From 4c0ffdbd5d910131c139271761cb55272a2c5dc1 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 9 Jun 2016 12:27:03 +0200 Subject: git subrepo clone https://leap.se/git/puppet_apache puppet/modules/apache subrepo: subdir: "puppet/modules/apache" merged: "415e950" upstream: origin: "https://leap.se/git/puppet_apache" branch: "master" commit: "415e950" git-subrepo: version: "0.3.0" origin: "https://github.com/ingydotnet/git-subrepo.git" commit: "cb2995b" --- puppet/modules/apache/manifests/vhost/modperl.pp | 153 +++++++++++++++++++++++ 1 file changed, 153 insertions(+) create mode 100644 puppet/modules/apache/manifests/vhost/modperl.pp (limited to 'puppet/modules/apache/manifests/vhost/modperl.pp') diff --git a/puppet/modules/apache/manifests/vhost/modperl.pp b/puppet/modules/apache/manifests/vhost/modperl.pp new file mode 100644 index 00000000..31e46b6f --- /dev/null +++ b/puppet/modules/apache/manifests/vhost/modperl.pp @@ -0,0 +1,153 @@ +# run_mode: controls in which mode the vhost should be run, there are different setups +# possible: +# - normal: (*default*) run vhost with the current active worker (default: prefork) don't +# setup anything special +# - itk: run vhost with the mpm_itk module (Incompatibility: cannot be used in combination +# with 'proxy-itk' & 'static-itk' mode) +# - proxy-itk: run vhost with a dual prefork/itk setup, where prefork just proxies all the +# requests for the itk setup, that listens only on the loobpack device. +# (Incompatibility: cannot be used in combination with the itk setup.) +# - static-itk: run vhost with a dual prefork/itk setup, where prefork serves all the static +# content and proxies the dynamic calls to the itk setup, that listens only on +# the loobpack device (Incompatibility: cannot be used in combination with +# 'itk' mode) +# +# run_uid: the uid the vhost should run as with the itk module +# run_gid: the gid the vhost should run as with the itk module +# +# mod_security: Whether we use mod_security or not (will include mod_security module) +# - false: don't activate mod_security +# - true: (*default*) activate mod_security +# +# logmode: +# - default: Do normal logging to CustomLog and ErrorLog +# - nologs: Send every logging to /dev/null +# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null +# - semianonym: Don't log ips for CustomLog, log normal ErrorLog +# +define apache::vhost::modperl( + $ensure = present, + $configuration = configuration, + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $logmode = 'default', + $path = 'absent', + $owner = root, + $group = apache, + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0640, + $run_mode = 'normal', + $run_uid = 'absent', + $run_gid = 'absent', + $allow_override = 'None', + $cgi_binpath = 'absent', + $do_includes = false, + $options = 'absent', + $additional_options = 'absent', + $default_charset = 'absent', + $mod_security = true, + $mod_security_relevantonly = true, + $mod_security_rules_to_disable = [], + $mod_security_additional_options = 'absent', + $ssl_mode = false, + $vhost_mode = 'template', + $template_partial = 'apache/vhosts/perl/partial.erb', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent' +){ + # cgi_bin path + case $cgi_binpath { + 'absent': { + $real_path = $path ? { + 'absent' => $::operatingsystem ? { + openbsd => "/var/www/htdocs/${name}", + default => "/var/www/vhosts/${name}" + }, + default => $path + } + $real_cgi_binpath = "${real_path}/cgi-bin" + } + default: { $real_cgi_binpath = $cgi_binpath } + } + + file{$real_cgi_binpath: + ensure => $ensure ? { + 'absent' => 'absent', + default => directory + }, + owner => $documentroot_owner, + group => $documentroot_group, + mode => $documentroot_mode; + } + + if $ensure != 'absent' { + case $run_mode { + 'proxy-itk','static-itk': { + include ::mod_perl::itk_plus + } + 'fcgid': { + include ::mod_fcgid + include apache::include::mod_fcgid + + # we don't need mod_perl if we run it as fcgid + include ::mod_perl::disable + mod_fcgid::starter {$name: + cgi_type => 'perl', + owner => $run_uid, + group => $run_gid, + notify => Service['apache'], + } + } + default: { include ::mod_perl } + } + } + + # create webdir + ::apache::vhost::webdir{$name: + ensure => $ensure, + path => $path, + owner => $owner, + group => $group, + run_mode => $run_mode, + documentroot_owner => $documentroot_owner, + documentroot_group => $documentroot_group, + documentroot_mode => $documentroot_mode, + } + + # create vhost configuration file + ::apache::vhost{$name: + ensure => $ensure, + configuration => $configuration, + path => $path, + logmode => $logmode, + vhost_mode => $vhost_mode, + template_partial => $template_partial, + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + domain => $domain, + domainalias => $domainalias, + server_admin => $server_admin, + run_mode => $run_mode, + run_uid => $run_uid, + run_gid => $run_gid, + allow_override => $allow_override, + do_includes => $do_includes, + options => $options, + additional_options => $additional_options, + default_charset => $default_charset, + cgi_binpath => $real_cgi_binpath, + ssl_mode => $ssl_mode, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + mod_security => $mod_security, + mod_security_relevantonly => $mod_security_relevantonly, + mod_security_rules_to_disable => $mod_security_rules_to_disable, + mod_security_additional_options => $mod_security_additional_options, + passing_extension => 'pl' + } +} + -- cgit v1.2.3