README.md 4.99 KB
Newer Older
Victor Penso's avatar
Victor Penso committed
1
2
## Description

Victor Penso's avatar
README    
Victor Penso committed
3
This cookbook enables the configuration of generic [Chef resources](https://docs.chef.io/resources.html) by attributes.
Victor Penso's avatar
Victor Penso committed
4

Victor Penso's avatar
README    
Victor Penso committed
5
The following resource list includes all Chef resources mapped by default: 
Victor Penso's avatar
Victor Penso committed
6

Victor Penso's avatar
Victor Penso committed
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
```
apt_repository
apt_update
apt_package
yum_repository
yum_package
package
group
user
directory
file
remote_file
link
template
git
subversion
execute
bash
script
service
systemd_unit
route
mount
```
Victor Penso's avatar
Victor Penso committed
31

Victor Penso's avatar
Victor Penso committed
32
33
### Configuration

Victor Penso's avatar
README    
Victor Penso committed
34
35
Append other resources to the resource list mapped by this cookbook with the attribute `base/resources`.

Victor Penso's avatar
README    
Victor Penso committed
36
Following Chef role illustrates this for the `cron` resource:
Victor Penso's avatar
Victor Penso committed
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58

```ruby
name 'cron'
description 'Cron configuration'
run_list( 'recipe[base]' )
default_attributes(

  base: { resources: [ 'cron' ] },

  cron: {
    'noop': {
      hour: '5',
      minute: '0',
      command: '/bin/true'
    }
  }

)
```

### Usage

Victor Penso's avatar
README    
Victor Penso committed
59
60
Take a look to the [test/roles/](test/roles) directory for a list of example roles using this cookbook.

Victor Penso's avatar
README    
Victor Penso committed
61
Following Chef role configures `ntpd` on Debian and CentOS:
Victor Penso's avatar
Victor Penso committed
62
63
64

```ruby
name 'ntpd'
Victor Penso's avatar
README    
Victor Penso committed
65
description 'ntpd configuration'
Victor Penso's avatar
Victor Penso committed
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
run_list( 'recipe[base]' )
default_attributes(
 
  ##
  # PACKAGES
  # 
  package: [ 'ntp','ntpdate' ],

  # Remove the default NTP service on CentOS
  yum_package: { chrony: { action: :remove } },

  ##
  # CONFIGURATION FILES
  #
  file: {
   
    ##
    # Time Synchronisation 
    #
    '/etc/ntp.conf': {
      content: %(
        server 0.pool.ntp.org
        server 1.pool.ntp.org
        server 2.pool.ntp.org
        server 3.pool.ntp.org
        driftfile /var/lib/ntp/ntp.drift
        statistics loopstats peerstats clockstats
        filegen loopstats file loopstats type day enable
        filegen peerstats file peerstats type day enable
        filegen clockstats file clockstats type day enable
        restrict -4 default kod notrap nomodify nopeer noquery
        restrict -6 default kod notrap nomodify nopeer noquery
        restrict 127.0.0.1
        restrict ::1
      ),
      notifies: [ :restart, 'systemd_unit[ntpd.service]', :delayed ]
    }
  },
  systemd_unit: {

    ##
    # Set timezone at boot 
    #
    'set-timezone.service': {
      content: '
        [Unit]
        Description=Set the time zone to Europe/Berlin
        
        [Service]
        ExecStart=/usr/bin/timedatectl set-timezone Europe/Berlin
        RemainAfterExit=yes
        Type=oneshot
      ',
      action: [:create, :enable, :start]
    },

    # Disable /etc/init.d/ntp if present
    'ntp.service': { action: [:stop, :disable] },

    'ntpd.service': { 
      content: %(
        [Unit]
        Description=Network Time Service
        After=syslog.target ntpdate.service sntp.service

        [Service]
        Type=forking
        ExecStart=/usr/sbin/ntpd -u ntp:ntp -g
        PrivateTmp=true

        [Install]
        WantedBy=multi-user.target
      ),
      action: [:create, :enable, :start],
      notifies: [ :restart, 'systemd_unit[ntpd.service]']
    }
  }
)

```
Victor Penso's avatar
Victor Penso committed
146

147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
### ERB style attributes

Additionally you can use ERB template style attributes for generic/instantiatable roles and a boilerplate-less alternative to Chef::Resource::Template.
This is implemented for all attributes that have plain String content, including the user defined resource _name_.
To enable this feature one has to configure an additional attribute _template_fields_ (String/Array of String) of the resource, specifying the attributes that should be expanded/rendered by ERB using the Chef _node_-object.

```ruby
#...  part of default_attributes(
  file: {
    ##
    # Time Synchronisation 
    #
    "<%= node['ntp_config_location'] %>" => {
      content: %q<
	<% node['ntp_servers'].each do |server| %>
        <%- %>server = <%= server -%>
	<%- end %>
	<% node['ntp_config_extra'].each do |conf| %>
        <%=- conf -%>
	<% end %>
        restrict -4 default kod notrap nomodify nopeer noquery
        restrict -6 default kod notrap nomodify nopeer noquery
        restrict 127.0.0.1
        restrict ::1
      >,
      "template_fields":["name","content"]
    }
  },
  "ntp_config_location" => "/etc/ntp.conf",
  "ntp_servers" => ["0.pool.ntp.org","1.pool.ntp.org","2.pool.ntp.org","3.pool.ntp.org"],
  "ntp_config_extra" => ["driftfile /var/lib/ntp/ntp.drift",
  		       	 "statistics loopstats peerstats clockstats",
  			 "filegen loopstats file loopstats type day enable",
			 "filegen peerstats file peerstats type day enable",
			 "filegen clockstats file clockstats type day enable"]
#...  end of default_attributes(
```
Victor Penso's avatar
Victor Penso committed
184
185
## License

186
Author:: Victor Penso, Jan Knedlik
Victor Penso's avatar
Victor Penso committed
187

188
Copyright:: 2017, 2022
Victor Penso's avatar
Victor Penso committed
189
190
191
192
193
194

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.