Browse Source

Configure HTTPD and HTTPS certificates

This change provides the puppet files required to configure Phabricator
/ Pholio for HTTPD and requisite HTTPS certificates.

Change-Id: I2b04fac576417a032b1b4f961a4cc19378eeea7c
Implements: Spec Pholio
changes/70/350370/4
Craige McWhirter 2 years ago
parent
commit
a9b78c07f3
2 changed files with 104 additions and 0 deletions
  1. 55
    0
      manifests/certificates.pp
  2. 49
    0
      manifests/httpd.pp

+ 55
- 0
manifests/certificates.pp View File

@@ -0,0 +1,55 @@
1
+# Copyright 2016 Hewlett Packard Enterprise Development Company, L.P.
2
+#
3
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
4
+# not use this file except in compliance with the License. You may obtain
5
+# a copy of the License at
6
+#
7
+#      http://www.apache.org/licenses/LICENSE-2.0
8
+#
9
+# Unless required by applicable law or agreed to in writing, software
10
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12
+# License for the specific language governing permissions and limitations
13
+# under the License.
14
+#
15
+# == Class: phabricator::certificates
16
+#
17
+# Sets up SSL certificates for the module.
18
+#
19
+class phabricator::certificates (
20
+  # SSL Certificates.
21
+  $ssl_cert_file           = $phabricator::vars::ssl_cert_file,
22
+  $ssl_cert_file_contents  = $phabricator::vars::ssl_cert_file_contents,
23
+  $ssl_chain_file          = $phabricator::vars::ssl_chain_file,
24
+  $ssl_chain_file_contents = $phabricator::vars::ssl_chain_file_contents,
25
+  $ssl_key_file            = $phabricator::vars::ssl_key_file,
26
+  $ssl_key_file_contents   = $phabricator::vars::ssl_key_file_contents,
27
+) {
28
+
29
+  if $ssl_cert_file_contents != undef {
30
+    file { $ssl_cert_file:
31
+      owner   => 'root',
32
+      group   => 'root',
33
+      mode    => '0640',
34
+      content => $ssl_cert_file_contents,
35
+    }
36
+  }
37
+
38
+  if $ssl_key_file_contents != undef {
39
+    file { $ssl_key_file:
40
+      owner   => 'root',
41
+      group   => 'ssl-cert',
42
+      mode    => '0640',
43
+      content => $ssl_key_file_contents,
44
+    }
45
+  }
46
+
47
+  if $ssl_chain_file_contents != undef {
48
+    file { $ssl_chain_file:
49
+      owner   => 'root',
50
+      group   => 'root',
51
+      mode    => '0640',
52
+      content => $ssl_chain_file_contents,
53
+    }
54
+  }
55
+}

+ 49
- 0
manifests/httpd.pp View File

@@ -0,0 +1,49 @@
1
+# Copyright 2016 Hewlett Packard Enterprise Development Company, L.P.
2
+#
3
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
4
+# not use this file except in compliance with the License. You may obtain
5
+# a copy of the License at
6
+#
7
+#      http://www.apache.org/licenses/LICENSE-2.0
8
+#
9
+# Unless required by applicable law or agreed to in writing, software
10
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12
+# License for the specific language governing permissions and limitations
13
+# under the License.
14
+#
15
+# == Class: phabricator::httpd
16
+#
17
+# Set up the virtual host for phabricator.
18
+#
19
+class phabricator::httpd (
20
+  $ssl_cert_file      = $phabricator::vars::ssl_cert_file,
21
+  $ssl_chain_file     = $phabricator::vars::ssl_chain_file,
22
+  $ssl_key_file       = $phabricator::vars::ssl_key_file,
23
+  $httpd_vhost        = $phabricator::vars::httpd_vhost,
24
+  $httpd_admin_email  = $phabricator::vars::httpd_admin_email,
25
+  $httpd_docroot      = $phabricator::vars::httpd_docroot,
26
+) {
27
+  include ::httpd
28
+  include ::httpd::ssl
29
+  include ::httpd::php
30
+
31
+  httpd::mod { 'rewrite':
32
+    ensure => present,
33
+  }
34
+
35
+  httpd::mod { 'auth_openid':
36
+    ensure => present,
37
+  }
38
+
39
+  # Set up Phabricator as TLS.
40
+  if defined(Class['phabricator::certificates']) {
41
+    ::httpd::vhost { $httpd_vhost:
42
+      port     => 443,
43
+      docroot  => $httpd_docroot,
44
+      priority => '50',
45
+      template => 'phabricator/vhost.erb',
46
+      ssl      => true,
47
+    }
48
+  }
49
+}

Loading…
Cancel
Save