From 427e29db7b9612730c871f8f86f1d0f7f0966faa Mon Sep 17 00:00:00 2001 From: Lucas Mariani Date: Sun, 31 Aug 2014 01:15:36 -0300 Subject: [PATCH 1/5] Disable gpgcheck, no signed rpm Former-commit-id: 35d53141d66569054c897c9a5661980754a0bcc9 Former-commit-id: f1f7726dd2478ad0858afe560b5d561448b11d50 --- recipes/server.rb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/recipes/server.rb b/recipes/server.rb index f4146cc560..d0d99c5ac6 100644 --- a/recipes/server.rb +++ b/recipes/server.rb @@ -38,12 +38,11 @@ repo = yum_repository "rundeck" do description "Rundeck - Release" url "http://dl.bintray.com/rundeck/rundeck-rpm" + gpgcheck false action :add end package "rundeck" do - #version "" - #options package_options action :install end else From 2c90bedcf5a45032e6d143159912428d4ce2e546 Mon Sep 17 00:00:00 2001 From: Lucas Mariani Date: Sun, 31 Aug 2014 01:29:20 -0300 Subject: [PATCH 2/5] Correct apache_sites resource Former-commit-id: 591e0938952df492087c18231bf367d2e3cac57d Former-commit-id: bd25aa30ede7b42b46d662b01aad997fa753a475 --- recipes/server.rb | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/recipes/server.rb b/recipes/server.rb index d0d99c5ac6..b1c247c14c 100644 --- a/recipes/server.rb +++ b/recipes/server.rb @@ -181,14 +181,13 @@ EOH end - -apache_site "000-default" do - enable false - notifies :reload, "service[apache2]" +%w(default 000-default).each do |site| + apache_site site do + enable false + notifies :reload, "service[apache2]" + end end - -# load up the apache conf template "apache-config" do path "#{node['apache']['dir']}/sites-available/rundeck.conf" source "rundeck.conf.erb" @@ -204,16 +203,14 @@ end apache_site "rundeck.conf" do + enable true notifies :reload, "service[apache2]" end -# ensure rundeck is started service "rundeckd" do action :start end - -#load projects bags = data_bag(node['rundeck']['rundeck_projects_databag']) projects = {} From c451e94fcc71c0b3e961c4cc69e5c4273d417bf9 Mon Sep 17 00:00:00 2001 From: Lucas Mariani Date: Sun, 31 Aug 2014 01:35:21 -0300 Subject: [PATCH 3/5] Disabled selinux Former-commit-id: 84da7474f4984230abd3c805b6acbec131eb5736 Former-commit-id: 1600937cfe5a8a154d8594e5e8d75ab5e61151c4 --- metadata.rb | 1 + recipes/server.rb | 1 + 2 files changed, 2 insertions(+) diff --git a/metadata.rb b/metadata.rb index b043e85cb8..2b2f1d684f 100644 --- a/metadata.rb +++ b/metadata.rb @@ -9,6 +9,7 @@ depends "sudo" depends "java" depends "apache2" +depends "selinux" %w{ debian ubuntu centos suse fedora redhat freebsd windows }.each do |os| supports os diff --git a/recipes/server.rb b/recipes/server.rb index b1c247c14c..9e95b68113 100644 --- a/recipes/server.rb +++ b/recipes/server.rb @@ -25,6 +25,7 @@ include_recipe "apache2::mod_ssl" include_recipe "apache2::mod_proxy" include_recipe "apache2::mod_proxy_http" +include_recipe "selinux::disabled" rundeck_secure = data_bag_item(node['rundeck']['rundeck_databag'], node['rundeck']['rundeck_databag_secure']) From 0beaa29162222e7036480a175612cefa9d355bbc Mon Sep 17 00:00:00 2001 From: Lucas Mariani Date: Sun, 31 Aug 2014 01:52:01 -0300 Subject: [PATCH 4/5] Correct site enable rundeck Former-commit-id: 44556715174edc9cd7094a6d74edb4a12985edd6 Former-commit-id: b413464b3165ac9d7f069f8d58dc25a02799a2f9 --- recipes/server.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes/server.rb b/recipes/server.rb index 9e95b68113..f92aa9e922 100644 --- a/recipes/server.rb +++ b/recipes/server.rb @@ -203,7 +203,7 @@ notifies :reload, "service[apache2]" end -apache_site "rundeck.conf" do +apache_site "rundeck" do enable true notifies :reload, "service[apache2]" end From cc71db98dc1f2d1c98221344081456e486bd661c Mon Sep 17 00:00:00 2001 From: Lucas Mariani Date: Sat, 27 Sep 2014 20:09:04 -0300 Subject: [PATCH 5/5] Remove selinux depends Former-commit-id: 4ab66ead828084291d4a3f59c474d81d8dd1028b Former-commit-id: 361b2627d3d51796918a524764a39a599d02375d --- Berksfile.lock | 20 +++++++++++--------- README.md | 2 +- metadata.rb | 1 - recipes/server.rb | 1 - 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/Berksfile.lock b/Berksfile.lock index 879652204b..dee0de55bc 100644 --- a/Berksfile.lock +++ b/Berksfile.lock @@ -1,7 +1,5 @@ DEPENDENCIES apt - create_chef_dir - path: test/fixtures/cookbooks/create_chef_dir rundeck path: . metadata: true @@ -11,20 +9,24 @@ GRAPH iptables (>= 0.0.0) logrotate (>= 0.0.0) pacman (>= 0.0.0) - apt (2.4.0) + apt (2.5.3) build-essential (2.0.6) - create_chef_dir (0.0.1) - iptables (0.13.2) - java (1.26.0) + iptables (0.14.0) + java (1.28.0) logrotate (1.6.0) pacman (1.1.1) rundeck (2.0.5) apache2 (>= 0.0.0) java (>= 0.0.0) runit (>= 0.0.0) + selinux (>= 0.0.0) sudo (>= 0.0.0) - runit (1.5.11) + runit (1.5.10) build-essential (>= 0.0.0) - yum (>= 0.0.0) + yum (~> 3.0) + yum-epel (>= 0.0.0) + selinux (0.8.0) sudo (2.7.0) - yum (3.2.2) + yum (3.3.1) + yum-epel (0.5.1) + yum (~> 3.0) diff --git a/README.md b/README.md index c24b61721d..65f1774f9f 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,7 @@ This cookbook relies on multiple data bags. See __Data Bag__ below. * Mac OS X (managed node) **Notes**: This cookbook has been tested on the listed platforms. It may work on other platforms with or without modification. - +In RHEL / CentOS , SELinux is enabled by default, it blocks the apache mod_proxy , disable or add an exception selinux ### Cookbooks * Java diff --git a/metadata.rb b/metadata.rb index 2b2f1d684f..b043e85cb8 100644 --- a/metadata.rb +++ b/metadata.rb @@ -9,7 +9,6 @@ depends "sudo" depends "java" depends "apache2" -depends "selinux" %w{ debian ubuntu centos suse fedora redhat freebsd windows }.each do |os| supports os diff --git a/recipes/server.rb b/recipes/server.rb index f92aa9e922..e0bce50725 100644 --- a/recipes/server.rb +++ b/recipes/server.rb @@ -25,7 +25,6 @@ include_recipe "apache2::mod_ssl" include_recipe "apache2::mod_proxy" include_recipe "apache2::mod_proxy_http" -include_recipe "selinux::disabled" rundeck_secure = data_bag_item(node['rundeck']['rundeck_databag'], node['rundeck']['rundeck_databag_secure'])