bink/cookbook-fury
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
No description
This repository has been archived on 2026-04-20. You can view files and clone it, but you cannot make any changes to its state, such as pushing and creating new issues, pull requests or comments.
83 commits 1 branch 29 tags 110 KiB
  • Ruby 65.6%
  • HTML 34.4%
Find a file
Exact
Chris Pressland f3f0a60002
Some checks failed
ci / tests (push) Failing after 36s
Details
ci / upload (push) Has been skipped
Details
Fix OTP Token
2022-05-09 15:56:06 +01:00
.github/workflows CI fix 2021-12-04 17:14:03 +00:00
attributes Fix OTP Token 2022-05-09 15:56:06 +01:00
files/ssh Rewrote SFTP functionality to use inotify directly 2021-02-03 19:20:45 +00:00
recipes Set SSH Keys in the correct place 2021-12-23 18:47:23 +00:00
templates Rewrote SFTP functionality to use inotify directly 2021-02-03 19:20:45 +00:00
test/integration Rewrote SFTP functionality to use inotify directly 2021-02-03 19:20:45 +00:00
.gitignore Added DS_Store to git ignore file 2018-09-20 16:20:24 +01:00
.gitlab-ci.yml Remove README upload 2021-10-18 11:06:45 +00:00
Berksfile Package Updates 2022-05-03 11:12:51 +01:00
Berksfile.lock Package Updates 2022-05-03 11:12:51 +01:00
kitchen.yml Some kitchen changes 2021-10-18 10:59:42 +00:00
metadata.rb Fix OTP Token 2022-05-09 15:56:06 +01:00
README.md Added a slug option to SFTP 2020-09-28 20:42:52 +01:00

README.md

page_title
Fury

Build Status

The Fury cookbook provisions user accounts along with their SSH key and OTP for sudo access.

The cookbook can disable users that currently exist by editing attributes/default.rb

Various misc utilities are installed like ZSH, HTOP etc...

Users

Users should be defined in the attributes/default.rb.

SFTP Users

SFTP users can be defined in the Chef Environment, usually via Terraform, these should not be hardcoded in the Attributes file as this would cause sftp users to be defined on every Bnk server.

Example:

default['users']['sftp'] = [
  { # This user will upload files to blow storage
    name: 'binktest',
    id: 3999,
    ssh_key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIELQcHnP/OLHDHoBciexk8gkrD/H4cUSbWVNjhDKmWNp',
    upload: {
      conn_string: 'DefaultEndpointsProtocol=https;AccountName=binkuksouthblarg;AccountKey=blarg;EndpointSuffix=core.windows.net',
      container: 'supersecret',
      slug: 'scheme/binktest',
    },
  },
  { # This user won't upload files to blob storage
    name: 'binkjeff',
    id: 3998,
    ssh_key: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIELQcHnP/OLHDHoBciexk8gkrD/H4cUSbWVNjhDKmWNp',
  },
]

Future Improvements

  • Replace Google OTP with something in AzureAD, sounds like a fun Go project?