kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity

Fix Sockethub being offline due to missing HAProxy and UFW configs #392

Merged
raucao merged 4 commits from bugfix/sockethub_firewall into master 2022-03-02 15:57:06 +00:00
Conversation 0 Commits 4 Files Changed 6 +23 -88
6 changed files with 23 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
nodes/draco.kosmos.org.json
View File

@ -12,16 +12,13 @@
"hostname": "draco",
"ipaddress": "148.251.237.73",
"roles": [
"postgresql_primary"
],
"recipes": [
"kosmos-base",
"kosmos-base::default",
"kosmos_encfs",
"kosmos_encfs::default",
"kosmos-postgresql",
"kosmos-postgresql::default",
"kosmos-postgresql::firewall_replicas",
"kosmos_kvm::host",
"kosmos-ejabberd::firewall",
"kosmos-ipfs::firewall_swarm",
@ -29,10 +26,12 @@
"kosmos-bitcoin::firewall",
"kosmos_zerotier::firewall",
"kosmos-nginx::firewall",
"sockethub::firewall",
"apt::default",
"timezone_iii::default",
"timezone_iii::debian",
"ntp::default",
"ntp::apparmor",
"kosmos-base::systemd_emails",
"apt::unattended-upgrades",
"kosmos-base::firewall",
@ -43,8 +42,7 @@
"postfix::sasl_auth",
"hostname::default",
"firewall::default",
"chef-sugar::default",
"build-essential::default"
"chef-sugar::default"
],
"platform": "ubuntu",
"platform_version": "20.04",
@ -69,6 +67,7 @@
"recipe[kosmos-ipfs::firewall_public_gateway]",
"recipe[kosmos-bitcoin::firewall]",
"recipe[kosmos_zerotier::firewall]",
"recipe[kosmos-nginx::firewall]"
"recipe[kosmos-nginx::firewall]",
"recipe[sockethub::firewall]"
]
}

2
nodes/nodejs-3.json
View File

@ -61,7 +61,7 @@
"kosmos-nginx::firewall",
"nodejs::npm",
"nodejs::install",
"sockethub::_firewall"
"sockethub::firewall"
],
"platform": "ubuntu",
"platform_version": "20.04",

36
site-cookbooks/sockethub/recipes/_firewall.rb
View File

@ -1,36 +0,0 @@
#
# Cookbook Name:: sockethub
# Recipe:: _firewall
#
# The MIT License (MIT)
#
# Copyright:: 2019, Kosmos Developers
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
unless node.chef_environment == "development"
include_recipe "kosmos-base::firewall"
firewall_rule 'sockethub' do
port node['sockethub']['external_port'].to_i
protocol :tcp
command :allow
end
end

21
site-cookbooks/sockethub/recipes/default.rb
View File

@ -2,27 +2,6 @@
# Cookbook Name:: sockethub
# Recipe:: default
#
# The MIT License (MIT)
#
# Copyright:: 2019, Kosmos Developers
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe 'kosmos-nodejs'
include_recipe 'kosmos-redis'

14
site-cookbooks/sockethub/recipes/firewall.rb Normal file
View File

@ -0,0 +1,14 @@
#
# Cookbook Name:: sockethub
# Recipe:: firewall
#
unless node.chef_environment == "development"
include_recipe "kosmos-base::firewall"
firewall_rule 'sockethub' do
port node['sockethub']['external_port'].to_i
protocol :tcp
command :allow
end
end

23
site-cookbooks/sockethub/recipes/proxy.rb
View File

@ -2,29 +2,8 @@
# Cookbook Name:: sockethub
# Recipe:: proxy
#
# The MIT License (MIT)
#
# Copyright:: 2019, Kosmos Developers
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
include_recipe 'sockethub::_firewall'
include_recipe 'sockethub::firewall'
include_recipe 'kosmos-nginx'
include_recipe "kosmos-base::letsencrypt"