tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
puppet/apache/manifests/init.pp
Ossi Salmi d5e44df47e Initial version of apache::mod::python.
2009-11-25 21:03:05 +02:00

342 lines
8.6 KiB
Puppet
Raw Blame History

# Install Apache, www logrotate script and cron job.
#
class apache::common {
file { [ "/srv/www",
"/srv/www/log", ]:
ensure => directory,
mode => 0755,
owner => root,
group => root,
}
package { "httpd":
ensure => installed,
}
file { "/usr/local/sbin/www-logrotate.sh":
ensure => present,
source => "puppet:///apache/www-logrotate.sh",
mode => 0755,
owner => root,
group => root,
}
cron { "www-logrotate":
ensure => present,
command => "/usr/local/sbin/www-logrotate.sh",
user => "root",
hour => "0",
minute => "0",
weekday => "1",
require => File["/usr/local/sbin/www-logrotate.sh"],
}
}
# Configure HTTP server.
#
class apache::server inherits apache::common {
file { [ "/etc/httpd/conf.http.d",
"/etc/httpd/site.http.d",
"/srv/www/http",
"/srv/www/http/${fqdn}",
"/srv/www/log/http",
"/srv/www/log/http/${fqdn}", ]:
ensure => directory,
mode => 0755,
owner => root,
group => root,
require => Package["httpd"],
before => File["/etc/httpd/conf/httpd.conf"],
}
file { "/etc/httpd/conf/httpd.conf":
ensure => present,
content => template("apache/httpd.conf.erb"),
require => Package["httpd"],
notify => Service["httpd"],
}
service { "httpd":
ensure => running,
enable => true,
require => [ Package["httpd"],
File["/etc/httpd/conf/httpd.conf"], ],
}
}
# Configure HTTP virtual host.
#
# === Parameters
#
# $name:
# FQDN of virtual host.
# $site_root:
# Path to document root. Defaults to /srv/www/http/$fqdn
# $site_conf:
# Path to custom configuration file. Defaults to a basic template.
#
# === Sample usage
#
# apache::site { "www.example.com":
# site_root => "/roles/prteam/public/public_access",
# site_conf => "puppet:///path/to/www.example.com.conf",
# }
#
define apache::site($site_root="none", $site_conf="none") {
if $name == "default" {
$site_fqdn = $fqdn
} else {
$site_fqdn = $name
if $site_root == "none" {
file { "/srv/www/http/${site_fqdn}":
ensure => directory,
mode => 0755,
owner => root,
group => root,
before => File["/etc/httpd/site.http.d/${site_fqdn}.conf"],
}
} else {
file { "/srv/www/http/${site_fqdn}":
ensure => link,
target => "${site_root}",
before => File["/etc/httpd/site.http.d/${site_fqdn}.conf"],
}
}
file { "/srv/www/log/http/${site_fqdn}":
ensure => directory,
mode => 0755,
owner => root,
group => root,
before => File["/etc/httpd/site.http.d/${site_fqdn}.conf"],
}
}
file { "/etc/httpd/site.http.d/${site_fqdn}.conf":
ensure => present,
notify => Service["httpd"],
}
if $site_conf == "none" {
File["/etc/httpd/site.http.d/${site_fqdn}.conf"] {
content => template("apache/site.http.conf.erb"),
}
} else {
File["/etc/httpd/site.http.d/${site_fqdn}.conf"] {
source => "${site_conf}",
}
}
}
# Configure HTTPS server.
#
class apache::sslserver inherits apache::common {
package { "mod_ssl":
ensure => installed
}
file { [ "/etc/httpd/conf.https.d",
"/etc/httpd/site.https.d",
"/srv/www/https",
"/srv/www/https/${fqdn}",
"/srv/www/log/https",
"/srv/www/log/https/${fqdn}", ]:
ensure => directory,
mode => 0755,
owner => root,
group => root,
require => Package["httpd"],
before => File["/etc/httpd/conf/httpsd.conf"],
}
file { "/etc/httpd/conf/httpsd.conf":
ensure => present,
content => template("apache/httpsd.conf.erb"),
require => Package["httpd"],
notify => Service["httpsd"],
}
file { "/etc/init.d/httpsd":
ensure => present,
source => "puppet:///apache/httpsd",
mode => 0755,
owner => root,
group => root,
}
file { "/usr/sbin/httpsd":
ensure => link,
target => "/usr/sbin/httpd",
}
service { "httpsd":
ensure => running,
enable => true,
require => [ Package["httpd"],
Package["mod_ssl"],
File["/etc/httpd/conf/httpsd.conf"],
File["/etc/init.d/httpsd"],
File["/usr/sbin/httpsd"], ],
}
}
# Configure HTTPS virtual host.
#
# === Parameters
#
# $name:
# FQDN of virtual host.
# $site_root:
# Path to document root. Defaults to /srv/www/https/$fqdn
# $site_conf:
# Path to custom configuration file. Defaults to a basic template.
# $ssl_cert:
# Path to SSL certificate. Defaults to puppetd's certificates.
# $ssl_key:
# Path to SSL private key. Defaults to puppetd's certificates.
# $ssl_chain:
# Path to SSL certificate chain. Defaults to none.
#
# === Sample usage
#
# apache::site { "www.example.com":
# site_root => "/roles/prteam/public/secure_access",
# site_conf => "puppet:///path/to/www.example.com.conf",
# ssl_cert => "puppet:///path/to/www.example.com.crt",
# ssl_key => "puppet:///path/to/www.example.com.key",
# }
#
define apache::sslsite($site_root="none", $site_conf="none",
$ssl_cert="none", $ssl_key="none", $ssl_chain="none") {
if $name == "default" {
$site_fqdn = $fqdn
} else {
$site_fqdn = $name
if $site_root == "none" {
file { "/srv/www/https/${site_fqdn}":
ensure => directory,
mode => 0755,
owner => root,
group => root,
}
} else {
file { "/srv/www/https/${site_fqdn}":
ensure => link,
target => "${site_root}",
}
}
file { "/srv/www/log/https/${site_fqdn}":
ensure => directory,
mode => 0755,
owner => root,
group => root,
}
}
if $ssl_cert == "none" {
$real_ssl_cert = "${puppet_ssldir}/certs/${fqdn}.pem"
} else {
$real_ssl_cert = $ssl_cert
}
file { "/etc/pki/tls/certs/${site_fqdn}.crt":
ensure => present,
source => "${real_ssl_cert}",
mode => 0644,
owner => root,
group => root,
notify => Service["httpsd"],
}
if $ssl_key == "none" {
$real_ssl_key = "${puppet_ssldir}/private_keys/${fqdn}.pem"
} else {
$real_ssl_key = $ssl_key
}
file { "/etc/pki/tls/private/${site_fqdn}.key":
ensure => present,
source => "${real_ssl_key}",
mode => 0600,
owner => root,
group => root,
notify => Service["httpsd"],
}
if $ssl_chain != "none" {
file { "/etc/pki/tls/certs/${site_fqdn}.chain.crt":
ensure => present,
source => "${ssl_chain}",
mode => 0644,
owner => root,
group => root,
notify => Service["httpsd"],
}
}
file { "/etc/httpd/site.https.d/${site_fqdn}.conf":
ensure => present,
notify => Service["httpsd"],
require => [ File["/etc/pki/tls/certs/${site_fqdn}.crt"],
File["/etc/pki/tls/private/${site_fqdn}.key"], ],
}
if $site_conf == "none" {
File["/etc/httpd/site.https.d/${site_fqdn}.conf"] {
content => template("apache/site.https.conf.erb"),
}
} else {
File["/etc/httpd/site.https.d/${site_fqdn}.conf"] {
source => "${site_conf}",
}
}
}
# Install mod_python.
#
class apache::mod::python {
package { "mod_python":
ensure => installed,
require => Package["httpd"],
}
if defined(Service["httpd"]) {
file { "/etc/httpd/conf.http.d/python.conf":
ensure => link,
target => "/etc/httpd/conf.d/python.conf",
require => Package["mod_python"],
notify => Service["httpd"],
}
}
if defined(Service["httpsd"]) {
file { "/etc/httpd/conf.https.d/python.conf":
ensure => link,
target => "/etc/httpd/conf.d/python.conf",
require => Package["mod_python"],
notify => Service["httpsd"],
}
}
}
Reference in a new issue View git blame Copy permalink