diff options
author | Raphael Sofaer <raphael@joindiaspora.com> | 2011-02-17 06:42:59 +0300 |
---|---|---|
committer | Raphael Sofaer <raphael@joindiaspora.com> | 2011-02-17 06:46:43 +0300 |
commit | 6cf8de94a71404d68bae98c9f014746f47dcbaa7 (patch) | |
tree | e4b73bb3b32c7436398f26f7b2591bbb7800d18e | |
parent | dfa5d875c5cb8f71cb6db51440bca553ba0a5d35 (diff) |
take secret token stuff out of chef scripts
-rw-r--r-- | chef/cookbooks/centos/recipes/bootstrap.rb | 6 | ||||
-rw-r--r-- | chef/cookbooks/centos/recipes/java.rb | 3 | ||||
-rw-r--r-- | chef/cookbooks/centos/recipes/main.rb | 16 | ||||
-rw-r--r-- | chef/cookbooks/centos/recipes/post_bootstrap.rb | 1 | ||||
-rw-r--r-- | chef/cookbooks/common/recipes/daemontools.rb | 12 | ||||
-rw-r--r-- | chef/cookbooks/common/recipes/main.rb | 1 | ||||
-rw-r--r-- | chef/cookbooks/common/recipes/secret_token.rb | 5 | ||||
-rw-r--r-- | chef/cookbooks/common/recipes/splunk.rb | 8 | ||||
-rw-r--r-- | chef/cookbooks/common/templates/default/secret_token.rb.erb | 1 | ||||
-rw-r--r-- | config/initializers/check_session_secret.rb | 1 |
10 files changed, 11 insertions, 43 deletions
diff --git a/chef/cookbooks/centos/recipes/bootstrap.rb b/chef/cookbooks/centos/recipes/bootstrap.rb index 0458df3fa..b5c860876 100644 --- a/chef/cookbooks/centos/recipes/bootstrap.rb +++ b/chef/cookbooks/centos/recipes/bootstrap.rb @@ -13,9 +13,7 @@ end execute "htop" do command "yum install -y htop psmisc screen" end -execute "JAVA!! for Jammit" do - command "yum install -y java" -end + execute "rvm deps" do command "yum install -y bzip2" end @@ -35,3 +33,5 @@ def harden_ruby(ruby_string) end harden_ruby("ree-1.8.7-2010.02") + +include_recipe "centos::post_bootstrap" diff --git a/chef/cookbooks/centos/recipes/java.rb b/chef/cookbooks/centos/recipes/java.rb new file mode 100644 index 000000000..ca94b42fd --- /dev/null +++ b/chef/cookbooks/centos/recipes/java.rb @@ -0,0 +1,3 @@ +execute "JAVA!! for Jammit" do + command "yum install -y java" +end diff --git a/chef/cookbooks/centos/recipes/main.rb b/chef/cookbooks/centos/recipes/main.rb index f5455876a..c7688a7e4 100644 --- a/chef/cookbooks/centos/recipes/main.rb +++ b/chef/cookbooks/centos/recipes/main.rb @@ -1,19 +1,3 @@ -def harden_ruby(ruby_string) - Dir.glob("/usr/local/rvm/wrappers/#{ruby_string}/*").each do |file| - link "/usr/local/bin/#{file.split('/').last}" do - to file - end - end - Dir.glob("/usr/local/rvm/gems/#{ruby_string}/bin/*").each do |file| - link "/usr/local/bin/#{file.split('/').last}" do - to file - end - end - -end - -harden_ruby("ree-1.8.7-2010.02") - include_recipe "centos::image_magick" include_recipe "centos::mysql" include_recipe "common::main" diff --git a/chef/cookbooks/centos/recipes/post_bootstrap.rb b/chef/cookbooks/centos/recipes/post_bootstrap.rb new file mode 100644 index 000000000..9d100269b --- /dev/null +++ b/chef/cookbooks/centos/recipes/post_bootstrap.rb @@ -0,0 +1 @@ +include_recipe "centos::java" diff --git a/chef/cookbooks/common/recipes/daemontools.rb b/chef/cookbooks/common/recipes/daemontools.rb index 4f1509b65..c3af1cc51 100644 --- a/chef/cookbooks/common/recipes/daemontools.rb +++ b/chef/cookbooks/common/recipes/daemontools.rb @@ -6,13 +6,6 @@ execute "compile daemontools" do command "cd /package/admin/daemontools-0.76 && ./package/install" end -#execute "mongo run" do -# command "mkdir -p /service/mongo && echo '#!/bin/sh' > /service/mongo/run && echo 'exec /usr/bin/mongod' >> /service/mongo/run" -#end -#execute "executable" do -# command "chmod -R 755 /service/mongo" -#end - execute "mysql run" do command "mkdir -p /service/mysql && echo '#!/bin/sh' > /service/mysql/run && echo 'exec /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --user=mysql' >> /service/mysql/run" end @@ -37,11 +30,6 @@ config['thins'].each do |thin| end end -#service for mongo tunnel -#execute "mongo ssh tunnel" do - #command "mkdir -p /service/mongo_ssh_tunnel && echo '#!/bin/sh' > /service/mongo_ssh_tunnel/run && echo 'exec ssh -N -f -L 27017:localhost:27017 caesar@184.106.233.43' >> /service/websocket/run" -#end - execute "websocket run" do command "mkdir -p /service/websocket && echo '#!/bin/sh' > /service/websocket/run && echo 'cd /usr/local/app/diaspora && RAILS_ENV=production exec /usr/local/bin/ruby /usr/local/app/diaspora/script/websocket_server.rb' >> /service/websocket/run" end diff --git a/chef/cookbooks/common/recipes/main.rb b/chef/cookbooks/common/recipes/main.rb index cbaf76f9e..7d35db472 100644 --- a/chef/cookbooks/common/recipes/main.rb +++ b/chef/cookbooks/common/recipes/main.rb @@ -1,5 +1,4 @@ include_recipe "common::iptables" include_recipe "common::daemontools" -include_recipe "common::secret_token" include_recipe "common::splunk" include_recipe "common::backup" diff --git a/chef/cookbooks/common/recipes/secret_token.rb b/chef/cookbooks/common/recipes/secret_token.rb deleted file mode 100644 index 948f59f07..000000000 --- a/chef/cookbooks/common/recipes/secret_token.rb +++ /dev/null @@ -1,5 +0,0 @@ -require 'active_support' -template "/usr/local/app/diaspora/config/initializers/secret_token.rb" do - source "secret_token.rb.erb" - variables :secret_token => ActiveSupport::SecureRandom.hex(40) -end diff --git a/chef/cookbooks/common/recipes/splunk.rb b/chef/cookbooks/common/recipes/splunk.rb index e2ec2a498..04d6354a4 100644 --- a/chef/cookbooks/common/recipes/splunk.rb +++ b/chef/cookbooks/common/recipes/splunk.rb @@ -34,10 +34,10 @@ execute "Add monitor for diaspora" do not_if "splunk list monitor | grep diaspora" end -#execute "Add monitor for nginx" do - #command "mkdir -p /usr/local/nginx/logs && splunk add monitor /usr/local/nginx/logs" - #not_if "splunk list monitor | grep nginx" -#end +execute "Add monitor for nginx" do + command "mkdir -p /usr/local/nginx/logs && splunk add monitor /usr/local/nginx/logs" + not_if "splunk list monitor | grep nginx" +end execute 'Splunk Restart' do command "splunk restart" diff --git a/chef/cookbooks/common/templates/default/secret_token.rb.erb b/chef/cookbooks/common/templates/default/secret_token.rb.erb deleted file mode 100644 index ef4543b33..000000000 --- a/chef/cookbooks/common/templates/default/secret_token.rb.erb +++ /dev/null @@ -1 +0,0 @@ -Rails.application.config.secret_token = '<%= @secret_token %>' diff --git a/config/initializers/check_session_secret.rb b/config/initializers/check_session_secret.rb index 1970c5078..32a1907d7 100644 --- a/config/initializers/check_session_secret.rb +++ b/config/initializers/check_session_secret.rb @@ -2,4 +2,3 @@ unless File.exists?( File.join(Rails.root, 'config', 'initializers', 'secret_tok `rake generate:secret_token` require File.join(Rails.root, 'config', 'initializers', 'secret_token.rb') end - |