cfe-server-cookbook
Integrates the common cookbooks used for most (staging) servers.
Supported Platforms
Tested on Ubuntu 14.04.
Attributes
| Key | Type | Description | Default |
|---|---|---|---|
| ['cfe-server']['db']['mariadb']['install'] | Boolean | Whether or not to install MariaDB server recipe. | false |
| ['cfe-server']['db']['include_mariadb'] | Boolean | Whether or not to include any of the recipes for MariaDB at all (server, client, backup reloading, and auto-backup scripts). | true |
| ['cfe-server']['db']['include_mongodb'] | Boolean | Whether or not to include the recipe `mongodb3`. | true |
| ['cfe-server']['filesystem']['swapfile'] | String/Boolean False | Path to swap file. Set to false to disable creating swap file. | false |
| ['cfe-server']['filesystem']['swapsize'] | String | Size of swap file if enabled. | '2G' |
| ['cfe-server']['filesystem']['perms'] | Array | Custom permissions and/or ownerships to specific filesystem paths. Can also create directories if they don't exist. Please see the default attributes file for examples. | [] |
| ['cfe-server']['filesystem']['symlinks'] | Hash | Symbolic links to create. Each property-to-value corresponds to a linkname-to-target pair. (See default attribute file for examples.) | {} |
| ['cfe-server']['tls']['include_letsencrypt'] | Boolean | Whether or not to include the recipe `cookbook-letsencrypt`. | true |
| ['cfe-server']['app']['include_postfix'] | Boolean | Whether or not to include the recipe `cfe-nginx-php-fpm::postfix'. | true |
| ['cfe-server']['app']['include_php'] | Boolean | Whether or not to include the recipe 'cfe-nginx-php-fpm::php-fpm'. | true |
| ['cfe-server']['app']['include_pma'] | Boolean | Whether or not to include the recipe 'cookbook-phpmyadmin'. | false |
| ['cfe-server']['app']['composer']['project_paths'] | Array | If using composer, list here the directories where composer should be initialized. | [] |
| ['cfe-server']['misc']['cronjobs'] | Array | Specifications of cronjobs to be set up. Please see default attributes file for examples. | [] |
| ['cfe-server']['misc']['logrotatejobs'] | Array | Specifications of logrotate jobs to be set up. Please see default attribute file for examples. | [] |
| ['cfe-server']['web']['include_nginx'] | Boolean | Whether or not to include the recipe 'cfe-nginx-php-fpm::nginx'. | true |
| ['cfe-server']['monitor']['include_zabbix_agent'] | Boolean | Whether or not to include the recipe 'cookbook-zabbix::agent_package'. | true |
Usage
Secret Data Bag
A secret data bag named either prod, staging, or dev has to be created. In it should be an item named cfe-server-secret that contains the following properties:
iptables_ssh_ports is an array that contains ports to be used by sshd.
iptables_add_rules is an array of hashes that denote additional FILTER iptables rules to be created on the server. The hashes must conform to the format required by the cookbook cfe-simple-iptables.
ip_zabbix is the IP addres of the Zabbix Monitoring Server.
Example:
{
"id": "cfe-server-secret",
"iptables_ssh_ports": [ 8822 ],
"iptables_add_rules": [
{
"name" : "Custom rule for my app",
"rule" : "--proto tcp --dport 8080",
"weight": 25
}
],
"ip_zabbix": "1.2.3.4"
}cfe-server::default
Enter proper attributes for the different wrapped cookbooks, including this one. Create the secret data bag mentioned above. Then include cfe-server in your node's run_list:
{
"run_list": [
"recipe[cfe-server::default]"
]
}License and Authors
Author:: Earth U. ()