cloud-mu 2.1.0beta → 3.0.0beta
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/Berksfile +4 -5
- data/Berksfile.lock +179 -0
- data/README.md +1 -6
- data/ansible/roles/geerlingguy.firewall/templates/firewall.bash.j2 +0 -0
- data/ansible/roles/mu-installer/README.md +33 -0
- data/ansible/roles/mu-installer/defaults/main.yml +2 -0
- data/ansible/roles/mu-installer/handlers/main.yml +2 -0
- data/ansible/roles/mu-installer/meta/main.yml +60 -0
- data/ansible/roles/mu-installer/tasks/main.yml +13 -0
- data/ansible/roles/mu-installer/tests/inventory +2 -0
- data/ansible/roles/mu-installer/tests/test.yml +5 -0
- data/ansible/roles/mu-installer/vars/main.yml +2 -0
- data/bin/mu-adopt +125 -0
- data/bin/mu-aws-setup +4 -4
- data/bin/mu-azure-setup +265 -0
- data/bin/mu-azure-tests +43 -0
- data/bin/mu-cleanup +20 -8
- data/bin/mu-configure +224 -98
- data/bin/mu-deploy +8 -3
- data/bin/mu-gcp-setup +16 -8
- data/bin/mu-gen-docs +92 -8
- data/bin/mu-load-config.rb +52 -12
- data/bin/mu-momma-cat +36 -0
- data/bin/mu-node-manage +34 -27
- data/bin/mu-self-update +2 -2
- data/bin/mu-ssh +12 -8
- data/bin/mu-upload-chef-artifacts +11 -4
- data/bin/mu-user-manage +3 -0
- data/cloud-mu.gemspec +8 -11
- data/cookbooks/firewall/libraries/helpers_iptables.rb +2 -2
- data/cookbooks/firewall/metadata.json +1 -1
- data/cookbooks/firewall/recipes/default.rb +5 -9
- data/cookbooks/mu-firewall/attributes/default.rb +2 -0
- data/cookbooks/mu-firewall/metadata.rb +1 -1
- data/cookbooks/mu-glusterfs/templates/default/mu-gluster-client.erb +0 -0
- data/cookbooks/mu-master/Berksfile +2 -2
- data/cookbooks/mu-master/files/default/check_mem.pl +0 -0
- data/cookbooks/mu-master/files/default/cloudamatic.png +0 -0
- data/cookbooks/mu-master/metadata.rb +5 -4
- data/cookbooks/mu-master/recipes/389ds.rb +1 -1
- data/cookbooks/mu-master/recipes/basepackages.rb +30 -10
- data/cookbooks/mu-master/recipes/default.rb +59 -7
- data/cookbooks/mu-master/recipes/firewall-holes.rb +1 -1
- data/cookbooks/mu-master/recipes/init.rb +65 -47
- data/cookbooks/mu-master/recipes/{eks-kubectl.rb → kubectl.rb} +4 -10
- data/cookbooks/mu-master/recipes/sssd.rb +2 -1
- data/cookbooks/mu-master/recipes/update_nagios_only.rb +6 -6
- data/cookbooks/mu-master/templates/default/web_app.conf.erb +2 -2
- data/cookbooks/mu-master/templates/mods/ldap.conf.erb +4 -0
- data/cookbooks/mu-php54/Berksfile +1 -2
- data/cookbooks/mu-php54/metadata.rb +4 -5
- data/cookbooks/mu-php54/recipes/default.rb +1 -1
- data/cookbooks/mu-splunk/templates/default/splunk-init.erb +0 -0
- data/cookbooks/mu-tools/Berksfile +3 -2
- data/cookbooks/mu-tools/files/default/Mu_CA.pem +33 -0
- data/cookbooks/mu-tools/libraries/helper.rb +20 -8
- data/cookbooks/mu-tools/metadata.rb +5 -2
- data/cookbooks/mu-tools/recipes/apply_security.rb +2 -3
- data/cookbooks/mu-tools/recipes/eks.rb +1 -1
- data/cookbooks/mu-tools/recipes/gcloud.rb +5 -30
- data/cookbooks/mu-tools/recipes/nagios.rb +1 -1
- data/cookbooks/mu-tools/recipes/rsyslog.rb +1 -0
- data/cookbooks/mu-tools/recipes/selinux.rb +19 -0
- data/cookbooks/mu-tools/recipes/split_var_partitions.rb +0 -1
- data/cookbooks/mu-tools/recipes/windows-client.rb +256 -122
- data/cookbooks/mu-tools/resources/disk.rb +3 -1
- data/cookbooks/mu-tools/templates/amazon/sshd_config.erb +1 -1
- data/cookbooks/mu-tools/templates/default/etc_hosts.erb +1 -1
- data/cookbooks/mu-tools/templates/default/{kubeconfig.erb → kubeconfig-eks.erb} +0 -0
- data/cookbooks/mu-tools/templates/default/kubeconfig-gke.erb +27 -0
- data/cookbooks/mu-tools/templates/windows-10/sshd_config.erb +137 -0
- data/cookbooks/mu-utility/recipes/nat.rb +4 -0
- data/extras/alpha.png +0 -0
- data/extras/beta.png +0 -0
- data/extras/clean-stock-amis +2 -2
- data/extras/generate-stock-images +131 -0
- data/extras/git-fix-permissions-hook +0 -0
- data/extras/image-generators/AWS/centos6.yaml +17 -0
- data/extras/image-generators/{aws → AWS}/centos7-govcloud.yaml +0 -0
- data/extras/image-generators/{aws → AWS}/centos7.yaml +0 -0
- data/extras/image-generators/{aws → AWS}/rhel7.yaml +0 -0
- data/extras/image-generators/{aws → AWS}/win2k12.yaml +0 -0
- data/extras/image-generators/{aws → AWS}/win2k16.yaml +0 -0
- data/extras/image-generators/{aws → AWS}/windows.yaml +0 -0
- data/extras/image-generators/{gcp → Google}/centos6.yaml +1 -0
- data/extras/image-generators/Google/centos7.yaml +18 -0
- data/extras/python_rpm/build.sh +0 -0
- data/extras/release.png +0 -0
- data/extras/ruby_rpm/build.sh +0 -0
- data/extras/ruby_rpm/muby.spec +1 -1
- data/install/README.md +43 -5
- data/install/deprecated-bash-library.sh +0 -0
- data/install/installer +1 -1
- data/install/jenkinskeys.rb +0 -0
- data/install/mu-master.yaml +55 -0
- data/modules/mommacat.ru +41 -7
- data/modules/mu.rb +444 -149
- data/modules/mu/adoption.rb +500 -0
- data/modules/mu/cleanup.rb +235 -158
- data/modules/mu/cloud.rb +675 -138
- data/modules/mu/clouds/aws.rb +156 -24
- data/modules/mu/clouds/aws/alarm.rb +4 -14
- data/modules/mu/clouds/aws/bucket.rb +60 -18
- data/modules/mu/clouds/aws/cache_cluster.rb +8 -20
- data/modules/mu/clouds/aws/collection.rb +12 -22
- data/modules/mu/clouds/aws/container_cluster.rb +209 -118
- data/modules/mu/clouds/aws/database.rb +120 -45
- data/modules/mu/clouds/aws/dnszone.rb +7 -18
- data/modules/mu/clouds/aws/endpoint.rb +5 -15
- data/modules/mu/clouds/aws/firewall_rule.rb +144 -72
- data/modules/mu/clouds/aws/folder.rb +4 -11
- data/modules/mu/clouds/aws/function.rb +6 -16
- data/modules/mu/clouds/aws/group.rb +4 -12
- data/modules/mu/clouds/aws/habitat.rb +11 -13
- data/modules/mu/clouds/aws/loadbalancer.rb +40 -28
- data/modules/mu/clouds/aws/log.rb +5 -13
- data/modules/mu/clouds/aws/msg_queue.rb +9 -24
- data/modules/mu/clouds/aws/nosqldb.rb +4 -12
- data/modules/mu/clouds/aws/notifier.rb +6 -13
- data/modules/mu/clouds/aws/role.rb +69 -40
- data/modules/mu/clouds/aws/search_domain.rb +17 -20
- data/modules/mu/clouds/aws/server.rb +184 -94
- data/modules/mu/clouds/aws/server_pool.rb +33 -38
- data/modules/mu/clouds/aws/storage_pool.rb +5 -12
- data/modules/mu/clouds/aws/user.rb +59 -33
- data/modules/mu/clouds/aws/userdata/linux.erb +18 -30
- data/modules/mu/clouds/aws/userdata/windows.erb +9 -9
- data/modules/mu/clouds/aws/vpc.rb +214 -145
- data/modules/mu/clouds/azure.rb +978 -44
- data/modules/mu/clouds/azure/container_cluster.rb +413 -0
- data/modules/mu/clouds/azure/firewall_rule.rb +500 -0
- data/modules/mu/clouds/azure/habitat.rb +167 -0
- data/modules/mu/clouds/azure/loadbalancer.rb +205 -0
- data/modules/mu/clouds/azure/role.rb +211 -0
- data/modules/mu/clouds/azure/server.rb +810 -0
- data/modules/mu/clouds/azure/user.rb +257 -0
- data/modules/mu/clouds/azure/userdata/README.md +4 -0
- data/modules/mu/clouds/azure/userdata/linux.erb +137 -0
- data/modules/mu/clouds/azure/userdata/windows.erb +275 -0
- data/modules/mu/clouds/azure/vpc.rb +782 -0
- data/modules/mu/clouds/cloudformation.rb +12 -9
- data/modules/mu/clouds/cloudformation/firewall_rule.rb +5 -13
- data/modules/mu/clouds/cloudformation/server.rb +10 -1
- data/modules/mu/clouds/cloudformation/server_pool.rb +1 -0
- data/modules/mu/clouds/cloudformation/vpc.rb +0 -2
- data/modules/mu/clouds/google.rb +554 -117
- data/modules/mu/clouds/google/bucket.rb +173 -32
- data/modules/mu/clouds/google/container_cluster.rb +1112 -157
- data/modules/mu/clouds/google/database.rb +24 -47
- data/modules/mu/clouds/google/firewall_rule.rb +344 -89
- data/modules/mu/clouds/google/folder.rb +156 -79
- data/modules/mu/clouds/google/group.rb +272 -82
- data/modules/mu/clouds/google/habitat.rb +177 -52
- data/modules/mu/clouds/google/loadbalancer.rb +9 -34
- data/modules/mu/clouds/google/role.rb +1211 -0
- data/modules/mu/clouds/google/server.rb +491 -227
- data/modules/mu/clouds/google/server_pool.rb +233 -48
- data/modules/mu/clouds/google/user.rb +479 -125
- data/modules/mu/clouds/google/userdata/linux.erb +3 -3
- data/modules/mu/clouds/google/userdata/windows.erb +9 -9
- data/modules/mu/clouds/google/vpc.rb +381 -223
- data/modules/mu/config.rb +689 -214
- data/modules/mu/config/bucket.rb +1 -1
- data/modules/mu/config/cache_cluster.rb +1 -1
- data/modules/mu/config/cache_cluster.yml +0 -4
- data/modules/mu/config/container_cluster.rb +18 -9
- data/modules/mu/config/database.rb +6 -23
- data/modules/mu/config/firewall_rule.rb +9 -15
- data/modules/mu/config/folder.rb +22 -21
- data/modules/mu/config/habitat.rb +22 -21
- data/modules/mu/config/loadbalancer.rb +2 -2
- data/modules/mu/config/role.rb +9 -40
- data/modules/mu/config/server.rb +26 -5
- data/modules/mu/config/server_pool.rb +1 -1
- data/modules/mu/config/storage_pool.rb +2 -2
- data/modules/mu/config/user.rb +4 -0
- data/modules/mu/config/vpc.rb +350 -110
- data/modules/mu/defaults/{amazon_images.yaml → AWS.yaml} +37 -39
- data/modules/mu/defaults/Azure.yaml +17 -0
- data/modules/mu/defaults/Google.yaml +24 -0
- data/modules/mu/defaults/README.md +1 -1
- data/modules/mu/deploy.rb +168 -125
- data/modules/mu/groomer.rb +2 -1
- data/modules/mu/groomers/ansible.rb +104 -32
- data/modules/mu/groomers/chef.rb +96 -44
- data/modules/mu/kittens.rb +20602 -0
- data/modules/mu/logger.rb +38 -11
- data/modules/mu/master.rb +90 -8
- data/modules/mu/master/chef.rb +2 -3
- data/modules/mu/master/ldap.rb +0 -1
- data/modules/mu/master/ssl.rb +250 -0
- data/modules/mu/mommacat.rb +917 -513
- data/modules/scratchpad.erb +1 -1
- data/modules/tests/super_complex_bok.yml +0 -0
- data/modules/tests/super_simple_bok.yml +0 -0
- data/roles/mu-master.json +2 -1
- data/spec/azure_creds +5 -0
- data/spec/mu.yaml +56 -0
- data/spec/mu/clouds/azure_spec.rb +164 -27
- data/spec/spec_helper.rb +5 -0
- data/test/clean_up.py +0 -0
- data/test/exec_inspec.py +0 -0
- data/test/exec_mu_install.py +0 -0
- data/test/exec_retry.py +0 -0
- data/test/smoke_test.rb +0 -0
- metadata +90 -118
- data/cookbooks/mu-jenkins/Berksfile +0 -14
- data/cookbooks/mu-jenkins/CHANGELOG.md +0 -13
- data/cookbooks/mu-jenkins/LICENSE +0 -37
- data/cookbooks/mu-jenkins/README.md +0 -105
- data/cookbooks/mu-jenkins/attributes/default.rb +0 -42
- data/cookbooks/mu-jenkins/files/default/cleanup_deploy_config.xml +0 -73
- data/cookbooks/mu-jenkins/files/default/deploy_config.xml +0 -44
- data/cookbooks/mu-jenkins/metadata.rb +0 -21
- data/cookbooks/mu-jenkins/recipes/default.rb +0 -195
- data/cookbooks/mu-jenkins/recipes/node-ssh-config.rb +0 -54
- data/cookbooks/mu-jenkins/recipes/public_key.rb +0 -24
- data/cookbooks/mu-jenkins/templates/default/example_job.config.xml.erb +0 -24
- data/cookbooks/mu-jenkins/templates/default/org.jvnet.hudson.plugins.SSHBuildWrapper.xml.erb +0 -14
- data/cookbooks/mu-jenkins/templates/default/ssh_config.erb +0 -6
- data/cookbooks/nagios/Berksfile +0 -11
- data/cookbooks/nagios/CHANGELOG.md +0 -589
- data/cookbooks/nagios/CONTRIBUTING.md +0 -11
- data/cookbooks/nagios/LICENSE +0 -37
- data/cookbooks/nagios/README.md +0 -328
- data/cookbooks/nagios/TESTING.md +0 -2
- data/cookbooks/nagios/attributes/config.rb +0 -171
- data/cookbooks/nagios/attributes/default.rb +0 -228
- data/cookbooks/nagios/chefignore +0 -102
- data/cookbooks/nagios/definitions/command.rb +0 -33
- data/cookbooks/nagios/definitions/contact.rb +0 -33
- data/cookbooks/nagios/definitions/contactgroup.rb +0 -33
- data/cookbooks/nagios/definitions/host.rb +0 -33
- data/cookbooks/nagios/definitions/hostdependency.rb +0 -33
- data/cookbooks/nagios/definitions/hostescalation.rb +0 -34
- data/cookbooks/nagios/definitions/hostgroup.rb +0 -33
- data/cookbooks/nagios/definitions/nagios_conf.rb +0 -38
- data/cookbooks/nagios/definitions/resource.rb +0 -33
- data/cookbooks/nagios/definitions/service.rb +0 -33
- data/cookbooks/nagios/definitions/servicedependency.rb +0 -33
- data/cookbooks/nagios/definitions/serviceescalation.rb +0 -34
- data/cookbooks/nagios/definitions/servicegroup.rb +0 -33
- data/cookbooks/nagios/definitions/timeperiod.rb +0 -33
- data/cookbooks/nagios/libraries/base.rb +0 -314
- data/cookbooks/nagios/libraries/command.rb +0 -91
- data/cookbooks/nagios/libraries/contact.rb +0 -230
- data/cookbooks/nagios/libraries/contactgroup.rb +0 -112
- data/cookbooks/nagios/libraries/custom_option.rb +0 -36
- data/cookbooks/nagios/libraries/data_bag_helper.rb +0 -23
- data/cookbooks/nagios/libraries/default.rb +0 -90
- data/cookbooks/nagios/libraries/host.rb +0 -412
- data/cookbooks/nagios/libraries/hostdependency.rb +0 -181
- data/cookbooks/nagios/libraries/hostescalation.rb +0 -173
- data/cookbooks/nagios/libraries/hostgroup.rb +0 -119
- data/cookbooks/nagios/libraries/nagios.rb +0 -282
- data/cookbooks/nagios/libraries/resource.rb +0 -59
- data/cookbooks/nagios/libraries/service.rb +0 -455
- data/cookbooks/nagios/libraries/servicedependency.rb +0 -215
- data/cookbooks/nagios/libraries/serviceescalation.rb +0 -195
- data/cookbooks/nagios/libraries/servicegroup.rb +0 -144
- data/cookbooks/nagios/libraries/timeperiod.rb +0 -160
- data/cookbooks/nagios/libraries/users_helper.rb +0 -54
- data/cookbooks/nagios/metadata.rb +0 -25
- data/cookbooks/nagios/recipes/_load_databag_config.rb +0 -153
- data/cookbooks/nagios/recipes/_load_default_config.rb +0 -241
- data/cookbooks/nagios/recipes/apache.rb +0 -48
- data/cookbooks/nagios/recipes/default.rb +0 -204
- data/cookbooks/nagios/recipes/nginx.rb +0 -82
- data/cookbooks/nagios/recipes/pagerduty.rb +0 -143
- data/cookbooks/nagios/recipes/server_package.rb +0 -40
- data/cookbooks/nagios/recipes/server_source.rb +0 -164
- data/cookbooks/nagios/templates/default/apache2.conf.erb +0 -96
- data/cookbooks/nagios/templates/default/cgi.cfg.erb +0 -266
- data/cookbooks/nagios/templates/default/commands.cfg.erb +0 -13
- data/cookbooks/nagios/templates/default/contacts.cfg.erb +0 -37
- data/cookbooks/nagios/templates/default/hostgroups.cfg.erb +0 -25
- data/cookbooks/nagios/templates/default/hosts.cfg.erb +0 -15
- data/cookbooks/nagios/templates/default/htpasswd.users.erb +0 -6
- data/cookbooks/nagios/templates/default/nagios.cfg.erb +0 -22
- data/cookbooks/nagios/templates/default/nginx.conf.erb +0 -62
- data/cookbooks/nagios/templates/default/pagerduty.cgi.erb +0 -185
- data/cookbooks/nagios/templates/default/resource.cfg.erb +0 -27
- data/cookbooks/nagios/templates/default/servicedependencies.cfg.erb +0 -15
- data/cookbooks/nagios/templates/default/servicegroups.cfg.erb +0 -14
- data/cookbooks/nagios/templates/default/services.cfg.erb +0 -14
- data/cookbooks/nagios/templates/default/templates.cfg.erb +0 -31
- data/cookbooks/nagios/templates/default/timeperiods.cfg.erb +0 -13
- data/extras/image-generators/aws/centos6.yaml +0 -18
- data/modules/mu/defaults/google_images.yaml +0 -16
- data/roles/mu-master-jenkins.json +0 -24
@@ -36,7 +36,7 @@ ENV['PATH'] = ENV['PATH']+":/bin:/opt/opscode/embedded/bin"
|
|
36
36
|
# XXX We want to be able to override these things when invoked from chef-apply,
|
37
37
|
# but, like, how?
|
38
38
|
CHEF_SERVER_VERSION="12.17.15-1"
|
39
|
-
CHEF_CLIENT_VERSION="14.11
|
39
|
+
CHEF_CLIENT_VERSION="14.13.11"
|
40
40
|
KNIFE_WINDOWS="1.9.0"
|
41
41
|
MU_BASE="/opt/mu"
|
42
42
|
MU_BRANCH="master" # GIT HOOK EDITABLE DO NOT TOUCH
|
@@ -171,45 +171,60 @@ removepackages = []
|
|
171
171
|
rpms = {}
|
172
172
|
dpkgs = {}
|
173
173
|
|
174
|
-
elversion = node['platform_version'].
|
175
|
-
if platform_family?("rhel")
|
176
|
-
basepackages = ["git", "curl", "diffutils", "patch", "gcc", "gcc-c++", "make", "postgresql-devel", "libyaml", "libffi-devel", "tcl", "tk"]
|
177
|
-
# package epel-release-6-8.9.amzn1.noarch (which is newer than epel-release-6-8.noarch) is already installed
|
174
|
+
elversion = node['platform_version'].split('.')[0]
|
178
175
|
|
179
|
-
|
180
|
-
"epel-release" => "http://dl.fedoraproject.org/pub/epel/epel-release-latest-#{elversion}.noarch.rpm",
|
181
|
-
"chef-server-core" => "https://packages.chef.io/files/stable/chef-server/#{CHEF_SERVER_VERSION.sub(/\-\d+$/, "")}/el/#{elversion}/chef-server-core-#{CHEF_SERVER_VERSION}.el#{elversion}.x86_64.rpm"
|
182
|
-
}
|
176
|
+
rhelbase = ["git", "curl", "diffutils", "patch", "gcc", "gcc-c++", "make", "postgresql-devel", "libyaml", "libffi-devel", "tcl", "tk"]
|
183
177
|
|
178
|
+
case node['platform_family']
|
179
|
+
when 'rhel'
|
184
180
|
|
185
|
-
|
186
|
-
raise "Mu Masters on RHEL-family hosts must be equivalent to RHEL6 or RHEL7 (got #{elversion})"
|
181
|
+
basepackages = rhelbase
|
187
182
|
|
188
|
-
|
189
|
-
|
190
|
-
basepackages.concat(["mysql-devel"])
|
191
|
-
rpms["ruby25"] = "https://s3.amazonaws.com/cloudamatic/muby-2.5.3-1.el6.x86_64.rpm"
|
192
|
-
rpms["python27"] = "https://s3.amazonaws.com/cloudamatic/muthon-2.7.16-1.el6.x86_64.rpm"
|
193
|
-
|
183
|
+
case node['platform_version'].split('.')[0].to_i
|
184
|
+
when 6
|
185
|
+
basepackages.concat(["cryptsetup-luks", "mysql-devel", "centos-release-scl"])
|
194
186
|
removepackages = ["nagios"]
|
195
187
|
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
|
202
|
-
|
203
|
-
|
204
|
-
if node['platform_version'].to_i > 2000
|
205
|
-
basepackages.concat(["compat-libffi5"])
|
206
|
-
rpms.delete("epel-release")
|
188
|
+
when 7
|
189
|
+
basepackages.concat(['libX11', 'mariadb-devel', 'cryptsetup'])
|
190
|
+
removepackages = ['nagios', 'firewalld']
|
191
|
+
|
192
|
+
when 8
|
193
|
+
raise "Mu currently does not support RHEL 8... but I assume it will in the future... But I am Bill and I am hopeful about the future."
|
194
|
+
else
|
195
|
+
raise "Mu does not support RHEL #{node['platform_version']} (matched on #{node['platform_version'].split('.')[0]})"
|
207
196
|
end
|
208
197
|
|
198
|
+
when 'amazon'
|
199
|
+
basepackages = rhelbase
|
200
|
+
rpms.delete('epel-release')
|
201
|
+
|
202
|
+
case node['platform_version'].split('.')[0]
|
203
|
+
when '1', '6' #REALLY THIS IS AMAZON LINUX 1, BUT IT IS BASED OFF OF RHEL 6
|
204
|
+
basepackages.concat(['mysql-devel', 'libffi-devel'])
|
205
|
+
basepackages.delete('tk')
|
206
|
+
removepackages = ["nagios"]
|
207
|
+
|
208
|
+
when '2'
|
209
|
+
basepackages.concat(['libX11', 'mariadb-devel', 'cryptsetup', 'ncurses-devel', 'ncurses-compat-libs', 'iptables-services'])
|
210
|
+
removepackages = ['nagios', 'firewalld']
|
211
|
+
elversion = '7' #HACK TO FORCE AMAZON LINUX 2 TO BE TREATED LIKE RHEL 7
|
212
|
+
|
213
|
+
else
|
214
|
+
raise "Mu Masters on Amazon-family hosts must be equivalent to Amazon Linux 1 or 2 (got #{node['platform_version'].split('.')[0]})"
|
215
|
+
end
|
209
216
|
else
|
210
|
-
raise "Mu Masters are currently only supported on RHEL
|
217
|
+
raise "Mu Masters are currently only supported on RHEL and Amazon family hosts (got #{node['platform_family']})."
|
211
218
|
end
|
212
219
|
|
220
|
+
rpms = {
|
221
|
+
"epel-release" => "http://dl.fedoraproject.org/pub/epel/epel-release-latest-#{elversion}.noarch.rpm",
|
222
|
+
"chef-server-core" => "https://packages.chef.io/files/stable/chef-server/#{CHEF_SERVER_VERSION.sub(/\-\d+$/, "")}/el/#{elversion}/chef-server-core-#{CHEF_SERVER_VERSION}.el#{elversion}.x86_64.rpm"
|
223
|
+
}
|
224
|
+
|
225
|
+
rpms["ruby25"] = "https://s3.amazonaws.com/cloudamatic/muby-2.5.3-1.el#{elversion}.x86_64.rpm"
|
226
|
+
rpms["python27"] = "https://s3.amazonaws.com/cloudamatic/muthon-2.7.16-1.el#{elversion}.x86_64.rpm"
|
227
|
+
|
213
228
|
package basepackages
|
214
229
|
|
215
230
|
directory MU_BASE do
|
@@ -302,6 +317,10 @@ execute "clean up old ruby-2.3.1" do
|
|
302
317
|
only_if { ::Dir.exist?("/opt/rubies/ruby-2.3.1") }
|
303
318
|
end
|
304
319
|
|
320
|
+
execute "yum makecache" do
|
321
|
+
action :nothing
|
322
|
+
end
|
323
|
+
|
305
324
|
# Regular old rpm-based installs
|
306
325
|
rpms.each_pair { |pkg, src|
|
307
326
|
rpm_package pkg do
|
@@ -309,6 +328,9 @@ rpms.each_pair { |pkg, src|
|
|
309
328
|
if pkg == "ruby25"
|
310
329
|
options '--prefix=/opt/rubies/'
|
311
330
|
end
|
331
|
+
if pkg == "epel-release"
|
332
|
+
notifies :run, "execute[yum makecache]", :immediately
|
333
|
+
end
|
312
334
|
if pkg == "chef-server-core"
|
313
335
|
notifies :stop, "service[iptables]", :before
|
314
336
|
if File.size?("/etc/opscode/chef-server.rb")
|
@@ -371,7 +393,7 @@ file "#{MU_BASE}/var/users/mu/realname" do
|
|
371
393
|
end
|
372
394
|
end
|
373
395
|
|
374
|
-
["mu-
|
396
|
+
["mu-cleanup", "mu-configure", "mu-deploy", "mu-firewall-allow-clients", "mu-gen-docs", "mu-load-config.rb", "mu-node-manage", "mu-tunnel-nagios", "mu-upload-chef-artifacts", "mu-user-manage", "mu-ssh", "mu-adopt", "mu-azure-setup", "mu-gcp-setup", "mu-aws-setup"].each { |exe|
|
375
397
|
link "#{MU_BASE}/bin/#{exe}" do
|
376
398
|
to "#{MU_BASE}/lib/bin/#{exe}"
|
377
399
|
end
|
@@ -432,26 +454,15 @@ end
|
|
432
454
|
execute "rm -rf #{gemdir}/knife-windows-#{Regexp.last_match[1]}"
|
433
455
|
}
|
434
456
|
|
435
|
-
# XXX rely on bundler to get this right for us
|
436
|
-
# gem_package "#{rubydir} knife-windows #{KNIFE_WINDOWS} #{gembin}" do
|
437
|
-
# gem_binary gembin
|
438
|
-
# package_name "knife-windows"
|
439
|
-
# version KNIFE_WINDOWS
|
440
|
-
# notifies :restart, "service[chef-server]", :delayed if rubydir == "/opt/opscode/embedded"
|
441
|
-
# # XXX notify mommacat if we're *not* in chef-apply... RUNNING_STANDALONE
|
442
|
-
# end
|
443
|
-
|
444
|
-
# execute "Patch #{rubydir}'s knife-windows for Cygwin SSH bootstraps" do
|
445
|
-
# cwd "#{gemdir}/knife-windows-#{KNIFE_WINDOWS}"
|
446
|
-
# command "patch -p1 < #{MU_BASE}/lib/install/knife-windows-cygwin-#{KNIFE_WINDOWS}.patch"
|
447
|
-
# not_if "grep -i 'locate_config_value(:cygwin)' #{gemdir}/knife-windows-#{KNIFE_WINDOWS}/lib/chef/knife/bootstrap_windows_base.rb"
|
448
|
-
# notifies :restart, "service[chef-server]", :delayed if rubydir == "/opt/opscode/embedded"
|
449
|
-
# only_if { ::Dir.exist?(gemdir) }
|
450
|
-
# XXX notify mommacat if we're *not* in chef-apply... RUNNING_STANDALONE
|
451
|
-
# end
|
452
457
|
end
|
453
458
|
}
|
454
459
|
|
460
|
+
# This is mostly to make sure Berkshelf has a clean and current environment to
|
461
|
+
# live with.
|
462
|
+
execute "/usr/local/ruby-current/bin/bundle clean --force" do
|
463
|
+
cwd "#{MU_BASE}/lib/modules"
|
464
|
+
only_if { RUNNING_STANDALONE }
|
465
|
+
end
|
455
466
|
|
456
467
|
# Get a 'mu' Chef org in place and populate it with artifacts
|
457
468
|
directory "/root/.chef"
|
@@ -567,3 +578,10 @@ end
|
|
567
578
|
notifies :run, "bash[fix #{rubydir} gem permissions]", :delayed
|
568
579
|
end
|
569
580
|
}
|
581
|
+
bash "fix misc permissions" do
|
582
|
+
code <<-EOH
|
583
|
+
find #{MU_BASE}/lib -not -path "#{MU_BASE}/.git" -type d -exec chmod go+r {} \\;
|
584
|
+
find #{MU_BASE}/lib -not -path "#{MU_BASE}/.git/*" -type f -exec chmod go+r {} \\;
|
585
|
+
chmod go+rx #{MU_BASE}/lib/bin/* #{MU_BASE}/lib/extras/*-stock-* #{MU_BASE}/lib/extras/vault_tools/*.sh
|
586
|
+
EOH
|
587
|
+
end
|
@@ -1,5 +1,5 @@
|
|
1
1
|
# Cookbook Name:: mu-master
|
2
|
-
# Recipe::
|
2
|
+
# Recipe:: kubectl
|
3
3
|
#
|
4
4
|
# Copyright:: Copyright (c) 2018 eGlobalTech, Inc., all rights reserved
|
5
5
|
#
|
@@ -23,19 +23,13 @@
|
|
23
23
|
# templates.
|
24
24
|
#
|
25
25
|
remote_file "/opt/mu/bin/kubectl" do
|
26
|
-
source "https://amazon-eks.s3-us-west-2.amazonaws.com/1.
|
26
|
+
source "https://amazon-eks.s3-us-west-2.amazonaws.com/1.14.6/2019-08-22/bin/linux/amd64/kubectl"
|
27
27
|
mode 0755
|
28
|
-
not_if "test -f /opt/mu/bin/kubectl"
|
28
|
+
not_if "test -f /opt/mu/bin/kubectl && kubectl version --short | grep 1.14.6"
|
29
29
|
end
|
30
30
|
|
31
31
|
remote_file "/opt/mu/bin/aws-iam-authenticator" do
|
32
|
-
source "https://amazon-eks.s3-us-west-2.amazonaws.com/1.
|
32
|
+
source "https://amazon-eks.s3-us-west-2.amazonaws.com/1.14.6/2019-08-22/bin/linux/amd64/aws-iam-authenticator"
|
33
33
|
mode 0755
|
34
34
|
not_if "test -f /opt/mu/bin/aws-iam-authenticator"
|
35
35
|
end
|
36
|
-
|
37
|
-
# in brand new accounts where no load balancer has been created, something
|
38
|
-
# has to do this before EKS has to, because by default it can't
|
39
|
-
execute "aws iam create-service-linked-role --aws-service-name 'elasticloadbalancing.amazonaws.com'" do
|
40
|
-
not_if "aws iam list-roles | grep /aws-service-role/elasticloadbalancing.amazonaws.com/"
|
41
|
-
end
|
@@ -58,7 +58,8 @@ service "oddjobd" do
|
|
58
58
|
start_command "sh -x /etc/init.d/oddjobd start" if %w{redhat centos}.include?(node['platform']) && node['platform_version'].to_i == 6 # seems to actually work
|
59
59
|
action [:enable, :start]
|
60
60
|
end
|
61
|
-
|
61
|
+
package "authconfig"
|
62
|
+
execute "LC_ALL=C /usr/sbin/authconfig --disablenis --disablecache --disablewinbind --disablewinbindauth --enablemkhomedir --disablekrb5 --enablesssd --enablesssdauth --enablelocauthorize --disableforcelegacy --disableldap --disableldapauth --updateall" do
|
62
63
|
notifies :restart, "service[oddjobd]", :immediately
|
63
64
|
notifies :reload, "service[sshd]", :delayed
|
64
65
|
not_if "grep pam_sss.so /etc/pam.d/password-auth"
|
@@ -16,8 +16,8 @@
|
|
16
16
|
# See the License for the specific language governing permissions and
|
17
17
|
# limitations under the License.
|
18
18
|
|
19
|
-
include_recipe "nagios::server_source"
|
20
|
-
include_recipe "nagios"
|
19
|
+
include_recipe "mu-nagios::server_source"
|
20
|
+
include_recipe "mu-nagios"
|
21
21
|
include_recipe 'mu-master::firewall-holes'
|
22
22
|
|
23
23
|
if $MU_CFG.has_key?('ldap')
|
@@ -49,7 +49,7 @@ file "/etc/sysconfig/nagios" do
|
|
49
49
|
content "checkconfig=\"false\"\n"
|
50
50
|
mode 0600
|
51
51
|
end
|
52
|
-
include_recipe "nagios"
|
52
|
+
include_recipe "mu-nagios"
|
53
53
|
|
54
54
|
# scrub our old stuff if it's around
|
55
55
|
["nagios_fifo", "nagios_more_selinux"].each { |policy|
|
@@ -139,15 +139,15 @@ Dir.glob("/usr/lib/cgi-bin/*.cgi").each { |script|
|
|
139
139
|
|
140
140
|
["/usr/lib/cgi-bin"].each { |cgidir|
|
141
141
|
if Dir.exist?(cgidir)
|
142
|
-
execute "chcon -R -h
|
142
|
+
execute "chcon -R -h system_u:object_r:httpd_sys_script_exec_t #{cgidir}" do
|
143
143
|
not_if "ls -aZ #{cgidir} | grep ':httpd_sys_script_exec_t:'"
|
144
144
|
notifies :reload, "service[apache2]", :delayed
|
145
145
|
end
|
146
146
|
end
|
147
147
|
}
|
148
148
|
if File.exist?("/usr/lib64/nagios/plugins/check_nagios")
|
149
|
-
execute "chcon -R -h
|
150
|
-
not_if "ls -aZ /usr/lib64/nagios/plugins/check_nagios | grep ':
|
149
|
+
execute "chcon -R -h system_u:object_r:nagios_unconfined_plugin_exec_t /usr/lib64/nagios/plugins/check_nagios" do
|
150
|
+
not_if "ls -aZ /usr/lib64/nagios/plugins/check_nagios | grep 'object_r:nagios_'"
|
151
151
|
end
|
152
152
|
end
|
153
153
|
|
@@ -27,8 +27,8 @@
|
|
27
27
|
AllowEncodedSlashes off
|
28
28
|
|
29
29
|
# Scratchpad, the Mu secret-sharer
|
30
|
-
ProxyPass /scratchpad https://localhost
|
31
|
-
ProxyPassReverse /scratchpad https://localhost
|
30
|
+
ProxyPass /scratchpad https://localhost:<%= MU.mommaCatPort.to_s %>/scratchpad
|
31
|
+
ProxyPassReverse /scratchpad https://localhost:<%= MU.mommaCatPort.to_s %>/scratchpad
|
32
32
|
|
33
33
|
# Nagios web UI
|
34
34
|
ProxyPass /nagios/ https://localhost:8443/nagios/
|
@@ -4,11 +4,10 @@ maintainer_email 'mu-developers@googlegroups.com'
|
|
4
4
|
license 'BSD-3-Clause'
|
5
5
|
|
6
6
|
description 'Installs/Configures php'
|
7
|
-
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
|
8
7
|
source_url 'https://github.com/cloudamatic/mu'
|
9
8
|
issues_url 'https://github.com/cloudamatic/mu/issues'
|
10
|
-
chef_version '>= 14.0'
|
11
|
-
version '0.3.
|
9
|
+
chef_version '>= 14.0'
|
10
|
+
version '0.3.1'
|
12
11
|
|
13
12
|
%w( centos ubuntu ).each do |os|
|
14
13
|
supports os
|
@@ -16,6 +15,6 @@ end
|
|
16
15
|
|
17
16
|
depends 'mu-utility'
|
18
17
|
depends 'simple_iptables', '~> 0.8.0'
|
19
|
-
depends 'apache2', '< 4.0'
|
20
18
|
depends 'mysql', '~> 8.5.1'
|
21
|
-
depends 'yum-epel', '~> 3.2.0'
|
19
|
+
depends 'yum-epel', '~> 3.2.0'
|
20
|
+
depends 'apache2', '< 6.0.0'
|
File without changes
|
@@ -4,7 +4,7 @@ source chef_repo: ".."
|
|
4
4
|
metadata
|
5
5
|
|
6
6
|
# Mu Cookbooks
|
7
|
-
cookbook "nagios"
|
7
|
+
cookbook 'mu-nagios' , '~> 8.2.0', git: "https://github.com/cloudamatic/mu-nagios.git"
|
8
8
|
cookbook "mu-utility"
|
9
9
|
cookbook "mu-splunk"
|
10
10
|
cookbook "mu-firewall"
|
@@ -18,4 +18,5 @@ cookbook "java", '~> 2.2.0'
|
|
18
18
|
cookbook "windows", '~> 5.1.1'
|
19
19
|
cookbook "chef-vault", '~> 3.1.1'
|
20
20
|
cookbook "poise-python", '~> 1.7.0'
|
21
|
-
cookbook "yum-epel", '~> 3.2.0'
|
21
|
+
cookbook "yum-epel", '~> 3.2.0'
|
22
|
+
cookbook 'selinux', '~> 3.0.0'
|
@@ -0,0 +1,33 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIFvzCCA6egAwIBAgIJANg7fTwivzSDMA0GCSqGSIb3DQEBDQUAMF0xFjAUBgNV
|
3
|
+
BAMMDTU0LjE3NS44Ni4xOTQxIDAeBgNVBAsMF011IFNlcnZlciA1NC4xNzUuODYu
|
4
|
+
MTk0MRQwEgYDVQQKDAtlR2xvYmFsVGVjaDELMAkGA1UEBhMCVVMwHhcNMTkwODEx
|
5
|
+
MjExMzMwWhcNMjIwNTMxMjExMzMwWjBdMRYwFAYDVQQDDA01NC4xNzUuODYuMTk0
|
6
|
+
MSAwHgYDVQQLDBdNdSBTZXJ2ZXIgNTQuMTc1Ljg2LjE5NDEUMBIGA1UECgwLZUds
|
7
|
+
b2JhbFRlY2gxCzAJBgNVBAYTAlVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
|
8
|
+
CgKCAgEAo7rntOFj/WPNvh00SN55aJBusppsY9arq7QF5gt/9+cBPsjcXn7jJMu0
|
9
|
+
vD9RFqkR8fpkvs01MiTToKHDli30FYSO+pybW/3R8VMby3jU7Df+i20tnB8gZqkc
|
10
|
+
XQGU4c8cGwdu1J/DpRoX5oCOlO2by+2+5nebJd7ABpzl9eE2/1HBJVaHROCVzmbu
|
11
|
+
UCXVIlKAOccgwzPj+r4EHwH4Nyv8cSnh67Fg8jehW21ZltZNXek7upc9421MQLka
|
12
|
+
9TtbBod7DWVQNfc8hAxATlupOnKsKa1n8vZD9bj9xvK2wz1E6lVYbkuxzpOzqBqy
|
13
|
+
PO/6Svt8zTH3pEJMbxwtiwJ8cCLiqSoxj8hOKvvsSmvboN9DwN73JQjOY/pXHaU1
|
14
|
+
/w9syNORnwEKMzs5Eu14dAV1+w7Nk8xff4LHjIYoTWD+zuK6ETVnX8j7f1zwebok
|
15
|
+
HLF0qlnfZhU4uiE8+wU1h6oeGZG9fLV63wlGdUXA+HermzovuJ0d2ocy0O93QQDt
|
16
|
+
Y92dr6UcPfAmzFyX3Rj9FFMYb2/n1G8l5pEd/Qkx3sH04aoxEmyQU0zugo3zQsL9
|
17
|
+
KNyIbp2BTlSh2R/4hWJpWiXFliRvotiJu1s2wdNQ1D3SZgxDbfxf/3j04xgdi5eW
|
18
|
+
e4Q3VnxhRfmkS1NqEzIvPabVLg9qvN419cubpE6HAtBJw/f3ocUCAwEAAaOBgTB/
|
19
|
+
MC8GA1UdEQQoMCaHBDavVsKCCWxvY2FsaG9zdIcEfwAAAYINc3RhbmdlLW11LWRl
|
20
|
+
djAdBgNVHQ4EFgQUr8Sa0Z5sLB3lCkzzL/cQp1g1VtwwHwYDVR0jBBgwFoAUr8Sa
|
21
|
+
0Z5sLB3lCkzzL/cQp1g1VtwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOC
|
22
|
+
AgEAISgwMuoA0es7f8a8aZHuxeUP/160yyMzzoSolKW+JXHDvJjRi/uM5IICkspR
|
23
|
+
19ucWB5NJjp6oLaRTA+Recfpk8rc14GICcjhj/455xlhbg/Dnpwi4S58XEeFnoMY
|
24
|
+
9o/z9xWHafM579oZPrUzT2un/1xZuYaOshXa3hZQa5R/aK24P4rW/oCCmifBm8ij
|
25
|
+
Mdx24gbI2/1aijWXkUrSMpQ1GVTBKs1ArUokrNWHrXeWInGPp3pEj+9C4t6fnzGu
|
26
|
+
QA8zL61yt2ZL5bAedYolWklIkZpbo/5U33tdQP8Jm/HUnbrMLucW1Ar2WV556+1S
|
27
|
+
2D3DyJ6gkJ17wR/6XwwQAwZvvNtBIKtWvjS+pCgKzlb2l+jyFeUDaFdCKoxCsYvw
|
28
|
+
8UMjBNcWYzA6jqmseR+iCxTiGz/kXScOZ9RiFAARGP8yaLNjNZQDPv2Mdm6w7BGB
|
29
|
+
E2K/gxNjq5v6aq2YH8uWkN+/A19UzKwr0GItXWFZHFMUQId5gQre57hvYYlcKbbk
|
30
|
+
wBQoEmE5IfyLizIOHVUZ8HwTLRXi3eZjuGcDM4cviGdCsCfPJSLrLwQXcKKdmXB7
|
31
|
+
6PbucNbPWgHH7V3ny/yi1OeKn2EPM8izxuOZmE6ck4akf+HuAY/NJI2D7dYhZs2P
|
32
|
+
GbrvG4NaRQwTbrrykAcKvFfRb+Wle4YNCf11akm5bHLxAwQ=
|
33
|
+
-----END CERTIFICATE-----
|
@@ -168,7 +168,14 @@ module Mutools
|
|
168
168
|
end
|
169
169
|
|
170
170
|
def get_deploy_secret
|
171
|
-
|
171
|
+
cloud = if !get_aws_metadata("meta-data/instance-id").nil?
|
172
|
+
"AWS"
|
173
|
+
elsif !get_google_metadata("instance/name").nil?
|
174
|
+
"Google"
|
175
|
+
# elsif <some condition here>
|
176
|
+
# "Azure"
|
177
|
+
end
|
178
|
+
uri = URI("https://#{get_mu_master_ips.first}:2260/rest/bucketname/#{cloud}/#{node['credentials']}")
|
172
179
|
http = Net::HTTP.new(uri.hostname, uri.port)
|
173
180
|
http.use_ssl = true
|
174
181
|
http.verify_mode = ::OpenSSL::SSL::VERIFY_NONE # XXX this sucks
|
@@ -177,7 +184,7 @@ module Mutools
|
|
177
184
|
secret = nil
|
178
185
|
filename = mu_get_tag_value("MU-ID")+"-secret"
|
179
186
|
|
180
|
-
if
|
187
|
+
if cloud == "AWS"
|
181
188
|
resp = nil
|
182
189
|
begin
|
183
190
|
resp = s3.get_object(bucket: bucket, key: filename)
|
@@ -187,18 +194,23 @@ module Mutools
|
|
187
194
|
end
|
188
195
|
Chef::Log.info("Fetch deploy secret from s3://#{bucket}/#{filename}")
|
189
196
|
secret = resp.body.read
|
190
|
-
elsif
|
197
|
+
elsif cloud == "Google"
|
191
198
|
include_recipe "mu-tools::gcloud"
|
199
|
+
resp = nil
|
192
200
|
["/opt/google-cloud-sdk/bin/gsutil", "/bin/gsutil"].each { |gsutil|
|
193
201
|
next if !File.exist?(gsutil)
|
194
202
|
Chef::Log.info("Fetching deploy secret: #{gsutil} cp gs://#{bucket}/#{filename} -")
|
195
|
-
if File.exist?("/usr/bin/python2.7")
|
196
|
-
|
197
|
-
secret = shell_out("CLOUDSDK_PYTHON=/usr/bin/python2.7 #{gsutil} cp gs://#{bucket}/#{filename} -").stdout.str
|
203
|
+
cmd = if File.exist?("/usr/bin/python2.7")
|
204
|
+
%Q{CLOUDSDK_PYTHON=/usr/bin/python2.7 #{gsutil} cp gs://#{bucket}/#{filename} -}
|
198
205
|
else
|
199
|
-
|
200
|
-
|
206
|
+
%Q{#{gsutil} cp gs://#{bucket}/#{filename} -}
|
207
|
+
end
|
208
|
+
Chef::Log.info(cmd)
|
209
|
+
resp = shell_out(cmd)
|
210
|
+
if resp.status.exitstatus != 0
|
211
|
+
raise "\nDeploy secret fetch failed with exit code #{resp.status.exitstatus.to_s}: #{resp.stderr}. Command was:\n#{cmd}"
|
201
212
|
end
|
213
|
+
secret = resp.stdout
|
202
214
|
break if !secret.nil? and !secret.empty?
|
203
215
|
}
|
204
216
|
if secret.nil? or secret.empty?
|
@@ -7,14 +7,14 @@ long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
|
|
7
7
|
source_url 'https://github.com/cloudamatic/mu'
|
8
8
|
issues_url 'https://github.com/cloudamatic/mu/issues'
|
9
9
|
chef_version '>= 14.0' if respond_to?(:chef_version)
|
10
|
-
version '1.0
|
10
|
+
version '1.1.0'
|
11
11
|
|
12
12
|
%w( amazon centos redhat windows ).each do |os|
|
13
13
|
supports os
|
14
14
|
end
|
15
15
|
|
16
16
|
depends "oracle-instantclient", '~> 1.1.0'
|
17
|
-
depends "nagios"
|
17
|
+
depends "mu-nagios"
|
18
18
|
depends "database", '~> 6.1.1'
|
19
19
|
depends "postgresql", '~> 7.1.0'
|
20
20
|
depends "mu-utility"
|
@@ -26,3 +26,6 @@ depends "poise-python", '~> 1.7.0'
|
|
26
26
|
depends "yum-epel", '~> 3.2.0'
|
27
27
|
depends "mu-firewall"
|
28
28
|
depends "mu-activedirectory"
|
29
|
+
depends "chocolatey"
|
30
|
+
depends "firewall"
|
31
|
+
depends 'selinux', '~> 3.0.0'
|
@@ -145,7 +145,7 @@ if !node['application_attributes']['skip_recipes'].include?('apply_security')
|
|
145
145
|
end
|
146
146
|
|
147
147
|
|
148
|
-
if node
|
148
|
+
if node['root_login_disabled']
|
149
149
|
#some code
|
150
150
|
end
|
151
151
|
|
@@ -333,10 +333,9 @@ if !node['application_attributes']['skip_recipes'].include?('apply_security')
|
|
333
333
|
device node['application_attributes']['home']['mount_device']
|
334
334
|
size node['application_attributes']['home']['volume_size_gb']
|
335
335
|
preserve_data true
|
336
|
-
not_if "awk '{print $2}' < /etc/mtab | grep '^/home$'"
|
337
336
|
end
|
338
337
|
|
339
|
-
Chef::Log.info("Value of login_disabled is #{node
|
338
|
+
Chef::Log.info("Value of login_disabled is #{node['root_login_disabled']}")
|
340
339
|
|
341
340
|
ruby_block "do a bunch of weird stuff" do # ~FC014
|
342
341
|
block do
|