A base cookbook for provisioning a base LAMP-stack, primarily suited for local development environments served by Vagrant.
Compatible with RHEL and Debian platform families (including CentOS, Ubuntu and Amazon Linux).
Provides the following software:
- Apache2
- PHP5
- MySQL
- memcached
- Self-signed SSL wildcard certificate
-
Ensure you have the following dependencies installed:
-
vagrant-berkshelfplugin$ vagrant plugin install vagrant-berkshelf -
OPTIONAL:
vagrant-omnibusplugin (ensures Chef is installed on the Guest OS)$ vagrant plugin install vagrant-omnibusNote: This step is required if using a box that does not distribute with Chef.
-
OPTIONAL:
vagrant-vbguestplugin (ensures VirtualBox Guest Additions is up-to-date on the Guest OS)$ vagrant plugin install vagrant-vbguest
-
Download the template Berksfile and Vagrantfile into your application:
$ cd path/to/my/app $ wget https://raw.github.com/apancutt/lampbase/master/{Vagrantfile,Berksfile}.dist $ mv Vagrantfile{.dist,} && mv Berksfile{.dist,} -
Open
Vagrantfileand modify set theapp_nameparameter. Feel free to bastardize this file as deemed necessary. -
Boot your VM:
$ vagrant up --provision -
Add the configured private IP (default
10.100.10.101to your Host VM):10.100.10.101 myapp.localhost.dev
By 'trusting' the CA certificate on your Host machine, you will be able to navigate to your app over HTTPS without being nagged by your browser.
-
Depending on your Host OS, usually you can just double click this file to add it to your trusted certificates. If not, check Google.
Perhaps you already have a CA certificate that you use to self-sign SSL certificates. Or perhaps you're concerned about using publicly-provided keys. Either way, you can create and use your own CA certificates to sign the SSL certificate used by the vhost.
Skip this step if you already have a CA key and certificate.
-
Download the template configuration file:
$ wget -O openssl.cnf https://raw.github.com/apancutt/lampbase/master/templates/default/openssl.cnf.erb -
Generate the CA key:
$ openssl genrsa -out ca.key 4096 -
Create the CA certificate:
$ openssl req -sha256 -new -x509 -days 36524 -key ca.key -out ca.crt -config openssl.cnf -extensions v3_req_ca -subj "/CN=localhost"
-
Create a new local cookbook:
-
Create the cookbook folders:
$ mkdir -p lampbase-local/files/default -
Create the cookbook Berksfile:
$ echo 'source "https://supermarket.getchef.com"' > lampbase-local/Berksfile $ echo 'metadata' >> lampbase-local/Berksfile -
Configure the cookbook metadata:
$ echo 'name "lampbase-local"' > lampbase-local/metadata.rb $ echo 'depends "lampbase"' >> lampbase-local/metadata.rb -
Copy your CA key and certificate into the cookbook:
$ cp /path/to/my/ca.key lampbase-local/files/default/ca.key $ cp /path/to/my/ca.crt lampbase-local/files/default/ca.crt
Note: You could have used
berks cookbook lampbase-localto have Berkshelf generate the cookbook skeleton for you; but that's too much for what we need here. -
-
Add your new cookbook to your application's Berksfile:
echo 'cookbook "lampbase-local", path: "./lampbase-local"' >> Berksfile -
Configure the location of the CA files in your Vagrantfile:
lampbase: { app_name: app_name, # Configure lampbase to obtain the CA files from your lampbase-local cookbook ca_key_file_cookbook: "lampbase-local", ca_crt_file_cookbook: "lampbase-local" } -
Build it!
-
From scratch:
$ vagrant up --provision -
Existing box:
You will first need to remove the existing SSL certificates else the provisioner will skip creating SSL certificates.
$ vagrant ssh $ sudo su root -c 'rm -f /etc/apache2/ssl/*' $ exit $ vagrant reload --provision
-