apache: Update templates based on latest CentOS package

apache/templates/httpd.conf.erb

@@ -58,7 +58,9 @@ ServerRoot "/etc/httpd"
 
 #
 # PidFile: The file in which the server should record its process
-# identification number when it starts.
+# identification number when it starts.  Note the PIDFILE variable in
+# /etc/sysconfig/httpd must be set appropriately if this location is
+# changed.
 #
 PidFile run/httpd.pid
 
@@ -114,8 +116,8 @@ MaxRequestsPerChild  4000
 # ThreadsPerChild: constant number of worker threads in each server process
 # MaxRequestsPerChild: maximum number of requests a server process serves
 <IfModule worker.c>
-StartServers         2
+StartServers         4
-MaxClients         150
+MaxClients         300
 MinSpareThreads     25
 MaxSpareThreads     75 
 ThreadsPerChild     25
@@ -145,6 +147,9 @@ Listen 80
 # Example:
 # LoadModule foo_module modules/mod_foo.so
 #
+<% if @operatingsystem == 'Fedora' and @operatingsystemrelease.to_i > 17 -%>
+Include conf.modules.d/*.conf
+<% else -%>
 LoadModule auth_basic_module modules/mod_auth_basic.so
 LoadModule auth_digest_module modules/mod_auth_digest.so
 LoadModule authn_file_module modules/mod_authn_file.so
@@ -199,12 +204,22 @@ LoadModule mem_cache_module modules/mod_mem_cache.so
 <% end -%>
 LoadModule cgi_module modules/mod_cgi.so
 LoadModule version_module modules/mod_version.so
+<% end -%>
 
 #
 # The following modules are not loaded by default:
 #
-#LoadModule cern_meta_module modules/mod_cern_meta.so
 #LoadModule asis_module modules/mod_asis.so
+#LoadModule authn_dbd_module modules/mod_authn_dbd.so
+#LoadModule cern_meta_module modules/mod_cern_meta.so
+#LoadModule cgid_module modules/mod_cgid.so
+#LoadModule dbd_module modules/mod_dbd.so
+#LoadModule dumpio_module modules/mod_dumpio.so
+#LoadModule filter_module modules/mod_filter.so
+#LoadModule ident_module modules/mod_ident.so
+#LoadModule log_forensic_module modules/mod_log_forensic.so
+#LoadModule unique_id_module modules/mod_unique_id.so
+#
 
 #
 # Load config files from the config directory "/etc/httpd/conf.d".
@@ -364,7 +379,7 @@ DocumentRoot "/srv/www/http/<%= @homename %>"
 
     #
     # To enable requests to /~user/ to serve the user's public_html
-    # directory, remove the "UserDir disable" line above, and uncomment
+    # directory, remove the "UserDir disabled" line above, and uncomment
     # the following line instead:
     # 
     #UserDir public_html
@@ -412,6 +427,7 @@ AccessFileName .htaccess
 <Files ~ "^\.ht">
     Order allow,deny
     Deny from all
+    Satisfy All
 </Files>
 
 #
@@ -575,12 +591,12 @@ Alias /icons/ "/var/www/icons/"
 # "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
 # CGI directory exists, if you have that configured.
 #
-#<Directory "/var/www/cgi-bin">
+<Directory "/var/www/cgi-bin">
-#    AllowOverride None
+    AllowOverride None
-#    Options None
+    Options None
-#    Order allow,deny
+    Order allow,deny
-#    Allow from all
+    Allow from all
-#</Directory>
+</Directory>
 
 #
 # Redirect allows you to tell clients about documents which used to exist in
@@ -775,6 +791,12 @@ ForceLanguagePriority Prefer Fallback
 AddType application/x-compress .Z
 AddType application/x-gzip .gz .tgz
 
+#
+#   MIME-types for downloading Certificates and CRLs
+#
+AddType application/x-x509-ca-cert .crt
+AddType application/x-pkcs7-crl    .crl
+
 #
 # AddHandler allows you to map certain file extensions to "handlers":
 # actions unrelated to filetype. These can be either built into the server

apache/templates/httpsd.conf.erb

@@ -58,7 +58,9 @@ ServerRoot "/etc/httpd"
 
 #
 # PidFile: The file in which the server should record its process
-# identification number when it starts.
+# identification number when it starts.  Note the PIDFILE variable in
+# /etc/sysconfig/httpd must be set appropriately if this location is
+# changed.
 #
 PidFile run/httpsd.pid
 
@@ -114,8 +116,8 @@ MaxRequestsPerChild  4000
 # ThreadsPerChild: constant number of worker threads in each server process
 # MaxRequestsPerChild: maximum number of requests a server process serves
 <IfModule worker.c>
-StartServers         2
+StartServers         4
-MaxClients         150
+MaxClients         300
 MinSpareThreads     25
 MaxSpareThreads     75 
 ThreadsPerChild     25
@@ -207,8 +209,17 @@ LoadModule version_module modules/mod_version.so
 #
 # The following modules are not loaded by default:
 #
-#LoadModule cern_meta_module modules/mod_cern_meta.so
 #LoadModule asis_module modules/mod_asis.so
+#LoadModule authn_dbd_module modules/mod_authn_dbd.so
+#LoadModule cern_meta_module modules/mod_cern_meta.so
+#LoadModule cgid_module modules/mod_cgid.so
+#LoadModule dbd_module modules/mod_dbd.so
+#LoadModule dumpio_module modules/mod_dumpio.so
+#LoadModule filter_module modules/mod_filter.so
+#LoadModule ident_module modules/mod_ident.so
+#LoadModule log_forensic_module modules/mod_log_forensic.so
+#LoadModule unique_id_module modules/mod_unique_id.so
+#
 
 #
 # Load config files from the config directory "/etc/httpd/conf.d".
@@ -368,7 +379,7 @@ DocumentRoot "/srv/www/https/<%= @homename %>"
 
     #
     # To enable requests to /~user/ to serve the user's public_html
-    # directory, remove the "UserDir disable" line above, and uncomment
+    # directory, remove the "UserDir disabled" line above, and uncomment
     # the following line instead:
     # 
     #UserDir public_html
@@ -416,6 +427,7 @@ AccessFileName .htaccess
 <Files ~ "^\.ht">
     Order allow,deny
     Deny from all
+    Satisfy All
 </Files>
 
 #
@@ -579,12 +591,12 @@ Alias /icons/ "/var/www/icons/"
 # "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
 # CGI directory exists, if you have that configured.
 #
-#<Directory "/var/www/cgi-bin">
+<Directory "/var/www/cgi-bin">
-#    AllowOverride None
+    AllowOverride None
-#    Options None
+    Options None
-#    Order allow,deny
+    Order allow,deny
-#    Allow from all
+    Allow from all
-#</Directory>
+</Directory>
 
 #
 # Redirect allows you to tell clients about documents which used to exist in
@@ -779,6 +791,12 @@ ForceLanguagePriority Prefer Fallback
 AddType application/x-compress .Z
 AddType application/x-gzip .gz .tgz
 
+#
+#   MIME-types for downloading Certificates and CRLs
+#
+AddType application/x-x509-ca-cert .crt
+AddType application/x-pkcs7-crl    .crl
+
 #
 # AddHandler allows you to map certain file extensions to "handlers":
 # actions unrelated to filetype. These can be either built into the server

apache/templates/ssl.conf.erb

@@ -11,12 +11,6 @@ Listen 443
 ##  the main server and all SSL-enabled virtual hosts.
 ##
 
-#
-#   Some MIME-types for downloading Certificates and CRLs
-#
-AddType application/x-x509-ca-cert .crt
-AddType application/x-pkcs7-crl    .crl
-
 #   Pass Phrase Dialog:
 #   Configure the pass phrase gathering process.
 #   The filtering dialog program (`builtin' is a internal
@@ -26,7 +20,6 @@ SSLPassPhraseDialog  builtin
 #   Inter-Process Session Cache:
 #   Configure the SSL Session Cache: First the mechanism 
 #   to use and second the expiring timeout (in seconds).
-#SSLSessionCache        dc:UNIX:/var/cache/mod_ssl/distcache
 SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
 SSLSessionCacheTimeout  300