Provide an LWRP and solo friendly

.gitignore

@@ -1,3 +1,17 @@
 build
 .kitchen/
 .kitchen.local.yml
+.vagrant
+Berksfile.lock
+*~
+*#
+.#*
+\#*#
+.*.sw[a-z]
+*.un~
+/cookbooks
+
+# Bundler
+Gemfile.lock
+bin/*
+.bundle/*

.kitchen.yml

@@ -6,32 +6,54 @@ driver_config:
 platforms:
 - name: ubuntu-12.04
   driver_config:
-    box: opscode-ubuntu-12.04
-    box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_ubuntu-12.04_provisionerless.box
+    box: vagrant-ubuntu-12.04
+    box_url: http://files.vagrantup.com/precise64.box
+    require_chef_omnibus: true
   run_list:
-  - "recipe[apt]"
+  - recipe[apt]
 - name: ubuntu-10.04
   driver_config:
-    box: opscode-ubuntu-10.04
-    box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_ubuntu-10.04_provisionerless.box
+    box: vagrant-ubuntu-10.04
+    box_url: http://files.vagrantup.com/lucid64.box
+    require_chef_omnibus: true
   run_list:
-  - "recipe[apt]"
-- name: centos-6.4
-  driver_config:
-    box: opscode-centos-6.4
-    box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_centos-6.4_provisionerless.box
-  run_list:
-  - "recipe[yum]"
-- name: centos-5.9
-  driver_config:
-    box: opscode-centos-5.9
-    box_url: https://opscode-vm.s3.amazonaws.com/vagrant/opscode_centos-5.9_provisionerless.box
-  run_list:
-  - "recipe[yum]"
+  - recipe[apt]
+# - name: centos-6.3
+#   driver_config:
+#     box: opscode-centos-6.3
+#     box_url: http://opscode-vm.s3.amazonaws.com/vagrant/opscode_centos-6.3_chef-11.2.0.box
+#   run_list:
+#   - recipe[yum]
+# - name: centos-5.8
+#   driver_config:
+#     box: opscode-centos-5.8
+#     box_url: http://opscode-vm.s3.amazonaws.com/vagrant/opscode_centos-5.8_chef-11.2.0.box
+#   run_list:
+#   - recipe[yum]
 
 suites:
-- name: default
+- name: mongo
+  run_list:
+  - recipe[build-essential]
+  - recipe[mongodb::10gen_repo]
+  - recipe[mongodb]
+  - recipe[mongo_test]
+  attributes:
+    build_essential:
+      compiletime: true
+    mongodb:
+      auth: true
+- name: replicaset
   run_list:
-  - "recipe[mongodb::10gen_repo]"
-  - "recipe[mongodb]"
-  attributes: {}
+  - recipe[build-essential]
+  - recipe[mongodb::10gen_repo]
+  - recipe[mongodb]
+  - recipe[mongodb::replicaset]
+  - recipe[mongo_test]
+  attributes:
+    mongodb:
+      cluster_name: clustrname
+      replicaset_name: replset
+      replicaset_members:
+      - 127.0.0.1
+      auth: true

Berksfile

@@ -1,3 +1,7 @@
 site :opscode
 
 metadata
+
+group :integration do
+  cookbook 'mongodb_test', path: './test/cookbooks/mongo_test'
+end

README.md

@@ -26,8 +26,17 @@ of a sharded setup.
 
 For examples see the USAGE section below.
 
+# LWRP:
+
+This cookbook defines the LWRP `mongodb_user` to manage users and authentication
+in mongodb.
+
+For examples see the USAGE section below.
+
 # ATTRIBUTES:
 
+* `mongodb[:auth]` - Enable or disable auth
+* `mongodb[:keyfile]` - keyFile contents for auth w/ replicasets
 * `mongodb[:dbpath]` - Location for mongodb data directory, defaults to "/var/lib/mongodb"
 * `mongodb[:logpath]` - Path for the logfiles, default is "/var/log/mongodb"
 * `mongodb[:port]` - Port the mongod listens on, default is 27017
@@ -139,6 +148,57 @@ nodes which should be in the same replicaset have the same shard name.
 
 For more details, you can find a [tutorial for Sharding + Replication](https://github.com/edelight/chef-mongodb/wiki/MongoDB%3A-Replication%2BSharding) in the wiki.
 
+## Authentication LWRP
+
+To enable authentication on a database, you need to enable authentication by
+setting the `auth` attribute to true
+
+```json
+{
+  "mongodb": {
+    "auth": true
+  }
+}
+```
+
+If you are using replicasets, you only need to define the keyFile secret string.
+
+```json
+{
+  "mongodb": {
+    "keyfile": "5UJ1aZngn9OM/YN0IsiivhQUmGY..."
+  }
+}
+```
+
+The keyFile contents is arbitrary, but a long string is suggested. `openssl` can be used to generate a good string:
+
+```bash
+$ openssl rand -base64 753
+```
+
+```ruby
+require 'openssl'
+
+default['mongodb']['keyfile'] = ::OpenSSL::Random.random_bytes(753).gsub(/\W/, '')
+```
+
+Once authentication has been enabled, you can then define users simply by including
+`mongodb` in the run list and defining your user.
+
+```ruby
+mongodb_user "someguy" do
+  password "n0ts3cur3"
+  database "gbs_for_dbs"
+end
+```
+
+Actions available:
+
+* `:add` - default
+* `:delete`
+* `:update`
+
 # LICENSE and AUTHOR:
 
 Author:: Markus Korn <[email protected]>

attributes/default.rb

@@ -17,16 +17,22 @@
 # limitations under the License.
 #
 
+default[:mongodb][:auth] = false
+default[:mongodb][:keyfile] = nil
 default[:mongodb][:dbpath] = "/var/lib/mongodb"
 default[:mongodb][:logpath] = "/var/log/mongodb"
+default[:mongodb][:use_fqdn] = true
 default[:mongodb][:bind_ip] = nil
 default[:mongodb][:port] = 27017
 default[:mongodb][:configfile] = nil
 
+default[:mongodb][:fqdn_interface] = nil
+
 # cluster identifier
 default[:mongodb][:client_roles] = []
 default[:mongodb][:cluster_name] = nil
 default[:mongodb][:replicaset_name] = nil
+default[:mongodb][:replicaset_members] = nil
 default[:mongodb][:shard_name] = "default"
 
 default[:mongodb][:auto_configure][:replicaset] = true

chefignore

@@ -0,0 +1,96 @@
+# Put files/directories that should be ignored in this file when uploading
+# or sharing to the community site.
+# Lines that start with '# ' are comments.
+
+# OS generated files #
+######################
+.DS_Store
+Icon?
+nohup.out
+ehthumbs.db
+Thumbs.db
+
+# SASS #
+########
+.sass-cache
+
+# EDITORS #
+###########
+\#*
+.#*
+*~
+*.sw[a-z]
+*.bak
+REVISION
+TAGS*
+tmtags
+*_flymake.*
+*_flymake
+*.tmproj
+.project
+.settings
+mkmf.log
+
+## COMPILED ##
+##############
+a.out
+*.o
+*.pyc
+*.so
+*.com
+*.class
+*.dll
+*.exe
+*/rdoc/
+
+# Testing #
+###########
+.watchr
+.rspec
+spec/*
+spec/fixtures/*
+test/*
+features/*
+Guardfile
+Procfile
+
+# SCM #
+#######
+.git
+*/.git
+.gitignore
+.gitmodules
+.gitconfig
+.gitattributes
+.svn
+*/.bzr/*
+*/.hg/*
+*/.svn/*
+
+# Berkshelf #
+#############
+Berksfile
+Berksfile.lock
+cookbooks/*
+tmp
+
+# Cookbooks #
+#############
+CONTRIBUTING
+CHANGELOG*
+
+# Strainer #
+############
+Colanderfile
+Strainerfile
+.colander
+.strainer
+
+# Vagrant #
+###########
+.vagrant
+Vagrantfile
+
+# Travis #
+##########
+.travis.yml