Commit Graph

49 Commits

Author SHA1 Message Date
Greg Karékinian 57d0885d26 Change the licenses of hte kosmos cookbooks to MIT 2019-04-12 11:41:20 +02:00
Greg Karékinian 12355a6b27 Add a base role, so that chef is updated before anything else 2019-04-08 17:58:02 +02:00
Greg Karékinian 4b75ae78dc Set the minimum Chef version since it depends on the new sudo resource 2019-04-08 12:31:47 +02:00
Greg Karékinian 6e3e8cde1b Create the Let's Encrypt hook subdirectories 2019-04-08 11:16:38 +02:00
Greg Karékinian b1a3c5e2cd Revert "Revert "Remove the sudo cookbook""
This reverts commit 87d7c721b1.
2019-04-03 12:52:40 +02:00
Greg Karékinian 2f05629fde Revert "Revert "Update Chef to 14.11.21""
This reverts commit db4b45b5c2.
2019-04-03 12:52:32 +02:00
Greg Karékinian 87d7c721b1 Revert "Remove the sudo cookbook"
This reverts commit 73d1722d4b.
2019-04-03 10:30:38 +02:00
Greg Karékinian db4b45b5c2 Revert "Update Chef to 14.11.21"
This reverts commit 2f599ffd6d.
2019-04-03 10:30:24 +02:00
Greg Karékinian 73d1722d4b Remove the sudo cookbook
Chef 14 ships with a sudo resource:
https://docs.chef.io/resource_sudo.html
2019-04-02 12:17:06 +02:00
Greg Karékinian 2f599ffd6d Update Chef to 14.11.21
Closes #21
2019-04-02 12:16:13 +02:00
Greg Karékinian 5fa0fa661b Install certbot from the direct download when on 15.04
It does not have a ppa release. Add a cron job for renewal. When using
the PPA a Systemd timer is part of the package
2019-03-18 16:52:05 +01:00
Greg Karékinian b30dcab4da Remove an IPFS port from the ejabberd firewall 2019-03-15 12:30:56 +01:00
Greg Karékinian c3135402ad Move the nginx hook to the deploy directory, create renewal-hooks dir 2019-03-14 20:21:34 +01:00
Greg Karékinian f12ddefec8 Move the Gandi DNS hook for certbot to the kosmos-base cookbook 2019-03-14 18:01:29 +01:00
Greg Karékinian 65482f09c3 Extract the post hooks to their own script in Certbot's config dir 2019-03-14 15:21:50 +01:00
Greg Karékinian fa27187f11 Switch from the git version of certbot to the Ubuntu PPA 2019-03-14 10:49:47 +01:00
basti 0ea1971b6c Open up some more ports in firewall
From some manual playing around.
2019-02-28 17:19:06 +07:00
Greg Karékinian 56d14748f9 Fix the Let's Encrypt renew hook script
Only copy over the certs to the prosody directory if it's the 5apps.com
wildcard, not for any 5apps.com subdomain
2018-12-20 17:26:37 +01:00
Greg Karékinian 185649a5f9 Automatically generate a Let's Encrypt cert for all 5apps xmpp domains
Uses the Gandi LiveDNS API
2018-09-04 17:38:17 +02:00
basti 214e69427e Open up port for Prosody HTTP uploads 2018-09-04 14:14:02 +08:00
basti db039a185a Update certbot 2018-06-13 18:52:13 +02:00
Greg Karékinian 7165bf49c6 Add missing recipe, used to set up andromeda's firewall rules 2018-06-07 12:33:38 +02:00
Greg Karékinian b35c4bc097 Update Chef version 2018-04-17 16:08:15 +02:00
Greg Karékinian bd71418ec2 Changes for the new sudo cookbook 2018-04-17 13:18:36 +02:00
Greg Karékinian 49664dbc8d The renew hook now needs to be an executable in the path
An absolute path doesn't work anymore.

Also send an email containing STDERR when the renewal command fails
2017-09-22 11:53:01 +02:00
Greg Karékinian f93070c4c0 Replace timezone-ii cookbook with timezone_iii
This fork supports Chef 13 and is still maintained
2017-06-16 13:10:46 +02:00
Greg Karékinian 189b66a36f Update Chef to 12.20.3 2017-06-16 11:43:24 +02:00
Greg Karékinian 5534b57752 Add ntp package and don't run most kosmos-base things in development 2017-06-09 21:18:44 +02:00
Greg Karékinian 26097197ca Don't create users and rewrite the sudo config in dev environment
It breaks the vagrant user
2017-06-09 16:43:26 +02:00
Greg Karékinian 5385813eda Merge branch 'master' into feature/ubuntu-16.04 2017-06-09 16:36:19 +02:00
Greg Karékinian afc07c3192 Add more secure sudo configuration
Also update the sudo cookbook
2017-06-09 16:08:36 +02:00
Greg Karékinian 943b4ace1f Replace omnibus_updater with chef_client_updater
omnibus_updater is deprecated
2017-05-02 11:53:33 +02:00
Greg Karékinian 030b2501eb Fix implicit dependency on firewall cookbook in kosmos-base
Also delete ufw cookbook, we're not using it
2017-05-02 11:46:56 +02:00
basti 54332db8de Use ruby-build for Mastodon, update cookbooks
This uses the ruby_build provider for Mastodon, installing Ruby 2.4.1
currently. It also updates some other cookbooks and the runlists.
2017-04-17 11:40:31 +02:00
Greg Karékinian de11c0d691 Set up an instance of Mastodon for Kosmos
Refs #19

Use new application cookbook, update our cookbooks
2017-04-06 21:20:51 +02:00
Greg Karékinian 14542f8419 Do not require the deprecated users::sysadmins recipe
Write the 4 lines of code instead
2017-03-20 13:17:32 +00:00
Greg Karékinian 4a63e806bc Remove dependency on chef-solo-search
We are using chef-zero, we do not need it anymore
2017-03-20 13:16:27 +00:00
Greg Karékinian e57ee1590e Update Chef to 12.19.36 2017-03-20 13:16:11 +00:00
Greg Karékinian 9436284be2 Use the latest certbot instead of the old letsencrypt 2017-03-19 20:05:09 +00:00
Greg Karékinian 98ba42b157 Fix the frequency of the Let's Encrypt script (run every day) 2017-01-26 05:52:11 +00:00
basti b431e75e79 Use latest Chef 2017-01-20 10:32:32 +08:00
Greg Karékinian ad4200e558 Restart nginx after renewing the Let's Encrypt cert 2016-10-06 13:57:20 +02:00
Greg Karékinian 096b4900bd Add missing Let's Encrypt recipe
Also declare cron job to renew certs

Refs #6
2016-05-06 17:02:41 +02:00
Greg Karékinian da39a04552 Update Chef to 12.9.38 2016-04-22 14:35:14 +02:00
Greg Karékinian 255ff036c3 Update firewall_rule resource
Updated cookbook
2016-02-19 18:11:43 +01:00
Greg Karékinian 17fca99aae Update Chef to 12.6.0 2016-01-22 22:22:24 +00:00
Greg Karékinian b9e9a59d54 Add timezone-ii cookbook to set timezone to UTC 2016-01-21 23:47:28 +00:00
Greg Karékinian a5622d2209 Add firewall rules for mosh 2016-01-16 16:02:26 -05:00
Greg Karékinian ee4079fa85 Initial Chef repository 2015-07-21 19:45:23 +02:00