· 7 years ago · Jul 24, 2018, 07:32 PM
1include_recipe "databag_decrypt::default"
2s3_access_key = item_decrypt(search(:passwords, "id:s3_access_key").first[:data])
3s3_secret_key = item_decrypt(search(:passwords, "id:s3_secret_key").first[:data])
4
5case node[:platform]
6when "redhat", "centos"
7 if node[:platform_version].to_f >= 5
8 %w[ CentOS-Base epel elff ].each do |repo_file|
9 cookbook_file "/etc/yum.repos.d/#{repo_file}.repo" do
10 mode 0644
11 source "#{repo_file}.repo"
12 action :create
13 end
14 end
15
16 %w[ CentOS-Media kbs-el5-ruby187 cloudkick epel-testing elff-testing jpackage50 s3tools ].each do |banned_repo|
17 file "/etc/yum.repos.d/#{banned_repo}.repo" do
18 action :delete
19 end
20 end
21
22 directory "/mnt/yumrepo" do
23 mode 0755
24 owner "root"
25 group "root"
26 action :create
27 recursive true
28 end
29
30 template "/root/.yums3cfg" do
31 mode 0640
32 owner "root"
33 group "root"
34 action :create
35 source "yums3cfg.erb"
36 variables({ :access_key => s3_access_key, :secret_key => s3_secret_key })
37 end
38
39 cron "sync_repo" do
40 hour "4"
41 minute "0"
42 command "s3cmd -c /root/.yums3cfg sync s3://rpms/ /mnt/yumrepo/ --recursive --exclude=$folder$ --delete-removed"
43 only_if do File.exist?("/root/.yums3cfg") end
44 end
45
46 package "s3cmd" do
47 version "0.9.9.91"
48 action :upgrade
49 provider Chef::Provider::Package::Yum
50 notifies :run, "execute[initial_repo_sync]", :immediately
51 end
52
53 execute "initial_repo_sync" do
54 command "s3cmd -c /root/.yums3cfg sync s3://rpms/ /mnt/yumrepo/ --recursive --exclude=$folder$ --delete-removed"
55 action :nothing
56 not_if do File.exist?("/mnt/yumrepo/i386/repodata") end
57 end
58
59 # delay this till the end so that yum doesn't bork
60 %w[ company ].each do |repo_file|
61 cookbook_file "/etc/yum.repos.d/#{repo_file}.repo" do
62 mode 0644
63 source "#{repo_file}.repo"
64 action :create
65 end
66 end
67 end
68else
69 Chef::Log.info("I don't support #{node.platform} yet")
70end