_chef_bootstrap_ubuntu1204.txt

Chef client and server bootstrap scripts/configs for Ubuntu 12.04LTS Server amd64.

client.rb

log_level		:info
log_location		STDOUT
chef_server_url	"http://your.server.fqdn:4000"
validation_client_name 'chef-validator'

client_bootstrap.sh

#
# Here's the client side.
#
# Save all the client* files in this gist to /tmp, then:
# $ sudo HOST=your-hostname-here bash /tmp/client_bootstrap.sh
#

apt-get -y update && aptitude -y full-upgrade && apt-get -y autoremove
hostname $HOST && hostname > /etc/hostname
echo "127.0.1.1 $HOST" >> /etc/hosts
ntpdate pool.ntp.org
apt-get -y install ruby1.9.1 ruby1.9.1-dev libopenssl-ruby build-essential curl git ssl-cert htop heirloom-mailx
cd /tmp && wget http://production.cf.rubygems.org/rubygems/rubygems-1.8.24.tgz && tar -zxf rubygems-1.8.24.tgz && cd rubygems-1.8.24 && ruby setup.rb && cd /tmp && rm rubygems-1.8.24.tgz
apt-get -y clean
gem install chef --no-ri --no-rdoc
cp /usr/lib/ruby/gems/1.9.1/gems/chef-10.16.2/distro/debian/etc/init.d/chef-client /etc/init.d && chmod +x /etc/init.d/chef-client
mkdir /etc/chef && mkdir /var/log/chef

cp /tmp/client_defaults.txt > /etc/default/chef-client
cp /tmp/client.rb > /etc/chef/client.rb

/usr/lib/insserv/insserv chef-client

#
# You'll need to copy /etc/chef/validation.pem from your Chef server to /etc/chef on your Chef client. This will allow the client to auto-register to the Chef server.
#
# Reboot once this has been done and check http://your.server.fqdn:4040 - a new node should show up once the client has registered!
#

client_defaults.txt

LOGFILE=/var/log/chef/client.log
CONFIG=/etc/chef/client.rb
INTERVAL=30
SPLAY=5

server.rb

#
# Chef server config (should end up at /etc/chef/server.rb)
#
log_level                               :info
log_location                    STDOUT
umask                                   0022
checksum_path                   "/var/chef/cookbook_index"
chef_server_url                 "http://localhost:4000"
cookbook_path                   [ "/var/chef/chef-repo/cookbooks", "/var/chef/chef-repo/site-cookbooks" ]
cookbook_tarball_path   "/var/chef/cookbook-tarballs"
file_cache_path                 "/var/cache/chef"
node_path                               "/var/chef/node"
role_path                               "/var/chef/roles"
sandbox_path                    "/var/cache/chef/sandboxes"
search_index_path               "/var/chef/search_index"
validation_client_name  "chef-validator"
signing_ca_cert                 "/etc/chef/certificates/cert.pem"
signing_ca_key                  "/etc/chef/certificates/key.pem"
signing_ca_path                 "/var/chef/ca"
signing_ca_user                 "chef"
signing_ca_group                "chef"
ssl_verify_mode                 :verify_none
couchdb_database                'chef'
persistent_queue                true
Mixlib::Log::Formatter.show_time = false

#
# solr config
#
supportdir =                    "/var/chef"
solr_jetty_path                 File.join(supportdir, "solr", "jetty")
solr_data_path                  File.join(supportdir, "solr", "data")
solr_home_path                  File.join(supportdir, "solr", "home")
solr_heap_size                  "256M"
solr_url                                "http://localhost:8983"
amqp_pass                               "testing"

#
# web UI config
#
web_ui_client_name              "chef-webui"
web_ui_key                              "/etc/chef/webui.pem"
web_ui_admin_user_name  "admin"
# Following line should include random password generated during bootstrap

server_bootstrap.sh

#!/bin/bash

#
# I love you, Chef, but you're kind of a pain to install.
#
# This script assumes you have a fresh Ubuntu 12.04LTS amd64 server
# with Internet connectivity.
#
# Has been tested against various VMware and Amazon EC2 instances.
#
# Installation:
# curl -s https://gist.github.com/raw/4158371/server_bootstrap.sh | sudo bash
#
 
# Bomb out if something goes wrong
set -e

if [ "$EUID" != "0" ]; then
  echo "Please run this script with root privileges."
  echo
  exit 1
fi

echo "

      _           __ _ 
     | |         / _| |
  ___| |__   ___| |_| |
 / __| '_ \ / _ \  _| |
| (__| | | |  __/ | |_|
 \___|_| |_|\___|_| (_)


Here we go; this should only take a few minutes...

"

#
# Perform system updates / general clean up
#
echo
echo "***** Performing system updates/cleanup..."
apt-get -y purge landscape-common apt-xapian-index && apt-get -y update && aptitude -y full-upgrade && apt-get -y autoremove
#hostname $HOST && hostname > /etc/hostname
#echo "127.0.1.1 $HOST" >> /etc/hosts

# 
# You may wish to reboot before proceeding.
#
# Next, install dev environment/Ruby/Rubygems/useful utilities
#
echo
echo "***** Sync'ing clock with pool.ntp.org..."
ntpdate pool.ntp.org
echo
echo "***** Installing Ruby/build environment/vairous utilities..."
apt-get -y install ruby1.9.1 ruby1.9.1-dev libopenssl-ruby build-essential curl git ssl-cert htop sysstat bwm-ng screen couchdb rabbitmq-server libgecode-dev openjdk-7-jre-headless zlib1g-dev zlib1g libxml2 libxml2-dev ntp heirloom-mailx
echo
echo "***** Installing rubygems..."
cd /tmp && wget http://production.cf.rubygems.org/rubygems/rubygems-1.8.24.tgz && tar -zxf rubygems-1.8.24.tgz && cd rubygems-1.8.24 && ruby setup.rb && cd /tmp && rm rubygems-1.8.24.tgz
apt-get -y clean

# Ensure Chef has access to RabbitMQ queues
echo
echo "***** Configuring RabbitMQ queues..."
rabbitmqctl add_vhost /chef
rabbitmqctl add_user chef testing
rabbitmqctl set_permissions -p /chef chef ".*" ".*" ".*"

# Perform the actual Chef installation via gems
mkdir -p /etc/chef
echo
echo "***** Installing Chef gems..."
gem install chef-server chef-server-api chef-server-webui chef-solr --no-ri --no-rdoc

# Fetch Chef server configuration from this Gist.
echo
echo "***** Downloading Chef config from GitHub..."
curl -s https://gist.github.com/raw/4158371/server.rb > /etc/chef/server.rb

useradd -r chef
mkdir /var/log/chef && chown -R chef /var/log/chef
mkdir /var/run/chef && chown -R chef /var/run/chef

#
# These commands copy the Debian-style init scripts and configuration files
# from the gem's support files (this path may change for different
# versions of Ruby)
#
# (Yes, I should probably be using Upstart-style inits. Oh well.)
#
echo
echo "***** Creating init files..."
cp /usr/lib/ruby/gems/1.9.1/gems/chef-`chef-server --version|awk '{ print $5}'`/distro/debian/etc/default/chef* /etc/default
cp /usr/lib/ruby/gems/1.9.1/gems/chef-`chef-server --version|awk '{ print $5}'`/distro/debian/etc/init.d/chef* /etc/init.d
rm /etc/chef/webui.rb; rm /etc/chef/solr.rb

# Keeps everything in one configuration file
ln -s /etc/chef/server.rb /etc/chef/webui.rb
ln -s /etc/chef/server.rb /etc/chef/solr.rb

# Prep the Chef SOLR index service's folder structure/support files
echo
echo "***** Running chef-solr-installer..."
chef-solr-installer

chown -R chef /var/chef
chmod +x /etc/init.d/chef-*

# Fix startup load order based on contents of LSB init headers
# (that is, the stuff in each /etc/init.d/chef-* file definining dependencies,
# runlevels, etc.)
echo
echo "***** Fixing startup order of Chef components..."
/usr/lib/insserv/insserv chef-expander
/usr/lib/insserv/insserv chef-server
/usr/lib/insserv/insserv chef-server-webui
/usr/lib/insserv/insserv chef-solr

#
# Generate a random password for your web UI 'admin' account.
# See the 'web_ui_admin_default_password' line in /etc/chef/server.rb
# for your Web UI password.
#
echo
echo "***** Setting random web_ui_admin_default_password..."
echo >> /etc/chef/server.rb
echo web_ui_admin_default_password \"`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1`\" >> /etc/chef/server.rb

echo
echo "*****"
echo "***** ALL DONE"
echo "*****"
echo
echo "Chef services should be live after reboot. After restarting, try connecting"
echo "to http://`hostname`:4040 to ensure the web UI is accessible."
echo
echo "Toodles!"
echo