errors\n - RSpec will run the unit tests\n - Rubocop will check for Ruby-specific style errors\n - Test Kitchen will run and converge the recipes\n\n\nLicense & Authors\n-----------------\n- Author:: Joshua Timberman ()\n- Author:: Denis Barishev ()\n- Author:: Tim Smith ()\n\n```text\nCopyright:: 2009-2015, Chef Software, Inc\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache 2.0","platforms":{"ubuntu":">= 10.04","debian":">= 5.0","redhat":">= 5.0","centos":">= 5.0","fedora":">= 20.0","scientific":">= 0.0.0","amazon":">= 0.0.0","oracle":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{"rsyslog":{"display_name":"Rsyslog","description":"Hash of Rsyslog attributes","type":"hash"},"rsyslog/log_dir":{"display_name":"Rsyslog Log Directory","description":"Filesystem location of logs from clients","default":"/srv/rsyslog"},"rsyslog/server":{"display_name":"Rsyslog Server?","description":"Is this node an rsyslog server?","default":"false"},"rsyslog/server_ip":{"display_name":"Rsyslog Server IP Address","description":"Set rsyslog server ip address explicitly"},"rsyslog/server_search":{"display_name":"Rsyslog Server Search Criteria","description":"Set the search criteria for rsyslog server resolving","default":"role:loghost"},"rsyslog/protocol":{"display_name":"Rsyslog Protocol","description":"Set which network protocol to use for rsyslog","default":"tcp"},"rsyslog/port":{"display_name":"Rsyslog Port","description":"Port that Rsyslog listens for incoming connections","default":"514"},"rsyslog/remote_logs":{"display_name":"Remote Logs","description":"Specifies whether redirect all log from client to server","default":"true"},"rsyslog/user":{"display_name":"User","description":"The owner of Rsyslog config files and directories","default":"root"},"rsyslog/group":{"display_name":"Group","description":"The group-owner of Rsyslog config files and directories","default":"adm"},"rsyslog/service_name":{"display_name":"Service name","description":"The name of the service for the platform","default":"rsyslog"},"rsyslog/max_message_size":{"display_name":"Maximum Rsyslog message size","description":"Specifies the maximum size of allowable Rsyslog messages","default":"2k"},"rsyslog/preserve_fqdn":{"display_name":"Preserve FQDN","description":"Specifies if the short or full host name will be used. The default off setting is more compatible.","default":"off"},"rsyslog/repeated_msg_reduction":{"display_name":"Filter duplicated messages","description":"Specifies whether or not repeated messages should be reduced.","default":"on"},"rsyslog/priv_seperation":{"display_name":"Privilege separation","description":"Whether or not to make use of Rsyslog privilege separation","default":"false"},"rsyslog/default_file_template":{"display_name":"Default file log format template","description":"The name of a pre-defined log format template (ie - `RSYSLOG_FileFormat`), used for local log files."},"rsyslog/default_remote_template":{"display_name":"Default remote log format template","description":"The name of a pre-defined log format template (ie - `RSYSLOG_SyslogProtocol23Format`), used for remote log forwarding."},"rsyslog/enable_tls":{"display_name":"Enable TLS","description":"Whether or not to enable TLS encryption. When enabled, forces protocol to \"tcp\"","default":"false"},"rsyslog/tls_ca_file":{"display_name":"TLS CA file","description":"Path to TLS CA file. Required for both server and clients."},"rsyslog/tls_certificate_file":{"display_name":"TLS certificate file","description":"Path to TLS certificate file. Required for server, optional for clients."},"rsyslog/tls_key_file":{"display_name":"TLS key file","description":"Path to TLS key file. Required for server, optional for clients."},"rsyslog/tls_auth_mode":{"display_name":"TLS auth mode","description":"Value for \"$InputTCPServerStreamDriverAuthMode\"/\"$ActionSendStreamDriverAuthMode\", determines whether client certs are validated.","default":"anon"},"rsyslog/use_local_ipv4":{"display_name":"Try to use local IPv4 address","description":"Whether or not to make use the remote local IPv4 address on cloud systems when searching for servers (where available).","default":"false"},"rsyslog/allow_non_local":{"display_name":"Allow non-local messages","description":"Allow processing of messages coming any IP, not just 127.0.0.1","default":"false"}},"groupings":{},"recipes":{"rsyslog":"Installs rsyslog","rsyslog::client":"Sets up a client to log to a remote rsyslog server","rsyslog::server":"Sets up an rsyslog server"},"source_url":"https://github.com/chef-cookbooks/rsyslog","issues_url":"https://github.com/chef-cookbooks/rsyslog/issues"} \ No newline at end of file diff --git a/cookbooks/rsyslog/providers/file_input.rb b/cookbooks/rsyslog/providers/file_input.rb deleted file mode 100644 index a5b6543..0000000 --- a/cookbooks/rsyslog/providers/file_input.rb +++ /dev/null @@ -1,44 +0,0 @@ -# Cookbook Name:: rsyslog -# Provider:: file_input -# -# Copyright 2012-2015, Joseph Holsten -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# support whyrun -def whyrun_supported? - true -end - -use_inline_resources - -include RsyslogCookbook::Helpers - -action :create do - declare_rsyslog_service - - template "/etc/rsyslog.d/#{new_resource.priority}-#{new_resource.name}.conf" do - mode '0664' - owner node['rsyslog']['user'] - group node['rsyslog']['group'] - source new_resource.source - cookbook new_resource.cookbook - variables 'file_name' => new_resource.file, - 'tag' => new_resource.name, - 'state_file' => new_resource.name, - 'severity' => new_resource.severity, - 'facility' => new_resource.facility - notifies :restart, resources('service[rsyslog]') - end -end diff --git a/cookbooks/rsyslog/recipes/client.rb b/cookbooks/rsyslog/recipes/client.rb deleted file mode 100644 index 4cc55e6..0000000 --- a/cookbooks/rsyslog/recipes/client.rb +++ /dev/null @@ -1,87 +0,0 @@ -# -# Cookbook Name:: rsyslog -# Recipe:: client -# -# Copyright 2009-2015, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Do not run this recipe if the server attribute is set -return if node['rsyslog']['server'] - -include_recipe 'rsyslog::default' - -def chef_solo_search_installed? - klass = ::Search.const_get('Helper') - return klass.is_a?(Class) -rescue NameError - return false -end - -# On Chef Solo, we use the node['rsyslog']['server_ip'] attribute, and on -# normal Chef, we leverage the search query. -if Chef::Config[:solo] && !chef_solo_search_installed? - if node['rsyslog']['server_ip'] - server_ips = Array(node['rsyslog']['server_ip']) - else - Chef::Application.fatal!("Chef Solo does not support search. You must set node['rsyslog']['server_ip'] or use the chef-solo-search cookbook!") - end -else - results = search(:node, node['rsyslog']['server_search']).map do |server| - ipaddress = server['ipaddress'] - # If both server and client are on the same cloud and local network, they may be - # instructed to communicate via the internal interface by enabling `use_local_ipv4` - if node['rsyslog']['use_local_ipv4'] && server.attribute?('cloud') && server['cloud']['local_ipv4'] - ipaddress = server['cloud']['local_ipv4'] - end - ipaddress - end - server_ips = Array(node['rsyslog']['server_ip']) + Array(results) -end - -rsyslog_servers = [] - -server_ips.each do |ip| - rsyslog_servers << { 'server' => ip, 'port' => node['rsyslog']['port'], 'logs' => node['rsyslog']['logs_to_forward'], 'protocol' => node['rsyslog']['protocol'], 'remote_template' => node['rsyslog']['default_remote_template'] } -end - -unless node['rsyslog']['custom_remote'].first.empty? - node['rsyslog']['custom_remote'].each do |server| - if server['server'].nil? - Chef::Application.fatal!('Found a custom_remote server with no IP. Check your custom_remote attribute definition!') - end - end - rsyslog_servers += node['rsyslog']['custom_remote'] -end - -if rsyslog_servers.empty? - Chef::Application.fatal!('The rsyslog::client recipe was unable to determine the remote syslog server. Checked both the server_ip attribute and search!') -end - -remote_type = node['rsyslog']['use_relp'] ? 'relp' : 'remote' - -template "#{node['rsyslog']['config_prefix']}/rsyslog.d/49-remote.conf" do - source "49-#{remote_type}.conf.erb" - owner 'root' - group 'root' - mode '0644' - variables(servers: rsyslog_servers) - notifies :restart, "service[#{node['rsyslog']['service_name']}]" - only_if { node['rsyslog']['remote_logs'] } -end - -file "#{node['rsyslog']['config_prefix']}/rsyslog.d/server.conf" do - action :delete - notifies :restart, "service[#{node['rsyslog']['service_name']}]" -end diff --git a/cookbooks/rsyslog/recipes/default.rb b/cookbooks/rsyslog/recipes/default.rb deleted file mode 100644 index c35b194..0000000 --- a/cookbooks/rsyslog/recipes/default.rb +++ /dev/null @@ -1,89 +0,0 @@ -# -# Cookbook Name:: rsyslog -# Recipe:: default -# -# Copyright 2009-2015, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -extend RsyslogCookbook::Helpers - -package 'rsyslog' -package 'rsyslog-relp' if node['rsyslog']['use_relp'] - -if node['rsyslog']['enable_tls'] && node['rsyslog']['tls_ca_file'] - Chef::Application.fatal!("Recipe rsyslog::default can not use 'enable_tls' with protocol '#{node['rsyslog']['protocol']}' (requires 'tcp')") unless node['rsyslog']['protocol'] == 'tcp' - package 'rsyslog-gnutls' -end - -directory "#{node['rsyslog']['config_prefix']}/rsyslog.d" do - owner 'root' - group 'root' - mode '0755' -end - -directory node['rsyslog']['working_dir'] do - owner node['rsyslog']['user'] - group node['rsyslog']['group'] - mode '0700' -end - -# Our main stub which then does its own rsyslog-specific -# include of things in /etc/rsyslog.d/* -template "#{node['rsyslog']['config_prefix']}/rsyslog.conf" do - source 'rsyslog.conf.erb' - owner 'root' - group 'root' - mode '0644' - notifies :restart, "service[#{node['rsyslog']['service_name']}]" -end - -template "#{node['rsyslog']['config_prefix']}/rsyslog.d/50-default.conf" do - source '50-default.conf.erb' - owner 'root' - group 'root' - mode '0644' - notifies :restart, "service[#{node['rsyslog']['service_name']}]" -end - -# syslog needs to be stopped before rsyslog can be started on RHEL versions before 6.0 -if platform_family?('rhel') && node['platform_version'].to_i < 6 - service 'syslog' do - action [:stop, :disable] - end -elsif platform_family?('smartos', 'omnios') - # syslog needs to be stopped before rsyslog can be started on SmartOS, OmniOS - service 'system-log' do - action :disable - end -end - -if platform_family?('omnios') - # manage the SMF manifest on OmniOS - template '/var/svc/manifest/system/rsyslogd.xml' do - source 'omnios-manifest.xml.erb' - owner 'root' - group 'root' - mode '0644' - notifies :run, 'execute[import rsyslog manifest]', :immediately - end - - execute 'import rsyslog manifest' do - action :nothing - command 'svccfg import /var/svc/manifest/system/rsyslogd.xml' - notifies :restart, "service[#{node['rsyslog']['service_name']}]" - end -end - -declare_rsyslog_service diff --git a/cookbooks/rsyslog/recipes/server.rb b/cookbooks/rsyslog/recipes/server.rb deleted file mode 100644 index ec1391a..0000000 --- a/cookbooks/rsyslog/recipes/server.rb +++ /dev/null @@ -1,44 +0,0 @@ -# -# Cookbook Name:: rsyslog -# Recipe:: server -# -# Copyright 2009-2015, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Manually set this attribute -node.set['rsyslog']['server'] = true - -include_recipe 'rsyslog::default' - -directory node['rsyslog']['log_dir'] do - owner node['rsyslog']['user'] - group node['rsyslog']['group'] - mode '0755' - recursive true -end - -template "#{node['rsyslog']['config_prefix']}/rsyslog.d/35-server-per-host.conf" do - source '35-server-per-host.conf.erb' - owner 'root' - group 'root' - mode '0644' - notifies :restart, "service[#{node['rsyslog']['service_name']}]" -end - -file "#{node['rsyslog']['config_prefix']}/rsyslog.d/remote.conf" do - action :delete - notifies :restart, "service[#{node['rsyslog']['service_name']}]" - only_if { ::File.exist?("#{node['rsyslog']['config_prefix']}/rsyslog.d/remote.conf") } -end diff --git a/cookbooks/rsyslog/resources/file_input.rb b/cookbooks/rsyslog/resources/file_input.rb deleted file mode 100644 index 05a4d8b..0000000 --- a/cookbooks/rsyslog/resources/file_input.rb +++ /dev/null @@ -1,28 +0,0 @@ -# Cookbook Name:: rsyslog -# Resource:: file_input -# -# Copyright 2012-2015, Joseph Holsten -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -actions :create -default_action :create - -attribute :name, kind_of: String, name_attribute: true, required: true -attribute :file, kind_of: String, required: true -attribute :priority, kind_of: Integer, default: 99 -attribute :severity, kind_of: String -attribute :facility, kind_of: String -attribute :cookbook, kind_of: String, default: 'rsyslog' -attribute :source, kind_of: String, default: 'file-input.conf.erb' diff --git a/cookbooks/rsyslog/templates/default/35-server-per-host.conf.erb b/cookbooks/rsyslog/templates/default/35-server-per-host.conf.erb deleted file mode 100644 index bdb3eca..0000000 --- a/cookbooks/rsyslog/templates/default/35-server-per-host.conf.erb +++ /dev/null @@ -1,62 +0,0 @@ -# Generated by Chef -# Local modifications will be overwritten - -<% if node['rsyslog']['use_relp'] -%> -$ModLoad imrelp -$InputRELPServerRun <%= node['rsyslog']['relp_port'] %> -<% end -%> -$DirGroup <%= node['rsyslog']['group'] %> -$DirCreateMode 0755 -$FileGroup <%= node['rsyslog']['group'] %> - -$template PerHostAuth,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/auth.log" -$template PerHostCron,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/cron.log" -$template PerHostSyslog,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/syslog" -$template PerHostDaemon,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/daemon.log" -$template PerHostKern,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/kern.log" -$template PerHostLpr,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/lpr.log" -$template PerHostUser,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/user.log" -$template PerHostMail,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/mail.log" -$template PerHostMailInfo,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/mail.info" -$template PerHostMailWarn,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/mail.warn" -$template PerHostMailErr,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/mail.err" -$template PerHostNewsCrit,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/news.crit" -$template PerHostNewsErr,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/news.err" -$template PerHostNewsNotice,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/news.notice" -$template PerHostDebug,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/debug" -$template PerHostMessages,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/messages" - -auth,authpriv.* ?PerHostAuth -*.*;auth,authpriv.none -?PerHostSyslog -cron.* ?PerHostCron -daemon.* -?PerHostDaemon -kern.* -?PerHostKern -lpr.* -?PerHostLpr -mail.* -?PerHostMail -user.* -?PerHostUser - -mail.info -?PerHostMailInfo -mail.warn ?PerHostMailWarn -mail.err ?PerHostMailErr - -news.crit ?PerHostNewsCrit -news.err ?PerHostNewsErr -news.notice -?PerHostNewsNotice - -*.=debug;\ - auth,authpriv.none;\ - news.none;mail.none -?PerHostDebug - -*.=info;*.=notice;*.=warn;\ - auth,authpriv.none;\ - cron,daemon.none;\ - mail,news.none -?PerHostMessages - - -<% unless node['rsyslog']['allow_non_local'] -%> -# -# Stop processing of all non-local messages. You can process remote messages -# on levels less than 35. -# -:fromhost-ip,!isequal,"127.0.0.1" ~ -<% end -%> diff --git a/cookbooks/rsyslog/templates/default/49-relp.conf.erb b/cookbooks/rsyslog/templates/default/49-relp.conf.erb deleted file mode 100644 index 22167bf..0000000 --- a/cookbooks/rsyslog/templates/default/49-relp.conf.erb +++ /dev/null @@ -1,10 +0,0 @@ -# Generated by Chef -$ModLoad omrelp -$ActionQueueType LinkedList # use asynchronous processing -$ActionQueueFileName srvrfwd # set file name, also enables disk mode -$ActionResumeRetryCount -1 # infinite retries on insert failure -$ActionQueueSaveOnShutdown on # save in-memory data if rsyslog shuts down - -<% @servers.each do |server| -%> -<%= node['rsyslog']['logs_to_forward'] %> :omrelp:<%= "#{server}:#{node['rsyslog']['relp_port']}" %><%= node['rsyslog']['default_remote_template'] ? ';' + node['rsyslog']['default_remote_template'] : nil %> -<% end -%> diff --git a/cookbooks/rsyslog/templates/default/49-remote.conf.erb b/cookbooks/rsyslog/templates/default/49-remote.conf.erb deleted file mode 100644 index dc3bcb5..0000000 --- a/cookbooks/rsyslog/templates/default/49-remote.conf.erb +++ /dev/null @@ -1,30 +0,0 @@ -# Generated by Chef -$ActionQueueType LinkedList # use asynchronous processing -$ActionQueueFileName srvrfwd # set file name, also enables disk mode -$ActionResumeRetryCount -1 # infinite retries on insert failure -$ActionQueueSaveOnShutdown on # save in-memory data if rsyslog shuts down -$ActionQueueMaxDiskSpace <%= node['rsyslog']['action_queue_max_disk_space'] %> # Don't use more than this much space for the queue -<% if node['rsyslog']['enable_tls'] && node['rsyslog']['tls_ca_file'] -%> -$DefaultNetstreamDriverCAFile <%= node['rsyslog']['tls_ca_file'] %> -<% if node['rsyslog']['tls_certificate_file'] -%> -$DefaultNetstreamDriverCertFile <%= node['rsyslog']['tls_certificate_file'] %> -<% end -%> -<% if node['rsyslog']['tls_key_file'] -%> -$DefaultNetstreamDriverKeyFile <%= node['rsyslog']['tls_key_file'] %> -<% end -%> - -$DefaultNetstreamDriver gtls -$ActionSendStreamDriverMode 1 -$ActionSendStreamDriverAuthMode <%= node['rsyslog']['tls_auth_mode'] %> -<% end -%> - -<% @servers.each do |server| -%> -<% case server['protocol'] -%> -<% when "tcp" -%> -<%= server['logs'] ? server['logs'] : node['rsyslog']['logs_to_forward'] %> @@<%= server['server'] %>:<%= server['port'] ? server['port'] : node['rsyslog']['port'] %><%= server['remote_template'] ? ';' + server['remote_template'] : nil %> -<% when "udp" -%> -<%= server['logs'] ? server['logs'] : node['rsyslog']['logs_to_forward'] %> @<%= server['server'] %>:<%= server['port'] ? server['port'] : node['rsyslog']['port'] %><%= server['remote_template'] ? ';' + server['remote_template'] : nil %> -<% else -%> -<%= server['logs'] ? server['logs'] : node['rsyslog']['logs_to_forward'] %><%= node['rsyslog']['protocol'] == "tcp" ? " @@" : " @" %><%= server['server'] %>:<%= server['port'] ? server['port'] : node['rsyslog']['port'] %><%= server['remote_template'] ? ';' + server['remote_template'] : nil %> -<% end -%> -<% end -%> diff --git a/cookbooks/rsyslog/templates/default/50-default.conf.erb b/cookbooks/rsyslog/templates/default/50-default.conf.erb deleted file mode 100644 index 38ef1b9..0000000 --- a/cookbooks/rsyslog/templates/default/50-default.conf.erb +++ /dev/null @@ -1,6 +0,0 @@ -# Generated by Chef -# For more information see rsyslog.conf(5) and /etc/rsyslog.conf - -<% node['rsyslog']['default_facility_logs'].each do |key, value| %> -<%= key %> <%= value %> -<% end %> diff --git a/cookbooks/rsyslog/templates/default/file-input.conf.erb b/cookbooks/rsyslog/templates/default/file-input.conf.erb deleted file mode 100644 index c500b8b..0000000 --- a/cookbooks/rsyslog/templates/default/file-input.conf.erb +++ /dev/null @@ -1,15 +0,0 @@ -# <%= @tag %>.conf - Syslog file inputs for <%= @tag %> -# -# Generated by Chef for <%= node['fqdn'] %> -# Local modifications will be overwritten. -$ModLoad imfile -$InputFileName <%= @file_name %> -$InputFileTag <%= @tag %>: -$InputFileStateFile <%= @state_file %> -<% if @severity %> -$InputFileSeverity <%= @severity %> -<% end %> -<% if @facility %> -$InputFileFacility <%= @facility %> -<% end %> -$InputRunFileMonitor diff --git a/cookbooks/rsyslog/templates/default/omnios-manifest.xml.erb b/cookbooks/rsyslog/templates/default/omnios-manifest.xml.erb deleted file mode 100644 index 4bff7e1..0000000 --- a/cookbooks/rsyslog/templates/default/omnios-manifest.xml.erb +++ /dev/null @@ -1,30 +0,0 @@ - - - - ' type='service' version='0'> - - - - - - - - - - - - - - - - - - - - - - diff --git a/cookbooks/rsyslog/templates/default/rsyslog.conf.erb b/cookbooks/rsyslog/templates/default/rsyslog.conf.erb deleted file mode 100644 index ca64812..0000000 --- a/cookbooks/rsyslog/templates/default/rsyslog.conf.erb +++ /dev/null @@ -1,117 +0,0 @@ -# Config generated by Chef - manual edits will be overwritten -# -# /etc/rsyslog.conf Configuration file for rsyslog. -# -# For more information see -# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html -# -# Default logging rules can be found in /etc/rsyslog.d/50-default.conf -# -# Set max message size -# -$MaxMessageSize <%= node['rsyslog']['max_message_size'] %> - -# -# Preserve FQDN -# -$PreserveFQDN <%= node['rsyslog']['preserve_fqdn'] %> - -################# -#### MODULES #### -################# - -<% if node['rsyslog']['modules'] && !node['rsyslog']['modules'].empty? %> - <% [*node['rsyslog']['modules']].each do |mod| %> -$ModLoad <%= mod %> - <% end %> -<% end %> - -<% if node['rsyslog']['server'] -%> - <% if node['rsyslog']['enable_tls'] && node['rsyslog']['tls_ca_file'] && - node['rsyslog']['tls_key_file'] && node['rsyslog']['tls_certificate_file'] -%> -$DefaultNetstreamDriver gtls -$DefaultNetstreamDriverCAFile <%= node['rsyslog']['tls_ca_file'] %> -$DefaultNetstreamDriverCertFile <%= node['rsyslog']['tls_certificate_file'] %> -$DefaultNetstreamDriverKeyFile <%= node['rsyslog']['tls_key_file'] %> - -$ModLoad imtcp - -$InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode -$InputTCPServerStreamDriverAuthMode <%= node['rsyslog']['tls_auth_mode'] || 'anon' %> -$InputTCPServerRun <%= node['rsyslog']['port'] %> -# Provide <%= node['rsyslog']['protocol'].upcase %> log reception - <% else -%> -<% if node['rsyslog']['protocol'] =~ /tcp/ %> - $ModLoad imtcp - $InputTCPServerRun <%= node['rsyslog']['port'] %> -<% end -%> -<% if node['rsyslog']['protocol'] =~ /udp/ %> - $ModLoad imudp - $UDPServerAddress <%= node['rsyslog']['bind'] %> - $UDPServerRun <%= node['rsyslog']['port'] %> -<% end -%> - <% end -%> -<% end -%> - -########################### -#### GLOBAL DIRECTIVES #### -########################### - -<% if node["rsyslog"]["default_file_template"] -%> -# -# Default log format template -# -$ActionFileDefaultTemplate <%= node["rsyslog"]["default_file_template"] %> -<% elsif !node["rsyslog"]["high_precision_timestamps"] -%> -# -# Use traditional timestamp format. -# To enable high precision timestamps, comment out the following line. -# -$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat -<% end -%> - -# Filter duplicated messages -$RepeatedMsgReduction <%= node['rsyslog']['repeated_msg_reduction'] %> - -# -# Set temporary directory to buffer syslog queue -# -$WorkDirectory <%= node['rsyslog']['working_dir'] %> - -# -# Set the default permissions for all log files. -# -$FileOwner <%= node['rsyslog']['user'] %> -$FileGroup <%= node['rsyslog']['group'] %> -$FileCreateMode 0640 -$DirCreateMode 0755 -$Umask 0022 -<% if node['rsyslog']['priv_seperation'] %> -$PrivDropToUser <%= node['rsyslog']['priv_user'] || node['rsyslog']['user'] %> -$PrivDropToGroup <%= node['rsyslog']['priv_group'] || node['rsyslog']['group'] %> -<% end %> -<% unless node['rsyslog']['rate_limit_interval'].nil? %> -# -# Set the amount of time that is being measured for rate limiting -# -$SystemLogRateLimitInterval <%= node['rsyslog']['rate_limit_interval'] %> -<% end %> -<% unless node['rsyslog']['rate_limit_burst'].nil? %> -# -# Set the amount of messages, that have to occur in the time limit of -# SystemLogRateLimitInterval, to trigger rate limiting -# -$SystemLogRateLimitBurst <%= node['rsyslog']['rate_limit_burst'] %> -<% end %> - -# -# Set other directives -# -<% node['rsyslog']['additional_directives'].each_pair do |k,v| %> -$<%= k %> <%= v %> -<% end %> - -# -# Include all config files in <%= node['rsyslog']['config_prefix'] %>/rsyslog.d/ -# -$IncludeConfig <%= node['rsyslog']['config_prefix'] %>/rsyslog.d/*.conf diff --git a/cookbooks/rsyslog/templates/smartos/50-default.conf.erb b/cookbooks/rsyslog/templates/smartos/50-default.conf.erb deleted file mode 100644 index 083c1ba..0000000 --- a/cookbooks/rsyslog/templates/smartos/50-default.conf.erb +++ /dev/null @@ -1,18 +0,0 @@ -# Dropped of by Chef. Modifications will be lost. -# -# Default rules for rsyslog. -# -# For more information see rsyslog.conf(5) and <%= node['rsyslog']['config_prefix'] %>/rsyslog.conf - -*.err;kern.notice;auth.notice /dev/sysmsg -*.err;kern.debug;daemon.notice;mail.crit /var/adm/messages - -*.alert;kern.err;daemon.err operator -*.alert root - -*.emerg * - -mail.debug /var/log/syslog - -auth.info /var/log/auth.log -mail.info /var/log/postfix.log diff --git a/cookbooks/runit/CHANGELOG.md b/cookbooks/runit/CHANGELOG.md deleted file mode 100644 index 782f47d..0000000 --- a/cookbooks/runit/CHANGELOG.md +++ /dev/null @@ -1,232 +0,0 @@ -runit Cookbook CHANGELOG -======================== -This file is used to list changes made in each version of the runit cookbook. - -UNRELEASED ----------- - -v1.7.6 ----------- -* Ensure `supervise/ok` named pipe is properly removed when disabling a service, so that it can be enabled again (#166, #167, #172) -* Restore `restart_on_update` functionality originally added in [#20](https://github.com/hw-cookbooks/runit/pull/20) and lost in the 1.7.0 refactor. -* Update test cookbooks to fix broken tests revealed by restoring `restart_on_update` functionality. Now using socat instead of netcat. - -v1.7.4 (2015-10-13) ----------- -* Ensure the service directory exists so that we will succeed when enabling services (#153) -* Fix regression where env directory contents were being deleted when the `env` attribute is empty. (#144, #158) -* Add `log_dir` attribute, used only when `default_logger` is true. (#135) -* Ensure svlogd configuration is linked into correct path (#83, #135) -* Update README and CHANGELOG for v1.7.0 to warn against known regressions (#144, #157) -* Avoid mutating resource options for Chef 12 compatability (#147, #150, #156) -* Fix regression regarding waiting for the service socket before running (#138, #142) -* Reimplement idempotence checks for `runit_service` resources (#137, #141) -* Enhance ChefSpec unit test coverage with specs that step into the LWRP (#139) -* Deduplicate ServerSpec integration test coverage using example groups (#140) - -v1.7.2 (2015-06-19) ----------- -* Re-add missing runit_service actions start, stop, reload and status - -v1.7.0 (2015-06-18) ----------- - -**NOTE**: With the benefit of hindsight we can say that the changes contained in -this release merit a major version number change. Please be sure to test this -new version for compatibility with your systems before upgrading to version 1.7. - -* Modernize runit_service provider by rewriting pure Ruby as LWRP (#107) -* Modernize integration tests by rewriting Minitest suites as ServerSpec (#107) -* Fix regression in support for alternate sv binary on debian platforms (#92, #123) -* Fix regression in default logger's config location (#117) -* Tighten permissions on environment variable config files from 0644 to 0640 (#125) -* Add `start_down` and `delete_downfile` attributes to support configuring services with default state of 'down' (#105) - -v1.6.0 (2015-04-06) --------------------- -* Fedora 21 support -* Kitchen platform updates -* use imeyer’s packagecloud repo for RHEL -* fix converge_by usage -* do_action helper to set updated_by_last_action -* style fixes to provider - -v1.5.18 (2015-03-13) --------------------- -* Add helper methods to detect installation presence - -v1.5.16 (2015-02-11) --------------------- -* Allow removal of env files(nhuff) - -v1.5.14 (2015-01-15) --------------------- -* Provide create action(clako) - -v1.5.12 (2014-12-15) --------------------- -* prevent infinite loop inside docker container -* runit service failing inside docker container -* move to librarian-chef for kitchen dependency resolution -* update tests -* updates to chefspec matchers - -v1.5.10 (2014-03-07) --------------------- -PR #53- Fix runit RPM file location for Chef provisionless Centos 5.9 Box Image - - -v1.5.9 ------- -Fix runit RPM file location for Chef provisionless Centos 5.9 Box Image - -v1.5.8 ------- -Fixing string interpolation bug - - -v1.5.3 ------- -Fixing assignment/compare error - - -v1.5.1 ------- -### Bug -- **[COOK-3950](https://tickets.chef.io/browse/COOK-3950)** - runit cookbook should use full service path when checking running status - - -v1.5.0 ------- -### Improvement -- **[COOK-3267] - Improve testing suite in runit cookbook -- Updating test-kitchen harness -- Cleaning up style for rubocop - - -v1.4.4 ------- -fixing metadata version error. locking to < 3.0 - - -v1.4.2 ------- -Locking yum dependency to '< 3' - -v1.4.0 ------- -[COOK-3560] Allow the user to configure runit's timeout (-w) and verbose (-v) settings - - -v1.3.0 ------- -### Improvement -- **[COOK-3663](https://tickets.chef.io/browse/COOK-3663)** - Add ./check scripts support - -### Bug -- **[COOK-3271](https://tickets.chef.io/browse/COOK-3271)** - Fix an issue where runit fails to install rpm package on rehl systems - -v1.2.0 ------- -### New Feature -- **[COOK-3243](https://tickets.chef.io/browse/COOK-3243)** - Expose LSB init directory as a configurable - -### Bug -- **[COOK-3182](https://tickets.chef.io/browse/COOK-3182)** - Do not hardcode rpmbuild location - -### Improvement -- **[COOK-3175](https://tickets.chef.io/browse/COOK-3175)** - Add svlogd config file support -- **[COOK-3115](https://tickets.chef.io/browse/COOK-3115)** - Add ability to install 'runit' package from Yum - -v1.1.6 ------- -### Bug -- [COOK-2353]: Runit does not update run template if the service is already enabled -- [COOK-3013]: Runit install fails on rhel if converge is only partially successful - -v1.1.4 ------- -### Bug -- [COOK-2549]: cannot enable_service (lwrp) on Gentoo -- [COOK-2567]: Runit doesn't start at boot in Gentoo -- [COOK-2629]: runit tests have ruby 1.9 method chaning syntax -- [COOK-2867]: On debian, runit recipe will follow symlinks from /etc/init.d, overwrite /usr/bin/sv - -v1.1.2 ------- -- [COOK-2477] - runit cookbook should enable EPEL repo for CentOS 5 -- [COOK-2545] - Runit cookbook fails on Amazon Linux -- [COOK-2322] - runit init template is broken on debian - -v1.1.0 ------- -- [COOK-2353] - Runit does not update run template if the service is already enabled -- [COOK-2497] - add :nothing to allowed actions - -v1.0.6 ------- -- [COOK-2404] - allow sending sigquit -- [COOK-2431] - gentoo - it should create the runit-start template before calling it - -v1.0.4 ------- -- [COOK-2351] - add `run_template_name` to allow alternate run script template - -v1.0.2 ------- -- [COOK-2299] - runit_service resource does not properly start a non-running service - -v1.0.0 ------- -- [COOK-2254] - (formerly CHEF-154) Convert `runit_service` definition to a service resource named `runit_service`. - -This version has some backwards incompatible changes (hence the major -version bump). It is recommended that users pin the cookbook to the -previous version where it is a dependency until this version has been -tested in a non-production environment (use version 0.16.2): - - depends "runit", "<= 0.16.2" - -If you use Chef environments, pin the version in the appropriate -environment(s). - -**Changes of note** - -1. The "runit" recipe must be included before the runit_service resource -can be used. -2. The `runit_service` definition created a separate `service` -resource for notification purposes. This is still available, but the -only actions that can be notified are `:start`, `:stop`, and `:restart`. -3. The `:enable` action blocks waiting for supervise/ok after the -service symlink is created. -4. User-controlled services should be created per the runit -documentation; see README.md for an example. -5. Some parameters in the definition have changed names in the -resource. See below. - -The following parameters in the definition are renamed in the resource -to clarify their intent. - -- directory -> sv_dir -- active_directory -> service_dir -- template_name -> use service_name (name attribute) -- nolog -> set "log" to false -- start_command -> unused (was previously in the "service" resource) -- stop_command -> unused (was previously in the "service" resource) -- restart_command -> unused (was previously in the "service" resource) - -v0.16.2 -------- -- [COOK-1576] - Do not symlink /etc/init.d/servicename to /usr/bin/sv on debian -- [COOK-1960] - default_logger still looks for sv-service-log-run template -- [COOK-2035] - runit README change - -v0.16.0 -------- -- [COOK-794] default logger and `no_log` for `runit_service` definition -- [COOK-1165] - restart functionality does not work right on Gentoo due to the wrong directory in the attributes -- [COOK-1440] - Delegate service control to normal user - -v0.15.0 -------- -- [COOK-1008] - Added parameters for names of different templates in runit diff --git a/cookbooks/runit/README.md b/cookbooks/runit/README.md deleted file mode 100644 index 1322977..0000000 --- a/cookbooks/runit/README.md +++ /dev/null @@ -1,439 +0,0 @@ -runit Cookbook -============== -Installs runit and provides the `runit_service` service resource for managing processes (services) under runit. - -This cookbook does not use runit to replace system init, nor are ther plans to do so. - -For more information about runit: - -- http://smarden.org/runit/ - -#### A note regarding versions 1.7.0 and 1.7.2 - -With the benefit of hindsight we can say that the changes contained version 1.7.0 merited a major version number change, and that version 1.7.2 contains some still unresolved regressions compared to 1.6.0. Please be sure to test this new version for compatibility with your systems before upgrading to version 1.7. - -See [issue #144](https://github.com/hw-cookbooks/runit/issues/144) for some notes on how these versions behaved unexpectedly in one user's environment. - -Requirements ------------- -#### Platforms -- Debian/Ubuntu -- Gentoo -- RHEL - -#### Chef -- Chef 11+ - -#### Cookbooks -- packagecloud (for RHEL) - -Attributes ----------- -See `attributes/default.rb` for defaults generated per platform. - -- `node['runit']['sv_bin']` - Full path to the `sv` binary. -- `node['runit']['chpst_bin']` - Full path to the `chpst` binary. -- `node['runit']['service_dir']` - Full path to the default "services" directory where enabled services are linked. -- `node['runit']['sv_dir']` - Full path to the directory where service lives, which gets linked to `service_dir`. -- `node['runit']['lsb_init_dir']` - Full path to the directory where the LSB-compliant init script interface will be created. -- `node['runit']['start']` - Command to start the runsvdir service -- `node['runit']['stop]` - Command to stop the runsvdir service -- `node['runit']['reload']` - Command to reload the runsvdir service - -### Optional Attributes for RHEL systems - -- `node['runit']['prefer_local_yum']` - If `true`, assumes that a `runit` package is available on an already configured local yum repository. By default, the recipe installs the `runit` package from a Package Cloud repository (see below). This is set to the value of `node['runit']['use_package_from_yum']` for backwards compatibility, but otherwise defaults to `false`. - -Recipes -------- -### default -The default recipe installs runit and starts `runsvdir` to supervise the services in runit's service directory (e.g., `/etc/service`). - -On RHEL-family systems, it will install the runit RPM using [Ian Meyer's Package Cloud repository](https://packagecloud.io/imeyer/runit) for runit. This replaces the previous functionality where the RPM was build using his [runit RPM SPEC](https://github.com/imeyer/runit-rpm). However, if the attribute `node['runit']['prefer_local_yum']` is set to `true`, the packagecloud repository creation will be skipped and it is assumed that a `runit` package is available on an otherwise configured (outside this cookbook) local repository. - -On Debian family systems, the runit packages are maintained by the runit author, Gerrit Pape, and the recipe will use that for installation. - -On Gentoo, the runit ebuild package is installed. - -Resource/Provider ------------------ -This cookbook has a resource, `runit_service`, for managing services under runit. This service subclasses the Chef `service` resource. - -**This resource replaces the runit_service definition. See the CHANGELOG.md file in this cookbook for breaking change information and any actions you may need to take to update cookbooks using runit_service.** - -### Actions -- **enable** - enables the service, creating the required run scripts and symlinks. This is the default action. -- **start** - starts the service with `sv start` -- **stop** - stops the service with `sv stop` -- **disable** - stops the service with `sv down` and removes the service symlink -- **create** - create the service directory, but don't enable the service with symlink -- **restart** - restarts the service with `sv restart` -- **reload** - reloads the service with `sv force-reload` -- **once** - starts the service with `sv once`. -- **hup** - sends the `HUP` signal to the service with `sv hup` -- **cont** - sends the `CONT` signal to the service -- **term** - sends the `TERM` signal to the service -- **kill** - sends the `KILL` signal to the service -- **up** - starts the service with `sv up` -- **down** - downs the service with `sv down` -- **usr1** - sends the `USR1` signal to the service with `sv 1` -- **usr2** - sends the `USR2` signal to the service with `sv 2` - -Service management actions are taken with runit's "`sv`" program. - -Read the `sv(8)` [man page](http://smarden.org/runit/sv.8.html) for more information on the `sv` program. - -### Parameter Attributes - -The first three parameters, `sv_dir`, `service_dir`, and `sv_bin` will attempt to use the corresponding node attributes, and fall back to hardcoded default values that match the settings used on Debian platform systems. - -Many of these parameters are only used in the `:enable` action. - -- **sv_dir** - The base "service directory" for the services managed by - the resource. By default, this will attempt to use the - `node['runit']['sv_dir']` attribute, and falls back to `/etc/sv`. -- **service_dir** - The directory where services are symlinked to be - supervised by `runsvdir`. By default, this will attempt to use the - `node['runit']['service_dir']` attribute, and falls back to - `/etc/service`. -- **lsb_init_dir** - The directory where an LSB-compliant init script - interface will be created. By default, this will attempt to use the - `node['runit']['lsb_init_dir']` attribute, and falls back to - `/etc/init.d`. -- **sv_bin** - The path to the `sv` program binary. This will attempt - to use the `node['runit']['sv_bin']` attribute, and falls back to - `/usr/bin/sv`. -- **service_name** - *Name attribute*. The name of the service. This - will be used in the directory of the managed service in the - `sv_dir` and `service_dir`. -- **sv_timeout** - Override the default `sv` timeout of 7 seconds. -- **sv_verbose** - Whether to enable `sv` verbose mode. Default is - `false`. -- **sv_templates** - If true, the `:enable` action will create the - service directory with the appropriate templates. Default is - `true`. Set this to `false` if the service has a package that - provides its own service directory. See __Usage__ examples. -- **options** - Options passed as variables to templates, for - compatibility with legacy runit service definition. Default is an - empty hash. -- **env** - A hash of environment variables with their values as content - used in the service's `env` directory. Default is an empty hash. When - this hash is non-empty, the contents of the runit service's `env` - directory will be managed by Chef in order to conform to the declared - state. -- **log** - Whether to start the service's logger with svlogd, requires - a template `sv-service_name-log-run.erb` to configure the log's run - script. Default is true. -- **default_logger** - Whether a default `log/run` script should be set - up. If true, the default content of the run script will use - `svlogd` to write logs to `/var/log/service_name`. Default is false. -- **log_dir** - The directory where the `svlogd` log service will run. - Used when `default_logger` is `true`. Default is `/var/log/service_name` -- **log_size** - The maximum size a log file can grow to before it is - automatically rotated. See svlogd(8) for the default value. -- **log_num** - The maximum number of log files that will be retained - after rotation. See svlogd(8) for the default value. -- **log_min** - The minimum number of log files that will be retained - after rotation (if svlogd cannot create a new file and the minimum - has not been reached, it will block). Default is no minimum. -- **log_timeout** - The maximum age a log file can get to before it is - automatically rotated, whether it has reached `log_size` or not. - Default is no timeout. -- **log_processor** - A string containing a path to a program that - rotated log files will be fed through. See the **PROCESSOR** section - of svlogd(8) for details. Default is no processor. -- **log_socket** - An string containing an IP:port pair identifying a UDP - socket that log lines will be copied to. Default is none. -- **log_prefix** - A string that will be prepended to each line as it - is logged. Default is no prefix. -- **log_config_append** - A string containing optional additional lines to add - to the log service configuration. See svlogd(8) for more details. -- **cookbook** - A cookbook where templates are located instead of - where the resource is used. Applies for all the templates in the - `enable` action. -- **check** - whether the service has a check script, requires a - template `sv-service_name-check.erb` -- **finish** - whether the service has a finish script, requires a - template `sv-service_name-finish.erb` -- **control** - An array of signals to customize control of the service, - see [runsv man page](http://smarden.org/runit/runsv.8.html) on how - to use this. This requires that each template be created with the - name `sv-service_name-signal.erb`. -- **owner** - user that should own the templates created to enable the - service -- **group** - group that should own the templates created to enable the - service -- **run_template_name** - alternate filename of the run run script to - use replacing `service_name`. -- **log_template_name** - alternate filename of the log run script to - use replacing `service_name`. -- **check_script_template_name** - alternate filename of the check - script to use, replacing `service_name`. -- **finish_script_template_name** - alternate filename of the finish - script to use, replacing `service_name`. -- **control_template_names** - a hash of control signals (see *control* - above) and their alternate template name(s) replacing - `service_name`. -- **status_command** - The command used to check the status of the - service to see if it is enabled/running (if it's running, it's - enabled). This hardcodes the location of the sv program to - `/usr/bin/sv` due to the aforementioned cookbook load order. -- **restart_on_update** - Whether the service should be restarted when - the run script is updated. Defaults to `true`. Set to `false` if - the service shouldn't be restarted when the run script is updated. -- **start_down** - Set the default state of the runit service to 'down' by creating - `/down` file. Defaults to `false`. Services using `start_down` - will not be notified to restart when their run script is updated. -- **delete_downfile** - Delete previously created `/down` file - -Unlike previous versions of the cookbook using the `runit_service` definition, the `runit_service` resource can be notified. See __Usage__ examples below. - - -Usage ------ -To get runit installed on supported platforms, use `recipe[runit]`. Once it is installed, use the `runit_service` resource to set up services to be managed by runit. - -In order to use the `runit_service` resource in your cookbook(s), each service managed will also need to have `sv-service_name-run.erb` and `sv-service_name-log-run.erb` templates created. If the `log` parameter is false, the log run script isn't created. If the `log` parameter is true, and `default_logger` is also true, the log run -script will be created with the default content: - -```bash -#!/bin/sh -exec svlogd -tt /var/log/service_name -``` - -### Examples -These are example use cases of the `runit_service` resource described above. There are others in the `runit_test` cookbook that is included in the [git repository](https://github.com/hw-cookbooks/runit). - -**Default Example** - -This example uses all the defaults in the `:enable` action to set up the service. - -We'll set up `chef-client` to run as a service under runit, such as is done in the `chef-client` cookbook. This example will be more simple than in that cookbook. First, create the required run template, `chef-client/templates/default/sv-chef-client-run.erb`. - -```bash -#!/bin/sh -exec 2>&1 -exec /usr/bin/env chef-client -i 1800 -s 30 -``` - -Then create the required log/run template, `chef-client/templates/default/sv-chef-client-log-run.erb`. - -```bash -#!/bin/sh -exec svlogd -tt ./main -``` - -__Note__ This will cause output of the running process to go to `/etc/sv/chef-client/log/main/current`. Some people may not like this, see the following example. This is preserved for compatibility reasons. - -Finally, set up the service in the recipe with: - -```ruby -runit_service "chef-client" -``` - -**Default Logger Example** - -To use a default logger with svlogd which will log to `/var/log/chef-client/current`, instead, use the `default_logger` option. - -```ruby -runit_service "chef-client" do - default_logger true -end -``` - -**No Log Service** - -If there isn't an appendant log service, set `log` to false, and the log/run script won't be created. - -```ruby -runit_service "no-svlog" do - log false -end -``` - -**Check Script** - -To create a service that has a check script in its service directory, set the `check` parameter to `true`, and create a `sv-checker-check.erb` template. - -```ruby -runit_service "checker" do - check true -end -``` - -This will create `/etc/sv/checker/check`. - -**Finish Script** - -To create a service that has a finish script in its service directory, set the `finish` parameter to `true`, and create a `sv-finisher-finish.erb` template. - -```ruby -runit_service "finisher" do - finish true -end -``` - -This will create `/etc/sv/finisher/finish`. - -**Alternate service directory** - -If the service directory for the managed service isn't the `sv_dir` (`/etc/sv`), then specify it: - -```ruby -runit_service "custom_service" do - sv_dir "/etc/custom_service/runit" -end -``` - -**No Service Directory** - -If the service to manage has a package that provides its service directory, such as `git-daemon` on Debian systems, set `sv_templates` to false. - -```ruby -package "git-daemon-run" - -runit_service "git-daemon" do - sv_templates false -end -``` - -This will create the service symlink in `/etc/service`, but it will not manage any templates in the service directory. - -**User Controlled Services** - -To set up services controlled by a non-privileged user, we follow the recommended configuration in the [runit documentation](http://smarden.org/runit/faq.html#user) (Is it possible to allow a user other than root to control a service?). - -Suppose the user's name is floyd, and floyd wants to run floyds-app. Assuming that the floyd user and group are already managed with Chef, create a `runsvdir-floyd` runit_service. - -```ruby -runit_service "runsvdir-floyd" -``` - -Create the `sv-runsvdir-floyd-log-run.erb` template, or add `log false`. Also create the `sv-runsvdir-floyd-run.erb` with the following content: - -```bash -#!/bin/sh -exec 2>&1 -exec chpst -ufloyd runsvdir /home/floyd/service -``` - -Next, create the `runit_service` resource for floyd's app: - -```ruby -runit_service "floyds-app" do - sv_dir "/home/floyd/sv" - service_dir "/home/floyd/service" - owner "floyd" - group "floyd" -end -``` - -And now floyd can manage the service with sv: - -```text -$ id -uid=1000(floyd) gid=1001(floyd) groups=1001(floyd) -$ sv stop /home/floyd/service/floyds-app/ -ok: down: /home/floyd/service/floyds-app/: 0s, normally up -$ sv start /home/floyd/service/floyds-app/ -ok: run: /home/floyd/service/floyds-app/: (pid 5287) 0s -$ sv status /home/floyd/service/floyds-app/ -run: /home/floyd/service/floyds-app/: (pid 5287) 13s; run: log: (pid 4691) 726s -``` - -**Options** - -Next, let's set up memcached under runit with some additional options using the `options` parameter. First, the `memcached/templates/default/sv-memcached-run.erb` template: - -```bash -#!/bin/sh -exec 2>&1 -exec chpst -u <%= @options[:user] %> /usr/bin/memcached -v -m <%= @options[:memory] %> -p <%= @options[:port] %> -``` - -Note that the script uses `chpst` (which comes with runit) to set the user option, then starts memcached on the specified memory and port (see below). - -The log/run template, `memcached/templates/default/sv-memcached-log-run.erb`: - -```bash -#!/bin/sh -exec svlogd -tt ./main -``` - -Finally, the `runit_service` in our recipe: - -```ruby -runit_service "memcached" do - options({ - :memory => node[:memcached][:memory], - :port => node[:memcached][:port], - :user => node[:memcached][:user] - }.merge(params)) -end -``` - -This is where the user, port and memory options used in the run template are used. - -**Notifying Runit Services** - -In previous versions of this cookbook where the definition was used, it created a `service` resource that could be notified. With the `runit_service` resource, recipes need to use the full resource name. - -For example: - -```ruby -runit_service "my-service" - -template "/etc/my-service.conf" do - notifies :restart, "runit_service[my-service]" -end -``` - -Because the resource implements actions for various commands that `sv` can send to the service, any of those actions could be used for notification. For example, `chef-client` supports triggering a Chef run with a USR1 signal. - -```ruby -template "/tmp/chef-notifier" do - notifies :usr1, "runit_service[chef-client]" -end -``` - -For older implementations of services that used `runit_service` as a definition, but may support alternate service styles, use a conditional, such as based on an attribute: - -```ruby -service_to_notify = case node['nginx']['init_style'] - when "runit" - "runit_service[nginx]" - else - "service[nginx]" - end - -template "/etc/nginx/nginx.conf" do - notifies :restart, service_to_notify -end -``` - -**More Examples** - -For more examples, see the `runit_test` cookbook's `service` recipe in the [git repository](https://github.com/hw-cookbooks/runit). - - -License & Authors ------------------ -- Author:: Adam Jacob -- Author:: Joshua Timberman -- Author:: Sean OMeara - -```text -Copyright:: 2008-2016, Chef Software, Inc - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -``` diff --git a/cookbooks/runit/attributes/default.rb b/cookbooks/runit/attributes/default.rb deleted file mode 100644 index f201c8b..0000000 --- a/cookbooks/runit/attributes/default.rb +++ /dev/null @@ -1,62 +0,0 @@ -# -# Cookbook Name:: runit -# Attribute File:: sv_bin -# -# Copyright 2008-2009, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the 'License'); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an 'AS IS' BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -case node['platform_family'] -when 'debian' - default['runit']['sv_bin'] = '/usr/bin/sv' - default['runit']['chpst_bin'] = '/usr/bin/chpst' - default['runit']['service_dir'] = '/etc/service' - default['runit']['sv_dir'] = '/etc/sv' - default['runit']['lsb_init_dir'] = '/etc/init.d' - default['runit']['executable'] = '/sbin/runit' - - if node['platform'] == 'debian' - default['runit']['start'] = 'runsvdir-start' - default['runit']['stop'] = '' - default['runit']['reload'] = '' - elsif node['platform'] == 'ubuntu' - default['runit']['start'] = 'start runsvdir' - default['runit']['stop'] = 'stop runsvdir' - default['runit']['reload'] = 'reload runsvdir' - end - -when 'rhel', 'fedora' - default['runit']['sv_bin'] = '/sbin/sv' - default['runit']['chpst_bin'] = '/sbin/chpst' - default['runit']['service_dir'] = '/etc/service' - default['runit']['sv_dir'] = '/etc/sv' - default['runit']['lsb_init_dir'] = '/etc/init.d' - default['runit']['executable'] = '/sbin/runit' - default['runit']['prefer_local_yum'] = node['runit']['use_package_from_yum'] || false - default['runit']['start'] = '/etc/init.d/runit-start start' - default['runit']['stop'] = '/etc/init.d/runit-start stop' - default['runit']['reload'] = '/etc/init.d/runit-start reload' - -when 'gentoo' - default['runit']['sv_bin'] = '/usr/bin/sv' - default['runit']['chpst_bin'] = '/usr/bin/chpst' - default['runit']['service_dir'] = '/var/service' - default['runit']['sv_dir'] = '/etc/sv' - default['runit']['lsb_init_dir'] = '/etc/init.d' - default['runit']['executable'] = '/sbin/runit' - default['runit']['start'] = '/etc/init.d/runit-start start' - default['runit']['stop'] = '/etc/init.d/runit-start stop' - default['runit']['reload'] = '/etc/init.d/runit-start reload' - -end diff --git a/cookbooks/runit/files/default/runit.seed b/cookbooks/runit/files/default/runit.seed deleted file mode 100644 index 6492920..0000000 --- a/cookbooks/runit/files/default/runit.seed +++ /dev/null @@ -1 +0,0 @@ -runit runit/signalinit boolean true diff --git a/cookbooks/runit/files/default/runsvdir b/cookbooks/runit/files/default/runsvdir deleted file mode 100644 index e69de29..0000000 diff --git a/cookbooks/runit/files/ubuntu-6.10/runsvdir b/cookbooks/runit/files/ubuntu-6.10/runsvdir deleted file mode 100644 index 4040e34..0000000 --- a/cookbooks/runit/files/ubuntu-6.10/runsvdir +++ /dev/null @@ -1,6 +0,0 @@ -start on runlevel-2 -start on runlevel-3 -start on runlevel-4 -start on runlevel-5 -stop on shutdown -respawn /usr/sbin/runsvdir-start diff --git a/cookbooks/runit/files/ubuntu-7.04/runsvdir b/cookbooks/runit/files/ubuntu-7.04/runsvdir deleted file mode 100644 index ee173c9..0000000 --- a/cookbooks/runit/files/ubuntu-7.04/runsvdir +++ /dev/null @@ -1,7 +0,0 @@ -start on runlevel 2 -start on runlevel 3 -start on runlevel 4 -start on runlevel 5 -stop on shutdown -respawn -exec /usr/sbin/runsvdir-start diff --git a/cookbooks/runit/files/ubuntu-7.10/runsvdir b/cookbooks/runit/files/ubuntu-7.10/runsvdir deleted file mode 100644 index ee173c9..0000000 --- a/cookbooks/runit/files/ubuntu-7.10/runsvdir +++ /dev/null @@ -1,7 +0,0 @@ -start on runlevel 2 -start on runlevel 3 -start on runlevel 4 -start on runlevel 5 -stop on shutdown -respawn -exec /usr/sbin/runsvdir-start diff --git a/cookbooks/runit/files/ubuntu-8.04/runsvdir b/cookbooks/runit/files/ubuntu-8.04/runsvdir deleted file mode 100644 index ee173c9..0000000 --- a/cookbooks/runit/files/ubuntu-8.04/runsvdir +++ /dev/null @@ -1,7 +0,0 @@ -start on runlevel 2 -start on runlevel 3 -start on runlevel 4 -start on runlevel 5 -stop on shutdown -respawn -exec /usr/sbin/runsvdir-start diff --git a/cookbooks/runit/libraries/default.rb b/cookbooks/runit/libraries/default.rb deleted file mode 100644 index e69de29..0000000 diff --git a/cookbooks/runit/libraries/helpers.rb b/cookbooks/runit/libraries/helpers.rb deleted file mode 100644 index 0a40f58..0000000 --- a/cookbooks/runit/libraries/helpers.rb +++ /dev/null @@ -1,198 +0,0 @@ -# -# Cookbook:: runit -# Libraries:: helpers -# -# Author: Joshua Timberman -# Author: Sean OMeara -# Copyright 2008-2015, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -module RunitCookbook - module Helpers - # include Chef::Mixin::ShellOut if it is not already included in the calling class - def self.included(klass) - unless klass.ancestors.include?(Chef::Mixin::ShellOut) - klass.class_eval { include Chef::Mixin::ShellOut } - end - end - - # Default settings for resource properties. - def parsed_sv_bin - return new_resource.sv_bin if new_resource.sv_bin - '/usr/bin/sv' - end - - def parsed_sv_dir - return new_resource.sv_dir if new_resource.sv_dir - '/etc/sv' - end - - def parsed_service_dir - return new_resource.service_dir if new_resource.service_dir - '/etc/service' - end - - def parsed_lsb_init_dir - return new_resource.lsb_init_dir if new_resource.lsb_init_dir - '/etc/init.d' - end - - # misc helper functions - def inside_docker? - results = `cat /proc/1/cgroup`.strip.split("\n") - results.any? { |val| /docker/ =~ val } - end - - def down_file - "#{sv_dir_name}/down" - end - - def env_dir - "#{sv_dir_name}/env" - end - - def extra_env_files? - files = [] - Dir.glob("#{sv_dir_name}/env/*").each do |f| - files << File.basename(f) - end - return true if files.sort != new_resource.env.keys.sort - false - end - - def zap_extra_env_files - Dir.glob("#{sv_dir_name}/env/*").each do |f| - unless new_resource.env.key?(File.basename(f)) - File.unlink(f) - Chef::Log.info("removing file #{f}") - end - end - end - - def wait_for_service - unless inside_docker? - sleep 1 until ::FileTest.pipe?("#{service_dir_name}/supervise/ok") - - if new_resource.log - sleep 1 until ::FileTest.pipe?("#{service_dir_name}/log/supervise/ok") - end - end - end - - def runit_sv_works? - sv = shell_out("#{sv_bin} --help") - sv.exitstatus == 100 && sv.stderr =~ /usage: sv .* command service/ - end - - def runit_send_signal(signal, friendly_name = nil) - friendly_name ||= signal - converge_by("send #{friendly_name} to #{new_resource}") do - shell_out!("#{sv_bin} #{sv_args}#{signal} #{service_dir_name}") - Chef::Log.info("#{new_resource} sent #{friendly_name}") - end - end - - def running? - cmd = shell_out("#{sv_bin} #{sv_args}status #{service_dir_name}") - (cmd.stdout =~ /^run:/ && cmd.exitstatus == 0) - end - - def log_running? - cmd = shell_out("#{sv_bin} #{sv_args}status #{service_dir_name}/log") - (cmd.stdout =~ /^run:/ && cmd.exitstatus == 0) - end - - def enabled? - ::File.exist?("#{service_dir_name}/run") - end - - def log_service_name - "#{new_resource.service_name}/log" - end - - def sv_dir_name - "#{parsed_sv_dir}/#{new_resource.service_name}" - end - - def sv_args - sv_args = '' - sv_args += "-w '#{new_resource.sv_timeout}' " unless new_resource.sv_timeout.nil? - sv_args += '-v ' if new_resource.sv_verbose - sv_args - end - - def sv_bin - parsed_sv_bin - end - - def service_dir_name - "#{new_resource.service_dir}/#{new_resource.service_name}" - end - - def log_dir_name - "#{new_resource.service_dir}/#{new_resource.service_name}/log" - end - - def template_cookbook - new_resource.cookbook.nil? ? new_resource.cookbook_name.to_s : new_resource.cookbook - end - - def default_logger_content - <<-EOS -#!/bin/sh -exec svlogd -tt #{new_resource.log_dir} - EOS - end - - def disable_service - shell_out("#{new_resource.sv_bin} #{sv_args}down #{service_dir_name}") - FileUtils.rm(service_dir_name) - - # per the documentation, a service should be removed from supervision - # within 5 seconds of removing the service dir symlink, so we'll sleep for 6. - # otherwise, runit recreates the 'ok' named pipe too quickly - sleep(6) - # runit will recreate the supervise directory and - # pipes when the service is reenabled - FileUtils.rm("#{sv_dir_name}/supervise/ok") - end - - def start_service - shell_out!("#{new_resource.sv_bin} #{sv_args}start #{service_dir_name}") - end - - def stop_service - shell_out!("#{new_resource.sv_bin} #{sv_args}stop #{service_dir_name}") - end - - def restart_service - shell_out!("#{new_resource.sv_bin} #{sv_args}restart #{service_dir_name}") - end - - def restart_log_service - shell_out!("#{new_resource.sv_bin} #{sv_args}restart #{service_dir_name}/log") - end - - def reload_service - shell_out!("#{new_resource.sv_bin} #{sv_args}force-reload #{service_dir_name}") - end - - def reload_log_service - if log_running? - shell_out!("#{new_resource.sv_bin} #{sv_args}force-reload #{service_dir_name}/log") - end - end - end -end diff --git a/cookbooks/runit/libraries/matchers.rb b/cookbooks/runit/libraries/matchers.rb deleted file mode 100644 index 760156e..0000000 --- a/cookbooks/runit/libraries/matchers.rb +++ /dev/null @@ -1,69 +0,0 @@ -if defined?(ChefSpec) - - ChefSpec.define_matcher(:runit_service) - - def start_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :start, service) - end - - def stop_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :stop, service) - end - - def enable_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :enable, service) - end - - def disable_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :disable, service) - end - - def restart_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :restart, service) - end - - def reload_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :reload, service) - end - - def status_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :status, service) - end - - def once_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :once, service) - end - - def hup_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :hup, service) - end - - def cont_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :cont, service) - end - - def term_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :term, service) - end - - def kill_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :kill, service) - end - - def up_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :up, service) - end - - def down_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :down, service) - end - - def usr1_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :usr1, service) - end - - def usr2_runit_service(service) - ChefSpec::Matchers::ResourceMatcher.new(:runit_service, :usr2, service) - end - -end diff --git a/cookbooks/runit/libraries/provider_runit_service.rb b/cookbooks/runit/libraries/provider_runit_service.rb deleted file mode 100644 index ab59470..0000000 --- a/cookbooks/runit/libraries/provider_runit_service.rb +++ /dev/null @@ -1,348 +0,0 @@ -# -# Cookbook Name:: runit -# Provider:: service -# -# Author:: Joshua Timberman -# Author:: Sean OMeara -# Copyright 2011-2015, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class Chef - class Provider - class RunitService < Chef::Provider::LWRPBase - unless defined?(VALID_SIGNALS) - # Mapping of valid signals with optional friendly name - VALID_SIGNALS = Mash.new( - :down => nil, - :hup => nil, - :int => nil, - :term => nil, - :kill => nil, - :quit => nil, - :up => nil, - :once => nil, - :cont => nil, - 1 => :usr1, - 2 => :usr2 - ) - end - - use_inline_resources if defined?(use_inline_resources) - - def whyrun_supported? - true - end - - # Mix in helpers from libraries/helpers.rb - include RunitCookbook::Helpers - - # actions - action :create do - ruby_block 'restart_service' do - block do - action_enable - restart_service - end - action :nothing - only_if { new_resource.restart_on_update && !new_resource.start_down } - end - - ruby_block 'restart_log_service' do - block do - action_enable - restart_log_service - end - action :nothing - only_if { new_resource.restart_on_update && !new_resource.start_down } - end - - # sv_templates - if new_resource.sv_templates - - directory sv_dir_name do - owner new_resource.owner - group new_resource.group - mode '0755' - recursive true - action :create - end - - template "#{sv_dir_name}/run" do - owner new_resource.owner - group new_resource.group - source "sv-#{new_resource.run_template_name}-run.erb" - cookbook template_cookbook - mode '0755' - variables(options: new_resource.options) - action :create - notifies :run, 'ruby_block[restart_service]', :delayed - end - - # log stuff - if new_resource.log - directory "#{sv_dir_name}/log" do - owner new_resource.owner - group new_resource.group - recursive true - action :create - end - - directory "#{sv_dir_name}/log/main" do - owner new_resource.owner - group new_resource.group - mode '0755' - recursive true - action :create - end - - directory new_resource.log_dir do - owner new_resource.owner - group new_resource.group - mode '00755' - recursive true - action :create - end - - template "#{sv_dir_name}/log/config" do - owner new_resource.owner - group new_resource.group - mode '00644' - cookbook 'runit' - source 'log-config.erb' - variables(config: new_resource) - notifies :run, 'ruby_block[restart_log_service]', :delayed - action :create - end - - link "#{new_resource.log_dir}/config" do - to "#{sv_dir_name}/log/config" - end - - if new_resource.default_logger - file "#{sv_dir_name}/log/run" do - content default_logger_content - owner new_resource.owner - group new_resource.group - mode '00755' - action :create - notifies :run, 'ruby_block[restart_log_service]', :delayed - end - else - template "#{sv_dir_name}/log/run" do - owner new_resource.owner - group new_resource.group - mode '00755' - source "sv-#{new_resource.log_template_name}-log-run.erb" - cookbook template_cookbook - variables(options: new_resource.options) - action :create - notifies :run, 'ruby_block[restart_log_service]', :delayed - end - end - - end - - # environment stuff - directory "#{sv_dir_name}/env" do - owner new_resource.owner - group new_resource.group - mode '00755' - action :create - end - - new_resource.env.map do |var, value| - file "#{sv_dir_name}/env/#{var}" do - owner new_resource.owner - group new_resource.group - content value - mode 00640 - action :create - end - end - - ruby_block "zap extra env files for #{new_resource.name} service" do - block { zap_extra_env_files } - only_if { extra_env_files? } - not_if { new_resource.env.empty? } - action :run - end - - if new_resource.check - template "#{sv_dir_name}/check" do - owner new_resource.owner - group new_resource.group - mode '00755' - cookbook template_cookbook - source "sv-#{new_resource.check_script_template_name}-check.erb" - variables(options: new_resource.options) - action :create - end - end - - if new_resource.finish - template "#{sv_dir_name}/finish" do - owner new_resource.owner - group new_resource.group - mode '00755' - source "sv-#{new_resource.finish_script_template_name}-finish.erb" - cookbook template_cookbook - variables(options: new_resource.options) if new_resource.options.respond_to?(:has_key?) - action :create - end - end - - directory "#{sv_dir_name}/control" do - owner new_resource.owner - group new_resource.group - mode '00755' - action :create - end - - new_resource.control.map do |signal| - template "#{sv_dir_name}/control/#{signal}" do - owner new_resource.owner - group new_resource.group - mode '0755' - source "sv-#{new_resource.control_template_names[signal]}-#{signal}.erb" - cookbook template_cookbook - variables(options: new_resource.options) - action :create - end - end - - # lsb_init - if node['platform'] == 'debian' - ruby_block "unlink #{parsed_lsb_init_dir}/#{new_resource.service_name}" do - block { ::File.unlink("#{parsed_lsb_init_dir}/#{new_resource.service_name}") } - only_if { ::File.symlink?("#{parsed_lsb_init_dir}/#{new_resource.service_name}") } - end - - template "#{parsed_lsb_init_dir}/#{new_resource.service_name}" do - owner 'root' - group 'root' - mode '00755' - cookbook 'runit' - source 'init.d.erb' - variables( - name: new_resource.service_name, - sv_bin: new_resource.sv_bin, - init_dir: ::File.join(parsed_lsb_init_dir, '') - ) - action :create - end - else - link "#{parsed_lsb_init_dir}/#{new_resource.service_name}" do - to sv_bin - action :create - end - end - - # Create/Delete service down file - # To prevent unexpected behavior, require users to explicitly set - # delete_downfile to remove any down file that may already exist - df_action = :nothing - if new_resource.start_down - df_action = :create - elsif new_resource.delete_downfile - df_action = :delete - end - - file down_file do - mode 00644 - backup false - content '# File created and managed by chef!' - action df_action - end - end - end - - action :disable do - ruby_block "disable #{new_resource.service_name}" do - block { disable_service } - only_if { enabled? } - end - end - - action :enable do - # FIXME: remove action_create in next major version - action_create - - directory new_resource.service_dir - - link "#{service_dir_name}" do - to sv_dir_name - action :create - end - - ruby_block "wait for #{new_resource.service_name} service socket" do - block do - wait_for_service - end - action :run - end - end - - # signals - VALID_SIGNALS.each do |signal, signal_name| - action(signal_name || signal) do - if running? - Chef::Log.info "#{new_resource} signalled (#{(signal_name || signal).to_s.upcase})" - runit_send_signal(signal, signal_name) - else - Chef::Log.debug "#{new_resource} not running - nothing to do" - end - end - end - - action :nothing do - end - - action :restart do - restart_service - end - - action :start do - if running? - Chef::Log.debug "#{new_resource} already running - nothing to do" - else - start_service - Chef::Log.info "#{new_resource} started" - end - end - - action :stop do - if running? - stop_service - Chef::Log.info "#{new_resource} stopped" - else - Chef::Log.debug "#{new_resource} already stopped - nothing to do" - end - end - - action :reload do - if running? - reload_service - Chef::Log.info "#{new_resource} reloaded" - else - Chef::Log.debug "#{new_resource} not running - nothing to do" - end - end - - action :status do - running? - end - end - end -end diff --git a/cookbooks/runit/libraries/resource_runit_service.rb b/cookbooks/runit/libraries/resource_runit_service.rb deleted file mode 100644 index e111f0e..0000000 --- a/cookbooks/runit/libraries/resource_runit_service.rb +++ /dev/null @@ -1,267 +0,0 @@ -# -# Cookbook Name:: runit -# Provider:: service -# -# Copyright 2011, Joshua Timberman -# Copyright 2011, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'chef/resource' -require 'chef/resource/service' - -class Chef - class Resource - # Missing top-level class documentation comment - class RunitService < Chef::Resource::Service - def initialize(name, run_context = nil) - super - runit_node = runit_attributes_from_node(run_context) - @resource_name = :runit_service - @provider = Chef::Provider::RunitService - @supports = { restart: true, reload: true, status: true } - @action = :enable - @allowed_actions = [:nothing, :start, :stop, :enable, :disable, :restart, :reload, :status, :once, :hup, :cont, :term, :kill, :up, :down, :usr1, :usr2, :create] - - # sv_bin, sv_dir, service_dir and lsb_init_dir may have been set in the - # node attributes - @sv_bin = runit_node[:sv_bin] || '/usr/bin/sv' - @sv_dir = runit_node[:sv_dir] || '/etc/sv' - @service_dir = runit_node[:service_dir] || '/etc/service' - @lsb_init_dir = runit_node[:lsb_init_dir] || '/etc/init.d' - - @control = [] - @options = {} - @env = {} - @log = true - @cookbook = nil - @check = false - @start_down = false - @delete_downfile = false - @finish = false - @owner = nil - @group = nil - @enabled = false - @running = false - @default_logger = false - @restart_on_update = true - @run_template_name = @service_name - @log_template_name = @service_name - @check_script_template_name = @service_name - @finish_script_template_name = @service_name - @control_template_names = {} - @status_command = "#{@sv_bin} status #{@service_dir}" - @sv_templates = true - @sv_timeout = nil - @sv_verbose = false - @log_dir = ::File.join('/var/log/', @service_name) - @log_size = nil - @log_num = nil - @log_min = nil - @log_timeout = nil - @log_processor = nil - @log_socket = nil - @log_prefix = nil - @log_config_append = nil - - # - # Backward Compat Hack - # - # This ensures a 'service' resource exists for all 'runit_service' resources. - # This should allow all recipes using the previous 'runit_service' definition to - # continue operating. - # - unless run_context.nil? - service_dir_name = ::File.join(@service_dir, @name) - @service_mirror = Chef::Resource::Service.new(name, run_context) - @service_mirror.provider(Chef::Provider::Service::Simple) - @service_mirror.supports(@supports) - @service_mirror.start_command("#{@sv_bin} start #{service_dir_name}") - @service_mirror.stop_command("#{@sv_bin} stop #{service_dir_name}") - @service_mirror.restart_command("#{@sv_bin} restart #{service_dir_name}") - @service_mirror.status_command("#{@sv_bin} status #{service_dir_name}") - @service_mirror.action(:nothing) - run_context.resource_collection.insert(@service_mirror) - end - end - - def sv_bin(arg = nil) - set_or_return(:sv_bin, arg, kind_of: [String]) - end - - def sv_dir(arg = nil) - set_or_return(:sv_dir, arg, kind_of: [String, FalseClass]) - end - - def sv_timeout(arg = nil) - set_or_return(:sv_timeout, arg, kind_of: [Fixnum]) - end - - def sv_verbose(arg = nil) - set_or_return(:sv_verbose, arg, kind_of: [TrueClass, FalseClass]) - end - - def service_dir(arg = nil) - set_or_return(:service_dir, arg, kind_of: [String]) - end - - def lsb_init_dir(arg = nil) - set_or_return(:lsb_init_dir, arg, kind_of: [String]) - end - - def control(arg = nil) - set_or_return(:control, arg, kind_of: [Array]) - end - - def options(arg = nil) - default_opts = @env.empty? ? @options : @options.merge(env_dir: ::File.join(@sv_dir, @service_name, 'env')) - - merged_opts = arg.respond_to?(:merge) ? default_opts.merge(arg) : default_opts - - set_or_return( - :options, - merged_opts, - kind_of: [Hash], - default: default_opts - ) - end - - def env(arg = nil) - set_or_return(:env, arg, kind_of: [Hash]) - end - - ## set log to current instance value if nothing is passed. - def log(arg = @log) - set_or_return(:log, arg, kind_of: [TrueClass, FalseClass]) - end - - def cookbook(arg = nil) - set_or_return(:cookbook, arg, kind_of: [String]) - end - - def finish(arg = nil) - set_or_return(:finish, arg, kind_of: [TrueClass, FalseClass]) - end - - def check(arg = nil) - set_or_return(:check, arg, kind_of: [TrueClass, FalseClass]) - end - - def start_down(arg = nil) - set_or_return(:start_down, arg, kind_of: [TrueClass, FalseClass]) - end - - def delete_downfile(arg = nil) - set_or_return(:delete_downfile, arg, kind_of: [TrueClass, FalseClass]) - end - - def owner(arg = nil) - set_or_return(:owner, arg, regex: [Chef::Config[:user_valid_regex]]) - end - - def group(arg = nil) - set_or_return(:group, arg, regex: [Chef::Config[:group_valid_regex]]) - end - - def default_logger(arg = nil) - set_or_return(:default_logger, arg, kind_of: [TrueClass, FalseClass]) - end - - def restart_on_update(arg = nil) - set_or_return(:restart_on_update, arg, kind_of: [TrueClass, FalseClass]) - end - - def run_template_name(arg = nil) - set_or_return(:run_template_name, arg, kind_of: [String]) - end - alias_method :template_name, :run_template_name - - def log_template_name(arg = nil) - set_or_return(:log_template_name, arg, kind_of: [String]) - end - - def check_script_template_name(arg = nil) - set_or_return(:check_script_template_name, arg, kind_of: [String]) - end - - def finish_script_template_name(arg = nil) - set_or_return(:finish_script_template_name, arg, kind_of: [String]) - end - - def control_template_names(arg = nil) - set_or_return( - :control_template_names, - arg, - kind_of: [Hash], - default: set_control_template_names - ) - end - - def set_control_template_names - @control.each do |signal| - @control_template_names[signal] ||= @service_name - end - @control_template_names - end - - def sv_templates(arg = nil) - set_or_return(:sv_templates, arg, kind_of: [TrueClass, FalseClass]) - end - - def log_dir(arg = nil) - set_or_return(:log_dir, arg, kind_of: [String]) - end - - def log_size(arg = nil) - set_or_return(:log_size, arg, kind_of: [Integer]) - end - - def log_num(arg = nil) - set_or_return(:log_num, arg, kind_of: [Integer]) - end - - def log_min(arg = nil) - set_or_return(:log_min, arg, kind_of: [Integer]) - end - - def log_timeout(arg = nil) - set_or_return(:log_timeout, arg, kind_of: [Integer]) - end - - def log_processor(arg = nil) - set_or_return(:log_processor, arg, kind_of: [String]) - end - - def log_socket(arg = nil) - set_or_return(:log_socket, arg, kind_of: [String, Hash]) - end - - def log_prefix(arg = nil) - set_or_return(:log_prefix, arg, kind_of: [String]) - end - - def log_config_append(arg = nil) - set_or_return(:log_config_append, arg, kind_of: [String]) - end - - def runit_attributes_from_node(run_context) - if run_context && run_context.node && run_context.node[:runit] - run_context.node[:runit] - else - {} - end - end - end - end -end diff --git a/cookbooks/runit/metadata.json b/cookbooks/runit/metadata.json deleted file mode 100644 index 6553a97..0000000 --- a/cookbooks/runit/metadata.json +++ /dev/null @@ -1,49 +0,0 @@ -{ - "name": "runit", - "description": "Installs runit and provides runit_service definition", - "long_description": "runit Cookbook\n==============\nInstalls runit and provides the `runit_service` service resource for managing processes (services) under runit.\n\nThis cookbook does not use runit to replace system init, nor are ther plans to do so.\n\nFor more information about runit:\n\n- http://smarden.org/runit/\n\n#### A note regarding versions 1.7.0 and 1.7.2\n\nWith the benefit of hindsight we can say that the changes contained version 1.7.0 merited a major version number change, and that version 1.7.2 contains some still unresolved regressions compared to 1.6.0. Please be sure to test this new version for compatibility with your systems before upgrading to version 1.7.\n\nSee [issue #144](https://github.com/hw-cookbooks/runit/issues/144) for some notes on how these versions behaved unexpectedly in one user's environment.\n\nRequirements\n------------\n#### Platforms\n- Debian/Ubuntu\n- Gentoo\n- RHEL\n\n#### Chef\n- Chef 11+\n\n#### Cookbooks\n- packagecloud (for RHEL)\n\nAttributes\n----------\nSee `attributes/default.rb` for defaults generated per platform.\n\n- `node['runit']['sv_bin']` - Full path to the `sv` binary.\n- `node['runit']['chpst_bin']` - Full path to the `chpst` binary.\n- `node['runit']['service_dir']` - Full path to the default \"services\" directory where enabled services are linked.\n- `node['runit']['sv_dir']` - Full path to the directory where service lives, which gets linked to `service_dir`.\n- `node['runit']['lsb_init_dir']` - Full path to the directory where the LSB-compliant init script interface will be created.\n- `node['runit']['start']` - Command to start the runsvdir service\n- `node['runit']['stop]` - Command to stop the runsvdir service\n- `node['runit']['reload']` - Command to reload the runsvdir service\n\n### Optional Attributes for RHEL systems\n\n- `node['runit']['prefer_local_yum']` - If `true`, assumes that a `runit` package is available on an already configured local yum repository. By default, the recipe installs the `runit` package from a Package Cloud repository (see below). This is set to the value of `node['runit']['use_package_from_yum']` for backwards compatibility, but otherwise defaults to `false`.\n\nRecipes\n-------\n### default\nThe default recipe installs runit and starts `runsvdir` to supervise the services in runit's service directory (e.g., `/etc/service`).\n\nOn RHEL-family systems, it will install the runit RPM using [Ian Meyer's Package Cloud repository](https://packagecloud.io/imeyer/runit) for runit. This replaces the previous functionality where the RPM was build using his [runit RPM SPEC](https://github.com/imeyer/runit-rpm). However, if the attribute `node['runit']['prefer_local_yum']` is set to `true`, the packagecloud repository creation will be skipped and it is assumed that a `runit` package is available on an otherwise configured (outside this cookbook) local repository.\n\nOn Debian family systems, the runit packages are maintained by the runit author, Gerrit Pape, and the recipe will use that for installation.\n\nOn Gentoo, the runit ebuild package is installed.\n\nResource/Provider\n-----------------\nThis cookbook has a resource, `runit_service`, for managing services under runit. This service subclasses the Chef `service` resource.\n\n**This resource replaces the runit_service definition. See the CHANGELOG.md file in this cookbook for breaking change information and any actions you may need to take to update cookbooks using runit_service.**\n\n### Actions\n- **enable** - enables the service, creating the required run scripts and symlinks. This is the default action.\n- **start** - starts the service with `sv start`\n- **stop** - stops the service with `sv stop`\n- **disable** - stops the service with `sv down` and removes the service symlink\n- **create** - create the service directory, but don't enable the service with symlink\n- **restart** - restarts the service with `sv restart`\n- **reload** - reloads the service with `sv force-reload`\n- **once** - starts the service with `sv once`.\n- **hup** - sends the `HUP` signal to the service with `sv hup`\n- **cont** - sends the `CONT` signal to the service\n- **term** - sends the `TERM` signal to the service\n- **kill** - sends the `KILL` signal to the service\n- **up** - starts the service with `sv up`\n- **down** - downs the service with `sv down`\n- **usr1** - sends the `USR1` signal to the service with `sv 1`\n- **usr2** - sends the `USR2` signal to the service with `sv 2`\n\nService management actions are taken with runit's \"`sv`\" program.\n\nRead the `sv(8)` [man page](http://smarden.org/runit/sv.8.html) for more information on the `sv` program.\n\n### Parameter Attributes\n\nThe first three parameters, `sv_dir`, `service_dir`, and `sv_bin` will attempt to use the corresponding node attributes, and fall back to hardcoded default values that match the settings used on Debian platform systems.\n\nMany of these parameters are only used in the `:enable` action.\n\n- **sv_dir** - The base \"service directory\" for the services managed by\n the resource. By default, this will attempt to use the\n `node['runit']['sv_dir']` attribute, and falls back to `/etc/sv`.\n- **service_dir** - The directory where services are symlinked to be\n supervised by `runsvdir`. By default, this will attempt to use the\n `node['runit']['service_dir']` attribute, and falls back to\n `/etc/service`.\n- **lsb_init_dir** - The directory where an LSB-compliant init script\n interface will be created. By default, this will attempt to use the\n `node['runit']['lsb_init_dir']` attribute, and falls back to\n `/etc/init.d`.\n- **sv_bin** - The path to the `sv` program binary. This will attempt\n to use the `node['runit']['sv_bin']` attribute, and falls back to\n `/usr/bin/sv`.\n- **service_name** - *Name attribute*. The name of the service. This\n will be used in the directory of the managed service in the\n `sv_dir` and `service_dir`.\n- **sv_timeout** - Override the default `sv` timeout of 7 seconds.\n- **sv_verbose** - Whether to enable `sv` verbose mode. Default is\n `false`.\n- **sv_templates** - If true, the `:enable` action will create the\n service directory with the appropriate templates. Default is\n `true`. Set this to `false` if the service has a package that\n provides its own service directory. See __Usage__ examples.\n- **options** - Options passed as variables to templates, for\n compatibility with legacy runit service definition. Default is an\n empty hash.\n- **env** - A hash of environment variables with their values as content\n used in the service's `env` directory. Default is an empty hash. When\n this hash is non-empty, the contents of the runit service's `env`\n directory will be managed by Chef in order to conform to the declared\n state.\n- **log** - Whether to start the service's logger with svlogd, requires\n a template `sv-service_name-log-run.erb` to configure the log's run\n script. Default is true.\n- **default_logger** - Whether a default `log/run` script should be set\n up. If true, the default content of the run script will use\n `svlogd` to write logs to `/var/log/service_name`. Default is false.\n- **log_dir** - The directory where the `svlogd` log service will run.\n Used when `default_logger` is `true`. Default is `/var/log/service_name`\n- **log_size** - The maximum size a log file can grow to before it is\n automatically rotated. See svlogd(8) for the default value.\n- **log_num** - The maximum number of log files that will be retained\n after rotation. See svlogd(8) for the default value.\n- **log_min** - The minimum number of log files that will be retained\n after rotation (if svlogd cannot create a new file and the minimum\n has not been reached, it will block). Default is no minimum.\n- **log_timeout** - The maximum age a log file can get to before it is\n automatically rotated, whether it has reached `log_size` or not.\n Default is no timeout.\n- **log_processor** - A string containing a path to a program that\n rotated log files will be fed through. See the **PROCESSOR** section\n of svlogd(8) for details. Default is no processor.\n- **log_socket** - An string containing an IP:port pair identifying a UDP\n socket that log lines will be copied to. Default is none.\n- **log_prefix** - A string that will be prepended to each line as it\n is logged. Default is no prefix.\n- **log_config_append** - A string containing optional additional lines to add\n to the log service configuration. See svlogd(8) for more details.\n- **cookbook** - A cookbook where templates are located instead of\n where the resource is used. Applies for all the templates in the\n `enable` action.\n- **check** - whether the service has a check script, requires a\n template `sv-service_name-check.erb`\n- **finish** - whether the service has a finish script, requires a\n template `sv-service_name-finish.erb`\n- **control** - An array of signals to customize control of the service,\n see [runsv man page](http://smarden.org/runit/runsv.8.html) on how\n to use this. This requires that each template be created with the\n name `sv-service_name-signal.erb`.\n- **owner** - user that should own the templates created to enable the\n service\n- **group** - group that should own the templates created to enable the\n service\n- **run_template_name** - alternate filename of the run run script to\n use replacing `service_name`.\n- **log_template_name** - alternate filename of the log run script to\n use replacing `service_name`.\n- **check_script_template_name** - alternate filename of the check\n script to use, replacing `service_name`.\n- **finish_script_template_name** - alternate filename of the finish\n script to use, replacing `service_name`.\n- **control_template_names** - a hash of control signals (see *control*\n above) and their alternate template name(s) replacing\n `service_name`.\n- **status_command** - The command used to check the status of the\n service to see if it is enabled/running (if it's running, it's\n enabled). This hardcodes the location of the sv program to\n `/usr/bin/sv` due to the aforementioned cookbook load order.\n- **restart_on_update** - Whether the service should be restarted when\n the run script is updated. Defaults to `true`. Set to `false` if\n the service shouldn't be restarted when the run script is updated.\n- **start_down** - Set the default state of the runit service to 'down' by creating\n `/down` file. Defaults to `false`. Services using `start_down`\n will not be notified to restart when their run script is updated.\n- **delete_downfile** - Delete previously created `/down` file\n\nUnlike previous versions of the cookbook using the `runit_service` definition, the `runit_service` resource can be notified. See __Usage__ examples below.\n\n\nUsage\n-----\nTo get runit installed on supported platforms, use `recipe[runit]`. Once it is installed, use the `runit_service` resource to set up services to be managed by runit.\n\nIn order to use the `runit_service` resource in your cookbook(s), each service managed will also need to have `sv-service_name-run.erb` and `sv-service_name-log-run.erb` templates created. If the `log` parameter is false, the log run script isn't created. If the `log` parameter is true, and `default_logger` is also true, the log run\nscript will be created with the default content:\n\n```bash\n#!/bin/sh\nexec svlogd -tt /var/log/service_name\n```\n\n### Examples\nThese are example use cases of the `runit_service` resource described above. There are others in the `runit_test` cookbook that is included in the [git repository](https://github.com/hw-cookbooks/runit).\n\n**Default Example**\n\nThis example uses all the defaults in the `:enable` action to set up the service.\n\nWe'll set up `chef-client` to run as a service under runit, such as is done in the `chef-client` cookbook. This example will be more simple than in that cookbook. First, create the required run template, `chef-client/templates/default/sv-chef-client-run.erb`.\n\n```bash\n#!/bin/sh\nexec 2>&1\nexec /usr/bin/env chef-client -i 1800 -s 30\n```\n\nThen create the required log/run template, `chef-client/templates/default/sv-chef-client-log-run.erb`.\n\n```bash\n#!/bin/sh\nexec svlogd -tt ./main\n```\n\n__Note__ This will cause output of the running process to go to `/etc/sv/chef-client/log/main/current`. Some people may not like this, see the following example. This is preserved for compatibility reasons.\n\nFinally, set up the service in the recipe with:\n\n```ruby\nrunit_service \"chef-client\"\n```\n\n**Default Logger Example**\n\nTo use a default logger with svlogd which will log to `/var/log/chef-client/current`, instead, use the `default_logger` option.\n\n```ruby\nrunit_service \"chef-client\" do\n default_logger true\nend\n```\n\n**No Log Service**\n\nIf there isn't an appendant log service, set `log` to false, and the log/run script won't be created.\n\n```ruby\nrunit_service \"no-svlog\" do\n log false\nend\n```\n\n**Check Script**\n\nTo create a service that has a check script in its service directory, set the `check` parameter to `true`, and create a `sv-checker-check.erb` template.\n\n```ruby\nrunit_service \"checker\" do\n check true\nend\n```\n\nThis will create `/etc/sv/checker/check`.\n\n**Finish Script**\n\nTo create a service that has a finish script in its service directory, set the `finish` parameter to `true`, and create a `sv-finisher-finish.erb` template.\n\n```ruby\nrunit_service \"finisher\" do\n finish true\nend\n```\n\nThis will create `/etc/sv/finisher/finish`.\n\n**Alternate service directory**\n\nIf the service directory for the managed service isn't the `sv_dir` (`/etc/sv`), then specify it:\n\n```ruby\nrunit_service \"custom_service\" do\n sv_dir \"/etc/custom_service/runit\"\nend\n```\n\n**No Service Directory**\n\nIf the service to manage has a package that provides its service directory, such as `git-daemon` on Debian systems, set `sv_templates` to false.\n\n```ruby\npackage \"git-daemon-run\"\n\nrunit_service \"git-daemon\" do\n sv_templates false\nend\n```\n\nThis will create the service symlink in `/etc/service`, but it will not manage any templates in the service directory.\n\n**User Controlled Services**\n\nTo set up services controlled by a non-privileged user, we follow the recommended configuration in the [runit documentation](http://smarden.org/runit/faq.html#user) (Is it possible to allow a user other than root to control a service?).\n\nSuppose the user's name is floyd, and floyd wants to run floyds-app. Assuming that the floyd user and group are already managed with Chef, create a `runsvdir-floyd` runit_service.\n\n```ruby\nrunit_service \"runsvdir-floyd\"\n```\n\nCreate the `sv-runsvdir-floyd-log-run.erb` template, or add `log false`. Also create the `sv-runsvdir-floyd-run.erb` with the following content:\n\n```bash\n#!/bin/sh\nexec 2>&1\nexec chpst -ufloyd runsvdir /home/floyd/service\n```\n\nNext, create the `runit_service` resource for floyd's app:\n\n```ruby\nrunit_service \"floyds-app\" do\n sv_dir \"/home/floyd/sv\"\n service_dir \"/home/floyd/service\"\n owner \"floyd\"\n group \"floyd\"\nend\n```\n\nAnd now floyd can manage the service with sv:\n\n```text\n$ id\nuid=1000(floyd) gid=1001(floyd) groups=1001(floyd)\n$ sv stop /home/floyd/service/floyds-app/\nok: down: /home/floyd/service/floyds-app/: 0s, normally up\n$ sv start /home/floyd/service/floyds-app/\nok: run: /home/floyd/service/floyds-app/: (pid 5287) 0s\n$ sv status /home/floyd/service/floyds-app/\nrun: /home/floyd/service/floyds-app/: (pid 5287) 13s; run: log: (pid 4691) 726s\n```\n\n**Options**\n\nNext, let's set up memcached under runit with some additional options using the `options` parameter. First, the `memcached/templates/default/sv-memcached-run.erb` template:\n\n```bash\n#!/bin/sh\nexec 2>&1\nexec chpst -u <%= @options[:user] %> /usr/bin/memcached -v -m <%= @options[:memory] %> -p <%= @options[:port] %>\n```\n\nNote that the script uses `chpst` (which comes with runit) to set the user option, then starts memcached on the specified memory and port (see below).\n\nThe log/run template, `memcached/templates/default/sv-memcached-log-run.erb`:\n\n```bash\n#!/bin/sh\nexec svlogd -tt ./main\n```\n\nFinally, the `runit_service` in our recipe:\n\n```ruby\nrunit_service \"memcached\" do\n options({\n :memory => node[:memcached][:memory],\n :port => node[:memcached][:port],\n :user => node[:memcached][:user]\n }.merge(params))\nend\n```\n\nThis is where the user, port and memory options used in the run template are used.\n\n**Notifying Runit Services**\n\nIn previous versions of this cookbook where the definition was used, it created a `service` resource that could be notified. With the `runit_service` resource, recipes need to use the full resource name.\n\nFor example:\n\n```ruby\nrunit_service \"my-service\"\n\ntemplate \"/etc/my-service.conf\" do\n notifies :restart, \"runit_service[my-service]\"\nend\n```\n\nBecause the resource implements actions for various commands that `sv` can send to the service, any of those actions could be used for notification. For example, `chef-client` supports triggering a Chef run with a USR1 signal.\n\n```ruby\ntemplate \"/tmp/chef-notifier\" do\n notifies :usr1, \"runit_service[chef-client]\"\nend\n```\n\nFor older implementations of services that used `runit_service` as a definition, but may support alternate service styles, use a conditional, such as based on an attribute:\n\n```ruby\nservice_to_notify = case node['nginx']['init_style']\n when \"runit\"\n \"runit_service[nginx]\"\n else\n \"service[nginx]\"\n end\n\ntemplate \"/etc/nginx/nginx.conf\" do\n notifies :restart, service_to_notify\nend\n```\n\n**More Examples**\n\nFor more examples, see the `runit_test` cookbook's `service` recipe in the [git repository](https://github.com/hw-cookbooks/runit).\n\n\nLicense & Authors\n-----------------\n- Author:: Adam Jacob \n- Author:: Joshua Timberman \n- Author:: Sean OMeara \n\n```text\nCopyright:: 2008-2016, Chef Software, Inc\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n", - "maintainer": "Heavy Water Operations, LLC.", - "maintainer_email": "support@hw-ops.com", - "license": "Apache 2.0", - "platforms": { - "ubuntu": ">= 0.0.0", - "debian": ">= 0.0.0", - "gentoo": ">= 0.0.0", - "centos": ">= 0.0.0", - "redhat": ">= 0.0.0", - "amazon": ">= 0.0.0", - "scientific": ">= 0.0.0", - "oracle": ">= 0.0.0", - "enterpriseenterprise": ">= 0.0.0" - }, - "dependencies": { - "packagecloud": ">= 0.0.0" - }, - "recommendations": { - - }, - "suggestions": { - - }, - "conflicting": { - - }, - "providing": { - - }, - "replacing": { - - }, - "attributes": { - - }, - "groupings": { - - }, - "recipes": { - "runit": "Installs and configures runit" - }, - "version": "1.7.6", - "source_url": "", - "issues_url": "" -} diff --git a/cookbooks/runit/metadata.rb b/cookbooks/runit/metadata.rb deleted file mode 100644 index 65bb21d..0000000 --- a/cookbooks/runit/metadata.rb +++ /dev/null @@ -1,15 +0,0 @@ -name 'runit' -maintainer 'Heavy Water Operations, LLC.' -maintainer_email 'support@hw-ops.com' -license 'Apache 2.0' -description 'Installs runit and provides runit_service definition' -long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version '1.7.6' - -recipe 'runit', 'Installs and configures runit' - -%w(ubuntu debian gentoo centos redhat amazon scientific oracle enterpriseenterprise).each do |os| - supports os -end - -depends 'packagecloud' diff --git a/cookbooks/runit/recipes/default.rb b/cookbooks/runit/recipes/default.rb deleted file mode 100644 index 2c18881..0000000 --- a/cookbooks/runit/recipes/default.rb +++ /dev/null @@ -1,91 +0,0 @@ -# -# Cookbook Name:: runit -# Recipe:: default -# -# Copyright 2008-2010, Chef Software, Inc. -# -# Licensed under the Apache License, Version 2.0 (the 'License'); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an 'AS IS' BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -service 'runit' do - action :nothing -end - -execute 'start-runsvdir' do - command value_for_platform( - 'debian' => { 'default' => 'runsvdir-start' }, - 'ubuntu' => { 'default' => 'start runsvdir' }, - 'gentoo' => { 'default' => '/etc/init.d/runit-start start' } - ) - action :nothing -end - -execute 'runit-hup-init' do - command 'telinit q' - only_if 'grep ^SV /etc/inittab' - action :nothing -end - -case node['platform_family'] -when 'rhel', 'fedora' - - packagecloud_repo 'imeyer/runit' unless node['runit']['prefer_local_yum'] - package 'runit' - - if node['platform_version'].to_i == 7 - service 'runsvdir-start' do - action [:start, :enable] - end - end - -when 'debian', 'gentoo' - - if platform?('gentoo') - template '/etc/init.d/runit-start' do - source 'runit-start.sh.erb' - mode 0755 - end - - service 'runit-start' do - action :nothing - end - end - - package 'runit' do - action :install - response_file 'runit.seed' if platform?('ubuntu', 'debian') - notifies value_for_platform( - 'debian' => { '4.0' => :run, 'default' => :nothing }, - 'ubuntu' => { - 'default' => :nothing, - '9.04' => :run, - '8.10' => :run, - '8.04' => :run }, - 'gentoo' => { 'default' => :run } - ), 'execute[start-runsvdir]', :immediately - notifies value_for_platform( - 'debian' => { 'squeeze/sid' => :run, 'default' => :nothing }, - 'default' => :nothing - ), 'execute[runit-hup-init]', :immediately - notifies :enable, 'service[runit-start]' if platform?('gentoo') - end - - if node['platform'] =~ /ubuntu/i && node['platform_version'].to_f <= 8.04 - cookbook_file '/etc/event.d/runsvdir' do - source 'runsvdir' - mode 0644 - notifies :run, 'execute[start-runsvdir]', :immediately - only_if { ::File.directory?('/etc/event.d') } - end - end -end diff --git a/cookbooks/runit/templates/debian/init.d.erb b/cookbooks/runit/templates/debian/init.d.erb deleted file mode 100644 index 491d53f..0000000 --- a/cookbooks/runit/templates/debian/init.d.erb +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/sh -### BEGIN INIT INFO -# Provides: <%= @name %> -# Required-Start: -# Required-Stop: -# Default-Start: -# Default-Stop: -# Short-Description: initscript for runit-managed <%= @name %> service -### END INIT INFO - -# Author: Chef Software, Inc. - -PATH=/sbin:/usr/sbin:/bin:/usr/bin -DESC="runit-managed <%= @name %>" -NAME=<%= @name %> -RUNIT=<%= @sv_bin %> -SCRIPTNAME=<%= @init_dir %>$NAME - -# Exit if runit is not installed -[ -x $RUNIT ] || exit 0 - -# Load the VERBOSE setting and other rcS variables -. /lib/init/vars.sh - -# Define LSB log_* functions. -# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. -. /lib/lsb/init-functions - - -case "$1" in - start) - [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC " "$NAME" - $RUNIT start $NAME - [ "$VERBOSE" != no ] && log_end_msg $? - ;; - stop) - [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" - $RUNIT stop $NAME - [ "$VERBOSE" != no ] && log_end_msg $? - ;; - status) - $RUNIT status $NAME && exit 0 || exit $? - ;; - reload) - [ "$VERBOSE" != no ] && log_daemon_msg "Reloading $DESC" "$NAME" - $RUNIT reload $NAME - [ "$VERBOSE" != no ] && log_end_msg $? - ;; - force-reload) - [ "$VERBOSE" != no ] && log_daemon_msg "Force reloading $DESC" "$NAME" - $RUNIT force-reload $NAME - [ "$VERBOSE" != no ] && log_end_msg $? - ;; - restart) - [ "$VERBOSE" != no ] && log_daemon_msg "Restarting $DESC" "$NAME" - $RUNIT restart $NAME - [ "$VERBOSE" != no ] && log_end_msg $? - ;; - *) - echo "Usage: $SCRIPTNAME {start|stop|status|reload|force-reload|restart}" >&2 - exit 3 - ;; -esac - -: - diff --git a/cookbooks/runit/templates/default/log-config.erb b/cookbooks/runit/templates/default/log-config.erb deleted file mode 100644 index 68322b6..0000000 --- a/cookbooks/runit/templates/default/log-config.erb +++ /dev/null @@ -1,24 +0,0 @@ -<% if @config.log_size -%> -s<%= @config.log_size %> -<% end -%> -<% if @config.log_num -%> -n<%= @config.log_num %> -<% end -%> -<% if @config.log_min -%> -N<%= @config.log_min %> -<% end -%> -<% if @config.log_timeout -%> -t<%= @config.log_timeout %> -<% end -%> -<% if @config.log_processor -%> -!<%= @config.log_processor %> -<% end -%> -<% if @config.log_socket -%> -u<%= @config.log_socket %> -<% end -%> -<% if @config.log_prefix -%> -p<%= @config.log_prefix %> -<% end -%> -<% if @config.log_config_append -%> -<%= @config.log_config_append %> -<% end -%> diff --git a/cookbooks/runit/templates/gentoo/runit-start.sh.erb b/cookbooks/runit/templates/gentoo/runit-start.sh.erb deleted file mode 100644 index a6c11b3..0000000 --- a/cookbooks/runit/templates/gentoo/runit-start.sh.erb +++ /dev/null @@ -1,32 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: $ - -depend() { - after net -} - -start() { - ebegin "Starting runsvdir" - start-stop-daemon --start --exec /usr/bin/runsvdir \ - --background --make-pidfile \ - --pidfile /var/run/runsvdir.pid -- <%= node.runit.sv_dir %> - eend $? -} - -stop() { - local ret1 ret2 - ebegin "Stopping runsvdir" - start-stop-daemon --stop --oknodo --pidfile /var/run/runsvdir.pid - ret1=$? - eend ${ret1} - - ebegin "Stopping services and logging" - sv shutdown -w 10 <%= node.runit.sv_dir %>/* - ret2=$? - eend ${ret2} - - return $((ret1+ret2)) -} - diff --git a/cookbooks/wordpress/metadata.rb b/cookbooks/wordpress/metadata.rb index e7e8515..603c779 100644 --- a/cookbooks/wordpress/metadata.rb +++ b/cookbooks/wordpress/metadata.rb @@ -4,7 +4,7 @@ maintainer_email "cookbooks@opscode.com" license "Apache 2.0" description "Installs/Configures WordPress" long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version "3.0.0" +version "3.1.0" recipe "WordPress", "Installs and configures WordPress LAMP stack on a single system" recipe "WordPress::languages", "Install WordPress translation files" @@ -20,7 +20,7 @@ depends "mysql2_chef_gem", ">= 1.0.1" depends "build-essential" depends "iis", ">= 1.6.2" depends "tar", ">= 0.3.1" -depends "nginx", "~> 2.7.4" +depends "chef_nginx" depends "php-fpm" depends 'selinux', '~> 0.7' diff --git a/cookbooks/wordpress/recipes/nginx.rb b/cookbooks/wordpress/recipes/nginx.rb index 7820a2b..83c32c1 100644 --- a/cookbooks/wordpress/recipes/nginx.rb +++ b/cookbooks/wordpress/recipes/nginx.rb @@ -37,7 +37,7 @@ end include_recipe "php::module_mysql" node.set_unless['nginx']['default_site_enabled'] = false -include_recipe "nginx" +include_recipe "chef_nginx" include_recipe "wordpress::app" diff --git a/cookbooks/yum-epel/CHANGELOG.md b/cookbooks/yum-epel/CHANGELOG.md index d5f01c2..7c4b6ac 100644 --- a/cookbooks/yum-epel/CHANGELOG.md +++ b/cookbooks/yum-epel/CHANGELOG.md @@ -2,9 +2,43 @@ This file is used to list changes made in each version of the yum-epel cookbook. +## 2.1.1 (2017-01-05) + +- Revert how mirror list strings are generated to fix RHEL 7 + +## 2.1.0 (2016-12-22) + +- Test in Travis using the current build of chef/chef docker image +- Test on older Chef +- allow the use of any valid property via attributes +- fixing tests +- output versions in the job that is being ran +- cops + +## 2.0.0 (2016-11-26) + +- Clarify that we require Chef 12.1+ not 12.0+ +- Use compat_resource instead of the yum cookbook +- Add integration testing with inspec + +## 1.0.2 (2016-10-21) + +- Remove upper bound on yum constraint + +## 1.0.1 (2016-09-11) + +- Fix epel-testing attributes + +## 1.0.0 (2016-09-06) + +- Add chef_version metadata +- Testing updates +- Remove support for Chef 11 + ## v0.7.1 (2016-08-19) + - Remove bats testing -- Fix attribute settings +- Fix attribute settings - Cleanup travis file ## v0.7.0 (2016-04-27) diff --git a/cookbooks/yum-epel/MAINTAINERS.md b/cookbooks/yum-epel/MAINTAINERS.md index 2cf4d2f..8412458 100644 --- a/cookbooks/yum-epel/MAINTAINERS.md +++ b/cookbooks/yum-epel/MAINTAINERS.md @@ -2,8 +2,8 @@ # Maintainers This file lists how this cookbook project is maintained. When making changes to the system, this -file tells you who needs to review your patch - you need a simple majority of maintainers -for the relevant subsystems to provide a :+1: on your pull request. Additionally, you need +file tells you who needs to review your patch - you need a review from an existing maintainer +for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead. Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) diff --git a/cookbooks/yum-epel/README.md b/cookbooks/yum-epel/README.md index d6f37a1..a4d41ad 100644 --- a/cookbooks/yum-epel/README.md +++ b/cookbooks/yum-epel/README.md @@ -1,4 +1,5 @@ # yum-epel Cookbook + [![Build Status](https://travis-ci.org/chef-cookbooks/yum-epel.svg?branch=master)](http://travis-ci.org/chef-cookbooks/yum-epel) [![Cookbook Version](https://img.shields.io/cookbook/v/yum-epel.svg)](https://supermarket.chef.io/cookbooks/yum-epel) Extra Packages for Enterprise Linux (or EPEL) is a Fedora Special Interest Group that creates, maintains, and manages a high quality set of additional packages for Enterprise Linux, including, but not limited to, Red Hat Enterprise Linux (RHEL), CentOS and Scientific Linux (SL), Oracle Linux (OL). @@ -6,20 +7,32 @@ Extra Packages for Enterprise Linux (or EPEL) is a Fedora Special Interest Group The yum-epel cookbook takes over management of the default repositoryids shipped with epel-release. It allows attribute manipulation of `epel`, `epel-debuginfo`, `epel-source`, `epel-testing`, `epel-testing-debuginfo`, and `epel-testing-source`. ## Requirements + ### Platforms + - RHEL/CentOS and derivatives ### Chef -- Chef 11+ + +- Chef 12.1+ ### Cookbooks -- yum version 3.6.3 or higher + +- compat_resource ## Attributes + The following attributes are set by default ```ruby -default['yum-epel']['repositories'] = %w{epel epel-debuginfo epel-source epel-testing epel-testing-debuginfo epel-testing-source} +default['yum-epel']['repos'] = %w( + epel + epel-debuginfo + epel-source + epel-testing + epel-testing-debuginfo + epel-testing-source +) ``` ```ruby @@ -139,6 +152,7 @@ include_recipe 'yum-epel' ``` ## License & Authors + **Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io)) **Copyright:** 2011-2016, Chef Software, Inc. diff --git a/cookbooks/yum-epel/attributes/default.rb b/cookbooks/yum-epel/attributes/default.rb index 5b03a69..960a280 100644 --- a/cookbooks/yum-epel/attributes/default.rb +++ b/cookbooks/yum-epel/attributes/default.rb @@ -1 +1,8 @@ -default['yum-epel']['repositories'] = %w(epel epel-debuginfo epel-source epel-testing epel-testing-debuginfo epel-testing-source) +default['yum-epel']['repos'] = %w( + epel + epel-debuginfo + epel-source + epel-testing + epel-testing-debuginfo + epel-testing-source +) diff --git a/cookbooks/yum-epel/attributes/epel-debuginfo.rb b/cookbooks/yum-epel/attributes/epel-debuginfo.rb index 1f51fdd..b1142e5 100644 --- a/cookbooks/yum-epel/attributes/epel-debuginfo.rb +++ b/cookbooks/yum-epel/attributes/epel-debuginfo.rb @@ -1,12 +1,12 @@ default['yum']['epel-debuginfo']['repositoryid'] = 'epel-debuginfo' -default['yum']['epel-debuginfo']['description'] = 'Extra Packages for $releasever - $basearch - Debug' - -if node['platform'] == 'amazon' +default['yum']['epel-debuginfo']['description'] = "Extra Packages for #{node['platform_version'].to_i} - $basearch - Debug" +case node['platform'] +when 'amazon' default['yum']['epel-debuginfo']['mirrorlist'] = 'http://mirrors.fedoraproject.org/mirrorlist?repo=epel-debug-6&arch=$basearch' default['yum']['epel-debuginfo']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6' else default['yum']['epel-debuginfo']['mirrorlist'] = "http://mirrors.fedoraproject.org/mirrorlist?repo=epel-debug-#{node['platform_version'].to_i}&arch=$basearch" - default['yum']['epel-debuginfo']['gpgkey'] = (node['platform_version'].to_i == 5 ? 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL' : "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-#{node['platform_version'].to_i}") + default['yum']['epel-debuginfo']['gpgkey'] = "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-#{node['platform_version'].to_i}" end default['yum']['epel-debuginfo']['failovermethod'] = 'priority' default['yum']['epel-debuginfo']['gpgcheck'] = true diff --git a/cookbooks/yum-epel/attributes/epel-source.rb b/cookbooks/yum-epel/attributes/epel-source.rb index 670bcc0..11ef8e4 100644 --- a/cookbooks/yum-epel/attributes/epel-source.rb +++ b/cookbooks/yum-epel/attributes/epel-source.rb @@ -1,13 +1,13 @@ default['yum']['epel-source']['repositoryid'] = 'epel-source' -default['yum']['epel-source']['description'] = 'Extra Packages for $releasever - $basearch - Source' -if node['platform'] == 'amazon' +default['yum']['epel-source']['description'] = "Extra Packages for #{node['platform_version'].to_i} - $basearch - Source" +case node['platform'] +when 'amazon' default['yum']['epel-source']['mirrorlist'] = 'http://mirrors.fedoraproject.org/mirrorlist?repo=epel-source-6&arch=$basearch' default['yum']['epel-source']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6' else default['yum']['epel-source']['mirrorlist'] = "http://mirrors.fedoraproject.org/mirrorlist?repo=epel-source-#{node['platform_version'].to_i}&arch=$basearch" - default['yum']['epel-source']['gpgkey'] = (node['platform_version'].to_i == 5 ? 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL' : "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-#{node['platform_version'].to_i}") + default['yum']['epel-source']['gpgkey'] = "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-#{node['platform_version'].to_i}" end - default['yum']['epel-source']['failovermethod'] = 'priority' default['yum']['epel-source']['gpgcheck'] = true default['yum']['epel-source']['enabled'] = false diff --git a/cookbooks/yum-epel/attributes/epel-testing-debuginfo.rb b/cookbooks/yum-epel/attributes/epel-testing-debuginfo.rb index fa8234b..54e9b9b 100644 --- a/cookbooks/yum-epel/attributes/epel-testing-debuginfo.rb +++ b/cookbooks/yum-epel/attributes/epel-testing-debuginfo.rb @@ -1,13 +1,13 @@ default['yum']['epel-testing-debuginfo']['repositoryid'] = 'epel-testing-debuginfo' -default['yum']['epel-testing-debuginfo']['description'] = 'Extra Packages for $releasever - $basearch - Testing Debug' -if node['platform'] == 'amazon' +default['yum']['epel-testing-debuginfo']['description'] = "Extra Packages for #{node['platform_version'].to_i} - $basearch - Testing Debug" +case node['platform'] +when 'amazon' default['yum']['epel-testing-debuginfo']['mirrorlist'] = 'http://mirrors.fedoraproject.org/mirrorlist?repo=testing-debug-epel6&arch=$basearch' default['yum']['epel-testing-debuginfo']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6' else default['yum']['epel-testing-debuginfo']['mirrorlist'] = "http://mirrors.fedoraproject.org/mirrorlist?repo=testing-debug-epel#{node['platform_version'].to_i}&arch=$basearch" - default['yum']['epel-testing-debuginfo']['gpgkey'] = (node['platform_version'].to_i == 5 ? 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL' : "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-#{node['platform_version'].to_i}") + default['yum']['epel-testing-debuginfo']['gpgkey'] = "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-#{node['platform_version'].to_i}" end - default['yum']['epel-testing-debuginfo']['failovermethod'] = 'priority' default['yum']['epel-testing-debuginfo']['gpgcheck'] = true default['yum']['epel-testing-debuginfo']['enabled'] = false diff --git a/cookbooks/yum-epel/attributes/epel-testing-source.rb b/cookbooks/yum-epel/attributes/epel-testing-source.rb index 731ef06..f92031b 100644 --- a/cookbooks/yum-epel/attributes/epel-testing-source.rb +++ b/cookbooks/yum-epel/attributes/epel-testing-source.rb @@ -1,11 +1,12 @@ default['yum']['epel-testing-source']['repositoryid'] = 'epel-testing-source' -default['yum']['epel-testing-source']['description'] = 'Extra Packages for $releasever - $basearch - Testing Source' -if node['platform'] == 'amazon' +default['yum']['epel-testing-source']['description'] = "Extra Packages for #{node['platform_version'].to_i} - $basearch - Testing Source" +case node['platform'] +when 'amazon' default['yum']['epel-testing-source']['mirrorlist'] = 'http://mirrors.fedoraproject.org/mirrorlist?repo=testing-source-epel6&arch=$basearch' default['yum']['epel-testing-source']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6' else default['yum']['epel-testing-source']['mirrorlist'] = "http://mirrors.fedoraproject.org/mirrorlist?repo=testing-source-epel#{node['platform_version'].to_i}&arch=$basearch" - default['yum']['epel-testing-source']['gpgkey'] = (node['platform_version'].to_i == 5 ? 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL' : "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-#{node['platform_version'].to_i}") + default['yum']['epel-testing-source']['gpgkey'] = "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-#{node['platform_version'].to_i}" end default['yum']['epel-testing-source']['failovermethod'] = 'priority' default['yum']['epel-testing-source']['gpgcheck'] = true diff --git a/cookbooks/yum-epel/attributes/epel-testing.rb b/cookbooks/yum-epel/attributes/epel-testing.rb index 2a3c6d8..ee9d496 100644 --- a/cookbooks/yum-epel/attributes/epel-testing.rb +++ b/cookbooks/yum-epel/attributes/epel-testing.rb @@ -1,13 +1,13 @@ default['yum']['epel-testing']['repositoryid'] = 'epel-testing' -default['yum']['epel-testing']['description'] = 'Extra Packages for $releasever - $basearch - Testing ' -if node['platform'] == 'amazon' - default['yum']['epel-testing-source']['mirrorlist'] = 'http://mirrors.fedoraproject.org/mirrorlist?repo=testing-epel6&arch=$basearch' - default['yum']['epel-testing-source']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6' +default['yum']['epel-testing']['description'] = "Extra Packages for #{node['platform_version'].to_i} - $basearch - Testing " +case node['platform'] +when 'amazon' + default['yum']['epel-testing']['mirrorlist'] = 'http://mirrors.fedoraproject.org/mirrorlist?repo=testing-epel6&arch=$basearch' + default['yum']['epel-testing']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6' else - default['yum']['epel-testing-source']['mirrorlist'] = "http://mirrors.fedoraproject.org/mirrorlist?repo=testing-source-epel#{node['platform_version'].to_i}&arch=$basearch" - default['yum']['epel-testing-source']['gpgkey'] = (node['platform_version'].to_i == 5 ? 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL' : "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-#{node['platform_version'].to_i}") + default['yum']['epel-testing']['mirrorlist'] = "http://mirrors.fedoraproject.org/mirrorlist?repo=testing-epel#{node['platform_version'].to_i}&arch=$basearch" + default['yum']['epel-testing']['gpgkey'] = "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-#{node['platform_version'].to_i}" end - default['yum']['epel-testing']['failovermethod'] = 'priority' default['yum']['epel-testing']['gpgcheck'] = true default['yum']['epel-testing']['enabled'] = false diff --git a/cookbooks/yum-epel/attributes/epel.rb b/cookbooks/yum-epel/attributes/epel.rb index 9ee912f..ab17be5 100644 --- a/cookbooks/yum-epel/attributes/epel.rb +++ b/cookbooks/yum-epel/attributes/epel.rb @@ -1,20 +1,19 @@ default['yum']['epel']['repositoryid'] = 'epel' -default['yum']['epel']['description'] = 'Extra Packages for $releasever - $basearch' - +default['yum']['epel']['description'] = "Extra Packages for #{node['platform_version'].to_i} - $basearch" case node['kernel']['machine'] when 's390x' default['yum']['epel']['baseurl'] = 'https://kojipkgs.fedoraproject.org/rhel/rc/7/Server/s390x/os/' default['yum']['epel']['gpgkey'] = 'https://kojipkgs.fedoraproject.org/rhel/rc/7/Server/s390x/os/RPM-GPG-KEY-redhat-release' else - if node['platform'] == 'amazon' + case node['platform'] + when 'amazon' default['yum']['epel']['mirrorlist'] = 'http://mirrors.fedoraproject.org/mirrorlist?repo=epel-6&arch=$basearch' default['yum']['epel']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6' else default['yum']['epel']['mirrorlist'] = "http://mirrors.fedoraproject.org/mirrorlist?repo=epel-#{node['platform_version'].to_i}&arch=$basearch" - default['yum']['epel']['gpgkey'] = (node['platform_version'].to_i == 5 ? 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL' : "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-#{node['platform_version'].to_i}") + default['yum']['epel']['gpgkey'] = "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-#{node['platform_version'].to_i}" end end - default['yum']['epel']['failovermethod'] = 'priority' default['yum']['epel']['gpgcheck'] = true default['yum']['epel']['enabled'] = true diff --git a/cookbooks/yum-epel/metadata.json b/cookbooks/yum-epel/metadata.json index e4c155c..2f8805e 100644 --- a/cookbooks/yum-epel/metadata.json +++ b/cookbooks/yum-epel/metadata.json @@ -1 +1 @@ -{"name":"yum-epel","version":"0.7.1","description":"Installs and configures the EPEL Yum repository","long_description":"# yum-epel Cookbook\n[![Build Status](https://travis-ci.org/chef-cookbooks/yum-epel.svg?branch=master)](http://travis-ci.org/chef-cookbooks/yum-epel) [![Cookbook Version](https://img.shields.io/cookbook/v/yum-epel.svg)](https://supermarket.chef.io/cookbooks/yum-epel)\n\nExtra Packages for Enterprise Linux (or EPEL) is a Fedora Special Interest Group that creates, maintains, and manages a high quality set of additional packages for Enterprise Linux, including, but not limited to, Red Hat Enterprise Linux (RHEL), CentOS and Scientific Linux (SL), Oracle Linux (OL).\n\nThe yum-epel cookbook takes over management of the default repositoryids shipped with epel-release. It allows attribute manipulation of `epel`, `epel-debuginfo`, `epel-source`, `epel-testing`, `epel-testing-debuginfo`, and `epel-testing-source`.\n\n## Requirements\n### Platforms\n- RHEL/CentOS and derivatives\n\n### Chef\n- Chef 11+\n\n### Cookbooks\n- yum version 3.6.3 or higher\n\n## Attributes\nThe following attributes are set by default\n\n```ruby\ndefault['yum-epel']['repositories'] = %w{epel epel-debuginfo epel-source epel-testing epel-testing-debuginfo epel-testing-source}\n```\n\n```ruby\ndefault['yum']['epel']['repositoryid'] = 'epel'\ndefault['yum']['epel']['description'] = 'Extra Packages for Enterprise Linux 6 - $basearch'\ndefault['yum']['epel']['mirrorlist'] = 'http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=$basearch'\ndefault['yum']['epel']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6'\ndefault['yum']['epel']['failovermethod'] = 'priority'\ndefault['yum']['epel']['gpgcheck'] = true\ndefault['yum']['epel']['enabled'] = true\ndefault['yum']['epel']['managed'] = true\n```\n\n```ruby\ndefault['yum']['epel-debuginfo']['repositoryid'] = 'epel-debuginfo'\ndefault['yum']['epel-debuginfo']['description'] = 'Extra Packages for Enterprise Linux 6 - $basearch - Debug'\ndefault['yum']['epel-debuginfo']['mirrorlist'] = 'https://mirrors.fedoraproject.org/metalink?repo=epel-debug-6&arch=$basearch'\ndefault['yum']['epel-debuginfo']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6'\ndefault['yum']['epel-debuginfo']['failovermethod'] = 'priority'\ndefault['yum']['epel-debuginfo']['gpgcheck'] = true\ndefault['yum']['epel-debuginfo']['enabled'] = false\ndefault['yum']['epel-debuginfo']['managed'] = false\n```\n\n```ruby\ndefault['yum']['epel-source']['repositoryid'] = 'epel-source'\ndefault['yum']['epel-source']['description'] = 'Extra Packages for Enterprise Linux 6 - $basearch - Source'\ndefault['yum']['epel-source']['mirrorlist'] = 'http://mirrors.fedoraproject.org/mirrorlist?repo=epel-source-6&arch=$basearch'\ndefault['yum']['epel-source']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6'\ndefault['yum']['epel-source']['failovermethod'] = 'priority'\ndefault['yum']['epel-source']['gpgcheck'] = true\ndefault['yum']['epel-source']['enabled'] = false\ndefault['yum']['epel-source']['managed'] = false\n```\n\n```ruby\ndefault['yum']['epel-testing']['repositoryid'] = 'epel-testing'\ndefault['yum']['epel-testing']['description'] = 'Extra Packages for Enterprise Linux 6 - Testing - $basearch'\ndefault['yum']['epel-testing']['mirrorlist'] = 'https://mirrors.fedoraproject.org/metalink?repo=testing-epel6&arch=$basearch'\ndefault['yum']['epel-testing']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6r'\ndefault['yum']['epel-testing']['failovermethod'] = 'priority'\ndefault['yum']['epel-testing']['gpgcheck'] = true\ndefault['yum']['epel-testing']['enabled'] = false\ndefault['yum']['epel-testing']['managed'] = false\n```\n\n```ruby\ndefault['yum']['epel-testing-debuginfo']['repositoryid'] = 'epel-testing-debuginfo'\ndefault['yum']['epel-testing-debuginfo']['description'] = 'Extra Packages for Enterprise Linux 6 - Testing - $basearch Debug'\ndefault['yum']['epel-testing-debuginfo']['mirrorlist'] = 'https://mirrors.fedoraproject.org/metalink?repo=testing-debug-epel6&arch=$basearch'\ndefault['yum']['epel-testing-debuginfo']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6'\ndefault['yum']['epel-testing-debuginfo']['failovermethod'] = 'priority'\ndefault['yum']['epel-testing-debuginfo']['gpgcheck'] = true\ndefault['yum']['epel-testing-debuginfo']['enabled'] = false\ndefault['yum']['epel-testing-debuginfo']['managed'] = false\n```\n\n```ruby\ndefault['yum']['epel-testing-source']['repositoryid'] = 'epel-testing-source'\ndefault['yum']['epel-testing-source']['description'] = 'Extra Packages for Enterprise Linux 6 - Testing - $basearch Source'\ndefault['yum']['epel-testing-source']['mirrorlist'] = 'https://mirrors.fedoraproject.org/metalink?repo=testing-source-epel6&arch=$basearch'\ndefault['yum']['epel-testing-source']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6'\ndefault['yum']['epel-testing-source']['failovermethod'] = 'priority'\ndefault['yum']['epel-testing-source']['gpgcheck'] = true\ndefault['yum']['epel-testing-source']['enabled'] = false\ndefault['yum']['epel-testing-source']['managed'] = false\n```\n\n## Recipes\n- default - Walks through node attributes and feeds a yum_resource\n- parameters. The following is an example a resource generated by the\n- recipe during compilation.\n\n```ruby\n yum_repository 'epel' do\n mirrorlist 'http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=$basearch'\n description 'Extra Packages for Enterprise Linux 5 - $basearch'\n enabled true\n gpgcheck true\n gpgkey 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL'\n end\n```\n\n## Usage Example\nTo disable the epel repository through a Role or Environment definition\n\n```\ndefault_attributes(\n :yum => {\n :epel => {\n :enabled => {\n false\n }\n }\n }\n )\n```\n\nUncommonly used repositoryids are not managed by default. This is speeds up integration testing pipelines by avoiding yum-cache builds that nobody cares about. To enable the epel-testing repository with a wrapper cookbook, place the following in a recipe:\n\n```ruby\nnode.default['yum']['epel-testing']['enabled'] = true\nnode.default['yum']['epel-testing']['managed'] = true\ninclude_recipe 'yum-epel'\n```\n\n## More Examples\nPoint the epel repositories at an internally hosted server.\n\n```ruby\nnode.default['yum']['epel']['enabled'] = true\nnode.default['yum']['epel']['mirrorlist'] = nil\nnode.default['yum']['epel']['baseurl'] = 'https://internal.example.com/centos/6/os/x86_64'\nnode.default['yum']['epel']['sslverify'] = false\n\ninclude_recipe 'yum-epel'\n```\n\n## License & Authors\n**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io))\n\n**Copyright:** 2011-2016, Chef Software, Inc.\n\n```\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache 2.0","platforms":{"amazon":">= 0.0.0","centos":">= 0.0.0","oracle":">= 0.0.0","redhat":">= 0.0.0","scientific":">= 0.0.0","zlinux":">= 0.0.0"},"dependencies":{"yum":">= 3.6.3"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/chef-cookbooks/yum-epel","issues_url":"https://github.com/chef-cookbooks/yum-epel/issues","chef_version":{},"ohai_version":{}} \ No newline at end of file +{"name":"yum-epel","version":"2.1.1","description":"Installs and configures the EPEL Yum repository","long_description":"# yum-epel Cookbook\n\n[![Build Status](https://travis-ci.org/chef-cookbooks/yum-epel.svg?branch=master)](http://travis-ci.org/chef-cookbooks/yum-epel) [![Cookbook Version](https://img.shields.io/cookbook/v/yum-epel.svg)](https://supermarket.chef.io/cookbooks/yum-epel)\n\nExtra Packages for Enterprise Linux (or EPEL) is a Fedora Special Interest Group that creates, maintains, and manages a high quality set of additional packages for Enterprise Linux, including, but not limited to, Red Hat Enterprise Linux (RHEL), CentOS and Scientific Linux (SL), Oracle Linux (OL).\n\nThe yum-epel cookbook takes over management of the default repositoryids shipped with epel-release. It allows attribute manipulation of `epel`, `epel-debuginfo`, `epel-source`, `epel-testing`, `epel-testing-debuginfo`, and `epel-testing-source`.\n\n## Requirements\n\n### Platforms\n\n- RHEL/CentOS and derivatives\n\n### Chef\n\n- Chef 12.1+\n\n### Cookbooks\n\n- compat_resource\n\n## Attributes\n\nThe following attributes are set by default\n\n```ruby\ndefault['yum-epel']['repos'] = %w(\n epel\n epel-debuginfo\n epel-source\n epel-testing\n epel-testing-debuginfo\n epel-testing-source\n)\n```\n\n```ruby\ndefault['yum']['epel']['repositoryid'] = 'epel'\ndefault['yum']['epel']['description'] = 'Extra Packages for Enterprise Linux 6 - $basearch'\ndefault['yum']['epel']['mirrorlist'] = 'http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=$basearch'\ndefault['yum']['epel']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6'\ndefault['yum']['epel']['failovermethod'] = 'priority'\ndefault['yum']['epel']['gpgcheck'] = true\ndefault['yum']['epel']['enabled'] = true\ndefault['yum']['epel']['managed'] = true\n```\n\n```ruby\ndefault['yum']['epel-debuginfo']['repositoryid'] = 'epel-debuginfo'\ndefault['yum']['epel-debuginfo']['description'] = 'Extra Packages for Enterprise Linux 6 - $basearch - Debug'\ndefault['yum']['epel-debuginfo']['mirrorlist'] = 'https://mirrors.fedoraproject.org/metalink?repo=epel-debug-6&arch=$basearch'\ndefault['yum']['epel-debuginfo']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6'\ndefault['yum']['epel-debuginfo']['failovermethod'] = 'priority'\ndefault['yum']['epel-debuginfo']['gpgcheck'] = true\ndefault['yum']['epel-debuginfo']['enabled'] = false\ndefault['yum']['epel-debuginfo']['managed'] = false\n```\n\n```ruby\ndefault['yum']['epel-source']['repositoryid'] = 'epel-source'\ndefault['yum']['epel-source']['description'] = 'Extra Packages for Enterprise Linux 6 - $basearch - Source'\ndefault['yum']['epel-source']['mirrorlist'] = 'http://mirrors.fedoraproject.org/mirrorlist?repo=epel-source-6&arch=$basearch'\ndefault['yum']['epel-source']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6'\ndefault['yum']['epel-source']['failovermethod'] = 'priority'\ndefault['yum']['epel-source']['gpgcheck'] = true\ndefault['yum']['epel-source']['enabled'] = false\ndefault['yum']['epel-source']['managed'] = false\n```\n\n```ruby\ndefault['yum']['epel-testing']['repositoryid'] = 'epel-testing'\ndefault['yum']['epel-testing']['description'] = 'Extra Packages for Enterprise Linux 6 - Testing - $basearch'\ndefault['yum']['epel-testing']['mirrorlist'] = 'https://mirrors.fedoraproject.org/metalink?repo=testing-epel6&arch=$basearch'\ndefault['yum']['epel-testing']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6r'\ndefault['yum']['epel-testing']['failovermethod'] = 'priority'\ndefault['yum']['epel-testing']['gpgcheck'] = true\ndefault['yum']['epel-testing']['enabled'] = false\ndefault['yum']['epel-testing']['managed'] = false\n```\n\n```ruby\ndefault['yum']['epel-testing-debuginfo']['repositoryid'] = 'epel-testing-debuginfo'\ndefault['yum']['epel-testing-debuginfo']['description'] = 'Extra Packages for Enterprise Linux 6 - Testing - $basearch Debug'\ndefault['yum']['epel-testing-debuginfo']['mirrorlist'] = 'https://mirrors.fedoraproject.org/metalink?repo=testing-debug-epel6&arch=$basearch'\ndefault['yum']['epel-testing-debuginfo']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6'\ndefault['yum']['epel-testing-debuginfo']['failovermethod'] = 'priority'\ndefault['yum']['epel-testing-debuginfo']['gpgcheck'] = true\ndefault['yum']['epel-testing-debuginfo']['enabled'] = false\ndefault['yum']['epel-testing-debuginfo']['managed'] = false\n```\n\n```ruby\ndefault['yum']['epel-testing-source']['repositoryid'] = 'epel-testing-source'\ndefault['yum']['epel-testing-source']['description'] = 'Extra Packages for Enterprise Linux 6 - Testing - $basearch Source'\ndefault['yum']['epel-testing-source']['mirrorlist'] = 'https://mirrors.fedoraproject.org/metalink?repo=testing-source-epel6&arch=$basearch'\ndefault['yum']['epel-testing-source']['gpgkey'] = 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6'\ndefault['yum']['epel-testing-source']['failovermethod'] = 'priority'\ndefault['yum']['epel-testing-source']['gpgcheck'] = true\ndefault['yum']['epel-testing-source']['enabled'] = false\ndefault['yum']['epel-testing-source']['managed'] = false\n```\n\n## Recipes\n- default - Walks through node attributes and feeds a yum_resource\n- parameters. The following is an example a resource generated by the\n- recipe during compilation.\n\n```ruby\n yum_repository 'epel' do\n mirrorlist 'http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=$basearch'\n description 'Extra Packages for Enterprise Linux 5 - $basearch'\n enabled true\n gpgcheck true\n gpgkey 'http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL'\n end\n```\n\n## Usage Example\nTo disable the epel repository through a Role or Environment definition\n\n```\ndefault_attributes(\n :yum => {\n :epel => {\n :enabled => {\n false\n }\n }\n }\n )\n```\n\nUncommonly used repositoryids are not managed by default. This is speeds up integration testing pipelines by avoiding yum-cache builds that nobody cares about. To enable the epel-testing repository with a wrapper cookbook, place the following in a recipe:\n\n```ruby\nnode.default['yum']['epel-testing']['enabled'] = true\nnode.default['yum']['epel-testing']['managed'] = true\ninclude_recipe 'yum-epel'\n```\n\n## More Examples\nPoint the epel repositories at an internally hosted server.\n\n```ruby\nnode.default['yum']['epel']['enabled'] = true\nnode.default['yum']['epel']['mirrorlist'] = nil\nnode.default['yum']['epel']['baseurl'] = 'https://internal.example.com/centos/6/os/x86_64'\nnode.default['yum']['epel']['sslverify'] = false\n\ninclude_recipe 'yum-epel'\n```\n\n## License & Authors\n\n**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io))\n\n**Copyright:** 2011-2016, Chef Software, Inc.\n\n```\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","maintainer":"Chef Software, Inc.","maintainer_email":"cookbooks@chef.io","license":"Apache 2.0","platforms":{"amazon":">= 0.0.0","centos":">= 0.0.0","oracle":">= 0.0.0","redhat":">= 0.0.0","scientific":">= 0.0.0","zlinux":">= 0.0.0"},"dependencies":{"compat_resource":">= 12.16.3"},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{}} \ No newline at end of file diff --git a/cookbooks/yum-epel/recipes/default.rb b/cookbooks/yum-epel/recipes/default.rb index 8347394..02f75f3 100644 --- a/cookbooks/yum-epel/recipes/default.rb +++ b/cookbooks/yum-epel/recipes/default.rb @@ -1,9 +1,9 @@ # # Author:: Sean OMeara () -# Cookbook Name:: yum-epel +# Cookbook:: yum-epel # Recipe:: default # -# Copyright 2013-2016, Chef Software, Inc. +# Copyright:: 2013-2016, Chef Software, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,46 +17,11 @@ # See the License for the specific language governing permissions and # limitations under the License. -node['yum-epel']['repositories'].each do |repo| +node['yum-epel']['repos'].each do |repo| next unless node['yum'][repo]['managed'] - yum_repository repo do - baseurl node['yum'][repo]['baseurl'] unless node['yum'][repo]['baseurl'].nil? - cost node['yum'][repo]['cost'] unless node['yum'][repo]['cost'].nil? - description node['yum'][repo]['description'] unless node['yum'][repo]['description'].nil? - enabled node['yum'][repo]['enabled'] unless node['yum'][repo]['enabled'].nil? - enablegroups node['yum'][repo]['enablegroups'] unless node['yum'][repo]['enablegroups'].nil? - exclude node['yum'][repo]['exclude'] unless node['yum'][repo]['exclude'].nil? - failovermethod node['yum'][repo]['failovermethod'] unless node['yum'][repo]['failovermethod'].nil? - fastestmirror_enabled node['yum'][repo]['fastestmirror_enabled'] unless node['yum'][repo]['fastestmirror_enabled'].nil? - gpgcheck node['yum'][repo]['gpgcheck'] unless node['yum'][repo]['gpgcheck'].nil? - gpgkey node['yum'][repo]['gpgkey'] unless node['yum'][repo]['gpgkey'].nil? - http_caching node['yum'][repo]['http_caching'] unless node['yum'][repo]['http_caching'].nil? - include_config node['yum'][repo]['include_config'] unless node['yum'][repo]['include_config'].nil? - includepkgs node['yum'][repo]['includepkgs'] unless node['yum'][repo]['includepkgs'].nil? - keepalive node['yum'][repo]['keepalive'] unless node['yum'][repo]['keepalive'].nil? - make_cache node['yum'][repo]['make_cache'] unless node['yum'][repo]['make_cache'].nil? - max_retries node['yum'][repo]['max_retries'] unless node['yum'][repo]['max_retries'].nil? - metadata_expire node['yum'][repo]['metadata_expire'] unless node['yum'][repo]['metadata_expire'].nil? - mirror_expire node['yum'][repo]['mirror_expire'] unless node['yum'][repo]['mirror_expire'].nil? - mirrorlist node['yum'][repo]['mirrorlist'] unless node['yum'][repo]['mirrorlist'].nil? - mirrorlist_expire node['yum'][repo]['mirrorlist_expire'] unless node['yum'][repo]['mirrorlist_expire'].nil? - password node['yum'][repo]['password'] unless node['yum'][repo]['password'].nil? - priority node['yum'][repo]['priority'] unless node['yum'][repo]['priority'].nil? - proxy node['yum'][repo]['proxy'] unless node['yum'][repo]['proxy'].nil? - proxy_username node['yum'][repo]['proxy_username'] unless node['yum'][repo]['proxy_username'].nil? - proxy_password node['yum'][repo]['proxy_password'] unless node['yum'][repo]['proxy_password'].nil? - report_instanceid node['yum'][repo]['report_instanceid'] unless node['yum'][repo]['report_instanceid'].nil? - repositoryid node['yum'][repo]['repositoryid'] unless node['yum'][repo]['repositoryid'].nil? - skip_if_unavailable node['yum'][repo]['skip_if_unavailable'] unless node['yum'][repo]['skip_if_unavailable'].nil? - source node['yum'][repo]['source'] unless node['yum'][repo]['source'].nil? - sslcacert node['yum'][repo]['sslcacert'] unless node['yum'][repo]['sslcacert'].nil? - sslclientcert node['yum'][repo]['sslclientcert'] unless node['yum'][repo]['sslclientcert'].nil? - sslclientkey node['yum'][repo]['sslclientkey'] unless node['yum'][repo]['sslclientkey'].nil? - sslverify node['yum'][repo]['sslverify'] unless node['yum'][repo]['sslverify'].nil? - timeout node['yum'][repo]['timeout'] unless node['yum'][repo]['timeout'].nil? - username node['yum'][repo]['username'] unless node['yum'][repo]['username'].nil? - - action :create + node['yum'][repo].each do |config, value| + send(config.to_sym, value) unless value.nil? || config == 'managed' + end end end diff --git a/cookbooks/zypper/CHANGELOG.md b/cookbooks/zypper/CHANGELOG.md new file mode 100644 index 0000000..072be23 --- /dev/null +++ b/cookbooks/zypper/CHANGELOG.md @@ -0,0 +1,25 @@ +# zypper CHANGELOG + +## 0.4.0 + +- [tas50] - Add Whyrun support +- [bluca] - Add repository priority attribute + +## 0.3.0 + +- [tas50] - Add issues_url, source_url, and chef_version to the metadata +- [tas50] - Add Chefspec matchers for the repo LWRP +- [tas50] - Add testing and metadata supports attribute for opensuseleap + +## 0.2.1 + +- [gimler] - Use --non-interactive mode when running zypper refresh + +## 0.2.0 + +- [jarosser06] - Added Key attribute to allow importing a gpg key for a new repo +- [jarosser06] - Renamed alias attribute to repo_name + +## 0.1.0 + +- [jarosser06] - Initial release of zypper diff --git a/cookbooks/zypper/README.md b/cookbooks/zypper/README.md new file mode 100644 index 0000000..c3979ba --- /dev/null +++ b/cookbooks/zypper/README.md @@ -0,0 +1,126 @@ +# zypper Cookbook + +Cookbook that provides a lwrp for zypper repositories and also a recipe to install and configure the smt-client for SLES. + +## Requirements + +### Platforms + +- SLES 11+ +- openSUSE 13+ +- openSUSE Leap + +### Chef + +- Chef 11+ + +### Cookbooks + +- none + +## Attributes + +### zypper::smt_client + +Key | Type | Description | Default +------------------------------- | ------ | ------------------- | ------------ +['zypper']['smt_host'] | String | uri of the SMT host | nil + +## Resource/Provider + +## zypper_repo + +### Actions + +- **add** - adds a repo +- **delete** - removes a repo + +### Attributes + +- **repo_name** - repo alias (name attribute) +- **uri** - uri of the repo +- **autorefresh** - enable autorefresh +- **key** - location of repo key to import +- **priority** - priority of the repo + +## Example Usage + +```ruby +zypper_repo 'remove_dvd_repo' do + action :remove + repo_name 'SLES11SP3-x64 DVD1 Online' +end + +zypper_repo 'add_dvd_repo' do + repo_name 'SLES11SP3-x64 DVD1 Online' + uri 'http://demeter.uni-regensburg.de/SLES11SP3-x64/DVD1/' +end + +zypper_repo 'jenkins' do + key 'http://pkg.jenkins-ci.org/redhat/jenkins-ci.org.key' + uri 'http://pkg.jenkins-ci.org/opensuse/' +end +``` + +### zypper::smt_client + +Just include `zypper::smt_client` in your node's `run_list` and set the `smt_host` attribute to your smt server: + +```json +{ + "name":"my_node", + "normal": { + "zypper": { + "smt_host": "smt.example.com" + } + }, + "run_list": [ + "recipe[zypper]" + ] +} +``` + +## Testing + +To test with test kitchen you need to have a SLES Vagrant box already on your system(checkout github.com/opscode/bento). In order to test the smt recipe with your smt server set the SMT_HOST env variable to your smt host: + +```shell +export SMT_HOST=smt.example.com +``` + +## Contributing + +1. Fork the repository on Github +2. Create a named feature branch (like `add_component_x`) +3. Write you change +4. Write tests for your change (if applicable) +5. Run the tests, ensuring they all pass +6. Submit a Pull Request using Github + +## License and Authors + +- Author:: Jim Rosser(jarosser06@gmail.com) + +```text +copyright (C) 2014-2016 Jim Rosser + +Permission is hereby granted, free of charge, to any person +obtaining a copy of this software and associated documentation +files (the “Software”), to deal in the Software without restriction, +including without limitation the rights to use, copy, modify, merge, +publish, distribute, sublicense, and/or sell copies of the Software, +and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES +OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT +HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, +WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. +``` diff --git a/cookbooks/zypper/attributes/default.rb b/cookbooks/zypper/attributes/default.rb new file mode 100644 index 0000000..7c4d803 --- /dev/null +++ b/cookbooks/zypper/attributes/default.rb @@ -0,0 +1 @@ +default['zypper']['smt_host'] = nil diff --git a/cookbooks/zypper/libraries/matchers.rb b/cookbooks/zypper/libraries/matchers.rb new file mode 100644 index 0000000..7618d98 --- /dev/null +++ b/cookbooks/zypper/libraries/matchers.rb @@ -0,0 +1,12 @@ + +if defined?(ChefSpec) + ChefSpec.define_matcher :zypper_repo + + def add_zypper_repo(resource_name) + ChefSpec::Matchers::ResourceMatcher.new(:zypper_repo, :add, resource_name) + end + + def remove_zypper_repo(resource_name) + ChefSpec::Matchers::ResourceMatcher.new(:zypper_repo, :remove, resource_name) + end +end diff --git a/cookbooks/zypper/metadata.json b/cookbooks/zypper/metadata.json new file mode 100644 index 0000000..b73eb46 --- /dev/null +++ b/cookbooks/zypper/metadata.json @@ -0,0 +1 @@ +{"name":"zypper","version":"0.4.0","description":"Provides resources for managing zypper repositories","long_description":"# zypper Cookbook\n\nCookbook that provides a lwrp for zypper repositories and also a recipe to install and configure the smt-client for SLES.\n\n## Requirements\n\n### Platforms\n\n- SLES 11+\n- openSUSE 13+\n- openSUSE Leap\n\n### Chef\n\n- Chef 11+\n\n### Cookbooks\n\n- none\n\n## Attributes\n\n### zypper::smt_client\n\nKey | Type | Description | Default\n------------------------------- | ------ | ------------------- | ------------\n['zypper']['smt_host'] | String | uri of the SMT host | nil\n\n## Resource/Provider\n\n## zypper_repo\n\n### Actions\n\n- **add** - adds a repo\n- **delete** - removes a repo\n\n### Attributes\n\n- **repo_name** - repo alias (name attribute)\n- **uri** - uri of the repo\n- **autorefresh** - enable autorefresh\n- **key** - location of repo key to import\n- **priority** - priority of the repo\n\n## Example Usage\n\n```ruby\nzypper_repo 'remove_dvd_repo' do\n action :remove\n repo_name 'SLES11SP3-x64 DVD1 Online'\nend\n\nzypper_repo 'add_dvd_repo' do\n repo_name 'SLES11SP3-x64 DVD1 Online'\n uri 'http://demeter.uni-regensburg.de/SLES11SP3-x64/DVD1/'\nend\n\nzypper_repo 'jenkins' do\n key 'http://pkg.jenkins-ci.org/redhat/jenkins-ci.org.key'\n uri 'http://pkg.jenkins-ci.org/opensuse/'\nend\n```\n\n### zypper::smt_client\n\nJust include `zypper::smt_client` in your node's `run_list` and set the `smt_host` attribute to your smt server:\n\n```json\n{\n \"name\":\"my_node\",\n \"normal\": {\n \"zypper\": {\n \"smt_host\": \"smt.example.com\"\n }\n },\n \"run_list\": [\n \"recipe[zypper]\"\n ]\n}\n```\n\n## Testing\n\nTo test with test kitchen you need to have a SLES Vagrant box already on your system(checkout github.com/opscode/bento). In order to test the smt recipe with your smt server set the SMT_HOST env variable to your smt host:\n\n```shell\nexport SMT_HOST=smt.example.com\n```\n\n## Contributing\n\n1. Fork the repository on Github\n2. Create a named feature branch (like `add_component_x`)\n3. Write you change\n4. Write tests for your change (if applicable)\n5. Run the tests, ensuring they all pass\n6. Submit a Pull Request using Github\n\n## License and Authors\n\n- Author:: Jim Rosser(jarosser06@gmail.com)\n\n```text\ncopyright (C) 2014-2016 Jim Rosser\n\nPermission is hereby granted, free of charge, to any person\nobtaining a copy of this software and associated documentation\nfiles (the “Software”), to deal in the Software without restriction,\nincluding without limitation the rights to use, copy, modify, merge,\npublish, distribute, sublicense, and/or sell copies of the Software,\nand to permit persons to whom the Software is furnished to do so,\nsubject to the following conditions:\n\nThe above copyright notice and this permission notice shall be\nincluded in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND,\nEXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES\nOF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND\nNONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT\nHOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,\nWHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING\nFROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR\nOTHER DEALINGS IN THE SOFTWARE.\n```\n","maintainer":"Jim Rosser","maintainer_email":"jarosser06@gmail.com","license":"MIT","platforms":{"suse":">= 0.0.0","opensuse":">= 0.0.0","opensuseleap":">= 0.0.0"},"dependencies":{},"recommendations":{},"suggestions":{},"conflicting":{},"providing":{},"replacing":{},"attributes":{},"groupings":{},"recipes":{},"source_url":"https://github.com/jarosser06/chef-zypper","issues_url":"https://github.com/jarosser06/chef-zypper/issues","chef_version":[[">= 11"]],"ohai_version":[]} \ No newline at end of file diff --git a/cookbooks/zypper/providers/repo.rb b/cookbooks/zypper/providers/repo.rb new file mode 100644 index 0000000..7eaf84d --- /dev/null +++ b/cookbooks/zypper/providers/repo.rb @@ -0,0 +1,68 @@ +require 'mixlib/shellout' + +use_inline_resources + +def whyrun_supported? + true +end + +action :add do + unless repo_exist? + converge_by("add zypper repository '#{new_resource.repo_name}'") do + unless new_resource.key.nil? + install_curl + import_key + end + command = 'zypper ar' + command << ' -f' if new_resource.autorefresh + command << " #{new_resource.uri} \"#{new_resource.repo_name}\"" + shellout = Mixlib::ShellOut.new(command, user: 'root').run_command + if shellout.stderr.empty? + set_priority + else + Chef::Log.error("Error adding repo: #{shellout.stderr}") + end + end + end +end + +action :remove do + if repo_exist? + converge_by("remove zypper repository '#{new_resource.repo_name}'") do + command = "zypper rr \"#{new_resource.repo_name}\"" + shellout = Mixlib::ShellOut.new(command, user: 'root').run_command + Chef::Log.error("Error removing repo: #{shellout.stderr}") unless shellout.stderr.empty? + end + end +end + +def repo_exist? + command = "zypper repos | grep \"#{new_resource.repo_name}\"" + shellout = Mixlib::ShellOut.new(command, user: 'root').run_command + if shellout.stdout.empty? + false + else + true + end +end + +def install_curl + # Make sure curl is installed + pkg = Chef::Resource::Package.new('curl', run_context) + pkg.run_action :install +end + +def import_key + cmd = Chef::Resource::Execute.new("import key for #{new_resource.repo_name}", + run_context) + cmd.command "rpm --import #{new_resource.key}" + cmd.run_action :run +end + +def set_priority + return if new_resource.priority.nil? || new_resource.priority <= 0 + command = 'zypper mr' + command << " -p #{new_resource.priority} \"#{new_resource.repo_name}\"" + shellout = Mixlib::ShellOut.new(command, user: 'root').run_command + Chef::Log.error("Error setting repo priority: #{shellout.stderr}") unless shellout.stderr.empty? +end diff --git a/cookbooks/zypper/recipes/default.rb b/cookbooks/zypper/recipes/default.rb new file mode 100644 index 0000000..ecead57 --- /dev/null +++ b/cookbooks/zypper/recipes/default.rb @@ -0,0 +1,30 @@ +# +# Cookbook Name:: zypper +# Recipe:: default +# +# Copyright 2014 - 2016, Jim Rosser +# +# Permission is hereby granted, free of charge, to any person obtaining +# a copy of this software and associated documentation files (the +# "Software"), to deal in the Software without restriction, including +# without limitation the rights to use, copy, modify, merge, publish, +# distribute, sublicense, and/or sell copies of the Software, and to +# permit persons to whom the Software is furnished to do so, subject to +# the following conditions: +# +# The above copyright notice and this permission notice shall be +# included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +# + +execute 'zypper_refresh' do + command 'zypper --non-interactive refresh' + user 'root' +end diff --git a/cookbooks/zypper/recipes/smt_client.rb b/cookbooks/zypper/recipes/smt_client.rb new file mode 100644 index 0000000..75308e6 --- /dev/null +++ b/cookbooks/zypper/recipes/smt_client.rb @@ -0,0 +1,50 @@ +# +# Cookbook Name:: zypper +# Recipe:: smt_client +# +# Copyright 2014 - 2016, Jim Rosser +# +# Permission is hereby granted, free of charge, to any person obtaining +# a copy of this software and associated documentation files (the +# "Software"), to deal in the Software without restriction, including +# without limitation the rights to use, copy, modify, merge, publish, +# distribute, sublicense, and/or sell copies of the Software, and to +# permit persons to whom the Software is furnished to do so, subject to +# the following conditions: +# +# The above copyright notice and this permission notice shall be +# included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +# +package 'smt-client' + +client_setup = "#{Chef::Config[:file_cache_path]}/clientSetup4SMT.sh" +register_log = '/root/.suse_register.log' + +remote_file client_setup do + action :create + source "http://#{node['zypper']['smt_host']}/repo/tools/clientSetup4SMT.sh" + mode 0544 + owner 'root' + not_if { ::File.exist? register_log } +end + +execute 'register_smt' do + command "yes | #{client_setup} --host #{node['zypper']['smt_host']}" + user 'root' + creates register_log + notifies :run, 'execute[initial_smt_agent]', :immediately +end + +execute 'initial_smt_agent' do + user 'root' + command 'smt-agent' + action :nothing +end diff --git a/cookbooks/zypper/resources/repo.rb b/cookbooks/zypper/resources/repo.rb new file mode 100644 index 0000000..2aeb372 --- /dev/null +++ b/cookbooks/zypper/resources/repo.rb @@ -0,0 +1,8 @@ +actions :add, :remove +default_action :add + +attribute :repo_name, kind_of: String, name_attribute: true +attribute :autorefresh, kind_of: [TrueClass, FalseClass] +attribute :uri, kind_of: String +attribute :key, kind_of: String, default: nil +attribute :priority, kind_of: Integer, default: nil