infrataster-plugin-ldap 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (70) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +22 -0
  3. data/.rspec +2 -0
  4. data/Gemfile +3 -0
  5. data/LICENSE.txt +22 -0
  6. data/README.md +51 -0
  7. data/Rakefile +36 -0
  8. data/infrataster-plugin-ldap.gemspec +23 -0
  9. data/lib/infrataster-plugin-ldap.rb +4 -0
  10. data/lib/infrataster/contexts/ldap_context.rb +63 -0
  11. data/lib/infrataster/helpers/ldap_resource_helper.rb +12 -0
  12. data/lib/infrataster/resources/ldap_resource.rb +19 -0
  13. data/spec/.vagrant/machines/default/virtualbox/action_provision +1 -0
  14. data/spec/.vagrant/machines/default/virtualbox/action_set_name +1 -0
  15. data/spec/.vagrant/machines/default/virtualbox/id +1 -0
  16. data/spec/.vagrant/machines/default/virtualbox/index_uuid +1 -0
  17. data/spec/.vagrant/machines/default/virtualbox/synced_folders +1 -0
  18. data/spec/Vagrantfile +20 -0
  19. data/spec/cookbooks/apt/CHANGELOG.md +208 -0
  20. data/spec/cookbooks/apt/README.md +252 -0
  21. data/spec/cookbooks/apt/attributes/default.rb +46 -0
  22. data/spec/cookbooks/apt/files/default/apt-proxy-v2.conf +50 -0
  23. data/spec/cookbooks/apt/libraries/helpers.rb +49 -0
  24. data/spec/cookbooks/apt/libraries/matchers.rb +17 -0
  25. data/spec/cookbooks/apt/libraries/network.rb +31 -0
  26. data/spec/cookbooks/apt/metadata.json +54 -0
  27. data/spec/cookbooks/apt/metadata.rb +34 -0
  28. data/spec/cookbooks/apt/providers/preference.rb +63 -0
  29. data/spec/cookbooks/apt/providers/repository.rb +203 -0
  30. data/spec/cookbooks/apt/recipes/cacher-client.rb +81 -0
  31. data/spec/cookbooks/apt/recipes/cacher-ng.rb +43 -0
  32. data/spec/cookbooks/apt/recipes/default.rb +98 -0
  33. data/spec/cookbooks/apt/recipes/unattended-upgrades.rb +43 -0
  34. data/spec/cookbooks/apt/resources/preference.rb +32 -0
  35. data/spec/cookbooks/apt/resources/repository.rb +43 -0
  36. data/spec/cookbooks/apt/templates/debian-6.0/acng.conf.erb +173 -0
  37. data/spec/cookbooks/apt/templates/default/01proxy.erb +5 -0
  38. data/spec/cookbooks/apt/templates/default/20auto-upgrades.erb +2 -0
  39. data/spec/cookbooks/apt/templates/default/50unattended-upgrades.erb +62 -0
  40. data/spec/cookbooks/apt/templates/default/acng.conf.erb +275 -0
  41. data/spec/cookbooks/apt/templates/default/unattended-upgrades.seed.erb +1 -0
  42. data/spec/cookbooks/apt/templates/ubuntu-10.04/acng.conf.erb +269 -0
  43. data/spec/cookbooks/openldap/CHANGELOG.md +68 -0
  44. data/spec/cookbooks/openldap/README.md +185 -0
  45. data/spec/cookbooks/openldap/attributes/default.rb +76 -0
  46. data/spec/cookbooks/openldap/files/default/common-account +7 -0
  47. data/spec/cookbooks/openldap/files/default/common-auth +9 -0
  48. data/spec/cookbooks/openldap/files/default/common-password +7 -0
  49. data/spec/cookbooks/openldap/files/default/common-session +9 -0
  50. data/spec/cookbooks/openldap/files/default/nsswitch.conf +21 -0
  51. data/spec/cookbooks/openldap/files/default/slapd.seed +21 -0
  52. data/spec/cookbooks/openldap/files/default/test/auth_test.rb +7 -0
  53. data/spec/cookbooks/openldap/files/default/test/server_test.rb +24 -0
  54. data/spec/cookbooks/openldap/metadata.json +124 -0
  55. data/spec/cookbooks/openldap/metadata.rb +102 -0
  56. data/spec/cookbooks/openldap/recipes/auth.rb +71 -0
  57. data/spec/cookbooks/openldap/recipes/client.rb +28 -0
  58. data/spec/cookbooks/openldap/recipes/default.rb +18 -0
  59. data/spec/cookbooks/openldap/recipes/master.rb +23 -0
  60. data/spec/cookbooks/openldap/recipes/server.rb +124 -0
  61. data/spec/cookbooks/openldap/recipes/slave.rb +32 -0
  62. data/spec/cookbooks/openldap/templates/default/default_slapd.erb +47 -0
  63. data/spec/cookbooks/openldap/templates/default/ldap-ldap.conf.erb +16 -0
  64. data/spec/cookbooks/openldap/templates/default/ldap.conf.erb +31 -0
  65. data/spec/cookbooks/openldap/templates/default/libnss-ldap.conf.erb +28 -0
  66. data/spec/cookbooks/openldap/templates/default/login_access.conf.erb +16 -0
  67. data/spec/cookbooks/openldap/templates/default/slapd.conf.erb +132 -0
  68. data/spec/ldap_spec.rb +10 -0
  69. data/spec/spec_helper.rb +17 -0
  70. metadata +253 -0
@@ -0,0 +1,54 @@
1
+ {
2
+ "name": "apt",
3
+ "version": "2.6.0",
4
+ "description": "Configures apt and apt services and LWRPs for managing apt repositories and preferences",
5
+ "long_description": "apt Cookbook\n============\n[![Cookbook Version](http://img.shields.io/cookbook/v/apt.svg)][cookbook]\n[![Build Status](http://img.shields.io/travis/opscode-cookbooks/apt.svg)][travis]\n\n[cookbook]: https://community.opscode.com/cookbooks/apt\n[travis]: http://travis-ci.org/opscode-cookbooks/apt\n\nThis cookbook includes recipes to execute apt-get update to ensure the local APT package cache is up to date. There are recipes for managing the apt-cacher-ng caching proxy and proxy clients. It also includes a LWRP for managing APT repositories in /etc/apt/sources.list.d as well as an LWRP for pinning packages via /etc/apt/preferences.d.\n\n\nRequirements\n------------\n**Version 2.0.0+ of this cookbook requires Chef 11.0.0 or later**. If your Chef version is earlier than 11.0.0, use version 1.10.0 of this cookbook.\n\nVersion 1.8.2 to 1.10.0 of this cookbook requires **Chef 10.16.4** or later.\n\nIf your Chef version is earlier than 10.16.4, use version 1.7.0 of this cookbook.\n\n### Platform\nPlease refer to the [TESTING file](TESTING.md) to see the currently (and passing) tested platforms. The release was tested on:\n\n* Ubuntu 10.04\n* Ubuntu 12.04\n* Ubuntu 13.04\n* Debian 7.1\n* Debian 6.0 (have with manual testing)\n\nMay work with or without modification on other Debian derivatives.\n\n\n-------\n### default\nThis recipe installs the `update-notifier-common` package to provide the timestamp file used to only run `apt-get update` if the cache is more than one day old.\n\nThis recipe should appear first in the run list of Debian or Ubuntu nodes to ensure that the package cache is up to date before managing any `package` resources with Chef.\n\nThis recipe also sets up a local cache directory for preseeding packages.\n\n**Including the default recipe on a node that does not support apt (such as Windows) results in a noop.**\n\n### cacher-client\nConfigures the node to use the `apt-cacher-ng` server as a client.\n\n#### Bypassing the cache\nOccasionally you may come across repositories that do not play nicely when the node is using an `apt-cacher-ng` server. You can configure `cacher-client` to bypass the server and connect directly to the repository with the `cache_bypass` attribute.\n\nTo do this, you need to override the `cache_bypass` attribute with an array of repositories, with each array key as the repository URL and value as the protocol to use:\n\n```json\n{\n ...,\n 'apt': {\n ...,\n 'cache_bypass': {\n URL: PROTOCOL\n }\n }\n}\n```\n\nFor example, to prevent caching and directly connect to the repository at `download.oracle.com` via http:\n\n```json\n{\n 'apt': {\n 'cache_bypass': {\n 'download.oracle.com': 'http'\n }\n }\n}\n```\n\n### cacher-ng\nInstalls the `apt-cacher-ng` package and service so the system can provide APT caching. You can check the usage report at http://{hostname}:3142/acng-report.html.\n\nIf you wish to help the `cacher-ng` recipe seed itself, you must now explicitly include the `cacher-client` recipe in your run list **after** `cacher-ng` or you will block your ability to install any packages (ie. `apt-cacher-ng`).\n\n\nAttributes\n----------\n* `['apt']['cacher_ipaddress']` - use a cacher server (or standard proxy server) not available via search\n* `['apt']['cacher_interface]` - interface to connect to the cacher-ng service, no default.\n* `['apt']['cacher_port']` - port for the cacher-ng service (either client or server), default is '3142'\n* `['apt']['cacher_dir']` - directory used by cacher-ng service, default is '/var/cache/apt-cacher-ng'\n* `['apt']['cacher-client']['restrict_environment']` - restrict your node to using the `apt-cacher-ng` server in your Environment, default is 'false'\n* `['apt']['compiletime']` - force the `cacher-client` recipe to run before other recipes. It forces apt to use the proxy before other recipes run. Useful if your nodes have limited access to public apt repositories. This is overridden if the `cacher-ng` recipe is in your run list. Default is 'false'\n* `['apt']['compile_time_update']` - force the default recipe to run `apt-get update` at compile time.\n* `['apt']['cache_bypass']` - array of URLs to bypass the cache. Accepts the URL and protocol to fetch directly from the remote repository and not attempt to cache\n* `['apt']['periodic_update_min_delay']` - minimum delay (in seconds) beetween two actual executions of `apt-get update` by the `execute[apt-get-update-periodic]` resource, default is '86400' (24 hours)\n\nLibraries\n---------\nThere is an `interface_ipaddress` method that returns the IP address for a particular host and interface, used by the `cacher-client` recipe. To enable it on the server use the `['apt']['cacher_interface']` attribute.\n\nResources/Providers\n-------------------\n### `apt_repository`\nThis LWRP provides an easy way to manage additional APT repositories. Adding a new repository will notify running the `execute[apt-get-update]` resource immediately.\n\n#### Actions\n- :add: creates a repository file and builds the repository listing (default)\n- :remove: removes the repository file\n\n#### Attribute Parameters\n- repo_name: name attribute. The name of the channel to discover\n- uri: the base of the Debian distribution\n- distribution: this is usually your release's codename...ie something like `karmic`, `lucid` or `maverick`\n- components: package groupings... when in doubt use `main`\n- arch: constrain package to a particular arch like `i386`, `amd64` or even `armhf` or `powerpc`. Defaults to nil.\n- trusted: treat all packages from this repository as authenticated regardless of signature\n- deb_src: whether or not to add the repository as a source repo as well - value can be `true` or `false`, default `false`.\n- keyserver: the GPG keyserver where the key for the repo should be retrieved\n- key: if a `keyserver` is provided, this is assumed to be the fingerprint, otherwise it can be either the URI to the GPG key for the repo, or a cookbook_file.\n- key_proxy: if set, pass the specified proxy via `http-proxy=` to GPG.\n- cookbook: if key should be a cookbook_file, specify a cookbook where the key is located for files/default. Defaults to nil, so it will use the cookbook where the resource is used.\n\n#### Examples\n\nAdd the Zenoss repo:\n\n```ruby\napt_repository 'zenoss' do\n uri 'http://dev.zenoss.org/deb'\n components ['main', 'stable']\nend\n```\n\nAdd the Nginx PPA, autodetect the key and repository url:\n\n```ruby\napt_repository 'nginx-php' do\n uri 'ppa:nginx/stable'\n distribution node['lsb']['codename']\nend\n```\n\nAdd the Nginx PPA, grab the key from the keyserver, and add source repo:\n\n```ruby\napt_repository 'nginx-php' do\n uri 'http://ppa.launchpad.net/nginx/php5/ubuntu'\n distribution node['lsb']['codename']\n components ['main']\n keyserver 'keyserver.ubuntu.com'\n key 'C300EE8C'\n deb_src true\nend\n```\n\nAdd the Cloudera Repo of CDH4 packages for Ubuntu 12.04 on AMD64:\n\n```ruby\napt_repository 'cloudera' do\n uri 'http://archive.cloudera.com/cdh4/ubuntu/precise/amd64/cdh'\n arch 'amd64'\n distribution 'precise-cdh4'\n components ['contrib']\n key 'http://archive.cloudera.com/debian/archive.key'\nend\n```\n\nRemove Zenoss repo:\n\n```ruby\napt_repository 'zenoss' do\n action :remove\nend\n```\n\n### `apt_preference`\nThis LWRP provides an easy way to pin packages in /etc/apt/preferences.d. Although apt-pinning is quite helpful from time to time please note that Debian does not encourage its use without thorough consideration.\n\nFurther information regarding apt-pinning is available via http://wiki.debian.org/AptPreferences.\n\n#### Actions\n- :add: creates a preferences file under /etc/apt/preferences.d\n- :remove: Removes the file, therefore unpin the package\n\n#### Attribute Parameters\n- package_name: name attribute. The name of the package\n- glob: Pin by glob() expression or regexp surrounded by /.\n- pin: The package version/repository to pin\n- pin_priority: The pinning priority aka \"the highest package version wins\"\n\n#### Examples\nPin libmysqlclient16 to version 5.1.49-3:\n\n```ruby\napt_preference 'libmysqlclient16' do\n pin 'version 5.1.49-3'\n pin_priority '700'\nend\n```\n\nUnpin libmysqlclient16:\n\n```ruby\napt_preference 'libmysqlclient16' do\n action :remove\nend\n```\n\nPin all packages from dotdeb.org:\n\n```ruby\napt_preference 'dotdeb' do\n glob '*'\n pin 'origin packages.dotdeb.org'\n pin_priority '700'\nend\n```\n\n\nUsage\n-----\nPut `recipe[apt]` first in the run list. If you have other recipes that you want to use to configure how apt behaves, like new sources, notify the execute resource to run, e.g.:\n\n```ruby\ntemplate '/etc/apt/sources.list.d/my_apt_sources.list' do\n notifies :run, 'execute[apt-get update]', :immediately\nend\n```\n\nThe above will run during execution phase since it is a normal template resource, and should appear before other package resources that need the sources in the template.\n\nPut `recipe[apt::cacher-ng]` in the run_list for a server to provide APT caching and add `recipe[apt::cacher-client]` on the rest of the Debian-based nodes to take advantage of the caching server.\n\nIf you want to cleanup unused packages, there is also the `apt-get autoclean` and `apt-get autoremove` resources provided for automated cleanup.\n\n\nLicense & Authors\n-----------------\n- Author:: Joshua Timberman (joshua@opscode.com)\n- Author:: Matt Ray (matt@opscode.com)\n- Author:: Seth Chisamore (schisamo@opscode.com)\n\n```text\nCopyright 2009-2013, Opscode, Inc.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n",
6
+ "maintainer": "Chef Software, Inc.",
7
+ "maintainer_email": "cookbooks@opscode.com",
8
+ "license": "Apache 2.0",
9
+ "platforms": {
10
+ "ubuntu": ">= 0.0.0",
11
+ "debian": ">= 0.0.0"
12
+ },
13
+ "dependencies": {
14
+ },
15
+ "recommendations": {
16
+ },
17
+ "suggestions": {
18
+ },
19
+ "conflicting": {
20
+ },
21
+ "providing": {
22
+ },
23
+ "replacing": {
24
+ },
25
+ "attributes": {
26
+ "apt/cacher-client/restrict_environment": {
27
+ "description": "Whether to restrict the search for the caching server to the same environment as this node",
28
+ "default": "false"
29
+ },
30
+ "apt/cacher_port": {
31
+ "description": "Default listen port for the caching server",
32
+ "default": "3142"
33
+ },
34
+ "apt/cacher_interface": {
35
+ "description": "Default listen interface for the caching server",
36
+ "default": null
37
+ },
38
+ "apt/key_proxy": {
39
+ "description": "Passed as the proxy passed to GPG for the apt_repository resource",
40
+ "default": ""
41
+ },
42
+ "apt/caching_server": {
43
+ "description": "Set this to true if the node is a caching server",
44
+ "default": "false"
45
+ }
46
+ },
47
+ "groupings": {
48
+ },
49
+ "recipes": {
50
+ "apt": "Runs apt-get update during compile phase and sets up preseed directories",
51
+ "apt::cacher-ng": "Set up an apt-cacher-ng caching proxy",
52
+ "apt::cacher-client": "Client for the apt::cacher-ng caching proxy"
53
+ }
54
+ }
@@ -0,0 +1,34 @@
1
+ name 'apt'
2
+ maintainer 'Chef Software, Inc.'
3
+ maintainer_email 'cookbooks@opscode.com'
4
+ license 'Apache 2.0'
5
+ description 'Configures apt and apt services and LWRPs for managing apt repositories and preferences'
6
+ long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
7
+ version '2.6.0'
8
+ recipe 'apt', 'Runs apt-get update during compile phase and sets up preseed directories'
9
+ recipe 'apt::cacher-ng', 'Set up an apt-cacher-ng caching proxy'
10
+ recipe 'apt::cacher-client', 'Client for the apt::cacher-ng caching proxy'
11
+
12
+ %w{ ubuntu debian }.each do |os|
13
+ supports os
14
+ end
15
+
16
+ attribute 'apt/cacher-client/restrict_environment',
17
+ :description => 'Whether to restrict the search for the caching server to the same environment as this node',
18
+ :default => 'false'
19
+
20
+ attribute 'apt/cacher_port',
21
+ :description => 'Default listen port for the caching server',
22
+ :default => '3142'
23
+
24
+ attribute 'apt/cacher_interface',
25
+ :description => 'Default listen interface for the caching server',
26
+ :default => nil
27
+
28
+ attribute 'apt/key_proxy',
29
+ :description => 'Passed as the proxy passed to GPG for the apt_repository resource',
30
+ :default => ''
31
+
32
+ attribute 'apt/caching_server',
33
+ :description => 'Set this to true if the node is a caching server',
34
+ :default => 'false'
@@ -0,0 +1,63 @@
1
+ #
2
+ # Cookbook Name:: apt
3
+ # Provider:: preference
4
+ #
5
+ # Copyright 2010-2011, Opscode, Inc.
6
+ #
7
+ # Licensed under the Apache License, Version 2.0 (the "License");
8
+ # you may not use this file except in compliance with the License.
9
+ # You may obtain a copy of the License at
10
+ #
11
+ # http://www.apache.org/licenses/LICENSE-2.0
12
+ #
13
+ # Unless required by applicable law or agreed to in writing, software
14
+ # distributed under the License is distributed on an "AS IS" BASIS,
15
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16
+ # See the License for the specific language governing permissions and
17
+ # limitations under the License.
18
+ #
19
+
20
+ # Build preferences.d file contents
21
+ def build_pref(package_name, pin, pin_priority)
22
+ "Package: #{package_name}\nPin: #{pin}\nPin-Priority: #{pin_priority}\n"
23
+ end
24
+
25
+ action :add do
26
+ new_resource.updated_by_last_action(false)
27
+
28
+ preference = build_pref(
29
+ new_resource.glob || new_resource.package_name,
30
+ new_resource.pin,
31
+ new_resource.pin_priority
32
+ )
33
+
34
+ preference_dir = directory '/etc/apt/preferences.d' do
35
+ owner 'root'
36
+ group 'root'
37
+ mode 00755
38
+ recursive true
39
+ action :nothing
40
+ end
41
+
42
+ preference_file = file "/etc/apt/preferences.d/#{new_resource.name}" do
43
+ owner 'root'
44
+ group 'root'
45
+ mode 00644
46
+ content preference
47
+ action :nothing
48
+ end
49
+
50
+ preference_dir.run_action(:create)
51
+ # write out the preference file, replace it if it already exists
52
+ preference_file.run_action(:create)
53
+ end
54
+
55
+ action :remove do
56
+ if ::File.exists?("/etc/apt/preferences.d/#{new_resource.name}")
57
+ Chef::Log.info "Un-pinning #{new_resource.name} from /etc/apt/preferences.d/"
58
+ file "/etc/apt/preferences.d/#{new_resource.name}" do
59
+ action :delete
60
+ end
61
+ new_resource.updated_by_last_action(true)
62
+ end
63
+ end
@@ -0,0 +1,203 @@
1
+ #
2
+ # Cookbook Name:: apt
3
+ # Provider:: repository
4
+ #
5
+ # Copyright 2010-2011, Opscode, Inc.
6
+ #
7
+ # Licensed under the Apache License, Version 2.0 (the "License");
8
+ # you may not use this file except in compliance with the License.
9
+ # You may obtain a copy of the License at
10
+ #
11
+ # http://www.apache.org/licenses/LICENSE-2.0
12
+ #
13
+ # Unless required by applicable law or agreed to in writing, software
14
+ # distributed under the License is distributed on an "AS IS" BASIS,
15
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16
+ # See the License for the specific language governing permissions and
17
+ # limitations under the License.
18
+ #
19
+
20
+ use_inline_resources if defined?(use_inline_resources)
21
+
22
+ def whyrun_supported?
23
+ true
24
+ end
25
+
26
+ # install apt key from keyserver
27
+ def install_key_from_keyserver(key, keyserver)
28
+ execute "install-key #{key}" do
29
+ if !node['apt']['key_proxy'].empty?
30
+ command "apt-key adv --keyserver-options http-proxy=#{node['apt']['key_proxy']} --keyserver hkp://#{keyserver}:80 --recv #{key}"
31
+ else
32
+ command "apt-key adv --keyserver #{keyserver} --recv #{key}"
33
+ end
34
+ action :run
35
+ not_if do
36
+ extract_fingerprints_from_cmd('apt-key finger').any? do |fingerprint|
37
+ fingerprint.end_with?(key.upcase)
38
+ end
39
+ end
40
+ end
41
+ end
42
+
43
+ # run command and extract gpg ids
44
+ def extract_fingerprints_from_cmd(cmd)
45
+ so = Mixlib::ShellOut.new(cmd)
46
+ so.run_command
47
+ so.stdout.split(/\n/).map do |t|
48
+ if z = t.match(/^ +Key fingerprint = ([0-9A-F ]+)/)
49
+ z[1].split.join
50
+ end
51
+ end.compact
52
+ end
53
+
54
+ # install apt key from URI
55
+ def install_key_from_uri(uri)
56
+ key_name = uri.split(/\//).last
57
+ cached_keyfile = "#{Chef::Config[:file_cache_path]}/#{key_name}"
58
+ if new_resource.key =~ /http/
59
+ remote_file cached_keyfile do
60
+ source new_resource.key
61
+ mode 00644
62
+ action :create
63
+ end
64
+ else
65
+ cookbook_file cached_keyfile do
66
+ source new_resource.key
67
+ cookbook new_resource.cookbook
68
+ mode 00644
69
+ action :create
70
+ end
71
+ end
72
+
73
+ execute "install-key #{key_name}" do
74
+ command "apt-key add #{cached_keyfile}"
75
+ action :run
76
+ not_if do
77
+ installed_keys = extract_fingerprints_from_cmd('apt-key finger')
78
+ proposed_keys = extract_fingerprints_from_cmd("gpg --with-fingerprint #{cached_keyfile}")
79
+ (installed_keys & proposed_keys).sort == proposed_keys.sort
80
+ end
81
+ end
82
+ end
83
+
84
+ # build repo file contents
85
+ def build_repo(uri, distribution, components, trusted, arch, add_deb_src)
86
+ components = components.join(' ') if components.respond_to?(:join)
87
+ repo_options = []
88
+ repo_options << "arch=#{arch}" if arch
89
+ repo_options << 'trusted=yes' if trusted
90
+ repo_options = '[' + repo_options.join(' ') + ']' unless repo_options.empty?
91
+ repo_info = "#{uri} #{distribution} #{components}\n"
92
+ repo_info = "#{repo_options} #{repo_info}" unless repo_options.empty?
93
+ repo = "deb #{repo_info}"
94
+ repo << "deb-src #{repo_info}" if add_deb_src
95
+ repo
96
+ end
97
+
98
+ def get_ppa_key(ppa_owner, ppa_repo)
99
+ # Launchpad has currently only one stable API which is marked as EOL April 2015.
100
+ # The new api in devel still uses the same api call for +archive, so I made the version
101
+ # configurable to provide some sort of workaround if api 1.0 ceases to exist.
102
+ # See https://launchpad.net/+apidoc/
103
+ launchpad_ppa_api = "https://launchpad.net/api/#{node['apt']['launchpad_api_version']}/~%s/+archive/%s"
104
+ default_keyserver = 'keyserver.ubuntu.com'
105
+
106
+ require 'open-uri'
107
+ api_query = sprintf("#{launchpad_ppa_api}/signing_key_fingerprint", ppa_owner, ppa_repo)
108
+ begin
109
+ key_id = open(api_query).read.delete('"')
110
+ rescue OpenURI::HTTPError => e
111
+ error = 'Could not access launchpad ppa key api: HttpError: ' + e.message
112
+ raise error
113
+ rescue SocketError => e
114
+ error = 'Could not access launchpad ppa key api: SocketError: ' + e.message
115
+ raise error
116
+ end
117
+
118
+ install_key_from_keyserver(key_id, default_keyserver)
119
+ end
120
+
121
+ # fetch ppa key, return full repo url
122
+ def get_ppa_url(ppa)
123
+ repo_schema = 'http://ppa.launchpad.net/%s/%s/ubuntu'
124
+
125
+ # ppa:user/repo logic ported from
126
+ # http://bazaar.launchpad.net/~ubuntu-core-dev/software-properties/main/view/head:/softwareproperties/ppa.py#L86
127
+ return false unless ppa.start_with?('ppa:')
128
+
129
+ ppa_name = ppa.split(':')[1]
130
+ ppa_owner = ppa_name.split('/')[0]
131
+ ppa_repo = ppa_name.split('/')[1]
132
+ ppa_repo = 'ppa' if ppa_repo.nil?
133
+
134
+ get_ppa_key(ppa_owner, ppa_repo)
135
+
136
+ sprintf(repo_schema, ppa_owner, ppa_repo)
137
+ end
138
+
139
+ action :add do
140
+ # add key
141
+ if new_resource.keyserver && new_resource.key
142
+ install_key_from_keyserver(new_resource.key, new_resource.keyserver)
143
+ elsif new_resource.key
144
+ install_key_from_uri(new_resource.key)
145
+ end
146
+
147
+ file '/var/lib/apt/periodic/update-success-stamp' do
148
+ action :nothing
149
+ end
150
+
151
+ execute 'apt-cache gencaches' do
152
+ ignore_failure true
153
+ action :nothing
154
+ end
155
+
156
+ execute 'apt-get update' do
157
+ command "apt-get update -o Dir::Etc::sourcelist='sources.list.d/#{new_resource.name}.list' -o Dir::Etc::sourceparts='-' -o APT::Get::List-Cleanup='0'"
158
+ ignore_failure true
159
+ action :nothing
160
+ notifies :run, 'execute[apt-cache gencaches]', :immediately
161
+ end
162
+
163
+ if new_resource.uri.start_with?('ppa:')
164
+ # build ppa repo file
165
+ repository = build_repo(
166
+ get_ppa_url(new_resource.uri),
167
+ new_resource.distribution,
168
+ 'main',
169
+ new_resource.trusted,
170
+ new_resource.arch,
171
+ new_resource.deb_src
172
+ )
173
+ else
174
+ # build repo file
175
+ repository = build_repo(
176
+ new_resource.uri,
177
+ new_resource.distribution,
178
+ new_resource.components,
179
+ new_resource.trusted,
180
+ new_resource.arch,
181
+ new_resource.deb_src
182
+ )
183
+ end
184
+
185
+ file "/etc/apt/sources.list.d/#{new_resource.name}.list" do
186
+ owner 'root'
187
+ group 'root'
188
+ mode 00644
189
+ content repository
190
+ action :create
191
+ notifies :delete, 'file[/var/lib/apt/periodic/update-success-stamp]', :immediately
192
+ notifies :run, 'execute[apt-get update]', :immediately if new_resource.cache_rebuild
193
+ end
194
+ end
195
+
196
+ action :remove do
197
+ if ::File.exists?("/etc/apt/sources.list.d/#{new_resource.name}.list")
198
+ Chef::Log.info "Removing #{new_resource.name} repository from /etc/apt/sources.list.d/"
199
+ file "/etc/apt/sources.list.d/#{new_resource.name}.list" do
200
+ action :delete
201
+ end
202
+ end
203
+ end
@@ -0,0 +1,81 @@
1
+ #
2
+ # Cookbook Name:: apt
3
+ # Recipe:: cacher-client
4
+ #
5
+ # Copyright 2011-2013 Opscode, Inc.
6
+ #
7
+ # Licensed under the Apache License, Version 2.0 (the "License");
8
+ # you may not use this file except in compliance with the License.
9
+ # You may obtain a copy of the License at
10
+ #
11
+ # http://www.apache.org/licenses/LICENSE-2.0
12
+ #
13
+ # Unless required by applicable law or agreed to in writing, software
14
+ # distributed under the License is distributed on an "AS IS" BASIS,
15
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16
+ # See the License for the specific language governing permissions and
17
+ # limitations under the License.
18
+ #
19
+
20
+ class ::Chef::Recipe
21
+ include ::Apt
22
+ end
23
+
24
+ # remove Acquire::http::Proxy lines from /etc/apt/apt.conf since we use 01proxy
25
+ # these are leftover from preseed installs
26
+ execute 'Remove proxy from /etc/apt/apt.conf' do
27
+ command "sed --in-place '/^Acquire::http::Proxy/d' /etc/apt/apt.conf"
28
+ only_if 'grep Acquire::http::Proxy /etc/apt/apt.conf'
29
+ end
30
+
31
+ servers = []
32
+ if node['apt']
33
+ if node['apt']['cacher_ipaddress']
34
+ cacher = Chef::Node.new
35
+ cacher.default.name = node['apt']['cacher_ipaddress']
36
+ cacher.default.ipaddress = node['apt']['cacher_ipaddress']
37
+ cacher.default.apt.cacher_port = node['apt']['cacher_port']
38
+ cacher.default.apt_cacher_interface = node['apt']['cacher_interface']
39
+ servers << cacher
40
+ elsif node['apt']['caching_server']
41
+ node.override['apt']['compiletime'] = false
42
+ servers << node
43
+ end
44
+ end
45
+
46
+ unless Chef::Config[:solo] || servers.length > 0
47
+ query = 'apt_caching_server:true'
48
+ query += " AND chef_environment:#{node.chef_environment}" if node['apt']['cacher-client']['restrict_environment']
49
+ Chef::Log.debug("apt::cacher-client searching for '#{query}'")
50
+ servers += search(:node, query)
51
+ end
52
+
53
+ if servers.length > 0
54
+ Chef::Log.info("apt-cacher-ng server found on #{servers[0]}.")
55
+ if servers[0]['apt']['cacher_interface']
56
+ cacher_ipaddress = interface_ipaddress(servers[0], servers[0]['apt']['cacher_interface'])
57
+ else
58
+ cacher_ipaddress = servers[0].ipaddress
59
+ end
60
+ t = template '/etc/apt/apt.conf.d/01proxy' do
61
+ source '01proxy.erb'
62
+ owner 'root'
63
+ group 'root'
64
+ mode 00644
65
+ variables(
66
+ :proxy => cacher_ipaddress,
67
+ :port => servers[0]['apt']['cacher_port'],
68
+ :bypass => node['apt']['cache_bypass']
69
+ )
70
+ action(node['apt']['compiletime'] ? :nothing : :create)
71
+ notifies :run, 'execute[apt-get update]', :immediately
72
+ end
73
+ t.run_action(:create) if node['apt']['compiletime']
74
+ else
75
+ Chef::Log.info('No apt-cacher-ng server found.')
76
+ file '/etc/apt/apt.conf.d/01proxy' do
77
+ action :delete
78
+ end
79
+ end
80
+
81
+ include_recipe 'apt::default'
@@ -0,0 +1,43 @@
1
+ #
2
+ # Cookbook Name:: apt
3
+ # Recipe:: cacher-ng
4
+ #
5
+ # Copyright 2008-2013, Opscode, Inc.
6
+ #
7
+ # Licensed under the Apache License, Version 2.0 (the 'License');
8
+ # you may not use this file except in compliance with the License.
9
+ # You may obtain a copy of the License at
10
+ #
11
+ # http://www.apache.org/licenses/LICENSE-2.0
12
+ #
13
+ # Unless required by applicable law or agreed to in writing, software
14
+ # distributed under the License is distributed on an 'AS IS' BASIS,
15
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16
+ # See the License for the specific language governing permissions and
17
+ # limitations under the License.
18
+ #
19
+
20
+ node.set['apt']['caching_server'] = true
21
+
22
+ package 'apt-cacher-ng' do
23
+ action :install
24
+ end
25
+
26
+ directory node['apt']['cacher_dir'] do
27
+ owner 'apt-cacher-ng'
28
+ group 'apt-cacher-ng'
29
+ mode 0755
30
+ end
31
+
32
+ template '/etc/apt-cacher-ng/acng.conf' do
33
+ source 'acng.conf.erb'
34
+ owner 'root'
35
+ group 'root'
36
+ mode 00644
37
+ notifies :restart, 'service[apt-cacher-ng]', :immediately
38
+ end
39
+
40
+ service 'apt-cacher-ng' do
41
+ supports :restart => true, :status => false
42
+ action [:enable, :start]
43
+ end