Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/scottyrichardson/olyn_system

Configures Debian OS. Adds cluster nodes to hosts file. Installs base apt packages. Securely installs public and private keys from TLS certificates in data bag. Sets timezone. Creates users and configures permissions. Part of the Olyn framework for Chef.
https://github.com/scottyrichardson/olyn_system

chef configuration debian olyn os

Last synced: 13 days ago
JSON representation

Host: GitHub
URL: https://github.com/scottyrichardson/olyn_system
Owner: scottyrichardson
Created: 2022-11-07T23:18:49.000Z (about 2 years ago)
Default Branch: develop
Last Pushed: 2022-11-07T23:18:59.000Z (about 2 years ago)
Last Synced: 2024-12-15T16:45:48.039Z (about 1 month ago)
Topics: chef, configuration, debian, olyn, os
Language: Ruby
Homepage: http://olyn.richardson.is/
Size: 15.6 KB
Stars: 0
Watchers: 0
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

olyn_system

### System User Passwords
System user passwords are stored inside the `system_users` data bag.
Passwords for the user must be encrypted using a password shadow hash before going into the unencrypted data bag.

To encrypt a user's password using shadown hash:
`mkpasswd -m sha-512`

### SSL Certificate Setup

To generate a CSR for a 3rd party cert:
`openssl req -new -newkey rsa:4096 -nodes -keyout website.com.key -out website.com.csr`

Take the CSR to the 3rd party generator and complete cert issuance.
Create or modify records for the cert inside the `ssl_certificate` data bag. Copy/paste all files to be copied to the server.

#### PEM files
PEM files are needed for services like haproxy. You can create a PEM file by combining all SSL files together in a chain.
The order of files is:

`PRIVATE KEY`
`PUBLIC CERTIFICATE`
`CA BUNDLE`