The folloiwng example shows how to add valid SSL certs to your Chef Automate server
delivery["ssl_certificates"] = {
"<my_hostname>" => {
"crt" => "file:///etc/delivery/certificate_chained.pem",
"key" => "file:///etc/delivery/key.pem"
}
{ | |
"version": "2", | |
"build_cookbook": { | |
"name": "build_cookbook", | |
"path": ".delivery/build_cookbook" | |
}, | |
"delivery-truck": { | |
"publish": { | |
"chef_server": true | |
} |
The Steps!
name 'base_windows' | |
description 'A base role for all windows nodes' | |
run_list 'recipe[chef-client::default]','recipe[chef-client::delete_validation','recipe[audit::default]' | |
default_attributes({ | |
'audit' => { | |
'reporter' => 'chef-server-automate', | |
'fetcher' => 'chef-server', | |
'profiles' => [ | |
{ | |
'name' => 'windows-patch-baseline', |
name "fourth_coffee" | |
description "A simple iis webserver" | |
run_list 'recipe[fourthcoffee::default]' | |
default_attributes({ | |
"fourthcoffee" => { | |
"install_method" => "_classic" | |
} | |
}) |
---
driver:
name: vagrant
network:
- ["private_network", {ip: "192.168.33.33"}]
provisioner:
name: chef_zero
# You may wish to disable always updating cookbooks in CI or other testing environments.
The following article explains how to setup a structure for a simple base chef role that setups chef-client to run as a service, and sets up inspec profiles
bash
, powershell
, cmder
, iTerm, Term, etc)cd ~
name 'base_linux' | |
description 'A base role to be applied to all linux nodes' | |
run_list 'recipe[chef-client::default]','recipe[chef-client::delete_validation]','recipe[audit::default]' | |
default_attributes({ | |
'audit' => { | |
'reporter' => 'chef-server-automate', | |
'fetcher' => 'chef-server', | |
'profiles' => [ | |
{ | |
'name' => 'linux-patch-baseline', |
# THIS FILE IS MAINTAINED BY CHEF. ALL MANUAL EDITS WILL BE OVERWRITTEN | |
# | |
# This is the main Apache HTTP server configuration file. It contains the | |
# configuration directives that give the server its instructions. | |
# See <URL:http://httpd.apache.org/docs/2.4/> for detailed information. | |
# In particular, see | |
# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html> | |
# for a discussion of each configuration directive. | |
# | |
# Do NOT simply read the instructions in here without understanding |
--- | |
driver: | |
name: ec2 | |
aws_ssh_key_id: chef_demo_2x | |
region: us-west-2 | |
security_group_ids: sg-2560a741 | |
associate_public_ip: true | |
instance_type: t2.micro | |
tags: | |
# Replace YOURNAME and YOURCOMPANY here |