diff options
-rw-r--r-- | manifests/vhost/passenger.pp | 18 | ||||
-rw-r--r-- | templates/vhosts/partials/authentication.erb | 6 | ||||
l--------- | templates/vhosts/passenger/CentOS.erb | 1 | ||||
l--------- | templates/vhosts/passenger/Debian.erb | 1 | ||||
-rw-r--r-- | templates/vhosts/passenger/passenger.erb | 148 |
5 files changed, 19 insertions, 155 deletions
diff --git a/manifests/vhost/passenger.pp b/manifests/vhost/passenger.pp index 304e89a..7fd82d2 100644 --- a/manifests/vhost/passenger.pp +++ b/manifests/vhost/passenger.pp @@ -41,10 +41,15 @@ define apache::vhost::passenger( $vhost_source = 'absent', $vhost_destination = 'absent', $htpasswd_file = 'absent', - $htpasswd_path = 'absent' + $htpasswd_path = 'absent', + $passenger_ree = false ){ - include ::passenger + if $passenger_ree { + include ::passenger::ree::apache + } else { + include ::passenger::apache + } if $manage_webdir { # create webdir @@ -53,10 +58,10 @@ define apache::vhost::passenger( path => $path, owner => $owner, group => $group, - run_mode => $run_mode, + run_mode => 'normal', manage_docroot => $manage_docroot, documentroot_owner => $documentroot_owner, - documentroot_group => $documentroot_group, + documentroot_group => $run_gid, documentroot_mode => $documentroot_mode, } } @@ -64,9 +69,12 @@ define apache::vhost::passenger( # create vhost configuration file ::apache::vhost{$name: ensure => $ensure, - path => $path, + path => "${path}/www/public", + path_is_webdir => true, template_mode => $template_mode, + template_partial => 'apache/vhosts/passenger/partial.erb', logmode => $logmode, + logpath => "${path}/logs", vhost_mode => $vhost_mode, vhost_source => $vhost_source, vhost_destination => $vhost_destination, diff --git a/templates/vhosts/partials/authentication.erb b/templates/vhosts/partials/authentication.erb new file mode 100644 index 0000000..bf871e7 --- /dev/null +++ b/templates/vhosts/partials/authentication.erb @@ -0,0 +1,6 @@ + <%- unless htpasswd_file.to_s == 'absent' then -%> + AuthType Basic + AuthName "Access fuer <%= servername %>" + AuthUserFile <%= real_htpasswd_path %> + require valid-user + <%- end -%>
\ No newline at end of file diff --git a/templates/vhosts/passenger/CentOS.erb b/templates/vhosts/passenger/CentOS.erb deleted file mode 120000 index c5062da..0000000 --- a/templates/vhosts/passenger/CentOS.erb +++ /dev/null @@ -1 +0,0 @@ -passenger.erb
\ No newline at end of file diff --git a/templates/vhosts/passenger/Debian.erb b/templates/vhosts/passenger/Debian.erb deleted file mode 120000 index c5062da..0000000 --- a/templates/vhosts/passenger/Debian.erb +++ /dev/null @@ -1 +0,0 @@ -passenger.erb
\ No newline at end of file diff --git a/templates/vhosts/passenger/passenger.erb b/templates/vhosts/passenger/passenger.erb deleted file mode 100644 index 1b5d476..0000000 --- a/templates/vhosts/passenger/passenger.erb +++ /dev/null @@ -1,148 +0,0 @@ -# <%= servername %> -<%- unless ssl_mode.to_s == 'only' then -%> -<VirtualHost *:80> - Include include.d/defaults.inc - - ServerName <%= servername %> - <%- unless serveralias.to_s.empty? then -%> - ServerAlias <%= serveralias %> - <%- end -%> - <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> - ServerAdmin <%= server_admin %> - <%- end -%> - DocumentRoot <%= documentroot %>/public - - <%- case logmode.to_s - when 'nologs' -%> - ErrorLog /dev/null - CustomLog /dev/null - <%- when 'semianonym' -%> - ErrorLog <%= logdir %>/error_log - CustomLog <%= logdir %>/access_log noip - <%- when 'anonym' -%> - ErrorLog /dev/null - CustomLog <%= logdir %>/access_log noip - <%- else -%> - ErrorLog <%= logdir %>/error_log - CustomLog <%= logdir %>/access_log combined - <%- end -%> - <%- if ssl_mode.to_s == 'force' then -%> - RewriteEngine On - RewriteCond %{HTTPS} !=on - RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L] - - <%- end -%> - <%- if default_charset.to_s != 'absent' then -%> - AddDefaultCharset <%= default_charset %> - <%- end -%> - <%- if not ssl_mode.to_s == 'force' then -%> - <Directory "<%= documentroot %>/"> - AllowOverride <%= allow_override %> - <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> - Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> - - <%- end -%> - <%- unless htpasswd_file.to_s == 'absent' then -%> - AuthType Basic - AuthName "Access fuer <%= servername %>" - AuthUserFile <%= real_htpasswd_path %> - require valid-user - <%- end -%> - </Directory> - <%- end -%> - - <IfModule mod_security2.c> - <%- if mod_security.to_s == 'true' then -%> - SecRuleEngine On - <%- if mod_security_relevantonly.to_s == 'true' then -%> - SecAuditEngine RelevantOnly - <%- else -%> - SecAuditEngine On - <%- end -%> - <%- else -%> - SecRuleEngine Off - SecAuditEngine Off - <%- end -%> - SecAuditLogType Concurrent - SecAuditLogStorageDir <%= logdir %>/ - SecAuditLog <%= logdir %>/mod_security_audit.log - SecDebugLog <%= logdir %>/mod_security_debug.log - </IfModule> - - <%- unless additional_options.to_s == 'absent' then -%> - <%= additional_options %> - <%- end -%> -</VirtualHost> -<%- end -%> - -<%- unless ssl_mode.to_s == 'false' then -%> -<VirtualHost *:443> - Include include.d/defaults.inc - Include include.d/ssl_defaults.inc - - ServerName <%= servername %> - <%- unless serveralias.to_s.empty? then -%> - ServerAlias <%= serveralias %> - <%- end -%> - <%- unless server_admin.to_s.empty? or server_admin.to_s == 'absent' then -%> - ServerAdmin <%= server_admin %> - <%- end -%> - DocumentRoot <%= documentroot %>/public - - <%- case logmode.to_s - when 'nologs' -%> - ErrorLog /dev/null - CustomLog /dev/null - <%- when 'semianonym' -%> - ErrorLog <%= logdir %>/error_log - CustomLog <%= logdir %>/access_log noip - <%- when 'anonym' -%> - ErrorLog /dev/null - CustomLog <%= logdir %>/access_log noip - <%- else -%> - ErrorLog <%= logdir %>/error_log - CustomLog <%= logdir %>/access_log combined - <%- end -%> - <%- if default_charset.to_s != 'absent' then -%> - AddDefaultCharset <%= default_charset %> - <%- end -%> - - Header add Strict-Transport-Security "max-age=15768000" - - <Directory "<%= documentroot %>/"> - AllowOverride <%= allow_override %> - <%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%> - Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%> - - <%- end -%> - <%- unless htpasswd_file.to_s == 'absent' then -%> - AuthType Basic - AuthName "Access fuer <%= servername %>" - AuthUserFile <%= real_htpasswd_path %> - require valid-user - <%- end -%> - </Directory> - - <IfModule mod_security2.c> - <%- if mod_security.to_s == 'true' then -%> - SecRuleEngine On - <%- if mod_security_relevantonly.to_s == 'true' then -%> - SecAuditEngine RelevantOnly - <%- else -%> - SecAuditEngine On - <%- end -%> - <%- else -%> - SecRuleEngine Off - SecAuditEngine Off - <%- end -%> - SecAuditLogType Concurrent - SecAuditLogStorageDir <%= logdir %>/ - SecAuditLog <%= logdir %>/mod_security_audit.log - SecDebugLog <%= logdir %>/mod_security_debug.log - </IfModule> - - <%- unless additional_options.to_s == 'absent' then -%> - <%= additional_options %> - <%- end -%> -</VirtualHost> -<%- end -%> |