Cleaned up apache module some more.

2009-11-26 18:38:06 +02:00 · 2009-11-26 18:38:06 +02:00 · 66c88cd9cd
commit 66c88cd9cd
parent 12ac1c01a2
2 changed files with 33 additions and 34 deletions
--- a/apache/manifests/init.pp
+++ b/apache/manifests/init.pp
@ -89,14 +89,20 @@ class apache::server inherits apache::common {
 #     config => "puppet:///path/to/www.example.com.conf",
 # }
 #
-define apache::site($root="none", $config="none") {
+define apache::site($root="", $config="") {

    if $name == "default" {
        $site_fqdn = $fqdn
    } else {
        $site_fqdn = $name

-        if $root == "none" {
+        if $root {
+            file { "/srv/www/http/${site_fqdn}":
+                ensure => link,
+                target => $root,
+                before => File["/etc/httpd/site.http.d/${site_fqdn}.conf"],
+            }
+        } else {
            file { "/srv/www/http/${site_fqdn}":
                ensure => directory,
                mode   => 0755,
@ -104,12 +110,6 @@ define apache::site($root="none", $config="none") {
                group  => root,
                before => File["/etc/httpd/site.http.d/${site_fqdn}.conf"],
            }
-        } else {
-            file { "/srv/www/http/${site_fqdn}":
-                ensure => link,
-                target => "${root}",
-                before => File["/etc/httpd/site.http.d/${site_fqdn}.conf"],
-            }
        }

        file { "/srv/www/log/http/${site_fqdn}":
@ -126,13 +126,13 @@ define apache::site($root="none", $config="none") {
        notify => Service["httpd"],
    }

-    if $config == "none" {
+    if $config {
        File["/etc/httpd/site.http.d/${site_fqdn}.conf"] {
-            content => template("apache/site.http.conf.erb"),
+            source => $config,
        }
    } else {
        File["/etc/httpd/site.http.d/${site_fqdn}.conf"] {
-            source => "${config}",
+            content => template("apache/site.http.conf.erb"),
        }
    }

@ -220,26 +220,25 @@ class apache::sslserver inherits apache::common {
 #     ssl_key  => "puppet:///path/to/www.example.com.key",
 # }
 #
-define apache::sslsite($root="none", $config="none",
-                       $ssl_cert="none", $ssl_key="none", $ssl_chain="none") {
+define apache::sslsite($root="", $config="", $ssl_cert="", $ssl_key="", $ssl_chain="") {

    if $name == "default" {
        $site_fqdn = $fqdn
    } else {
        $site_fqdn = $name

-        if $root == "none" {
+        if $root {
+            file { "/srv/www/https/${site_fqdn}":
+                ensure => link,
+                target => $root,
+            }
+        } else {
            file { "/srv/www/https/${site_fqdn}":
                ensure => directory,
                mode   => 0755,
                owner  => root,
                group  => root,
            }
-        } else {
-            file { "/srv/www/https/${site_fqdn}":
-                ensure => link,
-                target => "${root}",
-            }
        }

        file { "/srv/www/log/https/${site_fqdn}":
@ -250,40 +249,40 @@ define apache::sslsite($root="none", $config="none",
        }
    }

-    if $ssl_cert == "none" {
-        $real_ssl_cert = "${puppet_ssldir}/certs/${fqdn}.pem"
-    } else {
+    if $ssl_cert {
        $real_ssl_cert = $ssl_cert
+    } else {
+        $real_ssl_cert = "${puppet_ssldir}/certs/${fqdn}.pem"
    }

    file { "/etc/pki/tls/certs/${site_fqdn}.crt":
        ensure => present,
-        source => "${real_ssl_cert}",
+        source => $real_ssl_cert,
        mode   => 0644,
        owner  => root,
        group  => root,
        notify => Service["httpsd"],
    }

-    if $ssl_key == "none" {
-        $real_ssl_key = "${puppet_ssldir}/private_keys/${fqdn}.pem"
-    } else {
+    if $ssl_key {
        $real_ssl_key = $ssl_key
+    } else {
+        $real_ssl_key = "${puppet_ssldir}/private_keys/${fqdn}.pem"
    }

    file { "/etc/pki/tls/private/${site_fqdn}.key":
        ensure => present,
-        source => "${real_ssl_key}",
+        source => $real_ssl_key,
        mode   => 0600,
        owner  => root,
        group  => root,
        notify => Service["httpsd"],
    }

-    if $ssl_chain != "none" {
+    if $ssl_chain {
        file { "/etc/pki/tls/certs/${site_fqdn}.chain.crt":
            ensure => present,
-            source => "${ssl_chain}",
+            source => $ssl_chain,
            mode   => 0644,
            owner  => root,
            group  => root,
@ -298,13 +297,13 @@ define apache::sslsite($root="none", $config="none",
                     File["/etc/pki/tls/private/${site_fqdn}.key"], ],
    }

-    if $config == "none" {
+    if $config {
        File["/etc/httpd/site.https.d/${site_fqdn}.conf"] {
-            content => template("apache/site.https.conf.erb"),
+            source => $config,
        }
    } else {
        File["/etc/httpd/site.https.d/${site_fqdn}.conf"] {
-            source => "${config}",
+            content => template("apache/site.https.conf.erb"),
        }
    }

--- a/apache/templates/site.https.conf.erb
+++ b/apache/templates/site.https.conf.erb
@ -125,8 +125,8 @@ SSLCertificateKeyFile /etc/pki/tls/private/<%= site_fqdn %>.key
 #   the referenced file can be the same as SSLCertificateFile
 #   when the CA certificates are directly appended to the server
 #   certificate for convinience.
-<% if ssl_chain != "none" -%>
-SSLCertificateChainFile <%= site_fqdn %>.chain.crt
+<% if ssl_chain != "" -%>
+SSLCertificateChainFile /etc/pki/tls/certs/<%= site_fqdn %>.chain.crt
 <% end -%>

 #   Certificate Authority (CA):