Moved variables out of recipe and updated templates to use node directly.

Author: Brian Pontarelli

chef-repo/cookbooks/2016-security-guide/recipes/default.rb

@@ -114,14 +114,6 @@
   owner 'root'
   group 'root'
   mode '0600'
-  variables({
-    :MONIT_EMAIL_SERVER => node['security_guide']['monit']['email_server'],
-    :MONIT_EMAIL_PORT => node['security_guide']['monit']['email_port'],
-    :MONIT_EMAIL_USERNAME => node['security_guide']['monit']['email_username'],
-    :MONIT_EMAIL_PASSWORD => node['security_guide']['monit']['email_password'],
-    :MONIT_EMAIL_ENCRYPTION => node['security_guide']['monit']['email_encryption'],
-    :MONIT_ALERT_EMAIL => node['security_guide']['monit']['alert_email']
-  })
 end
 
 # Install the Monit script to send alerts to Slack and Pushover
@@ -130,13 +122,6 @@
   owner 'root'
   group 'root'
   mode '0700'
-  variables({
-    :MONIT_SLACK_WEBHOOK_URL => node['security_guide']['monit']['slack_url'],
-    :MONIT_SLACK_ENABLED => node['security_guide']['monit']['slack_enabled'],
-    :MONIT_PUSHOVER_APPLICATION => node['security_guide']['monit']['pushover_application'],
-    :MONIT_PUSHOVER_USER => node['security_guide']['monit']['pushover_user'],
-    :MONIT_PUSHOVER_ENABLED => node['security_guide']['monit']['pushover_enabled']
-  })
 end
 
 # Restart all the services

chef-repo/cookbooks/2016-security-guide/templates/default/monit-slack-pushover.rb.erb

@@ -3,11 +3,11 @@
 require 'net/https'
 require 'json'
 
-monit_slack_webhook_url="<%= @MONIT_SLACK_WEBHOOK_URL %>"
-monit_slack_enabled=<%= @MONIT_SLACK_ENABLED %>
-monit_pushover_application="<%= @MONIT_PUSHOVER_APPLICATION %>"
-monit_pushover_user="<%= @MONIT_PUSHOVER_USER %>"
-monit_pushover_enabled=<%= @MONIT_PUSHOVER_ENABLED %>
+monit_slack_webhook_url="<%= node['security_guide']['monit']['slack_url'] %>"
+monit_slack_enabled=<%= node['security_guide']['monit']['slack_enabled'] %>
+monit_pushover_application="<%= node['security_guide']['monit']['pushover_application'] %>"
+monit_pushover_user="<%= node['security_guide']['monit']['pushover_user'] %>"
+monit_pushover_enabled=<%= node['security_guide']['monit']['pushover_enabled'] %>
 
 def log(message)
   open('/var/log/monit.log', 'a') { |f|

chef-repo/cookbooks/2016-security-guide/templates/default/monitrc.erb

@@ -83,7 +83,7 @@
 #
 # 2016-SECURITY-SCRIPT ADDITION: Email server configuration
 #
-set mailserver <%= @MONIT_EMAIL_SERVER %> port <%= @MONIT_EMAIL_PORT %> <% if defined?(MONIT_EMAIL_USERNAME) && MONIT_EMAIL_USERNAME != '' %>username "<%= @MONIT_EMAIL_USERNAME %>"<% end %> <% if defined?(MONIT_EMAIL_PASSWORD) && MONIT_EMAIL_PASSWORD != '' %>password "<%= @MONIT_EMAIL_PASSWORD %>"<% end %> <% if defined?(MONIT_EMAIL_ENCRYPTION) && MONIT_EMAIL_ENCRYPTION != '' %><%= @MONIT_EMAIL_ENCRYPTION %><% end %>
+set mailserver <%= node['security_guide']['monit']['email_server'] %> port <%= node['security_guide']['monit']['email_port'] %> <% if node['security_guide']['monit'].attribute?('email_username') %>username "<%= node['security_guide']['monit']['email_username'] %>"<% end %> <% if node['security_guide']['monit'].attribute?('email_password') %>password "<%= node['security_guide']['monit']['email_password'] %>"<% end %> <% if node['security_guide']['monit'].attribute?('email_encryption') %><%= node['security_guide']['monit']['email_encryption'] %><% end %>
 
 #                backup.bar.baz port 10025,  # backup mailserver on port 10025
 #                localhost                   # fallback relay
@@ -166,7 +166,7 @@ set mailserver <%= @MONIT_EMAIL_SERVER %> port <%= @MONIT_EMAIL_PORT %> <% if de
 #
 # 2016-SECURITY-SCRIPT ADDITION: Set alert email address
 #
-set alert <%= @MONIT_ALERT_EMAIL %> not on { instance, action }
+set alert <%= node['security_guide']['monit']['alert_email'] %> not on { instance, action }
 
 
 ###############################################################################