ruby-ldap 0.9.11 → 0.9.12

data/test/cookbooks/nginx/attributes/default.rb

@@ -0,0 +1,35 @@
+default[:nginx][:version]      = "0.8.54"
+
+case platform
+when "debian","ubuntu"
+  set[:nginx][:dir]     = "/etc/nginx"
+  set[:nginx][:log_dir] = "/var/log/nginx"
+  set[:nginx][:user]    = "www-data"
+  set[:nginx][:binary]  = "/usr/sbin/nginx"
+else
+  set[:nginx][:dir]     = "/etc/nginx"
+  set[:nginx][:log_dir] = "/var/log/nginx"
+  set[:nginx][:user]    = "www-data"
+  set[:nginx][:binary]  = "/usr/sbin/nginx"
+end
+
+default[:nginx][:gzip] = "on"
+default[:nginx][:gzip_http_version] = "1.0"
+default[:nginx][:gzip_comp_level] = "2"
+default[:nginx][:gzip_proxied] = "any"
+default[:nginx][:gzip_types] = [
+  "text/plain",
+  "text/html",
+  "text/css",
+  "application/x-javascript",
+  "text/xml",
+  "application/xml",
+  "application/xml+rss",
+  "text/javascript"
+]
+
+default[:nginx][:keepalive]          = "on"
+default[:nginx][:keepalive_timeout]  = 65
+default[:nginx][:worker_processes]   = cpu[:total]
+default[:nginx][:worker_connections] = 2048
+default[:nginx][:server_names_hash_bucket_size] = 64

data/test/cookbooks/nginx/definitions/nginx_site.rb

@@ -0,0 +1,35 @@
+#
+# Cookbook Name:: nginx
+# Definition:: nginx_site
+# Author:: AJ Christensen <aj@junglist.gen.nz>
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+define :nginx_site, :enable => true do
+  if params[:enable]
+    execute "nxensite #{params[:name]}" do
+      command "/usr/sbin/nxensite #{params[:name]}"
+      notifies :restart, resources(:service => "nginx")
+      not_if do ::File.symlink?("#{node[:nginx][:dir]}/sites-enabled/#{params[:name]}") end
+    end
+  else
+    execute "nxdissite #{params[:name]}" do
+      command "/usr/sbin/nxdissite #{params[:name]}"
+      notifies :restart, resources(:service => "nginx")
+      only_if do ::File.symlink?("#{node[:nginx][:dir]}/sites-enabled/#{params[:name]}") end
+    end
+  end
+end

data/test/cookbooks/nginx/metadata.rb

@@ -0,0 +1,86 @@
+maintainer        "Opscode, Inc."
+maintainer_email  "cookbooks@opscode.com"
+license           "Apache 2.0"
+description       "Installs and configures nginx"
+version           "0.99.0"
+
+recipe "nginx", "Installs nginx package and sets up configuration with Debian apache style with sites-enabled/sites-available"
+recipe "nginx::source", "Installs nginx from source and sets up configuration with Debian apache style with sites-enabled/sites-available"
+
+%w{ ubuntu debian centos redhat fedora }.each do |os|
+  supports os
+end
+
+%w{ build-essential runit }.each do |cb|
+  depends cb
+end
+
+attribute "nginx/dir",
+  :display_name => "Nginx Directory",
+  :description => "Location of nginx configuration files",
+  :default => "/etc/nginx"
+
+attribute "nginx/log_dir",
+  :display_name => "Nginx Log Directory",
+  :description => "Location for nginx logs",
+  :default => "/var/log/nginx"
+
+attribute "nginx/user",
+  :display_name => "Nginx User",
+  :description => "User nginx will run as",
+  :default => "www-data"
+
+attribute "nginx/binary",
+  :display_name => "Nginx Binary",
+  :description => "Location of the nginx server binary",
+  :default => "/usr/sbin/nginx"
+
+attribute "nginx/gzip",
+  :display_name => "Nginx Gzip",
+  :description => "Whether gzip is enabled",
+  :default => "on"
+
+attribute "nginx/gzip_http_version",
+  :display_name => "Nginx Gzip HTTP Version",
+  :description => "Version of HTTP Gzip",
+  :default => "1.0"
+
+attribute "nginx/gzip_comp_level",
+  :display_name => "Nginx Gzip Compression Level",
+  :description => "Amount of compression to use",
+  :default => "2"
+
+attribute "nginx/gzip_proxied",
+  :display_name => "Nginx Gzip Proxied",
+  :description => "Whether gzip is proxied",
+  :default => "any"
+
+attribute "nginx/gzip_types",
+  :display_name => "Nginx Gzip Types",
+  :description => "Supported MIME-types for gzip",
+  :type => "array",
+  :default => [ "text/plain", "text/html", "text/css", "application/x-javascript", "text/xml", "application/xml", "application/xml+rss", "text/javascript" ]
+
+attribute "nginx/keepalive",
+  :display_name => "Nginx Keepalive",
+  :description => "Whether to enable keepalive",
+  :default => "on"
+
+attribute "nginx/keepalive_timeout",
+  :display_name => "Nginx Keepalive Timeout",
+  :default => "65"
+
+attribute "nginx/worker_processes",
+  :display_name => "Nginx Worker Processes",
+  :description => "Number of worker processes",
+  :default => "1"
+
+attribute "nginx/worker_connections",
+  :display_name => "Nginx Worker Connections",
+  :description => "Number of connections per worker",
+  :default => "1024"
+
+attribute "nginx/server_names_hash_bucket_size",
+  :display_name => "Nginx Server Names Hash Bucket Size",
+  :default => "64"
+

data/test/cookbooks/nginx/recipes/default.rb

@@ -0,0 +1,56 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: default
+# Author:: AJ Christensen <aj@junglist.gen.nz>
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+package "nginx"
+
+directory node[:nginx][:log_dir] do
+  mode 0755
+  owner node[:nginx][:user]
+  action :create
+end
+
+%w{nxensite nxdissite}.each do |nxscript|
+  template "/usr/sbin/#{nxscript}" do
+    source "#{nxscript}.erb"
+    mode 0755
+    owner "root"
+    group "root"
+  end
+end
+
+template "nginx.conf" do
+  path "#{node[:nginx][:dir]}/nginx.conf"
+  source "nginx.conf.erb"
+  owner "root"
+  group "root"
+  mode 0644
+end
+
+template "#{node[:nginx][:dir]}/sites-available/default" do
+  source "default-site.erb"
+  owner "root"
+  group "root"
+  mode 0644
+end
+
+service "nginx" do
+  supports :status => true, :restart => true, :reload => true
+  action [ :enable, :start ]
+end

data/test/cookbooks/nginx/recipes/source.rb

@@ -0,0 +1,143 @@
+#
+# Cookbook Name:: nginx
+# Recipe:: source
+#
+# Author:: Adam Jacob (<adam@opscode.com>)
+# Author:: Joshua Timberman (<joshua@opscode.com>)
+#
+# Copyright 2009-2011, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+include_recipe "build-essential"
+
+unless platform?("centos","redhat","fedora")
+  include_recipe "runit"
+end
+
+packages = value_for_platform(
+    ["centos","redhat","fedora"] => {'default' => ['pcre-devel', 'openssl-devel']},
+    "default" => ['libpcre3', 'libpcre3-dev', 'libssl-dev']
+  )
+
+packages.each do |devpkg|
+  package devpkg
+end
+
+nginx_version = node[:nginx][:version]
+
+node.set[:nginx][:install_path]    = "/opt/nginx-#{nginx_version}"
+node.set[:nginx][:src_binary]      = "#{node[:nginx][:install_path]}/sbin/nginx"
+node.set[:nginx][:daemon_disable]  = true
+node.set[:nginx][:configure_flags] = [
+  "--prefix=#{node[:nginx][:install_path]}",
+  "--conf-path=#{node[:nginx][:dir]}/nginx.conf",
+  "--with-http_ssl_module",
+  "--with-http_gzip_static_module"
+]
+
+configure_flags = node[:nginx][:configure_flags].join(" ")
+
+remote_file "#{Chef::Config[:file_cache_path]}/nginx-#{nginx_version}.tar.gz" do
+  source "http://sysoev.ru/nginx/nginx-#{nginx_version}.tar.gz"
+  action :create_if_missing
+end
+
+bash "compile_nginx_source" do
+  cwd Chef::Config[:file_cache_path]
+  code <<-EOH
+    tar zxf nginx-#{nginx_version}.tar.gz
+    cd nginx-#{nginx_version} && ./configure #{configure_flags}
+    make && make install
+  EOH
+  creates node[:nginx][:src_binary]
+end
+
+directory node[:nginx][:log_dir] do
+  mode 0755
+  owner node[:nginx][:user]
+  action :create
+end
+
+directory node[:nginx][:dir] do
+  owner "root"
+  group "root"
+  mode "0755"
+end
+
+unless platform?("centos","redhat","fedora")
+  runit_service "nginx"
+
+  service "nginx" do
+    subscribes :restart, resources(:bash => "compile_nginx_source")
+  end
+else
+  #install init db script
+  template "/etc/init.d/nginx" do
+    source "nginx.init.erb"
+    owner "root"
+    group "root"
+    mode "0755"
+  end
+
+  #install sysconfig file (not really needed but standard)
+  template "/etc/sysconfig/nginx" do
+    source "nginx.sysconfig.erb"
+    owner "root"
+    group "root"
+    mode "0644"
+  end
+
+  #register service
+  service "nginx" do
+    supports :status => true, :restart => true, :reload => true
+    action :enable
+    subscribes :restart, resources(:bash => "compile_nginx_source")
+  end
+end
+
+
+%w{ sites-available sites-enabled conf.d }.each do |dir|
+  directory "#{node[:nginx][:dir]}/#{dir}" do
+    owner "root"
+    group "root"
+    mode "0755"
+  end
+end
+
+%w{nxensite nxdissite}.each do |nxscript|
+  template "/usr/sbin/#{nxscript}" do
+    source "#{nxscript}.erb"
+    mode "0755"
+    owner "root"
+    group "root"
+  end
+end
+
+template "nginx.conf" do
+  path "#{node[:nginx][:dir]}/nginx.conf"
+  source "nginx.conf.erb"
+  owner "root"
+  group "root"
+  mode "0644"
+  notifies :restart, resources(:service => "nginx"), :immediately
+end
+
+cookbook_file "#{node[:nginx][:dir]}/mime.types" do
+  source "mime.types"
+  owner "root"
+  group "root"
+  mode "0644"
+  notifies :restart, resources(:service => "nginx"), :immediately
+end

data/test/cookbooks/openldap/attributes/default.rb

@@ -0,0 +1,61 @@
+# Cookbook Name:: openldap
+# Attributes:: openldap
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+if domain && domain.length > 0
+  default[:openldap][:basedn] = "dc=#{domain.split('.').join(",dc=")}"
+  default[:openldap][:server] = "ldap.#{domain}"
+end
+
+openldap[:rootpw] = nil
+
+# File and directory locations for openldap.
+case platform
+when "redhat","centos"
+  set[:openldap][:dir]        = "/etc/openldap"
+  set[:openldap][:run_dir]    = "/var/run/openldap"
+  set[:openldap][:module_dir] = "/usr/lib64/openldap"  
+when "debian","ubuntu"
+  set[:openldap][:dir]        = "/etc/ldap"
+  set[:openldap][:run_dir]    = "/var/run/slapd"
+  set[:openldap][:module_dir] = "/usr/lib/ldap"
+else
+  set[:openldap][:dir]        = "/etc/ldap"
+  set[:openldap][:run_dir]    = "/var/run/slapd"
+  set[:openldap][:module_dir] = "/usr/lib/ldap"
+end
+
+openldap[:ssl_dir] = "#{openldap[:dir]}/ssl"
+openldap[:cafile]  = "#{openldap[:ssl_dir]}/ca.crt"
+
+# Server settings.
+openldap[:slapd_type] = nil
+
+if openldap[:slapd_type] == "slave"
+  master = search(:nodes, 'openldap_slapd_type:master') 
+  default[:openldap][:slapd_master] = master
+  default[:openldap][:slapd_replpw] = nil
+  default[:openldap][:slapd_rid]    = 102
+end
+
+# Auth settings for Apache.
+if openldap[:basedn] && openldap[:server]
+  default[:openldap][:auth_type]   = "openldap"
+  default[:openldap][:auth_binddn] = "ou=people,#{openldap[:basedn]}"
+  default[:openldap][:auth_bindpw] = nil
+  default[:openldap][:auth_url]    = "ldap://#{openldap[:server]}/#{openldap[:auth_binddn]}?uid?sub?(objecctClass=*)"
+end

data/test/cookbooks/openldap/metadata.rb

@@ -0,0 +1,99 @@
+maintainer        "Opscode, Inc."
+maintainer_email  "cookbooks@opscode.com"
+license           "Apache 2.0"
+description       "Configures a server to be an OpenLDAP master, replication slave or client for auth"
+long_description  IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
+version           "0.9.4"
+recipe            "openldap", "Empty, use one of the other recipes"
+recipe            "openldap::auth", "Set up openldap for user authentication"
+recipe            "openldap::client", "Install openldap client packages"
+recipe            "openldap::server", "Set up openldap to be a slapd server"
+
+%w{ ubuntu debian }.each do |os|
+  supports os
+end
+
+%w{ openssh nscd }.each do |cb|
+  depends cb
+end
+
+attribute "openldap/basedn",
+  :display_name => "OpenLDAP BaseDN",
+  :description => "BaseDN for the LDAP directory",
+  :default => "dc=domain,dc=com"
+
+attribute "openldap/server",
+  :display_name => "OpenLDAP Server",
+  :description => "LDAP Server, used for URIs",
+  :default => "ldap.domain"
+
+attribute "openldap/rootpw",
+  :display_name => "OpenLDAP Root Password",
+  :description => "Password for 'admin' root user, should be a SHA hash that OpenLDAP supports",
+  :default => "nil"
+
+attribute "openldap/dir",
+  :display_name => "OpenLDAP Dir",
+  :description => "Main configuration directory for OpenLDAP",
+  :default => "/etc/ldap"
+
+attribute "openldap/run_dir",
+  :display_name => "OpenLDAP Run Directory",
+  :description => "Run directory for LDAP server processes",
+  :default => "/var/run/slapd"
+
+attribute "openldap/module_dir",
+  :display_name => "OpenLDAP Module Directory",
+  :description => "Location for OpenLDAP add-on modules",
+  :default => "/usr/lib/ldap"
+
+attribute "openldap/ssl_dir",
+  :display_name => "OpenLDAP SSL Directory",
+  :description => "Location for LDAP SSL certificates",
+  :default => "openldap_dir/ssl"
+
+attribute "openldap/cafile",
+  :display_name => "OpenLDAP CA File",
+  :description => "Location for CA certificate",
+  :default => "openldap_dir_ssl/ca.crt"
+
+attribute "openldap/slapd_type",
+  :display_name => "OpenLDAP Slapd Type",
+  :description => "Whether the server is a master or slave",
+  :default => "nil"
+
+attribute "openldap/slapd_master",
+  :display_name => "OpenLDP Slapd Master",
+  :description => "Search nodes for attribute slapd_type master, for slaves",
+  :default => "nil"
+
+attribute "openldap/slapd_replpw",
+  :display_name => "OpenLDAP Slapd Replication Password",
+  :description => "Password for slaves to replicate from master",
+  :default => "nil"
+
+attribute "openldap/slapd_rid",
+  :display_name => "OpenLDAP Slapd Replication ID",
+  :description => "Slave's ID, must be unique",
+  :default => "102"
+
+attribute "openldap/auth_type",
+  :display_name => "OpenLDAP Auth Type",
+  :description => "Used in Apache configs, AuthBasicProvider",
+  :default => "openldap"
+
+attribute "openldap/auth_binddn",
+  :display_name => "OpenLDAP Auth BindDN",
+  :description => "Used in auth_url and Apache configs, AuthBindDN",
+  :default => "ou=people,openldap_basedn"
+
+attribute "openldap/auth_bindpw",
+  :display_name => "OpenLDAP Auth Bind Password",
+  :description => "Used in Apache configs, AuthBindPassword",
+  :default => "nil"
+
+attribute "openldap/auth_url",
+  :display_name => "OpenLDAP Auth URL",
+  :description => "Used in Apache configs, AuthLDAPURL",
+  :default => "ldap://openldap_server/openldap_auth_binddn?uid?sub?(objectClass=*)"
+