How to about gitolite and connnection to gitolite from eclipse IDE.

Prerequisites: 

1.  Workstation(I used Linux Mint 17.1 Rebecca \n \l). This is also gitadmin
2. Vagrant-https://www.vagrantup.com/
3. Virtualbox installation-http://virtualbox.org
4. Eclipse for linux: http://eclipse.org 
5.  http://www.eclipse.org/downloads/download.php?file=/technology/epp/downloads/release/luna/SR1/eclipse-jee-luna-SR1-linux-gtk-x86_64.tar.gz
6.  
7.  Jdk for linux:http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html

 * Testing java installation.

oyj@oyjmint ~ $ java -version

java version "1.7.0_60"

Java(TM) SE Runtime Environment (build 1.7.0_60-b19)

Java HotSpot(TM) 64-Bit Server VM (build 24.60-b09, mixed mode)

Eclipse Java EE IDE for Web Developers.

Version: Luna Service Release 1 (4.4.1)

Build id: 20140925-1800

1. gitolite

Gitolite enables us to make central git repository server.

http://gitolite.com/

2.Preparation two ubuntu servers.

 I did build vagrant package.box beforehand to /home/oyj/vt/package.box

http://wnapdlf.blogspot.kr/2014/12/vagrant-packaging.html

Here is Vagrantfile. To run vagrant, virtualbox installation is necessary. My virtualbox version is

          oyj@oyjmint$ mkdir gt

         

          oyj@oyjmint$ cd gt

 oyj@oyjmint ~/gt $ cat Vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :

# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
VAGRANTFILE_API_VERSION = "2"

Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|

  config.vm.define "gitolite" do |gol|
   gol.vm.box = "gitolite"
   gol.vm.box_url = "file:///home/oyj/vt/package.box"
   gol.vm.provision "shell", inline: "echo now time to executing shell"
   gol.vm.provision "shell", inline: "echo timezone config; echo 'Asia/Seoul' > /etc/timezone && dpkg-reconfigure --frontend noninteractive tzdata"
   gol.vm.network "private_network", ip:"10.0.0.10"
   gol.vm.host_name = "gitolite"
     gol.vm.provider :virtualbox do |vb|
      vb.customize ["modifyvm", :id, "--memory", "256"]
     end
  end
end

*Vagrant up would do some magic.

To build gitolite easily again, I made chef recipe.

If you know howabout on Chef, maybe helpful.

https://github.com/ohyoungjooung2/cookbook/tree/master/gitolite

 3. gitolite installation.

*From workstation

oyj@oyjmint ~ $ ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/home/oyj/.ssh/id_rsa):

/home/oyj/.ssh/id_rsa already exists.

Overwrite (y/n)? y

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/oyj/.ssh/id_rsa.

Your public key has been saved in /home/oyj/.ssh/id_rsa.pub.

The key fingerprint is:

24:34:1f:97:43:0e:28:8e:b8:a0:4f:11:35:22:2d:7f oyj@oyjmint

The key's randomart image is:

+--[ RSA 2048]----+

|....o o.o.o.     |

|..o..o.o =o      |

| + + .. o ..     |

|o + E  o         |

|o. o    S        |

|o .              |

| o               |

|  .              |

|                 |

+-----------------+

* Copy the id_rsa.pub file to the gitolite server

oyj@oyjmint ~ $ cat .ssh/id_rsa.pub

ssh-rsa aC1yc2EAAAADAQABAAABAQCdePGzfzkXWq/jWsAPgple3t2t8SX9ATiNdihc7i4DlOfIh5hxlAHweyVdePRueYS1xRm+V5wYS4lCa1eMoH23X6U6IUGuPvvnlwZVjWCuSLHHZtd+FetiJeL8Iz9Kj1OIooqEIl141bo6JKI9Ue9logMRN7DMMlXuRo5rzGCr4rF8LY08lKeRi2nOtYeXH/Sv8eZZMUTr0UTXNdvXQkAHEduwpOXQK9LFHr4U4stM+/zTB8GjR2eIaL7O8jpVyJd+DKK92CNp8JW8NkKx6T6LbUVwYEfLU9w2CvcTMD3yAQr8dOv7YBFZ9Q3z3nvxeaK31sAx0rNkYbZmN/VuJZNj oyj@oyjmint

On gitolite server. There are other methods to copy public key such as scp,sftp etc.

Just simple copy and paster would be enough here.

git@gitolite:~$ vi oyj.pub

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCdePGzfzkXWq/jWsAPgple3t2t8SX9ATiNdihc7i4DlOfIh5hxlAHweyVdePRueYS1xRm+V5wYS4lCa1eMoH23X6U6IUGuPvvnlwZVjWCuSLHHZtd+FetiJeL8Iz9Kj1OIooqEIl141bo6JKI9Ue9logMRN7DMMlXuRo5rzGCr4rF8LY08lKeRi2nOtYeXH/Sv8eZZMUTr0UTXNdvXQkAHEduwpOXQK9LFHr4U4stM+/zTB8GjR2eIaL7O8jpVyJd+DKK92CNp8JW8NkKx6T6LbUVwYEfLU9w2CvcTMD3yAQr8dOv7YBFZ9Q3z3nvxeaK31sAx0rNkYbZmN/VuJZNj oyj@oyjmint

  Ubuntu server comes with perl installation basically, but if not, better install with apt-get.

 oyj@oyjmint ~/gt $ vagrant ssh gitolite

Welcome to Ubuntu 14.04.1 LTS (GNU/Linux 3.13.0-40-generic x86_64)

 * Documentation:  https://help.ubuntu.com/

 System information disabled due to load higher than 1.0

  Get cloud support with Ubuntu Advantage Cloud Guest:

    http://www.ubuntu.com/business/services/cloud

0 packages can be updated.

0 updates are security updates.

 vagrant@gitolite:~$ which perl

/usr/bin/perl

vagrant@gitolite:~$ sudo apt-get -y install git

Reading package lists... Done

Building dependency tree      

Reading state information... Done

The following extra packages will be installed:

  git-man liberror-perl

Suggested packages:

  git-daemon-run git-daemon-sysvinit git-doc git-el git-email....................

vagrant@gitolite:~$ sudo groupadd git

vagrant@gitolite:~$ sudo useradd git -m -d /home/git -g git

vagrant@gitolite:~$ id git

uid=1002(git) gid=1002(git) groups=1002(git)

vagrant@gitolite:~$

vagrant@gitolite:~/gitolite$ sudo su - git

git@gitolite:~$ git clone git://github.com/sitaramc/gitolite

Cloning into 'gitolite'...

remote: Counting objects: 8741, done.

remote: Compressing objects: 100% (7/7), done.

remote: Total 8741 (delta 0), reused 0 (delta 0)

Receiving objects: 100% (8741/8741), 3.62 MiB | 659.00 KiB/s, done.

Resolving deltas: 100% (4953/4953), done.

Checking connectivity... done.

git@gitolite:~$ mkdir ~/bin

git@gitolite:~$ export PATH=$HOME/bin:$PATH

git@gitolite:~$ gitolite/install -ln ~/bin

git@gitolite:~$ ls ~/bin/

gitolite

git@gitolite:~$ gitolite setup -pk oyj.pub

Initialized empty Git repository in /home/git/repositories/gitolite-admin.git/

Initialized empty Git repository in /home/git/repositories/testing.git/

WARNING: /home/git/.ssh missing; creating a new one

    (this is normal on a brand new install)

WARNING: /home/git/.ssh/authorized_keys missing; creating a new one

    (this is normal on a brand new install)

git@gitolite:~$

From workstation

oyj@oyjmint ~ $ ssh-add

Identity added: /home/oyj/.ssh/id_rsa (/home/oyj/.ssh/id_rsa)

oyj@oyjmint ~ $ git clone git@10.0.0.10:gitolite-admin

Cloning into 'gitolite-admin'...

remote: Counting objects: 6, done.

remote: Compressing objects: 100% (4/4), done.

remote: Total 6 (delta 0), reused 0 (delta 0)

Receiving objects: 100% (6/6), done.

Checking connectivity... done.

*Adding repository

 oyj@oyjmint ~ $ vi gitolite-admin/conf/gitolite.conf

repo gitolite-admin

    RW+     =   oyj

repo testing

    RW+     =   @all

repo python-web #this is the added part

    RW+     =   pydev # pydev user can do all

oyj@oyjmint ~ $ cd gitolite-admin/

oyj@oyjmint ~/gitolite-admin $ git commit -a -m "adding repo"

[master d1cec77] adding repo

 1 file changed, 3 insertions(+)

oyj@oyjmint ~/gitolite-admin $

oyj@oyjmint ~/gitolite-admin $ git config --global push.default simple

oyj@oyjmint ~/gitolite-admin $ git push

Counting objects: 7, done.

Delta compression using up to 8 threads.

Compressing objects: 100% (3/3), done.

Writing objects: 100% (4/4), 350 bytes | 0 bytes/s, done.

Total 4 (delta 1), reused 0 (delta 0)

To git@10.0.0.10:gitolite-admin

   d1cec77..4afa57d  master -> master

oyj@oyjmint ~/.ssh $ ssh-keygen -t rsa -f pydev

Generating public/private rsa key pair.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in pydev.

Your public key has been saved in pydev.pub.

The key fingerprint is:

83:30:4a:e0:d3:01:0f:64:96:d7:49:a1:db:a5:9a:74 oyj@oyjmint

The key's randomart image is:

+--[ RSA 2048]----+

|o*o.ooo          |

|+o+.oo           |

| oo+o  .         |

| ...ooo.         |

|  .o E. S        |

|  . +    .       |

|   o             |

|                 |

|                 |

+-----------------+

oyj@oyjmint ~/.ssh $ cp pydev.pub ~/gitolite-admin/keydir/

oyj@oyjmint ~/gitolite-admin $ git add .

oyj@oyjmint ~/gitolite-admin $ git status

On branch master

Your branch is up-to-date with 'origin/master'.

Changes to be committed:

  (use "git reset HEAD <file>..." to unstage)

    new file:   keydir/pydev.pub

oyj@oyjmint ~/gitolite-admin $ git commit -a -m "adding pydev.pub"

[master 1e0e086] adding pydev.pub

 1 file changed, 1 insertion(+)

 create mode 100644 keydir/pydev.pub

oyj@oyjmint ~/gitolite-admin $ git push

Counting objects: 6, done.

Delta compression using up to 8 threads.

Compressing objects: 100% (4/4), done.

Writing objects: 100% (4/4), 677 bytes | 0 bytes/s, done.

Total 4 (delta 0), reused 0 (delta 0)

To git@10.0.0.10:gitolite-admin

   4afa57d..1e0e086  master -> master

oyj@oyjmint ~/gitolite-admin $

As above I createed java-web repo and jdev.pub private key.

As result, final gitolite.conf is as follows.

 oyj@oyjmint ~/gitolite-admin $ cat conf/gitolite.conf

repo gitolite-admin

    RW+     =   oyj

repo testing

    RW+     =   @all

repo python-web

    RW+     =  pydev

repo java-web # for java web

    RW+     =  jdev

* To use diffrent private key, I should create ~/.ssh/config file

oyj@oyjmint ~/gitolite-admin $ cat ~/.ssh/config

host gitolite

  user git

  hostname 10.0.0.10

  port 22

  identityfile ~/.ssh/jdev

host gitolite-py

  user git

  hostname 10.0.0.10

  port 22

  identityfile ~/.ssh/pydev

*Testing with git clone

* If there is a new file commit in python-web repo, result will be like belows.

 oyj@oyjmint ~ $ git clone git@gitolite-py:python-web

Cloning into 'python-web'...

remote: Counting objects: 12, done.

remote: Compressing objects: 100% (8/8), done.

remote: Total 12 (delta 0), reused 0 (delta 0)

Receiving objects: 100% (12/12), done.

Checking connectivity... done.

* commit and push with git.

oyj@oyjmint ~ $ git clone git@gitolite:java-web

Cloning into 'java-web'...

warning: You appear to have cloned an empty repository.

Checking connectivity... done.

* From eclipse

Version: Luna Service Release 1 (4.4.1)

* Need to edit eclipse.ini for java path like belows

 oyj@oyjmint ~/eclipse $ cat eclipse.ini

-startup

plugins/org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar

--launcher.library

plugins/org.eclipse.equinox.launcher.gtk.linux.x86_64_1.1.200.v20140603-1326

-product

org.eclipse.epp.package.jee.product

--launcher.defaultAction

openFile

-showsplash

org.eclipse.platform

--launcher.XXMaxPermSize

256m

--launcher.defaultAction

openFile

--launcher.appendVmargs

-vm
/usr/local/java/bin/java

-vmargs

-Dosgi.requiredJavaVersion=1.6

-XX:MaxPermSize=256m

-Xms40m

-Xmx512m



* From general tab select SSH2 and insert private key(pydev).
To be effective, should restart eclipse after setting below.

Select Git

Select "Clone a Git repository"

SSH connection setting

Branch Selection to master

Git repository setting.

Now it is done

sha512 password creation (ruby)

#!/usr/bin/env ruby
def check
  if ARGV[0] == nil
    abort 'please input argv[0]'
  end
end

check

require 'digest/sha2'
sha2p=Digest::SHA512.hexdigest(ARGV[0])
p sha2p

# Testing 
oyjmint freeradius # ruby sha512.rb "test"
"ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff"
oyjmint freeradius #

Vagrant packaging

* 1 Install vagrant 1.6.5
https://dl.bintray.com/mitchellh/vagrant/vagrant_1.6.5_x86_64.deb
# dpkg -i vagrant_1.6.5_x86_64.deb

* init
oyj@oyjmint ~/vt/vag_dev $ vagrant init ubuntu/trusty64
A `Vagrantfile` has been placed in this directory. You are now
ready to `vagrant up` your first virtual environment! Please read
the comments in the Vagrantfile as well as documentation on
`vagrantup.com` for more information on using Vagrant.


* Up vagrant
oyj@oyjmint ~/vt/vag_dev $ vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Box 'ubuntu/trusty64' could not be found. Attempting to find and install...
    default: Box Provider: virtualbox
    default: Box Version: >= 0
==> default: Loading metadata for box 'ubuntu/trusty64'
    default: URL: https://vagrantcloud.com/ubuntu/trusty64
==> default: Adding box 'ubuntu/trusty64' (v14.04) for provider: virtualbox
    default: Downloading: https://vagrantcloud.com/ubuntu/boxes/trusty64/versions/14.04/providers/virtualbox.box
==> default: Box download is resuming from prior download progress

* Packaging
oyj@oyjmint ~/vt/vag_dev $ vagrant package

* package.box will be created.^^;

When we want to name package
vagrant package --output filename.box

ruby factorial and plus each number

#!/usr/bin/env ruby

# puts '"Usage: ruby this_script_name argument(should be number) or execution permisson of Unix"'
# Plus each factorialed numbers
# Factorial. Ex) 4=1*2*3*4=24, 3=1*2*3=6
# Function(method?) of factorial beginnng


def fact(n)
    if n < 1
      raise "Argument should be more than 1"
    elsif n == 1
      return 1
    else
      return (n * fact(n-1))
    end
end
# Function(method?) of factorial ended

# Change argument to integer(to_i)
n = ARGV[0].to_i
RESULT = fact(n)
puts "Argument factorial of #{n} is #{RESULT}"

# To plus all number of factorialed. Initialize r=0. No capitalized variable
# Do not use R, or you will see "already initialized constant R warnings"
r=0
# To use array change the RESULT to "string" by to_s method.
S_RESULT = RESULT.to_s
for i in 0..(S_RESULT.length-1)
    # Revert all array members to calculate.
    r+=S_RESULT[i].to_i
end
puts "Plused result of each factorialed number is #{r}"

git repository(gitolite) chef recipe.:)

https://github.com/ohyoungjooung2/cookbook/tree/master/gitolite

oracle_java7 recipe

https://github.com/ohyoungjooung2/cookbook/tree/master/oracle_java7

knife cookbook bulk delete example

vagrant@chefws:~/chef-repo/cookbooks$ knife cookbook bulk delete "^ch*|^win*"
All versions of the following cookbooks will be deleted:

chef_handler  windows    

Do you really want to delete these cookbooks? (Y/N)Y

Deleted cookbook  chef_handler              [1.1.6]
Deleted cookbook  windows                   [1.33.1]

My recent recipes (chef)

Well, on ubuntu 14.04 some community apache php mysql recipes are not working well. So I made the recipes using bash shell script.

I wrote these recipes to my benefit, but if it is good for you, feel free to use. But no responsibility.

https://github.com/ohyoungjooung2/bash_cookbook

Thanks.

Deleting all cookbooks example - very simple tip for me? or YOU?

vagrant@chefws:~/chef-repo$ knife cookbook bulk delete ".*"
All versions of the following cookbooks will be deleted:

apache2              iis                  windows           
apt                  my_cookbook          wordpress         
aws                  mysql                xfs               
build-essential      mysql-chef_gem       xml               
chef-sugar           openssl              yum               
chef_handler         php                  yum-epel          
database             postgresql           yum-mysql-community

Do you really want to delete these cookbooks? (Y/N)Y

Deleted cookbook  aws                       [2.3.0]
Deleted cookbook  yum-mysql-community       [0.1.10]
Deleted cookbook  chef-sugar                [2.0.0]
Deleted cookbook  xml                       [1.2.6]
Deleted cookbook  mysql-chef_gem            [0.0.2]
Deleted cookbook  openssl                   [2.0.0]
Deleted cookbook  yum-epel                  [0.4.0]
Deleted cookbook  postgresql                [3.4.1]
Deleted cookbook  iis                       [2.1.2]
Deleted cookbook  build-essential           [2.0.4]
Deleted cookbook  mysql                     [5.3.6]
Deleted cookbook  php                       [1.4.6]
Deleted cookbook  database                  [2.2.0]
Deleted cookbook  apache2                   [0.1.0]
Deleted cookbook  yum                       [3.2.2]
Deleted cookbook  xfs                       [1.1.0]
Deleted cookbook  apt                       [2.4.0]
Deleted cookbook  chef_handler              [1.1.6]
Deleted cookbook  wordpress                 [0.8.1]
Deleted cookbook  windows                   [1.33.1]
Deleted cookbook  my_cookbook               [0.1.0]
vagrant@chefws:~/chef-repo$

vagrant@chefws:~/chef-repo$ knife cookbook list

Shabby but maybe useful for building chef development environment easily.

I hope this simple script is useful for who want to make chef development environment easily.

Also, I wish somebody modify and develop this code more effectively.

:)
https://github.com/ohyoungjooung2/vag_dev

Vagrant basic plus multiple servers.

This article shows how to install ubuntu trusty server automatically on Virtual box by using "Vagrant" tool.(http://www.vagrantup.com/downloads.html)

Reverse Dns check

172:rp young$ cat iptodns.rb 

#!/usr/bin/env ruby

require 'resolv'

def check

 if ARGV[0] == nil

   abort 'Please input ARGV[0]'

 end

end

check

def ipdcheck

 begin 

   puts Resolv.getname(ARGV[0])

 rescue

   puts "No hostname associated with #{ARGV[0]}"

 end

end

ipdcheck

Example)

172:rp young$ ruby iptodns.rb 202.131.30.12

No hostname associated with 202.131.30.12

172:rp young$ ruby iptodns.rb 127.0.0.1

localhost

172:rp young$ ruby iptodns.rb 192.0.34.166

34-166.lax.icann.org

172:rp young$ 

Simple ips to certain dns

172:rp young$ cat dns_ip.rb 

#!/usr/bin/env ruby

def check

 if ARGV[0] == nil

  abort 'please input ARGV[0]'

 end

end

check

require 'resolv'

def check_address

    Resolv.each_address(ARGV[0]) do |ip|

      puts ip

    end

end

check_address

172:rp young$ ruby dns_ip.rb naver.com

125.209.222.142

202.131.30.11

202.131.30.12

125.209.222.141

172:rp young$ 

Port check script by ruby

172:rp young$ cat port_check.rb 

#!/usr/bin/env ruby

require 'rubygems'

require 'net/ping'

if Net::Ping::TCP.new(ARGV[0],ARGV[1]).ping

   puts "Pong!"

else

   puts "No response"

end

172:rp young$ ruby port_check.rb www.google.com 80

Pong!

172:rp young$ 

Ping script with ruby

172:rp young$ cat ping.rb 

require 'rubygems'

require 'net/ping'

if Net::Ping::External.new(ARGV[0]).ping

   puts "Pong!"

else

   puts "No response"

end

172:rp young$ ruby ping.rb www.google.com

Pong!

172:rp young$ 

Simple DNS mx check

#!/usr/bin/env ruby

def check

 if ARGV[0] == nil

 abort 'plz input domain name'

 end

end

check

require 'resolv'

dns = Resolv::DNS.new

domain = ARGV[0]

dns.each_resource(domain, Resolv::DNS::Resource::IN::MX) do |mail_server|

 puts mail_server.exchange

end

#How to test

y-MacBook-Pro:rp young$ ruby mf.rb  

plz input domain name

y-MacBook-Pro:rp young$ ruby mf.rb yahoo.com

mta7.am0.yahoodns.net

mta5.am0.yahoodns.net

mta6.am0.yahoodns.net

y-MacBook-Pro:rp young$ ruby mf.rb nate.com

mx1.nate.com

uploading ftp files

#!/usr/bin/env ruby

#Very simple ftp upload program by ruby

if ARGV[0] == nil

 abort "\nInput ftp site ip or domain name"

elsif ARGV[1] == nil

 abort "\nInput the text file that you want to upload"

end

require 'net/ftp'

ftp = Net::FTP.new(ARGV[0])

ftp.passive = true

ftp.login 'yourname', 'yourpasswd'

ftp.chdir('/dir/to/you/want')

ftp.puttextfile(ARGV[1])

#ftp.putbinaryfile(ARGV[1])

ftp.list('*') { |file| puts file }

ftp.close

Adding multiple users with chef(bash and template,cookbook_file)-public key added

Forward
* This article  shows how to add multiple users by using chef recipe. I used 'template' and cookbook_file in this example.
  This post assumes that readers are already installed and configured chef-server and clients.
  In terms of security, this article may not be excellent. So, do use carefully. If you are in the situation that the security is the real issue, use the "data bag encryption" for public or private key. 

1. Create cookbook 

root@knife2:/home/young/chef-repo# knife cookbook create user add


2. Making templates/user.txt.erb

root@knife2:/home/young/chef-repo# vi cookbooks/useradd/templates/default/user.txt.erb 

user1:users_group

user2:users_group

user3:users_group

user4:users_group

3. Create authorized_keys file.
I used vi to paster public key. Could use scp or other method.
root@knife2:/home/young/chef-repo# vi cookbooks/useradd/templates/default/authorized_keys

blablabla……..^^

4. Lastly, I made recipes/default.rb 

root@knife2:/home/young/chef-repo# vi cookbooks/useradd/recipes/default.rb 

#

# Cookbook Name:: useradd

# Recipe:: default

#

# Copyright 2014, My Future Company

#

# All rights reserved - Do Not Redistribute

#

# Author ohyoungjooung@gmail.com

template '/root/users' do

    source 'user.txt.erb'

end

cookbook_file "/root/authorized_keys" do

    source "authorized_keys"

    mode 0600

end

bash 'useradding' do

    user "root"

    cwd "/root"

    code <<-EOH 

    check(){

     if [[ $?=="0" ]]

     then

      echo "$1 is successful"

     else 

      echo "failed to achive mission"

      exit 1 

     fi

    }

    groupadd users_group

    for i in $(cat users)

    do

    USER=`echo $i | cut -d':' -f1`

    GROUP=`echo $i | cut -d':' -f2`

    #RUN COMMAND OF useradd

    useradd $USER -g $GROUP -m

    check "$USER useradd"

    mkdir /home/$USER/.ssh

    check "$USER mkdir"

    cp authorized_keys /home/$USER/.ssh/

    check "$USER authcp"

    chmod 0700 /home/$USER/.ssh

    chown -R $USER /home/$USER/.ssh

    chmod 0600 /home/$USER/.ssh/authorized_keys

    done

    rm -f /root/users

    rm -f /root/authorized_keys

    EOH

end

5. Uploading useradd recipe and test

root@knife2:/home/young/chef-repo# knife cookbook upload useradd

Uploading useradd        [0.1.0]

Uploaded 1 cookbook

# On node of chef-clint1

root@chef-client1:~# chef-client -o useradd

  * bash[useradding] action run[2014-01-30T11:35:55+09:00] INFO: Processing bash[useradding] action run (useradd::default line 14)

[2014-01-30T11:35:55+09:00] INFO: bash[useradding] ran successfully

    - execute "bash"  "/tmp/chef-script20140130-8091-1449qkb"

[2014-01-30T11:35:55+09:00] INFO: Chef Run complete in 0.277210052 seconds

[2014-01-30T11:35:55+09:00] INFO: Running report handlers

[2014-01-30T11:35:55+09:00] INFO: Report handlers complete

Chef Client finished, 2 resources updated

root@chef-client1:~# cat /etc/passwd | grep user

user1:x:1003:1004::/home/user1:/bin/sh

user2:x:1004:1004::/home/user2:/bin/sh

user3:x:1005:1004::/home/user3:/bin/sh

user4:x:1006:1004::/home/user4:/bin/sh

root@chef-client1:~# 

6. Using knife bootstrap on chef-client2 server. If you already ssh setting like private an public key password authentication won't be necessary.

root@knife2:/home/young/chef-repo# knife bootstrap chef-client2 -r 'recipe[useradd]' -x young --sudo

Bootstrapping Chef on chef-client2

Failed to authenticate young - trying password auth

Enter your password: 

chef-client2 Starting Chef Client, version 11.8.2

chef-client2 resolving cookbooks for run list: ["useradd"]

chef-client2 Synchronizing Cookbooks:

chef-client2   - useradd

chef-client2 Compiling Cookbooks...

chef-client2 Converging 2 resources

chef-client2 Recipe: useradd::default

chef-client2   * template[/tmp/users] action create

chef-client2     - create new file /tmp/users

chef-client2     - update content in file /tmp/users from none to ebcaf0

chef-client2         --- /tmp/users 2014-01-30 11:43:59.452210250 +0900

chef-client2         +++ /tmp/chef-rendered-template20140130-11865-15ixyap 2014-01-30 11:43:59.452210250 +0900

chef-client2         @@ -1 +1,6 @@

chef-client2         +user1:users_group

chef-client2         +user2:users_group

chef-client2         +user3:users_group

chef-client2         +user4:users_group

chef-client2         +

chef-client2 

chef-client2   * bash[useradding] action run

chef-client2     - execute "bash"  "/tmp/chef-script20140130-11865-30nl8s"

chef-client2 

chef-client2 Chef Client finished, 2 resources updated

 *Conclusion

This recipe is not sufficient because it does not include password. 

But it maybe useful for sysadmins to add many users for multiple servers in no time.

https://github.com/ohyoungjooung2/useradd

Using include in recipes/default.rb(continues from former article)

In below article, I used role to install java and tomcat together.

http://wnapdlf.blogspot.kr/2014/01/using-role-to-install-tomcat-recipe.html

We can install java and tomcat using attributes/default.rb also

1.First
root@knife2:/home/young/chef-repo# vi cookbooks/java/attributes/default.rb

default["java"]["java_home"] = "/usr/local/java"

2. Second
Comment out  on line include_recipe "java"

root@knife2:/home/young/chef-repo# vi cookbooks/tomcat/recipes/default.rb 

# required for the secure_password method from the openssl cookbook

::Chef::Recipe.send(:include, Opscode::OpenSSL::Password)

include_recipe "java"

3. Change JAVA_HOME 
root@knife2:/home/young/chef-repo# vi cookbooks/tomcat/templates/default/default_tomcat6.erb 

# The home directory of the Java development kit (JDK). You need at least

# JDK version 1.5. If JAVA_HOME is not set, some common directories for

# OpenJDK, the Sun JDK, and various J2SE 1.5 versions are tried.

JAVA_HOME=<%= node["java"]["java_home"] %>

4. Upload recipe

root@knife2:/home/young/chef-repo# knife cookbook upload java tomcat

Uploading java           [0.1.0]

Uploading tomcat         [0.15.2]

Uploaded 2 cookbooks.

root@knife2:/home/young/chef-repo# 

5. Now let's test.

root@chef-client1:~# rm -rf /usr/local/java; apt-get -y purge tomcat6

root@chef-client1:~# chef-client -o tomcat

Omitting..blah blah blah

2014-01-30T03:22:16+09:00] INFO: service[tomcat] restarted

    - restart service service[tomcat]

[2014-01-30T03:22:16+09:00] INFO: Chef Run complete in 32.761104063 seconds

[2014-01-30T03:22:16+09:00] INFO: Running report handlers

[2014-01-30T03:22:16+09:00] INFO: Report handlers complete

Chef Client finished, 6 resources updated

root@chef-client1:~# /usr/local/java/bin/java -version

java version "1.7.0_51"

Java(TM) SE Runtime Environment (build 1.7.0_51-b13)

Java HotSpot(TM) 64-Bit Server VM (build 24.51-b03, mixed mode)

root@chef-client1:~# 

root@chef-client1:~# ps -ef | grep tomcat
tomcat6  10865     1  1 03:44 ?        00:00:04 /usr/local/java/bin/java -Djava.util.logging.config.file=/var/lib/tomcat6/conf/logging.properties -Xmx128M -Djava.awt.headless=true -XX:+UseConcMarkSweepGC -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs=/usr/share/tomcat6/lib/endorsed -classpath /usr/share/tomcat6/bin/bootstrap.jar -Dcatalina.base=/var/libtomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.io.tmpdir=/tmp/tomcat6-tmp org.apache.catalina.startup.Bootstrap start
root     10901  8275  0 03:49 pts/2    00:00:00 grep --color=auto tomcat
root@chef-client1:~# 

6. Conclusion
I could install java and tomcat without new role.
First, edit attributes/default.rb of java recipe.
Second, just use the tomcat recipe from community site as it is.

Thanks for reading. Any comments or recommendation is welcome.

Using role to install tomcat recipe with java

*Before starting this installation, we should download openssl recipe from http://community.opscode.com/cookbooks/openssl because of dependency.

Upload it with "knife cookbook upload openssl' in cookbook directory.
ex)
root@knife2:/home/young/chef-repo# ls cookbooks/openssl/
CHANGELOG.md  CONTRIBUTING  libraries  LICENSE  metadata.json  metadata.rb  README.md  recipes
root@knife2:/home/young/chef-repo# knife cookbook upload openssl
Uploading openssl        [1.0.2]
Uploaded 1 cookbook.

# First Download community cookbook tomcat recipe.

root@knife2:/home/young/chef-repo/cookbooks# wget http://community.opscode.com/cookbooks/tomcat/versions/0_15_2/downloads

2014-01-28 05:10:19 (66.0 KB/s) - `downloads' saved [12250/12250]

root@knife2:/home/young/chef-repo/cookbooks# mv downloads tomcat

root@knife2:/home/young/chef-repo/cookbooks# tar xvzf tomcat 

#Edit key tool path in attributes/default.rb to /usr/local/java/bin/keytool

#I'm using ubuntu server, so change like bellows. Just "keytool part" 

when "debian","ubuntu"

  default["tomcat"]["user"] = "tomcat#{node["tomcat"]["base_version"]}"

  default["tomcat"]["group"] = "tomcat#{node["tomcat"]["base_version"]}"

  default["tomcat"]["home"] = "/usr/share/tomcat#{node["tomcat"]["base_version"]}"

  default["tomcat"]["base"] = "/var/lib/tomcat#{node["tomcat"]["base_version"]}"

  default["tomcat"]["config_dir"] = "/etc/tomcat#{node["tomcat"]["base_version"]}"

  default["tomcat"]["log_dir"] = "/var/log/tomcat#{node["tomcat"]["base_version"]}"

  default["tomcat"]["tmp_dir"] = "/tmp/tomcat#{node["tomcat"]["base_version"]}-tmp"

  default["tomcat"]["work_dir"] = "/var/cache/tomcat#{node["tomcat"]["base_version"]}"

  default["tomcat"]["context_dir"] = "#{node["tomcat"]["config_dir"]}/Catalina/localhost"

  default["tomcat"]["webapp_dir"] = "/var/lib/tomcat#{node["tomcat"]["base_version"]}/webapps"

  default["tomcat"]["keytool"] = "/usr/local/java/bin/keytool"

  default["tomcat"]["lib_dir"] = "#{node["tomcat"]["home"]}/lib"

  default["tomcat"]["endorsed_dir"] = "#{node["tomcat"]["lib_dir"]}/endorsed"

# To use role, comment the line that is "include_recipe java

#
# Cookbook Name:: tomcat
# Recipe:: default
#
# Copyright 2010, Opscode, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

# required for the secure_password method from the openssl cookbook
::Chef::Recipe.send(:include, Opscode::OpenSSL::Password)

#Below line
#include_recipe "java"

#Change JAVA_HOME TO JAVA_HOME=<%= "/usr/local/java" %>

root@knife2:/home/young/chef-repo# vi cookbooks/tomcat/templates/default/default_tomcat6.erb 

# The home directory of the Java development kit (JDK). You need at least

# JDK version 1.5. If JAVA_HOME is not set, some common directories for

# OpenJDK, the Sun JDK, and various J2SE 1.5 versions are tried.

JAVA_HOME=<%= "/usr/local/java" %>

root@knife2:/home/young/chef-repo# vi cookbooks/tomcat/templates/default/

default_tomcat6.erb     manifest.xml.erb        sysconfig_tomcat6.erb   

logging.properties.erb  server.xml.erb          tomcat-users.xml.erb    

root@knife2:/home/young/chef-repo# vi cookbooks/tomcat/templates/default/default_tomcat6.erb 

root@knife2:/home/young/chef-repo# vi cookbooks/tomcat/attributes/default.rb 

root@knife2:/home/young/chef-repo# cd ..

root@knife2:/home/young# cd -

/home/young/chef-repo

# Let's upload tomcat recipe

root@knife2:/home/young/chef-repo# knife cookbook upload tomcat

Uploading tomcat         [0.15.2]

Uploaded 1 cookbook.

root@knife2:/home/young/chef-repo# 

# With drag and drop, make the role name java_tomcat

# Do not care phpapp part that is just I practice some recipe.

# To monitor the process of recipe role install, I modified the log_level from ":auto" to ":debug"
# There are three? levels, which is auto,info,debug.

root@chef-client2:~# cat /etc/chef/client.rb
log_level        :debug
log_location     STDOUT
chef_server_url  "https://chef-server:443"
validation_client_name "chef-validator"
# Using default node name (fqdn)

# Run role chef-client command.

root@chef-client2:/usr/local/java# chef-client -f -o 'role[java_tomcat]'

# You can check with "ps -ef | grep tomcat" command whether tomcat is installed correctly.

root@chef-client2:~# ps -ef | grep tomcat
tomcat6   6644     1 17 21:51 ?        00:00:03 /usr/local/java/bin/java -Djava.util.logging.config.file=/var/lib/tomcat6/conf/logging.properties -Xmx128M -Djava.awt.headless=true -XX:+UseConcMarkSweepGC -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs=/usr/share/tomcat6/lib/endorsed -classpath /usr/share/tomcat6/bin/bootstrap.jar -Dcatalina.base=/var/libtomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.io.tmpdir=/tmp/tomcat6-tmp org.apache.catalina.startup.Bootstrap start
root      6666  2436  0 21:51 pts/2    00:00:00 grep --color=auto tomcat
root@chef-client2:~#

Java download without authentication and java chef recipe by bash

1. Downloading oracle java
root@knife2:/home/young/chef-repo# wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com" http://download.oracle.com/otn-pub/java/jdk/7u51-b13/jdk-7u51-linux-x64.tar.gz

# Very simple recipe that needs local web server. I used apache2

#default.rb

#

#
# Cookbook Name:: java
# Recipe:: default
# Author:: ohyoungjooung@gmail.com
# Copyright 2014, My Future Company
#
# All rights reserved - Do Not Redistribute
#
bash "install_java" do
     user "root"
     cwd "/tmp"
     code <<-EOH
      rm -rf /tmp/jdk*
      echo $?
      apt-get -y autoremove
      rm -f /usr/bin/java
      apt-get -y install wget
      # From local network apache webserver
      wget http://192.168.56.105/jdk-7u51-linux-x64.tar.gz
      if [[ $? != "0" ]]
      then
         echo "wget java file failed"
         exit 1
      fi
      tar xvzf jdk-7u51-linux-x64.tar.gz
      #backup old java
      if [[ -d /usr/local/java ]]
      then
        /bin/rm -rf /usr/local/java
      fi
 
      mv jdk1.7.0_51 /usr/local/java
      `grep /usr/local/java/bin /etc/profile`
      if [[ $? != "0" ]]
      then
      echo 'export PATH=/usr/local/java/bin:$PATH' >> /etc/profile
      echo 'export JAVA_HOME=/usr/local/java' >> /etc/profile
      fi
      /bin/rm -f jdk*
     EOH
end
~                                                                                                                                  
~                                        

My first simple recipe that installs amazing nginx web server using bootstrapping. [ubuntu 12.04 or 12.10 server based]

root@knife2:/home/young/chef-repo# knife cookbook create nginx
** Creating cookbook nginx
** Creating README for cookbook: nginx
** Creating CHANGELOG for cookbook: nginx
** Creating metadata for cookbook: nginx
root@knife2:/home/young/chef-repo# 


#Instead of FQDN, I used hosts file.

#Here chef-server's IP is 192.168.56.3. To prevent route error(http.rb)
"ERROR: Errno::EHOSTUNREACH: No route to host - connect(2)"

edit like bellows. 192.168.56.3 is chef-server and then modify the knife.rb's chef-server url

root@knife2:/home/young/chef-repo# cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 ubuntu1204-3
127.0.1.1 apache2-1        
192.168.56.105 knife2
192.168.56.3 chef-server

#knife.rb's server_url

root@knife2:/home/young/chef-repo/cookbooks# cat ../.chef/knife.rb
log_level                :debug
log_location             STDOUT
node_name                'young'
client_key               '/home/young/chef-repo/.chef/young.pem'
validation_client_name   'chef-validator'
validation_key           '/etc/chef-server/chef-validator.pem'
chef_server_url          'https://chef-server:443'
syntax_check_cache_path  '/home/young/chef-repo/.chef/syntax_check_cache'
cookbook_path ["./cookbooks"]

#uploading recipes
root@knife2:/home/young/chef-repo# knife cookbook upload nginx
Uploading nginx          [0.1.0]
Uploaded 1 cookbook.
root@knife2:/home/young/chef-repo#

#Bootstrapping Process
root@knife2:/home/young/chef-repo# knife bootstrap chef-client1 --sudo -x young -P mypassword
Bootstrapping Chef on chef-client1
ERROR: Errno::ENOENT: No such file or directory - /etc/chef-server/chef-validator.pem
root@knife2:/home/young/chef-repo# ls /etc/chef/
root@knife2:/home/young/chef-repo# mkdir /etc/chef-server
root@knife2:/home/young/chef-repo# cp .chef/chef-validator.pem /etc/chef-server/
root@knife2:/home/young/chef-repo# knife bootstrap 192.168.56.104 --sudo -x young -P password
Bootstrapping Chef on 192.168.56.104
192.168.56.104 --2014-01-26 14:39:52--  https://www.opscode.com/chef/install.sh
192.168.56.104 Resolving www.opscode.com (www.opscode.com)... 184.106.28.90
192.168.56.104 Connecting to www.opscode.com (www.opscode.com)|184.106.28.90|:443... connected.
192.168.56.104 HTTP request sent, awaiting response... 200 OK
192.168.56.104 Length: 14101 (14K) [application/x-sh]
192.168.56.104 Saving to: `STDOUT'
192.168.56.104

192.168.56.104 Chef Client finished, 0 resources updated

root@chef-client1:~# which chef-client

/usr/bin/chef-client

root@chef-client1:~# stat /usr/bin/chef-client 

  File: `/usr/bin/chef-client' -> `/opt/chef/bin/chef-client'

  Size: 25         Blocks: 0          IO Block: 4096   symbolic link

Device: fc00h/64512d Inode: 262550      Links: 1

Access: (0777/lrwxrwxrwx)  Uid: (    0/    root)   Gid: (    0/    root)

Access: 2014-01-26 14:40:39.510961635 +0900

Modify: 2014-01-26 14:40:39.426961639 +0900

Change: 2014-01-26 14:40:39.426961639 +0900

 Birth: -

root@chef-client1:~# chef-client -o nginx
Starting Chef Client, version 11.8.2
[2014-01-26T14:49:27+09:00] WARN: Run List override has been provided.
[2014-01-26T14:49:27+09:00] WARN: Original Run List: [recipe[nginx]]
[2014-01-26T14:49:27+09:00] WARN: Overridden Run List: [recipe[nginx]]
resolving cookbooks for run list: ["nginx"]
Synchronizing Cookbooks:
  - nginx
Compiling Cookbooks...
Converging 1 resources
Recipe: nginx::default
  * bash[install_nginx] action run
    - execute "bash"  "/tmp/chef-script20140126-4475-tsf31c"

Chef Client finished, 1 resources updated
root@chef-client1:~# ps -ef | grep nginx
root      4657     1  0 14:49 ?        00:00:00 nginx: master process /usr/sbin/nginx
www-data  4658  4657  0 14:49 ?        00:00:00 nginx: worker process
www-data  4659  4657  0 14:49 ?        00:00:00 nginx: worker process
www-data  4660  4657  0 14:49 ?        00:00:00 nginx: worker process
www-data  4661  4657  0 14:49 ?        00:00:00 nginx: worker process
root      4663  2039  0 14:49 pts/0    00:00:00 grep --color=auto nginx
root@chef-client1:~#