Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

fixed ubuntu recipe: hetzner apt reps are now usable

  • Loading branch information...
commit b92160c16ca928d6278852c0ef7b079b6f16761f 1 parent 485b2e4
authored July 10, 2012
6  chef/site-cookbooks/jenkins/templates/default/nginx_jenkins.conf.erb
@@ -16,6 +16,12 @@ server {
16 16
 server {
17 17
 <% @listen_ports.each do |port| -%>
18 18
   listen            <%= port %>;
  19
+
  20
+  <% if port.to_s == '443' %>
  21
+  ssl on;
  22
+  ssl_certificate      /etc/nginx/cert/jenkins_cert.pem;
  23
+  ssl_certificate_key  /etc/nginx/cert/jenkins_cert.key;
  24
+  <% end -%>
19 25
 <% end -%>
20 26
   server_name       <%= @host_name %><% @host_aliases.each do |a| %><%= " #{a}" %> <% end %>;
21 27
 
59  chef/site-cookbooks/server/recipes/dev_server.rb
@@ -36,6 +36,35 @@
36 36
   source 'iptables/drop_and_logging.erb'
37 37
 end
38 38
 
  39
+# ssl
  40
+directory "#{node[:nginx][:dir]}/cert" do
  41
+  owner "root"
  42
+  group "root"
  43
+  mode "0755"
  44
+  action :create
  45
+end
  46
+node[:certificates].each do |cert|
  47
+  name = cert[:name]
  48
+
  49
+  #With Startssl and Nginx:
  50
+  #ssl  on;
  51
+  #ssl_certificate  /etc/nginx/ssl/ssl.crt;
  52
+  #ssl_certificate_key  /etc/nginx/ssl/blog.key;
  53
+  #
  54
+  #Nginx doesn’t do SSL certificate chaining like Apache2 does. In order to get the ca.pem and sub.class1.server.ca.pem onto your install just append the two files to your certificate file.
  55
+  #openssl rsa -in ssl.key -out /etc/nginx/conf/ssl.key
  56
+  #curl http://www.startssl.com/certs/sub.class1.server.ca.pem >>ssl.crt
  57
+  #curl http://www.startssl.com/certs/ca.pem >>ssl.crt
  58
+
  59
+  cert[:files].each do |key, value|
  60
+    user "root"
  61
+    group "root"
  62
+    template "#{node[:nginx][:dir]}/cert/#{name}_cert.#{key}" do
  63
+      source value
  64
+    end
  65
+  end
  66
+end if node[:certificates]
  67
+
39 68
 require_recipe "nginx::source"
40 69
 require_recipe "unicorn"
41 70
 require_recipe "memcached"
@@ -64,6 +93,7 @@
64 93
 
65 94
 node[:jenkins][:http_proxy][:host_name] = "jenkins.#{node.application.domain}"
66 95
 node[:jenkins][:http_proxy][:variant] = 'nginx'
  96
+#node[:jenkins][:http_proxy][:listen_ports] = [ 443 ]
67 97
 require_recipe "jenkins"
68 98
 
69 99
 %w(xvfb).each do |pkg|
@@ -81,32 +111,3 @@
81 111
 
82 112
 node[:tz] = 'Europe/Berlin'
83 113
 require_recipe "timezone"
84  
-
85  
-# ssl
86  
-directory "#{node[:nginx][:dir]}/cert" do
87  
-  owner "root"
88  
-  group "root"
89  
-  mode "0755"
90  
-  action :create
91  
-end
92  
-node[:certificates].each do |cert|
93  
-  name = cert[:name]
94  
-
95  
-  #With Startssl and Nginx:
96  
-  #ssl  on;
97  
-  #ssl_certificate  /etc/nginx/ssl/ssl.crt;
98  
-  #ssl_certificate_key  /etc/nginx/ssl/blog.key;
99  
-  #
100  
-  #Nginx doesn’t do SSL certificate chaining like Apache2 does. In order to get the ca.pem and sub.class1.server.ca.pem onto your install just append the two files to your certificate file.
101  
-  #openssl rsa -in ssl.key -out /etc/nginx/conf/ssl.key
102  
-  #curl http://www.startssl.com/certs/sub.class1.server.ca.pem >>ssl.crt
103  
-  #curl http://www.startssl.com/certs/ca.pem >>ssl.crt
104  
-
105  
-  cert[:files].each do |key, value|
106  
-    user "root"
107  
-    group "root"
108  
-    template "#{node[:nginx][:dir]}/cert/#{name}_cert.#{key}" do
109  
-      source value
110  
-    end
111  
-  end
112  
-end if node[:certificates]
4  chef/site-cookbooks/ubuntu/attributes/default.rb
@@ -19,6 +19,6 @@
19 19
 
20 20
 case platform
21 21
 when "ubuntu"
22  
-  set[:ubuntu][:archive_url]  = "http://us.archive.ubuntu.com/ubuntu"
23  
-  set[:ubuntu][:security_url] = "http://security.ubuntu.com/ubuntu"
  22
+  default[:ubuntu][:archive_url]  = "http://de.archive.ubuntu.com/ubuntu"
  23
+  default[:ubuntu][:security_url] = "http://security.ubuntu.com/ubuntu"
24 24
 end
4  chef/site-cookbooks/ubuntu/templates/default/sources.list.erb
@@ -3,13 +3,9 @@
3 3
 #
4 4
 
5 5
 deb <%= node['ubuntu']['archive_url'] %> <%= @code_name %> main restricted universe multiverse
6  
-deb-src <%= node['ubuntu']['archive_url'] %> <%= @code_name %> main restricted universe multiverse
7  
-
8 6
 deb <%= node['ubuntu']['archive_url'] %> <%= @code_name %>-updates main restricted universe multiverse
9  
-deb-src <%= node['ubuntu']['archive_url'] %> <%= @code_name %>-updates main restricted universe multiverse
10 7
 
11 8
 # 
12 9
 # Security updates 
13 10
 #
14 11
 deb <%= node['ubuntu']['security_url'] %> <%= @code_name %>-security main restricted universe multiverse 
15  
-deb-src <%= node['ubuntu']['security_url'] %> <%= @code_name %>-security main restricted universe multiverse 

0 notes on commit b92160c

Please sign in to comment.
Something went wrong with that request. Please try again.