Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge branch 'worker-box'

  • Loading branch information...
commit 1e07b6499e805f34f690b098f0f3bc39e6c96394 2 parents 0c1aa2c + c666ac2
Mathias Meyer roidrage authored
Showing with 921 additions and 401 deletions.
  1. +51 −0 worker_host/ant/README.md
  2. +12 −0 worker_host/ant/metadata.rb
  3. +18 −16 worker_host/{git/recipes/server.rb → ant/recipes/default.rb}
  4. +2 −2 worker_host/build-essential/recipes/default.rb
  5. +1 −0  worker_host/disks/attributes/default.rb
  6. +7 −0 worker_host/disks/recipes/default.rb
  7. +0 −5 worker_host/git/metadata.rb
  8. +13 −0 worker_host/iptables/files/default/iptables_rules
  9. +0 −284 worker_host/iptables/files/default/rebuild-iptables
  10. +16 −18 worker_host/iptables/recipes/default.rb
  11. +0 −2  worker_host/iptables/templates/default/all_established.erb
  12. +0 −2  worker_host/iptables/templates/default/all_icmp.erb
  13. +1 −1  worker_host/iptables/templates/default/iptables_load.erb
  14. +102 −0 worker_host/java/README.md
  15. +13 −19 worker_host/{iptables/definitions/iptables_rule.rb → java/attributes/default.rb}
  16. +11 −0 worker_host/java/files/default/java.seed
  17. +16 −0 worker_host/java/metadata.rb
  18. +61 −0 worker_host/java/recipes/default.rb
  19. +48 −0 worker_host/java/recipes/openjdk.rb
  20. +49 −0 worker_host/java/recipes/sun.rb
  21. +3 −0  worker_host/monit/attributes/default.rb
  22. +1 −0  worker_host/monit/files/default/default.monit
  23. +52 −0 worker_host/monit/recipes/default.rb
  24. +12 −0 worker_host/monit/templates/default/alerts.erb
  25. +6 −0 worker_host/monit/templates/default/filesystems.erb
  26. +6 −0 worker_host/monit/templates/default/monitrc.erb
  27. +4 −0 worker_host/monit/templates/default/system.erb
  28. +1 −1  worker_host/rvm/files/default/rvm.sh
  29. +0 −43 worker_host/rvm/metadata.json
  30. +2 −0  worker_host/rvm/metadata.rb
  31. +2 −5 worker_host/rvm/recipes/default.rb
  32. +0 −3  worker_host/rvm/recipes/install.rb
  33. +48 −0 worker_host/rvm/recipes/multi.rb
  34. +12 −0 worker_host/ssh/recipes/sshd.rb
  35. +87 −0 worker_host/ssh/templates/default/sshd_config.erb
  36. +2 −0  worker_host/sudo/attributes/sudoers.rb
  37. +14 −0 worker_host/sudo/recipes/default.rb
  38. +19 −0 worker_host/sudo/templates/default/sudoers.erb
  39. +13 −0 worker_host/travis_worker/attributes/default.rb
  40. +92 −0 worker_host/travis_worker/recipes/default.rb
  41. +5 −0 worker_host/travis_worker/templates/default/travis-worker.monitrc.erb
  42. +14 −0 worker_host/travis_worker/templates/default/worker.yml.erb
  43. +2 −0  worker_host/users/attributes/default.rb
  44. +9 −0 worker_host/users/metadata.rb
  45. +69 −0 worker_host/users/recipes/default.rb
  46. +1 −0  worker_host/users/templates/default/authorized_keys.pub
  47. 0  worker_host/virtualbox/attributes/default.rb
  48. +11 −0 worker_host/virtualbox/metadata.rb
  49. +13 −0 worker_host/virtualbox/recipes/default.rb
51 worker_host/ant/README.md
View
@@ -0,0 +1,51 @@
+Description
+===========
+
+Installs and configures Apache Ant & Ivy
+
+Requirements
+============
+
+Platform:
+
+* Debian, Ubuntu, CentOS, Red Hat, Fedora
+
+The following Opscode cookbooks are dependencies:
+
+* java
+* jpackage
+
+Attributes
+==========
+
+Usage
+=====
+
+Simply include the recipe where you want Apache Ant & Ivy installed.
+
+TODO
+====
+
+* plugin support
+* global config template - /etc/ant/ant.conf
+
+License and Author
+==================
+
+Author:: Seth Chisamore (<schisamo@opscode.com>)
+
+Copyright 2010, Opscode, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+
12 worker_host/ant/metadata.rb
View
@@ -0,0 +1,12 @@
+maintainer "Opscode, Inc."
+maintainer_email "cookbooks@opscode.com"
+license "Apache 2.0"
+description "Installs/Configures ant"
+long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
+version "0.10.1"
+depends "java"
+%w{ debian ubuntu centos redhat fedora }.each do |os|
+ supports os
+end
+
+recipe "ant::default", "Installs and configures Ant"
34 worker_host/git/recipes/server.rb → worker_host/ant/recipes/default.rb
View
@@ -1,8 +1,8 @@
#
-# Cookbook Name:: git
-# Recipe:: server
+# Cookbook Name:: ant
+# Recipe:: default
#
-# Copyright 2009, Opscode, Inc.
+# Copyright 2010, Opscode, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -15,20 +15,22 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+#
-include_recipe "git"
+include_recipe "java"
-directory "/srv/git" do
- owner "root"
- group "root"
- mode 0755
-end
+ant_pkgs = value_for_platform(
+ ["debian","ubuntu",] => {
+ "default" => ["ant","ant-contrib","ivy"]
+ },
+ ["centos","redhat","fedora" ] => {
+ "default" => ["ant","ant-contrib","ivy"]
+ },
+ "default" => ["ant","ant-contrib","ivy"]
+)
-case node[:platform]
-when "debian", "ubuntu"
- include_recipe "runit"
- runit_service "git-daemon"
-else
- log "Platform requires setting up a git daemon service script."
- log "Hint: /usr/bin/git daemon --export-all --user=nobody --group=daemon --base-path=/srv/git"
+ant_pkgs.each do |pkg|
+ package pkg do
+ action :install
+ end
end
4 worker_host/build-essential/recipes/default.rb
View
@@ -19,13 +19,13 @@
case node['platform']
when "ubuntu","debian"
- %w{build-essential binutils-doc}.each do |pkg|
+ %w{build-essential binutils-doc zsh}.each do |pkg|
package pkg do
action :install
end
end
when "centos","redhat","fedora"
- %w{gcc gcc-c++ kernel-devel make}.each do |pkg|
+ %w{gcc gcc-c++ kernel-devel make zsh}.each do |pkg|
package pkg do
action :install
end
1  worker_host/disks/attributes/default.rb
View
@@ -0,0 +1 @@
+default[:mounts] = []
7 worker_host/disks/recipes/default.rb
View
@@ -0,0 +1,7 @@
+node[:mounts].each do |mount|
+ mount mount[:mount_point] do
+ fstype mount[:filesystem]
+ device mount[:device]
+ action [:mount, :enable]
+ end
+end
5 worker_host/git/metadata.rb
View
@@ -5,12 +5,7 @@
long_description IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
version "0.9.0"
recipe "git", "Installs git"
-recipe "git::server", "Sets up a runit_service for git daemon"
%w{ ubuntu debian arch}.each do |os|
supports os
end
-
-%w{ runit }.each do |cb|
- depends cb
-end
13 worker_host/iptables/files/default/iptables_rules
View
@@ -0,0 +1,13 @@
+# Generated by iptables-save v1.4.4 on Mon Nov 21 20:39:40 2011
+*filter
+:INPUT ACCEPT [18:1152]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [9:872]
+-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 25 -j REJECT --reject-with icmp-port-unreachable
+-A OUTPUT -p tcp -m tcp --dport 25 -j REJECT --reject-with icmp-port-unreachable
+-A INPUT -p tcp -m tcp --dport 587 -j REJECT --reject-with icmp-port-unreachable
+-A OUTPUT -p tcp -m tcp --dport 587 -j REJECT --reject-with icmp-port-unreachable
+COMMIT
+# Completed on Mon Nov 21 20:39:40 2011
+
284 worker_host/iptables/files/default/rebuild-iptables
View
@@ -1,284 +0,0 @@
-#!/usr/bin/perl -w
-our $ID = q$Id: rebuild-iptables 344 2006-10-04 02:48:30Z digant $;
-
-#
-# rebuild-iptables -- Construct an iptables rules file from fragments.
-#
-# Written by Russ Allbery <rra@stanford.edu>
-# Adapted by Digant C Kasundra <digant@stanford.edu>
-# Adapted by Joe Williams (2011) <joe@joetify.com>
-# Copyright 2005, 2006 Board of Trustees, Leland Stanford Jr. University
-#
-# Constructs an iptables rules file from the prefix, standard, and suffix
-# files in the iptables configuration area, adding any additional modules
-# specified in the command line, and prints the resulting iptables rules to
-# standard output (suitable for saving into /var/lib/iptables or some other
-# appropriate location on the system).
-
-##############################################################################
-# Modules and declarations
-##############################################################################
-
-require 5.006;
-use strict;
-
-use Getopt::Long qw(GetOptions);
-
-# Path to the iptables template area.
-our $TEMPLATE = '/etc/iptables.d';
-
-##############################################################################
-# Installation
-##############################################################################
-
-# Return the prefix
-sub prefix {
- my $data;
- ( $data = <<'END_OF_PREFIX' ) =~ s/^\s+//gm;
- *filter
- :INPUT ACCEPT
- :FORWARD ACCEPT
- :OUTPUT ACCEPT
- :FWR -
- -A INPUT -j FWR
- -A FWR -i lo -j ACCEPT
-END_OF_PREFIX
-
- return $data;
-}
-
-# Return the suffix
-sub suffix {
- my $data;
- ( $data = <<'END_OF_SUFFIX' ) =~ s/^\s+//gm;
- # Rejects all remaining connections with port-unreachable errors.
-
- -A FWR -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j REJECT --reject-with icmp-port-unreachable
- -A FWR -p udp -j REJECT --reject-with icmp-port-unreachable
- COMMIT
-END_OF_SUFFIX
-
- return $data;
-}
-
-sub snat {
- my $data = "";
- if ( -f "/etc/iptables.snat" ) {
- open( SNAT, "<", "/etc/iptables.snat" )
- or die "$0: cannot open /etc/iptables.snat: $!\n";
- while (<SNAT>) {
- $data = $data . $_;
- }
- close(SNAT);
- }
- return $data;
-}
-
-# Read in a file, processing includes as required. Returns the contents of
-# the file as an array.
-sub read_iptables {
- my ($file) = @_;
- my @data;
- $file = $TEMPLATE . '/' . $file unless $file =~ m%^\.?/%;
- local *MODULE;
- open( MODULE, '<', $file ) or die "$0: cannot open $file: $!\n";
- local $_;
- while (<MODULE>) {
- if (/^\s*include\s+(\S+)$/) {
- my $included = $1;
- $included = $TEMPLATE . '/' . $included
- unless $included =~ m%^\.?/%;
- if ( $file eq $included ) {
- die "$0: include loop in $file, line $.\n";
- }
- push( @data, "\n" );
- push( @data, read_iptables($included) );
- push( @data, "\n" );
- } elsif (/^\s*include\s/) {
- die "$0: malformed include line in $file, line $.\n";
- } else {
- push( @data, $_ );
- }
- }
- close MODULE;
- return @data;
-}
-
-# Write a file carefully.
-sub write_iptables {
- my ( $file, @data ) = @_;
- open( NEW, "> $file.new" ) or die "$0: cannot create $file.new: $!\n";
- print NEW @data or die "$0: cannot write to $file.new: $!\n";
- close NEW or die "$0: cannot flush $file.new: $!\n";
- rename( "$file.new", $file )
- or die "$0: cannot install new $file: $!\n";
-}
-
-# Install iptables on a Red Hat system. Takes the array containing the new
-# iptables data.
-sub install_redhat {
- my (@data) = @_;
- write_iptables( '/etc/sysconfig/iptables', @data );
- system( "/sbin/service", "iptables", "restart" );
-}
-
-# Install iptables on a Debian system. Take the array containing the new
-# iptables data.
-sub install_debian {
- my (@data) = @_;
- unless ( -d '/etc/iptables' ) {
- mkdir( '/etc/iptables', 0755 )
- or die "$0: cannot mkdir /etc/iptables: $!\n";
- }
- write_iptables( "/etc/iptables/general", @data );
- system("/sbin/iptables-restore < /etc/iptables/general") == 0
- or die "rebuild-iptables: iptables-restore failed! - $?"
-}
-
-##############################################################################
-# Main routine
-##############################################################################
-
-# Fix things up for error reporting.
-$| = 1;
-my $fullpath = $0;
-$0 =~ s%.*/%%;
-
-# Parse command-line options.
-my ( $help, $version );
-Getopt::Long::config( 'bundling', 'no_ignore_case' );
-GetOptions(
- 'h|help' => \$help,
- 'v|version' => \$version
-) or exit 1;
-if ($help) {
- print "Feeding myself to perldoc, please wait....\n";
- exec( 'perldoc', '-t', $fullpath );
-} elsif ($version) {
- my $version = join( ' ', ( split( ' ', $ID ) )[ 1 .. 3 ] );
- $version =~ s/,v\b//;
- $version =~ s/(\S+)$/($1)/;
- $version =~ tr%/%-%;
- print $version, "\n";
- exit;
-}
-my @modules;
-
-if ( -d '/etc/iptables.d' ) {
- @modules = </etc/iptables.d/*>;
-}
-
-# Concatenate everything together.
-my @data;
-push( @data, prefix() );
-push( @data, "\n" );
-for my $module (@modules) {
- push( @data, read_iptables($module) );
- push( @data, "\n" );
-}
-push( @data, suffix() );
-push( @data, snat() );
-
-if ( -f '/etc/debian_version' ) {
- install_debian(@data);
-} elsif ( -f '/etc/redhat-release' ) {
- install_redhat(@data);
-} else {
- die "$0: cannot figure out whether this is Red Hat or Debian\n";
-}
-
-exit 0;
-__END__
-
-##############################################################################
-# Documentation
-##############################################################################
-
-=head1 NAME
-
-rebuild-iptables - Construct an iptables rules file from fragments
-
-=head1 SYNOPSIS
-
-rebuild-iptables [B<-hv>]
-
-=head1 DESCRIPTION
-
-B<rebuild-iptables> constructs an iptables configuration file by concatenating
-various modules found in F</etc/iptables.d>. The resulting iptables
-configuration file is written to the appropriate file for either Red Hat or
-Debian (determined automatically) and iptables is restarted.
-
-Each module is just a text file located in the directory mentioned above that
-contains one or more iptables configuration lines (basically the arguments to
-an B<iptables> invocation), possibly including comments.
-
-Along with the modules in the directory specified, a standard prefix and suffix
-is added.
-
-Normally, the contents of each module are read in verbatim, but a module may
-also contain the directive:
-
- include <module>
-
-on a separate line, where <module> is the path to another module to include,
-specified the same way as modules given on the command line (hence, either a
-file name relative to F</afs/ir/service/jumpstart/data/iptables> or an
-absolute path). Such a line will be replaced with the contents of the named
-file. Be careful when using this directive to not create loops; files
-including themselves will be detected, but more complex loops will not and
-will result in infinite output.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-h>, B<--help>
-
-Print out this documentation (which is done simply by feeding the script to
-C<perldoc -t>).
-
-=item B<-v>, B<--version>
-
-Print out the version of B<rebuild-iptables> and exit.
-
-=back
-
-=head1 FILES
-
-=over 4
-
-=item F</etc/iptables.d>
-
-The default module location.
-
-=item F</etc/debian_version>
-
-If this file exists, the system is assumed to be a Debian system for
-determining the installation location when B<-i> is used.
-
-=item F</etc/iptables/general>
-
-The install location of the generated configuration file on Debian.
-
-=item F</etc/redhat-release>
-
-If this file exists, the system is assumed to be a Red Hat system for
-determining the installation location when B<-i> is used.
-
-=item F</etc/sysconfig/iptables>
-
-The install location of the generated configuration file on Red Hat.
-
-=back
-
-=head1 AUTHOR
-
-Russ Allbery <rra@stanford.edu>
-Digant C Kasundra <digant@stanford.edu>
-
-=head1 SEE ALSO
-
-iptables(8)
-
-=cut
34 worker_host/iptables/recipes/default.rb
View
@@ -17,34 +17,32 @@
# limitations under the License.
#
-package "iptables"
+package "iptables"
-execute "rebuild-iptables" do
- command "/usr/sbin/rebuild-iptables"
- action :nothing
+iptables_ruleset_path = case node[:platform]
+ when "redhat", "centos"
+ "/etc/sysconfig/iptables"
+ when "ubuntu", "debian"
+ "/etc/iptables/general"
+ end
+
+execute "restore iptables" do
+ command "/sbin/iptables-restore #{iptables_ruleset_path}"
+ action :nothing
end
-directory "/etc/iptables.d" do
+directory File.dirname(iptables_ruleset_path) do
action :create
end
-cookbook_file "/usr/sbin/rebuild-iptables" do
- source "rebuild-iptables"
- mode 0755
-end
+cookbook_file iptables_ruleset_path do
+ source "iptables_rules"
-case node[:platform]
-when "redhat", "centos"
- iptables_save_file = "/etc/sysconfig/iptables"
-when "ubuntu", "debian"
- iptables_save_file = "/etc/iptables/general"
+ notifies :run, resources(:execute => "restore iptables"), :delayed
end
template "/etc/network/if-pre-up.d/iptables_load" do
source "iptables_load.erb"
mode 0755
- variables :iptables_save_file => iptables_save_file
+ variables :iptables_ruleset_path => iptables_ruleset_path
end
-
-iptables_rule "all_established"
-iptables_rule "all_icmp"
2  worker_host/iptables/templates/default/all_established.erb
View
@@ -1,2 +0,0 @@
-# Any established connection is money
--A FWR -m state --state RELATED,ESTABLISHED -j ACCEPT
2  worker_host/iptables/templates/default/all_icmp.erb
View
@@ -1,2 +0,0 @@
-# ICMP
--A FWR -p icmp -j ACCEPT
2  worker_host/iptables/templates/default/iptables_load.erb
View
@@ -1,3 +1,3 @@
#!/bin/sh
-/sbin/iptables-restore < <%= @iptables_save_file %>
+/sbin/iptables-restore < <%= @iptables_ruleset_path %>
exit 0
102 worker_host/java/README.md
View
@@ -0,0 +1,102 @@
+Description
+===========
+
+Installs a Java. Uses OpenJDK by default but supports installation of the Sun's Java.
+
+---
+Requirements
+============
+
+Platform
+--------
+
+* Debian, Ubuntu
+* CentOS, Red Hat, Fedora
+
+Cookbooks
+---------
+
+* apt
+
+---
+Attributes
+==========
+
+* `node["java"]["install_flavor"]` - Flavor of JVM you would like installed (`sun` or `openjdk`), default `openjdk`.
+
+---
+Recipes
+=======
+
+default
+-------
+
+Include the default recipe in a run list, to get `java`. By default the `openjdk` flavor of Java is installed, but this can be changed by using the `install_flavor` attribute.
+
+openjdk
+-------
+
+This recipe installs the `openjdk` flavor of Java.
+
+sun
+---
+
+This recipe installs the `sun` flavor of Java.
+
+On Debian and Ubuntu systems the recipe will add the correct apt repository (`non-free` on Debian or `partner` on Ubuntu), pre-seed the package and update java alternatives.
+
+On Red Hat flavored Linux (RHEL, CentOS, Fedora), the installation of the Sun flavor of Java is slightly more complicated as the `rpm` package is not readily available in any public Yum repository. The Sun JDK `rpm` package can be downloaded directly from Sun but comes wrapped as a compressed bin file. After the file has been downloaded, decompressed and license accepted the `rpm` package (names something like `jdk-6u25-ea-linux-amd64.rpm`) can be retrieved by this recipe using the `remote_file` or `cookbook_file` resources. The recipe will choose the correct resource based on the existence (or non-existence) of the `node['sun']['rpm_url']` attribute. See below for an example role using this attribute in the proper way. If you would like to deliver the `rpm` package file as part of this cookbook place the `rpm` package file in the `files/default` directory and the cookbook will retrieve the file during installation.
+
+---
+Usage
+=====
+
+Simply include the `java` recipe where ever you would like Java installed.
+
+To install Sun flavored Java on Debian or Ubuntu override the `node['java']['install_flavor']` attribute with in role:
+
+ name "java"
+ description "Install Sun Java on Ubuntu"
+ override_attributes(
+ "java" => {
+ "install_flavor" => "sun"
+ }
+ )
+ run_list(
+ "recipe[java]"
+ )
+
+On RedHat flavored Linux be sure to set the `rpm_url` and `rpm_checksum` attributes if you placed the `rpm` file on a remote server:
+
+ name "java"
+ description "Install Sun Java on CentOS"
+ override_attributes(
+ "java" => {
+ "install_flavor" => "sun",
+ "version" => "6u25",
+ "rpm_url" => "https://mycompany.s3.amazonaws.com/sun_jdk",
+ "rpm_checksum" => "c473e3026f991e617710bad98f926435959303fe084a5a31140ad5ad75d7bf13"
+ }
+ )
+ run_list(
+ "recipe[java]"
+ )
+
+License and Author
+==================
+
+Author:: Seth Chisamore (<schisamo@opscode.com>)
+
+Copyright:: 2008-2011, Opscode, Inc
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
32 worker_host/iptables/definitions/iptables_rule.rb → worker_host/java/attributes/default.rb
View
@@ -1,8 +1,9 @@
#
-# Cookbook Name:: iptables
-# Definition:: iptables_rule
+# Author:: Seth Chisamore (<schisamo@opscode.com>)
+# Cookbook Name:: java
+# Attributes:: default
#
-# Copyright 2008-2009, Opscode, Inc.
+# Copyright 2010, Opscode, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -15,21 +16,14 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#
-define :iptables_rule, :enable => true, :source => nil, :variables => {} do
- template_source = params[:source] ? params[:source] : "#{params[:name]}.erb"
-
- template "/etc/iptables.d/#{params[:name]}" do
- source template_source
- mode 0644
- variables params[:variables]
- backup false
- notifies :run, resources(:execute => "rebuild-iptables")
- if params[:enable]
- action :create
- else
- action :delete
- end
- end
+default['java']['install_flavor'] = "openjdk"
+
+case platform
+when "centos","redhat","fedora"
+ default['java']['version'] = "6u25"
+ default['java']['arch'] = kernel['machine'] =~ /x86_64/ ? "amd64" : "i586"
+ set['java']['java_home'] = "/usr/lib/jvm/java"
+else
+ set['java']['java_home'] = "/usr/lib/jvm/default-java"
end
11 worker_host/java/files/default/java.seed
View
@@ -0,0 +1,11 @@
+sun-java6-bin shared/accepted-sun-dlj-v1-1 boolean true
+sun-java6-jdk shared/accepted-sun-dlj-v1-1 boolean true
+sun-java6-jre shared/accepted-sun-dlj-v1-1 boolean true
+sun-java6-jre sun-java6-jre/stopthread boolean true
+sun-java6-jre sun-java6-jre/jcepolicy note
+sun-java6-bin shared/error-sun-dlj-v1-1 error
+sun-java6-jdk shared/error-sun-dlj-v1-1 error
+sun-java6-jre shared/error-sun-dlj-v1-1 error
+sun-java6-bin shared/present-sun-dlj-v1-1 note
+sun-java6-jdk shared/present-sun-dlj-v1-1 note
+sun-java6-jre shared/present-sun-dlj-v1-1 note
16 worker_host/java/metadata.rb
View
@@ -0,0 +1,16 @@
+maintainer "Opscode, Inc."
+maintainer_email "cookbooks@opscode.com"
+license "Apache 2.0"
+description "Installs Java runtime."
+long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
+version "1.1"
+
+depends "apt"
+
+recipe "java", "Installs Java runtime"
+recipe "java::openjdk", "Installs the OpenJDK flavor of Java"
+recipe "java::sun", "Installs the Sun flavor of Java"
+
+%w{ debian ubuntu centos redhat fedora }.each do |os|
+ supports os
+end
61 worker_host/java/recipes/default.rb
View
@@ -0,0 +1,61 @@
+#
+# Author:: Seth Chisamore (<schisamo@opscode.com>)
+# Cookbook Name:: java
+# Recipe:: default
+#
+# Copyright 2008-2011, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+case node['platform']
+when "ubuntu"
+ apt_repository "ubuntu-partner" do
+ uri "http://archive.canonical.com/ubuntu"
+ distribution node['lsb']['codename']
+ components ['partner']
+ action :add
+ end
+ # update-java-alternatives doesn't work with only sun java installed
+ node.set['java']['java_home'] = "/usr/lib/jvm/java-6-sun"
+
+when "debian"
+ apt_repository "debian-non-free" do
+ uri "http://http.us.debian.org/debian"
+ distribution "stable"
+ components ['main','contrib','non-free']
+ action :add
+ end
+ # update-java-alternatives doesn't work with only sun java installed
+ node.set['java']['java_home'] = "/usr/lib/jvm/java-6-sun"
+when "centos", "redhat", "fedora"
+ pkgs.each do |pkg|
+ if node['java'].attribute?('rpm_url')
+ remote_file "#{Chef::Config[:file_cache_path]}/#{pkg}" do
+ source "#{node['java']['rpm_url']}/#{pkg}"
+ checksum node['java']['rpm_checksum']
+ mode "0644"
+ end
+ else
+ cookbook_file "#{Chef::Config[:file_cache_path]}/#{pkg}" do
+ source pkg
+ mode "0644"
+ action :create_if_missing
+ end
+ end
+ end
+else
+ Chef::Log.error("Installation of Sun Java packages not supported on this platform.")
+end
+
+include_recipe "java::#{node['java']['install_flavor']}"
48 worker_host/java/recipes/openjdk.rb
View
@@ -0,0 +1,48 @@
+#
+# Author:: Seth Chisamore (<schisamo@opscode.com>)
+# Cookbook Name:: java
+# Recipe:: openjdk
+#
+# Copyright 2010-2011, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+pkgs = value_for_platform(
+ ["centos","redhat","fedora"] => {
+ "default" => ["java-1.6.0-openjdk","java-1.6.0-openjdk-devel"]
+ },
+ "default" => ["openjdk-6-jdk","default-jdk"]
+ )
+
+execute "update-java-alternatives" do
+ alternative = case [node[:platform], node[:platform_version]]
+ when ["ubuntu", "11.04"] then
+ "java-6-openjdk"
+ when ["ubuntu", "11.10"] then
+ "java-1.6.0-openjdk"
+ else
+ "java-1.6.0-openjdk"
+ end
+
+ command "update-java-alternatives -s #{alternative}"
+ returns [0,2]
+ action :nothing
+ only_if { platform?("ubuntu", "debian") }
+end
+
+pkgs.each do |pkg|
+ package pkg do
+ action :install
+ notifies :run, "execute[update-java-alternatives]"
+ end
+end
49 worker_host/java/recipes/sun.rb
View
@@ -0,0 +1,49 @@
+#
+# Author:: Seth Chisamore (<schisamo@opscode.com>)
+# Cookbook Name:: java
+# Recipe:: sun
+#
+# Copyright 2010-2011, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+pkgs = value_for_platform(
+ ["centos","redhat","fedora"] => {
+ "default" => ["jdk-#{node['java']['version']}-ea-linux-#{node['java']['arch']}.rpm"]
+ },
+ ["debian","ubuntu"] => {
+ "default" => ["sun-java6-jdk"]
+ }
+)
+
+
+execute "update-java-alternatives" do
+ command "update-java-alternatives -s java-6-sun"
+ returns [0,2]
+ action :nothing
+ only_if { platform?("ubuntu", "debian") }
+end
+
+pkgs.each do |pkg|
+ package pkg do
+ case node['platform']
+ when "ubuntu", "debian"
+ response_file "java.seed"
+ when "centos", "redhat", "fedora"
+ source "#{Chef::Config[:file_cache_path]}/#{pkg}"
+ options "--nogpgcheck" # sun/oracle doesn't sign their RPMs o_O
+ end
+ action :install
+ notifies :run, "execute[update-java-alternatives]"
+ end
+end
3  worker_host/monit/attributes/default.rb
View
@@ -0,0 +1,3 @@
+default["monit"]["alerts"] = {}
+default["monit"]["checks"]["enabled"] = []
+default["monit"]["checks"]["filesystems"] = {}
1  worker_host/monit/files/default/default.monit
View
@@ -0,0 +1 @@
+startup=1
52 worker_host/monit/recipes/default.rb
View
@@ -0,0 +1,52 @@
+package "monit" do
+ action :install
+end
+
+execute "monit-reload" do
+ action :nothing
+ command "monit reload"
+end
+
+cookbook_file "/etc/default/monit" do
+ source "default.monit"
+ owner "root"
+ group "root"
+ mode "0644"
+ backup false
+end
+
+service "monit" do
+ supports :start => true, :restart => true, :reload => true
+ action [:enable, :start]
+ ignore_failure true
+end
+
+template "/etc/monit/monitrc" do
+ source "monitrc.erb"
+ owner "root"
+ group "root"
+ mode "0600"
+ variables :monit => node[:monit]
+ notifies :run, resources(:execute => "monit-reload")
+end
+
+template "/etc/monit/conf.d/alerts.monitrc" do
+ source "alerts.erb"
+ owner "root"
+ group "root"
+ mode "0600"
+ variables :alerts => node[:monit][:alerts]
+ notifies :run, resources(:execute => "monit-reload")
+end
+
+node[:monit][:checks][:enabled].each do |check|
+ data = node[:monit][:checks][check]
+ template "/etc/monit/conf.d/#{check}.monitrc" do
+ source "#{check}.erb"
+ mode "0644"
+ owner "root"
+ group "root"
+ variables :data => data
+ notifies :run, resources(:execute => "monit-reload")
+ end
+end
12 worker_host/monit/templates/default/alerts.erb
View
@@ -0,0 +1,12 @@
+set alert <%= @alerts["receiver"] %> on { timeout, connection, action, nonexist }
+<% unless @alerts[:disabled] %>
+<%# Allow disabling alerts via "monit": { "alerts": { "disabled": true } }, in a node config %>
+set mailserver <%= @alerts["smtp"] %> port <%= @alerts["port"] %>
+ username "<%= @alerts["user"] %>" password "<%= @alerts["password"] %>"
+ with timeout 30 seconds
+
+ set mail-format {
+ from: <%= @alerts["receiver"] %>
+ subject: monit alert for <%= node["hostname"] %>: $EVENT $SERVICE
+ }
+<% end %>
6 worker_host/monit/templates/default/filesystems.erb
View
@@ -0,0 +1,6 @@
+<% @data.each do |mount, threshold| %>
+check filesystem rootfs with path <%= mount %>
+ if space usage > <%= threshold %> for 5 times within 15 cycles
+ then alert else if succeeded for 10 cycles then alert
+
+<% end %>
6 worker_host/monit/templates/default/monitrc.erb
View
@@ -0,0 +1,6 @@
+# A comment so that Ubuntu's init script actually starts the daemon
+set daemon 60
+include /etc/monit/conf.d/*
+set logfile syslog facility log_daemon
+set httpd port 2812
+ allow localhost
4 worker_host/monit/templates/default/system.erb
View
@@ -0,0 +1,4 @@
+check system <%= node[:hostname] %>
+ <% @data.each do |name, threshold| %>
+ if <%= name %> > <%= threshold %> for 5 cycles then alert
+ <% end -%>
2  worker_host/rvm/files/default/rvm.sh
View
@@ -1 +1 @@
-[[ -s "$HOME/.rvm/scripts/rvm" ]] && . "$HOME/.rvm/scripts/rvm
+[[ -s "/usr/local/rvm/scripts/rvm" ]] && . "/usr/local/rvm/scripts/rvm"
43 worker_host/rvm/metadata.json
View
@@ -1,43 +0,0 @@
-{
- "name": "rvm",
- "description": "Installs and configures RVM, optionally keeping it updated.",
- "long_description": "",
- "maintainer": "James Harton, Sociable Limited.",
- "maintainer_email": "james@sociable.co.nz",
- "license": "MIT",
- "platforms": {
- },
- "dependencies": {
- "apt": [
-
- ],
- "build-essential": [
-
- ],
- "git": [
-
- ]
- },
- "recommendations": {
- },
- "suggestions": {
- },
- "conflicting": {
- },
- "providing": {
- },
- "replacing": {
- },
- "attributes": {
- },
- "groupings": {
- },
- "recipes": {
- "rvm": "Install system-wide RVM",
- "rvm::install": "Install a ruby implementation based on attributes",
- "rvm::ruby_192": "Helper recipe to install ruby 1.9.2",
- "rvm::ruby_187": "Helper recipe to install ruby 1.8.7",
- "rvm::ree": "Helper recipe to install ruby enterprise edition"
- },
- "version": "0.0.2"
-}
2  worker_host/rvm/metadata.rb
View
@@ -23,3 +23,5 @@
depends "apt"
depends "build-essential"
depends "git"
+depends "java"
+depends "ant"
7 worker_host/rvm/recipes/default.rb
View
@@ -12,19 +12,16 @@
case node[:platform]
when "debian","ubuntu"
- %w( libreadline5-dev libssl-dev libxml2-dev libxslt1-dev zlib1g-dev ).each do | pkg |
+ %w( libreadline-dev libssl-dev libxml2-dev libxslt1-dev zlib1g-dev ).each do | pkg |
package pkg
end
end
bash "installing system-wide RVM stable" do
- user "vagrant"
- code "bash < <( curl -L -B http://rvm.beginrescueend.com/install/rvm )"
+ code "sudo bash -s < <(curl -s https://raw.github.com/wayneeseguin/rvm/master/binscripts/rvm-installer)"
not_if "which rvm"
end
cookbook_file "/etc/profile.d/rvm.sh" do
- owner "vagrant"
- group "vagrant"
mode 0755
end
3  worker_host/rvm/recipes/install.rb
View
@@ -13,17 +13,14 @@
include_recipe "rvm"
bash "installing #{ruby_version}" do
- user "vagrant"
code "rvm install #{ruby_version}"
not_if "rvm list | grep #{ruby_version}"
end
bash "make #{ruby_version} the default ruby" do
- user "vagrant"
code "rvm --default #{ruby_version}"
not_if "rvm list | grep '=> #{ruby_version}'"
only_if { node[:rvm][:ruby][:default] }
- #notifies :restart, "service[chef-client]"
end
gem_package "chef" do
48 worker_host/rvm/recipes/multi.rb
View
@@ -0,0 +1,48 @@
+#
+# Cookbook Name:: rvm
+# Recipe:: multi
+# Copyright 2011-2012, Travis CI development team
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+include_recipe "rvm"
+
+include_recipe "java"
+include_recipe "ant"
+
+gems = (node[:rvm][:gems] || ['bundler', 'rake'])
+rvm = "source /usr/local/rvm/scripts/rvm && rvm"
+
+node[:rvm][:rubies].each do |ruby|
+ bash "Installing #{ruby[:name]} with RVM arguments #{ruby[:arguments]}" do
+ code "#{rvm} install #{ruby[:name]} #{ruby[:arguments]}"
+ not_if "#{rvm} list | grep #{ruby[:check_for] || ruby[:name]}"
+ end
+
+ name = ruby[:check_for] || ruby[:name]
+ gems.each do |gem|
+ bash "installing gem #{gem} for #{name}" do
+ code "#{rvm} use #{name}; gem install #{gem} --no-ri --no-rdoc"
+ end
+ end
+end
+
+bash "clean up RVM sources, log files, etc" do
+ code "#{rvm} cleanup all"
+end
12 worker_host/ssh/recipes/sshd.rb
View
@@ -0,0 +1,12 @@
+service "ssh" do
+ supports :restart => true, :reload => true
+ action :enable
+end
+
+template "/etc/ssh/sshd_config" do
+ source "sshd_config.erb"
+ owner "root"
+ group "root"
+ mode "0644"
+ notifies :reload, resources(:service => "ssh")
+end
87 worker_host/ssh/templates/default/sshd_config.erb
View
@@ -0,0 +1,87 @@
+# Package generated configuration file
+# See the sshd_config(5) manpage for details
+
+# What ports, IPs and protocols we listen for
+Port 22
+# Use these options to restrict which interfaces/protocols sshd will bind to
+#ListenAddress ::
+#ListenAddress 0.0.0.0
+Protocol 2
+# HostKeys for protocol version 2
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+HostKey /etc/ssh/ssh_host_ecdsa_key
+#Privilege Separation is turned on for security
+UsePrivilegeSeparation yes
+
+# Lifetime and size of ephemeral version 1 server key
+KeyRegenerationInterval 3600
+ServerKeyBits 768
+
+# Logging
+SyslogFacility AUTH
+LogLevel INFO
+
+# Authentication:
+LoginGraceTime 120
+PermitRootLogin no
+StrictModes yes
+
+RSAAuthentication yes
+PubkeyAuthentication yes
+#AuthorizedKeysFile %h/.ssh/authorized_keys
+
+# Don't read the user's ~/.rhosts and ~/.shosts files
+IgnoreRhosts yes
+# For this to work you will also need host keys in /etc/ssh_known_hosts
+RhostsRSAAuthentication no
+# similar for protocol version 2
+HostbasedAuthentication no
+# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
+#IgnoreUserKnownHosts yes
+
+# To enable empty passwords, change to yes (NOT RECOMMENDED)
+PermitEmptyPasswords no
+
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
+ChallengeResponseAuthentication no
+
+# Change to no to disable tunnelled clear text passwords
+PasswordAuthentication no
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosGetAFSToken no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+X11Forwarding yes
+X11DisplayOffset 10
+PrintMotd no
+PrintLastLog yes
+TCPKeepAlive yes
+#UseLogin no
+
+#MaxStartups 10:30:60
+#Banner /etc/issue.net
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+Subsystem sftp /usr/lib/openssh/sftp-server
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication. Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+UsePAM yes
2  worker_host/sudo/attributes/sudoers.rb
View
@@ -0,0 +1,2 @@
+default[:sudo][:groups] = []
+default[:sudo][:users] = []
14 worker_host/sudo/recipes/default.rb
View
@@ -0,0 +1,14 @@
+require_recipe 'users'
+
+package "sudo" do
+ action :upgrade
+end
+
+template "/etc/sudoers" do
+ source "sudoers.erb"
+ mode 0440
+ owner "root"
+ group "root"
+ variables :groups => node[:sudo][:groups],
+ :users => node[:sudo][:users]
+end
19 worker_host/sudo/templates/default/sudoers.erb
View
@@ -0,0 +1,19 @@
+#
+# /etc/sudoers
+#
+# Generated by Chef for <%= @node[:fqdn] %>
+#
+
+Defaults !lecture,tty_tickets,!fqdn
+
+# User privilege specification
+root ALL=(ALL) ALL
+
+<% @groups.each do |group| -%>
+# Members of the group '<%= group %>' may gain root privileges
+%<%= group %> ALL=(ALL) ALL
+<% end %>
+
+<% @users.each do |user| -%>
+<%= user[:name] %> ALL=(<%= user[:target_user] || "ALL" %>) <% if user[:nopassword] %><%= "NOPASSWD: " %><% end %><%= user[:command] || "ALL" %>
+<% end %>
13 worker_host/travis_worker/attributes/default.rb
View
@@ -0,0 +1,13 @@
+default[:travis][:worker][:home] = '/mnt/ssd/travis/worker'
+default[:travis][:worker][:repository] = 'git://github.com/travis-ci/travis-worker.git'
+default[:travis][:worker][:ref] = 'master'
+default[:travis][:worker][:post_deploy][:command] = ""
+default[:travis][:worker][:amqp] = {
+ :host => 'localhost',
+ :port => 1234,
+ :username => 'travis',
+ :password => 'travis',
+ :virtual_host => 'travis'
+}
+default[:travis][:worker][:vms] = 6
+default[:travis][:worker][:env] = 'ruby'
92 worker_host/travis_worker/recipes/default.rb
View
@@ -0,0 +1,92 @@
+execute "monit-reload" do
+ action :nothing
+ command "monit reload"
+end
+
+execute "monit-restart-travis-worker" do
+ action :nothing
+ command "monit restart travis-worker"
+end
+
+directory node[:travis][:worker][:home] do
+ action :create
+ recursive true
+ owner "travis"
+ group "travis"
+ mode "0755"
+end
+
+git "#{node[:travis][:worker][:home]}" do
+ repository node[:travis][:worker][:repository]
+ reference node[:travis][:worker][:ref]
+ action :sync
+ user "travis"
+ group "travis"
+ notifies :run, resources(:execute => 'monit-restart-travis-worker')
+end
+
+directory "#{node[:travis][:worker][:home]}/log" do
+ action :create
+ owner "travis"
+ group "travis"
+ mode "0755"
+end
+
+if not node[:travis][:worker][:post_checkout].empty?
+ bash "run post checkout hook (#{node[:travis][:worker][:post_checkout][:command]})" do
+ code node[:travis][:worker][:post_checkout][:command]
+ user "travis"
+ not_if "cd #{node[:travis][:worker][:home]} && #{node[:travis][:worker][:post_checkout][:condition]}"
+ cwd node[:travis][:worker][:home]
+ end
+end
+
+rvm = "source /usr/local/rvm/scripts/rvm && rvm"
+nohup_rvm = "source /usr/local/rvm/scripts/rvm && nohup rvm"
+
+bash "bundle gems" do
+ code "#{rvm} jruby do bundle install --path vendor/bundle --binstubs"
+ user "travis"
+ cwd node[:travis][:worker][:home]
+end
+
+template "#{node[:travis][:worker][:home]}/config/worker.yml" do
+ source "worker.yml.erb"
+ owner "travis"
+ group "travis"
+ mode "0600"
+ variables :amqp => node[:travis][:worker][:amqp],
+ :env => node[:travis][:worker][:env],
+ :vms => node[:travis][:worker][:vms]
+ notifies :run, resources(:execute => 'monit-restart-travis-worker')
+end
+
+bash "download VirtualBox images" do
+ code "#{rvm} jruby do ./bin/thor travis:vms:download 2>/dev/null"
+ user "travis"
+ cwd node[:travis][:worker][:home]
+ not_if {
+ File.exists?("#{node[:travis][:worker][:home]}/boxes/travis-#{node[:travis][:worker][:env]}.box")
+ }
+ notifies :run, resources(:execute => 'monit-restart-travis-worker')
+end
+
+bash "create VirtualBox images" do
+ code "#{rvm} jruby do ./bin/thor travis:vms:create &>/tmp/vbox-create.log"
+ user "travis"
+ cwd node[:travis][:worker][:home]
+ environment({"HOME" => node[:etc][:passwd][:travis][:dir]})
+ notifies :run, resources(:execute => 'monit-restart-travis-worker')
+ not_if {
+ File.exists?("#{node[:travis][:worker][:home]}/../VirtualBox VMs/travis-#{node[:travis][:worker][:env]}-1")
+ }
+end
+
+template "/etc/monit/conf.d/travis-worker.monitrc" do
+ source "travis-worker.monitrc.erb"
+ owner "root"
+ group "root"
+ mode "0644"
+ variables :home => node[:travis][:worker][:home]
+ notifies :run, resources(:execute => 'monit-reload')
+end
5 worker_host/travis_worker/templates/default/travis-worker.monitrc.erb
View
@@ -0,0 +1,5 @@
+check process travis-worker
+ with pidfile <%= @home %>/log/travis_worker.pid
+ start "<%= @home %>/bin/travis-worker" as uid travis and gid travis
+ stop "<%= @home %>/bin/travis-worker stop" as uid travis and gid travis
+ if 3 restarts with 10 cycles then timeout
14 worker_host/travis_worker/templates/default/worker.yml.erb
View
@@ -0,0 +1,14 @@
+env: <%= @env %>
+<%= @env %>:
+ log_level: info
+ amqp:
+ <% @amqp.each do |key, value| -%>
+ <%= key %>: <%= value %>
+ <% end -%>
+ vms:
+ count: <%= @vms %>
+ vbox_home: '/usr/lib/virtualbox'
+timeouts:
+ install: 600
+ before_script: 480
+ script: 1500
2  worker_host/users/attributes/default.rb
View
@@ -0,0 +1,2 @@
+default[:users] = []
+default[:groups] = []
9 worker_host/users/metadata.rb
View
@@ -0,0 +1,9 @@
+maintainer "The Travis CI Team"
+maintainer_email "mathias@travis-ci.org"
+license "Apache 2.0"
+description "User management"
+version "0.0.1"
+
+%w{ ubuntu debian }.each do |os|
+ supports os
+end
69 worker_host/users/recipes/default.rb
View
@@ -0,0 +1,69 @@
+users = if Chef::Config[:solo]
+ node[:users]
+ else
+ search(:users)
+ end
+
+groups = if Chef::Config[:solo]
+ node[:groups]
+ else
+ search(:groups)
+ end
+
+ohai "reload_passwd" do
+ action :nothing
+ plugin "passwd"
+end
+
+groups.each do |group|
+ group group[:id] do
+ gid group[:gid]
+ action [:create, :manage, :modify]
+ end
+end
+
+users.each do |user|
+ primary_group = user[:groups].nil? ? nil : user[:groups].first
+
+ directory File.dirname(user[:home]) do
+ action :create
+ recursive true
+ owner "root"
+ group "root"
+ end
+
+ user user[:id] do
+ shell user[:shell] || "/bin/bash"
+ home user[:home]
+ gid primary_group
+ uid user[:uid]
+ supports :manage_home => true
+ action [:create, :manage]
+ notifies :reload, resources(:ohai => "reload_passwd"), :immediately
+ end
+
+ (user[:groups] || []).each do |group_name|
+ group_id = groups.find {|group| group[:id] == group_name}[:gid]
+
+ group group_name do
+ members [user[:id]]
+ gid group_id
+ append true
+ action [:create, :manage, :modify]
+ end
+ end
+
+ if user[:ssh_key]
+ directory "#{user[:home]}/.ssh" do
+ mode "0700"
+ owner user[:id]
+ action :create
+ end
+
+ template "#{user[:home]}/.ssh/authorized_keys" do
+ mode "0600"
+ source "authorized_keys.pub"
+ variables :ssh_key => user[:ssh_key]
+ end
+ end
+end
1  worker_host/users/templates/default/authorized_keys.pub
View
@@ -0,0 +1 @@
+<%= @ssh_key %>
0  worker_host/virtualbox/attributes/default.rb
View
No changes.
11 worker_host/virtualbox/metadata.rb
View
@@ -0,0 +1,11 @@
+maintainer "The Travis CI Team"
+maintainer_email "mathias@travis-ci.org"
+license "Apache 2.0"
+description "Installs VirtualBox"
+version "0.0.1"
+
+%w{ ubuntu debian }.each do |os|
+ supports os
+end
+
+depends "apt"
13 worker_host/virtualbox/recipes/default.rb
View
@@ -0,0 +1,13 @@
+include_recipe 'apt'
+
+apt_repository "oracle-virtualbox" do
+ uri "http://download.virtualbox.org/virtualbox/debian"
+ distribution node['lsb']['codename']
+ components %w{contrib}
+ action :add
+ key 'http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc'
+end
+
+package "virtualbox-4.1" do
+ action :install
+end
Please sign in to comment.
Something went wrong with that request. Please try again.