Utility providers and recipes for use in chef cookbooks.
NOTE: Make sure to rename this to utils if you clone it or incorporate
it as a git submodule in your cookbooks.
Ensures ACL is enabled on the filesystem where the passed in directory resides.
Example:
utils_acl "/"
Ensures a user exists with the attributes passed in. Also ensures a group
exists with the given username. Uses templates to add ~/.bashrc,
~/.bash_profile, ~/.aliases, ~/.ssh/config. If key is defined, adds
~/.ssh/id_rsa. If pubkey is defined, adds ~/.ssh/id_rsa.pub and
~/.ssh/authorized_keys. If email is defined, adds ~/.gitconfig and
~/.hgrc. See templates/ to customize these default files.
Example:
utils_ensure_user "bob" do
email "[email protected]"
password "unsecure-but-works"
end
Attributes:
username(string) - defined in provider call ("www-data" above)shell(string, default="/bin/bash")full_name(string, default=username)home(string, optional) - if ommitted, determined automaticallyuid(Integer, optional)system(default=false)disabled(default=false) - if true, shell is set to /sbin/nologinkey(string, optional) - private SSH keypubkey(string, optional) - public SSH keyemail(string, optional) - for .gitconfig and .hgrcssh_agent(default=false) - enables ssh_agent on loginpassword(string, optional) - can be plain-text or shadowuserinfo(hash, optional) - an optional way to pass in all of the above.update_if_exists(default=true) - update the user if they already exist.
Ensures a group exists with the attributes passed in. The members must already exist on the system.
Example:
utils_ensure_group "www-pub" do
members ["bob", "jane"]
end
Attributes:
groupname(string) - defined in provider call ("www-pub" above)gid(integer, optional) - group idmembers(array of strings, optional) - members to include in the group.groupinfo(hash, optional) - an optional way to pass in the above
Disable cert checking for all users for mercurial. Note that there's no system-wide way to disable git cert checking, because it's done per-user.
Enable ACL on the root filesystem. This uses the utils_acl provider, which may have some issues depending on the platform.
Debian/Ubuntu only currently. Uses Google DNS servers first.
Debian/Ubuntu only. By default, GRUB under Debian and Ubuntu can get stuck on reboot because of a -1 timeout setting. This makes the default 2 seconds.
Copy the proper cert configurations for mercurial. Not really tested.
Create a /etc/hosts file based on pairs of IP address and hostname line
defined in node[:all_servers].
Set proper shmmax and shmall values in /etc/sysctl.conf by setting
node[:sysctl][:shmmax_mb]. These will be applied on the host immediately.
Set default /etc/profile, bashrc, and aliases based on platform. Edit the
templates in templates/ to change defaults.
This recipe also takes care of creating/updating users defined in
node[:users] and node[:additional_users], and groups defined in
node[:groups]. See utils_ensure_user and utils_ensure_group for how they
work.
Author:: David Marble ([email protected])
Copyright:: 2012, David Marble
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.