[chef] Re: Re: Beam.smp retrict to interface

[< >]

Ok i've reached my goal =)

To restrict everything to one interface in the latest chef-server version you
need to do the following:

-in /opt/chef-server/embedded/service/erchef/etc/app.config at the start of 
the
file you need to put : 
[
%% Listen localhost only
{kernel, [{inet_dist_use_interface,{127,0,0,1}}]},
%% SASL config
--below goes original settings

and in the same file :

{stats_hero, [
               {udp_socket_pool_size, 0 },  %% Here i changes 1 to 0 to get
result
               {estatsd_host, "127.0.0.1" },
               {estatsd_port, 9466 }
              ]},

-in /opt/chef-server/embedded/service/bookshelf/etc/app.config file you need 
to
add at the start of the file :
[
%% Listen localhost only
{kernel, [{inet_dist_use_interface,{127,0,0,1}}]},
%% SASL config
--below goes original settings

-in /opt/chef-server/embedded/bin/rabbitmq-server you need to change
DEFAULT_NODE_IP_ADDRESS from auto to localhost :

DEFAULT_NODE_IP_ADDRESS=127.0.0.1

- and finally in /opt/chef-server/embedded/service/bookshelf/etc/vm.args you
need to add :
-env ERL_EPMD_ADDRESS 127.0.0.1

That's it. Everything else configures from chef-client.rb.
Now your server os a little bit more secure =)

Good luck to all.