kosmos/chef
kosmos
/
chef
8
3
Fork 0
Code Issues 34 Pull Requests 2 Projects 1 Activity

Update the mediawiki cookbook and upstream cookbooks 

Compatibility with Chef 14
This commit is contained in:
Greg 2019-04-08 11:20:12 +02:00
parent 6e3e8cde1b
commit 777b85c2ab
312 changed files with 5603 additions and 14219 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
Berksfile
View File

@ -4,16 +4,13 @@ source 'https://supermarket.chef.io'
cookbook 'mediawiki',
git: 'https://github.com/67P/mediawiki-cookbook.git',
ref: 'f8d0f6b19af4381fdc390aaa32c51a54bd73afdc'
cookbook 'wordpress',
git: 'https://github.com/67P/wordpress-cookbook.git',
ref: 'relax_dependencies'
ref: '20fbdf12394d297bc895d457e4b47ede663794cc'
cookbook 'redis',
git: 'https://github.com/phlipper/chef-redis.git',
ref: 'v0.5.6'
cookbook 'postfix', '= 5.0.2'
cookbook 'php-fpm', '= 0.7.9'
cookbook 'php', '= 4.2.0'
cookbook 'php-fpm', '~> 0.8.0'
cookbook 'php', '~> 6.1.1'
cookbook 'composer', '~> 2.6.1'
cookbook 'poise-ruby-build', '~> 1.1.0'
cookbook 'application', '~> 5.2.0'
@ -34,12 +31,12 @@ cookbook 'nginx', '= 9.0.0'
# Remove when cookbooks stop depending on it, the build_essential resource is
# part of Chef 14 (https://docs.chef.io/resource_build_essential.html)
cookbook 'build-essential', '~> 8.2.1'
cookbook 'mysql', '= 6.1.3'
cookbook 'mysql', '~> 8.5.1'
cookbook 'postgresql', '= 7.1.4'
cookbook 'apt', '~> 7.0.0'
cookbook 'git', '= 6.0.0'
cookbook 'hostsfile', '= 2.4.5'
cookbook 'ohai', '= 5.0.4'
cookbook 'ohai', '~> 5.2.5'
cookbook 'nodejs', '~> 5.0.0'
# Deprecated, but wordpress and mediawiki depend on it and it would painful
# to change it without moving the databases
@ -49,20 +46,13 @@ cookbook 'chef_client_updater', '= 1.1.1'
cookbook 'timezone_iii', '= 1.0.4'
cookbook 'ark', '= 3.1.0'
cookbook 'logrotate', '= 2.2.0'
cookbook 'openssl', '= 7.1.0'
cookbook 'openssl', '~> 8.5.5'
cookbook 'ntp', '= 3.4.0'
cookbook 'yum', '= 3.13.0'
cookbook 'yum-epel', '= 0.3.6'
cookbook 'yum-mysql-community', '= 2.1.0'
cookbook 'apache2', '= 3.3.0'
cookbook 'chef-sugar', '= 3.3.0'
cookbook 'compat_resource', '= 12.19.0'
cookbook 'dmg', '= 4.0.0'
cookbook 'homebrew', '= 3.0.0'
cookbook 'windows', '= 3.1.1'
cookbook 'iis', '= 6.7.1'
cookbook 'mariadb', '= 0.3.1'
cookbook 'mingw', '= 2.0.0'
cookbook 'ipfs',
git: 'https://github.com/67P/ipfs-cookbook.git',
ref: 'v0.1.2'

80
Berksfile.lock
View File

@ -12,13 +12,11 @@ DEPENDENCIES
compat_resource (= 12.19.0)
composer (~> 2.6.1)
database (= 6.1.1)
dmg (= 4.0.0)
firewall (~> 2.6.3)
git (= 6.0.0)
homebrew (= 3.0.0)
hostname (= 0.4.2)
hostsfile (= 2.4.5)
iis (= 6.7.1)
ipfs
git: https://github.com/67P/ipfs-cookbook.git
revision: 78d3edfd78c56a25494ac84528e152762f38b3be
@ -27,18 +25,17 @@ DEPENDENCIES
mariadb (= 0.3.1)
mediawiki
git: https://github.com/67P/mediawiki-cookbook.git
revision: f8d0f6b19af4381fdc390aaa32c51a54bd73afdc
ref: f8d0f6b
mingw (= 2.0.0)
mysql (= 6.1.3)
revision: 20fbdf12394d297bc895d457e4b47ede663794cc
ref: 20fbdf1
mysql (~> 8.5.1)
mysql2_chef_gem (= 1.1.0)
nginx (= 9.0.0)
nodejs (~> 5.0.0)
ntp (= 3.4.0)
ohai (= 5.0.4)
openssl (= 7.1.0)
php (= 4.2.0)
php-fpm (= 0.7.9)
ohai (~> 5.2.5)
openssl (~> 8.5.5)
php (= 6.1.1)
php-fpm (~> 0.8.0)
poise (~> 2.8.2)
poise-archive (~> 1.5.0)
poise-javascript (~> 1.2.0)
@ -54,14 +51,6 @@ DEPENDENCIES
ref: v0.5.6
timezone_iii (= 1.0.4)
users (~> 5.3.1)
windows (= 3.1.1)
wordpress
git: https://github.com/67P/wordpress-cookbook.git
revision: 593ad2c7957fc427da739510de59f36ad648ee5e
ref: relax_d
yum (= 3.13.0)
yum-epel (= 0.3.6)
yum-mysql-community (= 2.1.0)
GRAPH
apache2 (3.3.0)
@ -100,7 +89,7 @@ GRAPH
windows (>= 0.0.0)
database (6.1.1)
postgresql (>= 1.0.0)
dmg (4.0.0)
dmg (4.1.1)
firewall (2.6.3)
chef-sugar (>= 0.0.0)
git (6.0.0)
@ -111,8 +100,6 @@ GRAPH
hostname (0.4.2)
hostsfile (>= 0.0.0)
hostsfile (2.4.5)
iis (6.7.1)
windows (>= 2.0)
ipfs (0.1.2)
ark (>= 0.0.0)
logrotate (2.2.0)
@ -124,15 +111,12 @@ GRAPH
apache2 (>= 0.0.0)
database (>= 0.0.0)
mysql (>= 0.0.0)
mysql2_chef_gem (>= 0.0.0)
nginx (>= 0.0.0)
php (>= 0.0.0)
php-fpm (>= 0.0.0)
mingw (2.0.0)
mingw (2.1.0)
seven_zip (>= 0.0.0)
mysql (6.1.3)
smf (>= 0.0.0)
yum-mysql-community (>= 0.0.0)
mysql (8.5.1)
mysql2_chef_gem (1.1.0)
build-essential (>= 0.0.0)
mariadb (>= 0.0.0)
@ -145,16 +129,12 @@ GRAPH
ark (>= 2.0.2)
build-essential (>= 0.0.0)
ntp (3.4.0)
ohai (5.0.4)
openssl (7.1.0)
php (4.2.0)
build-essential (>= 0.0.0)
mysql (>= 6.0.0)
xml (>= 0.0.0)
ohai (5.2.5)
openssl (8.5.5)
php (6.1.1)
build-essential (>= 5.0)
yum-epel (>= 0.0.0)
php-fpm (0.7.9)
apt (>= 0.0.0)
yum (>= 3.0)
php-fpm (0.8.0)
poise (2.8.2)
poise-archive (1.5.0)
poise (~> 2.6)
@ -181,36 +161,12 @@ GRAPH
poise (~> 2.0)
postfix (5.0.2)
postgresql (7.1.4)
rbac (1.0.3)
redis (0.5.6)
apt (>= 0.0.0)
selinux (0.9.0)
seven_zip (2.0.2)
windows (>= 1.2.2)
smf (2.2.8)
rbac (>= 1.0.1)
tar (2.2.0)
timezone_iii (1.0.4)
users (5.3.1)
windows (3.1.1)
ohai (>= 4.0.0)
wordpress (3.1.0)
apache2 (>= 2.0.0)
build-essential (>= 0.0.0)
database (>= 1.6.0)
iis (>= 1.6.2)
mysql (>= 6.0)
mysql2_chef_gem (>= 1.0.1)
nginx (>= 0.0.0)
openssl (>= 0.0.0)
php (>= 0.0.0)
php-fpm (>= 0.0.0)
selinux (~> 0.7)
tar (>= 0.3.1)
xml (3.1.2)
build-essential (>= 0.0.0)
yum (3.13.0)
yum-epel (0.3.6)
yum (~> 3.0)
yum-mysql-community (2.1.0)
compat_resource (>= 12.16.3)
windows (5.3.0)
yum (5.1.0)
yum-epel (3.3.0)

12
cookbooks/dmg/CHANGELOG.md
View File

@ -2,6 +2,18 @@
This file is used to list changes made in each version of the dmg cookbook.
## 4.1.1 (2018-04-06)
- The dmg_package resource is now included in Chef 14 and this cookbook has been deprecated. We highly recommend updating to Chef 14 so you can use this resource without the need for a cookbook dependency.
- Validate the type field in the resource
- Remove the now autogenerated ChefSpec matchers
## 4.1.0 (2017-11-15)
- Adds allow_untrusted property for older packages that aren't signed
- Resolve Chef 14 deprecation warnings
- Minor testing updates and cleanup
## 4.0.0 (2017-04-27)
- Converted the existing LWRP to a custom resource which increases the required chef-client release to 12.5+

18
cookbooks/dmg/MAINTAINERS.md
View File

@ -1,18 +0,0 @@
<!-- This is a generated file. Please do not edit directly -->
# Maintainers
This file lists how this cookbook project is maintained. When making changes to the system, this
file tells you who needs to review your patch - you need a review from an existing maintainer
for the cookbook to provide a :+1: on your pull request. Additionally, you need
to not receive a veto from a Lieutenant or the Project Lead.
Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD)
for details on the process and how to become a maintainer or the project lead.
# Project Maintainer
* [Tim Smith](https://github.com/tas50)
# Maintainers
* [Jennifer Davis](https://github.com/sigje)
* [Tim Smith](https://github.com/tas50)
* [Thom May](https://github.com/thommay)

3
cookbooks/dmg/README.md
View File

@ -1,3 +1,5 @@
The dmg_package resource is now included in Chef 14 and this cookbook has been deprecated. We highly recommend updating to Chef 14 so you can use this resource without the need for a cookbook dependency.
# dmg Cookbook
[![Build Status](https://travis-ci.org/chef-cookbooks/dmg.svg?branch=master)](https://travis-ci.org/chef-cookbooks/dmg) [![Cookbook Version](https://img.shields.io/cookbook/v/dmg.svg)](https://supermarket.chef.io/cookbooks/dmg)
@ -49,6 +51,7 @@ Optionally, the LWRP can install an "mpkg" or "pkg" package using installer(8).
- `dmg_passphrase` - Specify a passphrase to use to unencrypt the dmg while mounting.
- `accept_eula` - Specify whether to accept the EULA. Certain dmgs require acceptance of EULA before mounting. Can be true or false, defaults to false.
- `headers` - Allows custom HTTP headers (like cookies) to be set on the remote_file resource.
- `allow_untrusted` - Allows packages with untrusted certs to be installed.
#### Examples

24
cookbooks/dmg/libraries/matchers.rb
View File

@ -1,24 +0,0 @@
#
# Cookbook:: dmg
# Library:: matchers
#
# Copyright:: 2014-2017, Fletcher Nichol <fnichol@nichol.ca>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
if defined?(ChefSpec)
def install_dmg_package(app)
ChefSpec::Matchers::ResourceMatcher.new(:dmg_package, :install, app)
end
end

2
cookbooks/dmg/metadata.json
View File

File diff suppressed because one or more lines are too long

8
cookbooks/dmg/resources/package.rb
View File

@ -26,12 +26,13 @@ property :destination, String, default: '/Applications'
property :checksum, String
property :volumes_dir, String
property :dmg_name, String
property :type, String, default: 'app'
property :type, String, default: 'app', equal_to: %w(app pkg mpkg)
property :installed, [true, false], default: false, desired_state: false
property :package_id, String
property :dmg_passphrase, String
property :accept_eula, [true, false], default: false
property :headers, [Hash, nil], default: nil
property :allow_untrusted, [true, false], default: false
load_current_value do |new_resource|
if ::File.directory?("#{new_resource.destination}/#{new_resource.app}.app")
@ -87,7 +88,10 @@ action :install do
ignore_failure true
end
when 'mpkg', 'pkg'
execute "installation_file=$(ls '/Volumes/#{volumes_dir}' | grep '.#{new_resource.type}$') && sudo installer -pkg \"/Volumes/#{volumes_dir}/$installation_file\" -target /" do
install_cmd = "installation_file=$(ls '/Volumes/#{volumes_dir}' | grep '.#{new_resource.type}$') && sudo installer -pkg \"/Volumes/#{volumes_dir}/$installation_file\" -target /"
install_cmd += ' -allowUntrusted' if new_resource.allow_untrusted
execute install_cmd do
# Prevent cfprefsd from holding up hdiutil detach for certain disk images
environment('__CFPREFERENCES_AVOID_DAEMON' => '1')
end

2
cookbooks/iis/.foodcritic
View File

@ -1,2 +0,0 @@
~FC059
~FC023

348
cookbooks/iis/CHANGELOG.md
View File

@ -1,348 +0,0 @@
# iis Cookbook CHANGELOG
This file is used to list changes made in each version of the iis cookbook.
## 6.7.1 (2017-06-09)
- [Fix issue with guard clause missing on check](https://github.com/chef-cookbooks/iis/pull/378)
## 6.7.0 (2017-06-09)
- [Fix idempotency in `iis_app`, `iis_root`, and `iis_vdir`](https://github.com/chef-cookbooks/iis/pull/375)
## 6.6.0 (2017-06-01)
- Convert `iis_module` to a custom resource
## 6.5.3 (2017-05-17)
- Refactor `iis_vdir` name property to `application_name`
- Resolves a bug in iis_vdir also adds more liberty in config
## 6.5.2 (2017-05-15)
- [Update iis_vdir name to not require a trailing /](https://github.com/chef-cookbooks/iis/pull/363)
- [Fix iis_pool identity_type issue](https://github.com/chef-cookbooks/iis/pull/362)
## 6.5.1 (2017-05-12)
- [iis_pool is not Idempotent](https://github.com/chef-cookbooks/iis/issues/354)
- Fix whitespace in `iis_pool` name
## 6.5.0 (2017-05-10)
- Convert `iis_root` to a custom resource
- [uninitialized constant Chef::Resource::IisRoot](https://github.com/chef-cookbooks/iis/issues/333)
- [mime types are not deleted](https://github.com/chef-cookbooks/iis/issues/321)
- [iis_root errors on 'duplicate collection entry of type 'mimeMap'](https://github.com/chef-cookbooks/iis/issues/199)
## 6.4.1 (2017-05-05)
- [fix bug with start having ! in front](https://github.com/chef-cookbooks/iis/pull/349)
## 6.4.0 (2017-05-04)
- Convert `iis_section` to a custom resource
- Resolve issue with `iis_pool`
## 6.3.1 (2017-04-26)
- [Fix multiple issues with ~FC023](https://github.com/chef-cookbooks/iis/pull/341)
## 6.3.0 (2017-04-24)
- Convert `iis_pool` to a custom resource
- Convert `iis_vdir` to a custom resource
- Bug fix for `log` function change to `Chef::Log`
## 6.2.0 (2017-04-18)
- Convert `iis_site` to a custom resource
## 6.1.0 (2017-04-14)
- Convert `iis_config` to a custom resource
## 6.0.1 (2017-04-07)
- Fix undefined method `site_identifier` with iis_app resource.
## 6.0.0 (2017-04-06)
- Rewrite of `iis_app` resource to use custom resources.
- Addition of testing for `iis_app` resource.
## 5.1.0 (2017-03-20)
- Require at least windows 2.0 cookbook
- Run integration testing in Appveyer
- Switched testing to Inspec from pester/ServerSpec combo
- Removed the empty iis_test cookbook
## 5.0.8 (2017-03-13)
- [iis-root default_documents broke from last fix](#306)
## 5.0.7 (2017-03-07)
- [iis-root default_documents deleted every chef run](#306)
## 5.0.6 (2017-02-24)
- [iis_version is not evaluated properly on if statement](#308)
## 5.0.5 (2016-11-21)
- [Fixed no_managed_code idempotency](#301)
## 5.0.4 (2016-10-11)
- fixed adding an app pool to a site - This fixes a bug where adding an app pool to a site causes an error. This was using the 'add app' where we are working with a site and the syntax is slightly different according to this [documentation](https://technet.microsoft.com/en-us/library/cc732992%28v=ws.10%29.aspx).
## 5.0.3 (2016-10-10)
- Log event on recycle - This allows you to specify which events you want to log on recycle. This also changes this so that it defaults to the standard nothing, which means you will need to add this attribute if you are depending on it.
## 5.0.2 (2016-10-07)
- [Minor over oversight in IIS::mod_aspnet 5.0.1](#296)
- [IIS Pool resource thirty_two_bit false doesn't](#292)
## 5.0.1 (2016-09-21)
- Fix mod_management to include dependencies (#293)
## 5.0.0 (2016-09-06)
- Adding 2k12 version flag to the windows_feature resource (#291)
- Testing updates
- Avoid deprecation warnings in the specs
- Require Chef 12+
## 4.2.0 (2016-08-09)
- Feature pool recycle virtual memory (#288)
## v4.1.10 (2016-06-29)
- Resolves [Issue with error 50 when installing mod_aspnet](https://github.com/chef-cookbooks/iis/issues/285)
## v4.1.9 (2016-06-26)
- Resolves [Add deprecation warnings for iis_config in 4.2](https://github.com/chef-cookbooks/iis/issues/284)
- Resolves [iis_pool is not idempotent when recycle_at_time is specified and is not changed](https://github.com/chef-cookbooks/iis/issues/279)
## v4.1.8 (2016-04-15)
- Fixed smp_processor_affinity_mask throwing deprecation warnings
- Added additional chefspec tests
- Updated testing dependencies to the latests
- Disabled FC059 rule for now
## v4.1.7 (2016-03-25)
- Resolves [smp_processor_affinity_mask is wrong value type](https://github.com/chef-cookbooks/iis/issues/266)
- Resolves [Not a valid unsigned integer](https://github.com/chef-cookbooks/iis/issues/261)
- Resolves [Deprecated features used](https://github.com/chef-cookbooks/iis/issues/259)
- Resolves [Deprecated feature used, fix before chef 13](https://github.com/chef-cookbooks/iis/issues/253)
- Resolves [iis_site :config action not idempotent (Windows 2012 R2/IIS 8.5)](https://github.com/chef-cookbooks/iis/issues/249)
- Resolves [Can't set recycle_at_time to default](https://github.com/chef-cookbooks/iis/issues/247)
## v4.1.6 (2016-02-01)
- Resolves issues with [Unable to set app pool to be "No Managed Code"](https://github.com/chef-cookbooks/iis/issues/240)
- Resolves [Add_mime_maps is throwing compile error](https://github.com/chef-cookbooks/iis/issues/238)
- Resolves [FATAL: NameError: iis_root "xxx" had an error: NameError: No resource, method, or local variable named `was _updated' for`LWRP provider iis_root from cookbook iis](https://github.com/chef-cookbooks/iis/issues/236)
## v4.1.5 (2015-11-18)
- Resolves issues with `iis_root` [#222](https://github.com/chef-cookbooks/iis/issues/222)
## v4.1.4 (2015-11-2)
- Re-added functionality for iis_pool auto_start, this was a breaking change
## v4.1.3 (2015-10-30)
- Resolves Robucop issues
- Bug Fix for [#217](https://github.com/chef-cookbooks/iis/issues/217)
## v4.1.2 (2015-10-21)
- Bug fixes for application pool provider and site provider
- Added the ability to detect the IIS Version, allowing for some properties to only exist for specific IIS versions
- Fixed issue with Win32 being required on linux
- Added support for mimeTypes and defaultDocuments on iis_sites
- Added iis config set and clear abilities
## v4.1.1 (2015-05-07)
- Detects changes in the physical path of apps.
- Adds support for gMSA identity.
- Performing add on a site will now reconfigure it if necessary.
- Lock and unlock commands on configuration sections now use -commit:apphost.
- Fix issue where popeline_mode was ignored during configuration of a pool.
## v4.1.0 (2015-03-04)
- Removed iis_pool attribute 'set_profile_environment' incompatible with < IIS-8.
- Added pester test framework.
- Condensed and fixed change-log to show public releases only.
- Fixed bug where bindings were being overwritten by :config.
- Code-cleanup and cosmetic fixes.
## v4.0.0 (2015-02-12)
- [#91](https://github.com/chef-cookbooks/iis/pull/91) - bulk addition of new features
- Virtual Directory Support (allows virtual directories to be added to both websites and to webapplications under sites).
- section unlock and lock support (this is used to allow for the web.config of a site to define the authentication methods).
- fixed issue with :add on pool provider not running all config (this was a known issue and is now resolved).
- fixed issue with :config on all providers causing application pool recycles (every chef-client run).
- moved to better method for XML checking of previous settings to detect changes (changed all check to use xml searching with appcmd instead of the previous method [none]).
- Improved pool resource with many more apppool properties that can be set.
- Fixed bug with default attribute inheritance.
- New recipe to enable ASP.NET 4.5.
- Skeleton serverspec+test-kitchen framework.
- Added Berksfile, Gemfile and .kitchen.yml to assist developers.
- Fixed issue [#107] function is_new_or_empty was returning reverse results.
- Removed dependency on "chef-client", ">= 3.7.0".
- Changed all files to UTF-8 file format.
- Fixed issue with iis_pool not putting ApplicationPoolIdentity and username/password.
- [#98] Fixed issues with bindings.
- added backwards compatibility for chef-client < 12.x.x Chef::Util::PathHelper.
## v2.1.6 (2014-11-12)
- [#78] Adds new_resource.updated_by_last_action calls
## v2.1.5 (2014-09-15)
- [#68] Add win_friendly_path to all appcmd.exe /physicalPath arguments
## v2.1.4 (2014-09-13)
- [#72] Adds chefspec matchers
- [#57] Fixes site_id not being updated on a :config action
## v2.1.2 (2014-04-23)
- [COOK-4559] Remove invalid UTF-8 characters
## v2.1.0 (2014-03-25)
[COOK-4426] - feature order correction for proper installation [COOK-4428] - Add IIS FTP Feature Installation
## v2.0.4 (2014-03-18)
- [COOK-4420] Corrected incorrect feature names for mod_security
## v2.0.2 (2014-02-25)
- [COOK-4108] - Add documentation for the 'bindings' attribute in 'iis_site' LWRP
## v2.0.0 (2014-01-03)
Major version bump
## v1.6.6
Adding extra windows platform checks to helper library
## v1.6.4
### Bug
- **[COOK-4138](https://tickets.chef.io/browse/COOK-4138)** - iis cookbook won't load on non-Windows platforms
## v1.6.2
### Improvement
- **[COOK-3634](https://tickets.chef.io/browse/COOK-3634)** - provide ability to set app pool managedRuntimeVersion to "No Managed Code"
## v1.6.0
### Improvement
- **[COOK-3922](https://tickets.chef.io/browse/COOK-3922)** - refactor IIS cookbook to not require WebPI
## v1.5.6
### Improvement
- **[COOK-3770](https://tickets.chef.io/browse/COOK-3770)** - Add Enabled Protocols to IIS App Recipe
## v1.5.4
### New Feature
- **[COOK-3675](https://tickets.chef.io/browse/COOK-3675)** - Add recipe for CGI module
## v1.5.2
### Bug
- **[COOK-3232](https://tickets.chef.io/browse/COOK-3232)** - Allow `iis_app` resource `:config` action with a virtual path
## v1.5.0
### Improvement
- [COOK-2370]: add MVC2, escape `application_pool` and add options for
- recycling
- [COOK-2694]: update iis documentation to show that Windows 2012 and
- Windows 8 are supported
### Bug
- [COOK-2325]: `load_current_resource` does not load state of pool
- correctly, always sets running to false
- [COOK-2526]: Installing IIS after .NET framework will leave
- installation in non-working state
- [COOK-2596]: iis cookbook fails with indecipherable error if EULA
- not accepted
## v1.4.0
- [COOK-2181] -Adding full module support to iis cookbook
## v1.3.6
- [COOK-2084] - Add support for additional options during site creation
- [COOK-2152] - Add recipe for IIS6 metabase compatibility
## v1.3.4
- [COOK-2050] - IIS cookbook does not have returns resource defined
## v1.3.2
- [COOK-1251] - Fix LWRP "NotImplementedError"
## v1.3.0
- [COOK-1301] - Add a recycle action to the iis_pool resource
- [COOK-1665] - app pool identity and new node[iis][component] attribute
- [COOK-1666] - Recipe to remove default site and app pool
- [COOK-1858] - Recipe misspelled
## v1.2.0
- [COOK-1061] - `iis_site` doesn't allow setting the pool
- [COOK-1078] - handle advanced bindings
- [COOK-1283] - typo on pool
- [COOK-1284] - install iis application initialization
- [COOK-1285] - allow multiple host_header, port and protocol
- [COOK-1286] - allow directly setting which app pool on site creation
- [COOK-1449] - iis pool regex returns true if similar site exists
- [COOK-1647] - mod_ApplicationInitialization isn't RC
## v1.1.0
- [COOK-1012] - support adding apps
- [COOK-1028] - support for config command
- [COOK-1041] - fix removal in app pools
- [COOK-835] - add app pool management
- [COOK-950] - documentation correction for version of IIS/OS
## v1.0.2
- Ruby 1.9 compat fixes
- ensure carriage returns are removed before applying regex
## v1.0.0
- [COOK-718] initial release

21
cookbooks/iis/MAINTAINERS.md
View File

@ -1,21 +0,0 @@
<!-- This is a generated file. Please do not edit directly -->
# Maintainers
This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead.
Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead.
# Project Maintainer
* [Adam Edwards](https://github.com/adamedx)
# Maintainers
* [Salim Alam](https://github.com/chefsalim)
* [Jennifer Davis](https://github.com/sigje)
* [Adam Edwards](https://github.com/adamedx)
* [Claire McQuin](https://github.com/mcquin)
* [Steven Murawski](https://github.com/smurawski)
* [Kartik Null Cating-Subramanian](https://github.com/ksubrama)
* [Justin Schuhmann](https://github.com/EasyAsABC123)
* [Tim Smith](https://github.com/tas50)
* [Matt Wrock](https://github.com/mwrock)

613
cookbooks/iis/README.md
View File

File diff suppressed because one or more lines are too long

31
cookbooks/iis/attributes/default.rb
View File

@ -1,31 +0,0 @@
#
# Author:: Seth Chisamore (<schisamo@chef.io>)
# Cookbook:: iis
# Attribute:: default
#
# Copyright:: 2011-2016, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
default['iis']['home'] = "#{ENV['WINDIR']}\\System32\\inetsrv"
default['iis']['conf_dir'] = "#{ENV['WINDIR']}\\System32\\inetsrv\\config"
default['iis']['pubroot'] = "#{ENV['SYSTEMDRIVE']}\\inetpub"
default['iis']['docroot'] = "#{ENV['SYSTEMDRIVE']}\\inetpub\\wwwroot"
default['iis']['log_dir'] = "#{ENV['SYSTEMDRIVE']}\\inetpub\\logs\\LogFiles"
default['iis']['cache_dir'] = "#{ENV['SYSTEMDRIVE']}\\inetpub\\temp"
default['iis']['components'] = []
default['iis']['source'] = nil
default['iis']['recycle']['log_events'] = 'Time, Requests, Schedule, Memory, IsapiUnhealthy, OnDemand, ConfigChange, PrivateMemory'

412
cookbooks/iis/libraries/constants.rb
View File

@ -1,412 +0,0 @@
#
# Cookbook:: iis
# Library:: constants
#
# Copyright:: 2013-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
module Opscode
module IIS
# Contains functions that are used throughout this cookbook
module Constants
def self.default_documents
%w(
Default.htm
Default.asp
index.htm
index.html
iisstart.htm
default.aspx
)
end
def self.default_mime_types
%w(
fileExtension='.323',mimeType='text/h323'
fileExtension='.3g2',mimeType='video/3gpp2'
fileExtension='.3gp2',mimeType='video/3gpp2'
fileExtension='.3gp',mimeType='video/3gpp'
fileExtension='.3gpp',mimeType='video/3gpp'
fileExtension='.aaf',mimeType='application/octet-stream'
fileExtension='.aac',mimeType='audio/aac'
fileExtension='.aca',mimeType='application/octet-stream'
fileExtension='.accdb',mimeType='application/msaccess'
fileExtension='.accde',mimeType='application/msaccess'
fileExtension='.accdt',mimeType='application/msaccess'
fileExtension='.acx',mimeType='application/internet-property-stream'
fileExtension='.adt',mimeType='audio/vnd.dlna.adts'
fileExtension='.adts',mimeType='audio/vnd.dlna.adts'
fileExtension='.afm',mimeType='application/octet-stream'
fileExtension='.ai',mimeType='application/postscript'
fileExtension='.aif',mimeType='audio/x-aiff'
fileExtension='.aifc',mimeType='audio/aiff'
fileExtension='.aiff',mimeType='audio/aiff'
fileExtension='.application',mimeType='application/x-ms-application'
fileExtension='.art',mimeType='image/x-jg'
fileExtension='.asd',mimeType='application/octet-stream'
fileExtension='.asf',mimeType='video/x-ms-asf'
fileExtension='.asi',mimeType='application/octet-stream'
fileExtension='.asm',mimeType='text/plain'
fileExtension='.asr',mimeType='video/x-ms-asf'
fileExtension='.asx',mimeType='video/x-ms-asf'
fileExtension='.atom',mimeType='application/atom+xml'
fileExtension='.au',mimeType='audio/basic'
fileExtension='.avi',mimeType='video/avi'
fileExtension='.axs',mimeType='application/olescript'
fileExtension='.bas',mimeType='text/plain'
fileExtension='.bcpio',mimeType='application/x-bcpio'
fileExtension='.bin',mimeType='application/octet-stream'
fileExtension='.bmp',mimeType='image/bmp'
fileExtension='.c',mimeType='text/plain'
fileExtension='.cab',mimeType='application/vnd.ms-cab-compressed'
fileExtension='.calx',mimeType='application/vnd.ms-office.calx'
fileExtension='.cat',mimeType='application/vnd.ms-pki.seccat'
fileExtension='.cdf',mimeType='application/x-cdf'
fileExtension='.chm',mimeType='application/octet-stream'
fileExtension='.class',mimeType='application/x-java-applet'
fileExtension='.clp',mimeType='application/x-msclip'
fileExtension='.cmx',mimeType='image/x-cmx'
fileExtension='.cnf',mimeType='text/plain'
fileExtension='.cod',mimeType='image/cis-cod'
fileExtension='.cpio',mimeType='application/x-cpio'
fileExtension='.cpp',mimeType='text/plain'
fileExtension='.crd',mimeType='application/x-mscardfile'
fileExtension='.crl',mimeType='application/pkix-crl'
fileExtension='.crt',mimeType='application/x-x509-ca-cert'
fileExtension='.csh',mimeType='application/x-csh'
fileExtension='.css',mimeType='text/css'
fileExtension='.csv',mimeType='application/octet-stream'
fileExtension='.cur',mimeType='application/octet-stream'
fileExtension='.dcr',mimeType='application/x-director'
fileExtension='.deploy',mimeType='application/octet-stream'
fileExtension='.der',mimeType='application/x-x509-ca-cert'
fileExtension='.dib',mimeType='image/bmp'
fileExtension='.dir',mimeType='application/x-director'
fileExtension='.disco',mimeType='text/xml'
fileExtension='.dll',mimeType='application/x-msdownload'
fileExtension='.dll.config',mimeType='text/xml'
fileExtension='.dlm',mimeType='text/dlm'
fileExtension='.doc',mimeType='application/msword'
fileExtension='.docm',mimeType='application/vnd.ms-word.document.macroEnabled.12'
fileExtension='.docx',mimeType='application/vnd.openxmlformats-officedocument.wordprocessingml.document'
fileExtension='.dot',mimeType='application/msword'
fileExtension='.dotm',mimeType='application/vnd.ms-word.template.macroEnabled.12'
fileExtension='.dotx',mimeType='application/vnd.openxmlformats-officedocument.wordprocessingml.template'
fileExtension='.dsp',mimeType='application/octet-stream'
fileExtension='.dtd',mimeType='text/xml'
fileExtension='.dvi',mimeType='application/x-dvi'
fileExtension='.dvr-ms',mimeType='video/x-ms-dvr'
fileExtension='.dwf',mimeType='drawing/x-dwf'
fileExtension='.dwp',mimeType='application/octet-stream'
fileExtension='.dxr',mimeType='application/x-director'
fileExtension='.eml',mimeType='message/rfc822'
fileExtension='.emz',mimeType='application/octet-stream'
fileExtension='.eot',mimeType='application/vnd.ms-fontobject'
fileExtension='.eps',mimeType='application/postscript'
fileExtension='.etx',mimeType='text/x-setext'
fileExtension='.evy',mimeType='application/envoy'
fileExtension='.exe',mimeType='application/octet-stream'
fileExtension='.exe.config',mimeType='text/xml'
fileExtension='.fdf',mimeType='application/vnd.fdf'
fileExtension='.fif',mimeType='application/fractals'
fileExtension='.fla',mimeType='application/octet-stream'
fileExtension='.flr',mimeType='x-world/x-vrml'
fileExtension='.flv',mimeType='video/x-flv'
fileExtension='.gif',mimeType='image/gif'
fileExtension='.gtar',mimeType='application/x-gtar'
fileExtension='.gz',mimeType='application/x-gzip'
fileExtension='.h',mimeType='text/plain'
fileExtension='.hdf',mimeType='application/x-hdf'
fileExtension='.hdml',mimeType='text/x-hdml'
fileExtension='.hhc',mimeType='application/x-oleobject'
fileExtension='.hhk',mimeType='application/octet-stream'
fileExtension='.hhp',mimeType='application/octet-stream'
fileExtension='.hlp',mimeType='application/winhlp'
fileExtension='.hqx',mimeType='application/mac-binhex40'
fileExtension='.hta',mimeType='application/hta'
fileExtension='.htc',mimeType='text/x-component'
fileExtension='.htm',mimeType='text/html'
fileExtension='.html',mimeType='text/html'
fileExtension='.htt',mimeType='text/webviewhtml'
fileExtension='.hxt',mimeType='text/html'
fileExtension='.ico',mimeType='image/x-icon'
fileExtension='.ics',mimeType='text/calendar'
fileExtension='.ief',mimeType='image/ief'
fileExtension='.iii',mimeType='application/x-iphone'
fileExtension='.inf',mimeType='application/octet-stream'
fileExtension='.ins',mimeType='application/x-internet-signup'
fileExtension='.isp',mimeType='application/x-internet-signup'
fileExtension='.IVF',mimeType='video/x-ivf'
fileExtension='.jar',mimeType='application/java-archive'
fileExtension='.java',mimeType='application/octet-stream'
fileExtension='.jck',mimeType='application/liquidmotion'
fileExtension='.jcz',mimeType='application/liquidmotion'
fileExtension='.jfif',mimeType='image/pjpeg'
fileExtension='.jpb',mimeType='application/octet-stream'
fileExtension='.jpe',mimeType='image/jpeg'
fileExtension='.jpeg',mimeType='image/jpeg'
fileExtension='.jpg',mimeType='image/jpeg'
fileExtension='.js',mimeType='application/javascript'
fileExtension='.json',mimeType='application/json'
fileExtension='.jsx',mimeType='text/jscript'
fileExtension='.latex',mimeType='application/x-latex'
fileExtension='.lit',mimeType='application/x-ms-reader'
fileExtension='.lpk',mimeType='application/octet-stream'
fileExtension='.lsf',mimeType='video/x-la-asf'
fileExtension='.lsx',mimeType='video/x-la-asf'
fileExtension='.lzh',mimeType='application/octet-stream'
fileExtension='.m13',mimeType='application/x-msmediaview'
fileExtension='.m14',mimeType='application/x-msmediaview'
fileExtension='.m1v',mimeType='video/mpeg'
fileExtension='.m2ts',mimeType='video/vnd.dlna.mpeg-tts'
fileExtension='.m3u',mimeType='audio/x-mpegurl'
fileExtension='.m4a',mimeType='audio/mp4'
fileExtension='.m4v',mimeType='video/mp4'
fileExtension='.man',mimeType='application/x-troff-man'
fileExtension='.manifest',mimeType='application/x-ms-manifest'
fileExtension='.map',mimeType='text/plain'
fileExtension='.mdb',mimeType='application/x-msaccess'
fileExtension='.mdp',mimeType='application/octet-stream'
fileExtension='.me',mimeType='application/x-troff-me'
fileExtension='.mht',mimeType='message/rfc822'
fileExtension='.mhtml',mimeType='message/rfc822'
fileExtension='.mid',mimeType='audio/mid'
fileExtension='.midi',mimeType='audio/mid'
fileExtension='.mix',mimeType='application/octet-stream'
fileExtension='.mmf',mimeType='application/x-smaf'
fileExtension='.mno',mimeType='text/xml'
fileExtension='.mny',mimeType='application/x-msmoney'
fileExtension='.mov',mimeType='video/quicktime'
fileExtension='.movie',mimeType='video/x-sgi-movie'
fileExtension='.mp2',mimeType='video/mpeg'
fileExtension='.mp3',mimeType='audio/mpeg'
fileExtension='.mp4',mimeType='video/mp4'
fileExtension='.mp4v',mimeType='video/mp4'
fileExtension='.mpa',mimeType='video/mpeg'
fileExtension='.mpe',mimeType='video/mpeg'
fileExtension='.mpeg',mimeType='video/mpeg'
fileExtension='.mpg',mimeType='video/mpeg'
fileExtension='.mpp',mimeType='application/vnd.ms-project'
fileExtension='.mpv2',mimeType='video/mpeg'
fileExtension='.ms',mimeType='application/x-troff-ms'
fileExtension='.msi',mimeType='application/octet-stream'
fileExtension='.mso',mimeType='application/octet-stream'
fileExtension='.mvb',mimeType='application/x-msmediaview'
fileExtension='.mvc',mimeType='application/x-miva-compiled'
fileExtension='.nc',mimeType='application/x-netcdf'
fileExtension='.nsc',mimeType='video/x-ms-asf'
fileExtension='.nws',mimeType='message/rfc822'
fileExtension='.ocx',mimeType='application/octet-stream'
fileExtension='.oda',mimeType='application/oda'
fileExtension='.odc',mimeType='text/x-ms-odc'
fileExtension='.ods',mimeType='application/oleobject'
fileExtension='.oga',mimeType='audio/ogg'
fileExtension='.ogg',mimeType='video/ogg'
fileExtension='.ogv',mimeType='video/ogg'
fileExtension='.one',mimeType='application/onenote'
fileExtension='.onea',mimeType='application/onenote'
fileExtension='.onetoc',mimeType='application/onenote'
fileExtension='.onetoc2',mimeType='application/onenote'
fileExtension='.onetmp',mimeType='application/onenote'
fileExtension='.onepkg',mimeType='application/onenote'
fileExtension='.osdx',mimeType='application/opensearchdescription+xml'
fileExtension='.otf',mimeType='font/otf'
fileExtension='.p10',mimeType='application/pkcs10'
fileExtension='.p12',mimeType='application/x-pkcs12'
fileExtension='.p7b',mimeType='application/x-pkcs7-certificates'
fileExtension='.p7c',mimeType='application/pkcs7-mime'
fileExtension='.p7m',mimeType='application/pkcs7-mime'
fileExtension='.p7r',mimeType='application/x-pkcs7-certreqresp'
fileExtension='.p7s',mimeType='application/pkcs7-signature'
fileExtension='.pbm',mimeType='image/x-portable-bitmap'
fileExtension='.pcx',mimeType='application/octet-stream'
fileExtension='.pcz',mimeType='application/octet-stream'
fileExtension='.pdf',mimeType='application/pdf'
fileExtension='.pfb',mimeType='application/octet-stream'
fileExtension='.pfm',mimeType='application/octet-stream'
fileExtension='.pfx',mimeType='application/x-pkcs12'
fileExtension='.pgm',mimeType='image/x-portable-graymap'
fileExtension='.pko',mimeType='application/vnd.ms-pki.pko'
fileExtension='.pma',mimeType='application/x-perfmon'
fileExtension='.pmc',mimeType='application/x-perfmon'
fileExtension='.pml',mimeType='application/x-perfmon'
fileExtension='.pmr',mimeType='application/x-perfmon'
fileExtension='.pmw',mimeType='application/x-perfmon'
fileExtension='.png',mimeType='image/png'
fileExtension='.pnm',mimeType='image/x-portable-anymap'
fileExtension='.pnz',mimeType='image/png'
fileExtension='.pot',mimeType='application/vnd.ms-powerpoint'
fileExtension='.potm',mimeType='application/vnd.ms-powerpoint.template.macroEnabled.12'
fileExtension='.potx',mimeType='application/vnd.openxmlformats-officedocument.presentationml.template'
fileExtension='.ppam',mimeType='application/vnd.ms-powerpoint.addin.macroEnabled.12'
fileExtension='.ppm',mimeType='image/x-portable-pixmap'
fileExtension='.pps',mimeType='application/vnd.ms-powerpoint'
fileExtension='.ppsm',mimeType='application/vnd.ms-powerpoint.slideshow.macroEnabled.12'
fileExtension='.ppsx',mimeType='application/vnd.openxmlformats-officedocument.presentationml.slideshow'
fileExtension='.ppt',mimeType='application/vnd.ms-powerpoint'
fileExtension='.pptm',mimeType='application/vnd.ms-powerpoint.presentation.macroEnabled.12'
fileExtension='.pptx',mimeType='application/vnd.openxmlformats-officedocument.presentationml.presentation'
fileExtension='.prf',mimeType='application/pics-rules'
fileExtension='.prm',mimeType='application/octet-stream'
fileExtension='.prx',mimeType='application/octet-stream'
fileExtension='.ps',mimeType='application/postscript'
fileExtension='.psd',mimeType='application/octet-stream'
fileExtension='.psm',mimeType='application/octet-stream'
fileExtension='.psp',mimeType='application/octet-stream'
fileExtension='.pub',mimeType='application/x-mspublisher'
fileExtension='.qt',mimeType='video/quicktime'
fileExtension='.qtl',mimeType='application/x-quicktimeplayer'
fileExtension='.qxd',mimeType='application/octet-stream'
fileExtension='.ra',mimeType='audio/x-pn-realaudio'
fileExtension='.ram',mimeType='audio/x-pn-realaudio'
fileExtension='.rar',mimeType='application/octet-stream'
fileExtension='.ras',mimeType='image/x-cmu-raster'
fileExtension='.rf',mimeType='image/vnd.rn-realflash'
fileExtension='.rgb',mimeType='image/x-rgb'
fileExtension='.rm',mimeType='application/vnd.rn-realmedia'
fileExtension='.rmi',mimeType='audio/mid'
fileExtension='.roff',mimeType='application/x-troff'
fileExtension='.rpm',mimeType='audio/x-pn-realaudio-plugin'
fileExtension='.rtf',mimeType='application/rtf'
fileExtension='.rtx',mimeType='text/richtext'
fileExtension='.scd',mimeType='application/x-msschedule'
fileExtension='.sct',mimeType='text/scriptlet'
fileExtension='.sea',mimeType='application/octet-stream'
fileExtension='.setpay',mimeType='application/set-payment-initiation'
fileExtension='.setreg',mimeType='application/set-registration-initiation'
fileExtension='.sgml',mimeType='text/sgml'
fileExtension='.sh',mimeType='application/x-sh'
fileExtension='.shar',mimeType='application/x-shar'
fileExtension='.sit',mimeType='application/x-stuffit'
fileExtension='.sldm',mimeType='application/vnd.ms-powerpoint.slide.macroEnabled.12'
fileExtension='.sldx',mimeType='application/vnd.openxmlformats-officedocument.presentationml.slide'
fileExtension='.smd',mimeType='audio/x-smd'
fileExtension='.smi',mimeType='application/octet-stream'
fileExtension='.smx',mimeType='audio/x-smd'
fileExtension='.smz',mimeType='audio/x-smd'
fileExtension='.snd',mimeType='audio/basic'
fileExtension='.snp',mimeType='application/octet-stream'
fileExtension='.spc',mimeType='application/x-pkcs7-certificates'
fileExtension='.spl',mimeType='application/futuresplash'
fileExtension='.spx',mimeType='audio/ogg'
fileExtension='.src',mimeType='application/x-wais-source'
fileExtension='.ssm',mimeType='application/streamingmedia'
fileExtension='.sst',mimeType='application/vnd.ms-pki.certstore'
fileExtension='.stl',mimeType='application/vnd.ms-pki.stl'
fileExtension='.sv4cpio',mimeType='application/x-sv4cpio'
fileExtension='.sv4crc',mimeType='application/x-sv4crc'
fileExtension='.svg',mimeType='image/svg+xml'
fileExtension='.svgz',mimeType='image/svg+xml'
fileExtension='.swf',mimeType='application/x-shockwave-flash'
fileExtension='.t',mimeType='application/x-troff'
fileExtension='.tar',mimeType='application/x-tar'
fileExtension='.tcl',mimeType='application/x-tcl'
fileExtension='.tex',mimeType='application/x-tex'
fileExtension='.texi',mimeType='application/x-texinfo'
fileExtension='.texinfo',mimeType='application/x-texinfo'
fileExtension='.tgz',mimeType='application/x-compressed'
fileExtension='.thmx',mimeType='application/vnd.ms-officetheme'
fileExtension='.thn',mimeType='application/octet-stream'
fileExtension='.tif',mimeType='image/tiff'
fileExtension='.tiff',mimeType='image/tiff'
fileExtension='.toc',mimeType='application/octet-stream'
fileExtension='.tr',mimeType='application/x-troff'
fileExtension='.trm',mimeType='application/x-msterminal'
fileExtension='.ts',mimeType='video/vnd.dlna.mpeg-tts'
fileExtension='.tsv',mimeType='text/tab-separated-values'
fileExtension='.ttf',mimeType='application/octet-stream'
fileExtension='.tts',mimeType='video/vnd.dlna.mpeg-tts'
fileExtension='.txt',mimeType='text/plain'
fileExtension='.u32',mimeType='application/octet-stream'
fileExtension='.uls',mimeType='text/iuls'
fileExtension='.ustar',mimeType='application/x-ustar'
fileExtension='.vbs',mimeType='text/vbscript'
fileExtension='.vcf',mimeType='text/x-vcard'
fileExtension='.vcs',mimeType='text/plain'
fileExtension='.vdx',mimeType='application/vnd.ms-visio.viewer'
fileExtension='.vml',mimeType='text/xml'
fileExtension='.vsd',mimeType='application/vnd.visio'
fileExtension='.vss',mimeType='application/vnd.visio'
fileExtension='.vst',mimeType='application/vnd.visio'
fileExtension='.vsto',mimeType='application/x-ms-vsto'
fileExtension='.vsw',mimeType='application/vnd.visio'
fileExtension='.vsx',mimeType='application/vnd.visio'
fileExtension='.vtx',mimeType='application/vnd.visio'
fileExtension='.wav',mimeType='audio/wav'
fileExtension='.wax',mimeType='audio/x-ms-wax'
fileExtension='.wbmp',mimeType='image/vnd.wap.wbmp'
fileExtension='.wcm',mimeType='application/vnd.ms-works'
fileExtension='.wdb',mimeType='application/vnd.ms-works'
fileExtension='.webm',mimeType='video/webm'
fileExtension='.wks',mimeType='application/vnd.ms-works'
fileExtension='.wm',mimeType='video/x-ms-wm'
fileExtension='.wma',mimeType='audio/x-ms-wma'
fileExtension='.wmd',mimeType='application/x-ms-wmd'
fileExtension='.wmf',mimeType='application/x-msmetafile'
fileExtension='.wml',mimeType='text/vnd.wap.wml'
fileExtension='.wmlc',mimeType='application/vnd.wap.wmlc'
fileExtension='.wmls',mimeType='text/vnd.wap.wmlscript'
fileExtension='.wmlsc',mimeType='application/vnd.wap.wmlscriptc'
fileExtension='.wmp',mimeType='video/x-ms-wmp'
fileExtension='.wmv',mimeType='video/x-ms-wmv'
fileExtension='.wmx',mimeType='video/x-ms-wmx'
fileExtension='.wmz',mimeType='application/x-ms-wmz'
fileExtension='.woff',mimeType='font/x-woff'
fileExtension='.wps',mimeType='application/vnd.ms-works'
fileExtension='.wri',mimeType='application/x-mswrite'
fileExtension='.wrl',mimeType='x-world/x-vrml'
fileExtension='.wrz',mimeType='x-world/x-vrml'
fileExtension='.wsdl',mimeType='text/xml'
fileExtension='.wtv',mimeType='video/x-ms-wtv'
fileExtension='.wvx',mimeType='video/x-ms-wvx'
fileExtension='.x',mimeType='application/directx'
fileExtension='.xaf',mimeType='x-world/x-vrml'
fileExtension='.xaml',mimeType='application/xaml+xml'
fileExtension='.xap',mimeType='application/x-silverlight-app'
fileExtension='.xbap',mimeType='application/x-ms-xbap'
fileExtension='.xbm',mimeType='image/x-xbitmap'
fileExtension='.xdr',mimeType='text/plain'
fileExtension='.xht',mimeType='application/xhtml+xml'
fileExtension='.xhtml',mimeType='application/xhtml+xml'
fileExtension='.xla',mimeType='application/vnd.ms-excel'
fileExtension='.xlam',mimeType='application/vnd.ms-excel.addin.macroEnabled.12'
fileExtension='.xlc',mimeType='application/vnd.ms-excel'
fileExtension='.xlm',mimeType='application/vnd.ms-excel'
fileExtension='.xls',mimeType='application/vnd.ms-excel'
fileExtension='.xlsb',mimeType='application/vnd.ms-excel.sheet.binary.macroEnabled.12'
fileExtension='.xlsm',mimeType='application/vnd.ms-excel.sheet.macroEnabled.12'
fileExtension='.xlsx',mimeType='application/vnd.openxmlformats-officedocument.spreadsheetml.sheet'
fileExtension='.xlt',mimeType='application/vnd.ms-excel'
fileExtension='.xltm',mimeType='application/vnd.ms-excel.template.macroEnabled.12'
fileExtension='.xltx',mimeType='application/vnd.openxmlformats-officedocument.spreadsheetml.template'
fileExtension='.xlw',mimeType='application/vnd.ms-excel'
fileExtension='.xml',mimeType='text/xml'
fileExtension='.xof',mimeType='x-world/x-vrml'
fileExtension='.xpm',mimeType='image/x-xpixmap'
fileExtension='.xps',mimeType='application/vnd.ms-xpsdocument'
fileExtension='.xsd',mimeType='text/xml'
fileExtension='.xsf',mimeType='text/xml'
fileExtension='.xsl',mimeType='text/xml'
fileExtension='.xslt',mimeType='text/xml'
fileExtension='.xsn',mimeType='application/octet-stream'
fileExtension='.xtp',mimeType='application/octet-stream'
fileExtension='.xwd',mimeType='image/x-xwindowdump'
fileExtension='.z',mimeType='application/x-compress'
fileExtension='.zip',mimeType='application/x-zip-compressed
)
end
end
end
end

118
cookbooks/iis/libraries/helper.rb
View File

@ -1,118 +0,0 @@
#
# Cookbook:: iis
# Library:: helper
#
# Copyright:: 2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
module Opscode
module IIS
# Contains functions that are used throughout this cookbook
module Helper
@iis_version = nil
if RUBY_PLATFORM =~ /mswin|mingw32|windows/
require 'chef/win32/version'
require 'win32/registry'
end
require 'rexml/document'
require 'chef/mixin/shell_out'
include Chef::Mixin::ShellOut
include REXML
include Windows::Helper
def self.older_than_windows2008r2?
if RUBY_PLATFORM =~ /mswin|mingw32|windows/
win_version = Chef::ReservedNames::Win32::Version.new
win_version.windows_server_2008? ||
win_version.windows_vista? ||
win_version.windows_server_2003_r2? ||
win_version.windows_home_server? ||
win_version.windows_server_2003? ||
win_version.windows_xp? ||
win_version.windows_2000?
end
end
def self.older_than_windows2012?
if RUBY_PLATFORM =~ /mswin|mingw32|windows/
win_version = Chef::ReservedNames::Win32::Version.new
win_version.windows_7? ||
win_version.windows_server_2008_r2? ||
win_version.windows_server_2008? ||
win_version.windows_vista? ||
win_version.windows_server_2003_r2? ||
win_version.windows_home_server? ||
win_version.windows_server_2003? ||
win_version.windows_xp? ||
win_version.windows_2000?
end
end
def windows_cleanpath(path)
path = if defined?(Chef::Util::PathHelper.cleanpath).nil?
win_friendly_path(path)
else
Chef::Util::PathHelper.cleanpath(path)
end
# Remove any trailing slashes to prevent them from accidentally escaping any quotes.
path.tr('/', '\\')
end
def application_cleanname(application_name)
if application_name.count('/') == 0
"#{application_name}/"
elsif application_name.count('/') > 1
application_name.chomp('/')
else
application_name
end
end
def value(document, xpath)
XPath.first(document, xpath).to_s
end
def bool(value)
value == 'true'
end
def new_value?(document, xpath, value_to_check)
XPath.first(document, xpath).to_s != value_to_check.to_s
end
def new_or_empty_value?(document, xpath, value_to_check)
value_to_check.to_s != '' && new_value?(document, xpath, value_to_check)
end
def appcmd(node)
@appcmd ||= begin
"#{node['iis']['home']}\\appcmd.exe"
end
end
def iis_version
if @iis_version.nil?
version_string = Win32::Registry::HKEY_LOCAL_MACHINE.open('SOFTWARE\Microsoft\InetStp').read('VersionString')[1]
version_string.slice! 'Version '
@iis_version = version_string
end
@iis_version.to_f
end
end
end
end

73
cookbooks/iis/libraries/matcher.rb
View File

@ -1,73 +0,0 @@
if defined?(ChefSpec)
[:set, :clear, :config].each do |action|
self.class.send(:define_method, "#{action}_iis_config", proc do |config_name|
ChefSpec::Matchers::ResourceMatcher.new(:iis_config, action, config_name)
end
)
end
[:config, :add, :delete].each do |action|
self.class.send(:define_method, "#{action}_iis_app", proc do |app_name|
ChefSpec::Matchers::ResourceMatcher.new(:iis_app, action, app_name)
end
)
end
[:config].each do |action|
self.class.send(:define_method, "#{action}_iis_lock", proc do |section|
ChefSpec::Matchers::ResourceMatcher.new(:iis_lock, action, section)
end
)
end
[:add, :delete, :install, :uninstall].each do |action|
self.class.send(:define_method, "#{action}_iis_module", proc do |module_name|
ChefSpec::Matchers::ResourceMatcher.new(:iis_module, action, module_name)
end
)
end
[:add, :config, :delete, :start, :stop, :restart, :recycle].each do |action|
self.class.send(:define_method, "#{action}_iis_pool", proc do |pool_name|
ChefSpec::Matchers::ResourceMatcher.new(:iis_pool, action, pool_name)
end
)
end
[:add, :delete, :start, :stop, :restart, :config].each do |action|
self.class.send(:define_method, "#{action}_iis_site", proc do |site_name|
ChefSpec::Matchers::ResourceMatcher.new(:iis_site, action, site_name)
end
)
end
[:config].each do |action|
self.class.send(:define_method, "#{action}_iis_unlock", proc do |section|
ChefSpec::Matchers::ResourceMatcher.new(:iis_unlock, action, section)
end
)
end
[:add, :config, :delete].each do |action|
self.class.send(:define_method, "#{action}_iis_vdir", proc do |section|
ChefSpec::Matchers::ResourceMatcher.new(:iis_vdir, action, section)
end
)
end
define_method = if Gem.loaded_specs['chefspec'].version < Gem::Version.new('4.1.0')
ChefSpec::Runner.method(:define_runner_method)
else
ChefSpec.method(:define_matcher)
end
define_method.call :iis_app
define_method.call :iis_config
define_method.call :iis_lock
define_method.call :iis_module
define_method.call :iis_pool
define_method.call :iis_site
define_method.call :iis_unlock
define_method.call :iis_vdir
end

120
cookbooks/iis/libraries/processors.rb
View File

@ -1,120 +0,0 @@
#
# Cookbook:: iis
# Library:: processors
#
# Copyright:: 2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
module Opscode
module IIS
# Contains functions that are used throughout this cookbook
module Processors
def current_default_documents_config(specifier = '')
cmd = shell_out! get_default_documents_command specifier
return unless cmd.stderr.empty?
xml = cmd.stdout
doc = REXML::Document.new xml
{
default_documents_enabled: value(doc.root, 'CONFIG/system.webServer-defaultDocument/@enabled'),
default_documents: REXML::XPath.match(doc.root, 'CONFIG/system.webServer-defaultDocument/files/add/@value').map(&:value),
}
end
def current_mime_maps_config(specifier = '')
# handles mime maps
cmd = shell_out! get_mime_map_command specifier
return unless cmd.stderr.empty?
xml = cmd.stdout
doc = REXML::Document.new xml
REXML::XPath.match(doc.root, 'CONFIG/system.webServer-staticContent/mimeMap').map { |x| "fileExtension='#{x.attribute 'fileExtension'}',mimeType='#{x.attribute 'mimeType'}'" }
end
def set_default_documents_enabled(value, specifier = '')
cmd = default_documents_command specifier
cmd << " /enabled:#{value}"
shell_out! cmd
end
def set_default_documents(desired_default_documents, current_default_documents, add = true, remove = true, specifier = '')
cmd = default_documents_command specifier
Chef::Log.warn("new #{desired_default_documents} --- old #{current_default_documents}")
if add
(desired_default_documents - current_default_documents).each do |document|
cmd << " /+files.[value='#{document}']"
end
end
if remove && !add
(desired_default_documents - current_default_documents).each do |document|
cmd << " /-files.[value='#{document}']"
end
end
if remove && add
(current_default_documents - desired_default_documents).each do |document|
cmd << " /-files.[value='#{document}']"
end
end
Chef::Log.warn("before cmd -- #{cmd}")
return unless cmd != default_documents_command(specifier)
Chef::Log.warn("after cmd -- #{cmd}")
shell_out! cmd
end
def set_mime_maps(desired_mime_maps, current_mime_maps, add = true, remove = true, specifier = '')
cmd = mime_map_command specifier
if add
(desired_mime_maps - current_mime_maps).each do |mime_map|
cmd << " /+\"[#{mime_map}]\""
end
end
if remove && !add
(desired_mime_maps - current_mime_maps).each do |mime_map|
cmd << " /-\"[#{mime_map}]\""
end
end
if remove && add
(current_mime_maps - desired_mime_maps).each do |mime_map|
cmd << " /-\"[#{mime_map}]\""
end
end
return unless cmd != mime_map_command(specifier)
shell_out! cmd
end
private
def get_default_documents_command(specifier = '')
"#{appcmd(node)} list config #{specifier} /section:defaultDocument /config:* /xml"
end
def default_documents_command(specifier = '')
"#{appcmd(node)} set config #{specifier} /section:defaultDocument"
end
def get_mime_map_command(specifier = '')
"#{appcmd(node)} list config #{specifier} /section:staticContent /config:* /xml"
end
def mime_map_command(specifier = '')
"#{appcmd(node)} set config #{specifier} /section:staticContent"
end
end
end
end

79
cookbooks/iis/libraries/section_helper.rb
View File

@ -1,79 +0,0 @@
#
# Cookbook:: iis
# Library:: section-helper
#
# Copyright:: 2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
module Opscode
module IIS
# Contains functions that are used throughout this cookbook
module SectionHelper
require 'rexml/document'
include REXML
def lock(node, section, location = '', returns = [0])
cmd_list_section node, :lock, section, location, returns
end
def unlock(node, section, location = '', returns = [0])
cmd_list_section node, :unlock, section, location, returns
end
def override_mode(node, action, section, location = '', returns = [0])
cmd_list_section(node, action, section, location, returns)
end
def get_current_lock(node, section, location = '')
command_path = 'MACHINE/WEBROOT/APPHOST'
command_path << "/#{location}" if location
cmd = "#{appcmd(node)} list config \"#{command_path}}\""
cmd << " -section:#{section} -commit:apphost /config:* /xml"
result = shell_out cmd
if result.stderr.empty?
xml = result.stdout
doc = Document.new xml
value(doc.root, 'CONFIG/@overrideMode')
else
Chef::Log.info(result.stderr)
end
nil
end
def cmd_section(node, check, section, location, returns)
cmd = "#{appcmd(node)} set config \"MACHINE/WEBROOT/APPHOST/#{location}\""
cmd << " -section:\"#{section}\" -overrideMode:#{check}"
cmd << ' -commit:apphost'
Chef::Log.debug(cmd)
shell_out!(cmd, returns: returns)
return unless location
cmd = "#{appcmd(node)} set config \"MACHINE/WEBROOT/APPHOST/#{location}\""
cmd << " -section:\"#{section}\" -overrideMode:#{check}"
Chef::Log.debug(cmd)
shell_out!(cmd, returns: returns)
end
def cmd_list_section(node, action, section, location, returns)
current_lock = get_current_lock(node, section, location)
check = action if action == 'Inherit'
check = (action == :lock ? 'Deny' : 'Allow') if action != 'Inherit'
cmd_section node, check, section, location, returns unless current_lock == check
end
end
end
end

1
cookbooks/iis/metadata.json
View File

File diff suppressed because one or more lines are too long

35
cookbooks/iis/recipes/default.rb
View File

@ -1,35 +0,0 @@
#
# Author:: Seth Chisamore (<schisamo@chef.io>)
# Cookbook:: iis
# Recipe:: default
#
# Copyright:: 2011-2016, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Always add this, so that we don't require this to be added if we want to add other components
default = Opscode::IIS::Helper.older_than_windows2008r2? ? 'Web-Server' : 'IIS-WebServerRole'
([default] + node['iis']['components']).each do |feature|
windows_feature feature do
action :install
all !Opscode::IIS::Helper.older_than_windows2012?
source node['iis']['source'] unless node['iis']['source'].nil?
end
end
service 'iis' do
service_name 'W3SVC'
action [:enable, :start]
end

36
cookbooks/iis/recipes/mod_aspnet.rb
View File

@ -1,36 +0,0 @@
#
# Author:: Seth Chisamore (<schisamo@chef.io>)
# Cookbook:: iis
# Recipe:: mod_aspnet
#
# Copyright:: 2011-2016, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
include_recipe 'iis::mod_isapi'
features = if Opscode::IIS::Helper.older_than_windows2008r2?
%w(NET-Framework)
else
%w(IIS-NetFxExtensibility IIS-ASPNET)
end
features.each do |feature|
windows_feature feature do
action :install
all !Opscode::IIS::Helper.older_than_windows2012?
source node['iis']['source'] unless node['iis']['source'].nil?
end
end

34
cookbooks/iis/recipes/mod_aspnet45.rb
View File

@ -1,34 +0,0 @@
#
# Author:: Blair Hamilton (<blairham@me.com>)
# Cookbook:: iis
# Recipe:: mod_aspnet45
#
# Copyright:: 2011-2016, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
include_recipe 'iis::mod_isapi'
features = if Opscode::IIS::Helper.older_than_windows2008r2?
%w(NET-Framework)
else
%w(NetFx4Extended-ASPNET45 IIS-NetFxExtensibility45 IIS-ASPNET45)
end
features.each do |feature|
windows_feature feature do
action :install
end
end

26
cookbooks/iis/recipes/mod_auth_anonymous.rb
View File

@ -1,26 +0,0 @@
#
# Author:: Justin Schuhmann
# Cookbook:: iis
# Recipe:: mod_auth_basic
#
# Copyright:: 2016, Justin Schuhmann
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
iis_section 'unlocks anonymous authentication control in web.config' do
section 'system.webServer/security/authentication/anonymousAuthentication'
action :unlock
end

36
cookbooks/iis/recipes/mod_auth_basic.rb
View File

@ -1,36 +0,0 @@
#
# Author:: Seth Chisamore (<schisamo@chef.io>)
# Cookbook:: iis
# Recipe:: mod_auth_basic
#
# Copyright:: 2011-2016, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
feature = if Opscode::IIS::Helper.older_than_windows2008r2?
'Web-Basic-Auth'
else
'IIS-BasicAuthentication'
end
windows_feature feature do
action :install
end
iis_section 'unlocks basic authentication control in web.config' do
section 'system.webServer/security/authentication/basicAuthentication'
action :unlock
end

36
cookbooks/iis/recipes/mod_auth_windows.rb
View File

@ -1,36 +0,0 @@
#
# Author:: Seth Chisamore (<schisamo@chef.io>)
# Cookbook:: iis
# Recipe:: mod_auth_windows
#
# Copyright:: 2011-2016, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
feature = if Opscode::IIS::Helper.older_than_windows2008r2?
'Web-Windows-Auth'
else
'IIS-WindowsAuthentication'
end
windows_feature feature do
action :install
end
iis_section 'unlocks windows authentication control in web.config' do
section 'system.webServer/security/authentication/windowsAuthentication'
action :unlock
end

31
cookbooks/iis/recipes/mod_cgi.rb
View File

@ -1,31 +0,0 @@
#
# Author:: Richard Downer (<richard.downer@cloudsoftcorp.com>)
# Cookbook:: iis
# Recipe:: mod_cgi
#
# Copyright:: 2013-2016, Cloudsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
feature = if Opscode::IIS::Helper.older_than_windows2008r2?
'Web-CGI'
else
'IIS-CGI'
end
windows_feature feature do
action :install
end

31
cookbooks/iis/recipes/mod_compress_dynamic.rb
View File

@ -1,31 +0,0 @@
#
# Author:: Seth Chisamore (<schisamo@chef.io>)
# Cookbook:: iis
# Recipe:: mod_compress_dynamic
#
# Copyright:: 2011-2016, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
feature = if Opscode::IIS::Helper.older_than_windows2008r2?
'Web-Dyn-Compression'
else
'IIS-HttpCompressionDynamic'
end
windows_feature feature do
action :install
end

31
cookbooks/iis/recipes/mod_compress_static.rb
View File

@ -1,31 +0,0 @@
#
# Author:: Seth Chisamore (<schisamo@chef.io>)
# Cookbook:: iis
# Recipe:: mod_compress_static
#
# Copyright:: 2011-2016, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
feature = if Opscode::IIS::Helper.older_than_windows2008r2?
'Web-Stat-Compression'
else
'IIS-HttpCompressionStatic'
end
windows_feature feature do
action :install
end

33
cookbooks/iis/recipes/mod_ftp.rb
View File

@ -1,33 +0,0 @@
#
# Author:: Kevin Rivers (<kevin@kevinrivers.com>)
# Cookbook:: iis
# Recipe:: mod_ftp
#
# Copyright:: 2014-2016, Kevin Rivers
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
features = if Opscode::IIS::Helper.older_than_windows2008r2?
%w(Web-Ftp-Server Web-Ftp-Service Web-Ftp-Ext)
else
%w(IIS-FTPServer IIS-FTPSvc IIS-FTPExtensibility)
end
features.each do |f|
windows_feature f do
action :install
end
end

33
cookbooks/iis/recipes/mod_iis6_metabase_compat.rb
View File

@ -1,33 +0,0 @@
#
# Author:: Kristian Vlaardingerbroek (<kvlaardingerbroek@schubergphilis.com>)
# Cookbook:: iis
# Recipe:: mod_iis6_metabase_compat
#
# Copyright:: 2013-2016, Schuberg Philis B.V.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
features = if Opscode::IIS::Helper.older_than_windows2008r2?
%w(Web-Mgmt-Compat Web-Metabase)
else
%w(IIS-IIS6ManagementCompatibility IIS-Metabase)
end
features.each do |f|
windows_feature f do
action :install
end
end

33
cookbooks/iis/recipes/mod_isapi.rb
View File

@ -1,33 +0,0 @@
#
# Author:: Seth Chisamore (<schisamo@chef.io>)
# Cookbook:: iis
# Recipe:: mod_isapi
#
# Copyright:: 2011-2016, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
features = if Opscode::IIS::Helper.older_than_windows2008r2?
%w(Web-ISAPI-Filter Web-ISAPI-Ext)
else
%w(IIS-ISAPIFilter IIS-ISAPIExtensions)
end
features.each do |feature|
windows_feature feature do
action :install
end
end

31
cookbooks/iis/recipes/mod_logging.rb
View File

@ -1,31 +0,0 @@
#
# Author:: Seth Chisamore (<schisamo@chef.io>)
# Cookbook:: iis
# Recipe:: mod_logging
#
# Copyright:: 2011-2016, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
feature = if Opscode::IIS::Helper.older_than_windows2008r2?
'Web-Http-Logging'
else
'IIS-CustomLogging'
end
windows_feature feature do
action :install
end

34
cookbooks/iis/recipes/mod_management.rb
View File

@ -1,34 +0,0 @@
#
# Author:: Seth Chisamore (<schisamo@chef.io>)
# Cookbook:: iis
# Recipe:: mod_management
#
# Copyright:: 2011-2016, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
features = if Opscode::IIS::Helper.older_than_windows2008r2?
%w(Web-Mgmt-Console Web-Mgmt-Service)
else
%w(IIS-ManagementConsole IIS-ManagementService)
end
features.each do |feature|
windows_feature feature do
action :install
all !Opscode::IIS::Helper.older_than_windows2012?
end
end

33
cookbooks/iis/recipes/mod_security.rb
View File

@ -1,33 +0,0 @@
#
# Author:: Seth Chisamore (<schisamo@chef.io>)
# Cookbook:: iis
# Recipe:: mod_security
#
# Copyright:: 2011-2016, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
features = if Opscode::IIS::Helper.older_than_windows2008r2?
%w(Web-Url-Auth Web-Filtering Web-IP-Security)
else
%w(IIS-URLAuthorization IIS-RequestFiltering IIS-IPSecurity)
end
features.each do |feature|
windows_feature feature do
action :install
end
end

31
cookbooks/iis/recipes/mod_tracing.rb
View File

@ -1,31 +0,0 @@
#
# Author:: Seth Chisamore (<schisamo@chef.io>)
# Cookbook:: iis
# Recipe:: mod_diagnostics
#
# Copyright:: 2011-2016, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include_recipe 'iis'
feature = if Opscode::IIS::Helper.older_than_windows2008r2?
'Web-Http-Tracing'
else
'IIS-HTTPTracing'
end
windows_feature feature do
action :install
end

27
cookbooks/iis/recipes/remove_default_site.rb
View File

@ -1,27 +0,0 @@
#
# Author:: Kendrick Martin (<kendrick.martin@webtrends.com>)
# Cookbook:: iis
# Recipe:: remove_default_site
#
# Copyright:: 2012-2016, Webtrends, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
iis_site 'Default Web Site' do
action [:stop, :delete]
end
iis_pool 'DefaultAppPool' do
action [:stop, :delete]
end

146
cookbooks/iis/resources/app.rb
View File

@ -1,146 +0,0 @@
#
# Cookbook:: iis
# Resource:: app
#
# Copyright:: 2011-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'rexml/document'
include REXML
include Opscode::IIS::Helper
property :site_name, String, name_property: true
property :path, String, default: '/'
property :application_pool, String
property :physical_path, String
property :enabled_protocols, String
default_action :add
load_current_value do |desired|
site_name desired.site_name
# Sanitize physical path
desired.physical_path = windows_cleanpath(desired.physical_path) if desired.physical_path
cmd = shell_out("#{appcmd(node)} list app \"#{desired.site_name}#{desired.path}\"")
Chef::Log.debug("#{appcmd(node)} list app command output: #{cmd.stdout}")
if cmd.stderr.empty?
Chef::Log.debug('Running regex')
regex = /^APP\s\"#{desired.site_name}#{desired.path}\"/
result = cmd.stdout.match(regex)
Chef::Log.debug("#{desired} current_resource match output: #{result}")
if !result.nil?
cmd_current_values = "#{appcmd(node)} list app \"#{desired.site_name}#{desired.path}\" /config:* /xml"
Chef::Log.debug(cmd_current_values)
cmd_current_values = shell_out(cmd_current_values)
if cmd_current_values.stderr.empty?
xml = cmd_current_values.stdout
doc = Document.new(xml)
path value doc.root, 'APP/application/@path'
application_pool value doc.root, 'APP/application/@applicationPool'
enabled_protocols value doc.root, 'APP/application/@enabledProtocols'
physical_path windows_cleanpath(value(doc.root, 'APP/application/virtualDirectory/@physicalPath'))
end
else
path ''
end
else
Chef::Log.warn "Failed to run iis_app action :load_current_resource, #{cmd_current_values.stderr}"
end
end
action :add do
if exists
Chef::Log.debug("#{new_resource.inspect} app already exists - nothing to do")
else
converge_by "Creating the Application - \"#{new_resource}\"" do
cmd = "#{appcmd(node)} add app /site.name:\"#{new_resource.site_name}\""
cmd << " /path:\"#{new_resource.path}\""
cmd << " /applicationPool:\"#{new_resource.application_pool}\"" if new_resource.application_pool
cmd << " /physicalPath:\"#{new_resource.physical_path}\"" if new_resource.physical_path
cmd << " /enabledProtocols:\"#{new_resource.enabled_protocols}\"" if new_resource.enabled_protocols
cmd << ' /commit:\"MACHINE/WEBROOT/APPHOST\"'
Chef::Log.debug(cmd)
shell_out!(cmd)
end
end
end
action :config do
if exists
# only get the beginning of the command if there is something that changes
cmd = cmd_set_app
converge_if_changed :path do
# adds path to the cmd
cmd << " /path:\"#{new_resource.path}\"" if new_resource.path
end
converge_if_changed :application_pool do
# adds applicationPool to the cmd
cmd << " /applicationPool:\"#{new_resource.application_pool}\"" if new_resource.application_pool
end
converge_if_changed :enabled_protocols do
# adds enabledProtocols to the cmd
cmd << " /enabledProtocols:\"#{new_resource.enabled_protocols}\"" if new_resource.enabled_protocols
end
Chef::Log.debug(cmd)
if cmd == cmd_set_app
Chef::Log.debug("#{new_resource.inspect} application - nothing to do")
else
converge_by "Updating the Application - \"#{new_resource}\"" do
shell_out!(cmd)
end
end
converge_if_changed :physical_path do
cmd = "#{appcmd(node)} set vdir /vdir.name:\"#{vdir_identifier}\""
cmd << " /physicalPath:\"#{new_resource.physical_path}\""
Chef::Log.debug(cmd)
shell_out!(cmd)
end
else
Chef::Log.debug("#{new_resource.inspect} app needs to be added - cannot configure non-existent items")
end
end
action :delete do
if exists
converge_by "Deleting the Application - \"#{new_resource}\"" do
shell_out!("#{appcmd(node)} delete app \"#{site_identifier}\"")
Chef::Log.info("#{new_resource} deleted")
end
else
Chef::Log.debug("#{new_resource.inspect} app does not exist - nothing to do")
end
end
action_class.class_eval do
def exists
!current_resource.path.empty?
end
def cmd_set_app
"#{appcmd(node)} set app \"#{site_identifier}\""
end
def site_identifier
"#{new_resource.site_name}#{new_resource.path}"
end
# Ensure VDIR identifier has a trailing slash
def vdir_identifier
site_identifier.end_with?('/') ? site_identifier : site_identifier + '/'
end
end

44
cookbooks/iis/resources/config.rb
View File

@ -1,44 +0,0 @@
#
# Cookbook:: iis
# Resource:: config
#
# Copyright:: 2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include Opscode::IIS::Helper
include Opscode::IIS::Processors
property :cfg_cmd, String, name_attribute: true
property :returns, [Integer, Array], default: 0
default_action :set
action :set do
config
end
action :clear do
config(:clear)
end
action_class.class_eval do
def config(action = :set)
converge_by "Executing IIS Config #{action}" do
cmd = "#{appcmd(node)} #{action} config #{new_resource.cfg_cmd}"
Chef::Log.debug(cmd)
shell_out!(cmd, returns: new_resource.returns)
end
end
end

135
cookbooks/iis/resources/module.rb
View File

@ -1,135 +0,0 @@
#
# Cookbook:: iis
# Resource:: module
#
# Copyright:: 2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include Opscode::IIS::Helper
include Opscode::IIS::Processors
include Opscode::IIS::SectionHelper
property :module_name, String, name_property: true
property :type, String
property :add, [true, false], default: false
property :image, String
property :precondition, String
property :application, String
property :previous_lock, String
default_action :add
load_current_value do |desired|
module_name desired.module_name
application desired.application if desired.application
# Sanitize Image Path (file system path)
desired.image = windows_cleanpath(desired.image) if desired.image
cmd = "#{appcmd(node)} list module /module.name:\"#{desired.module_name}\""
cmd << " /app.name:\"#{desired.application}\"" if desired.application
cmd_result = shell_out cmd
# 'MODULE "Module Name" ( type:module.type, preCondition:condition )'
# 'MODULE "Module Name" ( native, preCondition:condition )'
Chef::Log.debug("#{desired.name} list module command output: #{cmd_result.stdout}")
unless cmd_result.stdout.empty?
previous_lock get_current_lock(node, 'system.webServer/modules', desired.application)
cmd = "#{appcmd(node)} list module /module.name:\"#{desired.module_name}\""
cmd << " /app.name:\"#{desired.application}\"" if desired.application
cmd << ' /config:* /xml'
cmd_result = shell_out cmd
if cmd_result.stderr.empty?
xml = cmd_result.stdout
doc = Document.new(xml)
type value doc.root, 'MODULE/@type'
precondition value doc.root, 'MODULE/@preCondition'
end
end
end
# appcmd syntax for adding modules
# appcmd add module /name:string /type:string /preCondition:string
action :add do
if exists
Chef::Log.debug("#{new_resource} module already exists - nothing to do")
else
converge_by("add IIS module #{new_resource.module_name}") do
unlock(node, 'system.webServer/modules', new_resource.application)
cmd = "#{appcmd(node)} add module /module.name:\"#{new_resource.module_name}\""
cmd << " /app.name:\"#{new_resource.application}\"" if new_resource.application
cmd << " /type:\"#{new_resource.type}\"" if new_resource.type
cmd << " /preCondition:\"#{new_resource.precondition}\"" if new_resource.precondition
shell_out!(cmd, returns: [0, 42])
override_mode(node, current_resource.previous_lock, 'system.webServer/modules', new_resource.application)
end
end
end
action :delete do
if exists
converge_by("delete IIS module #{new_resource.module_name}") do
unlock(node, 'system.webServer/modules', new_resource.application)
cmd = "#{appcmd(node)} delete module /module.name:\"#{new_resource.module_name}\""
cmd << " /app.name:\"#{new_resource.application}\"" if new_resource.application
shell_out!(cmd, returns: [0, 42])
override_mode(node, current_resource.previous_lock, 'system.webServer/modules', new_resource.application)
end
else
Chef::Log.debug("#{new_resource} module does not exist - nothing to do")
end
end
# appcmd syntax for installing native modules
# appcmd install module /name:string /add:string(true|false) /image:string
action :install do
if exists
Chef::Log.debug("#{new_resource} module already exists - nothing to do")
else
converge_by("install IIS module #{new_resource.module_name}") do
unlock(node, 'system.webServer/modules', new_resource.application)
cmd = "#{appcmd(node)} install module /name:\"#{new_resource.module_name}\""
cmd << " /add:\"#{new_resource.add}\"" unless new_resource.add.nil?
cmd << " /image:\"#{new_resource.image}\"" if new_resource.image
cmd << " /preCondition:\"#{new_resource.precondition}\"" if new_resource.precondition
shell_out!(cmd, returns: [0, 42])
override_mode(node, current_resource.previous_lock, 'system.webServer/modules', new_resource.application)
end
end
end
# appcmd syntax for uninstalling native modules
# appcmd uninstall module <name>
action :uninstall do
if exists
converge_by("uninstall IIS module #{new_resource.module_name}") do
unlock(node, 'system.webServer/modules', new_resource.application)
cmd = "#{appcmd(node)} uninstall module \"#{new_resource.module_name}\""
shell_out!(cmd, returns: [0, 42])
override_mode(node, current_resource.previous_lock, 'system.webServer/modules', new_resource.application)
end
else
Chef::Log.debug("#{new_resource} module does not exists - nothing to do")
end
end
action_class.class_eval do
def exists
current_resource.type ? true : false
end
end

451
cookbooks/iis/resources/pool.rb
View File

@ -1,451 +0,0 @@
#
# Cookbook:: iis
# Resource:: pool
#
# Copyright:: 2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'rexml/document'
include REXML
include Opscode::IIS::Helper
include Opscode::IIS::Processors
# root
property :name, String, name_property: true
property :no_managed_code, [true, false], default: false
property :pipeline_mode, [Symbol, String], equal_to: [:Integrated, :Classic], coerce: proc { |v| v.to_sym }
property :runtime_version, String
# add items
property :start_mode, [Symbol, String], equal_to: [:AlwaysRunning, :OnDemand], default: :OnDemand, coerce: proc { |v| v.to_sym }
property :auto_start, [true, false], default: true
property :queue_length, Integer, default: 1000, coerce: proc { |v| v.to_i }
property :thirty_two_bit, [true, false], default: false
# processModel items
property :max_processes, Integer, coerce: proc { |v| v.to_i }
property :load_user_profile, [true, false], default: false
property :identity_type, [Symbol, String], equal_to: [:SpecificUser, :NetworkService, :LocalService, :LocalSystem, :ApplicationPoolIdentity], default: :ApplicationPoolIdentity, coerce: proc { |v| v.to_sym }
property :username, String
property :password, String
property :logon_type, [Symbol, String], equal_to: [:LogonBatch, :LogonService], default: :LogonBatch, coerce: proc { |v| v.to_sym }
property :manual_group_membership, [true, false], default: false
property :idle_timeout, String, default: '00:20:00'
property :idle_timeout_action, [Symbol, String], equal_to: [:Terminate, :Suspend], default: :Terminate, coerce: proc { |v| v.to_sym }
property :shutdown_time_limit, String, default: '00:01:30'
property :startup_time_limit, String, default: '00:01:30'
property :pinging_enabled, [true, false], default: true
property :ping_interval, String, default: '00:00:30'
property :ping_response_time, String, default: '00:01:30'
# recycling items
property :disallow_rotation_on_config_change, [true, false], default: false
property :disallow_overlapping_rotation, [true, false], default: false
property :recycle_schedule_clear, [true, false], default: false
property :log_event_on_recycle, String, default: node['iis']['recycle']['log_events']
property :recycle_after_time, String
property :recycle_at_time, String
property :private_memory, Integer, coerce: proc { |v| v.to_i }
property :virtual_memory, Integer, coerce: proc { |v| v.to_i }
# failure items
property :load_balancer_capabilities, [Symbol, String], equal_to: [:HttpLevel, :TcpLevel], default: :HttpLevel, coerce: proc { |v| v.to_sym }
property :orphan_worker_process, [true, false], default: false
property :orphan_action_exe, String
property :orphan_action_params, String
property :rapid_fail_protection, [true, false], default: true
property :rapid_fail_protection_interval, String, default: '00:05:00'
property :rapid_fail_protection_max_crashes, Integer, default: 5, coerce: proc { |v| v.to_i }
property :auto_shutdown_exe, String
property :auto_shutdown_params, String
# cpu items
property :cpu_action, [Symbol, String], equal_to: [:NoAction, :KillW3wp, :Throttle, :ThrottleUnderLoad], default: :NoAction, coerce: proc { |v| v.to_sym }
property :cpu_limit, Integer, default: 0, coerce: proc { |v| v.to_i }
property :cpu_reset_interval, String, default: '00:05:00'
property :cpu_smp_affinitized, [true, false], default: false
property :smp_processor_affinity_mask, Float, default: 4_294_967_295.0, coerce: proc { |v| v.to_f }
property :smp_processor_affinity_mask_2, Float, default: 4_294_967_295.0, coerce: proc { |v| v.to_f }
# internally used for the state of the pool [Starting, Started, Stopping, Stopped, Unknown, Undefined value]
property :running, [true, false], desired_state: true
default_action :add
load_current_value do |desired|
name desired.name
cmd = shell_out("#{appcmd(node)} list apppool \"#{desired.name}\"")
# APPPOOL "DefaultAppPool" (MgdVersion:v2.0,MgdMode:Integrated,state:Started)
Chef::Log.debug("#{desired} list apppool command output: #{cmd.stdout}")
unless cmd.stderr.empty?
Chef::Log.warn "Failed to run iis_pool action :load_current_resource, #{cmd.stderr}"
return
end
result = cmd.stdout.gsub(/\r\n?/, "\n") # ensure we have no carriage returns
result = result.match(/^APPPOOL\s\"(#{desired.name})\"\s\(MgdVersion:(.*),MgdMode:(.*),state:(.*)\)$/i)
Chef::Log.debug("#{desired} current_resource match output: #{result}")
unless result
running false
return
end
running result[4] =~ /Started/ ? true : false
cmd_current_values = "#{appcmd(node)} list apppool \"#{desired.name}\" /config:* /xml"
Chef::Log.debug(cmd_current_values)
cmd_current_values = shell_out(cmd_current_values)
if cmd_current_values.stderr.empty?
xml = cmd_current_values.stdout
doc = Document.new(xml)
# root items
runtime_version value(doc.root, 'APPPOOL/@RuntimeVersion').gsub(/^v/, '')
pipeline_mode value(doc.root, 'APPPOOL/@PipelineMode').to_sym
# add items
auto_start bool(value(doc.root, 'APPPOOL/add/@autoStart')) if iis_version >= 7.0
start_mode value(doc.root, 'APPPOOL/add/@startMode').to_sym if iis_version > 7.0
queue_length value(doc.root, 'APPPOOL/add/@queueLength').to_i
thirty_two_bit bool(value(doc.root, 'APPPOOL/add/@enable32BitAppOnWin64'))
# processModel items
max_processes value(doc.root, 'APPPOOL/add/processModel/@maxProcesses').to_i
load_user_profile bool(value(doc.root, 'APPPOOL/add/processModel/@loadUserProfile'))
identity_type value(doc.root, 'APPPOOL/add/processModel/@identityType').to_sym if iis_version > 7.0
username value doc.root, 'APPPOOL/add/processModel/@userName'
unless username.nil? || desired.username.nil?
Chef::Log.info('username: ' + username + ' -> ' + desired.username)
end
password value doc.root, 'APPPOOL/add/processModel/@password'
logon_type value(doc.root, 'APPPOOL/add/processModel/@logonType').to_sym if iis_version > 7.0
manual_group_membership bool(value(doc.root, 'APPPOOL/add/processModel/@manualGroupMembership'))
idle_timeout value doc.root, 'APPPOOL/add/processModel/@idleTimeout'
idle_timeout_action value(doc.root, 'APPPOOL/add/processModel/@idleTimeoutAction').to_sym if iis_version >= 8.5
shutdown_time_limit value doc.root, 'APPPOOL/add/processModel/@shutdownTimeLimit'
startup_time_limit value doc.root, 'APPPOOL/add/processModel/@startupTimeLimit'
pinging_enabled bool(value(doc.root, 'APPPOOL/add/processModel/@pingingEnabled'))
ping_interval value doc.root, 'APPPOOL/add/processModel/@pingInterval'
ping_response_time value doc.root, 'APPPOOL/add/processModel/@pingResponseTime'
# recycling items
disallow_overlapping_rotation bool(value(doc.root, 'APPPOOL/add/recycling/@disallowOverlappingRotation'))
disallow_rotation_on_config_change bool(value(doc.root, 'APPPOOL/add/recycling/@disallowRotationOnConfigChange'))
recycle_after_time value doc.root, 'APPPOOL/add/recycling/periodicRestart/@time'
recycle_at_time value doc.root, "APPPOOL/add/recycling/periodicRestart/schedule/add[@value='#{desired.recycle_at_time}']/@value"
private_memory value(doc.root, 'APPPOOL/add/recycling/periodicRestart/@privateMemory').to_i
virtual_memory value(doc.root, 'APPPOOL/add/recycling/periodicRestart/@memory').to_i
log_event_on_recycle value doc.root, 'APPPOOL/add/recycling/@logEventOnRecycle'
# failure items
load_balancer_capabilities value(doc.root, 'APPPOOL/add/failure/@loadBalancerCapabilities').to_sym
orphan_worker_process bool(value(doc.root, 'APPPOOL/add/failure/@orphanWorkerProcess'))
orphan_action_exe value doc.root, 'APPPOOL/add/failure/@orphanActionExe'
orphan_action_params value doc.root, 'APPPOOL/add/failure/@orphanActionParams'
rapid_fail_protection bool(value(doc.root, 'APPPOOL/add/failure/@rapidFailProtection'))
rapid_fail_protection_interval value doc.root, 'APPPOOL/add/failure/@rapidFailProtectionInterval'
rapid_fail_protection_max_crashes value(doc.root, 'APPPOOL/add/failure/@rapidFailProtectionMaxCrashes').to_i
auto_shutdown_exe value doc.root, 'APPPOOL/add/failure/@autoShutdownExe'
auto_shutdown_params value doc.root, 'APPPOOL/add/failure/@autoShutdownParams'
# cpu items
cpu_action value(doc.root, 'APPPOOL/add/cpu/@action').to_sym
cpu_limit value(doc.root, 'APPPOOL/add/cpu/@limit').to_i
cpu_smp_affinitized bool(value(doc.root, 'APPPOOL/add/cpu/@smpAffinitized'))
cpu_reset_interval value doc.root, 'APPPOOL/add/cpu/@resetInterval'
smp_processor_affinity_mask value(doc.root, 'APPPOOL/add/cpu/@smpProcessorAffinityMask').to_f
smp_processor_affinity_mask_2 value(doc.root, 'APPPOOL/add/cpu/@smpProcessorAffinityMask2').to_f
@node_array = XPath.match(doc.root, 'APPPOOL/add/recycling/periodicRestart/schedule/add')
end
end
action :add do
if exists
Chef::Log.debug("#{new_resource} pool already exists - nothing to do")
else
converge_by "Created Application Pool \"#{new_resource}\"" do
cmd = "#{appcmd(node)} add apppool /name:\"#{new_resource.name}\""
if new_resource.no_managed_code
cmd << ' /managedRuntimeVersion:'
elsif new_resource.runtime_version
cmd << " /managedRuntimeVersion:v#{new_resource.runtime_version}"
end
cmd << " /managedPipelineMode:#{new_resource.pipeline_mode.capitalize}" if new_resource.pipeline_mode
cmd << ' /commit:\"MACHINE/WEBROOT/APPHOST\"'
Chef::Log.debug(cmd)
shell_out!(cmd)
configure
end
end
end
action :config do
configure if exists
end
action :delete do
if exists
converge_by "Deleted Application Pool \"#{new_resource}\"" do
shell_out!("#{appcmd(node)} delete apppool \"#{new_resource.name}\"")
end
else
Chef::Log.debug("#{new_resource} pool does not exist - nothing to do")
end
end
action :start do
if exists && !current_resource.running
converge_by "Started Application Pool \"#{new_resource}\"" do
shell_out!("#{appcmd(node)} start apppool \"#{new_resource.name}\"")
end
else
Chef::Log.debug("#{new_resource} already running - nothing to do")
end
end
action :stop do
if exists && current_resource.running
converge_by "Stopped Application Pool \"#{new_resource}\"" do
shell_out!("#{appcmd(node)} stop apppool \"#{new_resource.name}\"")
end
else
Chef::Log.debug("#{new_resource} already stopped - nothing to do")
end
end
action :restart do
if exists
converge_by "Restarted Application Pool \"#{new_resource}\"" do
shell_out!("#{appcmd(node)} stop APPPOOL \"#{new_resource.name}\"") if current_resource.running
sleep 2
shell_out!("#{appcmd(node)} start APPPOOL \"#{new_resource.name}\"")
end
end
end
action :recycle do
if exists
converge_by "Recycled Application Pool \"#{new_resource}\"" do
shell_out!("#{appcmd(node)} recycle APPPOOL \"#{new_resource.name}\"") if current_resource.running
end
end
end
action_class.class_eval do
def exists
current_resource.runtime_version ? true : false
end
def configure
# Application Pool Config
cmd = "#{appcmd(node)} set config /section:applicationPools"
# root items
if iis_version >= 7.0
converge_if_changed :auto_start do
cmd << configure_application_pool("autoStart:#{new_resource.auto_start}")
end
end
if iis_version >= 7.5
converge_if_changed :start_mode do
cmd << configure_application_pool("startMode:#{new_resource.start_mode}")
end
end
if new_resource.no_managed_code
converge_if_changed :runtime_version do
cmd << configure_application_pool('managedRuntimeVersion:')
end
else
converge_if_changed :runtime_version do
cmd << configure_application_pool("managedRuntimeVersion:v#{new_resource.runtime_version}")
end
end
converge_if_changed :pipeline_mode do
cmd << configure_application_pool("managedPipelineMode:#{new_resource.pipeline_mode}")
end
converge_if_changed :thirty_two_bit do
cmd << configure_application_pool("enable32BitAppOnWin64:#{new_resource.thirty_two_bit}")
end
converge_if_changed :queue_length do
cmd << configure_application_pool("queueLength:#{new_resource.queue_length}")
end
# processModel items
converge_if_changed :max_processes do
cmd << configure_application_pool("processModel.maxProcesses:#{new_resource.max_processes}")
end
converge_if_changed :load_user_profile do
cmd << configure_application_pool("processModel.loadUserProfile:#{new_resource.load_user_profile}")
end
converge_if_changed :logon_type do
cmd << configure_application_pool("processModel.logonType:#{new_resource.logon_type}")
end
converge_if_changed :manual_group_membership do
cmd << configure_application_pool("processModel.manualGroupMembership:#{new_resource.manual_group_membership}")
end
converge_if_changed :idle_timeout do
cmd << configure_application_pool("processModel.idleTimeout:#{new_resource.idle_timeout}")
end
if iis_version >= 8.5
converge_if_changed :idle_timeout_action do
cmd << configure_application_pool("processModel.idleTimeoutAction:#{new_resource.idle_timeout_action}")
end
end
converge_if_changed :shutdown_time_limit do
cmd << configure_application_pool("processModel.shutdownTimeLimit:#{new_resource.shutdown_time_limit}")
end
converge_if_changed :startup_time_limit do
cmd << configure_application_pool("processModel.startupTimeLimit:#{new_resource.startup_time_limit}")
end
converge_if_changed :pinging_enabled do
cmd << configure_application_pool("processModel.pingingEnabled:#{new_resource.pinging_enabled}")
end
converge_if_changed :ping_interval do
cmd << configure_application_pool("processModel.pingInterval:#{new_resource.ping_interval}")
end
converge_if_changed :ping_response_time do
cmd << configure_application_pool("processModel.pingResponseTime:#{new_resource.ping_response_time}")
end
should_clear_apppool_schedules = ((new_resource.recycle_at_time != current_resource.recycle_at_time) && !@node_array.nil? && !@node_array.empty?) || (new_resource.recycle_schedule_clear && !@node_array.nil? && !@node_array.empty?)
# recycling items
## Special case this collection removal for now.
# TODO: test if this is needed
# is_new_recycle_at_time = true
if !current_resource.runtime_version && should_clear_apppool_schedules
converge_by "Cleared Periodic Restart Schedule #{new_resource} - #{should_clear_apppool_schedules}" do
clear_pool_schedule_cmd = "#{appcmd(node)} set config /section:applicationPools \"/-[name='#{new_resource.name}'].recycling.periodicRestart.schedule\""
Chef::Log.debug(clear_pool_schedule_cmd)
shell_out!(clear_pool_schedule_cmd)
end
end
converge_if_changed :recycle_after_time do
cmd << configure_application_pool("recycling.periodicRestart.time:#{new_resource.recycle_after_time}")
end
converge_if_changed :recycle_at_time do
cmd << configure_application_pool("recycling.periodicRestart.schedule.[value='#{new_resource.recycle_at_time}']", '+')
end
converge_if_changed :log_event_on_recycle do
cmd << configure_application_pool("recycling.logEventOnRecycle:#{new_resource.log_event_on_recycle}")
end
converge_if_changed :private_memory do
cmd << configure_application_pool("recycling.periodicRestart.privateMemory:#{new_resource.private_memory}")
end
converge_if_changed :virtual_memory do
cmd << configure_application_pool("recycling.periodicRestart.memory:#{new_resource.virtual_memory}")
end
converge_if_changed :disallow_rotation_on_config_change do
cmd << configure_application_pool("recycling.disallowRotationOnConfigChange:#{new_resource.disallow_rotation_on_config_change}")
end
converge_if_changed :disallow_overlapping_rotation do
cmd << configure_application_pool("recycling.disallowOverlappingRotation:#{new_resource.disallow_overlapping_rotation}")
end
# failure items
converge_if_changed :load_balancer_capabilities do
cmd << configure_application_pool("failure.loadBalancerCapabilities:#{new_resource.load_balancer_capabilities}")
end
converge_if_changed :orphan_worker_process do
cmd << configure_application_pool("failure.orphanWorkerProcess:#{new_resource.orphan_worker_process}")
end
converge_if_changed :orphan_action_exe do
cmd << configure_application_pool("failure.orphanActionExe:#{new_resource.orphan_action_exe}")
end
converge_if_changed :orphan_action_params do
cmd << configure_application_pool("failure.orphanActionParams:#{new_resource.orphan_action_params}")
end
converge_if_changed :rapid_fail_protection do
cmd << configure_application_pool("failure.rapidFailProtection:#{new_resource.rapid_fail_protection}")
end
converge_if_changed :rapid_fail_protection_interval do
cmd << configure_application_pool("failure.rapidFailProtectionInterval:#{new_resource.rapid_fail_protection_interval}")
end
converge_if_changed :rapid_fail_protection_max_crashes do
cmd << configure_application_pool("failure.rapidFailProtectionMaxCrashes:#{new_resource.rapid_fail_protection_max_crashes}")
end
converge_if_changed :auto_shutdown_exe do
cmd << configure_application_pool("failure.autoShutdownExe:#{new_resource.auto_shutdown_exe}")
end
converge_if_changed :auto_shutdown_params do
cmd << configure_application_pool("failure.autoShutdownParams:#{new_resource.auto_shutdown_params}")
end
# cpu items
converge_if_changed :cpu_action do
cmd << configure_application_pool("cpu.action:#{new_resource.cpu_action}")
end
converge_if_changed :cpu_limit do
cmd << configure_application_pool("cpu.limit:#{new_resource.cpu_limit}")
end
converge_if_changed :cpu_reset_interval do
cmd << configure_application_pool("cpu.resetInterval:#{new_resource.cpu_reset_interval}")
end
converge_if_changed :cpu_smp_affinitized do
cmd << configure_application_pool("cpu.smpAffinitized:#{new_resource.cpu_smp_affinitized}")
end
converge_if_changed :smp_processor_affinity_mask do
cmd << configure_application_pool("cpu.smpProcessorAffinityMask:#{new_resource.smp_processor_affinity_mask.floor}")
end
converge_if_changed :smp_processor_affinity_mask_2 do
cmd << configure_application_pool("cpu.smpProcessorAffinityMask2:#{new_resource.smp_processor_affinity_mask_2.floor}")
end
unless current_resource.runtime_version && cmd == "#{appcmd(node)} set config /section:applicationPools"
converge_by "Configured Application Pool \"#{new_resource}\"" do
Chef::Log.debug(cmd)
shell_out!(cmd)
end
end
# Application Pool Identity Settings
if new_resource.username && new_resource.username != ''
cmd = default_app_pool_user
converge_if_changed :username do
cmd << " \"/[name='#{new_resource.name}'].processModel.userName:#{new_resource.username}\""
end
converge_if_changed :password do
cmd << " \"/[name='#{new_resource.name}'].processModel.password:#{new_resource.password}\""
end
if cmd != default_app_pool_user
converge_by "Configured Application Pool Identity Settings \"#{new_resource}\"" do
Chef::Log.debug(cmd)
shell_out!(cmd)
end
end
elsif new_resource.identity_type != 'SpecificUser'
converge_if_changed :identity_type do
cmd = "#{appcmd(node)} set config /section:applicationPools"
cmd << " \"/[name='#{new_resource.name}'].processModel.identityType:#{new_resource.identity_type}\""
Chef::Log.debug(cmd)
shell_out!(cmd)
end
end
end
def default_app_pool_user
cmd_default = "#{appcmd(node)} set config /section:applicationPools"
cmd_default << " \"/[name='#{new_resource.name}'].processModel.identityType:SpecificUser\""
end
def configure_application_pool(config, add_remove = '')
" \"/#{add_remove}[name='#{new_resource.name}'].#{config}\""
end
end

88
cookbooks/iis/resources/root.rb
View File

@ -1,88 +0,0 @@
#
# Cookbook:: iis
# Resource:: root
#
# Copyright:: 2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
include Opscode::IIS::Constants
include Opscode::IIS::Helper
include Opscode::IIS::Processors
property :default_documents_enabled, [true, false], default: true
property :default_documents, Array, default: Opscode::IIS::Constants.default_documents
property :mime_maps, Array, default: Opscode::IIS::Constants.default_mime_types
property :add_default_documents, Array, default: []
property :add_mime_maps, Array, default: []
property :delete_default_documents, Array, default: []
property :delete_mime_maps, Array, default: []
default_action :config
load_current_value do |desired|
current_default_documents_object = current_default_documents_config
return unless current_default_documents_object
current_mime_maps = current_mime_maps_config
return unless current_mime_maps_config
default_documents_enabled bool(current_default_documents_object[:default_documents_enabled])
default_documents current_default_documents_object[:default_documents]
mime_maps current_mime_maps
current_add_default_documents = desired.add_default_documents - current_default_documents_object[:default_documents]
add_default_documents desired.add_default_documents - current_add_default_documents
delete_default_documents desired.delete_default_documents - current_default_documents_object[:default_documents]
current_add_mime_maps = desired.add_mime_maps - current_mime_maps
add_mime_maps desired.add_mime_maps - current_add_mime_maps
delete_mime_maps desired.delete_mime_maps - current_mime_maps
end
action :config do
converge_if_changed :default_documents_enabled do
set_default_documents_enabled(new_resource.default_documents_enabled)
end
converge_if_changed :default_documents do
set_default_documents(new_resource.default_documents, current_resource.default_documents)
end
converge_if_changed :mime_maps do
set_mime_maps(new_resource.mime_maps, current_resource.mime_maps)
end
end
action :add do
converge_if_changed :add_default_documents do
set_default_documents(new_resource.add_default_documents, current_resource.add_default_documents, true, false)
end
converge_if_changed :add_mime_maps do
set_mime_maps(new_resource.add_mime_maps, current_resource.add_mime_maps, true, false)
end
end
action :delete do
converge_if_changed :delete_default_documents do
set_default_documents(new_resource.delete_default_documents, current_resource.delete_default_documents, false, true)
end
converge_if_changed :delete_mime_maps do
set_mime_maps(new_resource.delete_mime_maps, current_resource.delete_mime_maps, false, true)
end
end

73
cookbooks/iis/resources/section.rb
View File

@ -1,73 +0,0 @@
#
# Cookbook:: iis
# Resource:: section
#
# Copyright:: 2016-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'rexml/document'
include REXML
include Opscode::IIS::Helper
include Opscode::IIS::SectionHelper
include Opscode::IIS::Processors
property :section, String, name_property: true
property :site, String
property :application_path, String
property :returns, [Integer, Array], default: 0
property :locked, String
default_action :unlock
load_current_value do |desired|
section desired.section
site desired.site
application_path desired.application_path
command_path = 'MACHINE/WEBROOT/APPHOST'
command_path << "/#{site}" if site
command_path << application_path.to_s if application_path
cmd = "#{appcmd(node)} list config \"#{command_path}\""
cmd << " -section:\"#{section}\" /commit:apphost /config:* /xml"
Chef::Log.debug(cmd)
cmd = shell_out(cmd)
if cmd.stderr.empty?
xml = cmd.stdout
doc = Document.new(xml)
locked value doc.root, 'CONFIG/@overrideMode'
else
Chef::Log.info(cmd.stderr)
end
end
action :lock do
if current_resource.locked != 'Deny'
converge_by "Locking the section - \"#{new_resource}\"" do
lock node, new_resource.section, "#{new_resource.site}#{new_resource.application_path}", new_resource.returns
end
else
Chef::Log.debug("#{new_resource} already locked - nothing to do")
end
end
action :unlock do
if current_resource.locked != 'Allow'
converge_by "Unlocking the section - \"#{new_resource}\"" do
unlock node, new_resource.section, "#{new_resource.site}#{new_resource.application_path}", new_resource.returns
end
else
Chef::Log.debug("#{new_resource} already unlocked - nothing to do")
end
end

235
cookbooks/iis/resources/site.rb
View File

@ -1,235 +0,0 @@
#
# Cookbook:: iis
# Resource:: site
#
# Copyright:: 2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'rexml/document'
include REXML
include Opscode::IIS::Helper
include Opscode::IIS::Processors
property :site_name, String, name_property: true
property :site_id, Integer
property :port, Integer, default: 80, coerce: proc { |v| v.to_i }
property :path, String
property :protocol, [Symbol, String], equal_to: [:http, :https], default: :http, coerce: proc { |v| v.to_sym }
property :host_header, String
property :bindings, String
property :application_pool, String
property :options, String, default: ''
property :log_directory, String, default: node['iis']['log_dir']
property :log_period, [Symbol, String], equal_to: [:Daily, :Hourly, :MaxSize, :Monthly, :Weekly], default: :Daily, coerce: proc { |v| v.to_sym }
property :log_truncsize, Integer, default: 1_048_576
property :running, [true, false], desired_state: true
default_action :add
load_current_value do |desired|
site_name desired.site_name
# Sanitize windows file system path
desired.path = windows_cleanpath(desired.path) if desired.path
desired.log_directory = windows_cleanpath(desired.log_directory) if desired.log_directory
cmd = shell_out "#{appcmd(node)} list site \"#{site_name}\""
Chef::Log.debug(appcmd(node))
# 'SITE "Default Web Site" (id:1,bindings:http/*:80:,state:Started)'
Chef::Log.debug("#{desired} list site command output: #{cmd.stdout}")
if cmd.stderr.empty?
result = cmd.stdout.gsub(/\r\n?/, "\n") # ensure we have no carriage returns
result = result.match(/^SITE\s\"(?<site>#{desired.site_name})\"\s\(id:(?<site_id>.*),bindings:(?<bindings>.*),state:(?<state>.*)\)$/i)
Chef::Log.debug("#{desired} current_resource match output: #{result}")
if result
site_id result[:site_id].to_i
bindings result[:bindings]
running result[:state] =~ /Started/ ? true : false
else
running false
end
if site_id
values = "#{bindings},".match(%r{(?<protocol>[^\/]+)\/\*:(?<port>[^:]+):(?<host_header>[^,]*),})
# get current values
cmd = "#{appcmd(node)} list site \"#{site_name}\" /config:* /xml"
Chef::Log.debug(cmd)
cmd = shell_out cmd
if cmd.stderr.empty?
xml = cmd.stdout
doc = Document.new(xml)
path windows_cleanpath(value(doc.root, 'SITE/site/application/virtualDirectory/@physicalPath'))
log_directory windows_cleanpath(value(doc.root, 'SITE/site/logFile/@directory'))
log_period value(doc.root, 'SITE/site/logFile/@period').to_sym
log_truncsize value(doc.root, 'SITE/site/logFile/@truncateSize').to_i
application_pool value doc.root, 'SITE/site/application/@applicationPool'
end
if values
protocol values[:protocol].to_sym
port values[:port].to_i
host_header values[:host_header]
end
else
running false
end
if values
protocol values[:protocol]
port values[:port].to_i
host_header values[:host_header]
end
else
Chef::Log.warn "Failed to run iis_site action :config, #{cmd.stderr}"
end
end
action :add do
if exists
Chef::Log.debug("#{new_resource} site already exists - nothing to do")
else
converge_by "Created the Site - \"#{new_resource}\"" do
cmd = "#{appcmd(node)} add site /name:\"#{new_resource.site_name}\""
cmd << " /id:#{new_resource.site_id}" if new_resource.site_id
cmd << " /physicalPath:\"#{new_resource.path}\"" if new_resource.path
if new_resource.bindings
cmd << " /bindings:\"#{new_resource.bindings}\""
else
cmd << " /bindings:#{new_resource.protocol}/*"
cmd << ":#{new_resource.port}:" if new_resource.port
cmd << new_resource.host_header if new_resource.host_header
end
# support for additional options -logDir, -limits, -ftpServer, etc...
cmd << " #{new_resource.options}" if new_resource.options
shell_out!(cmd, returns: [0, 42])
configure
if new_resource.application_pool
shell_out!("#{appcmd(node)} set site /site.name:\"#{new_resource.site_name}\" /[path='/'].applicationPool:\"#{new_resource.application_pool}\"", returns: [0, 42])
end
Chef::Log.info("#{new_resource} added new site '#{new_resource.site_name}'")
end
end
end
action :config do
configure if exists
end
action :delete do
if exists
converge_by "Deleted the Site - \"#{new_resource}\"" do
Chef::Log.info("#{appcmd(node)} stop site /site.name:\"#{new_resource.site_name}\"")
shell_out!("#{appcmd(node)} delete site /site.name:\"#{new_resource.site_name}\"", returns: [0, 42])
end
else
Chef::Log.debug("#{new_resource} site does not exist - nothing to do")
end
end
action :start do
if exists && !current_resource.running
converge_by "Started the Site - \"#{new_resource}\"" do
shell_out!("#{appcmd(node)} start site /site.name:\"#{new_resource.site_name}\"", returns: [0, 42])
end
else
Chef::Log.debug("#{new_resource} already running - nothing to do")
end
end
action :stop do
if exists && current_resource.running
converge_by "Stopped the Site - \"#{new_resource}\"" do
Chef::Log.info("#{appcmd(node)} stop site /site.name:\"#{new_resource.site_name}\"")
shell_out!("#{appcmd(node)} stop site /site.name:\"#{new_resource.site_name}\"", returns: [0, 42])
end
else
Chef::Log.debug("#{new_resource} already stopped - nothing to do")
end
end
action :restart do
converge_by "Restarted the Site - \"#{new_resource}\"" do
shell_out!("#{appcmd(node)} stop site /site.name:\"#{new_resource.site_name}\"", returns: [0, 42]) if running
sleep 2
shell_out!("#{appcmd(node)} start site /site.name:\"#{new_resource.site_name}\"", returns: [0, 42])
end
end
action_class.class_eval do
def exists
current_resource.site_id ? true : false
end
def configure
if new_resource.bindings
converge_if_changed :bindings do
cmd = "#{appcmd(node)} set site /site.name:\"#{new_resource.site_name}\""
cmd << " /bindings:\"#{new_resource.bindings}\""
Chef::Log.debug(cmd)
shell_out!(cmd)
end
elsif new_resource.port || new_resource.host_header || new_resource.protocol
converge_if_changed :bindings, :host_header, :protocol do
cmd = "#{appcmd(node)} set site \"#{new_resource.site_name}\""
cmd << " /bindings:#{new_resource.protocol}/*:#{new_resource.port}:#{new_resource.host_header}"
Chef::Log.debug(cmd)
shell_out!(cmd)
end
end
converge_if_changed :application_pool do
cmd = "#{appcmd(node)} set app \"#{new_resource.site_name}/\" /applicationPool:\"#{new_resource.application_pool}\""
Chef::Log.debug(cmd)
shell_out!(cmd, returns: [0, 42])
end
converge_if_changed :path do
cmd = "#{appcmd(node)} set vdir \"#{new_resource.site_name}/\""
cmd << " /physicalPath:\"#{new_resource.path}\""
Chef::Log.debug(cmd)
shell_out!(cmd)
end
converge_if_changed :site_id do
cmd = "#{appcmd(node)} set site \"#{new_resource.site_name}\""
cmd << " /id:#{new_resource.site_id}"
Chef::Log.debug(cmd)
shell_out!(cmd)
end
converge_if_changed :log_directory do
cmd = "#{appcmd(node)} set site \"#{new_resource.site_name}\""
cmd << " /logFile.directory:#{new_resource.log_directory}"
Chef::Log.debug(cmd)
shell_out!(cmd)
end
converge_if_changed :log_period do
cmd = "#{appcmd(node)} set site \"#{new_resource.site_name}\""
cmd << " /logFile.period:#{new_resource.log_period}"
Chef::Log.debug(cmd)
shell_out!(cmd)
end
converge_if_changed :log_truncsize do
cmd = "#{appcmd(node)} set site \"#{new_resource.site_name}\""
cmd << " /logFile.truncateSize:#{new_resource.log_truncsize}"
Chef::Log.debug(cmd)
shell_out!(cmd)
end
end
end

144
cookbooks/iis/resources/vdir.rb
View File

@ -1,144 +0,0 @@
#
# Cookbook:: iis
# Resource:: vdir
#
# Copyright:: 2016-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'rexml/document'
include REXML
include Opscode::IIS::Helper
include Opscode::IIS::Processors
property :application_name, String, name_property: true
property :path, String
property :physical_path, String
property :username, String
property :password, String
property :logon_method, [Symbol, String], default: :ClearText, equal_to: [:Interactive, :Batch, :Network, :ClearText], coerce: proc { |v| v.to_sym }
property :allow_sub_dir_config, [true, false], default: true
default_action :add
load_current_value do |desired|
# Sanitize Application Name
desired.application_name = application_cleanname(desired.application_name)
# Sanitize Physical Path
desired.physical_path = windows_cleanpath(desired.physical_path) if desired.physical_path
application_name desired.application_name
path desired.path
cmd = shell_out("#{appcmd(node)} list vdir \"#{application_name.chomp('/') + path}\"")
Chef::Log.debug("#{desired} list vdir command output: #{cmd.stdout}")
if cmd.stderr.empty?
# VDIR "Testfu Site/Content/Test"
result = cmd.stdout.match(/^VDIR\s\"#{Regexp.escape(application_name.chomp('/') + path)}\"/)
Chef::Log.debug("#{desired} current_resource match output: #{result}")
unless result.nil?
cmd = shell_out("#{appcmd(node)} list vdir \"#{application_name.chomp('/') + path}\" /config:* /xml")
if cmd.stderr.empty?
xml = cmd.stdout
doc = Document.new(xml)
physical_path windows_cleanpath(value(doc.root, 'VDIR/@physicalPath'))
username value doc.root, 'VDIR/virtualDirectory/@userName'
password value doc.root, 'VDIR/virtualDirectory/@password'
logon_method value(doc.root, 'VDIR/virtualDirectory/@logonMethod').to_sym
allow_sub_dir_config bool(value(doc.root, 'VDIR/virtualDirectory/@allowSubDirConfig'))
end
end
else
Chef::Log.warn "Failed to run iis_vdir action :load_current_resource, #{cmd.stderr}"
end
end
action :add do
if exists
Chef::Log.debug("#{new_resource} virtual directory already exists - nothing to do")
else
converge_by "Created the VDIR - \"#{new_resource}\"" do
cmd = "#{appcmd(node)} add vdir /app.name:\"#{vdir_identifier}\""
cmd << " /path:\"#{new_resource.path}\""
cmd << " /physicalPath:\"#{new_resource.physical_path}\""
cmd << " /userName:\"#{new_resource.username}\"" if new_resource.username
cmd << " /password:\"#{new_resource.password}\"" if new_resource.password
cmd << " /logonMethod:#{new_resource.logon_method}" if new_resource.logon_method
cmd << " /allowSubDirConfig:#{new_resource.allow_sub_dir_config}" if new_resource.allow_sub_dir_config
cmd << ' /commit:\"MACHINE/WEBROOT/APPHOST\"'
Chef::Log.debug(cmd)
shell_out!(cmd, returns: [0, 42, 183])
end
end
end
action :config do
if exists
cmd = "#{appcmd(node)} set vdir \"#{application_identifier}\""
converge_if_changed :physical_path do
cmd << " /physicalPath:\"#{new_resource.physical_path}\""
end
converge_if_changed :username do
cmd << " /userName:\"#{new_resource.username}\""
end
converge_if_changed :password do
cmd << " /password:\"#{new_resource.password}\""
end
converge_if_changed :logon_method do
cmd << " /logonMethod:#{new_resource.logon_method}"
end
converge_if_changed :allow_sub_dir_config do
cmd << " /allowSubDirConfig:#{new_resource.allow_sub_dir_config}"
end
if cmd != "#{appcmd(node)} set vdir \"#{application_identifier}\""
converge_by "Updated the VDIR - \"#{new_resource}\"" do
Chef::Log.debug(cmd)
shell_out!(cmd)
end
else
Chef::Log.debug("#{new_resource} virtual directory - nothing changed")
end
end
end
action :delete do
if exists
converge_by "Deleted the VDIR - \"#{new_resource}\"" do
Chef::Log.debug("#{appcmd(node)} delete vdir \"#{application_identifier}\"")
shell_out!("#{appcmd(node)} delete vdir \"#{application_identifier}\"", returns: [0, 42])
end
else
Chef::Log.debug("#{new_resource} virtual directory does not exist - nothing to do")
end
end
action_class.class_eval do
def exists
current_resource.physical_path ? true : false
end
def application_identifier
new_resource.path.start_with?('/') ? vdir_identifier.chomp('/') + new_resource.path : vdir_identifier + new_resource.path
end
def vdir_identifier
new_resource.application_name.include?('/') ? new_resource.application_name : new_resource.application_name + '/'
end
end

1
cookbooks/mediawiki/metadata.json
View File

@ -15,7 +15,6 @@
"mysql": ">= 0.0.0",
"database": ">= 0.0.0",
"nginx": ">= 0.0.0",
"mysql2_chef_gem": ">= 0.0.0",
"php-fpm": ">= 0.0.0"
},
"providing": {

1
cookbooks/mediawiki/metadata.rb
View File

@ -10,7 +10,6 @@ depends 'php'
depends 'mysql'
depends 'database'
depends 'nginx'
depends 'mysql2_chef_gem'
depends 'php-fpm'
attribute 'mediawiki/version',

18
cookbooks/mediawiki/recipes/database.rb
View File

@ -1,19 +1,27 @@
::Chef::Recipe.send(:include, Opscode::OpenSSL::Password)
node.set_unless['mediawiki']['db']['pass'] = secure_password
package('libmysqlclient-dev') { action :nothing }.run_action(:install)
build_essential 'mediawiki' do
compile_time true
end
chef_gem 'mysql2' do
compile_time true
end
node.normal['mediawiki']['db']['pass'] = secure_password
node.save unless Chef::Config[:solo]
db = node["mediawiki"]["db"]
mysql_client "default" do
version '5.7'
action :create
end
mysql2_chef_gem "default" do
action :install
end
mysql_service db["instance_name"] do
version '5.7'
port db["port"]
initial_root_password db["root_password"]
action [:create, :start]

14
cookbooks/mediawiki/recipes/default.rb
View File

@ -11,19 +11,7 @@ include_recipe "apt"
include_recipe "php::default"
if node['platform'] == 'ubuntu' and node['platform_version'] >= '16.04'
# APC is now apcu in PHP 7
include_recipe "php::module_apcu"
# Dependency
package "php7.0-mbstring"
else
if node['platform_version'] == '15.04'
node.override['php']['apc']['package'] = 'php-apc'
node.override['php']['apcu']['package'] = 'php5-apcu'
end
include_recipe "php::module_apc"
end
include_recipe "php::module_mysql"
package %w(php-apcu php-mysql php-mbstring)
include_recipe "mediawiki::database"

8
cookbooks/mediawiki/recipes/nginx.rb
View File

@ -3,7 +3,12 @@
# Recipe:: nginx
#
node.set_unless['php-fpm']['pools'] = []
node.default['php-fpm']['pools'] = []
node.override['php-fpm']['package_name'] = "php-fpm"
node.override['php-fpm']['service_name'] = "php7.2-fpm"
node.override['php-fpm']['conf_dir'] = "/etc/php/7.2/fpm/conf.d"
node.override['php-fpm']['pool_conf_dir'] = "/etc/php/7.2/fpm/pool.d"
node.override['php-fpm']['conf_file'] = "/etc/php/7.2/fpm/php-fpm.conf"
include_recipe "php-fpm"
include_recipe 'php-fpm::repository' unless node['php-fpm']['skip_repository_install']
@ -24,7 +29,6 @@ php_fpm_pool "mediawiki" do
enable true
end
include_recipe "php::module_mysql"
include_recipe "nginx"
directory node["mediawiki"]["docroot_dir"] do

14
cookbooks/mingw/CHANGELOG.md
View File

@ -2,6 +2,20 @@
This file is used to list changes made in each version of the mingw cookbook.
## 2.1.0 (2018-07-24)
- refactor msys2 package source and checksum to attributes
## 2.0.2 (2018-02-15)
- Remove kind_of usage in the custom resources (FC117)
## 2.0.1 (2017-04-26)
- Test with Local Delivery instead of Rake
- Add chef_version to the metadata
- Use standardize Apache 2 license string
## 2.0.0 (2017-02-27)
- Require Chef 12.5 and remove compat_resource dependency

17
cookbooks/mingw/MAINTAINERS.md
View File

@ -1,17 +0,0 @@
<!-- This is a generated file. Please do not edit directly -->
# Maintainers
This file lists how this cookbook project is maintained. When making changes to the system, this
file tells you who needs to review your patch - you need a simple majority of maintainers
for the relevant subsystems to provide a :+1: on your pull request. Additionally, you need
to not receive a veto from a Lieutenant or the Project Lead.
Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD)
for details on the process and how to become a maintainer or the project lead.
# Project Maintainer
* [Kartik Null Cating-Subramanian](https://github.com/ksubrama)
# Maintainers
* [Kartik Null Cating-Subramanian](https://github.com/ksubrama)
* [Seth Chisamore](https://github.com/schisamo)

5
cookbooks/mingw/README.md
View File

@ -48,6 +48,11 @@ Of course, to further complicate matters, different versions of different compil
All options also automatically attempt to install a 64-bit based msys2 base file system at the root path specified. Note that you probably won't need a "32-bit" msys2 unless you are actually on a 32-bit only platform. You can still install both 32 and 64-bit compilers and libraries in a 64-bit msys2 base file system.
#### Attributes
- `node['msys2']['url']` - overrides the url from which to download the package.
- `node['msys2']['checksum']` - overrides the checksum used to verify the downloaded package.
#### Parameters
- `package` - An msys2 pacman package (or meta-package) to fetch and install. You may use a legal package wild-card pattern here if you are installing. This is the name attribute.

3
cookbooks/mingw/attributes/default.rb Normal file
View File

@ -0,0 +1,3 @@
# override these attributes to pull the msys2 package from a custom url
default['msys2']['url'] = 'http://downloads.sourceforge.net/project/msys2/Base/x86_64/msys2-base-x86_64-20160205.tar.xz'
default['msys2']['checksum'] = '7e97e2af042e1b6f62cf0298fe84839014ef3d4a3e7825cffc6931c66cc0fc20'

2
cookbooks/mingw/metadata.json
View File

File diff suppressed because one or more lines are too long

4
cookbooks/mingw/resources/get.rb
View File

@ -20,8 +20,8 @@
# Installs the core msys utilities needed for mingw/git/any other posix
# based toolchain at a desired location using mingw-get.exe.
property :package, kind_of: String, name_property: true
property :root, kind_of: String, required: true
property :package, String, name_property: true
property :root, String, required: true
resource_name :mingw_get

8
cookbooks/mingw/resources/msys2_package.rb
View File

@ -25,8 +25,8 @@
# well that's your problem isn't it? And they don't believe in preserving
# older versions. Good luck!
property :package, kind_of: String, name_property: true
property :root, kind_of: String, required: true
property :package, String, name_property: true
property :root, String, required: true
resource_name :msys2_package
@ -49,8 +49,8 @@ action_class do
def msys2_init
cache_dir = ::File.join(root, '.cache')
f_cache_dir = win_friendly_path(cache_dir)
base_url = 'http://downloads.sourceforge.net/project/msys2/Base/x86_64/msys2-base-x86_64-20160205.tar.xz'
base_checksum = '7e97e2af042e1b6f62cf0298fe84839014ef3d4a3e7825cffc6931c66cc0fc20'
base_url = node['msys2']['url']
base_checksum = node['msys2']['checksum']
unless ::File.exist?(::File.join(root, 'msys2.exe'))
seven_zip_archive "cache msys2 base to #{f_cache_dir}" do

6
cookbooks/mingw/resources/tdm_gcc.rb
View File

@ -19,9 +19,9 @@
# Installs a gcc based C/C++ compiler and runtime from TDM GCC.
property :flavor, kind_of: Symbol, is: [:sjlj_32, :seh_sjlj_64], default: :seh_sjlj_64
property :root, kind_of: String, required: true
property :version, kind_of: String, is: ['5.1.0'], name_property: true
property :flavor, Symbol, is: [:sjlj_32, :seh_sjlj_64], default: :seh_sjlj_64
property :root, String, required: true
property :version, String, is: ['5.1.0'], name_property: true
resource_name :mingw_tdm_gcc

102
cookbooks/mysql/CHANGELOG.md
View File

@ -2,6 +2,104 @@
This file is used to list changes made in each version of the mysql cookbook.
## 8.5.1 (2017-08-23)
- Fix the remainder of the namespace collision deprecation warnings
- Remove the class_eval in the action class as this causes issues with some releases of Chef 12
## 8.5.0 (2017-08-23)
- Require Chef 12.7+ since 12.5/12.6 has custom resource action_class issues
- Resolve several Chef 14 deprecation warnings
## 8.4.0 (2017-05-30)
- Fix client/server install on Amazon Linux and add testing
- Remove support for Ubuntu Precise since it's EOL
- Add Amazon Linux testing
## 8.3.1 (2017-04-04)
- Fix an ignoring of 'cookbook' attribute by 'mysql_config' resource
- Remove unused helper method
- Call out the supported platform versions in the metadata
- Switch to Delivery Local and rename the docked config
- Remove mention of the EOL opensuse 13.x in the readme
## 8.3.0 (2017-03-20)
- Refactor mysql_service_manager_upstart.rb to eliminate use of cloned resource
## 8.2.0 (2016-12-03)
- Include client development packages on RHEL/SUSE platforms
## 8.1.1 (2016-10-31)
- Fixing CVE-2016-6662 - Reverting execure bit on mysql config
## 8.1.0 (2016-10-29)
- Drop hardcoded, specific package version logic that broke many users
## 8.0.4 (2016-09-26)
- Bump debian version
- Updated packages for 12.04 and 14.04 too
- Add chef_version metadata
- Update platforms in the kitchen file
- Add selinux to the Berksfile for testing
- Make sure yum repos are setup in local Test Kitchen
## 8.0.3 (2016-09-14)
- [GH-390] Fix #390 incorrect escaping of initial_root_password
- Updated package versions for Ubuntu 16.04
- Testing updates
# v8.0.2 (2016-08-25)
- Various bug fixed and updates to package version strings
# v8.0.1 (2016-07-20)
- Fixed a regression in the mysql_client resource where the action was changed from create to install in the 8.0 release
- Added oracle, opensuse, and opensuseleap as supported platforms in the metadata
# v8.0.0 (2016-07-11)
- Converting from LWRP to custom resources
- Removing yum-mysql and other dependencies.
- ^ BREAKING CHANGE: RHELish users are now responsible
for including a recipe from the "yum-mysql" or equivalent
cookbook before utilizing the mysql_* resources.
- More thoughtful ChefSpec
- Renaming "replication" test suite to "smoke"
- Moving to Inspec
## v7.2.0 (2016-06-30)
- Support openeSUSE leap
- Support Fedora 24
## v7.1.2 (2016-06-30)
- Avoid deprecation warnings on the upcoming Chef 12.12 release
## v7.1.1 (2016-06-03)
- Fix apparmor blocking writes to non-default tmp_dirs
- Updated apparmor config to allow read & write to sock.lock file
- Use cookstyle instead of Rubocop directly
## v7.1.0 (2016-05-11)
- Added support for Ubuntu 16.04
## v7.0.0 (2016-04-19)
- Removed support for legacy distros: Ubuntu 10.04/13.04/14.10/15.04, Fedora 20/21, OmniOS r151006, opensuse 11.3/12.0
- Added support for Fedora 23, suse 13.X, and Ubuntu 16.04
- Updated the systemd support to create unit files in /etc/systemd and not /usr/lib/systemd
- Adding umask to bash resource that sets root password PR #386 @gziskind
- Cleaned up the Test Kitchen config to test the right platform version + mysql pairings
- Added Travis CI Test Kitchen testing on Fedora 22/23 and removed Fedora 21
- Updated the platforms used in the specs
## v6.1.3 (2016-03-14)
- Added support for Ubuntu 15.10
@ -65,7 +163,7 @@ This file is used to list changes made in each version of the mysql cookbook.
## v6.0.21 (2015-04-08)
- Fix to Upstart prestart script when using custom socket
- Fix to Upstart prestart script when using custom socket
- Adding --explicit_defaults_for_timestamp mysql_install_db_cmd for
- 5.6 and above
@ -186,7 +284,7 @@ This file is used to list changes made in each version of the mysql cookbook.
## v5.5.4 (2014-10-07)
- Adding sensitive flag to execute resources to protect passwords from logs
- Adding sensitive flag to execute resources to protect passwords from logs
## v5.5.3 (2014-09-24)

19
cookbooks/mysql/MAINTAINERS.md
View File

@ -1,19 +0,0 @@
<!-- This is a generated file. Please do not edit directly -->
# Maintainers
This file lists how this cookbook project is maintained. When making changes to the system, this
file tells you who needs to review your patch - you need a simple majority of maintainers
for the relevant subsystems to provide a :+1: on your pull request. Additionally, you need
to not receive a veto from a Lieutenant or the Project Lead.
Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD)
for details on the process and how to become a maintainer or the project lead.
# Project Maintainer
* [Tim Smith](https://github.com/tas50)
# Maintainers
* [Jennifer Davis](https://github.com/sigje)
* [Sean OMeara](https://github.com/someara)
* [Tim Smith](https://github.com/tas50)
* [Thom May](https://github.com/thommay)

79
cookbooks/mysql/README.md
View File

@ -2,16 +2,15 @@
[![Build Status](https://travis-ci.org/chef-cookbooks/mysql.svg?branch=master)](https://travis-ci.org/chef-cookbooks/mysql) [![Cookbook Version](https://img.shields.io/cookbook/v/mysql.svg)](https://supermarket.chef.io/cookbooks/mysql)
The Mysql Cookbook is a library cookbook that provides resource primitives (LWRPs) for use in recipes. It is designed to be a reference example for creating highly reusable cross-platform cookbooks.
The MySQL Cookbook is a library cookbook that provides resource primitives (LWRPs) for use in recipes. It is designed to be a reference example for creating highly reusable cross-platform cookbooks.
## Scope
This cookbook is concerned with the "MySQL Community Server", particularly those shipped with F/OSS Unix and Linux distributions. It does not address forks or value-added repackaged MySQL distributions like Drizzle, MariaDB, or Percona.
This cookbook is concerned with the "MySQL Community Server", particularly those shipped with F/OSS Unix and Linux distributions. It does not address forks or value-added repackaged MySQL distributions like MariaDB or Percona.
## Requirements
- Chef 11 or higher
- Ruby 1.9 or higher (preferably from the Chef full-stack installer)
- Chef 12.7 or higher
- Network accessible package repositories
- 'recipe[selinux::disabled]' on RHEL platforms
@ -20,42 +19,37 @@ This cookbook is concerned with the "MySQL Community Server", particularly those
The following platforms have been tested with Test Kitchen:
```
|----------------+-----+-----+-----+-----+-----|
| | 5.0 | 5.1 | 5.5 | 5.6 | 5.7 |
|----------------+-----+-----+-----+-----+-----|
| debian-7 | | | X | | |
|----------------+-----+-----+-----+-----+-----|
| ubuntu-12.04 | | | X | | |
|----------------+-----+-----+-----+-----+-----|
| ubuntu-14.04 | | | X | X | |
|----------------+-----+-----+-----+-----+-----|
| ubuntu-15.04 | | | | X | |
|----------------+-----+-----+-----+-----+-----|
| centos-5 | X | X | X | X | X |
|----------------+-----+-----+-----+-----+-----|
| centos-6 | | X | X | X | X |
|----------------+-----+-----+-----+-----+-----|
| centos-7 | | | X | X | X |
|----------------+-----+-----+-----+-----+-----|
| amazon | | | X | X | X |
|----------------+-----+-----+-----+-----+-----|
| fedora-22 | | | X | X | X |
|----------------+-----+-----+-----+-----+-----|
| fedora-23 | | | X | X | X |
|----------------+-----+-----+-----+-----+-----|
|----------------+-----+-----+-----+-----|
| | 5.1 | 5.5 | 5.6 | 5.7 |
|----------------+-----+-----+-----+-----|
| debian-7 | | X | | |
|----------------+-----+-----+-----+-----|
| debian-8 | | X | | |
|----------------+-----+-----+-----+-----|
| ubuntu-14.04 | | X | X | |
|----------------+-----+-----+-----+-----|
| ubuntu-16.04 | | | | X |
|----------------+-----+-----+-----+-----|
| centos-6 | X | X | X | X |
|----------------+-----+-----+-----+-----|
| centos-7 | | X | X | X |
|----------------+-----+-----+-----+-----|
| fedora | | | X | X |
|----------------+-----+-----+-----+-----|
| openSUSE Leap | | | X | |
|----------------+-----+-----+-----+-----|
```
## Cookbook Dependencies
- yum-mysql-community
- smf
There are no hard coupled dependencies. However, there is a loose dependency on `yum-mysql-community` for RHEL/CentOS platforms. As of the 8.0 version of this cookbook, configuration of the package repos is now the responsibility of the user.
## Usage
Place a dependency on the mysql cookbook in your cookbook's metadata.rb
```ruby
depends 'mysql', '~> 6.0'
depends 'mysql', '~> 8.0'
```
Then, in a recipe:
@ -180,7 +174,7 @@ Please note that when using `notifies` or `subscribes`, the resource to referenc
- `:create` - Configures everything but the underlying operating system service.
- `:delete` - Removes everything but the package and data_dir.
- `:start` - Starts the underlying operating system service
- `:stop`- Stops the underlying operating system service
- `:stop`- Stops the underlying operating system service
- `:restart` - Restarts the underlying operating system service
- `:reload` - Reloads the underlying operating system service
@ -274,7 +268,7 @@ mysql_client 'default' do
end
```
#### Parameters
#### Properties
- `package_name` - An array of packages to be installed. Defaults to a value looked up in an internal map.
- `package_version` - Specific versions of the package to install, passed onto the underlying package manager. Defaults to `nil`.
@ -401,31 +395,20 @@ Or to connect over the network, use something like this: connect over the networ
These network or socket ssettings can also be put in you $HOME/.my.cnf, if preferred.
### What about MariaDB, Percona, Drizzle, WebScaleSQL, etc.
### What about MariaDB, Percona, etc.
MySQL forks are purposefully out of scope for this cookbook. This is mostly to reduce the testing matrix to a manageable size. Cookbooks for these technologies can easily be created by copying and adapting this cookbook. However, there will be differences.
Package repository locations, package version names, software major version numbers, supported platform matrices, and the availability of software such as XtraDB and Galera are the main reasons that creating multiple cookbooks to make sense.
## Warnings
## Maintainers
## Hacking / Testing / TODO
This cookbook is maintained by Chef's Community Cookbook Engineering team. Our goal is to improve cookbook quality and to aid the community in contributing to cookbooks. To learn more about our team, process, and design goals see our [team documentation](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/COOKBOOK_TEAM.MD). To learn more about contributing to cookbooks like this see our [contributing documentation](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD), or if you have general questions about this cookbook come chat with us in #cookbok-engineering on the [Chef Community Slack](http://community-slack.chef.io/)
Please refer to the HACKING.md
## License & Authors
- Author:: Joshua Timberman ([joshua@chef.io](mailto:joshua@chef.io))
- Author:: AJ Christensen ([aj@chef.io](mailto:aj@chef.io))
- Author:: Seth Chisamore ([schisamo@chef.io](mailto:schisamo@chef.io))
- Author:: Brian Bianco ([brian.bianco@gmail.com](mailto:brian.bianco@gmail.com))
- Author:: Jesse Howarth ([him@jessehowarth.com](mailto:him@jessehowarth.com))
- Author:: Andrew Crump ([andrew@kotirisoftware.com](mailto:andrew@kotirisoftware.com))
- Author:: Christoph Hartmann ([chris@lollyrock.com](mailto:chris@lollyrock.com))
- Author:: Sean OMeara ([sean@chef.io](mailto:sean@chef.io))
## License
```text
Copyright:: 2009-2014 Chef Software, Inc
Copyright:: 2009-2017 Chef Software, Inc
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

523
cookbooks/mysql/libraries/helpers.rb
View File

@ -1,67 +1,123 @@
require 'shellwords'
module MysqlCookbook
module Helpers
include Chef::DSL::IncludeRecipe
module HelpersBase
require 'shellwords'
def base_dir
prefix_dir || '/usr'
def el6?
return true if node['platform_family'] == 'rhel' && node['platform_version'].to_i == 6
false
end
def configure_package_repositories
# we need to enable the yum-mysql-community repository to get packages
return unless %w(rhel fedora).include? node['platform_family']
case parsed_version
when '5.5'
# Prefer packages from native repos
return if node['platform_family'] == 'rhel' && node['platform_version'].to_i == 5
return if node['platform_family'] == 'fedora'
include_recipe('yum-mysql-community::mysql55')
when '5.6'
include_recipe('yum-mysql-community::mysql56')
when '5.7'
include_recipe('yum-mysql-community::mysql57')
end
def el7?
return true if node['platform_family'] == 'rhel' && node['platform_version'].to_i == 7
false
end
def client_package_name
return new_resource.package_name if new_resource.package_name
client_package
def wheezy?
return true if node['platform'] == 'debian' && node['platform_version'].to_i == 7
false
end
def jessie?
return true if node['platform'] == 'debian' && node['platform_version'].to_i == 8
false
end
def stretch?
return true if node['platform'] == 'debian' && node['platform_version'].to_i == 9
false
end
def trusty?
return true if node['platform'] == 'ubuntu' && node['platform_version'] == '14.04'
return true if node['platform'] == 'linuxmint' && node['platform_version'] =~ /^17\.[0-9]$/
false
end
def xenial?
return true if node['platform'] == 'ubuntu' && node['platform_version'] == '16.04'
false
end
def defaults_file
"#{etc_dir}/my.cnf"
end
def error_log
return new_resource.error_log if new_resource.error_log
def default_data_dir
return "/var/lib/#{mysql_name}" if node['os'] == 'linux'
return "/opt/local/lib/#{mysql_name}" if node['os'] == 'solaris2'
return "/var/db/#{mysql_name}" if node['os'] == 'freebsd'
end
def default_error_log
"#{log_dir}/error.log"
end
def etc_dir
return "/opt/mysql#{pkg_ver_string}/etc/#{mysql_name}" if node['platform_family'] == 'omnios'
return "#{prefix_dir}/etc/#{mysql_name}" if node['platform_family'] == 'smartos'
"#{prefix_dir}/etc/#{mysql_name}"
def default_pid_file
"#{run_dir}/mysqld.pid"
end
def include_dir
"#{etc_dir}/conf.d"
def default_major_version
# rhelish
return '5.1' if el6?
return '5.6' if el7?
return '5.6' if node['platform'] == 'amazon'
# debian
return '5.5' if wheezy?
return '5.5' if jessie?
# ubuntu
return '5.5' if trusty?
return '5.7' if xenial?
# misc
return '5.6' if node['platform'] == 'freebsd'
return '5.6' if node['platform'] == 'fedora'
return '5.6' if node['platform_family'] == 'suse'
end
def lc_messages_dir
end
def log_dir
return "/var/adm/log/#{mysql_name}" if node['platform_family'] == 'omnios'
"#{prefix_dir}/var/log/#{mysql_name}"
def major_from_full(v)
v.split('.').shift(2).join('.')
end
def mysql_name
"mysql-#{new_resource.instance}"
"mysql-#{instance}"
end
def pkg_ver_string
parsed_version.delete('.') if node['platform_family'] == 'omnios'
def default_socket_file
"#{run_dir}/mysqld.sock"
end
def default_client_package_name
return ['mysql', 'mysql-devel'] if major_version == '5.1' && el6?
return ['mysql55', 'mysql55-devel.x86_64'] if major_version == '5.5' && node['platform'] == 'amazon'
return ['mysql56', 'mysql56-devel.x86_64'] if major_version == '5.6' && node['platform'] == 'amazon'
return ['mysql-client-5.5', 'libmysqlclient-dev'] if major_version == '5.5' && node['platform_family'] == 'debian'
return ['mysql-client-5.6', 'libmysqlclient-dev'] if major_version == '5.6' && node['platform_family'] == 'debian'
return ['mysql-client-5.7', 'libmysqlclient-dev'] if major_version == '5.7' && node['platform_family'] == 'debian'
return 'mysql-community-server-client' if major_version == '5.6' && node['platform_family'] == 'suse'
['mysql-community-client', 'mysql-community-devel']
end
def default_server_package_name
return 'mysql-server' if major_version == '5.1' && el6?
return 'mysql55-server' if major_version == '5.5' && node['platform'] == 'amazon'
return 'mysql56-server' if major_version == '5.6' && node['platform'] == 'amazon'
return 'mysql-server-5.5' if major_version == '5.5' && node['platform_family'] == 'debian'
return 'mysql-server-5.6' if major_version == '5.6' && node['platform_family'] == 'debian'
return 'mysql-server-5.7' if major_version == '5.7' && node['platform_family'] == 'debian'
return 'mysql-community-server' if major_version == '5.6' && node['platform_family'] == 'suse'
'mysql-community-server'
end
def socket_dir
File.dirname(socket)
end
def run_dir
return "#{prefix_dir}/var/run/#{mysql_name}" if node['platform_family'] == 'rhel'
return "/run/#{mysql_name}" if node['platform_family'] == 'debian'
"/var/run/#{mysql_name}"
end
def prefix_dir
@ -72,102 +128,70 @@ module MysqlCookbook
def scl_name
return unless node['platform_family'] == 'rhel'
return 'mysql51' if parsed_version == '5.1' && node['platform_version'].to_i == 5
return 'mysql55' if parsed_version == '5.5' && node['platform_version'].to_i == 5
return 'mysql51' if version == '5.1' && node['platform_version'].to_i == 5
return 'mysql55' if version == '5.5' && node['platform_version'].to_i == 5
end
def scl_package?
return unless node['platform_family'] == 'rhel'
return true if parsed_version == '5.1' && node['platform_version'].to_i == 5
return true if parsed_version == '5.5' && node['platform_version'].to_i == 5
return true if version == '5.1' && node['platform_version'].to_i == 5
return true if version == '5.5' && node['platform_version'].to_i == 5
false
end
def etc_dir
return "/opt/mysql#{pkg_ver_string}/etc/#{mysql_name}" if node['platform_family'] == 'omnios'
return "#{prefix_dir}/etc/#{mysql_name}" if node['platform_family'] == 'smartos'
"#{prefix_dir}/etc/#{mysql_name}"
end
def base_dir
prefix_dir || '/usr'
end
def system_service_name
return 'mysql51-mysqld' if node['platform_family'] == 'rhel' && scl_name == 'mysql51'
return 'mysql55-mysqld' if node['platform_family'] == 'rhel' && scl_name == 'mysql55'
return 'mysqld' if node['platform_family'] == 'rhel'
return 'mysqld' if node['platform_family'] == 'fedora'
return 'mysql' if node['platform_family'] == 'debian'
return 'mysql' if node['platform_family'] == 'suse'
return 'mysql' if node['platform_family'] == 'omnios'
return 'mysql' if node['platform_family'] == 'smartos'
'mysql' # not one of the above
end
def v56plus
return false if parsed_version.split('.')[0].to_i < 5
return false if parsed_version.split('.')[1].to_i < 6
return false if version.split('.')[0].to_i < 5
return false if version.split('.')[1].to_i < 6
true
end
def v57plus
return false if parsed_version.split('.')[0].to_i < 5
return false if parsed_version.split('.')[1].to_i < 7
return false if version.split('.')[0].to_i < 5
return false if version.split('.')[1].to_i < 7
true
end
def password_column_name
return 'authentication_string' if v57plus
'password'
def default_include_dir
"#{etc_dir}/conf.d"
end
def password_expired
return ", password_expired='N'" if v57plus
''
def log_dir
return "/var/adm/log/#{mysql_name}" if node['platform_family'] == 'omnios'
"#{prefix_dir}/var/log/#{mysql_name}"
end
def root_password
if new_resource.initial_root_password == ''
Chef::Log.info('Root password is empty')
return ''
end
Shellwords.escape(new_resource.initial_root_password)
end
# database and initial records
# initialization commands
def mysqld_initialize_cmd
cmd = mysqld_bin
cmd << " --defaults-file=#{etc_dir}/my.cnf"
cmd << ' --initialize'
cmd << ' --explicit_defaults_for_timestamp' if v56plus
return "scl enable #{scl_name} \"#{cmd}\"" if scl_package?
cmd
end
def mysql_install_db_cmd
cmd = mysql_install_db_bin
cmd << " --defaults-file=#{etc_dir}/my.cnf"
cmd << " --datadir=#{parsed_data_dir}"
cmd << ' --explicit_defaults_for_timestamp' if v56plus
return "scl enable #{scl_name} \"#{cmd}\"" if scl_package?
cmd
end
def record_init
cmd = v56plus ? mysqld_bin : mysqld_safe_bin
cmd << " --defaults-file=#{etc_dir}/my.cnf"
cmd << " --init-file=/tmp/#{mysql_name}/my.sql"
cmd << ' --explicit_defaults_for_timestamp' if v56plus
cmd << ' &'
return "scl enable #{scl_name} \"#{cmd}\"" if scl_package?
cmd
end
def db_init
return mysqld_initialize_cmd if v57plus
mysql_install_db_cmd
end
def lc_messages_dir; end
def init_records_script
# Note: shell-escaping passwords in a SQL file may cause corruption - eg
# mysql will read \& as &, but \% as \%. Just escape bare-minimum \ and '
sql_escaped_password = root_password.gsub('\\') { '\\\\' }.gsub("'") { '\\\'' }
<<-EOS
set -e
rm -rf /tmp/#{mysql_name}
mkdir /tmp/#{mysql_name}
cat > /tmp/#{mysql_name}/my.sql <<-EOSQL
UPDATE mysql.user SET #{password_column_name}=PASSWORD('#{root_password}')#{password_expired} WHERE user = 'root';
cat > /tmp/#{mysql_name}/my.sql <<-'EOSQL'
UPDATE mysql.user SET #{password_column_name}=PASSWORD('#{sql_escaped_password}')#{password_expired} WHERE user = 'root';
DELETE FROM mysql.user WHERE USER LIKE '';
DELETE FROM mysql.user WHERE user = 'root' and host NOT IN ('127.0.0.1', 'localhost');
FLUSH PRIVILEGES;
@ -185,10 +209,27 @@ EOSQL
EOS
end
def mysql_bin
return "#{prefix_dir}/bin/mysql" if node['platform_family'] == 'smartos'
return "#{base_dir}/bin/mysql" if node['platform_family'] == 'omnios'
"#{prefix_dir}/usr/bin/mysql"
def password_column_name
return 'authentication_string' if v57plus
'password'
end
def root_password
if initial_root_password == ''
Chef::Log.info('Root password is empty')
return ''
end
initial_root_password
end
def password_expired
return ", password_expired='N'" if v57plus
''
end
def db_init
return mysqld_initialize_cmd if v57plus
mysql_install_db_cmd
end
def mysql_install_db_bin
@ -197,8 +238,13 @@ EOSQL
'mysql_install_db'
end
def mysql_version
new_resource.version
def mysql_install_db_cmd
cmd = mysql_install_db_bin
cmd << " --defaults-file=#{etc_dir}/my.cnf"
cmd << " --datadir=#{data_dir}"
cmd << ' --explicit_defaults_for_timestamp' if v56plus && !v57plus
return "scl enable #{scl_name} \"#{cmd}\"" if scl_package?
cmd
end
def mysqladmin_bin
@ -216,6 +262,15 @@ EOSQL
"#{prefix_dir}/usr/sbin/mysqld"
end
def mysqld_initialize_cmd
cmd = mysqld_bin
cmd << " --defaults-file=#{etc_dir}/my.cnf"
cmd << ' --initialize'
cmd << ' --explicit_defaults_for_timestamp' if v56plus
return "scl enable #{scl_name} \"#{cmd}\"" if scl_package?
cmd
end
def mysqld_safe_bin
return "#{prefix_dir}/bin/mysqld_safe" if node['platform_family'] == 'smartos'
return "#{base_dir}/bin/mysqld_safe" if node['platform_family'] == 'omnios'
@ -223,248 +278,14 @@ EOSQL
"#{prefix_dir}/usr/bin/mysqld_safe"
end
def pid_file
return new_resource.pid_file if new_resource.pid_file
"#{run_dir}/mysqld.pid"
end
def run_dir
return "#{prefix_dir}/var/run/#{mysql_name}" if node['platform_family'] == 'rhel'
return "/run/#{mysql_name}" if node['platform_family'] == 'debian'
"/var/run/#{mysql_name}"
end
def sensitive_supported?
Gem::Version.new(Chef::VERSION) >= Gem::Version.new('11.14.0')
end
def socket_file
return new_resource.socket if new_resource.socket
"#{run_dir}/mysqld.sock"
end
def socket_dir
return File.dirname(new_resource.socket) if new_resource.socket
run_dir
end
def tmp_dir
return new_resource.tmp_dir if new_resource.tmp_dir
'/tmp'
end
#######
# FIXME: There is a LOT of duplication here..
# There has to be a less gnarly way to look up this information. Refactor for great good!
#######
class Pkginfo
def self.pkginfo
# Autovivification is Perl.
@pkginfo = Chef::Node.new
@pkginfo.set['debian']['10.04']['5.1']['client_package'] = %w(mysql-client-5.1 libmysqlclient-dev)
@pkginfo.set['debian']['10.04']['5.1']['server_package'] = 'mysql-server-5.1'
@pkginfo.set['debian']['12.04']['5.5']['client_package'] = %w(mysql-client-5.5 libmysqlclient-dev)
@pkginfo.set['debian']['12.04']['5.5']['server_package'] = 'mysql-server-5.5'
@pkginfo.set['debian']['13.04']['5.5']['client_package'] = %w(mysql-client-5.5 libmysqlclient-dev)
@pkginfo.set['debian']['13.04']['5.5']['server_package'] = 'mysql-server-5.5'
@pkginfo.set['debian']['13.10']['5.5']['client_package'] = %w(mysql-client-5.5 libmysqlclient-dev)
@pkginfo.set['debian']['13.10']['5.5']['server_package'] = 'mysql-server-5.5'
@pkginfo.set['debian']['14.04']['5.5']['client_package'] = %w(mysql-client-5.5 libmysqlclient-dev)
@pkginfo.set['debian']['14.04']['5.5']['server_package'] = 'mysql-server-5.5'
@pkginfo.set['debian']['14.04']['5.6']['client_package'] = %w(mysql-client-5.6 libmysqlclient-dev)
@pkginfo.set['debian']['14.04']['5.6']['server_package'] = 'mysql-server-5.6'
@pkginfo.set['debian']['14.10']['5.5']['client_package'] = %w(mysql-client-5.5 libmysqlclient-dev)
@pkginfo.set['debian']['14.10']['5.5']['server_package'] = 'mysql-server-5.5'
@pkginfo.set['debian']['14.10']['5.6']['client_package'] = %w(mysql-client-5.6 libmysqlclient-dev)
@pkginfo.set['debian']['14.10']['5.6']['server_package'] = 'mysql-server-5.6'
@pkginfo.set['debian']['15.04']['5.6']['client_package'] = %w(mysql-client-5.6 libmysqlclient-dev)
@pkginfo.set['debian']['15.04']['5.6']['server_package'] = 'mysql-server-5.6'
@pkginfo.set['debian']['15.10']['5.6']['client_package'] = %w(mysql-client-5.6 libmysqlclient-dev)
@pkginfo.set['debian']['15.10']['5.6']['server_package'] = 'mysql-server-5.6'
@pkginfo.set['debian']['6']['5.1']['client_package'] = %w(mysql-client libmysqlclient-dev)
@pkginfo.set['debian']['6']['5.1']['server_package'] = 'mysql-server-5.1'
@pkginfo.set['debian']['7']['5.5']['client_package'] = %w(mysql-client libmysqlclient-dev)
@pkginfo.set['debian']['7']['5.5']['server_package'] = 'mysql-server-5.5'
@pkginfo.set['debian']['7']['5.6']['client_package'] = %w(mysql-client libmysqlclient-dev) # apt-repo from dotdeb
@pkginfo.set['debian']['7']['5.6']['server_package'] = 'mysql-server-5.6'
@pkginfo.set['debian']['7']['5.7']['client_package'] = %w(mysql-client libmysqlclient-dev) # apt-repo from dotdeb
@pkginfo.set['debian']['7']['5.7']['server_package'] = 'mysql-server-5.7'
@pkginfo.set['debian']['8']['5.5']['client_package'] = %w(mysql-client libmysqlclient-dev)
@pkginfo.set['debian']['8']['5.5']['server_package'] = 'mysql-server-5.5'
@pkginfo.set['fedora']['20']['5.5']['client_package'] = %w(community-mysql community-mysql-devel)
@pkginfo.set['fedora']['20']['5.5']['server_package'] = 'community-mysql-server'
@pkginfo.set['fedora']['20']['5.6']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['fedora']['20']['5.6']['server_package'] = 'mysql-community-server'
@pkginfo.set['fedora']['20']['5.7']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['fedora']['20']['5.7']['server_package'] = 'mysql-community-server'
@pkginfo.set['fedora']['21']['5.6']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['fedora']['21']['5.6']['server_package'] = 'mysql-community-server'
@pkginfo.set['fedora']['21']['5.7']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['fedora']['21']['5.7']['server_package'] = 'mysql-community-server'
@pkginfo.set['fedora']['22']['5.6']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['fedora']['22']['5.6']['server_package'] = 'mysql-community-server'
@pkginfo.set['fedora']['22']['5.7']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['fedora']['22']['5.7']['server_package'] = 'mysql-community-server'
@pkginfo.set['freebsd']['10']['5.5']['client_package'] = %w(mysql55-client)
@pkginfo.set['freebsd']['10']['5.5']['server_package'] = 'mysql55-server'
@pkginfo.set['freebsd']['9']['5.5']['client_package'] = %w(mysql55-client)
@pkginfo.set['freebsd']['9']['5.5']['server_package'] = 'mysql55-server'
@pkginfo.set['omnios']['151006']['5.5']['client_package'] = %w(database/mysql-55/library)
@pkginfo.set['omnios']['151006']['5.5']['server_package'] = 'database/mysql-55'
@pkginfo.set['omnios']['151006']['5.6']['client_package'] = %w(database/mysql-56)
@pkginfo.set['omnios']['151006']['5.6']['server_package'] = 'database/mysql-56'
@pkginfo.set['rhel']['2014.09']['5.1']['server_package'] = %w(mysql51 mysql51-devel)
@pkginfo.set['rhel']['2014.09']['5.1']['server_package'] = 'mysql51-server'
@pkginfo.set['rhel']['2014.09']['5.5']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['2014.09']['5.5']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['2014.09']['5.6']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['2014.09']['5.6']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['2014.09']['5.7']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['2014.09']['5.7']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['2015.03']['5.1']['server_package'] = %w(mysql51 mysql51-devel)
@pkginfo.set['rhel']['2015.03']['5.1']['server_package'] = 'mysql51-server'
@pkginfo.set['rhel']['2015.03']['5.5']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['2015.03']['5.5']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['2015.03']['5.6']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['2015.03']['5.6']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['2015.03']['5.7']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['2015.03']['5.7']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['2015.09']['5.1']['server_package'] = %w(mysql51 mysql51-devel)
@pkginfo.set['rhel']['2015.09']['5.1']['server_package'] = 'mysql51-server'
@pkginfo.set['rhel']['2015.09']['5.5']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['2015.09']['5.5']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['2015.09']['5.6']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['2015.09']['5.6']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['2015.09']['5.7']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['2015.09']['5.7']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['2016.03']['5.1']['server_package'] = %w(mysql51 mysql51-devel)
@pkginfo.set['rhel']['2016.03']['5.1']['server_package'] = 'mysql51-server'
@pkginfo.set['rhel']['2016.03']['5.5']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['2016.03']['5.5']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['2016.03']['5.6']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['2016.03']['5.6']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['2016.03']['5.7']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['2016.03']['5.7']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['5']['5.0']['client_package'] = %w(mysql mysql-devel)
@pkginfo.set['rhel']['5']['5.0']['server_package'] = 'mysql-server'
@pkginfo.set['rhel']['5']['5.1']['client_package'] = %w(mysql51-mysql)
@pkginfo.set['rhel']['5']['5.1']['server_package'] = 'mysql51-mysql-server'
@pkginfo.set['rhel']['5']['5.5']['client_package'] = %w(mysql55-mysql mysql55-mysql-devel)
@pkginfo.set['rhel']['5']['5.5']['server_package'] = 'mysql55-mysql-server'
@pkginfo.set['rhel']['5']['5.6']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['5']['5.6']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['5']['5.7']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['5']['5.7']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['6']['5.1']['client_package'] = %w(mysql mysql-devel)
@pkginfo.set['rhel']['6']['5.1']['server_package'] = 'mysql-server'
@pkginfo.set['rhel']['6']['5.5']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['6']['5.5']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['6']['5.6']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['6']['5.6']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['6']['5.7']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['6']['5.7']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['7']['5.5']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['7']['5.5']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['7']['5.6']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['7']['5.6']['server_package'] = 'mysql-community-server'
@pkginfo.set['rhel']['7']['5.7']['client_package'] = %w(mysql-community-client mysql-community-devel)
@pkginfo.set['rhel']['7']['5.7']['server_package'] = 'mysql-community-server'
@pkginfo.set['smartos']['5.11']['5.5']['client_package'] = %w(mysql-client)
@pkginfo.set['smartos']['5.11']['5.5']['server_package'] = 'mysql-server'
@pkginfo.set['smartos']['5.11']['5.6']['client_package'] = %w(mysql-client)
@pkginfo.set['smartos']['5.11']['5.6']['server_package'] = 'mysql-server'
@pkginfo.set['suse']['11.3']['5.5']['client_package'] = %w(mysql-client)
@pkginfo.set['suse']['11.3']['5.5']['server_package'] = 'mysql'
@pkginfo.set['suse']['12.0']['5.5']['client_package'] = %w(mysql-client)
@pkginfo.set['suse']['12.0']['5.5']['server_package'] = 'mysql'
@pkginfo
end
end
def package_name_for(platform, platform_family, platform_version, version, type)
keyname = keyname_for(platform, platform_family, platform_version)
info = Pkginfo.pkginfo[platform_family.to_sym][keyname]
type_label = type.to_s.gsub('_package', '').capitalize
unless info[version]
# Show availabe versions if the requested is not available on the current platform
Chef::Log.error("Unsupported Version: You requested to install a Mysql #{type_label} version that is not supported by your platform")
Chef::Log.error("Platform: #{platform_family} #{platform_version} - Request Mysql #{type_label} version: #{version}")
Chef::Log.error("Availabe versions for your platform are: #{info.map { |k, _v| k }.join(' - ')}")
raise "Unsupported Mysql #{type_label} Version"
end
info[version][type]
end
def keyname_for(platform, platform_family, platform_version)
return platform_version if platform_family == 'debian' && platform == 'ubuntu'
return platform_version if platform_family == 'fedora'
return platform_version if platform_family == 'omnios'
return platform_version if platform_family == 'rhel' && platform == 'amazon'
return platform_version if platform_family == 'smartos'
return platform_version if platform_family == 'suse'
return platform_version.to_i.to_s if platform_family == 'debian'
return platform_version.to_i.to_s if platform_family == 'rhel'
return platform_version.to_s if platform_family == 'debian' && platform_version =~ /sid$/
return platform_version.to_s if platform_family == 'freebsd'
end
def parsed_data_dir
return new_resource.data_dir if new_resource.data_dir
return "/opt/local/lib/#{mysql_name}" if node['os'] == 'solaris2'
return "/var/lib/#{mysql_name}" if node['os'] == 'linux'
return "/var/db/#{mysql_name}" if node['os'] == 'freebsd'
end
def client_package
package_name_for(
node['platform'],
node['platform_family'],
node['platform_version'],
parsed_version,
:client_package
)
end
def server_package
package_name_for(
node['platform'],
node['platform_family'],
node['platform_version'],
parsed_version,
:server_package
)
end
def server_package_name
return new_resource.package_name if new_resource.package_name
server_package
end
def parsed_version
return new_resource.version if new_resource.version
return '5.0' if node['platform_family'] == 'rhel' && node['platform_version'].to_i == 5
return '5.1' if node['platform_family'] == 'debian' && node['platform_version'] == '10.04'
return '5.1' if node['platform_family'] == 'debian' && node['platform_version'].to_i == 6
return '5.1' if node['platform_family'] == 'rhel' && node['platform_version'].to_i == 6
return '5.5' if node['platform_family'] == 'debian' && node['platform_version'] == '12.04'
return '5.5' if node['platform_family'] == 'debian' && node['platform_version'] == '13.04'
return '5.5' if node['platform_family'] == 'debian' && node['platform_version'] == '13.10'
return '5.5' if node['platform_family'] == 'debian' && node['platform_version'] == '14.04'
return '5.5' if node['platform_family'] == 'debian' && node['platform_version'] == '14.10'
return '5.5' if node['platform_family'] == 'debian' && node['platform_version'].to_i == 7
return '5.5' if node['platform_family'] == 'debian' && node['platform_version'].to_i == 8
return '5.5' if node['platform_family'] == 'freebsd'
return '5.5' if node['platform_family'] == 'omnios'
return '5.5' if node['platform_family'] == 'rhel' && node['platform_version'].to_i == 2014
return '5.5' if node['platform_family'] == 'rhel' && node['platform_version'].to_i == 2015
return '5.5' if node['platform_family'] == 'rhel' && node['platform_version'].to_i == 7
return '5.5' if node['platform_family'] == 'smartos'
return '5.5' if node['platform_family'] == 'suse'
return '5.6' if node['platform_family'] == 'fedora'
return '5.6' if node['platform_family'] == 'debian' && node['platform_version'] == '15.04'
return '5.6' if node['platform_family'] == 'debian' && node['platform_version'] == '15.10'
def record_init
cmd = v56plus ? mysqld_bin : mysqld_safe_bin
cmd << " --defaults-file=#{etc_dir}/my.cnf"
cmd << " --init-file=/tmp/#{mysql_name}/my.sql"
cmd << ' --explicit_defaults_for_timestamp' if v56plus
cmd << ' &'
return "scl enable #{scl_name} \"#{cmd}\"" if scl_package?
cmd
end
end
end

54
cookbooks/mysql/libraries/matchers.rb
View File

@ -1,18 +1,40 @@
if defined?(ChefSpec)
if ChefSpec.respond_to?(:define_matcher)
# ChefSpec >= 4.1
ChefSpec.define_matcher :mysql_config
ChefSpec.define_matcher :mysql_service
ChefSpec.define_matcher :mysql_client
elsif defined?(ChefSpec::Runner) &&
ChefSpec::Runner.respond_to?(:define_runner_method)
# ChefSpec < 4.1
ChefSpec::Runner.define_runner_method :mysql_config
ChefSpec::Runner.define_runner_method :mysql_service
ChefSpec::Runner.define_runner_method :mysql_client
ChefSpec.define_matcher :mysql_config
ChefSpec.define_matcher :mysql_service
ChefSpec.define_matcher :mysql_client
# mysql_client_client_installation_package
def install_mysql_client_installation_package(resource_name)
ChefSpec::Matchers::ResourceMatcher.new(:mysql_client_installation_package, :create, resource_name)
end
# config
def remove_mysql_client_installation_package(resource_name)
ChefSpec::Matchers::ResourceMatcher.new(:mysql_client_installation_package, :remove, resource_name)
end
# mysql_server_server_installation_package
def install_mysql_server_installation_package(resource_name)
ChefSpec::Matchers::ResourceMatcher.new(:mysql_server_installation_package, :install, resource_name)
end
def remove_mysql_server_installation_package(resource_name)
ChefSpec::Matchers::ResourceMatcher.new(:mysql_server_installation_package, :remove, resource_name)
end
#####
# old
#####
# client
def create_mysql_client(resource_name)
ChefSpec::Matchers::ResourceMatcher.new(:mysql_client, :create, resource_name)
end
def delete_mysql_client(resource_name)
ChefSpec::Matchers::ResourceMatcher.new(:mysql_client, :delete, resource_name)
end
# mysql_config
def create_mysql_config(resource_name)
ChefSpec::Matchers::ResourceMatcher.new(:mysql_config, :create, resource_name)
end
@ -46,12 +68,4 @@ if defined?(ChefSpec)
ChefSpec::Matchers::ResourceMatcher.new(:mysql_service, :reload, resource_name)
end
# client
def create_mysql_client(resource_name)
ChefSpec::Matchers::ResourceMatcher.new(:mysql_client, :create, resource_name)
end
def delete_mysql_client(resource_name)
ChefSpec::Matchers::ResourceMatcher.new(:mysql_client, :delete, resource_name)
end
end

30
cookbooks/mysql/libraries/mysql_base.rb Normal file
View File

@ -0,0 +1,30 @@
module MysqlCookbook
class MysqlBase < Chef::Resource
require_relative 'helpers'
# All resources are composites
def whyrun_supported?
true
end
################
# Type Constants
################
Boolean = property_type(
is: [true, false],
default: false
) unless defined?(Boolean)
###################
# Common Properties
###################
property :run_group, String, default: 'mysql', desired_state: false
property :run_user, String, default: 'mysql', desired_state: false
property :version, String, default: lazy { default_major_version }, desired_state: false
property :include_dir, String, default: lazy { default_include_dir }, desired_state: false
property :major_version, String, default: lazy { major_from_full(version) }, desired_state: false
action_class
end
end

31
cookbooks/mysql/libraries/mysql_client_installation_package.rb Normal file
View File

@ -0,0 +1,31 @@
module MysqlCookbook
class MysqlClientInstallationPackage < MysqlBase
# helper methods
require_relative 'helpers'
include MysqlCookbook::HelpersBase
# Resource properties
resource_name :mysql_client_installation_package
provides :mysql_client_installation, os: 'linux'
provides :mysql_client, os: 'linux'
property :package_name, [String, Array], default: lazy { default_client_package_name }, desired_state: false
property :package_options, [String, nil], desired_state: false
property :package_version, [String, nil], default: nil, desired_state: false
# Actions
action :create do
package new_resource.package_name do
version new_resource.package_version if new_resource.package_version
options new_resource.package_options if new_resource.package_options
action :install
end
end
action :delete do
package new_resource.package_name do
action :remove
end
end
end
end

56
cookbooks/mysql/libraries/mysql_config.rb Normal file
View File

@ -0,0 +1,56 @@
module MysqlCookbook
class MysqlConfig < MysqlBase
resource_name :mysql_config
property :config_name, String, name_property: true, desired_state: false
property :cookbook, String, desired_state: false
property :group, String, default: 'mysql', desired_state: false
property :instance, String, default: 'default', desired_state: false
property :owner, String, default: 'mysql', desired_state: false
property :source, String, desired_state: false
property :variables, [Hash], desired_state: false
property :version, String, default: lazy { default_major_version }, desired_state: false
require_relative 'helpers'
include MysqlCookbook::HelpersBase
provides :mysql_config
action :create do
# hax because group property
g = Chef::Resource::Group.new(new_resource.group, run_context)
g.system true if new_resource.name == 'mysql'
resource_collection.insert g
user new_resource.owner do
gid new_resource.owner
system true if new_resource.name == 'mysql'
action :create
end
directory new_resource.include_dir do
owner new_resource.owner
group new_resource.group
mode '0750'
recursive true
action :create
end
template "#{new_resource.include_dir}/#{new_resource.config_name}.cnf" do
owner new_resource.owner
group new_resource.group
mode '0640'
variables(new_resource.variables)
source new_resource.source
cookbook new_resource.cookbook
action :create
end
end
action :delete do
file "#{new_resource.include_dir}/#{new_resource.config_name}.cnf" do
action :delete
end
end
end
end

42
cookbooks/mysql/libraries/mysql_server_installation_package.rb Normal file
View File

@ -0,0 +1,42 @@
module MysqlCookbook
class MysqlServerInstallationPackage < MysqlBase
# Resource properties
resource_name :mysql_server_installation_package
provides :mysql_server_installation, os: 'linux'
property :package_name, String, default: lazy { default_server_package_name }, desired_state: false
property :package_options, [String, nil], desired_state: false
property :package_version, [String, nil], default: nil, desired_state: false
# helper methods
require_relative 'helpers'
include MysqlCookbook::HelpersBase
# Actions
action :install do
package new_resource.package_name do
version new_resource.package_version if new_resource.package_version
options new_resource.package_options if new_resource.package_options
notifies :install, 'package[perl-Sys-Hostname-Long]', :immediately if platform_family?('suse')
notifies :run, 'execute[Initial DB setup script]', :immediately if platform_family?('suse')
action :install
end
package 'perl-Sys-Hostname-Long' do
action :nothing
end
execute 'Initial DB setup script' do
environment 'INSTANCE' => new_resource.name
command '/usr/lib/mysql/mysql-systemd-helper install'
action :nothing
end
end
action :delete do
package new_resource.package_name do
action :remove
end
end
end
end

105
cookbooks/mysql/libraries/mysql_service.rb Normal file
View File

@ -0,0 +1,105 @@
module MysqlCookbook
require_relative 'mysql_service_base'
class MysqlService < MysqlServiceBase
resource_name :mysql_service
# installation type and service_manager
property :install_method, %w(package auto), default: 'auto', desired_state: false
property :service_manager, %w(sysvinit upstart systemd auto), default: 'auto', desired_state: false
# mysql_server_installation
property :version, String, default: lazy { default_major_version }, desired_state: false
property :major_version, String, default: lazy { major_from_full(version) }, desired_state: false
property :package_name, String, default: lazy { default_package_name }, desired_state: false
property :package_options, [String, nil], desired_state: false
property :package_version, [String, nil], default: nil, desired_state: false
################
# Helper Methods
################
def copy_properties_to(to, *properties)
properties = self.class.properties.keys if properties.empty?
properties.each do |p|
# If the property is set on from, and exists on to, set the
# property on to
if to.class.properties.include?(p) && property_is_set?(p)
to.send(p, send(p))
end
end
end
action_class do
def installation(&block)
case new_resource.install_method
when 'auto'
install = mysql_server_installation(new_resource.name, &block)
when 'package'
install = mysql_server_installation_package(new_resource.name, &block)
when 'none'
Chef::Log.info('Skipping MySQL installation. Assuming it was handled previously.')
return
end
copy_properties_to(install)
install
end
def svc_manager(&block)
case new_resource.service_manager
when 'auto'
svc = mysql_service_manager(new_resource.name, &block)
when 'sysvinit'
svc = mysql_service_manager_sysvinit(new_resource.name, &block)
when 'upstart'
svc = mysql_service_manager_upstart(new_resource.name, &block)
when 'systemd'
svc = mysql_service_manager_systemd(new_resource.name, &block)
end
copy_properties_to(svc)
svc
end
end
#########
# Actions
#########
action :create do
installation do
action :install
end
svc_manager do
action :create
end
end
action :start do
svc_manager do
action :start
end
end
action :delete do
svc_manager do
action :delete
end
installation do
action :delete
end
end
action :restart do
svc_manager do
action :restart
end
end
action :stop do
svc_manager do
action :stop
end
end
end
end

203
cookbooks/mysql/libraries/mysql_service_base.rb Normal file
View File

@ -0,0 +1,203 @@
module MysqlCookbook
class MysqlServiceBase < MysqlBase
property :bind_address, String, desired_state: false
property :charset, String, default: 'utf8', desired_state: false
property :data_dir, String, default: lazy { default_data_dir }, desired_state: false
property :error_log, String, default: lazy { default_error_log }, desired_state: false
property :initial_root_password, String, default: 'ilikerandompasswords', desired_state: false
property :instance, String, name_property: true, desired_state: false
property :mysqld_options, Hash, default: {}, desired_state: false
property :pid_file, String, default: lazy { default_pid_file }, desired_state: false
property :port, [String, Integer], default: '3306', desired_state: false
property :socket, String, default: lazy { default_socket_file }, desired_state: false
property :tmp_dir, String, desired_state: false
alias socket_file socket
require_relative 'helpers'
include MysqlCookbook::HelpersBase
# action class methods are available within the actions and work as if the coded
# was inline the action. No messing with classes or passing in the new_resource
action_class do
def create_system_user
group 'mysql' do
action :create
end
user 'mysql' do
gid 'mysql'
action :create
end
end
def create_config
# require 'pry' ; binding.pry
# Yak shaving secion. Account for random errata.
#
# Turns out that mysqld is hard coded to try and read
# /etc/mysql/my.cnf, and its presence causes problems when
# setting up multiple services.
file "#{prefix_dir}/etc/mysql/my.cnf" do
action :delete
end
file "#{prefix_dir}/etc/my.cnf" do
action :delete
end
# mysql_install_db is broken on 5.6.13
link "#{prefix_dir}/usr/share/my-default.cnf" do
to "#{etc_dir}/my.cnf"
not_if { ::File.exist? "#{prefix_dir}/usr/share/my-default.cnf" } # FIXME: Chef bug?
action :create
end
# Support directories
directory etc_dir do
owner new_resource.run_user
group new_resource.run_group
mode '0750'
recursive true
action :create
end
directory new_resource.include_dir do
owner new_resource.run_user
group new_resource.run_group
mode '0750'
recursive true
action :create
end
directory run_dir do
owner new_resource.run_user
group new_resource.run_group
mode '0755'
recursive true
action :create
end
directory log_dir do
owner new_resource.run_user
group new_resource.run_group
mode '0750'
recursive true
action :create
end
directory new_resource.data_dir do
owner new_resource.run_user
group new_resource.run_group
mode '0750'
recursive true
action :create
end
# Main configuration file
template "#{etc_dir}/my.cnf" do
source 'my.cnf.erb'
cookbook 'mysql'
owner new_resource.run_user
group new_resource.run_group
mode '0600'
variables(config: new_resource)
action :create
end
end
def initialize_database
# initialize database and create initial records
bash "#{new_resource.name} initial records" do
code init_records_script
umask '022'
returns [0, 1, 2] # facepalm
not_if "/usr/bin/test -f #{new_resource.data_dir}/mysql/user.frm"
action :run
end
end
def delete_support_directories
# Stop the service before removing support directories
delete_stop_service
directory etc_dir do
recursive true
action :delete
end
directory run_dir do
recursive true
action :delete
end
directory log_dir do
recursive true
action :delete
end
end
#
# Platform specific bits
#
def configure_apparmor
# Do not add these resource if inside a container
# Only valid on Ubuntu
return if ::File.exist?('/.dockerenv') || ::File.exist?('/.dockerinit') || node['platform'] != 'ubuntu'
# Apparmor
package 'apparmor' do
action :install
end
directory '/etc/apparmor.d/local/mysql' do
owner 'root'
group 'root'
mode '0755'
recursive true
action :create
end
template '/etc/apparmor.d/local/usr.sbin.mysqld' do
cookbook 'mysql'
source 'apparmor/usr.sbin.mysqld-local.erb'
owner 'root'
group 'root'
mode '0644'
action :create
notifies :restart, "service[#{new_resource.instance} apparmor]", :immediately
end
template '/etc/apparmor.d/usr.sbin.mysqld' do
cookbook 'mysql'
source 'apparmor/usr.sbin.mysqld.erb'
owner 'root'
group 'root'
mode '0644'
action :create
notifies :restart, "service[#{new_resource.instance} apparmor]", :immediately
end
template "/etc/apparmor.d/local/mysql/#{new_resource.instance}" do
cookbook 'mysql'
source 'apparmor/usr.sbin.mysqld-instance.erb'
owner 'root'
group 'root'
mode '0644'
variables(
config: new_resource,
mysql_name: mysql_name
)
action :create
notifies :restart, "service[#{new_resource.instance} apparmor]", :immediately
end
service "#{new_resource.instance} apparmor" do
service_name 'apparmor'
action :nothing
end
end
end
end
end

142
cookbooks/mysql/libraries/mysql_service_manager_systemd.rb Normal file
View File

@ -0,0 +1,142 @@
module MysqlCookbook
class MysqlServiceManagerSystemd < MysqlServiceBase
resource_name :mysql_service_manager_systemd
provides :mysql_service_manager, os: 'linux' do |_node|
Chef::Platform::ServiceHelpers.service_resource_providers.include?(:systemd)
end
action :create do
# from base
create_system_user
stop_system_service
create_config
configure_apparmor
initialize_database
end
action :start do
# Needed for Debian / Ubuntu
directory '/usr/libexec' do
owner 'root'
group 'root'
mode '0755'
action :create
end
# this script is called by the main systemd unit file, and
# spins around until the service is actually up and running.
template "/usr/libexec/#{mysql_name}-wait-ready" do
path "/usr/libexec/#{mysql_name}-wait-ready"
source 'systemd/mysqld-wait-ready.erb'
owner 'root'
group 'root'
mode '0755'
variables(socket_file: socket_file)
cookbook 'mysql'
action :create
end
# this is the main systemd unit file
template "/etc/systemd/system/#{mysql_name}.service" do
path "/etc/systemd/system/#{mysql_name}.service"
source 'systemd/mysqld.service.erb'
owner 'root'
group 'root'
mode '0644'
variables(
config: new_resource,
etc_dir: etc_dir,
base_dir: base_dir,
mysqld_bin: mysqld_bin
)
cookbook 'mysql'
notifies :run, "execute[#{new_resource.instance} systemctl daemon-reload]", :immediately
action :create
end
# avoid 'Unit file changed on disk' warning
execute "#{new_resource.instance} systemctl daemon-reload" do
command '/bin/systemctl daemon-reload'
action :nothing
end
# tmpfiles.d config so the service survives reboot
template "/usr/lib/tmpfiles.d/#{mysql_name}.conf" do
path "/usr/lib/tmpfiles.d/#{mysql_name}.conf"
source 'tmpfiles.d.conf.erb'
owner 'root'
group 'root'
mode '0644'
variables(
run_dir: run_dir,
run_user: new_resource.run_user,
run_group: new_resource.run_group
)
cookbook 'mysql'
action :create
end
# service management resource
service mysql_name.to_s do
service_name mysql_name
provider Chef::Provider::Service::Systemd
supports restart: true, status: true
action [:enable, :start]
end
end
action :stop do
# service management resource
service mysql_name.to_s do
service_name mysql_name
provider Chef::Provider::Service::Systemd
supports status: true
action [:disable, :stop]
only_if { ::File.exist?("/usr/lib/systemd/system/#{mysql_name}.service") }
end
end
action :restart do
# service management resource
service mysql_name.to_s do
service_name mysql_name
provider Chef::Provider::Service::Systemd
supports restart: true
action :restart
end
end
action :reload do
# service management resource
service mysql_name.to_s do
service_name mysql_name
provider Chef::Provider::Service::Systemd
action :reload
end
end
action_class do
def stop_system_service
# service management resource
service 'mysql' do
service_name system_service_name
provider Chef::Provider::Service::Systemd
supports status: true
action [:stop, :disable]
end
end
def delete_stop_service
# service management resource
service mysql_name.to_s do
service_name mysql_name
provider Chef::Provider::Service::Systemd
supports status: true
action [:disable, :stop]
only_if { ::File.exist?("/usr/lib/systemd/system/#{mysql_name}.service") }
end
end
end
end
end

79
cookbooks/mysql/libraries/mysql_service_manager_sysvinit.rb Normal file
View File

@ -0,0 +1,79 @@
module MysqlCookbook
class MysqlServiceManagerSysvinit < MysqlServiceBase
resource_name :mysql_service_manager_sysvinit
provides :mysql_service_manager, os: 'linux'
action :create do
# from base
create_system_user
stop_system_service
create_config
initialize_database
configure_apparmor
end
action :start do
template "/etc/init.d/#{mysql_name}" do
source 'sysvinit/mysqld.erb'
owner 'root'
group 'root'
mode '0755'
variables(
config: new_resource,
defaults_file: defaults_file,
error_log: new_resource.error_log,
mysql_name: mysql_name,
mysqladmin_bin: mysqladmin_bin,
mysqld_safe_bin: mysqld_safe_bin,
pid_file: new_resource.pid_file,
scl_name: scl_name
)
cookbook 'mysql'
action :create
end
service mysql_name do
supports restart: true, status: true
action [:enable, :start]
end
end
action :stop do
service mysql_name do
supports restart: true, status: true
action [:stop]
end
end
action :restart do
service mysql_name do
supports restart: true
action :restart
end
end
action :reload do
service mysql_name do
action :reload
end
end
action_class do
def stop_system_service
service system_service_name do
supports status: true
action [:stop, :disable]
end
end
def delete_stop_service
service mysql_name do
supports status: true
action [:disable, :stop]
only_if { ::File.exist?("#{etc_dir}/init.d/#{mysql_name}") }
end
end
end
end
end

103
cookbooks/mysql/libraries/mysql_service_manager_upstart.rb Normal file
View File

@ -0,0 +1,103 @@
module MysqlCookbook
class MysqlServiceManagerUpstart < MysqlServiceBase
resource_name :mysql_service_manager_upstart
provides :mysql_service_manager, platform_family: 'debian' do |_node|
Chef::Platform::ServiceHelpers.service_resource_providers.include?(:upstart) &&
!Chef::Platform::ServiceHelpers.service_resource_providers.include?(:systemd) &&
!Chef::Platform::ServiceHelpers.service_resource_providers.include?(:redhat) &&
::File.exist?('/sbin/status') # Fix for Docker, in 7 and 8 images /sbin/status doesn't exists and Upstart provider doesn't work
end
action :create do
# from base
create_system_user
stop_system_service
create_config
configure_apparmor
initialize_database
end
action :start do
template "/usr/sbin/#{mysql_name}-wait-ready" do
source 'upstart/mysqld-wait-ready.erb'
owner 'root'
group 'root'
mode '0755'
variables(socket_file: socket_file)
cookbook 'mysql'
action :create
end
template "/etc/init/#{mysql_name}.conf" do
source 'upstart/mysqld.erb'
owner 'root'
group 'root'
mode '0644'
variables(
defaults_file: defaults_file,
mysql_name: mysql_name,
run_group: new_resource.run_group,
run_user: new_resource.run_user,
socket_dir: new_resource.socket_dir
)
cookbook 'mysql'
action :create
end
service mysql_name do
provider Chef::Provider::Service::Upstart
supports status: true
action [:start]
end
end
action :stop do
service mysql_name do
provider Chef::Provider::Service::Upstart
supports restart: true, status: true
action [:stop]
end
end
action :restart do
# With Upstart, restarting the service doesn't behave "as expected".
# We want the post-start stanzas, which wait until the
# service is available before returning
#
# http://upstart.ubuntu.com/cookbook/#restart
service mysql_name do
provider Chef::Provider::Service::Upstart
action [:stop, :start]
end
end
action :reload do
# With Upstart, reload just sends a HUP signal to the process.
# As far as I can tell, this doesn't work the way it's
# supposed to, so we need to actually restart the service.
service mysql_name do
provider Chef::Provider::Service::Upstart
action [:stop, :start]
end
end
action_class do
def stop_system_service
service system_service_name do
provider Chef::Provider::Service::Upstart
supports status: true
action [:stop, :disable]
end
end
def delete_stop_service
service mysql_name do
provider Chef::Provider::Service::Upstart
action [:disable, :stop]
only_if { ::File.exist?("#{etc_dir}/init/#{mysql_name}") }
end
end
end
end
end

39
cookbooks/mysql/libraries/provider_mysql_client.rb
View File

@ -1,39 +0,0 @@
require 'chef/provider/lwrp_base'
require_relative 'helpers'
class Chef
class Provider
class MysqlClient < Chef::Provider::LWRPBase
include MysqlCookbook::Helpers
provides :mysql_client if defined?(provides)
use_inline_resources if defined?(use_inline_resources)
def whyrun_supported?
true
end
action :create do
# From helpers.rb
configure_package_repositories
client_package_name.each do |p|
package "#{new_resource.name} :create #{p}" do
package_name p
version new_resource.version if node['platform'] == 'smartos'
version new_resource.package_version
action :install
end
end
end
action :delete do
parsed_package_name.each do |p|
package "#{new_resource.name} :delete #{p}" do
action :remove
end
end
end
end
end
end

59
cookbooks/mysql/libraries/provider_mysql_config.rb
View File

@ -1,59 +0,0 @@
require 'chef/provider/lwrp_base'
require_relative 'helpers'
class Chef
class Provider
class MysqlConfig < Chef::Provider::LWRPBase
include MysqlCookbook::Helpers
provides :mysql_config if defined?(provides)
use_inline_resources if defined?(use_inline_resources)
def whyrun_supported?
true
end
action :create do
group "#{new_resource.name} :create #{new_resource.group}" do
group_name new_resource.group
system true if new_resource.name == 'mysql'
action :create
end
user "#{new_resource.name} :create #{new_resource.owner}" do
username new_resource.owner
gid new_resource.owner
system true if new_resource.name == 'mysql'
action :create
end
directory "#{new_resource.name} :create #{include_dir}" do
path include_dir
owner new_resource.owner
group new_resource.group
mode '0750'
recursive true
action :create
end
template "#{new_resource.name} :create #{include_dir}/#{new_resource.config_name}.cnf" do
path "#{include_dir}/#{new_resource.config_name}.cnf"
owner new_resource.owner
group new_resource.group
mode '0640'
variables(new_resource.variables)
source new_resource.source
cookbook new_resource.cookbook
action :create
end
end
action :delete do
file "#{new_resource.name} :delete #{include_dir}/#{new_resource.config_name}.conf" do
path "#{include_dir}/#{new_resource.config_name}.conf"
action :delete
end
end
end
end
end

250
cookbooks/mysql/libraries/provider_mysql_service_base.rb
View File

@ -1,250 +0,0 @@
require 'chef/provider/lwrp_base'
require_relative 'helpers'
class Chef
class Provider
class MysqlServiceBase < Chef::Provider::LWRPBase
use_inline_resources if defined?(use_inline_resources)
def whyrun_supported?
true
end
# Mix in helpers from libraries/helpers.rb
include MysqlCookbook::Helpers
# Service related methods referred to in the :create and :delete
# actions need to be implemented in the init system subclasses.
#
# create_stop_system_service
# delete_stop_service
# All other methods are found in libraries/helpers.rb
#
# etc_dir, run_dir, log_dir, etc
action :create do
# Yum, Apt, etc. From helpers.rb
configure_package_repositories
# Software installation
package "#{new_resource.name} :create #{server_package_name}" do
package_name server_package_name
version parsed_version if node['platform'] == 'smartos'
version new_resource.package_version
action new_resource.package_action
end
create_stop_system_service
# Apparmor
configure_apparmor
# System users
group "#{new_resource.name} :create mysql" do
group_name 'mysql'
action :create
end
user "#{new_resource.name} :create mysql" do
username 'mysql'
gid 'mysql'
action :create
end
# Yak shaving secion. Account for random errata.
#
# Turns out that mysqld is hard coded to try and read
# /etc/mysql/my.cnf, and its presence causes problems when
# setting up multiple services.
file "#{new_resource.name} :create #{prefix_dir}/etc/mysql/my.cnf" do
path "#{prefix_dir}/etc/mysql/my.cnf"
action :delete
end
file "#{new_resource.name} :create #{prefix_dir}/etc/my.cnf" do
path "#{prefix_dir}/etc/my.cnf"
action :delete
end
# mysql_install_db is broken on 5.6.13
link "#{new_resource.name} :create #{prefix_dir}/usr/share/my-default.cnf" do
target_file "#{prefix_dir}/usr/share/my-default.cnf"
to "#{etc_dir}/my.cnf"
action :create
end
# Support directories
directory "#{new_resource.name} :create #{etc_dir}" do
path etc_dir
owner new_resource.run_user
group new_resource.run_group
mode '0750'
recursive true
action :create
end
directory "#{new_resource.name} :create #{include_dir}" do
path include_dir
owner new_resource.run_user
group new_resource.run_group
mode '0750'
recursive true
action :create
end
directory "#{new_resource.name} :create #{run_dir}" do
path run_dir
owner new_resource.run_user
group new_resource.run_group
mode '0755'
recursive true
action :create
end
directory "#{new_resource.name} :create #{log_dir}" do
path log_dir
owner new_resource.run_user
group new_resource.run_group
mode '0750'
recursive true
action :create
end
directory "#{new_resource.name} :create #{parsed_data_dir}" do
path parsed_data_dir
owner new_resource.run_user
group new_resource.run_group
mode '0750'
recursive true
action :create
end
# Main configuration file
template "#{new_resource.name} :create #{etc_dir}/my.cnf" do
path "#{etc_dir}/my.cnf"
source 'my.cnf.erb'
cookbook 'mysql'
owner new_resource.run_user
group new_resource.run_group
mode '0600'
variables(
config: new_resource,
error_log: error_log,
include_dir: include_dir,
lc_messages_dir: lc_messages_dir,
pid_file: pid_file,
socket_file: socket_file,
tmp_dir: tmp_dir,
data_dir: parsed_data_dir
)
action :create
end
# initialize database and create initial records
bash "#{new_resource.name} :create initial records" do
code init_records_script
returns [0, 1, 2] # facepalm
not_if "/usr/bin/test -f #{parsed_data_dir}/mysql/user.frm"
action :run
end
end
action :delete do
# Stop the service before removing support directories
delete_stop_service
directory "#{new_resource.name} :delete #{etc_dir}" do
path etc_dir
recursive true
action :delete
end
directory "#{new_resource.name} :delete #{run_dir}" do
path run_dir
recursive true
action :delete
end
directory "#{new_resource.name} :delete #{log_dir}" do
path log_dir
recursive true
action :delete
end
end
#
# Platform specific bits
#
def configure_apparmor
# Do not add these resource if inside a container
# Only valid on Ubuntu
unless ::File.exist?('/.dockerenv') || ::File.exist?('/.dockerinit')
if node['platform'] == 'ubuntu'
# Apparmor
package "#{new_resource.name} :create apparmor" do
package_name 'apparmor'
action :install
end
directory "#{new_resource.name} :create /etc/apparmor.d/local/mysql" do
path '/etc/apparmor.d/local/mysql'
owner 'root'
group 'root'
mode '0755'
recursive true
action :create
end
template "#{new_resource.name} :create /etc/apparmor.d/local/usr.sbin.mysqld" do
path '/etc/apparmor.d/local/usr.sbin.mysqld'
cookbook 'mysql'
source 'apparmor/usr.sbin.mysqld-local.erb'
owner 'root'
group 'root'
mode '0644'
action :create
notifies :restart, "service[#{new_resource.name} :create apparmor]", :immediately
end
template "#{new_resource.name} :create /etc/apparmor.d/usr.sbin.mysqld" do
path '/etc/apparmor.d/usr.sbin.mysqld'
cookbook 'mysql'
source 'apparmor/usr.sbin.mysqld.erb'
owner 'root'
group 'root'
mode '0644'
action :create
notifies :restart, "service[#{new_resource.name} :create apparmor]", :immediately
end
template "#{new_resource.name} :create /etc/apparmor.d/local/mysql/#{new_resource.instance}" do
path "/etc/apparmor.d/local/mysql/#{new_resource.instance}"
cookbook 'mysql'
source 'apparmor/usr.sbin.mysqld-instance.erb'
owner 'root'
group 'root'
mode '0644'
variables(
data_dir: parsed_data_dir,
mysql_name: mysql_name,
log_dir: log_dir,
run_dir: run_dir,
pid_file: pid_file,
socket_file: socket_file
)
action :create
notifies :restart, "service[#{new_resource.name} :create apparmor]", :immediately
end
service "#{new_resource.name} :create apparmor" do
service_name 'apparmor'
action :nothing
end
end
end
end
end
end
end

91
cookbooks/mysql/libraries/provider_mysql_service_smf.rb
View File

@ -1,91 +0,0 @@
class Chef
class Provider
class MysqlServiceSmf < Chef::Provider::MysqlServiceBase
# FIXME: we should have a service_helper to determine if the platform supports SMF similarly
# to how we handle systemd on linux
if defined?(provides) # foodcritic ~FC023
provides :mysql_service, os: %w(solaris2 omnios smartos openindiana opensolaris nexentacore) do
File.exist?('/usr/sbin/svccfg')
end
end
action :start do
method_script_path = "/lib/svc/method/#{mysql_name}" if node['platform'] == 'omnios'
method_script_path = "/opt/local/lib/svc/method/#{mysql_name}" if node['platform'] == 'smartos'
template "#{new_resource.name} :start #{method_script_path}" do
path method_script_path
cookbook 'mysql'
source 'smf/svc.method.mysqld.erb'
owner 'root'
group 'root'
mode '0555'
variables(
base_dir: base_dir,
data_dir: parsed_data_dir,
defaults_file: defaults_file,
error_log: error_log,
mysql_name: mysql_name,
mysqld_bin: mysqld_bin,
pid_file: pid_file
)
action :create
end
smf "#{new_resource.name} :start #{mysql_name}" do
name mysql_name
user new_resource.run_user
group new_resource.run_group
start_command "#{method_script_path} start"
end
service "#{new_resource.name} :start #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Solaris
supports restart: true
action [:enable]
end
end
action :stop do
service "#{new_resource.name} :stop #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Solaris
supports restart: true
action :stop
end
end
action :restart do
service "#{new_resource.name} :restart #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Solaris
supports restart: true
action :restart
end
end
action :reload do
service "#{new_resource.name} :reload #{mysql_name}" do
provider Chef::Provider::Service::Solaris
service_name mysql_name
supports reload: true
action :reload
end
end
def create_stop_system_service
# nothing to do here
end
def delete_stop_service
service "#{new_resource.name} :delete #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Solaris
supports restart: true
action :stop
end
end
end
end
end

135
cookbooks/mysql/libraries/provider_mysql_service_systemd.rb
View File

@ -1,135 +0,0 @@
require_relative 'provider_mysql_service_base'
class Chef
class Provider
class MysqlServiceSystemd < Chef::Provider::MysqlServiceBase
if defined?(provides) # foodcritic ~FC023
provides :mysql_service, os: 'linux' do
Chef::Platform::ServiceHelpers.service_resource_providers.include?(:systemd)
end
end
action :start do
# Needed for Debian / Ubuntu
directory '/usr/libexec' do
owner 'root'
group 'root'
mode '0755'
action :create
end
# this script is called by the main systemd unit file, and
# spins around until the service is actually up and running.
template "#{new_resource.name} :start /usr/libexec/#{mysql_name}-wait-ready" do
path "/usr/libexec/#{mysql_name}-wait-ready"
source 'systemd/mysqld-wait-ready.erb'
owner 'root'
group 'root'
mode '0755'
variables(socket_file: socket_file)
cookbook 'mysql'
action :create
end
# this is the main systemd unit file
template "#{new_resource.name} :start /lib/systemd/system/#{mysql_name}.service" do
path "/lib/systemd/system/#{mysql_name}.service"
source 'systemd/mysqld.service.erb'
owner 'root'
group 'root'
mode '0644'
variables(
config: new_resource,
etc_dir: etc_dir,
base_dir: base_dir,
mysqld_bin: mysqld_bin
)
cookbook 'mysql'
notifies :run, "execute[#{new_resource.name} :start systemctl daemon-reload]", :immediately
action :create
end
# avoid 'Unit file changed on disk' warning
execute "#{new_resource.name} :start systemctl daemon-reload" do
command '/bin/systemctl daemon-reload'
action :nothing
end
# tmpfiles.d config so the service survives reboot
template "#{new_resource.name} :start /usr/lib/tmpfiles.d/#{mysql_name}.conf" do
path "/usr/lib/tmpfiles.d/#{mysql_name}.conf"
source 'tmpfiles.d.conf.erb'
owner 'root'
group 'root'
mode '0644'
variables(
run_dir: run_dir,
run_user: new_resource.run_user,
run_group: new_resource.run_group
)
cookbook 'mysql'
action :create
end
# service management resource
service "#{new_resource.name} :start #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Systemd
supports restart: true, status: true
action [:enable, :start]
end
end
action :stop do
# service management resource
service "#{new_resource.name} :stop #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Systemd
supports status: true
action [:disable, :stop]
only_if { ::File.exist?("/usr/lib/systemd/system/#{mysql_name}.service") }
end
end
action :restart do
# service management resource
service "#{new_resource.name} :restart #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Systemd
supports restart: true
action :restart
end
end
action :reload do
# service management resource
service "#{new_resource.name} :reload #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Systemd
action :reload
end
end
def create_stop_system_service
# service management resource
service "#{new_resource.name} :create mysql" do
service_name system_service_name
provider Chef::Provider::Service::Systemd
supports status: true
action [:stop, :disable]
end
end
def delete_stop_service
# service management resource
service "#{new_resource.name} :delete #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Systemd
supports status: true
action [:disable, :stop]
only_if { ::File.exist?("/usr/lib/systemd/system/#{mysql_name}.service") }
end
end
end
end
end

89
cookbooks/mysql/libraries/provider_mysql_service_sysvinit.rb
View File

@ -1,89 +0,0 @@
require_relative 'provider_mysql_service_base'
class Chef
class Provider
class MysqlServiceSysvinit < Chef::Provider::MysqlServiceBase
provides :mysql_service, os: '!windows' if defined?(provides)
action :start do
template "#{new_resource.name} :start /etc/init.d/#{mysql_name}" do
path "/etc/init.d/#{mysql_name}"
source 'sysvinit/mysqld.erb'
owner 'root'
group 'root'
mode '0755'
variables(
config: new_resource,
defaults_file: defaults_file,
error_log: error_log,
mysql_name: mysql_name,
mysqladmin_bin: mysqladmin_bin,
mysqld_safe_bin: mysqld_safe_bin,
pid_file: pid_file,
scl_name: scl_name
)
cookbook 'mysql'
action :create
end
service "#{new_resource.name} :start #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Init::Redhat if node['platform_family'] == 'redhat'
provider Chef::Provider::Service::Init::Insserv if node['platform_family'] == 'debian'
supports restart: true, status: true
action [:enable, :start]
end
end
action :stop do
service "#{new_resource.name} :stop #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Init::Redhat if node['platform_family'] == 'redhat'
provider Chef::Provider::Service::Init::Insserv if node['platform_family'] == 'debian'
supports restart: true, status: true
action [:stop]
end
end
action :restart do
service "#{new_resource.name} :restart #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Init::Redhat if node['platform_family'] == 'redhat'
provider Chef::Provider::Service::Init::Insserv if node['platform_family'] == 'debian'
supports restart: true
action :restart
end
end
action :reload do
service "#{new_resource.name} :reload #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Init::Redhat if node['platform_family'] == 'redhat'
provider Chef::Provider::Service::Init::Insserv if node['platform_family'] == 'debian'
action :reload
end
end
def create_stop_system_service
service "#{new_resource.name} :create #{system_service_name}" do
service_name system_service_name
provider Chef::Provider::Service::Init::Redhat if node['platform_family'] == 'redhat'
provider Chef::Provider::Service::Init::Insserv if node['platform_family'] == 'debian'
supports status: true
action [:stop, :disable]
end
end
def delete_stop_service
service "#{new_resource.name} :delete #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Init::Redhat if node['platform_family'] == 'redhat'
provider Chef::Provider::Service::Init::Insserv if node['platform_family'] == 'debian'
supports status: true
action [:disable, :stop]
only_if { ::File.exist?("#{etc_dir}/init.d/#{mysql_name}") }
end
end
end
end
end

114
cookbooks/mysql/libraries/provider_mysql_service_upstart.rb
View File

@ -1,114 +0,0 @@
require_relative 'provider_mysql_service_base'
class Chef
class Provider
class MysqlServiceUpstart < Chef::Provider::MysqlServiceBase
if defined?(provides) # foodcritic ~FC023
provides :mysql_service, os: 'linux' do
Chef::Platform::ServiceHelpers.service_resource_providers.include?(:upstart) &&
!Chef::Platform::ServiceHelpers.service_resource_providers.include?(:redhat)
end
end
action :start do
template "#{new_resource.name} :start /usr/sbin/#{mysql_name}-wait-ready" do
path "/usr/sbin/#{mysql_name}-wait-ready"
source 'upstart/mysqld-wait-ready.erb'
owner 'root'
group 'root'
mode '0755'
variables(socket_file: socket_file)
cookbook 'mysql'
action :create
end
template "#{new_resource.name} :start /etc/init/#{mysql_name}.conf" do
path "/etc/init/#{mysql_name}.conf"
source 'upstart/mysqld.erb'
owner 'root'
group 'root'
mode '0644'
variables(
defaults_file: defaults_file,
mysql_name: mysql_name,
run_group: new_resource.run_group,
run_user: new_resource.run_user,
socket_dir: socket_dir
)
cookbook 'mysql'
action :create
end
service "#{new_resource.name} :start #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Upstart
supports status: true
action [:start]
end
end
action :stop do
service "#{new_resource.name} :stop #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Upstart
supports restart: true, status: true
action [:stop]
end
end
action :restart do
# With Upstart, restarting the service doesn't behave "as expected".
# We want the post-start stanzas, which wait until the
# service is available before returning
#
# http://upstart.ubuntu.com/cookbook/#restart
service "#{new_resource.name} :restart stop #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Upstart
action :stop
end
service "#{new_resource.name} :restart start #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Upstart
action :start
end
end
action :reload do
# With Upstart, reload just sends a HUP signal to the process.
# As far as I can tell, this doesn't work the way it's
# supposed to, so we need to actually restart the service.
service "#{new_resource.name} :reload stop #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Upstart
action :stop
end
service "#{new_resource.name} :reload start #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Upstart
action :start
end
end
def create_stop_system_service
service "#{new_resource.name} :create #{system_service_name}" do
service_name system_service_name
provider Chef::Provider::Service::Upstart
supports status: true
action [:stop, :disable]
end
end
def delete_stop_service
service "#{new_resource.name} :delete #{mysql_name}" do
service_name mysql_name
provider Chef::Provider::Service::Upstart
action [:disable, :stop]
only_if { ::File.exist?("#{etc_dir}/init/#{mysql_name}") }
end
end
end
end
end

45
cookbooks/mysql/libraries/provider_priority_linux.rb
View File

@ -1,45 +0,0 @@
begin
require 'chef/platform/provider_priority_map'
rescue LoadError # rubocop: disable Lint/HandleExceptions
end
require_relative 'provider_mysql_service_smf'
require_relative 'provider_mysql_service_systemd'
require_relative 'provider_mysql_service_sysvinit'
require_relative 'provider_mysql_service_upstart'
require_relative 'provider_mysql_config'
require_relative 'provider_mysql_client'
if defined? Chef::Platform::ProviderPriorityMap
Chef::Platform::ProviderPriorityMap.instance.priority(
:mysql_service,
[Chef::Provider::MysqlServiceSystemd, Chef::Provider::MysqlServiceUpstart, Chef::Provider::MysqlServiceSysvinit],
os: 'linux'
)
else
# provider mappings for Chef 11
# systemd service
Chef::Platform.set platform: :fedora, version: '>= 19', resource: :mysql_service, provider: Chef::Provider::MysqlServiceSystemd
Chef::Platform.set platform: :redhat, version: '>= 7.0', resource: :mysql_service, provider: Chef::Provider::MysqlServiceSystemd
Chef::Platform.set platform: :centos, version: '>= 7.0', resource: :mysql_service, provider: Chef::Provider::MysqlServiceSystemd
Chef::Platform.set platform: :scientific, version: '>= 7.0', resource: :mysql_service, provider: Chef::Provider::MysqlServiceSystemd
Chef::Platform.set platform: :oracle, version: '>= 7.0', resource: :mysql_service, provider: Chef::Provider::MysqlServiceSystemd
# smf service
Chef::Platform.set platform: :omnios, resource: :mysql_service, provider: Chef::Provider::MysqlServiceSmf
Chef::Platform.set platform: :smartos, resource: :mysql_service, provider: Chef::Provider::MysqlServiceSmf
# upstart service
Chef::Platform.set platform: :ubuntu, resource: :mysql_service, provider: Chef::Provider::MysqlServiceUpstart
# default service
Chef::Platform.set resource: :mysql_service, provider: Chef::Provider::MysqlServiceSysvinit
# config
Chef::Platform.set resource: :mysql_config, provider: Chef::Provider::MysqlConfig
# client
Chef::Platform.set resource: :mysql_client, provider: Chef::Provider::MysqlClient
end

18
cookbooks/mysql/libraries/resource_mysql_client.rb
View File

@ -1,18 +0,0 @@
require 'chef/resource/lwrp_base'
class Chef
class Resource
class MysqlClient < Chef::Resource::LWRPBase
provides :mysql_client
self.resource_name = :mysql_client
actions :create, :delete
default_action :create
attribute :client_name, kind_of: String, name_attribute: true, required: true
attribute :package_name, kind_of: Array, default: nil
attribute :package_version, kind_of: String, default: nil
attribute :version, kind_of: String, default: nil # mysql_version
end
end
end

22
cookbooks/mysql/libraries/resource_mysql_config.rb
View File

@ -1,22 +0,0 @@
require 'chef/resource/lwrp_base'
class Chef
class Resource
class MysqlConfig < Chef::Resource::LWRPBase
provides :mysql_config
self.resource_name = :mysql_config
actions :create, :delete
default_action :create
attribute :config_name, kind_of: String, name_attribute: true, required: true
attribute :cookbook, kind_of: String, default: nil
attribute :group, kind_of: String, default: 'mysql'
attribute :instance, kind_of: String, default: 'default'
attribute :owner, kind_of: String, default: 'mysql'
attribute :source, kind_of: String, default: nil
attribute :variables, kind_of: [Hash], default: nil
attribute :version, kind_of: String, default: nil
end
end
end

31
cookbooks/mysql/libraries/resource_mysql_service.rb
View File

@ -1,31 +0,0 @@
require 'chef/resource/lwrp_base'
class Chef
class Resource
class MysqlService < Chef::Resource::LWRPBase
provides :mysql_service
self.resource_name = :mysql_service
actions :create, :delete, :start, :stop, :restart, :reload
default_action :create
attribute :charset, kind_of: String, default: 'utf8'
attribute :data_dir, kind_of: String, default: nil
attribute :initial_root_password, kind_of: String, default: 'ilikerandompasswords'
attribute :instance, kind_of: String, name_attribute: true
attribute :package_action, kind_of: Symbol, default: :install
attribute :package_name, kind_of: String, default: nil
attribute :package_version, kind_of: String, default: nil
attribute :bind_address, kind_of: String, default: nil
attribute :port, kind_of: [String, Integer], default: '3306'
attribute :run_group, kind_of: String, default: 'mysql'
attribute :run_user, kind_of: String, default: 'mysql'
attribute :socket, kind_of: String, default: nil
attribute :mysqld_options, kind_of: Hash, default: {}
attribute :version, kind_of: String, default: nil
attribute :error_log, kind_of: String, default: nil
attribute :tmp_dir, kind_of: String, default: nil
attribute :pid_file, kind_of: String, default: nil
end
end
end

2
cookbooks/mysql/metadata.json
View File

File diff suppressed because one or more lines are too long

15
cookbooks/mysql/templates/default/apparmor/usr.sbin.mysqld-instance.erb
View File

@ -2,12 +2,13 @@
/etc/<%= @mysql_name %>/conf.d/ r,
/etc/<%= @mysql_name %>/conf.d/* r,
/etc/<%= @mysql_name %>/my.cnf r,
<%= @log_dir %>/ r,
<%= @log_dir %>/* rw,
<%= @data_dir %>/ r,
<%= @data_dir %>/** rwk,
<%= @run_dir %>/** rw,
<%= @pid_file %> rw,
<%= @socket_file %> rw,
<%= @config.log_dir %>/ r,
<%= @config.log_dir %>/* rw,
<%= @config.data_dir %>/ r,
<%= @config.data_dir %>/** rwk,
<%= @config.run_dir %>/** rw,
<%= @config.pid_file %> rw,
<%= @config.socket_file %> rw,
/tmp/<%= @mysql_name %>/ r,
/tmp/<%= @mysql_name %>/my.sql r,
<%= @config.tmp_dir %>/* rw,

2
cookbooks/mysql/templates/default/apparmor/usr.sbin.mysqld.erb
View File

@ -35,8 +35,10 @@
/var/log/mysql/* rw,
/var/run/mysqld/mysqld.pid rw,
/var/run/mysqld/mysqld.sock w,
/var/run/mysqld/mysqld.sock.lock rw,
/run/mysqld/mysqld.pid rw,
/run/mysqld/mysqld.sock w,
/run/mysqld/mysqld.sock.lock rw,
/sys/devices/system/cpu/ r,

36
cookbooks/mysql/templates/default/my.cnf.erb
View File

@ -7,8 +7,8 @@ default-character-set = <%= @config.charset %>
<% if @config.port %>
port = <%= @config.port %>
<% end %>
<% if @socket_file %>
socket = <%= @socket_file %>
<% if @config.socket_file %>
socket = <%= @config.socket_file %>
<% end %>
[mysql]
@ -20,11 +20,11 @@ default-character-set = <%= @config.charset %>
<% if @config.run_user %>
user = <%= @config.run_user %>
<% end %>
<% if @pid_file %>
pid-file = <%= @pid_file %>
<% if @config.pid_file %>
pid-file = <%= @config.pid_file %>
<% end %>
<% if @socket_file %>
socket = <%= @socket_file %>
<% if @config.socket_file %>
socket = <%= @config.socket_file %>
<% end %>
<% if @config.bind_address %>
bind-address = <%= @config.bind_address %>
@ -32,26 +32,26 @@ bind-address = <%= @config.bind_address %>
<% if @config.port %>
port = <%= @config.port %>
<% end %>
<% if @data_dir %>
datadir = <%= @data_dir %>
<% if @config.data_dir %>
datadir = <%= @config.data_dir %>
<% end %>
<% if @tmp_dir %>
tmpdir = <%= @tmp_dir %>
<% if @config.tmp_dir %>
tmpdir = <%= @config.tmp_dir %>
<% end %>
<% @config.mysqld_options.each do |option,value| %>
<%= option %> = <%= value %>
<% end %>
<% if @lc_messages_dir %>
lc-messages-dir = <%= @lc_messages_dir %>
<% if @config.lc_messages_dir %>
lc-messages-dir = <%= @config.lc_messages_dir %>
<% end %>
<% if @error_log %>
log-error = <%= @error_log %>
<% if @config.error_log %>
log-error = <%= @config.error_log %>
<% end %>
<% if @include_dir %>
!includedir <%= @include_dir %>
<% if @config.include_dir %>
!includedir <%= @config.include_dir %>
<% end %>
[mysqld_safe]
<% if @socket_file %>
socket = <%= @socket_file %>
<% if @config.socket_file %>
socket = <%= @config.socket_file %>
<% end %>

2
cookbooks/ohai/.foodcritic
View File

@ -1,2 +0,0 @@
~FC016
~FC009

33
cookbooks/ohai/CHANGELOG.md
View File

@ -2,6 +2,39 @@
This file is used to list changes made in each version of the ohai cookbook.
## 5.2.5 (2018-09-04)
- Add note that ohai_hint will be removed April 2019 when Chef 13 goes EOL as this resource now ships in Chef 14+
## 5.2.4 (2018-08-28)
- Avoid deprecation warnings in Chef 14.3+ by not loading resources already in Chef
## 5.2.3 (2018-06-08)
- Make sure we properly compare a provided plugin path to the path on disk by stripping trailing slashes from the provided directory
- Don't reload ohai when the plugin exists in a subdirectory of the config's set plugin path
## 5.2.2 (2018-02-15)
- Remove ChefSpec matchers we no longer need since they're auto generated
## 5.2.1 (2018-01-25)
- Switch from a .foodcritic file to an inline comments which resolve Supermarket warnings
- Remove unused helper method
## 5.2.0 (2017-08-17)
- Resolve multiple issues with Windows paths that caused the cookbook to converge on every run or fail
- Move maintainer information to the readme
- Add testing on Chef 12.7 in Travis
- Move helpers to their own modules and add testing framework
## 5.1.0 (2017-05-06)
- Workaround action_class bug by requiring Chef 12.7+
## 5.0.4 (2017-04-25)
- Fix lack of .rb extension when deleting plugins.

15
cookbooks/ohai/MAINTAINERS.md
View File

@ -1,15 +0,0 @@
<!-- This is a generated file. Please do not edit directly -->
# Maintainers
This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead.
Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead.
# Project Maintainer
* [Tim Smith](https://github.com/tas50)
# Maintainers
* [Jennifer Davis](https://github.com/sigje)
* [Tim Smith](https://github.com/tas50)
* [Thom May](https://github.com/thommay)

10
cookbooks/ohai/README.md
View File

@ -4,6 +4,8 @@
Contains custom resources for adding Ohai hints and installing custom Ohai plugins. Handles path creation as well as the reloading of Ohai so that new data will be available during the same run.
NOTE: The ohai_hint resource shipped in Chef 14.0 (April 2018). When Chef 15.0 is released (April 2019) and Chef 13 goes EOL the ohai_hint resource will be removed from this cookbook.
## Requirements
### Platforms
@ -16,7 +18,7 @@ Contains custom resources for adding Ohai hints and installing custom Ohai plugi
### Chef
- Chef 12.5+
- Chef 12.7+
### Cookbooks
@ -113,9 +115,11 @@ You can check for the creation or deletion of ohai plugins with chefspec using t
- create_ohai_plugin
- delete_ohai_plugin
## License & Authors
## Maintainers
**Author:** Cookbook Engineering Team ([cookbooks@chef.io](mailto:cookbooks@chef.io))
This cookbook is maintained by Chef's Community Cookbook Engineering team. Our goal is to improve cookbook quality and to aid the community in contributing to cookbooks. To learn more about our team, process, and design goals see our [team documentation](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/COOKBOOK_TEAM.MD). To learn more about contributing to cookbooks like this see our [contributing documentation](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD), or if you have general questions about this cookbook come chat with us in #cookbok-engineering on the [Chef Community Slack](http://community-slack.chef.io/)
## License
**Copyright:** 2011-2016, Chef Software, Inc.

26
cookbooks/iis/recipes/mod_application_initialization.rb → cookbooks/ohai/libraries/hint_helpers.rb
View File

@ -1,9 +1,10 @@
#
# Author:: Seth Chisamore (<schisamo@chef.io>)
# Cookbook:: iis
# Recipe:: mod_application_initialization
# Cookbook:: ohai
# Library:: hint_helpers
#
# Copyright:: 2011-2016, Chef Software, Inc.
# Author:: Tim Smith (<tsmith@chef.io>)
#
# Copyright:: 2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -18,12 +19,17 @@
# limitations under the License.
#
include_recipe 'iis'
module OhaiCookbook
module HintHelpers
def ohai_hint_file_path(filename)
path = ::File.join(::Ohai::Config.ohai.hints_path.first, filename)
path << '.json' unless path.end_with?('.json')
path
end
if Opscode::IIS::Helper.older_than_windows2008r2?
log 'Application Initialization module is not supported on Windows 2008 or lower, ignoring'
else
windows_feature 'IIS-ApplicationInit' do
action :install
def format_content(content)
return '' if content.nil? || content.empty?
JSON.pretty_generate(content)
end
end
end

41
cookbooks/ohai/libraries/matchers.rb
View File

@ -1,41 +0,0 @@
#
# Cookbook:: ohai
# Library:: matchers
#
# Author:: Tim Smith (<tsmith@chef.io>)
#
# Copyright:: 2016-2017, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
if defined?(ChefSpec)
ChefSpec.define_matcher :ohai_hint
ChefSpec.define_matcher :ohai_plugin
def create_ohai_hint(resource)
ChefSpec::Matchers::ResourceMatcher.new(:ohai_hint, :create, resource)
end
def delete_ohai_hint(resource)
ChefSpec::Matchers::ResourceMatcher.new(:ohai_hint, :delete, resource)
end
def create_ohai_plugin(resource)
ChefSpec::Matchers::ResourceMatcher.new(:ohai_plugin, :create, resource)
end
def delete_ohai_plugin(resource)
ChefSpec::Matchers::ResourceMatcher.new(:ohai_plugin, :delete, resource)
end
end

77
cookbooks/ohai/libraries/plugin_helpers.rb Normal file
View File

@ -0,0 +1,77 @@
#
# Cookbook:: ohai
# Library:: plugin_helpers
#
# Author:: Tim Smith (<tsmith@chef.io>)
#
# Copyright:: 2017-2018, Chef Software, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
module OhaiCookbook
module PluginHelpers
# return the path property if specified or
# CHEF_CONFIG_PATH/ohai/plugins if a path isn't specified
def desired_plugin_path
if new_resource.path
new_resource.path.chomp('/') # if the user gave us /foo/bar/ we need /foo/bar for later comparison
else
::File.join(chef_config_path, 'ohai', 'plugins')
end
end
# return the chef config files dir or fail hard
def chef_config_path
if Chef::Config['config_file']
::File.dirname(Chef::Config['config_file'])
else
Chef::Application.fatal!("No chef config file defined. Are you running \
chef-solo? If so you will need to define a path for the ohai_plugin as the \
path cannot be determined")
end
end
# is the desired plugin dir in the ohai config plugin dir array?
def in_plugin_path?(path)
normalized_path = normalize_path(path)
# get the directory where we plan to stick the plugin (not the actual file path)
desired_dir = ::File.directory?(normalized_path) ? normalized_path : ::File.dirname(normalized_path)
::Ohai::Config.ohai['plugin_path'].map { |x| normalize_path(x) }.any? do |d|
desired_dir.start_with?(d)
end
end
# return path to lower and with forward slashes so we can compare it
# this works around the 3 different way we can represent windows paths
def normalize_path(path)
path.downcase.gsub(/\\+/, '/')
end
def add_to_plugin_path(path)
::Ohai::Config.ohai['plugin_path'] << path # new format
end
# we need to warn the user that unless the path for this plugin is in Ohai's
# plugin path already we're going to have to reload Ohai on every Chef run.
# Ideally in future versions of Ohai /etc/chef/ohai/plugins is in the path.
def plugin_path_warning
Chef::Log.warn("The Ohai plugin_path does not include #{desired_plugin_path}. \
Ohai will reload on each chef-client run in order to add this directory to the \
path unless you modify your client.rb configuration to add this directory to \
plugin_path. The plugin_path can be set via the chef-client::config recipe. \
See 'Ohai Settings' at https://docs.chef.io/config_rb_client.html#ohai-settings \
for more details.")
end
end
end

2
cookbooks/ohai/metadata.json
View File

File diff suppressed because one or more lines are too long

31
cookbooks/ohai/resources/hint.rb
View File

@ -1,3 +1,7 @@
chef_version_for_provides '< 14.0' if respond_to?(:chef_version_for_provides)
resource_name :ohai_hint
property :hint_name, String, name_property: true
property :content, Hash
property :compile_time, [true, false], default: true
@ -8,14 +12,14 @@ action :create do
recursive true
end
file ohai_hint_path do
file ohai_hint_file_path(new_resource.hint_name) do
action :create
content build_content
content format_content(new_resource.content)
end
end
action :delete do
file ohai_hint_path do
file ohai_hint_file_path(new_resource.hint_name) do # ~FC009
action :delete
notifies :reload, ohai[reload ohai post hint removal]
end
@ -25,25 +29,8 @@ action :delete do
end
end
action_class.class_eval do
def ohai_hint_path
path = ::File.join(::Ohai::Config.ohai.hints_path.first, new_resource.hint_name)
path << '.json' unless path.end_with?('.json')
path
end
def build_content
# passing nil to file produces deprecation warnings so pass an empty string
return nil if new_resource.content.nil? || new_resource.content.empty?
JSON.pretty_generate(new_resource.content)
end
def file_content(path)
return JSON.parse(::File.read(path))
rescue JSON::ParserError
Chef::Log.debug("Could not parse JSON in ohai hint at #{ohai_hint_path}. It's probably an empty hint file")
return nil
end
action_class do
include OhaiCookbook::HintHelpers
end
# this resource forces itself to run at compile_time

52
cookbooks/ohai/resources/plugin.rb
View File

@ -56,56 +56,8 @@ action :delete do
end
end
action_class.class_eval do
# return the path property if specified or
# CHEF_CONFIG_PATH/ohai/plugins if a path isn't specified
def desired_plugin_path
if new_resource.path
new_resource.path
else
::File.join(chef_config_path, 'ohai', 'plugins')
end
end
# return the chef config files dir or fail hard
def chef_config_path
if Chef::Config['config_file']
::File.dirname(Chef::Config['config_file'])
else
Chef::Application.fatal!("No chef config file defined. Are you running \
chef-solo? If so you will need to define a path for the ohai_plugin as the \
path cannot be determined")
end
end
# is the desired plugin dir in the ohai config plugin dir array?
def in_plugin_path?(path)
# get the directory where we plan to stick the plugin (not the actual file path)
desired_dir = ::File.directory?(path) ? path : ::File.dirname(path)
case node['platform']
when 'windows'
::Ohai::Config.ohai['plugin_path'].map(&:downcase).include?(desired_dir.downcase)
else
::Ohai::Config.ohai['plugin_path'].include?(desired_dir)
end
end
def add_to_plugin_path(path)
::Ohai::Config.ohai['plugin_path'] << path # new format
end
# we need to warn the user that unless the path for this plugin is in Ohai's
# plugin path already we're going to have to reload Ohai on every Chef run.
# Ideally in future versions of Ohai /etc/chef/ohai/plugins is in the path.
def plugin_path_warning
Chef::Log.warn("The Ohai plugin_path does not include #{desired_plugin_path}. \
Ohai will reload on each chef-client run in order to add this directory to the \
path unless you modify your client.rb configuration to add this directory to \
plugin_path. The plugin_path can be set via the chef-client::config recipe. \
See 'Ohai Settings' at https://docs.chef.io/config_rb_client.html#ohai-settings \
for more details.")
end
action_class do
include OhaiCookbook::PluginHelpers
end
# this resource forces itself to run at compile_time

1
cookbooks/openssl/.foodcritic
View File

@ -1 +0,0 @@
~FC016

94
cookbooks/openssl/CHANGELOG.md
View File

@ -2,6 +2,100 @@
This file is used to list changes made in each version of the openssl cookbook.
## 8.5.5 (2018-09-04)
All resources in this cookbook are now built into Chef 14.4+. When Chef 15.4 is released (April 2019) the resources will be removed from this cookbook as all users should be running Chef 14.4 or later at that point.
## 8.5.4 (2018-08-29)
- Add missing email documentation for the request property
- Fix x509_crl to work on non-Linux platforms
- Attribute -> Property in the readme
- revokation -> revocation in the readme
- Update group/owner documentation
- Avoid deprecation warnings on Chef 14.3+
## 8.5.3 (2018-08-15)
- Call ::OpenSSL not OpenSSL to be more defensive in the helpers
## 8.5.2 (2018-08-14)
- Back out mode change in ec_private_key
## 8.5.1 (2018-08-14)
- Add license headers to the resources
- Remove default_action setup from the resources since this is done automatically in custom resources now
- Make sure to use the path name_property when creating the ec public key file
- Make sure we're using openssl and not Chef's Openssl class
- Simplify how we handle user/group properties
## 8.5.0 (2018-08-02)
- Use the system provided owner/group defaults in resources
- Added new openssl_x509_crl resource
- Fix openssl_ec_public_key with documentation & tests
- Few corrections in the documentation
- Fix backward compatibility with chef client 12
## 8.4.0 (2018-07-30)
This release is brought to you by Institut National de l'Audiovisuel, which contributed the following changes:
- openssl_x509 is renamed to openssl_x509_certificate with backwards compatibility for the old name
- openssl_x509_certificate can now generate a signed certificate with a provided CA cert & key
- openssl_x509_certificate now support x509 extensions
- openssl_x509_certificate now support x509 csr
- openssl_x509_certificate now generate a random serial for the certificate
- openssl_x509_certificate expires has now a default value : 365
- country field is now mandatory in x509_request
- the private key file is not rewrited in x509_request if it already exist
## 8.3.0 (2018-07-25)
- Add resource x509_request
## 8.2.0 (2018-07-23)
- Add ec_private_key & ec_public_key resources
## 8.1.2 (2018-02-09)
- Fix typo in resources that caused failures on Windows.
- Properly reference key_cipher in the readme
## 8.1.1 (2018-01-05)
- Add YARD comments to all the helpers
- Move valid ciphers directly into the equal_to check
- Remove the Chefspec matchers since modern ChefSpec does this automatically
- Fix failures on Windows nodes
## 8.1.0 (2017-12-28)
- Adding x509 support for /ST and /L
- Allow passing private key content to rsa_public_key resource via property
- Fix openssl_rsa_public_key converging on every run
- Fix undefied method "cipher" error in openssl_rsa_private_key resource
## 8.0.0 (2017-12-11)
- Added a new openssl_rsa_public_key resource which generates a public key from a private key
- Rename openssl_rsa_key to openssl_rsa_private_key, while still allowing the old name to function. This resource actually generates private keys, but the previous name didn't make that clear
- Added owner, group, and mode properties to all of the resources so you could control who owned the files you generated
- Set the default modes of generated files to 640 instead of 644
- Set the files to generate using node['root_group'] not 'root' for compatibility on other *nix systems such as FreeBSD and macOS
- Added a new property to openssl_rsa_private_key for specifying the cipher to use
- Converted integration tests to InSpec and moved all resources to a single Kitchen suite for quicker testing
- Added a force property to allow overwriting any existing key that may exist
- Fixed upgrade recipe failures on Debian 9
- Added a new path property which allows you to set the path there instead of in the resource's name
- Improved input validation in some of the helpers
- Added a deprecation message in Opscode::OpenSSL::Password helper "secure_password" and removed readme documentation
- Added a warning in the upgrade recipe if we're on an unsupported platform
- Switched the upgrade recipe to a multipackage upgrade to speed up Chef runs
## 7.1.0 (2017-05-30)
- Add supported platforms to the metdata

15
cookbooks/openssl/MAINTAINERS.md
View File

@ -1,15 +0,0 @@
<!-- This is a generated file. Please do not edit directly -->
# Maintainers
This file lists how this cookbook project is maintained. When making changes to the system, this file tells you who needs to review your patch - you need a review from an existing maintainer for the cookbook to provide a :+1: on your pull request. Additionally, you need to not receive a veto from a Lieutenant or the Project Lead.
Check out [How Cookbooks are Maintained](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD) for details on the process and how to become a maintainer or the project lead.
# Project Maintainer
* [Tim Smith](https://github.com/tas50)
# Maintainers
* [Jennifer Davis](https://github.com/sigje)
* [Tim Smith](https://github.com/tas50)
* [Thom May](https://github.com/thommay)

339
cookbooks/openssl/README.md
View File

@ -6,22 +6,26 @@ This cookbook provides tools for working with the Ruby OpenSSL library. It inclu
- A library method to generate secure random passwords in recipes, using the Ruby SecureRandom library.
- A resource for generating RSA private keys.
- A resource for generating RSA public keys.
- A resource for generating EC private keys.
- A resource for generating EC public keys.
- A resource for generating x509 certificates.
- A resource for generating x509 requests.
- A resource for generating x509 crl.
- A resource for generating dhparam.pem files.
- An attribute-driven recipe for upgrading OpenSSL packages.
NOTE: All resources in this cookbook are now built-into Chef 14.4 and later so this cookbook is no longer necessary to use those resources. When Chef 15.4 is released (Aug 2019) the resources will be removed from this cookbook as all users should be running Chef 14.4 or later.
## Platforms
The `random_password` mixin works on any platform with the Ruby SecureRandom module. This module is already included with Chef.
The `openssl_x509`, `openssl_rsa_key` and `openssl_dhparam` resources work on any platform with the OpenSSL Ruby bindings installed. These bindings are already included with Chef.
The `upgrade` recipe has been tested on the following platforms:
- Debian / Ubuntu derivatives
- RHEL and derivatives
- Fedora
- FreeBSD
- macOS
- openSUSE / SUSE Linux Enterprises
- RHEL/CentOS/Scientific/Amazon/Oracle
- Solaris
## Chef
@ -37,10 +41,6 @@ The `upgrade` recipe has been tested on the following platforms:
## Recipes
### default
An empty placeholder recipe. Takes no action.
### upgrade
The upgrade recipe iterates over the list of packages in the `node['openssl']['packages']` attribute, and manages them with the `:upgrade` action. Each package will send a `:restart` notification to service resources named in the `node['openssl']['restart_services']` attribute.
@ -62,7 +62,7 @@ include_recipe 'openssl::upgrade'
When executed, this recipe will ensure that openssl is upgraded to the latest version, and that the `stats_collector` service is restarted to pick up the latest security fixes released in the openssl package.
## Libraries & Resources
## Libraries
There are two mixins packaged with this cookbook.
@ -83,39 +83,41 @@ node.normal['my_secure_attribute'] = random_password(length: 50, mode: :base64,
Note that node attributes are widely accessible. Storing unencrypted passwords in node attributes, as in this example, carries risk.
### ~~secure_password (`Opscode::OpenSSL::Password`)~~
## Resources
This library should be considered deprecated and will be removed in a future version. Please use `OpenSSLCookbook::RandomPassword` instead. The documentation is kept here for historical reasons.
### openssl_x509_certificate
#### ~~Example Usage~~
This resource generates signed or self-signed, PEM-formatted x509 certificates. If no existing key is specified, the resource will automatically generate a passwordless key with the certificate. If a CA private key and certificate are provided, the certificate will be signed with them.
```ruby
::Chef::Recipe.send(:include, Opscode::OpenSSL::Password)
node.normal_unless['my_password'] = secure_password
```
Note: This resource was renamed from openssl_x509 to openssl_x509_certificate. The legacy name will continue to function, but cookbook code should be updated for the new resource name.
~~Note that node attributes are widely accessible. Storing unencrypted passwords in node attributes, as in this example, carries risk.~~
#### Properties
### openssl_x509
This resource generates self-signed, PEM-formatted x509 certificates. If no existing key is specified, the resource will automatically generate a passwordless key with the certificate.
#### Attributes
Name | Type | Description
------------------ | --------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
`common_name` | String (Required) | Value for the `CN` certificate field.
`org` | String (Required) | Value for the `O` certificate field.
`org_unit` | String (Required) | Value for the `OU` certificate field.
`country` | String (Required) | Value for the `C` ssl field.
`expire` | Fixnum (Optional) | Value representing the number of days from _now_ through which the issued certificate cert will remain valid. The certificate will expire after this period.
`subject_alt_name` | Array (Optional) | Array of _Subject Alternative Name_ entries, in format `DNS:example.com` or `IP:1.2.3.4` _Default: empty_
`key_file` | String (Optional) | The path to a certificate key file on the filesystem. If the `key_file` attribute is specified, the resource will attempt to source a key from this location. If no key file is found, the resource will generate a new key file at this location. If the `key_file` attribute is not specified, the resource will generate a key file in the same directory as the generated certificate, with the same name as the generated certificate.
`key_pass` | String (Optional) | The passphrase for an existing key's passphrase
`key_length` | Fixnum (Optional) | The desired Bit Length of the generated key. _Default: 2048_
`owner` | String (optional) | The owner of all files created by the resource. _Default: "root"_
`group` | String (optional) | The group of all files created by the resource. _Default: "root"_
`mode` | String or Fixnum (Optional) | The permission mode of all files created by the resource. _Default: "0400"_
Name | Type | Description
------------------ | ---------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
`path` | String (Optional) | Optional path to write the file to if you'd like to specify it here instead of in the resource name
`common_name` | String (Optional) | Value for the `CN` certificate field.
`org` | String (Optional) | Value for the `O` certificate field.
`org_unit` | String (Optional) | Value for the `OU` certificate field.
`city` | String (Optional) | Value for the `L` certificate field.
`state` | String (Optional) | Value for the `ST` certificate field.
`country` | String (Optional) | Value for the `C` ssl field.
`email` | String (Optional) | Value for the `email` ssl field.
`expire` | Integer (Optional) | Value representing the number of days from _now_ through which the issued certificate cert will remain valid. The certificate will expire after this period. _Default: 365
`extensions` | Hash (Optional) | Hash of X509 Extensions entries, in format `{ 'keyUsage' => { 'values' => %w( keyEncipherment digitalSignature), 'critical' => true } }` _Default: empty_
`subject_alt_name` | Array (Optional) | Array of _Subject Alternative Name_ entries, in format `DNS:example.com` or `IP:1.2.3.4` _Default: empty_
`key_file` | String (Optional) | The path to a certificate key file on the filesystem. If the `key_file` property is specified, the resource will attempt to source a key from this location. If no key file is found, the resource will generate a new key file at this location. If the `key_file` property is not specified, the resource will generate a key file in the same directory as the generated certificate, with the same name as the generated certificate.
`key_pass` | String (Optional) | The passphrase for an existing key's passphrase
`key_type` | String (Optional) | The desired type of the generated key (rsa or ec). _Default: rsa_
`key_length` | Integer (Optional) | The desired Bit Length of the generated key (if key_type is equal to 'rsa'). _Default: 2048_
`key_curve` | String (Optional) | The desired curve of the generated key (if key_type is equal to 'ec'). Run `openssl ecparam -list_curves` to see available options. _Default: prime256v1_
`csr_file` | String (Optional) | The path to a X509 Certificate Request (CSR) on the filesystem. If the `csr_file` property is specified, the resource will attempt to source a CSR from this location. If no CSR file is found, the resource will generate a Self-Signed Certificate and the certificate fields must be specified (common_name at last).
`ca_cert_file` | String (Optional) | The path to the CA X509 Certificate on the filesystem. If the `ca_cert_file` property is specified, the `ca_key_file` property must also be specified, the certificate will be signed with them.
`ca_key_file` | String (Optional) | The path to the CA private key on the filesystem. If the `ca_key_file` property is specified, the `ca_cert_file' property must also be specified, the certificate will be signed with them.
`ca_key_pass` | String (Optional) | The passphrase for CA private key's passphrase
`owner` | String (optional) | The owner of all files created by the resource.
`group` | String (optional) | The group of all files created by the resource.
`mode` | String or Integer (Optional) | The permission mode of all files created by the resource.
#### Example Usage
@ -132,19 +134,131 @@ end
When executed, this recipe will generate a key certificate at `/etc/httpd/ssl/mycert.key`. It will then use that key to generate a new certificate file at `/etc/httpd/ssl/mycert.pem`.
In this example, an administrator wishes to create a x509 certificate signed with a CA certificate and key. In order to create the certificate, the administrator crafts this recipe:
```ruby
openssl_x509_certificate '/etc/ssl_test/my_signed_cert.crt' do
common_name 'www.f00bar.com'
ca_key_file '/etc/ssl_test/my_ca.key'
ca_cert_file '/etc/ssl_test/my_ca.crt'
expire 365
extensions(
'keyUsage' => {
'values' => %w(
keyEncipherment
digitalSignature),
'critical' => true,
},
'extendedKeyUsage' => {
'values' => %w(serverAuth),
'critical' => false,
}
)
subject_alt_name ['IP:127.0.0.1', 'DNS:localhost.localdomain']
end
```
When executed, this recipe will generate a key certificate at `/etc/ssl_test/my_signed_cert.key`. It will then use that key to generate a CSR and signed it with `my_ca.key/my_ca.crt`. A new certificate file at `/etc/ssl_test/my_signed_cert.cert` will be created as a result.
### openssl_x509_request
This resource generates PEM-formatted x509 certificates requests. If no existing key is specified, the resource will automatically generate a passwordless key with the certificate.
#### Properties
Name | Type | Description
--------------------- | ------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------
`path` | String (Optional) | Optional path to write the file to if you'd like to specify it here instead of in the resource name
`common_name` | String (Required) | Value for the `CN` certificate field.
`org` | String (Optional) | Value for the `O` certificate field.
`org_unit` | String (Optional) | Value for the `OU` certificate field.
`city` | String (Optional) | Value for the `L` certificate field.
`state` | String (Optional) | Value for the `ST` certificate field.
`country` | String (Optional) | Value for the `C` ssl field.
`email` | String (Optional) | Value for the `email` ssl field.
`key_file` | String (Optional) | The path to a certificate key file on the filesystem. If the `key_file` property is specified, the resource will attempt to source a key from this location. If no key file is found, the resource will generate a new key file at this location. If the `key_file` property is not specified, the resource will generate a key file in the same directory as the generated certificate, with the same name as the generated certificate.
`key_pass` | String (Optional) | The passphrase for an existing key's passphrase
`key_type` | String (Optional) | The desired type of the generated key (rsa or ec). _Default: ec_
`key_length` | Integer (Optional) | The desired Bit Length of the generated key (if key_type is equal to 'rsa'). _Default: 2048_
`key_curve` | String (Optional) | The desired curve of the generated key (if key_type is equal to 'ec'). Run `openssl ecparam -list_curves` to see available options. _Default: prime256v1
`owner` | String (optional) | The owner of all files created by the resource.
`group` | String (optional) | The group of all files created by the resource.
`mode` | String or Integer (Optional) | The permission mode of all files created by the resource.
#### Example Usage
In this example, an administrator wishes to create a x509 CRL. In order to create the CRL, the administrator crafts this recipe:
```ruby
openssl_x509_request '/etc/ssl_test/my_ec_request.csr' do
common_name 'myecrequest.example.com'
org 'Test Kitchen Example'
org_unit 'Kitchens'
country 'UK'
end
```
When executed, this recipe will generate a key certificate at `/etc/httpd/ssl/my_ec_request.key`. It will then use that key to generate a new csr file at `/etc/ssl_test/my_ec_request.csr`.
### openssl_x509_crl
This resource generates PEM-formatted x509 CRL.
#### Properties
Name | Type | Description
--------------------- | ------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------
`path` | String (Optional) | Optional path to write the file to if you'd like to specify it here instead of in the resource name
`serial_to_revoke` | String or Integer(Optional) | Serial of the X509 Certificate to revoke
`revocation_reason` | String or Integer(Optional) | [Reason of the revocation]((https://en.wikipedia.org/wiki/Certificate_revocation_list#Reasons_for_revocation)) _Default: 0_
`expire` | Integer (Optional) | Value representing the number of days from _now_ through which the issued CRL will remain valid. The CRL will expire after this period. _Default: 8_
`renewal_threshold` | Integer (Optional) | Number of days before the expiration. It this threshold is reached, the CRL will be renewed _Default: 1_
`ca_cert_file` | String (Required) | The path to the CA X509 Certificate on the filesystem. If the `ca_cert_file` property is specified, the `ca_key_file` property must also be specified, the CRL will be signed with them.
`ca_key_file` | String (Required) | The path to the CA private key on the filesystem. If the `ca_key_file` property is specified, the `ca_cert_file' property must also be specified, the CRL will be signed with them.
`ca_key_pass` | String (Optional) | The passphrase for CA private key's passphrase
`owner` | String (optional) | The owner of all files created by the resource.
`group` | String (optional) | The group of all files created by the resource.
`mode` | String or Integer (Optional) | The permission mode of all files created by the resource.
#### Example Usage
In this example, an administrator wishes to create an empty X509 CRL. In order to create the CRL, the administrator crafts this recipe:
```ruby
openssl_x509_crl '/etc/ssl_test/my_ca.crl' do
ca_cert_file '/etc/ssl_test/my_ca.crt'
ca_key_file '/etc/ssl_test/my_ca.key'
end
```
When executed, this recipe will generate a new CRL file at `/etc/ssl_test/my_ca.crl`.
In this example, an administrator wishes to revoke a certificate in an existing X509 CRL.
```ruby
openssl_x509_crl '/etc/ssl_test/my_ca.crl' do
ca_cert_file '/etc/ssl_test/my_ca.crt'
ca_key_file '/etc/ssl_test/my_ca.key'
serial_to_revoke C7BCB6602A2E4251EF4E2827A228CB52BC0CEA2F
end
```
### openssl_dhparam
This resource generates dhparam.pem files. If a valid dhparam.pem file is found at the specified location, no new file will be created. If a file is found at the specified location but it is not a valid dhparam file, it will be overwritten.
#### Attributes
#### Properties
Name | Type | Description
------------ | --------------------------- | ---------------------------------------------------------------------------
`key_length` | Fixnum (Optional) | The desired Bit Length of the generated key. _Default: 2048_
`generator` | Fixnum (Optional) | The desired Diffie-Hellmann generator. Can be _2_ or _5_.
`owner` | String (optional) | The owner of all files created by the resource. _Default: "root"_
`group` | String (optional) | The group of all files created by the resource. _Default: "root"_
`mode` | String or Fixnum (Optional) | The permission mode of all files created by the resource. _Default: "0644"_
Name | Type | Description
------------ | ---------------------------- | ---------------------------------------------------------------------------------------------------
`path` | String (Optional) | Optional path to write the file to if you'd like to specify it here instead of in the resource name
`key_length` | Integer (Optional) | The desired Bit Length of the generated key. _Default: 2048_
`generator` | Integer (Optional) | The desired Diffie-Hellmann generator. Can be _2_ or _5_.
`owner` | String (optional) | The owner of all files created by the resource.
`group` | String (optional) | The group of all files created by the resource.
`mode` | String or Integer (Optional) | The permission mode of all files created by the resource. _Default: "0640"_
#### Example Usage
@ -159,42 +273,135 @@ end
When executed, this recipe will generate a dhparam file at `/etc/httpd/ssl/dhparam.pem`.
### openssl_rsa_key
### openssl_rsa_private_key
This resource generates rsa key files. If a valid rsa key file can be opened at the specified location, no new file will be created. If the RSA key file cannot be opened, either because it does not exist or because the password to the RSA key file does not match the password in the recipe, it will be overwritten.
This resource generates rsa private key files. If a valid rsa key file can be opened at the specified location, no new file will be created. If the RSA key file cannot be opened, either because it does not exist or because the password to the RSA key file does not match the password in the recipe, it will be overwritten.
#### Attributes
Note: This resource was renamed from openssl_rsa_key to openssl_rsa_private_key. The legacy name will continue to function, but cookbook code should be updated for the new resource name.
Name | Type | Description
------------ | --------------------------- | ---------------------------------------------------------------------------
`key_length` | Fixnum (Optional) | The desired Bit Length of the generated key. _Default: 2048_
`key_pass` | String (Optional) | The desired passphrase for the key.
`owner` | String (optional) | The owner of all files created by the resource. _Default: "root"_
`group` | String (optional) | The group of all files created by the resource. _Default: "root"_
`mode` | String or Fixnum (Optional) | The permission mode of all files created by the resource. _Default: "0644"_
#### Properties
Name | Type | Description
------------ | ---------------------------- | -----------------------------------------------------------------------------------------------------------------------------------
`path` | String (Optional) | Optional path to write the file to if you'd like to specify it here instead of in the resource name
`key_length` | Integer (Optional) | The desired Bit Length of the generated key. _Default: 2048_
`key_cipher` | String (Optional) | The designed cipher to use when generating your key. Run `openssl list-cipher-algorithms` to see available options. _Default: des3_
`key_pass` | String (Optional) | The desired passphrase for the key.
`owner` | String (optional) | The owner of all files created by the resource.
`group` | String (optional) | The group of all files created by the resource.
`mode` | String or Integer (Optional) | The permission mode of all files created by the resource. _Default: "0640"_
`force` | true/false (Optional) | Force creating the key even if the existing key exists. _Default: false_
#### Example Usage
In this example, an administrator wishes to create a new RSA private key file in order to generate other certificates and public keys. In order to create the key file, the administrator crafts this recipe:
```ruby
openssl_rsa_key '/etc/httpd/ssl/server.key' do
openssl_rsa_private_key '/etc/httpd/ssl/server.key' do
key_length 2048
end
```
When executed, this recipe will generate a passwordless RSA key file at `/etc/httpd/ssl/server.key`.
## License and Author
### openssl_rsa_public_key
Author:: Jesse Nelson ([spheromak@gmail.com](mailto:spheromak@gmail.com))<br>
Author:: Seth Vargo ([sethvargo@gmail.com](mailto:sethvargo@gmail.com))<br>
Author:: Charles Johnson ([charles@chef.io](mailto:charles@chef.io))<br>
Author:: Joshua Timberman ([joshua@chef.io](mailto:joshua@chef.io))
This resource generates rsa public key files given a private key.
```text
Copyright:: 2009-2016, Chef Software, Inc <legal@chef.io>
#### Properties
Name | Type | Description
--------------------- | ------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------
`path` | String (Optional) | Optional path to write the file to if you'd like to specify it here instead of in the resource name
`private_key_path` | String (Required unless private_key_content used) | The path to the private key to generate the public key from
`private_key_content` | String (Required unless private_key_path used) | The content of the private key including new lines. Used if you don't want to write a private key to disk and use `private_key_path`.
`private_key_pass` | String (Optional) | The passphrase of the provided private key
`owner` | String (optional) | The owner of all files created by the resource.
`group` | String (optional) | The group of all files created by the resource.
`mode` | String or Integer (Optional) | The permission mode of all files created by the resource. _Default: "0640"_
**Note**: To use `private_key_content` the private key string must be properly formatted including new lines. The easiest way to get the right string is to run the following from irb (/opt/chefdk/embedded/bin/irb from ChefDK)
```ruby
File.read('/foo/bar/private.pem')
```
#### Example Usage
```ruby
openssl_rsa_public_key '/etc/foo/something.pub' do
priv_key_path '/etc/foo/something.pem'
end
```
### openssl_ec_private_key
This resource generates ec private key files. If a valid ec key file can be opened at the specified location, no new file will be created. If the EC key file cannot be opened, either because it does not exist or because the password to the EC key file does not match the password in the recipe, it will be overwritten.
#### Properties
Name | Type | Description
------------ | ---------------------------- | -----------------------------------------------------------------------------------------------------------------------------------
`path` | String (Optional) | Optional path to write the file to if you'd like to specify it here instead of in the resource name
`key_curve` | String (Optional) | The desired curve of the generated key. Run `openssl ecparam -list_curves` to see available options. _Default: prime256v1
`key_cipher` | String (Optional) | The designed cipher to use when generating your key. Run `openssl list-cipher-algorithms` to see available options. _Default: des3_
`key_pass` | String (Optional) | The desired passphrase for the key.
`owner` | String (optional) | The owner of all files created by the resource.
`group` | String (optional) | The group of all files created by the resource.
`mode` | String or Integer (Optional) | The permission mode of all files created by the resource. _Default: "0640"_
`force` | true/false (Optional) | Force creating the key even if the existing key exists. _Default: false_
#### Example Usage
In this example, an administrator wishes to create a new EC private key file in order to generate other certificates and public keys. In order to create the key file, the administrator crafts this recipe:
```ruby
openssl_ec_private_key '/etc/httpd/ssl/server.key' do
key_curve "prime256v1'
end
```
When executed, this recipe will generate a passwordless EC key file at `/etc/httpd/ssl/server.key`.
### openssl_ec_public_key
This resource generates ec public key files given a private key.
#### Properties
Name | Type | Description
--------------------- | ------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------
`path` | String (Optional) | Optional path to write the file to if you'd like to specify it here instead of in the resource name
`private_key_path` | String (Required unless private_key_content used) | The path to the private key to generate the public key from
`private_key_content` | String (Required unless private_key_path used) | The content of the private key including new lines. Used if you don't want to write a private key to disk and use `private_key_path`.
`private_key_pass` | String (Optional) | The passphrase of the provided private key
`owner` | String (optional) | The owner of all files created by the resource. _Default: "root"_
`group` | String (optional) | The group of all files created by the resource. _Default: "root or wheel depending on platform"_
`mode` | String or Integer (Optional) | The permission mode of all files created by the resource. _Default: "0640"_
**Note**: To use `private_key_content` the private key string must be properly formatted including new lines. The easiest way to get the right string is to run the following from irb (/opt/chefdk/embedded/bin/irb from ChefDK)
```ruby
File.read('/foo/bar/private.pem')
```
#### Example Usage
```ruby
openssl_ec_public_key '/etc/foo/something.pub' do
priv_key_path '/etc/foo/something.pem'
end
```
## Maintainers
This cookbook is maintained by Chef's Community Cookbook Engineering team. Our goal is to improve cookbook quality and to aid the community in contributing to cookbooks. To learn more about our team, process, and design goals see our [team documentation](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/COOKBOOK_TEAM.MD). To learn more about contributing to cookbooks like this see our [contributing documentation](https://github.com/chef-cookbooks/community_cookbook_documentation/blob/master/CONTRIBUTING.MD), or if you have general questions about this cookbook come chat with us in #cookbok-engineering on the [Chef Community Slack](http://community-slack.chef.io/)
## License
**Copyright:** 2009-2018, Chef Software, Inc.
```
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

Some files were not shown because too many files have changed in this diff Show More