summaryrefslogtreecommitdiff
path: root/puppet/modules/apache/manifests/vhost/php/webapp.pp
diff options
context:
space:
mode:
authorMicah <micah@leap.se>2016-05-24 10:19:28 -0400
committerMicah <micah@leap.se>2016-05-24 10:19:28 -0400
commit7fa061f6ed030a3deb903ea32f23d484210089f0 (patch)
tree7fec9ff67d10f3b3f8ab19cbfb7a5e21edd9fbb5 /puppet/modules/apache/manifests/vhost/php/webapp.pp
parent8f1fd7c7e042539f3095541b8859276e4dad6629 (diff)
parent807877b736c5f56689229b31024861f19a9b0ac6 (diff)
Merge commit '807877b736c5f56689229b31024861f19a9b0ac6' as 'puppet/modules/apache'
Diffstat (limited to 'puppet/modules/apache/manifests/vhost/php/webapp.pp')
-rw-r--r--puppet/modules/apache/manifests/vhost/php/webapp.pp148
1 files changed, 148 insertions, 0 deletions
diff --git a/puppet/modules/apache/manifests/vhost/php/webapp.pp b/puppet/modules/apache/manifests/vhost/php/webapp.pp
new file mode 100644
index 00000000..695120d0
--- /dev/null
+++ b/puppet/modules/apache/manifests/vhost/php/webapp.pp
@@ -0,0 +1,148 @@
+# run_mode: controls in which mode the vhost should be run, there are different setups
+# possible:
+# - normal: (*default*) run vhost with the current active worker (default: prefork) don't
+# setup anything special
+# - itk: run vhost with the mpm_itk module (Incompatibility: cannot be used in combination
+# with 'proxy-itk' & 'static-itk' mode)
+# - proxy-itk: run vhost with a dual prefork/itk setup, where prefork just proxies all the
+# requests for the itk setup, that listens only on the loobpack device.
+# (Incompatibility: cannot be used in combination with the itk setup.)
+# - static-itk: run vhost with a dual prefork/itk setup, where prefork serves all the static
+# content and proxies the dynamic calls to the itk setup, that listens only on
+# the loobpack device (Incompatibility: cannot be used in combination with
+# 'itk' mode)
+#
+# run_uid: the uid the vhost should run as with the itk module
+# run_gid: the gid the vhost should run as with the itk module
+#
+# mod_security: Whether we use mod_security or not (will include mod_security module)
+# - false: don't activate mod_security
+# - true: (*default*) activate mod_security
+#
+# logmode:
+# - default: Do normal logging to CustomLog and ErrorLog
+# - nologs: Send every logging to /dev/null
+# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null
+# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
+define apache::vhost::php::webapp(
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $path = 'absent',
+ $manage_webdir = true,
+ $manage_docroot = true,
+ $owner = root,
+ $group = apache,
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = '0640',
+ $run_mode = 'normal',
+ $run_uid = 'absent',
+ $run_gid = 'absent',
+ $allow_override = 'None',
+ $php_settings = {},
+ $php_options = {},
+ $php_installation = 'system',
+ $do_includes = false,
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $mod_security = true,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent',
+ $ssl_mode = false,
+ $vhost_mode = 'template',
+ $template_partial,
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent',
+ $manage_config = true,
+ $config_file = 'absent',
+ $config_webwriteable = false,
+ $manage_directories = true,
+ $managed_directories = 'absent',
+){
+ if ($ensure != 'absent') {
+ if $manage_directories and ($managed_directories != 'absent') {
+ ::apache::file::rw{ $managed_directories :
+ owner => $documentroot_owner,
+ group => $documentroot_group,
+ }
+ }
+
+ if $manage_config {
+ if $config_file == 'absent' { fail("No config file defined for ${name} on ${::fqdn}, if you'd like to manage the config, you have to add one!") }
+
+ $real_path = $path ? {
+ 'absent' => $::operatingsystem ? {
+ openbsd => "/var/www/htdocs/${name}",
+ default => "/var/www/vhosts/${name}"
+ },
+ default => $path
+ }
+ $documentroot = "${real_path}/www"
+ ::apache::vhost::file::documentrootfile{"configurationfile_${name}":
+ documentroot => $documentroot,
+ filename => $config_file,
+ thedomain => $name,
+ owner => $documentroot_owner,
+ group => $documentroot_group,
+ }
+ if $config_webwriteable {
+ Apache::Vhost::File::Documentrootfile["configurationfile_${name}"]{
+ mode => '0660',
+ }
+ } else {
+ Apache::Vhost::File::Documentrootfile["configurationfile_${name}"]{
+ mode => '0440',
+ }
+ }
+ }
+ }
+
+ # create vhost configuration file
+ ::apache::vhost::php::standard{$name:
+ ensure => $ensure,
+ configuration => $configuration,
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ logmode => $logmode,
+ path => $path,
+ manage_webdir => $manage_webdir,
+ manage_docroot => $manage_docroot,
+ owner => $owner,
+ group => $group,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
+ run_mode => $run_mode,
+ run_uid => $run_uid,
+ run_gid => $run_gid,
+ allow_override => $allow_override,
+ php_settings => $php_settings,
+ php_options => $php_options,
+ php_installation => $php_installation,
+ do_includes => $do_includes,
+ options => $options,
+ additional_options => $additional_options,
+ default_charset => $default_charset,
+ mod_security => $mod_security,
+ mod_security_relevantonly => $mod_security_relevantonly,
+ mod_security_rules_to_disable => $mod_security_rules_to_disable,
+ mod_security_additional_options => $mod_security_additional_options,
+ ssl_mode => $ssl_mode,
+ vhost_mode => $vhost_mode,
+ template_partial => $template_partial,
+ vhost_source => $vhost_source,
+ vhost_destination => $vhost_destination,
+ htpasswd_file => $htpasswd_file,
+ htpasswd_path => $htpasswd_path,
+ }
+}
+