tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added virtual host support for Debian/Ubuntu to apache module

Browse source
This commit is contained in:
Ossi Salmi 2010-11-05 16:55:05 +02:00 committed by Timo Mkinen
parent 512c38ba9d
commit 42fd785e66
4 changed files with 230 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

155
apache/manifests/debian.pp
View file

@ -10,7 +10,9 @@ class apache::debian::common {
file { [ "/srv/www/http",
"/srv/www/http/${fqdn}",
"/srv/www/log/http",
"/srv/www/log/http/${fqdn}", ]:
"/srv/www/log/http/${fqdn}",
"/etc/apache2/conf.d",
"/etc/apache2/sites-enabled", ]:
ensure => directory,
mode => 0644,
owner => root,
@ -19,22 +21,43 @@ class apache::debian::common {
before => File["/etc/apache2/apache2.conf"],
}
File["/etc/apache2/conf.d", "/etc/apache2/sites-enabled"] {
purge => true,
force => true,
recurse => true,
source => "puppet:///custom/empty",
}
file { "/etc/apache2/envvars":
ensure => present,
content => template("apache/apache2.envvars.erb"),
mode => 0644,
owner => root,
group => root,
before => File["/etc/apache2/apache2.conf"],
require => Package["httpd"],
notify => Service["apache2"],
}
file { "/etc/apache2/httpd.conf":
ensure => present,
content => template("apache/apache2.httpd.conf.erb"),
mode => 0644,
owner => root,
group => root,
before => File["/etc/apache2/apache2.conf"],
require => Package["httpd"],
notify => Service["apache2"],
}
file { "/etc/apache2/ports.conf":
ensure => present,
content => "# HTTP server disabled\n"
content => "# HTTP server disabled\n",
mode => 0644,
owner => root,
group => root,
before => File["/etc/apache2/apache2.conf"],
require => Package["httpd"],
notify => Service["apache2"],
}
@ -44,7 +67,6 @@ class apache::debian::common {
mode => 0644,
owner => root,
group => root,
require => File["/etc/apache2/envvars", "/etc/apache2/ports.conf" ],
notify => Service["apache2"],
}
@ -60,7 +82,7 @@ class apache::debian::common {
class apache::debian::server inherits apache::debian::common {
File["/etc/apache2/ports.conf"] {
content => "NameVirtualHost *:80\nListen80\n"
content => "NameVirtualHost *:80\nListen 80\n"
}
}
@ -68,12 +90,12 @@ class apache::debian::server inherits apache::debian::common {
define apache::debian::site($aliases, $root, $config, $redirect) {
$site_conf = "/etc/apache2/sites-available/${name}.conf"
if $name == "default" {
$site_fqdn = $fqdn
$site_conf = "/etc/apache2/sites-enabled/00-${site_fqdn}.conf"
} else {
$site_fqdn = $name
$site_conf = "/etc/apache2/sites-enabled/${site_fqdn}.conf"
if !$redirect {
if $root {
@ -107,7 +129,7 @@ define apache::debian::site($aliases, $root, $config, $redirect) {
mode => 0644,
owner => root,
group => root,
notify => Service["httpd"],
notify => Service["apache2"],
}
if $config {
@ -149,6 +171,102 @@ class apache::debian::sslserver inherits apache::debian::common {
}
define apache::debian::sslsite($root, $config, $ssl_cert, $ssl_key, $ssl_chain) {
if $name == "default" {
$site_fqdn = $fqdn
} else {
$site_fqdn = $name
if $root {
file { "/srv/www/https/${site_fqdn}":
ensure => link,
target => $root,
before => Service["apache2"],
}
} else {
file { "/srv/www/https/${site_fqdn}":
ensure => directory,
mode => 0755,
owner => root,
group => root,
before => Service["apache2"],
}
}
file { "/srv/www/log/https/${site_fqdn}":
ensure => directory,
mode => 0755,
owner => root,
group => root,
before => Service["apache2"],
}
}
if $ssl_cert {
$real_ssl_cert = $ssl_cert
} else {
$real_ssl_cert = "${puppet_ssldir}/certs/${fqdn}.pem"
}
file { "/etc/ssl/certs/${site_fqdn}.crt":
ensure => present,
source => $real_ssl_cert,
mode => 0644,
owner => root,
group => root,
notify => Service["apache2"],
}
if $ssl_key {
$real_ssl_key = $ssl_key
} else {
$real_ssl_key = "${puppet_ssldir}/private_keys/${fqdn}.pem"
}
file { "/etc/ssl/private/${site_fqdn}.key":
ensure => present,
source => $real_ssl_key,
mode => 0600,
owner => root,
group => root,
notify => Service["apache2"],
}
if $ssl_chain {
file { "/etc/ssl/certs/${site_fqdn}.chain.crt":
ensure => present,
source => $ssl_chain,
mode => 0644,
owner => root,
group => root,
notify => Service["apache2"],
}
}
file { "/etc/apache2/sites-enabled/${site_fqdn}-ssl.conf":
ensure => present,
mode => 0644,
owner => root,
group => root,
notify => Service["apache2"],
require => [ File["/etc/ssl/certs/${site_fqdn}.crt"],
File["/etc/ssl/private/${site_fqdn}.key"], ],
}
if $config {
File["/etc/apache2/sites-enabled/${site_fqdn}-ssl.conf"] {
source => $config,
}
} else {
File["/etc/apache2/sites-enabled/${site_fqdn}-ssl.conf"] {
content => template("apache/site.https.conf.erb"),
}
}
}
define apache::debian::configfile($source, $content, $http, $https) {
file { "/etc/apache2/conf.d/${name}":
@ -218,26 +336,3 @@ define apache::debian::a2enmod($source="", $content="") {
}
}
# Enable virtual host on Debian/Ubuntu Apache.
#
# === Parameters
#
# $name:
# FQDN of virtual host.
#
define apache::debian::a2ensite() {
exec { "a2ensite-${name}":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
command => "a2ensite ${name}",
unless => $name ? {
"default" => "test -h /etc/apache2/sites-enabled/000-default",
default => "test -h /etc/apache2/sites-enabled/${name}",
},
notify => Service["apache2"],
require => Package["httpd"],
}
}

2
apache/manifests/init.pp
View file

@ -202,6 +202,7 @@ define apache::sslsite($root="", $config="", $ssl_cert="", $ssl_key="", $ssl_cha
case $operatingsystem {
debian,ubuntu: {
$apache_ssldir = "/etc/ssl"
apache::debian::sslsite { "${name}":
root => $root,
config => $config,
@ -211,6 +212,7 @@ define apache::sslsite($root="", $config="", $ssl_cert="", $ssl_key="", $ssl_cha
}
}
centos,fedora: {
$apache_ssldir = "/etc/pki/tls"
apache::redhat::sslsite { "${name}":
root => $root,
config => $config,