RubyGems - cloud-mu - Versions diffs - 1.9.0.pre.beta - Mend

cloud-mu 1.9.0.pre.beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (618) hide show

checksums.yaml +7 -0
data/Berksfile +56 -0
data/Berksfile.lock +250 -0
data/Jenkinsfile +184 -0
data/LICENSE.md +37 -0
data/README.md +26 -0
data/bin/mu-aws-setup +376 -0
data/bin/mu-cleanup +68 -0
data/bin/mu-configure +1133 -0
data/bin/mu-deploy +166 -0
data/bin/mu-firewall-allow-clients +30 -0
data/bin/mu-gcp-setup +200 -0
data/bin/mu-gen-docs +34 -0
data/bin/mu-gen-env +42 -0
data/bin/mu-load-config.rb +158 -0
data/bin/mu-node-manage +683 -0
data/bin/mu-self-update +228 -0
data/bin/mu-ssh +23 -0
data/bin/mu-tunnel-nagios +144 -0
data/bin/mu-upload-chef-artifacts +757 -0
data/bin/mu-user-manage +275 -0
data/cookbooks/awscli/LICENSE +37 -0
data/cookbooks/awscli/README.md +58 -0
data/cookbooks/awscli/attributes/default.rb +1 -0
data/cookbooks/awscli/libraries/instance_metadata.rb +21 -0
data/cookbooks/awscli/metadata.rb +20 -0
data/cookbooks/awscli/recipes/default.rb +56 -0
data/cookbooks/awscli/templates/default/config.erb +18 -0
data/cookbooks/mu-activedirectory/CHANGELOG.md +13 -0
data/cookbooks/mu-activedirectory/LICENSE +37 -0
data/cookbooks/mu-activedirectory/README.md +6 -0
data/cookbooks/mu-activedirectory/attributes/default.rb +98 -0
data/cookbooks/mu-activedirectory/files/default/password-auth +32 -0
data/cookbooks/mu-activedirectory/files/default/sshd_pol.pp +0 -0
data/cookbooks/mu-activedirectory/files/default/sshd_pol.te +32 -0
data/cookbooks/mu-activedirectory/files/default/syslogd_oddjobd.pp +0 -0
data/cookbooks/mu-activedirectory/files/default/syslogd_oddjobd.te +10 -0
data/cookbooks/mu-activedirectory/files/default/system-auth +34 -0
data/cookbooks/mu-activedirectory/files/default/winbindpol.pp +0 -0
data/cookbooks/mu-activedirectory/files/default/winbindpol.te +37 -0
data/cookbooks/mu-activedirectory/libraries/config.rb +106 -0
data/cookbooks/mu-activedirectory/libraries/helper.rb +86 -0
data/cookbooks/mu-activedirectory/metadata.rb +17 -0
data/cookbooks/mu-activedirectory/providers/domain.rb +152 -0
data/cookbooks/mu-activedirectory/providers/domain_controller.rb +89 -0
data/cookbooks/mu-activedirectory/providers/domain_node.rb +275 -0
data/cookbooks/mu-activedirectory/recipes/default.rb +8 -0
data/cookbooks/mu-activedirectory/recipes/domain-controller.rb +44 -0
data/cookbooks/mu-activedirectory/recipes/domain-node.rb +50 -0
data/cookbooks/mu-activedirectory/recipes/domain.rb +43 -0
data/cookbooks/mu-activedirectory/recipes/sssd.rb +185 -0
data/cookbooks/mu-activedirectory/resources/domain.rb +25 -0
data/cookbooks/mu-activedirectory/resources/domain_controller.rb +25 -0
data/cookbooks/mu-activedirectory/resources/domain_node.rb +20 -0
data/cookbooks/mu-activedirectory/templates/default/dhclient-eth0.conf.erb +4 -0
data/cookbooks/mu-activedirectory/templates/default/interface +0 -0
data/cookbooks/mu-activedirectory/templates/default/krb5.conf.erb +23 -0
data/cookbooks/mu-activedirectory/templates/default/ntp.conf.erb +56 -0
data/cookbooks/mu-activedirectory/templates/default/smb.conf.erb +33 -0
data/cookbooks/mu-activedirectory/templates/default/sssd.conf.erb +60 -0
data/cookbooks/mu-activedirectory/templates/windows/Backup.xml.erb +20 -0
data/cookbooks/mu-activedirectory/templates/windows/bkupInfo.xml.erb +1 -0
data/cookbooks/mu-activedirectory/templates/windows/gpreprt.xml.erb +198 -0
data/cookbooks/mu-activedirectory/templates/windows/gptmpl.inf.erb +12 -0
data/cookbooks/mu-activedirectory/templates/windows/manifest.xml.erb +1 -0
data/cookbooks/mu-firewall/CHANGELOG.md +11 -0
data/cookbooks/mu-firewall/LICENSE +37 -0
data/cookbooks/mu-firewall/README.md +5 -0
data/cookbooks/mu-firewall/attributes/default.rb +3 -0
data/cookbooks/mu-firewall/metadata.rb +16 -0
data/cookbooks/mu-firewall/recipes/default.rb +10 -0
data/cookbooks/mu-glusterfs/CHANGELOG.md +13 -0
data/cookbooks/mu-glusterfs/LICENSE +37 -0
data/cookbooks/mu-glusterfs/README.md +5 -0
data/cookbooks/mu-glusterfs/attributes/default.rb +34 -0
data/cookbooks/mu-glusterfs/metadata.rb +17 -0
data/cookbooks/mu-glusterfs/recipes/client.rb +62 -0
data/cookbooks/mu-glusterfs/recipes/default.rb +16 -0
data/cookbooks/mu-glusterfs/recipes/samba.rb +57 -0
data/cookbooks/mu-glusterfs/recipes/server.rb +200 -0
data/cookbooks/mu-glusterfs/templates/default/mu-gluster-client.erb +71 -0
data/cookbooks/mu-glusterfs/templates/default/smb.conf.erb +14 -0
data/cookbooks/mu-jenkins/CHANGELOG.md +13 -0
data/cookbooks/mu-jenkins/LICENSE +37 -0
data/cookbooks/mu-jenkins/README.md +105 -0
data/cookbooks/mu-jenkins/attributes/default.rb +42 -0
data/cookbooks/mu-jenkins/files/default/cleanup_deploy_config.xml +73 -0
data/cookbooks/mu-jenkins/files/default/deploy_config.xml +44 -0
data/cookbooks/mu-jenkins/metadata.rb +21 -0
data/cookbooks/mu-jenkins/recipes/default.rb +195 -0
data/cookbooks/mu-jenkins/recipes/node-ssh-config.rb +54 -0
data/cookbooks/mu-jenkins/recipes/public_key.rb +24 -0
data/cookbooks/mu-jenkins/templates/default/example_job.config.xml.erb +24 -0
data/cookbooks/mu-jenkins/templates/default/org.jvnet.hudson.plugins.SSHBuildWrapper.xml.erb +14 -0
data/cookbooks/mu-jenkins/templates/default/ssh_config.erb +6 -0
data/cookbooks/mu-master/CHANGELOG.md +13 -0
data/cookbooks/mu-master/LICENSE +37 -0
data/cookbooks/mu-master/README.md +6 -0
data/cookbooks/mu-master/attributes/default.rb +95 -0
data/cookbooks/mu-master/files/default/0-mu-log-server.conf +19 -0
data/cookbooks/mu-master/files/default/addRSA.ldif +8 -0
data/cookbooks/mu-master/files/default/check_mem.pl +197 -0
data/cookbooks/mu-master/files/default/cloudamatic.png +0 -0
data/cookbooks/mu-master/files/default/dirsrv_admin.pp +0 -0
data/cookbooks/mu-master/files/default/dirsrv_admin.te +13 -0
data/cookbooks/mu-master/files/default/nagios_selinux.pp +0 -0
data/cookbooks/mu-master/files/default/nagios_selinux.te +51 -0
data/cookbooks/mu-master/files/default/nagios_selinux_7.pp +0 -0
data/cookbooks/mu-master/files/default/nagios_selinux_7.te +17 -0
data/cookbooks/mu-master/files/default/pam_sshd +18 -0
data/cookbooks/mu-master/files/default/ssl_enable.ldif +18 -0
data/cookbooks/mu-master/files/default/syslogd_oddjobd.pp +0 -0
data/cookbooks/mu-master/files/default/syslogd_oddjobd.te +10 -0
data/cookbooks/mu-master/files/default/vimrc +19 -0
data/cookbooks/mu-master/libraries/mu.rb +29 -0
data/cookbooks/mu-master/metadata.rb +30 -0
data/cookbooks/mu-master/providers/user.rb +41 -0
data/cookbooks/mu-master/recipes/389ds.rb +164 -0
data/cookbooks/mu-master/recipes/basepackages.rb +58 -0
data/cookbooks/mu-master/recipes/caching_nameserver.rb +37 -0
data/cookbooks/mu-master/recipes/default.rb +451 -0
data/cookbooks/mu-master/recipes/eks-kubectl.rb +41 -0
data/cookbooks/mu-master/recipes/firewall-holes.rb +70 -0
data/cookbooks/mu-master/recipes/init.rb +542 -0
data/cookbooks/mu-master/recipes/ssl-certs.rb +109 -0
data/cookbooks/mu-master/recipes/sssd.rb +89 -0
data/cookbooks/mu-master/recipes/update_nagios_only.rb +242 -0
data/cookbooks/mu-master/recipes/vault.rb +111 -0
data/cookbooks/mu-master/resources/user.rb +19 -0
data/cookbooks/mu-master/templates/default/389-directory-setup.inf.erb +28 -0
data/cookbooks/mu-master/templates/default/chef-server.rb.erb +18 -0
data/cookbooks/mu-master/templates/default/dhclient-eth0.conf.erb +9 -0
data/cookbooks/mu-master/templates/default/mu-momma-cat.erb +149 -0
data/cookbooks/mu-master/templates/default/mu.rc.erb +9 -0
data/cookbooks/mu-master/templates/default/openssl.cnf.erb +354 -0
data/cookbooks/mu-master/templates/default/sssd.conf.erb +44 -0
data/cookbooks/mu-master/templates/default/web_app.conf.erb +90 -0
data/cookbooks/mu-mongo/CHANGELOG.md +13 -0
data/cookbooks/mu-mongo/LICENSE +37 -0
data/cookbooks/mu-mongo/README.md +5 -0
data/cookbooks/mu-mongo/attributes/default.rb +22 -0
data/cookbooks/mu-mongo/files/default/keyfile +16 -0
data/cookbooks/mu-mongo/files/default/remove_nodes.js +5 -0
data/cookbooks/mu-mongo/metadata.rb +17 -0
data/cookbooks/mu-mongo/recipes/default.rb +149 -0
data/cookbooks/mu-mongo/recipes/yum-update-rule.rb +18 -0
data/cookbooks/mu-mongo/templates/default/mongo_create_openfema_db.js.erb +2 -0
data/cookbooks/mu-mongo/templates/default/mongo_init.js.erb +1 -0
data/cookbooks/mu-mongo/templates/default/mongo_logrotate.erb +14 -0
data/cookbooks/mu-mongo/templates/default/mongo_replset_addnodes.js.erb +6 -0
data/cookbooks/mu-mongo/templates/default/replset_init.js.erb +2 -0
data/cookbooks/mu-openvpn/CHANGELOG.md +13 -0
data/cookbooks/mu-openvpn/LICENSE +37 -0
data/cookbooks/mu-openvpn/README.md +6 -0
data/cookbooks/mu-openvpn/attributes/default.rb +119 -0
data/cookbooks/mu-openvpn/metadata.rb +18 -0
data/cookbooks/mu-openvpn/recipes/default.rb +108 -0
data/cookbooks/mu-openvpn/templates/default/users.json.erb +42 -0
data/cookbooks/mu-php54/CHANGELOG.md +12 -0
data/cookbooks/mu-php54/LICENSE +37 -0
data/cookbooks/mu-php54/README.md +0 -0
data/cookbooks/mu-php54/files/centos/php.ini +1802 -0
data/cookbooks/mu-php54/files/ubuntu/php.ini +1870 -0
data/cookbooks/mu-php54/metadata.rb +21 -0
data/cookbooks/mu-php54/recipes/default.rb +97 -0
data/cookbooks/mu-splunk/CHANGELOG.md +37 -0
data/cookbooks/mu-splunk/LICENSE +37 -0
data/cookbooks/mu-splunk/README.md +451 -0
data/cookbooks/mu-splunk/attributes/default.rb +95 -0
data/cookbooks/mu-splunk/attributes/upgrade.rb +49 -0
data/cookbooks/mu-splunk/definitions/splunk_installer.rb +103 -0
data/cookbooks/mu-splunk/files/default/splunk-nocheck +10 -0
data/cookbooks/mu-splunk/libraries/helpers.rb +72 -0
data/cookbooks/mu-splunk/libraries/splunk_app_provider.rb +156 -0
data/cookbooks/mu-splunk/libraries/splunk_app_resource.rb +43 -0
data/cookbooks/mu-splunk/metadata.json +30 -0
data/cookbooks/mu-splunk/metadata.rb +17 -0
data/cookbooks/mu-splunk/recipes/client.rb +143 -0
data/cookbooks/mu-splunk/recipes/default.rb +31 -0
data/cookbooks/mu-splunk/recipes/disabled.rb +41 -0
data/cookbooks/mu-splunk/recipes/install_forwarder.rb +23 -0
data/cookbooks/mu-splunk/recipes/install_server.rb +23 -0
data/cookbooks/mu-splunk/recipes/server.rb +53 -0
data/cookbooks/mu-splunk/recipes/service.rb +95 -0
data/cookbooks/mu-splunk/recipes/setup_auth.rb +49 -0
data/cookbooks/mu-splunk/recipes/setup_ssl.rb +63 -0
data/cookbooks/mu-splunk/recipes/upgrade.rb +94 -0
data/cookbooks/mu-splunk/recipes/user.rb +34 -0
data/cookbooks/mu-splunk/templates/default/base_logs_unix_inputs.conf.erb +26 -0
data/cookbooks/mu-splunk/templates/default/inputs.conf.erb +13 -0
data/cookbooks/mu-splunk/templates/default/outputs.conf.erb +9 -0
data/cookbooks/mu-splunk/templates/default/splunk-init.erb +74 -0
data/cookbooks/mu-splunk/templates/default/system-web.conf.erb +7 -0
data/cookbooks/mu-tools/CHANGELOG.md +12 -0
data/cookbooks/mu-tools/LICENSE +37 -0
data/cookbooks/mu-tools/README.md +188 -0
data/cookbooks/mu-tools/attributes/default.rb +142 -0
data/cookbooks/mu-tools/attributes/ebs_rolling_snapshots.rb +3 -0
data/cookbooks/mu-tools/files/amazon/etc/freshclam.conf +235 -0
data/cookbooks/mu-tools/files/centos/CentOS-Base.repo +52 -0
data/cookbooks/mu-tools/files/centos/etc/bashrc +93 -0
data/cookbooks/mu-tools/files/centos/etc/freshclam.conf +235 -0
data/cookbooks/mu-tools/files/centos/etc/login.defs +72 -0
data/cookbooks/mu-tools/files/centos/etc/profile +77 -0
data/cookbooks/mu-tools/files/centos/etc/security/limits.conf +57 -0
data/cookbooks/mu-tools/files/centos/etc/sysconfig/init +19 -0
data/cookbooks/mu-tools/files/centos/etc/sysctl.conf +82 -0
data/cookbooks/mu-tools/files/centos-6/README_MU +0 -0
data/cookbooks/mu-tools/files/centos-6/etc/audit/stig.rules +173 -0
data/cookbooks/mu-tools/files/centos-6/etc/bashrc +90 -0
data/cookbooks/mu-tools/files/centos-6/etc/login.defs +70 -0
data/cookbooks/mu-tools/files/centos-6/etc/pam.d/su +12 -0
data/cookbooks/mu-tools/files/centos-6/etc/profile +83 -0
data/cookbooks/mu-tools/files/centos-6/etc/securetty +12 -0
data/cookbooks/mu-tools/files/centos-6/etc/sysconfig/init +30 -0
data/cookbooks/mu-tools/files/centos-6/etc/sysctl.conf +40 -0
data/cookbooks/mu-tools/files/default/Mu_CA.pem +34 -0
data/cookbooks/mu-tools/files/default/PSWindowsUpdate.zip +0 -0
data/cookbooks/mu-tools/files/default/ebs_snapshots.py +123 -0
data/cookbooks/mu-tools/files/default/etc/BANNER +0 -0
data/cookbooks/mu-tools/files/default/etc/BANNER-FEDERAL +19 -0
data/cookbooks/mu-tools/files/default/gpo_no_uac.zip +0 -0
data/cookbooks/mu-tools/files/default/mypol.pp +0 -0
data/cookbooks/mu-tools/files/default/mypol.te +37 -0
data/cookbooks/mu-tools/files/default/nrpe_c7.pp +0 -0
data/cookbooks/mu-tools/files/default/nrpe_c7.te +31 -0
data/cookbooks/mu-tools/files/default/nrpe_check_disk.pp +0 -0
data/cookbooks/mu-tools/files/default/nrpe_check_disk.te +11 -0
data/cookbooks/mu-tools/files/default/nrpe_disk.pp +0 -0
data/cookbooks/mu-tools/files/default/nrpe_disk.te +10 -0
data/cookbooks/mu-tools/files/default/nrpe_file.pp +0 -0
data/cookbooks/mu-tools/files/default/nrpe_file.te +31 -0
data/cookbooks/mu-tools/files/default/ntrights +0 -0
data/cookbooks/mu-tools/files/default/serverclass.conf +18 -0
data/cookbooks/mu-tools/files/default/splunk-apps/base_logs_unix/local/app.conf +1 -0
data/cookbooks/mu-tools/files/default/splunk-apps/base_logs_unix/local/inputs.conf +13 -0
data/cookbooks/mu-tools/files/default/splunk-apps/base_logs_windows/local/app.conf +1 -0
data/cookbooks/mu-tools/files/default/splunk-apps/base_logs_windows/local/inputs.conf +8 -0
data/cookbooks/mu-tools/files/default/sshd_pol.pp +0 -0
data/cookbooks/mu-tools/files/default/sshd_pol.te +32 -0
data/cookbooks/mu-tools/files/redhat/etc/bashrc +93 -0
data/cookbooks/mu-tools/files/redhat/etc/freshclam.conf +235 -0
data/cookbooks/mu-tools/files/redhat/etc/login.defs +72 -0
data/cookbooks/mu-tools/files/redhat/etc/profile +77 -0
data/cookbooks/mu-tools/files/redhat/etc/security/limits.conf +57 -0
data/cookbooks/mu-tools/files/redhat/etc/sysconfig/init +19 -0
data/cookbooks/mu-tools/files/redhat/etc/sysctl.conf +82 -0
data/cookbooks/mu-tools/files/redhat-6/README_MU +0 -0
data/cookbooks/mu-tools/files/redhat-6/etc/audit/stig.rules +173 -0
data/cookbooks/mu-tools/files/redhat-6/etc/bashrc +90 -0
data/cookbooks/mu-tools/files/redhat-6/etc/login.defs +70 -0
data/cookbooks/mu-tools/files/redhat-6/etc/pam.d/su +12 -0
data/cookbooks/mu-tools/files/redhat-6/etc/profile +83 -0
data/cookbooks/mu-tools/files/redhat-6/etc/securetty +12 -0
data/cookbooks/mu-tools/files/redhat-6/etc/sysconfig/init +30 -0
data/cookbooks/mu-tools/files/redhat-6/etc/sysctl.conf +40 -0
data/cookbooks/mu-tools/files/redhat-7.1/etc/freshclam.conf +235 -0
data/cookbooks/mu-tools/files/ubuntu-12.04/etc/bash.bashrc +64 -0
data/cookbooks/mu-tools/files/ubuntu-12.04/etc/common-session +30 -0
data/cookbooks/mu-tools/files/ubuntu-12.04/etc/login.defs +338 -0
data/cookbooks/mu-tools/files/ubuntu-12.04/etc/profile +30 -0
data/cookbooks/mu-tools/files/ubuntu-12.04/etc/security/limits.conf +56 -0
data/cookbooks/mu-tools/files/ubuntu-12.04/etc/sysctl.conf +60 -0
data/cookbooks/mu-tools/libraries/helper.rb +292 -0
data/cookbooks/mu-tools/metadata.rb +28 -0
data/cookbooks/mu-tools/recipes/add_admin_ssh_keys.rb +35 -0
data/cookbooks/mu-tools/recipes/apply_security.rb +440 -0
data/cookbooks/mu-tools/recipes/aws_api.rb +23 -0
data/cookbooks/mu-tools/recipes/base_repositories.rb +31 -0
data/cookbooks/mu-tools/recipes/cisbenchmark.rb +59 -0
data/cookbooks/mu-tools/recipes/clamav.rb +53 -0
data/cookbooks/mu-tools/recipes/cloudinit.rb +58 -0
data/cookbooks/mu-tools/recipes/configure_oracle_tools.rb +81 -0
data/cookbooks/mu-tools/recipes/disable-requiretty.rb +22 -0
data/cookbooks/mu-tools/recipes/ebs_rolling_snapshots.rb +75 -0
data/cookbooks/mu-tools/recipes/efs.rb +70 -0
data/cookbooks/mu-tools/recipes/eks.rb +160 -0
data/cookbooks/mu-tools/recipes/gcloud.rb +98 -0
data/cookbooks/mu-tools/recipes/google_api.rb +25 -0
data/cookbooks/mu-tools/recipes/maldet.rb +67 -0
data/cookbooks/mu-tools/recipes/nagios.rb +19 -0
data/cookbooks/mu-tools/recipes/newclient.rb +23 -0
data/cookbooks/mu-tools/recipes/nrpe.rb +115 -0
data/cookbooks/mu-tools/recipes/python_pip.rb +35 -0
data/cookbooks/mu-tools/recipes/retrieve_application.rb +51 -0
data/cookbooks/mu-tools/recipes/rsyslog.rb +65 -0
data/cookbooks/mu-tools/recipes/set_local_fw.rb +57 -0
data/cookbooks/mu-tools/recipes/set_mu_hostname.rb +81 -0
data/cookbooks/mu-tools/recipes/split_var_partitions.rb +86 -0
data/cookbooks/mu-tools/recipes/splunk-client.rb +69 -0
data/cookbooks/mu-tools/recipes/splunk-server.rb +104 -0
data/cookbooks/mu-tools/recipes/store_inspec_attr.rb +8 -0
data/cookbooks/mu-tools/recipes/updates.rb +96 -0
data/cookbooks/mu-tools/recipes/windows-client.rb +202 -0
data/cookbooks/mu-tools/resources/aws_windows.rb +33 -0
data/cookbooks/mu-tools/resources/disk.rb +88 -0
data/cookbooks/mu-tools/resources/mommacat_request.rb +11 -0
data/cookbooks/mu-tools/resources/scheduled_tasks.rb +29 -0
data/cookbooks/mu-tools/resources/sshd_service.rb +45 -0
data/cookbooks/mu-tools/resources/windows_users.rb +242 -0
data/cookbooks/mu-tools/templates/amazon/sshd_config.erb +168 -0
data/cookbooks/mu-tools/templates/centos-6/sshd_config.erb +212 -0
data/cookbooks/mu-tools/templates/centos-7/sshd_config.erb +215 -0
data/cookbooks/mu-tools/templates/default/0-mu-log-client.conf.erb +13 -0
data/cookbooks/mu-tools/templates/default/conf.maldet.erb +137 -0
data/cookbooks/mu-tools/templates/default/etc_hosts.erb +30 -0
data/cookbooks/mu-tools/templates/default/etc_pamd_password-auth.erb +14 -0
data/cookbooks/mu-tools/templates/default/etc_pamd_system-auth.erb +14 -0
data/cookbooks/mu-tools/templates/default/etc_sysconfig_network.erb +12 -0
data/cookbooks/mu-tools/templates/default/kubeconfig.erb +29 -0
data/cookbooks/mu-tools/templates/default/kubelet.service.erb +35 -0
data/cookbooks/mu-tools/templates/default/maldet_scanall.sh.erb +15 -0
data/cookbooks/mu-tools/templates/default/nrpe.cfg.erb +233 -0
data/cookbooks/mu-tools/templates/redhat-6/sshd_config.erb +213 -0
data/cookbooks/mu-tools/templates/redhat-7/sshd_config.erb +215 -0
data/cookbooks/mu-tools/templates/ubuntu-12.04/sshd_config.erb +146 -0
data/cookbooks/mu-tools/templates/ubuntu-14.04/sshd_config.erb +145 -0
data/cookbooks/mu-tools/templates/windows/Backup.xml.erb +20 -0
data/cookbooks/mu-tools/templates/windows/bkupInfo.xml.erb +1 -0
data/cookbooks/mu-tools/templates/windows/gpreprt.xml.erb +214 -0
data/cookbooks/mu-tools/templates/windows/gptmpl.inf.erb +12 -0
data/cookbooks/mu-tools/templates/windows/manifest.xml.erb +1 -0
data/cookbooks/mu-tools/templates/windows/set_ad_dns_scheduled_task.ps1.erb +6 -0
data/cookbooks/mu-tools/templates/windows/sshd_config.erb +136 -0
data/cookbooks/mu-utility/CHANGELOG.md +12 -0
data/cookbooks/mu-utility/LICENSE +37 -0
data/cookbooks/mu-utility/README.md +6 -0
data/cookbooks/mu-utility/attributes/default.rb +1 -0
data/cookbooks/mu-utility/libraries/matchers.rb +21 -0
data/cookbooks/mu-utility/metadata.rb +16 -0
data/cookbooks/mu-utility/recipes/apt.rb +23 -0
data/cookbooks/mu-utility/recipes/cleanup_image_helper.rb +118 -0
data/cookbooks/mu-utility/recipes/iptables.rb +26 -0
data/cookbooks/mu-utility/recipes/luks.rb +18 -0
data/cookbooks/mu-utility/recipes/nat.rb +104 -0
data/cookbooks/mu-utility/recipes/php.rb +33 -0
data/cookbooks/mu-utility/recipes/rdp_gateway.rb +83 -0
data/cookbooks/mu-utility/recipes/remi.rb +44 -0
data/cookbooks/mu-utility/recipes/vim.rb +26 -0
data/cookbooks/mu-utility/recipes/windows_basics.rb +37 -0
data/cookbooks/mu-utility/recipes/zip.rb +26 -0
data/cookbooks/mu-utility/templates/default/BundleConfig.xml.erb +34 -0
data/cookbooks/mu-utility/templates/default/config.xml.erb +60 -0
data/cookbooks/nagios/Berksfile +8 -0
data/cookbooks/nagios/CHANGELOG.md +589 -0
data/cookbooks/nagios/CONTRIBUTING.md +11 -0
data/cookbooks/nagios/LICENSE +37 -0
data/cookbooks/nagios/README.md +328 -0
data/cookbooks/nagios/TESTING.md +2 -0
data/cookbooks/nagios/attributes/config.rb +171 -0
data/cookbooks/nagios/attributes/default.rb +228 -0
data/cookbooks/nagios/chefignore +102 -0
data/cookbooks/nagios/definitions/command.rb +33 -0
data/cookbooks/nagios/definitions/contact.rb +33 -0
data/cookbooks/nagios/definitions/contactgroup.rb +33 -0
data/cookbooks/nagios/definitions/host.rb +33 -0
data/cookbooks/nagios/definitions/hostdependency.rb +33 -0
data/cookbooks/nagios/definitions/hostescalation.rb +34 -0
data/cookbooks/nagios/definitions/hostgroup.rb +33 -0
data/cookbooks/nagios/definitions/nagios_conf.rb +38 -0
data/cookbooks/nagios/definitions/resource.rb +33 -0
data/cookbooks/nagios/definitions/service.rb +33 -0
data/cookbooks/nagios/definitions/servicedependency.rb +33 -0
data/cookbooks/nagios/definitions/serviceescalation.rb +34 -0
data/cookbooks/nagios/definitions/servicegroup.rb +33 -0
data/cookbooks/nagios/definitions/timeperiod.rb +33 -0
data/cookbooks/nagios/libraries/base.rb +314 -0
data/cookbooks/nagios/libraries/command.rb +91 -0
data/cookbooks/nagios/libraries/contact.rb +230 -0
data/cookbooks/nagios/libraries/contactgroup.rb +112 -0
data/cookbooks/nagios/libraries/custom_option.rb +36 -0
data/cookbooks/nagios/libraries/data_bag_helper.rb +23 -0
data/cookbooks/nagios/libraries/default.rb +90 -0
data/cookbooks/nagios/libraries/host.rb +412 -0
data/cookbooks/nagios/libraries/hostdependency.rb +181 -0
data/cookbooks/nagios/libraries/hostescalation.rb +173 -0
data/cookbooks/nagios/libraries/hostgroup.rb +119 -0
data/cookbooks/nagios/libraries/nagios.rb +282 -0
data/cookbooks/nagios/libraries/resource.rb +59 -0
data/cookbooks/nagios/libraries/service.rb +455 -0
data/cookbooks/nagios/libraries/servicedependency.rb +215 -0
data/cookbooks/nagios/libraries/serviceescalation.rb +195 -0
data/cookbooks/nagios/libraries/servicegroup.rb +144 -0
data/cookbooks/nagios/libraries/timeperiod.rb +160 -0
data/cookbooks/nagios/libraries/users_helper.rb +54 -0
data/cookbooks/nagios/metadata.rb +25 -0
data/cookbooks/nagios/recipes/_load_databag_config.rb +153 -0
data/cookbooks/nagios/recipes/_load_default_config.rb +241 -0
data/cookbooks/nagios/recipes/apache.rb +48 -0
data/cookbooks/nagios/recipes/default.rb +204 -0
data/cookbooks/nagios/recipes/nginx.rb +82 -0
data/cookbooks/nagios/recipes/pagerduty.rb +143 -0
data/cookbooks/nagios/recipes/server_package.rb +40 -0
data/cookbooks/nagios/recipes/server_source.rb +164 -0
data/cookbooks/nagios/templates/default/apache2.conf.erb +96 -0
data/cookbooks/nagios/templates/default/cgi.cfg.erb +266 -0
data/cookbooks/nagios/templates/default/commands.cfg.erb +13 -0
data/cookbooks/nagios/templates/default/contacts.cfg.erb +37 -0
data/cookbooks/nagios/templates/default/hostgroups.cfg.erb +25 -0
data/cookbooks/nagios/templates/default/hosts.cfg.erb +15 -0
data/cookbooks/nagios/templates/default/htpasswd.users.erb +6 -0
data/cookbooks/nagios/templates/default/nagios.cfg.erb +22 -0
data/cookbooks/nagios/templates/default/nginx.conf.erb +62 -0
data/cookbooks/nagios/templates/default/pagerduty.cgi.erb +185 -0
data/cookbooks/nagios/templates/default/resource.cfg.erb +27 -0
data/cookbooks/nagios/templates/default/servicedependencies.cfg.erb +15 -0
data/cookbooks/nagios/templates/default/servicegroups.cfg.erb +14 -0
data/cookbooks/nagios/templates/default/services.cfg.erb +14 -0
data/cookbooks/nagios/templates/default/templates.cfg.erb +31 -0
data/cookbooks/nagios/templates/default/timeperiods.cfg.erb +13 -0
data/cookbooks/s3fs/CHANGELOG.md +13 -0
data/cookbooks/s3fs/LICENSE +37 -0
data/cookbooks/s3fs/README.md +6 -0
data/cookbooks/s3fs/attributes/default.rb +15 -0
data/cookbooks/s3fs/files/default/fuse-2.9.3.zip +0 -0
data/cookbooks/s3fs/metadata.rb +16 -0
data/cookbooks/s3fs/recipes/default.rb +91 -0
data/data_bags/demo/app.json +7 -0
data/data_bags/nagios_services/chef.json +6 -0
data/data_bags/nagios_services/linux_diskspace.json +5 -0
data/data_bags/nagios_services/momma_cat.json +6 -0
data/data_bags/nagios_services/mu-master-memory.json +5 -0
data/data_bags/nagios_services/nagios_ui.json +6 -0
data/data_bags/nagios_services/node_ssh.json +6 -0
data/data_bags/nagios_services/ssh.json +6 -0
data/demo/lambda_test.yaml +29 -0
data/environments/DEV.json +8 -0
data/environments/PROD.json +8 -0
data/environments/dev.json +8 -0
data/environments/development.json +8 -0
data/environments/prod.json +8 -0
data/extras/README.md +1 -0
data/extras/admin-role-binding.yaml +16 -0
data/extras/admin-user.yaml +6 -0
data/extras/aws-auth-cm.yaml.erb +12 -0
data/extras/clean-stock-amis +48 -0
data/extras/git-fix-permissions-hook +12 -0
data/extras/gitlab-eks-helper.sh.erb +20 -0
data/extras/image-generators/README.md +2 -0
data/extras/image-generators/aws/centos6.yaml +18 -0
data/extras/image-generators/aws/centos7-govcloud.yaml +24 -0
data/extras/image-generators/aws/centos7.yaml +17 -0
data/extras/image-generators/aws/rhel7.yaml +17 -0
data/extras/image-generators/aws/win2k12.yaml +16 -0
data/extras/image-generators/aws/win2k16.yaml +16 -0
data/extras/image-generators/aws/windows.yaml +18 -0
data/extras/image-generators/gcp/centos6.yaml +17 -0
data/extras/lambda_waf_domain_blacklist.py +103 -0
data/extras/platform_berksfile_base +50 -0
data/extras/ruby_rpm/build.sh +17 -0
data/extras/ruby_rpm/muby.spec +44 -0
data/extras/vault_tools/README.md +6 -0
data/extras/vault_tools/export_vaults.sh +3 -0
data/extras/vault_tools/recreate_vaults.sh +5 -0
data/extras/vault_tools/test_vaults.sh +5 -0
data/install/README.md +8 -0
data/install/cfn_create_mu_master.json +1034 -0
data/install/chef-server.rb.erb +19 -0
data/install/deprecated-bash-library.sh +1891 -0
data/install/images/Usage.png +0 -0
data/install/installer +71 -0
data/install/jenkinskeys.rb +8 -0
data/install/user-dot-murc.erb +14 -0
data/modules/html.erb +19 -0
data/modules/mommacat.ru +426 -0
data/modules/mu/cleanup.rb +339 -0
data/modules/mu/cloud.rb +1446 -0
data/modules/mu/clouds/README.md +201 -0
data/modules/mu/clouds/aws/alarm.rb +319 -0
data/modules/mu/clouds/aws/cache_cluster.rb +1010 -0
data/modules/mu/clouds/aws/collection.rb +373 -0
data/modules/mu/clouds/aws/container_cluster.rb +667 -0
data/modules/mu/clouds/aws/database.rb +1836 -0
data/modules/mu/clouds/aws/dnszone.rb +911 -0
data/modules/mu/clouds/aws/firewall_rule.rb +641 -0
data/modules/mu/clouds/aws/folder.rb +92 -0
data/modules/mu/clouds/aws/function.rb +349 -0
data/modules/mu/clouds/aws/group.rb +251 -0
data/modules/mu/clouds/aws/loadbalancer.rb +888 -0
data/modules/mu/clouds/aws/log.rb +363 -0
data/modules/mu/clouds/aws/msg_queue.rb +480 -0
data/modules/mu/clouds/aws/notification.rb +139 -0
data/modules/mu/clouds/aws/role.rb +656 -0
data/modules/mu/clouds/aws/search_domain.rb +646 -0
data/modules/mu/clouds/aws/server.rb +2294 -0
data/modules/mu/clouds/aws/server_pool.rb +1388 -0
data/modules/mu/clouds/aws/storage_pool.rb +495 -0
data/modules/mu/clouds/aws/user.rb +382 -0
data/modules/mu/clouds/aws/userdata/README.md +4 -0
data/modules/mu/clouds/aws/userdata/linux.erb +179 -0
data/modules/mu/clouds/aws/userdata/windows.erb +278 -0
data/modules/mu/clouds/aws/vpc.rb +1943 -0
data/modules/mu/clouds/aws.rb +1009 -0
data/modules/mu/clouds/cloudformation/alarm.rb +146 -0
data/modules/mu/clouds/cloudformation/cache_cluster.rb +167 -0
data/modules/mu/clouds/cloudformation/collection.rb +117 -0
data/modules/mu/clouds/cloudformation/database.rb +278 -0
data/modules/mu/clouds/cloudformation/dnszone.rb +274 -0
data/modules/mu/clouds/cloudformation/firewall_rule.rb +308 -0
data/modules/mu/clouds/cloudformation/loadbalancer.rb +193 -0
data/modules/mu/clouds/cloudformation/log.rb +170 -0
data/modules/mu/clouds/cloudformation/server.rb +370 -0
data/modules/mu/clouds/cloudformation/server_pool.rb +279 -0
data/modules/mu/clouds/cloudformation/vpc.rb +322 -0
data/modules/mu/clouds/cloudformation.rb +733 -0
data/modules/mu/clouds/docker.rb +30 -0
data/modules/mu/clouds/google/container_cluster.rb +290 -0
data/modules/mu/clouds/google/database.rb +152 -0
data/modules/mu/clouds/google/firewall_rule.rb +267 -0
data/modules/mu/clouds/google/group.rb +164 -0
data/modules/mu/clouds/google/loadbalancer.rb +479 -0
data/modules/mu/clouds/google/server.rb +1510 -0
data/modules/mu/clouds/google/server_pool.rb +274 -0
data/modules/mu/clouds/google/user.rb +266 -0
data/modules/mu/clouds/google/userdata/README.md +4 -0
data/modules/mu/clouds/google/userdata/linux.erb +137 -0
data/modules/mu/clouds/google/userdata/windows.erb +275 -0
data/modules/mu/clouds/google/vpc.rb +890 -0
data/modules/mu/clouds/google.rb +811 -0
data/modules/mu/config/README.md +11 -0
data/modules/mu/config/alarm.rb +271 -0
data/modules/mu/config/cache_cluster.rb +172 -0
data/modules/mu/config/collection.rb +87 -0
data/modules/mu/config/container_cluster.rb +103 -0
data/modules/mu/config/container_cluster.yml +36 -0
data/modules/mu/config/database.rb +458 -0
data/modules/mu/config/database.yml +26 -0
data/modules/mu/config/dnszone.rb +327 -0
data/modules/mu/config/firewall_rule.rb +118 -0
data/modules/mu/config/folder.rb +70 -0
data/modules/mu/config/function.rb +140 -0
data/modules/mu/config/group.rb +64 -0
data/modules/mu/config/loadbalancer.rb +482 -0
data/modules/mu/config/log.rb +47 -0
data/modules/mu/config/log.yml +6 -0
data/modules/mu/config/msg_queue.rb +47 -0
data/modules/mu/config/msg_queue.yml +9 -0
data/modules/mu/config/notification.rb +44 -0
data/modules/mu/config/project.rb +71 -0
data/modules/mu/config/role.rb +102 -0
data/modules/mu/config/search_domain.rb +61 -0
data/modules/mu/config/search_domain.yml +25 -0
data/modules/mu/config/server.rb +587 -0
data/modules/mu/config/server.yml +8 -0
data/modules/mu/config/server_pool.rb +216 -0
data/modules/mu/config/server_pool.yml +71 -0
data/modules/mu/config/storage_pool.rb +145 -0
data/modules/mu/config/user.rb +78 -0
data/modules/mu/config/vpc.rb +743 -0
data/modules/mu/config/vpc.yml +6 -0
data/modules/mu/config.rb +2000 -0
data/modules/mu/defaults/README.md +2 -0
data/modules/mu/defaults/amazon_images.yaml +121 -0
data/modules/mu/defaults/google_images.yaml +16 -0
data/modules/mu/deploy.rb +686 -0
data/modules/mu/groomer.rb +123 -0
data/modules/mu/groomers/README.md +58 -0
data/modules/mu/groomers/chef.rb +1024 -0
data/modules/mu/kittens.rb +11319 -0
data/modules/mu/logger.rb +208 -0
data/modules/mu/master/README.md +27 -0
data/modules/mu/master/chef.rb +471 -0
data/modules/mu/master/ldap.rb +1005 -0
data/modules/mu/master.rb +415 -0
data/modules/mu/mommacat.rb +2703 -0
data/modules/mu-load-config.rb +1 -0
data/modules/mu.rb +724 -0
data/modules/scratchpad.erb +1 -0
data/modules/tests/super_complex_bok.yml +41 -0
data/modules/tests/super_simple_bok.yml +40 -0
data/mu.gemspec +62 -0
data/roles/demo-dbservice-configure.json +19 -0
data/roles/demo-portal-configure.json +19 -0
data/roles/mu-master-jenkins.json +24 -0
data/roles/mu-master-nagios-only.json +13 -0
data/roles/mu-master.json +12 -0
data/roles/mu-node.json +19 -0
data/roles/mu-splunk-server.json +13 -0
data/roles/mu-splunk.json +13 -0
data/test/clean_up.py +25 -0
data/test/demo-test-profile/README.md +3 -0
data/test/demo-test-profile/controls/flask.rb +84 -0
data/test/demo-test-profile/inspec.lock +7 -0
data/test/demo-test-profile/inspec.yml +11 -0
data/test/etco-test-profile/README.md +3 -0
data/test/etco-test-profile/controls/all-in-one.rb +182 -0
data/test/etco-test-profile/inspec.lock +7 -0
data/test/etco-test-profile/inspec.yml +11 -0
data/test/exec_inspec.py +246 -0
data/test/exec_mu_install.py +241 -0
data/test/exec_retry.py +44 -0
data/test/mu-master-test/README.md +3 -0
data/test/mu-master-test/controls/all_in_one.rb +557 -0
data/test/mu-master-test/inspec.lock +3 -0
data/test/mu-master-test/inspec.yml +11 -0
data/test/mu-tools-test/README.md +3 -0
data/test/mu-tools-test/controls/base.rb +265 -0
data/test/mu-tools-test/inspec.lock +3 -0
data/test/mu-tools-test/inspec.yml +8 -0
data/test/simple-server-php-test/README.md +3 -0
data/test/simple-server-php-test/controls/apachephp.rb +25 -0
data/test/simple-server-php-test/controls/example.rb +19 -0
data/test/simple-server-php-test/inspec.lock +7 -0
data/test/simple-server-php-test/inspec.yml +12 -0
data/test/simple-server-rails-test/README.md +3 -0
data/test/simple-server-rails-test/controls/rails.rb +188 -0
data/test/simple-server-rails-test/inspec.lock +7 -0
data/test/simple-server-rails-test/inspec.yml +11 -0
data/test/simple-windows-test/README.md +3 -0
data/test/simple-windows-test/controls/windows.rb +20 -0
data/test/simple-windows-test/inspec.lock +7 -0
data/test/simple-windows-test/inspec.yml +11 -0
data/test/smoke_test.rb +75 -0
data/test/wordpress-test/README.md +3 -0
data/test/wordpress-test/controls/wordpress.rb +97 -0
data/test/wordpress-test/inspec.lock +7 -0
data/test/wordpress-test/inspec.yml +11 -0
metadata +979 -0

data/cookbooks/mu-glusterfs/recipes/client.rb ADDED Viewed

@@ -0,0 +1,62 @@
+#
+# Cookbook Name:: mu-glusterfs
+# Recipe:: client
+#
+# Copyright 2014, eGlobalTech
+#
+# All rights reserved - Do Not Redistribute
+#
+case node['platform']
+  when "centos"
+    include_recipe "mu-glusterfs"
+    %w{glusterfs glusterfs-fuse}.each do |pkg|
+      package pkg
+    end
+    include_recipe 'mu-firewall'
+    node['glusterfs']['fw'].each { |rule|
+      firewall_rule "Allow glusterfs #{rule['usage']}" do
+        port rule['port_range']
+      end
+    }
+    directory node['glusterfs']['client']['mount_path'] do
+      recursive true
+      mode "0755"
+    end
+    if node['glusterfs']['discovery'] == 'groupname'
+      gluster_servers = search(
+          :node,
+          "glusterfs_is_server:true AND glusterfs_groupname:#{node['glusterfs_groupname']}"
+      )
+    end rescue NoMethodError
+    if gluster_servers.nil?
+      gluster_servers = search(
+          :node,
+          "glusterfs_is_server:true AND chef_environment:#{node.chef_environment}"
+      )
+    end
+    template "/etc/init.d/mu-gluster-client" do
+      source "mu-gluster-client.erb"
+      variables(
+          :servers => gluster_servers,
+          :path => node['glusterfs']['client']['mount_path'],
+          :volume => node['glusterfs']['server']['volume']
+      )
+      mode 0755
+    end
+    service "mu-gluster-client" do
+      action [:enable, :start]
+    end
+  else
+    Chef::Log.info("Unsupported platform #{node['platform']}")
+end

data/cookbooks/mu-glusterfs/recipes/default.rb ADDED Viewed

@@ -0,0 +1,16 @@
+#
+# Cookbook Name:: mu-glusterfs
+# Recipe:: repo
+#
+# Copyright 2014, eGlobalTech
+#
+# All rights reserved - Do Not Redistribute
+#
+case node['platform']
+  when "centos"
+    package "centos-release-gluster"
+  else
+    Chef::Log.info("Unsupported platform #{node['platform']}")
+end

data/cookbooks/mu-glusterfs/recipes/samba.rb ADDED Viewed

@@ -0,0 +1,57 @@
+#
+# Cookbook Name:: mu-glusterfs
+# Recipe:: samba
+#
+# Copyright 2014, eGlobalTech
+#
+# All rights reserved - Do Not Redistribute
+#
+::Chef::Recipe.send(:include, Chef::Mixin::ShellOut)
+case node['platform']
+  when "centos"
+    include_recipe "mu-glusterfs"
+#    %w{samba-vfs-glusterfs samba-client samba}.each do |pkg|
+#      package pkg
+#    end
+    %w{samba4 samba4-client samba4-winbind samba4-winbind-clients samba4-winbind-krb5-locator}.each { |pkg|
+      package pkg
+    }
+    service "smb"
+    ["137", "139", "445"].each { |port|
+      bash "Allow #{port} through iptables" do
+        user "root"
+        not_if "/sbin/iptables -nL | egrep '^ACCEPT.*dpt:#{port}($| )'"
+        code <<-EOH
+					iptables -I INPUT -s 10.0.0.0/8 --dport #{port} -j ACCEPT
+					service iptables save
+        EOH
+      end
+    }
+    directory "/etc/samba/includes"
+    template "/etc/samba/includes/smb.gluster.conf" do
+      source "smb.conf.erb"
+      owner "root"
+      group "root"
+      mode 0644
+      cookbook "mu-glusterfs"
+      notifies :restart, "service[smb]", :immediately
+    end
+    execute "setsebool -P samba_run_unconfined on" do
+      not_if "getsebool samba_run_unconfined | grep ' on$'"
+    end
+    execute "setsebool -P samba_export_all_rw on" do
+      not_if "getsebool samba_export_all_rw | grep ' on$'"
+    end
+    directory "/run/samba"
+  else
+    Chef::Log.info("Unsupported platform #{node['platform']}")
+end

data/cookbooks/mu-glusterfs/recipes/server.rb ADDED Viewed

@@ -0,0 +1,200 @@
+#
+# Cookbook Name:: mu-glusterfs
+# Recipe:: server
+#
+# Copyright 2014, eGlobalTech
+#
+# All rights reserved - Do Not Redistribute
+#
+::Chef::Recipe.send(:include, Chef::Mixin::ShellOut)
+case node['platform']
+  when "centos"
+    include_recipe "mu-glusterfs"
+    $nodeclass = node['gluster_node_class']
+    package node['glusterfs']['server']['packages']
+    if node['glusterfs']['server']['raid']
+      def raid_no_spare(mount_dev, level, num_devices, devices)
+        execute "yes | mdadm -Cv #{mount_dev} -l#{level} -n#{num_devices} #{devices}" do
+          not_if "mdadm --detail #{mount_dev}"
+        end
+      end
+      def raid_with_spare(mount_dev, level, num_devices, devices, spare_device)
+        execute "yes | mdadm -Cv #{mount_dev} -l#{level} -n#{num_devices} #{devices} -x1 #{spare_device}" do
+          not_if "mdadm --detail #{mount_dev}"
+        end
+      end
+      if node['glusterfs']['server']['raid_level'] == 10
+        array1, array2 = node['glusterfs']['server']['devices'].each_slice(node['glusterfs']['server']['devices'].size/2).to_a
+        if node['glusterfs']['server']['raid_spare_vol']
+          array1_spare_device = array1.pop
+          array2_spare_device = array2.pop
+          raid_with_spare("/dev/md1", 1, array1.size, array1.join(" "), array1_spare_device)
+          raid_with_spare("/dev/md2", 1, array2.size, array2.join(" "), array2_spare_device)
+        else
+          raid_no_spare("/dev/md1", 1, array1.size, array1.join(" "))
+          raid_no_spare("/dev/md2", 1, array2.size, array2.join(" "))
+        end
+        raid_no_spare("/dev/md0", 0, 2, "/dev/md1 /dev/md2")
+      else
+        node['glusterfs']['server']['raid_levels_map'].each do |type|
+          if node['glusterfs']['server']['raid_spare_vol']
+            if type['level'] == node['glusterfs']['server']['raid_level'] and type['spare'] == node['glusterfs']['server']['raid_spare_vol'] and node['glusterfs']['server']['devices'.size] >= type['min_devcies']
+              spare_device = node['glusterfs']['server']['devices'].pop
+              raid_with_spare(node['glusterfs']['server']['raid_dev'], node['glusterfs']['server']['raid_level'], node['glusterfs']['server']['devices'].size, node['glusterfs']['server']['devices'].join(" "), spare_device)
+            end
+          else
+            if type['level'] == node['glusterfs']['server']['raid_level'] and type['spare'] == node['glusterfs']['server']['raid_spare_vol'] and node['glusterfs']['server']['devices'].size >= type['min_devcies']
+              raid_no_spare(node['glusterfs']['server']['raid_dev'], node['glusterfs']['server']['raid_level'], node['glusterfs']['server']['devices'].size, node['glusterfs']['server']['devices'].join(" "))
+            end
+          end
+        end
+      end
+      execute "mdadm --detail --scan >> /etc/mdadm.conf" do
+        not_if { File.exists?("/etc/mdadm.conf") }
+      end
+      execute "mkfs -t xfs -i size=512 #{node['glusterfs']['server']['raid_dev']}" do
+        not_if "xfs_info #{node['glusterfs']['server']['raid_dev']}"
+      end
+      $gluster_mnt_pt = "#{node['glusterfs']['server']['brick_base_mount_path']}#{node['glusterfs']['server']['raid_dev']}"
+      directory $gluster_mnt_pt do
+        recursive true
+      end
+      mount $gluster_mnt_pt do
+        device node['glusterfs']['server']['raid_dev']
+        fstype "xfs"
+        action [:mount, :enable]
+      end
+      directory "#{$gluster_mnt_pt}/brick"
+      execute "chmod go+rx #{$gluster_mnt_pt}"
+    else
+      $gluster_mnt_pts = []
+      node['glusterfs']['server']['devices'].each do |dev|
+        execute "mkfs -t xfs -i size=512 #{dev}" do
+          not_if "xfs_info #{dev}"
+        end
+        directory "#{node['glusterfs']['server']['brick_base_mount_path']}#{dev}" do
+          recursive true
+        end
+        mount "#{node['glusterfs']['server']['brick_base_mount_path']}#{dev}" do
+          device dev
+          fstype "xfs"
+          action [:mount, :enable]
+        end
+        directory "#{node['glusterfs']['server']['brick_base_mount_path']}#{dev}/brick"
+        execute "chmod go+rx #{node['glusterfs']['server']['brick_base_mount_path']} #{node['glusterfs']['server']['brick_base_mount_path']}#{dev}"
+        $gluster_mnt_pts << "#{node['glusterfs']['server']['brick_base_mount_path']}#{dev}"
+      end
+    end
+    include_recipe 'mu-firewall'
+    node['glusterfs']['fw'].each { |rule|
+      firewall_rule "Allow glusterfs #{rule['usage']}" do
+        port rule['port_range']
+      end
+    }
+    service "glusterd" do
+      action [:enable, :start]
+    end
+    found_master = false
+    i_am_master = false
+    node['deployment']['servers'][$nodeclass].each_pair { |name, data|
+      if data['gluster_master']
+        found_master = true
+        if name == Chef::Config['node_name']
+          i_am_master = true
+        end
+      end
+    } rescue NoMethodError
+    if !found_master
+      node.normal['deployment']['servers'][$nodeclass][Chef::Config['node_name']]['gluster_master'] = true
+      i_am_master = true
+    end
+    node.normal['glusterfs_is_server'] = true
+    node.save
+    if i_am_master
+      ips = []
+      node['deployment']['servers'][$nodeclass].each_pair do |name, data|
+        next if data['private_ip_address'].nil? or data['private_ip_address'].empty?
+        execute "gluster peer probe #{data['private_ip_address']}" do
+          not_if { data['private_ip_address'] == node['ipaddress'] }
+        end
+        ips << data['private_ip_address']
+      end
+      if ips.size >= node['glusterfs']['server']['num_replicas']
+        bricks = []
+        ips.each do |ip|
+          if node['glusterfs']['server']['raid']
+            bricks << "#{ip}:#{$gluster_mnt_pt}/brick"
+          else
+            $gluster_mnt_pts.each do |mount_point|
+              bricks << "#{ip}:#{mount_point}/brick"
+            end
+          end
+        end
+        bash "Create gluster volume #{node['glusterfs']['server']['volume']}" do
+          not_if "gluster volume info #{node['glusterfs']['server']['volume']}"
+          code "gluster volume create #{node['glusterfs']['server']['volume']} #{node['glusterfs']['server']['volume_type']} #{node['glusterfs']['server']['num_replicas']} transport tcp #{bricks.join(" ")}"
+        end
+        bash "Start gluster volume #{node['glusterfs']['server']['volume']}" do
+          not_if "gluster volume info #{node['glusterfs']['server']['volume']} | grep Started"
+          code "gluster volume start #{node['glusterfs']['server']['volume']}"
+        end
+        bash "Set network timeout on #{node['glusterfs']['server']['volume']}" do
+          not_if "gluster volume info #{node['glusterfs']['server']['volume']} | grep 'network.ping-timeout: #{node['glusterfs']['server']['network_timeout']}'"
+          code "gluster volume set #{node['glusterfs']['server']['volume']} network.ping-timeout #{node['glusterfs']['server']['network_timeout']}"
+        end
+        bash "Set read cache max size on #{node['glusterfs']['server']['volume']}" do
+          not_if "gluster volume info #{node['glusterfs']['server']['volume']} | grep 'performance.cache-size: #{node['glusterfs']['server']['read_cache_size']}'"
+          code "gluster volume set #{node['glusterfs']['server']['volume']} performance.cache-size #{node['glusterfs']['server']['read_cache_size']}"
+        end
+        # gluster_vol_exists = shell_out("gluster volume info #{node['glusterfs']['server']['volume']}")
+        # if gluster_vol_exists.stderr.empty? and !gluster_vol_exists.stdout.empty?
+        # ips.each do |ip|
+        # bash "Remove failed brick/instance fro GlusterFS Cluster" do
+        # not_if "gluster volume info #{node['glusterfs']['server']['volume']} | grep #{ip}"
+        # code <<-EOH
+        # "gluster peer status | grep -B 2 Disconnected | grep #{old_instnace}"
+        # "gluster volume replace-brick #{node['glusterfs']['server']['volume']} #{old_instnace}:/gluster/dev/md0/brick #{new_instance}:/gluster/dev/md0/brick start force"
+        # "gluster volume replace-brick #{node['glusterfs']['server']['volume']} #{old_instnace}:/gluster/dev/md0/brick #{new_instance}:/gluster/dev/md0/brick commit force"
+        # "gluster peer detach #{old_instnace}"
+        # EOH
+        # end
+        # end
+        # end
+      end
+    else
+      node['deployment']['servers'][$nodeclass].each_pair do |name, data|
+        execute "gluster peer probe #{data['private_ip_address']}" do
+          not_if { data['private_ip_address'] == node['ipaddress'] }
+        end
+      end
+    end
+  else
+    Chef::Log.info("Unsupported platform #{node['platform']}")
+end

data/cookbooks/mu-glusterfs/templates/default/mu-gluster-client.erb ADDED Viewed

@@ -0,0 +1,71 @@
+#!/bin/bash
+# Copyright:: Copyright (c) 2014 eGlobalTech, Inc., all rights reserved
+#
+# Licensed under the BSD-3 license (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License in the root of the project or at
+#
+#     http://egt-labs.com/mu/LICENSE.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# mu-gluster-client		Mounts <%= @path %>
+#
+# chkconfig: 2345 55 25
+# description: Mounts <%= @path %>
+#
+### BEGIN INIT INFO
+# Provides: mu-cluster-client
+# Required-Start: $local_fs $network $syslog
+# Required-Stop: $local_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Mount glusterfs mounts
+# Description:       Mount glusterfs mounts
+### END INIT INFO
+# source function library
+. /etc/rc.d/init.d/functions
+RETVAL=0
+start()
+{
+	if ! grep ":<%= @volume %> <%= @path %> fuse.glusterfs" /etc/mtab > /dev/null;then
+		mount -t glusterfs <%= @servers.map { |server| server.ec2.private_ip_address }.join(',') %>:<%= "#{@volume} #{@path}" %> || exit 1
+		#<%= @servers.map { |server| "mount -t glusterfs #{server.ec2.private_ip_address}:#{@volume} #{@path}" }.join(' || ') %> || exit 1
+	fi
+}
+stop()
+{
+	if grep ":<%= @volume %> <%= @path %> fuse.glusterfs" /etc/mtab > /dev/null;then
+		umount <%= @path %>
+	fi
+}
+restart() {
+	stop
+	start
+}
+case "$1" in
+	start)
+		start
+		;;
+	stop)
+		stop
+		;;
+	restart)
+		restart
+		;;
+	*)
+		echo $"Usage: $0 {start|stop|restart}"
+		RETVAL=2
+esac
+exit $RETVAL

data/cookbooks/mu-glusterfs/templates/default/smb.conf.erb ADDED Viewed

@@ -0,0 +1,14 @@
+#======================= Global Settings =====================================
+# ----------------------- Standalone Server Options ------------------------
+[glusterfs]
+comment = GlusterFS shared over SMB
+path = /
+read only = yes
+guest ok = yes
+browsable = yes
+kernel share modes = No
+vfs objects = glusterfs
+glusterfs:loglevel = 10
+glusterfs:logfile = /var/log/samba/glusterfs-<%= node['glusterfs']['server']['volume'] %>.log
+glusterfs:volume = <%= node['glusterfs']['server']['volume'] %>

data/cookbooks/mu-jenkins/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,13 @@
+mu-jenkins CHANGELOG
+====================
+This file is used to list changes made in each version of the mu-jenkins cookbook.
+0.1.0
+-----
+- [your_name] - Initial release of mu-jenkins
+- - -
+Check the [Markdown Syntax Guide](http://daringfireball.net/projects/markdown/syntax) for help with Markdown.
+The [Github Flavored Markdown page](http://github.github.com/github-flavored-markdown/) describes the differences between markdown on github and standard markdown.

data/cookbooks/mu-jenkins/LICENSE ADDED Viewed

@@ -0,0 +1,37 @@
+Through accessing, reading, or utilizing this software in any manner whatsoever
+or through any means whatsoever, whether the access, reading or use is either
+solely looking at this software or this software has been integrated into any
+derivative work, the party accessing,  reading, or utilizing the software
+directly or indirectly agrees to abide by the following license.
+The eGlobalTech Cloud Automation Platform is the Copyright (c) 2014 of Global
+Tech Inc. All rights reserved.
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+1. Redistributions of source code must retain the above copyright notice, this
+list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright notice,
+this list of conditions and the following disclaimer in the documentation
+and/or other materials provided with the distribution.
+3. Neither the name of the copyright holder nor the names of its contributors
+may be used to endorse or promote products derived from this software without
+specific prior written permission.
+Global Tech, Inc. is the co-owner of any derivative works created with this
+software.
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/cookbooks/mu-jenkins/README.md ADDED Viewed

@@ -0,0 +1,105 @@
+mu-jenkins Cookbook
+===================
+This cookbook creates a working Jenkins installation.  It can be deployed on a standalone node (see demo/jenkins.yaml) or as a Jenkins server on the mu-master itself.
+Requirements
+------------
+This is a wrapper cookbook that is meant to be run after a Jenkins install using the Jenkins community cookbook. The recipe uses some groovy scripts to manage jenkins authentication from chef itself, and create an additional administrave Jenkins user for interactive work.
+A jenkins vault must be present before invoking.  Two items are required
+-  A users item containing passwords for each user enumerated in the default.jenkins_users attribute (see below).  The mu-user password is required, as we need at least one interactive Jenkins user
+-  An admin item containing a public and private keypair that will be used by chef to authenticate to Jenkins after disabling anonymous authentication, and a username for this user
+A third optional ssh item is used to store a keypair used by Jenkins to SSH to other nodes, to allow Jenkins to run code locally as part of a Jenkins job.
+Create the vault items along these lines:
+admin:
+```
+#!/usr/local/ruby-current/bin/ruby
+require "openssl"
+require 'net/ssh'
+key = OpenSSL::PKey::RSA.new 2048
+public_key = "#{key.public_key.ssh_type} #{[key.public_key.to_blob].pack('m0')}"
+vault_opts="--mode client -u mu -F json"
+vault_cmd = "knife vault create jenkins admin '{ \"public_key\":\"#{public_key}\", \"private_key\":\"#{key.to_pem.chomp!.gsub(/\n/, "\\n")}\", \"username\": \"master_user\" }' #{vault_opts} --search name:MU-MASTER"
+exec vault_cmd
+```
+users:
+```knife vault create jenkins users '{"mu_user_password":"feefiefoefum"}'  --mode client -F json -u mu --search name:MU-MASTER```
+#### packages
+- `java` - jenkins needs Java to run
+- `jenkins` - mu-jenkins needs jenkins to actually be installed
+Attributes
+----------
+Some basic attributes on the java install and node address, plus Jenkins specifics:
+#### mu-jenkins::default
+<table>
+  <tr>
+    <th>Key</th>
+    <th>Type</th>
+    <th>Description</th>
+    <th>Default</th>
+  </tr>
+  <tr>
+    <td><tt>default.jenkins_users</tt></td>
+    <td>Hash</td>
+    <td>Jenkins users to create with their properties (excepting password) and a single vault to retrieve creds from</td>
+    <td><tt>:user_name => "mu_user", :fullname => "Mu-Demo-User", :email => "mu-developers@googlegroups.com", :vault => "jenkins", :vault_item => "users"}</tt></td>
+  </tr>
+  <tr>
+    <td><tt>default.jenkins_ssh_urls</tt></td>
+    <td>Array</td>
+    <td>IP addresses / DNS names of nodes Jenkins will SSH into</td>
+    <td><tt>[node[:ipaddress]]</tt></td>
+  </tr>
+  <tr>
+    <td><tt>default.jenkins_plugins</tt></td>
+    <td>Whitespace string</td>
+    <td>plugins to install</td>
+    <td><tt>%w{github ssh deploy}</tt></td>
+  </tr>
+  <tr>
+    <td><tt>default.jenkins_ssh_vault</tt></td>
+    <td>Hash</td>
+    <td>Preexisting vault containing a public private keypair that will be used to SSH to other nodes</td>
+    <td><tt>:vault => "jenkins", :item => "ssh"</tt></td>
+  </tr>
+  <tr>
+    <td><tt>default.jenkins_admin_vault</tt></td>
+    <td>Hash</td>
+    <td>Preexisting vault containing a public private keypair used by Chef to authenticate to Jenkins. This also include the username of the Jenkins user</td>
+    <td><tt>:vault => "jenkins", :item => "admin"</tt></td>
+  </tr>
+</table>
+Usage
+-----
+#### mu-jenkins::default
+This cookbook can run in a standalone mode which creates a basic Jenkins install on a target node, or a mu-master mode which creates a Jenkins server on a mu master.
+In either case the runlist will look like:
+```    run_list:
+    - recipe[java]
+    - recipe[jenkins::master]
+    - recipe[mu-jenkins]
+```
+In the mu-master mode the cookbook is invoked with the role[mu-master-jenkins], which adds some attributes to trigger the jenkins-apache recipe, which places Jenkins behind a mu-master apache reverse proxy:
+    chef-client -l info -o recipe[java],recipe[jenkins::master],recipe[mu-jenkins]
+Contributing
+------------
+Usual Cloudamatic process via pull request
+License and Authors
+-------------------
+Authors: Ami Rahav, Robert Patt-Corner

data/cookbooks/mu-jenkins/attributes/default.rb ADDED Viewed

@@ -0,0 +1,42 @@
+default['jenkins_users'] = [
+#  {:user_name => "mu_user", :fullname => "Mu-Demo-User", :email => ENV['MU_ADMIN_EMAIL'], :vault => "jenkins", :vault_item => "users"}
+]
+default['jenkins_ssh_urls'] = [node['ipaddress']]
+default['jenkins_plugins'] = %w{
+  token-macro git github deploy ldap scm-api git-client active-directory
+  ansicolor matrix-auth matrix-project workflow-scm-step junit workflow-api
+  workflow-step-api ssh credentials ssh-credentials plain-credentials mailer
+  display-url-api structs script-security jackson2-api
+}
+default['jenkins_ports_direct'] = %w{8080 443}
+default['jenkins']['master']['jenkins_args'] = "" if default['jenkins']['master']['jenkins_args'].nil?
+jenkins_args = "" if node['jenkins']['master']['jenkins_args'].nil?
+override['jenkins']['master']['jenkins_args'] = "#{jenkins_args} --prefix=/jenkins"
+default['jenkins']['master']['jvm_options'] = '-Xmx1024m -Djenkins.install.runSetupWizard=false'
+alpn_version = '8.1.11.v20170118'
+default['jenkins']['alpn']['version'] = alpn_version
+default['jenkins']['alpn']['download_link'] = "http://central.maven.org/maven2/org/mortbay/jetty/alpn/alpn-boot/#{alpn_version}/alpn-boot-#{alpn_version}.jar"
+# This isn't really true, but the Java libraries lose their minds over
+# self-signed SSL certs like the one you'll usually find on
+# https://#{$MU_CFG['public_address']}/jenkins (the real URL)
+default['jenkins']['master']['endpoint'] = "http://localhost:8080/jenkins"
+default['jenkins_ssh_vault'] = {
+    :vault => "jenkins", :item => "ssh"
+}
+default['jenkins_admin_vault'] = {
+    :vault => "jenkins", :item => "admin"
+}
+override['java']['jdk_version'] = 8
+override['java']['flavor'] = 'oracle'
+override['java']['jdk']['8']['x86_64']['url'] = 'http://download.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/jdk-8u131-linux-x64.tar.gz'
+override['java']['jdk']['8']['x86_64']['checksum'] = '75b2cb2249710d822a60f83e28860053'
+override["java"]["oracle"]["accept_oracle_download_terms"] = true
+override['java']['oracle']['jce']['enabled'] = true