From eb5d72cf8fc03b77ddb43d136ff4b7aafdb9301d Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Sun, 10 May 2026 15:59:25 +0100 Subject: [PATCH] Switch to using CINC for the chef server --- cookbooks/chef/attributes/default.rb | 2 +- cookbooks/chef/recipes/server.rb | 47 ++++++++++--------- .../templates/default/server-backup.cron.erb | 16 +++---- 3 files changed, 34 insertions(+), 31 deletions(-) diff --git a/cookbooks/chef/attributes/default.rb b/cookbooks/chef/attributes/default.rb index 9b1ed6787..219af372d 100644 --- a/cookbooks/chef/attributes/default.rb +++ b/cookbooks/chef/attributes/default.rb @@ -1,5 +1,5 @@ # Set the default server version -default[:chef][:server][:version] = "15.9.38" +default[:chef][:server][:version] = "15.10.91" # Set the default client version default[:chef][:client][:version] = "18.8.54" diff --git a/cookbooks/chef/recipes/server.rb b/cookbooks/chef/recipes/server.rb index d5923ccb6..c4af4e92b 100644 --- a/cookbooks/chef/recipes/server.rb +++ b/cookbooks/chef/recipes/server.rb @@ -22,11 +22,14 @@ include_recipe "chef::knife" # cache_dir = Chef::Config[:file_cache_path] # -# chef_version = node[:chef][:server][:version] -# chef_package = "chef-server-core_#{chef_version}-1_amd64.deb" +# cinc_version = node[:chef][:server][:version] # -# Dir.glob("#{cache_dir}/chef-server-core_*.deb").each do |deb| -# next if deb == "#{cache_dir}/#{chef_package}" +# cinc_package = "cinc-server-core_#{cinc_version}-1_amd64.deb" +# +# os_release = node[:lsb][:release] +# +# Dir.glob("#{cache_dir}/cinc-server-core_*.deb").each do |deb| +# next if deb == "#{cache_dir}/#{cinc_package}" # # file deb do # action :delete @@ -34,51 +37,51 @@ include_recipe "chef::knife" # end # end # -# remote_file "#{cache_dir}/#{chef_package}" do -# source "https://packages.chef.io/files/stable/chef-server/#{chef_version}/ubuntu/22.04/chef-server-core_#{chef_version}-1_amd64.deb" +# remote_file "#{cache_dir}/#{cinc_package}" do +# source "https://downloads.cinc.sh/files/stable/cinc-server/#{cinc_version}/debian/#{os_release}/cinc-server-core_#{cinc_version}-1_amd64.deb" # owner "root" # group "root" # mode 0644 # backup false # end # -# dpkg_package "chef-server-core" do -# source "#{cache_dir}/#{chef_package}" -# version "#{chef_version}-1" -# notifies :run, "execute[chef-server-reconfigure]" +# dpkg_package "cinc-server-core" do +# source "#{cache_dir}/#{cinc_package}" +# version "#{cinc_version}-1" +# notifies :run, "execute[cinc-server-reconfigure]" # end -template "/etc/opscode/chef-server.rb" do +template "/etc/cinc-project/cinc-server.rb" do source "server.rb.erb" owner "root" group "root" mode "640" - notifies :run, "execute[chef-server-reconfigure]" + notifies :run, "execute[cinc-server-reconfigure]" end -execute "chef-server-reconfigure" do +execute "cinc-server-reconfigure" do action :nothing - command "chef-server-ctl reconfigure" + command "cinc-server-ctl reconfigure" user "root" group "root" end -execute "chef-server-restart" do +execute "cinc-server-restart" do action :nothing - command "chef-server-ctl restart" + command "cinc-server-ctl restart" user "root" group "root" end -systemd_service "chef-server" do - description "Chef server" +systemd_service "cinc-server" do + description "CINC server" after "network.target" exec_start "/opt/opscode/embedded/bin/runsvdir-start" end -service "chef-server" do +service "cinc-server" do action [:enable, :start] - subscribes :restart, "systemd_service[chef-server]" + subscribes :restart, "systemd_service[cinc-server]" end apache_module "alias" @@ -87,14 +90,14 @@ apache_module "proxy_http" ssl_certificate "chef.openstreetmap.org" do domains ["chef.openstreetmap.org", "chef.osm.org"] notifies :reload, "service[apache2]" - notifies :run, "execute[chef-server-restart]" + notifies :run, "execute[cinc-server-restart]" end apache_site "chef.openstreetmap.org" do template "apache.erb" end -template "/etc/cron.daily/chef-server-backup" do +template "/etc/cron.daily/cinc-server-backup" do source "server-backup.cron.erb" owner "root" group "root" diff --git a/cookbooks/chef/templates/default/server-backup.cron.erb b/cookbooks/chef/templates/default/server-backup.cron.erb index 44b41ae1a..9e43b3d21 100644 --- a/cookbooks/chef/templates/default/server-backup.cron.erb +++ b/cookbooks/chef/templates/default/server-backup.cron.erb @@ -5,19 +5,19 @@ set -euo pipefail export ZSTD_CLEVEL=16 -T=$(mktemp -d -t -p /var/tmp chef-server.XXXXXXXXXX) +T=$(mktemp -d -t -p /var/tmp cinc-server.XXXXXXXXXX) D=$(date +%Y-%m-%d) -B="chef-server-$D.tar.zst" +B="cinc-server-$D.tar.zst" -mkdir "$T/chef-server-$D" -chgrp opscode-pgsql "$T" "$T/chef-server-$D" -chmod g+rwx "$T" "$T/chef-server-$D" -sudo -u opscode-pgsql /opt/opscode/embedded/bin/pg_dumpall --file="$T/chef-server-$D/chef.dmp" --clean -ln -s /var/opt/opscode/bookshelf/data "$T/chef-server-$D/bookshelf" +mkdir "$T/cinc-server-$D" +chgrp opscode-pgsql "$T" "$T/cinc-server-$D" +chmod g+rwx "$T" "$T/cinc-server-$D" +sudo -u opscode-pgsql /opt/cinc-project/embedded/bin/pg_dumpall --file="$T/cinc-server-$D/cinc.dmp" --clean +ln -s /var/opt/opscode/bookshelf/data "$T/cinc-server-$D/bookshelf" nice tar --create --dereference --directory="$T" \ --sort=name \ - "chef-server-$D" | nice zstd -T0 --quiet --long --rsyncable -o "$T/$B" + "cinc-server-$D" | nice zstd -T0 --quiet --long --rsyncable -o "$T/$B" nice rsync --preallocate --fuzzy "$T/$B" backup.openstreetmap.org::backup -- 2.39.5