diff options
| author | mh <mh@immerda.ch> | 2010-01-30 17:09:34 +0100 |
|---|---|---|
| committer | mh <mh@immerda.ch> | 2010-01-30 17:09:34 +0100 |
| commit | 7aafb4dbfe33f19d0a2a82d5bab79d77deb27853 (patch) | |
| tree | 9140ab7df68e205dc92037d5180daead7d871242 /manifests | |
| parent | 42ca80476bcdb1da0e5e516d08a9b06ec32c6f26 (diff) | |
| parent | 550fa2b0a405e9bda6e2d82a1e423396a7ffdaa8 (diff) | |
merged with lavamind
Diffstat (limited to 'manifests')
32 files changed, 143 insertions, 49 deletions
diff --git a/manifests/base.pp b/manifests/base.pp index a6953bc..5f2bac3 100644 --- a/manifests/base.pp +++ b/manifests/base.pp @@ -9,6 +9,11 @@ class apache::base { ensure => directory, owner => root, group => 0, mode => 0755; } + file{'include_dir': + path => '/etc/apache2/include.d', + ensure => directory, + owner => root, group => 0, mode => 0755; + } file{'modules_dir': path => '/etc/apache2/modules.d', ensure => directory, @@ -36,7 +41,7 @@ class apache::base { owner => root, group => 0, mode => 0644; } - apache::config::file{ 'defaults.inc': } - apache::config::file{ 'git.conf': } + apache::config::include{ 'defaults.inc': } + apache::config::global{ 'git.conf': } apache::vhost::file { '0-default': } } diff --git a/manifests/centos.pp b/manifests/centos.pp index 23c8e3c..cb47adc 100644 --- a/manifests/centos.pp +++ b/manifests/centos.pp @@ -15,6 +15,9 @@ class apache::centos inherits apache::package { File[config_dir]{ path => "$config_dir/conf.d", } + File[include_dir]{ + path => "$config_dir/include.d", + } File[modules_dir]{ path => "$config_dir/modules.d", } @@ -25,19 +28,19 @@ class apache::centos inherits apache::package { path => '/var/www/html/index.html', } - file{'/etc/sysconfig/httpd': - source => [ "puppet://$server/modules/site-apache/sysconfig/${fqdn}/httpd", - "puppet://$server/modules/site-apache/sysconfig/httpd", - "puppet://$server/modules/apache/sysconfig/${operatingsystem}/httpd", - "puppet://$server/modules/apache/sysconfig/httpd" ], - require => Package['apache'], - notify => Service['apache'], - owner => root, group => 0, mode => 0644; + file{'apache_service_config': + path => '/etc/sysconfig/httpd', + source => [ "puppet://$server/modules/site-apache/service/CentOS/${fqdn}/httpd", + "puppet://$server/modules/site-apache/service/CentOS/httpd", + "puppet://$server/modules/apache/service/CentOS/httpd" ], + require => Package['apache'], + notify => Service['apache'], + owner => root, group => 0, mode => 0644; } include apache::logrotate::centos - apache::config::file{ 'welcome.conf': } - apache::config::file{ 'vhosts.conf': } + apache::config::global{ 'welcome.conf': } + apache::config::global{ 'vhosts.conf': } } diff --git a/manifests/centos/itk.pp b/manifests/centos/itk.pp index 98939c2..94f0f1c 100644 --- a/manifests/centos/itk.pp +++ b/manifests/centos/itk.pp @@ -4,10 +4,9 @@ class apache::centos::itk inherits apache::centos { Package['apache']{ name => 'httpd-itk', } - File['/etc/sysconfig/httpd']{ - source => [ "puppet://$server/modules/site-apache/sysconfig/${fqdn}/httpd.itk", - "puppet://$server/modules/site-apache/sysconfig/httpd.itk", - "puppet://$server/modules/apache/sysconfig/${operatingsystem}/httpd.itk", - "puppet://$server/modules/apache/sysconfig/httpd.itk" ], + File['apache_service_config']{ + source => [ "puppet://$server/modules/site-apache/service/CentOS/${fqdn}/httpd.itk", + "puppet://$server/modules/site-apache/service/CentOS/httpd.itk", + "puppet://$server/modules/apache/service/CentOS/httpd.itk" ], } } diff --git a/manifests/config/file.pp b/manifests/config/file.pp index a72aacf..d72ba2e 100644 --- a/manifests/config/file.pp +++ b/manifests/config/file.pp @@ -1,18 +1,25 @@ -# deploy apache (.conf) configuration file (non-vhost) +# deploy apache configuration file +# by default we assume it's a global configuration file define apache::config::file( $ensure = present, + $type = 'global', $source = 'absent', $content = 'absent', $destination = 'absent' ){ + case $type { + 'include': { $confdir = 'include.d' } + 'global': { $confdir = 'conf.d' } + default: { fail("Wrong config file type specified for ${name}") } + } $real_destination = $destination ? { 'absent' => $operatingsystem ? { - centos => "$apache::centos::config_dir/conf.d/${name}", - gentoo => "$apache::gentoo::config_dir/${name}", - debian => "$apache::debian::config_dir/conf.d/${name}", - ubuntu => "$apache::ubuntu::config_dir/conf.d/${name}", - openbsd => "$apache::openbsd::config_dir/conf.d/${name}", - default => "/etc/apache2/${name}", + centos => "${apache::centos::config_dir}/${confdir}/${name}", + gentoo => "${apache::gentoo::config_dir}/${name}", + debian => "${apache::debian::config_dir}/${confdir}/${name}", + ubuntu => "${apache::ubuntu::config_dir}/${confdir}/${name}", + openbsd => "${apache::openbsd::config_dir}/${confdir}/${name}", + default => "/etc/apache2/${confdir}/${name}", }, default => $destination } @@ -26,16 +33,16 @@ define apache::config::file( 'absent': { $real_source = $source ? { 'absent' => [ - "puppet://$server/modules/site-apache/conf.d/${fqdn}/${name}", - "puppet://$server/modules/site-apache/conf.d/${apache_cluster_node}/${name}", - "puppet://$server/modules/site-apache/conf.d/${operatingsystem}.${lsbdistcodename}/${name}", - "puppet://$server/modules/site-apache/conf.d/${operatingsystem}/${name}", - "puppet://$server/modules/site-apache/conf.d/${name}", - "puppet://$server/modules/apache/conf.d/${operatingsystem}.${lsbdistcodename}/${name}", - "puppet://$server/modules/apache/conf.d/${operatingsystem}/${name}", - "puppet://$server/modules/apache/conf.d/${name}" + "puppet://${server}/modules/site-apache/${confdir}/${fqdn}/${name}", + "puppet://${server}/modules/site-apache/${confdir}/${apache_cluster_node}/${name}", + "puppet://${server}/modules/site-apache/${confdir}/${operatingsystem}.${lsbdistcodename}/${name}", + "puppet://${server}/modules/site-apache/${confdir}/${operatingsystem}/${name}", + "puppet://${server}/modules/site-apache/${confdir}/${name}", + "puppet://${server}/modules/apache/${confdir}/${operatingsystem}.${lsbdistcodename}/${name}", + "puppet://${server}/modules/apache/${confdir}/${operatingsystem}/${name}", + "puppet://${server}/modules/apache/${confdir}/${name}" ], - default => "puppet://$server/$source", + default => "puppet://${server}/${source}", } File["apache_${name}"]{ source => $real_source, diff --git a/manifests/config/global.pp b/manifests/config/global.pp new file mode 100644 index 0000000..5bb075b --- /dev/null +++ b/manifests/config/global.pp @@ -0,0 +1,16 @@ +# deploy apache configuration file (global) +# wrapper for apache::config::file +define apache::config::global( + $ensure = present, + $source = 'absent', + $content = 'absent', + $destination = 'absent' +){ + apache::config::file { "${name}": + ensure => $ensure, + type => 'global', + source => $source, + content => $content, + destination => $destination, + } +} diff --git a/manifests/config/include.pp b/manifests/config/include.pp new file mode 100644 index 0000000..b58073f --- /dev/null +++ b/manifests/config/include.pp @@ -0,0 +1,15 @@ +# deploy apache configuration file (includes for vhosts) +define apache::config::include( + $ensure = present, + $source = 'absent', + $content = 'absent', + $destination = 'absent' +){ + apache::config::file { "${name}": + ensure => $ensure, + type => 'include', + source => $source, + content => $content, + destination => $destination, + } +} diff --git a/manifests/debian.pp b/manifests/debian.pp index b16dc9d..e07920f 100644 --- a/manifests/debian.pp +++ b/manifests/debian.pp @@ -3,7 +3,7 @@ class apache::debian inherits apache::package { $config_dir = '/etc/apache2' Package[apache] { - name => 'apache2', + name => 'apache2', } File[vhosts_dir] { path => "${config_dir}/sites-enabled", @@ -18,5 +18,22 @@ class apache::debian inherits apache::package { File[default_apache_index] { path => '/var/www/index.html', } + file { 'apache_main_config': + path => "${config_dir}/apache2.conf", + source => [ "puppet://$server/modules/site-apache/config/Debian.${lsbdistcodename}/${fqdn}/apache2.conf", + "puppet://$server/modules/site-apache/config/Debian/{$fqdn}/apache2.conf", + "puppet://$server/modules/site-apache/config/Debian.${lsbdistcodename}/apache2.conf", + "puppet://$server/modules/site-apache/config/Debian/apache2.conf", + "puppet://$server/modules/apache/config/Debian/apache2.conf" ], + require => Package['apache'], + notify => Service['apache'], + owner => root, group => 0, mode => 0644; + } + apache::config::global{ 'charset': } + apache::config::global{ 'security': } + file { 'default_debian_apache_vhost': + path => '/etc/apache2/sites-enabled/000-default', + ensure => absent, + } } diff --git a/manifests/debian/itk.pp b/manifests/debian/itk.pp new file mode 100644 index 0000000..2dde883 --- /dev/null +++ b/manifests/debian/itk.pp @@ -0,0 +1,9 @@ +class apache::debian::itk inherits apache::debian { + File['htpasswd_dir']{ + group => 0, + mode => 0644, + } + Package['apache']{ + name => 'apache2-mpm-itk', + } +} diff --git a/manifests/includes.pp b/manifests/includes.pp index fa31e59..02502f8 100644 --- a/manifests/includes.pp +++ b/manifests/includes.pp @@ -1,5 +1,5 @@ # manifests/includes.pp class apache::includes { - apache::config::file{'do_includes.conf':} + apache::config::global{'do_includes.conf':} } diff --git a/manifests/itk.pp b/manifests/itk.pp index 2f54769..640b69c 100644 --- a/manifests/itk.pp +++ b/manifests/itk.pp @@ -5,6 +5,7 @@ class apache::itk inherits apache { case $operatingsystem { centos: { include ::apache::centos::itk } + debian: { include ::apache::debian::itk } default: { include ::apache::base::itk } } } diff --git a/manifests/joomla.pp b/manifests/joomla.pp index 02f398b..45d0b48 100644 --- a/manifests/joomla.pp +++ b/manifests/joomla.pp @@ -1,5 +1,5 @@ # manifests/joomla.pp class apache::joomla { - apache::config::file{'joomla.inc': } + apache::config::include{'joomla.inc': } } diff --git a/manifests/openbsd.pp b/manifests/openbsd.pp index 606bdc6..2cf5fd4 100644 --- a/manifests/openbsd.pp +++ b/manifests/openbsd.pp @@ -11,6 +11,9 @@ class apache::openbsd inherits apache::base { File[config_dir]{ path => "$config_dir/conf.d", } + File[include_dir]{ + path => "$config_dir/include.d", + } File['htpasswd_dir']{ group => www, } @@ -21,12 +24,12 @@ class apache::openbsd inherits apache::base { file => '/etc/rc.conf.local', line => 'httpd flags=""', } - file{"$config_dir/conf/httpd.conf": - source => [ "puppet://$server/modules/site-apache/conf/${fqdn}/httpd.conf", - "puppet://$server/modules/site-apache/conf/${apache_cluster_node}/httpd.conf", - "puppet://$server/modules/site-apache/conf/httpd.conf", - "puppet://$server/modules/apache/conf/${operatingsystem}/httpd.conf", - "puppet://$server/modules/apache/conf/httpd.conf" ], + file{'apache_main_config': + path => "${config_dir}/conf/httpd.conf", + source => [ "puppet://$server/modules/site-apache/config/OpenBSD/${fqdn}/httpd.conf", + "puppet://$server/modules/site-apache/config/OpenBSD/${apache_cluster_node}/httpd.conf", + "puppet://$server/modules/site-apache/config/OpenBSD//httpd.conf", + "puppet://$server/modules/apache/config/OpenBSD/httpd.conf" ], notify => Service['apache'], owner => root, group => 0, mode => 0644; } @@ -34,7 +37,7 @@ class apache::openbsd inherits apache::base { path => '/var/www/htdocs/default/www/index.html', } file{'/opt/bin/restart_apache.sh': - source => "puppet://$server/modules/apache/OpenBSD/bin/restart_apache.sh", + source => "puppet://$server/modules/apache/scripts/OpenBSD/bin/restart_apache.sh", require => File['/opt/bin'], owner => root, group => 0, mode => 0700; } @@ -48,7 +51,7 @@ class apache::openbsd inherits apache::base { stop => 'apachectl stop', } file{'/opt/bin/apache_logrotate.sh': - source => "puppet://$server/modules/apache/OpenBSD/bin/apache_logrotate.sh", + source => "puppet://$server/modules/apache/scripts/OpenBSD/bin/apache_logrotate.sh", require => File['/opt/bin'], owner => root, group => 0, mode => 0700; } diff --git a/manifests/ssl/base.pp b/manifests/ssl/base.pp index 72f61fd..4aabb40 100644 --- a/manifests/ssl/base.pp +++ b/manifests/ssl/base.pp @@ -1,4 +1,4 @@ class apache::ssl::base { - ::apache::config::file{ 'ssl_defaults.inc': } + ::apache::config::include{ 'ssl_defaults.inc': } ::apache::vhost::file{ '0-default_ssl': } } diff --git a/manifests/ssl/centos.pp b/manifests/ssl/centos.pp index a516f02..b2c8ad8 100644 --- a/manifests/ssl/centos.pp +++ b/manifests/ssl/centos.pp @@ -4,5 +4,5 @@ class apache::ssl::centos inherits apache::ssl::base { ensure => present, require => Package[apache], } - ::apache::config::file{ 'ssl.conf': } + ::apache::config::global{ 'ssl.conf': } } diff --git a/manifests/ssl/openbsd.pp b/manifests/ssl/openbsd.pp index edf6829..6d357ee 100644 --- a/manifests/ssl/openbsd.pp +++ b/manifests/ssl/openbsd.pp @@ -10,7 +10,7 @@ class apache::ssl::openbsd inherits apache::openbsd { } File['/opt/bin/restart_apache.sh']{ - source => "puppet://$server/modules/apache/OpenBSD/bin/restart_apache_ssl.sh", + source => "puppet://$server/modules/apache/scripts/OpenBSD/bin/restart_apache_ssl.sh", } Service['apache']{ start => 'apachectl startssl', diff --git a/manifests/status/centos.pp b/manifests/status/centos.pp index a7692dd..d893707 100644 --- a/manifests/status/centos.pp +++ b/manifests/status/centos.pp @@ -1,5 +1,5 @@ ### centos class apache::status::centos { - ::apache::config::file{ 'status.conf': } + ::apache::config::global{ 'status.conf': } } diff --git a/manifests/vhost.pp b/manifests/vhost.pp index c889bfa..f1a20f0 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -43,6 +43,7 @@ define apache::vhost( $htpasswd_file = 'absent', $htpasswd_path = 'absent', $mod_security = true, + $mod_security_relevantonly = true, $use_mod_macro = false, $ldap_auth = false, $ldap_user = 'any' diff --git a/manifests/vhost/modperl.pp b/manifests/vhost/modperl.pp index eb78c42..88e7e52 100644 --- a/manifests/vhost/modperl.pp +++ b/manifests/vhost/modperl.pp @@ -25,6 +25,7 @@ define apache::vhost::modperl( $additional_options = 'absent', $default_charset = 'absent', $mod_security = true, + $mod_security_relevantonly = true, $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', diff --git a/manifests/vhost/passenger.pp b/manifests/vhost/passenger.pp index 633721c..0279374 100644 --- a/manifests/vhost/passenger.pp +++ b/manifests/vhost/passenger.pp @@ -26,6 +26,7 @@ define apache::vhost::passenger( $additional_options = 'absent', $default_charset = 'absent', $mod_security = true, + $mod_security_relevantonly = true, $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', diff --git a/manifests/vhost/php/drupal.pp b/manifests/vhost/php/drupal.pp index 68679c5..9bd5f2e 100644 --- a/manifests/vhost/php/drupal.pp +++ b/manifests/vhost/php/drupal.pp @@ -34,6 +34,7 @@ define apache::vhost::php::drupal( $additional_options = 'absent', $default_charset = 'absent', $mod_security = true, + $mod_security_relevantonly = true, $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', diff --git a/manifests/vhost/php/joomla.pp b/manifests/vhost/php/joomla.pp index 39d224e..2239f52 100644 --- a/manifests/vhost/php/joomla.pp +++ b/manifests/vhost/php/joomla.pp @@ -34,6 +34,7 @@ define apache::vhost::php::joomla( $additional_options = 'absent', $default_charset = 'absent', $mod_security = true, + $mod_security_relevantonly = true, $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', diff --git a/manifests/vhost/php/mediawiki.pp b/manifests/vhost/php/mediawiki.pp index d2cf346..e2f6827 100644 --- a/manifests/vhost/php/mediawiki.pp +++ b/manifests/vhost/php/mediawiki.pp @@ -34,6 +34,7 @@ define apache::vhost::php::mediawiki( $additional_options = 'absent', $default_charset = 'absent', $mod_security = true, + $mod_security_relevantonly = true, $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', diff --git a/manifests/vhost/php/simplemachine.pp b/manifests/vhost/php/simplemachine.pp index 08916db..0f76528 100644 --- a/manifests/vhost/php/simplemachine.pp +++ b/manifests/vhost/php/simplemachine.pp @@ -34,6 +34,7 @@ define apache::vhost::php::simplemachine( $additional_options = 'absent', $default_charset = 'absent', $mod_security = true, + $mod_security_relevantonly = true, $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', diff --git a/manifests/vhost/php/spip.pp b/manifests/vhost/php/spip.pp index cacd5e9..7b04b41 100644 --- a/manifests/vhost/php/spip.pp +++ b/manifests/vhost/php/spip.pp @@ -34,6 +34,7 @@ define apache::vhost::php::spip( $additional_options = 'absent', $default_charset = 'absent', $mod_security = true, + $mod_security_relevantonly = true, $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', diff --git a/manifests/vhost/php/standard.pp b/manifests/vhost/php/standard.pp index 687696c..249f25f 100644 --- a/manifests/vhost/php/standard.pp +++ b/manifests/vhost/php/standard.pp @@ -41,6 +41,7 @@ define apache::vhost::php::standard( $default_charset = 'absent', $use_mod_macro = false, $mod_security = true, + $mod_security_relevantonly = true, $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', diff --git a/manifests/vhost/php/typo3.pp b/manifests/vhost/php/typo3.pp index 950cba8..28edb84 100644 --- a/manifests/vhost/php/typo3.pp +++ b/manifests/vhost/php/typo3.pp @@ -34,6 +34,7 @@ define apache::vhost::php::typo3( $additional_options = 'absent', $default_charset = 'absent', $mod_security = true, + $mod_security_relevantonly = true, $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', diff --git a/manifests/vhost/php/webapp.pp b/manifests/vhost/php/webapp.pp index e9c7f3e..929f20e 100644 --- a/manifests/vhost/php/webapp.pp +++ b/manifests/vhost/php/webapp.pp @@ -37,6 +37,7 @@ define apache::vhost::php::webapp( $additional_options = 'absent', $default_charset = 'absent', $mod_security = true, + $mod_security_relevantonly = true, $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', diff --git a/manifests/vhost/php/wordpress.pp b/manifests/vhost/php/wordpress.pp index 0b94d4b..31e66e8 100644 --- a/manifests/vhost/php/wordpress.pp +++ b/manifests/vhost/php/wordpress.pp @@ -34,6 +34,7 @@ define apache::vhost::php::wordpress( $additional_options = 'absent', $default_charset = 'absent', $mod_security = true, + $mod_security_relevantonly = true, $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', diff --git a/manifests/vhost/static.pp b/manifests/vhost/static.pp index 50bb3d8..6a1228a 100644 --- a/manifests/vhost/static.pp +++ b/manifests/vhost/static.pp @@ -23,7 +23,8 @@ define apache::vhost::static( $vhost_destination = 'absent', $htpasswd_file = 'absent', $htpasswd_path = 'absent', - $mod_security = false + $mod_security = false, + $mod_security_relevantonly = true ){ # create webdir ::apache::vhost::webdir{$name: diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index d42f65c..b0b2e8d 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -48,6 +48,7 @@ define apache::vhost::template( $template_mode = 'static', $ssl_mode = false, $mod_security = true, + $mod_security_relevantonly = true, $use_mod_macro = false, $htpasswd_file = 'absent', $htpasswd_path = 'absent', diff --git a/manifests/vhost/webdav.pp b/manifests/vhost/webdav.pp index 81a43eb..73c4a7a 100644 --- a/manifests/vhost/webdav.pp +++ b/manifests/vhost/webdav.pp @@ -26,6 +26,7 @@ define apache::vhost::webdav( $additional_options = 'absent', $default_charset = 'absent', $mod_security = false, + $mod_security_relevantonly = true, $ssl_mode = false, $vhost_mode = 'template', $vhost_source = 'absent', diff --git a/manifests/vhost/webdir.pp b/manifests/vhost/webdir.pp index 20ce44f..4fa9003 100644 --- a/manifests/vhost/webdir.pp +++ b/manifests/vhost/webdir.pp @@ -33,6 +33,7 @@ define apache::vhost::webdir( if $apache_default_user == '' { $real_owner = $operatingsystem ? { openbsd => 'www', + debian => 'www-data', default => $owner } } else { @@ -45,6 +46,7 @@ define apache::vhost::webdir( if $apache_default_group == '' { $real_group = $operatingsystem ? { openbsd => 'www', + debian => 'www-data', default => $group } } else { @@ -58,6 +60,7 @@ define apache::vhost::webdir( if $apache_default_user == '' { $real_documentroot_owner = $operatingsystem ? { openbsd => 'www', + debian => 'www-data', default => $documentroot_owner } } else { @@ -70,6 +73,7 @@ define apache::vhost::webdir( if $apache_default_group == '' { $real_documentroot_group = $operatingsystem ? { openbsd => 'www', + debian => 'www-data', default => $documentroot_group } } else { |