Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge commit 'jtimberman/chef-337'

* commit 'jtimberman/chef-337':
  clarify comment on cookbook paths, add role_path
  Add top-level readme.
  Config files should be examples only, canonical versions of Chef configuration in opscode/cookbook for Chef
  chef-337, bring Rakefile in line with updates upstream with metadata, roles and rake.rb consistent with opscode/cookbook for chef.
  add roles directory with readme file.
  • Loading branch information...
commit 2f749ab0e7a22d02dbff02e44135be2d8ee6638e 2 parents 8e49626 + 45df40e
@jtimberman jtimberman authored
View
5 README
@@ -0,0 +1,5 @@
+This is a blank repository you can use as a starting point for your
+local chef configuration. For full details on the parts aside from
+information contained in the README files, see the Chef wiki document
+
+http://wiki.opscode.com/display/chef/Chef+Repository
View
160 Rakefile
@@ -18,164 +18,18 @@
# limitations under the License.
#
-require File.join(File.dirname(__FILE__), 'config', 'rake')
+require 'rubygems'
+require 'chef'
+require 'json'
-require 'tempfile'
+# Make sure you have loaded constants first
+require File.join(File.dirname(__FILE__), 'config', 'rake')
+# And choosen a VCS
if File.directory?(File.join(TOPDIR, ".svn"))
$vcs = :svn
elsif File.directory?(File.join(TOPDIR, ".git"))
$vcs = :git
end
-desc "Update your repository from source control"
-task :update do
- puts "** Updating your repository"
-
- case $vcs
- when :svn
- sh %{svn up}
- when :git
- pull = false
- pull = true if File.join(TOPDIR, ".git", "remotes", "origin")
- IO.foreach(File.join(TOPDIR, ".git", "config")) do |line|
- pull = true if line =~ /\[remote "origin"\]/
- end
- if pull
- sh %{git pull}
- else
- puts "* Skipping git pull, no origin specified"
- end
- else
- puts "* No SCM configured, skipping update"
- end
-end
-
-desc "Test your cookbooks for syntax errors"
-task :test do
- puts "** Testing your cookbooks for syntax errors"
-
- recipes = ["*cookbooks"].map { |folder|
- Dir[File.join(TOPDIR, folder, "**", "*.rb")]
- }.flatten
-
- recipes.each do |recipe|
- print "Testing recipe #{recipe}: "
- sh %{ruby -c #{recipe}} do |ok, res|
- if ! ok
- raise "Syntax error in #{recipe}"
- end
- end
- end
-end
-
-desc "Install the latest copy of the repository on this Chef Server"
-task :install => [ :update, :test ] do
- puts "** Installing your cookbooks"
- directories = [
- COOKBOOK_PATH,
- SITE_COOKBOOK_PATH,
- CHEF_CONFIG_PATH
- ]
- puts "* Creating Directories"
- directories.each do |dir|
- sh "sudo mkdir -p #{dir}"
- sh "sudo chown root #{dir}"
- end
- puts "* Installing new Cookbooks"
- sh "sudo rsync -rlP --delete --exclude '.svn' cookbooks/ #{COOKBOOK_PATH}"
- puts "* Installing new Site Cookbooks"
- sh "sudo rsync -rlP --delete --exclude '.svn' site-cookbooks/ #{SITE_COOKBOOK_PATH}"
- # puts "* Installing new Chef Server Config"
- # sh "sudo cp config/server.rb #{CHEF_SERVER_CONFIG}"
- # puts "* Installing new Chef Client Config"
- # sh "sudo cp config/client.rb #{CHEF_CLIENT_CONFIG}"
-end
-
-desc "By default, run rake test"
-task :default => [ :test ]
-
-desc "Create a new cookbook (with COOKBOOK=name, optional CB_PREFIX=site-)"
-task :new_cookbook do
- create_cookbook(File.join(TOPDIR, "#{ENV["CB_PREFIX"]}cookbooks"))
-end
-
-def create_cookbook(dir)
- raise "Must provide a COOKBOOK=" unless ENV["COOKBOOK"]
- puts "** Creating cookbook #{ENV["COOKBOOK"]}"
- sh "mkdir -p #{File.join(dir, ENV["COOKBOOK"], "attributes")}"
- sh "mkdir -p #{File.join(dir, ENV["COOKBOOK"], "recipes")}"
- sh "mkdir -p #{File.join(dir, ENV["COOKBOOK"], "definitions")}"
- sh "mkdir -p #{File.join(dir, ENV["COOKBOOK"], "libraries")}"
- sh "mkdir -p #{File.join(dir, ENV["COOKBOOK"], "files", "default")}"
- sh "mkdir -p #{File.join(dir, ENV["COOKBOOK"], "templates", "default")}"
- unless File.exists?(File.join(dir, ENV["COOKBOOK"], "recipes", "default.rb"))
- open(File.join(dir, ENV["COOKBOOK"], "recipes", "default.rb"), "w") do |file|
- file.puts <<-EOH
-#
-# Cookbook Name:: #{ENV["COOKBOOK"]}
-# Recipe:: default
-#
-# Copyright #{Time.now.year}, #{COMPANY_NAME}
-#
-EOH
- case NEW_COOKBOOK_LICENSE
- when :apachev2
- file.puts <<-EOH
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-EOH
- when :none
- file.puts <<-EOH
-# All rights reserved - Do Not Redistribute
-#
-EOH
- end
- end
- end
-end
-
-desc "Create a new self-signed SSL certificate for FQDN=foo.example.com"
-task :ssl_cert do
- $expect_verbose = true
- fqdn = ENV["FQDN"]
- fqdn =~ /^(.+?)\.(.+)$/
- hostname = $1
- domain = $2
- raise "Must provide FQDN!" unless fqdn && hostname && domain
- puts "** Creating self signed SSL Certificate for #{fqdn}"
- sh("(cd #{CADIR} && openssl genrsa 2048 > #{fqdn}.key)")
- sh("(cd #{CADIR} && chmod 644 #{fqdn}.key)")
- puts "* Generating Self Signed Certificate Request"
- tf = Tempfile.new("#{fqdn}.ssl-conf")
- ssl_config = <<EOH
-[ req ]
-distinguished_name = req_distinguished_name
-prompt = no
-
-[ req_distinguished_name ]
-C = #{SSL_COUNTRY_NAME}
-ST = #{SSL_STATE_NAME}
-L = #{SSL_LOCALITY_NAME}
-O = #{COMPANY_NAME}
-OU = #{SSL_ORGANIZATIONAL_UNIT_NAME}
-CN = #{fqdn}
-emailAddress = #{SSL_EMAIL_ADDRESS}
-EOH
- tf.puts(ssl_config)
- tf.close
- sh("(cd #{CADIR} && openssl req -config '#{tf.path}' -new -x509 -nodes -sha1 -days 3650 -key #{fqdn}.key > #{fqdn}.crt)")
- sh("(cd #{CADIR} && openssl x509 -noout -fingerprint -text < #{fqdn}.crt > #{fqdn}.info)")
- sh("(cd #{CADIR} && cat #{fqdn}.crt #{fqdn}.key > #{fqdn}.pem)")
- sh("(cd #{CADIR} && chmod 644 #{fqdn}.pem)")
-end
+load 'chef/tasks/chef_repo.rake'
View
13 config/client.rb
@@ -1,13 +0,0 @@
-#
-# Chef Client Config File
-#
-
-log_level :info
-log_location STDOUT
-ssl_verify_mode :verify_none
-registration_url "http://chef:4000"
-openid_url "http://chef:4001"
-template_url "http://chef:4000"
-remotefile_url "http://chef:4000"
-search_url "http://chef:4000"
-
View
22 config/client.rb.example
@@ -0,0 +1,22 @@
+#
+# Example Chef Client Config File
+#
+# We recommend using Opscode's chef cookbook for managing chef itself,
+# instead of using this file.
+
+log_level :info
+log_location STDOUT
+ssl_verify_mode :verify_none
+registration_url "https://chef.localdomain"
+openid_url "https://chef.localdomain"
+template_url "https://chef.localdomain"
+remotefile_url "https://chef.localdomain"
+search_url "https://chef.localdomain"
+role_url "https://chef.localdomain"
+
+file_store_path "/srv/chef/file_store"
+file_cache_path "/srv/chef/cache"
+
+pid_file "/var/run/chef/chef-client.pid"
+
+Chef::Log::Formatter.show_time = true
View
17 config/rake.rb
@@ -9,16 +9,16 @@
SSL_COUNTRY_NAME = "US"
# The State Name to use for SSL Certificates
-SSL_STATE_NAME = "Washington"
+SSL_STATE_NAME = "Several"
# The Locality Name for SSL - typically, the city
-SSL_LOCALITY_NAME = "Seattle"
+SSL_LOCALITY_NAME = "Locality"
# What department?
SSL_ORGANIZATIONAL_UNIT_NAME = "Operations"
# The SSL contact email address
-SSL_EMAIL_ADDRESS = "operations@example.com"
+SSL_EMAIL_ADDRESS = "ops@example.com"
# License for new Cookbooks
# Can be :apachev2 or :none
@@ -28,11 +28,14 @@
# Chef Repository Layout #
##########################
-# Where to find upstream cookbooks
-COOKBOOK_PATH = "/var/chef/cookbooks"
+# Where to install upstream cookbooks for serving
+COOKBOOK_PATH = "/srv/chef/cookbooks"
-# Where to find site-local modifications to upstream cookbooks
-SITE_COOKBOOK_PATH = "/var/chef/site-cookbooks"
+# Where to install site-local modifications to upstream cookbooks
+SITE_COOKBOOK_PATH = "/srv/chef/site-cookbooks"
+
+# Where to install roles
+ROLE_PATH = "/srv/chef/roles"
# Chef Config Path
CHEF_CONFIG_PATH = "/etc/chef"
View
16 config/server.rb
@@ -1,16 +0,0 @@
-#
-# Chef Server Config File
-#
-
-log_level :info
-log_location STDOUT
-ssl_verify_mode :verify_none
-registration_url "http://chef:4000"
-openid_url "http://chef:4001"
-template_url "http://chef:4000"
-remotefile_url "http://chef:4000"
-search_url "http://chef:4000"
-cookbook_path [ "/var/chef/site-cookbooks", "/var/chef/cookbooks" ]
-merb_log_path "/var/log/chef-server-merb.log"
-
-Chef::Log::Formatter.show_time = false
View
33 config/server.rb.example
@@ -0,0 +1,33 @@
+#
+# Example Chef Server Config File
+#
+# We recommend using Opscode's chef cookbook for managing chef itself,
+# instead of using this file.
+
+log_level :info
+log_location "/var/log/chef/server.log"
+ssl_verify_mode :verify_none
+registration_url "https://localhost"
+openid_url "https://localhost"
+template_url "https://localhost"
+remotefile_url "https://localhost"
+search_url "https://localhost"
+role_url "https://localhost"
+
+#validation_token "change_this_token"
+
+cookbook_path [ "/srv/chef/site-cookbooks", "/srv/chef/cookbooks" ]
+
+file_store_path "/srv/chef/file_store"
+file_cache_path "/srv/chef/cache"
+node_path "/srv/chef/nodes"
+openid_store_path "/srv/chef/openid/store"
+openid_cstore_path "/srv/chef/openid/cstore"
+search_index_path "/srv/chef/search_index"
+
+# uncomment and modify to allow specific openid providers
+#openid_providers [ "https://localhost", "https://chef" ]
+# uncomment and modify to lock down openid identifiers, ie 'some_user.myopenid.com'
+#authorized_openid_identifiers [ "" ]
+
+Chef::Log::Formatter.show_time = true
View
2  config/solo.rb → config/solo.rb.example
@@ -4,6 +4,6 @@
log_level :info
log_location STDOUT
-file_cache_path "/var/chef/cookbooks"
+file_cache_path "/srv/chef/cookbooks"
ssl_verify_mode :verify_none
Chef::Log::Formatter.show_time = false
View
1  roles/README
@@ -0,0 +1 @@
+Create roles here, in either .rb or .json files. Any roles created here win vs those created in the webui.
Please sign in to comment.
Something went wrong with that request. Please try again.