Skip to content
/ mw_server_base Public

Cookbook to apply the minimal configuration we want to have on every server.

License

Apache-2.0 license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Mikroways/mw_server_base

BranchesTags

Repository files navigation

MW Server Base Cookbook

Build Status

This cookbook has some recipes to set up the minimal configuration we need to have on every server.

Requirements

  • Chef 12 or higher.
  • Network accessible package repositories.

Platform Support

The following platforms have been tested with Test Kitchen:

  • Debian 7.
  • Ubuntu 12.04.
  • Ubuntu 14.04.
  • CentOS 6.4.
  • CentOS 7.1.

Cookbook Dependencies

  • apt
  • chef-vault
  • fail2ban
  • locale
  • ntp
  • openssh
  • postfix
  • rsyslog
  • simple_iptables
  • sudo
  • timezone_lwrp
  • users
  • yum-epel

Recipes Overview

This cookbook provides the following recipes:

  • basic_packages: installs a list of some packages which are important for us to have in our servers.
  • default: includes setup and postfix recipes.
  • postfix: installs Postfix and configures it as a smarthost to use another server as a relay. Useful to receive server notifications.
  • security: sets up OpenSSH with some customizations for better security and installs Fail2ban. This recipe is the only one that is not included when using default recipe.
  • setup: includes basic_packages and users recipes, along with apt, locale, ntp and rsyslog. It also configures the timezone.
  • users: creates system users with root privileges using sudo.

Usage

Place a dependency on the mw_server_base cookbook in your cookbook's metadata.rb:

depends 'mw_server_base', '~> 0.1'

After that, if you are setting up a regular server, include in your run list mw_server_base. If the server is a mailserver, then you should put mw_server_base::setup in your run list instead, which excludes postfix recipe. If you need to apply the security customizations, then explicitly include mw_server_base::security as it's not included by any other recipe.

About mirrors

Mirrors are not configured within this cookbook because the would normally be implemented in the machine template used. That being not the case, you could easily add debian or ubuntu cookbook to set the mirrors.

License & Authors

Copyright:: 2016 Mikroways

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

About

Cookbook to apply the minimal configuration we want to have on every server.

Topics

devops server recipe chef cookbooks ntp openssh fail2ban

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

1 fork
Report repository

Releases

1 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages