summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--manifests/vhost/proxy.pp52
l---------templates/vhosts/proxy/CentOS.erb1
l---------templates/vhosts/proxy/Debian.erb1
l---------templates/vhosts/proxy/OpenBSD.erb1
-rw-r--r--templates/vhosts/proxy/proxy.erb78
5 files changed, 133 insertions, 0 deletions
diff --git a/manifests/vhost/proxy.pp b/manifests/vhost/proxy.pp
new file mode 100644
index 0000000..c0a00ff
--- /dev/null
+++ b/manifests/vhost/proxy.pp
@@ -0,0 +1,52 @@
+# Proxy VHost
+# Parameters:
+#
+# - ensure: wether this vhost is `present` or `absent`
+# - domain: the domain to redirect (*name*)
+# - domainalias: A list of whitespace seperated domains to redirect
+# - target_url: the url to be proxied. Note: We don't want http://example.com/foobar only example.com/foobar
+# - server_admin: the email that is shown as responsible
+# - ssl_mode: wether this vhost supports ssl or not
+# - false: don't enable ssl for this vhost (default)
+# - true: enable ssl for this vhost
+# - force: enable ssl and redirect non-ssl to ssl
+# - only: enable ssl only
+#
+# logmode:
+#
+# - default: Do normal logging to CustomLog and ErrorLog
+# - nologs: Send every logging to /dev/null
+# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null
+# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
+#
+define apache::vhost::redirect(
+ $ensure = present,
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $target_url,
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $ssl_mode = false
+){
+ # create vhost configuration file
+ # we use the options field as the target_url
+ ::apache::vhost::template{$name:
+ ensure => $ensure,
+ template_mode => 'proxy',
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ logpath => $operatingsystem ? {
+ openbsd => '/var/www/logs',
+ centos => '/var/log/httpd',
+ default => '/var/log/apache2'
+ },
+ logmode => $logmode,
+ allow_override => $allow_override,
+ run_mode => 'normal',
+ mod_security => false,
+ options => $target_url,
+ ssl_mode => $ssl_mode,
+ }
+}
+
diff --git a/templates/vhosts/proxy/CentOS.erb b/templates/vhosts/proxy/CentOS.erb
new file mode 120000
index 0000000..15a1b7c
--- /dev/null
+++ b/templates/vhosts/proxy/CentOS.erb
@@ -0,0 +1 @@
+proxy.erb \ No newline at end of file
diff --git a/templates/vhosts/proxy/Debian.erb b/templates/vhosts/proxy/Debian.erb
new file mode 120000
index 0000000..15a1b7c
--- /dev/null
+++ b/templates/vhosts/proxy/Debian.erb
@@ -0,0 +1 @@
+proxy.erb \ No newline at end of file
diff --git a/templates/vhosts/proxy/OpenBSD.erb b/templates/vhosts/proxy/OpenBSD.erb
new file mode 120000
index 0000000..15a1b7c
--- /dev/null
+++ b/templates/vhosts/proxy/OpenBSD.erb
@@ -0,0 +1 @@
+proxy.erb \ No newline at end of file
diff --git a/templates/vhosts/proxy/proxy.erb b/templates/vhosts/proxy/proxy.erb
new file mode 100644
index 0000000..5d94e69
--- /dev/null
+++ b/templates/vhosts/proxy/proxy.erb
@@ -0,0 +1,78 @@
+# <%= servername %>
+<%- unless ssl_mode.to_s == 'only' then -%>
+<VirtualHost *:80>
+ Include include.d/defaults.inc
+ ServerName <%= servername %>
+ <%- unless serveralias.to_s.empty? then -%>
+ ServerAlias <%= serveralias %>
+ <%- end -%>
+ <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
+ ServerAdmin <%= server_admin %>
+ <%- end -%>
+
+ <%- case logmode.to_s
+ when 'nologs' -%>
+ ErrorLog /dev/null
+ CustomLog /dev/null
+ <%- when 'semianonym' -%>
+ ErrorLog <%= logdir %>/error_log
+ CustomLog <%= logdir %>/access_log noip
+ <%- when 'anonym' -%>
+ ErrorLog /dev/null
+ CustomLog <%= logdir %>/access_log noip
+ <%- else -%>
+ ErrorLog <%= logdir %>/error_log
+ CustomLog <%= logdir %>/access_log combined
+ <%- end -%>
+ <%- if ssl_mode.to_s == 'force' then -%>
+ RewriteEngine On
+ RewriteCond %{HTTPS} !=on
+ RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L]
+ <% else -%>
+ <Proxy *>
+ Order deny,allow
+ Allow from all
+ </Proxy>
+ ProxyRequests Off
+ ProxyPass / <%= options %>/
+ ProxyPassReverse / <%= options %>/
+ <%- end -%>
+</VirtualHost>
+<%- end -%>
+
+<%- unless ssl_mode.to_s == 'false' then -%>
+<VirtualHost *:443>
+ Include include.d/defaults.inc
+ Include include.d/ssl_defaults.inc
+ ServerName <%= servername %>
+ <%- unless serveralias.to_s.empty? then -%>
+ ServerAlias <%= serveralias %>
+ <%- end -%>
+ <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%>
+ ServerAdmin <%= server_admin %>
+ <%- end -%>
+
+ <%- case logmode.to_s
+ when 'nologs' -%>
+ ErrorLog /dev/null
+ CustomLog /dev/null
+ <%- when 'semianonym' -%>
+ ErrorLog <%= logdir %>/error_log
+ CustomLog <%= logdir %>/access_log noip
+ <%- when 'anonym' -%>
+ ErrorLog /dev/null
+ CustomLog <%= logdir %>/access_log noip
+ <%- else -%>
+ ErrorLog <%= logdir %>/error_log
+ CustomLog <%= logdir %>/access_log combined
+ <%- end -%>
+
+ <Proxy *>
+ Order deny,allow
+ Allow from all
+ </Proxy>
+ ProxyRequests Off
+ ProxyPass / <%= options %>/
+ ProxyPassReverse / <%= options %>/
+</VirtualHost>
+<%- end -%>