Add new module 'apache'
'apache' module is needed by 'horizon' 4.1.0 173967ab8dd21a93d6f2b47ff2641d0092f729b1 v 1.2.0 Fuel-CI: disable Partial blueprint: merge-openstack-puppet-modules Change-Id: I0f5ff2fafe058c0263c2ace4bc0ce8f7828d3be0
This commit is contained in:
parent
5fc3493ad6
commit
0b60cdd6a1
6
deployment/puppet/apache/.fixtures.yml
Normal file
6
deployment/puppet/apache/.fixtures.yml
Normal file
@ -0,0 +1,6 @@
|
||||
fixtures:
|
||||
repositories:
|
||||
stdlib: "git://github.com/puppetlabs/puppetlabs-stdlib.git"
|
||||
concat: "git://github.com/puppetlabs/puppetlabs-concat.git"
|
||||
symlinks:
|
||||
apache: "#{source_dir}"
|
7
deployment/puppet/apache/.gitignore
vendored
Normal file
7
deployment/puppet/apache/.gitignore
vendored
Normal file
@ -0,0 +1,7 @@
|
||||
pkg/
|
||||
Gemfile.lock
|
||||
vendor/
|
||||
spec/fixtures/
|
||||
.vagrant/
|
||||
.bundle/
|
||||
coverage/
|
31
deployment/puppet/apache/.nodeset.yml
Normal file
31
deployment/puppet/apache/.nodeset.yml
Normal file
@ -0,0 +1,31 @@
|
||||
---
|
||||
default_set: 'centos-64-x64'
|
||||
sets:
|
||||
'centos-59-x64':
|
||||
nodes:
|
||||
"main.foo.vm":
|
||||
prefab: 'centos-59-x64'
|
||||
'centos-64-x64':
|
||||
nodes:
|
||||
"main.foo.vm":
|
||||
prefab: 'centos-64-x64'
|
||||
'fedora-18-x64':
|
||||
nodes:
|
||||
"main.foo.vm":
|
||||
prefab: 'fedora-18-x64'
|
||||
'debian-607-x64':
|
||||
nodes:
|
||||
"main.foo.vm":
|
||||
prefab: 'debian-607-x64'
|
||||
'debian-70rc1-x64':
|
||||
nodes:
|
||||
"main.foo.vm":
|
||||
prefab: 'debian-70rc1-x64'
|
||||
'ubuntu-server-10044-x64':
|
||||
nodes:
|
||||
"main.foo.vm":
|
||||
prefab: 'ubuntu-server-10044-x64'
|
||||
'ubuntu-server-12042-x64':
|
||||
nodes:
|
||||
"main.foo.vm":
|
||||
prefab: 'ubuntu-server-12042-x64'
|
5
deployment/puppet/apache/.puppet-lint.rc
Normal file
5
deployment/puppet/apache/.puppet-lint.rc
Normal file
@ -0,0 +1,5 @@
|
||||
--relative
|
||||
--no-single_quote_string_with_variables-check
|
||||
--no-80chars-check
|
||||
--no-class_inherits_from_params_class-check
|
||||
--no-documentation-check
|
12
deployment/puppet/apache/.sync.yml
Normal file
12
deployment/puppet/apache/.sync.yml
Normal file
@ -0,0 +1,12 @@
|
||||
---
|
||||
.travis.yml:
|
||||
extras:
|
||||
- rvm: 1.9.3
|
||||
env: PUPPET_GEM_VERSION="~> 3.5.0" STRICT_VARIABLES="yes"
|
||||
- rvm: 2.0.0
|
||||
env: PUPPET_GEM_VERSION="~> 3.5.0" STRICT_VARIABLES="yes"
|
||||
Rakefile:
|
||||
extra_disabled_lint_checks:
|
||||
- 'disable_only_variable_string'
|
||||
spec/spec_helper.rb:
|
||||
unmanaged: true
|
21
deployment/puppet/apache/.travis.yml
Normal file
21
deployment/puppet/apache/.travis.yml
Normal file
@ -0,0 +1,21 @@
|
||||
---
|
||||
language: ruby
|
||||
bundler_args: --without development
|
||||
script: "bundle exec rake validate && bundle exec rake lint && bundle exec rake spec SPEC_OPTS='--format documentation'"
|
||||
matrix:
|
||||
fast_finish: true
|
||||
include:
|
||||
- rvm: 1.8.7
|
||||
env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0"
|
||||
- rvm: 1.8.7
|
||||
env: PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0"
|
||||
- rvm: 1.9.3
|
||||
env: PUPPET_GEM_VERSION="~> 3.0"
|
||||
- rvm: 2.0.0
|
||||
env: PUPPET_GEM_VERSION="~> 3.0"
|
||||
- rvm: 1.9.3
|
||||
env: PUPPET_GEM_VERSION="~> 3.5.0" STRICT_VARIABLES="yes"
|
||||
- rvm: 2.0.0
|
||||
env: PUPPET_GEM_VERSION="~> 3.5.0" STRICT_VARIABLES="yes"
|
||||
notifications:
|
||||
email: false
|
390
deployment/puppet/apache/CHANGELOG.md
Normal file
390
deployment/puppet/apache/CHANGELOG.md
Normal file
@ -0,0 +1,390 @@
|
||||
##2014-09-30 - Supported Release 1.2.0
|
||||
###Summary
|
||||
|
||||
This release features many improvements and bugfixes, including several new defines, a reworking of apache::vhost for more extensibility, and many new parameters for more customization. This release also includes improved support for strict variables and the future parser.
|
||||
|
||||
####Features
|
||||
- Convert apache::vhost to use concat for easier extensions
|
||||
- Test improvements
|
||||
- Synchronize files with modulesync
|
||||
- Strict variable and future parser support
|
||||
- Added apache::custom_config defined type to allow validation of configs before they are created
|
||||
- Added bool2httpd function to convert true/false to apache 'On' and 'Off'. Intended for internal use in the module.
|
||||
- Improved SCL support
|
||||
- allow overriding of the mod_ssl package name
|
||||
- Add support for reverse_urls/ProxyPassReverse in apache::vhost
|
||||
- Add satisfy directive in apache::vhost::directories
|
||||
- Add apache::fastcgi::server defined type
|
||||
- New parameters - apache
|
||||
- allow_encoded_slashes
|
||||
- apache_name
|
||||
- conf_dir
|
||||
- default_ssl_crl_check
|
||||
- docroot
|
||||
- logroot_mode
|
||||
- purge_vhost_dir
|
||||
- New parameters - apache::vhost
|
||||
- add_default_charset
|
||||
- allow_encoded_slashes
|
||||
- logroot_ensure
|
||||
- logroot_mode
|
||||
- manage_docroot
|
||||
- passenger_app_root
|
||||
- passenger_min_instances
|
||||
- passenger_pre_start
|
||||
- passenger_ruby
|
||||
- passenger_start_timeout
|
||||
- proxy_preserve_host
|
||||
- redirectmatch_dest
|
||||
- ssl_crl_check
|
||||
- wsgi_chunked_request
|
||||
- wsgi_pass_authorization
|
||||
- Add support for ScriptAlias and ScriptAliasMatch in the apache::vhost::aliases parameter
|
||||
- Add support for rewrites in the apache::vhost::directories parameter
|
||||
- If the service_ensure parameter in apache::service is set to anything other than true, false, running, or stopped, ensure will not be passed to the service resource, allowing for the service to not be managed by puppet
|
||||
- Turn of SSLv3 by default
|
||||
- Improvements to apache::mod*
|
||||
- Add restrict_access parameter to apache::mod::info
|
||||
- Add force_language_priority and language_priority parameters to apache::mod::negotiation
|
||||
- Add threadlimit parameter to apache::mod::worker
|
||||
- Add content, template, and source parameters to apache::mod::php
|
||||
- Add mod_authz_svn support via the authz_svn_enabled parameter in apache::mod::dav_svn
|
||||
- Add loadfile_name parameter to apache::mod
|
||||
- Add apache::mod::deflate class
|
||||
- Add options parameter to apache::mod::fcgid
|
||||
- Add timeouts parameter to apache::mod::reqtimeout
|
||||
- Add apache::mod::shib
|
||||
- Add apache_version parameter to apache::mod::ldap
|
||||
- Add magic_file parameter to apache::mod::mime_magic
|
||||
- Add apache_version parameter to apache::mod::pagespeed
|
||||
- Add passenger_default_ruby parameter to apache::mod::passenger
|
||||
- Add content, template, and source parameters to apache::mod::php
|
||||
- Add apache_version parameter to apache::mod::proxy
|
||||
- Add loadfiles parameter to apache::mod::proxy_html
|
||||
- Add ssl_protocol and package_name parameters to apache::mod::ssl
|
||||
- Add apache_version parameter to apache::mod::status
|
||||
- Add apache_version parameter to apache::mod::userdir
|
||||
- Add apache::mod::version class
|
||||
|
||||
####Bugfixes
|
||||
- Set osfamily defaults for wsgi_socket_prefix
|
||||
- Support multiple balancermembers with the same url
|
||||
- Validate apache::vhost::custom_fragment
|
||||
- Add support for itk with mod_php
|
||||
- Allow apache::vhost::ssl_certs_dir to not be set
|
||||
- Improved passenger support for Debian
|
||||
- Improved 2.4 support without mod_access_compat
|
||||
- Support for more than one 'Allow from'-directive in _directories.erb
|
||||
- Don't load systemd on Amazon linux based on CentOS6 with apache 2.4
|
||||
- Fix missing newline in ModPagespeed filter and memcached servers directive
|
||||
- Use interpolated strings instead of numbers where required by future parser
|
||||
- Make auth_require take precedence over default with apache 2.4
|
||||
- Lint fixes
|
||||
- Set default for php_admin_flags and php_admin_values to be empty hash instead of empty array
|
||||
- Correct typo in mod::pagespeed
|
||||
- spec_helper fixes
|
||||
- Install mod packages before dealing with the configuration
|
||||
- Use absolute scope to check class definition in apache::mod::php
|
||||
- Fix dependency loop in apache::vhost
|
||||
- Properly scope variables in the inline template in apache::balancer
|
||||
- Documentation clarification, typos, and formatting
|
||||
- Set apache::mod::ssl::ssl_mutex to default for debian on apache >= 2.4
|
||||
- Strict variables fixes
|
||||
- Add authn_core mode to Ubuntu trusty defaults
|
||||
- Keep default loadfile for authz_svn on Debian
|
||||
- Remove '.conf' from the site-include regexp for better Ubuntu/Debian support
|
||||
- Load unixd before fcgid for EL7
|
||||
- Fix RedirectMatch rules
|
||||
- Fix misleading error message in apache::version
|
||||
|
||||
####Known Bugs
|
||||
* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`.
|
||||
* SLES is unsupported.
|
||||
|
||||
##2014-07-15 - Supported Release 1.1.1
|
||||
###Summary
|
||||
|
||||
This release merely updates metadata.json so the module can be uninstalled and
|
||||
upgraded via the puppet module command.
|
||||
|
||||
## 2014-04-14 Supported Release 1.1.0
|
||||
|
||||
###Summary
|
||||
|
||||
This release primarily focuses on extending the httpd 2.4 support, tested
|
||||
through adding RHEL7 and Ubuntu 14.04 support. It also includes Passenger
|
||||
4 support, as well as several new modules and important bugfixes.
|
||||
|
||||
####Features
|
||||
|
||||
- Add support for RHEL7 and Ubuntu 14.04
|
||||
- More complete apache24 support
|
||||
- Passenger 4 support
|
||||
- Add support for max_keepalive_requests and log_formats parameters
|
||||
- Add mod_pagespeed support
|
||||
- Add mod_speling support
|
||||
- Added several parameters for mod_passenger
|
||||
- Added ssl_cipher parameter to apache::mod::ssl
|
||||
- Improved examples in documentation
|
||||
- Added docroot_mode, action, and suexec_user_group parameters to apache::vhost
|
||||
- Add support for custom extensions for mod_php
|
||||
- Improve proxy_html support for Debian
|
||||
|
||||
####Bugfixes
|
||||
|
||||
- Remove NameVirtualHost directive for apache >= 2.4
|
||||
- Order proxy_set option so it doesn't change between runs
|
||||
- Fix inverted SSL compression
|
||||
- Fix missing ensure on concat::fragment resources
|
||||
- Fix bad dependencies in apache::mod and apache::mod::mime
|
||||
|
||||
####Known Bugs
|
||||
* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`.
|
||||
* SLES is unsupported.
|
||||
|
||||
## 2014-03-04 Supported Release 1.0.1
|
||||
###Summary
|
||||
|
||||
This is a supported release. This release removes a testing symlink that can
|
||||
cause trouble on systems where /var is on a seperate filesystem from the
|
||||
modulepath.
|
||||
|
||||
####Features
|
||||
####Bugfixes
|
||||
####Known Bugs
|
||||
* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`.
|
||||
* SLES is unsupported.
|
||||
|
||||
## 2014-03-04 Supported Release 1.0.0
|
||||
###Summary
|
||||
|
||||
This is a supported release. This release introduces Apache 2.4 support for
|
||||
Debian and RHEL based osfamilies.
|
||||
|
||||
####Features
|
||||
|
||||
- Add apache24 support
|
||||
- Add rewrite_base functionality to rewrites
|
||||
- Updated README documentation
|
||||
- Add WSGIApplicationGroup and WSGIImportScript directives
|
||||
|
||||
####Bugfixes
|
||||
|
||||
- Replace mutating hashes with merge() for Puppet 3.5
|
||||
- Fix WSGI import_script and mod_ssl issues on Lucid
|
||||
|
||||
####Known Bugs
|
||||
* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`.
|
||||
* SLES is unsupported.
|
||||
|
||||
---
|
||||
|
||||
## 2014-01-31 Release 0.11.0
|
||||
### Summary:
|
||||
|
||||
This release adds preliminary support for Windows compatibility and multiple rewrite support.
|
||||
|
||||
#### Backwards-incompatible Changes:
|
||||
|
||||
- The rewrite_rule parameter is deprecated in favor of the new rewrite parameter
|
||||
and will be removed in a future release.
|
||||
|
||||
#### Features:
|
||||
|
||||
- add Match directive
|
||||
- quote paths for windows compatibility
|
||||
- add auth_group_file option to README.md
|
||||
- allow AuthGroupFile directive for vhosts
|
||||
- Support Header directives in vhost context
|
||||
- Don't purge mods-available dir when separate enable dir is used
|
||||
- Fix the servername used in log file name
|
||||
- Added support for mod_include
|
||||
- Remove index parameters.
|
||||
- Support environment variable control for CustomLog
|
||||
- added redirectmatch support
|
||||
- Setting up the ability to do multiple rewrites and conditions.
|
||||
- Convert spec tests to beaker.
|
||||
- Support php_admin_(flag|value)s
|
||||
|
||||
#### Bugfixes:
|
||||
|
||||
- directories are either a Hash or an Array of Hashes
|
||||
- Configure Passenger in separate .conf file on RH so PassengerRoot isn't lost
|
||||
- (docs) Update list of `apache::mod::[name]` classes
|
||||
- (docs) Fix apache::namevirtualhost example call style
|
||||
- Fix $ports_file reference in apache::listen.
|
||||
- Fix $ports_file reference in Namevirtualhost.
|
||||
|
||||
|
||||
## 2013-12-05 Release 0.10.0
|
||||
### Summary:
|
||||
|
||||
This release adds FreeBSD osfamily support and various other improvements to some mods.
|
||||
|
||||
#### Features:
|
||||
|
||||
- Add suPHP_UserGroup directive to directory context
|
||||
- Add support for ScriptAliasMatch directives
|
||||
- Set SSLOptions StdEnvVars in server context
|
||||
- No implicit <Directory> entry for ScriptAlias path
|
||||
- Add support for overriding ErrorDocument
|
||||
- Add support for AliasMatch directives
|
||||
- Disable default "allow from all" in vhost-directories
|
||||
- Add WSGIPythonPath as an optional parameter to mod_wsgi.
|
||||
- Add mod_rpaf support
|
||||
- Add directives: IndexOptions, IndexOrderDefault
|
||||
- Add ability to include additional external configurations in vhost
|
||||
- need to use the provider variable not the provider key value from the directory hash for matches
|
||||
- Support for FreeBSD and few other features
|
||||
- Add new params to apache::mod::mime class
|
||||
- Allow apache::mod to specify module id and path
|
||||
- added $server_root parameter
|
||||
- Add Allow and ExtendedStatus support to mod_status
|
||||
- Expand vhost/_directories.pp directive support
|
||||
- Add initial support for nss module (no directives in vhost template yet)
|
||||
- added peruser and event mpms
|
||||
- added $service_name parameter
|
||||
- add parameter for TraceEnable
|
||||
- Make LogLevel configurable for server and vhost
|
||||
- Add documentation about $ip
|
||||
- Add ability to pass ip (instead of wildcard) in default vhost files
|
||||
|
||||
#### Bugfixes:
|
||||
|
||||
- Don't listen on port or set NameVirtualHost for non-existent vhost
|
||||
- only apply Directory defaults when provider is a directory
|
||||
- Working mod_authnz_ldap support on Debian/Ubuntu
|
||||
|
||||
## 2013-09-06 Release 0.9.0
|
||||
### Summary:
|
||||
This release adds more parameters to the base apache class and apache defined
|
||||
resource to make the module more flexible. It also adds or enhances SuPHP,
|
||||
WSGI, and Passenger mod support, and support for the ITK mpm module.
|
||||
|
||||
#### Backwards-incompatible Changes:
|
||||
- Remove many default mods that are not normally needed.
|
||||
- Remove `rewrite_base` `apache::vhost` parameter; did not work anyway.
|
||||
- Specify dependencies on stdlib >=2.4.0 (this was already the case, but
|
||||
making explicit)
|
||||
- Deprecate `a2mod` in favor of the `apache::mod::*` classes and `apache::mod`
|
||||
defined resource.
|
||||
|
||||
#### Features:
|
||||
- `apache` class
|
||||
- Add `httpd_dir` parameter to change the location of the configuration
|
||||
files.
|
||||
- Add `logroot` parameter to change the logroot
|
||||
- Add `ports_file` parameter to changes the `ports.conf` file location
|
||||
- Add `keepalive` parameter to enable persistent connections
|
||||
- Add `keepalive_timeout` parameter to change the timeout
|
||||
- Update `default_mods` to be able to take an array of mods to enable.
|
||||
- `apache::vhost`
|
||||
- Add `wsgi_daemon_process`, `wsgi_daemon_process_options`,
|
||||
`wsgi_process_group`, and `wsgi_script_aliases` parameters for per-vhost
|
||||
WSGI configuration.
|
||||
- Add `access_log_syslog` parameter to enable syslogging.
|
||||
- Add `error_log_syslog` parameter to enable syslogging of errors.
|
||||
- Add `directories` hash parameter. Please see README for documentation.
|
||||
- Add `sslproxyengine` parameter to enable SSLProxyEngine
|
||||
- Add `suphp_addhandler`, `suphp_engine`, and `suphp_configpath` for
|
||||
configuring SuPHP.
|
||||
- Add `custom_fragment` parameter to allow for arbitrary apache
|
||||
configuration injection. (Feature pull requests are prefered over using
|
||||
this, but it is available in a pinch.)
|
||||
- Add `apache::mod::suphp` class for configuring SuPHP.
|
||||
- Add `apache::mod::itk` class for configuring ITK mpm module.
|
||||
- Update `apache::mod::wsgi` class for global WSGI configuration with
|
||||
`wsgi_socket_prefix` and `wsgi_python_home` parameters.
|
||||
- Add README.passenger.md to document the `apache::mod::passenger` usage.
|
||||
Added `passenger_high_performance`, `passenger_pool_idle_time`,
|
||||
`passenger_max_requests`, `passenger_stat_throttle_rate`, `rack_autodetect`,
|
||||
and `rails_autodetect` parameters.
|
||||
- Separate the httpd service resource into a new `apache::service` class for
|
||||
dependency chaining of `Class['apache'] -> <resource> ~>
|
||||
Class['apache::service']`
|
||||
- Added `apache::mod::proxy_balancer` class for `apache::balancer`
|
||||
|
||||
#### Bugfixes:
|
||||
- Change dependency to puppetlabs-concat
|
||||
- Fix ruby 1.9 bug for `a2mod`
|
||||
- Change servername to be `$::hostname` if there is no `$::fqdn`
|
||||
- Make `/etc/ssl/certs` the default ssl certs directory for RedHat non-5.
|
||||
- Make `php` the default php package for RedHat non-5.
|
||||
- Made `aliases` able to take a single alias hash instead of requiring an
|
||||
array.
|
||||
|
||||
## 2013-07-26 Release 0.8.1
|
||||
#### Bugfixes:
|
||||
- Update `apache::mpm_module` detection for worker/prefork
|
||||
- Update `apache::mod::cgi` and `apache::mod::cgid` detection for
|
||||
worker/prefork
|
||||
|
||||
## 2013-07-16 Release 0.8.0
|
||||
#### Features:
|
||||
- Add `servername` parameter to `apache` class
|
||||
- Add `proxy_set` parameter to `apache::balancer` define
|
||||
|
||||
#### Bugfixes:
|
||||
- Fix ordering for multiple `apache::balancer` clusters
|
||||
- Fix symlinking for sites-available on Debian-based OSs
|
||||
- Fix dependency ordering for recursive confdir management
|
||||
- Fix `apache::mod::*` to notify the service on config change
|
||||
- Documentation updates
|
||||
|
||||
## 2013-07-09 Release 0.7.0
|
||||
#### Changes:
|
||||
- Essentially rewrite the module -- too many to list
|
||||
- `apache::vhost` has many abilities -- see README.md for details
|
||||
- `apache::mod::*` classes provide httpd mod-loading capabilities
|
||||
- `apache` base class is much more configurable
|
||||
|
||||
#### Bugfixes:
|
||||
- Many. And many more to come
|
||||
|
||||
## 2013-03-2 Release 0.6.0
|
||||
- update travis tests (add more supported versions)
|
||||
- add access log_parameter
|
||||
- make purging of vhost dir configurable
|
||||
|
||||
## 2012-08-24 Release 0.4.0
|
||||
#### Changes:
|
||||
- `include apache` is now required when using `apache::mod::*`
|
||||
|
||||
#### Bugfixes:
|
||||
- Fix syntax for validate_re
|
||||
- Fix formatting in vhost template
|
||||
- Fix spec tests such that they pass
|
||||
|
||||
##2012-05-08 Puppet Labs <info@puppetlabs.com> - 0.0.4
|
||||
* e62e362 Fix broken tests for ssl, vhost, vhost::*
|
||||
* 42c6363 Changes to match style guide and pass puppet-lint without error
|
||||
* 42bc8ba changed name => path for file resources in order to name namevar by it's name
|
||||
* 72e13de One end too much
|
||||
* 0739641 style guide fixes: 'true' <> true, $operatingsystem needs to be $::operatingsystem, etc.
|
||||
* 273f94d fix tests
|
||||
* a35ede5 (#13860) Make a2enmod/a2dismo commands optional
|
||||
* 98d774e (#13860) Autorequire Package['httpd']
|
||||
* 05fcec5 (#13073) Add missing puppet spec tests
|
||||
* 541afda (#6899) Remove virtual a2mod definition
|
||||
* 976cb69 (#13072) Move mod python and wsgi package names to params
|
||||
* 323915a (#13060) Add .gitignore to repo
|
||||
* fdf40af (#13060) Remove pkg directory from source tree
|
||||
* fd90015 Add LICENSE file and update the ModuleFile
|
||||
* d3d0d23 Re-enable local php class
|
||||
* d7516c7 Make management of firewalls configurable for vhosts
|
||||
* 60f83ba Explicitly lookup scope of apache_name in templates.
|
||||
* f4d287f (#12581) Add explicit ordering for vdir directory
|
||||
* 88a2ac6 (#11706) puppetlabs-apache depends on puppetlabs-firewall
|
||||
* a776a8b (#11071) Fix to work with latest firewall module
|
||||
* 2b79e8b (#11070) Add support for Scientific Linux
|
||||
* 405b3e9 Fix for a2mod
|
||||
* 57b9048 Commit apache::vhost::redirect Manifest
|
||||
* 8862d01 Commit apache::vhost::proxy Manifest
|
||||
* d5c1fd0 Commit apache::mod::wsgi Manifest
|
||||
* a825ac7 Commit apache::mod::python Manifest
|
||||
* b77062f Commit Templates
|
||||
* 9a51b4a Vhost File Declarations
|
||||
* 6cf7312 Defaults for Parameters
|
||||
* 6a5b11a Ensure installed
|
||||
* f672e46 a2mod fix
|
||||
* 8a56ee9 add pthon support to apache
|
234
deployment/puppet/apache/CONTRIBUTING.md
Normal file
234
deployment/puppet/apache/CONTRIBUTING.md
Normal file
@ -0,0 +1,234 @@
|
||||
Checklist (and a short version for the impatient)
|
||||
=================================================
|
||||
|
||||
* Commits:
|
||||
|
||||
- Make commits of logical units.
|
||||
|
||||
- Check for unnecessary whitespace with "git diff --check" before
|
||||
committing.
|
||||
|
||||
- Commit using Unix line endings (check the settings around "crlf" in
|
||||
git-config(1)).
|
||||
|
||||
- Do not check in commented out code or unneeded files.
|
||||
|
||||
- The first line of the commit message should be a short
|
||||
description (50 characters is the soft limit, excluding ticket
|
||||
number(s)), and should skip the full stop.
|
||||
|
||||
- Associate the issue in the message. The first line should include
|
||||
the issue number in the form "(#XXXX) Rest of message".
|
||||
|
||||
- The body should provide a meaningful commit message, which:
|
||||
|
||||
- uses the imperative, present tense: "change", not "changed" or
|
||||
"changes".
|
||||
|
||||
- includes motivation for the change, and contrasts its
|
||||
implementation with the previous behavior.
|
||||
|
||||
- Make sure that you have tests for the bug you are fixing, or
|
||||
feature you are adding.
|
||||
|
||||
- Make sure the test suites passes after your commit:
|
||||
`bundle exec rspec spec/acceptance` More information on [testing](#Testing) below
|
||||
|
||||
- When introducing a new feature, make sure it is properly
|
||||
documented in the README.md
|
||||
|
||||
* Submission:
|
||||
|
||||
* Pre-requisites:
|
||||
|
||||
- Sign the [Contributor License Agreement](https://cla.puppetlabs.com/)
|
||||
|
||||
- Make sure you have a [GitHub account](https://github.com/join)
|
||||
|
||||
- [Create a ticket](http://projects.puppetlabs.com/projects/modules/issues/new), or [watch the ticket](http://projects.puppetlabs.com/projects/modules/issues) you are patching for.
|
||||
|
||||
* Preferred method:
|
||||
|
||||
- Fork the repository on GitHub.
|
||||
|
||||
- Push your changes to a topic branch in your fork of the
|
||||
repository. (the format ticket/1234-short_description_of_change is
|
||||
usually preferred for this project).
|
||||
|
||||
- Submit a pull request to the repository in the puppetlabs
|
||||
organization.
|
||||
|
||||
The long version
|
||||
================
|
||||
|
||||
1. Make separate commits for logically separate changes.
|
||||
|
||||
Please break your commits down into logically consistent units
|
||||
which include new or changed tests relevant to the rest of the
|
||||
change. The goal of doing this is to make the diff easier to
|
||||
read for whoever is reviewing your code. In general, the easier
|
||||
your diff is to read, the more likely someone will be happy to
|
||||
review it and get it into the code base.
|
||||
|
||||
If you are going to refactor a piece of code, please do so as a
|
||||
separate commit from your feature or bug fix changes.
|
||||
|
||||
We also really appreciate changes that include tests to make
|
||||
sure the bug is not re-introduced, and that the feature is not
|
||||
accidentally broken.
|
||||
|
||||
Describe the technical detail of the change(s). If your
|
||||
description starts to get too long, that is a good sign that you
|
||||
probably need to split up your commit into more finely grained
|
||||
pieces.
|
||||
|
||||
Commits which plainly describe the things which help
|
||||
reviewers check the patch and future developers understand the
|
||||
code are much more likely to be merged in with a minimum of
|
||||
bike-shedding or requested changes. Ideally, the commit message
|
||||
would include information, and be in a form suitable for
|
||||
inclusion in the release notes for the version of Puppet that
|
||||
includes them.
|
||||
|
||||
Please also check that you are not introducing any trailing
|
||||
whitespace or other "whitespace errors". You can do this by
|
||||
running "git diff --check" on your changes before you commit.
|
||||
|
||||
2. Sign the Contributor License Agreement
|
||||
|
||||
Before we can accept your changes, we do need a signed Puppet
|
||||
Labs Contributor License Agreement (CLA).
|
||||
|
||||
You can access the CLA via the [Contributor License Agreement link](https://cla.puppetlabs.com/)
|
||||
|
||||
If you have any questions about the CLA, please feel free to
|
||||
contact Puppet Labs via email at cla-submissions@puppetlabs.com.
|
||||
|
||||
3. Sending your patches
|
||||
|
||||
To submit your changes via a GitHub pull request, we _highly_
|
||||
recommend that you have them on a topic branch, instead of
|
||||
directly on "master".
|
||||
It makes things much easier to keep track of, especially if
|
||||
you decide to work on another thing before your first change
|
||||
is merged in.
|
||||
|
||||
GitHub has some pretty good
|
||||
[general documentation](http://help.github.com/) on using
|
||||
their site. They also have documentation on
|
||||
[creating pull requests](http://help.github.com/send-pull-requests/).
|
||||
|
||||
In general, after pushing your topic branch up to your
|
||||
repository on GitHub, you can switch to the branch in the
|
||||
GitHub UI and click "Pull Request" towards the top of the page
|
||||
in order to open a pull request.
|
||||
|
||||
|
||||
4. Update the related GitHub issue.
|
||||
|
||||
If there is a GitHub issue associated with the change you
|
||||
submitted, then you should update the ticket to include the
|
||||
location of your branch, along with any other commentary you
|
||||
may wish to make.
|
||||
|
||||
Testing
|
||||
=======
|
||||
|
||||
Getting Started
|
||||
---------------
|
||||
|
||||
Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby
|
||||
package manager such as [bundler](http://bundler.io/) what Ruby packages,
|
||||
or Gems, are required to build, develop, and test this software.
|
||||
|
||||
Please make sure you have [bundler installed](http://bundler.io/#getting-started)
|
||||
on your system, then use it to install all dependencies needed for this project,
|
||||
by running
|
||||
|
||||
```shell
|
||||
% bundle install
|
||||
Fetching gem metadata from https://rubygems.org/........
|
||||
Fetching gem metadata from https://rubygems.org/..
|
||||
Using rake (10.1.0)
|
||||
Using builder (3.2.2)
|
||||
-- 8><-- many more --><8 --
|
||||
Using rspec-system-puppet (2.2.0)
|
||||
Using serverspec (0.6.3)
|
||||
Using rspec-system-serverspec (1.0.0)
|
||||
Using bundler (1.3.5)
|
||||
Your bundle is complete!
|
||||
Use `bundle show [gemname]` to see where a bundled gem is installed.
|
||||
```
|
||||
|
||||
NOTE some systems may require you to run this command with sudo.
|
||||
|
||||
If you already have those gems installed, make sure they are up-to-date:
|
||||
|
||||
```shell
|
||||
% bundle update
|
||||
```
|
||||
|
||||
With all dependencies in place and up-to-date we can now run the tests:
|
||||
|
||||
```shell
|
||||
% rake spec
|
||||
```
|
||||
|
||||
This will execute all the [rspec tests](http://rspec-puppet.com/) tests
|
||||
under [spec/defines](./spec/defines), [spec/classes](./spec/classes),
|
||||
and so on. rspec tests may have the same kind of dependencies as the
|
||||
module they are testing. While the module defines in its [Modulefile](./Modulefile),
|
||||
rspec tests define them in [.fixtures.yml](./fixtures.yml).
|
||||
|
||||
Some puppet modules also come with [beaker](https://github.com/puppetlabs/beaker)
|
||||
tests. These tests spin up a virtual machine under
|
||||
[VirtualBox](https://www.virtualbox.org/)) with, controlling it with
|
||||
[Vagrant](http://www.vagrantup.com/) to actually simulate scripted test
|
||||
scenarios. In order to run these, you will need both of those tools
|
||||
installed on your system.
|
||||
|
||||
You can run them by issuing the following command
|
||||
|
||||
```shell
|
||||
% rake spec_clean
|
||||
% rspec spec/acceptance
|
||||
```
|
||||
|
||||
This will now download a pre-fabricated image configured in the [default node-set](./spec/acceptance/nodesets/default.yml),
|
||||
install puppet, copy this module and install its dependencies per [spec/spec_helper_acceptance.rb](./spec/spec_helper_acceptance.rb)
|
||||
and then run all the tests under [spec/acceptance](./spec/acceptance).
|
||||
|
||||
Writing Tests
|
||||
-------------
|
||||
|
||||
XXX getting started writing tests.
|
||||
|
||||
If you have commit access to the repository
|
||||
===========================================
|
||||
|
||||
Even if you have commit access to the repository, you will still need to
|
||||
go through the process above, and have someone else review and merge
|
||||
in your changes. The rule is that all changes must be reviewed by a
|
||||
developer on the project (that did not write the code) to ensure that
|
||||
all changes go through a code review process.
|
||||
|
||||
Having someone other than the author of the topic branch recorded as
|
||||
performing the merge is the record that they performed the code
|
||||
review.
|
||||
|
||||
|
||||
Additional Resources
|
||||
====================
|
||||
|
||||
* [Getting additional help](http://projects.puppetlabs.com/projects/puppet/wiki/Getting_Help)
|
||||
|
||||
* [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests)
|
||||
|
||||
* [Patchwork](https://patchwork.puppetlabs.com)
|
||||
|
||||
* [Contributor License Agreement](https://projects.puppetlabs.com/contributor_licenses/sign)
|
||||
|
||||
* [General GitHub documentation](http://help.github.com/)
|
||||
|
||||
* [GitHub pull request documentation](http://help.github.com/send-pull-requests/)
|
||||
|
27
deployment/puppet/apache/Gemfile
Normal file
27
deployment/puppet/apache/Gemfile
Normal file
@ -0,0 +1,27 @@
|
||||
source ENV['GEM_SOURCE'] || "https://rubygems.org"
|
||||
|
||||
group :development, :test do
|
||||
gem 'rake', :require => false
|
||||
gem 'rspec-puppet', :require => false
|
||||
gem 'puppetlabs_spec_helper', :require => false
|
||||
gem 'serverspec', :require => false
|
||||
gem 'puppet-lint', :require => false
|
||||
gem 'beaker', :require => false
|
||||
gem 'beaker-rspec', :require => false
|
||||
gem 'pry', :require => false
|
||||
gem 'simplecov', :require => false
|
||||
end
|
||||
|
||||
if facterversion = ENV['FACTER_GEM_VERSION']
|
||||
gem 'facter', facterversion, :require => false
|
||||
else
|
||||
gem 'facter', :require => false
|
||||
end
|
||||
|
||||
if puppetversion = ENV['PUPPET_GEM_VERSION']
|
||||
gem 'puppet', puppetversion, :require => false
|
||||
else
|
||||
gem 'puppet', :require => false
|
||||
end
|
||||
|
||||
# vim:ft=ruby
|
15
deployment/puppet/apache/LICENSE
Normal file
15
deployment/puppet/apache/LICENSE
Normal file
@ -0,0 +1,15 @@
|
||||
Copyright (C) 2012 Puppet Labs Inc
|
||||
|
||||
Puppet Labs can be contacted at: info@puppetlabs.com
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
2352
deployment/puppet/apache/README.md
Normal file
2352
deployment/puppet/apache/README.md
Normal file
File diff suppressed because it is too large
Load Diff
278
deployment/puppet/apache/README.passenger.md
Normal file
278
deployment/puppet/apache/README.passenger.md
Normal file
@ -0,0 +1,278 @@
|
||||
# Passenger
|
||||
|
||||
Just enabling the Passenger module is insufficient for the use of Passenger in
|
||||
production. Passenger should be tunable to better fit the environment in which
|
||||
it is run while being aware of the resources it required.
|
||||
|
||||
To this end the Apache passenger module has been modified to apply system wide
|
||||
Passenger tuning declarations to `passenger.conf`. Declarations specific to a
|
||||
virtual host should be passed through when defining a `vhost` (e.g.
|
||||
`rack_base_uris` parameter on the `apache::vhost` type, check `README.md`).
|
||||
|
||||
Also, general apache module loading parameters can be supplied to enable using
|
||||
a customized passenger module in place of a default-package-based version of
|
||||
the module.
|
||||
|
||||
# Operating system support and Passenger versions
|
||||
|
||||
The most important configuration directive for the Apache Passenger module is
|
||||
`PassengerRoot`. Its value depends on the Passenger version used (2.x, 3.x or
|
||||
4.x) and on the operating system package from which the Apache Passenger module
|
||||
is installed.
|
||||
|
||||
The following table summarises the current *default versions* and
|
||||
`PassengerRoot` settings for the operating systems supported by
|
||||
puppetlabs-apache:
|
||||
|
||||
OS | Passenger version | `PassengerRoot`
|
||||
---------------- | ------------------ | ----------------
|
||||
Debian 7 | 3.0.13 | /usr
|
||||
Ubuntu 12.04 | 2.2.11 | /usr
|
||||
Ubuntu 14.04 | 4.0.37 | /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini
|
||||
RHEL with EPEL6 | 3.0.21 | /usr/lib/ruby/gems/1.8/gems/passenger-3.0.21
|
||||
|
||||
As mentioned in `README.md` there are no compatible packages available for
|
||||
RHEL/CentOS 5 or RHEL/CentOS 7.
|
||||
|
||||
## Configuration files and locations on RHEL/CentOS
|
||||
|
||||
Notice two important points:
|
||||
|
||||
1. The Passenger version packaged in the EPEL repositories may change over time.
|
||||
2. The value of `PassengerRoot` depends on the Passenger version installed.
|
||||
|
||||
To prevent the puppetlabs-apache module from having to keep up with these
|
||||
package versions the Passenger configuration files installed by the
|
||||
packages are left untouched by this module. All configuration is placed in an
|
||||
extra configuration file managed by puppetlabs-apache.
|
||||
|
||||
This means '/etc/httpd/conf.d/passenger.conf' is installed by the
|
||||
`mod_passenger` package and contains correct values for `PassengerRoot` and
|
||||
`PassengerRuby`. Puppet will ignore this file. Additional configuration
|
||||
directives as described in the remainder of this document are placed in
|
||||
'/etc/httpd/conf.d/passenger_extra.conf', managed by Puppet.
|
||||
|
||||
This pertains *only* to RHEL/CentOS, *not* Debian and Ubuntu.
|
||||
|
||||
## Third-party and custom Passenger packages and versions
|
||||
|
||||
The Passenger version distributed by the default OS packages may be too old to
|
||||
be useful. Newer versions may be installed via Gems, from source or from
|
||||
third-party OS packages.
|
||||
|
||||
Most notably the Passenger developers officially provide Debian packages for a
|
||||
variety of Debian and Ubuntu releases in the [Passenger APT
|
||||
repository](https://oss-binaries.phusionpassenger.com/apt/passenger). Read more
|
||||
about [installing these packages in the offical user
|
||||
guide](http://www.modrails.com/documentation/Users%20guide%20Apache.html#install_on_debian_ubuntu).
|
||||
|
||||
If you install custom Passenger packages and newer version make sure to set the
|
||||
directives `PassengerRoot`, `PassengerRuby` and/or `PassengerDefaultRuby`
|
||||
correctly, or Passenger and Apache will fail to function properly.
|
||||
|
||||
For Passenger 4.x packages on Debian and Ubuntu the `PassengerRoot` directive
|
||||
should almost universally be set to
|
||||
`/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini`.
|
||||
|
||||
# Parameters for `apache::mod::passenger`
|
||||
|
||||
The following class parameters configure Passenger in a global, server-wide
|
||||
context.
|
||||
|
||||
Example:
|
||||
|
||||
```puppet
|
||||
class { 'apache::mod::passenger':
|
||||
passenger_root => '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini',
|
||||
passenger_default_ruby => '/usr/bin/ruby1.9.3',
|
||||
passenger_high_performance => 'on',
|
||||
rails_autodetect => 'off',
|
||||
mod_lib_path => '/usr/lib/apache2/custom_modules',
|
||||
}
|
||||
```
|
||||
|
||||
The general form is using the all lower-case version of the configuration
|
||||
directive, with underscores instead of CamelCase.
|
||||
|
||||
## Parameters used with passenger.conf
|
||||
|
||||
If you pass a default value to `apache::mod::passenger` it will be ignored and
|
||||
not passed through to the configuration file.
|
||||
|
||||
### passenger_root
|
||||
|
||||
The location to the Phusion Passenger root directory. This configuration option
|
||||
is essential to Phusion Passenger, and allows Phusion Passenger to locate its
|
||||
own data files.
|
||||
|
||||
The default depends on the Passenger version and the means of installation. See
|
||||
the above section on operating system support, versions and packages for more
|
||||
information.
|
||||
|
||||
http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengerroot_lt_directory_gt
|
||||
|
||||
### passenger_default_ruby
|
||||
|
||||
This option specifies the default Ruby interpreter to use for web apps as well
|
||||
as for all sorts of internal Phusion Passenger helper scripts, e.g. the one
|
||||
used by PassengerPreStart.
|
||||
|
||||
This directive was introduced in Passenger 4.0.0 and will not work in versions
|
||||
< 4.x. Do not set this parameter if your Passenger version is older than 4.0.0.
|
||||
|
||||
Defaults to `undef` for all operating systems except Ubuntu 14.04, where it is
|
||||
set to '/usr/bin/ruby'.
|
||||
|
||||
http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerDefaultRuby
|
||||
|
||||
### passenger_ruby
|
||||
|
||||
This directive is the same as `passenger_default_ruby` for Passenger versions
|
||||
< 4.x and must be used instead of `passenger_default_ruby` for such versions.
|
||||
|
||||
It makes no sense to set `PassengerRuby` for Passenger >= 4.x. That
|
||||
directive should only be used to override the value of `PassengerDefaultRuby`
|
||||
on a non-global context, i.e. in `<VirtualHost>`, `<Directory>`, `<Location>`
|
||||
and so on.
|
||||
|
||||
Defaults to `/usr/bin/ruby` for all supported operating systems except Ubuntu
|
||||
14.04, where it is set to `undef`.
|
||||
|
||||
http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerRuby
|
||||
|
||||
### passenger_high_performance
|
||||
|
||||
Default is `off`. When turned `on` Passenger runs in a higher performance mode
|
||||
that can be less compatible with other Apache modules.
|
||||
|
||||
http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerHighPerformance
|
||||
|
||||
### passenger_max_pool_size
|
||||
|
||||
Sets the maximum number of Passenger application processes that may
|
||||
simultaneously run. The default value is 6.
|
||||
|
||||
http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengermaxpoolsize_lt_integer_gt
|
||||
|
||||
### passenger_pool_idle_time
|
||||
|
||||
The maximum number of seconds a Passenger Application process will be allowed
|
||||
to remain idle before being shut down. The default value is 300.
|
||||
|
||||
http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerPoolIdleTime
|
||||
|
||||
### passenger_max_requests
|
||||
|
||||
The maximum number of request a Passenger application will process before being
|
||||
restarted. The default value is 0, which indicates that a process will only
|
||||
shut down if the Pool Idle Time (see above) expires.
|
||||
|
||||
http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerMaxRequests
|
||||
|
||||
### passenger_stat_throttle_rate
|
||||
|
||||
Sets how often Passenger performs file system checks, at most once every _x_
|
||||
seconds. Default is 0, which means the checks are performed with every request.
|
||||
|
||||
http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengerstatthrottlerate_lt_integer_gt
|
||||
|
||||
### rack_autodetect
|
||||
|
||||
Should Passenger automatically detect if the document root of a virtual host is
|
||||
a Rack application. Not set by default (`undef`). Note that this directive has
|
||||
been removed in Passenger 4.0.0 and `PassengerEnabled` should be used instead.
|
||||
Use this directive only on Passenger < 4.x.
|
||||
|
||||
http://www.modrails.com/documentation/Users%20guide%20Apache.html#_rackautodetect_lt_on_off_gt
|
||||
|
||||
### rails_autodetect
|
||||
|
||||
Should Passenger automatically detect if the document root of a virtual host is
|
||||
a Rails application. Not set by default (`undef`). Note that this directive
|
||||
has been removed in Passenger 4.0.0 and `PassengerEnabled` should be used
|
||||
instead. Use this directive only on Passenger < 4.x.
|
||||
|
||||
http://www.modrails.com/documentation/Users%20guide%20Apache.html#_railsautodetect_lt_on_off_gt
|
||||
|
||||
### passenger_use_global_queue
|
||||
|
||||
Allows toggling of PassengerUseGlobalQueue. NOTE: PassengerUseGlobalQueue is
|
||||
the default in Passenger 4.x and the versions >= 4.x have disabled this
|
||||
configuration option altogether. Use with caution.
|
||||
|
||||
## Parameters used to load the module
|
||||
|
||||
Unlike the tuning parameters specified above, the following parameters are only
|
||||
used when loading customized passenger modules.
|
||||
|
||||
### mod_package
|
||||
|
||||
Allows overriding the default package name used for the passenger module
|
||||
package.
|
||||
|
||||
### mod_package_ensure
|
||||
|
||||
Allows overriding the package installation setting used by puppet when
|
||||
installing the passenger module. The default is 'present'.
|
||||
|
||||
### mod_id
|
||||
|
||||
Allows overriding the value used by apache to identify the passenger module.
|
||||
The default is 'passenger_module'.
|
||||
|
||||
### mod_lib_path
|
||||
|
||||
Allows overriding the directory path used by apache when loading the passenger
|
||||
module. The default is the value of `$apache::params::lib_path`.
|
||||
|
||||
### mod_lib
|
||||
|
||||
Allows overriding the library file name used by apache when loading the
|
||||
passenger module. The default is 'mod_passenger.so'.
|
||||
|
||||
### mod_path
|
||||
|
||||
Allows overriding the full path to the library file used by apache when loading
|
||||
the passenger module. The default is the concatenation of the `mod_lib_path`
|
||||
and `mod_lib` parameters.
|
||||
|
||||
# Dependencies
|
||||
|
||||
RedHat-based systems will need to configure additional package repositories in
|
||||
order to install Passenger, specifically:
|
||||
|
||||
* [Extra Packages for Enterprise Linux](https://fedoraproject.org/wiki/EPEL)
|
||||
* [Phusion Passenger](http://passenger.stealthymonkeys.com)
|
||||
|
||||
Configuration of these repositories is beyond the scope of this module and is
|
||||
left to the user.
|
||||
|
||||
# Attribution
|
||||
|
||||
The Passenger tuning parameters for the `apache::mod::passenger` Puppet class
|
||||
was modified by Aaron Hicks (hicksa@landcareresearch.co.nz) for work on the
|
||||
NeSI Project and the Tuakiri New Zealand Access Federation as a fork from the
|
||||
PuppetLabs Apache module on GitHub.
|
||||
|
||||
* https://github.com/puppetlabs/puppetlabs-apache
|
||||
* https://github.com/nesi/puppetlabs-apache
|
||||
* http://www.nesi.org.nz//
|
||||
* https://tuakiri.ac.nz/confluence/display/Tuakiri/Home
|
||||
|
||||
# Copyright and License
|
||||
|
||||
Copyright (C) 2012 [Puppet Labs](https://www.puppetlabs.com/) Inc
|
||||
|
||||
Puppet Labs can be contacted at: info@puppetlabs.com
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
11
deployment/puppet/apache/Rakefile
Normal file
11
deployment/puppet/apache/Rakefile
Normal file
@ -0,0 +1,11 @@
|
||||
require 'puppetlabs_spec_helper/rake_tasks'
|
||||
require 'puppet-lint/tasks/puppet-lint'
|
||||
|
||||
PuppetLint.configuration.fail_on_warnings
|
||||
PuppetLint.configuration.send('relative')
|
||||
PuppetLint.configuration.send('disable_80chars')
|
||||
PuppetLint.configuration.send('disable_class_inherits_from_params_class')
|
||||
PuppetLint.configuration.send('disable_documentation')
|
||||
PuppetLint.configuration.send('disable_single_quote_string_with_variables')
|
||||
PuppetLint.configuration.send('disable_only_variable_string')
|
||||
PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"]
|
24
deployment/puppet/apache/files/httpd
Normal file
24
deployment/puppet/apache/files/httpd
Normal file
@ -0,0 +1,24 @@
|
||||
# Configuration file for the httpd service.
|
||||
|
||||
#
|
||||
# The default processing model (MPM) is the process-based
|
||||
# 'prefork' model. A thread-based model, 'worker', is also
|
||||
# available, but does not work with some modules (such as PHP).
|
||||
# The service must be stopped before changing this variable.
|
||||
#
|
||||
#HTTPD=/usr/sbin/httpd.worker
|
||||
|
||||
#
|
||||
# To pass additional options (for instance, -D definitions) to the
|
||||
# httpd binary at startup, set OPTIONS here.
|
||||
#
|
||||
#OPTIONS=
|
||||
#OPTIONS=-DDOWN
|
||||
|
||||
#
|
||||
# By default, the httpd process is started in the C locale; to
|
||||
# change the locale in which the server runs, the HTTPD_LANG
|
||||
# variable can be set.
|
||||
#
|
||||
#HTTPD_LANG=C
|
||||
export SHORTHOST=`hostname -s`
|
@ -0,0 +1,30 @@
|
||||
Puppet::Parser::Functions::newfunction(:bool2httpd, :type => :rvalue, :doc => <<-EOS
|
||||
Transform a supposed boolean to On or Off. Pass all other values through.
|
||||
Given a nil value (undef), bool2httpd will return 'Off'
|
||||
|
||||
Example:
|
||||
|
||||
$trace_enable = false
|
||||
$server_signature = 'mail'
|
||||
|
||||
bool2httpd($trace_enable)
|
||||
# => 'Off'
|
||||
bool2httpd($server_signature)
|
||||
# => 'mail'
|
||||
bool2httpd(undef)
|
||||
# => 'Off'
|
||||
|
||||
EOS
|
||||
) do |args|
|
||||
raise(Puppet::ParseError, "bool2httpd() wrong number of arguments. Given: #{args.size} for 1)") if args.size != 1
|
||||
|
||||
arg = args[0]
|
||||
|
||||
if arg.nil? or arg == false or arg =~ /false/i or arg == :undef
|
||||
return 'Off'
|
||||
elsif arg == true or arg =~ /true/i
|
||||
return 'On'
|
||||
end
|
||||
|
||||
return arg.to_s
|
||||
end
|
34
deployment/puppet/apache/lib/puppet/provider/a2mod.rb
Normal file
34
deployment/puppet/apache/lib/puppet/provider/a2mod.rb
Normal file
@ -0,0 +1,34 @@
|
||||
class Puppet::Provider::A2mod < Puppet::Provider
|
||||
def self.prefetch(mods)
|
||||
instances.each do |prov|
|
||||
if mod = mods[prov.name]
|
||||
mod.provider = prov
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
def flush
|
||||
@property_hash.clear
|
||||
end
|
||||
|
||||
def properties
|
||||
if @property_hash.empty?
|
||||
@property_hash = query || {:ensure => :absent}
|
||||
@property_hash[:ensure] = :absent if @property_hash.empty?
|
||||
end
|
||||
@property_hash.dup
|
||||
end
|
||||
|
||||
def query
|
||||
self.class.instances.each do |mod|
|
||||
if mod.name == self.name or mod.name.downcase == self.name
|
||||
return mod.properties
|
||||
end
|
||||
end
|
||||
nil
|
||||
end
|
||||
|
||||
def exists?
|
||||
properties[:ensure] != :absent
|
||||
end
|
||||
end
|
35
deployment/puppet/apache/lib/puppet/provider/a2mod/a2mod.rb
Normal file
35
deployment/puppet/apache/lib/puppet/provider/a2mod/a2mod.rb
Normal file
@ -0,0 +1,35 @@
|
||||
require 'puppet/provider/a2mod'
|
||||
|
||||
Puppet::Type.type(:a2mod).provide(:a2mod, :parent => Puppet::Provider::A2mod) do
|
||||
desc "Manage Apache 2 modules on Debian and Ubuntu"
|
||||
|
||||
optional_commands :encmd => "a2enmod"
|
||||
optional_commands :discmd => "a2dismod"
|
||||
commands :apache2ctl => "apache2ctl"
|
||||
|
||||
confine :osfamily => :debian
|
||||
defaultfor :operatingsystem => [:debian, :ubuntu]
|
||||
|
||||
def self.instances
|
||||
modules = apache2ctl("-M").lines.collect { |line|
|
||||
m = line.match(/(\w+)_module \(shared\)$/)
|
||||
m[1] if m
|
||||
}.compact
|
||||
|
||||
modules.map do |mod|
|
||||
new(
|
||||
:name => mod,
|
||||
:ensure => :present,
|
||||
:provider => :a2mod
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
def create
|
||||
encmd resource[:name]
|
||||
end
|
||||
|
||||
def destroy
|
||||
discmd resource[:name]
|
||||
end
|
||||
end
|
116
deployment/puppet/apache/lib/puppet/provider/a2mod/gentoo.rb
Normal file
116
deployment/puppet/apache/lib/puppet/provider/a2mod/gentoo.rb
Normal file
@ -0,0 +1,116 @@
|
||||
require 'puppet/util/filetype'
|
||||
Puppet::Type.type(:a2mod).provide(:gentoo, :parent => Puppet::Provider) do
|
||||
desc "Manage Apache 2 modules on Gentoo"
|
||||
|
||||
confine :operatingsystem => :gentoo
|
||||
defaultfor :operatingsystem => :gentoo
|
||||
|
||||
attr_accessor :property_hash
|
||||
|
||||
def create
|
||||
@property_hash[:ensure] = :present
|
||||
end
|
||||
|
||||
def exists?
|
||||
(!(@property_hash[:ensure].nil?) and @property_hash[:ensure] == :present)
|
||||
end
|
||||
|
||||
def destroy
|
||||
@property_hash[:ensure] = :absent
|
||||
end
|
||||
|
||||
def flush
|
||||
self.class.flush
|
||||
end
|
||||
|
||||
class << self
|
||||
attr_reader :conf_file
|
||||
end
|
||||
|
||||
def self.clear
|
||||
@mod_resources = []
|
||||
@modules = []
|
||||
@other_args = ""
|
||||
end
|
||||
|
||||
def self.initvars
|
||||
@conf_file = "/etc/conf.d/apache2"
|
||||
@filetype = Puppet::Util::FileType.filetype(:flat).new(conf_file)
|
||||
@mod_resources = []
|
||||
@modules = []
|
||||
@other_args = ""
|
||||
end
|
||||
|
||||
self.initvars
|
||||
|
||||
# Retrieve an array of all existing modules
|
||||
def self.modules
|
||||
if @modules.length <= 0
|
||||
# Locate the APACHE_OPTS variable
|
||||
records = filetype.read.split(/\n/)
|
||||
apache2_opts = records.grep(/^\s*APACHE2_OPTS=/).first
|
||||
|
||||
# Extract all defines
|
||||
while apache2_opts.sub!(/-D\s+(\w+)/, '')
|
||||
@modules << $1.downcase
|
||||
end
|
||||
|
||||
# Hang on to any remaining options.
|
||||
if apache2_opts.match(/APACHE2_OPTS="(.+)"/)
|
||||
@other_args = $1.strip
|
||||
end
|
||||
|
||||
@modules.sort!.uniq!
|
||||
end
|
||||
|
||||
@modules
|
||||
end
|
||||
|
||||
def self.prefetch(resources={})
|
||||
# Match resources with existing providers
|
||||
instances.each do |provider|
|
||||
if resource = resources[provider.name]
|
||||
resource.provider = provider
|
||||
end
|
||||
end
|
||||
|
||||
# Store all resources using this provider for flushing
|
||||
resources.each do |name, resource|
|
||||
@mod_resources << resource
|
||||
end
|
||||
end
|
||||
|
||||
def self.instances
|
||||
modules.map {|mod| new(:name => mod, :provider => :gentoo, :ensure => :present)}
|
||||
end
|
||||
|
||||
def self.flush
|
||||
|
||||
mod_list = modules
|
||||
mods_to_remove = @mod_resources.select {|mod| mod.should(:ensure) == :absent}.map {|mod| mod[:name]}
|
||||
mods_to_add = @mod_resources.select {|mod| mod.should(:ensure) == :present}.map {|mod| mod[:name]}
|
||||
|
||||
mod_list -= mods_to_remove
|
||||
mod_list += mods_to_add
|
||||
mod_list.sort!.uniq!
|
||||
|
||||
if modules != mod_list
|
||||
opts = @other_args + " "
|
||||
opts << mod_list.map {|mod| "-D #{mod.upcase}"}.join(" ")
|
||||
opts.strip!
|
||||
opts.gsub!(/\s+/, ' ')
|
||||
|
||||
apache2_opts = %Q{APACHE2_OPTS="#{opts}"}
|
||||
Puppet.debug("Writing back \"#{apache2_opts}\" to #{conf_file}")
|
||||
|
||||
records = filetype.read.split(/\n/)
|
||||
|
||||
opts_index = records.find_index {|i| i.match(/^\s*APACHE2_OPTS/)}
|
||||
records[opts_index] = apache2_opts
|
||||
|
||||
filetype.backup
|
||||
filetype.write(records.join("\n"))
|
||||
@modules = mod_list
|
||||
end
|
||||
end
|
||||
end
|
12
deployment/puppet/apache/lib/puppet/provider/a2mod/modfix.rb
Normal file
12
deployment/puppet/apache/lib/puppet/provider/a2mod/modfix.rb
Normal file
@ -0,0 +1,12 @@
|
||||
Puppet::Type.type(:a2mod).provide :modfix do
|
||||
desc "Dummy provider for A2mod.
|
||||
|
||||
Fake nil resources when there is no crontab binary available. Allows
|
||||
puppetd to run on a bootstrapped machine before a Cron package has been
|
||||
installed. Workaround for: http://projects.puppetlabs.com/issues/2384
|
||||
"
|
||||
|
||||
def self.instances
|
||||
[]
|
||||
end
|
||||
end
|
60
deployment/puppet/apache/lib/puppet/provider/a2mod/redhat.rb
Normal file
60
deployment/puppet/apache/lib/puppet/provider/a2mod/redhat.rb
Normal file
@ -0,0 +1,60 @@
|
||||
require 'puppet/provider/a2mod'
|
||||
|
||||
Puppet::Type.type(:a2mod).provide(:redhat, :parent => Puppet::Provider::A2mod) do
|
||||
desc "Manage Apache 2 modules on RedHat family OSs"
|
||||
|
||||
commands :apachectl => "apachectl"
|
||||
|
||||
confine :osfamily => :redhat
|
||||
defaultfor :osfamily => :redhat
|
||||
|
||||
require 'pathname'
|
||||
|
||||
# modpath: Path to default apache modules directory /etc/httpd/mod.d
|
||||
# modfile: Path to module load configuration file; Default: resides under modpath directory
|
||||
# libfile: Path to actual apache module library. Added in modfile LoadModule
|
||||
|
||||
attr_accessor :modfile, :libfile
|
||||
class << self
|
||||
attr_accessor :modpath
|
||||
def preinit
|
||||
@modpath = "/etc/httpd/mod.d"
|
||||
end
|
||||
end
|
||||
|
||||
self.preinit
|
||||
|
||||
def create
|
||||
File.open(modfile,'w') do |f|
|
||||
f.puts "LoadModule #{resource[:identifier]} #{libfile}"
|
||||
end
|
||||
end
|
||||
|
||||
def destroy
|
||||
File.delete(modfile)
|
||||
end
|
||||
|
||||
def self.instances
|
||||
modules = apachectl("-M").lines.collect { |line|
|
||||
m = line.match(/(\w+)_module \(shared\)$/)
|
||||
m[1] if m
|
||||
}.compact
|
||||
|
||||
modules.map do |mod|
|
||||
new(
|
||||
:name => mod,
|
||||
:ensure => :present,
|
||||
:provider => :redhat
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
def modfile
|
||||
modfile ||= "#{self.class.modpath}/#{resource[:name]}.load"
|
||||
end
|
||||
|
||||
# Set libfile path: If absolute path is passed, then maintain it. Else, make it default from 'modules' dir.
|
||||
def libfile
|
||||
libfile = Pathname.new(resource[:lib]).absolute? ? resource[:lib] : "modules/#{resource[:lib]}"
|
||||
end
|
||||
end
|
30
deployment/puppet/apache/lib/puppet/type/a2mod.rb
Normal file
30
deployment/puppet/apache/lib/puppet/type/a2mod.rb
Normal file
@ -0,0 +1,30 @@
|
||||
Puppet::Type.newtype(:a2mod) do
|
||||
@doc = "Manage Apache 2 modules"
|
||||
|
||||
ensurable
|
||||
|
||||
newparam(:name) do
|
||||
Puppet.warning "The a2mod provider is deprecated, please use apache::mod instead"
|
||||
desc "The name of the module to be managed"
|
||||
|
||||
isnamevar
|
||||
|
||||
end
|
||||
|
||||
newparam(:lib) do
|
||||
desc "The name of the .so library to be loaded"
|
||||
|
||||
defaultto { "mod_#{@resource[:name]}.so" }
|
||||
end
|
||||
|
||||
newparam(:identifier) do
|
||||
desc "Module identifier string used by LoadModule. Default: module-name_module"
|
||||
|
||||
# http://httpd.apache.org/docs/2.2/mod/module-dict.html#ModuleIdentifier
|
||||
|
||||
defaultto { "#{resource[:name]}_module" }
|
||||
end
|
||||
|
||||
autorequire(:package) { catalog.resource(:package, 'httpd')}
|
||||
|
||||
end
|
82
deployment/puppet/apache/manifests/balancer.pp
Normal file
82
deployment/puppet/apache/manifests/balancer.pp
Normal file
@ -0,0 +1,82 @@
|
||||
# == Define Resource Type: apache::balancer
|
||||
#
|
||||
# This type will create an apache balancer cluster file inside the conf.d
|
||||
# directory. Each balancer cluster needs one or more balancer members (that can
|
||||
# be declared with the apache::balancermember defined resource type). Using
|
||||
# storeconfigs, you can export the apache::balancermember resources on all
|
||||
# balancer members, and then collect them on a single apache load balancer
|
||||
# server.
|
||||
#
|
||||
# === Requirement/Dependencies:
|
||||
#
|
||||
# Currently requires the puppetlabs/concat module on the Puppet Forge and uses
|
||||
# storeconfigs on the Puppet Master to export/collect resources from all
|
||||
# balancer members.
|
||||
#
|
||||
# === Parameters
|
||||
#
|
||||
# [*name*]
|
||||
# The namevar of the defined resource type is the balancer clusters name.
|
||||
# This name is also used in the name of the conf.d file
|
||||
#
|
||||
# [*proxy_set*]
|
||||
# Hash, default empty. If given, each key-value pair will be used as a ProxySet
|
||||
# line in the configuration.
|
||||
#
|
||||
# [*collect_exported*]
|
||||
# Boolean, default 'true'. True means 'collect exported @@balancermember
|
||||
# resources' (for the case when every balancermember node exports itself),
|
||||
# false means 'rely on the existing declared balancermember resources' (for the
|
||||
# case when you know the full set of balancermembers in advance and use
|
||||
# apache::balancermember with array arguments, which allows you to deploy
|
||||
# everything in 1 run)
|
||||
#
|
||||
#
|
||||
# === Examples
|
||||
#
|
||||
# Exporting the resource for a balancer member:
|
||||
#
|
||||
# apache::balancer { 'puppet00': }
|
||||
#
|
||||
define apache::balancer (
|
||||
$proxy_set = {},
|
||||
$collect_exported = true,
|
||||
) {
|
||||
include ::apache::mod::proxy_balancer
|
||||
|
||||
$target = "${::apache::params::confd_dir}/balancer_${name}.conf"
|
||||
|
||||
concat { $target:
|
||||
owner => '0',
|
||||
group => '0',
|
||||
mode => '0644',
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
|
||||
concat::fragment { "00-${name}-header":
|
||||
ensure => present,
|
||||
target => $target,
|
||||
order => '01',
|
||||
content => "<Proxy balancer://${name}>\n",
|
||||
}
|
||||
|
||||
if $collect_exported {
|
||||
Apache::Balancermember <<| balancer_cluster == $name |>>
|
||||
}
|
||||
# else: the resources have been created and they introduced their
|
||||
# concat fragments. We don't have to do anything about them.
|
||||
|
||||
concat::fragment { "01-${name}-proxyset":
|
||||
ensure => present,
|
||||
target => $target,
|
||||
order => '19',
|
||||
content => inline_template("<% @proxy_set.keys.sort.each do |key| %> Proxyset <%= key %>=<%= @proxy_set[key] %>\n<% end %>"),
|
||||
}
|
||||
|
||||
concat::fragment { "01-${name}-footer":
|
||||
ensure => present,
|
||||
target => $target,
|
||||
order => '20',
|
||||
content => "</Proxy>\n",
|
||||
}
|
||||
}
|
53
deployment/puppet/apache/manifests/balancermember.pp
Normal file
53
deployment/puppet/apache/manifests/balancermember.pp
Normal file
@ -0,0 +1,53 @@
|
||||
# == Define Resource Type: apache::balancermember
|
||||
#
|
||||
# This type will setup a balancer member inside a listening service
|
||||
# configuration block in /etc/apache/apache.cfg on the load balancer.
|
||||
# currently it only has the ability to specify the instance name, url and an
|
||||
# array of options. More features can be added as needed. The best way to
|
||||
# implement this is to export this resource for all apache balancer member
|
||||
# servers, and then collect them on the main apache load balancer.
|
||||
#
|
||||
# === Requirement/Dependencies:
|
||||
#
|
||||
# Currently requires the puppetlabs/concat module on the Puppet Forge and
|
||||
# uses storeconfigs on the Puppet Master to export/collect resources
|
||||
# from all balancer members.
|
||||
#
|
||||
# === Parameters
|
||||
#
|
||||
# [*name*]
|
||||
# The title of the resource is arbitrary and only utilized in the concat
|
||||
# fragment name.
|
||||
#
|
||||
# [*balancer_cluster*]
|
||||
# The apache service's instance name (or, the title of the apache::balancer
|
||||
# resource). This must match up with a declared apache::balancer resource.
|
||||
#
|
||||
# [*url*]
|
||||
# The url used to contact the balancer member server.
|
||||
#
|
||||
# [*options*]
|
||||
# An array of options to be specified after the url.
|
||||
#
|
||||
# === Examples
|
||||
#
|
||||
# Exporting the resource for a balancer member:
|
||||
#
|
||||
# @@apache::balancermember { 'apache':
|
||||
# balancer_cluster => 'puppet00',
|
||||
# url => "ajp://${::fqdn}:8009"
|
||||
# options => ['ping=5', 'disablereuse=on', 'retry=5', 'ttl=120'],
|
||||
# }
|
||||
#
|
||||
define apache::balancermember(
|
||||
$balancer_cluster,
|
||||
$url = "http://${::fqdn}/",
|
||||
$options = [],
|
||||
) {
|
||||
|
||||
concat::fragment { "BalancerMember ${name}":
|
||||
ensure => present,
|
||||
target => "${::apache::params::confd_dir}/balancer_${balancer_cluster}.conf",
|
||||
content => inline_template(" BalancerMember ${url} <%= @options.join ' ' %>\n"),
|
||||
}
|
||||
}
|
10
deployment/puppet/apache/manifests/confd/no_accf.pp
Normal file
10
deployment/puppet/apache/manifests/confd/no_accf.pp
Normal file
@ -0,0 +1,10 @@
|
||||
class apache::confd::no_accf {
|
||||
# Template uses no variables
|
||||
file { 'no-accf.conf':
|
||||
ensure => 'file',
|
||||
path => "${::apache::confd_dir}/no-accf.conf",
|
||||
content => template('apache/confd/no-accf.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::confd_dir}"],
|
||||
before => File[$::apache::confd_dir],
|
||||
}
|
||||
}
|
60
deployment/puppet/apache/manifests/custom_config.pp
Normal file
60
deployment/puppet/apache/manifests/custom_config.pp
Normal file
@ -0,0 +1,60 @@
|
||||
# See README.md for usage information
|
||||
define apache::custom_config (
|
||||
$ensure = 'present',
|
||||
$confdir = $::apache::confd_dir,
|
||||
$content = undef,
|
||||
$priority = '25',
|
||||
$source = undef,
|
||||
$verify_command = $::apache::params::verify_command,
|
||||
$verify_config = true,
|
||||
) {
|
||||
|
||||
if $content and $source {
|
||||
fail('Only one of $content and $source can be specified.')
|
||||
}
|
||||
|
||||
if $ensure == 'present' and ! $content and ! $source {
|
||||
fail('One of $content and $source must be specified.')
|
||||
}
|
||||
|
||||
validate_re($ensure, '^(present|absent)$',
|
||||
"${ensure} is not supported for ensure.
|
||||
Allowed values are 'present' and 'absent'.")
|
||||
|
||||
validate_bool($verify_config)
|
||||
|
||||
## Apache include does not always work with spaces in the filename
|
||||
$filename = regsubst($name, ' ', '_', 'G')
|
||||
|
||||
if ! $verify_config or $ensure == 'absent' {
|
||||
$notifies = Service['httpd']
|
||||
} else {
|
||||
$notifies = undef
|
||||
}
|
||||
|
||||
file { "apache_${name}":
|
||||
ensure => $ensure,
|
||||
path => "${confdir}/${priority}-${filename}.conf",
|
||||
content => $content,
|
||||
source => $source,
|
||||
require => Package['httpd'],
|
||||
notify => $notifies,
|
||||
}
|
||||
|
||||
if $ensure == 'present' and $verify_config {
|
||||
exec { "service notify for ${name}":
|
||||
command => $verify_command,
|
||||
subscribe => File["apache_${name}"],
|
||||
refreshonly => true,
|
||||
notify => Service['httpd'],
|
||||
before => Exec["remove ${name} if invalid"],
|
||||
}
|
||||
|
||||
exec { "remove ${name} if invalid":
|
||||
command => "/bin/rm ${confdir}/${priority}-${filename}.conf",
|
||||
unless => $verify_command,
|
||||
subscribe => File["apache_${name}"],
|
||||
refreshonly => true,
|
||||
}
|
||||
}
|
||||
}
|
15
deployment/puppet/apache/manifests/default_confd_files.pp
Normal file
15
deployment/puppet/apache/manifests/default_confd_files.pp
Normal file
@ -0,0 +1,15 @@
|
||||
class apache::default_confd_files (
|
||||
$all = true,
|
||||
) {
|
||||
# The rest of the conf.d/* files only get loaded if we want them
|
||||
if $all {
|
||||
case $::osfamily {
|
||||
'freebsd': {
|
||||
include ::apache::confd::no_accf
|
||||
}
|
||||
default: {
|
||||
# do nothing
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
164
deployment/puppet/apache/manifests/default_mods.pp
Normal file
164
deployment/puppet/apache/manifests/default_mods.pp
Normal file
@ -0,0 +1,164 @@
|
||||
class apache::default_mods (
|
||||
$all = true,
|
||||
$mods = undef,
|
||||
$apache_version = $::apache::apache_version
|
||||
) {
|
||||
# These are modules required to run the default configuration.
|
||||
# They are not configurable at this time, so we just include
|
||||
# them to make sure it works.
|
||||
case $::osfamily {
|
||||
'redhat', 'freebsd': {
|
||||
::apache::mod { 'log_config': }
|
||||
if versioncmp($apache_version, '2.4') >= 0 {
|
||||
# Lets fork it
|
||||
# Do not try to load mod_systemd on RHEL/CentOS 6 SCL.
|
||||
if ( !($::osfamily == 'redhat' and versioncmp($::operatingsystemrelease, '7.0') == -1) and !($::operatingsystem == 'Amazon' and versioncmp($::operatingsystemrelease, '2014.09') <= 0 ) ) {
|
||||
::apache::mod { 'systemd': }
|
||||
}
|
||||
::apache::mod { 'unixd': }
|
||||
}
|
||||
}
|
||||
default: {}
|
||||
}
|
||||
::apache::mod { 'authz_host': }
|
||||
|
||||
# The rest of the modules only get loaded if we want all modules enabled
|
||||
if $all {
|
||||
case $::osfamily {
|
||||
'debian': {
|
||||
include ::apache::mod::reqtimeout
|
||||
if versioncmp($apache_version, '2.4') >= 0 {
|
||||
::apache::mod { 'authn_core': }
|
||||
}
|
||||
}
|
||||
'redhat': {
|
||||
include ::apache::mod::actions
|
||||
include ::apache::mod::cache
|
||||
include ::apache::mod::mime
|
||||
include ::apache::mod::mime_magic
|
||||
include ::apache::mod::rewrite
|
||||
include ::apache::mod::speling
|
||||
include ::apache::mod::suexec
|
||||
include ::apache::mod::version
|
||||
include ::apache::mod::vhost_alias
|
||||
::apache::mod { 'auth_digest': }
|
||||
::apache::mod { 'authn_anon': }
|
||||
::apache::mod { 'authn_dbm': }
|
||||
::apache::mod { 'authz_dbm': }
|
||||
::apache::mod { 'authz_owner': }
|
||||
::apache::mod { 'expires': }
|
||||
::apache::mod { 'ext_filter': }
|
||||
::apache::mod { 'include': }
|
||||
::apache::mod { 'logio': }
|
||||
::apache::mod { 'substitute': }
|
||||
::apache::mod { 'usertrack': }
|
||||
|
||||
if versioncmp($apache_version, '2.4') >= 0 {
|
||||
::apache::mod { 'authn_core': }
|
||||
}
|
||||
else {
|
||||
::apache::mod { 'authn_alias': }
|
||||
::apache::mod { 'authn_default': }
|
||||
}
|
||||
}
|
||||
'freebsd': {
|
||||
include ::apache::mod::actions
|
||||
include ::apache::mod::cache
|
||||
include ::apache::mod::disk_cache
|
||||
include ::apache::mod::headers
|
||||
include ::apache::mod::info
|
||||
include ::apache::mod::mime_magic
|
||||
include ::apache::mod::reqtimeout
|
||||
include ::apache::mod::rewrite
|
||||
include ::apache::mod::userdir
|
||||
include ::apache::mod::version
|
||||
include ::apache::mod::vhost_alias
|
||||
include ::apache::mod::speling
|
||||
|
||||
::apache::mod { 'asis': }
|
||||
::apache::mod { 'auth_digest': }
|
||||
::apache::mod { 'authn_alias': }
|
||||
::apache::mod { 'authn_anon': }
|
||||
::apache::mod { 'authn_dbm': }
|
||||
::apache::mod { 'authn_default': }
|
||||
::apache::mod { 'authz_dbm': }
|
||||
::apache::mod { 'authz_owner': }
|
||||
::apache::mod { 'cern_meta': }
|
||||
::apache::mod { 'charset_lite': }
|
||||
::apache::mod { 'dumpio': }
|
||||
::apache::mod { 'expires': }
|
||||
::apache::mod { 'file_cache': }
|
||||
::apache::mod { 'filter':}
|
||||
::apache::mod { 'imagemap':}
|
||||
::apache::mod { 'include': }
|
||||
::apache::mod { 'logio': }
|
||||
::apache::mod { 'unique_id': }
|
||||
::apache::mod { 'usertrack': }
|
||||
}
|
||||
default: {}
|
||||
}
|
||||
case $::apache::mpm_module {
|
||||
'prefork': {
|
||||
include ::apache::mod::cgi
|
||||
}
|
||||
'worker': {
|
||||
include ::apache::mod::cgid
|
||||
}
|
||||
default: {
|
||||
# do nothing
|
||||
}
|
||||
}
|
||||
include ::apache::mod::alias
|
||||
include ::apache::mod::autoindex
|
||||
include ::apache::mod::dav
|
||||
include ::apache::mod::dav_fs
|
||||
include ::apache::mod::deflate
|
||||
include ::apache::mod::dir
|
||||
include ::apache::mod::mime
|
||||
include ::apache::mod::negotiation
|
||||
include ::apache::mod::setenvif
|
||||
::apache::mod { 'auth_basic': }
|
||||
::apache::mod { 'authn_file': }
|
||||
|
||||
if versioncmp($apache_version, '2.4') >= 0 {
|
||||
# authz_core is needed for 'Require' directive
|
||||
::apache::mod { 'authz_core':
|
||||
id => 'authz_core_module',
|
||||
}
|
||||
|
||||
# filter is needed by mod_deflate
|
||||
::apache::mod { 'filter': }
|
||||
|
||||
# lots of stuff seems to break without access_compat
|
||||
::apache::mod { 'access_compat': }
|
||||
} else {
|
||||
::apache::mod { 'authz_default': }
|
||||
}
|
||||
|
||||
::apache::mod { 'authz_groupfile': }
|
||||
::apache::mod { 'authz_user': }
|
||||
::apache::mod { 'env': }
|
||||
} elsif $mods {
|
||||
::apache::default_mods::load { $mods: }
|
||||
|
||||
if versioncmp($apache_version, '2.4') >= 0 {
|
||||
# authz_core is needed for 'Require' directive
|
||||
::apache::mod { 'authz_core':
|
||||
id => 'authz_core_module',
|
||||
}
|
||||
|
||||
# filter is needed by mod_deflate
|
||||
::apache::mod { 'filter': }
|
||||
}
|
||||
} else {
|
||||
if versioncmp($apache_version, '2.4') >= 0 {
|
||||
# authz_core is needed for 'Require' directive
|
||||
::apache::mod { 'authz_core':
|
||||
id => 'authz_core_module',
|
||||
}
|
||||
|
||||
# filter is needed by mod_deflate
|
||||
::apache::mod { 'filter': }
|
||||
}
|
||||
}
|
||||
}
|
8
deployment/puppet/apache/manifests/default_mods/load.pp
Normal file
8
deployment/puppet/apache/manifests/default_mods/load.pp
Normal file
@ -0,0 +1,8 @@
|
||||
# private define
|
||||
define apache::default_mods::load ($module = $title) {
|
||||
if defined("apache::mod::${module}") {
|
||||
include "::apache::mod::${module}"
|
||||
} else {
|
||||
::apache::mod { $module: }
|
||||
}
|
||||
}
|
11
deployment/puppet/apache/manifests/dev.pp
Normal file
11
deployment/puppet/apache/manifests/dev.pp
Normal file
@ -0,0 +1,11 @@
|
||||
class apache::dev {
|
||||
if $::osfamily == 'FreeBSD' and !defined(Class['apache::package']) {
|
||||
fail('apache::dev requires apache::package; please include apache or apache::package class first')
|
||||
}
|
||||
include ::apache::params
|
||||
$packages = $::apache::params::dev_packages
|
||||
package { $packages:
|
||||
ensure => present,
|
||||
require => Package['httpd'],
|
||||
}
|
||||
}
|
24
deployment/puppet/apache/manifests/fastcgi/server.pp
Normal file
24
deployment/puppet/apache/manifests/fastcgi/server.pp
Normal file
@ -0,0 +1,24 @@
|
||||
define apache::fastcgi::server (
|
||||
$host = '127.0.0.1:9000',
|
||||
$timeout = 15,
|
||||
$flush = false,
|
||||
$faux_path = "/var/www/${name}.fcgi",
|
||||
$fcgi_alias = "/${name}.fcgi",
|
||||
$file_type = 'application/x-httpd-php'
|
||||
) {
|
||||
include apache::mod::fastcgi
|
||||
|
||||
Apache::Mod['fastcgi'] -> Apache::Fastcgi::Server[$title]
|
||||
|
||||
file { "fastcgi-pool-${name}.conf":
|
||||
ensure => present,
|
||||
path => "${::apache::confd_dir}/fastcgi-pool-${name}.conf",
|
||||
owner => 'root',
|
||||
group => $::apache::params::root_group,
|
||||
mode => '0644',
|
||||
content => template('apache/fastcgi/server.erb'),
|
||||
require => Exec["mkdir ${::apache::confd_dir}"],
|
||||
before => File[$::apache::confd_dir],
|
||||
notify => Class['apache::service'],
|
||||
}
|
||||
}
|
357
deployment/puppet/apache/manifests/init.pp
Normal file
357
deployment/puppet/apache/manifests/init.pp
Normal file
@ -0,0 +1,357 @@
|
||||
# Class: apache
|
||||
#
|
||||
# This class installs Apache
|
||||
#
|
||||
# Parameters:
|
||||
#
|
||||
# Actions:
|
||||
# - Install Apache
|
||||
# - Manage Apache service
|
||||
#
|
||||
# Requires:
|
||||
#
|
||||
# Sample Usage:
|
||||
#
|
||||
class apache (
|
||||
$apache_name = $::apache::params::apache_name,
|
||||
$service_name = $::apache::params::service_name,
|
||||
$default_mods = true,
|
||||
$default_vhost = true,
|
||||
$default_confd_files = true,
|
||||
$default_ssl_vhost = false,
|
||||
$default_ssl_cert = $::apache::params::default_ssl_cert,
|
||||
$default_ssl_key = $::apache::params::default_ssl_key,
|
||||
$default_ssl_chain = undef,
|
||||
$default_ssl_ca = undef,
|
||||
$default_ssl_crl_path = undef,
|
||||
$default_ssl_crl = undef,
|
||||
$default_ssl_crl_check = undef,
|
||||
$ip = undef,
|
||||
$service_enable = true,
|
||||
$service_ensure = 'running',
|
||||
$purge_configs = true,
|
||||
$purge_vhost_dir = undef,
|
||||
$purge_vdir = false,
|
||||
$serveradmin = 'root@localhost',
|
||||
$sendfile = 'On',
|
||||
$error_documents = false,
|
||||
$timeout = '120',
|
||||
$httpd_dir = $::apache::params::httpd_dir,
|
||||
$server_root = $::apache::params::server_root,
|
||||
$conf_dir = $::apache::params::conf_dir,
|
||||
$confd_dir = $::apache::params::confd_dir,
|
||||
$vhost_dir = $::apache::params::vhost_dir,
|
||||
$vhost_enable_dir = $::apache::params::vhost_enable_dir,
|
||||
$mod_dir = $::apache::params::mod_dir,
|
||||
$mod_enable_dir = $::apache::params::mod_enable_dir,
|
||||
$mpm_module = $::apache::params::mpm_module,
|
||||
$conf_template = $::apache::params::conf_template,
|
||||
$servername = $::apache::params::servername,
|
||||
$manage_user = true,
|
||||
$manage_group = true,
|
||||
$user = $::apache::params::user,
|
||||
$group = $::apache::params::group,
|
||||
$keepalive = $::apache::params::keepalive,
|
||||
$keepalive_timeout = $::apache::params::keepalive_timeout,
|
||||
$max_keepalive_requests = $apache::params::max_keepalive_requests,
|
||||
$logroot = $::apache::params::logroot,
|
||||
$logroot_mode = $::apache::params::logroot_mode,
|
||||
$log_level = $::apache::params::log_level,
|
||||
$log_formats = {},
|
||||
$ports_file = $::apache::params::ports_file,
|
||||
$docroot = $::apache::params::docroot,
|
||||
$apache_version = $::apache::version::default,
|
||||
$server_tokens = 'OS',
|
||||
$server_signature = 'On',
|
||||
$trace_enable = 'On',
|
||||
$allow_encoded_slashes = undef,
|
||||
$package_ensure = 'installed',
|
||||
) inherits ::apache::params {
|
||||
validate_bool($default_vhost)
|
||||
validate_bool($default_ssl_vhost)
|
||||
validate_bool($default_confd_files)
|
||||
# true/false is sufficient for both ensure and enable
|
||||
validate_bool($service_enable)
|
||||
|
||||
$valid_mpms_re = $apache_version ? {
|
||||
'2.4' => '(event|itk|peruser|prefork|worker)',
|
||||
default => '(event|itk|prefork|worker)'
|
||||
}
|
||||
|
||||
if $mpm_module {
|
||||
validate_re($mpm_module, $valid_mpms_re)
|
||||
}
|
||||
|
||||
if $allow_encoded_slashes {
|
||||
validate_re($allow_encoded_slashes, '(^on$|^off$|^nodecode$)', "${allow_encoded_slashes} is not permitted for allow_encoded_slashes. Allowed values are 'on', 'off' or 'nodecode'.")
|
||||
}
|
||||
|
||||
# NOTE: on FreeBSD it's mpm module's responsibility to install httpd package.
|
||||
# NOTE: the same strategy may be introduced for other OSes. For this, you
|
||||
# should delete the 'if' block below and modify all MPM modules' manifests
|
||||
# such that they include apache::package class (currently event.pp, itk.pp,
|
||||
# peruser.pp, prefork.pp, worker.pp).
|
||||
if $::osfamily != 'FreeBSD' {
|
||||
package { 'httpd':
|
||||
ensure => $package_ensure,
|
||||
name => $apache_name,
|
||||
notify => Class['Apache::Service'],
|
||||
}
|
||||
}
|
||||
validate_re($sendfile, [ '^[oO]n$' , '^[oO]ff$' ])
|
||||
|
||||
# declare the web server user and group
|
||||
# Note: requiring the package means the package ought to create them and not puppet
|
||||
validate_bool($manage_user)
|
||||
if $manage_user {
|
||||
user { $user:
|
||||
ensure => present,
|
||||
gid => $group,
|
||||
require => Package['httpd'],
|
||||
}
|
||||
}
|
||||
validate_bool($manage_group)
|
||||
if $manage_group {
|
||||
group { $group:
|
||||
ensure => present,
|
||||
require => Package['httpd']
|
||||
}
|
||||
}
|
||||
|
||||
$valid_log_level_re = '(emerg|alert|crit|error|warn|notice|info|debug)'
|
||||
|
||||
validate_re($log_level, $valid_log_level_re,
|
||||
"Log level '${log_level}' is not one of the supported Apache HTTP Server log levels.")
|
||||
|
||||
class { '::apache::service':
|
||||
service_name => $service_name,
|
||||
service_enable => $service_enable,
|
||||
service_ensure => $service_ensure,
|
||||
}
|
||||
|
||||
# Deprecated backwards-compatibility
|
||||
if $purge_vdir {
|
||||
warning('Class[\'apache\'] parameter purge_vdir is deprecated in favor of purge_configs')
|
||||
$purge_confd = $purge_vdir
|
||||
} else {
|
||||
$purge_confd = $purge_configs
|
||||
}
|
||||
|
||||
# Set purge vhostd appropriately
|
||||
if $purge_vhost_dir == undef {
|
||||
$purge_vhostd = $purge_confd
|
||||
} else {
|
||||
$purge_vhostd = $purge_vhost_dir
|
||||
}
|
||||
|
||||
Exec {
|
||||
path => '/bin:/sbin:/usr/bin:/usr/sbin',
|
||||
}
|
||||
|
||||
exec { "mkdir ${confd_dir}":
|
||||
creates => $confd_dir,
|
||||
require => Package['httpd'],
|
||||
}
|
||||
file { $confd_dir:
|
||||
ensure => directory,
|
||||
recurse => true,
|
||||
purge => $purge_confd,
|
||||
notify => Class['Apache::Service'],
|
||||
require => Package['httpd'],
|
||||
}
|
||||
|
||||
if ! defined(File[$mod_dir]) {
|
||||
exec { "mkdir ${mod_dir}":
|
||||
creates => $mod_dir,
|
||||
require => Package['httpd'],
|
||||
}
|
||||
# Don't purge available modules if an enable dir is used
|
||||
$purge_mod_dir = $purge_configs and !$mod_enable_dir
|
||||
file { $mod_dir:
|
||||
ensure => directory,
|
||||
recurse => true,
|
||||
purge => $purge_mod_dir,
|
||||
notify => Class['Apache::Service'],
|
||||
require => Package['httpd'],
|
||||
}
|
||||
}
|
||||
|
||||
if $mod_enable_dir and ! defined(File[$mod_enable_dir]) {
|
||||
$mod_load_dir = $mod_enable_dir
|
||||
exec { "mkdir ${mod_enable_dir}":
|
||||
creates => $mod_enable_dir,
|
||||
require => Package['httpd'],
|
||||
}
|
||||
file { $mod_enable_dir:
|
||||
ensure => directory,
|
||||
recurse => true,
|
||||
purge => $purge_configs,
|
||||
notify => Class['Apache::Service'],
|
||||
require => Package['httpd'],
|
||||
}
|
||||
} else {
|
||||
$mod_load_dir = $mod_dir
|
||||
}
|
||||
|
||||
if ! defined(File[$vhost_dir]) {
|
||||
exec { "mkdir ${vhost_dir}":
|
||||
creates => $vhost_dir,
|
||||
require => Package['httpd'],
|
||||
}
|
||||
file { $vhost_dir:
|
||||
ensure => directory,
|
||||
recurse => true,
|
||||
purge => $purge_vhostd,
|
||||
notify => Class['Apache::Service'],
|
||||
require => Package['httpd'],
|
||||
}
|
||||
}
|
||||
|
||||
if $vhost_enable_dir and ! defined(File[$vhost_enable_dir]) {
|
||||
$vhost_load_dir = $vhost_enable_dir
|
||||
exec { "mkdir ${vhost_load_dir}":
|
||||
creates => $vhost_load_dir,
|
||||
require => Package['httpd'],
|
||||
}
|
||||
file { $vhost_enable_dir:
|
||||
ensure => directory,
|
||||
recurse => true,
|
||||
purge => $purge_vhostd,
|
||||
notify => Class['Apache::Service'],
|
||||
require => Package['httpd'],
|
||||
}
|
||||
} else {
|
||||
$vhost_load_dir = $vhost_dir
|
||||
}
|
||||
|
||||
concat { $ports_file:
|
||||
owner => 'root',
|
||||
group => $::apache::params::root_group,
|
||||
mode => '0644',
|
||||
notify => Class['Apache::Service'],
|
||||
require => Package['httpd'],
|
||||
}
|
||||
concat::fragment { 'Apache ports header':
|
||||
ensure => present,
|
||||
target => $ports_file,
|
||||
content => template('apache/ports_header.erb')
|
||||
}
|
||||
|
||||
if $::apache::conf_dir and $::apache::params::conf_file {
|
||||
case $::osfamily {
|
||||
'debian': {
|
||||
$pidfile = "\${APACHE_PID_FILE}"
|
||||
$error_log = 'error.log'
|
||||
$error_documents_path = '/usr/share/apache2/error'
|
||||
$scriptalias = '/usr/lib/cgi-bin'
|
||||
$access_log_file = 'access.log'
|
||||
}
|
||||
'redhat': {
|
||||
$pidfile = 'run/httpd.pid'
|
||||
$error_log = 'error_log'
|
||||
$error_documents_path = '/var/www/error'
|
||||
$scriptalias = '/var/www/cgi-bin'
|
||||
$access_log_file = 'access_log'
|
||||
}
|
||||
'freebsd': {
|
||||
$pidfile = '/var/run/httpd.pid'
|
||||
$error_log = 'httpd-error.log'
|
||||
$error_documents_path = '/usr/local/www/apache22/error'
|
||||
$scriptalias = '/usr/local/www/apache22/cgi-bin'
|
||||
$access_log_file = 'httpd-access.log'
|
||||
}
|
||||
default: {
|
||||
fail("Unsupported osfamily ${::osfamily}")
|
||||
}
|
||||
}
|
||||
|
||||
$apxs_workaround = $::osfamily ? {
|
||||
'freebsd' => true,
|
||||
default => false
|
||||
}
|
||||
|
||||
# Template uses:
|
||||
# - $pidfile
|
||||
# - $user
|
||||
# - $group
|
||||
# - $logroot
|
||||
# - $error_log
|
||||
# - $sendfile
|
||||
# - $mod_dir
|
||||
# - $ports_file
|
||||
# - $confd_dir
|
||||
# - $vhost_dir
|
||||
# - $error_documents
|
||||
# - $error_documents_path
|
||||
# - $apxs_workaround
|
||||
# - $keepalive
|
||||
# - $keepalive_timeout
|
||||
# - $max_keepalive_requests
|
||||
# - $server_root
|
||||
# - $server_tokens
|
||||
# - $server_signature
|
||||
# - $trace_enable
|
||||
file { "${::apache::conf_dir}/${::apache::params::conf_file}":
|
||||
ensure => file,
|
||||
content => template($conf_template),
|
||||
notify => Class['Apache::Service'],
|
||||
require => Package['httpd'],
|
||||
}
|
||||
|
||||
# preserve back-wards compatibility to the times when default_mods was
|
||||
# only a boolean value. Now it can be an array (too)
|
||||
if is_array($default_mods) {
|
||||
class { '::apache::default_mods':
|
||||
all => false,
|
||||
mods => $default_mods,
|
||||
}
|
||||
} else {
|
||||
class { '::apache::default_mods':
|
||||
all => $default_mods,
|
||||
}
|
||||
}
|
||||
class { '::apache::default_confd_files':
|
||||
all => $default_confd_files
|
||||
}
|
||||
if $mpm_module {
|
||||
class { "::apache::mod::${mpm_module}": }
|
||||
}
|
||||
|
||||
$default_vhost_ensure = $default_vhost ? {
|
||||
true => 'present',
|
||||
false => 'absent'
|
||||
}
|
||||
$default_ssl_vhost_ensure = $default_ssl_vhost ? {
|
||||
true => 'present',
|
||||
false => 'absent'
|
||||
}
|
||||
|
||||
::apache::vhost { 'default':
|
||||
ensure => $default_vhost_ensure,
|
||||
port => 80,
|
||||
docroot => $docroot,
|
||||
scriptalias => $scriptalias,
|
||||
serveradmin => $serveradmin,
|
||||
access_log_file => $access_log_file,
|
||||
priority => '15',
|
||||
ip => $ip,
|
||||
logroot_mode => $logroot_mode,
|
||||
}
|
||||
$ssl_access_log_file = $::osfamily ? {
|
||||
'freebsd' => $access_log_file,
|
||||
default => "ssl_${access_log_file}",
|
||||
}
|
||||
::apache::vhost { 'default-ssl':
|
||||
ensure => $default_ssl_vhost_ensure,
|
||||
port => 443,
|
||||
ssl => true,
|
||||
docroot => $docroot,
|
||||
scriptalias => $scriptalias,
|
||||
serveradmin => $serveradmin,
|
||||
access_log_file => $ssl_access_log_file,
|
||||
priority => '15',
|
||||
ip => $ip,
|
||||
logroot_mode => $logroot_mode,
|
||||
}
|
||||
}
|
||||
}
|
10
deployment/puppet/apache/manifests/listen.pp
Normal file
10
deployment/puppet/apache/manifests/listen.pp
Normal file
@ -0,0 +1,10 @@
|
||||
define apache::listen {
|
||||
$listen_addr_port = $name
|
||||
|
||||
# Template uses: $listen_addr_port
|
||||
concat::fragment { "Listen ${listen_addr_port}":
|
||||
ensure => present,
|
||||
target => $::apache::ports_file,
|
||||
content => template('apache/listen.erb'),
|
||||
}
|
||||
}
|
130
deployment/puppet/apache/manifests/mod.pp
Normal file
130
deployment/puppet/apache/manifests/mod.pp
Normal file
@ -0,0 +1,130 @@
|
||||
define apache::mod (
|
||||
$package = undef,
|
||||
$package_ensure = 'present',
|
||||
$lib = undef,
|
||||
$lib_path = $::apache::params::lib_path,
|
||||
$id = undef,
|
||||
$path = undef,
|
||||
$loadfile_name = undef,
|
||||
$loadfiles = undef,
|
||||
) {
|
||||
if ! defined(Class['apache']) {
|
||||
fail('You must include the apache base class before using any apache defined resources')
|
||||
}
|
||||
|
||||
$mod = $name
|
||||
#include apache #This creates duplicate resources in rspec-puppet
|
||||
$mod_dir = $::apache::mod_dir
|
||||
|
||||
# Determine if we have special lib
|
||||
$mod_libs = $::apache::params::mod_libs
|
||||
if $lib {
|
||||
$_lib = $lib
|
||||
} elsif has_key($mod_libs, $mod) { # 2.6 compatibility hack
|
||||
$_lib = $mod_libs[$mod]
|
||||
} else {
|
||||
$_lib = "mod_${mod}.so"
|
||||
}
|
||||
|
||||
# Determine if declaration specified a path to the module
|
||||
if $path {
|
||||
$_path = $path
|
||||
} else {
|
||||
$_path = "${lib_path}/${_lib}"
|
||||
}
|
||||
|
||||
if $id {
|
||||
$_id = $id
|
||||
} else {
|
||||
$_id = "${mod}_module"
|
||||
}
|
||||
|
||||
if $loadfile_name {
|
||||
$_loadfile_name = $loadfile_name
|
||||
} else {
|
||||
$_loadfile_name = "${mod}.load"
|
||||
}
|
||||
|
||||
# Determine if we have a package
|
||||
$mod_packages = $::apache::params::mod_packages
|
||||
if $package {
|
||||
$_package = $package
|
||||
} elsif has_key($mod_packages, $mod) { # 2.6 compatibility hack
|
||||
$_package = $mod_packages[$mod]
|
||||
} else {
|
||||
$_package = undef
|
||||
}
|
||||
if $_package and ! defined(Package[$_package]) {
|
||||
# note: FreeBSD/ports uses apxs tool to activate modules; apxs clutters
|
||||
# httpd.conf with 'LoadModule' directives; here, by proper resource
|
||||
# ordering, we ensure that our version of httpd.conf is reverted after
|
||||
# the module gets installed.
|
||||
$package_before = $::osfamily ? {
|
||||
'freebsd' => [
|
||||
File[$_loadfile_name],
|
||||
File["${::apache::conf_dir}/${::apache::params::conf_file}"]
|
||||
],
|
||||
default => File[$_loadfile_name],
|
||||
}
|
||||
# if there are any packages, they should be installed before the associated conf file
|
||||
Package[$_package] -> File<| title == "${mod}.conf" |>
|
||||
# $_package may be an array
|
||||
package { $_package:
|
||||
ensure => $package_ensure,
|
||||
require => Package['httpd'],
|
||||
before => $package_before,
|
||||
}
|
||||
}
|
||||
|
||||
file { $_loadfile_name:
|
||||
ensure => file,
|
||||
path => "${mod_dir}/${_loadfile_name}",
|
||||
owner => 'root',
|
||||
group => $::apache::params::root_group,
|
||||
mode => '0644',
|
||||
content => template('apache/mod/load.erb'),
|
||||
require => [
|
||||
Package['httpd'],
|
||||
Exec["mkdir ${mod_dir}"],
|
||||
],
|
||||
before => File[$mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
|
||||
if $::osfamily == 'Debian' {
|
||||
$enable_dir = $::apache::mod_enable_dir
|
||||
file{ "${_loadfile_name} symlink":
|
||||
ensure => link,
|
||||
path => "${enable_dir}/${_loadfile_name}",
|
||||
target => "${mod_dir}/${_loadfile_name}",
|
||||
owner => 'root',
|
||||
group => $::apache::params::root_group,
|
||||
mode => '0644',
|
||||
require => [
|
||||
File[$_loadfile_name],
|
||||
Exec["mkdir ${enable_dir}"],
|
||||
],
|
||||
before => File[$enable_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
# Each module may have a .conf file as well, which should be
|
||||
# defined in the class apache::mod::module
|
||||
# Some modules do not require this file.
|
||||
if defined(File["${mod}.conf"]) {
|
||||
file{ "${mod}.conf symlink":
|
||||
ensure => link,
|
||||
path => "${enable_dir}/${mod}.conf",
|
||||
target => "${mod_dir}/${mod}.conf",
|
||||
owner => 'root',
|
||||
group => $::apache::params::root_group,
|
||||
mode => '0644',
|
||||
require => [
|
||||
File["${mod}.conf"],
|
||||
Exec["mkdir ${enable_dir}"],
|
||||
],
|
||||
before => File[$enable_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
3
deployment/puppet/apache/manifests/mod/actions.pp
Normal file
3
deployment/puppet/apache/manifests/mod/actions.pp
Normal file
@ -0,0 +1,3 @@
|
||||
class apache::mod::actions {
|
||||
apache::mod { 'actions': }
|
||||
}
|
19
deployment/puppet/apache/manifests/mod/alias.pp
Normal file
19
deployment/puppet/apache/manifests/mod/alias.pp
Normal file
@ -0,0 +1,19 @@
|
||||
class apache::mod::alias(
|
||||
$apache_version = $apache::apache_version
|
||||
) {
|
||||
$icons_path = $::osfamily ? {
|
||||
'debian' => '/usr/share/apache2/icons',
|
||||
'redhat' => '/var/www/icons',
|
||||
'freebsd' => '/usr/local/www/apache22/icons',
|
||||
}
|
||||
apache::mod { 'alias': }
|
||||
# Template uses $icons_path
|
||||
file { 'alias.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/alias.conf",
|
||||
content => template('apache/mod/alias.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
3
deployment/puppet/apache/manifests/mod/auth_basic.pp
Normal file
3
deployment/puppet/apache/manifests/mod/auth_basic.pp
Normal file
@ -0,0 +1,3 @@
|
||||
class apache::mod::auth_basic {
|
||||
::apache::mod { 'auth_basic': }
|
||||
}
|
5
deployment/puppet/apache/manifests/mod/auth_kerb.pp
Normal file
5
deployment/puppet/apache/manifests/mod/auth_kerb.pp
Normal file
@ -0,0 +1,5 @@
|
||||
class apache::mod::auth_kerb {
|
||||
::apache::mod { 'auth_kerb': }
|
||||
}
|
||||
|
||||
|
19
deployment/puppet/apache/manifests/mod/authnz_ldap.pp
Normal file
19
deployment/puppet/apache/manifests/mod/authnz_ldap.pp
Normal file
@ -0,0 +1,19 @@
|
||||
class apache::mod::authnz_ldap (
|
||||
$verifyServerCert = true,
|
||||
) {
|
||||
include '::apache::mod::ldap'
|
||||
::apache::mod { 'authnz_ldap': }
|
||||
|
||||
validate_bool($verifyServerCert)
|
||||
|
||||
# Template uses:
|
||||
# - $verifyServerCert
|
||||
file { 'authnz_ldap.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/authnz_ldap.conf",
|
||||
content => template('apache/mod/authnz_ldap.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
12
deployment/puppet/apache/manifests/mod/autoindex.pp
Normal file
12
deployment/puppet/apache/manifests/mod/autoindex.pp
Normal file
@ -0,0 +1,12 @@
|
||||
class apache::mod::autoindex {
|
||||
::apache::mod { 'autoindex': }
|
||||
# Template uses no variables
|
||||
file { 'autoindex.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/autoindex.conf",
|
||||
content => template('apache/mod/autoindex.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
3
deployment/puppet/apache/manifests/mod/cache.pp
Normal file
3
deployment/puppet/apache/manifests/mod/cache.pp
Normal file
@ -0,0 +1,3 @@
|
||||
class apache::mod::cache {
|
||||
::apache::mod { 'cache': }
|
||||
}
|
4
deployment/puppet/apache/manifests/mod/cgi.pp
Normal file
4
deployment/puppet/apache/manifests/mod/cgi.pp
Normal file
@ -0,0 +1,4 @@
|
||||
class apache::mod::cgi {
|
||||
Class['::apache::mod::prefork'] -> Class['::apache::mod::cgi']
|
||||
::apache::mod { 'cgi': }
|
||||
}
|
23
deployment/puppet/apache/manifests/mod/cgid.pp
Normal file
23
deployment/puppet/apache/manifests/mod/cgid.pp
Normal file
@ -0,0 +1,23 @@
|
||||
class apache::mod::cgid {
|
||||
Class['::apache::mod::worker'] -> Class['::apache::mod::cgid']
|
||||
|
||||
# Debian specifies it's cgid sock path, but RedHat uses the default value
|
||||
# with no config file
|
||||
$cgisock_path = $::osfamily ? {
|
||||
'debian' => "\${APACHE_RUN_DIR}/cgisock",
|
||||
'freebsd' => 'cgisock',
|
||||
default => undef,
|
||||
}
|
||||
::apache::mod { 'cgid': }
|
||||
if $cgisock_path {
|
||||
# Template uses $cgisock_path
|
||||
file { 'cgid.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/cgid.conf",
|
||||
content => template('apache/mod/cgid.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
||||
}
|
3
deployment/puppet/apache/manifests/mod/dav.pp
Normal file
3
deployment/puppet/apache/manifests/mod/dav.pp
Normal file
@ -0,0 +1,3 @@
|
||||
class apache::mod::dav {
|
||||
::apache::mod { 'dav': }
|
||||
}
|
20
deployment/puppet/apache/manifests/mod/dav_fs.pp
Normal file
20
deployment/puppet/apache/manifests/mod/dav_fs.pp
Normal file
@ -0,0 +1,20 @@
|
||||
class apache::mod::dav_fs {
|
||||
$dav_lock = $::osfamily ? {
|
||||
'debian' => "\${APACHE_LOCK_DIR}/DAVLock",
|
||||
'freebsd' => '/usr/local/var/DavLock',
|
||||
default => '/var/lib/dav/lockdb',
|
||||
}
|
||||
|
||||
Class['::apache::mod::dav'] -> Class['::apache::mod::dav_fs']
|
||||
::apache::mod { 'dav_fs': }
|
||||
|
||||
# Template uses: $dav_lock
|
||||
file { 'dav_fs.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/dav_fs.conf",
|
||||
content => template('apache/mod/dav_fs.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
20
deployment/puppet/apache/manifests/mod/dav_svn.pp
Normal file
20
deployment/puppet/apache/manifests/mod/dav_svn.pp
Normal file
@ -0,0 +1,20 @@
|
||||
class apache::mod::dav_svn (
|
||||
$authz_svn_enabled = false,
|
||||
) {
|
||||
Class['::apache::mod::dav'] -> Class['::apache::mod::dav_svn']
|
||||
include ::apache::mod::dav
|
||||
::apache::mod { 'dav_svn': }
|
||||
|
||||
if $::osfamily == 'Debian' and ($::operatingsystemmajrelease != '6' and $::operatingsystemmajrelease != '10.04' and $::operatingsystemrelease != '10.04') {
|
||||
$loadfile_name = undef
|
||||
} else {
|
||||
$loadfile_name = 'dav_svn_authz_svn.load'
|
||||
}
|
||||
|
||||
if $authz_svn_enabled {
|
||||
::apache::mod { 'authz_svn':
|
||||
loadfile_name => $loadfile_name,
|
||||
require => Apache::Mod['dav_svn'],
|
||||
}
|
||||
}
|
||||
}
|
24
deployment/puppet/apache/manifests/mod/deflate.pp
Normal file
24
deployment/puppet/apache/manifests/mod/deflate.pp
Normal file
@ -0,0 +1,24 @@
|
||||
class apache::mod::deflate (
|
||||
$types = [
|
||||
'text/html text/plain text/xml',
|
||||
'text/css',
|
||||
'application/x-javascript application/javascript application/ecmascript',
|
||||
'application/rss+xml'
|
||||
],
|
||||
$notes = {
|
||||
'Input' => 'instream',
|
||||
'Output' => 'outstream',
|
||||
'Ratio' => 'ratio'
|
||||
}
|
||||
) {
|
||||
::apache::mod { 'deflate': }
|
||||
|
||||
file { 'deflate.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/deflate.conf",
|
||||
content => template('apache/mod/deflate.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
5
deployment/puppet/apache/manifests/mod/dev.pp
Normal file
5
deployment/puppet/apache/manifests/mod/dev.pp
Normal file
@ -0,0 +1,5 @@
|
||||
class apache::mod::dev {
|
||||
# Development packages are not apache modules
|
||||
warning('apache::mod::dev is deprecated; please use apache::dev')
|
||||
include ::apache::dev
|
||||
}
|
21
deployment/puppet/apache/manifests/mod/dir.pp
Normal file
21
deployment/puppet/apache/manifests/mod/dir.pp
Normal file
@ -0,0 +1,21 @@
|
||||
# Note: this sets the global DirectoryIndex directive, it may be necessary to consider being able to modify the apache::vhost to declare DirectoryIndex statements in a vhost configuration
|
||||
# Parameters:
|
||||
# - $indexes provides a string for the DirectoryIndex directive http://httpd.apache.org/docs/current/mod/mod_dir.html#directoryindex
|
||||
class apache::mod::dir (
|
||||
$dir = 'public_html',
|
||||
$indexes = ['index.html','index.html.var','index.cgi','index.pl','index.php','index.xhtml'],
|
||||
) {
|
||||
validate_array($indexes)
|
||||
::apache::mod { 'dir': }
|
||||
|
||||
# Template uses
|
||||
# - $indexes
|
||||
file { 'dir.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/dir.conf",
|
||||
content => template('apache/mod/dir.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
24
deployment/puppet/apache/manifests/mod/disk_cache.pp
Normal file
24
deployment/puppet/apache/manifests/mod/disk_cache.pp
Normal file
@ -0,0 +1,24 @@
|
||||
class apache::mod::disk_cache {
|
||||
$cache_root = $::osfamily ? {
|
||||
'debian' => '/var/cache/apache2/mod_disk_cache',
|
||||
'redhat' => '/var/cache/mod_proxy',
|
||||
'freebsd' => '/var/cache/mod_disk_cache',
|
||||
}
|
||||
if $::osfamily != 'FreeBSD' {
|
||||
# FIXME: investigate why disk_cache was dependent on proxy
|
||||
# NOTE: on FreeBSD disk_cache is compiled by default but proxy is not
|
||||
Class['::apache::mod::proxy'] -> Class['::apache::mod::disk_cache']
|
||||
}
|
||||
Class['::apache::mod::cache'] -> Class['::apache::mod::disk_cache']
|
||||
|
||||
apache::mod { 'disk_cache': }
|
||||
# Template uses $cache_proxy
|
||||
file { 'disk_cache.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/disk_cache.conf",
|
||||
content => template('apache/mod/disk_cache.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
62
deployment/puppet/apache/manifests/mod/event.pp
Normal file
62
deployment/puppet/apache/manifests/mod/event.pp
Normal file
@ -0,0 +1,62 @@
|
||||
class apache::mod::event (
|
||||
$startservers = '2',
|
||||
$maxclients = '150',
|
||||
$minsparethreads = '25',
|
||||
$maxsparethreads = '75',
|
||||
$threadsperchild = '25',
|
||||
$maxrequestsperchild = '0',
|
||||
$serverlimit = '25',
|
||||
$apache_version = $::apache::apache_version,
|
||||
) {
|
||||
if defined(Class['apache::mod::itk']) {
|
||||
fail('May not include both apache::mod::event and apache::mod::itk on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::peruser']) {
|
||||
fail('May not include both apache::mod::event and apache::mod::peruser on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::prefork']) {
|
||||
fail('May not include both apache::mod::event and apache::mod::prefork on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::worker']) {
|
||||
fail('May not include both apache::mod::event and apache::mod::worker on the same node')
|
||||
}
|
||||
File {
|
||||
owner => 'root',
|
||||
group => $::apache::params::root_group,
|
||||
mode => '0644',
|
||||
}
|
||||
|
||||
# Template uses:
|
||||
# - $startservers
|
||||
# - $maxclients
|
||||
# - $minsparethreads
|
||||
# - $maxsparethreads
|
||||
# - $threadsperchild
|
||||
# - $maxrequestsperchild
|
||||
# - $serverlimit
|
||||
file { "${::apache::mod_dir}/event.conf":
|
||||
ensure => file,
|
||||
content => template('apache/mod/event.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
|
||||
case $::osfamily {
|
||||
'redhat': {
|
||||
if versioncmp($apache_version, '2.4') >= 0 {
|
||||
apache::mpm{ 'event':
|
||||
apache_version => $apache_version,
|
||||
}
|
||||
}
|
||||
}
|
||||
'debian','freebsd' : {
|
||||
apache::mpm{ 'event':
|
||||
apache_version => $apache_version,
|
||||
}
|
||||
}
|
||||
default: {
|
||||
fail("Unsupported osfamily ${::osfamily}")
|
||||
}
|
||||
}
|
||||
}
|
3
deployment/puppet/apache/manifests/mod/expires.pp
Normal file
3
deployment/puppet/apache/manifests/mod/expires.pp
Normal file
@ -0,0 +1,3 @@
|
||||
class apache::mod::expires {
|
||||
::apache::mod { 'expires': }
|
||||
}
|
24
deployment/puppet/apache/manifests/mod/fastcgi.pp
Normal file
24
deployment/puppet/apache/manifests/mod/fastcgi.pp
Normal file
@ -0,0 +1,24 @@
|
||||
class apache::mod::fastcgi {
|
||||
|
||||
# Debian specifies it's fastcgi lib path, but RedHat uses the default value
|
||||
# with no config file
|
||||
$fastcgi_lib_path = $::apache::params::fastcgi_lib_path
|
||||
|
||||
::apache::mod { 'fastcgi': }
|
||||
|
||||
if $fastcgi_lib_path {
|
||||
# Template uses:
|
||||
# - $fastcgi_server
|
||||
# - $fastcgi_socket
|
||||
# - $fastcgi_dir
|
||||
file { 'fastcgi.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/fastcgi.conf",
|
||||
content => template('apache/mod/fastcgi.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
||||
|
||||
}
|
24
deployment/puppet/apache/manifests/mod/fcgid.pp
Normal file
24
deployment/puppet/apache/manifests/mod/fcgid.pp
Normal file
@ -0,0 +1,24 @@
|
||||
class apache::mod::fcgid(
|
||||
$options = {},
|
||||
) {
|
||||
if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '7' {
|
||||
$loadfile_name = 'unixd_fcgid.load'
|
||||
} else {
|
||||
$loadfile_name = undef
|
||||
}
|
||||
|
||||
::apache::mod { 'fcgid':
|
||||
loadfile_name => $loadfile_name
|
||||
}
|
||||
|
||||
# Template uses:
|
||||
# - $options
|
||||
file { 'fcgid.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/fcgid.conf",
|
||||
content => template('apache/mod/fcgid.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
3
deployment/puppet/apache/manifests/mod/headers.pp
Normal file
3
deployment/puppet/apache/manifests/mod/headers.pp
Normal file
@ -0,0 +1,3 @@
|
||||
class apache::mod::headers {
|
||||
::apache::mod { 'headers': }
|
||||
}
|
3
deployment/puppet/apache/manifests/mod/include.pp
Normal file
3
deployment/puppet/apache/manifests/mod/include.pp
Normal file
@ -0,0 +1,3 @@
|
||||
class apache::mod::include {
|
||||
::apache::mod { 'include': }
|
||||
}
|
18
deployment/puppet/apache/manifests/mod/info.pp
Normal file
18
deployment/puppet/apache/manifests/mod/info.pp
Normal file
@ -0,0 +1,18 @@
|
||||
class apache::mod::info (
|
||||
$allow_from = ['127.0.0.1','::1'],
|
||||
$apache_version = $::apache::apache_version,
|
||||
$restrict_access = true,
|
||||
){
|
||||
apache::mod { 'info': }
|
||||
# Template uses
|
||||
# $allow_from
|
||||
# $apache_version
|
||||
file { 'info.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/info.conf",
|
||||
content => template('apache/mod/info.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
53
deployment/puppet/apache/manifests/mod/itk.pp
Normal file
53
deployment/puppet/apache/manifests/mod/itk.pp
Normal file
@ -0,0 +1,53 @@
|
||||
class apache::mod::itk (
|
||||
$startservers = '8',
|
||||
$minspareservers = '5',
|
||||
$maxspareservers = '20',
|
||||
$serverlimit = '256',
|
||||
$maxclients = '256',
|
||||
$maxrequestsperchild = '4000',
|
||||
$apache_version = $::apache::apache_version,
|
||||
) {
|
||||
if defined(Class['apache::mod::event']) {
|
||||
fail('May not include both apache::mod::itk and apache::mod::event on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::peruser']) {
|
||||
fail('May not include both apache::mod::itk and apache::mod::peruser on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::prefork']) {
|
||||
fail('May not include both apache::mod::itk and apache::mod::prefork on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::worker']) {
|
||||
fail('May not include both apache::mod::itk and apache::mod::worker on the same node')
|
||||
}
|
||||
File {
|
||||
owner => 'root',
|
||||
group => $::apache::params::root_group,
|
||||
mode => '0644',
|
||||
}
|
||||
|
||||
# Template uses:
|
||||
# - $startservers
|
||||
# - $minspareservers
|
||||
# - $maxspareservers
|
||||
# - $serverlimit
|
||||
# - $maxclients
|
||||
# - $maxrequestsperchild
|
||||
file { "${::apache::mod_dir}/itk.conf":
|
||||
ensure => file,
|
||||
content => template('apache/mod/itk.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
|
||||
case $::osfamily {
|
||||
'debian', 'freebsd': {
|
||||
apache::mpm{ 'itk':
|
||||
apache_version => $apache_version,
|
||||
}
|
||||
}
|
||||
default: {
|
||||
fail("Unsupported osfamily ${::osfamily}")
|
||||
}
|
||||
}
|
||||
}
|
14
deployment/puppet/apache/manifests/mod/ldap.pp
Normal file
14
deployment/puppet/apache/manifests/mod/ldap.pp
Normal file
@ -0,0 +1,14 @@
|
||||
class apache::mod::ldap (
|
||||
$apache_version = $::apache::apache_version,
|
||||
){
|
||||
::apache::mod { 'ldap': }
|
||||
# Template uses $apache_version
|
||||
file { 'ldap.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/ldap.conf",
|
||||
content => template('apache/mod/ldap.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
21
deployment/puppet/apache/manifests/mod/mime.pp
Normal file
21
deployment/puppet/apache/manifests/mod/mime.pp
Normal file
@ -0,0 +1,21 @@
|
||||
class apache::mod::mime (
|
||||
$mime_support_package = $::apache::params::mime_support_package,
|
||||
$mime_types_config = $::apache::params::mime_types_config,
|
||||
) {
|
||||
apache::mod { 'mime': }
|
||||
# Template uses $mime_types_config
|
||||
file { 'mime.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/mime.conf",
|
||||
content => template('apache/mod/mime.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
if $mime_support_package {
|
||||
package { $mime_support_package:
|
||||
ensure => 'installed',
|
||||
before => File['mime.conf'],
|
||||
}
|
||||
}
|
||||
}
|
14
deployment/puppet/apache/manifests/mod/mime_magic.pp
Normal file
14
deployment/puppet/apache/manifests/mod/mime_magic.pp
Normal file
@ -0,0 +1,14 @@
|
||||
class apache::mod::mime_magic (
|
||||
$magic_file = "${::apache::conf_dir}/magic"
|
||||
) {
|
||||
apache::mod { 'mime_magic': }
|
||||
# Template uses $magic_file
|
||||
file { 'mime_magic.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/mime_magic.conf",
|
||||
content => template('apache/mod/mime_magic.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
25
deployment/puppet/apache/manifests/mod/negotiation.pp
Normal file
25
deployment/puppet/apache/manifests/mod/negotiation.pp
Normal file
@ -0,0 +1,25 @@
|
||||
class apache::mod::negotiation (
|
||||
$force_language_priority = 'Prefer Fallback',
|
||||
$language_priority = [ 'en', 'ca', 'cs', 'da', 'de', 'el', 'eo', 'es', 'et',
|
||||
'fr', 'he', 'hr', 'it', 'ja', 'ko', 'ltz', 'nl', 'nn',
|
||||
'no', 'pl', 'pt', 'pt-BR', 'ru', 'sv', 'zh-CN',
|
||||
'zh-TW' ],
|
||||
) {
|
||||
if !is_array($force_language_priority) and !is_string($force_language_priority) {
|
||||
fail('force_languague_priority must be a string or array of strings')
|
||||
}
|
||||
if !is_array($language_priority) and !is_string($language_priority) {
|
||||
fail('force_languague_priority must be a string or array of strings')
|
||||
}
|
||||
|
||||
::apache::mod { 'negotiation': }
|
||||
# Template uses no variables
|
||||
file { 'negotiation.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/negotiation.conf",
|
||||
content => template('apache/mod/negotiation.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
25
deployment/puppet/apache/manifests/mod/nss.pp
Normal file
25
deployment/puppet/apache/manifests/mod/nss.pp
Normal file
@ -0,0 +1,25 @@
|
||||
class apache::mod::nss (
|
||||
$transfer_log = "${::apache::params::logroot}/access.log",
|
||||
$error_log = "${::apache::params::logroot}/error.log",
|
||||
$passwd_file = undef
|
||||
) {
|
||||
include ::apache::mod::mime
|
||||
|
||||
apache::mod { 'nss': }
|
||||
|
||||
$httpd_dir = $::apache::httpd_dir
|
||||
|
||||
# Template uses:
|
||||
# $transfer_log
|
||||
# $error_log
|
||||
# $http_dir
|
||||
# passwd_file
|
||||
file { 'nss.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/nss.conf",
|
||||
content => template('apache/mod/nss.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
55
deployment/puppet/apache/manifests/mod/pagespeed.pp
Normal file
55
deployment/puppet/apache/manifests/mod/pagespeed.pp
Normal file
@ -0,0 +1,55 @@
|
||||
class apache::mod::pagespeed (
|
||||
$inherit_vhost_config = 'on',
|
||||
$filter_xhtml = false,
|
||||
$cache_path = '/var/cache/mod_pagespeed/',
|
||||
$log_dir = '/var/log/pagespeed',
|
||||
$memcache_servers = [],
|
||||
$rewrite_level = 'CoreFilters',
|
||||
$disable_filters = [],
|
||||
$enable_filters = [],
|
||||
$forbid_filters = [],
|
||||
$rewrite_deadline_per_flush_ms = 10,
|
||||
$additional_domains = undef,
|
||||
$file_cache_size_kb = 102400,
|
||||
$file_cache_clean_interval_ms = 3600000,
|
||||
$lru_cache_per_process = 1024,
|
||||
$lru_cache_byte_limit = 16384,
|
||||
$css_flatten_max_bytes = 2048,
|
||||
$css_inline_max_bytes = 2048,
|
||||
$css_image_inline_max_bytes = 2048,
|
||||
$image_inline_max_bytes = 2048,
|
||||
$js_inline_max_bytes = 2048,
|
||||
$css_outline_min_bytes = 3000,
|
||||
$js_outline_min_bytes = 3000,
|
||||
$inode_limit = 500000,
|
||||
$image_max_rewrites_at_once = 8,
|
||||
$num_rewrite_threads = 4,
|
||||
$num_expensive_rewrite_threads = 4,
|
||||
$collect_statistics = 'on',
|
||||
$statistics_logging = 'on',
|
||||
$allow_view_stats = [],
|
||||
$allow_pagespeed_console = [],
|
||||
$allow_pagespeed_message = [],
|
||||
$message_buffer_size = 100000,
|
||||
$additional_configuration = {},
|
||||
$apache_version = $::apache::apache_version,
|
||||
){
|
||||
|
||||
$_lib = $::apache::apache_version ? {
|
||||
'2.4' => 'mod_pagespeed_ap24.so',
|
||||
default => undef
|
||||
}
|
||||
|
||||
apache::mod { 'pagespeed':
|
||||
lib => $_lib,
|
||||
}
|
||||
|
||||
file { 'pagespeed.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/pagespeed.conf",
|
||||
content => template('apache/mod/pagespeed.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
86
deployment/puppet/apache/manifests/mod/passenger.pp
Normal file
86
deployment/puppet/apache/manifests/mod/passenger.pp
Normal file
@ -0,0 +1,86 @@
|
||||
class apache::mod::passenger (
|
||||
$passenger_conf_file = $::apache::params::passenger_conf_file,
|
||||
$passenger_conf_package_file = $::apache::params::passenger_conf_package_file,
|
||||
$passenger_high_performance = undef,
|
||||
$passenger_pool_idle_time = undef,
|
||||
$passenger_max_requests = undef,
|
||||
$passenger_stat_throttle_rate = undef,
|
||||
$rack_autodetect = undef,
|
||||
$rails_autodetect = undef,
|
||||
$passenger_root = $::apache::params::passenger_root,
|
||||
$passenger_ruby = $::apache::params::passenger_ruby,
|
||||
$passenger_default_ruby = $::apache::params::passenger_default_ruby,
|
||||
$passenger_max_pool_size = undef,
|
||||
$passenger_use_global_queue = undef,
|
||||
$mod_package = undef,
|
||||
$mod_package_ensure = undef,
|
||||
$mod_lib = undef,
|
||||
$mod_lib_path = undef,
|
||||
$mod_id = undef,
|
||||
$mod_path = undef,
|
||||
) {
|
||||
# Managed by the package, but declare it to avoid purging
|
||||
if $passenger_conf_package_file {
|
||||
file { 'passenger_package.conf':
|
||||
path => "${::apache::mod_dir}/${passenger_conf_package_file}",
|
||||
}
|
||||
} else {
|
||||
# Remove passenger_extra.conf left over from before Passenger support was
|
||||
# reworked for Debian. This is a temporary fix for users running this
|
||||
# module from master after release 1.0.1 It will be removed in two
|
||||
# releases from now.
|
||||
$passenger_package_conf_ensure = $::osfamily ? {
|
||||
'Debian' => 'absent',
|
||||
default => undef,
|
||||
}
|
||||
|
||||
file { 'passenger_package.conf':
|
||||
ensure => $passenger_package_conf_ensure,
|
||||
path => "${::apache::mod_dir}/passenger_extra.conf",
|
||||
}
|
||||
}
|
||||
|
||||
$_package = $mod_package
|
||||
$_package_ensure = $mod_package_ensure
|
||||
$_lib = $mod_lib
|
||||
if $::osfamily == 'FreeBSD' {
|
||||
if $mod_lib_path {
|
||||
$_lib_path = $mod_lib_path
|
||||
} else {
|
||||
$_lib_path = "${passenger_root}/buildout/apache2"
|
||||
}
|
||||
} else {
|
||||
$_lib_path = $mod_lib_path
|
||||
}
|
||||
|
||||
$_id = $mod_id
|
||||
$_path = $mod_path
|
||||
::apache::mod { 'passenger':
|
||||
package => $_package,
|
||||
package_ensure => $_package_ensure,
|
||||
lib => $_lib,
|
||||
lib_path => $_lib_path,
|
||||
id => $_id,
|
||||
path => $_path,
|
||||
}
|
||||
|
||||
# Template uses:
|
||||
# - $passenger_root
|
||||
# - $passenger_ruby
|
||||
# - $passenger_default_ruby
|
||||
# - $passenger_max_pool_size
|
||||
# - $passenger_high_performance
|
||||
# - $passenger_max_requests
|
||||
# - $passenger_stat_throttle_rate
|
||||
# - $passenger_use_global_queue
|
||||
# - $rack_autodetect
|
||||
# - $rails_autodetect
|
||||
file { 'passenger.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/${passenger_conf_file}",
|
||||
content => template('apache/mod/passenger.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
3
deployment/puppet/apache/manifests/mod/perl.pp
Normal file
3
deployment/puppet/apache/manifests/mod/perl.pp
Normal file
@ -0,0 +1,3 @@
|
||||
class apache::mod::perl {
|
||||
::apache::mod { 'perl': }
|
||||
}
|
73
deployment/puppet/apache/manifests/mod/peruser.pp
Normal file
73
deployment/puppet/apache/manifests/mod/peruser.pp
Normal file
@ -0,0 +1,73 @@
|
||||
class apache::mod::peruser (
|
||||
$minspareprocessors = '2',
|
||||
$minprocessors = '2',
|
||||
$maxprocessors = '10',
|
||||
$maxclients = '150',
|
||||
$maxrequestsperchild = '1000',
|
||||
$idletimeout = '120',
|
||||
$expiretimeout = '120',
|
||||
$keepalive = 'Off',
|
||||
) {
|
||||
if defined(Class['apache::mod::event']) {
|
||||
fail('May not include both apache::mod::peruser and apache::mod::event on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::itk']) {
|
||||
fail('May not include both apache::mod::peruser and apache::mod::itk on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::prefork']) {
|
||||
fail('May not include both apache::mod::peruser and apache::mod::prefork on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::worker']) {
|
||||
fail('May not include both apache::mod::peruser and apache::mod::worker on the same node')
|
||||
}
|
||||
File {
|
||||
owner => 'root',
|
||||
group => $::apache::params::root_group,
|
||||
mode => '0644',
|
||||
}
|
||||
|
||||
$mod_dir = $::apache::mod_dir
|
||||
|
||||
# Template uses:
|
||||
# - $minspareprocessors
|
||||
# - $minprocessors
|
||||
# - $maxprocessors
|
||||
# - $maxclients
|
||||
# - $maxrequestsperchild
|
||||
# - $idletimeout
|
||||
# - $expiretimeout
|
||||
# - $keepalive
|
||||
# - $mod_dir
|
||||
file { "${::apache::mod_dir}/peruser.conf":
|
||||
ensure => file,
|
||||
content => template('apache/mod/peruser.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
file { "${::apache::mod_dir}/peruser":
|
||||
ensure => directory,
|
||||
require => File[$::apache::mod_dir],
|
||||
}
|
||||
file { "${::apache::mod_dir}/peruser/multiplexers":
|
||||
ensure => directory,
|
||||
require => File["${::apache::mod_dir}/peruser"],
|
||||
}
|
||||
file { "${::apache::mod_dir}/peruser/processors":
|
||||
ensure => directory,
|
||||
require => File["${::apache::mod_dir}/peruser"],
|
||||
}
|
||||
|
||||
::apache::peruser::multiplexer { '01-default': }
|
||||
|
||||
case $::osfamily {
|
||||
'freebsd' : {
|
||||
class { '::apache::package':
|
||||
mpm_module => 'peruser'
|
||||
}
|
||||
}
|
||||
default: {
|
||||
fail("Unsupported osfamily ${::osfamily}")
|
||||
}
|
||||
}
|
||||
}
|
60
deployment/puppet/apache/manifests/mod/php.pp
Normal file
60
deployment/puppet/apache/manifests/mod/php.pp
Normal file
@ -0,0 +1,60 @@
|
||||
class apache::mod::php (
|
||||
$package_name = undef,
|
||||
$package_ensure = 'present',
|
||||
$path = undef,
|
||||
$extensions = ['.php'],
|
||||
$content = undef,
|
||||
$template = 'apache/mod/php5.conf.erb',
|
||||
$source = undef,
|
||||
) {
|
||||
if defined(Class['::apache::mod::prefork']) {
|
||||
Class['::apache::mod::prefork']->File['php5.conf']
|
||||
}
|
||||
elsif defined(Class['::apache::mod::itk']) {
|
||||
Class['::apache::mod::itk']->File['php5.conf']
|
||||
}
|
||||
else {
|
||||
fail('apache::mod::php requires apache::mod::prefork or apache::mod::itk; please enable mpm_module => \'prefork\' or mpm_module => \'itk\' on Class[\'apache\']')
|
||||
}
|
||||
validate_array($extensions)
|
||||
|
||||
if $source and ($content or $template != 'apache/mod/php5.conf.erb') {
|
||||
warning('source and content or template parameters are provided. source parameter will be used')
|
||||
} elsif $content and $template != 'apache/mod/php5.conf.erb' {
|
||||
warning('content and template parameters are provided. content parameter will be used')
|
||||
}
|
||||
|
||||
$manage_content = $source ? {
|
||||
undef => $content ? {
|
||||
undef => template($template),
|
||||
default => $content,
|
||||
},
|
||||
default => undef,
|
||||
}
|
||||
|
||||
::apache::mod { 'php5':
|
||||
package => $package_name,
|
||||
package_ensure => $package_ensure,
|
||||
path => $path,
|
||||
}
|
||||
|
||||
include ::apache::mod::mime
|
||||
include ::apache::mod::dir
|
||||
Class['::apache::mod::mime'] -> Class['::apache::mod::dir'] -> Class['::apache::mod::php']
|
||||
|
||||
# Template uses $extensions
|
||||
file { 'php5.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/php5.conf",
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
content => $manage_content,
|
||||
source => $source,
|
||||
require => [
|
||||
Exec["mkdir ${::apache::mod_dir}"],
|
||||
],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
70
deployment/puppet/apache/manifests/mod/prefork.pp
Normal file
70
deployment/puppet/apache/manifests/mod/prefork.pp
Normal file
@ -0,0 +1,70 @@
|
||||
class apache::mod::prefork (
|
||||
$startservers = '8',
|
||||
$minspareservers = '5',
|
||||
$maxspareservers = '20',
|
||||
$serverlimit = '256',
|
||||
$maxclients = '256',
|
||||
$maxrequestsperchild = '4000',
|
||||
$apache_version = $::apache::apache_version,
|
||||
) {
|
||||
if defined(Class['apache::mod::event']) {
|
||||
fail('May not include both apache::mod::prefork and apache::mod::event on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::itk']) {
|
||||
fail('May not include both apache::mod::prefork and apache::mod::itk on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::peruser']) {
|
||||
fail('May not include both apache::mod::prefork and apache::mod::peruser on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::worker']) {
|
||||
fail('May not include both apache::mod::prefork and apache::mod::worker on the same node')
|
||||
}
|
||||
File {
|
||||
owner => 'root',
|
||||
group => $::apache::params::root_group,
|
||||
mode => '0644',
|
||||
}
|
||||
|
||||
# Template uses:
|
||||
# - $startservers
|
||||
# - $minspareservers
|
||||
# - $maxspareservers
|
||||
# - $serverlimit
|
||||
# - $maxclients
|
||||
# - $maxrequestsperchild
|
||||
file { "${::apache::mod_dir}/prefork.conf":
|
||||
ensure => file,
|
||||
content => template('apache/mod/prefork.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
|
||||
case $::osfamily {
|
||||
'redhat': {
|
||||
if versioncmp($apache_version, '2.4') >= 0 {
|
||||
::apache::mpm{ 'prefork':
|
||||
apache_version => $apache_version,
|
||||
}
|
||||
}
|
||||
else {
|
||||
file_line { '/etc/sysconfig/httpd prefork enable':
|
||||
ensure => present,
|
||||
path => '/etc/sysconfig/httpd',
|
||||
line => '#HTTPD=/usr/sbin/httpd.worker',
|
||||
match => '#?HTTPD=/usr/sbin/httpd.worker',
|
||||
require => Package['httpd'],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
||||
}
|
||||
'debian', 'freebsd' : {
|
||||
::apache::mpm{ 'prefork':
|
||||
apache_version => $apache_version,
|
||||
}
|
||||
}
|
||||
default: {
|
||||
fail("Unsupported osfamily ${::osfamily}")
|
||||
}
|
||||
}
|
||||
}
|
16
deployment/puppet/apache/manifests/mod/proxy.pp
Normal file
16
deployment/puppet/apache/manifests/mod/proxy.pp
Normal file
@ -0,0 +1,16 @@
|
||||
class apache::mod::proxy (
|
||||
$proxy_requests = 'Off',
|
||||
$allow_from = undef,
|
||||
$apache_version = $::apache::apache_version,
|
||||
) {
|
||||
::apache::mod { 'proxy': }
|
||||
# Template uses $proxy_requests, $apache_version
|
||||
file { 'proxy.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/proxy.conf",
|
||||
content => template('apache/mod/proxy.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
4
deployment/puppet/apache/manifests/mod/proxy_ajp.pp
Normal file
4
deployment/puppet/apache/manifests/mod/proxy_ajp.pp
Normal file
@ -0,0 +1,4 @@
|
||||
class apache::mod::proxy_ajp {
|
||||
Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_ajp']
|
||||
::apache::mod { 'proxy_ajp': }
|
||||
}
|
10
deployment/puppet/apache/manifests/mod/proxy_balancer.pp
Normal file
10
deployment/puppet/apache/manifests/mod/proxy_balancer.pp
Normal file
@ -0,0 +1,10 @@
|
||||
class apache::mod::proxy_balancer {
|
||||
|
||||
include ::apache::mod::proxy
|
||||
include ::apache::mod::proxy_http
|
||||
|
||||
Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_balancer']
|
||||
Class['::apache::mod::proxy_http'] -> Class['::apache::mod::proxy_balancer']
|
||||
::apache::mod { 'proxy_balancer': }
|
||||
|
||||
}
|
37
deployment/puppet/apache/manifests/mod/proxy_html.pp
Normal file
37
deployment/puppet/apache/manifests/mod/proxy_html.pp
Normal file
@ -0,0 +1,37 @@
|
||||
class apache::mod::proxy_html {
|
||||
Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_html']
|
||||
Class['::apache::mod::proxy_http'] -> Class['::apache::mod::proxy_html']
|
||||
|
||||
# Add libxml2
|
||||
case $::osfamily {
|
||||
/RedHat|FreeBSD/: {
|
||||
::apache::mod { 'xml2enc': }
|
||||
$loadfiles = undef
|
||||
}
|
||||
'Debian': {
|
||||
$gnu_path = $::hardwaremodel ? {
|
||||
'i686' => 'i386',
|
||||
default => $::hardwaremodel,
|
||||
}
|
||||
$loadfiles = $::apache::params::distrelease ? {
|
||||
'6' => ['/usr/lib/libxml2.so.2'],
|
||||
'10' => ['/usr/lib/libxml2.so.2'],
|
||||
default => ["/usr/lib/${gnu_path}-linux-gnu/libxml2.so.2"],
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
::apache::mod { 'proxy_html':
|
||||
loadfiles => $loadfiles,
|
||||
}
|
||||
|
||||
# Template uses $icons_path
|
||||
file { 'proxy_html.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/proxy_html.conf",
|
||||
content => template('apache/mod/proxy_html.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
4
deployment/puppet/apache/manifests/mod/proxy_http.pp
Normal file
4
deployment/puppet/apache/manifests/mod/proxy_http.pp
Normal file
@ -0,0 +1,4 @@
|
||||
class apache::mod::proxy_http {
|
||||
Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_http']
|
||||
::apache::mod { 'proxy_http': }
|
||||
}
|
5
deployment/puppet/apache/manifests/mod/python.pp
Normal file
5
deployment/puppet/apache/manifests/mod/python.pp
Normal file
@ -0,0 +1,5 @@
|
||||
class apache::mod::python {
|
||||
::apache::mod { 'python': }
|
||||
}
|
||||
|
||||
|
14
deployment/puppet/apache/manifests/mod/reqtimeout.pp
Normal file
14
deployment/puppet/apache/manifests/mod/reqtimeout.pp
Normal file
@ -0,0 +1,14 @@
|
||||
class apache::mod::reqtimeout (
|
||||
$timeouts = ['header=20-40,minrate=500', 'body=10,minrate=500']
|
||||
){
|
||||
::apache::mod { 'reqtimeout': }
|
||||
# Template uses no variables
|
||||
file { 'reqtimeout.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/reqtimeout.conf",
|
||||
content => template('apache/mod/reqtimeout.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
4
deployment/puppet/apache/manifests/mod/rewrite.pp
Normal file
4
deployment/puppet/apache/manifests/mod/rewrite.pp
Normal file
@ -0,0 +1,4 @@
|
||||
class apache::mod::rewrite {
|
||||
include ::apache::params
|
||||
::apache::mod { 'rewrite': }
|
||||
}
|
20
deployment/puppet/apache/manifests/mod/rpaf.pp
Normal file
20
deployment/puppet/apache/manifests/mod/rpaf.pp
Normal file
@ -0,0 +1,20 @@
|
||||
class apache::mod::rpaf (
|
||||
$sethostname = true,
|
||||
$proxy_ips = [ '127.0.0.1' ],
|
||||
$header = 'X-Forwarded-For'
|
||||
) {
|
||||
::apache::mod { 'rpaf': }
|
||||
|
||||
# Template uses:
|
||||
# - $sethostname
|
||||
# - $proxy_ips
|
||||
# - $header
|
||||
file { 'rpaf.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/rpaf.conf",
|
||||
content => template('apache/mod/rpaf.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
12
deployment/puppet/apache/manifests/mod/setenvif.pp
Normal file
12
deployment/puppet/apache/manifests/mod/setenvif.pp
Normal file
@ -0,0 +1,12 @@
|
||||
class apache::mod::setenvif {
|
||||
::apache::mod { 'setenvif': }
|
||||
# Template uses no variables
|
||||
file { 'setenvif.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/setenvif.conf",
|
||||
content => template('apache/mod/setenvif.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
15
deployment/puppet/apache/manifests/mod/shib.pp
Normal file
15
deployment/puppet/apache/manifests/mod/shib.pp
Normal file
@ -0,0 +1,15 @@
|
||||
class apache::mod::shib (
|
||||
$suppress_warning = false,
|
||||
) {
|
||||
|
||||
if $::osfamily == 'RedHat' and ! $suppress_warning {
|
||||
warning('RedHat distributions do not have Apache mod_shib in their default package repositories.')
|
||||
}
|
||||
|
||||
$mod_shib = 'shib2'
|
||||
|
||||
apache::mod {$mod_shib:
|
||||
id => 'mod_shib',
|
||||
}
|
||||
|
||||
}
|
3
deployment/puppet/apache/manifests/mod/speling.pp
Normal file
3
deployment/puppet/apache/manifests/mod/speling.pp
Normal file
@ -0,0 +1,3 @@
|
||||
class apache::mod::speling {
|
||||
::apache::mod { 'speling': }
|
||||
}
|
60
deployment/puppet/apache/manifests/mod/ssl.pp
Normal file
60
deployment/puppet/apache/manifests/mod/ssl.pp
Normal file
@ -0,0 +1,60 @@
|
||||
class apache::mod::ssl (
|
||||
$ssl_compression = false,
|
||||
$ssl_options = [ 'StdEnvVars' ],
|
||||
$ssl_cipher = 'HIGH:MEDIUM:!aNULL:!MD5',
|
||||
$ssl_protocol = [ 'all', '-SSLv2', '-SSLv3' ],
|
||||
$apache_version = $::apache::apache_version,
|
||||
$package_name = undef,
|
||||
) {
|
||||
$session_cache = $::osfamily ? {
|
||||
'debian' => "\${APACHE_RUN_DIR}/ssl_scache(512000)",
|
||||
'redhat' => '/var/cache/mod_ssl/scache(512000)',
|
||||
'freebsd' => '/var/run/ssl_scache(512000)',
|
||||
}
|
||||
|
||||
case $::osfamily {
|
||||
'debian': {
|
||||
if versioncmp($apache_version, '2.4') >= 0 {
|
||||
$ssl_mutex = 'default'
|
||||
} elsif $::operatingsystem == 'Ubuntu' and $::operatingsystemrelease == '10.04' {
|
||||
$ssl_mutex = 'file:/var/run/apache2/ssl_mutex'
|
||||
} else {
|
||||
$ssl_mutex = "file:\${APACHE_RUN_DIR}/ssl_mutex"
|
||||
}
|
||||
}
|
||||
'redhat': {
|
||||
$ssl_mutex = 'default'
|
||||
}
|
||||
'freebsd': {
|
||||
$ssl_mutex = 'default'
|
||||
}
|
||||
default: {
|
||||
fail("Unsupported osfamily ${::osfamily}")
|
||||
}
|
||||
}
|
||||
|
||||
::apache::mod { 'ssl':
|
||||
package => $package_name,
|
||||
}
|
||||
|
||||
if versioncmp($apache_version, '2.4') >= 0 {
|
||||
::apache::mod { 'socache_shmcb': }
|
||||
}
|
||||
|
||||
# Template uses
|
||||
#
|
||||
# $ssl_compression
|
||||
# $ssl_options
|
||||
# $session_cache,
|
||||
# $ssl_mutex
|
||||
# $apache_version
|
||||
#
|
||||
file { 'ssl.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/ssl.conf",
|
||||
content => template('apache/mod/ssl.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
43
deployment/puppet/apache/manifests/mod/status.pp
Normal file
43
deployment/puppet/apache/manifests/mod/status.pp
Normal file
@ -0,0 +1,43 @@
|
||||
# Class: apache::mod::status
|
||||
#
|
||||
# This class enables and configures Apache mod_status
|
||||
# See: http://httpd.apache.org/docs/current/mod/mod_status.html
|
||||
#
|
||||
# Parameters:
|
||||
# - $allow_from is an array of hosts, ip addresses, partial network numbers
|
||||
# or networks in CIDR notation specifying what hosts can view the special
|
||||
# /server-status URL. Defaults to ['127.0.0.1', '::1'].
|
||||
# - $extended_status track and display extended status information. Valid
|
||||
# values are 'On' or 'Off'. Defaults to 'On'.
|
||||
#
|
||||
# Actions:
|
||||
# - Enable and configure Apache mod_status
|
||||
#
|
||||
# Requires:
|
||||
# - The apache class
|
||||
#
|
||||
# Sample Usage:
|
||||
#
|
||||
# # Simple usage allowing access from localhost and a private subnet
|
||||
# class { 'apache::mod::status':
|
||||
# $allow_from => ['127.0.0.1', '10.10.10.10/24'],
|
||||
# }
|
||||
#
|
||||
class apache::mod::status (
|
||||
$allow_from = ['127.0.0.1','::1'],
|
||||
$extended_status = 'On',
|
||||
$apache_version = $::apache::apache_version,
|
||||
){
|
||||
validate_array($allow_from)
|
||||
validate_re(downcase($extended_status), '^(on|off)$', "${extended_status} is not supported for extended_status. Allowed values are 'On' and 'Off'.")
|
||||
::apache::mod { 'status': }
|
||||
# Template uses $allow_from, $extended_status, $apache_version
|
||||
file { 'status.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/status.conf",
|
||||
content => template('apache/mod/status.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
3
deployment/puppet/apache/manifests/mod/suexec.pp
Normal file
3
deployment/puppet/apache/manifests/mod/suexec.pp
Normal file
@ -0,0 +1,3 @@
|
||||
class apache::mod::suexec {
|
||||
::apache::mod { 'suexec': }
|
||||
}
|
14
deployment/puppet/apache/manifests/mod/suphp.pp
Normal file
14
deployment/puppet/apache/manifests/mod/suphp.pp
Normal file
@ -0,0 +1,14 @@
|
||||
class apache::mod::suphp (
|
||||
){
|
||||
::apache::mod { 'suphp': }
|
||||
|
||||
file {'suphp.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/suphp.conf",
|
||||
content => template('apache/mod/suphp.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd']
|
||||
}
|
||||
}
|
||||
|
18
deployment/puppet/apache/manifests/mod/userdir.pp
Normal file
18
deployment/puppet/apache/manifests/mod/userdir.pp
Normal file
@ -0,0 +1,18 @@
|
||||
class apache::mod::userdir (
|
||||
$home = '/home',
|
||||
$dir = 'public_html',
|
||||
$disable_root = true,
|
||||
$apache_version = $::apache::apache_version,
|
||||
) {
|
||||
::apache::mod { 'userdir': }
|
||||
|
||||
# Template uses $home, $dir, $disable_root, $apache_version
|
||||
file { 'userdir.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/userdir.conf",
|
||||
content => template('apache/mod/userdir.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
8
deployment/puppet/apache/manifests/mod/version.pp
Normal file
8
deployment/puppet/apache/manifests/mod/version.pp
Normal file
@ -0,0 +1,8 @@
|
||||
class apache::mod::version {
|
||||
|
||||
if ($::osfamily == 'debian' and versioncmp($apache_version, '2.4') >= 0) {
|
||||
warning("${module_name}: module version_module is built-in and can't be loaded")
|
||||
} else {
|
||||
::apache::mod { 'version': }
|
||||
}
|
||||
}
|
3
deployment/puppet/apache/manifests/mod/vhost_alias.pp
Normal file
3
deployment/puppet/apache/manifests/mod/vhost_alias.pp
Normal file
@ -0,0 +1,3 @@
|
||||
class apache::mod::vhost_alias {
|
||||
::apache::mod { 'vhost_alias': }
|
||||
}
|
74
deployment/puppet/apache/manifests/mod/worker.pp
Normal file
74
deployment/puppet/apache/manifests/mod/worker.pp
Normal file
@ -0,0 +1,74 @@
|
||||
class apache::mod::worker (
|
||||
$startservers = '2',
|
||||
$maxclients = '150',
|
||||
$minsparethreads = '25',
|
||||
$maxsparethreads = '75',
|
||||
$threadsperchild = '25',
|
||||
$maxrequestsperchild = '0',
|
||||
$serverlimit = '25',
|
||||
$threadlimit = '64',
|
||||
$apache_version = $::apache::apache_version,
|
||||
) {
|
||||
if defined(Class['apache::mod::event']) {
|
||||
fail('May not include both apache::mod::worker and apache::mod::event on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::itk']) {
|
||||
fail('May not include both apache::mod::worker and apache::mod::itk on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::peruser']) {
|
||||
fail('May not include both apache::mod::worker and apache::mod::peruser on the same node')
|
||||
}
|
||||
if defined(Class['apache::mod::prefork']) {
|
||||
fail('May not include both apache::mod::worker and apache::mod::prefork on the same node')
|
||||
}
|
||||
File {
|
||||
owner => 'root',
|
||||
group => $::apache::params::root_group,
|
||||
mode => '0644',
|
||||
}
|
||||
|
||||
# Template uses:
|
||||
# - $startservers
|
||||
# - $maxclients
|
||||
# - $minsparethreads
|
||||
# - $maxsparethreads
|
||||
# - $threadsperchild
|
||||
# - $maxrequestsperchild
|
||||
# - $serverlimit
|
||||
# - $threadLimit
|
||||
file { "${::apache::mod_dir}/worker.conf":
|
||||
ensure => file,
|
||||
content => template('apache/mod/worker.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
|
||||
case $::osfamily {
|
||||
'redhat': {
|
||||
if versioncmp($apache_version, '2.4') >= 0 {
|
||||
::apache::mpm{ 'worker':
|
||||
apache_version => $apache_version,
|
||||
}
|
||||
}
|
||||
else {
|
||||
file_line { '/etc/sysconfig/httpd worker enable':
|
||||
ensure => present,
|
||||
path => '/etc/sysconfig/httpd',
|
||||
line => 'HTTPD=/usr/sbin/httpd.worker',
|
||||
match => '#?HTTPD=/usr/sbin/httpd.worker',
|
||||
require => Package['httpd'],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
||||
}
|
||||
'debian', 'freebsd': {
|
||||
::apache::mpm{ 'worker':
|
||||
apache_version => $apache_version,
|
||||
}
|
||||
}
|
||||
default: {
|
||||
fail("Unsupported osfamily ${::osfamily}")
|
||||
}
|
||||
}
|
||||
}
|
21
deployment/puppet/apache/manifests/mod/wsgi.pp
Normal file
21
deployment/puppet/apache/manifests/mod/wsgi.pp
Normal file
@ -0,0 +1,21 @@
|
||||
class apache::mod::wsgi (
|
||||
$wsgi_socket_prefix = $::apache::params::wsgi_socket_prefix,
|
||||
$wsgi_python_path = undef,
|
||||
$wsgi_python_home = undef,
|
||||
){
|
||||
::apache::mod { 'wsgi': }
|
||||
|
||||
# Template uses:
|
||||
# - $wsgi_socket_prefix
|
||||
# - $wsgi_python_path
|
||||
# - $wsgi_python_home
|
||||
file {'wsgi.conf':
|
||||
ensure => file,
|
||||
path => "${::apache::mod_dir}/wsgi.conf",
|
||||
content => template('apache/mod/wsgi.conf.erb'),
|
||||
require => Exec["mkdir ${::apache::mod_dir}"],
|
||||
before => File[$::apache::mod_dir],
|
||||
notify => Service['httpd']
|
||||
}
|
||||
}
|
||||
|
4
deployment/puppet/apache/manifests/mod/xsendfile.pp
Normal file
4
deployment/puppet/apache/manifests/mod/xsendfile.pp
Normal file
@ -0,0 +1,4 @@
|
||||
class apache::mod::xsendfile {
|
||||
include ::apache::params
|
||||
::apache::mod { 'xsendfile': }
|
||||
}
|
68
deployment/puppet/apache/manifests/mpm.pp
Normal file
68
deployment/puppet/apache/manifests/mpm.pp
Normal file
@ -0,0 +1,68 @@
|
||||
define apache::mpm (
|
||||
$lib_path = $::apache::params::lib_path,
|
||||
$apache_version = $::apache::apache_version,
|
||||
) {
|
||||
if ! defined(Class['apache']) {
|
||||
fail('You must include the apache base class before using any apache defined resources')
|
||||
}
|
||||
|
||||
$mpm = $name
|
||||
$mod_dir = $::apache::mod_dir
|
||||
|
||||
$_lib = "mod_mpm_${mpm}.so"
|
||||
$_path = "${lib_path}/${_lib}"
|
||||
$_id = "mpm_${mpm}_module"
|
||||
|
||||
if versioncmp($apache_version, '2.4') >= 0 {
|
||||
file { "${mod_dir}/${mpm}.load":
|
||||
ensure => file,
|
||||
path => "${mod_dir}/${mpm}.load",
|
||||
content => "LoadModule ${_id} ${_path}\n",
|
||||
require => [
|
||||
Package['httpd'],
|
||||
Exec["mkdir ${mod_dir}"],
|
||||
],
|
||||
before => File[$mod_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
||||
|
||||
case $::osfamily {
|
||||
'debian': {
|
||||
file { "${::apache::mod_enable_dir}/${mpm}.conf":
|
||||
ensure => link,
|
||||
target => "${::apache::mod_dir}/${mpm}.conf",
|
||||
require => Exec["mkdir ${::apache::mod_enable_dir}"],
|
||||
before => File[$::apache::mod_enable_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
|
||||
if versioncmp($apache_version, '2.4') >= 0 {
|
||||
file { "${::apache::mod_enable_dir}/${mpm}.load":
|
||||
ensure => link,
|
||||
target => "${::apache::mod_dir}/${mpm}.load",
|
||||
require => Exec["mkdir ${::apache::mod_enable_dir}"],
|
||||
before => File[$::apache::mod_enable_dir],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
||||
|
||||
if versioncmp($apache_version, '2.4') < 0 {
|
||||
package { "apache2-mpm-${mpm}":
|
||||
ensure => present,
|
||||
}
|
||||
}
|
||||
}
|
||||
'freebsd': {
|
||||
class { '::apache::package':
|
||||
mpm_module => $mpm
|
||||
}
|
||||
}
|
||||
'redhat': {
|
||||
# so we don't fail
|
||||
}
|
||||
default: {
|
||||
fail("Unsupported osfamily ${::osfamily}")
|
||||
}
|
||||
}
|
||||
}
|
10
deployment/puppet/apache/manifests/namevirtualhost.pp
Normal file
10
deployment/puppet/apache/manifests/namevirtualhost.pp
Normal file
@ -0,0 +1,10 @@
|
||||
define apache::namevirtualhost {
|
||||
$addr_port = $name
|
||||
|
||||
# Template uses: $addr_port
|
||||
concat::fragment { "NameVirtualHost ${addr_port}":
|
||||
ensure => present,
|
||||
target => $::apache::ports_file,
|
||||
content => template('apache/namevirtualhost.erb'),
|
||||
}
|
||||
}
|
48
deployment/puppet/apache/manifests/package.pp
Normal file
48
deployment/puppet/apache/manifests/package.pp
Normal file
@ -0,0 +1,48 @@
|
||||
class apache::package (
|
||||
$ensure = 'present',
|
||||
$mpm_module = $::apache::params::mpm_module,
|
||||
) inherits ::apache::params {
|
||||
case $::osfamily {
|
||||
'freebsd' : {
|
||||
$all_mpms = [
|
||||
'www/apache22',
|
||||
'www/apache22-worker-mpm',
|
||||
'www/apache22-event-mpm',
|
||||
'www/apache22-itk-mpm',
|
||||
'www/apache22-peruser-mpm',
|
||||
]
|
||||
if $mpm_module {
|
||||
$apache_package = $mpm_module ? {
|
||||
'prefork' => 'www/apache22',
|
||||
default => "www/apache22-${mpm_module}-mpm"
|
||||
}
|
||||
} else {
|
||||
$apache_package = 'www/apache22'
|
||||
}
|
||||
$other_mpms = delete($all_mpms, $apache_package)
|
||||
# Configure ports to have apache module packages dependent on correct
|
||||
# version of apache package (apache22, apache22-worker-mpm, ...)
|
||||
file_line { 'APACHE_PORT in /etc/make.conf':
|
||||
ensure => $ensure,
|
||||
path => '/etc/make.conf',
|
||||
line => "APACHE_PORT=${apache_package}",
|
||||
match => '^\s*#?\s*APACHE_PORT\s*=\s*',
|
||||
before => Package['httpd'],
|
||||
}
|
||||
# remove other packages
|
||||
ensure_resource('package', $other_mpms, {
|
||||
ensure => absent,
|
||||
before => Package['httpd'],
|
||||
require => File_line['APACHE_PORT in /etc/make.conf'],
|
||||
})
|
||||
}
|
||||
default: {
|
||||
$apache_package = $::apache::params::apache_name
|
||||
}
|
||||
}
|
||||
package { 'httpd':
|
||||
ensure => $ensure,
|
||||
name => $apache_package,
|
||||
notify => Class['Apache::Service'],
|
||||
}
|
||||
}
|
282
deployment/puppet/apache/manifests/params.pp
Normal file
282
deployment/puppet/apache/manifests/params.pp
Normal file
@ -0,0 +1,282 @@
|
||||
# Class: apache::params
|
||||
#
|
||||
# This class manages Apache parameters
|
||||
#
|
||||
# Parameters:
|
||||
# - The $user that Apache runs as
|
||||
# - The $group that Apache runs as
|
||||
# - The $apache_name is the name of the package and service on the relevant
|
||||
# distribution
|
||||
# - The $php_package is the name of the package that provided PHP
|
||||
# - The $ssl_package is the name of the Apache SSL package
|
||||
# - The $apache_dev is the name of the Apache development libraries package
|
||||
# - The $conf_contents is the contents of the Apache configuration file
|
||||
#
|
||||
# Actions:
|
||||
#
|
||||
# Requires:
|
||||
#
|
||||
# Sample Usage:
|
||||
#
|
||||
class apache::params inherits ::apache::version {
|
||||
if($::fqdn) {
|
||||
$servername = $::fqdn
|
||||
} else {
|
||||
$servername = $::hostname
|
||||
}
|
||||
|
||||
# The default error log level
|
||||
$log_level = 'warn'
|
||||
|
||||
if $::operatingsystem == 'Ubuntu' and $::lsbdistrelease == '10.04' {
|
||||
$verify_command = '/usr/sbin/apache2ctl -t'
|
||||
} else {
|
||||
$verify_command = '/usr/sbin/apachectl -t'
|
||||
}
|
||||
if $::osfamily == 'RedHat' or $::operatingsystem == 'amazon' {
|
||||
$user = 'apache'
|
||||
$group = 'apache'
|
||||
$root_group = 'root'
|
||||
$apache_name = 'httpd'
|
||||
$service_name = 'httpd'
|
||||
$httpd_dir = '/etc/httpd'
|
||||
$server_root = '/etc/httpd'
|
||||
$conf_dir = "${httpd_dir}/conf"
|
||||
$confd_dir = "${httpd_dir}/conf.d"
|
||||
$mod_dir = "${httpd_dir}/conf.d"
|
||||
$mod_enable_dir = undef
|
||||
$vhost_dir = "${httpd_dir}/conf.d"
|
||||
$vhost_enable_dir = undef
|
||||
$conf_file = 'httpd.conf'
|
||||
$ports_file = "${conf_dir}/ports.conf"
|
||||
$logroot = '/var/log/httpd'
|
||||
$logroot_mode = undef
|
||||
$lib_path = 'modules'
|
||||
$mpm_module = 'prefork'
|
||||
$dev_packages = 'httpd-devel'
|
||||
$default_ssl_cert = '/etc/pki/tls/certs/localhost.crt'
|
||||
$default_ssl_key = '/etc/pki/tls/private/localhost.key'
|
||||
$ssl_certs_dir = '/etc/pki/tls/certs'
|
||||
$passenger_conf_file = 'passenger_extra.conf'
|
||||
$passenger_conf_package_file = 'passenger.conf'
|
||||
$passenger_root = undef
|
||||
$passenger_ruby = undef
|
||||
$passenger_default_ruby = undef
|
||||
$suphp_addhandler = 'php5-script'
|
||||
$suphp_engine = 'off'
|
||||
$suphp_configpath = undef
|
||||
# NOTE: The module for Shibboleth is not available to RH/CentOS without an additional repository. http://wiki.aaf.edu.au/tech-info/sp-install-guide
|
||||
$mod_packages = {
|
||||
'auth_kerb' => 'mod_auth_kerb',
|
||||
'authnz_ldap' => $::apache::version::distrelease ? {
|
||||
'7' => 'mod_ldap',
|
||||
default => 'mod_authz_ldap',
|
||||
},
|
||||
'fastcgi' => 'mod_fastcgi',
|
||||
'fcgid' => 'mod_fcgid',
|
||||
'pagespeed' => 'mod-pagespeed-stable',
|
||||
'passenger' => 'mod_passenger',
|
||||
'perl' => 'mod_perl',
|
||||
'php5' => $::apache::version::distrelease ? {
|
||||
'5' => 'php53',
|
||||
default => 'php',
|
||||
},
|
||||
'proxy_html' => 'mod_proxy_html',
|
||||
'python' => 'mod_python',
|
||||
'shibboleth' => 'shibboleth',
|
||||
'ssl' => 'mod_ssl',
|
||||
'wsgi' => 'mod_wsgi',
|
||||
'dav_svn' => 'mod_dav_svn',
|
||||
'suphp' => 'mod_suphp',
|
||||
'xsendfile' => 'mod_xsendfile',
|
||||
'nss' => 'mod_nss',
|
||||
'shib2' => 'shibboleth',
|
||||
}
|
||||
$mod_libs = {
|
||||
'php5' => 'libphp5.so',
|
||||
'nss' => 'libmodnss.so',
|
||||
}
|
||||
$conf_template = 'apache/httpd.conf.erb'
|
||||
$keepalive = 'Off'
|
||||
$keepalive_timeout = 15
|
||||
$max_keepalive_requests = 100
|
||||
$fastcgi_lib_path = undef
|
||||
$mime_support_package = 'mailcap'
|
||||
$mime_types_config = '/etc/mime.types'
|
||||
$docroot = '/var/www/html'
|
||||
if $::osfamily == "RedHat" {
|
||||
$wsgi_socket_prefix = '/var/run/wsgi'
|
||||
} else {
|
||||
$wsgi_socket_prefix = undef
|
||||
}
|
||||
} elsif $::osfamily == 'Debian' {
|
||||
$user = 'www-data'
|
||||
$group = 'www-data'
|
||||
$root_group = 'root'
|
||||
$apache_name = 'apache2'
|
||||
$service_name = 'apache2'
|
||||
$httpd_dir = '/etc/apache2'
|
||||
$server_root = '/etc/apache2'
|
||||
$conf_dir = $httpd_dir
|
||||
$confd_dir = "${httpd_dir}/conf.d"
|
||||
$mod_dir = "${httpd_dir}/mods-available"
|
||||
$mod_enable_dir = "${httpd_dir}/mods-enabled"
|
||||
$vhost_dir = "${httpd_dir}/sites-available"
|
||||
$vhost_enable_dir = "${httpd_dir}/sites-enabled"
|
||||
$conf_file = 'apache2.conf'
|
||||
$ports_file = "${conf_dir}/ports.conf"
|
||||
$logroot = '/var/log/apache2'
|
||||
$logroot_mode = undef
|
||||
$lib_path = '/usr/lib/apache2/modules'
|
||||
$mpm_module = 'worker'
|
||||
$dev_packages = ['libaprutil1-dev', 'libapr1-dev', 'apache2-prefork-dev']
|
||||
$default_ssl_cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem'
|
||||
$default_ssl_key = '/etc/ssl/private/ssl-cert-snakeoil.key'
|
||||
$ssl_certs_dir = '/etc/ssl/certs'
|
||||
$suphp_addhandler = 'x-httpd-php'
|
||||
$suphp_engine = 'off'
|
||||
$suphp_configpath = '/etc/php5/apache2'
|
||||
$mod_packages = {
|
||||
'auth_kerb' => 'libapache2-mod-auth-kerb',
|
||||
'dav_svn' => 'libapache2-svn',
|
||||
'fastcgi' => 'libapache2-mod-fastcgi',
|
||||
'fcgid' => 'libapache2-mod-fcgid',
|
||||
'nss' => 'libapache2-mod-nss',
|
||||
'pagespeed' => 'mod-pagespeed-stable',
|
||||
'passenger' => 'libapache2-mod-passenger',
|
||||
'perl' => 'libapache2-mod-perl2',
|
||||
'php5' => 'libapache2-mod-php5',
|
||||
'proxy_html' => 'libapache2-mod-proxy-html',
|
||||
'python' => 'libapache2-mod-python',
|
||||
'rpaf' => 'libapache2-mod-rpaf',
|
||||
'suphp' => 'libapache2-mod-suphp',
|
||||
'wsgi' => 'libapache2-mod-wsgi',
|
||||
'xsendfile' => 'libapache2-mod-xsendfile',
|
||||
'shib2' => 'libapache2-mod-shib2',
|
||||
}
|
||||
$mod_libs = {
|
||||
'php5' => 'libphp5.so',
|
||||
}
|
||||
$conf_template = 'apache/httpd.conf.erb'
|
||||
$keepalive = 'Off'
|
||||
$keepalive_timeout = 15
|
||||
$max_keepalive_requests = 100
|
||||
$fastcgi_lib_path = '/var/lib/apache2/fastcgi'
|
||||
$mime_support_package = 'mime-support'
|
||||
$mime_types_config = '/etc/mime.types'
|
||||
$docroot = '/var/www'
|
||||
|
||||
#
|
||||
# Passenger-specific settings
|
||||
#
|
||||
|
||||
$passenger_conf_file = 'passenger.conf'
|
||||
$passenger_conf_package_file = undef
|
||||
|
||||
case $::operatingsystem {
|
||||
'Ubuntu': {
|
||||
case $::lsbdistrelease {
|
||||
'12.04': {
|
||||
$passenger_root = '/usr'
|
||||
$passenger_ruby = '/usr/bin/ruby'
|
||||
$passenger_default_ruby = undef
|
||||
}
|
||||
'14.04': {
|
||||
$passenger_root = '/usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini'
|
||||
$passenger_ruby = undef
|
||||
$passenger_default_ruby = '/usr/bin/ruby'
|
||||
}
|
||||
default: {
|
||||
# The following settings may or may not work on Ubuntu releases not
|
||||
# supported by this module.
|
||||
$passenger_root = '/usr'
|
||||
$passenger_ruby = '/usr/bin/ruby'
|
||||
$passenger_default_ruby = undef
|
||||
}
|
||||
}
|
||||
}
|
||||
'Debian': {
|
||||
case $::lsbdistcodename {
|
||||
'wheezy': {
|
||||
$passenger_root = '/usr'
|
||||
$passenger_ruby = '/usr/bin/ruby'
|
||||
$passenger_default_ruby = undef
|
||||
}
|
||||
default: {
|
||||
# The following settings may or may not work on Debian releases not
|
||||
# supported by this module.
|
||||
$passenger_root = '/usr'
|
||||
$passenger_ruby = '/usr/bin/ruby'
|
||||
$passenger_default_ruby = undef
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
$wsgi_socket_prefix = undef
|
||||
} elsif $::osfamily == 'FreeBSD' {
|
||||
$user = 'www'
|
||||
$group = 'www'
|
||||
$root_group = 'wheel'
|
||||
$apache_name = 'apache22'
|
||||
$service_name = 'apache22'
|
||||
$httpd_dir = '/usr/local/etc/apache22'
|
||||
$server_root = '/usr/local'
|
||||
$conf_dir = $httpd_dir
|
||||
$confd_dir = "${httpd_dir}/Includes"
|
||||
$mod_dir = "${httpd_dir}/Modules"
|
||||
$mod_enable_dir = undef
|
||||
$vhost_dir = "${httpd_dir}/Vhosts"
|
||||
$vhost_enable_dir = undef
|
||||
$conf_file = 'httpd.conf'
|
||||
$ports_file = "${conf_dir}/ports.conf"
|
||||
$logroot = '/var/log/apache22'
|
||||
$logroot_mode = undef
|
||||
$lib_path = '/usr/local/libexec/apache22'
|
||||
$mpm_module = 'prefork'
|
||||
$dev_packages = undef
|
||||
$default_ssl_cert = '/usr/local/etc/apache22/server.crt'
|
||||
$default_ssl_key = '/usr/local/etc/apache22/server.key'
|
||||
$ssl_certs_dir = '/usr/local/etc/apache22'
|
||||
$passenger_conf_file = 'passenger.conf'
|
||||
$passenger_conf_package_file = undef
|
||||
$passenger_root = '/usr/local/lib/ruby/gems/1.9/gems/passenger-4.0.10'
|
||||
$passenger_ruby = '/usr/bin/ruby'
|
||||
$passenger_default_ruby = undef
|
||||
$suphp_addhandler = 'php5-script'
|
||||
$suphp_engine = 'off'
|
||||
$suphp_configpath = undef
|
||||
$mod_packages = {
|
||||
# NOTE: I list here only modules that are not included in www/apache22
|
||||
# NOTE: 'passenger' needs to enable APACHE_SUPPORT in make config
|
||||
# NOTE: 'php' needs to enable APACHE option in make config
|
||||
# NOTE: 'dav_svn' needs to enable MOD_DAV_SVN make config
|
||||
# NOTE: not sure where the shibboleth should come from
|
||||
'auth_kerb' => 'www/mod_auth_kerb2',
|
||||
'fcgid' => 'www/mod_fcgid',
|
||||
'passenger' => 'www/rubygem-passenger',
|
||||
'perl' => 'www/mod_perl2',
|
||||
'php5' => 'lang/php5',
|
||||
'proxy_html' => 'www/mod_proxy_html',
|
||||
'python' => 'www/mod_python3',
|
||||
'wsgi' => 'www/mod_wsgi',
|
||||
'dav_svn' => 'devel/subversion',
|
||||
'xsendfile' => 'www/mod_xsendfile',
|
||||
'rpaf' => 'www/mod_rpaf2',
|
||||
'shib2' => 'security/shibboleth2-sp',
|
||||
}
|
||||
$mod_libs = {
|
||||
'php5' => 'libphp5.so',
|
||||
}
|
||||
$conf_template = 'apache/httpd.conf.erb'
|
||||
$keepalive = 'Off'
|
||||
$keepalive_timeout = 15
|
||||
$max_keepalive_requests = 100
|
||||
$fastcgi_lib_path = undef # TODO: revisit
|
||||
$mime_support_package = 'misc/mime-support'
|
||||
$mime_types_config = '/usr/local/etc/mime.types'
|
||||
$wsgi_socket_prefix = undef
|
||||
$docroot = '/usr/local/www/apache22/data'
|
||||
} else {
|
||||
fail("Class['apache::params']: Unsupported osfamily: ${::osfamily}")
|
||||
}
|
||||
}
|
17
deployment/puppet/apache/manifests/peruser/multiplexer.pp
Normal file
17
deployment/puppet/apache/manifests/peruser/multiplexer.pp
Normal file
@ -0,0 +1,17 @@
|
||||
define apache::peruser::multiplexer (
|
||||
$user = $::apache::user,
|
||||
$group = $::apache::group,
|
||||
$file = undef,
|
||||
) {
|
||||
if ! $file {
|
||||
$filename = "${name}.conf"
|
||||
} else {
|
||||
$filename = $file
|
||||
}
|
||||
file { "${::apache::mod_dir}/peruser/multiplexers/${filename}":
|
||||
ensure => file,
|
||||
content => "Multiplexer ${user} ${group}\n",
|
||||
require => File["${::apache::mod_dir}/peruser/multiplexers"],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
17
deployment/puppet/apache/manifests/peruser/processor.pp
Normal file
17
deployment/puppet/apache/manifests/peruser/processor.pp
Normal file
@ -0,0 +1,17 @@
|
||||
define apache::peruser::processor (
|
||||
$user,
|
||||
$group,
|
||||
$file = undef,
|
||||
) {
|
||||
if ! $file {
|
||||
$filename = "${name}.conf"
|
||||
} else {
|
||||
$filename = $file
|
||||
}
|
||||
file { "${::apache::mod_dir}/peruser/processors/${filename}":
|
||||
ensure => file,
|
||||
content => "Processor ${user} ${group}\n",
|
||||
require => File["${::apache::mod_dir}/peruser/processors"],
|
||||
notify => Service['httpd'],
|
||||
}
|
||||
}
|
18
deployment/puppet/apache/manifests/php.pp
Normal file
18
deployment/puppet/apache/manifests/php.pp
Normal file
@ -0,0 +1,18 @@
|
||||
# Class: apache::php
|
||||
#
|
||||
# This class installs PHP for Apache
|
||||
#
|
||||
# Parameters:
|
||||
# - $php_package
|
||||
#
|
||||
# Actions:
|
||||
# - Install Apache PHP package
|
||||
#
|
||||
# Requires:
|
||||
#
|
||||
# Sample Usage:
|
||||
#
|
||||
class apache::php {
|
||||
warning('apache::php is deprecated; please use apache::mod::php')
|
||||
include ::apache::mod::php
|
||||
}
|
15
deployment/puppet/apache/manifests/proxy.pp
Normal file
15
deployment/puppet/apache/manifests/proxy.pp
Normal file
@ -0,0 +1,15 @@
|
||||
# Class: apache::proxy
|
||||
#
|
||||
# This class enabled the proxy module for Apache
|
||||
#
|
||||
# Actions:
|
||||
# - Enables Apache Proxy module
|
||||
#
|
||||
# Requires:
|
||||
#
|
||||
# Sample Usage:
|
||||
#
|
||||
class apache::proxy {
|
||||
warning('apache::proxy is deprecated; please use apache::mod::proxy')
|
||||
include ::apache::mod::proxy
|
||||
}
|
18
deployment/puppet/apache/manifests/python.pp
Normal file
18
deployment/puppet/apache/manifests/python.pp
Normal file
@ -0,0 +1,18 @@
|
||||
# Class: apache::python
|
||||
#
|
||||
# This class installs Python for Apache
|
||||
#
|
||||
# Parameters:
|
||||
# - $php_package
|
||||
#
|
||||
# Actions:
|
||||
# - Install Apache Python package
|
||||
#
|
||||
# Requires:
|
||||
#
|
||||
# Sample Usage:
|
||||
#
|
||||
class apache::python {
|
||||
warning('apache::python is deprecated; please use apache::mod::python')
|
||||
include ::apache::mod::python
|
||||
}
|
44
deployment/puppet/apache/manifests/service.pp
Normal file
44
deployment/puppet/apache/manifests/service.pp
Normal file
@ -0,0 +1,44 @@
|
||||
# Class: apache::service
|
||||
#
|
||||
# Manages the Apache daemon
|
||||
#
|
||||
# Parameters:
|
||||
#
|
||||
# Actions:
|
||||
# - Manage Apache service
|
||||
#
|
||||
# Requires:
|
||||
#
|
||||
# Sample Usage:
|
||||
#
|
||||
# sometype { 'foo':
|
||||
# notify => Class['apache::service'],
|
||||
# }
|
||||
#
|
||||
#
|
||||
class apache::service (
|
||||
$service_name = $::apache::params::service_name,
|
||||
$service_enable = true,
|
||||
$service_ensure = 'running',
|
||||
) {
|
||||
# The base class must be included first because parameter defaults depend on it
|
||||
if ! defined(Class['apache::params']) {
|
||||
fail('You must include the apache::params class before using any apache defined resources')
|
||||
}
|
||||
validate_bool($service_enable)
|
||||
|
||||
case $service_ensure {
|
||||
true, false, 'running', 'stopped': {
|
||||
$_service_ensure = $service_ensure
|
||||
}
|
||||
default: {
|
||||
$_service_ensure = undef
|
||||
}
|
||||
}
|
||||
|
||||
service { 'httpd':
|
||||
ensure => $_service_ensure,
|
||||
name => $service_name,
|
||||
enable => $service_enable,
|
||||
}
|
||||
}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user