fnichol/macosx_bootstrap.sh

## macosx_bootstrap.sh
#!/usr/bin/env bash
set -e

# # Mac OS X 10.7/10.8/10.9/10.10 Bootstrapping
#
# ## Pre-requisites
#
# 1.  Set your hostname: In **System Preferences** go to **Sharing** and enter
#     the name in **Computer Name**
# 2.  Run **Software Update** and reboot if necessary
#
# ## Running
#
#     cd $HOME
#     curl -sLO https://gist.githubusercontent.com/fnichol/1100372/raw/macosx_bootstrap.sh
#     chmod 755 macosx_bootstrap.sh
#     ./macosx_bootstrap.sh
#

: ${OMNIBUS_ROOT:=/opt/chef}
: ${OMNIBUS_URL:="https://www.chef.io/chef/install.sh"}
: ${SERVER_URL:=}
: ${CHEF_CLIENT_ARGS:=}

log()   { printf -- "-----> $*\n" ; return $? ; }
fail()  { printf -- "\nERROR: $*\n" ; exit 1 ; }

get_sudo() {
  sudo -v
}

# Keep-alive: update existing sudo time stamp if set, otherwise do nothing.
# See: https://gist.github.com/cowboy/3118588
keep_sudo() {
  while true; do
    sudo -n true; sleep 60; kill -0 "$$" || exit
  done 2>/dev/null &
}

prompt_for_client_rb_details() {
  printf "\nEnter full node name [ex: bubbles, crank.example.com]\n> "
  read NODE_NAME

  if [[ -z "$SERVER_URL" ]] ; then
    printf "\nEnter Chef Server URL "
    printf "[default: https://api.opscode.com/organizations/YOURORGNAME]\n> "
    read SERVER_URL

    if [[ -z "$SERVER_URL" ]] ; then
      printf "\nEnter Hosted Chef Orgname\n> "
      read ORGNAME
      SERVER_URL="https://api.opscode.com/organizations/$ORGNAME"
    else
      ORGNAME="chef"
    fi
  else
    ORGNAME="chef"
  fi

  log "Using Chef Server [${SERVER_URL}]"
}

create_client_rb() {
  if [[ -f "/etc/chef/client.rb" ]] ; then
    log "File /etc/chef/client.rb already exists, so we will use it"
    return 0
  fi

  log "Creating /etc/chef/client.rb"
  prompt_for_client_rb_details
  sudo mkdir -p /etc/chef
  cat <<CLIENT_RB | sudo tee /etc/chef/client.rb >/dev/null
log_level               :info
log_location            "/var/log/chef-client.log"
trusted_certs_dir       ::File.join(::File.dirname(client_key), 'trusted_certs')
chef_server_url         '$SERVER_URL'
validation_client_name  '${ORGNAME}-validator'
node_name               '$NODE_NAME'
CLIENT_RB
  sudo chmod 644 /etc/chef/client.rb
}

create_validation_pem() {
  if [[ -f "/etc/chef/validation.pem" ]] ; then
    log "File /etc/chef/validation.pem already exists, so we will use it"
    return 0
  fi
  if [[ -f "/etc/chef/client.pem" ]] ; then
    log "File /etc/chef/client.pem exists, so we will not create validation.pem"
    return 0
  fi

  sudo mkdir -p /etc/chef

  log "Creating /etc/chef/validation.pem key [$KEY]"
  printf "\nPaste in the validation.pem file contents, followed by one blank line\n> "
  while read line ; do
    if [[ -z "$line" ]] ; then
      break
    else
      echo "$line" | sudo tee -a /etc/chef/validation.pem >/dev/null
    fi
  done ; unset line
  sudo chmod 0600 /etc/chef/validation.pem
}

create_trusted_cert() {
  if ls -1 /etc/chef/trusted_certs/*.crt 2>/dev/null ; then
    log "Trusted certs already exist in /etc/chef/trusted_certs, so we will use them"
    return 0
  fi

  log "Fetching server SSL certificate"
  sudo $OMNIBUS_ROOT/bin/knife ssl fetch --config /etc/chef/client.rb
}

install_chef() {
  if [[ -f $OMNIBUS_ROOT/bin/chef-client ]] ; then
    log "Omnibus Chef installation detected, skipping install"
    return 0
  fi

  log "Downloading and installing Omnibus Chef"
  curl -L $OMNIBUS_URL | sudo -E bash
}

run_chef_client() {
  cmd="$OMNIBUS_ROOT/bin/chef-client"
  if [[ -n "$CHEF_CLIENT_ARGS" ]] ; then
    cmd="$cmd $CHEF_CLIENT_ARGS"
  fi
  log "Executing chef-client run with: [$cmd]"
  time (sudo -E $cmd)
}

cleanup_validation() {
  if [[ ! -f "/etc/chef/client.pem" ]] ; then
    log "/etc/chef/client.pem not created, so not removing validation.pem"
  else
    log "Removing /etc/chef/validation.pem"
    sudo rm -f /etc/chef/validation.pem
  fi
}

get_sudo
keep_sudo
install_chef
create_client_rb
create_validation_pem
create_trusted_cert
run_chef_client
cleanup_validation

log "Bootstrap complete."

exit $?
	#!/usr/bin/env bash
	set -e

	# # Mac OS X 10.7/10.8/10.9/10.10 Bootstrapping
	#
	# ## Pre-requisites
	#
	# 1. Set your hostname: In System Preferences go to Sharing and enter
	# the name in Computer Name
	# 2. Run Software Update and reboot if necessary
	#
	# ## Running
	#
	# cd $HOME
	# curl -sLO https://gist.githubusercontent.com/fnichol/1100372/raw/macosx_bootstrap.sh
	# chmod 755 macosx_bootstrap.sh
	# ./macosx_bootstrap.sh
	#

	: ${OMNIBUS_ROOT:=/opt/chef}
	: ${OMNIBUS_URL:="https://www.chef.io/chef/install.sh"}
	: ${SERVER_URL:=}
	: ${CHEF_CLIENT_ARGS:=}

	log() { printf -- "-----> $*\n" ; return $? ; }
	fail() { printf -- "\nERROR: $*\n" ; exit 1 ; }

	get_sudo() {
	sudo -v
	}

	# Keep-alive: update existing sudo time stamp if set, otherwise do nothing.
	# See: https://gist.github.com/cowboy/3118588
	keep_sudo() {
	while true; do
	sudo -n true; sleep 60; kill -0 "$$" \|\| exit
	done 2>/dev/null &
	}

	prompt_for_client_rb_details() {
	printf "\nEnter full node name [ex: bubbles, crank.example.com]\n> "
	read NODE_NAME

	if [[ -z "$SERVER_URL" ]] ; then
	printf "\nEnter Chef Server URL "
	printf "[default: https://api.opscode.com/organizations/YOURORGNAME]\n> "
	read SERVER_URL

	if [[ -z "$SERVER_URL" ]] ; then
	printf "\nEnter Hosted Chef Orgname\n> "
	read ORGNAME
	SERVER_URL="https://api.opscode.com/organizations/$ORGNAME"
	else
	ORGNAME="chef"
	fi
	else
	ORGNAME="chef"
	fi

	log "Using Chef Server [${SERVER_URL}]"
	}

	create_client_rb() {
	if [[ -f "/etc/chef/client.rb" ]] ; then
	log "File /etc/chef/client.rb already exists, so we will use it"
	return 0
	fi

	log "Creating /etc/chef/client.rb"
	prompt_for_client_rb_details
	sudo mkdir -p /etc/chef
	cat <<CLIENT_RB \| sudo tee /etc/chef/client.rb >/dev/null
	log_level :info
	log_location "/var/log/chef-client.log"
	trusted_certs_dir ::File.join(::File.dirname(client_key), 'trusted_certs')
	chef_server_url '$SERVER_URL'
	validation_client_name '${ORGNAME}-validator'
	node_name '$NODE_NAME'
	CLIENT_RB
	sudo chmod 644 /etc/chef/client.rb
	}

	create_validation_pem() {
	if [[ -f "/etc/chef/validation.pem" ]] ; then
	log "File /etc/chef/validation.pem already exists, so we will use it"
	return 0
	fi
	if [[ -f "/etc/chef/client.pem" ]] ; then
	log "File /etc/chef/client.pem exists, so we will not create validation.pem"
	return 0
	fi

	sudo mkdir -p /etc/chef

	log "Creating /etc/chef/validation.pem key [$KEY]"
	printf "\nPaste in the validation.pem file contents, followed by one blank line\n> "
	while read line ; do
	if [[ -z "$line" ]] ; then
	break
	else
	echo "$line" \| sudo tee -a /etc/chef/validation.pem >/dev/null
	fi
	done ; unset line
	sudo chmod 0600 /etc/chef/validation.pem
	}

	create_trusted_cert() {
	if ls -1 /etc/chef/trusted_certs/*.crt 2>/dev/null ; then
	log "Trusted certs already exist in /etc/chef/trusted_certs, so we will use them"
	return 0
	fi

	log "Fetching server SSL certificate"
	sudo $OMNIBUS_ROOT/bin/knife ssl fetch --config /etc/chef/client.rb
	}

	install_chef() {
	if [[ -f $OMNIBUS_ROOT/bin/chef-client ]] ; then
	log "Omnibus Chef installation detected, skipping install"
	return 0
	fi

	log "Downloading and installing Omnibus Chef"
	curl -L $OMNIBUS_URL \| sudo -E bash
	}

	run_chef_client() {
	cmd="$OMNIBUS_ROOT/bin/chef-client"
	if [[ -n "$CHEF_CLIENT_ARGS" ]] ; then
	cmd="$cmd $CHEF_CLIENT_ARGS"
	fi
	log "Executing chef-client run with: [$cmd]"
	time (sudo -E $cmd)
	}

	cleanup_validation() {
	if [[ ! -f "/etc/chef/client.pem" ]] ; then
	log "/etc/chef/client.pem not created, so not removing validation.pem"
	else
	log "Removing /etc/chef/validation.pem"
	sudo rm -f /etc/chef/validation.pem
	fi
	}

	get_sudo
	keep_sudo
	install_chef
	create_client_rb
	create_validation_pem
	create_trusted_cert
	run_chef_client
	cleanup_validation

	log "Bootstrap complete."

	exit $?