RubyGems - cloud-mu - Versions diffs - 1.9.0.pre.beta - Mend

cloud-mu 1.9.0.pre.beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (618) hide show

checksums.yaml +7 -0
data/Berksfile +56 -0
data/Berksfile.lock +250 -0
data/Jenkinsfile +184 -0
data/LICENSE.md +37 -0
data/README.md +26 -0
data/bin/mu-aws-setup +376 -0
data/bin/mu-cleanup +68 -0
data/bin/mu-configure +1133 -0
data/bin/mu-deploy +166 -0
data/bin/mu-firewall-allow-clients +30 -0
data/bin/mu-gcp-setup +200 -0
data/bin/mu-gen-docs +34 -0
data/bin/mu-gen-env +42 -0
data/bin/mu-load-config.rb +158 -0
data/bin/mu-node-manage +683 -0
data/bin/mu-self-update +228 -0
data/bin/mu-ssh +23 -0
data/bin/mu-tunnel-nagios +144 -0
data/bin/mu-upload-chef-artifacts +757 -0
data/bin/mu-user-manage +275 -0
data/cookbooks/awscli/LICENSE +37 -0
data/cookbooks/awscli/README.md +58 -0
data/cookbooks/awscli/attributes/default.rb +1 -0
data/cookbooks/awscli/libraries/instance_metadata.rb +21 -0
data/cookbooks/awscli/metadata.rb +20 -0
data/cookbooks/awscli/recipes/default.rb +56 -0
data/cookbooks/awscli/templates/default/config.erb +18 -0
data/cookbooks/mu-activedirectory/CHANGELOG.md +13 -0
data/cookbooks/mu-activedirectory/LICENSE +37 -0
data/cookbooks/mu-activedirectory/README.md +6 -0
data/cookbooks/mu-activedirectory/attributes/default.rb +98 -0
data/cookbooks/mu-activedirectory/files/default/password-auth +32 -0
data/cookbooks/mu-activedirectory/files/default/sshd_pol.pp +0 -0
data/cookbooks/mu-activedirectory/files/default/sshd_pol.te +32 -0
data/cookbooks/mu-activedirectory/files/default/syslogd_oddjobd.pp +0 -0
data/cookbooks/mu-activedirectory/files/default/syslogd_oddjobd.te +10 -0
data/cookbooks/mu-activedirectory/files/default/system-auth +34 -0
data/cookbooks/mu-activedirectory/files/default/winbindpol.pp +0 -0
data/cookbooks/mu-activedirectory/files/default/winbindpol.te +37 -0
data/cookbooks/mu-activedirectory/libraries/config.rb +106 -0
data/cookbooks/mu-activedirectory/libraries/helper.rb +86 -0
data/cookbooks/mu-activedirectory/metadata.rb +17 -0
data/cookbooks/mu-activedirectory/providers/domain.rb +152 -0
data/cookbooks/mu-activedirectory/providers/domain_controller.rb +89 -0
data/cookbooks/mu-activedirectory/providers/domain_node.rb +275 -0
data/cookbooks/mu-activedirectory/recipes/default.rb +8 -0
data/cookbooks/mu-activedirectory/recipes/domain-controller.rb +44 -0
data/cookbooks/mu-activedirectory/recipes/domain-node.rb +50 -0
data/cookbooks/mu-activedirectory/recipes/domain.rb +43 -0
data/cookbooks/mu-activedirectory/recipes/sssd.rb +185 -0
data/cookbooks/mu-activedirectory/resources/domain.rb +25 -0
data/cookbooks/mu-activedirectory/resources/domain_controller.rb +25 -0
data/cookbooks/mu-activedirectory/resources/domain_node.rb +20 -0
data/cookbooks/mu-activedirectory/templates/default/dhclient-eth0.conf.erb +4 -0
data/cookbooks/mu-activedirectory/templates/default/interface +0 -0
data/cookbooks/mu-activedirectory/templates/default/krb5.conf.erb +23 -0
data/cookbooks/mu-activedirectory/templates/default/ntp.conf.erb +56 -0
data/cookbooks/mu-activedirectory/templates/default/smb.conf.erb +33 -0
data/cookbooks/mu-activedirectory/templates/default/sssd.conf.erb +60 -0
data/cookbooks/mu-activedirectory/templates/windows/Backup.xml.erb +20 -0
data/cookbooks/mu-activedirectory/templates/windows/bkupInfo.xml.erb +1 -0
data/cookbooks/mu-activedirectory/templates/windows/gpreprt.xml.erb +198 -0
data/cookbooks/mu-activedirectory/templates/windows/gptmpl.inf.erb +12 -0
data/cookbooks/mu-activedirectory/templates/windows/manifest.xml.erb +1 -0
data/cookbooks/mu-firewall/CHANGELOG.md +11 -0
data/cookbooks/mu-firewall/LICENSE +37 -0
data/cookbooks/mu-firewall/README.md +5 -0
data/cookbooks/mu-firewall/attributes/default.rb +3 -0
data/cookbooks/mu-firewall/metadata.rb +16 -0
data/cookbooks/mu-firewall/recipes/default.rb +10 -0
data/cookbooks/mu-glusterfs/CHANGELOG.md +13 -0
data/cookbooks/mu-glusterfs/LICENSE +37 -0
data/cookbooks/mu-glusterfs/README.md +5 -0
data/cookbooks/mu-glusterfs/attributes/default.rb +34 -0
data/cookbooks/mu-glusterfs/metadata.rb +17 -0
data/cookbooks/mu-glusterfs/recipes/client.rb +62 -0
data/cookbooks/mu-glusterfs/recipes/default.rb +16 -0
data/cookbooks/mu-glusterfs/recipes/samba.rb +57 -0
data/cookbooks/mu-glusterfs/recipes/server.rb +200 -0
data/cookbooks/mu-glusterfs/templates/default/mu-gluster-client.erb +71 -0
data/cookbooks/mu-glusterfs/templates/default/smb.conf.erb +14 -0
data/cookbooks/mu-jenkins/CHANGELOG.md +13 -0
data/cookbooks/mu-jenkins/LICENSE +37 -0
data/cookbooks/mu-jenkins/README.md +105 -0
data/cookbooks/mu-jenkins/attributes/default.rb +42 -0
data/cookbooks/mu-jenkins/files/default/cleanup_deploy_config.xml +73 -0
data/cookbooks/mu-jenkins/files/default/deploy_config.xml +44 -0
data/cookbooks/mu-jenkins/metadata.rb +21 -0
data/cookbooks/mu-jenkins/recipes/default.rb +195 -0
data/cookbooks/mu-jenkins/recipes/node-ssh-config.rb +54 -0
data/cookbooks/mu-jenkins/recipes/public_key.rb +24 -0
data/cookbooks/mu-jenkins/templates/default/example_job.config.xml.erb +24 -0
data/cookbooks/mu-jenkins/templates/default/org.jvnet.hudson.plugins.SSHBuildWrapper.xml.erb +14 -0
data/cookbooks/mu-jenkins/templates/default/ssh_config.erb +6 -0
data/cookbooks/mu-master/CHANGELOG.md +13 -0
data/cookbooks/mu-master/LICENSE +37 -0
data/cookbooks/mu-master/README.md +6 -0
data/cookbooks/mu-master/attributes/default.rb +95 -0
data/cookbooks/mu-master/files/default/0-mu-log-server.conf +19 -0
data/cookbooks/mu-master/files/default/addRSA.ldif +8 -0
data/cookbooks/mu-master/files/default/check_mem.pl +197 -0
data/cookbooks/mu-master/files/default/cloudamatic.png +0 -0
data/cookbooks/mu-master/files/default/dirsrv_admin.pp +0 -0
data/cookbooks/mu-master/files/default/dirsrv_admin.te +13 -0
data/cookbooks/mu-master/files/default/nagios_selinux.pp +0 -0
data/cookbooks/mu-master/files/default/nagios_selinux.te +51 -0
data/cookbooks/mu-master/files/default/nagios_selinux_7.pp +0 -0
data/cookbooks/mu-master/files/default/nagios_selinux_7.te +17 -0
data/cookbooks/mu-master/files/default/pam_sshd +18 -0
data/cookbooks/mu-master/files/default/ssl_enable.ldif +18 -0
data/cookbooks/mu-master/files/default/syslogd_oddjobd.pp +0 -0
data/cookbooks/mu-master/files/default/syslogd_oddjobd.te +10 -0
data/cookbooks/mu-master/files/default/vimrc +19 -0
data/cookbooks/mu-master/libraries/mu.rb +29 -0
data/cookbooks/mu-master/metadata.rb +30 -0
data/cookbooks/mu-master/providers/user.rb +41 -0
data/cookbooks/mu-master/recipes/389ds.rb +164 -0
data/cookbooks/mu-master/recipes/basepackages.rb +58 -0
data/cookbooks/mu-master/recipes/caching_nameserver.rb +37 -0
data/cookbooks/mu-master/recipes/default.rb +451 -0
data/cookbooks/mu-master/recipes/eks-kubectl.rb +41 -0
data/cookbooks/mu-master/recipes/firewall-holes.rb +70 -0
data/cookbooks/mu-master/recipes/init.rb +542 -0
data/cookbooks/mu-master/recipes/ssl-certs.rb +109 -0
data/cookbooks/mu-master/recipes/sssd.rb +89 -0
data/cookbooks/mu-master/recipes/update_nagios_only.rb +242 -0
data/cookbooks/mu-master/recipes/vault.rb +111 -0
data/cookbooks/mu-master/resources/user.rb +19 -0
data/cookbooks/mu-master/templates/default/389-directory-setup.inf.erb +28 -0
data/cookbooks/mu-master/templates/default/chef-server.rb.erb +18 -0
data/cookbooks/mu-master/templates/default/dhclient-eth0.conf.erb +9 -0
data/cookbooks/mu-master/templates/default/mu-momma-cat.erb +149 -0
data/cookbooks/mu-master/templates/default/mu.rc.erb +9 -0
data/cookbooks/mu-master/templates/default/openssl.cnf.erb +354 -0
data/cookbooks/mu-master/templates/default/sssd.conf.erb +44 -0
data/cookbooks/mu-master/templates/default/web_app.conf.erb +90 -0
data/cookbooks/mu-mongo/CHANGELOG.md +13 -0
data/cookbooks/mu-mongo/LICENSE +37 -0
data/cookbooks/mu-mongo/README.md +5 -0
data/cookbooks/mu-mongo/attributes/default.rb +22 -0
data/cookbooks/mu-mongo/files/default/keyfile +16 -0
data/cookbooks/mu-mongo/files/default/remove_nodes.js +5 -0
data/cookbooks/mu-mongo/metadata.rb +17 -0
data/cookbooks/mu-mongo/recipes/default.rb +149 -0
data/cookbooks/mu-mongo/recipes/yum-update-rule.rb +18 -0
data/cookbooks/mu-mongo/templates/default/mongo_create_openfema_db.js.erb +2 -0
data/cookbooks/mu-mongo/templates/default/mongo_init.js.erb +1 -0
data/cookbooks/mu-mongo/templates/default/mongo_logrotate.erb +14 -0
data/cookbooks/mu-mongo/templates/default/mongo_replset_addnodes.js.erb +6 -0
data/cookbooks/mu-mongo/templates/default/replset_init.js.erb +2 -0
data/cookbooks/mu-openvpn/CHANGELOG.md +13 -0
data/cookbooks/mu-openvpn/LICENSE +37 -0
data/cookbooks/mu-openvpn/README.md +6 -0
data/cookbooks/mu-openvpn/attributes/default.rb +119 -0
data/cookbooks/mu-openvpn/metadata.rb +18 -0
data/cookbooks/mu-openvpn/recipes/default.rb +108 -0
data/cookbooks/mu-openvpn/templates/default/users.json.erb +42 -0
data/cookbooks/mu-php54/CHANGELOG.md +12 -0
data/cookbooks/mu-php54/LICENSE +37 -0
data/cookbooks/mu-php54/README.md +0 -0
data/cookbooks/mu-php54/files/centos/php.ini +1802 -0
data/cookbooks/mu-php54/files/ubuntu/php.ini +1870 -0
data/cookbooks/mu-php54/metadata.rb +21 -0
data/cookbooks/mu-php54/recipes/default.rb +97 -0
data/cookbooks/mu-splunk/CHANGELOG.md +37 -0
data/cookbooks/mu-splunk/LICENSE +37 -0
data/cookbooks/mu-splunk/README.md +451 -0
data/cookbooks/mu-splunk/attributes/default.rb +95 -0
data/cookbooks/mu-splunk/attributes/upgrade.rb +49 -0
data/cookbooks/mu-splunk/definitions/splunk_installer.rb +103 -0
data/cookbooks/mu-splunk/files/default/splunk-nocheck +10 -0
data/cookbooks/mu-splunk/libraries/helpers.rb +72 -0
data/cookbooks/mu-splunk/libraries/splunk_app_provider.rb +156 -0
data/cookbooks/mu-splunk/libraries/splunk_app_resource.rb +43 -0
data/cookbooks/mu-splunk/metadata.json +30 -0
data/cookbooks/mu-splunk/metadata.rb +17 -0
data/cookbooks/mu-splunk/recipes/client.rb +143 -0
data/cookbooks/mu-splunk/recipes/default.rb +31 -0
data/cookbooks/mu-splunk/recipes/disabled.rb +41 -0
data/cookbooks/mu-splunk/recipes/install_forwarder.rb +23 -0
data/cookbooks/mu-splunk/recipes/install_server.rb +23 -0
data/cookbooks/mu-splunk/recipes/server.rb +53 -0
data/cookbooks/mu-splunk/recipes/service.rb +95 -0
data/cookbooks/mu-splunk/recipes/setup_auth.rb +49 -0
data/cookbooks/mu-splunk/recipes/setup_ssl.rb +63 -0
data/cookbooks/mu-splunk/recipes/upgrade.rb +94 -0
data/cookbooks/mu-splunk/recipes/user.rb +34 -0
data/cookbooks/mu-splunk/templates/default/base_logs_unix_inputs.conf.erb +26 -0
data/cookbooks/mu-splunk/templates/default/inputs.conf.erb +13 -0
data/cookbooks/mu-splunk/templates/default/outputs.conf.erb +9 -0
data/cookbooks/mu-splunk/templates/default/splunk-init.erb +74 -0
data/cookbooks/mu-splunk/templates/default/system-web.conf.erb +7 -0
data/cookbooks/mu-tools/CHANGELOG.md +12 -0
data/cookbooks/mu-tools/LICENSE +37 -0
data/cookbooks/mu-tools/README.md +188 -0
data/cookbooks/mu-tools/attributes/default.rb +142 -0
data/cookbooks/mu-tools/attributes/ebs_rolling_snapshots.rb +3 -0
data/cookbooks/mu-tools/files/amazon/etc/freshclam.conf +235 -0
data/cookbooks/mu-tools/files/centos/CentOS-Base.repo +52 -0
data/cookbooks/mu-tools/files/centos/etc/bashrc +93 -0
data/cookbooks/mu-tools/files/centos/etc/freshclam.conf +235 -0
data/cookbooks/mu-tools/files/centos/etc/login.defs +72 -0
data/cookbooks/mu-tools/files/centos/etc/profile +77 -0
data/cookbooks/mu-tools/files/centos/etc/security/limits.conf +57 -0
data/cookbooks/mu-tools/files/centos/etc/sysconfig/init +19 -0
data/cookbooks/mu-tools/files/centos/etc/sysctl.conf +82 -0
data/cookbooks/mu-tools/files/centos-6/README_MU +0 -0
data/cookbooks/mu-tools/files/centos-6/etc/audit/stig.rules +173 -0
data/cookbooks/mu-tools/files/centos-6/etc/bashrc +90 -0
data/cookbooks/mu-tools/files/centos-6/etc/login.defs +70 -0
data/cookbooks/mu-tools/files/centos-6/etc/pam.d/su +12 -0
data/cookbooks/mu-tools/files/centos-6/etc/profile +83 -0
data/cookbooks/mu-tools/files/centos-6/etc/securetty +12 -0
data/cookbooks/mu-tools/files/centos-6/etc/sysconfig/init +30 -0
data/cookbooks/mu-tools/files/centos-6/etc/sysctl.conf +40 -0
data/cookbooks/mu-tools/files/default/Mu_CA.pem +34 -0
data/cookbooks/mu-tools/files/default/PSWindowsUpdate.zip +0 -0
data/cookbooks/mu-tools/files/default/ebs_snapshots.py +123 -0
data/cookbooks/mu-tools/files/default/etc/BANNER +0 -0
data/cookbooks/mu-tools/files/default/etc/BANNER-FEDERAL +19 -0
data/cookbooks/mu-tools/files/default/gpo_no_uac.zip +0 -0
data/cookbooks/mu-tools/files/default/mypol.pp +0 -0
data/cookbooks/mu-tools/files/default/mypol.te +37 -0
data/cookbooks/mu-tools/files/default/nrpe_c7.pp +0 -0
data/cookbooks/mu-tools/files/default/nrpe_c7.te +31 -0
data/cookbooks/mu-tools/files/default/nrpe_check_disk.pp +0 -0
data/cookbooks/mu-tools/files/default/nrpe_check_disk.te +11 -0
data/cookbooks/mu-tools/files/default/nrpe_disk.pp +0 -0
data/cookbooks/mu-tools/files/default/nrpe_disk.te +10 -0
data/cookbooks/mu-tools/files/default/nrpe_file.pp +0 -0
data/cookbooks/mu-tools/files/default/nrpe_file.te +31 -0
data/cookbooks/mu-tools/files/default/ntrights +0 -0
data/cookbooks/mu-tools/files/default/serverclass.conf +18 -0
data/cookbooks/mu-tools/files/default/splunk-apps/base_logs_unix/local/app.conf +1 -0
data/cookbooks/mu-tools/files/default/splunk-apps/base_logs_unix/local/inputs.conf +13 -0
data/cookbooks/mu-tools/files/default/splunk-apps/base_logs_windows/local/app.conf +1 -0
data/cookbooks/mu-tools/files/default/splunk-apps/base_logs_windows/local/inputs.conf +8 -0
data/cookbooks/mu-tools/files/default/sshd_pol.pp +0 -0
data/cookbooks/mu-tools/files/default/sshd_pol.te +32 -0
data/cookbooks/mu-tools/files/redhat/etc/bashrc +93 -0
data/cookbooks/mu-tools/files/redhat/etc/freshclam.conf +235 -0
data/cookbooks/mu-tools/files/redhat/etc/login.defs +72 -0
data/cookbooks/mu-tools/files/redhat/etc/profile +77 -0
data/cookbooks/mu-tools/files/redhat/etc/security/limits.conf +57 -0
data/cookbooks/mu-tools/files/redhat/etc/sysconfig/init +19 -0
data/cookbooks/mu-tools/files/redhat/etc/sysctl.conf +82 -0
data/cookbooks/mu-tools/files/redhat-6/README_MU +0 -0
data/cookbooks/mu-tools/files/redhat-6/etc/audit/stig.rules +173 -0
data/cookbooks/mu-tools/files/redhat-6/etc/bashrc +90 -0
data/cookbooks/mu-tools/files/redhat-6/etc/login.defs +70 -0
data/cookbooks/mu-tools/files/redhat-6/etc/pam.d/su +12 -0
data/cookbooks/mu-tools/files/redhat-6/etc/profile +83 -0
data/cookbooks/mu-tools/files/redhat-6/etc/securetty +12 -0
data/cookbooks/mu-tools/files/redhat-6/etc/sysconfig/init +30 -0
data/cookbooks/mu-tools/files/redhat-6/etc/sysctl.conf +40 -0
data/cookbooks/mu-tools/files/redhat-7.1/etc/freshclam.conf +235 -0
data/cookbooks/mu-tools/files/ubuntu-12.04/etc/bash.bashrc +64 -0
data/cookbooks/mu-tools/files/ubuntu-12.04/etc/common-session +30 -0
data/cookbooks/mu-tools/files/ubuntu-12.04/etc/login.defs +338 -0
data/cookbooks/mu-tools/files/ubuntu-12.04/etc/profile +30 -0
data/cookbooks/mu-tools/files/ubuntu-12.04/etc/security/limits.conf +56 -0
data/cookbooks/mu-tools/files/ubuntu-12.04/etc/sysctl.conf +60 -0
data/cookbooks/mu-tools/libraries/helper.rb +292 -0
data/cookbooks/mu-tools/metadata.rb +28 -0
data/cookbooks/mu-tools/recipes/add_admin_ssh_keys.rb +35 -0
data/cookbooks/mu-tools/recipes/apply_security.rb +440 -0
data/cookbooks/mu-tools/recipes/aws_api.rb +23 -0
data/cookbooks/mu-tools/recipes/base_repositories.rb +31 -0
data/cookbooks/mu-tools/recipes/cisbenchmark.rb +59 -0
data/cookbooks/mu-tools/recipes/clamav.rb +53 -0
data/cookbooks/mu-tools/recipes/cloudinit.rb +58 -0
data/cookbooks/mu-tools/recipes/configure_oracle_tools.rb +81 -0
data/cookbooks/mu-tools/recipes/disable-requiretty.rb +22 -0
data/cookbooks/mu-tools/recipes/ebs_rolling_snapshots.rb +75 -0
data/cookbooks/mu-tools/recipes/efs.rb +70 -0
data/cookbooks/mu-tools/recipes/eks.rb +160 -0
data/cookbooks/mu-tools/recipes/gcloud.rb +98 -0
data/cookbooks/mu-tools/recipes/google_api.rb +25 -0
data/cookbooks/mu-tools/recipes/maldet.rb +67 -0
data/cookbooks/mu-tools/recipes/nagios.rb +19 -0
data/cookbooks/mu-tools/recipes/newclient.rb +23 -0
data/cookbooks/mu-tools/recipes/nrpe.rb +115 -0
data/cookbooks/mu-tools/recipes/python_pip.rb +35 -0
data/cookbooks/mu-tools/recipes/retrieve_application.rb +51 -0
data/cookbooks/mu-tools/recipes/rsyslog.rb +65 -0
data/cookbooks/mu-tools/recipes/set_local_fw.rb +57 -0
data/cookbooks/mu-tools/recipes/set_mu_hostname.rb +81 -0
data/cookbooks/mu-tools/recipes/split_var_partitions.rb +86 -0
data/cookbooks/mu-tools/recipes/splunk-client.rb +69 -0
data/cookbooks/mu-tools/recipes/splunk-server.rb +104 -0
data/cookbooks/mu-tools/recipes/store_inspec_attr.rb +8 -0
data/cookbooks/mu-tools/recipes/updates.rb +96 -0
data/cookbooks/mu-tools/recipes/windows-client.rb +202 -0
data/cookbooks/mu-tools/resources/aws_windows.rb +33 -0
data/cookbooks/mu-tools/resources/disk.rb +88 -0
data/cookbooks/mu-tools/resources/mommacat_request.rb +11 -0
data/cookbooks/mu-tools/resources/scheduled_tasks.rb +29 -0
data/cookbooks/mu-tools/resources/sshd_service.rb +45 -0
data/cookbooks/mu-tools/resources/windows_users.rb +242 -0
data/cookbooks/mu-tools/templates/amazon/sshd_config.erb +168 -0
data/cookbooks/mu-tools/templates/centos-6/sshd_config.erb +212 -0
data/cookbooks/mu-tools/templates/centos-7/sshd_config.erb +215 -0
data/cookbooks/mu-tools/templates/default/0-mu-log-client.conf.erb +13 -0
data/cookbooks/mu-tools/templates/default/conf.maldet.erb +137 -0
data/cookbooks/mu-tools/templates/default/etc_hosts.erb +30 -0
data/cookbooks/mu-tools/templates/default/etc_pamd_password-auth.erb +14 -0
data/cookbooks/mu-tools/templates/default/etc_pamd_system-auth.erb +14 -0
data/cookbooks/mu-tools/templates/default/etc_sysconfig_network.erb +12 -0
data/cookbooks/mu-tools/templates/default/kubeconfig.erb +29 -0
data/cookbooks/mu-tools/templates/default/kubelet.service.erb +35 -0
data/cookbooks/mu-tools/templates/default/maldet_scanall.sh.erb +15 -0
data/cookbooks/mu-tools/templates/default/nrpe.cfg.erb +233 -0
data/cookbooks/mu-tools/templates/redhat-6/sshd_config.erb +213 -0
data/cookbooks/mu-tools/templates/redhat-7/sshd_config.erb +215 -0
data/cookbooks/mu-tools/templates/ubuntu-12.04/sshd_config.erb +146 -0
data/cookbooks/mu-tools/templates/ubuntu-14.04/sshd_config.erb +145 -0
data/cookbooks/mu-tools/templates/windows/Backup.xml.erb +20 -0
data/cookbooks/mu-tools/templates/windows/bkupInfo.xml.erb +1 -0
data/cookbooks/mu-tools/templates/windows/gpreprt.xml.erb +214 -0
data/cookbooks/mu-tools/templates/windows/gptmpl.inf.erb +12 -0
data/cookbooks/mu-tools/templates/windows/manifest.xml.erb +1 -0
data/cookbooks/mu-tools/templates/windows/set_ad_dns_scheduled_task.ps1.erb +6 -0
data/cookbooks/mu-tools/templates/windows/sshd_config.erb +136 -0
data/cookbooks/mu-utility/CHANGELOG.md +12 -0
data/cookbooks/mu-utility/LICENSE +37 -0
data/cookbooks/mu-utility/README.md +6 -0
data/cookbooks/mu-utility/attributes/default.rb +1 -0
data/cookbooks/mu-utility/libraries/matchers.rb +21 -0
data/cookbooks/mu-utility/metadata.rb +16 -0
data/cookbooks/mu-utility/recipes/apt.rb +23 -0
data/cookbooks/mu-utility/recipes/cleanup_image_helper.rb +118 -0
data/cookbooks/mu-utility/recipes/iptables.rb +26 -0
data/cookbooks/mu-utility/recipes/luks.rb +18 -0
data/cookbooks/mu-utility/recipes/nat.rb +104 -0
data/cookbooks/mu-utility/recipes/php.rb +33 -0
data/cookbooks/mu-utility/recipes/rdp_gateway.rb +83 -0
data/cookbooks/mu-utility/recipes/remi.rb +44 -0
data/cookbooks/mu-utility/recipes/vim.rb +26 -0
data/cookbooks/mu-utility/recipes/windows_basics.rb +37 -0
data/cookbooks/mu-utility/recipes/zip.rb +26 -0
data/cookbooks/mu-utility/templates/default/BundleConfig.xml.erb +34 -0
data/cookbooks/mu-utility/templates/default/config.xml.erb +60 -0
data/cookbooks/nagios/Berksfile +8 -0
data/cookbooks/nagios/CHANGELOG.md +589 -0
data/cookbooks/nagios/CONTRIBUTING.md +11 -0
data/cookbooks/nagios/LICENSE +37 -0
data/cookbooks/nagios/README.md +328 -0
data/cookbooks/nagios/TESTING.md +2 -0
data/cookbooks/nagios/attributes/config.rb +171 -0
data/cookbooks/nagios/attributes/default.rb +228 -0
data/cookbooks/nagios/chefignore +102 -0
data/cookbooks/nagios/definitions/command.rb +33 -0
data/cookbooks/nagios/definitions/contact.rb +33 -0
data/cookbooks/nagios/definitions/contactgroup.rb +33 -0
data/cookbooks/nagios/definitions/host.rb +33 -0
data/cookbooks/nagios/definitions/hostdependency.rb +33 -0
data/cookbooks/nagios/definitions/hostescalation.rb +34 -0
data/cookbooks/nagios/definitions/hostgroup.rb +33 -0
data/cookbooks/nagios/definitions/nagios_conf.rb +38 -0
data/cookbooks/nagios/definitions/resource.rb +33 -0
data/cookbooks/nagios/definitions/service.rb +33 -0
data/cookbooks/nagios/definitions/servicedependency.rb +33 -0
data/cookbooks/nagios/definitions/serviceescalation.rb +34 -0
data/cookbooks/nagios/definitions/servicegroup.rb +33 -0
data/cookbooks/nagios/definitions/timeperiod.rb +33 -0
data/cookbooks/nagios/libraries/base.rb +314 -0
data/cookbooks/nagios/libraries/command.rb +91 -0
data/cookbooks/nagios/libraries/contact.rb +230 -0
data/cookbooks/nagios/libraries/contactgroup.rb +112 -0
data/cookbooks/nagios/libraries/custom_option.rb +36 -0
data/cookbooks/nagios/libraries/data_bag_helper.rb +23 -0
data/cookbooks/nagios/libraries/default.rb +90 -0
data/cookbooks/nagios/libraries/host.rb +412 -0
data/cookbooks/nagios/libraries/hostdependency.rb +181 -0
data/cookbooks/nagios/libraries/hostescalation.rb +173 -0
data/cookbooks/nagios/libraries/hostgroup.rb +119 -0
data/cookbooks/nagios/libraries/nagios.rb +282 -0
data/cookbooks/nagios/libraries/resource.rb +59 -0
data/cookbooks/nagios/libraries/service.rb +455 -0
data/cookbooks/nagios/libraries/servicedependency.rb +215 -0
data/cookbooks/nagios/libraries/serviceescalation.rb +195 -0
data/cookbooks/nagios/libraries/servicegroup.rb +144 -0
data/cookbooks/nagios/libraries/timeperiod.rb +160 -0
data/cookbooks/nagios/libraries/users_helper.rb +54 -0
data/cookbooks/nagios/metadata.rb +25 -0
data/cookbooks/nagios/recipes/_load_databag_config.rb +153 -0
data/cookbooks/nagios/recipes/_load_default_config.rb +241 -0
data/cookbooks/nagios/recipes/apache.rb +48 -0
data/cookbooks/nagios/recipes/default.rb +204 -0
data/cookbooks/nagios/recipes/nginx.rb +82 -0
data/cookbooks/nagios/recipes/pagerduty.rb +143 -0
data/cookbooks/nagios/recipes/server_package.rb +40 -0
data/cookbooks/nagios/recipes/server_source.rb +164 -0
data/cookbooks/nagios/templates/default/apache2.conf.erb +96 -0
data/cookbooks/nagios/templates/default/cgi.cfg.erb +266 -0
data/cookbooks/nagios/templates/default/commands.cfg.erb +13 -0
data/cookbooks/nagios/templates/default/contacts.cfg.erb +37 -0
data/cookbooks/nagios/templates/default/hostgroups.cfg.erb +25 -0
data/cookbooks/nagios/templates/default/hosts.cfg.erb +15 -0
data/cookbooks/nagios/templates/default/htpasswd.users.erb +6 -0
data/cookbooks/nagios/templates/default/nagios.cfg.erb +22 -0
data/cookbooks/nagios/templates/default/nginx.conf.erb +62 -0
data/cookbooks/nagios/templates/default/pagerduty.cgi.erb +185 -0
data/cookbooks/nagios/templates/default/resource.cfg.erb +27 -0
data/cookbooks/nagios/templates/default/servicedependencies.cfg.erb +15 -0
data/cookbooks/nagios/templates/default/servicegroups.cfg.erb +14 -0
data/cookbooks/nagios/templates/default/services.cfg.erb +14 -0
data/cookbooks/nagios/templates/default/templates.cfg.erb +31 -0
data/cookbooks/nagios/templates/default/timeperiods.cfg.erb +13 -0
data/cookbooks/s3fs/CHANGELOG.md +13 -0
data/cookbooks/s3fs/LICENSE +37 -0
data/cookbooks/s3fs/README.md +6 -0
data/cookbooks/s3fs/attributes/default.rb +15 -0
data/cookbooks/s3fs/files/default/fuse-2.9.3.zip +0 -0
data/cookbooks/s3fs/metadata.rb +16 -0
data/cookbooks/s3fs/recipes/default.rb +91 -0
data/data_bags/demo/app.json +7 -0
data/data_bags/nagios_services/chef.json +6 -0
data/data_bags/nagios_services/linux_diskspace.json +5 -0
data/data_bags/nagios_services/momma_cat.json +6 -0
data/data_bags/nagios_services/mu-master-memory.json +5 -0
data/data_bags/nagios_services/nagios_ui.json +6 -0
data/data_bags/nagios_services/node_ssh.json +6 -0
data/data_bags/nagios_services/ssh.json +6 -0
data/demo/lambda_test.yaml +29 -0
data/environments/DEV.json +8 -0
data/environments/PROD.json +8 -0
data/environments/dev.json +8 -0
data/environments/development.json +8 -0
data/environments/prod.json +8 -0
data/extras/README.md +1 -0
data/extras/admin-role-binding.yaml +16 -0
data/extras/admin-user.yaml +6 -0
data/extras/aws-auth-cm.yaml.erb +12 -0
data/extras/clean-stock-amis +48 -0
data/extras/git-fix-permissions-hook +12 -0
data/extras/gitlab-eks-helper.sh.erb +20 -0
data/extras/image-generators/README.md +2 -0
data/extras/image-generators/aws/centos6.yaml +18 -0
data/extras/image-generators/aws/centos7-govcloud.yaml +24 -0
data/extras/image-generators/aws/centos7.yaml +17 -0
data/extras/image-generators/aws/rhel7.yaml +17 -0
data/extras/image-generators/aws/win2k12.yaml +16 -0
data/extras/image-generators/aws/win2k16.yaml +16 -0
data/extras/image-generators/aws/windows.yaml +18 -0
data/extras/image-generators/gcp/centos6.yaml +17 -0
data/extras/lambda_waf_domain_blacklist.py +103 -0
data/extras/platform_berksfile_base +50 -0
data/extras/ruby_rpm/build.sh +17 -0
data/extras/ruby_rpm/muby.spec +44 -0
data/extras/vault_tools/README.md +6 -0
data/extras/vault_tools/export_vaults.sh +3 -0
data/extras/vault_tools/recreate_vaults.sh +5 -0
data/extras/vault_tools/test_vaults.sh +5 -0
data/install/README.md +8 -0
data/install/cfn_create_mu_master.json +1034 -0
data/install/chef-server.rb.erb +19 -0
data/install/deprecated-bash-library.sh +1891 -0
data/install/images/Usage.png +0 -0
data/install/installer +71 -0
data/install/jenkinskeys.rb +8 -0
data/install/user-dot-murc.erb +14 -0
data/modules/html.erb +19 -0
data/modules/mommacat.ru +426 -0
data/modules/mu/cleanup.rb +339 -0
data/modules/mu/cloud.rb +1446 -0
data/modules/mu/clouds/README.md +201 -0
data/modules/mu/clouds/aws/alarm.rb +319 -0
data/modules/mu/clouds/aws/cache_cluster.rb +1010 -0
data/modules/mu/clouds/aws/collection.rb +373 -0
data/modules/mu/clouds/aws/container_cluster.rb +667 -0
data/modules/mu/clouds/aws/database.rb +1836 -0
data/modules/mu/clouds/aws/dnszone.rb +911 -0
data/modules/mu/clouds/aws/firewall_rule.rb +641 -0
data/modules/mu/clouds/aws/folder.rb +92 -0
data/modules/mu/clouds/aws/function.rb +349 -0
data/modules/mu/clouds/aws/group.rb +251 -0
data/modules/mu/clouds/aws/loadbalancer.rb +888 -0
data/modules/mu/clouds/aws/log.rb +363 -0
data/modules/mu/clouds/aws/msg_queue.rb +480 -0
data/modules/mu/clouds/aws/notification.rb +139 -0
data/modules/mu/clouds/aws/role.rb +656 -0
data/modules/mu/clouds/aws/search_domain.rb +646 -0
data/modules/mu/clouds/aws/server.rb +2294 -0
data/modules/mu/clouds/aws/server_pool.rb +1388 -0
data/modules/mu/clouds/aws/storage_pool.rb +495 -0
data/modules/mu/clouds/aws/user.rb +382 -0
data/modules/mu/clouds/aws/userdata/README.md +4 -0
data/modules/mu/clouds/aws/userdata/linux.erb +179 -0
data/modules/mu/clouds/aws/userdata/windows.erb +278 -0
data/modules/mu/clouds/aws/vpc.rb +1943 -0
data/modules/mu/clouds/aws.rb +1009 -0
data/modules/mu/clouds/cloudformation/alarm.rb +146 -0
data/modules/mu/clouds/cloudformation/cache_cluster.rb +167 -0
data/modules/mu/clouds/cloudformation/collection.rb +117 -0
data/modules/mu/clouds/cloudformation/database.rb +278 -0
data/modules/mu/clouds/cloudformation/dnszone.rb +274 -0
data/modules/mu/clouds/cloudformation/firewall_rule.rb +308 -0
data/modules/mu/clouds/cloudformation/loadbalancer.rb +193 -0
data/modules/mu/clouds/cloudformation/log.rb +170 -0
data/modules/mu/clouds/cloudformation/server.rb +370 -0
data/modules/mu/clouds/cloudformation/server_pool.rb +279 -0
data/modules/mu/clouds/cloudformation/vpc.rb +322 -0
data/modules/mu/clouds/cloudformation.rb +733 -0
data/modules/mu/clouds/docker.rb +30 -0
data/modules/mu/clouds/google/container_cluster.rb +290 -0
data/modules/mu/clouds/google/database.rb +152 -0
data/modules/mu/clouds/google/firewall_rule.rb +267 -0
data/modules/mu/clouds/google/group.rb +164 -0
data/modules/mu/clouds/google/loadbalancer.rb +479 -0
data/modules/mu/clouds/google/server.rb +1510 -0
data/modules/mu/clouds/google/server_pool.rb +274 -0
data/modules/mu/clouds/google/user.rb +266 -0
data/modules/mu/clouds/google/userdata/README.md +4 -0
data/modules/mu/clouds/google/userdata/linux.erb +137 -0
data/modules/mu/clouds/google/userdata/windows.erb +275 -0
data/modules/mu/clouds/google/vpc.rb +890 -0
data/modules/mu/clouds/google.rb +811 -0
data/modules/mu/config/README.md +11 -0
data/modules/mu/config/alarm.rb +271 -0
data/modules/mu/config/cache_cluster.rb +172 -0
data/modules/mu/config/collection.rb +87 -0
data/modules/mu/config/container_cluster.rb +103 -0
data/modules/mu/config/container_cluster.yml +36 -0
data/modules/mu/config/database.rb +458 -0
data/modules/mu/config/database.yml +26 -0
data/modules/mu/config/dnszone.rb +327 -0
data/modules/mu/config/firewall_rule.rb +118 -0
data/modules/mu/config/folder.rb +70 -0
data/modules/mu/config/function.rb +140 -0
data/modules/mu/config/group.rb +64 -0
data/modules/mu/config/loadbalancer.rb +482 -0
data/modules/mu/config/log.rb +47 -0
data/modules/mu/config/log.yml +6 -0
data/modules/mu/config/msg_queue.rb +47 -0
data/modules/mu/config/msg_queue.yml +9 -0
data/modules/mu/config/notification.rb +44 -0
data/modules/mu/config/project.rb +71 -0
data/modules/mu/config/role.rb +102 -0
data/modules/mu/config/search_domain.rb +61 -0
data/modules/mu/config/search_domain.yml +25 -0
data/modules/mu/config/server.rb +587 -0
data/modules/mu/config/server.yml +8 -0
data/modules/mu/config/server_pool.rb +216 -0
data/modules/mu/config/server_pool.yml +71 -0
data/modules/mu/config/storage_pool.rb +145 -0
data/modules/mu/config/user.rb +78 -0
data/modules/mu/config/vpc.rb +743 -0
data/modules/mu/config/vpc.yml +6 -0
data/modules/mu/config.rb +2000 -0
data/modules/mu/defaults/README.md +2 -0
data/modules/mu/defaults/amazon_images.yaml +121 -0
data/modules/mu/defaults/google_images.yaml +16 -0
data/modules/mu/deploy.rb +686 -0
data/modules/mu/groomer.rb +123 -0
data/modules/mu/groomers/README.md +58 -0
data/modules/mu/groomers/chef.rb +1024 -0
data/modules/mu/kittens.rb +11319 -0
data/modules/mu/logger.rb +208 -0
data/modules/mu/master/README.md +27 -0
data/modules/mu/master/chef.rb +471 -0
data/modules/mu/master/ldap.rb +1005 -0
data/modules/mu/master.rb +415 -0
data/modules/mu/mommacat.rb +2703 -0
data/modules/mu-load-config.rb +1 -0
data/modules/mu.rb +724 -0
data/modules/scratchpad.erb +1 -0
data/modules/tests/super_complex_bok.yml +41 -0
data/modules/tests/super_simple_bok.yml +40 -0
data/mu.gemspec +62 -0
data/roles/demo-dbservice-configure.json +19 -0
data/roles/demo-portal-configure.json +19 -0
data/roles/mu-master-jenkins.json +24 -0
data/roles/mu-master-nagios-only.json +13 -0
data/roles/mu-master.json +12 -0
data/roles/mu-node.json +19 -0
data/roles/mu-splunk-server.json +13 -0
data/roles/mu-splunk.json +13 -0
data/test/clean_up.py +25 -0
data/test/demo-test-profile/README.md +3 -0
data/test/demo-test-profile/controls/flask.rb +84 -0
data/test/demo-test-profile/inspec.lock +7 -0
data/test/demo-test-profile/inspec.yml +11 -0
data/test/etco-test-profile/README.md +3 -0
data/test/etco-test-profile/controls/all-in-one.rb +182 -0
data/test/etco-test-profile/inspec.lock +7 -0
data/test/etco-test-profile/inspec.yml +11 -0
data/test/exec_inspec.py +246 -0
data/test/exec_mu_install.py +241 -0
data/test/exec_retry.py +44 -0
data/test/mu-master-test/README.md +3 -0
data/test/mu-master-test/controls/all_in_one.rb +557 -0
data/test/mu-master-test/inspec.lock +3 -0
data/test/mu-master-test/inspec.yml +11 -0
data/test/mu-tools-test/README.md +3 -0
data/test/mu-tools-test/controls/base.rb +265 -0
data/test/mu-tools-test/inspec.lock +3 -0
data/test/mu-tools-test/inspec.yml +8 -0
data/test/simple-server-php-test/README.md +3 -0
data/test/simple-server-php-test/controls/apachephp.rb +25 -0
data/test/simple-server-php-test/controls/example.rb +19 -0
data/test/simple-server-php-test/inspec.lock +7 -0
data/test/simple-server-php-test/inspec.yml +12 -0
data/test/simple-server-rails-test/README.md +3 -0
data/test/simple-server-rails-test/controls/rails.rb +188 -0
data/test/simple-server-rails-test/inspec.lock +7 -0
data/test/simple-server-rails-test/inspec.yml +11 -0
data/test/simple-windows-test/README.md +3 -0
data/test/simple-windows-test/controls/windows.rb +20 -0
data/test/simple-windows-test/inspec.lock +7 -0
data/test/simple-windows-test/inspec.yml +11 -0
data/test/smoke_test.rb +75 -0
data/test/wordpress-test/README.md +3 -0
data/test/wordpress-test/controls/wordpress.rb +97 -0
data/test/wordpress-test/inspec.lock +7 -0
data/test/wordpress-test/inspec.yml +11 -0
metadata +979 -0

data/cookbooks/mu-jenkins/files/default/cleanup_deploy_config.xml ADDED Viewed

@@ -0,0 +1,73 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description>Clean up an extant Cloudamatic Deploy</description>
+  <keepDependencies>false</keepDependencies>
+  <properties>
+    <hudson.security.AuthorizationMatrixProperty>
+      <blocksInheritance>true</blocksInheritance>
+      <permission>hudson.model.Item.Cancel:master_user</permission>
+      <permission>hudson.model.Item.Cancel:mu_user</permission>
+      <permission>hudson.model.Item.Delete:master_user</permission>
+      <permission>hudson.model.Item.Delete:mu_user</permission>
+      <permission>hudson.model.Item.Read:master_user</permission>
+      <permission>hudson.model.Item.Read:mu_user</permission>
+      <permission>hudson.model.Item.Workspace:master_user</permission>
+      <permission>hudson.model.Item.Workspace:mu_user</permission>
+      <permission>hudson.model.Item.Build:master_user</permission>
+      <permission>hudson.model.Item.Build:mu_user</permission>
+      <permission>hudson.model.Item.Move:master_user</permission>
+      <permission>hudson.model.Item.Move:mu_user</permission>
+      <permission>hudson.model.Item.Configure:master_user</permission>
+      <permission>hudson.model.Item.Configure:mu_user</permission>
+      <permission>hudson.model.Item.Discover:master_user</permission>
+      <permission>hudson.model.Item.Discover:mu_user</permission>
+    </hudson.security.AuthorizationMatrixProperty>
+    <hudson.model.ParametersDefinitionProperty>
+      <parameterDefinitions>
+        <com.seitenbau.jenkins.plugins.dynamicparameter.ChoiceParameterDefinition plugin="dynamicparameter@0.2.0">
+          <name>Target_Deploy</name>
+          <description></description>
+          <__uuid>8a5d5b3c-c975-44f8-a1e2-7d3c4f3306f8</__uuid>
+          <__remote>false</__remote>
+          <__script>def proc = &quot;ls -1a /home/jenkins/.mu/var/deployments/&quot;.execute()
+            def b = new StringBuffer()
+            proc.consumeProcessErrorStream(b)
+            def list = proc.text.readLines()
+          </__script>
+          <__localBaseDirectory serialization="custom">
+            <hudson.FilePath>
+              <default>
+                <remote>/home/jenkins/dynamic_parameter/classpath</remote>
+              </default>
+              <boolean>true</boolean>
+            </hudson.FilePath>
+          </__localBaseDirectory>
+          <__remoteBaseDirectory>dynamic_parameter_classpath</__remoteBaseDirectory>
+          <__classPath></__classPath>
+          <readonlyInputField>false</readonlyInputField>
+        </com.seitenbau.jenkins.plugins.dynamicparameter.ChoiceParameterDefinition>
+      </parameterDefinitions>
+    </hudson.model.ParametersDefinitionProperty>
+  </properties>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>true</canRoam>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders>
+    <hudson.tasks.Shell>
+      <command>source ~/.murc
+        mu-cleanup $Target_Deploy
+      </command>
+    </hudson.tasks.Shell>
+  </builders>
+  <publishers/>
+  <buildWrappers>
+    <hudson.plugins.ansicolor.AnsiColorBuildWrapper plugin="ansicolor@0.4.1">
+      <colorMapName>xterm</colorMapName>
+    </hudson.plugins.ansicolor.AnsiColorBuildWrapper>
+  </buildWrappers>
+</project>

data/cookbooks/mu-jenkins/files/default/deploy_config.xml ADDED Viewed

@@ -0,0 +1,44 @@
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties>
+    <hudson.security.AuthorizationMatrixProperty>
+      <blocksInheritance>true</blocksInheritance>
+      <permission>hudson.model.Item.Cancel:master_user</permission>
+      <permission>hudson.model.Item.Cancel:mu_user</permission>
+      <permission>hudson.model.Item.Delete:master_user</permission>
+      <permission>hudson.model.Item.Delete:mu_user</permission>
+      <permission>hudson.model.Item.Read:master_user</permission>
+      <permission>hudson.model.Item.Read:mu_user</permission>
+      <permission>hudson.model.Item.Workspace:master_user</permission>
+      <permission>hudson.model.Item.Workspace:mu_user</permission>
+      <permission>hudson.model.Item.Build:master_user</permission>
+      <permission>hudson.model.Item.Build:mu_user</permission>
+      <permission>hudson.model.Item.Move:master_user</permission>
+      <permission>hudson.model.Item.Move:mu_user</permission>
+      <permission>hudson.model.Item.Configure:master_user</permission>
+      <permission>hudson.model.Item.Configure:mu_user</permission>
+      <permission>hudson.model.Item.Discover:master_user</permission>
+      <permission>hudson.model.Item.Discover:mu_user</permission>
+    </hudson.security.AuthorizationMatrixProperty>
+  </properties>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>true</canRoam>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders>
+    <hudson.tasks.Shell>
+      <command>/opt/mu/bin/mu-deploy /opt/mu/lib/demo/simple-server.yaml</command>
+    </hudson.tasks.Shell>
+  </builders>
+  <publishers/>
+  <buildWrappers>
+    <hudson.plugins.ansicolor.AnsiColorBuildWrapper plugin="ansicolor@0.4.1">
+      <colorMapName>xterm</colorMapName>
+    </hudson.plugins.ansicolor.AnsiColorBuildWrapper>
+  </buildWrappers>
+</project>

data/cookbooks/mu-jenkins/metadata.rb ADDED Viewed

@@ -0,0 +1,21 @@
+name 'mu-jenkins'
+maintainer 'eGlobalTech, Inc'
+maintainer_email 'mu-developers@googlegroups.com'
+license 'BSD-3-Clause'
+description 'Installs/Configures mu-jenkins'
+long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
+source_url 'https://github.com/cloudamatic/mu'
+issues_url 'https://github.com/cloudamatic/mu/issues'
+chef_version '>= 12.1' if respond_to?(:chef_version)
+version '0.6.0'
+%w( amazon centos redhat windows ).each do |os|
+	supports os
+end
+depends 'java', '~> 2.2.0'
+depends 'jenkins', '~> 6.2.0'
+depends 'chef-vault', '~> 3.1.1'
+depends 'mu-master'
+depends 'mu-utility'
+depends 'mu-tools'

data/cookbooks/mu-jenkins/recipes/default.rb ADDED Viewed

@@ -0,0 +1,195 @@
+# Cookbook Name:: mu-jenkins
+# Recipe:: default
+#
+# Copyright 2015, eGlobalTech, Inc
+#
+# All rights reserved - Do Not Redistribute
+#
+include_recipe 'mu-tools::disable-requiretty'
+include_recipe 'chef-vault'
+directory "/opt/java_jce" do
+  mode 0755
+end
+admin_vault = chef_vault_item(node['jenkins_admin_vault']['vault'], node['jenkins_admin_vault']['item'])
+directory "Mu Jenkins home #{node['jenkins']['master']['home']}" do
+  path node['jenkins']['master']['home']
+  owner "jenkins"
+  recursive true
+  notifies :restart, 'service[jenkins]', :immediately
+end
+package %w{git bzip2}
+#remote_file "#{node['jenkins']['master']['home']}/plugins/mailer.jpi" do
+#  source "http://updates.jenkins-ci.org/latest/mailer.hpi"
+#  owner "jenkins"
+#end
+ruby_block 'wait for jenkins' do
+  block do
+    sleep 30
+  end
+  action :nothing
+end
+# If security was enabled in a previous chef run then set the private key in the run_state
+# now as required by the Jenkins cookbook
+if node['application_attributes']['jenkins_auth_set']
+ruby_block 'set jenkins private key' do
+  block do
+    Chef::Log.info("Setting the previously enabled jenkins private key")
+    node.run_state[:jenkins_private_key] = admin_vault['private_key'].strip
+  end
+end
+end
+restart_jenkins = false
+directory "mu-jenkins fix #{Chef::Config[:file_cache_path]} perms" do
+  path Chef::Config[:file_cache_path]
+  mode 0755
+end
+cacheparent = File.expand_path("..", Chef::Config[:file_cache_path])
+directory "mu-jenkins fix #{cacheparent} perms" do
+  path cacheparent
+  mode 0755
+end
+# Download ALPN Jar file and fix to JENKINS_JAVA_OPTIONS
+# open_jdk_version = `java -version 2>&1`
+open_jdk_version = shell_out('java -version 2>&1').stdout.str
+if open_jdk_version.include?("openjdk version \"1.8") and node['platform_family'] == 'rhel'
+  remote_file 'download_anlp_jar' do
+    source node['jenkins']['alpn']['download_link']
+    path "/home/jenkins/alpn-boot-#{node['jenkins']['alpn']['version']}.jar"
+    owner "jenkins"
+    notifies :restart, "service[jenkins]",:delayed
+  end
+  service "jenkins" do
+    action :nothing
+  end
+end
+node['jenkins_plugins'].each { |plugin|
+#  if !::File.exists?("#{node['jenkins']['master']['home']}/plugins/#{plugin}.jpi")
+#    restart_jenkins = true
+#  end
+# XXX this runs as the 'jenkins' user, yet download the files as 0600/root
+  jenkins_plugin plugin
+  # do
+    # notifies :restart, 'service[jenkins]', :delayed
+    #not_if { ::File.exists?("#{node['jenkins']['master']['home']}/plugins/#{plugin}.jpi") }
+  # end
+}
+if !node['application_attributes']['jenkins_auth_set']
+  jenkins_command 'safe-restart'
+  jenkins_private_key_credentials admin_vault['username'] do
+    id '1671945-9fa7-4d24-ac87-51ea3b2aef4c'
+    description admin_vault['username']
+    private_key admin_vault['private_key'].strip
+  end
+end
+# The Jenkins service user that this cookbook uses MUST exist in our directory
+mu_master_user admin_vault['username'] do
+  realname admin_vault['username']
+#  email $MU_CFG['jenkins']['admin_email'] || $MU_CFG['admin_email']
+  email "mu-developers@googlegroups.com"
+end
+# Add the admin user only if it has not been added already then notify the resource
+# to configure the permissions for the admin user.  Note that we check for existence of jenkins_auth_set,
+# not value
+jenkins_user admin_vault['username'] do
+  full_name admin_vault['username']
+  email "mu-developers@googlegroups.com"
+  public_keys [admin_vault['public_key'].strip]
+  #not_if { node['application_attributes'].attribute?('jenkins_auth_set') }
+end
+# Configure the permissions so that login is required and the admin user is an administrator
+# after this point the private key will be required to execute jenkins scripts (including querying
+# if users exist) so we notify the `set the security_enabled flag` resource to set this up.
+# Also note that since Jenkins 1.556 the private key cannot be used until after the admin user
+# has been added to the security realm
+uidsearch = "uid={0}"
+uidsearch = "sAMAccountName={0}" if $MU_CFG['ldap']['type'] == "Active Directory"
+membersearch = "(| (member={0}) (uniqueMember={0}) (memberUid={1}))"
+membersearch = "memberUid={0}" if $MU_CFG['ldap']['type'] == "389 Directory Services"
+bind_creds = chef_vault_item($MU_CFG['ldap']['bind_creds']['vault'], $MU_CFG['ldap']['bind_creds']['item'])
+jenkins_admins = ::MU::Master.listUsers.delete_if { |u, data| !data['admin'] }.keys
+#jenkins_regular = ::MU::Master.listUsers.delete_if { |u, data| data['admin'] or u == "jenkins" }.keys
+regular_user_perms = ["Item.BUILD", "Item.CREATE", "Item.DISCOVER", "Item.READ"]
+jenkins_script 'configure_jenkins_auth' do
+  command <<-EOH.gsub(/^ {4}/, '')
+  import jenkins.model.*
+  import hudson.security.*
+  import org.jenkinsci.plugins.*
+  def instance = Jenkins.getInstance()
+  def hudsonRealm = new HudsonPrivateSecurityRealm(false)
+  String groupSearchFilter = 'memberUid={0}'
+  SecurityRealm ldapRealm = new LDAPSecurityRealm(server='ldap://#{$MU_CFG['ldap']['dcs'].first}', rootDN = '#{$MU_CFG['ldap']['base_dn']}', userSearchBase='#{$MU_CFG['ldap']['user_ou'].sub(/,.*/, "")}', userSearch="#{uidsearch}", groupSearchBase='#{$MU_CFG['ldap']['group_ou'].sub(/,.*/, "")}', groupSearchFilter="", groupMembershipFilter = '#{membersearch}', managerDN = '#{bind_creds[$MU_CFG['ldap']['bind_creds']['username_field']]}', managerPasswordSecret = '#{bind_creds[$MU_CFG['ldap']['bind_creds']['password_field']]}', inhibitInferRootDN = false, disableMailAddressResolver = false, cache = null)
+  instance.setSecurityRealm(ldapRealm)
+  def strategy = new ProjectMatrixAuthorizationStrategy()
+  strategy.add(Jenkins.ADMINISTER, "#{$MU_CFG['ldap']['admin_group_name']}")
+  strategy.add(Jenkins.ADMINISTER, "#{admin_vault['username']}")
+  #{jenkins_admins.map { |u| "strategy.add(Jenkins.ADMINISTER, \"#{u}\")" }.join("\n")}
+  strategy.add(Jenkins.READ, "authenticated")
+  #{regular_user_perms.map { |p| "strategy.add(hudson.model.#{p}, \"authenticated\")" }.join("\n")}
+  instance.setAuthorizationStrategy(strategy)
+  instance.save()
+  EOH
+#  not_if "grep managerDN #{node['jenkins']['master']['home']}/config.xml | grep #{bind_creds[$MU_CFG['ldap']['bind_creds']['username_field']]}"
+  notifies :run, 'ruby_block[configure_jenkins_auth_set]', :immediately
+  action :nothing unless !::File.size?("#{node['jenkins']['master']['home']}/config.xml") or !::File.read("#{node['jenkins']['master']['home']}/config.xml").match(bind_creds[$MU_CFG['ldap']['bind_creds']['username_field']])
+end
+file "#{node['jenkins']['master']['home']}/user-list-chef-guard" do
+  content "
+#{jenkins_admins.map { |u| "strategy.add(Jenkins.ADMINISTER, \"#{u}\")" }.join("\n")}
+#{regular_user_perms.map { |p| "strategy.add(Jenkins.#{p}, \"authenticated\")" }.join("\n")}
+#{bind_creds[$MU_CFG['ldap']['bind_creds']['username_field']]}
+"
+  notifies :execute, "jenkins_script[configure_jenkins_auth]", :immediately
+end
+# Set the security enabled flag and set the run_state to use the configured private key
+ruby_block 'configure_jenkins_auth_set' do
+  block do
+    node.run_state[:jenkins_private_key] = admin_vault['private_key'].strip
+    node.normal['application_attributes']['jenkins_auth_set'] = true
+    node.save
+  end
+  action :nothing
+end
+# Configure users from the vault
+#node['jenkins_users'].each { |user|
+#  user_vault = chef_vault_item(user[:vault], user[:vault_item])
+#
+#  # XXX This is dangerous. What if we stupidly step on the account of a
+#  # "real" user?
+#  ::MU::Master::LDAP.manageUser(user[:user_name], name: user[:fullname], password: user_vault[user[:user_name]+"_password"], admin: false, email: user[:email])
+#  jenkins_user user[:user_name] do
+#    full_name user[:fullname]
+#    email user[:email]
+#    password user_vault["#{user[:user_name]}_password"]
+#    sensitive true
+#  end
+#}

data/cookbooks/mu-jenkins/recipes/node-ssh-config.rb ADDED Viewed

@@ -0,0 +1,54 @@
+#
+# Cookbook Name:: mu-jenkins
+# Recipe:: node-ssh-config
+#
+# Copyright 2015, eGlobalTech, Inc
+#
+# All rights reserved - Do Not Redistribute
+#
+include_recipe 'mu-jenkins::public_key'
+include_recipe 'mu-tools::disable-requiretty'
+include_recipe 'chef-vault'
+ssh_vault = chef_vault_item(node['jenkins_ssh_vault']['vault'], node['jenkins_ssh_vault']['item'])
+case node['platform']
+  when platform_family?('rhel')
+    if platform?("centos")
+      ssh_user = "root" if node['platform_version'].to_i == 6
+      ssh_user = "centos" if node['platform_version'].to_i == 7
+    else
+      ssh_user = "ec2-user"
+    end
+    directory "#{node['jenkins']['master']['home']}/.ssh" do
+      owner "jenkins"
+      group "jenkins"
+      mode 0700
+    end
+    ssh_key_path = "#{node['jenkins']['master']['home']}/.ssh/jenkins_ssh"
+    template "#{node['jenkins']['master']['home']}/.ssh/config" do
+      source "ssh_config.erb"
+      owner "jenkins"
+      group "jenkins"
+      mode 0600
+      variables(
+          :ssh_user => ssh_user,
+          :ssh_key_path => ssh_key_path,
+          :ssh_urls => node['jenkins_ssh_urls']
+      )
+    end
+    file ssh_key_path do
+      owner "jenkins"
+      group "jenkins"
+      mode 0400
+      content ssh_vault['private_key'].strip
+      sensitive true
+    end
+  else
+    Chef::Log.info("Unsupported platform #{node['platform']}")
+end

data/cookbooks/mu-jenkins/recipes/public_key.rb ADDED Viewed

@@ -0,0 +1,24 @@
+#
+# Cookbook Name:: mu-jenkins
+# Recipe:: default
+#
+# Copyright 2015, eGlobalTech, Inc
+#
+# All rights reserved - Do Not Redistribute
+#
+case node['platform']
+  when platform_family?('rhel')
+    include_recipe 'chef-vault'
+    ssh_vault = chef_vault_item(node['jenkins_ssh_vault']['vault'], node['jenkins_ssh_vault']['item'])
+    ssh_authorized_keys = "/root/.ssh/authorized_keys" if node['platform_version'].to_i == 6
+    ssh_authorized_keys = "/home/centos/.ssh/authorized_keys" if node['platform_version'].to_i == 7
+    execute "echo '#{ssh_vault['public_key'].strip}' >> #{ssh_authorized_keys}" do
+      not_if "grep '^#{ssh_vault['public_key'].strip}$' #{ssh_authorized_keys}"
+    end
+  else
+    Chef::Log.info("Unsupported platform #{node['platform']}")
+end

data/cookbooks/mu-jenkins/templates/default/example_job.config.xml.erb ADDED Viewed

@@ -0,0 +1,24 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<project>
+  <actions/>
+  <description></description>
+  <keepDependencies>false</keepDependencies>
+  <properties/>
+  <scm class="hudson.scm.NullSCM"/>
+  <canRoam>true</canRoam>
+  <disabled>false</disabled>
+  <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
+  <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
+  <triggers/>
+  <concurrentBuild>false</concurrentBuild>
+  <builders>
+    <org.jvnet.hudson.plugins.SSHBuilder plugin="ssh@2.4">
+      <siteName><%= @ssh_user %>@<%= @node_ip %>:22</siteName>
+      <command>sudo su - &lt;&lt; eoh
+chef-client
+eoh</command>
+    </org.jvnet.hudson.plugins.SSHBuilder>
+  </builders>
+  <publishers/>
+  <buildWrappers/>
+</project>

data/cookbooks/mu-jenkins/templates/default/org.jvnet.hudson.plugins.SSHBuildWrapper.xml.erb ADDED Viewed

@@ -0,0 +1,14 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<org.jvnet.hudson.plugins.SSHBuildWrapper_-DescriptorImpl plugin="ssh@2.4">
+  <sites>
+    <org.jvnet.hudson.plugins.SSHSite>
+      <hostname><%= @node_ip %></hostname>
+      <port>22</port>
+      <username><%= @ssh_user %></username>
+      <password></password>
+      <keyfile><%= @ssh_key_path %></keyfile>
+      <serverAliveInterval>0</serverAliveInterval>
+      <pty>false</pty>
+    </org.jvnet.hudson.plugins.SSHSite>
+  </sites>
+</org.jvnet.hudson.plugins.SSHBuildWrapper_-DescriptorImpl>

data/cookbooks/mu-jenkins/templates/default/ssh_config.erb ADDED Viewed

@@ -0,0 +1,6 @@
+<% @ssh_urls.each { |url| %>
+Host <%= url %>
+  User <%= @ssh_user %>
+  IdentityFile <%= @ssh_key_path %>
+  StrictHostKeyChecking no
+<% } %>

data/cookbooks/mu-master/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,13 @@
+mu-master CHANGELOG
+====================
+This file is used to list changes made in each version of the mu-master cookbook.
+0.1.0
+-----
+- [your_name] - Initial release of mu-master
+- - -
+Check the [Markdown Syntax Guide](http://daringfireball.net/projects/markdown/syntax) for help with Markdown.
+The [Github Flavored Markdown page](http://github.github.com/github-flavored-markdown/) describes the differences between markdown on github and standard markdown.

data/cookbooks/mu-master/LICENSE ADDED Viewed

@@ -0,0 +1,37 @@
+Through accessing, reading, or utilizing this software in any manner whatsoever
+or through any means whatsoever, whether the access, reading or use is either
+solely looking at this software or this software has been integrated into any
+derivative work, the party accessing,  reading, or utilizing the software
+directly or indirectly agrees to abide by the following license.
+The eGlobalTech Cloud Automation Platform is the Copyright (c) 2014 of Global
+Tech Inc. All rights reserved.
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+1. Redistributions of source code must retain the above copyright notice, this
+list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright notice,
+this list of conditions and the following disclaimer in the documentation
+and/or other materials provided with the distribution.
+3. Neither the name of the copyright holder nor the names of its contributors
+may be used to endorse or promote products derived from this software without
+specific prior written permission.
+Global Tech, Inc. is the co-owner of any derivative works created with this
+software.
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/cookbooks/mu-master/README.md ADDED Viewed

@@ -0,0 +1,6 @@
+mu-master Cookbook
+===================
+This is the key Mu-master cookbook!
+TODO: Improve Readme.md

data/cookbooks/mu-master/attributes/default.rb ADDED Viewed

@@ -0,0 +1,95 @@
+# Copyright:: Copyright (c) 2014 eGlobalTech, Inc., all rights reserved
+#
+# Licensed under the BSD-3 license (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License in the root of the project or at
+#
+#     http://egt-labs.com/mu/LICENSE.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+default['firewall']['redhat7_iptables'] = true
+default['apache']['docroot_dir'] = "/var/www/html"
+default['apache']['default_site_enabled'] = false
+default['apache']['mod_ssl']['cipher_suite'] = "ALL:!3DES:!ADH:!EXPORT:!SSLv2:!RC4+RSA:+HIGH:!MEDIUM:!LOW"
+default['apache']['mod_ssl']['directives']['SSLProtocol'] = "all -SSLv2 -SSLv3"
+default['apache']['contact'] = $MU_CFG['mu_admin_email']
+default['apache']['traceenable'] = 'Off'
+default["apache"]["listen"] = ["*:80", "*:443", "*:8443"]
+override["nagios"]["http_port"] = 8443
+default['nagios']['enable_ssl'] = true
+default['nagios']['sysadmin_email'] = $MU_CFG['mu_admin_email']
+default['nagios']['ssl_cert_file'] = $MU_CFG['ssl']['cert']
+default['nagios']['ssl_cert_key'] = $MU_CFG['ssl']['key']
+if $MU_CFG['ssl'].has_key?("chain") and !$MU_CFG['ssl']['chain'].empty?
+  default['nagios']['ssl_cert_chain_file'] = $MU_CFG['ssl']['chain']
+end
+if !$MU_CFG['public_address'].match(/^\d+\.\d+\.\d+\.\d+$/)
+  default["nagios"]["server_name"] = $MU_CFG['public_address']
+else
+  default["nagios"]["server_name"] = node['hostname']
+  default['nagios']['server']['server_alias'] = $MU_CFG['public_address']
+end
+#default['nagios']['server']['server_alias'] = node[:fqdn]+", "+node[:hostname]+", "+node['local_hostname']+", "+node['local_ipv4']+", "+node['public_hostname']+", "+node['public_ipv4']
+default["nagios"]["log_dir"] = "/var/log/httpd"
+default['nagios']['cgi-bin'] = "/usr/lib/cgi-bin/"
+default['nagios']['cgi-path'] = "/nagios/cgi-bin/"
+default['nagios']['server_role'] = "mu-master"
+default['nagios']['server']['install_method'] = 'source'
+default['nagios']['multi_environment_monitoring'] = true
+default['nagios']['users_databag'] = "nagios_users"
+default['nagios']['conf']['enable_notifications'] = 1
+default['nagios']['interval_length'] = 1
+default['nagios']['conf']['interval_length'] = 1
+default['nagios']['default_host']['notification_interval'] = 7200
+default['nagios']['default_host']['check_interval'] = 180
+default['nagios']['default_host']['retry_interval'] = 60
+default['nagios']['conf']['service_check_timeout'] = 10
+default['nagios']['default_host']['max_check_attempts'] = 4
+default['nagios']['default_host']['check_command'] = "check_node_ssh"
+default['nagios']['default_service']['check_interval'] = 180
+default['nagios']['default_service']['retry_interval'] = 30
+default['nagios']['default_service']['notification_interval'] = 7200
+default['nagios']['server']['url'] = "https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.1.1.tar.gz"
+default['nagios']['server']['version'] = "4.1.1"
+default['nagios']['server']['src_dir'] = "nagios-4.1.1"
+default['nagios']['server']['checksum'] = "986c93476b0fee2b2feb7a29ccf857cc691bed7ca4e004a5361ba11f467b0401"
+# XXX dumb bug in Nagios cookbook
+#default['nagios']['url'] = "https://#{$MU_CFG['public_address']}/nagios"
+default['nagios']['url'] = default["nagios"]["server_name"]
+nrpe_host = []
+nrpe_host << MU.my_public_ip if MU.my_public_ip
+nrpe_host << MU.my_private_ip if MU.my_private_ip
+nrpe_host << node['ipaddress'] if nrpe_host.empty?
+default['nrpe']['allowed_hosts'] = nrpe_host.uniq
+# No idea why this is set wrong by default
+default['chef_node_name'] = node.name
+default['nagios']['host_name_attribute'] = 'chef_node_name'
+default['application_attributes']['logs']['volume_size_gb'] = 50
+default['application_attributes']['logs']['mount_device'] = "/dev/xvdl"
+default['application_attributes']['logs']['label'] = "#{node['hostname']} /Mu_Logs"
+default['application_attributes']['logs']['secure_location'] = MU.adminBucketName
+default['application_attributes']['logs']['ebs_keyfile'] = "log_vol_ebs_key"
+default['application_attributes']['logs']['mount_directory'] = "/Mu_Logs"
+case node['platform']
+  when "centos"
+    ssh_user = "root" if node['platform_version'].to_i == 6
+    ssh_user = "centos" if node['platform_version'].to_i == 7
+  when "redhat"
+    ssh_user = "ec2-user"
+end
+default['application_attributes']['sshd_allow_groups'] = "#{ssh_user} mu-users"
+default['application_attributes']['sshd_allow_password_auth'] = true
+default['update_nagios_only'] = false
+default['apache']['listen'] = [80, 443, 8443]

data/cookbooks/mu-master/files/default/0-mu-log-server.conf ADDED Viewed

@@ -0,0 +1,19 @@
+# make gtls driver the default
+$DefaultNetstreamDriver gtls
+# certificate files
+$DefaultNetstreamDriverCAFile /etc/pki/rsyslog/Mu_CA.pem
+$DefaultNetstreamDriverCertFile /etc/pki/rsyslog/rsyslog.crt
+$DefaultNetstreamDriverKeyFile /etc/pki/rsyslog/rsyslog.key
+$ModLoad imtcp # load TCP listener
+$InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
+$InputTCPServerStreamDriverAuthMode anon # client is NOT authenticated
+$InputTCPServerRun 10514 # start up listener at port 10514
+if $fromhost-ip != '127.0.0.1' then /Mu_Logs/nodes.log
+& ~
+if $fromhost-ip == '127.0.0.1' then /Mu_Logs/master.log

data/cookbooks/mu-master/files/default/addRSA.ldif ADDED Viewed

@@ -0,0 +1,8 @@
+dn: cn=RSA,cn=encryption,cn=config
+changetype: add
+objectclass: top
+objectclass: nsEncryptionModule
+cn: RSA
+nsSSLPersonalitySSL: ldap
+nsSSLToken: internal (software)
+nsSSLActivation: on