metadata.json

{
  "name": "encryptfs",
  "description": "LWRP to manage encrypted one-boot-use filesystems for sensitive information on untrusted hardware or cloud appliances.",
  "long_description": "Description\n===========\nThis cookbook contains an LWRP to manage one-time-use encrypted filesystem\nusing the cryptsetup package in Debian and Ubuntu.  On each boot, a\nfilesystem-in-a-file will be created, mounted as a loop device, encrypted\nvia cryptsetup with a randomly-generated key that isn't stored anywhere,\nand mounted for use.  It isn't necessary to reboot for the filesystem\nresources to become available, but they will be created anew each time a\nmachine reboots.\n\nThe intended purpose of this cookbook is for deploying servers which will\nhandle sensitive information on untrusted systems or cloud deployments, so\nthat the filesystems themselves will not be readable outside the running\ninstance. Information stored in the encrypted filesystem will be irretrievable\nafter reboot.\n\nRequirements\n============\n\n## Platform\n\nTested on:\n* Debian 6.0\n* Ubuntu 12.04\n\nThis cookbook will only work on Debian or Ubuntu systems if the `cryptsetup`\npackage is available.  The `cryptsetup` package will be installed if it's not\nalready present.\n\nAttributes\n==========\n* `node['encryptfs'['uninstall_cryptsetup_iflast']` - Sets the cookbook to\n  remove the `cryptsetup` packages after the last filesystem is removed from\n  `/etc/crypttab`.  Default is `false`, to leave the packages installed. Only\n  the `cryptsetup` and `cryptsetup-bin` packages will be uninstalled if this is\n  `true`.\n* `node['encryptfs']['cryptdisks_path']` `node['encryptfs']['cryptdisks_stop']`\n  `node['encryptfs']['cryptdisks_start']` - All used to set paths for the\n  scripts that are part of the cryptsetup package.  They are in a different\n  place in Ubuntu.\n\nRecipes\n=======\n## default\nThe default recipe won't do anything.\n\n## example\nThis represents an example of creating a few small encrypted filesystems. You\nreally should be using this cookbook only as an LWRP.\n\nResource/Provider\n=================\nThis cookbook includes an LWRP, `encryptfs`, for managing one-time-use\nencrypted filesystems.\n\n    encryptfs \"data\" do\n      size 100\n      filepath \"/cryptfs\"\n      mountpath \"/usr/local/cryptdata\"\n      action :create\n    end\n\nThe `size` is specified in megabytes.  The `filepath` is where the file of\nthat size is to be created in your existing filesystems.  That file will\nbecome a loop device containing the encrypted block data.  The `mountpath` will\nbe where the encrypted filesystem is to be mounted.  The LWRP supports both\n`:create` and `:delete` actions.\n\nUsage\n=====\nPut the following in your cookbook's metadata.rb file to include this LWRP:\n\n    depends \"encryptfs\"\n\nThe following added to your recipes will create an encrypted filesystem:\n\n    encryptfs \"data\" do\n      size 100\n      filepath \"/cryptfs\"\n      mountpath \"/usr/local/cryptdata\"\n      fstype \"ext4\"\n      action :create\n    end\n\nThe following added to your recipe will delete an encrypted filesystem:\n\n    encryptfs \"data\" do\n      action :delete\n    end\n\nLicense and Authors\n-------------------\nAuthor: Neil Schelly (@neilschelly)\n\nCopyright 2013, Dyn, Inc (@DynInc)\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n    http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,  \nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n",
  "maintainer": "Dyn, Inc",
  "maintainer_email": "nschelly@dyn.com",
  "license": "Apache v2.0",
  "platforms": {
    "ubuntu": ">= 8.04",
    "debian": ">= 6.0"
  },
  "dependencies": {
  },
  "recommendations": {
  },
  "suggestions": {
  },
  "conflicting": {
  },
  "providing": {
  },
  "replacing": {
  },
  "attributes": {
  },
  "groupings": {
  },
  "recipes": {
  },
  "version": "1.0.1"
}