How do you secure a deployed server dashboard? ideally with authentication.
From the deployd docs:
To set up the dashboard on your server, type dpd keygen on your
server's command line to create a remote access key. Type dpd showkey
to get the key; you should store this somewhere secure.
You can then go to the /dashboard route on the server and type in that
key to gain access.
See here: http://docs.deployd.com/docs/server/your-server.md#s-Dashboard%20Access-2728
The documentation at docs.deployed.com has more detail than the github documentation by the way.
Hope this helps.
Change directory (cd) to your Deployd project's root.
Run dpd keygen.
Run dpd showkey and save the key somewhere.
Restart dpd with --environment production option, otherwise it won't
require the key when accessing /dashboard.
Go to your API's /dashboard and paste the key in the dialog.
On top of auth, I'm also limiting it to data-entry users only.
It's not perfect (i also want to remove the delete-resource button), but here goes:
env.sh
# this makes deployd require key for /dashboard
export NODE_ENV=production
.production.patch (disables events- config-editors)
--- node_modules/deployd/lib/resources/dashboard/index.ejs 2016-11-21 16:10:05.406025488 +0100
+++ node_modules/deployd/lib/resources/dashboard/index.ejs.new 2016-11-21 16:09:51.009794524 +0100
## -65,7 +65,7 ##
<span class="caret"></span>
<% if (type && type.dashboardPages) { %>
<ul class="nav pages type-icons <%= isCurrent ? '' : 'hide' %>">
- <% type.dashboardPages.forEach(function(p) { %>
+ <% type.dashboardPages.forEach(function(p) { if( p.match(/Config|Events|Properties/) != null ) return %>
<li <%- isCurrent && (Context.page || '').toLowerCase() === p.toLowerCase() ? 'class=active' : ''%> ><i class="icon-white icon-custom <%= p.toLowerCase() %>"></i> <%= p %></li>
<% }); %>
</ul>
.git/hooks/post-merge (automatically call upon git pull)
#!/bin/bash
# disallow users from changing resource schema's, event-code and config.json
patch -Np0 < .production.patch
[[ ! -n $NO_NPM ]] && npm update
Related
I have a vault item defined as the following in my recipe
item = ChefVault::Item.load("user","password")
How do i call this this in my template.erb? I tried the following which isn't working
ROOTPASSWORD= <%= #node["testcookbook"]["user"]["password"] %>
My vault item looks like this:
$ knife vault show user password
id: password
pass: xxxxxxxxxx
username: chefuser
I generally do something like this within a recipe
ROOTPASSWORD #{item['pass']}
however I don't think that would work within a template.
There are two options to solve that problem though the second one should be preferred as that keeps your sensitive data private.
Suppose, if your vault look like this:
knife vault show user password
id: password
pass: xxxxxxxxxx
username: chefuser
Then, you can approach like following:
Save as Node Attribute
First, if you want to set the password on node object and make it visible, then
you can do something like below:
In recipe:
node.default["testcookbook"]["user"]["password"] = ChefVault::Item.load("user","password")['pass']
template '/tmp/template' do
source 'template.erb'
owner 'root'
group 'root'
mode '0644'
end
In Template:
ROOTPASSWORD= <%= node["testcookbook"]["user"]["password"] %>
Pass Data to the Template using variables
Second, if you don't want to set the password on node object and let it visible in chef run logs, then you can do something like below:-
template '/tmp/template' do
source 'template.erb'
owner 'root'
group 'root'
mode '0644'
sensitive true
variables( {:password => ChefVault::Item.load("user","password")['pass']})
end
In Template:
ROOTPASSWORD= <%= #password %>
I am seeing a weird issue when running my chef cookbook, it almost looks like there is some stale variable names being used in between runs even after modifying the json env file. Please see below for more details. I have pasted excerpts from my template, and environment files. Also showed the desired output and the current weird output that I am seeing. It may be something with my ruby loops (excuse my ruby, noob here) but I have checked it multiple times and don't see any issue with the construct.
Any help appreciated... have been messing with this for almost 24 hours now, in the interest of being productive I am reaching out to others.
This is my first post here and I am not allowed to post more than 2 links in the content. I had to remove the 'http' and 'https' from my sample output and rename my domain names to bypass.
Template:
gatewaymappings: |
{
<% #gatewaymappings.each_with_index do |mapping, index| %>
"<%= mapping.incomingFQDN %>" : "<%= mapping.upstreamProtocol %>://<%= mapping.upstreamFQDN %>
<% if (mapping.upstreamPort.length > 0) %>
:<%= mapping.upstreamPort %>"
<% end %>
<% if (index+1 != #gatewaymappings.count) %>
,
<% end %>
<% end %>
}
Chef template variables:
:gatewaymappings => node[app_name]['gatewaymappings']
Sample JSON:
"gatewaymappings": [
{
"incomingFQDN": "host1",
"upstreamProtocol": "http",
"upstreamFQDN": "upstream1",
"upstreamPort": "8000"
},
{
"incomingFQDN": "host2",
"upstreamProtocol": "https",
"upstreamFQDN": "upstream2",
"upstreamPort": "8001"
}
]
Desired output: (inside yml file)
gatewaymappings: |
{
"host1" : "upstream1:8000",
"host2" : "upstream2:8001"
}
Current output:
(The first element is from a previous sample env run which doesnt even exist in my current sample json, I tried clearing cache etc, but it still keep showing up)
gatewaymappings: |
{
"localhost" : "upstream",
"host1" : "upstream1:8000",
"host2" : "upstream2:8001",
"host1" : "upstream1:8000",
"host2" : "upstream2:8001"
}
I think I was able to fix this. It was due to my node configs being corrupted. I should have mentioned I was using chef-zero. It turns out the node config is saved back to a json file inside nodes directory even for chef-zero and so no matter how many times I deleted my local-mode caches inside ~/.chef and my installation directories, the stale values kept coming back. Thanks to gitter chat room, someone gave me a gentle reminder to check the node's configs. That took care of the issue and I am seeing my expected output now. Thanks!
I'm trying to rename a folder from:
<li class="selected rename" id="labelset-624" folderid="624" foldertype="labelset" permissionlevel="2" labelsetid="624">
<div class="folder-insert-drop ui-droppable"></div>
<div class="clear"></div>
<div class="folder-item droppable hoverable empty ui-droppable">
<div id="mlink-labelset-624" class="folder-menu-link" data-hasfullperm="true" data-subfoldertype="undefined"></div>
<div class="expander"></div>
<div class="folder-name labelset label-set">New Label Set</div>
<div class="target-bar"></div>
<div class="folder-rename">
<input value="New Label Set" id="folder-rename-624" maxlength="100" type="text">
</div>
with watir-webdriver using the following commands:
#b.li(:class, "selected rename").div(:class, "folder-rename").text_field.wait_until_present
#b.li(:class, "selected rename").div(:class, "folder-rename").text_field.set labelsetName
#b.li(:class, "selected rename").div(:class, "folder-rename").text_field.send_keys :return
And it gives me the following error:
Watir::Exception::UnknownObjectException: unable to locate element, using {:class=>"selected rename", :tag_name=>"li"}
When I run my test script (test-unit), I can see the value for labelsetName entered into the text field, but it quickly disappears and reverts to the default value. This causes the send_keys statement to err.
When I enter the same commands into irb, it works perfectly. I tried adding sleeps of up to 15 seconds between steps to no avail. Is there any reason the two would work differently? Any suggestions for fixing this going forward?
Unless you have a compelling reason otherwise, try accessing the <input> tag directly using the id attribute:
b.text_field(:id => "folder-rename-624").set "foo"
b.text_field(:id => "folder-rename-624").send_keys :return
And--if there's an associated submit button--try using that instead of send_keys :return.
EDIT: Unfortunately, I can't reproduce the disappearing text issue. But I'm adding this snippet, which should handle the incrementing id attribute:
tfs = b.text_fields
b.text_field(:id => "#{tfs.last.id}").set "foo"
b.text_field(:id => "#{tfs.last.id}").send_keys :return
Turns out that because I had run the test a number of times, each time creating a new folder, that the folder I was trying to rename got pushed off screen. This is what caused the error.
I'm trying to get a gh-pages site up and running. First time using Jekyll.
I have a super basic layout (default.html) in /_layouts:
<!doctype html>
<html>
<head>
<meta charset="utf-8">
</head>
<body>
<div class="wrapper">
<section id="main">
{{ content }}
</section>
</div>
</body>
</html>
And a single content page (index.html)
---
layout: default
---
Hello World
My _config.yml file is simply
pygments: true
When running jekyll --no-auto --server I get the following error. No files are generated.
.rvm/rubies/ruby-1.9.3-p327/lib/ruby/1.9.1/psych.rb:203:in `parse':
(<unknown>): did not find expected node content while parsing a flow
node at line 3 column 1 (Psych::SyntaxError)
Anyone know what's wrong here?
Since line 3 is <head>, it is possible that some basic metadata is missing, like <title>.
All template I see have a title (zinga, Symplicity, ... either fixed or generated), and the most basic template has one too (see "Hello World, I'm Jekyll")
<html>
<head>
<title>Hello world!</title>
</head>
<body>
<h1>Hello world!</h1>
<p>This is my first Jekyll website.</p>
</body>
</html>
You should check that what it's parsing is YAML at all.
The way I'm checking this in by putting some debug commands in the gem directly and re-running.
Change the psych.rb which for me is at /home/user/.rbenv/versions/2.0.0-p0/lib/ruby/2.0.0/psych.rb. Look for the def self.load and change it from
def self.load yaml, filename = nil
result = parse(yaml, filename)
result ? result.to_ruby : result
end
to
def self.load yaml, filename = nil
puts "****************#{filename}"
result = parse(yaml, filename)
result ? result.to_ruby : result
end
and look for the output in your terminal when you re-run the command.
I am currently dealing with deploying a rails app with capistrano (no jekyll at all). In my case, the output was blank, which is obviously not a filename. So now I'm investigating further up the chain. I hope that gets you started.
I'm building a static site using Middleman that has a portfolio section of all the client's recent projects.
The portfolio section will display project thumbnail images in a 3 X 3 gallery fashion and, when clicked on, will open their co-responding html page inside a lightbox.
The layout for the pages inside the light box is the same so rather than markup each individual page, I thought there would be a way for Middleman handling the content served from a yaml data file (projects.yml) using [a link.
Here's what I've got in my config.rb file
###
# Page options, layouts, aliases and proxies
###
# A path which all have the same layout
with_layout :popup do
page "/projects/*"
end
# Proxy (fake) files
# page "/this-page-has-no-template.html", :proxy => "/template-file.html" do
# #which_fake_page = "Rendering a fake page with a variable"
# end
data.projects.details.each do |pd|
proxy "/projects/#{pd[:client_name]}.html", "/projects/template.html", locals: { project: pd }, ignore: true
end
Ok so after some digging I came across the two posts below which helped me under stand how dynamic pages work in middleman. (Unfortunately there's not a lot of doco and the Middleman example for Dynamic pages is really basic)
http://benfrain.com/understanding-middleman-the-static-site-generator-for-faster-prototyping/
http://forum.middlemanapp.com/discussion/134/best-way-to-use-yaml-same-html-but-parameter-driven-data-fixed/p1
My solution...
data/projects.yml (contains project details)
details:
- client: "Company X"
title: "Company X Event"
video_url: ""
logo:
- "logo_companyx.gif"
image_path: "/img/projects/companyx"
total_images: 10
content: "<p>Blah blah blah</p>"
responsibilities:
"<li>Something</li>
<li>Some task</li>"
config.rb:
data.projects.details.each do |pd|
proxy "/projects/#{pd[:client]}.html", "/projects/template.html", :layout => false, :locals => { :project => pd }, :ignore => true
end
The trick with the snippet above is passing the entire project data object to the template via a proxy using locals and setting the layout to false so it doesn't inherit the default site layout (as I - or the client rather - want to display these in a lightbox popup)
The last step in the process was to create /projects/template.html.erb (in the source folder), declaring the following at the top of the template
<% p = locals[:project] %>
This allowed me to output each property of the p object within template.html.erb.
eg:
<%= p[:title] %>
I hope this helps someone as it took me a few days of playing around and LOTS of searching online for example or hints.