Suggestions for kibana recipe

[cabeca]

Hi,

Here are some suggestions for your kibana recipe:

• eliminating the checksum (always a hassle to figure that out when kibana version is updated...) is an option if you use :create_if_missing as an action to remote_file
• Be careful downloading the tgz to /tmp. This is emptied regularly and you may redownload the file in the future
• using --strip-components 1 in tar relieves you from knowing the name of the first directory inside the tarball
• using -C in tar you can specify the install directory directly
• Using tar z you can skip the extra gunzip step
• be careful chmoding web accessable dirs to www-data, If the web server is compromised, the attacker may have write access to these files, allowing them to run arbitrary code as www-data

Here is an example. Use it if you like the improvements :-)

directory "/var/local/packages" do
  owner "root"
  group "root"
  mode "0755"
  action :create
end


# Download kibana
remote_file "/var/local/packages/kibana-#{kibana_version}.tar.gz" do
  action :create_if_missing
  source  "#{kibana_url}#{kibana_version}"
  mode      "0644"
end

# Create kibana install directory
directory node[:kibana][:install_dir] do
  owner "root"
  group "root"
  mode "0755"
  action :create
end

# Extract kibana
bash "extract kibana" do
  user  "root"
  code  <<-EOH
  tar xzf /var/local/packages/kibana-#{kibana_version}.tar.gz --strip-components 1 -C #{node[:kibana][:install_dir]} &&
  chmod -R o+r #{node['kibana']['install_dir']}
  EOH
  not_if{ File.exists? "#{node[:kibana][:install_dir]}/config.php" }
end

[smith]

Instead of /tmp or /var/local, it's recommended to use Chef::Config[:file_cache_path]. See http://acrmp.github.com/foodcritic/#FC013