bebox 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +78 -0
- data/Gemfile +3 -0
- data/Gemfile.lock +163 -0
- data/LICENSE +21 -0
- data/README.md +372 -0
- data/Rakefile +8 -0
- data/bebox.gemspec +40 -0
- data/bin/bebox +5 -0
- data/lib/bebox/cli.rb +42 -0
- data/lib/bebox/commands/commands_helper.rb +33 -0
- data/lib/bebox/commands/environment_commands.rb +46 -0
- data/lib/bebox/commands/general_commands.rb +24 -0
- data/lib/bebox/commands/node_commands.rb +68 -0
- data/lib/bebox/commands/prepare_commands.rb +59 -0
- data/lib/bebox/commands/project_commands.rb +44 -0
- data/lib/bebox/commands/provision_commands.rb +145 -0
- data/lib/bebox/environment.rb +114 -0
- data/lib/bebox/logger.rb +51 -0
- data/lib/bebox/node.rb +308 -0
- data/lib/bebox/profile.rb +102 -0
- data/lib/bebox/project.rb +259 -0
- data/lib/bebox/provision.rb +257 -0
- data/lib/bebox/role.rb +103 -0
- data/lib/bebox/version.rb +3 -0
- data/lib/bebox/wizards/environment_wizard.rb +45 -0
- data/lib/bebox/wizards/node_wizard.rb +163 -0
- data/lib/bebox/wizards/profile_wizard.rb +91 -0
- data/lib/bebox/wizards/project_wizard.rb +175 -0
- data/lib/bebox/wizards/provision_wizard.rb +80 -0
- data/lib/bebox/wizards/role_wizard.rb +97 -0
- data/lib/bebox.rb +2 -0
- data/lib/deb/puppet_3.6.0/augeas-lenses_0.10.0-0ubuntu4_all.deb +0 -0
- data/lib/deb/puppet_3.6.0/debconf-utils_1.5.42ubuntu1_all.deb +0 -0
- data/lib/deb/puppet_3.6.0/facter_2.0.1-1puppetlabs1_amd64.deb +0 -0
- data/lib/deb/puppet_3.6.0/hiera_1.3.2-1puppetlabs1_all.deb +0 -0
- data/lib/deb/puppet_3.6.0/libaugeas-ruby1.8_0.3.0-1.1ubuntu4_amd64.deb +0 -0
- data/lib/deb/puppet_3.6.0/libaugeas-ruby_0.3.0-1.1ubuntu4_all.deb +0 -0
- data/lib/deb/puppet_3.6.0/libaugeas0_0.10.0-0ubuntu4_amd64.deb +0 -0
- data/lib/deb/puppet_3.6.0/libjson-ruby_1.6.3-1_all.deb +0 -0
- data/lib/deb/puppet_3.6.0/libruby1.8_1.8.7.352-2ubuntu1.4_amd64.deb +0 -0
- data/lib/deb/puppet_3.6.0/libruby_4.8_all.deb +0 -0
- data/lib/deb/puppet_3.6.0/libshadow-ruby1.8_1.4.1-8build1_amd64.deb +0 -0
- data/lib/deb/puppet_3.6.0/puppet-common_3.6.0-1puppetlabs1_all.deb +0 -0
- data/lib/deb/puppet_3.6.0/puppet_3.6.0-1puppetlabs1_all.deb +0 -0
- data/lib/deb/puppet_3.6.0/ruby-json_1.6.3-1_amd64.deb +0 -0
- data/lib/deb/puppet_3.6.0/ruby-rgen_0.6.5-1puppetlabs1_all.deb +0 -0
- data/lib/deb/puppet_3.6.0/ruby1.8_1.8.7.352-2ubuntu1.4_amd64.deb +0 -0
- data/lib/deb/puppet_3.6.0/ruby_4.8_all.deb +0 -0
- data/lib/deb/puppet_3.6.0/virt-what_1.11-1_amd64.deb +0 -0
- data/lib/templates/node/Vagrantfile.erb +18 -0
- data/lib/templates/node/deploy_vagrant_node.erb +3 -0
- data/lib/templates/node/node.yml.erb +3 -0
- data/lib/templates/node/prepared_node.yml.erb +4 -0
- data/lib/templates/node/provisioned_node.yml.erb +4 -0
- data/lib/templates/project/Capfile.erb +2 -0
- data/lib/templates/project/Gemfile.erb +5 -0
- data/lib/templates/project/config/deploy/environment.erb +40 -0
- data/lib/templates/project/config/deploy/vagrant.erb +42 -0
- data/lib/templates/project/config/deploy.erb +120 -0
- data/lib/templates/project/dot_bebox.erb +4 -0
- data/lib/templates/project/gitignore.erb +7 -0
- data/lib/templates/project/ubuntu_dependencies +10 -0
- data/lib/templates/puppet/default_profiles/base/fundamental/ruby/Puppetfile +0 -0
- data/lib/templates/puppet/default_profiles/base/fundamental/ruby/manifests/init.pp +24 -0
- data/lib/templates/puppet/default_profiles/base/fundamental/sudo/Puppetfile +0 -0
- data/lib/templates/puppet/default_profiles/base/fundamental/sudo/manifests/init.pp +22 -0
- data/lib/templates/puppet/default_profiles/base/fundamental/users/Puppetfile +0 -0
- data/lib/templates/puppet/default_profiles/base/fundamental/users/manifests/init.pp +18 -0
- data/lib/templates/puppet/default_profiles/base/security/fail2ban/Puppetfile +2 -0
- data/lib/templates/puppet/default_profiles/base/security/fail2ban/manifests/init.pp +28 -0
- data/lib/templates/puppet/default_profiles/base/security/iptables/Puppetfile +2 -0
- data/lib/templates/puppet/default_profiles/base/security/iptables/manifests/init.pp +27 -0
- data/lib/templates/puppet/default_profiles/base/security/ssh/Puppetfile +2 -0
- data/lib/templates/puppet/default_profiles/base/security/ssh/manifests/init.pp +30 -0
- data/lib/templates/puppet/default_profiles/base/security/sysctl/Puppetfile +2 -0
- data/lib/templates/puppet/default_profiles/base/security/sysctl/manifests/init.pp +20 -0
- data/lib/templates/puppet/default_profiles/base/users/ssh/Puppetfile +2 -0
- data/lib/templates/puppet/default_profiles/base/users/ssh/manifests/init.pp +47 -0
- data/lib/templates/puppet/default_profiles/base/users/users/Puppetfile +0 -0
- data/lib/templates/puppet/default_profiles/base/users/users/manifests/init.pp +18 -0
- data/lib/templates/puppet/default_roles/fundamental/manifests/init.pp +16 -0
- data/lib/templates/puppet/default_roles/security/manifests/init.pp +17 -0
- data/lib/templates/puppet/default_roles/users/manifests/init.pp +15 -0
- data/lib/templates/puppet/profiles/Puppetfile.erb +24 -0
- data/lib/templates/puppet/profiles/manifests/init.pp.erb +17 -0
- data/lib/templates/puppet/roles/manifests/init.pp.erb +14 -0
- data/lib/templates/puppet/step-0/Puppetfile.erb +5 -0
- data/lib/templates/puppet/step-0/hiera/data/common.yaml.erb +26 -0
- data/lib/templates/puppet/step-0/hiera/data/environment.yaml.erb +26 -0
- data/lib/templates/puppet/step-0/hiera/data/node.yaml.erb +26 -0
- data/lib/templates/puppet/step-0/hiera/hiera.yaml.erb +11 -0
- data/lib/templates/puppet/step-0/manifests/node.erb +5 -0
- data/lib/templates/puppet/step-0/manifests/site.pp.erb +15 -0
- data/lib/templates/puppet/step-0/modules/rbenv/AUTHORS +11 -0
- data/lib/templates/puppet/step-0/modules/rbenv/CHANGELOG.md +70 -0
- data/lib/templates/puppet/step-0/modules/rbenv/Gemfile +8 -0
- data/lib/templates/puppet/step-0/modules/rbenv/Gemfile.lock +28 -0
- data/lib/templates/puppet/step-0/modules/rbenv/Modulefile +7 -0
- data/lib/templates/puppet/step-0/modules/rbenv/README.md +173 -0
- data/lib/templates/puppet/step-0/modules/rbenv/Rakefile +22 -0
- data/lib/templates/puppet/step-0/modules/rbenv/TODO +10 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/autospec +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/facter +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/filebucket +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/hiera +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/htmldiff +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/ldiff +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/pi +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/puppet +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/puppet-lint +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/puppet-module +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/puppetca +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/puppetd +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/puppetdoc +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/puppetmasterd +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/puppetqd +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/puppetrun +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/rake +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/ralsh +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/rspec +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/bin/rspec-puppet-init +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/lib/puppet/provider/rbenvgem/default.rb +50 -0
- data/lib/templates/puppet/step-0/modules/rbenv/lib/puppet/type/rbenvgem.rb +62 -0
- data/lib/templates/puppet/step-0/modules/rbenv/manifests/bundle.pp +36 -0
- data/lib/templates/puppet/step-0/modules/rbenv/manifests/client.pp +48 -0
- data/lib/templates/puppet/step-0/modules/rbenv/manifests/compile.pp +102 -0
- data/lib/templates/puppet/step-0/modules/rbenv/manifests/definition.pp +31 -0
- data/lib/templates/puppet/step-0/modules/rbenv/manifests/dependencies/centos.pp +25 -0
- data/lib/templates/puppet/step-0/modules/rbenv/manifests/dependencies/suse.pp +28 -0
- data/lib/templates/puppet/step-0/modules/rbenv/manifests/dependencies/ubuntu.pp +17 -0
- data/lib/templates/puppet/step-0/modules/rbenv/manifests/dependencies.pp +8 -0
- data/lib/templates/puppet/step-0/modules/rbenv/manifests/gem.pp +29 -0
- data/lib/templates/puppet/step-0/modules/rbenv/manifests/install.pp +55 -0
- data/lib/templates/puppet/step-0/modules/rbenv/manifests/plugin/rbenvvars.pp +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/manifests/plugin/rubybuild.pp +16 -0
- data/lib/templates/puppet/step-0/modules/rbenv/manifests/plugin.pp +40 -0
- data/lib/templates/puppet/step-0/modules/rbenv/metadata.json +109 -0
- data/lib/templates/puppet/step-0/modules/rbenv/templates/Gemfile.erb +5 -0
- data/lib/templates/puppet/step-0/modules/rbenv/templates/dot.rbenvrc.erb +8 -0
- data/lib/templates/puppet/step-0/modules/stdlib/CHANGELOG.md +418 -0
- data/lib/templates/puppet/step-0/modules/stdlib/CONTRIBUTING.md +65 -0
- data/lib/templates/puppet/step-0/modules/stdlib/Gemfile +33 -0
- data/lib/templates/puppet/step-0/modules/stdlib/Gemfile.lock +166 -0
- data/lib/templates/puppet/step-0/modules/stdlib/LICENSE +19 -0
- data/lib/templates/puppet/step-0/modules/stdlib/Modulefile +11 -0
- data/lib/templates/puppet/step-0/modules/stdlib/README.markdown +1304 -0
- data/lib/templates/puppet/step-0/modules/stdlib/README_DEVELOPER.markdown +35 -0
- data/lib/templates/puppet/step-0/modules/stdlib/README_SPECS.markdown +7 -0
- data/lib/templates/puppet/step-0/modules/stdlib/RELEASE_PROCESS.markdown +24 -0
- data/lib/templates/puppet/step-0/modules/stdlib/Rakefile +18 -0
- data/lib/templates/puppet/step-0/modules/stdlib/checksums.json +349 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/facter/facter_dot_d.rb +202 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/facter/pe_version.rb +53 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/facter/puppet_vardir.rb +26 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/facter/root_home.rb +32 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/facter/util/puppet_settings.rb +21 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/abs.rb +36 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/any2array.rb +33 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/base64.rb +37 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/bool2num.rb +49 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/capitalize.rb +34 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/chomp.rb +35 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/chop.rb +37 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/concat.rb +41 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/count.rb +22 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/deep_merge.rb +44 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/defined_with_params.rb +35 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/delete.rb +46 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/delete_at.rb +49 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/delete_undef_values.rb +34 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/delete_values.rb +26 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/difference.rb +36 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/dirname.rb +15 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/downcase.rb +33 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/empty.rb +28 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/ensure_packages.rb +35 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/ensure_resource.rb +45 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/flatten.rb +33 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/floor.rb +25 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/fqdn_rotate.rb +46 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/get_module_path.rb +17 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/getparam.rb +35 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/getvar.rb +26 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/grep.rb +33 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/has_interface_with.rb +52 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/has_ip_address.rb +25 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/has_ip_network.rb +25 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/has_key.rb +28 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/hash.rb +41 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/intersection.rb +34 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/is_array.rb +22 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/is_bool.rb +22 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/is_domain_name.rb +50 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/is_float.rb +30 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/is_function_available.rb +26 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/is_hash.rb +22 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/is_integer.rb +45 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/is_ip_address.rb +32 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/is_mac_address.rb +27 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/is_numeric.rb +75 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/is_string.rb +26 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/join.rb +41 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/join_keys_to_values.rb +47 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/keys.rb +26 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/loadyaml.rb +20 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/lstrip.rb +33 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/max.rb +21 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/member.rb +44 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/merge.rb +34 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/min.rb +21 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/num2bool.rb +43 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/parsejson.rb +24 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/parseyaml.rb +24 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/pick.rb +29 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/pick_default.rb +35 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/prefix.rb +45 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/range.rb +88 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/reject.rb +31 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/reverse.rb +28 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/rstrip.rb +32 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/shuffle.rb +46 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/size.rb +48 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/sort.rb +27 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/squeeze.rb +36 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/str2bool.rb +46 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/str2saltedsha512.rb +32 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/strftime.rb +107 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/strip.rb +39 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/suffix.rb +45 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/swapcase.rb +39 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/time.rb +49 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/to_bytes.rb +28 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/type.rb +50 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/union.rb +34 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/unique.rb +51 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/upcase.rb +41 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/uriescape.rb +35 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/validate_absolute_path.rb +56 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/validate_array.rb +33 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/validate_augeas.rb +81 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/validate_bool.rb +34 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/validate_cmd.rb +48 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/validate_hash.rb +33 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/validate_ipv4_address.rb +48 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/validate_ipv6_address.rb +49 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/validate_re.rb +40 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/validate_slength.rb +71 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/validate_string.rb +33 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/values.rb +39 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/values_at.rb +98 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/parser/functions/zip.rb +65 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/provider/file_line/ruby.rb +83 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/type/anchor.rb +46 -0
- data/lib/templates/puppet/step-0/modules/stdlib/lib/puppet/type/file_line.rb +79 -0
- data/lib/templates/puppet/step-0/modules/stdlib/manifests/init.pp +20 -0
- data/lib/templates/puppet/step-0/modules/stdlib/manifests/stages.pp +43 -0
- data/lib/templates/puppet/step-0/modules/stdlib/metadata.json +111 -0
- data/lib/templates/puppet/step-0/modules/sudo/.fixtures.yml +5 -0
- data/lib/templates/puppet/step-0/modules/sudo/.gemfile +14 -0
- data/lib/templates/puppet/step-0/modules/sudo/.gemfile.lock +43 -0
- data/lib/templates/puppet/step-0/modules/sudo/.travis.yml +34 -0
- data/lib/templates/puppet/step-0/modules/sudo/LICENSE +13 -0
- data/lib/templates/puppet/step-0/modules/sudo/Modulefile +9 -0
- data/lib/templates/puppet/step-0/modules/sudo/README.md +171 -0
- data/lib/templates/puppet/step-0/modules/sudo/Rakefile +1 -0
- data/lib/templates/puppet/step-0/modules/sudo/files/sudoers.aix +90 -0
- data/lib/templates/puppet/step-0/modules/sudo/files/sudoers.archlinux +90 -0
- data/lib/templates/puppet/step-0/modules/sudo/files/sudoers.deb +90 -0
- data/lib/templates/puppet/step-0/modules/sudo/files/sudoers.freebsd +98 -0
- data/lib/templates/puppet/step-0/modules/sudo/files/sudoers.omnios +90 -0
- data/lib/templates/puppet/step-0/modules/sudo/files/sudoers.rhel5 +97 -0
- data/lib/templates/puppet/step-0/modules/sudo/files/sudoers.rhel6 +115 -0
- data/lib/templates/puppet/step-0/modules/sudo/files/sudoers.solaris +90 -0
- data/lib/templates/puppet/step-0/modules/sudo/files/sudoers.suse +81 -0
- data/lib/templates/puppet/step-0/modules/sudo/files/sudoers.ubuntu +30 -0
- data/lib/templates/puppet/step-0/modules/sudo/files/sudoers.wheezy +17 -0
- data/lib/templates/puppet/step-0/modules/sudo/lib/augeas/lenses/fixedsudoers.aug +520 -0
- data/lib/templates/puppet/step-0/modules/sudo/manifests/allow.pp +76 -0
- data/lib/templates/puppet/step-0/modules/sudo/manifests/conf.pp +105 -0
- data/lib/templates/puppet/step-0/modules/sudo/manifests/configs.pp +24 -0
- data/lib/templates/puppet/step-0/modules/sudo/manifests/init.pp +151 -0
- data/lib/templates/puppet/step-0/modules/sudo/manifests/package/aix.pp +46 -0
- data/lib/templates/puppet/step-0/modules/sudo/manifests/package/solaris.pp +60 -0
- data/lib/templates/puppet/step-0/modules/sudo/manifests/package.pp +61 -0
- data/lib/templates/puppet/step-0/modules/sudo/manifests/params.pp +127 -0
- data/lib/templates/puppet/step-0/modules/sudo/metadata.json +59 -0
- data/lib/templates/puppet/step-0/modules/sudo/templates/users_groups.erb +9 -0
- data/lib/templates/puppet/step-0/modules/users/manifests/init.pp +15 -0
- data/lib/templates/puppet/step-0/modules/users/manifests/user.pp +50 -0
- data/lib/templates/puppet/step-1/Puppetfile.erb +5 -0
- data/lib/templates/puppet/step-1/hiera/data/common.yaml.erb +11 -0
- data/lib/templates/puppet/step-1/hiera/data/environment.yaml.erb +11 -0
- data/lib/templates/puppet/step-1/hiera/data/node.yaml.erb +11 -0
- data/lib/templates/puppet/step-1/hiera/hiera.yaml.erb +11 -0
- data/lib/templates/puppet/step-1/manifests/node.erb +5 -0
- data/lib/templates/puppet/step-1/manifests/site.pp.erb +15 -0
- data/lib/templates/puppet/step-1/modules/users/manifests/init.pp +15 -0
- data/lib/templates/puppet/step-1/modules/users/manifests/user.pp +49 -0
- data/lib/templates/puppet/step-2/Puppetfile.erb +5 -0
- data/lib/templates/puppet/step-2/hiera/data/common.yaml.erb +1 -0
- data/lib/templates/puppet/step-2/hiera/data/environment.yaml.erb +1 -0
- data/lib/templates/puppet/step-2/hiera/data/node.yaml.erb +1 -0
- data/lib/templates/puppet/step-2/hiera/hiera.yaml.erb +11 -0
- data/lib/templates/puppet/step-2/manifests/node.erb +3 -0
- data/lib/templates/puppet/step-2/manifests/site.pp.erb +10 -0
- data/lib/templates/puppet/step-3/Puppetfile.erb +5 -0
- data/lib/templates/puppet/step-3/hiera/data/common.yaml.erb +99 -0
- data/lib/templates/puppet/step-3/hiera/data/environment.yaml.erb +99 -0
- data/lib/templates/puppet/step-3/hiera/data/node.yaml.erb +99 -0
- data/lib/templates/puppet/step-3/hiera/hiera.yaml.erb +11 -0
- data/lib/templates/puppet/step-3/manifests/node.erb +5 -0
- data/lib/templates/puppet/step-3/manifests/site.pp.erb +15 -0
- data/spec/environment_spec.rb +82 -0
- data/spec/factories/environment.rb +20 -0
- data/spec/factories/node.rb +22 -0
- data/spec/factories/profile.rb +10 -0
- data/spec/factories/project.rb +17 -0
- data/spec/factories/provision.rb +13 -0
- data/spec/factories/role.rb +9 -0
- data/spec/fixtures/Capfile.test +2 -0
- data/spec/fixtures/Gemfile.test +5 -0
- data/spec/fixtures/config/deploy/environment.test +35 -0
- data/spec/fixtures/config/deploy/production.test +35 -0
- data/spec/fixtures/config/deploy/staging.test +35 -0
- data/spec/fixtures/config/deploy/vagrant.test +37 -0
- data/spec/fixtures/config/deploy.test +120 -0
- data/spec/fixtures/dot_bebox.test.erb +4 -0
- data/spec/fixtures/dot_gitignore.test +8 -0
- data/spec/fixtures/node/Vagrantfile.test.erb +18 -0
- data/spec/fixtures/node/node_0.test.erb +3 -0
- data/spec/fixtures/node/prepared_node_0.test.erb +4 -0
- data/spec/fixtures/node/provisioned_node_0.test.erb +4 -0
- data/spec/fixtures/node/vagrant_deploy.test +38 -0
- data/spec/fixtures/puppet/hiera/data/node0.server1.test.yaml.test +4 -0
- data/spec/fixtures/puppet/profiles/test/profile_0/Puppetfile.test +24 -0
- data/spec/fixtures/puppet/profiles/test/profile_0/Puppetfile_with_modules.test +20 -0
- data/spec/fixtures/puppet/profiles/test/profile_0/manifests/init.pp.test +17 -0
- data/spec/fixtures/puppet/profiles/test/profile_0/manifests/init_with_content.pp.test +22 -0
- data/spec/fixtures/puppet/roles/manifests/init.pp.test +14 -0
- data/spec/fixtures/puppet/steps/step-0/hiera/data/common.yaml.test +26 -0
- data/spec/fixtures/puppet/steps/step-0/hiera/data/node0.server1.test.yaml.test +0 -0
- data/spec/fixtures/puppet/steps/step-0/hiera/data/pname_env.yaml.test +26 -0
- data/spec/fixtures/puppet/steps/step-0/hiera/data/production.yaml.test +0 -0
- data/spec/fixtures/puppet/steps/step-0/hiera/data/staging.yaml.test +0 -0
- data/spec/fixtures/puppet/steps/step-0/hiera/data/vagrant.yaml.test +0 -0
- data/spec/fixtures/puppet/steps/step-0/hiera/hiera.yaml.test +11 -0
- data/spec/fixtures/puppet/steps/step-0/manifests/site.pp.test +10 -0
- data/spec/fixtures/puppet/steps/step-0/manifests/site_with_node.pp.test +15 -0
- data/spec/fixtures/puppet/steps/step-1/hiera/data/common.yaml.test +11 -0
- data/spec/fixtures/puppet/steps/step-1/hiera/data/node0.server1.test.yaml.test +0 -0
- data/spec/fixtures/puppet/steps/step-1/hiera/data/pname_env.yaml.test +11 -0
- data/spec/fixtures/puppet/steps/step-1/hiera/data/production.yaml.test +0 -0
- data/spec/fixtures/puppet/steps/step-1/hiera/data/staging.yaml.test +0 -0
- data/spec/fixtures/puppet/steps/step-1/hiera/data/vagrant.yaml.test +0 -0
- data/spec/fixtures/puppet/steps/step-1/hiera/hiera.yaml.test +11 -0
- data/spec/fixtures/puppet/steps/step-1/manifests/site.pp.test +10 -0
- data/spec/fixtures/puppet/steps/step-1/manifests/site_with_node.pp.test +15 -0
- data/spec/fixtures/puppet/steps/step-2/Puppetfile.test +6 -0
- data/spec/fixtures/puppet/steps/step-2/hiera/data/common.yaml.test +1 -0
- data/spec/fixtures/puppet/steps/step-2/hiera/data/node0.server1.test.yaml.test +1 -0
- data/spec/fixtures/puppet/steps/step-2/hiera/data/pname_env.yaml.test +1 -0
- data/spec/fixtures/puppet/steps/step-2/hiera/data/production.yaml.test +1 -0
- data/spec/fixtures/puppet/steps/step-2/hiera/data/staging.yaml.test +1 -0
- data/spec/fixtures/puppet/steps/step-2/hiera/data/vagrant.yaml.test +1 -0
- data/spec/fixtures/puppet/steps/step-2/hiera/hiera.yaml.test +11 -0
- data/spec/fixtures/puppet/steps/step-2/manifests/site.pp.test +10 -0
- data/spec/fixtures/puppet/steps/step-2/manifests/site_with_node.pp.test +13 -0
- data/spec/fixtures/puppet/steps/step-2/manifests/site_with_node_role_association.pp.test +16 -0
- data/spec/fixtures/puppet/steps/step-2/modules/profiles/manifests/test/profile_0.pp.test +17 -0
- data/spec/fixtures/puppet/steps/step-2/modules/roles/manifests/role_0.pp.test +16 -0
- data/spec/fixtures/puppet/steps/step-3/hiera/data/common.yaml.test +99 -0
- data/spec/fixtures/puppet/steps/step-3/hiera/data/node0.server1.test.yaml.test +1 -0
- data/spec/fixtures/puppet/steps/step-3/hiera/data/pname_env.yaml.test +99 -0
- data/spec/fixtures/puppet/steps/step-3/hiera/data/production.yaml.test +1 -0
- data/spec/fixtures/puppet/steps/step-3/hiera/data/staging.yaml.test +1 -0
- data/spec/fixtures/puppet/steps/step-3/hiera/data/vagrant.yaml.test +1 -0
- data/spec/fixtures/puppet/steps/step-3/hiera/hiera.yaml.test +11 -0
- data/spec/fixtures/puppet/steps/step-3/manifests/site.pp.test +10 -0
- data/spec/fixtures/puppet/steps/step-3/manifests/site_with_node.pp.test +15 -0
- data/spec/fixtures/puppet/ubuntu_dependencies.test +10 -0
- data/spec/node0.server1.test/prepare_phase_spec.rb +53 -0
- data/spec/node0.server1.test/provision_step_0_spec.rb +46 -0
- data/spec/node0.server1.test/provision_step_1_spec.rb +41 -0
- data/spec/node0.server1.test/provision_step_2_spec.rb +79 -0
- data/spec/node0.server1.test/provision_step_3_spec.rb +76 -0
- data/spec/node_role_spec.rb +20 -0
- data/spec/node_spec.rb +71 -0
- data/spec/node_wizard_spec.rb +22 -0
- data/spec/ordered_phases_spec.rb +55 -0
- data/spec/pre_prepare_spec.rb +78 -0
- data/spec/pre_provision_steps_spec.rb +40 -0
- data/spec/profile_spec.rb +70 -0
- data/spec/project_spec.rb +195 -0
- data/spec/project_wizard_spec.rb +51 -0
- data/spec/puppet_spec_helper.rb +15 -0
- data/spec/role_profiles_spec.rb +40 -0
- data/spec/role_spec.rb +56 -0
- data/spec/spec_helper.rb +37 -0
- data/spec/support/config_specs.yaml.example +2 -0
- data/spec/vagrant_spec_helper.rb +15 -0
- metadata +625 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
# Here you can set the hiera data to be used for your profiles
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
# Here you can set the hiera data to be used for your profiles
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
# Here you can set the hiera data to be used for your profiles
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
# Here you can set the hiera data to be used for your profiles
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
# Here you can set the hiera data to be used for your profiles
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
# Important note: This file is empty.
|
|
2
|
+
# /etc/puppet/hiera.yml is used by default.
|
|
3
|
+
# deploy_user and deploy_environment is set in the puppet apply command executed by capistrano
|
|
4
|
+
:backends: yaml
|
|
5
|
+
:yaml:
|
|
6
|
+
:datadir: %{::deploy_to}/current/steps/2-services/hiera/data
|
|
7
|
+
:hierarchy:
|
|
8
|
+
- %{::fqdn}
|
|
9
|
+
- %{::deploy_environment}
|
|
10
|
+
- common
|
|
11
|
+
:logger: console
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
# This file associates nodes with roles
|
|
2
|
+
# Example:
|
|
3
|
+
# node node0.server1.test {
|
|
4
|
+
# include roles::role_1
|
|
5
|
+
# }
|
|
6
|
+
# The roles and profiles pattern recommends to associate one node with
|
|
7
|
+
# one and only one role.
|
|
8
|
+
# The role can be set to the node manually or through the
|
|
9
|
+
# 'bebox node set_role' command.
|
|
10
|
+
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
# This file associates nodes with roles
|
|
2
|
+
# Example:
|
|
3
|
+
# node node0.server1.test {
|
|
4
|
+
# include roles::role_1
|
|
5
|
+
# }
|
|
6
|
+
# The roles and profiles pattern recommends to associate one node with
|
|
7
|
+
# one and only one role.
|
|
8
|
+
# The role can be set to the node manually or through the
|
|
9
|
+
# 'bebox node set_role' command.
|
|
10
|
+
|
|
11
|
+
node node0.server1.test {
|
|
12
|
+
|
|
13
|
+
}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
# This file associates nodes with roles
|
|
2
|
+
# Example:
|
|
3
|
+
# node node0.server1.test {
|
|
4
|
+
# include roles::role_1
|
|
5
|
+
# }
|
|
6
|
+
# The roles and profiles pattern recommends to associate one node with
|
|
7
|
+
# one and only one role.
|
|
8
|
+
# The role can be set to the node manually or through the
|
|
9
|
+
# 'bebox node set_role' command.
|
|
10
|
+
|
|
11
|
+
node node0.server1.test {
|
|
12
|
+
|
|
13
|
+
include roles::role_0
|
|
14
|
+
|
|
15
|
+
}
|
|
16
|
+
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
# The profile class include the classes instantiation or
|
|
2
|
+
# puppet/modules type resource definitions.
|
|
3
|
+
# It can include hiera calls for the parametter setting.
|
|
4
|
+
# Example:
|
|
5
|
+
# class profiles::category::technology {
|
|
6
|
+
# $technology_parameters = hiera("technology")
|
|
7
|
+
# $parameter1 = technology_parameters[parameter1]
|
|
8
|
+
# ...
|
|
9
|
+
# class { "technology_resource":
|
|
10
|
+
# parameter1 => $parameter1
|
|
11
|
+
# ...
|
|
12
|
+
# }
|
|
13
|
+
# }
|
|
14
|
+
|
|
15
|
+
class profiles::test::profile_0 {
|
|
16
|
+
|
|
17
|
+
}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
# The role class can include many profiles
|
|
2
|
+
# Example:
|
|
3
|
+
# class roles::example_role {
|
|
4
|
+
# include profiles::category::example_profile_1
|
|
5
|
+
# include profiles::category::example_profile_2
|
|
6
|
+
# ...
|
|
7
|
+
# include profiles::category::example_profile_N
|
|
8
|
+
# }
|
|
9
|
+
# The profiles can be added/removed to the role manually or through the
|
|
10
|
+
# 'bebox role add_profile' and 'bebox role remove_profile' commands.
|
|
11
|
+
|
|
12
|
+
class roles::role_0 {
|
|
13
|
+
|
|
14
|
+
include profiles::test::profile_0
|
|
15
|
+
|
|
16
|
+
}
|
|
@@ -0,0 +1,99 @@
|
|
|
1
|
+
fail2ban:
|
|
2
|
+
bantime: 60
|
|
3
|
+
maxretry: 3
|
|
4
|
+
mailto: 'root@localhost'
|
|
5
|
+
ssh::server:
|
|
6
|
+
password_authentication: 'no'
|
|
7
|
+
pubkey_authentication: 'yes'
|
|
8
|
+
permit_root_login: 'no'
|
|
9
|
+
sysctl:
|
|
10
|
+
# IP Spoofing protection
|
|
11
|
+
'net.ipv4.conf.all.rp_filter':
|
|
12
|
+
value: '1'
|
|
13
|
+
'net.ipv4.conf.default.rp_filter':
|
|
14
|
+
value: '1'
|
|
15
|
+
# Ignore ICMP broadcast requests
|
|
16
|
+
'net.ipv4.icmp_echo_ignore_broadcasts':
|
|
17
|
+
value: '1'
|
|
18
|
+
# Disable source packet routing
|
|
19
|
+
'net.ipv4.conf.all.accept_source_route':
|
|
20
|
+
value: '0'
|
|
21
|
+
'net.ipv6.conf.all.accept_source_route':
|
|
22
|
+
value: '0'
|
|
23
|
+
'net.ipv4.conf.default.accept_source_route':
|
|
24
|
+
value: '0'
|
|
25
|
+
'net.ipv6.conf.default.accept_source_route':
|
|
26
|
+
value: '0'
|
|
27
|
+
# Ignore send redirects
|
|
28
|
+
'net.ipv4.conf.all.send_redirects':
|
|
29
|
+
value: '0'
|
|
30
|
+
'net.ipv4.conf.default.send_redirects':
|
|
31
|
+
value: '0'
|
|
32
|
+
# Block SYN attacks
|
|
33
|
+
'net.ipv4.tcp_syncookies':
|
|
34
|
+
value: '1'
|
|
35
|
+
'net.ipv4.tcp_max_syn_backlog':
|
|
36
|
+
value: '2048'
|
|
37
|
+
'net.ipv4.tcp_synack_retries':
|
|
38
|
+
value: '2'
|
|
39
|
+
'net.ipv4.tcp_syn_retries':
|
|
40
|
+
value: '5'
|
|
41
|
+
# Log Martians
|
|
42
|
+
'net.ipv4.conf.all.log_martians':
|
|
43
|
+
value: '1'
|
|
44
|
+
'net.ipv4.icmp_ignore_bogus_error_responses':
|
|
45
|
+
value: '1'
|
|
46
|
+
# Ignore ICMP redirects
|
|
47
|
+
'net.ipv4.conf.all.accept_redirects':
|
|
48
|
+
value: '0'
|
|
49
|
+
'net.ipv6.conf.all.accept_redirects':
|
|
50
|
+
value: '0'
|
|
51
|
+
'net.ipv4.conf.default.accept_redirects':
|
|
52
|
+
value: '0'
|
|
53
|
+
'net.ipv6.conf.default.accept_redirects':
|
|
54
|
+
value: '0'
|
|
55
|
+
# Ignore Directed pings
|
|
56
|
+
'net.ipv4.icmp_echo_ignore_all':
|
|
57
|
+
value: '1'
|
|
58
|
+
iptables::allow_icmp: 'yes'
|
|
59
|
+
iptables::allow_localhost: 'yes'
|
|
60
|
+
iptables::log_failures: 'yes'
|
|
61
|
+
iptables::ports:
|
|
62
|
+
22:
|
|
63
|
+
tcp: 'allow'
|
|
64
|
+
80:
|
|
65
|
+
tcp: 'allow'
|
|
66
|
+
23:
|
|
67
|
+
tcp: 'drop'
|
|
68
|
+
udp: 'drop'
|
|
69
|
+
firewall:
|
|
70
|
+
'001 accept all icmp requests':
|
|
71
|
+
proto: 'icmp'
|
|
72
|
+
action: 'accept'
|
|
73
|
+
'002 allow loopback':
|
|
74
|
+
iniface: 'lo'
|
|
75
|
+
chain: 'INPUT'
|
|
76
|
+
action: 'accept'
|
|
77
|
+
'000 INPUT allow related and established':
|
|
78
|
+
state: ['RELATED', 'ESTABLISHED']
|
|
79
|
+
action: 'accept'
|
|
80
|
+
proto: 'all'
|
|
81
|
+
'100 allow ssh':
|
|
82
|
+
state: ['NEW']
|
|
83
|
+
dport: '22'
|
|
84
|
+
proto: 'tcp'
|
|
85
|
+
action: 'accept'
|
|
86
|
+
'100 allow httpd:80':
|
|
87
|
+
state: ['NEW']
|
|
88
|
+
dport: '80'
|
|
89
|
+
proto: 'tcp'
|
|
90
|
+
action: 'accept'
|
|
91
|
+
'998 deny all other requests':
|
|
92
|
+
action: 'reject'
|
|
93
|
+
proto: 'all'
|
|
94
|
+
reject: 'icmp-host-prohibited'
|
|
95
|
+
'999 deny all other requests':
|
|
96
|
+
chain: 'FORWARD'
|
|
97
|
+
action: 'reject'
|
|
98
|
+
proto: 'all'
|
|
99
|
+
reject: 'icmp-host-prohibited'
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
# Here you can set the hiera data to be used for your profiles
|
|
@@ -0,0 +1,99 @@
|
|
|
1
|
+
fail2ban:
|
|
2
|
+
bantime: 60
|
|
3
|
+
maxretry: 3
|
|
4
|
+
mailto: 'root@localhost'
|
|
5
|
+
ssh::server:
|
|
6
|
+
password_authentication: 'no'
|
|
7
|
+
pubkey_authentication: 'yes'
|
|
8
|
+
permit_root_login: 'no'
|
|
9
|
+
sysctl:
|
|
10
|
+
# IP Spoofing protection
|
|
11
|
+
'net.ipv4.conf.all.rp_filter':
|
|
12
|
+
value: '1'
|
|
13
|
+
'net.ipv4.conf.default.rp_filter':
|
|
14
|
+
value: '1'
|
|
15
|
+
# Ignore ICMP broadcast requests
|
|
16
|
+
'net.ipv4.icmp_echo_ignore_broadcasts':
|
|
17
|
+
value: '1'
|
|
18
|
+
# Disable source packet routing
|
|
19
|
+
'net.ipv4.conf.all.accept_source_route':
|
|
20
|
+
value: '0'
|
|
21
|
+
'net.ipv6.conf.all.accept_source_route':
|
|
22
|
+
value: '0'
|
|
23
|
+
'net.ipv4.conf.default.accept_source_route':
|
|
24
|
+
value: '0'
|
|
25
|
+
'net.ipv6.conf.default.accept_source_route':
|
|
26
|
+
value: '0'
|
|
27
|
+
# Ignore send redirects
|
|
28
|
+
'net.ipv4.conf.all.send_redirects':
|
|
29
|
+
value: '0'
|
|
30
|
+
'net.ipv4.conf.default.send_redirects':
|
|
31
|
+
value: '0'
|
|
32
|
+
# Block SYN attacks
|
|
33
|
+
'net.ipv4.tcp_syncookies':
|
|
34
|
+
value: '1'
|
|
35
|
+
'net.ipv4.tcp_max_syn_backlog':
|
|
36
|
+
value: '2048'
|
|
37
|
+
'net.ipv4.tcp_synack_retries':
|
|
38
|
+
value: '2'
|
|
39
|
+
'net.ipv4.tcp_syn_retries':
|
|
40
|
+
value: '5'
|
|
41
|
+
# Log Martians
|
|
42
|
+
'net.ipv4.conf.all.log_martians':
|
|
43
|
+
value: '1'
|
|
44
|
+
'net.ipv4.icmp_ignore_bogus_error_responses':
|
|
45
|
+
value: '1'
|
|
46
|
+
# Ignore ICMP redirects
|
|
47
|
+
'net.ipv4.conf.all.accept_redirects':
|
|
48
|
+
value: '0'
|
|
49
|
+
'net.ipv6.conf.all.accept_redirects':
|
|
50
|
+
value: '0'
|
|
51
|
+
'net.ipv4.conf.default.accept_redirects':
|
|
52
|
+
value: '0'
|
|
53
|
+
'net.ipv6.conf.default.accept_redirects':
|
|
54
|
+
value: '0'
|
|
55
|
+
# Ignore Directed pings
|
|
56
|
+
'net.ipv4.icmp_echo_ignore_all':
|
|
57
|
+
value: '1'
|
|
58
|
+
iptables::allow_icmp: 'yes'
|
|
59
|
+
iptables::allow_localhost: 'yes'
|
|
60
|
+
iptables::log_failures: 'yes'
|
|
61
|
+
iptables::ports:
|
|
62
|
+
22:
|
|
63
|
+
tcp: 'allow'
|
|
64
|
+
80:
|
|
65
|
+
tcp: 'allow'
|
|
66
|
+
23:
|
|
67
|
+
tcp: 'drop'
|
|
68
|
+
udp: 'drop'
|
|
69
|
+
firewall:
|
|
70
|
+
'001 accept all icmp requests':
|
|
71
|
+
proto: 'icmp'
|
|
72
|
+
action: 'accept'
|
|
73
|
+
'002 allow loopback':
|
|
74
|
+
iniface: 'lo'
|
|
75
|
+
chain: 'INPUT'
|
|
76
|
+
action: 'accept'
|
|
77
|
+
'000 INPUT allow related and established':
|
|
78
|
+
state: ['RELATED', 'ESTABLISHED']
|
|
79
|
+
action: 'accept'
|
|
80
|
+
proto: 'all'
|
|
81
|
+
'100 allow ssh':
|
|
82
|
+
state: ['NEW']
|
|
83
|
+
dport: '22'
|
|
84
|
+
proto: 'tcp'
|
|
85
|
+
action: 'accept'
|
|
86
|
+
'100 allow httpd:80':
|
|
87
|
+
state: ['NEW']
|
|
88
|
+
dport: '80'
|
|
89
|
+
proto: 'tcp'
|
|
90
|
+
action: 'accept'
|
|
91
|
+
'998 deny all other requests':
|
|
92
|
+
action: 'reject'
|
|
93
|
+
proto: 'all'
|
|
94
|
+
reject: 'icmp-host-prohibited'
|
|
95
|
+
'999 deny all other requests':
|
|
96
|
+
chain: 'FORWARD'
|
|
97
|
+
action: 'reject'
|
|
98
|
+
proto: 'all'
|
|
99
|
+
reject: 'icmp-host-prohibited'
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
# Here you can set the hiera data to be used for your profiles
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
# Here you can set the hiera data to be used for your profiles
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
# Here you can set the hiera data to be used for your profiles
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
# Important note: This file is empty.
|
|
2
|
+
# /etc/puppet/hiera.yml is used by default.
|
|
3
|
+
# deploy_user and deploy_environment is set in the puppet apply command executed by capistrano
|
|
4
|
+
:backends: yaml
|
|
5
|
+
:yaml:
|
|
6
|
+
:datadir: %{::deploy_to}/current/steps/3-security/hiera/data
|
|
7
|
+
:hierarchy:
|
|
8
|
+
- %{::fqdn}
|
|
9
|
+
- %{::deploy_environment}
|
|
10
|
+
- common
|
|
11
|
+
:logger: console
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
# This file associates nodes with roles
|
|
2
|
+
# Example:
|
|
3
|
+
# node node0.server1.test {
|
|
4
|
+
# include roles::role_1
|
|
5
|
+
# }
|
|
6
|
+
# The roles and profiles pattern recommends to associate one node with
|
|
7
|
+
# one and only one role.
|
|
8
|
+
# The role can be set to the node manually or through the
|
|
9
|
+
# 'bebox node set_role' command.
|
|
10
|
+
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
# This file associates nodes with roles
|
|
2
|
+
# Example:
|
|
3
|
+
# node node0.server1.test {
|
|
4
|
+
# include roles::role_1
|
|
5
|
+
# }
|
|
6
|
+
# The roles and profiles pattern recommends to associate one node with
|
|
7
|
+
# one and only one role.
|
|
8
|
+
# The role can be set to the node manually or through the
|
|
9
|
+
# 'bebox node set_role' command.
|
|
10
|
+
|
|
11
|
+
node node0.server1.test {
|
|
12
|
+
|
|
13
|
+
include roles::security
|
|
14
|
+
|
|
15
|
+
}
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
require_relative '../factories/node.rb'
|
|
3
|
+
require_relative '../vagrant_spec_helper.rb'
|
|
4
|
+
|
|
5
|
+
describe 'Test 06: Node prepared' do
|
|
6
|
+
|
|
7
|
+
let(:node) { build(:node) }
|
|
8
|
+
|
|
9
|
+
before(:all) do
|
|
10
|
+
node.prepare
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
context 'vagrant prepared' do
|
|
14
|
+
describe interface('eth1') do
|
|
15
|
+
it { should have_ipv4_address(node.ip) }
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
describe host('node0.server1.test') do
|
|
19
|
+
it { should be_resolvable }
|
|
20
|
+
it { should be_reachable.with( :port => 22 ) }
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
describe user('vagrant') do
|
|
24
|
+
it { should exist }
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
context 'all environments prepared' do
|
|
29
|
+
describe command('hostname') do
|
|
30
|
+
it 'should configure the hostname' do
|
|
31
|
+
should return_stdout node.hostname
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
describe command("dpkg -s #{Bebox::Project.so_dependencies} | grep Status") do
|
|
36
|
+
it 'should install ubuntu dependencies' do
|
|
37
|
+
should return_stdout /(Status: install ok installed\s*){#{Bebox::Project.so_dependencies.split(' ').size}}/
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
describe package('puppet') do
|
|
42
|
+
it { should be_installed }
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
it 'should create checkpoint' do
|
|
46
|
+
expect(File.exist?("#{node.project_root}/.checkpoints/environments/#{node.environment}/prepared_nodes/#{node.hostname}.yml")).to be (true)
|
|
47
|
+
prepared_node_content = File.read("#{node.project_root}/.checkpoints/environments/#{node.environment}/prepared_nodes/#{node.hostname}.yml").gsub(/\s+/, ' ').strip
|
|
48
|
+
ouput_template = Tilt::ERBTemplate.new('spec/fixtures/node/prepared_node_0.test.erb')
|
|
49
|
+
prepared_node_expected_content = ouput_template.render(nil, node: node).gsub(/\s+/, ' ').strip
|
|
50
|
+
expect(prepared_node_content).to eq(prepared_node_expected_content)
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
end
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
require_relative '../factories/provision.rb'
|
|
3
|
+
require_relative '../vagrant_spec_helper.rb'
|
|
4
|
+
|
|
5
|
+
describe 'Test 12: Apply provision for fundamental step-0' do
|
|
6
|
+
|
|
7
|
+
let(:provision) { build(:provision) }
|
|
8
|
+
let(:fundamental_profiles) {['base/fundamental/ruby', 'base/fundamental/sudo', 'base/fundamental/users']}
|
|
9
|
+
|
|
10
|
+
before(:all) do
|
|
11
|
+
Bebox::Provision.generate_puppetfile(provision.project_root, provision.step, fundamental_profiles)
|
|
12
|
+
Bebox::Provision.generate_roles_and_profiles(provision.project_root, provision.step, 'fundamental', fundamental_profiles)
|
|
13
|
+
provision.apply
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
describe user('puppet') do
|
|
17
|
+
it { should exist }
|
|
18
|
+
it { should belong_to_group 'root' }
|
|
19
|
+
it { should have_home_directory '/home/puppet' }
|
|
20
|
+
it { should have_login_shell '/bin/bash' }
|
|
21
|
+
it { should have_uid 7000 }
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
describe file('/home/puppet/.ssh/authorized_keys') do
|
|
25
|
+
let(:disable_sudo) { false }
|
|
26
|
+
it { should be_file }
|
|
27
|
+
its(:content) {
|
|
28
|
+
keys_content = File.read("#{provision.project_root}/config/keys/environments/vagrant/id_rsa.pub").strip
|
|
29
|
+
should == "#{keys_content}"
|
|
30
|
+
}
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
describe file('/etc/sudoers.d/10_puppet') do
|
|
34
|
+
let(:disable_sudo) { false }
|
|
35
|
+
it { should be_file }
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
it 'should create checkpoint' do
|
|
39
|
+
checkpoint_file_path = "#{provision.project_root}/.checkpoints/environments/#{provision.environment}/steps/#{provision.step}/#{provision.node.hostname}.yml"
|
|
40
|
+
expect(File.exist?(checkpoint_file_path)).to eq(true)
|
|
41
|
+
prepared_node_content = File.read(checkpoint_file_path).gsub(/\s+/, ' ').strip
|
|
42
|
+
ouput_template = Tilt::ERBTemplate.new('spec/fixtures/node/provisioned_node_0.test.erb')
|
|
43
|
+
prepared_node_expected_content = ouput_template.render(nil, node: provision.node).gsub(/\s+/, ' ').strip
|
|
44
|
+
expect(prepared_node_content).to eq(prepared_node_expected_content)
|
|
45
|
+
end
|
|
46
|
+
end
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
require_relative '../factories/provision.rb'
|
|
3
|
+
require_relative '../puppet_spec_helper.rb'
|
|
4
|
+
|
|
5
|
+
describe 'Test 13: Apply provision for users layer step-1' do
|
|
6
|
+
|
|
7
|
+
let(:provision) { build(:provision, step: 'step-1') }
|
|
8
|
+
let(:users_profiles) {['base/users/ssh', 'base/users/users']}
|
|
9
|
+
|
|
10
|
+
before(:all) do
|
|
11
|
+
Bebox::Provision.generate_puppetfile(provision.project_root, provision.step, users_profiles)
|
|
12
|
+
Bebox::Provision.generate_roles_and_profiles(provision.project_root, provision.step, 'users', users_profiles)
|
|
13
|
+
provision.apply
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
describe user('pname') do
|
|
17
|
+
it { should exist }
|
|
18
|
+
it { should belong_to_group 'root' }
|
|
19
|
+
it { should have_home_directory '/home/pname' }
|
|
20
|
+
it { should have_login_shell '/bin/bash' }
|
|
21
|
+
it { should have_uid 7001 }
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
describe file('/home/pname/.ssh/authorized_keys') do
|
|
25
|
+
let(:disable_sudo) { false }
|
|
26
|
+
it { should be_file }
|
|
27
|
+
its(:content) {
|
|
28
|
+
keys_content = File.read("#{provision.project_root}/config/keys/environments/vagrant/id_rsa.pub").strip
|
|
29
|
+
should == "#{keys_content}"
|
|
30
|
+
}
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
it 'should create checkpoint' do
|
|
34
|
+
checkpoint_file_path = "#{provision.project_root}/.checkpoints/environments/#{provision.environment}/steps/#{provision.step}/#{provision.node.hostname}.yml"
|
|
35
|
+
expect(File.exist?(checkpoint_file_path)).to eq(true)
|
|
36
|
+
prepared_node_content = File.read(checkpoint_file_path).gsub(/\s+/, ' ').strip
|
|
37
|
+
ouput_template = Tilt::ERBTemplate.new('spec/fixtures/node/provisioned_node_0.test.erb')
|
|
38
|
+
prepared_node_expected_content = ouput_template.render(nil, node: provision.node).gsub(/\s+/, ' ').strip
|
|
39
|
+
expect(prepared_node_content).to eq(prepared_node_expected_content)
|
|
40
|
+
end
|
|
41
|
+
end
|
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
require_relative '../factories/provision.rb'
|
|
3
|
+
require_relative '../factories/role.rb'
|
|
4
|
+
require_relative '../factories/profile.rb'
|
|
5
|
+
require_relative '../puppet_spec_helper.rb'
|
|
6
|
+
|
|
7
|
+
describe 'Test 14: Apply provision for service layer step-2' do
|
|
8
|
+
|
|
9
|
+
let(:provision) { build(:provision, step: 'step-2') }
|
|
10
|
+
let(:role) { build(:role) }
|
|
11
|
+
let(:profile) { build(:profile) }
|
|
12
|
+
|
|
13
|
+
before :all do
|
|
14
|
+
role.create
|
|
15
|
+
profile.create
|
|
16
|
+
Bebox::Role.add_profile(role.project_root, role.name, profile.relative_path)
|
|
17
|
+
`cp spec/fixtures/puppet/profiles/#{profile.relative_path}/manifests/init_with_content.pp.test #{profile.absolute_path}/manifests/init.pp`
|
|
18
|
+
`cp spec/fixtures/puppet/hiera/data/#{provision.node.hostname}.yaml.test #{provision.project_root}/puppet/steps/#{provision.step_name}/hiera/data/#{provision.node.hostname}.yaml`
|
|
19
|
+
`cp spec/fixtures/puppet/profiles/#{profile.relative_path}/Puppetfile_with_modules.test #{profile.absolute_path}/Puppetfile`
|
|
20
|
+
profiles = Bebox::Provision.profiles_from_role(provision.project_root, role.name)
|
|
21
|
+
Bebox::Provision.generate_puppetfile(provision.project_root, provision.step, profiles)
|
|
22
|
+
Bebox::Provision.generate_roles_and_profiles(provision.project_root, provision.step, 'role_0', [profile.relative_path])
|
|
23
|
+
provision.apply
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
context 'should download the configured modules' do
|
|
27
|
+
|
|
28
|
+
module_dir = '/home/puppet/code/shared/librarian-puppet/2-services/modules'
|
|
29
|
+
|
|
30
|
+
describe file("#{module_dir}/rbenv") do
|
|
31
|
+
it { should be_directory }
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
describe file("#{module_dir}/nginx") do
|
|
35
|
+
it { should be_directory }
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
describe file("#{module_dir}/redis") do
|
|
39
|
+
it { should be_directory }
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
describe file("#{module_dir}/roles") do
|
|
43
|
+
it { should be_directory }
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
describe file("#{module_dir}/profiles") do
|
|
47
|
+
it { should be_directory }
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
context 'should install some packages' do
|
|
52
|
+
context 'wkhtmltopdf' do
|
|
53
|
+
describe package('wkhtmltopdf') do
|
|
54
|
+
it { should be_installed }
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
context 'imagemagick' do
|
|
59
|
+
describe package('imagemagick') do
|
|
60
|
+
it { should be_installed }
|
|
61
|
+
end
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
context 'htop' do
|
|
65
|
+
describe package('htop') do
|
|
66
|
+
it { should be_installed }
|
|
67
|
+
end
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
it 'should create checkpoint' do
|
|
72
|
+
checkpoint_file_path = "#{provision.project_root}/.checkpoints/environments/#{provision.environment}/steps/#{provision.step}/#{provision.node.hostname}.yml"
|
|
73
|
+
expect(File.exist?(checkpoint_file_path)).to eq(true)
|
|
74
|
+
prepared_node_content = File.read(checkpoint_file_path).gsub(/\s+/, ' ').strip
|
|
75
|
+
ouput_template = Tilt::ERBTemplate.new('spec/fixtures/node/provisioned_node_0.test.erb')
|
|
76
|
+
prepared_node_expected_content = ouput_template.render(nil, node: provision.node).gsub(/\s+/, ' ').strip
|
|
77
|
+
expect(prepared_node_content).to eq(prepared_node_expected_content)
|
|
78
|
+
end
|
|
79
|
+
end
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
require_relative '../factories/provision.rb'
|
|
3
|
+
require_relative '../puppet_spec_helper.rb'
|
|
4
|
+
|
|
5
|
+
describe 'Test 15: Apply provision for security layer step-3' do
|
|
6
|
+
|
|
7
|
+
let(:provision) { build(:provision, step: 'step-3') }
|
|
8
|
+
let(:security_profiles) {['base/security/fail2ban', 'base/security/iptables', 'base/security/ssh', 'base/security/sysctl']}
|
|
9
|
+
|
|
10
|
+
before(:all) do
|
|
11
|
+
Bebox::Provision.generate_puppetfile(provision.project_root, provision.step, security_profiles)
|
|
12
|
+
Bebox::Provision.generate_roles_and_profiles(provision.project_root, provision.step, 'security', security_profiles)
|
|
13
|
+
provision.apply
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
context 'fail2ban module' do
|
|
17
|
+
describe service('fail2ban') do
|
|
18
|
+
it { should be_enabled }
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
context 'ssh' do
|
|
23
|
+
describe file('/etc/ssh/sshd_config') do
|
|
24
|
+
its(:content) { should match /PermitRootLogin no/ }
|
|
25
|
+
its(:content) { should match /PubkeyAuthentication yes/ }
|
|
26
|
+
its(:content) { should match /PasswordAuthentication no/ }
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
context 'iptables' do
|
|
32
|
+
describe iptables do
|
|
33
|
+
let(:disable_sudo) { false }
|
|
34
|
+
it { should have_rule('-A INPUT -m comment --comment "000 INPUT allow related and established" -m state --state RELATED,ESTABLISHED -j ACCEPT') }
|
|
35
|
+
it { should have_rule('-A INPUT -p icmp -m comment --comment "001 accept all icmp requests" -j ACCEPT') }
|
|
36
|
+
it { should have_rule('-A INPUT -i lo -p tcp -m comment --comment "002 allow loopback" -j ACCEPT') }
|
|
37
|
+
it { should have_rule('-A INPUT -p tcp -m multiport --dports 80 -m comment --comment "100 allow httpd:80" -m state --state NEW -j ACCEPT') }
|
|
38
|
+
it { should have_rule('-A INPUT -p tcp -m multiport --dports 22 -m comment --comment "100 allow ssh" -m state --state NEW -j ACCEPT') }
|
|
39
|
+
it { should have_rule('-A INPUT -m comment --comment "998 deny all other requests" -j REJECT --reject-with icmp-host-prohibited') }
|
|
40
|
+
it { should have_rule('-A FORWARD -m comment --comment "999 deny all other requests" -j REJECT --reject-with icmp-host-prohibited') }
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
context 'sysctl' do
|
|
45
|
+
describe command('sysctl -a') do
|
|
46
|
+
its(:stdout) { should match /net.ipv4.conf.default.rp_filter = 1/ }
|
|
47
|
+
its(:stdout) { should match /net.ipv4.icmp_echo_ignore_broadcasts = 1/ }
|
|
48
|
+
its(:stdout) { should match /net.ipv4.conf.all.accept_source_route = 0/ }
|
|
49
|
+
its(:stdout) { should match /net.ipv6.conf.all.accept_source_route = 0/ }
|
|
50
|
+
its(:stdout) { should match /net.ipv4.conf.default.accept_source_route = 0/ }
|
|
51
|
+
its(:stdout) { should match /net.ipv6.conf.default.accept_source_route = 0/ }
|
|
52
|
+
its(:stdout) { should match /net.ipv4.conf.all.send_redirects = 0/ }
|
|
53
|
+
its(:stdout) { should match /net.ipv4.conf.default.send_redirects = 0/ }
|
|
54
|
+
its(:stdout) { should match /net.ipv4.tcp_syncookies = 1/ }
|
|
55
|
+
its(:stdout) { should match /net.ipv4.tcp_max_syn_backlog = 2048/ }
|
|
56
|
+
its(:stdout) { should match /net.ipv4.tcp_synack_retries = 2/ }
|
|
57
|
+
its(:stdout) { should match /net.ipv4.tcp_syn_retries = 5/ }
|
|
58
|
+
its(:stdout) { should match /net.ipv4.conf.all.log_martians = 1/ }
|
|
59
|
+
its(:stdout) { should match /net.ipv4.icmp_ignore_bogus_error_responses = 1/ }
|
|
60
|
+
its(:stdout) { should match /net.ipv4.conf.all.accept_redirects = 0/ }
|
|
61
|
+
its(:stdout) { should match /net.ipv6.conf.all.accept_redirects = 0/ }
|
|
62
|
+
its(:stdout) { should match /net.ipv4.conf.default.accept_redirects = 0/ }
|
|
63
|
+
its(:stdout) { should match /net.ipv6.conf.default.accept_redirects = 0/ }
|
|
64
|
+
its(:stdout) { should match /net.ipv4.icmp_echo_ignore_all = 1/ }
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
it 'should create checkpoint' do
|
|
69
|
+
checkpoint_file_path = "#{provision.project_root}/.checkpoints/environments/#{provision.environment}/steps/#{provision.step}/#{provision.node.hostname}.yml"
|
|
70
|
+
expect(File.exist?(checkpoint_file_path)).to eq(true)
|
|
71
|
+
prepared_node_content = File.read(checkpoint_file_path).gsub(/\s+/, ' ').strip
|
|
72
|
+
ouput_template = Tilt::ERBTemplate.new('spec/fixtures/node/provisioned_node_0.test.erb')
|
|
73
|
+
prepared_node_expected_content = ouput_template.render(nil, node: provision.node).gsub(/\s+/, ' ').strip
|
|
74
|
+
expect(prepared_node_content).to eq(prepared_node_expected_content)
|
|
75
|
+
end
|
|
76
|
+
end
|