From 1586fd536a7f64f82f059b54924155ef39ddb5a7 Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Sun, 27 Feb 2022 13:09:17 -0600 Subject: [PATCH 1/4] Remove superfluous license header --- site-cookbooks/sockethub/recipes/_firewall.rb | 21 ------------------- site-cookbooks/sockethub/recipes/default.rb | 21 ------------------- site-cookbooks/sockethub/recipes/proxy.rb | 21 ------------------- 3 files changed, 63 deletions(-) diff --git a/site-cookbooks/sockethub/recipes/_firewall.rb b/site-cookbooks/sockethub/recipes/_firewall.rb index dd61637..809d5a9 100644 --- a/site-cookbooks/sockethub/recipes/_firewall.rb +++ b/site-cookbooks/sockethub/recipes/_firewall.rb @@ -2,27 +2,6 @@ # Cookbook Name:: sockethub # Recipe:: _firewall # -# The MIT License (MIT) -# -# Copyright:: 2019, Kosmos Developers -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. unless node.chef_environment == "development" include_recipe "kosmos-base::firewall" diff --git a/site-cookbooks/sockethub/recipes/default.rb b/site-cookbooks/sockethub/recipes/default.rb index 59f6412..eaf9568 100644 --- a/site-cookbooks/sockethub/recipes/default.rb +++ b/site-cookbooks/sockethub/recipes/default.rb @@ -2,27 +2,6 @@ # Cookbook Name:: sockethub # Recipe:: default # -# The MIT License (MIT) -# -# Copyright:: 2019, Kosmos Developers -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. include_recipe 'kosmos-nodejs' include_recipe 'kosmos-redis' diff --git a/site-cookbooks/sockethub/recipes/proxy.rb b/site-cookbooks/sockethub/recipes/proxy.rb index 29c753c..7d2ff76 100644 --- a/site-cookbooks/sockethub/recipes/proxy.rb +++ b/site-cookbooks/sockethub/recipes/proxy.rb @@ -2,27 +2,6 @@ # Cookbook Name:: sockethub # Recipe:: proxy # -# The MIT License (MIT) -# -# Copyright:: 2019, Kosmos Developers -# -# Permission is hereby granted, free of charge, to any person obtaining a copy -# of this software and associated documentation files (the "Software"), to deal -# in the Software without restriction, including without limitation the rights -# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -# copies of the Software, and to permit persons to whom the Software is -# furnished to do so, subject to the following conditions: -# -# The above copyright notice and this permission notice shall be included in -# all copies or substantial portions of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -# THE SOFTWARE. include_recipe 'sockethub::_firewall' include_recipe 'kosmos-nginx' From b9775a26e49d486cc6c46456c97f0cc349fa47aa Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Sun, 27 Feb 2022 13:09:42 -0600 Subject: [PATCH 2/4] Rename sockethub firewall recipe Not just used internally anymore. --- nodes/nodejs-3.json | 2 +- site-cookbooks/sockethub/recipes/_firewall.rb | 3 +-- site-cookbooks/sockethub/recipes/firewall.rb | 14 ++++++++++++++ site-cookbooks/sockethub/recipes/proxy.rb | 2 +- 4 files changed, 17 insertions(+), 4 deletions(-) create mode 100644 site-cookbooks/sockethub/recipes/firewall.rb diff --git a/nodes/nodejs-3.json b/nodes/nodejs-3.json index 5bf6228..91f821a 100644 --- a/nodes/nodejs-3.json +++ b/nodes/nodejs-3.json @@ -61,7 +61,7 @@ "kosmos-nginx::firewall", "nodejs::npm", "nodejs::install", - "sockethub::_firewall" + "sockethub::firewall" ], "platform": "ubuntu", "platform_version": "20.04", diff --git a/site-cookbooks/sockethub/recipes/_firewall.rb b/site-cookbooks/sockethub/recipes/_firewall.rb index 809d5a9..08f58b0 100644 --- a/site-cookbooks/sockethub/recipes/_firewall.rb +++ b/site-cookbooks/sockethub/recipes/_firewall.rb @@ -1,6 +1,6 @@ # # Cookbook Name:: sockethub -# Recipe:: _firewall +# Recipe:: firewall # unless node.chef_environment == "development" @@ -12,4 +12,3 @@ unless node.chef_environment == "development" command :allow end end - diff --git a/site-cookbooks/sockethub/recipes/firewall.rb b/site-cookbooks/sockethub/recipes/firewall.rb new file mode 100644 index 0000000..08f58b0 --- /dev/null +++ b/site-cookbooks/sockethub/recipes/firewall.rb @@ -0,0 +1,14 @@ +# +# Cookbook Name:: sockethub +# Recipe:: firewall +# + +unless node.chef_environment == "development" + include_recipe "kosmos-base::firewall" + + firewall_rule 'sockethub' do + port node['sockethub']['external_port'].to_i + protocol :tcp + command :allow + end +end diff --git a/site-cookbooks/sockethub/recipes/proxy.rb b/site-cookbooks/sockethub/recipes/proxy.rb index 7d2ff76..a62b5fd 100644 --- a/site-cookbooks/sockethub/recipes/proxy.rb +++ b/site-cookbooks/sockethub/recipes/proxy.rb @@ -3,7 +3,7 @@ # Recipe:: proxy # -include_recipe 'sockethub::_firewall' +include_recipe 'sockethub::firewall' include_recipe 'kosmos-nginx' include_recipe "kosmos-base::letsencrypt" From 2e8004b37a46a614092fa48f81f658981468c56f Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Sun, 27 Feb 2022 13:10:00 -0600 Subject: [PATCH 3/4] Add sockethub::firewall to draco, update node info --- nodes/draco.kosmos.org.json | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/nodes/draco.kosmos.org.json b/nodes/draco.kosmos.org.json index c461387..cd07a03 100644 --- a/nodes/draco.kosmos.org.json +++ b/nodes/draco.kosmos.org.json @@ -12,16 +12,13 @@ "hostname": "draco", "ipaddress": "148.251.237.73", "roles": [ - "postgresql_primary" + ], "recipes": [ "kosmos-base", "kosmos-base::default", "kosmos_encfs", "kosmos_encfs::default", - "kosmos-postgresql", - "kosmos-postgresql::default", - "kosmos-postgresql::firewall_replicas", "kosmos_kvm::host", "kosmos-ejabberd::firewall", "kosmos-ipfs::firewall_swarm", @@ -29,10 +26,12 @@ "kosmos-bitcoin::firewall", "kosmos_zerotier::firewall", "kosmos-nginx::firewall", + "sockethub::firewall", "apt::default", "timezone_iii::default", "timezone_iii::debian", "ntp::default", + "ntp::apparmor", "kosmos-base::systemd_emails", "apt::unattended-upgrades", "kosmos-base::firewall", @@ -43,8 +42,7 @@ "postfix::sasl_auth", "hostname::default", "firewall::default", - "chef-sugar::default", - "build-essential::default" + "chef-sugar::default" ], "platform": "ubuntu", "platform_version": "20.04", @@ -69,6 +67,7 @@ "recipe[kosmos-ipfs::firewall_public_gateway]", "recipe[kosmos-bitcoin::firewall]", "recipe[kosmos_zerotier::firewall]", - "recipe[kosmos-nginx::firewall]" + "recipe[kosmos-nginx::firewall]", + "recipe[sockethub::firewall]" ] -} +} \ No newline at end of file From f50e7874baa08d48068439bd6177e876e6a71954 Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Sun, 27 Feb 2022 16:08:40 -0600 Subject: [PATCH 4/4] Remove old sockethub firewall recipe --- site-cookbooks/sockethub/recipes/_firewall.rb | 14 -------------- 1 file changed, 14 deletions(-) delete mode 100644 site-cookbooks/sockethub/recipes/_firewall.rb diff --git a/site-cookbooks/sockethub/recipes/_firewall.rb b/site-cookbooks/sockethub/recipes/_firewall.rb deleted file mode 100644 index 08f58b0..0000000 --- a/site-cookbooks/sockethub/recipes/_firewall.rb +++ /dev/null @@ -1,14 +0,0 @@ -# -# Cookbook Name:: sockethub -# Recipe:: firewall -# - -unless node.chef_environment == "development" - include_recipe "kosmos-base::firewall" - - firewall_rule 'sockethub' do - port node['sockethub']['external_port'].to_i - protocol :tcp - command :allow - end -end