This cookbook installs and configures LXC Web Panel application. It also installs and conigures Nginx in order to add HTTPS service layer to this application.
Tested on 11.12.8 but newer and older version should work just fine.
The following platforms have been tested with this cookbook, meaning that the recipes run on these platforms without error:
UbuntuDebian
nginx- Used to install Nginx if you need to configure HTTPS service layer.chef-vault- This cookbook is used to install chef-vault and permit to the cookbook use vaults instead databags.apt- It is used to configures some repositories in order to install the necesaries packages.
| Key | Type | Description | Default |
|---|---|---|---|
| ['lwp']['package']['name'] | String | Package name | lwp |
| ['lwp']['package']['version'] | String | Package version | |
| ['lwp']['package']['options'] | String | Package install options | |
| ['lwp']['dir']['conf'] | String | Path of the directory where are the configuration files | /etc/lwp |
| ['lwp']['ssl']['enabled'] | boolean | Enable or disable SSL protocol | false |
| ['lwp']['ssl']['log']['access'] | String | Nginx access log file | /var/log/nginx/lwp_ssl_access.log |
| ['lwp']['log']['error'] | String | Nginx error log file | /var/log/nginx/lwp_ssl_error.log |
| ['lwp']['nginx']['proxy_read_timeout'] | Numeric | Nginx proxy read timeout value | 300 |
| ['lwp']['cert']['databag']['name'] | String | Databag name where is located the certificate data. It could be the vault name if you are using chef-vault in order to store your sensible data. | lwp |
| ['lwp']'cert']['databag']['item'] | String | Databag item that contains the certificate data. It could be the vault item if you are using chef-vault in order to store your sensible data. | cert |
| ['lwp']['cert']['databag']['encrypted_file'] | String | The path of the encrypted file if you are using encrypted databags | /etc/chef/encrypted_file |
| ['lwp']['conf']['global']['address'] | String | Listen IP | 0.0.0.0 |
| ['lwp']['conf']['global']['port'] | String | Listen port | 5000 |
| ['lwp']['conf']['global']['debug'] | Boolean | Enable log debug | false |
| ['lwp']['conf']['global']['secret_key'] | String | Secret key | 70c0af95a33e54292ecb095664b0fb975eb8c641 |
| ['lwp']['conf']['global']['auth'] | String | Auth method. The posible values are: database, ldap or pam | database |
| ['lwp']['conf']['global']['buckets'] | Boolean | Enable buckets feature | false |
| ['lwp']['conf']['database']['file'] | String | Database file path | /var/lwp/lwp.db |
| ['lwp']['conf']['htpasswd']['file'] | String | Htpasswd file path | /var/lwp/htpasswd |
| ['lwp']['conf']['session']['time'] | String | Session time | 10 |
| ['lwp']['conf']['overview']['partition'] | String | Overview partition path | / |
| ['lwp']['conf']['storage_repository']['local'] | String | Local storahe repository path | /var/lxc-backup |
| ['lwp']['conf']['storage_repository']['nfs'] | String | NFS storage repository path | /mnt/lxc-backup |
| ['lwp']['conf']['ldap']['host'] | String | LDAP server host or ip | ldap.example.com |
| ['lwp']['conf']['ldap']['port'] | String | LDAP server port | 389 |
| ['lwp']['conf']['ldap']['ssl'] | String | Enable LDAP SSL protocol | false |
| ['lwp']['conf']['ldap']['base'] | String | LDAP base | dc=example,dc=com |
| ['lwp']['conf']['ldap']['bind_method'] | String | LDAP bind method. It could be: anon or user | anon |
| ['lwp']['conf']['ldap']['bind_dn'] | String | LDAP bind dn | ou=people,dc=example,dc=com |
| ['lwp']['conf']['ldap']['password'] | String | LDAP password of the user used to log in in the LDAP server | auth_user_password |
| ['lwp']['conf']['ldap']['id_mapping'] | String | LDAP field used to identify the user | uid |
| ['lwp']['conf']['ldap']['display_mapping'] | String | LDAP field used to identify the real name of the user | |
| ['lwp']['conf']['ldap']['object_class'] | String | LDAP objectclass to filter the users objects | posixAccount |
| ['lwp']['conf']['ldap']['required_group'] | String | Group of the users that could authenticate in the application | |
| ['lwp']['buckets']['buckets_host'] | String | Buckets server host or IP | buckets.example.com |
| ['lwp']['conf']['buckets']['buckets_port'] | String | Buckets server port | |
| ['lwp']['conf']['pam']['service'] | String | Pam service | login |
NOTE: The hash ['lwp']['conf'] is used to create the configuration file, so you can add new entries in order to add configuration parameters dynamically.
This recipe installs and configures LXC Web Panel in the node.
This recipe installs and configures Nginx in order to use LXC Web Panel with HTTPS service layer.
Just include lxc-web-panel in your node's run_list:
{
"name":"my_node",
"run_list": [
"recipe[lxc-web-panel]"
]
}Set the attributes in order to configure LXC Web Panel, for example:
"lwp": {
"package": {
"version": "0.7-18-g2747d90",
"options": "--force-yes"
},
"ssl": {
"enabled": true
},
"conf": {
"global": {
"auth": "ldap"
},
"ldap": {
"host": "ldap.example.com",
"port": 636,
"ssl": "true",
"base": "ou=people,dc=example,dc=com",
"bind_method": "anon",
"required_group": "lwp-users"
}
}
}- Source hosted at GitHub
- Report issues/Questions/Feature requests on GitHub Issues
- Fork the repository on Github
- Write your change
- Write tests for your change (if applicable)
- Run the tests, ensuring they all pass
- Submit a Pull Request using Github
Author:: Claudio Cesar Sanchez Tejeda [email protected]
Copyright:: 2014, Claudio Cesar Sanchez Tejeda
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.