Created
October 24, 2013 10:21
-
-
Save ravibhure/7134683 to your computer and use it in GitHub Desktop.
Hands off installation of chef server + nginx https proxy on ubuntu
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| CHEF_SERVER_WEBUI_PASS=webui_admin_pass | |
| CHEF_AMQP_PASS=amqp_pass | |
| CHEF_FQDN=chef.yourdomain.com | |
| CHEF_URL=https://${CHEF_FQDN} | |
| export DEBIAN_FRONTEND=noninteractive | |
| echo "deb http://apt.opscode.com/ `lsb_release -cs`-0.10 main" | tee /etc/apt/sources.list.d/opscode.list | |
| mkdir -p /etc/apt/trusted.gpg.d | |
| gpg --keyserver keys.gnupg.net --recv-keys 83EF826A | |
| gpg --export packages@opscode.com | tee /etc/apt/trusted.gpg.d/opscode-keyring.gpg > /dev/null | |
| apt-get update | |
| apt-get install opscode-keyring -y | |
| apt-get upgrade -y | |
| # First set the selections for the insall | |
| echo "chef-server-webui chef-server-webui/admin_password password $CHEF_SERVER_WEBUI_PASS" | debconf-set-selections | |
| echo "chef-solr chef-solr/amqp_password password $CHEF_AMQP_PASS " | debconf-set-selections | |
| echo "chef chef/chef_server_url string $CHEF_URL" | debconf-set-selections | |
| apt-get install chef chef-server -y | |
| #cleanup | |
| apt-get install nginx ssl-cert -y | |
| rm /etc/nginx/sites-{available,enabled}/default | |
| cat <<EOF > /etc/nginx/conf.d/${CHEF_FQDN}.conf | |
| #local chef server | |
| upstream chef_api_local { | |
| server localhost:4000; | |
| } | |
| #local chef webui | |
| upstream chef_webui_local { | |
| server localhost:4040; | |
| } | |
| server { | |
| listen 443; | |
| server_name $CHEF_FQDN; | |
| ssl on; | |
| ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; | |
| ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; | |
| ssl_session_timeout 5m; | |
| ssl_protocols SSLv2 SSLv3 TLSv1; | |
| ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; | |
| ssl_prefer_server_ciphers on; | |
| root /var/www/html; | |
| proxy_set_header Host \$host; | |
| proxy_set_header X-Real-IP \$remote_addr; | |
| proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Proto https; | |
| location / { | |
| #API request incoming | |
| if ( \$http_x_ops_timestamp != "" ){ | |
| proxy_pass http://chef_api_local; | |
| break; | |
| } | |
| #webui request incoming | |
| proxy_pass http://chef_webui_local; | |
| } | |
| } | |
| EOF | |
| service nginx restart | |
| apt-get autoremove --purge |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment