====== Installing Opscode Chef Server via omnibus packaging ======

As prepackaged chef-server is [[http://www.opscode.com/chef/install/#tab2|not available]]
for PLD Linux, let's try to build the omnibus package ourself.

Suggestion is to run this in a [[vagrant|Vagrant box]],
that you can discard later as the gems are installed outside rpm package manager.

===== Pre-requisites =====

You need more space to build and install:

  # lvextend --size=3G /dev/sys/rootfs
  # xfs_growfs /

Install packages:

  # poldek -u --noask ruby-bundler git-core ruby-devel glibc-devel libffi-devel libstdc++-devel patch bzip2 lsb-release rpm-build ncurses-devel 

===== Building =====

Checkout [[https://github.com/opscode/omnibus-chef-server|omnibus-chef-server]]:

  $ git clone https://github.com/opscode/omnibus-chef-server.git
  $ cd omnibus-chef-server

==== Bugfixes ====

Make bugfixes:

  - [[https://github.com/opscode/omnibus-software/commit/4f2ee0a9d563acbeea14af3d8d84e2d2e0e53fb4|libiconv]] <code>
sed -i -e 's,a1f25d7ab6930826822323b373b8298bff02fed1,4f2ee0a9d563acbeea14af3d8d84e2d2e0e53fb4,' Gemfile.lock
</code> \\ or rather: <code>
# cd /usr/share/ruby/gems/1.9/bundler/gems/omnibus-software-dc156b4a2c40
# curl https://github.com/opscode/omnibus-software/commit/4f2ee0a9d563acbeea14af3d8d84e2d2e0e53fb4.patch | patch -p1
patching file config/patches/libiconv/libiconv-1.14_srclib_stdio.in.h-remove-gets-declarations.patch
patching file config/software/libiconv.rb
Hunk #1 succeeded at 32 with fuzz 1 (offset -10 lines).
</code>
  - makeself <code>
    $ wget -O package-scripts/chef-server/makeselfinst https://raw.github.com/opscode/omnibus-chef/master/package-scripts/chef/makeselfinst</code>
  - patch omnibus gem with [[https://raw.github.com/pld-linux/ruby-omnibus/master/omnibus-pld.patch|omnibus-pld.patch]]
  - cacerts fails with checksum, like [[https://github.com/opscode/omnibus-software/pull/174|here]], modify ''
~/.bundler/ruby/*/omnibus-software-*/config/software/cacerts.rb''

Install bundle binstubs:
  $ bundle install --binstubs

Make cachedir so could run as non-root:

  $ sudo install -o $USER -d /var/cache/omnibus /opt/chef-server

Create a platform-specific package using the build project command:

  $ bin/omnibus build project chef-server

You may later preserve cache dirs to be shared with OS, add the mappings to your Vagrantfile

  config.vm.synced_folder "cache/omnibus", "/var/cache/omnibus"

===== Install =====

Currently the [[package>ruby-fpm|fpm]] produced .rpm does not package directories, so you should install rpm skipping directory deps:

<code>
# (umask 2; rpm -Uhv --define '_check_dirname_deps 0' chef-server-11.0.8+20130618223354.git.14.1853585-1.pld.3.0.x86_64.rpm)
</code>

You need to use [[package>shadow]] instead of [[package>pwdutils]] as ''gpasswd'' doesn't have ''-M'' option: <file>
---- Begin output of gpasswd -M chef_server chef_server ----
STDOUT:
STDERR: gpasswd: invalid option -- 'M'
Try `gpasswd --help' or `gpasswd --usage' for more information.
---- End output of gpasswd -M chef_server chef_server ----
</file>

Alternatively you can find the recipe and change ''append'' to ''true'' in [[http://docs.opscode.com/resource_group.html#attributes|group]] resource.


If using [[docs/vserver]] without ''initstyle=plain'', you need to make ''init q'' silent: <file>
# init q
init: /dev/initctl: No such file or directory
# touch /dev/initctl
# init q
</file>

also, postgresql needs shared memory, so configure it fstab: <code - /etc/vservers/NAME/fstab>
none    /dev/shm    tmpfs   mode=1777,nosuid,nodev,noexec       0 0 
</code>

and also:
<code bash>
mkdir -p /etc/vservers/chef-server/sysctl/{0,1}
echo kernel.shmall > /etc/vservers/chef-server/sysctl/0/setting
echo 600000000 > /etc/vservers/chef-server/sysctl/0/value
echo kernel.shmmax > /etc/vservers/chef-server/sysctl/1/setting
echo 600000000 > /etc/vservers/chef-server/sysctl/1/value
</code>

After that, follow onscreen instructions:
<code>
# sudo chef-server-ctl reconfigure
</code>

Meanwhile when the progress stops, it is expecting init to start ''/opt/chef-server/embedded/bin/runsvdir-start'', but without init, nothing processes ''/etc/inittab'', so start it manually or use ''initstyle=plain''.

When using container like vserver, ensure following devices are present:
<code>
crw-rw---- 1 root console 5, 1 Jan  9 15:09 /dev/console
crw-rw-rw- 1 root root    1, 3 Jul 20  2013 /dev/null
crw-rw-rw- 1 root root    1, 5 Dec 25 17:35 /dev/zero
</code>
===== Configure =====

To change https certificate, have look into ''/var/opt/chef-server/nginx/ca''