This cookbook configures a server to install applications on. Currently only tested on CentOS 7.x, but should work on RHEL 7.x as well.
- CentOS 7.x
- Chef 12.1+
- apt
- chef_nginx
- chef-sugar
- elasticsearch
- firewall
- java
- nodejs
- php
- ssh-hardening
- sshd
- sudo
- tar
- users
- yum-epel
- yum-webtatic
- mysql (~> 6.1.2)
- database (~> 4.0.9)
- mysql2_chef_gem (~> 1.0.2)
node['lits_vm']['packages']- Packages that the cookbook will install using the default package manager, default[curl, git]node['lits_vm']['enable_webtatic']- Enables the Webtatic repository on EL systems (for recent versions of PHP), defaultfalsenode['lits_vm']['firewall']['allow_ports']- Defines which ports are open on the firewall, default{}
None.
Include the default recipe in a run list. The default recipe does the following:
- Configures the ssh daemon
- Configures users and superusers using data bags (See https://supermarket.chef.io/cookbooks/users)
- Configures firewall
- Enables repositories if needed
- Installs specified packages
- Installs Node.js (TODO: make this optional and disabled by default)
This recipe installs elasticsearch (requires Java).
This recipe installs ffmpeg.
This recipe installs Java.
This recipe installs and configures MySQL databases using data bags. A sample mysql_service data bag would look like:
{
"bag_type" : "mysql_service",
"id" : "mysql_service_default",
"name" : "default",
"bind_address" : "127.0.0.1",
"version" : "5.5",
"initial_root_password" : "a super secure password",
"databases" : [
{ "name" : "default" }
],
"users" : [
{
"username" : "mysql_user",
"password" : "a super secure password",
"databases" : ["default"]
}
]
}This recipe installs and configures Nginx using data bags. A sample nginx_site data bag would look like:
{
"bag_type" : "nginx_site",
"id" : "nginx_site_blank",
"name" : "blank",
"blocks" : {
"server" : [
{
"config" : [
{ "directive" : "listen", "value" : "80 default" },
{ "directive" : "server_name", "value" : "_" },
{ "directive" : "return", "value" : "444" }
]
}
]
}
}This recipe installs and configures PHP and PHP-FPM using data bags. A sample fpm_pool data bag would look like:
{
"bag_type" : "fpm_pool",
"id" : "fpm_pool_default",
"name" : "default_pool",
"listen": "/var/run/php-fpm.default_pool.sock",
"process_manager": "ondemand",
"max_children": 10,
"additional_config": {
"env[PATH]": "/usr/local/bin:/usr/bin:/bin",
"php_admin_value[date.timezone]": "\"America/Toronto\"",
"php_value[pdo_mysql.default_socket]": "/var/run/mysql-default/mysqld.sock"
}
}Just include the lits_vm recipe at the beginning of your run list.
{
"name": "my_server",
"description": "Sets up my server",
"chef_type": "role",
"json_class": "Chef::Role",
"run_list": [
"recipe[lits_vm]"
]
}- Patrick Fung (patrick@makestuffdostuff.com)