ops / cfe-server

C

cfe-server

Yet another wrapper that wraps other wrappers. Hopefully simplifies orchestration in Chromedia.

Public
Star
0
HTTP
876736fe Version v0.2.1. Add option to force create dir in 'filesystem' recipe, and other minor additions. · by nollieheel

cfe-server-cookbook

Integrates the common cookbooks used for most (staging) servers.

Supported Platforms

Tested on Ubuntu 14.04.

Attributes

Key Type Description Default
['cfe-server']['db']['mariadb']['install'] Boolean Whether or not to install MariaDB server recipe. false
['cfe-server']['db']['include_mariadb'] Boolean Whether or not to include any of the recipes for MariaDB at all (server, client, backup reloading, and auto-backup scripts). true
['cfe-server']['db']['include_mongodb'] Boolean Whether or not to include the recipe `mongodb3`. true
['cfe-server']['filesystem']['swapfile'] String/Boolean False Path to swap file. Set to false to disable creating swap file. false
['cfe-server']['filesystem']['swapsize'] String Size of swap file if enabled. '2G'
['cfe-server']['filesystem']['perms'] Array Custom permissions and/or ownerships to specific filesystem paths. Can also create directories if they don't exist. Please see the default attributes file for examples. []
['cfe-server']['filesystem']['symlinks'] Hash Symbolic links to create. Each property-to-value corresponds to a linkname-to-target pair. (See default attribute file for examples.) {}
['cfe-server']['tls']['include_letsencrypt'] Boolean Whether or not to include the recipe `cookbook-letsencrypt`. true
['cfe-server']['app']['include_postfix'] Boolean Whether or not to include the recipe `cfe-nginx-php-fpm::postfix'. true
['cfe-server']['app']['include_php'] Boolean Whether or not to include the recipe 'cfe-nginx-php-fpm::php-fpm'. true
['cfe-server']['app']['include_pma'] Boolean Whether or not to include the recipe 'cookbook-phpmyadmin'. false
['cfe-server']['app']['composer']['project_paths'] Array If using composer, list here the directories where composer should be initialized. []
['cfe-server']['misc']['cronjobs'] Array Specifications of cronjobs to be set up. Please see default attributes file for examples. []
['cfe-server']['misc']['logrotatejobs'] Array Specifications of logrotate jobs to be set up. Please see default attribute file for examples. []
['cfe-server']['web']['include_nginx'] Boolean Whether or not to include the recipe 'cfe-nginx-php-fpm::nginx'. true
['cfe-server']['monitor']['include_zabbix_agent'] Boolean Whether or not to include the recipe 'cookbook-zabbix::agent_package'. true

Usage

Secret Data Bag

A secret data bag named either prod, staging, or dev has to be created. In it should be an item named cfe-server-secret that contains the following properties:

iptables_ssh_ports is an array that contains ports to be used by sshd.

iptables_add_rules is an array of hashes that denote additional FILTER iptables rules to be created on the server. The hashes must conform to the format required by the cookbook cfe-simple-iptables.

ip_zabbix is the IP addres of the Zabbix Monitoring Server.

Example:

{
  "id": "cfe-server-secret",
  "iptables_ssh_ports": [ 8822 ],
  "iptables_add_rules": [
    {
      "name"  : "Custom rule for my app",
      "rule"  : "--proto tcp --dport 8080",
      "weight": 25
    }
  ],
  "ip_zabbix": "1.2.3.4"
}

cfe-server::default

Enter proper attributes for the different wrapped cookbooks, including this one. Create the secret data bag mentioned above. Then include cfe-server in your node's run_list:

{
  "run_list": [
    "recipe[cfe-server::default]"
  ]
}

License and Authors

Author:: Earth U. ()