From 7e799eac7a25e6a18fcdf3db9666f448b46c84a5 Mon Sep 17 00:00:00 2001 From: rpattcorner Date: Mon, 5 Oct 2015 12:45:12 -0400 Subject: [PATCH 1/6] capture knife ssl fetch output headless --- install/mu_setup | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/mu_setup b/install/mu_setup index 768bc7741..fb7755a2e 100755 --- a/install/mu_setup +++ b/install/mu_setup @@ -517,7 +517,7 @@ validation_client_name '$user-validator' EOF if [ "$user" != "mu" ];then chown -R "$user" "$user_home/.chef/" - su - "$user" -c "/opt/chef/bin/knife ssl fetch" > /dev/null 2>&1 + su - "$user" -c "/opt/chef/bin/knife ssl fetch" > /root/knifesslfetch.out 2>&1 else /opt/chef/bin/knife ssl fetch > /dev/null 2>&1 fi From 2d3a216f001b11b9953f3ed65d09c8504b40618b Mon Sep 17 00:00:00 2001 From: rpattcorner Date: Mon, 5 Oct 2015 12:45:34 -0400 Subject: [PATCH 2/6] remove job setup --- cookbooks/mu-jenkins/recipes/jenkins_apache.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cookbooks/mu-jenkins/recipes/jenkins_apache.rb b/cookbooks/mu-jenkins/recipes/jenkins_apache.rb index db9c973ca..1d0376d35 100644 --- a/cookbooks/mu-jenkins/recipes/jenkins_apache.rb +++ b/cookbooks/mu-jenkins/recipes/jenkins_apache.rb @@ -57,6 +57,7 @@ only_if { node.application_attributes.attribute?('jenkins_auth') } end +=begin #Set up our standard Jenkins Jobs %w{deploy cleanup_deploy}.each { |job| cookbook_file "#{Chef::Config[:file_cache_path]}/#{job}_config.xml" do @@ -67,6 +68,7 @@ config "#{Chef::Config[:file_cache_path]}/#{job}_config.xml" end } +=end # Now the web app virtual host web_app "jenkins" do From 0f60abfea5f76d46fc506f8ca930aa4dfc67cffc Mon Sep 17 00:00:00 2001 From: rpattcorner Date: Mon, 5 Oct 2015 15:47:51 -0400 Subject: [PATCH 3/6] try runuser for headless knife ssl fetch --- install/mu_setup | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/mu_setup b/install/mu_setup index fb7755a2e..e0fdc6177 100755 --- a/install/mu_setup +++ b/install/mu_setup @@ -517,7 +517,7 @@ validation_client_name '$user-validator' EOF if [ "$user" != "mu" ];then chown -R "$user" "$user_home/.chef/" - su - "$user" -c "/opt/chef/bin/knife ssl fetch" > /root/knifesslfetch.out 2>&1 + runuser -l "$user" -c "cd $user_home && /opt/chef/bin/knife ssl fetch" > /root/knifesslfetch.out 2>&1 else /opt/chef/bin/knife ssl fetch > /dev/null 2>&1 fi From 91d1d5767c5c9ac563b171832094bb418e81e856 Mon Sep 17 00:00:00 2001 From: rpattcorner Date: Mon, 5 Oct 2015 15:48:12 -0400 Subject: [PATCH 4/6] Try both override and subsequent set on apache ports --- cookbooks/mu-master/attributes/default.rb | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/cookbooks/mu-master/attributes/default.rb b/cookbooks/mu-master/attributes/default.rb index 0d7b7849f..5672e1cef 100644 --- a/cookbooks/mu-master/attributes/default.rb +++ b/cookbooks/mu-master/attributes/default.rb @@ -48,12 +48,12 @@ default['apache']['traceenable'] = 'Off' # Conditionally add a Jenkins port -#if node.attribute?('jenkins_port_external') -# override["apache"]["listen_ports"] = [80, 8443, 9443] -#else -# override["apache"]["listen_ports"] = [80, 8443] -#end -# Don't override, instead set normal to set defaults, and reset elsewhere with each webapp added, adding its port +if node.attribute?('jenkins_port_external') + override["apache"]["listen_ports"] = [80, 8443, 9443] +else + override["apache"]["listen_ports"] = [80, 8443] +end +# In addition to override, set normal to set defaults, and reset elsewhere with each webapp added, adding its port # The set_unless sets a normal attribute node.set_unless["apache"]["listen_ports"] = [80, 8443] From 23a4b0ead94be746ab87e806b2bf9197e55f6350 Mon Sep 17 00:00:00 2001 From: rpattcorner Date: Thu, 8 Oct 2015 13:01:29 -0400 Subject: [PATCH 5/6] try manual knife fetch after usercreate --- install/mu_setup | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/install/mu_setup b/install/mu_setup index e0fdc6177..4faa20d5b 100755 --- a/install/mu_setup +++ b/install/mu_setup @@ -1445,6 +1445,11 @@ preconfigure_jenkins_artifacts() knife vault create jenkins users "{\"mu_user_password\":\"$JENKINS_ADMIN_PW\"}" --mode client -F json -u mu --search name:MU-MASTER # Create the Jenkins user $MU_INSTALLDIR/bin/mu-user-manage -c -u jenkins -e $JENKINS_ADMIN_EMAIL -p $JENKINS_ADMIN_PW + + # Knife ssl fetch if not already done by mu-user-manage because headless + if [ ! -d "/home/jenkins/.chef/trusted_certs" ]; then + runuser -l "jenkins" -c "cd /home/jenkins && source .bashrc && /opt/chef/bin/knife ssl fetch" > /root/knifesslfetchbyhand.out 2>&1 + fi fi } From 2832944ecd28c3e11e350dca255d7b9e02e1c460 Mon Sep 17 00:00:00 2001 From: rpattcorner Date: Thu, 8 Oct 2015 16:06:44 -0400 Subject: [PATCH 6/6] knife fetch *after* setpermissions, silly --- install/mu_setup | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/install/mu_setup b/install/mu_setup index 4faa20d5b..5a66083ab 100755 --- a/install/mu_setup +++ b/install/mu_setup @@ -1445,11 +1445,6 @@ preconfigure_jenkins_artifacts() knife vault create jenkins users "{\"mu_user_password\":\"$JENKINS_ADMIN_PW\"}" --mode client -F json -u mu --search name:MU-MASTER # Create the Jenkins user $MU_INSTALLDIR/bin/mu-user-manage -c -u jenkins -e $JENKINS_ADMIN_EMAIL -p $JENKINS_ADMIN_PW - - # Knife ssl fetch if not already done by mu-user-manage because headless - if [ ! -d "/home/jenkins/.chef/trusted_certs" ]; then - runuser -l "jenkins" -c "cd /home/jenkins && source .bashrc && /opt/chef/bin/knife ssl fetch" > /root/knifesslfetchbyhand.out 2>&1 - fi fi } @@ -1569,8 +1564,8 @@ if [ "$library" != "1" ];then generate_ssl_certs setup_localhost_chef_client configure_nagios_server - preconfigure_jenkins_artifacts set_permissions + preconfigure_jenkins_artifacts fi knife node run_list add MU-MASTER "role[mu-master-jenkins]" chef-client -l info