include_recipe "networking"
-if node[:lsb][:release].to_f < 12.04
- package_name = "dhcp3-server"
- config_file = "/etc/dhcp3/dhcpd.conf"
-else
- package_name = "isc-dhcp-server"
- config_file = "/etc/dhcp/dhcpd.conf"
-end
-
-package package_name
+package "isc-dhcp-server"
domain = "#{node[:networking][:roles][:external][:zone]}.openstreetmap.org"
-template config_file do
+template "/etc/dhcp/dhcpd.conf" do
source "dhcpd.conf.erb"
owner "root"
group "root"
variables :domain => domain
end
-service package_name do
+service "isc-dhcp-server" do
action [ :enable, :start ]
supports :status => true, :restart => true
- subscribes :restart, resources(:template => config_file)
+ subscribes :restart, "template[/etc/dhcp/dhcpd.conf]"
end
dest "fw"
proto "icmp"
dest_ports "echo-request"
- if node[:lsb][:release].to_f >= 10.04
- rate_limit "s:1/sec:5"
- else
- rate_limit "1/sec:5"
- end
+ rate_limit "s:1/sec:5"
end
[ "ucl", "ic", "bm" ].each do |zone|
dest "fw"
proto "ipv6-icmp"
dest_ports "echo-request"
- if node[:lsb][:release].to_f >= 10.04
- rate_limit "s:1/sec:5"
- else
- rate_limit "1/sec:5"
- end
+ rate_limit "s:1/sec:5"
end
end
notifies :restart, resources(:service => "ntp")
end
-munin_plugins = []
+munin_plugins = [ "ntp_kernel_err", "ntp_kernel_pll_freq", "ntp_kernel_pll_off", "ntp_offset" ]
-if node[:lsb][:release].to_f <= 8.04
- munin_plugins = [ "ntp_states" ]
-
- node[:ntp][:servers].each do |name|
- name = Socket.gethostbyname(name)[0].gsub!(/[.-]/, "_")
-
- munin_plugin "ntp_#{name}" do
- target "ntp_"
- end
-
- munin_plugins.push("ntp_#{name}")
- end
-
- munin_plugin "ntp_states"
-else
- munin_plugins = [ "ntp_kernel_err", "ntp_kernel_pll_freq", "ntp_kernel_pll_off", "ntp_offset" ]
-
- munin_plugin "ntp_kernel_err"
- munin_plugin "ntp_kernel_pll_freq"
- munin_plugin "ntp_kernel_pll_off"
- munin_plugin "ntp_offset"
-end
+munin_plugin "ntp_kernel_err"
+munin_plugin "ntp_kernel_pll_freq"
+munin_plugin "ntp_kernel_pll_off"
+munin_plugin "ntp_offset"
if File.directory?("/etc/munin/plugins")
Dir.new("/etc/munin/plugins").each do |plugin|
service "ssh" do
action [ :enable, :start ]
- if node[:lsb][:release].to_f >= 10.04
- supports :status => true, :restart => true, :reload => true
- else
- supports :restart => true, :reload => true
- end
+ supports :status => true, :restart => true, :reload => true
end
hosts = search(:node, "networking:interfaces").sort_by do |node|
action :install
end
-if node[:lsb][:release].to_f <= 8.04
- sysctl_template = "sysctl.conf.erb"
- sysctl_conf = "/etc/sysctl.conf"
-else
- directory "/etc/sysctl.d" do
- owner "root"
- group "root"
- mode 0755
- end
-
- sysctl_template = "chef.conf.erb"
- sysctl_conf = "/etc/sysctl.d/60-chef.conf"
+directory "/etc/sysctl.d" do
+ owner "root"
+ group "root"
+ mode 0755
end
execute "sysctl" do
action :nothing
- command "/sbin/sysctl -p #{sysctl_conf}"
+ command "/sbin/sysctl -p /etc/sysctl.d/60-chef.conf"
end
-template sysctl_conf do
- source sysctl_template
+template "/etc/sysctl.d/60-chef.conf" do
+ source "chef.conf.erb"
owner "root"
group "root"
mode 0644
+++ /dev/null
-# DO NOT EDIT - This file is being maintained by Chef
-
-# Stop low-level messages on console
-kernel.printk = 4 4 1 7
-
-# Enable /proc/$pid/maps privacy so that memory relocations are not
-# visible to other users. (Added in kernel 2.6.22.)
-kernel.maps_protect = 1
-
-# Protect the zero page of memory from userspace mmap to prevent kernel
-# NULL-dereference attacks against potential future kernel security
-# vulnerabilities. (Added in kernel 2.6.23.)
-#
-# While this default is built into the Ubuntu kernel, there is no way to
-# restore the kernel default if the value is changed during runtime; for
-# example via package removal (e.g. wine, dosemu). Therefore, this value
-# is reset to the secure default each time the sysctl values are loaded.
-vm.mmap_min_addr = 65536
-
-# Turn on Source Address Verification in all interfaces to
-# prevent some spoofing attacks.
-net.ipv4.conf.default.rp_filter = 1
-net.ipv4.conf.all.rp_filter = 1
-<% node[:sysctl].each do |name,group| -%>
-
-# <%= group[:comment] %>
-<% group[:parameters].each do |key,value| -%>
-<%= key %> = <%= value %>
-<% end -%>
-<% end -%>
package "numactl"
package "xfsprogs"
package "sysv-rc-conf"
-
-if node[:lsb][:release].to_f >= 10.04
- package "iotop"
-end
+package "iotop"
if node[:lsb][:release].to_f <= 11.04
package "lslk"
package "libboost-regex-dev"
package "libboost-program-options-dev"
package "libboost-date-time-dev"
+package "libpqxx3-dev"
package "zlib1g-dev"
-if node[:lsb][:release].to_f < 12.04
- package "libpqxx-dev"
-else
- package "libpqxx3-dev"
-end
-
cgimap_directory = "#{node[:web][:base_directory]}/cgimap"
pid_directory = node[:web][:pid_directory]
log_directory = node[:web][:log_directory]
projects / chef.git / commitdiff