Chef Cookbook: OSSEC YUM Repository
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Eric Renfro f910a6935a Fixed previous gitignored file 6 years ago
attributes Initial commit 6 years ago
recipes Initial commit 6 years ago
.gitignore Added gitignore 6 years ago
Berksfile Initial commit 6 years ago
CHANGELOG.md Initial commit 6 years ago
README.md Initial commit 6 years ago
metadata.rb Initial commit 6 years ago

README.md

yum-ossec Cookbook

The yum-ossec cookbook takes over management of the default repositoryids that ship with CentOS systems. It allows attribute manipulation of atomic

Requirements

Platforms

  • RHEL/CentOS and derivatives

Chef

  • Chef 11+

Cookbooks

  • yum version 3.2.0 or higher

Attributes

The following attributes are set by default

default['yum']['atomic']['repositoryid'] = 'atomic'
default['yum']['atomic']['enabled'] = true
default['yum']['atomic']['managed'] = true
default['yum']['atomic']['gpgkey'] = 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt https://www.atomicorp.com/RPM-GPG-KEY.art.txt'
default['yum']['atomic']['gpgcheck'] = true
default['yum']['atomic']['priority'] = 5
default['yum']['atomic']['description'] = 'CentOS / Red Hat Enterprise Linux $releasever - atomicrocketturtle.com'
default['yum']['atomic']['mirrorlist'] = 'http://updates.atomicorp.com/channels/mirrorlist/atomic/centos-$releasever-$basearch'

Recipes

  • default - Walks through node attributes and feeds a yum_resource
  • parameters. The following is an example a resource generated by the
  • recipe during compilation.
  yum_repository 'atomic' do
    mirrorlist 'http://updates.atomicorp.com/channels/mirrorlist/atomic/centos-$releasever-$basearch'
    description 'CentOS / Red Hat Enterprise Linux $releasever - atomicrocketturtle.com'
    enabled true
    gpgcheck true
    priority 5
    gpgkey 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt https://www.atomicorp.com/RPM-GPG-KEY.art.txt'
  end

Usage Example

To disable the atomic repository through a Role or Environment definition

default_attributes(
  'yum' => {
    'atomic' => {
      'enabled' => false
    }
  }
)

More Examples

Point the base and debuginfo repositories at an internally hosted server.

node.default['yum']['atomic']['enabled'] = true
node.default['yum']['atomic']['mirrorlist'] = nil
node.default['yum']['atomic']['baseurl'] = 'https://internal.example.com/centos/6/os/x86_64'
node.default['yum']['atomic']['sslverify'] = false

include_recipe 'yum-ossec'

License & Authors

Author: Eric Renfro (psi-jack@linux-help.org)

Copyright: 2016, Linux-Help.org.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.