elzar 0.0.1

data/.chef/knife.rb

@@ -0,0 +1,3 @@
+cookbook_copyright "Relevance"
+cookbook_email     "opfor@thinkrelevance.com"
+cookbook_license   "none"

data/.gitignore

@@ -0,0 +1 @@
+/.vagrant

data/.rvmrc

@@ -0,0 +1 @@
+rvm gemset use elzar

data/Gemfile

@@ -0,0 +1,11 @@
+source :rubygems
+
+group "development" do
+  # chef and vagrant require different versions of json, so we have to force the version manually
+  gem "json",                   "1.5.2"
+
+  gem "vagrant",                "0.8.7"
+  gem "chef",                   "0.10.8"
+  gem "knife-solo",             "0.0.4"
+  gem "knife-github-cookbooks", :git => "git://github.com/sumbach/knife-github-cookbooks.git"
+end

data/Gemfile.lock

@@ -0,0 +1,96 @@
+GIT
+  remote: git://github.com/sumbach/knife-github-cookbooks.git
+  revision: 13d5d7444b468cab24e6fa2d4b07da6ea45ac088
+  specs:
+    knife-github-cookbooks (0.1.5)
+      chef (~> 0.10.0)
+      launchy (~> 0.4.0)
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    archive-tar-minitar (0.5.2)
+    bunny (0.7.9)
+    chef (0.10.8)
+      bunny (>= 0.6.0)
+      erubis
+      highline
+      json (>= 1.4.4, <= 1.6.1)
+      mixlib-authentication (>= 1.1.0)
+      mixlib-cli (>= 1.1.0)
+      mixlib-config (>= 1.1.2)
+      mixlib-log (>= 1.3.0)
+      moneta
+      net-ssh (~> 2.1.3)
+      net-ssh-multi (~> 1.1.0)
+      ohai (>= 0.6.0)
+      rest-client (>= 1.0.4, < 1.7.0)
+      treetop (~> 1.4.9)
+      uuidtools
+    configuration (1.3.1)
+    erubis (2.7.0)
+    ffi (1.0.11)
+    highline (1.6.11)
+    i18n (0.6.0)
+    ipaddress (0.8.0)
+    json (1.5.2)
+    knife-solo (0.0.4)
+      chef (~> 0.10.0)
+      net-ssh (~> 2.1.3)
+    launchy (0.4.0)
+      configuration (>= 0.0.5)
+      rake (>= 0.8.1)
+    mime-types (1.18)
+    mixlib-authentication (1.1.4)
+      mixlib-log
+    mixlib-cli (1.2.2)
+    mixlib-config (1.1.2)
+    mixlib-log (1.3.0)
+    moneta (0.6.0)
+    net-scp (1.0.4)
+      net-ssh (>= 1.99.1)
+    net-ssh (2.1.4)
+    net-ssh-gateway (1.1.0)
+      net-ssh (>= 1.99.1)
+    net-ssh-multi (1.1)
+      net-ssh (>= 2.1.4)
+      net-ssh-gateway (>= 0.99.0)
+    ohai (0.6.12)
+      ipaddress
+      mixlib-cli
+      mixlib-config
+      mixlib-log
+      systemu
+      yajl-ruby
+    polyglot (0.3.3)
+    rake (0.9.2.2)
+    rest-client (1.6.7)
+      mime-types (>= 1.16)
+    systemu (2.5.0)
+    thor (0.14.6)
+    treetop (1.4.10)
+      polyglot
+      polyglot (>= 0.3.1)
+    uuidtools (2.1.2)
+    vagrant (0.8.7)
+      archive-tar-minitar (= 0.5.2)
+      erubis (~> 2.7.0)
+      i18n (~> 0.6.0)
+      json (~> 1.5.1)
+      net-scp (~> 1.0.4)
+      net-ssh (~> 2.1.4)
+      thor (~> 0.14.6)
+      virtualbox (~> 0.9.1)
+    virtualbox (0.9.2)
+      ffi (~> 1.0.9)
+    yajl-ruby (1.1.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  chef (= 0.10.8)
+  json (= 1.5.2)
+  knife-github-cookbooks!
+  knife-solo (= 0.0.4)
+  vagrant (= 0.8.7)

data/README.md

@@ -0,0 +1,42 @@
+# Getting Started
+
+Download and install VirtualBox (as instructed in the Vagrant
+[Getting Started guide](http://vagrantup.com/docs/getting-started/index.html)). Then set up
+your bundle and grab the Ubuntu Lucid VM image.
+
+    gem install bundler
+    bundle install
+    vagrant box add lucid64 http://files.vagrantup.com/lucid64.box
+
+## Spin up a new VM
+
+    vagrant up
+
+## SSH into the VM
+
+    vagrant ssh
+
+## Destroy the VM
+
+    vagrant destroy
+
+## Re-run Chef recipes on the VM
+
+    vagrant provision
+
+## Stop/Start the VM
+
+    vagrant suspend
+    vagrant resume
+
+# Install additional cookbooks
+
+This script (and the knife extension it invokes) automatically creates a
+vendor branch for tracking upstream git sources, merges the cookbook into the
+cookbooks/ directory, and makes it easy to update these cookbook as needed in
+the future.
+
+To use this script, the cookbook must be in its own git repository, like those
+at https://github.com/cookbooks/.
+
+    ./script/install_cookbook cookbooks/mysql

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/Vagrantfile

@@ -0,0 +1,16 @@
+require 'json'
+Vagrant::Config.run do |config|
+  config.vm.box       = "lucid64"
+  config.vm.box_url   = "http://files.vagrantup.com/lucid64.box"
+  config.vm.host_name = "elzar.thinkrelevance.com"
+  config.vm.network     "172.25.5.5"
+  config.vm.provision :shell, :path => "upgrade-chef.sh"
+  config.vm.provision :chef_solo do |chef|
+    chef.cookbooks_path = ["site-cookbooks", "cookbooks"]
+    chef.roles_path = "roles"
+    chef.data_bags_path = "data_bags"
+    json = JSON.parse File.read('dna.json')
+    chef.run_list = json['run_list']
+    chef.json = json
+  end
+end

data/cookbooks/apt/README.md

@@ -0,0 +1,122 @@
+Description
+===========
+
+This cookbook includes recipes to execute apt-get update to ensure the local APT package cache is up to date or manage apt-cacher and cacher clients. It also includes a LWRP for managing APT repositories in /etc/apt/sources.list.d.
+
+Recipes
+=======
+
+default
+-------
+
+This recipe installs the `update-notifier-common` package to provide the timestamp file used to only run `apt-get update` if the cache is less than one day old.
+
+This recipe should appear first in the run list of Debian or Ubuntu nodes to ensure that the package cache is up to date before managing any `package` resources with Chef.
+
+This recipe also sets up a local cache directory for preseeding packages.
+
+cacher
+------
+
+Installs the apt-cacher package and service so the system can provide APT caching. You can check the usage report at http://{hostname}:3142/report. The cacher recipe includes the `cacher-client` recipe, so it helps seed itself.
+
+cacher-client
+-------------
+Configures the node to use the apt-cacher server as a client.
+
+Resources/Providers
+===================
+
+This LWRP provides an easy way to manage additional APT repositories. Adding a new repository will notify running the `execute[apt-get-update]` resource.
+
+# Actions
+
+- :add: creates a repository file and builds the repository listing
+- :remove: removes the repository file
+
+# Attribute Parameters
+
+- repo_name: name attribute. The name of the channel to discover
+- uri: the base of the Debian distribution
+- distribution: this is usually your release's codename...ie something like `karmic`, `lucid` or `maverick`
+- components: package groupings..when it doubt use `main`
+- deb_src: whether or not to add the repository as a source repo as well
+- key_server: the GPG keyserver where the key for the repo should be retrieved
+- key: if a `key_server` is provided, this is assumed to be the fingerprint, otherwise it is the URI to the GPG key for the repo
+
+# Examples
+
+    # add the Zenoss repo
+    apt_repository "zenoss" do
+      uri "http://dev.zenoss.org/deb"
+      components ["main","stable"]
+      action :add
+    end
+    
+    # add the Nginx PPA; grab key from keyserver
+    apt_repository "nginx-php" do
+      uri "http://ppa.launchpad.net/nginx/php5/ubuntu"
+      distribution node['lsb']['codename']
+      components ["main"]
+      keyserver "keyserver.ubuntu.com"
+      key "C300EE8C"
+      action :add
+    end
+    
+    # add the Cloudkick Repo
+    apt_repository "cloudkick" do
+      uri "http://packages.cloudkick.com/ubuntu"
+      distribution node['lsb']['codename']
+      components ["main"]
+      key "http://packages.cloudkick.com/cloudkick.packages.key"
+      action :add
+    end
+    
+    # remove Zenoss repo
+    apt_repository "zenoss" do
+      action :remove
+    end
+    
+Usage
+=====
+
+Put `recipe[apt]` first in the run list. If you have other recipes that you want to use to configure how apt behaves, like new sources, notify the execute resource to run, e.g.:
+
+    template "/etc/apt/sources.list.d/my_apt_sources.list" do
+      notifies :run, resources(:execute => "apt-get update"), :immediately
+    end
+
+The above will run during execution phase since it is a normal template resource, and should appear before other package resources that need the sources in the template.
+
+Put `recipe[apt::cacher]` in the run_list for a server to provide APT caching and add `recipe[apt::cacher-client]` on the rest of the Debian-based nodes to take advantage of the caching server.
+
+Changes
+=======
+
+## v1.2.0:
+
+* COOK-136: Limit apt-get update to one run per day unless notified.
+* COOK-471: ignore failure on apt-get update
+* COOK-533: add support for deb and `deb_src` repos with `apt_repository`
+
+License and Author
+==================
+
+Author:: Joshua Timberman (<joshua@opscode.com>)
+Author:: Matt Ray (<matt@opscode.com>)
+Author:: Seth Chisamore (<schisamo@opscode.com>)
+
+Copyright 2009-2011 Opscode, Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+

data/cookbooks/apt/files/default/apt-cacher

@@ -0,0 +1,9 @@
+# apt-cacher startup configuration file
+
+# IMPORTANT: check the apt-cacher.conf file before using apt-cacher as daemon.
+
+# set to 1 to start the daemon at boot time
+AUTOSTART=1
+
+# extra settings to override the ones in apt-cacher.conf
+# EXTRAOPT=" daemon_port=3142 limit=30 "

data/cookbooks/apt/files/default/apt-cacher.conf

@@ -0,0 +1,144 @@
+# This file has been modified by ./apt-proxy-to-apt-cacher
+# Some lines may have been appended at the bottom of this file
+# This file has been modified by /usr/share/apt-cacher/apt-proxy-to-apt-cacher
+# Some lines may have been appended at the bottom of this file
+#################################################################
+# This is the config file for apt-cacher. On most Debian systems
+# you can safely leave the defaults alone.
+#################################################################
+
+# cache_dir is used to set the location of the local cache. This can
+# become quite large, so make sure it is somewhere with plenty of space.
+cache_dir=/var/cache/apt-cacher
+
+# The email address of the administrator is displayed in the info page
+# and traffic reports.
+admin_email=root@localhost
+
+# For the daemon startup settings please edit the file /etc/default/apt-cacher.
+
+# Daemon port setting, only useful in stand-alone mode. You need to run the
+# daemon as root to use privileged ports (<1024).
+daemon_port = 3142
+
+# optional settings, user and group to run the daemon as. Make sure they have
+# sufficient permissions on the cache and log directories. Comment the settings
+# to run apt-cacher as the native user.
+group=www-data
+user=www-data
+
+# optional setting, binds the listening daemon to one specified IP. Use IP
+# ranges for more advanced configuration, see below.
+# daemon_addr=localhost
+
+# If your apt-cacher machine is directly exposed to the Internet and you are
+# worried about unauthorised machines fetching packages through it, you can
+# specify a list of IPv4 addresses which are allowed to use it and another
+# list of IPv4 addresses which aren't.
+# Localhost (127.0.0.1) is always allowed. Other addresses must be matched
+# by allowed_hosts and not by denied_hosts to be permitted to use the cache.
+# Setting allowed_hosts to "*" means "allow all".
+# Otherwise the format is a comma-separated list containing addresses,
+# optionally with masks (like 10.0.0.0/22), or ranges of addresses (two
+# addresses separated by a hyphen, no masks, like '192.168.0.3-192.168.0.56').
+allowed_hosts=*
+denied_hosts=
+
+# And similiarly for IPv6 with allowed_hosts_6 and denied_hosts_6.
+# Note that IPv4-mapped IPv6 addresses (::ffff:w.x.y.z) are truncated to
+# w.x.y.z and are handled as IPv4.
+allowed_hosts_6=fec0::/16
+denied_hosts_6=
+
+# This thing can be done by Apache but is much simplier here - limit access to
+# Debian mirrors based on server names in the URLs
+#allowed_locations=ftp.uni-kl.de,ftp.nerim.net,debian.tu-bs.de
+
+# Apt-cacher can generate usage reports every 24 hours if you set this
+# directive to 1. You can view the reports in a web browser by pointing
+# to your cache machine with '/apt-cacher/report' on the end, like this:
+#      http://yourcache.example.com/apt-cacher/report
+# Generating reports is very fast even with many thousands of logfile
+# lines, so you can safely turn this on without creating much 
+# additional system load.
+generate_reports=1
+
+# Apt-cacher can clean up its cache directory every 24 hours if you set
+# this directive to 1. Cleaning the cache can take some time to run
+# (generally in the order of a few minutes) and removes all package
+# files that are not mentioned in any existing 'Packages' lists. This
+# has the effect of deleting packages that have been superseded by an
+# updated 'Packages' list.
+clean_cache=1
+
+# The directory to use for apt-cacher access and error logs.
+# The access log records every request in the format:
+# date-time|client ip address|HIT/MISS/EXPIRED|object size|object name
+# The error log is slightly more free-form, and is also used for debug
+# messages if debug mode is turned on.
+# Note that the old 'logfile' and 'errorfile' directives are
+# deprecated: if you set them explicitly they will be honoured, but it's
+# better to just get rid of them from old config files.
+logdir=/var/log/apt-cacher
+
+# apt-cacher can use different methods to decide whether package lists need to
+# be updated,
+# A) looking at the age of the cached files
+# B) getting HTTP header from server and comparing that with cached data. This
+# method is more reliable and avoids desynchronisation of data and index files
+# but needs to transfer few bytes from the server every time somebody requests
+# the files ("apt-get update")
+# Set the following value to the maximum age (in hours) for method A or to 0
+# for method B
+expire_hours=0
+
+# Apt-cacher can pass all its requests to an external http proxy like
+# Squid, which could be very useful if you are using an ISP that blocks
+# port 80 and requires all web traffic to go through its proxy. The
+# format is 'hostname:port', eg: 'proxy.example.com:8080'.
+http_proxy=proxy.example.com:8080
+
+# Use of an external proxy can be turned on or off with this flag.
+# Value should be either 0 (off) or 1 (on).
+use_proxy=0
+
+# External http proxy sometimes need authentication to get full access. The
+# format is 'username:password'.
+http_proxy_auth=proxyuser:proxypass
+
+# Use of external proxy authentication can be turned on or off with this flag.
+# Value should be either 0 (off) or 1 (on).
+use_proxy_auth=0
+
+# Rate limiting sets the maximum bandwidth in bytes per second to use
+# for fetching packages. Syntax is fully defined in 'man wget'.
+# Use 'k' or 'm' to use kilobits or megabits / second: eg, 'limit=25k'.
+# Use 0 or a negative value for no rate limiting.
+limit=0
+
+# Debug mode makes apt-cacher spew a lot of extra debug junk to the
+# error log (whose location is defined with the 'logdir' directive).
+# Leave this off unless you need it, or your error log will get very
+# big. Acceptable values are 0 or 1.
+debug=0
+
+# Adapt the line in the usage info web page to match your server configuration
+# example_sources_line=deb&nbsp;http://<b>my.cacher.server:3142/</b>ftp.au.debian.org/debian&nbsp;unstable&nbsp;main&nbsp;contrib&nbsp;non-free
+
+# Print a 410 (Gone) HTTP message with the specified text when accessed via
+# CGI. Useful to tell users to adapt their sources.list files when the
+# apt-cacher server is beeing relocated (via apt-get's error messages while
+# running "update")
+#cgi_advise_to_use = Please use http://cacheserver:3142/ as apt-cacher access URL
+#cgi_advise_to_use = Server relocated. To change sources.list, run perl -pe "s,/apt-cacher\??,:3142," -i /etc/apt/sources.list
+
+# Server mapping - this allows to hide real server names behind virtual paths
+# that appear in the access URL. This method is known from apt-proxy. This is
+# also the only method to use FTP access to the target hosts. The syntax is simple, the part of the beginning to replace, followed by a list of mirror urls, all space separated. Multiple profile are separated by semicolons
+# path_map = debian ftp.uni-kl.de/pub/linux/debian ftp2.de.debian.org/debian ; ubuntu archive.ubuntu.com/ubuntu ; security security.debian.org/debian-security ftp2.de.debian.org/debian-security
+# Note that you need to specify all target servers in the allowed_locations
+# options if you make use of it. Also note that the paths should not overlap
+# each other. FTP access method not supported yet, maybe in the future.
+
+# extra setting from apt-proxy configuration
+path_map =  ubuntu us.archive.ubuntu.com/ubuntu ; ubuntu-security security.ubuntu.com/ubuntu ; debian debian.osuosl.org/debian/ ; security security.debian.org/debian-security