ops / cfe-server · Commits

Commit 876736fe06f95d80cb49cdc23938c63590c173c6

Authored by nollieheel
Committed by Earth Ugat
1 parent c62158c2

Version v0.2.1. Add option to force create dir in 'filesystem' recipe, and other minor additions.

Inline Side-by-side
Showing 8 changed files with 52 additions and 23 deletions
@@ -2,11 +2,11 @@ source "https://supermarket.chef.io" @@ -2,11 +2,11 @@ source "https://supermarket.chef.io"
2 2
3 metadata 3 metadata
4 4
5 -cookbook 'cfe-users', git: 'https://gitlab.chromedia.com/ops/cfe-users.git', tag: 'v0.1.1' 5 +cookbook 'cfe-users', git: 'https://gitlab.chromedia.com/ops/cfe-users.git', tag: 'v0.2.0'
6 cookbook 'cfe-mariadb', git: 'https://gitlab.chromedia.com/ops/cfe-mariadb.git', tag: 'v0.5.1' 6 cookbook 'cfe-mariadb', git: 'https://gitlab.chromedia.com/ops/cfe-mariadb.git', tag: 'v0.5.1'
7 cookbook 'cfe-mongodb', git: 'https://gitlab.chromedia.com/ops/cfe-mongodb.git', tag: 'v0.1.0' 7 cookbook 'cfe-mongodb', git: 'https://gitlab.chromedia.com/ops/cfe-mongodb.git', tag: 'v0.1.0'
8 cookbook 'backup-file2s3', git: 'https://gitlab.chromedia.com/ops/backup-file2s3.git', tag: 'v0.4.1' 8 cookbook 'backup-file2s3', git: 'https://gitlab.chromedia.com/ops/backup-file2s3.git', tag: 'v0.4.1'
9 -cookbook 'cfe-nginx-php-fpm', git: 'https://gitlab.chromedia.com/ops/cfe-nginx-php-fpm.git', tag: 'v0.5.2' 9 +cookbook 'cfe-nginx-php-fpm', git: 'https://gitlab.chromedia.com/ops/cfe-nginx-php-fpm.git', tag: 'v0.5.5'
10 cookbook 'cfe-simple-iptables', git: 'https://gitlab.chromedia.com/ops/cfe-simple-iptables.git', tag: 'v0.1.0' 10 cookbook 'cfe-simple-iptables', git: 'https://gitlab.chromedia.com/ops/cfe-simple-iptables.git', tag: 'v0.1.0'
11 11
12 cookbook 'cookbook-letsencrypt', git: 'https://github.com/nollieheel/cookbook-letsencrypt.git', tag: 'v0.3.1' 12 cookbook 'cookbook-letsencrypt', git: 'https://github.com/nollieheel/cookbook-letsencrypt.git', tag: 'v0.3.1'
  1 +## 0.2.1 - 2017-05-12
  2 +### Added
  3 +- In the ['filesystem']['perms'] array, give an option to create a directory if it does not exist.
  4 +- ['misc']['sshd']['conf_path'] can now be set to false. Doing so will make the recipe not touch the sshd config file at all.
  5 +- Add option to not include the 'cfe-users' recipe.
  6 +
1 ## 0.2.0 - 2017-01-04 7 ## 0.2.0 - 2017-01-04
2 ### Added 8 ### Added
3 - Add dependency to 'cfe-mongodb' (removed 'mongodb3' direct dependency). 9 - Add dependency to 'cfe-mongodb' (removed 'mongodb3' direct dependency).
@@ -48,7 +48,7 @@ Tested on Ubuntu 14.04. @@ -48,7 +48,7 @@ Tested on Ubuntu 14.04.
48 <tr> 48 <tr>
49 <td><tt>['cfe-server']['filesystem']['perms']</tt></td> 49 <td><tt>['cfe-server']['filesystem']['perms']</tt></td>
50 <td>Array</td> 50 <td>Array</td>
51 - <td>Custom permissions and/or ownerships to specific filesystem paths. Please see the default attrbutes file for examples.</td> 51 + <td>Custom permissions and/or ownerships to specific filesystem paths. Can also create directories if they don't exist. Please see the default attributes file for examples.</td>
52 <td><tt>[]</tt></td> 52 <td><tt>[]</tt></td>
53 </tr> 53 </tr>
54 <tr> 54 <tr>
@@ -36,6 +36,8 @@ databag = @@ -36,6 +36,8 @@ databag =
36 end 36 end
37 secret = Chef::EncryptedDataBagItem.load(databag, "#{cb}-secret") 37 secret = Chef::EncryptedDataBagItem.load(databag, "#{cb}-secret")
38 38
  39 +default[cb]['os']['include_users'] = true
  40 +
39 default[cb]['db']['include_mongodb'] = true 41 default[cb]['db']['include_mongodb'] = true
40 default[cb]['db']['include_mariadb'] = true 42 default[cb]['db']['include_mariadb'] = true
41 default[cb]['db']['mariadb']['install'] = false 43 default[cb]['db']['mariadb']['install'] = false
@@ -44,10 +46,11 @@ default[cb]['filesystem']['swapfile'] = false @@ -44,10 +46,11 @@ default[cb]['filesystem']['swapfile'] = false
44 default[cb]['filesystem']['swapsize'] = '2G' 46 default[cb]['filesystem']['swapsize'] = '2G'
45 default[cb]['filesystem']['perms'] = [ 47 default[cb]['filesystem']['perms'] = [
46 # { 48 # {
47 -# :path => '/path',  
48 -# :owner => nil, # Optional  
49 -# :group => nil, # Optional  
50 -# :mode => nil # Optional 49 +# :path => '/path',
  50 +# :owner => nil, # Optional
  51 +# :group => nil, # Optional
  52 +# :mode => nil, # Optional
  53 +# :create => false # Optional, default: false
51 # } 54 # }
52 ] 55 ]
53 default[cb]['filesystem']['symlinks'] = { 56 default[cb]['filesystem']['symlinks'] = {
@@ -4,7 +4,7 @@ maintainer_email 'sysadmin@chromedia.com' @@ -4,7 +4,7 @@ maintainer_email 'sysadmin@chromedia.com'
4 license 'Apache License' 4 license 'Apache License'
5 description 'Simplifies setting up common Linux servers.' 5 description 'Simplifies setting up common Linux servers.'
6 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) 6 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
7 -version '0.2.0' 7 +version '0.2.1'
8 8
9 %w{ 9 %w{
10 cfe-users cfe-mariadb 10 cfe-users cfe-mariadb
@@ -67,16 +67,31 @@ end @@ -67,16 +67,31 @@ end
67 include_recipe 'backup-file2s3' 67 include_recipe 'backup-file2s3'
68 68
69 node[cookbook_name]['filesystem']['perms'].each do |perm| 69 node[cookbook_name]['filesystem']['perms'].each do |perm|
70 - if perm[:owner] && perm[:group]  
71 - execute "chown -R #{perm[:owner]}:#{perm[:group]} #{perm[:path]}"  
72 - elsif perm[:owner]  
73 - execute "chown -R #{perm[:owner]} #{perm[:path]}"  
74 - elsif perm[:group]  
75 - execute "chgrp -R #{perm[:group]} #{perm[:path]}"  
76 - end 70 + if ::Dir.exist?(perm[:path])
  71 +
  72 + if perm[:owner] && perm[:group]
  73 + execute "chown -R #{perm[:owner]}:#{perm[:group]} #{perm[:path]}"
  74 + elsif perm[:owner]
  75 + execute "chown -R #{perm[:owner]} #{perm[:path]}"
  76 + elsif perm[:group]
  77 + execute "chgrp -R #{perm[:group]} #{perm[:path]}"
  78 + end
  79 +
  80 + if perm[:mode]
  81 + execute "chmod -R #{perm[:mode]} #{perm[:path]}"
  82 + end
  83 +
  84 + else
  85 +
  86 + directory perm[:path] do
  87 + if perm[:owner] then owner perm[:owner] end
  88 + if perm[:group] then group perm[:group] end
  89 + if perm[:mode] then mode perm[:mode] end
  90 +
  91 + only_if { perm[:create] }
  92 + recursive true
  93 + end
77 94
78 - if perm[:mode]  
79 - execute "chmod -R #{perm[:mode]} #{perm[:path]}"  
80 end 95 end
81 end 96 end
82 97
@@ -50,11 +50,13 @@ node[cookbook_name]['misc']['logrotatejobs'].each do |ljob| @@ -50,11 +50,13 @@ node[cookbook_name]['misc']['logrotatejobs'].each do |ljob|
50 end 50 end
51 end 51 end
52 52
53 -template node[cookbook_name]['misc']['sshd']['conf_path'] do  
54 - mode 0644  
55 - variables(  
56 - :ports => node[cookbook_name]['misc']['sshd']['ports']  
57 - ) 53 +if node[cookbook_name]['misc']['sshd']['conf_path']
  54 + template node[cookbook_name]['misc']['sshd']['conf_path'] do
  55 + mode 0644
  56 + variables(
  57 + :ports => node[cookbook_name]['misc']['sshd']['ports']
  58 + )
  59 + end
58 end 60 end
59 61
60 include_recipe 'cfe-simple-iptables' 62 include_recipe 'cfe-simple-iptables'
@@ -20,4 +20,7 @@ @@ -20,4 +20,7 @@
20 20
21 include_recipe 'cookbook-updater::onetime' 21 include_recipe 'cookbook-updater::onetime'
22 include_recipe 'cookbook-updater::packages' 22 include_recipe 'cookbook-updater::packages'
23 -include_recipe 'cfe-users' 23 +
  24 +if node[cookbook_name]['os']['include_users']
  25 + include_recipe 'cfe-users'
  26 +end