fmgonzalez/Vagrantfile

## bootstrap.sh
#!/bin/sh
# Remi Dependency on CentOS 6 and Red Hat (RHEL) 6
rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
# CentOS 6 and Red Hat (RHEL) 6
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

sudo yum -y update
sudo yum install -y mysql mysql-server

# Install base items
sudo yum install -y curl wget build-essential libaio gcc gcc-c++ make automake autoconf

# Update your PHP
sudo yum --enablerepo=remi -y install httpd php php-common
# Update your modules
sudo yum --enablerepo=remi -y install php-pecl-apc php-cli php-pear php-pdo php-mysql php-pgsql php-pecl-mongo php-sqlite php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml

# Install some edit sw
sudo yum install -y nano vim

sudo yum install -y git-core

echo ">>> Installing Composer"
# Composer
curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer
sudo chmod a+x /usr/local/bin/composer

# Set up the database
sudo service mysqld start
echo "CREATE DATABASE IF NOT EXISTS projectdb" | mysql -uroot
echo "CREATE USER 'projectdb_user'@'localhost' IDENTIFIED BY ''" | mysql -uroot
echo "GRANT ALL PRIVILEGES ON projectdb.* TO 'projectdb_user'@'localhost' IDENTIFIED BY ''" | mysql -uroot

echo ">>> Init the PHP project"
## Laravel proyect
## Change this with the project source (git, svn,...)
cd /var/www/html
composer create-project laravel/laravel --prefer-dist laravel
sudo chmod -R 755 /var/www/html/laravel/app/storage


#	For an SSL encrypted web server, we will need a few things
#	First we will check if mod_ssl and openssl are installed

# ------------------------------------------------------------------------------------------------- #
# IPTABLES
	# Configuring the firewall
	# In order to be able to navigate over our working
# Flushing rules and chains
sudo iptables -F

# Inbound traffic
sudo iptables -A INPUT -m state --state ESTABLISHED, RELATED -m comment --comment "Accept existents connections" -j ACCEPT
sudo iptables -A INPUT -p icmp -m comment --comment "Accept ping" -j ACCEPT
sudo iptables -A INPUT -i lo -m comment --comment  "Accept loopback (internas) connections" -j ACCEPT
sudo iptables -A INPUT -m state --state NEW -p tcp --dport 22 -m comment --comment "Accept inbound connections (ssh) in 22 port" -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 80 -m comment --comment "Accept HTTP requests" -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -m comment --comment "Accept HTTPS requests" -j ACCEPT

# Outbung traffic
sudo iptables -A OUTPUT -m state --state ESTABLISHED, RELATED -m comment --comment "Accept outbound existent connections" -j ACCEPT
sudo iptables -A OUTPUT -m state --state NEW -p tcp --dport 22 -m comment --comment "Accept outbound from 22 port (ssh)" -j ACCEPT

# Internal traffic
# sudo iptables -A FORWARD -m comment --comment "Accept all internal trafic" -j ACCEPT

# Save iptables changes
sudo service iptables save

# Reload iptables
sudo service iptables reload
# ------------------------------------------------------------------------------------------------- #


# SSL CONFIGURATION ------------------------------------------------------------------------------- #

# Installing mod_ssl and openssl
sudo yum install -y mod_ssl openssl

	# Generate a self-signed certificate
	# ************************ IMPORTANT NOTE ************************
	# IF YOU ARE GOING TO USE THIS FILE TO SET UP A PRODUCTION SERVER,
	# YOU PROBABLY WANT TO USE A KEY FROM A TRUSTED CERTIFICATE AUTHORITY

cd ~

# Generate private key
sudo openssl genrsa -out ca.key 2048  # Use ECC instead

# Generate CSR
sudo openssl req -new -key ca.key -out ca.csr -subj '/O=vagrant.local/OU=vagrant.local/CN=vagrant.local'
# O=Organization, OU: Organizational Unit, CN: Common Name

# Generate Self Signed key
sudo openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

# Move the files to the correct locations
sudo mv ca.crt /etc/pki/tls/certs
sudo mv ca.key /etc/pki/tls/private/ca.key
sudo mv ca.csr /etc/pki/tls/private/ca.csr

# Apache SSL configuration updating
#Change the paths to match where the Key file is stored. If you've used the method above it will be
sudo sed -i.bak -e 's%SSLCertificateFile /etc/pki/tls/certs/localhost.crt%SSLCertificateFile /etc/pki/tls/certs/ca.crt%'  /etc/httpd/conf.d/ssl.conf

#Then set the correct path for th
sudo sed -i.bak -e 's%SSLCertificateKeyFile /etc/pki/tls/private/localhost.key%SSLCertificateKeyFile /etc/pki/tls/private/ca.key%' /etc/httpd/conf.d/ssl.conf

# Adding DocumentRoot path to the ssl certificate
sudo sed -i.bkp '/<VirtualHost _default_:443>/a\DocumentRoot /var/www/html/' /etc/httpd/conf.d/ssl.conf
sudo sed -i.bkp '/<VirtualHost _default_:443>/a\ServerName vagrant.local/' /etc/httpd/conf.d/ssl.conf

# ------------------------------------------------------------------------------------------------- #
# SETTING APACHE UP
# Setting HTTP Virtual Host UP
sudo echo "NameVirtualHost *:80" >> /etc/httpd/conf/httpd.conf
sudo echo "<VirtualHost *:80>" >> /etc/httpd/conf/httpd.conf
sudo echo "		ServerAdmin fmgonzalez@vagrant.local" >> /etc/httpd/conf/httpd.conf
sudo echo "		DocumentRoot /var/www/html/public" >> /etc/httpd/conf/httpd.conf
sudo echo "		ServerName vagrant.local" >> /etc/httpd/conf/httpd.conf
sudo echo "		ServerAlias vagrant.local" >> /etc/httpd/conf/httpd.conf
sudo echo "		ErrorLog /var/www/html/logs/http_error.log" >> /etc/httpd/conf/httpd.conf
sudo echo "		CustomLog /var/www/html/logs/http_requests.log common" >> /etc/httpd/conf/httpd.conf
sudo echo "</VirtualHost>" >> /etc/httpd/conf/httpd.conf

# Setting HTTPS Virtual Host UP
sudo echo "NameVirtualHost *:443" >> /etc/httpd/conf/httpd.conf
sudo echo "<VirtualHost *:443>" >> /etc/httpd/conf/httpd.conf
sudo echo "		ServerName vagrant.local" >> /etc/httpd/conf/httpd.conf
sudo echo "		SSLEngine on" >> /etc/httpd/conf/httpd.conf
sudo echo "		SSLCertificateFile /etc/pki/tls/certs/ca.crt" >> /etc/httpd/conf/httpd.conf
sudo echo "		SSLCertificateKeyFile /etc/pki/tls/private/ca.key" >> /etc/httpd/conf/httpd.conf
sudo echo "		<Directory /var/www/html/public/>" >> /etc/httpd/conf/httpd.conf
sudo echo "		AllowOverride All" >> /etc/httpd/conf/httpd.conf
sudo echo "		</Directory>" >> /etc/httpd/conf/httpd.conf
sudo echo "		ErrorLog /var/www/html/logs/https_error.log" >> /etc/httpd/conf/httpd.conf
sudo echo "		CustomLog /var/www/html/logs/https_requests.log common" >> /etc/httpd/conf/httpd.conf
sudo echo "</VirtualHost>" >> /etc/httpd/conf/httpd.conf

sudo mkdir /var/www/html/logs

sudo chgrp apache /var/www/html/logs
sudo chmod g+w /var/www/html/logs

# apache start
sudo service httpd start

## Vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :

# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
VAGRANTFILE_API_VERSION = "2"

Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
  # All Vagrant configuration is done here. The most common configuration
  # options are documented and commented below. For a complete reference,
  # please see the online documentation at vagrantup.com.

  # Every Vagrant virtual environment requires a box to build off of.
  config.vm.box = "centos64"
  # The url from where the 'config.vm.box' box will be fetched if it
  # doesn't already exist on the user's system.
  config.vm.box_url = "http://developer.nrel.gov/downloads/vagrant-boxes/CentOS-6.4-i386-v20131103.box"
  # or the local resource to the box
  config.vm.box_url = "~/vagrant-boxes/CentOS-6.4-i386-v20131103.box"
  config.vm.provision :shell, :path => "bootstrap.sh"
  config.vm.network :forwarded_port, guest: 80, host: 8080

  # Create a private network, which allows host-only access to the machine
  # using a specific IP.
  config.vm.network :private_network, ip: "192.168.56.10", :netmask => "255.255.255.0"
  config.vm.hostname = "vagrant.local"

  # Synced folders are configured below
  config.vm.synced_folder "html/", "/var/www/html/"

  #https://github.com/mitchellh/vagrant/issues/713#issuecomment-4416384
  # config.vm.provider :virtualbox do |vb|

  # Disable automatic box update checking. If you disable this, then
  # boxes will only be checked for updates when the user runs
  # `vagrant box outdated`. This is not recommended.
  # config.vm.box_check_update = false

  # Create a forwarded port mapping which allows access to a specific port
  # within the machine from a port on the host machine. In the example below,
  # accessing "localhost:8080" will access port 80 on the guest machine.
  # config.vm.network "forwarded_port", guest: 80, host: 8080

  # Create a private network, which allows host-only access to the machine
  # using a specific IP.
  # config.vm.network "private_network", ip: "192.168.33.10"

  # Create a public network, which generally matched to bridged network.
  # Bridged networks make the machine appear as another physical device on
  # your network.
  # config.vm.network "public_network"

  # If true, then any SSH connections made will enable agent forwarding.
  # Default value: false
  # config.ssh.forward_agent = true

  # Share an additional folder to the guest VM. The first argument is
  # the path on the host to the actual folder. The second argument is
  # the path on the guest to mount the folder. And the optional third
  # argument is a set of non-required options.
  # config.vm.synced_folder "../data", "/vagrant_data"

  # Provider-specific configuration so you can fine-tune various
  # backing providers for Vagrant. These expose provider-specific options.
  # Example for VirtualBox:
  #
  # config.vm.provider "virtualbox" do |vb|
  #   # Don't boot with headless mode
  #   vb.gui = true
  #
  #   # Use VBoxManage to customize the VM. For example to change memory:
  #   vb.customize ["modifyvm", :id, "--memory", "1024"]
  # end
  #
  # View the documentation for the provider you're using for more
  # information on available options.

  # Enable provisioning with CFEngine. CFEngine Community packages are
  # automatically installed. For example, configure the host as a
  # policy server and optionally a policy file to run:
  #
  # config.vm.provision "cfengine" do |cf|
  #   cf.am_policy_hub = true
  #   # cf.run_file = "motd.cf"
  # end
  #
  # You can also configure and bootstrap a client to an existing
  # policy server:
  #
  # config.vm.provision "cfengine" do |cf|
  #   cf.policy_server_address = "10.0.2.15"
  # end

  # Enable provisioning with Puppet stand alone.  Puppet manifests
  # are contained in a directory path relative to this Vagrantfile.
  # You will need to create the manifests directory and a manifest in
  # the file default.pp in the manifests_path directory.
  #
  # config.vm.provision "puppet" do |puppet|
  #   puppet.manifests_path = "manifests"
  #   puppet.manifest_file  = "site.pp"
  # end

  # Enable provisioning with chef solo, specifying a cookbooks path, roles
  # path, and data_bags path (all relative to this Vagrantfile), and adding
  # some recipes and/or roles.
  #
  # config.vm.provision "chef_solo" do |chef|
  #   chef.cookbooks_path = "../my-recipes/cookbooks"
  #   chef.roles_path = "../my-recipes/roles"
  #   chef.data_bags_path = "../my-recipes/data_bags"
  #   chef.add_recipe "mysql"
  #   chef.add_role "web"
  #
  #   # You may also specify custom JSON attributes:
  #   chef.json = { mysql_password: "foo" }
  # end

  # Enable provisioning with chef server, specifying the chef server URL,
  # and the path to the validation key (relative to this Vagrantfile).
  #
  # The Opscode Platform uses HTTPS. Substitute your organization for
  # ORGNAME in the URL and validation key.
  #
  # If you have your own Chef Server, use the appropriate URL, which may be
  # HTTP instead of HTTPS depending on your configuration. Also change the
  # validation key to validation.pem.
  #
  # config.vm.provision "chef_client" do |chef|
  #   chef.chef_server_url = "https://api.opscode.com/organizations/ORGNAME"
  #   chef.validation_key_path = "ORGNAME-validator.pem"
  # end
  #
  # If you're using the Opscode platform, your validator client is
  # ORGNAME-validator, replacing ORGNAME with your organization name.
  #
  # If you have your own Chef Server, the default validation client name is
  # chef-validator, unless you changed the configuration.
  #
  #   chef.validation_client_name = "ORGNAME-validator"
end
	#!/bin/sh
	# Remi Dependency on CentOS 6 and Red Hat (RHEL) 6
	rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
	# CentOS 6 and Red Hat (RHEL) 6
	rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

	sudo yum -y update
	sudo yum install -y mysql mysql-server

	# Install base items
	sudo yum install -y curl wget build-essential libaio gcc gcc-c++ make automake autoconf

	# Update your PHP
	sudo yum --enablerepo=remi -y install httpd php php-common
	# Update your modules
	sudo yum --enablerepo=remi -y install php-pecl-apc php-cli php-pear php-pdo php-mysql php-pgsql php-pecl-mongo php-sqlite php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml

	# Install some edit sw
	sudo yum install -y nano vim

	sudo yum install -y git-core

	echo ">>> Installing Composer"
	# Composer
	curl -sS https://getcomposer.org/installer \| php
	sudo mv composer.phar /usr/local/bin/composer
	sudo chmod a+x /usr/local/bin/composer

	# Set up the database
	sudo service mysqld start
	echo "CREATE DATABASE IF NOT EXISTS projectdb" \| mysql -uroot
	echo "CREATE USER 'projectdb_user'@'localhost' IDENTIFIED BY ''" \| mysql -uroot
	echo "GRANT ALL PRIVILEGES ON projectdb.* TO 'projectdb_user'@'localhost' IDENTIFIED BY ''" \| mysql -uroot

	echo ">>> Init the PHP project"
	## Laravel proyect
	## Change this with the project source (git, svn,...)
	cd /var/www/html
	composer create-project laravel/laravel --prefer-dist laravel
	sudo chmod -R 755 /var/www/html/laravel/app/storage


	# For an SSL encrypted web server, we will need a few things
	# First we will check if mod_ssl and openssl are installed

	# ------------------------------------------------------------------------------------------------- #
	# IPTABLES
	# Configuring the firewall
	# In order to be able to navigate over our working
	# Flushing rules and chains
	sudo iptables -F

	# Inbound traffic
	sudo iptables -A INPUT -m state --state ESTABLISHED, RELATED -m comment --comment "Accept existents connections" -j ACCEPT
	sudo iptables -A INPUT -p icmp -m comment --comment "Accept ping" -j ACCEPT
	sudo iptables -A INPUT -i lo -m comment --comment "Accept loopback (internas) connections" -j ACCEPT
	sudo iptables -A INPUT -m state --state NEW -p tcp --dport 22 -m comment --comment "Accept inbound connections (ssh) in 22 port" -j ACCEPT
	sudo iptables -A INPUT -p tcp --dport 80 -m comment --comment "Accept HTTP requests" -j ACCEPT
	sudo iptables -A INPUT -p tcp --dport 443 -m comment --comment "Accept HTTPS requests" -j ACCEPT

	# Outbung traffic
	sudo iptables -A OUTPUT -m state --state ESTABLISHED, RELATED -m comment --comment "Accept outbound existent connections" -j ACCEPT
	sudo iptables -A OUTPUT -m state --state NEW -p tcp --dport 22 -m comment --comment "Accept outbound from 22 port (ssh)" -j ACCEPT

	# Internal traffic
	# sudo iptables -A FORWARD -m comment --comment "Accept all internal trafic" -j ACCEPT

	# Save iptables changes
	sudo service iptables save

	# Reload iptables
	sudo service iptables reload
	# ------------------------------------------------------------------------------------------------- #


	# SSL CONFIGURATION ------------------------------------------------------------------------------- #

	# Installing mod_ssl and openssl
	sudo yum install -y mod_ssl openssl

	# Generate a self-signed certificate
	# ********************** IMPORTANT NOTE **********************
	# IF YOU ARE GOING TO USE THIS FILE TO SET UP A PRODUCTION SERVER,
	# YOU PROBABLY WANT TO USE A KEY FROM A TRUSTED CERTIFICATE AUTHORITY

	cd ~

	# Generate private key
	sudo openssl genrsa -out ca.key 2048 # Use ECC instead

	# Generate CSR
	sudo openssl req -new -key ca.key -out ca.csr -subj '/O=vagrant.local/OU=vagrant.local/CN=vagrant.local'
	# O=Organization, OU: Organizational Unit, CN: Common Name

	# Generate Self Signed key
	sudo openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

	# Move the files to the correct locations
	sudo mv ca.crt /etc/pki/tls/certs
	sudo mv ca.key /etc/pki/tls/private/ca.key
	sudo mv ca.csr /etc/pki/tls/private/ca.csr

	# Apache SSL configuration updating
	#Change the paths to match where the Key file is stored. If you've used the method above it will be
	sudo sed -i.bak -e 's%SSLCertificateFile /etc/pki/tls/certs/localhost.crt%SSLCertificateFile /etc/pki/tls/certs/ca.crt%' /etc/httpd/conf.d/ssl.conf

	#Then set the correct path for th
	sudo sed -i.bak -e 's%SSLCertificateKeyFile /etc/pki/tls/private/localhost.key%SSLCertificateKeyFile /etc/pki/tls/private/ca.key%' /etc/httpd/conf.d/ssl.conf

	# Adding DocumentRoot path to the ssl certificate
	sudo sed -i.bkp '/<VirtualHost _default_:443>/a\DocumentRoot /var/www/html/' /etc/httpd/conf.d/ssl.conf
	sudo sed -i.bkp '/<VirtualHost _default_:443>/a\ServerName vagrant.local/' /etc/httpd/conf.d/ssl.conf

	# ------------------------------------------------------------------------------------------------- #
	# SETTING APACHE UP
	# Setting HTTP Virtual Host UP
	sudo echo "NameVirtualHost *:80" >> /etc/httpd/conf/httpd.conf
	sudo echo "<VirtualHost *:80>" >> /etc/httpd/conf/httpd.conf
	sudo echo " ServerAdmin fmgonzalez@vagrant.local" >> /etc/httpd/conf/httpd.conf
	sudo echo " DocumentRoot /var/www/html/public" >> /etc/httpd/conf/httpd.conf
	sudo echo " ServerName vagrant.local" >> /etc/httpd/conf/httpd.conf
	sudo echo " ServerAlias vagrant.local" >> /etc/httpd/conf/httpd.conf
	sudo echo " ErrorLog /var/www/html/logs/http_error.log" >> /etc/httpd/conf/httpd.conf
	sudo echo " CustomLog /var/www/html/logs/http_requests.log common" >> /etc/httpd/conf/httpd.conf
	sudo echo "</VirtualHost>" >> /etc/httpd/conf/httpd.conf

	# Setting HTTPS Virtual Host UP
	sudo echo "NameVirtualHost *:443" >> /etc/httpd/conf/httpd.conf
	sudo echo "<VirtualHost *:443>" >> /etc/httpd/conf/httpd.conf
	sudo echo " ServerName vagrant.local" >> /etc/httpd/conf/httpd.conf
	sudo echo " SSLEngine on" >> /etc/httpd/conf/httpd.conf
	sudo echo " SSLCertificateFile /etc/pki/tls/certs/ca.crt" >> /etc/httpd/conf/httpd.conf
	sudo echo " SSLCertificateKeyFile /etc/pki/tls/private/ca.key" >> /etc/httpd/conf/httpd.conf
	sudo echo " <Directory /var/www/html/public/>" >> /etc/httpd/conf/httpd.conf
	sudo echo " AllowOverride All" >> /etc/httpd/conf/httpd.conf
	sudo echo " </Directory>" >> /etc/httpd/conf/httpd.conf
	sudo echo " ErrorLog /var/www/html/logs/https_error.log" >> /etc/httpd/conf/httpd.conf
	sudo echo " CustomLog /var/www/html/logs/https_requests.log common" >> /etc/httpd/conf/httpd.conf
	sudo echo "</VirtualHost>" >> /etc/httpd/conf/httpd.conf

	sudo mkdir /var/www/html/logs

	sudo chgrp apache /var/www/html/logs
	sudo chmod g+w /var/www/html/logs

	# apache start
	sudo service httpd start
	# -- mode: ruby --
	# vi: set ft=ruby :

	# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
	VAGRANTFILE_API_VERSION = "2"

	Vagrant.configure(VAGRANTFILE_API_VERSION) do \|config\|
	# All Vagrant configuration is done here. The most common configuration
	# options are documented and commented below. For a complete reference,
	# please see the online documentation at vagrantup.com.

	# Every Vagrant virtual environment requires a box to build off of.
	config.vm.box = "centos64"
	# The url from where the 'config.vm.box' box will be fetched if it
	# doesn't already exist on the user's system.
	config.vm.box_url = "http://developer.nrel.gov/downloads/vagrant-boxes/CentOS-6.4-i386-v20131103.box"
	# or the local resource to the box
	config.vm.box_url = "~/vagrant-boxes/CentOS-6.4-i386-v20131103.box"
	config.vm.provision :shell, :path => "bootstrap.sh"
	config.vm.network :forwarded_port, guest: 80, host: 8080

	# Create a private network, which allows host-only access to the machine
	# using a specific IP.
	config.vm.network :private_network, ip: "192.168.56.10", :netmask => "255.255.255.0"
	config.vm.hostname = "vagrant.local"

	# Synced folders are configured below
	config.vm.synced_folder "html/", "/var/www/html/"

	#https://github.com/mitchellh/vagrant/issues/713#issuecomment-4416384
	# config.vm.provider :virtualbox do \|vb\|

	# Disable automatic box update checking. If you disable this, then
	# boxes will only be checked for updates when the user runs
	# `vagrant box outdated`. This is not recommended.
	# config.vm.box_check_update = false

	# Create a forwarded port mapping which allows access to a specific port
	# within the machine from a port on the host machine. In the example below,
	# accessing "localhost:8080" will access port 80 on the guest machine.
	# config.vm.network "forwarded_port", guest: 80, host: 8080

	# Create a private network, which allows host-only access to the machine
	# using a specific IP.
	# config.vm.network "private_network", ip: "192.168.33.10"

	# Create a public network, which generally matched to bridged network.
	# Bridged networks make the machine appear as another physical device on
	# your network.
	# config.vm.network "public_network"

	# If true, then any SSH connections made will enable agent forwarding.
	# Default value: false
	# config.ssh.forward_agent = true

	# Share an additional folder to the guest VM. The first argument is
	# the path on the host to the actual folder. The second argument is
	# the path on the guest to mount the folder. And the optional third
	# argument is a set of non-required options.
	# config.vm.synced_folder "../data", "/vagrant_data"

	# Provider-specific configuration so you can fine-tune various
	# backing providers for Vagrant. These expose provider-specific options.
	# Example for VirtualBox:
	#
	# config.vm.provider "virtualbox" do \|vb\|
	# # Don't boot with headless mode
	# vb.gui = true
	#
	# # Use VBoxManage to customize the VM. For example to change memory:
	# vb.customize ["modifyvm", :id, "--memory", "1024"]
	# end
	#
	# View the documentation for the provider you're using for more
	# information on available options.

	# Enable provisioning with CFEngine. CFEngine Community packages are
	# automatically installed. For example, configure the host as a
	# policy server and optionally a policy file to run:
	#
	# config.vm.provision "cfengine" do \|cf\|
	# cf.am_policy_hub = true
	# # cf.run_file = "motd.cf"
	# end
	#
	# You can also configure and bootstrap a client to an existing
	# policy server:
	#
	# config.vm.provision "cfengine" do \|cf\|
	# cf.policy_server_address = "10.0.2.15"
	# end

	# Enable provisioning with Puppet stand alone. Puppet manifests
	# are contained in a directory path relative to this Vagrantfile.
	# You will need to create the manifests directory and a manifest in
	# the file default.pp in the manifests_path directory.
	#
	# config.vm.provision "puppet" do \|puppet\|
	# puppet.manifests_path = "manifests"
	# puppet.manifest_file = "site.pp"
	# end

	# Enable provisioning with chef solo, specifying a cookbooks path, roles
	# path, and data_bags path (all relative to this Vagrantfile), and adding
	# some recipes and/or roles.
	#
	# config.vm.provision "chef_solo" do \|chef\|
	# chef.cookbooks_path = "../my-recipes/cookbooks"
	# chef.roles_path = "../my-recipes/roles"
	# chef.data_bags_path = "../my-recipes/data_bags"
	# chef.add_recipe "mysql"
	# chef.add_role "web"
	#
	# # You may also specify custom JSON attributes:
	# chef.json = { mysql_password: "foo" }
	# end

	# Enable provisioning with chef server, specifying the chef server URL,
	# and the path to the validation key (relative to this Vagrantfile).
	#
	# The Opscode Platform uses HTTPS. Substitute your organization for
	# ORGNAME in the URL and validation key.
	#
	# If you have your own Chef Server, use the appropriate URL, which may be
	# HTTP instead of HTTPS depending on your configuration. Also change the
	# validation key to validation.pem.
	#
	# config.vm.provision "chef_client" do \|chef\|
	# chef.chef_server_url = "https://api.opscode.com/organizations/ORGNAME"
	# chef.validation_key_path = "ORGNAME-validator.pem"
	# end
	#
	# If you're using the Opscode platform, your validator client is
	# ORGNAME-validator, replacing ORGNAME with your organization name.
	#
	# If you have your own Chef Server, the default validation client name is
	# chef-validator, unless you changed the configuration.
	#
	# chef.validation_client_name = "ORGNAME-validator"
	end