Skip to content

Instantly share code, notes, and snippets.

@jtimberman
Created October 21, 2011 00:00
Show Gist options
  • Save jtimberman/1302749 to your computer and use it in GitHub Desktop.
Save jtimberman/1302749 to your computer and use it in GitHub Desktop.
bootstrap template that uses an encrypted data bag secret key
bash -c '
<%= "export http_proxy=\"#{knife_config[:bootstrap_proxy]}\"" if knife_config[:bootstrap_proxy] -%>
if [ ! -f /usr/bin/chef-client ]; then
apt-get update
apt-get install -y ruby ruby1.8-dev build-essential wget libruby-extras libruby1.8-extras
cd /tmp
wget <%= "--proxy=on " if knife_config[:bootstrap_proxy] %>http://production.cf.rubygems.org/rubygems/rubygems-1.6.2.tgz
tar zxf rubygems-1.6.2.tgz
cd rubygems-1.6.2
ruby setup.rb --no-format-executable
fi
gem update --no-rdoc --no-ri
gem install ohai --no-rdoc --no-ri --verbose
gem install chef --no-rdoc --no-ri --verbose <%= bootstrap_version_string %>
mkdir -p /etc/chef
(
cat <<'EOP'
<%= validation_key %>
EOP
) > /tmp/validation.pem
awk NF /tmp/validation.pem > /etc/chef/validation.pem
rm /tmp/validation.pem
(
cat <<'EOP'
<%= config_content %>
EOP
) > /etc/chef/client.rb
<% if Chef::Config[:knife].has_key?(:secret_file) -%>
(
cat <<'EOP'
<%= IO.read(Chef::Config[:knife][:secret_file]) %>
EOP
) > /tmp/encrypted_data_bag_secret
awk NF /tmp/encrypted_data_bag_secret > /etc/chef/encrypted_data_bag_secret
rm /tmp/encrypted_data_bag_secret
<% end -%>
(
cat <<'EOP'
<%= { "run_list" => @run_list }.to_json %>
EOP
) > /etc/chef/first-boot.json
<%= start_chef %>'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment