adds the SSL server key pair's deployment feature for a Chef Server.

author whitestar <whitestar@gaea.test>

Sat, 25 Feb 2017 13:01:46 +0000 (22:01 +0900)

committer whitestar <whitestar@gaea.test>

Sat, 25 Feb 2017 13:01:46 +0000 (22:01 +0900)
author whitestar <whitestar@gaea.test>
Sat, 25 Feb 2017 13:01:46 +0000 (22:01 +0900)
committer whitestar <whitestar@gaea.test>
Sat, 25 Feb 2017 13:01:46 +0000 (22:01 +0900)
diff --git a/cookbooks/chef_utils/.foodcritic b/cookbooks/chef_utils/.foodcritic

index 759738b..f526c39 100644 (file)
--- a/cookbooks/chef_utils/.foodcritic
+++ b/cookbooks/chef_utils/.foodcritic
@@ -1,3 +1,4 @@
  ~FC001
  ~FC014
+~FC019
  ~FC024
diff --git a/cookbooks/chef_utils/.rubocop.yml b/cookbooks/chef_utils/.rubocop.yml

index fd5239e..0314b29 100644 (file)
--- a/cookbooks/chef_utils/.rubocop.yml
+++ b/cookbooks/chef_utils/.rubocop.yml
@@ -1,6 +1,7 @@
  AllCops:
    Exclude:
      - vendor/**/*
+    - templates/default/etc/opscode/chef-server.rb
  
  AlignParameters:
    Enabled: false
diff --git a/cookbooks/chef_utils/CHANGELOG.md b/cookbooks/chef_utils/CHANGELOG.md

index a917d69..54ecb24 100644 (file)
--- a/cookbooks/chef_utils/CHANGELOG.md
+++ b/cookbooks/chef_utils/CHANGELOG.md
@@ -1,6 +1,10 @@
  CHANGELOG for chef_utils
  =========================
  
+0.8.1
+-----
+- adds the SSL server key pair's deployment feature for a Chef Server.
+
  0.8.0
  -----
  - adds the `chef_utils::chef-client` recipe.
diff --git a/cookbooks/chef_utils/README.md b/cookbooks/chef_utils/README.md

index d497faa..50fbcfb 100644 (file)
--- a/cookbooks/chef_utils/README.md
+++ b/cookbooks/chef_utils/README.md
@@ -17,6 +17,7 @@ This cookbook contains setup recipes for Chef utilities and Knife plugins.
  ### packages
  
  - `build-essential` - to build native libraries for berkshelf.
+- `ssl_cert`
  
  ## Attributes
  
@@ -46,7 +47,11 @@ This cookbook contains setup recipes for Chef utilities and Knife plugins.
  |`['chef_utils']['knife-supermarket']['version']`|String|installation version.|`nil`|
  |`['chef_utils']['knife-zero']['version']`|String|installation version.|`nil`|
  |`['chef_utils']['spiceweasel']['version']`|String|installation version.|`nil`|
-|`['chef_utils']['chef-server']['configuration']`|String|Chef server conf. file's content.|see attributes/default.rb|
+|`['chef_utils']['chef-server']['with_ssl_cert_cookbook']`|Boolean||`false`|
+|`['chef_utils']['chef-server']['ssl_cert']['common_name']`|String||`node['fqdn']`|
+|`['chef_utils']['chef-server']['config']`|Hash|Content in the `chef-server.rb`.|See `attributes/default.rb`.|
+|`['chef_utils']['chef-server']['extra_config_str']`|String|Extra configuration string in the `chef-server.rb`.|`nil`|
+|`['chef_utils']['chef-server']['configuration']`|String|DEPRECATED: instead use the `['chef_utils']['chef-server']['config']` and `['chef_utils']['chef-server']['extra_config_str']` attributes.|`nil`|
  
  ## Usage
  
diff --git a/cookbooks/chef_utils/attributes/default.rb b/cookbooks/chef_utils/attributes/default.rb

index f0f851a..ac8d2d6 100644 (file)
--- a/cookbooks/chef_utils/attributes/default.rb
+++ b/cookbooks/chef_utils/attributes/default.rb
@@ -59,10 +59,16 @@ default['chef_utils']['knife-supermarket']['version'] = nil
  default['chef_utils']['knife-zero']['version'] = nil
  default['chef_utils']['spiceweasel']['version'] = nil
  
+default['chef_utils']['chef-server']['with_ssl_cert_cookbook'] = false
+default['chef_utils']['chef-server']['ssl_cert']['common_name'] = node['fqdn']
  # /etc/opscode/chef-server.rb
-default['chef_utils']['chef-server']['configuration'] = <<-EOS
-
-#default_orgname "default"
-addons['install'] = false
-
-EOS
+default['chef_utils']['chef-server']['config'] = {
+  #'default_orgname' => 'default',
+  'addons' => {
+    'install' => false,
+  },
+}
+default['chef_utils']['chef-server']['extra_config_str'] = nil
+# DEPRECATED: instead use the `['chef_utils']['chef-server']['config']`
+# and `['chef_utils']['chef-server']['extra_config_str']` attributes.
+default['chef_utils']['chef-server']['configuration'] = nil
diff --git a/cookbooks/chef_utils/metadata.rb b/cookbooks/chef_utils/metadata.rb

index 2fc1323..593b47b 100644 (file)
--- a/cookbooks/chef_utils/metadata.rb
+++ b/cookbooks/chef_utils/metadata.rb
@@ -5,11 +5,9 @@ maintainer_email ''
  license          'Apache 2.0'
  description      'Installs/Configures chef_utils'
  long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version          '0.8.0'
+version          '0.8.1'
  source_url       'http://scm.osdn.jp/gitroot/metasearch/grid-chef-repo.git'
  issues_url       'https://osdn.jp/projects/metasearch/ticket'
  
-# local cookbooks
-
-# external cookbooks
  depends 'build-essential'
+depends 'ssl_cert'
diff --git a/cookbooks/chef_utils/recipes/chef-server-configuration.rb b/cookbooks/chef_utils/recipes/chef-server-configuration.rb

index 77d29da..31600f5 100644 (file)
--- a/cookbooks/chef_utils/recipes/chef-server-configuration.rb
+++ b/cookbooks/chef_utils/recipes/chef-server-configuration.rb
@@ -2,7 +2,7 @@
  # Cookbook Name:: chef_utils
  # Recipe:: chef-server-configuration
  #
-# Copyright 2015, whitestar
+# Copyright 2015-2017, whitestar
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
@@ -17,9 +17,18 @@
  # limitations under the License.
  #
  
-file '/etc/opscode/chef-server.rb' do
-  content node['chef_utils']['chef-server']['configuration']
+force_override_config = node.force_override['chef_utils']['chef-server']['config']
+
+if node['chef_utils']['chef-server']['with_ssl_cert_cookbook']
+  ::Chef::Recipe.send(:include, SSLCert::Helper)
+  cn = node['chef_utils']['chef-server']['ssl_cert']['common_name']
+  force_override_config['nginx']['ssl_certificate'] = server_cert_path(cn)
+  force_override_config['nginx']['ssl_certificate_key'] = server_key_path(cn)
+end
+
+template '/etc/opscode/chef-server.rb' do
+  source  'etc/opscode/chef-server.rb'
    owner 'root'
    group 'root'
-  mode 0644
+  mode '0640'
  end
diff --git a/cookbooks/chef_utils/templates/default/etc/opscode/chef-server.rb b/cookbooks/chef_utils/templates/default/etc/opscode/chef-server.rb

new file mode 100644 (file)

index 0000000..2adbf26
--- /dev/null
+++ b/cookbooks/chef_utils/templates/default/etc/opscode/chef-server.rb
@@ -0,0 +1,35 @@
+# These settings are generated by the chef_utils Chef cookbook.\r
+# Do NOT edit it manually.\r
+<%\r
+config = node['chef_utils']['chef-server']['config']\r
+\r
+config.each {|key0, val0|\r
+  if val0.is_a?(Hash)\r
+    val0.each {|key1, val1|\r
+-%>\r
+<%= key0 %>['<%= key1 %>'] = <%= val1.inspect %>\r
+<%\r
+    }\r
+  else\r
+-%>\r
+<%= key0 %> <%= val0.inspect %>\r
+<%\r
+  end\r
+}\r
+-%>\r
+<%\r
+extra_config_str = node['chef_utils']['chef-server']['extra_config_str']\r
+if !extra_config_str.nil? && !extra_config_str.empty?\r
+-%>\r
+<%= extra_config_str %>\r
+<%\r
+end\r
+-%>\r
+<%\r
+config_str = node['chef_utils']['chef-server']['configuration']\r
+if !config_str.nil? && !config_str.empty?\r
+-%>\r
+<%= config_str %>\r
+<%\r
+end\r
+-%>\r
author	whitestar <whitestar@gaea.test>
	Sat, 25 Feb 2017 13:01:46 +0000 (22:01 +0900)
committer	whitestar <whitestar@gaea.test>
	Sat, 25 Feb 2017 13:01:46 +0000 (22:01 +0900)
cookbooks/chef_utils/.foodcritic		patch \| blob \| history
cookbooks/chef_utils/.rubocop.yml		patch \| blob \| history
cookbooks/chef_utils/CHANGELOG.md		patch \| blob \| history
cookbooks/chef_utils/README.md		patch \| blob \| history
cookbooks/chef_utils/attributes/default.rb		patch \| blob \| history
cookbooks/chef_utils/metadata.rb		patch \| blob \| history
cookbooks/chef_utils/recipes/chef-server-configuration.rb		patch \| blob \| history
cookbooks/chef_utils/templates/default/etc/opscode/chef-server.rb	[new file with mode: 0644]	patch \| blob