tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added initial support for Debian and Ubuntu to apache module.

Browse source
This commit is contained in:
Ossi Salmi 2010-10-23 03:43:35 +03:00 committed by Timo Mkinen
parent 7075ad243d
commit fa53a19798
3 changed files with 445 additions and 73 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

263
apache/manifests/init.pp
View file

@ -34,6 +34,11 @@ class apache::common {
}
package { "httpd":
name => $operatingsystem ? {
debian => "apache2",
ubuntu => "apache2",
default => "httpd",
},
ensure => installed,
}
@ -73,15 +78,21 @@ class apache::common {
class apache::server inherits apache::common {
if ! $httpd_user {
$httpd_user = "apache"
$httpd_user = $operatingsystem ? {
debian => "www-data",
ubuntu => "www-data",
default => "apache",
}
}
if ! $httpd_group {
$httpd_group = "apache"
$httpd_group = $operatingsystem ? {
debian => "www-data",
ubuntu => "www-data",
default => "apache",
}
}
file { [ "/etc/httpd/conf.http.d",
"/etc/httpd/site.http.d",
"/srv/www/http",
file { [ "/srv/www/http",
"/srv/www/http/${fqdn}",
"/srv/www/log/http",
"/srv/www/log/http/${fqdn}", ]:
@ -90,31 +101,66 @@ class apache::server inherits apache::common {
owner => root,
group => root,
require => Package["httpd"],
before => File["/etc/httpd/conf/httpd.conf"],
before => $operatingsystem ? {
debian => File["/etc/apache2/apache2.conf"],
ubuntu => File["/etc/apache2/apache2.conf"],
default => File["/etc/httpd/conf/httpd.conf"],
},
}
File["/etc/httpd/conf.http.d", "/etc/httpd/site.http.d"] {
purge => true,
force => true,
recurse => true,
source => "puppet:///custom/empty",
}
file { "/etc/httpd/conf/httpd.conf":
ensure => present,
content => template("apache/httpd.conf.erb"),
mode => 0644,
owner => root,
group => root,
require => Package["httpd"],
notify => Service["httpd"],
}
service { "httpd":
ensure => running,
enable => true,
require => [ Package["httpd"],
File["/etc/httpd/conf/httpd.conf"], ],
case $operatingsystem {
debian,ubuntu: {
file { "/etc/apache2/envvars":
ensure => present,
content => template("apache/apache2.envvars.erb"),
mode => 0644,
owner => root,
group => root,
require => Package["httpd"],
notify => Service["apache2"],
}
file { "/etc/apache2/apache2.conf":
ensure => present,
content => template("apache/apache2.conf.erb"),
mode => 0644,
owner => root,
group => root,
require => File["/etc/apache2/envvars"],
notify => Service["apache2"],
}
service { "apache2":
ensure => running,
enable => true,
require => File["/etc/apache2/apache2.conf"],
}
}
default: {
file { [ "/etc/httpd/conf.http.d", "/etc/httpd/site.http.d" ]:
ensure => directory,
mode => 0644,
owner => root,
group => root,
purge => true,
force => true,
recurse => true,
source => "puppet:///custom/empty",
require => Package["httpd"],
before => File["/etc/httpd/conf/httpd.conf"],
}
file { "/etc/httpd/conf/httpd.conf":
ensure => present,
content => template("apache/httpd.conf.erb"),
mode => 0644,
owner => root,
group => root,
notify => Service["httpd"],
}
service { "httpd":
ensure => running,
enable => true,
require => File["/etc/httpd/conf/httpd.conf"],
}
}
}
}
@ -442,72 +488,143 @@ define apache::sslsite($root="", $config="", $ssl_cert="", $ssl_key="", $ssl_cha
#
define apache::configfile($source="", $content="", $http=true, $https=true) {
if defined(Service["httpd"]) {
file { "/etc/httpd/conf.http.d/${name}":
ensure => $http ? {
true => present,
default => absent,
},
mode => 0644,
owner => root,
group => root,
notify => Service["httpd"],
}
if $source {
File["/etc/httpd/conf.http.d/${name}"] {
source => $source,
case $operatingsystem {
debian,ubuntu: {
file { "/etc/apache2/conf.d/${name}":
mode => 0644,
owner => root,
group => root,
notify => Service["apache2"],
require => Package["httpd"],
}
if $source {
File["/etc/apache2/conf.d/${name}"] {
source => $source,
}
}
if $content {
File["/etc/apache2/conf.d/${name}"] {
content => $content,
}
}
}
if $content {
File["/etc/httpd/conf.http.d/${name}"] {
content => $content,
default: {
if defined(Service["httpd"]) {
file { "/etc/httpd/conf.http.d/${name}":
ensure => $http ? {
true => present,
default => absent,
},
mode => 0644,
owner => root,
group => root,
notify => Service["httpd"],
}
if $source {
File["/etc/httpd/conf.http.d/${name}"] {
source => $source,
}
}
if $content {
File["/etc/httpd/conf.http.d/${name}"] {
content => $content,
}
}
if ! $source and ! $content {
File["/etc/httpd/conf.http.d/${name}"] {
source => "/etc/httpd/conf.d/${name}",
}
}
if $require {
File["/etc/httpd/conf.http.d/${name}"] {
require => $require,
}
}
}
}
if ! $source and ! $content {
File["/etc/httpd/conf.http.d/${name}"] {
source => "/etc/httpd/conf.d/${name}",
}
}
if $require {
File["/etc/httpd/conf.http.d/${name}"] {
require => $require,
if defined(Service["httpsd"]) {
file { "/etc/httpd/conf.https.d/${name}":
ensure => $https ? {
true => present,
default => absent,
},
mode => 0644,
owner => root,
group => root,
notify => Service["httpsd"],
}
if $source {
File["/etc/httpd/conf.https.d/${name}"] {
source => $source,
}
}
if $content {
File["/etc/httpd/conf.https.d/${name}"] {
content => $content,
}
}
if ! $source and ! $content {
File["/etc/httpd/conf.https.d/${name}"] {
source => "/etc/httpd/conf.d/${name}",
}
}
if $require {
File["/etc/httpd/conf.https.d/${name}"] {
require => $require,
}
}
}
}
}
if defined(Service["httpsd"]) {
file { "/etc/httpd/conf.https.d/${name}":
ensure => $https ? {
true => present,
default => absent,
},
}
# Enable module on Debian/Ubuntu Apache.
#
# === Parameters
#
# $name:
# Module name.
# $source:
# Source for optional module configuration.
# $content:
# Content for optional module configuration.
# See also $source.
# $require:
# Dependencies for the module file.
#
define apache::a2enmod($source="", $content="") {
exec { "a2enmod-${name}":
path => "/bin:/usr/bin:/sbin:/usr/sbin",
command => "a2enmod ${name}",
unless => "test -h /etc/apache2/mods-enabled/${name}.load",
notify => Service["apache2"],
require => Package["httpd"],
}
if $source or $content {
file { "/etc/apache2/mods-available/${name}.conf":
mode => 0644,
owner => root,
group => root,
notify => Service["httpsd"],
notify => Service["apache2"],
before => Exec["a2enmod-${name}"],
}
if $source {
File["/etc/httpd/conf.https.d/${name}"] {
File["/etc/apache2/mods-available/${name}.conf"] {
source => $source,
}
}
if $content {
File["/etc/httpd/conf.https.d/${name}"] {
File["/etc/apache2/mods-available/${name}.conf"] {
content => $content,
}
}
if ! $source and ! $content {
File["/etc/httpd/conf.https.d/${name}"] {
source => "/etc/httpd/conf.d/${name}",
}
}
if $require {
File["/etc/httpd/conf.https.d/${name}"] {
require => $require,
}
}
}
}

236
apache/templates/apache2.conf.erb Normal file
View file

@ -0,0 +1,236 @@
#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.2/ for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "/var/log/apache2/foo.log"
# with ServerRoot set to "" will be interpreted by the
# server as "//var/log/apache2/foo.log".
#
### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at <URL:http://httpd.apache.org/docs-2.1/mod/mpm_common.html#lockfile>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
ServerRoot "/etc/apache2"
#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
#<IfModule !mpm_winnt.c>
#<IfModule !mpm_netware.c>
LockFile /var/lock/apache2/accept.lock
#</IfModule>
#</IfModule>
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15
##
## Server-Pool Size Regulation (MPM specific)
##
# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# event MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_event_module>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy all
</Files>
#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog /srv/www/log/http/<%= fqdn %>/error_log
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn
# Include module configuration:
Include /etc/apache2/mods-enabled/*.load
Include /etc/apache2/mods-enabled/*.conf
# Include all the user configurations:
Include /etc/apache2/httpd.conf
# Include ports listing
Include /etc/apache2/ports.conf
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
#
# Define an access log for VirtualHosts that don't define their own logfile
CustomLog /srv/www/log/http/<%= fqdn %>/access_log combined
# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.
# Include generic snippets of statements
Include /etc/apache2/conf.d/
# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/

19
apache/templates/apache2.envvars.erb Normal file
View file

@ -0,0 +1,19 @@
# envvars - default environment variables for apache2ctl
# Since there is no sane way to get the parsed apache2 config in scripts, some
# settings are defined via environment variables and then used in apache2ctl,
# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc.
export APACHE_RUN_USER=<%= httpd_user %>
export APACHE_RUN_GROUP=<%= httpd_group %>
export APACHE_PID_FILE=/var/run/apache2.pid
## The locale used by some modules like mod_dav
export LANG=C
## Uncomment the following line to use the system default locale instead:
#. /etc/default/locale
export LANG
## The command to get the status for 'apache2ctl status'.
## Some packages providing 'www-browser' need '--dump' instead of '-dump'.
#export APACHE_LYNX='www-browser -dump'