jameskyle · November 8, 2012 15:51
diff --git a/chef_server_install.sh b/chef_server_install.sh
 #!/bin/bash

 CHEF_SERVER_WEBUI_PASS=webui_admin_pass
 CHEF_AMQP_PASS=amqp_pass
 CHEF_FQDN=chef.yourdomain.com
 CHEF_URL=https://${CHEF_FQDN}

 export DEBIAN_FRONTEND=noninteractive
 echo "deb http://apt.opscode.com/ `lsb_release -cs`-0.10 main" | tee /etc/apt/sources.list.d/opscode.list
 mkdir -p /etc/apt/trusted.gpg.d
 gpg --keyserver keys.gnupg.net --recv-keys 83EF826A
 gpg --export [email protected] | tee /etc/apt/trusted.gpg.d/opscode-keyring.gpg > /dev/null
 apt-get update
 apt-get install opscode-keyring -y
 apt-get upgrade -y

 # First set the selections for the insall
 echo "chef-server-webui chef-server-webui/admin_password password $CHEF_SERVER_WEBUI_PASS" | debconf-set-selections
 echo "chef-solr         chef-solr/amqp_password password          $CHEF_AMQP_PASS "        | debconf-set-selections
 echo "chef              chef/chef_server_url string               $CHEF_URL"               | debconf-set-selections

 apt-get install chef chef-server -y

 #cleanup

 apt-get install nginx ssl-cert -y
 rm /etc/nginx/sites-{available,enabled}/default

 cat <<EOF > /etc/nginx/conf.d/${CHEF_FQDN}.conf
 #local chef server
 upstream chef_api_local {
  server localhost:4000;
 }

 #local chef webui
 upstream chef_webui_local {
  server localhost:4040;
 }

 server {
  listen 443;
  server_name $CHEF_FQDN;
  ssl on;
  ssl_certificate     /etc/ssl/certs/ssl-cert-snakeoil.pem;
  ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;

  ssl_session_timeout 5m;

  ssl_protocols SSLv2 SSLv3 TLSv1;
  ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
  ssl_prefer_server_ciphers on;

  root /var/www/html;

  proxy_set_header Host \$host;
  proxy_set_header X-Real-IP \$remote_addr;
  proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
  proxy_set_header X-Forwarded-Proto https;

  location / {
    #API request incoming
    if ( \$http_x_ops_timestamp != "" ){
    proxy_pass http://chef_api_local;
    break;
  }
  #webui request incoming
    proxy_pass http://chef_webui_local;
  }

 }
 EOF
 service nginx restart
 apt-get autoremove --purge
	#!/bin/bash

	CHEF_SERVER_WEBUI_PASS=webui_admin_pass
	CHEF_AMQP_PASS=amqp_pass
	CHEF_FQDN=chef.yourdomain.com
	CHEF_URL=https://${CHEF_FQDN}

	export DEBIAN_FRONTEND=noninteractive
	echo "deb http://apt.opscode.com/ `lsb_release -cs`-0.10 main" \| tee /etc/apt/sources.list.d/opscode.list
	mkdir -p /etc/apt/trusted.gpg.d
	gpg --keyserver keys.gnupg.net --recv-keys 83EF826A
	gpg --export [email protected] \| tee /etc/apt/trusted.gpg.d/opscode-keyring.gpg > /dev/null
	apt-get update
	apt-get install opscode-keyring -y
	apt-get upgrade -y

	# First set the selections for the insall
	echo "chef-server-webui chef-server-webui/admin_password password $CHEF_SERVER_WEBUI_PASS" \| debconf-set-selections
	echo "chef-solr chef-solr/amqp_password password $CHEF_AMQP_PASS " \| debconf-set-selections
	echo "chef chef/chef_server_url string $CHEF_URL" \| debconf-set-selections

	apt-get install chef chef-server -y

	#cleanup

	apt-get install nginx ssl-cert -y
	rm /etc/nginx/sites-{available,enabled}/default

	cat <<EOF > /etc/nginx/conf.d/${CHEF_FQDN}.conf
	#local chef server
	upstream chef_api_local {
	server localhost:4000;
	}

	#local chef webui
	upstream chef_webui_local {
	server localhost:4040;
	}

	server {
	listen 443;
	server_name $CHEF_FQDN;
	ssl on;
	ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
	ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;

	ssl_session_timeout 5m;

	ssl_protocols SSLv2 SSLv3 TLSv1;
	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
	ssl_prefer_server_ciphers on;

	root /var/www/html;

	proxy_set_header Host \$host;
	proxy_set_header X-Real-IP \$remote_addr;
	proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto https;

	location / {
	#API request incoming
	if ( \$http_x_ops_timestamp != "" ){
	proxy_pass http://chef_api_local;
	break;
	}
	#webui request incoming
	proxy_pass http://chef_webui_local;
	}

	}
	EOF
	service nginx restart
	apt-get autoremove --purge