├── .gitignore ├── .travis.yml ├── Berksfile ├── Berksfile.lock ├── Gemfile ├── Gemfile.lock ├── README.md ├── Rakefile ├── blends ├── install.rb └── modify.rb ├── lib ├── pi_chef │ ├── debian.rb │ └── version.rb └── plugins │ └── knife │ └── goiardi_backup.rb ├── roles ├── base.rb ├── builder.rb ├── gocd-agent.rb ├── gocd-server.rb ├── goiardi.rb ├── kiosk.rb └── metrics.rb ├── site-cookbooks └── raspi │ ├── attributes │ └── default.rb │ ├── files │ └── default │ │ ├── alamode-udev-rules │ │ ├── build_chef.sh │ │ ├── influxdb.conf │ │ ├── influxdb.sh │ │ ├── pipelines.xml │ │ ├── update-chef.sh │ │ └── xorg.conf │ ├── libraries │ └── helper.rb │ ├── metadata.rb │ ├── recipes │ ├── audit.rb │ ├── base.rb │ ├── builder.rb │ ├── chef.rb │ ├── go_tools.rb │ ├── gocd_agent.rb │ ├── goiardi.rb │ ├── golang.rb │ ├── gypsy.rb │ ├── java.rb │ ├── kiosk.rb │ ├── metrics.rb │ ├── nodejs.rb │ ├── router.rb │ ├── serf.rb │ ├── statsd.rb │ └── telegraf.rb │ ├── spec │ ├── base_spec.rb │ ├── builder_spec.rb │ ├── chef_spec.rb │ ├── goiardi_spec.rb │ ├── kiosk_spec.rb │ ├── metrics_spec.rb │ └── serf_spec.rb │ └── templates │ └── default │ ├── goiardi.conf.erb │ ├── lxde_autostart.erb │ └── telegraf.conf.erb └── spec └── spec_helper.rb /.gitignore: -------------------------------------------------------------------------------- 1 | vendor 2 | cookbooks 3 | *.deb 4 | .bundle 5 | .chef 6 | backups 7 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | branches: 2 | only: 3 | - master 4 | language: ruby 5 | sudo: false 6 | rvm: 7 | - 2.2.2 8 | before_install: 9 | - bundle install --path .bundle 10 | - bundle exec berks vendor vendor 11 | script: bundle exec rake spec 12 | -------------------------------------------------------------------------------- /Berksfile: -------------------------------------------------------------------------------- 1 | # -*- ft:ruby -*- 2 | source 'https://api.berkshelf.com' 3 | 4 | cookbook 'apparmor' 5 | cookbook 'application' 6 | cookbook 'apt' 7 | cookbook 'chef-client' 8 | cookbook 'container' 9 | cookbook 'goatos', github: 'GoatOS/GoatOS' 10 | cookbook 'nagios' 11 | cookbook 'omnibus' 12 | cookbook 'openssh' 13 | cookbook 'ossec' 14 | cookbook 'packagecloud' 15 | cookbook 'sudo' 16 | cookbook 'systemd' 17 | 18 | 19 | Dir['site-cookbooks/**'].sort.each do |cookbook_path| 20 | cookbook File.basename(cookbook_path), path: cookbook_path 21 | end 22 | -------------------------------------------------------------------------------- /Berksfile.lock: -------------------------------------------------------------------------------- 1 | DEPENDENCIES 2 | apparmor 3 | application 4 | apt 5 | chef-client 6 | container 7 | goatos 8 | git: git://github.com/GoatOS/GoatOS.git 9 | revision: 9ee751df6fc9762b8481ceeab4bb22d00dc74de0 10 | nagios 11 | omnibus 12 | openssh 13 | ossec 14 | packagecloud 15 | raspi 16 | path: site-cookbooks/raspi 17 | sudo 18 | systemd 19 | 20 | GRAPH 21 | 7-zip (1.0.2) 22 | windows (>= 1.2.2) 23 | apache2 (3.1.0) 24 | apparmor (2.0.0) 25 | compat_resource (>= 0.0.0) 26 | application (5.0.0) 27 | poise (~> 2.4) 28 | poise-service (~> 1.0) 29 | apt (2.9.2) 30 | bluepill (2.4.0) 31 | rsyslog (>= 0.0.0) 32 | build-essential (2.2.4) 33 | chef-client (4.3.1) 34 | cron (>= 1.2.0) 35 | logrotate (>= 1.2.0) 36 | windows (~> 1.37) 37 | chef-sugar (3.1.1) 38 | chef_handler (1.2.0) 39 | compat_resource (12.5.12) 40 | container (0.3.0) 41 | cron (1.7.0) 42 | dmg (2.3.0) 43 | git (4.3.4) 44 | build-essential (>= 0.0.0) 45 | dmg (>= 0.0.0) 46 | windows (>= 0.0.0) 47 | yum-epel (>= 0.0.0) 48 | go_cd (0.2.0) 49 | goatos (0.2.0) 50 | container (>= 0.0.0) 51 | go_cd (>= 0.0.0) 52 | omnibus (>= 0.0.0) 53 | xml_file (>= 0.0.0) 54 | homebrew (1.13.0) 55 | build-essential (>= 2.1.2) 56 | iis (4.1.3) 57 | windows (>= 1.34.6) 58 | iptables (2.0.0) 59 | compat_resource (>= 0.0.0) 60 | languages (0.2.4) 61 | build-essential (>= 0.0.0) 62 | chef-sugar (>= 0.0.0) 63 | remote_install (>= 0.0.0) 64 | logrotate (1.9.2) 65 | mysql (6.1.2) 66 | smf (>= 0.0.0) 67 | yum-mysql-community (>= 0.0.0) 68 | nagios (7.2.4) 69 | apache2 (>= 2.0) 70 | build-essential (>= 0.0.0) 71 | nginx (>= 0.0.0) 72 | nginx_simplecgi (>= 0.0.0) 73 | nrpe (>= 0.0.0) 74 | php (>= 0.0.0) 75 | yum-epel (>= 0.0.0) 76 | zap (>= 0.6.0) 77 | nginx (2.7.6) 78 | apt (~> 2.2) 79 | bluepill (~> 2.3) 80 | build-essential (~> 2.0) 81 | ohai (~> 2.0) 82 | runit (~> 1.2) 83 | yum-epel (~> 0.3) 84 | nginx_simplecgi (0.1.2) 85 | bluepill (>= 0.0.0) 86 | nginx (>= 0.0.0) 87 | perl (>= 0.0.0) 88 | runit (>= 0.0.0) 89 | nrpe (1.5.2) 90 | build-essential (>= 0.0.0) 91 | yum-epel (>= 0.0.0) 92 | ohai (2.0.4) 93 | omnibus (3.1.0) 94 | 7-zip (>= 0.0.0) 95 | build-essential (>= 0.0.0) 96 | chef-sugar (>= 0.0.0) 97 | git (>= 0.0.0) 98 | homebrew (>= 0.0.0) 99 | languages (>= 0.0.0) 100 | remote_install (>= 0.0.0) 101 | windows (>= 0.0.0) 102 | windows-sdk (>= 0.0.0) 103 | wix (>= 0.0.0) 104 | openssh (1.5.2) 105 | iptables (>= 0.0.0) 106 | ossec (1.0.5) 107 | build-essential (>= 0.0.0) 108 | packagecloud (0.1.0) 109 | perl (2.0.0) 110 | php (1.7.2) 111 | build-essential (>= 0.0.0) 112 | iis (>= 0.0.0) 113 | mysql (>= 6.0.0) 114 | windows (>= 0.0.0) 115 | xml (>= 0.0.0) 116 | yum-epel (>= 0.0.0) 117 | poise (2.4.0) 118 | poise-service (1.0.2) 119 | poise (~> 2.0) 120 | raspi (0.0.1) 121 | apparmor (>= 0.0.0) 122 | apt (>= 0.0.0) 123 | goatos (>= 0.0.0) 124 | omnibus (>= 0.0.0) 125 | openssh (>= 0.0.0) 126 | packagecloud (>= 0.0.0) 127 | sudo (>= 0.0.0) 128 | systemd (>= 0.0.0) 129 | rbac (1.0.3) 130 | remote_install (1.0.2) 131 | rsyslog (2.2.0) 132 | runit (1.7.4) 133 | packagecloud (>= 0.0.0) 134 | smf (2.2.7) 135 | rbac (>= 1.0.1) 136 | sudo (2.7.2) 137 | systemd (1.1.1) 138 | windows (1.38.2) 139 | chef_handler (>= 0.0.0) 140 | windows-sdk (1.0.2) 141 | wix (2.0.1) 142 | windows (>= 1.2.2) 143 | xml (1.3.1) 144 | build-essential (>= 0.0.0) 145 | chef-sugar (>= 0.0.0) 146 | xml_file (0.1.0) 147 | yum (3.8.2) 148 | yum-epel (0.6.4) 149 | yum (~> 3.2) 150 | yum-mysql-community (0.1.19) 151 | yum (>= 3.2) 152 | zap (0.8.7) 153 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source 'https://rubygems.org' 2 | 3 | gem 'chef' 4 | gem 'blender-chef' 5 | gem 'berkshelf' 6 | gem 'irbtools' 7 | gem 'pry' 8 | gem 'fpm' 9 | gem 'foodcritic' 10 | gem 'rubocop' 11 | gem 'chefspec' 12 | gem 'chef-sugar' 13 | -------------------------------------------------------------------------------- /Gemfile.lock: -------------------------------------------------------------------------------- 1 | GEM 2 | remote: https://rubygems.org/ 3 | specs: 4 | addressable (2.3.8) 5 | arr-pm (0.0.10) 6 | cabin (> 0) 7 | ast (2.0.0) 8 | astrolabe (1.3.0) 9 | parser (>= 2.2.0.pre.3, < 3.0) 10 | backports (3.6.4) 11 | berkshelf (3.2.3) 12 | addressable (~> 2.3.4) 13 | berkshelf-api-client (~> 1.2) 14 | buff-config (~> 1.0) 15 | buff-extensions (~> 1.0) 16 | buff-shell_out (~> 0.1) 17 | celluloid (~> 0.16.0) 18 | celluloid-io (~> 0.16.1) 19 | cleanroom (~> 1.0) 20 | faraday (~> 0.9.0) 21 | minitar (~> 0.5.4) 22 | octokit (~> 3.0) 23 | retryable (~> 2.0) 24 | ridley (~> 4.0) 25 | solve (~> 1.1) 26 | thor (~> 0.19) 27 | berkshelf-api-client (1.2.1) 28 | faraday (~> 0.9.0) 29 | binding.repl (3.0.0) 30 | blender-chef (0.3) 31 | chef (>= 12.1.1) 32 | pd-blender (>= 0.5) 33 | buff-config (1.0.1) 34 | buff-extensions (~> 1.0) 35 | varia_model (~> 0.4) 36 | buff-extensions (1.0.0) 37 | buff-ignore (1.1.1) 38 | buff-ruby_engine (0.1.0) 39 | buff-shell_out (0.2.0) 40 | buff-ruby_engine (~> 0.1.0) 41 | builder (3.2.2) 42 | cabin (0.7.1) 43 | cd (1.0.0) 44 | celluloid (0.16.0) 45 | timers (~> 4.0.0) 46 | celluloid-io (0.16.2) 47 | celluloid (>= 0.16.0) 48 | nio4r (>= 1.1.0) 49 | chef (12.5.1) 50 | chef-config (= 12.5.1) 51 | chef-zero (~> 4.2, >= 4.2.2) 52 | diff-lcs (~> 1.2, >= 1.2.4) 53 | erubis (~> 2.7) 54 | ffi-yajl (~> 2.2) 55 | highline (~> 1.6, >= 1.6.9) 56 | mixlib-authentication (~> 1.3) 57 | mixlib-cli (~> 1.4) 58 | mixlib-log (~> 1.3) 59 | mixlib-shellout (~> 2.0) 60 | net-ssh (~> 2.6) 61 | net-ssh-multi (~> 1.1) 62 | ohai (>= 8.6.0.alpha.1, < 9) 63 | plist (~> 3.1.0) 64 | pry (~> 0.9) 65 | rspec-core (~> 3.2) 66 | rspec-expectations (~> 3.2) 67 | rspec-mocks (~> 3.2) 68 | rspec_junit_formatter (~> 0.2.0) 69 | serverspec (~> 2.7) 70 | specinfra (~> 2.10) 71 | syslog-logger (~> 1.6) 72 | chef-config (12.5.1) 73 | mixlib-config (~> 2.0) 74 | mixlib-shellout (~> 2.0) 75 | chef-sugar (3.1.1) 76 | chef-zero (4.3.2) 77 | ffi-yajl (~> 2.2) 78 | hashie (>= 2.0, < 4.0) 79 | mixlib-log (~> 1.3) 80 | rack 81 | uuidtools (~> 2.1) 82 | chefspec (4.2.0) 83 | chef (>= 11.14) 84 | fauxhai (~> 2.0) 85 | rspec (~> 3.0) 86 | childprocess (0.5.6) 87 | ffi (~> 1.0, >= 1.0.11) 88 | clamp (0.6.5) 89 | cleanroom (1.0.0) 90 | clipboard (1.0.6) 91 | code (0.9.0) 92 | coderay (~> 1.1) 93 | method_source (~> 0.8, >= 0.8.2) 94 | coderay (1.1.0) 95 | debugging (1.1.0) 96 | binding.repl (~> 3.0) 97 | paint (>= 0.9, < 2.0) 98 | dep-selector-libgecode (1.0.2) 99 | dep_selector (1.0.3) 100 | dep-selector-libgecode (~> 1.0) 101 | ffi (~> 1.9) 102 | diff-lcs (1.2.5) 103 | erubis (2.7.0) 104 | every_day_irb (2.0.0) 105 | cd (~> 1.0) 106 | fancy_irb (1.0.0) 107 | paint (>= 0.9, < 2.0) 108 | unicode-display_width (>= 0.2.0) 109 | faraday (0.9.1) 110 | multipart-post (>= 1.2, < 3) 111 | fauxhai (2.3.0) 112 | net-ssh 113 | ohai 114 | ffi (1.9.10) 115 | ffi-yajl (2.2.2) 116 | libyajl2 (~> 1.2) 117 | foodcritic (4.0.0) 118 | erubis 119 | gherkin (~> 2.11) 120 | nokogiri (~> 1.5) 121 | rake 122 | rufus-lru (~> 1.0) 123 | treetop (~> 1.4) 124 | yajl-ruby (~> 1.1) 125 | fpm (1.3.3) 126 | arr-pm (~> 0.0.9) 127 | backports (>= 2.6.2) 128 | cabin (>= 0.6.0) 129 | childprocess 130 | clamp (~> 0.6) 131 | ffi 132 | json (>= 1.7.7) 133 | gherkin (2.12.2) 134 | multi_json (~> 1.3) 135 | hashie (2.1.2) 136 | highline (1.7.8) 137 | hirb (0.7.3) 138 | hitimes (1.2.2) 139 | instance (0.2.0) 140 | interactive_editor (0.0.10) 141 | spoon (>= 0.0.1) 142 | ipaddress (0.8.0) 143 | irbtools (2.0.1) 144 | binding.repl (~> 3.0) 145 | clipboard (~> 1.0, >= 1.0.6) 146 | code (~> 0.9) 147 | coderay (~> 1.1) 148 | debugging (~> 1.1) 149 | every_day_irb (~> 2.0) 150 | fancy_irb (~> 1.0) 151 | hirb (~> 0.7, >= 0.7.3) 152 | instance (~> 0.2) 153 | interactive_editor (~> 0.0, >= 0.0.10) 154 | method_locator (~> 0.0, >= 0.0.4) 155 | methodfinder (~> 2.0) 156 | ori (~> 0.1.0) 157 | os (~> 0.9) 158 | paint (>= 0.9, < 2.0) 159 | ruby_engine (~> 1.0) 160 | ruby_info (~> 1.0) 161 | ruby_version (~> 1.0) 162 | wirb (~> 2.0) 163 | json (1.8.2) 164 | libyajl2 (1.2.0) 165 | method_locator (0.0.4) 166 | method_source (0.8.2) 167 | methodfinder (2.0.0) 168 | mime-types (2.6.2) 169 | mini_portile (0.6.2) 170 | minitar (0.5.4) 171 | mixlib-authentication (1.3.0) 172 | mixlib-log 173 | mixlib-cli (1.5.0) 174 | mixlib-config (2.2.1) 175 | mixlib-log (1.6.0) 176 | mixlib-shellout (2.2.3) 177 | multi_json (1.11.2) 178 | multipart-post (2.0.0) 179 | net-http-persistent (2.9.4) 180 | net-scp (1.2.1) 181 | net-ssh (>= 2.6.5) 182 | net-ssh (2.9.2) 183 | net-ssh-gateway (1.2.0) 184 | net-ssh (>= 2.6.5) 185 | net-ssh-multi (1.2.1) 186 | net-ssh (>= 2.6.5) 187 | net-ssh-gateway (>= 1.2.0) 188 | net-telnet (0.1.1) 189 | nio4r (1.1.0) 190 | nokogiri (1.6.6.2) 191 | mini_portile (~> 0.6.0) 192 | octokit (3.8.0) 193 | sawyer (~> 0.6.0, >= 0.5.3) 194 | ohai (8.7.0) 195 | chef-config (>= 12.5.0.alpha.1, < 13) 196 | ffi (~> 1.9) 197 | ffi-yajl (~> 2.2) 198 | ipaddress 199 | mime-types (~> 2.0) 200 | mixlib-cli 201 | mixlib-config (~> 2.0) 202 | mixlib-log 203 | mixlib-shellout (~> 2.0) 204 | rake (~> 10.1) 205 | systemu (~> 2.6.4) 206 | wmi-lite (~> 1.0) 207 | ori (0.1.0) 208 | os (0.9.6) 209 | paint (1.0.0) 210 | parser (2.3.0.pre.2) 211 | ast (>= 1.1, < 3.0) 212 | pd-blender (0.6.1) 213 | highline 214 | mixlib-log 215 | mixlib-shellout 216 | net-scp 217 | net-ssh 218 | net-ssh-multi 219 | rufus-scheduler 220 | thor 221 | thread_safe 222 | plist (3.1.0) 223 | polyglot (0.3.5) 224 | powerpack (0.1.1) 225 | pry (0.10.3) 226 | coderay (~> 1.1.0) 227 | method_source (~> 0.8.1) 228 | slop (~> 3.4) 229 | rack (1.6.4) 230 | rainbow (2.0.0) 231 | rake (10.4.2) 232 | retryable (2.0.1) 233 | ridley (4.1.2) 234 | addressable 235 | buff-config (~> 1.0) 236 | buff-extensions (~> 1.0) 237 | buff-ignore (~> 1.1) 238 | buff-shell_out (~> 0.1) 239 | celluloid (~> 0.16.0) 240 | celluloid-io (~> 0.16.1) 241 | erubis 242 | faraday (~> 0.9.0) 243 | hashie (>= 2.0.2, < 3.0.0) 244 | json (>= 1.7.7) 245 | mixlib-authentication (>= 1.3.0) 246 | net-http-persistent (>= 2.8) 247 | retryable (>= 2.0.0) 248 | semverse (~> 1.1) 249 | varia_model (~> 0.4) 250 | rspec (3.4.0) 251 | rspec-core (~> 3.4.0) 252 | rspec-expectations (~> 3.4.0) 253 | rspec-mocks (~> 3.4.0) 254 | rspec-core (3.4.1) 255 | rspec-support (~> 3.4.0) 256 | rspec-expectations (3.4.0) 257 | diff-lcs (>= 1.2.0, < 2.0) 258 | rspec-support (~> 3.4.0) 259 | rspec-its (1.2.0) 260 | rspec-core (>= 3.0.0) 261 | rspec-expectations (>= 3.0.0) 262 | rspec-mocks (3.4.0) 263 | diff-lcs (>= 1.2.0, < 2.0) 264 | rspec-support (~> 3.4.0) 265 | rspec-support (3.4.0) 266 | rspec_junit_formatter (0.2.3) 267 | builder (< 4) 268 | rspec-core (>= 2, < 4, != 2.12.0) 269 | rubocop (0.32.1) 270 | astrolabe (~> 1.3) 271 | parser (>= 2.2.2.5, < 3.0) 272 | powerpack (~> 0.1) 273 | rainbow (>= 1.99.1, < 3.0) 274 | ruby-progressbar (~> 1.4) 275 | ruby-progressbar (1.7.5) 276 | ruby_engine (1.0.1) 277 | ruby_info (1.0.1) 278 | ruby_version (1.0.1) 279 | rufus-lru (1.0.5) 280 | rufus-scheduler (3.1.1) 281 | sawyer (0.6.0) 282 | addressable (~> 2.3.5) 283 | faraday (~> 0.8, < 0.10) 284 | semverse (1.2.1) 285 | serverspec (2.24.3) 286 | multi_json 287 | rspec (~> 3.0) 288 | rspec-its 289 | specinfra (~> 2.43) 290 | sfl (2.2) 291 | slop (3.6.0) 292 | solve (1.2.1) 293 | dep_selector (~> 1.0) 294 | semverse (~> 1.1) 295 | specinfra (2.44.3) 296 | net-scp 297 | net-ssh (~> 2.7) 298 | net-telnet 299 | sfl 300 | spoon (0.0.4) 301 | ffi 302 | syslog-logger (1.6.8) 303 | systemu (2.6.5) 304 | thor (0.19.1) 305 | thread_safe (0.3.5) 306 | timers (4.0.1) 307 | hitimes 308 | treetop (1.6.3) 309 | polyglot (~> 0.3) 310 | unicode-display_width (0.2.0) 311 | uuidtools (2.1.5) 312 | varia_model (0.4.0) 313 | buff-extensions (~> 1.0) 314 | hashie (>= 2.0.2, < 3.0.0) 315 | wirb (2.0.0) 316 | paint (>= 0.9, < 2.0) 317 | wmi-lite (1.0.0) 318 | yajl-ruby (1.2.1) 319 | 320 | PLATFORMS 321 | ruby 322 | 323 | DEPENDENCIES 324 | berkshelf 325 | blender-chef 326 | chef 327 | chef-sugar 328 | chefspec 329 | foodcritic 330 | fpm 331 | irbtools 332 | pry 333 | rubocop 334 | 335 | BUNDLED WITH 336 | 1.10.5 337 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | PiChef 2 | ========= 3 | [![Built on Travis](https://secure.travis-ci.org/ranjib/pichef.png?branch=master)](http://travis-ci.org/ranjib/pichef) 4 | 5 | Chef on Raspberry Pi. 6 | 7 | ### Introduction 8 | 9 | PiChef brings the joy of configuration management system [Chef](https://www.chef.io/chef/) 10 | on [Raspberry Pi](https://www.raspberrypi.org/). 11 | PiChef is built with following goals 12 | - Ease building and maintaining raspberry pi related projects (like weather stations, CNC machines, home automation systems) by providing chef installers for Raspberry Pi, generic server administration cookbooks (sudo, ssh) etc. 13 | - Setting up a continuous integration chain with upstream Chef project and [essential chef cookbooks](https://github.com/ranjib/pichef#cookbooks) using [GoatOS](https://github.com/goatos) so that essential community cookbooks will always be tested with upstream chef changes on ubuntu. 14 | - As a learning platform for system automation (run a small data center backed by chef). 15 | 16 | Currently PiChef provides following: 17 | - Chef omnibus packages for Raspberry Pi, available from [GoatOS RasPi](https://packagecloud.io/goatos/raspi) packagecloud repository. 18 | - Cookbook to run [Goiardi](https://github.com/ctdk/goiardi), an opensource chef server written in [go](https://golang.org/). 19 | - Roles to configure omnibus build servers 20 | 21 | 22 | ### Getting started 23 | 24 | - If you are new to Chef or configuration management system read a little about Chef. Following 25 | are great resources. 26 | - [learn chef](https://learn.chef.io/) website 27 | - Settin up your workstation 28 | - This guide assumes all your Raspberry Pi are accessible via 29 | ssh. `Workstation` is assumed to be a separate machine (can be your laptop) 30 | from where Pi will be managed. 31 | - Install ruby and bundler. 32 | - Clone this repository 33 | - Install all gem dependencies 34 | ```sh 35 | bundle install --path .bundle 36 | ``` 37 | - Install chef on a RaspberryPi 38 | ```sh 39 | bundle exec knife blend blends/install.rb -h --prompt 40 | ``` 41 | 42 | - Basic topology 43 | - chef server 44 | - build agents 45 | - the weather station 46 | - mechanical radiators 47 | - LED Segments 48 | - Steppers 49 | 50 | ### Setting up pi 51 | This section is based on Ubuntu/ARM wiki [page](https://wiki.ubuntu.com/ARM/RaspberryPi). 52 | Assuming you ubuntu is the development box 53 | - download trusty image from [here](http://www.finnie.org/software/raspberrypi/2015-04-06-ubuntu-trusty.zip) and unzip it. 54 | - Write the image to an sd card 55 | ```sh 56 | sudo bmaptool copy --bmap ubuntu-trusty.bmap ubuntu-trusty.img /dev/mmcblk0 57 | ``` 58 | - modify the diskpartition in sd card to expand entire storage capacity. 59 | ```sh 60 | sudo fdisk /dev/mmcblk0 61 | ``` 62 | Delete the second partition (d, 2), then re-create it using the defaults (n, p, 2, enter, enter), then write and exit (w). Reboot the system. 63 | ```sh 64 | sudo resize2fs /dev/mmcblk0p2 65 | ``` 66 | - Install ssh 67 | ```sh 68 | sudo apt-get install openssh-server 69 | ``` 70 | - download and install chef 71 | ```sh 72 | wget -c https://packagecloud.io/goatos/raspi/packages/ubuntu/trusty/chef_12.5.0_armhf.deb/download -O chef.deb 73 | sudo dpkg -i chef.deb 74 | ``` 75 | 76 | ### Cookbooks 77 | 78 | Currently following cookbooks are tested under GoatOS with PiChef 79 | 80 | - openssh 81 | - sudo 82 | - apparmor 83 | - omnibus 84 | 85 | ## Contributing/Development 86 | 87 | The general development process is: 88 | 89 | 1. Fork this repo and clone it to your workstation 90 | 2. Create a feature branch for your change 91 | 3. Write code and tests 92 | 4. Push your feature branch to github and open a pull request against 93 | master 94 | 95 | Once your repository is set up, you can start working on the code. We do use 96 | TDD with RSpec, so you'll need to get a development environment running. 97 | Follow the above procedure ("Installing from Git") to get your local 98 | copy of the source running. 99 | 100 | 101 | ### LICENSE 102 | 103 | Licensed under the Apache License, Version 2.0 (the "License"); 104 | you may not use this file except in compliance with the License. 105 | You may obtain a copy of the License at 106 | 107 | http://www.apache.org/licenses/LICENSE-2.0 108 | 109 | Unless required by applicable law or agreed to in writing, software 110 | distributed under the License is distributed on an "AS IS" BASIS, 111 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 112 | See the License for the specific language governing permissions and 113 | limitations under the License. 114 | -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- 1 | require 'foodcritic' 2 | require 'rspec/core/rake_task' 3 | require 'rubocop/rake_task' 4 | require 'fileutils' 5 | require 'berkshelf' 6 | require 'berkshelf/berksfile' 7 | require_relative 'lib/pi_chef/version' 8 | require_relative 'lib/pi_chef/debian' 9 | require 'tempfile' 10 | 11 | RSpec::Core::RakeTask.new(:spec) do |t| 12 | t.pattern = %w(site-cookbooks/**/*_spec.rb) 13 | end 14 | 15 | package_name = 'pi-chef' 16 | 17 | desc 'rubocop compliancy checks' 18 | RuboCop::RakeTask.new(:rubocop) do |t| 19 | t.patterns = %w( 20 | Rakefile 21 | Berksfile 22 | Gemfile 23 | site-cookbooks/**/*.rb 24 | blends/*.rb 25 | roles/*.rb 26 | ) 27 | t.fail_on_error = true 28 | end 29 | 30 | desc 'Vendorize all cookbooks using berks' 31 | task 'vendor' do 32 | end 33 | 34 | desc 'Create debian package of the cookbooks' 35 | task package: :vendor do 36 | package = "#{package_name}_#{PiChef::VERSION}_all.deb" 37 | FileUtils.rm_rf(package_name) if Dir.exist?(package_name) 38 | File.unlink(package) if File.exist?(package) 39 | berksfile = Berkshelf::Berksfile.from_file('Berksfile') 40 | berksfile.vendor(File.join(package_name, 'cookbooks')) 41 | FileUtils.mkdir_p(File.join(package_name, 'etc')) 42 | File.open(File.join(package_name, 'etc', 'solo.rb'), 'w') do |f| 43 | f.write(PiChef::Debian.solo_config) 44 | end 45 | after = Tempfile.new('pi-chef') 46 | after.write(PiChef::Debian.after_install) 47 | after.close 48 | before = Tempfile.new('pi-chef') 49 | before.write(PiChef::Debian.before_install) 50 | before.close 51 | command = 'bundle exec fpm -s dir -t deb --prefix=/opt -a all' 52 | command << " --before-install #{before.path}" 53 | command << " --after-install #{after.path}" 54 | command << " -v #{PiChef::VERSION} -n #{package_name} #{package_name}" 55 | begin 56 | PiChef::Debian.shell_out!(command) 57 | ensure 58 | after.unlink 59 | before.unlink 60 | FileUtils.rm_rf(package_name) if Dir.exist?(package_name) 61 | end 62 | end 63 | -------------------------------------------------------------------------------- /blends/install.rb: -------------------------------------------------------------------------------- 1 | require 'yaml' 2 | yaml_config = YAML.load_file('blender.yml') 3 | ssh_config = { 4 | user: yaml_config['user'], 5 | password: yaml_config['password'], 6 | stdout: $stdout 7 | } 8 | 9 | members([yaml_config['ipaddress']]) 10 | 11 | config(:ssh, ssh_config) 12 | 13 | scp_upload 'validation cert' do 14 | from yaml_config['validation_cert'] 15 | to '/tmp/validation.pem' 16 | end 17 | 18 | ssh_task 'sudo mkdir -p /etc/chef' 19 | ssh_task 'sudo mv /tmp/validation.pem /etc/chef/validation.pem' 20 | ssh_task "echo \"node_name '#{yaml_config['node_name']}'\" > /tmp/client.rb" 21 | ssh_task "echo \"chef_server_url '#{yaml_config['chef_server_url']}'\" >> /tmp/client.rb" 22 | ssh_task 'sudo mv /tmp/client.rb /etc/chef/' 23 | ssh_task 'sudo apt-get update -y' 24 | ssh_task 'sudo apt-get install -y wget' 25 | ssh_task 'download chef' do 26 | execute "wget -c #{yaml_config['debian_url']} -O /tmp/chef.deb" 27 | end 28 | ssh_task 'sudo dpkg -i /tmp/chef.deb' 29 | ssh_task "sudo chef-client -r #{yaml_config['run_list']}" 30 | ssh_task 'rm /tmp/chef.deb' 31 | -------------------------------------------------------------------------------- /blends/modify.rb: -------------------------------------------------------------------------------- 1 | #package_name = Dir['./*.deb'].grep(/pi-chef/).first 2 | # 3 | package_name = "pi-chef_12.5.0.current.0_armhf.deb" 4 | 5 | ssh_task 'sudo apt-get remove chef -y --purge' do 6 | ignore_failure true 7 | end 8 | 9 | ssh_task 'sudo apt-get remove pi-chef -y --purge' do 10 | ignore_failure true 11 | end 12 | 13 | ssh_task 'sudo rm -rf /opt/chef' 14 | ssh_task "sudo rm -rf /tmp/#{package_name}" 15 | 16 | scp_upload 'upload chef build' do 17 | from package_name 18 | to "/tmp/#{package_name}" 19 | end 20 | 21 | ssh_task "sudo dpkg -i /tmp/#{package_name}" 22 | -------------------------------------------------------------------------------- /lib/pi_chef/debian.rb: -------------------------------------------------------------------------------- 1 | require 'mixlib/shellout' 2 | 3 | module PiChef 4 | module Debian 5 | extend self 6 | 7 | def install_home 8 | '/opt/pi-chef' 9 | end 10 | 11 | def before_install 12 | [ bash, "rm -rf #{install_home}" ].join("\n") 13 | end 14 | 15 | def after_install 16 | [ bash, "chmod -R +r #{install_home}" ].join("\n") 17 | end 18 | 19 | def bash 20 | '#!/bin/bash' 21 | end 22 | 23 | def solo_config 24 | [ 25 | "file_cache_path '/var/cache/chef/cookbooks", 26 | "cookbook_path '/opt/#{install_home}/cookbooks'" 27 | ].join("\n") 28 | end 29 | 30 | def shell_out!(command) 31 | cmd = Mixlib::ShellOut.new(command) 32 | cmd.live_stream = $stdout 33 | yield cmd if block_given? 34 | cmd.run_command 35 | fail "Failed to run: '#{command}'\nSTDOUT: #{cmd.stdout}\nSTDERR: #{cmd.stderr}" unless cmd.exitstatus.zero? 36 | end 37 | end 38 | end 39 | -------------------------------------------------------------------------------- /lib/pi_chef/version.rb: -------------------------------------------------------------------------------- 1 | module PiChef 2 | VERSION = '0.0.1' 3 | end 4 | -------------------------------------------------------------------------------- /lib/plugins/knife/goiardi_backup.rb: -------------------------------------------------------------------------------- 1 | require 'chef/knife' 2 | 3 | module PiChef 4 | class GoiardiBackup < Chef::Knife 5 | 6 | deps do 7 | require 'blender' 8 | end 9 | 10 | banner 'knife goiardi backup [-f FILE][-h HOST]' 11 | 12 | option :backup_file, 13 | short: '-f FILE', 14 | long: '--file FILE', 15 | description: 'Backup file name (will be generated)', 16 | default: 'goiardi-backup.tgz' 17 | 18 | option :host, 19 | short: '-h HOST', 20 | long: '--host HOST', 21 | description: 'Goiardi host', 22 | default: nil 23 | 24 | def run 25 | goiardi_host = config[:host] 26 | goiardi_host ||= URI(Chef::Config.chef_server_url).host 27 | backup_file = config[:backup_file] 28 | Blender.blend 'goiardi backup' do |sched| 29 | sched.members([goiardi_host]) 30 | sched.config(:ssh, user: 'ubuntu', password: 'ubuntu', stdout: $stdout, stderr: $stderr) 31 | sched.ssh_task 'sudo tar -czvf goiardi.tgz /opt/goiardi/conf /opt/goiardi/data' 32 | sched.scp_download 'goiardi backup' do 33 | from 'goiardi.tgz' 34 | to backup_file 35 | end 36 | sched.ssh_task 'sudo rm goiardi.tgz' 37 | end 38 | end 39 | end 40 | end 41 | -------------------------------------------------------------------------------- /roles/base.rb: -------------------------------------------------------------------------------- 1 | name 'base' 2 | 3 | default_attributes( 4 | 'authorization' => { 5 | 'sudo' => { 6 | 'groups' => %w(), 7 | 'include_sudoers_d' => true 8 | } 9 | } 10 | ) 11 | 12 | run_list %w( 13 | recipe[raspi::base] 14 | recipe[raspi::chef] 15 | recipe[raspi::serf] 16 | recipe[raspi::statsd] 17 | ) 18 | -------------------------------------------------------------------------------- /roles/builder.rb: -------------------------------------------------------------------------------- 1 | name 'builder' 2 | run_list %w( 3 | role[base] 4 | recipe[raspi::builder] 5 | recipe[omnibus] 6 | ) 7 | -------------------------------------------------------------------------------- /roles/gocd-agent.rb: -------------------------------------------------------------------------------- 1 | name 'gocd-agent' 2 | 3 | default_attributes( 4 | 'go_cd' => { 5 | 'server_ip' => '10.0.0.4' 6 | } 7 | ) 8 | 9 | run_list %w( 10 | role[base] 11 | recipe[raspi::gocd_agent] 12 | ) 13 | -------------------------------------------------------------------------------- /roles/gocd-server.rb: -------------------------------------------------------------------------------- 1 | name 'gocd-server' 2 | run_list %w( 3 | role[base] 4 | recipe[raspi::java] 5 | recipe[go_cd::server] 6 | ) 7 | -------------------------------------------------------------------------------- /roles/goiardi.rb: -------------------------------------------------------------------------------- 1 | name 'goiardi' 2 | run_list %w( 3 | role[base] 4 | recipe[raspi::goiardi] 5 | ) 6 | -------------------------------------------------------------------------------- /roles/kiosk.rb: -------------------------------------------------------------------------------- 1 | name 'kiosk' 2 | 3 | default_attributes( 4 | 'raspi' => { 5 | 'boot_options' => %w( 6 | arm_freq=1000 7 | core_freq=500 8 | dtparam=i2c1=on 9 | dtparam=i2c_arm=on 10 | hdmi_force_hotplug=1 11 | over_voltage=2 12 | sdram_freq=500 13 | ) 14 | } 15 | ) 16 | 17 | run_list %w( 18 | role[base] 19 | recipe[raspi::kiosk] 20 | ) 21 | -------------------------------------------------------------------------------- /roles/metrics.rb: -------------------------------------------------------------------------------- 1 | name 'metrics' 2 | 3 | run_list %w( 4 | role[base] 5 | recipe[raspi::metrics] 6 | ) 7 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/attributes/default.rb: -------------------------------------------------------------------------------- 1 | default['raspi']['timezone'] = 'America/Los_Angeles' 2 | default['raspi']['boot_options'] = nil # defaults to Raspi.boot_options 3 | default['raspi']['chef_version'] = nil # goatos/raspi 4 | default['raspi']['kiosk'].tap do |k| 5 | k['statup_app'] = 'chromium-browser --noerrdialogs --kiosk https://www.google.com --incognito' 6 | end 7 | default['raspi']['metrics'].tap do |m| 8 | m['influxdb_url'] = 'https://github.com/ranjib/PiChef/releases/download/0.0.2/influxd' 9 | m['grafana_deb_url'] = 'https://github.com/ranjib/PiChef/releases/download/0.0.1/grafana_2.5.0-pre1_armhf.deb' 10 | end 11 | 12 | default['raspi']['serf_download_url'] = 'https://github.com/ranjib/PiChef/releases/download/0.0.2/serf' 13 | default['raspi']['serf_config'] = {} 14 | 15 | default['raspi']['etcd_download_url'] = 'https://github.com/ranjib/PiChef/releases/download/0.0.2/serf' 16 | default['raspi']['statsdaemon_download_url'] = 'https://github.com/ranjib/PiChef/releases/download/0.0.2/statsdaemon' 17 | default['raspi']['metrics_end_point'] = nil 18 | default['raspi']['telegraf_download_url'] = 'https://github.com/ranjib/PiChef/releases/download/0.0.2/telegraf' 19 | default['raspi']['telegraf_database'] = 'telegraf' 20 | default['raspi']['telegraf_output_url'] = nil 21 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/files/default/alamode-udev-rules: -------------------------------------------------------------------------------- 1 | KERNEL==”ttyAMA0″,SYMLINK+=”ttyS0″ GROUP=”dialout” 2 | KERNEL==”ttyACM0″,SYMLINK+=”ttyS1″ GROUP=”dialout” 3 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/files/default/build_chef.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | 4 | # assume pi-ruby is present (ruby 2.2.2 installed /opt/rubies/2.2.2) 5 | set -e 6 | set -o pipefail 7 | 8 | 9 | VERSION=`lsb_release -a 2> /dev/null | grep Codename: | awk '{print $2}'` 10 | source /home/omnibus/load-omnibus-toolchain.sh 11 | cd /home/omnibus/omnibus-chef 12 | rm -rf pkg 13 | rm -rf /home/omnibus/chef-transform 14 | mkdir -p /home/omnibus/chef-transform 15 | bundle install --path .bundle --without development 16 | bundle exec omnibus build chef 17 | mv pkg/*.deb /home/omnibus/chef-transform/chefx.deb 18 | cd /home/omnibus/chef-transform 19 | dpkg-deb -x chefx.deb chef 20 | dpkg-deb -e chefx.deb chef/DEBIAN 21 | CHEF_VERSION=`cat chef/opt/chef/embedded/apps/chef/VERSION | grep -Po "^\d+\.\d+\.\d+"` 22 | sed -ir "s/Architecture: armv7l/Architecture: armhf/" chef/DEBIAN/control 23 | sed -ir "s/Version: .*/Version: ${CHEF_VERSION}/" chef/DEBIAN/control 24 | dpkg-deb -b chef chef.deb 25 | mv chef.deb /home/omnibus/chef-$VERSION.deb 26 | cd /tmp 27 | rm -rf /home/omnibus/chef-transform 28 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/files/default/influxdb.conf: -------------------------------------------------------------------------------- 1 | reporting-disabled = true 2 | [meta] 3 | dir = "/opt/influxdb/meta" 4 | hostname = "localhost" 5 | bind-address = ":8088" 6 | retention-autocreate = true 7 | election-timeout = "1s" 8 | heartbeat-timeout = "1s" 9 | leader-lease-timeout = "500ms" 10 | commit-timeout = "50ms" 11 | [data] 12 | dir = "/opt/influxdb/data" 13 | max-wal-size = 104857600 14 | wal-flush-interval = "10m" 15 | wal-partition-flush-delay = "2s" 16 | wal-dir = "/opt/influxdb/wal" 17 | wal-enable-logging = true 18 | [cluster] 19 | shard-writer-timeout = "5s" 20 | write-timeout = "5s" 21 | [retention] 22 | enabled = true 23 | check-interval = "30m" 24 | [monitor] 25 | store-enabled = true 26 | store-database = "_internal" 27 | store-retention-policy = "monitor" 28 | store-retention-duration = "168h" 29 | store-replication-factor = 1 30 | store-interval = "1m" 31 | [admin] 32 | enabled = true 33 | bind-address = ":8083" 34 | https-enabled = false 35 | https-certificate = "/etc/ssl/influxdb.pem" 36 | [http] 37 | enabled = true 38 | bind-address = ":8086" 39 | auth-enabled = false 40 | log-enabled = true 41 | write-tracing = false 42 | pprof-enabled = false 43 | https-enabled = false 44 | https-certificate = "/etc/ssl/influxdb.pem" 45 | [[graphite]] 46 | enabled = true 47 | [collectd] 48 | enabled = false 49 | [opentsdb] 50 | enabled = false 51 | [[udp]] 52 | enabled = false 53 | [continuous_queries] 54 | log-enabled = true 55 | enabled = true 56 | recompute-previous-n = 2 57 | recompute-no-older-than = "10m" 58 | compute-runs-per-interval = 10 59 | compute-no-more-than = "2m" 60 | [hinted-handoff] 61 | enabled = true 62 | dir = "/opt/influxdb/hh" 63 | max-size = 1073741824 64 | max-age = "168h" 65 | retry-rate-limit = 0 66 | retry-interval = "1s" 67 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/files/default/influxdb.sh: -------------------------------------------------------------------------------- 1 | INFLUXD_OPTS="" 2 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/files/default/pipelines.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | /var/lib/go-agent/pipelines/InfluxDB/gospace 6 | 7 | 8 | /opt/go 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | get 20 | github.com/influxdb/influxdb 21 | 22 | 23 | 24 | get 25 | -u 26 | -f 27 | -t 28 | ./... 29 | 30 | 31 | 32 | build 33 | ./... 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | /var/lib/go-agent/pipelines/Grafana/gospace 49 | 50 | 51 | /opt/go 52 | 53 | 54 | /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/go/bin:/opt/chef/embedded/bin 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | get 66 | github.com/grafana/grafana 67 | 68 | 69 | 70 | get 71 | -u 72 | -f 73 | -t 74 | ./... 75 | 76 | 77 | 78 | run 79 | build.go 80 | setup 81 | 82 | 83 | 84 | restore 85 | 86 | 87 | 88 | install 89 | 90 | 91 | 92 | /var/chef/cache/phantomjs-1.9.0-linux-armv6l/bin/phantomjs 93 | gospace/src/github.com/grafana/grafana/node_modules/karma-phantomjs-launcher/node_modules/phantomjs/lib/phantom/bin/phantomjs 94 | 95 | 96 | 97 | run 98 | build.go 99 | build 100 | 101 | 102 | 103 | run 104 | build.go 105 | package 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | /var/lib/go-agent/pipelines/Etcd/gospace 120 | 121 | 122 | /opt/go 123 | 124 | 125 | /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/go/bin 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | get 137 | github.com/coreos/etcd 138 | 139 | 140 | ./build 141 | 142 | 143 | 144 | 145 | 146 | 147 | 148 | 149 | 150 | 151 | 152 | 153 | 154 | /var/lib/go-agent/pipelines/Serf/gospace 155 | 156 | 157 | /opt/go 158 | 159 | 160 | /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/go/bin 161 | 162 | 163 | 164 | 165 | 166 | 167 | 168 | 169 | 170 | 171 | get 172 | github.com/hashicorp/serf 173 | 174 | 175 | 176 | bin 177 | 178 | 179 | 180 | build 181 | ./... 182 | 183 | 184 | 185 | 186 | 187 | 188 | 189 | 190 | 191 | 192 | 193 | 194 | 195 | /var/lib/go-agent/pipelines/Serf/gospace 196 | 197 | 198 | /opt/go 199 | 200 | 201 | /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/go/bin 202 | 203 | 204 | 205 | 206 | 207 | 208 | 209 | 210 | 211 | 212 | build 213 | ./... 214 | 215 | 216 | 217 | 218 | 219 | 220 | 221 | 222 | 223 | 224 | 225 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/files/default/update-chef.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | apt-get remove chef --purge -y 5 | rm -rf /opt/chef 6 | mkdir /opt/chef 7 | chown omnibus:omnibus /opt/chef 8 | sudo -u omnibus /home/omnibus/build_chef.sh 9 | rm -rf /opt/chef 10 | chef-client 11 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/files/default/xorg.conf: -------------------------------------------------------------------------------- 1 | Section "Device" 2 | Identifier "Raspberry Pi FBDEV" 3 | Driver "fbturbo" 4 | Option "fbdev" "/dev/fb0" 5 | Option "SwapbuffersWait" "true" 6 | EndSection 7 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/libraries/helper.rb: -------------------------------------------------------------------------------- 1 | module Raspi 2 | extend self 3 | def default_boot_options 4 | %w(hdmi_force_hotplug=1 dtparam=i2c1=on dtparam=i2c_arm=on) 5 | end 6 | end 7 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/metadata.rb: -------------------------------------------------------------------------------- 1 | name 'raspi' 2 | maintainer 'Ranjib Dey' 3 | maintainer_email 'ranjib@linux.com' 4 | version '0.0.1' 5 | depends 'apt' 6 | depends 'packagecloud' 7 | depends 'sudo' 8 | depends 'openssh' 9 | depends 'apparmor' 10 | depends 'omnibus' 11 | depends 'systemd' 12 | depends 'goatos' 13 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/audit.rb: -------------------------------------------------------------------------------- 1 | # check for ubuntu user sudo access 2 | # check for apparmor being enable 3 | # chef for no apparmor complains 4 | # omnibus installer checker 5 | # check goiardi is running 6 | # ssh root login is disable 7 | # ssh password auth is disabled 8 | # ssh service is enabled 9 | # check for no boot pending 10 | # ossec specific audits 11 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/base.rb: -------------------------------------------------------------------------------- 1 | include_recipe 'sudo::default' 2 | include_recipe 'openssh::default' 3 | 4 | sudo 'ubuntu' do 5 | user 'ubuntu' 6 | nopasswd true 7 | end 8 | 9 | file '/etc/hostname' do 10 | content "#{node.name}\n" 11 | mode 0644 12 | owner 'root' 13 | group 'root' 14 | end 15 | 16 | file '/etc/hosts' do 17 | mode 0644 18 | owner 'root' 19 | group 'root' 20 | content( 21 | [ 22 | '127.0.0.1 localhost', 23 | '::1 localhost', 24 | "127.0.0.1 #{node.name}" 25 | ].join("\n") 26 | ) 27 | end 28 | 29 | remote_file '/etc/localtime' do 30 | source "file:///usr/share/zoneinfo/#{node.raspi.timezone}" 31 | mode 0644 32 | owner 'root' 33 | group 'root' 34 | end 35 | 36 | file '/boot/firmware/config.txt' do 37 | mode 0755 38 | owner 'root' 39 | group 'root' 40 | content( 41 | (node.raspi.boot_options || Raspi.default_boot_options) * "\n" + "\n" 42 | ) 43 | end 44 | 45 | package 'utilities' do 46 | package_name %w( 47 | sysstat 48 | screen 49 | vim 50 | htop 51 | strace 52 | traceroute 53 | ) 54 | end 55 | 56 | systemd_timesyncd 'debian_pool' do 57 | ntp (0..3).map{|i| "#{i}.debian.pool.ntp.org"} 58 | end 59 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/builder.rb: -------------------------------------------------------------------------------- 1 | include_recipe 'omnibus' 2 | 3 | package 'deps' do 4 | package_name %w( 5 | autoconf 6 | automake 7 | bison 8 | build-essential 9 | libncurses5-dev 10 | libreadline6 11 | libreadline6-dev 12 | libssl-dev 13 | libtool 14 | libyaml-dev 15 | zlib1g 16 | zlib1g-dev 17 | openssl 18 | libreadline6-dev 19 | git-core 20 | zlib1g 21 | libssl-dev 22 | libsqlite3-dev 23 | sqlite3 24 | libxml2-dev 25 | libxslt-dev 26 | ) 27 | end 28 | 29 | # omnibus master fails to build on raspberry due to ruby 2.2 download failure 30 | # https://github.com/chef/omnibus-chef/issues/434 31 | git '/home/omnibus/omnibus-chef' do 32 | repository 'https://github.com/chef/omnibus-chef.git' 33 | action :sync 34 | user 'omnibus' 35 | group 'omnibus' 36 | end 37 | 38 | cookbook_file '/home/omnibus/build_chef.sh' do 39 | mode 0754 40 | owner 'omnibus' 41 | group 'omnibus' 42 | end 43 | 44 | cookbook_file '/usr/sbin/update-chef' do 45 | source 'update-chef.sh' 46 | mode 0754 47 | owner 'root' 48 | group 'root' 49 | end 50 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/chef.rb: -------------------------------------------------------------------------------- 1 | systemd_service 'chef' do 2 | description 'Run chef' 3 | exec_start '/opt/chef/bin/chef-client --no-fork' 4 | type 'simple' 5 | end 6 | 7 | systemd_timer 'chef' do 8 | description 'Periodic chef run' 9 | on_unit_active_sec '15m' 10 | on_boot_sec '1m' 11 | unit 'chef.service' 12 | wanted_by 'multiuser.target' 13 | action [:create, :start, :enable] 14 | end 15 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/go_tools.rb: -------------------------------------------------------------------------------- 1 | git '/home/omnibus/etcd' do 2 | repository 'https://github.com/coreos/etcd.git' 3 | action :sync 4 | user 'omnibus' 5 | group 'omnibus' 6 | end 7 | 8 | git '/home/omnibus/vault' do 9 | repository 'https://github.com/hashicorp/vault.git' 10 | action :sync 11 | user 'omnibus' 12 | group 'omnibus' 13 | end 14 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/gocd_agent.rb: -------------------------------------------------------------------------------- 1 | package 'pipeline_deps' do 2 | package_name %w( 3 | rpm 4 | mercurial 5 | ) 6 | end 7 | 8 | user 'goatos' do 9 | home '/var/lib/go-agent' 10 | shell '/bin/bash' 11 | end 12 | 13 | execute '/opt/chef/embedded/bin/gem install fpm --no-ri --no-rdoc' do 14 | command '/opt/chef/embedded/bin/gem install fpm --no-ri --no-rdoc' 15 | not_if'/opt/chef/embedded/bin/gem spec fpm' 16 | end 17 | 18 | node.default['go_cd']['java_home']= '/usr/lib/jvm/java-7-oracle' 19 | 20 | include_recipe 'raspi::java' 21 | include_recipe 'raspi::golang' 22 | include_recipe 'raspi::nodejs' 23 | include_recipe 'goatos::agent' 24 | 25 | phantomjs_url = 'https://github.com/aeberhardo/phantomjs-linux-armv6l/raw/master/phantomjs-1.9.0-linux-armv6l.tar.bz2' 26 | phantomjs_file_path = ::File.join(Chef::Config.file_cache_path, ::File.basename(URI(phantomjs_url).path)) 27 | remote_file phantomjs_file_path do 28 | source phantomjs_url 29 | action :create_if_missing 30 | end 31 | 32 | execute 'decompress_phantomjs' do 33 | command "tar -jxvf #{phantomjs_file_path}" 34 | cwd Chef::Config.file_cache_path 35 | creates ::File.join(Chef::Config.file_cache_path, 'phantomjs-1.9.0-linux-armv6l/bin/phantomjs') 36 | end 37 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/goiardi.rb: -------------------------------------------------------------------------------- 1 | user 'goiardi' 2 | 3 | %w( 4 | /opt/goiardi 5 | /opt/goiardi/data 6 | /opt/goiardi/conf 7 | /opt/goiardi/bin 8 | /opt/goiardi/log 9 | /opt/goiardi/etc 10 | ).each do |dir| 11 | directory dir do 12 | owner 'goiardi' 13 | group 'goiardi' 14 | mode 0755 15 | end 16 | end 17 | 18 | remote_file '/opt/goiardi/bin/goiardi' do 19 | source 'https://github.com/ctdk/goiardi/releases/download/v0.9.1/goiardi-0.9.1-linux-armv71' 20 | owner 'goiardi' 21 | group 'goiardi' 22 | mode 0755 23 | action :create_if_missing 24 | end 25 | 26 | template '/opt/goiardi/etc/goiardi.conf' do 27 | owner 'goiardi' 28 | group 'goiardi' 29 | mode 0644 30 | variables(hostname: node.ipaddress) 31 | end 32 | 33 | systemd_service 'goiardi' do 34 | description 'Goiardi' 35 | user 'goiardi' 36 | permissions_start_only true 37 | exec_start '/opt/goiardi/bin/goiardi -c /opt/goiardi/etc/goiardi.conf' 38 | restart 'always' 39 | restart_sec '10s' 40 | wanted_by 'multi-user.target' 41 | action [:create, :start, :enable] 42 | end 43 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/golang.rb: -------------------------------------------------------------------------------- 1 | tarball = 'go1.4.2.linux-arm~multiarch-armv7-1.tar.gz' 2 | tarball_path = ::File.join(Chef::Config[:file_cache_path], tarball) 3 | 4 | remote_file tarball_path do 5 | source "http://dave.cheney.net/paste/#{tarball}" 6 | action :create_if_missing 7 | notifies :run, 'execute[decompress_tarball]' 8 | end 9 | 10 | execute 'decompress_tarball' do 11 | command "tar -zxf #{tarball_path} -C /opt" 12 | action :nothing 13 | end 14 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/gypsy.rb: -------------------------------------------------------------------------------- 1 | require 'chef/lxc' 2 | 3 | package 'ubuntu-fan' 4 | 5 | lxc 'go-1.5' do 6 | template 'download' 7 | recipe do 8 | package 'deps' do 9 | package_name %w( 10 | git 11 | mercurial 12 | wget 13 | build-essential 14 | ) 15 | end 16 | remote_file '/opt/go.tgz' do 17 | source 'https://github.com/ranjib/PiChef/releases/download/0.0.1/go.tgz' 18 | end 19 | execute 'tar -zxvf /opt/go.tgz -C /opt' do 20 | creates '/opt/go/bin/go' 21 | end 22 | directory '/opt/gospace' 23 | file '/etc/profile.d/go.sh' do 24 | content %w( 25 | #!/bin/bash 26 | export GOPATH=/opt/gospace 27 | export GOROOT=/opt/go 28 | export PATH=$PATH:$GOROOT/bin:$GOPATH/bin 29 | ) 30 | end 31 | end 32 | action [:create, :start] 33 | end 34 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/java.rb: -------------------------------------------------------------------------------- 1 | seed_file = ::File.join(Chef::Config.file_cache_path, 'oracle-jdk.seed') 2 | 3 | apt_repository 'webupd8team' do 4 | uri 'ppa:webupd8team/java' 5 | distribution node['lsb']['codename'] 6 | end 7 | 8 | execute 'accept-license-select' do 9 | command 'echo debconf shared/accepted-oracle-license-v1-1 select true | debconf-set-selections' 10 | not_if 'dpkg -L oracle-java7-installer' 11 | end 12 | 13 | execute 'accept-license-seen' do 14 | command 'echo debconf shared/accepted-oracle-license-v1-1 seen true | debconf-set-selections' 15 | not_if 'dpkg -L oracle-java7-installer' 16 | end 17 | 18 | package 'oracle-java7-installer' 19 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/kiosk.rb: -------------------------------------------------------------------------------- 1 | package 'gui' do 2 | package_name %w( 3 | chromium-browser 4 | dphys-swapfile 5 | libraspberrypi-bin 6 | libraspberrypi-dev 7 | lxde 8 | linux-firmware 9 | libraspberrypi-bin-nonfree 10 | xserver-xorg-video-fbturbo 11 | ) 12 | end 13 | 14 | cookbook_file '/etc/X11/xorg.conf' do 15 | owner 'root' 16 | group 'root' 17 | mode 0644 18 | end 19 | 20 | template '/etc/xdg/lxsession/LXDE/autostart' do 21 | owner 'root' 22 | group 'root' 23 | mode 0644 24 | source 'lxde_autostart.erb' 25 | variables( 26 | statup_app: node.raspi.kiosk.statup_app 27 | ) 28 | end 29 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/metrics.rb: -------------------------------------------------------------------------------- 1 | grafana_deb_url = node.raspi.metrics.grafana_deb_url 2 | grafana_deb_path = ::File.join(Chef::Config.file_cache_path, ::File.basename(URI(grafana_deb_url).path)) 3 | 4 | package 'metrics-deps' do 5 | package_name %w(fontconfig-config libfontconfig1) 6 | end 7 | 8 | user 'influxdb' do 9 | system true 10 | home '/opt/influxdb' 11 | manage_home true 12 | end 13 | 14 | cookbook_file '/etc/default/influxdb' do 15 | mode 0644 16 | source 'influxdb.sh' 17 | end 18 | 19 | cookbook_file '/opt/influxdb/influxdb.conf' do 20 | mode 0644 21 | owner 'influxdb' 22 | group 'influxdb' 23 | notifies :restart, 'systemd_service[influxdb]' 24 | end 25 | 26 | remote_file '/opt/influxdb/influxd' do 27 | source node.raspi.metrics.influxdb_url 28 | mode 0755 29 | action :create_if_missing 30 | end 31 | 32 | systemd_service 'influxdb' do 33 | description 'InfluxDB is an open-source, distributed, time series database' 34 | after 'network.target' 35 | user 'influxdb' 36 | group 'influxdb' 37 | limit_nofile '65536' 38 | environment_file '-/etc/default/influxdb' 39 | exec_start '/opt/influxdb/influxd -config /opt/influxdb/influxdb.conf $INFLUXD_OPTS' 40 | restart 'on-failure' 41 | wanted_by 'multi-user.target' 42 | action [:create, :start, :enable] 43 | end 44 | 45 | remote_file grafana_deb_path do 46 | source grafana_deb_url 47 | action :create_if_missing 48 | end 49 | 50 | dpkg_package 'grafana' do 51 | source grafana_deb_path 52 | end 53 | 54 | service 'grafana-server' do 55 | action [:start, :enable] 56 | end 57 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/nodejs.rb: -------------------------------------------------------------------------------- 1 | execute 'curl -sL https://deb.nodesource.com/setup_0.12 | bash -' do 2 | not_if 'dpkg -l | grep nodejs' 3 | end 4 | 5 | package 'nodejs' do 6 | notifies :run, 'execute[install_grunt_cli]' 7 | end 8 | 9 | execute 'install_grunt_cli' do 10 | command 'npm install -g grunt-cli' 11 | action :nothing 12 | end 13 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/router.rb: -------------------------------------------------------------------------------- 1 | package 'ca-certificates' 2 | package 'isc-dhcp-server' 3 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/serf.rb: -------------------------------------------------------------------------------- 1 | remote_file '/usr/bin/serf' do 2 | owner 'root' 3 | group 'root' 4 | mode 0753 5 | source node.raspi.serf_download_url 6 | end 7 | 8 | directory '/etc/serf' 9 | 10 | file '/etc/serf/agent.json' do 11 | owner 'root' 12 | group 'root' 13 | mode 0644 14 | content node.raspi.serf_config.to_json 15 | end 16 | 17 | systemd_service 'serf' do 18 | description 'Serf Agent' 19 | after 'syslog.target' 20 | after 'network.target' 21 | type 'simple' 22 | exec_start '/usr/bin/serf agent -config-dir=/etc/serf/' 23 | kill_signal 'SIGINT' 24 | restart 'always' 25 | restart_sec '10' 26 | wanted_by 'multi-user.target' 27 | action [:create, :start, :enable] 28 | end 29 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/statsd.rb: -------------------------------------------------------------------------------- 1 | metrics_end_point = node.raspi.metrics_end_point 2 | remote_file '/usr/bin/statsdaemon' do 3 | owner 'root' 4 | group 'root' 5 | mode 0753 6 | source node.raspi.statsdaemon_download_url 7 | end 8 | 9 | systemd_service 'statsdaemon' do 10 | description 'Statsdaemon - StatsD endpoint' 11 | after 'syslog.target' 12 | after 'network.target' 13 | type 'simple' 14 | exec_start "/usr/bin/statsdaemon -graphite=#{metrics_end_point}" 15 | kill_signal 'SIGINT' 16 | restart 'always' 17 | restart_sec '10' 18 | wanted_by 'multi-user.target' 19 | action [:create, :start, :enable] 20 | end 21 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/recipes/telegraf.rb: -------------------------------------------------------------------------------- 1 | remote_file '/usr/bin/telegraf' do 2 | owner 'root' 3 | group 'root' 4 | mode 0755 5 | source node.raspi.telegraf_download_url 6 | end 7 | 8 | user 'telegraf' do 9 | system true 10 | end 11 | 12 | template '/etc/telegraf.conf' do 13 | owner 'telegraf' 14 | group 'telegraf' 15 | mode 0644 16 | variables( 17 | hostname: node.name, 18 | database: node.raspi.telegraf_database, 19 | url: node.raspi.telegraf_output_url 20 | ) 21 | end 22 | 23 | systemd_service 'telegraf' do 24 | description 'The plugin-driven server agent for reporting metrics into InfluxDB' 25 | documentation 'https://github.com/influxdb/telegraf' 26 | after 'network.target' 27 | user 'telegraf' 28 | exec_start '/usr/bin/telegraf -config /etc/telegraf.conf' 29 | restart 'on-failure' 30 | kill_mode 'process' 31 | wanted_by 'multi-user.target' 32 | end 33 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/spec/base_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'recipe[raspi::base]' do 4 | before do 5 | stub_command('which sudo').and_return(false) 6 | end 7 | 8 | let(:boot_options) do 9 | %w(a=b c=d e=f g=h=m) 10 | end 11 | 12 | cached(:chef_run) do 13 | ChefSpec::SoloRunner.new do |node| 14 | node.set['raspi']['timezone'] = 'foo/bar' 15 | node.set['raspi']['boot_options'] = boot_options 16 | end.converge('recipe[raspi::base]') 17 | end 18 | 19 | context '#include_recipe' do 20 | %w(sudo openssh).each do |recipe| 21 | it "##{recipe}" do 22 | expect(chef_run).to include_recipe(recipe) 23 | end 24 | end 25 | end 26 | 27 | it 'adds ubuntu user in sudoer list' do 28 | expect(chef_run).to install_sudo('ubuntu').with( 29 | user: 'ubuntu', 30 | nopasswd: true 31 | ) 32 | end 33 | 34 | it 'updates hostname' do 35 | expect(chef_run).to create_file('/etc/hostname').with( 36 | content: "#{chef_run.node.name}\n", 37 | mode: 0644, 38 | owner: 'root', 39 | group: 'root' 40 | ) 41 | end 42 | 43 | it 'updates /etc/hosts entry' do 44 | expect(chef_run).to create_file('/etc/hosts').with( 45 | mode: 0644, 46 | owner: 'root', 47 | group: 'root' 48 | ) 49 | end 50 | 51 | it 'sets localtime to bay area time' do 52 | expect(chef_run).to create_remote_file('/etc/localtime').with( 53 | source: 'file:///usr/share/zoneinfo/foo/bar', 54 | mode: 0644, 55 | owner: 'root', 56 | group: 'root' 57 | ) 58 | end 59 | 60 | it 'configures pi for hdmi hotplug' do 61 | expect(chef_run).to create_file('/boot/firmware/config.txt').with( 62 | mode: 0755, 63 | owner: 'root', 64 | group: 'root', 65 | content: boot_options.join("\n") + "\n" 66 | ) 67 | end 68 | 69 | it 'installs utility packages' do 70 | expect(chef_run).to install_package('utilities').with( 71 | package_name: %w( 72 | sysstat 73 | screen 74 | vim 75 | htop 76 | strace 77 | traceroute 78 | ) 79 | ) 80 | end 81 | end 82 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/spec/builder_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'recipe[raspi::builder]' do 4 | cached(:chef_run) do 5 | ChefSpec::SoloRunner.new.converge('recipe[raspi::builder]') 6 | end 7 | 8 | it 'includes omnibus recipe' do 9 | expect(chef_run).to include_recipe('omnibus') 10 | end 11 | 12 | it 'installs dependency packages' do 13 | expect(chef_run).to install_package('deps') 14 | end 15 | 16 | it 'clones chef omnibus repo' do 17 | expect(chef_run).to sync_git('/home/omnibus/omnibus-chef').with( 18 | repository: 'https://github.com/chef/omnibus-chef.git', 19 | user: 'omnibus', 20 | group: 'omnibus' 21 | ) 22 | end 23 | 24 | it 'drops the raspverry chef ombnibus build script' do 25 | expect(chef_run).to create_cookbook_file('/home/omnibus/build_chef.sh').with( 26 | mode: 0754, 27 | owner: 'omnibus', 28 | group: 'omnibus' 29 | ) 30 | end 31 | end 32 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/spec/chef_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'recipe[raspi::chef]' do 4 | cached(:chef_run) do 5 | ChefSpec::SoloRunner.new.converge('recipe[raspi::chef]') 6 | end 7 | 8 | it 'create chef systemd service unit' do 9 | expect(chef_run).to create_systemd_service('chef') 10 | end 11 | 12 | it 'create chef systemd timer unit' do 13 | expect(chef_run).to create_systemd_timer('chef') 14 | end 15 | end 16 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/spec/goiardi_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'recipe[raspi::goiardi]' do 4 | cached(:chef_run) do 5 | ChefSpec::SoloRunner.new.converge('recipe[raspi::goiardi]') 6 | end 7 | 8 | it 'creates goiardi user' do 9 | expect(chef_run).to create_user('goiardi') 10 | end 11 | %w( 12 | /opt/goiardi 13 | /opt/goiardi/data 14 | /opt/goiardi/conf 15 | /opt/goiardi/bin 16 | /opt/goiardi/log 17 | /opt/goiardi/etc 18 | ).each do |dir| 19 | it "creates directory #{dir}" do 20 | expect(chef_run).to create_directory(dir).with( 21 | owner: 'goiardi', 22 | group: 'goiardi', 23 | mode: 0755 24 | ) 25 | end 26 | end 27 | 28 | it 'downloads the goiardi binary' do 29 | expect(chef_run).to create_remote_file_if_missing('/opt/goiardi/bin/goiardi').with( 30 | source: 'https://github.com/ctdk/goiardi/releases/download/v0.9.1/goiardi-0.9.1-linux-armv71', 31 | owner: 'goiardi', 32 | group: 'goiardi', 33 | mode: 0755 34 | ) 35 | end 36 | 37 | it 'creates goiardi config file' do 38 | expect(chef_run).to create_template('/opt/goiardi/etc/goiardi.conf').with( 39 | owner: 'goiardi', 40 | group: 'goiardi', 41 | mode: 0644, 42 | variables: {hostname: chef_run.node.ipaddress} 43 | ) 44 | end 45 | 46 | it 'creates goiardi systemd service' do 47 | expect(chef_run).to create_systemd_service('goiardi').with( 48 | description: 'Goiardi', 49 | user: 'goiardi', 50 | permissions_start_only: true, 51 | exec_start: '/opt/goiardi/bin/goiardi -c /opt/goiardi/etc/goiardi.conf', 52 | restart: 'always', 53 | restart_sec: '10s', 54 | wanted_by: 'multi-user.target' 55 | ) 56 | end 57 | end 58 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/spec/kiosk_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'recipe[raspi::kiosk]' do 4 | cached(:chef_run) do 5 | ChefSpec::SoloRunner.new.converge('recipe[raspi::kiosk]') 6 | end 7 | it 'install all gui related packages' do 8 | expect(chef_run).to install_package('gui').with( 9 | package_name: %w( 10 | chromium-browser 11 | dphys-swapfile 12 | libraspberrypi-bin 13 | libraspberrypi-dev 14 | lxde 15 | linux-firmware 16 | libraspberrypi-bin-nonfree 17 | xserver-xorg-video-fbturbo 18 | ) 19 | ) 20 | end 21 | 22 | it 'configures X' do 23 | expect(chef_run).to create_cookbook_file('/etc/X11/xorg.conf').with( 24 | owner: 'root', 25 | group: 'root', 26 | mode: 0644 27 | ) 28 | end 29 | 30 | it 'creatse lxde autostart config' do 31 | expect(chef_run).to create_template('/etc/xdg/lxsession/LXDE/autostart').with( 32 | owner: 'root', 33 | group: 'root', 34 | mode: 0644, 35 | source: 'lxde_autostart.erb' 36 | ) 37 | end 38 | end 39 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/spec/metrics_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'recipe[raspi::metrics]' do 4 | let(:grafana_deb_path) do 5 | File.join(Chef::Config.file_cache_path, 'grafana_2.5.0-pre1_armhf.deb') 6 | end 7 | 8 | cached(:chef_run) do 9 | ChefSpec::SoloRunner.new(file_cache_path: '/var/chef/cache') do |node| 10 | end.converge('recipe[raspi::metrics]') 11 | end 12 | 13 | it 'install dependency package' do 14 | expect(chef_run).to install_package('metrics-deps').with( 15 | package_name: %w(fontconfig-config libfontconfig1) 16 | ) 17 | end 18 | 19 | it 'creats influxdb user' do 20 | expect(chef_run).to create_user('influxdb').with( 21 | system: true, 22 | home: '/opt/influxdb', 23 | manage_home: true 24 | ) 25 | end 26 | 27 | it 'downloads influxdb bindary file' do 28 | expect(chef_run).to create_remote_file_if_missing('/opt/influxdb/influxd') 29 | end 30 | 31 | it 'creates configuration file for influxd' do 32 | expect(chef_run).to create_cookbook_file('/opt/influxdb/influxdb.conf').with( 33 | mode: 0644, 34 | owner: 'influxdb', 35 | group: 'influxdb' 36 | ) 37 | end 38 | 39 | it 'creates default environment config file for influxdb' do 40 | expect(chef_run).to create_cookbook_file('/etc/default/influxdb').with( 41 | mode: 0644, 42 | source: 'influxdb.sh' 43 | ) 44 | end 45 | 46 | it 'creates systemd service unit' do 47 | expect(chef_run).to create_systemd_service('influxdb').with( 48 | description: 'InfluxDB is an open-source, distributed, time series database', 49 | after: 'network.target', 50 | user: 'influxdb', 51 | group: 'influxdb', 52 | limit_nofile: '65536', 53 | environment_file: '-/etc/default/influxdb', 54 | exec_start: '/opt/influxdb/influxd -config /opt/influxdb/influxdb.conf $INFLUXD_OPTS', 55 | restart: 'on-failure', 56 | wanted_by: 'multi-user.target' 57 | ) 58 | end 59 | 60 | it 'downloads grafana debian package' do 61 | expect(chef_run).to create_remote_file_if_missing(grafana_deb_path) 62 | end 63 | 64 | it 'install grafana debian package' do 65 | expect(chef_run).to install_dpkg_package('grafana').with( 66 | source: grafana_deb_path 67 | ) 68 | end 69 | 70 | it 'start grafana service' do 71 | expect(chef_run).to start_service('grafana-server') 72 | end 73 | end 74 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/spec/serf_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'recipe[raspi::serf]' do 4 | cached(:chef_run) do 5 | ChefSpec::SoloRunner.new do |node| 6 | end.converge('recipe[raspi::serf]') 7 | end 8 | 9 | it 'install serf binart' do 10 | expect(chef_run).to create_remote_file('/usr/bin/serf') 11 | end 12 | 13 | it 'creates serf config directory' do 14 | expect(chef_run).to create_directory('/etc/serf') 15 | end 16 | 17 | it 'ceeates serf config file' do 18 | expect(chef_run).to create_file('/etc/serf/agent.json') 19 | end 20 | 21 | it 'creates syetmd service unit for serf' do 22 | expect(chef_run).to create_systemd_service('serf') 23 | end 24 | end 25 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/templates/default/goiardi.conf.erb: -------------------------------------------------------------------------------- 1 | ipaddress = "0.0.0.0" 2 | port = 4646 3 | hostname = "<%=@hostname%>" 4 | log-file = "/opt/goiardi/log/goiardi.log" 5 | syslog = false 6 | log-level = "info" 7 | index-file = "/opt/goiardi/data/goiardi-index.bin" 8 | data-file = "/opt/goiardi/data/goiardi-data.bin" 9 | freeze-interval = 600 10 | use-unsafe-mem-store = false 11 | time-slew = "100m" 12 | conf-root = "/opt/goiardi/conf" 13 | use-auth = true 14 | use-ssl = false 15 | https-urls = false 16 | disable-webui = false 17 | log-events = false 18 | obj-max-size = 10485760 19 | json-req-max-size = 1000000 20 | max-connections = 50 21 | use-serf = false 22 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/templates/default/lxde_autostart.erb: -------------------------------------------------------------------------------- 1 | @lxpanel --profile LXDE 2 | @pcmanfm --desktop --profile LXDE 3 | @/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1 4 | 5 | xset s off 6 | @xset -dpms 7 | @xset s noblank 8 | 9 | @sed -i 's/"exited_cleanly": false/"exited_cleanly": true/' ~/.config/chromium/Default/Preferences 10 | 11 | @chromium-browser <%=@statup_app%> 12 | -------------------------------------------------------------------------------- /site-cookbooks/raspi/templates/default/telegraf.conf.erb: -------------------------------------------------------------------------------- 1 | [tags] 2 | [agent] 3 | interval = "10s" 4 | debug = false 5 | hostname = "<%=@hostname%>" 6 | utc = true 7 | precision = "s" 8 | [outputs] 9 | [outputs.influxdb] 10 | urls = ["<%=@url%>"] 11 | database = "<%=@database%>" 12 | [cpu] 13 | percpu = true 14 | totalcpu = true 15 | [net] 16 | interfaces = ["eth0"] 17 | [ping] 18 | urls =["8.8.8.8"] 19 | count = 1 20 | [disk] 21 | [io] 22 | [mem] 23 | [system] 24 | [swap] 25 | [statsd] 26 | service_address = ":8125" 27 | delete_gauges = false 28 | delete_counters = false 29 | delete_sets = false 30 | delete_timings = true 31 | percentiles = [90] 32 | allowed_pending_messages = 10000 33 | percentile_limit = 1000 34 | -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | require 'chefspec' 2 | 3 | RSpec.configure do |c| 4 | c.cookbook_path = %w(vendor site-cookbooks).map{|d| File.expand_path("../../#{d}", __FILE__)} 5 | c.version = '14.04' 6 | c.platform = 'ubuntu' 7 | end 8 | --------------------------------------------------------------------------------