https://github.com/sous-chefs/foreman
Development repository for the foreman cookbook
https://github.com/sous-chefs/foreman
chef chef-cookbook chef-resource foreman hacktoberfest managed-by-terraform
Last synced: 6 months ago
JSON representation
Development repository for the foreman cookbook
- Host: GitHub
- URL: https://github.com/sous-chefs/foreman
- Owner: sous-chefs
- License: other
- Created: 2013-11-05T17:17:29.000Z (almost 12 years ago)
- Default Branch: main
- Last Pushed: 2024-02-01T00:28:24.000Z (over 1 year ago)
- Last Synced: 2024-04-14T06:09:22.093Z (over 1 year ago)
- Topics: chef, chef-cookbook, chef-resource, foreman, hacktoberfest, managed-by-terraform
- Language: Ruby
- Homepage: https://supermarket.chef.io/cookbooks/foreman
- Size: 298 KB
- Stars: 10
- Watchers: 21
- Forks: 7
- Open Issues: 9
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# Foreman cookbook
[](https://supermarket.chef.io/cookbooks/foreman)
[](https://circleci.com/gh/sous-chefs/foreman)
[](#backers)
[](#sponsors)
[](https://opensource.org/licenses/Apache-2.0)
Trying to reproduce [puppet-foreman_proxy](https://github.com/theforeman/puppet-foreman_proxy) and [puppet-foreman](https://github.com/theforeman/puppet-foreman) with Chef cookbooks.
Installs and configures Foreman and Foreman-smartproxy.
It can:
- Install and configure Foreman Web ui
- Install and configure a Foreman Smartproxy with dhcp, bmc, tftp, ...
- Register smartproxies
## Requirements
This cookbook depends on theses external cookbooks:
- apt
- apache2
- ark
- bind
- database
- dhcp
- git
- hostname
- hostsfile
- mysql
- postgresql
- tftp
and requires:
- Chef > 12
- Ruby > 1.9
### Platform
Currently testing on Ubuntu, Debian.
## Usage
### Foreman web ui
```
include_recipe 'foreman'
```
### Install foreman smart proxy
Don't forget to edit attributes to be sure oauth have the same parameters and value as the foreman.
```
include_recipe 'foreman::proxy'
```
## Attributes
#### `foreman::default`
Key
Type
Description
Default
['foreman']['path']
String
Foreman installation path
/usr/share/foreman
['foreman']['version']
String
Foreman version
stable
['foreman']['config_path']
String
Configuration path
/etc/foreman
['foreman']['config']['init']
String
Init config path
/etc/default/foreman
['foreman']['config']['init_tpl']
String
Init config template
foreman.default.erb
['foreman']['use_repo']
Boolean
Use Foreman repository
true
['foreman']['repo']['uri']
String
Repository uri
http://deb.theforeman.org/
['foreman']['repo']['components']
Array
Repository components
[stable]
['foreman']['repo']['key']
String
Repository key
http://deb.theforeman.org/foreman.asc
['foreman']['plugins']
Array
Plugins installed via the package manager
[foreman-libvirt, ruby-foreman-chef]
['foreman']['server_name']
String
Server name to use for apache and fqdn
foreman.example
['foreman']['environment']
String
Foreman environment
production
['foreman']['admin']['username']
String
Admin username
admin
['foreman']['admin']['password']
String
Admin password
changeme
['foreman']['admin']['first_name']
String
Admin first name
nil
['foreman']['admin']['last_name']
String
Admin last name
nil
['foreman']['admin']['email']
String
Admin email
nil
['foreman']['initial_organisation']
String
Admin organisation
nil
['foreman']['initial_location']
String
Admin location
nil
['foreman']['user']
String
System user
foreman
['foreman']['group']
String
System group
foreman
['foreman']['group_users']
Array
System groups for foreman user
[]
['foreman']['db']['manage']
Boolean
Manage the database
true
['foreman']['db']['install']
Boolean
Install the database
true
['foreman']['db']['host']
String
Database host
nil
['foreman']['db']['port']
String
Database port
nil
['foreman']['db']['adapter']
String
Database adapter
postgresql
['foreman']['db']['real_adapter']
String
Ruby adapter name
postgresql
['foreman']['db']['ssl_mode']
Boolean
Database in ssl
nil
['foreman']['db']['database']
String
Database name
foreman
['foreman']['db']['username']
String
Database username
foreman
['foreman']['passenger']['install']
Boolean
Install apache passenger mod
true
['foreman']['passenger']['high_performance']
Boolean
Mod passenger high performance
true
['foreman']['passenger']['rack_autodetect']
Boolean
Mod passenger rack autodetect
false
['foreman']['passenger']['max_pool_size']
Integer
Mod passenger max pool size
nil
['foreman']['passenger']['pool_idle_time']
Integer
Mod passenger pool idle time
nil
['foreman']['passenger']['max_requests']
Integer
Mod passenger max requests
nil
['foreman']['passenger']['stat_throttle_rate']
Integer
Mod passenger stat throttle rate
nil
['foreman']['passenger']['use_global_queue']
Boolean
Mod passenger global queue
nil
['foreman']['passenger']['default_ruby']
String
Mod passenger default ruby
nil
['foreman']['passenger']['prestart']
Boolean
Mod passenger prestart
true
['foreman']['passenger']['min_instances']
Integer
Mod passenger minimum instances
1
['foreman']['passenger']['start_timeout']
Integer
Mod passenger start tiemout
600
['foreman']['passenger']['ruby']
String
Mod passenger ruby path
/usr/bin/ruby
['foreman']['passenger']['package']
String
Mod passenger package
libapache2-mod-passenger
['foreman']['ssl']
Boolean
Foreman in Ssl
true
['foreman']['ssl']
Boolean
Foreman in Ssl
true
['foreman']['ssl_dir']
String
Ssl directory
/etc/foreman/certs
['foreman']['ssl_ca_file']
String
Ssl ca file
/etc/foreman/certs/ca.crt
['foreman']['ssl_ca_key_file']
String
Ssl ca key file
/etc/foreman/certs/ca.key
['foreman']['ssl_cert_file']
String
Ssl cert file
/etc/foreman/certs/server.crt
['foreman']['ssl_cert_key_file']
String
Ssl cert key file
/etc/foreman/certs/server.key
['foreman']['ssl_cert_csr_file']
String
Ssl cert csr file
/etc/foreman/certs/server.csr
['foreman']['unattended']
Boolean
Foreman unattented
true
['foreman']['authentication']
Boolean
Foreman authentication
true
['foreman']['locations_enabled']
Boolean
Foreman enable locations
false
['foreman']['organizations_enabled']
Boolean
Foreman enable organizations
false
['foreman']['oauth_active']
Boolean
Foreman oauth
true
['foreman']['oauth_map_users']
Boolean
Foreman oauth map users
false
['foreman']['oauth_consumer_key']
String
Foreman oauth consumer key
Random string
['foreman']['oauth_consumer_secret']
String
Foreman oauth consumer secret
Random string
['foreman']['websockets_encrypt']
Boolean
Foreman encrypt websockets
true
['foreman']['websockets_ssl_key']
Boolean
Foreman websockets ssl key
/etc/ssl/certs/foreman.example.pem
['foreman']['websockets_ssl_cert']
Boolean
Foreman websockets ssl cert
/etc/ssl/privates_keys/foreman.example.pem
#### `foreman::foreman_proxy`
Key
Type
Description
Default
['foreman-proxy']['version']
String
Foreman proxy version
stable
['foreman-proxy']['register']
Boolean
Register foreman proxy in foreman
true
['foreman-proxy']['config_path']
String
Foreman proxy config path
/etc/foreman-proxy
['foreman-proxy']['daemon']
Boolean
Foreman proxy daemon
true
['foreman-proxy']['user']
String
Foreman proxy user
foreman-proxy
['foreman-proxy']['group']
String
Foreman proxy group
foreman-proxy
['foreman-proxy']['group_users']
Array
System groups for foreman-proxy user
[]
['foreman-proxy']['plugins']
Array
Plugins installed via the package manager for the smartproxy
[ruby-smart-proxy-chef]
['foreman-proxy']['log_file']
String
Log file
/var/log/foreman-proxy/proxy.log
['foreman-proxy']['log_level']
String
Log level
ERROR
['foreman-proxy']['puppetrun']
Boolean
Puppetrun
false
['foreman-proxy']['puppetrun_listen_on']
String
Puppetrun listen on
https
['foreman-proxy']['puppetca']
Boolean
Puppetca
false
['foreman-proxy']['puppetca_listen_on']
String
Puppetca listen on
https
['foreman-proxy']['puppet']
Boolean
Puppet
false
['foreman-proxy']['puppet_home']
String
Puppet home directory
/var/lib/puppet
['foreman-proxy']['puppet_url']
String
Puppet url
https://foreman.example:8140
['foreman-proxy']['puppet_use_environement_api']
Boolean
Puppet environment api
nil
['foreman-proxy']['puppet_autosign_location']
String
Puppet autosign location
/etc/puppet/autosign.conf
['foreman-proxy']['puppet_group']
String
Puppet group
puppet
['foreman-proxy']['puppet_ssl_dir']
String
Puppet ssl directory
/var/lib/puppet/ssl
['foreman-proxy']['puppetssh_sudo']
Boolean
Puppet ssh use sudo
false
['foreman-proxy']['puppetssh_command']
String
Puppet ssh command
/usr/bin/puppet agent --ontine --no-usecacheonfailure
['foreman-proxy']['puppetssh_user']
String
Puppet ssh user
root
['foreman-proxy']['puppetssh_keyfile']
String
Puppet ssh key file
/etc/foreman-proxy/id_rsa
['foreman-proxy']['puppetssh_wait']
Boolean
Puppet ssh wait
false
['foreman-proxy']['http']
Boolean
Foreman http
false
['foreman-proxy']['http_port']
String
Foreman http port
8000
['foreman-proxy']['ssl']
Boolean
Foreman use ssl
true
['foreman-proxy']['https_port']
String
Foreman ssl port
8443
['foreman-proxy']['ssl_ca_file']
String
Foreman ssl ca file
/etc/foreman/certs/ca.crt
['foreman-proxy']['ssl_cert_file']
String
Foreman ssl cert file
/etc/foreman/certs/server.crt
['foreman-proxy']['ssl_cert_key_file']
String
Foreman ssl cert key file
/etc/foreman/certs/server.key
['foreman-proxy']['registered_name']
String
Foreman proxy registered name
foreman.example
['foreman-proxy']['registered_proxy_url']
String
Foreman proxy registered url
https://foreman.example:8443
['foreman-proxy']['foreman_base_url']
String
Foreman base url
https://foreman.example
['foreman-proxy']['foreman_ssl_ca']
String
Foreman ssl ca
/etc/foreman/certs/ca.crt
['foreman-proxy']['foreman_ssl_cert']
String
Foreman ssl cert
/etc/foreman/certs/server.crt
['foreman-proxy']['foreman_ssl_key']
String
Foreman ssl key
/etc/foreman/certs/server.key
['foreman-proxy']['trusted_hosts']
Array
Foreman proxy trusted hosts
[foreman.example]
['foreman-proxy']['api_package']
String
Apipie bindings ruby package
ruby-apipie-bindings
['foreman-proxy']['dns']
Boolean
Install dns server
true
['foreman-proxy']['dns_listen_on']
String
Dns listen on
https
['foreman-proxy']['dns_managed']
Boolean
Dns is managed by Chef
true
['foreman-proxy']['dns_provider']
String
Dns provider
nsupdate
['foreman-proxy']['dns_interface']
String
Dns interface
eth0
['foreman-proxy']['dns_ttl']
String
Dns ttl
86400
['foreman-proxy']['dns_server']
String
Dns server
127.0.0.1
['foreman-proxy']['dns_realm']
String
Dns realm
FOREMAN.EXAMPLE
['foreman-proxy']['dns_tsig_keytab']
String
Dns tsig keytab
/etc/foreman-proxy/dns.keytab
['foreman-proxy']['dns_tsig_principal']
String
Dns tsig princial
foremanproxy/foreman.example@FOREMAN.EXAMPLE
['foreman-proxy']['dns_keyfile']
String
Dns key file
/etc/bind/rndc.key
['foreman-proxy']['dns_nsupdate']
String
Dns nsupdate
dnsutils
['foreman-proxy']['dhcp']
Boolean
Proxy use dhcp
true
['foreman-proxy']['dhcp_managed']
Boolean
Install dhcp server
true
['foreman-proxy']['dhcp_key_name']
String
Dhcp key name
nil
['foreman-proxy']['dhcp_key_secret']
String
Dhcp key secret
nil
['foreman-proxy']['dhcp_vendor']
String
Dhcp vendor
isc
['foreman-proxy']['dhcp_config']
String
Dhcp config file
node['dhcp']['config_file']
['foreman-proxy']['dhcp_leases']
String
Dhcp leases files
/var/lib/dhcp/dhcpd.leases
['foreman-proxy']['dhcp_interface']
String
Dhcp interface
eth0
['foreman-proxy']['dhcp_subnet']
String
Dhcp subnet
Ohai subnet
['foreman-proxy']['dhcp_netmask']
String
Dhcp netmask
Ohai netmask
['foreman-proxy']['dhcp_broadcast']
String
Dhcp broadcast
Ohai broadcast
['foreman-proxy']['dhcp_range']
Array
Dhcp range
[]
['foreman-proxy']['dhcp_routers']
Array
Dhcp routers
[Ohai router]
['foreman-proxy']['dhcp_options']
Array
Dhcp options
...
['foreman-proxy']['virsh_network']
String
Virsh network
default
['foreman-proxy']['bmc']
Boolean
As bmc
false
['foreman-proxy']['bmc_listen_on']
String
Bmc listen on
https
['foreman-proxy']['bmc_default_provider']
String
Bmc default provider
ipmitool
['foreman-proxy']['syslinux']['version']
String
Syslinux version
6.03
['foreman-proxy']['syslinux']['url']
String
Syslinux url
...
['foreman-proxy']['tftp']
Boolean
As TFTP
true
['foreman-proxy']['tftp_listen_on']
String
TFTP listen on
https
['foreman-proxy']['tftp_syslinux_root']
String
TFTP syslinux root
nil
['foreman-proxy']['tftp_root']
String
TFTP root
node['tftp']['directory']
['foreman-proxy']['tftp_dirs']
Array
TFTP directories
[pxelinux.cfg, boot]
['foreman-proxy']['servername']
String
TFTP servername
nil
['foreman-proxy']['realm']
Boolean
As Realm
false
['foreman-proxy']['real_listen_on']
String
Realm listen on
https
['foreman-proxy']['real_provider']
String
Realm provider
freeipa
['foreman-proxy']['real_keytab']
String
Realm keytab
/etc/foreman-proxy/freeipa.keytab
['foreman-proxy']['real_principal']
String
Realm principal
real-proxy@EXAMPLE.COM
['foreman-proxy']['freeipa_remove_dns']
Boolean
Freeipa remove dns
true
['foreman-proxy']['oauth_effective_user']
String
Oauth effective user
admin
['foreman-proxy']['oauth_effective_user']
String
Oauth effective user
admin
['foreman-proxy']['oauth_consumer_key']
String
Oauth consumer key
Random password
['foreman-proxy']['oauth_consumer_secret']
String
Oauth consumer secret
Random password
['foreman-proxy']['templates']
Boolean
As templates
false
['foreman-proxy']['templates_listen_on']
String
Templates listen on
https
['foreman-proxy']['chef']
Boolean
As Chef
true
['foreman-proxy']['chef_authenticate_nodes']
Boolean
Use Chef authenticate nodes
true
['foreman-proxy']['chef_server_url']
String
Chef server url
https://chef.example.net
['foreman-proxy']['chef_smartproxy_clientname']
String
Chef client name
host.example.net
['foreman-proxy']['chef_smartproxy_privatekey']
String
Chef client private key
/etc/chef/client.pem
['foreman-proxy']['chef_ssl_verify']
Boolean
Verify chef ssl connection
true
['foreman-proxy']['chef_ssl_pem_file']
String
Chef ssl pem file
/etc/chef/chef.example.com.pem
## Resrouces/Providers
### `foreman_smartproxy`
This LWRP provides and easy way to register or unregister a smartproxy into foreman.
#### Actions
- `:create`, register the smartproxy
- `:remove`, unregister the smartproxy
#### Parameters
- `smartproxy_name`: Name of the smartproxy
- `base_url`: Base url of foreman web api
- `effective_user`: Foreman user
- `consumer_key`: Oauth key
- `consumer_secret`: Oauth secret
- `url`: Url of the smartproxy
- `timeout`: Request timeout
### `foreman_rake`
This LWRP reproduces the `foreman-rake` cli command.
#### Actions
- `:run`, run foreman-rake command
#### Parameters
- `rake_task`: Rake task name
- `environement`: Environement variables
- `timeout`: Request timeout
### `foreman_proxy_settings_file`
This LWRP enable or disable proxy settings files.
#### Actions
- `:enable`, enable setting file
- `:disable`, disable setting file
#### Parameters
- `module`: Module name
- `listen_on`: Module listen on which protocol
- `cookbook`: Cookbook where is stored the template file
- `path`: Path where the file will be created
- `owner`: File owner
- `group`: File group
- `mode`: File mode
- `template_path`: Template file path
## Authors
- [Pierre Rambaud](https://github.com/PierreRambaud)
- [Guilhem Lettron](https://github.com/guilhem)
## Contributors
This project exists thanks to all the people who [contribute.](https://opencollective.com/sous-chefs/contributors.svg?width=890&button=false)
### Backers
Thank you to all our backers!
### Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website.
