Grid環境構築用のChefリポジトリです。
Revisión | e0627c6ec25cb8b4437eec84c4b8b616ec97923f (tree) |
---|---|
Tiempo | 2016-01-16 12:24:49 |
Autor | whitestar <whitestar@gaea...> |
Commiter | whitestar |
add commons::tcp_wrappers recipe.
@@ -1,6 +1,10 @@ | ||
1 | 1 | commons CHANGELOG |
2 | 2 | ================= |
3 | 3 | |
4 | +0.4.0 | |
5 | +----- | |
6 | +- add tcp_wrappers recipe. | |
7 | + | |
4 | 8 | 0.3.1 |
5 | 9 | ----- |
6 | 10 | - add some recipes. |
@@ -10,8 +10,11 @@ Requirements | ||
10 | 10 | |
11 | 11 | Attributes |
12 | 12 | ---------- |
13 | - | |
14 | -Nothing. | |
13 | +#### commons::default | |
14 | +|Key|Type|Description (with examples)|Default| | |
15 | +|:--|:--|:--|:--| | |
16 | +|`['commons']['tcp_wrappers']['host_allow']`|Array|Entries in /etc/hosts.allow (ver. 0.4.0 or later)|`[]`| | |
17 | +|`['commons']['tcp_wrappers']['host_deny']`|Array|Entries in /etc/hosts.deny (ver. 0.4.0 or later)|`[]`| | |
15 | 18 | |
16 | 19 | Usage |
17 | 20 | ----- |
@@ -24,12 +27,13 @@ Usage | ||
24 | 27 | - `Commons::PackageUtils::get_libbz2_pkg_name` |
25 | 28 | |
26 | 29 | #### recipes |
27 | -- `commons::apt` - | |
30 | +- `commons::apt` - sets up APT for Chef. | |
28 | 31 | - `commons::crond` - installs cron package and enables & starts the service. |
29 | 32 | - `commons::httpd` - installs httpd package and enables & starts the service. |
30 | 33 | - `commons::ntpd` - installs ntpd package and enables & starts the service. |
31 | 34 | - `commons::platform_update` - updates all packages for platform. |
32 | -- `commons::yum-epel` - | |
35 | +- `commons::tcp_wrappers` - sets up hosts.allow and hosts.deny. (ver. 0.4.0 or later) | |
36 | +- `commons::yum-epel` - installs YUM EPEL repository configuration. | |
33 | 37 | |
34 | 38 | License and Authors |
35 | 39 | ------------------- |
@@ -0,0 +1,22 @@ | ||
1 | +# | |
2 | +# Cookbook Name:: commons | |
3 | +# Attributes:: default | |
4 | +# | |
5 | +# Copyright 2016, whitestar | |
6 | +# | |
7 | +# Licensed under the Apache License, Version 2.0 (the "License"); | |
8 | +# you may not use this file except in compliance with the License. | |
9 | +# You may obtain a copy of the License at | |
10 | +# | |
11 | +# http://www.apache.org/licenses/LICENSE-2.0 | |
12 | +# | |
13 | +# Unless required by applicable law or agreed to in writing, software | |
14 | +# distributed under the License is distributed on an "AS IS" BASIS, | |
15 | +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
16 | +# See the License for the specific language governing permissions and | |
17 | +# limitations under the License. | |
18 | +# | |
19 | + | |
20 | +default['commons']['tcp_wrappers']['hosts_allow'] = [] | |
21 | +default['commons']['tcp_wrappers']['hosts_deny'] = [] | |
22 | + |
@@ -4,7 +4,7 @@ maintainer_email '' | ||
4 | 4 | license 'Apache 2.0' |
5 | 5 | description 'Installs/Configures commons' |
6 | 6 | long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) |
7 | -version '0.3.1' | |
7 | +version '0.4.0' | |
8 | 8 | |
9 | 9 | %w{ debian ubuntu centos redhat fedora }.each do |os| |
10 | 10 | supports os |
@@ -0,0 +1,31 @@ | ||
1 | +# | |
2 | +# Cookbook Name:: commons | |
3 | +# Recipe:: tcp_wrappers | |
4 | +# | |
5 | +# Copyright 2016, whitestar | |
6 | +# | |
7 | +# Licensed under the Apache License, Version 2.0 (the "License"); | |
8 | +# you may not use this file except in compliance with the License. | |
9 | +# You may obtain a copy of the License at | |
10 | +# | |
11 | +# http://www.apache.org/licenses/LICENSE-2.0 | |
12 | +# | |
13 | +# Unless required by applicable law or agreed to in writing, software | |
14 | +# distributed under the License is distributed on an "AS IS" BASIS, | |
15 | +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
16 | +# See the License for the specific language governing permissions and | |
17 | +# limitations under the License. | |
18 | +# | |
19 | + | |
20 | +[ | |
21 | + 'hosts.allow', | |
22 | + 'hosts.deny', | |
23 | +].each {|conf| | |
24 | + template "/etc/#{conf}" do | |
25 | + source "etc/#{conf}" | |
26 | + owner 'root' | |
27 | + group 'root' | |
28 | + mode '0644' | |
29 | + end | |
30 | +} | |
31 | + |
@@ -0,0 +1,17 @@ | ||
1 | +# /etc/hosts.allow: list of hosts that are allowed to access the system. | |
2 | +# See the manual pages hosts_access(5) and hosts_options(5). | |
3 | +# | |
4 | +# Example: ALL: LOCAL @some_netgroup | |
5 | +# ALL: .foobar.edu EXCEPT terminalserver.foobar.edu | |
6 | +# | |
7 | +# If you're going to protect the portmapper use the name "portmap" for the | |
8 | +# daemon name. Remember that you can only use the keyword "ALL" and IP | |
9 | +# addresses (NOT host or domain names) for the portmapper, as well as for | |
10 | +# rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8) | |
11 | +# for further information. | |
12 | +# | |
13 | + | |
14 | +<% node['commons']['tcp_wrappers']['hosts_allow'].each {|entry| -%> | |
15 | +<%= entry %> | |
16 | +<% } -%> | |
17 | + |
@@ -0,0 +1,24 @@ | ||
1 | +# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system. | |
2 | +# See the manual pages hosts_access(5) and hosts_options(5). | |
3 | +# | |
4 | +# Example: ALL: some.host.name, .some.domain | |
5 | +# ALL EXCEPT in.fingerd: other.host.name, .other.domain | |
6 | +# | |
7 | +# If you're going to protect the portmapper use the name "portmap" for the | |
8 | +# daemon name. Remember that you can only use the keyword "ALL" and IP | |
9 | +# addresses (NOT host or domain names) for the portmapper, as well as for | |
10 | +# rpc.mountd (the NFS mount daemon). See portmap(8) and rpc.mountd(8) | |
11 | +# for further information. | |
12 | +# | |
13 | +# The PARANOID wildcard matches any host whose name does not match its | |
14 | +# address. | |
15 | +# | |
16 | +# You may wish to enable this to ensure any programs that don't | |
17 | +# validate looked up hostnames still leave understandable logs. In past | |
18 | +# versions of Debian this has been the default. | |
19 | +# ALL: PARANOID | |
20 | + | |
21 | +<% node['commons']['tcp_wrappers']['hosts_deny'].each {|entry| -%> | |
22 | +<%= entry %> | |
23 | +<% } -%> | |
24 | + |