Installs/Configures Atlassian Stash server and Atlassian Stash Backup Client. Provides LWRPs for code deployment via Stash as well as for hook and repository management. Please see COMPATIBILITY.md for more information about Stash releases (versions and checksums) that are tested and supported by cookbook versions.
- CentOS 6, 7
- RHEL 6, 7
- Ubuntu 12.04, 14.04
- Version 3.X of cookbook requires Chef 11 due to
arkusage
- HSQLDB (not recommended for production usage)
- Microsoft SQL Server
- MySQL
- Postgres
Required Opscode Cookbooks
- apache2 (if using Apache 2 proxy)
- ark
- cron
- database
- git
- java
- mysql (if using MySQL database)
- perl
- postgresql (if using Postgres database)
Third-Party Cookbooks
- mysql_connector (if using MySQL database)
These attributes are under the node['stash'] namespace.
| Attribute | Description | Type | Default |
|---|---|---|---|
| checksum | SHA256 checksum for Stash install | String | auto-detected (see attributes/default.rb) |
| home_path | home data directory for Stash user | String | /var/atlassian/application-data/stash |
| install_path | location to install Stash | String | /opt/atlassian |
| install_type | Stash install type - "standalone" only for now | String | standalone |
| url_base | URL base for Stash install | String | http://www.atlassian.com/software/stash/downloads/binary/atlassian-stash |
| url | URL for Stash install | String | auto-detected (see attributes/default.rb) |
| user | user to run Stash | String | stash |
| version | Stash version to install | String | 3.6.0 |
These attributes are under the node['stash']['backup_client'] namespace. Some of these attributes are overridden by stash/stash encrypted data bag (Hosted Chef) or data bag (Chef Solo), if it exists.
| Attribute | Description | Type | Default |
|---|---|---|---|
| backup_path | Path for backups | String | /tmp |
| baseurl | Stash base URL | String | https://#{node['fqdn']}/ |
| checksum | SHA256 checksum for Stash Backup Client install | String | auto-detected (see attributes/default.rb) |
| install_path | location to install Stash Backup Client | String | /opt/atlassian-stash-backup-client |
| password | Stash administrative user password | String | changeit |
| url_base | URL base for Stash Backup Client install | String | http://downloads.atlassian.com/software/stash/downloads/stash-backup-distribution |
| user | Stash administrative user | String | admin |
| version | Stash Backup Client version to install | String | 1.6.0 |
These attributes are under the node['stash']['backup_client']['cron'] namespace. All of these attributes are overridden by stash/stash encrypted data bag (Hosted Chef) or data bag (Chef Solo), if it exists.
| Attribute | Description | Type | Default |
|---|---|---|---|
| day | Day of month | String | * |
| hour | Hour of day | String | 0 |
| minute | Minute of hour | String | 0 |
| month | Month of year | String | * |
| weekday | Day of week | String | * |
The default database will be changing to postgresql when cookbook 4.x is released.
All of these node['stash']['database'] attributes are overridden by stash/stash encrypted data bag (Hosted Chef) or data bag (Chef Solo), if it exists
| Attribute | Description | Type | Default |
|---|---|---|---|
| host | FQDN or "localhost" (localhost automatically installs ['database']['type'] server) |
String | localhost |
| name | Stash database name | String | stash |
| password | Stash database user password | String | changeit |
| port | Stash database port | Fixnum | 3306 |
| testInterval | Stash database pool idle test interval in minutes | Fixnum | 2 |
| type | Stash database type - "hsqldb" (not recommended), "mysql", "postgresql", or "sqlserver" | String | mysql |
| user | Stash database user | String | stash |
These attributes are under the node['stash']['jvm'] namespace.
| Attribute | Description | Type | Default |
|---|---|---|---|
| minimum_memory | JVM minimum memory | String | 512m |
| maximum_memory | JVM maximum memory | String | 768m |
| maximum_permgen | JVM maximum PermGen memory | String | 256m |
| java_opts | additional JAVA_OPTS to be passed to Stash JVM during startup | String | "" |
| support_args | additional JAVA_OPTS recommended by Atlassian support for Stash JVM during startup | String | "" |
The usage of node['stash']['plugin'] for properties is deprecated in 3.x of the cookbook and may change or be removed in 4.x
All of these node['stash']['properties'] attributes are overridden by stash/stash encrypted data bag (Hosted Chef) or data bag (Chef Solo), if it exists.
| Attribute | Description | Type | Default |
|---|---|---|---|
key |
A key/value pair to be inserted into stash-config.properties as key=value |
Hash | {} |
These attributes are under the node['stash']['ssh'] namespace.
| Attribute | Description | Type | Default |
|---|---|---|---|
| hostname | Stash SSH hostname | String | node['fqdn'] |
| port | Stash SSH port | Fixnum | 7999 |
| uri | Stash SSH URI | String | ssh://git@#{node['stash']['ssh']['hostname']}:#{node['stash']['ssh']['port']} |
These attributes are under the node['stash']['tomcat'] namespace.
Any node['stash']['tomcat']['key*'] attributes are overridden by stash/stash encrypted data bag (Hosted Chef) or data bag (Chef Solo), if it exists
| Attribute | Description | Type | Default |
|---|---|---|---|
| keyAlias | Tomcat SSL keystore alias | String | tomcat |
| keystoreFile | Tomcat SSL keystore file - will automatically generate self-signed keystore file if left as default | String | #{node['stash']['home_path']}/.keystore |
| keystorePass | Tomcat SSL keystore passphrase | String | changeit |
| port | Tomcat HTTP port | Fixnum | 7990 |
| ssl_port | Tomcat HTTPS port | Fixnum | 8443 |
recipe[stash]Installs Atlassian Stash with built-in Tomcat and Apache 2 proxyrecipe[stash::apache2]Installs/configures Apache 2 proxy for Stash (ports 80/443)recipe[stash::backup_client]Installs/configures Atlassian Stash Backup Clientrecipe[stash::backup_client_cron]Installs/configures Atlassian Stash Backup Client cron.drecipe[stash::configuration]Configures Stash's settingsrecipe[stash::database]Installs/configures MySQL/Postgres server, database, and user for Stashrecipe[stash::linux_standalone]Installs/configures Stash via Linux standalone archiverecipe[stash::service_init]Installs/configures Stash init servicerecipe[stash::tomcat_configuration]Configures Stash's built-in Tomcat
stash_deploy- wrapper Git resource for using astash_deploy_key, project, and repository for code deploymentstash_deploy_key- creates SSH private key file and SSH wrapper for code deploymenthook- Wrapper to enable/disable/configure a stash hook (requires the user account password to be in chef-vault)repo- Wrapper to create/delete a stash repository (requires the user account password to be in chef-vault)
For securely overriding attributes on Hosted Chef, create a stash/stash encrypted data bag with the model below. Chef Solo can override the same attributes with a stash/stash unencrypted data bag of the same information.
required:
['database']['type']"hsqldb" (not recommended), "mysql", "postgresql", or "sqlserver"['database']['host']FQDN or "localhost" (localhost automatically installs['database']['type']server)['database']['name']Name of Stash database['database']['user']Stash database username['database']['password']Stash database username password
optional:
['backup_client']['user']Stash administrative username for backup client['backup_client']['password']Stash administrative password for backup client['database']['port']Database port, standard database port for['database']['type']['plugin']['KEY']plugin.KEY=VALUEto be inserted in stash-config.properties['tomcat']['keyAlias']Tomcat HTTPS Java Keystore keyAlias, defaults to self-signed certifcate['tomcat']['keystoreFile']Tomcat HTTPS Java Keystore keystoreFile, self-signed certificate['tomcat']['keystorePass']Tomcat HTTPS Java Keystore keystorePass, self-signed certificate
Repeat for other Chef environments as necessary. Example:
{
"id": "stash"
"development": {
"database": {
"type": "postgresql",
"host": "localhost",
"name": "stash",
"user": "stash",
"password": "stash_db_password",
},
"tomcat": {
"keyAlias": "not_tomcat",
"keystoreFile": "/etc/pki/java/wildcard_cert.jks",
"keystorePass": "not_changeit"
}
}
}
- Optionally use (un)encrypted data bag or set attributes
knife data bag create stashknife data bag edit stash stash --secret-file=path/to/secret
- Add
recipe[stash]to your node's run list.
- Optionally use (un)encrypted data bag or set attributes
knife data bag create stashknife data bag edit stash stash --secret-file=path/to/secret
- Add
recipe[stash]['backup_client']to your node's run list.
- Optionally use (un)encrypted data bag or set attributes
knife data bag create stashknife data bag edit stash stash --secret-file=path/to/secret
- Add
recipe[stash]['backup_client_cron']to your node's run list.
- Ensure your node has Git installed
- Create a
stash_deploy_keywith the SSH private key contents (using\nfor newlines) of a Stash user with permissions to your repository.
For example:
stash_deploy_key "deployment_user" do
key "-----BEGIN RSA PRIVATE KEY-----\nMIIEpQIB..."
end
- In this example, now you can either directly use the ssh_wrapper available at
#{node['stash']['install_path']}/deployment_user_ssh_wrapper.shor use thestash_deployLWRP.
Such as:
stash_deploy "/opt/shibboleth-idp/conf" do
deploy_key "deployment_user"
project "SHIBIDP"
repository "configuration"
end
Here's how you can quickly get testing or developing against the cookbook thanks to Vagrant and Berkshelf.
vagrant plugin install vagrant-berkshelf
vagrant plugin install vagrant-cachier
vagrant plugin install vagrant-omnibus
git clone git://github.com/bflad/chef-stash.git
cd chef-stash
vagrant up BOX # BOX being centos5, centos6, debian7, fedora18, fedora19, fedora20, freebsd9, ubuntu1204, ubuntu1210, ubuntu1304, or ubuntu1310
You need to add the following hosts entries:
- 192.168.50.10 stash-centos-6
- 192.168.50.10 stash-ubuntu-1204
- (etc.)
The running Stash server is accessible from the host machine:
CentOS 6 Box:
- Web UI: https://stash-centos-6/
- Stash SSH: ssh://git@stash-centos-6:7999/
Ubuntu 12.04 Box:
- Web UI: https://stash-ubuntu-1204/
- Stash SSH: ssh://git@stash-ubuntu-1204:7999/
You can then SSH into the running VM using the vagrant ssh BOX command.
The VM can easily be stopped and deleted with the vagrant destroy command. Please see the official Vagrant documentation for a more in depth explanation of available commands.
Please see documentation in: TESTING.md
Please use standard Github issues/pull requests and if possible, in combination with testing on the Vagrant boxes.
Please see license information in: LICENSE
- Brian Flad (bflad417@gmail.com)
- Kevin Moser (@moserke)
- Ramon Makkelie (@ramonskie)
- Martin (@martianus)
- Mikhail Zholobov (@legal90)
- Lincoln Lee (@linc01n)