cookbook 'mw_server_base', '= 0.1.0', :supermarket
mw_server_base (3) Versions 0.1.0 Follow0
Cookbook to apply the minimal configuration we want to have on every server.
cookbook 'mw_server_base', '= 0.1.0'
knife supermarket install mw_server_base
knife supermarket download mw_server_base
MW Server Base Cookbook
This cookbook has some recipes to set up the minimal configuration we need to have on every server.
- Chef 12 or higher.
- Network accessible package repositories.
The following platforms have been tested with Test Kitchen:
- Debian 7.
- Ubuntu 12.04.
- Ubuntu 14.04.
- CentOS 6.4.
- CentOS 7.1.
This cookbook provides the following recipes:
- basic_packages: installs a list of some packages which are important for us to have in our servers.
- postfix: installs Postfix and configures it as a smarthost to use another server as a relay. Useful to receive server notifications.
- security: sets up OpenSSH with some customizations for better security and installs Fail2ban. It also sets up a firewall (using private recipe _firewall) which sets DROP policy for INPUT and FORWARD chains and enables access to SSH from everywhere. This recipe is the only one that is not included when using default recipe.
usersrecipes, along with apt, locale, ntp and rsyslog. It also configures the timezone.
- users: creates system users with root privileges using sudo.
Place a dependency on the mw_server_base cookbook in your cookbook's metadata.rb:
depends 'mw_server_base', '~> 0.1'
After that, if you are setting up a regular server, include in your run list
mw_server_base. If the server is a mailserver, then you should put
mw_server_base::setup in your run list instead, which excludes
If you need to apply the security customizations, then explicitly include
mw_server_base::security as it's not included by any other recipe.
Mirrors are not configured within this cookbook because the would normally be implemented in the machine template used. That being not the case, you could easily add debian or ubuntu cookbook to set the mirrors.
License & Authors
- Author:: Leandro Di Tommaso (firstname.lastname@example.org)
Copyright:: 2016 Mikroways Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
|yum-epel ~> 0.6.5|
|users ~> 2.0.2|
|timezone_lwrp ~> 0.1.7|
|sudo ~> 2.8.0|
|simple_iptables ~> 0.7.4|
|rsyslog ~> 4.0.0|
|openssh ~> 1.6.1|
|postfix ~> 3.7.0|
|ntp ~> 1.10.0|
|locale ~> 1.0.3|
|fail2ban ~> 2.3.0|
|chef-vault ~> 1.3.2|
|apt ~> 2.9.2|
There are no cookbooks that are contingent upon this one.
0.1.0 passed this metric
0.1.0 passed this metric