8000 Locked things down a bit with the firewall -- this may need to go int… · rgbkrk/ipython-notebook-cookbook@b5a1716 · GitHub
[go: up one dir, main page]
Skip to content

Commit b5a1716

Browse files
rgbkrkrgbkrk
committed
Locked things down a bit with the firewall -- this may need to go into a site cookbook later
1 parent 8322ee3 commit b5a1716

File tree

3 files changed

+22
-19
lines changed

3 files changed

+22
-19
lines changed

attributes/default.rb

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@
4444
default[:ipynb][:NotebookApp][:pylab] = 'inline'
4545

4646
# IP to host on, defaults to all interfaces
47-
default[:ipynb][:NotebookApp][:ip] = '*'
47+
default[:ipynb][:NotebookApp][:ip] = '127.0.0.1'
4848

4949
# Port to host on
5050
default[:ipynb][:NotebookApp][:port] = 8888

providers/profile.rb

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -21,15 +21,17 @@
2121
action :create do
2222
Chef::Log.info("Creating profile \"#{new_resource.name}\" for #{new_resource.owner}")
2323
Chef::Log.info("IPython path is at #{new_resource.ipython_path}")
24-
create_profile(new_resource.ipython_path, new_resource.owner, new_resource.name)
24+
Chef::Log.info("IPython settings are at #{new_resource.ipython_settings_dir}")
25+
create_profile(new_resource.ipython_path, new_resource.owner,
26+
new_resource.name, new_resource.ipython_settings_dir)
2527
end
2628

27-
def create_profile(ipython_path, owner, name)
29+
def create_profile(ipython_path, owner, name, ipython_settings_dir)
2830
bash "create_profile" do
2931
user owner
3032
group owner
3133
code <<-EOH
32-
#{ipython_path} profile create --profile=#{name} --ipython-dir #{node[:ipynb][:ipython_settings_dir]}
34+
#{ipython_path} profile create --profile=#{name} --ipython-dir #{ipython_settings_dir}
3335
EOH
3436
environment
3537
end

recipes/virtenv_launch.rb

Lines changed: 16 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -35,12 +35,14 @@
3535
action :create
3636
owner node[:ipynb][:linux_user]
3737
ipython_path "#{node[:ipynb][:virtenv]}/bin/ipython"
38+
ipython_settings_dir node[:ipynb][:ipython_settings_dir]
3839
end
3940

4041
ipynb_profile node[:ipynb][:profile_name] do
4142
action :create
4243
owner node[:ipynb][:linux_user]
4344
ipython_path "#{node[:ipynb][:virtenv]}/bin/ipython"
45+
ipython_settings_dir node[:ipynb][:ipython_settings_dir]
4446
end
4547

4648
ipynb_mathjax "MathJax!" do
@@ -108,7 +110,7 @@ def cert_up(cert_file, cert_file_text)
108110
end
109111
end
110112

111-
#include_recipe "firewall"
113+
include_recipe "firewall"
112114

113115
# Setup nginx forwarding if enabled
114116
if node[:ipynb][:proxy][:enable]
@@ -160,22 +162,21 @@ def cert_up(cert_file, cert_file_text)
160162
enable true
161163
end
162164

163-
#firewall_rule "http" do
164-
# port 80
165-
# action :allow
166-
#end
165+
firewall_rule "ssh" do
166+
port 22
167+
action :allow
168+
end
167169

168-
#firewall_rule "https" do
169-
# port 443
170-
# action :allow
171-
#end
170+
firewall_rule "https" do
171+
ports [80, 443]
172+
protocol :tcp
173+
action :allow
174+
end
172175

173176
else
174-
#firewall_rule node[:ipynb][:service_name] do
175-
# port node[:ipynb][:NotebookApp][:port]
176-
# action :allow
177-
#end
177+
firewall_rule node[:ipynb][:service_name] do
178+
port node[:ipynb][:NotebookApp][:port]
179+
action :allow
180+
end
178181
end
179182

180-
181-

0 commit comments

Comments
 (0)
0