archive_distro = "debian"
archive_security_distro = "debian-security"
archive_suites = %w[main updates security]
- archive_components = %w[main contrib non-free]
+ archive_components = %w[main contrib non-free non-free-firmware]
elsif intel?
archive_host = if node[:country]
"#{node[:country]}.archive.ubuntu.com"
end
if platform?("debian")
- if node[:dmi][:system][:product_name].end_with?("Gen10")
- apt_repository "mcp-gen10" do
- uri "https://downloads.linux.hpe.com/SDR/repo/mcp"
- distribution "#{node[:lsb][:codename]}/current-gen10"
- components ["non-free"]
- key "C208ADDE26C2B797"
- end
- else
- apt_repository "mcp" do
- uri "https://downloads.linux.hpe.com/SDR/repo/mcp"
- distribution "#{node[:lsb][:codename]}/current"
- components ["non-free"]
- key "C208ADDE26C2B797"
- end
+ apt_repository "mcp" do
+ uri "https://downloads.linux.hpe.com/SDR/repo/mcp"
+ distribution "#{node[:lsb][:codename]}/current"
+ components ["non-free"]
+ key "C208ADDE26C2B797"
end
elsif platform?("ubuntu")
if node[:dmi][:system][:product_name].end_with?("Gen10")
end
end
-os_release = node[:lsb][:release]
+os_release = if platform?("debian") && node[:lsb][:release].to_f > 11
+ 11
+ else
+ node[:lsb][:release]
+ end
remote_file "#{cache_dir}/#{chef_package}" do
source "https://packages.chef.io/files/stable/chef/#{chef_version}/#{chef_platform}/#{os_release}/#{chef_package}"
# relay domains is to use a callout (add /callout), but please read the
# documentation about callouts before doing this.
- require verify = recipient
+ deny domains = +relay_to_domains
+ !verify = recipient/callout=use_sender
+
+ deny domains = !+relay_to_domains
+ !verify = recipient
<% if node[:exim][:dns_blacklists] -%>
# Deny any messages from hosts in certain blacklists.
package %w[
fail2ban
+ python3-systemd
ruby-webrick
]
+if platform?("debian")
+ package "python3-inotify"
+else
+ package "gamin"
+end
+
template "/etc/fail2ban/jail.d/00-default.conf" do
source "jail.default.erb"
owner "root"
template "ohai.rb.erb"
end
+if platform?("debian")
+ package "firmware-linux"
+end
+
if node[:cpu] && node[:cpu][:"0"] && node[:cpu][:"0"][:vendor_id]
case node[:cpu][:"0"][:vendor_id]
when "GenuineIntel"
aliases ["www.stateofthemap.org", "stateofthemap.com", "www.stateofthemap.com", "sotm.org", "www.sotm.org"]
end
-%w[2013 2016 2017 2018 2019 2020 2021 2022].each do |year|
+%w[2013 2016 2017 2018 2019 2020 2021 2022 2024].each do |year|
podman_site "#{year}.stateofthemap.org" do
image "ghcr.io/openstreetmap/stateofthemap-#{year}:latest"
aliases ["#{year}.stateofthemap.com", "#{year}.sotm.org"]
google_openid_realm "https://www.openstreetmap.org"
facebook_auth_id "427915424036881"
facebook_auth_secret web_passwords["facebook_auth_secret"]
- microsoft_auth_id "45ef48fb-6a13-4239-b842-133608b8edd7"
+ microsoft_auth_id "e34f14f1-f790-40f3-9fa4-3c5f1a027c38"
microsoft_auth_secret web_passwords["microsoft_auth_secret"]
github_auth_id "acf7da34edee99e35499"
github_auth_secret web_passwords["github_auth_secret"]
:comment => "Enable forwarding",
:parameters => { "net.ipv4.ip_forward" => "1" }
}
- },
- :exim => {
- :relay_from_hosts => ["10.0.0.0/8"]
}
)
projects / chef.git / commitdiff