diff options
-rw-r--r-- | manifests/vhost/proxy.pp | 52 | ||||
l--------- | templates/vhosts/proxy/CentOS.erb | 1 | ||||
l--------- | templates/vhosts/proxy/Debian.erb | 1 | ||||
l--------- | templates/vhosts/proxy/OpenBSD.erb | 1 | ||||
-rw-r--r-- | templates/vhosts/proxy/proxy.erb | 78 |
5 files changed, 133 insertions, 0 deletions
diff --git a/manifests/vhost/proxy.pp b/manifests/vhost/proxy.pp new file mode 100644 index 0000000..c0a00ff --- /dev/null +++ b/manifests/vhost/proxy.pp @@ -0,0 +1,52 @@ +# Proxy VHost +# Parameters: +# +# - ensure: wether this vhost is `present` or `absent` +# - domain: the domain to redirect (*name*) +# - domainalias: A list of whitespace seperated domains to redirect +# - target_url: the url to be proxied. Note: We don't want http://example.com/foobar only example.com/foobar +# - server_admin: the email that is shown as responsible +# - ssl_mode: wether this vhost supports ssl or not +# - false: don't enable ssl for this vhost (default) +# - true: enable ssl for this vhost +# - force: enable ssl and redirect non-ssl to ssl +# - only: enable ssl only +# +# logmode: +# +# - default: Do normal logging to CustomLog and ErrorLog +# - nologs: Send every logging to /dev/null +# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null +# - semianonym: Don't log ips for CustomLog, log normal ErrorLog +# +define apache::vhost::redirect( + $ensure = present, + $domain = 'absent', + $domainalias = 'absent', + $target_url, + $server_admin = 'absent', + $logmode = 'default', + $ssl_mode = false +){ + # create vhost configuration file + # we use the options field as the target_url + ::apache::vhost::template{$name: + ensure => $ensure, + template_mode => 'proxy', + domain => $domain, + domainalias => $domainalias, + server_admin => $server_admin, + logpath => $operatingsystem ? { + openbsd => '/var/www/logs', + centos => '/var/log/httpd', + default => '/var/log/apache2' + }, + logmode => $logmode, + allow_override => $allow_override, + run_mode => 'normal', + mod_security => false, + options => $target_url, + ssl_mode => $ssl_mode, + } +} + diff --git a/templates/vhosts/proxy/CentOS.erb b/templates/vhosts/proxy/CentOS.erb new file mode 120000 index 0000000..15a1b7c --- /dev/null +++ b/templates/vhosts/proxy/CentOS.erb @@ -0,0 +1 @@ +proxy.erb
\ No newline at end of file diff --git a/templates/vhosts/proxy/Debian.erb b/templates/vhosts/proxy/Debian.erb new file mode 120000 index 0000000..15a1b7c --- /dev/null +++ b/templates/vhosts/proxy/Debian.erb @@ -0,0 +1 @@ +proxy.erb
\ No newline at end of file diff --git a/templates/vhosts/proxy/OpenBSD.erb b/templates/vhosts/proxy/OpenBSD.erb new file mode 120000 index 0000000..15a1b7c --- /dev/null +++ b/templates/vhosts/proxy/OpenBSD.erb @@ -0,0 +1 @@ +proxy.erb
\ No newline at end of file diff --git a/templates/vhosts/proxy/proxy.erb b/templates/vhosts/proxy/proxy.erb new file mode 100644 index 0000000..5d94e69 --- /dev/null +++ b/templates/vhosts/proxy/proxy.erb @@ -0,0 +1,78 @@ +# <%= servername %> +<%- unless ssl_mode.to_s == 'only' then -%> +<VirtualHost *:80> + Include include.d/defaults.inc + ServerName <%= servername %> + <%- unless serveralias.to_s.empty? then -%> + ServerAlias <%= serveralias %> + <%- end -%> + <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> + ServerAdmin <%= server_admin %> + <%- end -%> + + <%- case logmode.to_s + when 'nologs' -%> + ErrorLog /dev/null + CustomLog /dev/null + <%- when 'semianonym' -%> + ErrorLog <%= logdir %>/error_log + CustomLog <%= logdir %>/access_log noip + <%- when 'anonym' -%> + ErrorLog /dev/null + CustomLog <%= logdir %>/access_log noip + <%- else -%> + ErrorLog <%= logdir %>/error_log + CustomLog <%= logdir %>/access_log combined + <%- end -%> + <%- if ssl_mode.to_s == 'force' then -%> + RewriteEngine On + RewriteCond %{HTTPS} !=on + RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L] + <% else -%> + <Proxy *> + Order deny,allow + Allow from all + </Proxy> + ProxyRequests Off + ProxyPass / <%= options %>/ + ProxyPassReverse / <%= options %>/ + <%- end -%> +</VirtualHost> +<%- end -%> + +<%- unless ssl_mode.to_s == 'false' then -%> +<VirtualHost *:443> + Include include.d/defaults.inc + Include include.d/ssl_defaults.inc + ServerName <%= servername %> + <%- unless serveralias.to_s.empty? then -%> + ServerAlias <%= serveralias %> + <%- end -%> + <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> + ServerAdmin <%= server_admin %> + <%- end -%> + + <%- case logmode.to_s + when 'nologs' -%> + ErrorLog /dev/null + CustomLog /dev/null + <%- when 'semianonym' -%> + ErrorLog <%= logdir %>/error_log + CustomLog <%= logdir %>/access_log noip + <%- when 'anonym' -%> + ErrorLog /dev/null + CustomLog <%= logdir %>/access_log noip + <%- else -%> + ErrorLog <%= logdir %>/error_log + CustomLog <%= logdir %>/access_log combined + <%- end -%> + + <Proxy *> + Order deny,allow + Allow from all + </Proxy> + ProxyRequests Off + ProxyPass / <%= options %>/ + ProxyPassReverse / <%= options %>/ +</VirtualHost> +<%- end -%> |