diff --git a/bootstrap/attributes/bootstrap.rb b/bootstrap/attributes/bootstrap.rb index 5b2515efc..00024ac67 100644 --- a/bootstrap/attributes/bootstrap.rb +++ b/bootstrap/attributes/bootstrap.rb @@ -21,6 +21,7 @@ chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a 20.times { |i| validation_token << chars[rand(chars.size-1)] } +set_unless[:bootstrap][:chef][:umask] = 0022 set_unless[:bootstrap][:chef][:url_type] = "http" set_unless[:bootstrap][:chef][:init_style] = "runit" set_unless[:bootstrap][:chef][:path] = "/srv/chef" @@ -28,8 +29,8 @@ set_unless[:bootstrap][:chef][:cache_path] = "/#{bootstrap[:chef][:path]}/cache" set_unless[:bootstrap][:chef][:serve_path] = "/srv/chef" -set_unless[:bootstrap][:chef][:server_version] = "0.7.14" -set_unless[:bootstrap][:chef][:client_version] = "0.7.14" +set_unless[:bootstrap][:chef][:server_version] = "0.7.16" +set_unless[:bootstrap][:chef][:client_version] = "0.7.16" set_unless[:bootstrap][:chef][:client_interval] = "1800" set_unless[:bootstrap][:chef][:client_splay] = "20" set_unless[:bootstrap][:chef][:log_dir] = "/var/log/chef" diff --git a/bootstrap/metadata.rb b/bootstrap/metadata.rb index 1aa55c595..f24a02088 100644 --- a/bootstrap/metadata.rb +++ b/bootstrap/metadata.rb @@ -3,7 +3,7 @@ license "Apache 2.0" description "Configures RubyGems-installed Chef" long_description IO.read(File.join(File.dirname(__FILE__), 'README.rdoc')) -version "0.1" +version "0.2" %w{ ubuntu debian redhat centos fedora freebsd openbsd }.each do |os| supports os diff --git a/bootstrap/templates/default/server.rb.erb b/bootstrap/templates/default/server.rb.erb index 6c43329ac..941e3d891 100644 --- a/bootstrap/templates/default/server.rb.erb +++ b/bootstrap/templates/default/server.rb.erb @@ -24,6 +24,8 @@ openid_cstore_path "<%= @node[:bootstrap][:chef][:path] %>/openid/cstore" search_index_path "<%= @node[:bootstrap][:chef][:path] %>/search_index" role_path "<%= @node[:bootstrap][:chef][:serve_path] %>/roles" +umask <%= @node[:bootstrap][:chef][:umask] %> + # See http://wiki.opscode.com/display/chef/Securing+Chef+Server # For more information on these settings. #authorized_openid_providers [ "https://<%= @node[:bootstrap][:chef][:server_fqdn]%>", "https://chef", "myopenid.com" ] diff --git a/chef/attributes/chef.rb b/chef/attributes/chef.rb index 70f9f93e6..7f24af816 100644 --- a/chef/attributes/chef.rb +++ b/chef/attributes/chef.rb @@ -21,6 +21,7 @@ chars = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a 20.times { |i| validation_token << chars[rand(chars.size-1)] } +set_unless[:chef][:umask] = 0022 set_unless[:chef][:url_type] = "http" set_unless[:chef][:init_style] = "runit" @@ -37,8 +38,8 @@ set_unless[:chef][:serve_path] = "/srv/chef" end -set_unless[:chef][:server_version] = "0.7.14" -set_unless[:chef][:client_version] = "0.7.14" +set_unless[:chef][:server_version] = "0.7.16" +set_unless[:chef][:client_version] = "0.7.16" set_unless[:chef][:client_interval] = "1800" set_unless[:chef][:client_splay] = "20" set_unless[:chef][:log_dir] = "/var/log/chef" diff --git a/chef/metadata.rb b/chef/metadata.rb index 27086ab67..b465d13cc 100644 --- a/chef/metadata.rb +++ b/chef/metadata.rb @@ -3,7 +3,7 @@ license "Apache 2.0" description "Installs and configures chef client and server" long_description IO.read(File.join(File.dirname(__FILE__), 'README.rdoc')) -version "0.12" +version "0.13" recipe "chef::client", "Sets up a client to talk to a chef-server" recipe "chef::server", "Configures a chef-server as a passenger application" diff --git a/chef/templates/default/server.rb.erb b/chef/templates/default/server.rb.erb index 7258e115a..cc0ddf4a5 100644 --- a/chef/templates/default/server.rb.erb +++ b/chef/templates/default/server.rb.erb @@ -24,6 +24,8 @@ openid_cstore_path "<%= @node[:chef][:path] %>/openid/cstore" search_index_path "<%= @node[:chef][:path] %>/search_index" role_path "<%= @node[:chef][:serve_path] %>/roles" +umask <%= @node[:chef][:umask] %> + # See http://wiki.opscode.com/display/chef/Securing+Chef+Server # For more information on these settings. #authorized_openid_providers [ "https://<%= @node[:chef][:server_fqdn]%>", "https://chef", "myopenid.com" ]