Initial commit

This commit is contained in:
Eric Renfro 2016-07-18 22:07:36 -04:00
commit 712175744e
8 changed files with 188 additions and 0 deletions

6
Berksfile Normal file
View file

@ -0,0 +1,6 @@
source "https://supermarket.chef.io"
metadata
cookbook "yum", "~> 3.10.0"

10
Berksfile.lock Normal file
View file

@ -0,0 +1,10 @@
DEPENDENCIES
yum (~> 3.10.0)
yum-ossec
path: .
metadata: true
GRAPH
yum (3.10.0)
yum-ossec (0.1.0)
yum (>= 3.2.0)

5
CHANGELOG.md Normal file
View file

@ -0,0 +1,5 @@
# yum-ossec Cookbook CHANGELOG
This file is used to list changes made in each version of the yum-ossec cookbook.
## v0.1.0
initial release

87
README.md Normal file
View file

@ -0,0 +1,87 @@
# yum-ossec Cookbook
The yum-ossec cookbook takes over management of the default repositoryids that ship with CentOS systems. It allows attribute manipulation of `atomic`
## Requirements
### Platforms
- RHEL/CentOS and derivatives
### Chef
- Chef 11+
### Cookbooks
- yum version 3.2.0 or higher
## Attributes
The following attributes are set by default
```ruby
default['yum']['atomic']['repositoryid'] = 'atomic'
default['yum']['atomic']['enabled'] = true
default['yum']['atomic']['managed'] = true
default['yum']['atomic']['gpgkey'] = 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt https://www.atomicorp.com/RPM-GPG-KEY.art.txt'
default['yum']['atomic']['gpgcheck'] = true
default['yum']['atomic']['priority'] = 5
default['yum']['atomic']['description'] = 'CentOS / Red Hat Enterprise Linux $releasever - atomicrocketturtle.com'
default['yum']['atomic']['mirrorlist'] = 'http://updates.atomicorp.com/channels/mirrorlist/atomic/centos-$releasever-$basearch'
```
## Recipes
- default - Walks through node attributes and feeds a yum_resource
- parameters. The following is an example a resource generated by the
- recipe during compilation.
```ruby
yum_repository 'atomic' do
mirrorlist 'http://updates.atomicorp.com/channels/mirrorlist/atomic/centos-$releasever-$basearch'
description 'CentOS / Red Hat Enterprise Linux $releasever - atomicrocketturtle.com'
enabled true
gpgcheck true
priority 5
gpgkey 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt https://www.atomicorp.com/RPM-GPG-KEY.art.txt'
end
```
## Usage Example
To disable the `atomic` repository through a Role or Environment definition
```
default_attributes(
'yum' => {
'atomic' => {
'enabled' => false
}
}
)
```
## More Examples
Point the base and debuginfo repositories at an internally hosted server.
```
node.default['yum']['atomic']['enabled'] = true
node.default['yum']['atomic']['mirrorlist'] = nil
node.default['yum']['atomic']['baseurl'] = 'https://internal.example.com/centos/6/os/x86_64'
node.default['yum']['atomic']['sslverify'] = false
include_recipe 'yum-ossec'
```
## License & Authors
**Author:** Eric Renfro (<psi-jack@linux-help.org>)
**Copyright:** 2016, Linux-Help.org.
```
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
```

13
attributes/atomic.rb Normal file
View file

@ -0,0 +1,13 @@
default['yum']['atomic']['repositoryid'] = 'atomic'
default['yum']['atomic']['enabled'] = true
default['yum']['atomic']['managed'] = true
default['yum']['atomic']['gpgkey'] = 'https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt https://www.atomicorp.com/RPM-GPG-KEY.art.txt'
default['yum']['atomic']['gpgcheck'] = true
default['yum']['atomic']['priority'] = 5
case node['platform_family']
when 'rhel'
default['yum']['atomic']['description'] = 'CentOS / Red Hat Enterprise Linux $releasever - atomicrocketturtle.com'
default['yum']['atomic']['mirrorlist'] = "http://updates.atomicorp.com/channels/mirrorlist/atomic/centos-$releasever-$basearch"
end

1
attributes/default.rb Normal file
View file

@ -0,0 +1 @@
default['yum-ossec']['repositories'] = %w(atomic)

16
metadata.rb Normal file
View file

@ -0,0 +1,16 @@
name 'yum-ossec'
maintainer 'Eric Renfro'
maintainer_email 'psi-jack@linux-help.org'
license 'Apache 2.0'
description 'Installs and configures the Official OSSEC Repository'
long_description ''
version '0.1.1'
issues_url 'http://gogs.home.ld/Linux-Help/cookbook-yum-ossec/issues'
source_url 'http://gogs.home.ld/Linux-Help/cookbook-yum-ossec'
%w{ centos redhat oracle scientific }.each do |os|
supports os, '>= 5.0.0'
end
depends 'yum', '>= 3.2'

50
recipes/default.rb Normal file
View file

@ -0,0 +1,50 @@
#
# Author:: Eric Renfro (<psi-jack@linux-help.org>)
# Recipe:: yum-ossec::default
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
node['yum-ossec']['repositories'].each do |repo|
next unless node['yum'][repo]['managed']
yum_repository repo do
description node['yum'][repo]['description'] unless node['yum'][repo]['description'].nil?
baseurl node['yum'][repo]['baseurl'] unless node['yum'][repo]['baseurl'].nil?
mirrorlist node['yum'][repo]['mirrorlist'] unless node['yum'][repo]['mirrorlist'].nil?
gpgcheck node['yum'][repo]['gpgcheck'] unless node['yum'][repo]['gpgcheck'].nil?
gpgkey node['yum'][repo]['gpgkey'] unless node['yum'][repo]['gpgkey'].nil?
enabled node['yum'][repo]['enabled'] unless node['yum'][repo]['enabled'].nil?
cost node['yum'][repo]['cost'] unless node['yum'][repo]['cost'].nil?
exclude node['yum'][repo]['exclude'] unless node['yum'][repo]['exclude'].nil?
enablegroups node['yum'][repo]['enablegroups'] unless node['yum'][repo]['enablegroups'].nil?
failovermethod node['yum'][repo]['failovermethod'] unless node['yum'][repo]['failovermethod'].nil?
http_caching node['yum'][repo]['http_caching'] unless node['yum'][repo]['http_caching'].nil?
include_config node['yum'][repo]['include_config'] unless node['yum'][repo]['include_config'].nil?
includepkgs node['yum'][repo]['includepkgs'] unless node['yum'][repo]['includepkgs'].nil?
keepalive node['yum'][repo]['keepalive'] unless node['yum'][repo]['keepalive'].nil?
max_retries node['yum'][repo]['max_retries'] unless node['yum'][repo]['max_retries'].nil?
metadata_expire node['yum'][repo]['metadata_expire'] unless node['yum'][repo]['metadata_expire'].nil?
mirror_expire node['yum'][repo]['mirror_expire'] unless node['yum'][repo]['mirror_expire'].nil?
priority node['yum'][repo]['priority'] unless node['yum'][repo]['priority'].nil?
proxy node['yum'][repo]['proxy'] unless node['yum'][repo]['proxy'].nil?
proxy_username node['yum'][repo]['proxy_username'] unless node['yum'][repo]['proxy_username'].nil?
proxy_password node['yum'][repo]['proxy_password'] unless node['yum'][repo]['proxy_password'].nil?
repositoryid node['yum'][repo]['repositoryid'] unless node['yum'][repo]['repositoryid'].nil?
sslcacert node['yum'][repo]['sslcacert'] unless node['yum'][repo]['sslcacert'].nil?
sslclientcert node['yum'][repo]['sslclientcert'] unless node['yum'][repo]['sslclientcert'].nil?
sslclientkey node['yum'][repo]['sslclientkey'] unless node['yum'][repo]['sslclientkey'].nil?
sslverify node['yum'][repo]['sslverify'] unless node['yum'][repo]['sslverify'].nil?
timeout node['yum'][repo]['timeout'] unless node['yum'][repo]['timeout'].nil?
action :create
end
end