openstack/puppet-barbican
Code Issues Proposed changes
Files
eb2b84ea8fd4513c00a1b38e6d7041e1d6d81a23
puppet-barbican/manifests/wsgi/apache.pp
Takashi Kajinami eb2b84ea8f Fix inconsistent parameter/resource names of wsgi::apache 
The barbican::wsgi::apache class names a few parameters and resources
differently from the other modules. To make its interface and
implementation consistent with the other implementations, this renames
these inconsistent names. The old parameter names are kept but will be
removed in a future release.

Change-Id: I49ca51e4ea7a2404dfdbd0c88ce39339750da4f6
2022-08-26 15:46:37 +09:00

209 lines
6.4 KiB
Puppet
Raw Blame History

#
# Class to serve barbican with apache mod_wsgi in place of barbican service
#
# Serving barbican from apache is the recommended way to go for production
# systems as the current barbican implementation is not multi-processor aware,
# thus limiting the performance for concurrent accesses.
#
# When using this class you should disable your barbican service.
#
# == Parameters
#
# [*servername*]
# (Optional) The servername for the virtualhost.
# Defaults to $::fqdn
#
# [*port*]
# (Optional) The port.
# Defaults to 9311
#
# [*bind_host*]
# (Optional) The host/ip address Apache will listen on.
# Defaults to undef (listen on all ip addresses).
#
# [*path*]
# (Optional) The prefix for the endpoint.
# Defaults to '/'
#
# [*ssl*]
# (Optional) Use ssl ? (boolean)
# Defaults to false
#
# [*workers*]
# (Optional) Number of WSGI workers to spawn.
# Defaults to $::os_workers
#
# [*priority*]
# (Optional) The priority for the vhost.
# Defaults to 10
#
# [*threads*]
# (Optional) The number of threads for the vhost.
# Defaults to 1
#
# [*wsgi_process_display_name*]
# (Optional) Name of the WSGI process display-name.
# Defaults to undef
#
# [*ssl_cert*]
# [*ssl_key*]
# [*ssl_chain*]
# [*ssl_ca*]
# [*ssl_crl_path*]
# [*ssl_crl*]
# [*ssl_certs_dir*]
# (Optional) apache::vhost ssl parameters.
# Default to apache::vhost 'ssl_*' defaults.
#
# [*access_log_file*]
# (Optional) The log file name for the virtualhost.
# Defaults to undef.
#
# [*access_log_pipe*]
# (Optional) Specifies a pipe where Apache sends access logs for
# the virtualhost.
# Defaults to undef.
#
# [*access_log_syslog*]
# (Optional) Sends the virtualhost access log messages to syslog.
# Defaults to undef.
#
# [*access_log_format*]
# (Optional) The log format for the virtualhost.
# Defaults to undef.
#
# [*error_log_file*]
# (Optional) The error log file name for the virtualhost.
# Defaults to undef.
#
# [*error_log_pipe*]
# (Optional) Specifies a pipe where Apache sends error logs for
# the virtualhost.
# Defaults to undef.
#
# [*error_log_syslog*]
# (Optional) Sends the virtualhost error log messages to syslog.
# Defaults to undef.
#
# [*custom_wsgi_process_options*]
# (Optional) gives you the opportunity to add custom process options or to
# overwrite the default options for the WSGI main process.
# eg. to use a virtual python environment for the WSGI process
# you could set it to:
# { python-path => '/my/python/virtualenv' }
# Defaults to {}
#
# [*headers*]
# (Optional) Headers for the vhost.
# Defaults to undef
#
# [*request_headers*]
# (Optional) Modifies collected request headers in various ways.
# Defaults to undef
#
# [*vhost_custom_fragment*]
# (Optional) Passes a string of custom configuration
# directives to be placed at the end of the vhost configuration.
# Defaults to undef.
#
# DEPRECATED PARAMETERS
#
# [*public_port*]
# (Optional) The public port.
# Defaults to undef
#
# [*public_path*]
# (Optional) The prefix for the public endpoint.
# Defaults to undef
#
# == Authors
#
# Ade Lee <alee@redhat.com>
#
# == Copyright
#
# Copyright 2015 Red Hat Inc. <licensing@redhat.com>
#
class barbican::wsgi::apache (
$servername = $::fqdn,
$port = 9311,
$bind_host = undef,
$path = '/',
$ssl = false,
$workers = $::os_workers,
$ssl_cert = undef,
$ssl_key = undef,
$ssl_chain = undef,
$ssl_ca = undef,
$ssl_crl_path = undef,
$ssl_crl = undef,
$ssl_certs_dir = undef,
$wsgi_process_display_name = undef,
$threads = 1,
$priority = 10,
$access_log_file = undef,
$access_log_pipe = undef,
$access_log_syslog = undef,
$access_log_format = undef,
$error_log_file = undef,
$error_log_pipe = undef,
$error_log_syslog = undef,
$custom_wsgi_process_options = {},
$headers = undef,
$request_headers = undef,
$vhost_custom_fragment = undef,
# DEPRECATED PARAMETERS
$public_port = undef,
$public_path = undef
) {
include barbican::deps
include barbican::params
Anchor['barbican::install::end'] -> Class['apache']
if $public_port {
warning('The public_port parameter is deprecated. Use the port parameter')
}
if $public_path {
warning('The public_path parameter is deprecated. Use the path parameter')
}
openstacklib::wsgi::apache { 'barbican_wsgi':
bind_host => $bind_host,
bind_port => pick($public_port, $port),
group => $::barbican::params::group,
path => pick($public_path, $path),
priority => $priority,
servername => $servername,
ssl => $ssl,
ssl_ca => $ssl_ca,
ssl_cert => $ssl_cert,
ssl_certs_dir => $ssl_certs_dir,
ssl_chain => $ssl_chain,
ssl_crl => $ssl_crl,
ssl_crl_path => $ssl_crl_path,
ssl_key => $ssl_key,
threads => $threads,
user => $::barbican::params::user,
vhost_custom_fragment => $vhost_custom_fragment,
workers => $workers,
wsgi_daemon_process => 'barbican-api',
wsgi_process_display_name => $wsgi_process_display_name,
wsgi_process_group => 'barbican-api',
wsgi_script_dir => $::barbican::params::barbican_wsgi_script_path,
wsgi_script_file => 'main',
wsgi_script_source => $::barbican::params::barbican_wsgi_script_source,
headers => $headers,
request_headers => $request_headers,
custom_wsgi_process_options => $custom_wsgi_process_options,
access_log_file => $access_log_file,
access_log_pipe => $access_log_pipe,
access_log_syslog => $access_log_syslog,
access_log_format => $access_log_format,
error_log_file => $error_log_file,
error_log_pipe => $error_log_pipe,
error_log_syslog => $error_log_syslog,
}
}
View Git Blame Copy Permalink