diff options
51 files changed, 1614 insertions, 1673 deletions
diff --git a/manifests/base.pp b/manifests/base.pp new file mode 100644 index 0000000..07b95e2 --- /dev/null +++ b/manifests/base.pp @@ -0,0 +1,42 @@ +class apache::base { + file{'vhosts_dir': + path => '/etc/apache2/vhosts.d/', + ensure => directory, + owner => root, group => 0, mode => 0755; + } + file{'config_dir': + path => '/etc/apache2/conf.d/', + ensure => directory, + owner => root, group => 0, mode => 0755; + } + file{'modules_dir': + path => '/etc/apache2/modules.d/', + ensure => directory, + owner => root, group => 0, mode => 0755; + } + file{'htpasswd_dir': + path => '/var/www/htpasswds/', + ensure => directory, + owner => root, group => apache, mode => 0640; + } + file{'web_dir': + path => '/var/www/', + ensure => directory, + owner => root, group => 0, mode => 0755; + } + service { apache: + name => 'apache2', + enable => true, + ensure => running, + } + file { 'default_apache_index': + path => '/var/www/localhost/htdocs/index.html', + ensure => file, + content => template('apache/default/default_index.erb'), + owner => root, group => 0, mode => 0644; + } + + apache::config::file{ 'defaults.inc': } + apache::config::file{ 'git.conf': } + apache::vhost::file { '0-default': } +} diff --git a/manifests/centos.pp b/manifests/centos.pp new file mode 100644 index 0000000..604a9ca --- /dev/null +++ b/manifests/centos.pp @@ -0,0 +1,41 @@ +### centos +class apache::centos inherits apache::package { + $config_dir = '/etc/httpd/' + + Package[apache]{ + name => 'httpd', + } + Service[apache]{ + name => 'httpd', + restart => '/etc/init.d/httpd graceful', + } + File[vhosts_dir]{ + path => "$config_dir/vhosts.d/", + } + File[config_dir]{ + path => "$config_dir/conf.d/", + } + File[modules_dir]{ + path => "$config_dir/modules.d/", + } + File[web_dir]{ + path => "/var/www/vhosts", + } + File[default_apache_index]{ + path => '/var/www/html/index.html', + } + + file{'/etc/sysconfig/httpd': + source => [ "puppet://$server/files/apache/sysconfig/${fqdn}/httpd", + "puppet://$server/files/apache/sysconfig/httpd", + "puppet://$server/apache/sysconfig/${operatingsystem}/httpd", + "puppet://$server/apache/sysconfig/httpd" ], + require => Package['apache'], + notify => Service['apache'], + owner => root, group => 0, mode => 0644; + } + + apache::config::file{ 'welcome.conf': } + apache::config::file{ 'vhosts.conf': } +} + diff --git a/manifests/centos/gentoo.pp b/manifests/centos/gentoo.pp new file mode 100644 index 0000000..262a25c --- /dev/null +++ b/manifests/centos/gentoo.pp @@ -0,0 +1,30 @@ +define apache::gentoo::module( + $ensure = present, + $source = '', + $destination = '' +){ + $modules_dir = "$apache::gentoo::config_dir/modules.d/" + $real_destination = $destination ? { + '' => "${modules_dir}/${name}.conf", + default => $destination, + } + $real_source = $source ? { + '' => [ + "puppet://$server/files/apache/modules.d/${fqdn}/${name}.conf", + "puppet://$server/files/apache/modules.d/${apache_cluster_node}/${name}.conf", + "puppet://$server/files/apache/modules.d/${name}.conf", + "puppet://$server/apache/modules.d/${operatingsystem}/${name}.conf", + "puppet://$server/apache/modules.d/${name}.conf" + ], + default => "puppet://$server/$source", + } + file{"modules_${name}.conf": + ensure => $ensure, + path => $real_destination, + source => $real_source, + require => [ File[modules_dir], Package[apache] ], + notify => Service[apache], + owner => root, group => 0, mode => 0644; + } +} + diff --git a/manifests/centos/module.pp b/manifests/centos/module.pp new file mode 100644 index 0000000..ebd6edc --- /dev/null +++ b/manifests/centos/module.pp @@ -0,0 +1,30 @@ +define apache::centos::module( + $ensure = present, + $source = '', + $destination = '' +){ + $modules_dir = "$apache::centos::config_dir/modules.d/" + $real_destination = $destination ? { + '' => "${modules_dir}/${name}.so", + default => $destination, + } + $real_source = $source ? { + '' => [ + "puppet://$server/files/apache/modules.d/${fqdn}/${name}.so", + "puppet://$server/files/apache/modules.d/${apache_cluster_node}/${name}.so", + "puppet://$server/files/apache/modules.d/${name}.so", + "puppet://$server/apache/modules.d/${operatingsystem}/${name}.so", + "puppet://$server/apache/modules.d/${name}.so" + ], + default => "puppet://$server/$source", + } + file{"modules_${name}.conf": + ensure => $ensure, + path => $real_destination, + source => $real_source, + require => [ File[modules_dir], Package[apache] ], + notify => Service[apache], + owner => root, group => 0, mode => 0755; + } +} + diff --git a/manifests/config/file.pp b/manifests/config/file.pp new file mode 100644 index 0000000..0fb18f5 --- /dev/null +++ b/manifests/config/file.pp @@ -0,0 +1,58 @@ +# deploy apache (.conf) configuration file (non-vhost) +define apache::config::file( + $ensure = present, + $source = 'absent', + $content = 'absent', + $destination = 'absent' +){ + $real_destination = $destination ? { + 'absent' => $operatingsystem ? { + centos => "$apache::centos::config_dir/conf.d/${name}", + gentoo => "$apache::gentoo::config_dir/${name}", + debian => "$apache::debian::config_dir/conf.d/${name}", + ubuntu => "$apache::ubuntu::config_dir/conf.d/${name}", + openbsd => "$apache::openbsd::config_dir/conf.d/${name}", + default => "/etc/apache2/${name}", + }, + default => $destination + } + file{"apache_${name}": + ensure => $ensure, + path => $real_destination, + notify => Service[apache], + owner => root, group => 0, mode => 0644; + } + case $content { + 'absent': { + $real_source = $source ? { + 'absent' => [ + "puppet://$server/files/apache/conf.d/${fqdn}/${name}", + "puppet://$server/files/apache/conf.d/${apache_cluster_node}/${name}", + "puppet://$server/files/apache/conf.d/${operatingsystem}.${lsbdistcodename}/${name}", + "puppet://$server/files/apache/conf.d/${operatingsystem}/${name}", + "puppet://$server/files/apache/conf.d/${name}", + "puppet://$server/apache/conf.d/${operatingsystem}.${lsbdistcodename}/${name}", + "puppet://$server/apache/conf.d/${operatingsystem}/${name}", + "puppet://$server/apache/conf.d/${name}" + ], + default => "puppet://$server/$source", + } + File["apache_${name}"]{ + source => $real_source, + } + } + default: { + File["apache_${name}"]{ + content => $content, + } + } + } + case $operatingsystem { + openbsd: { info("no package dependency on ${operatingsystem} for ${name}") } + default: { + File["apache_${name}"]{ + require => Package[apache], + } + } + } +} diff --git a/manifests/debian.pp b/manifests/debian.pp new file mode 100644 index 0000000..3ea0002 --- /dev/null +++ b/manifests/debian.pp @@ -0,0 +1,12 @@ +### debian +class apache::debian inherits apache::package { + $config_dir = '/etc/apache2/' + + file {"$vhosts_dir": + ensure => '/etc/apache2/sites-enabled/', + } + File[default_apache_index] { + path => '/var/www/index.html', + } +} + diff --git a/manifests/defines/0-README b/manifests/defines/0-README deleted file mode 100644 index f72d971..0000000 --- a/manifests/defines/0-README +++ /dev/null @@ -1,7 +0,0 @@ -# This folder contains various defines to work with apache. -# They are separated into various categories: -# -# - modules: manage apache modules -# - configuration: common configuration defines -# - vhost files: deploy vhost configuration files -# - vhost varieties: vhost varieties diff --git a/manifests/defines/modules.pp b/manifests/defines/modules.pp deleted file mode 100644 index b0f5941..0000000 --- a/manifests/defines/modules.pp +++ /dev/null @@ -1,63 +0,0 @@ -# manifests/defines/modules.pp - -### manage apache modules - -define apache::centos::module( - $ensure = present, - $source = '', - $destination = '' -){ - $modules_dir = "$apache::centos::config_dir/modules.d/" - $real_destination = $destination ? { - '' => "${modules_dir}/${name}.so", - default => $destination, - } - $real_source = $source ? { - '' => [ - "puppet://$server/files/apache/modules.d/${fqdn}/${name}.so", - "puppet://$server/files/apache/modules.d/${apache_cluster_node}/${name}.so", - "puppet://$server/files/apache/modules.d/${name}.so", - "puppet://$server/apache/modules.d/${operatingsystem}/${name}.so", - "puppet://$server/apache/modules.d/${name}.so" - ], - default => "puppet://$server/$source", - } - file{"modules_${name}.conf": - ensure => $ensure, - path => $real_destination, - source => $real_source, - require => [ File[modules_dir], Package[apache] ], - notify => Service[apache], - owner => root, group => 0, mode => 0755; - } -} - -define apache::gentoo::module( - $ensure = present, - $source = '', - $destination = '' -){ - $modules_dir = "$apache::gentoo::config_dir/modules.d/" - $real_destination = $destination ? { - '' => "${modules_dir}/${name}.conf", - default => $destination, - } - $real_source = $source ? { - '' => [ - "puppet://$server/files/apache/modules.d/${fqdn}/${name}.conf", - "puppet://$server/files/apache/modules.d/${apache_cluster_node}/${name}.conf", - "puppet://$server/files/apache/modules.d/${name}.conf", - "puppet://$server/apache/modules.d/${operatingsystem}/${name}.conf", - "puppet://$server/apache/modules.d/${name}.conf" - ], - default => "puppet://$server/$source", - } - file{"modules_${name}.conf": - ensure => $ensure, - path => $real_destination, - source => $real_source, - require => [ File[modules_dir], Package[apache] ], - notify => Service[apache], - owner => root, group => 0, mode => 0644; - } -} diff --git a/manifests/defines/permissions.pp b/manifests/defines/permissions.pp deleted file mode 100644 index 621a74a..0000000 --- a/manifests/defines/permissions.pp +++ /dev/null @@ -1,36 +0,0 @@ -define apache::file::rw( - $owner = root, - $group = 0, - $mode = 0660 -) { - apache::file{$name: - owner => $owner, - group => $group, - mode => $mode, - } -} -define apache::file::readonly( - $owner = root, - $group = 0, - $mode = 0640 -) { - apache::file{$name: - owner => $owner, - group => $group, - mode => $mode, - } -} -define apache::file( - $owner = root, - $group = 0, - $mode = 0640 -) { - file{$name: -# as long as there are significant memory problems using -# recurse we avoid it -# recurse => true, - backup => false, - checksum => undef, - owner => $owner, group => $group, mode => $mode; - } -} diff --git a/manifests/defines/vhost_files.pp b/manifests/defines/vhost_files.pp deleted file mode 100644 index 6ed4fb3..0000000 --- a/manifests/defines/vhost_files.pp +++ /dev/null @@ -1,381 +0,0 @@ -# manifests/defines/vhost_files.pp - -### vhost configuration files -# -# deploy vhost configuration files - - -# this is a wrapper for apache::vhost::file and avhost::template below -# -# vhost_mode: which option is choosed to deploy the vhost -# - template: generate it from a template (default) -# - file: deploy a vhost file (apache::vhost::file will be called directly) -# -define apache::vhost( - $ensure = present, - $path = 'absent', - $path_is_webdir = false, - $template_mode = 'static', - $vhost_mode = 'template', - $vhost_source = 'absent', - $vhost_destination = 'absent', - $content = 'absent', - $domain = 'absent', - $domainalias = 'absent', - $server_admin = 'absent', - $allow_override = 'None', - $php_upload_tmp_dir = 'absent', - $php_session_save_path = 'absent', - $cgi_binpath = 'absent', - $default_charset = 'absent', - $do_includes = false, - $options = 'absent', - $additional_options = 'absent', - $run_mode = 'normal', - $run_uid = 'absent', - $run_gid = 'absent', - $template_mode = 'static', - $ssl_mode = false, - $htpasswd_file = 'absent', - $htpasswd_path = 'absent', - $mod_security = true, - $ldap_auth = false, - $ldap_user = 'any' -) { - # file or template mode? - case $vhost_mode { - 'file': { - apache::vhost::file{$name: - ensure => $ensure, - vhost_source => $vhost_source, - vhost_destination => $vhost_destination, - do_includes => $do_includes, - htpasswd_file => $htpasswd_file, - htpasswd_path => $htpasswd_path, - } - } - 'template': { - apache::vhost::template{$name: - ensure => $ensure, - path => $path, - path_is_webdir => $path_is_webdir, - domain => $domain, - domainalias => $domainalias, - server_admin => $server_admin, - php_upload_tmp_dir => $php_upload_tmp_dir, - php_session_save_path => $php_session_save_path, - cgi_binpath => $cgi_binpath, - allow_override => $allow_override, - do_includes => $do_includes, - options => $options, - additional_options => $additional_options, - default_charset => $default_charset, - run_mode => $run_mode, - run_uid => $run_uid, - run_gid => $run_gid, - template_mode => $template_mode, - ssl_mode => $ssl_mode, - htpasswd_file => $htpasswd_file, - htpasswd_path => $htpasswd_path, - ldap_auth => $ldap_auth, - ldap_user => $ldap_user, - mod_security => $mod_security, - } - } - default: { fail("no such vhost_mode: $vhost_mode defined for $name.") } - } - -} - -# htpasswd_file: wether to deploy a passwd for this vhost or not -# - absent: ignore (default) -# - nodeploy: htpasswd file isn't deployed by this mechanism -# - else: try to deploy the file -# -# htpasswd_path: where to deploy the passwd file -# - absent: standardpath (default) -# - else: path to deploy -# -define apache::vhost::file( - $ensure = present, - $vhost_source = 'absent', - $vhost_destination = 'absent', - $content = 'absent', - $do_includes = false, - $htpasswd_file = 'absent', - $htpasswd_path = 'absent' -){ - $vhosts_dir = $operatingsystem ? { - centos => "$apache::centos::config_dir/vhosts.d/", - gentoo => "$apache::gentoo::config_dir/vhosts.d/", - debian => "$apache::debian::config_dir/vhosts.d/", - ubuntu => "$apache::ubuntu::config_dir/vhosts.d/", - openbsd => "$apache::openbsd::config_dir/vhosts.d/", - default => '/etc/apache2/vhosts.d/', - } - $real_vhost_destination = $vhost_destination ? { - 'absent' => "$vhosts_dir/$name.conf", - default => $vhost_destination, - } - file{"${name}.conf": - ensure => $ensure, - path => $real_vhost_destination, - require => File[vhosts_dir], - notify => Service[apache], - owner => root, group => 0, mode => 0644; - } - if $do_includes { - include apache::includes - } - case $content { - 'absent': { - $real_vhost_source = $vhost_source ? { - 'absent' => [ - "puppet://$server/files/apache/vhosts.d/$fqdn/$name.conf", - "puppet://$server/files/apache/vhosts.d/$apache_cluster_node/$name.conf", - "puppet://$server/files/apache/vhosts.d/$operatingsystem.$lsbdistcodename/$name.conf", - "puppet://$server/files/apache/vhosts.d/$operatingsystem/$name.conf", - "puppet://$server/files/apache/vhosts.d/$name.conf", - "puppet://$server/apache/vhosts.d/$name.conf", - "puppet://$server/apache/vhosts.d/$operatingsystem.$lsbdistcodename/$name.conf", - "puppet://$server/apache/vhosts.d/$operatingsystem/$name.conf", - "puppet://$server/apache/vhosts.d/$name.conf" - ], - default => "puppet://$server/$vhost_source", - } - File["${name}.conf"]{ - source => $real_vhost_source, - } - } - default: { - File["${name}.conf"]{ - content => $content, - } - } - } - case $htpasswd_file { - 'absent','nodeploy': { info("don't deploy a htpasswd file for ${name") } - default: { - if $htpasswd_path == 'absent' { - $real_htpasswd_path = "/var/www/htpasswds/$name" - } else { - $real_htpasswd_path = $htpasswd_path - } - file{$real_htpasswd_path: - ensure => $ensure, - source => [ "puppet://$server/files/apache/htpasswds/$fqdn/$name", - "puppet://$server/files/apache/htpasswds/$apache_cluster_node/$name", - "puppet://$server/files/apache/htpasswds/$name" ], - owner => root, group => 0, mode => 0644; - } - } - } -} - -# template_mode: -# - php: for a default php application -# - static: for a static application (default) -# - perl: for a mod_perl application -# - php_joomla: for a joomla application -# -# domainalias: -# - absent: no domainalias is set (*default*) -# - www: domainalias is set to www.$domain -# - else: domainalias is set to that -# -# ssl_mode: wether this vhost supports ssl or not -# - false: don't enable ssl for this vhost (default) -# - true: enable ssl for this vhost -# - force: enable ssl and redirect non-ssl to ssl -# -define apache::vhost::template( - $ensure = present, - $path = 'absent', - $path_is_webdir = false, - $domain = 'absent', - $domainalias = 'absent', - $server_admin = 'absent', - $allow_override = 'None', - $php_upload_tmp_dir = 'absent', - $php_session_save_path = 'absent', - $cgi_binpath = 'absent', - $do_includes = false, - $options = 'absent', - $additional_options = 'absent', - $default_charset = 'absent', - $run_mode = 'normal', - $run_uid = 'absent', - $run_gid = 'absent', - $template_mode = 'static', - $ssl_mode = false, - $mod_security = true, - $htpasswd_file = 'absent', - $htpasswd_path = 'absent', - $ldap_auth = false, - $ldap_user = 'any' -){ - $real_path = $path ? { - 'absent' => $operatingsystem ? { - openbsd => "/var/www/htdocs/$name", - default => "/var/www/vhosts/$name" - }, - default => $path - } - - if $path_is_webdir { - $documentroot = "$real_path" - } else { - $documentroot = "$real_path/www" - } - $logdir = "$real_path/logs" - - $servername = $domain ? { - 'absent' => $name, - default => $domain - } - $serveralias = $domainalias ? { - 'absent' => '', - 'www' => "www.${servername}", - default => $domainalias - } - if $htpasswd_path == 'absent' { - $real_htpasswd_path = "/var/www/htpasswds/$name" - } else { - $real_htpasswd_path = $htpasswd_path - } - case $run_mode { - 'itk': { - case $run_uid { - 'absent': { fail("you have to define run_uid for $name on $fqdn") } - } - case $run_gid { - 'absent': { fail("you have to define run_gid for $name on $fqdn") } - } - } - } - - # set default dirs for templates - # php upload_tmp_dir - case $php_upload_tmp_dir { - 'absent': { - $real_php_upload_tmp_dir = "/var/www/upload_tmp_dir/$name" - } - default: { $real_php_upload_tmp_dir = $php_upload_tmp_dir } - } - # php session_save_path - case $php_session_save_path { - 'absent': { - $real_php_session_save_path = "/var/www/session.save_path/$name" - } - default: { $real_php_session_save_path = $php_session_save_path } - } - - apache::vhost::file{$name: - ensure => $ensure, - content => template("apache/vhosts/$template_mode/$operatingsystem.erb"), - do_includes => $do_includes, - htpasswd_file => $htpasswd_file, - htpasswd_path => $htpasswd_path, - } -} - - -define apache::vhost::file::documentrootfile( - $documentroot, - $filename, - $thedomain, - $owner='root', - $group='0', - $mode=440 -){ - file{"$documentroot/$filename": - source => [ "puppet://$server/files/apache/vhost_varieties/$fqdn/$thedomain/$filename", - "puppet://$server/files/apache/vhost_varieties/$apache_cluster_node/$thedomain/$filename", - "puppet://$server/files/apache/vhost_varieties/$operatingsystem.$lsbdistcodename/$thedomain/$filename", - "puppet://$server/files/apache/vhost_varieties/$operatingsystem/$thedomain/$filename", - "puppet://$server/files/apache/vhost_varieties/$thedomain/$filename", - "puppet://$server/apache/vhost_varieties/$thedomain/$filename", - "puppet://$server/apache/vhost_varieties/$operatingsystem.$lsbdistcodename/$thedomain/$filename", - "puppet://$server/apache/vhost_varieties/$operatingsystem/$thedomain/$filename", - "puppet://$server/apache/vhost_varieties/$thedomain/$filename" - ], - ensure => file, - require => Apache::Vhost::Webdir["$thedomain"], - owner => $owner, group => $group, mode => $mode; - } -} - -define apache::vhost::file::documentrootdir( - $ensure = directory, - $documentroot, - $filename, - $thedomain, - $owner = 'root', - $group = '0', - $mode = 440 -){ - file{"$documentroot/$filename": - require => Apache::Vhost::Webdir["$thedomain"], - owner => $owner, group => $group, mode => $mode; - } - if $ensure != 'absent' { - File["$documentroot/$filename"]{ - ensure => directory, - } - } else { - File["$documentroot/$filename"]{ - ensure => $ensure, - } - } -} - - - -define apache::vhost::phpdirs( - $ensure = present, - $php_upload_tmp_dir = 'absent', - $php_session_save_path = 'absent', - $documentroot_owner = apache, - $documentroot_group = 0, - $documentroot_mode = 0750, - $run_mode = 'normal', - $run_uid = 'absent' -){ - # php upload_tmp_dir - case $php_upload_tmp_dir { - 'absent': { - include apache::defaultphpdirs - $real_php_upload_tmp_dir = "/var/www/upload_tmp_dir/$name" - } - default: { $real_php_upload_tmp_dir = $php_upload_tmp_dir } - } - # php session_save_path - case $php_session_save_path { - 'absent': { - include apache::defaultphpdirs - $real_php_session_save_path = "/var/www/session.save_path/$name" - } - default: { $real_php_session_save_path = $php_session_save_path } - } - - case $ensure { - absent: { - file{[$real_php_upload_tmp_dir, $real_php_session_save_path ]: - ensure => absent, - purge => true, - force => true, - recurse => true, - } - } - default: { - file{[$real_php_upload_tmp_dir, $real_php_session_save_path ]: - ensure => directory, - owner => $run_mode ? { - 'itk' => $run_uid, - default => $documentroot_owner - }, - group => $documentroot_group, mode => $documentroot_mode; - } - } - } -} diff --git a/manifests/defines/vhost_varieties.pp b/manifests/defines/vhost_varieties.pp deleted file mode 100644 index 6a6c988..0000000 --- a/manifests/defines/vhost_varieties.pp +++ /dev/null @@ -1,798 +0,0 @@ -# manifests/defines/vhost_varieties.pp - -### sepcific vhosts varieties -# -# - apache::vhost::static -# - apache::vhost::php -# - apache::vhost::joomla -# - apache::vhost::wordpress -# - apache::vhost::simplemachine -# - apache::vhost::drubal -# - apache::vhost::cgi TODO -# - apache::vhost::modperl TODO -# - apache::vhost::modpython TODO -# - apache::vhost::modrails TODO -# - apache::vhost::webdav -# - apache::vhost::webapp (abstract) - -# vhost_mode: which option is chosen to deploy the vhost -# - template: generate it from a template (default) -# - file: deploy a vhost file (apache::vhost::file will be called directly) -define apache::vhost::static( - $ensure = present, - $domain = 'absent', - $domainalias = 'absent', - $server_admin = 'absent', - $path = 'absent', - $owner = root, - $group = 0, - $documentroot_owner = apache, - $documentroot_group = 0, - $documentroot_mode = 0640, - $allow_override = 'None', - $do_includes = false, - $options = 'absent', - $additional_options = 'absent', - $default_charset = 'absent', - $ssl_mode = false, - $vhost_mode = 'template', - $vhost_source = 'absent', - $vhost_destination = 'absent', - $htpasswd_file = 'absent', - $htpasswd_path = 'absent' -){ - # create webdir - apache::vhost::webdir{$name: - ensure => $ensure, - path => $path, - owner => $owner, - group => $group, - run_mode => 'normal', - documentroot_owner => $documentroot_owner, - documentroot_group => $documentroot_group, - documentroot_mode => $documentroot_mode, - } - - # create vhost configuration file - apache::vhost{$name: - ensure => $ensure, - path => $path, - template_mode => 'static', - vhost_mode => $vhost_mode, - vhost_source => $vhost_source, - vhost_destination => $vhost_destination, - domain => $domain, - domainalias => $domainalias, - server_admin => $server_admin, - allow_override => $allow_override, - do_includes => $do_includes, - options => $options, - additional_options => $additional_options, - default_charset => $default_charset, - ssl_mode => $ssl_mode, - htpasswd_file => $htpasswd_file, - htpasswd_path => $htpasswd_path, - mod_security => false, - } -} - -# run_mode: -# - normal: nothing special (*default*) -# - itk: apache is running with the itk module -# and run_uid and run_gid are used as vhost users -# run_uid: the uid the vhost should run as with the itk module -# run_gid: the gid the vhost should run as with the itk module -define apache::vhost::php::standard( - $ensure = present, - $domain = 'absent', - $domainalias = 'absent', - $server_admin = 'absent', - $path = 'absent', - $template_mode = 'php', - $owner = root, - $group = apache, - $documentroot_owner = apache, - $documentroot_group = 0, - $documentroot_mode = 0640, - $run_mode = 'normal', - $run_uid = 'absent', - $run_gid = 'absent', - $allow_override = 'None', - $php_upload_tmp_dir = 'absent', - $php_session_save_path = 'absent', - $do_includes = false, - $options = 'absent', - $additional_options = 'absent', - $default_charset = 'absent', - $mod_security = true, - $ssl_mode = false, - $vhost_mode = 'template', - $vhost_source = 'absent', - $vhost_destination = 'absent', - $htpasswd_file = 'absent', - $htpasswd_path = 'absent' -){ - - apache::vhost::phpdirs{"${name}": - ensure => $ensure, - php_upload_tmp_dir => $php_upload_tmp_dir, - php_session_save_path => $php_session_save_path, - documentroot_owner => $documentroot_owner, - documentroot_group => $documentroot_group, - documentroot_mode => $documentroot_mode, - run_mode => $run_mode, - run_uid => $run_uid, - } - - # create webdir - apache::vhost::webdir{$name: - ensure => $ensure, - path => $path, - owner => $owner, - group => $group, - run_mode => $run_mode, - documentroot_owner => $documentroot_owner, - documentroot_group => $documentroot_group, - documentroot_mode => $documentroot_mode, - } - - # create vhost configuration file - apache::vhost{$name: - ensure => $ensure, - path => $path, - template_mode => $template_mode, - vhost_mode => $vhost_mode, - vhost_source => $vhost_source, - vhost_destination => $vhost_destination, - domain => $domain, - domainalias => $domainalias, - server_admin => $server_admin, - run_mode => $run_mode, - run_uid => $run_uid, - run_gid => $run_gid, - allow_override => $allow_override, - do_includes => $do_includes, - options => $options, - additional_options => $additional_options, - default_charset => $default_charset, - php_upload_tmp_dir => $php_upload_tmp_dir, - php_session_save_path => $php_session_save_path, - ssl_mode => $ssl_mode, - htpasswd_file => $htpasswd_file, - htpasswd_path => $htpasswd_path, - mod_security => $mod_security, - } -} - -# run_mode: -# - normal: nothing special (*default*) -# - itk: apache is running with the itk module -# and run_uid and run_gid are used as vhost users -# run_uid: the uid the vhost should run as with the itk module -# run_gid: the gid the vhost should run as with the itk module -define apache::vhost::php::joomla( - $ensure = present, - $domain = 'absent', - $domainalias = 'absent', - $server_admin = 'absent', - $path = 'absent', - $owner = root, - $group = 0, - $documentroot_owner = apache, - $documentroot_group = 0, - $documentroot_mode = 0640, - $run_mode = 'normal', - $run_uid = 'absent', - $run_gid = 'absent', - $allow_override = 'None', - $php_upload_tmp_dir = 'absent', - $php_session_save_path = 'absent', - $do_includes = false, - $options = 'absent', - $additional_options = 'absent', - $default_charset = 'absent', - $mod_security = true, - $ssl_mode = false, - $vhost_mode = 'template', - $vhost_source = 'absent', - $vhost_destination = 'absent', - $htpasswd_file = 'absent', - $htpasswd_path = 'absent', - $manage_config = true, - $config_webwriteable = false, - $manage_directories = true -){ - include apache::joomla - - $documentroot = $path ? { - 'absent' => $operatingsystem ? { - openbsd => "/var/www/htdocs/${name}/www", - default => "/var/www/vhosts/${name}/www" - }, - default => "${path}/www" - } - - # create vhost configuration file - apache::vhost::php::webapp{$name: - ensure => $ensure, - domain => $domain, - domainalias => $domainalias, - server_admin => $server_admin, - path => $path, - template_mode => 'php_joomla', - owner => $owner, - group => $group, - documentroot_owner => $documentroot_owner, - documentroot_group => $documentroot_group, - documentroot_mode => $documentroot_mode, - run_mode => $run_mode, - run_uid => $run_uid, - run_gid => $run_gid, - allow_override => $allow_override, - php_upload_tmp_dir => $php_upload_tmp_dir, - php_session_save_path => $php_session_save_path, - do_includes => $do_includes, - options => $options, - additional_options => $additional_options, - default_charset => $default_charset, - mod_security => $mod_security, - ssl_mode => $ssl_mode, - vhost_mode => $vhost_mode, - vhost_source => $vhost_source, - vhost_destination => $vhost_destination, - htpasswd_file => $htpasswd_file, - htpasswd_path => $htpasswd_path, - manage_directories => $manage_directories, - managed_directories => [ "$documentroot/administrator/backups", - "$documentroot/administrator/components", - "$documentroot/administrator/language", - "$documentroot/administrator/modules", - "$documentroot/administrator/templates", - "$documentroot/components", - "$documentroot/images", - "$documentroot/language", - "$documentroot/media", - "$documentroot/modules", - "$documentroot/plugins", - "$documentroot/templates", - "$documentroot/cache", - "$documentroot/administrator/cache" ], - manage_config => $manage_config, - config_webwriteable => $config_webwriteable, - config_file => 'configuration.php', - } - -} -# run_mode: -# - normal: nothing special (*default*) -# - itk: apache is running with the itk module -# and run_uid and run_gid are used as vhost users -# run_uid: the uid the vhost should run as with the itk module -# run_gid: the gid the vhost should run as with the itk module -define apache::vhost::php::wordpress( - $ensure = present, - $domain = 'absent', - $domainalias = 'absent', - $server_admin = 'absent', - $path = 'absent', - $owner = root, - $group = 0, - $documentroot_owner = apache, - $documentroot_group = 0, - $documentroot_mode = 0640, - $run_mode = 'normal', - $run_uid = 'absent', - $run_gid = 'absent', - $allow_override = 'FileInfo', - $php_upload_tmp_dir = 'absent', - $php_session_save_path = 'absent', - $do_includes = false, - $options = 'absent', - $additional_options = 'absent', - $default_charset = 'absent', - $mod_security = true, - $ssl_mode = false, - $vhost_mode = 'template', - $vhost_source = 'absent', - $vhost_destination = 'absent', - $htpasswd_file = 'absent', - $htpasswd_path = 'absent', - $manage_config = true, - $config_webwriteable = false, - $manage_directories = true -){ - - $documentroot = $path ? { - 'absent' => $operatingsystem ? { - openbsd => "/var/www/htdocs/${name}/www", - default => "/var/www/vhosts/${name}/www" - }, - default => "${path}/www" - } - - # create vhost configuration file - apache::vhost::php::webapp{$name: - ensure => $ensure, - domain => $domain, - domainalias => $domainalias, - server_admin => $server_admin, - path => $path, - template_mode => 'php_wordpress', - owner => $owner, - group => $group, - documentroot_owner => $documentroot_owner, - documentroot_group => $documentroot_group, - documentroot_mode => $documentroot_mode, - run_mode => $run_mode, - run_uid => $run_uid, - run_gid => $run_gid, - allow_override => $allow_override, - php_upload_tmp_dir => $php_upload_tmp_dir, - php_session_save_path => $php_session_save_path, - do_includes => $do_includes, - options => $options, - additional_options => $additional_options, - default_charset => $default_charset, - mod_security => $mod_security, - ssl_mode => $ssl_mode, - vhost_mode => $vhost_mode, - vhost_source => $vhost_source, - vhost_destination => $vhost_destination, - htpasswd_file => $htpasswd_file, - htpasswd_path => $htpasswd_path, - manage_directories => $manage_directories, - managed_directories => "$documentroot/wp-content", - manage_config => $manage_config, - config_webwriteable => $config_webwriteable, - config_file => 'wp-config.php', - } -} - -# run_mode: -# - normal: nothing special (*default*) -# - itk: apache is running with the itk module -# and run_uid and run_gid are used as vhost users -# run_uid: the uid the vhost should run as with the itk module -# run_gid: the gid the vhost should run as with the itk module -define apache::vhost::php::simplemachine( - $ensure = present, - $domain = 'absent', - $domainalias = 'absent', - $server_admin = 'absent', - $path = 'absent', - $owner = root, - $group = 0, - $documentroot_owner = apache, - $documentroot_group = 0, - $documentroot_mode = 0640, - $run_mode = 'normal', - $run_uid = 'absent', - $run_gid = 'absent', - $allow_override = 'None', - $php_upload_tmp_dir = 'absent', - $php_session_save_path = 'absent', - $do_includes = false, - $options = 'absent', - $additional_options = 'absent', - $default_charset = 'absent', - $mod_security = true, - $ssl_mode = false, - $vhost_mode = 'template', - $vhost_source = 'absent', - $vhost_destination = 'absent', - $htpasswd_file = 'absent', - $htpasswd_path = 'absent', - $manage_config = true, - $config_webwriteable = false, - $manage_directories = true -){ - $documentroot = $path ? { - 'absent' => $operatingsystem ? { - openbsd => "/var/www/htdocs/${name}/www", - default => "/var/www/vhosts/${name}/www" - }, - default => "${path}/www" - } - - # create vhost configuration file - apache::vhost::php::webapp{$name: - ensure => $ensure, - domain => $domain, - domainalias => $domainalias, - server_admin => $server_admin, - path => $path, - template_mode => 'php_simplemachine', - owner => $owner, - group => $group, - documentroot_owner => $documentroot_owner, - documentroot_group => $documentroot_group, - documentroot_mode => $documentroot_mode, - run_mode => $run_mode, - run_uid => $run_uid, - run_gid => $run_gid, - allow_override => $allow_override, - php_upload_tmp_dir => $php_upload_tmp_dir, - php_session_save_path => $php_session_save_path, - do_includes => $do_includes, - options => $options, - additional_options => $additional_options, - default_charset => $default_charset, - mod_security => $mod_security, - ssl_mode => $ssl_mode, - vhost_mode => $vhost_mode, - vhost_source => $vhost_source, - vhost_destination => $vhost_destination, - htpasswd_file => $htpasswd_file, - htpasswd_path => $htpasswd_path, - manage_directories => $manage_directories, - managed_directories => [ - "$documentroot/attachments", - "$documentroot/Packages", - "$documentroot/Themes", - "$documentroot/agreement.txt", - "$documentroot/Packages/installed.list", - "$documentroot/avatars" ], - manage_config => $manage_config, - config_webwriteable => $config_webwriteable, - config_file => 'Settings.php', - } -} - -# run_mode: -# - normal: nothing special (*default*) -# - itk: apache is running with the itk module -# and run_uid and run_gid are used as vhost users -# run_uid: the uid the vhost should run as with the itk module -# run_gid: the gid the vhost should run as with the itk module -define apache::vhost::php::drupal( - $ensure = present, - $domain = 'absent', - $domainalias = 'absent', - $server_admin = 'absent', - $path = 'absent', - $owner = root, - $group = 0, - $documentroot_owner = apache, - $documentroot_group = 0, - $documentroot_mode = 0640, - $run_mode = 'normal', - $run_uid = 'absent', - $run_gid = 'absent', - $allow_override = 'None', - $php_upload_tmp_dir = 'absent', - $php_session_save_path = 'absent', - $do_includes = false, - $options = 'absent', - $additional_options = 'absent', - $default_charset = 'absent', - $mod_security = true, - $ssl_mode = false, - $vhost_mode = 'template', - $vhost_source = 'absent', - $vhost_destination = 'absent', - $htpasswd_file = 'absent', - $htpasswd_path = 'absent', - $manage_cron = true -){ - $documentroot = $path ? { - 'absent' => $operatingsystem ? { - openbsd => "/var/www/htdocs/${name}/www", - default => "/var/www/vhosts/${name}/www" - }, - default => "${path}/www" - } - - if $manage_cron { - file{"/etc/cron.d/drupal_cron_${name}": - content => "0 * * * * apache wget -O - -q -t 1 http://${doamin}/cron.php\n", - owner => root, group => 0, mode => 0644; - } - } - - # create vhost configuration file - apache::vhost::php::webapp{$name: - ensure => $ensure, - domain => $domain, - domainalias => $domainalias, - server_admin => $server_admin, - path => $path, - template_mode => 'php_drupal', - owner => $owner, - group => $group, - documentroot_owner => $documentroot_owner, - documentroot_group => $documentroot_group, - documentroot_mode => $documentroot_mode, - run_mode => $run_mode, - run_uid => $run_uid, - run_gid => $run_gid, - allow_override => $allow_override, - php_upload_tmp_dir => $php_upload_tmp_dir, - php_session_save_path => $php_session_save_path, - do_includes => $do_includes, - options => $options, - additional_options => $additional_options, - default_charset => $default_charset, - mod_security => $mod_security, - ssl_mode => $ssl_mode, - vhost_mode => $vhost_mode, - vhost_source => $vhost_source, - vhost_destination => $vhost_destination, - htpasswd_file => $htpasswd_file, - htpasswd_path => $htpasswd_path, - manage_directories => false, - manage_config => false, - } -} - -# Webdav vhost: to manage webdav accessible targets -# run_mode: -# - normal: nothing special (*default*) -# - itk: apache is running with the itk module -# and run_uid and run_gid are used as vhost users -# run_uid: the uid the vhost should run as with the itk module -# run_gid: the gid the vhost should run as with the itk module -define apache::vhost::webdav( - $ensure = present, - $domain = 'absent', - $domainalias = 'absent', - $server_admin = 'absent', - $path = 'absent', - $owner = root, - $group = 0, - $manage_webdir = true, - $path_is_webdir = false, - $documentroot_owner = apache, - $documentroot_group = 0, - $documentroot_mode = 0640, - $run_mode = 'normal', - $run_uid = 'absent', - $run_gid = 'absent', - $options = 'absent', - $additional_options = 'absent', - $default_charset = 'absent', - $mod_security = false, - $ssl_mode = false, - $vhost_mode = 'template', - $vhost_source = 'absent', - $vhost_destination = 'absent', - $htpasswd_file = 'absent', - $htpasswd_path = 'absent', - $ldap_auth = false, - $ldap_user = 'any' -){ - if $manage_webdir { - # create webdir - apache::vhost::webdir{$name: - ensure => $ensure, - path => $path, - owner => $owner, - group => $group, - run_mode => $run_mode, - documentroot_owner => $documentroot_owner, - documentroot_group => $documentroot_group, - documentroot_mode => $documentroot_mode, - } - } - # create vhost configuration file - apache::vhost{$name: - ensure => $ensure, - path => $path, - path_is_webdir => $path_is_webdir, - template_mode => 'webdav', - vhost_mode => $vhost_mode, - vhost_source => $vhost_source, - vhost_destination => $vhost_destination, - domain => $domain, - domainalias => $domainalias, - server_admin => $server_admin, - run_mode => $run_mode, - run_uid => $run_uid, - run_gid => $run_gid, - options => $options, - additional_options => $additional_options, - default_charset => $default_charset, - ssl_mode => $ssl_mode, - htpasswd_file => $htpasswd_file, - htpasswd_path => $htpasswd_path, - ldap_auth => $ldap_auth, - ldap_user => $ldap_user, - mod_security => $mod_security, - } -} - -# run_mode: -# - normal: nothing special (*default*) -# - itk: apache is running with the itk module -# and run_uid and run_gid are used as vhost users -# run_uid: the uid the vhost should run as with the itk module -# run_gid: the gid the vhost should run as with the itk module -define apache::vhost::modperl( - $ensure = present, - $domain = 'absent', - $domainalias = 'absent', - $server_admin = 'absent', - $path = 'absent', - $owner = root, - $group = 0, - $documentroot_owner = apache, - $documentroot_group = 0, - $documentroot_mode = 0640, - $run_mode = 'normal', - $run_uid = 'absent', - $run_gid = 'absent', - $allow_override = 'None', - $cgi_binpath = 'absent', - $do_includes = false, - $options = 'absent', - $additional_options = 'absent', - $default_charset = 'absent', - $mod_security = true, - $ssl_mode = false, - $vhost_mode = 'template', - $vhost_source = 'absent', - $vhost_destination = 'absent', - $htpasswd_file = 'absent', - $htpasswd_path = 'absent' -){ - # cgi_bin path - case $cgi_binpath { - 'absent': { - $real_path = $path ? { - 'absent' => $operatingsystem ? { - openbsd => "/var/www/htdocs/${name}", - default => "/var/www/vhosts/${name}" - }, - default => "${path}" - } - $real_cgi_binpath = "${real_path}/cgi-bin" - } - default: { $real_cgi_binpath = $cgi_binpath } - } - file{$real_cgi_binpath: - ensure => directory, - owner => $documentroot_owner, - group => $documentroot_group, - mode => $documentroot_mode; - } - - # create webdir - apache::vhost::webdir{$name: - ensure => $ensure, - path => $path, - owner => $owner, - group => $group, - run_mode => $run_mode, - documentroot_owner => $documentroot_owner, - documentroot_group => $documentroot_group, - documentroot_mode => $documentroot_mode, - } - - # create vhost configuration file - apache::vhost{$name: - ensure => $ensure, - path => $path, - template_mode => 'perl', - vhost_mode => $vhost_mode, - vhost_source => $vhost_source, - vhost_destination => $vhost_destination, - domain => $domain, - domainalias => $domainalias, - server_admin => $server_admin, - run_mode => $run_mode, - run_uid => $run_uid, - run_gid => $run_gid, - allow_override => $allow_override, - do_includes => $do_includes, - options => $options, - additional_options => $additional_options, - default_charset => $default_charset, - cgi_binpath => $real_cgi_binpath, - ssl_mode => $ssl_mode, - htpasswd_file => $htpasswd_file, - htpasswd_path => $htpasswd_path, - mod_security => $mod_security, - } -} - -# run_mode: -# - normal: nothing special (*default*) -# - itk: apache is running with the itk module -# and run_uid and run_gid are used as vhost users -# run_uid: the uid the vhost should run as with the itk module -# run_gid: the gid the vhost should run as with the itk module -define apache::vhost::php::webapp( - $ensure = present, - $domain = 'absent', - $domainalias = 'absent', - $server_admin = 'absent', - $path = 'absent', - $template_mode, - $owner = root, - $group = 0, - $documentroot_owner = apache, - $documentroot_group = 0, - $documentroot_mode = 0640, - $run_mode = 'normal', - $run_uid = 'absent', - $run_gid = 'absent', - $allow_override = 'None', - $php_upload_tmp_dir = 'absent', - $php_session_save_path = 'absent', - $do_includes = false, - $options = 'absent', - $additional_options = 'absent', - $default_charset = 'absent', - $mod_security = true, - $ssl_mode = false, - $vhost_mode = 'template', - $vhost_source = 'absent', - $vhost_destination = 'absent', - $htpasswd_file = 'absent', - $htpasswd_path = 'absent', - $manage_config = true, - $config_file = 'absent', - $config_webwriteable = false, - $manage_directories = true, - $managed_directories -){ - if ($ensure != 'absent') { - if $manage_directories { - apache::file::rw{ $managed_directories : - owner => $documentroot_owner, - group => $documentroot_group, - } - } - - if $manage_config { - if $config_file == 'absent' { fail("No config file defined for ${name} on ${fqdn}, if you'd like to manage the config, you have to add one!") } - apache::vhost::file::documentrootfile{"configurationfile_${name}": - documentroot => $documentroot, - filename => $config_file, - thedomain => $name, - owner => $documentroot_owner, - group => $documentroot_group, - } - if $config_webwriteable { - Apache::Vhost::File::Documentrootfile["configurationfile_${name}"]{ - mode => 0660, - } - } else { - Apache::Vhost::File::Documentrootfile["configurationfile_${name}"]{ - mode => 0440, - } - } - } - } - - # create vhost configuration file - apache::vhost::php::standard{$name: - ensure => $ensure, - domain => $domain, - domainalias => $domainalias, - server_admin => $server_admin, - path => $path, - template_mode => $template_mode, - owner => $owner, - group => $group, - documentroot_owner => $documentroot_owner, - documentroot_group => $documentroot_group, - documentroot_mode => $documentroot_mode, - run_mode => $run_mode, - run_uid => $run_uid, - run_gid => $run_gid, - allow_override => $allow_override, - php_upload_tmp_dir => $php_upload_tmp_dir, - php_session_save_path => $php_session_save_path, - do_includes => $do_includes, - options => $options, - additional_options => $additional_options, - default_charset => $default_charset, - mod_security => $mod_security, - ssl_mode => $ssl_mode, - vhost_mode => $vhost_mode, - vhost_source => $vhost_source, - vhost_destination => $vhost_destination, - htpasswd_file => $htpasswd_file, - htpasswd_path => $htpasswd_path, - } -} diff --git a/manifests/file.pp b/manifests/file.pp new file mode 100644 index 0000000..b0a60ec --- /dev/null +++ b/manifests/file.pp @@ -0,0 +1,15 @@ +define apache::file( + $owner = root, + $group = 0, + $mode = 0640 +) { + file{$name: +# as long as there are significant memory problems using +# recurse we avoid it +# recurse => true, + backup => false, + checksum => undef, + owner => $owner, group => $group, mode => $mode; + } +} + diff --git a/manifests/file/readonly.pp b/manifests/file/readonly.pp new file mode 100644 index 0000000..6308d88 --- /dev/null +++ b/manifests/file/readonly.pp @@ -0,0 +1,12 @@ +define apache::file::readonly( + $owner = root, + $group = 0, + $mode = 0640 +) { + apache::file{$name: + owner => $owner, + group => $group, + mode => $mode, + } +} + diff --git a/manifests/file/rw.pp b/manifests/file/rw.pp new file mode 100644 index 0000000..87b666f --- /dev/null +++ b/manifests/file/rw.pp @@ -0,0 +1,12 @@ +define apache::file::rw( + $owner = root, + $group = 0, + $mode = 0660 +) { + apache::file{$name: + owner => $owner, + group => $group, + mode => $mode, + } +} + diff --git a/manifests/gentoo.pp b/manifests/gentoo.pp new file mode 100644 index 0000000..10839f0 --- /dev/null +++ b/manifests/gentoo.pp @@ -0,0 +1,34 @@ +### gentoo +class apache::gentoo inherits apache::package { + $config_dir = '/etc/apache2/' + + # needs module gentoo + gentoo::etcconfd { + apache2: require => "Package[apache]", + notify => Service[apache], + } + Package[apache]{ + category => 'www-servers', + } + File[vhosts_dir]{ + path => "$config_dir/vhosts.d/", + } + File[modules_dir]{ + path => "$config_dir/modules.d/", + } + + apache::gentoo::module { '00_default_settings': } + apache::gentoo::module { '00_error_documents': } + apache::config::file { 'default_vhost.include': + source => "apache/vhosts.d/default_vhost.include", + destination => "$config_dir/vhosts.d/default_vhost.include", + } + + # set the default for the ServerName + file{"${config_dir}/modules.d/00_default_settings_ServerName.conf": + content => template('apache/modules_dir_00_default_settings_ServerName.conf.erb'), + require => Package[apache], + owner => root, group => 0, mode => 0644; + } +} + diff --git a/manifests/defines/htpasswd.pp b/manifests/htpasswd_user.pp index 2994f81..5a7c413 100644 --- a/manifests/defines/htpasswd.pp +++ b/manifests/htpasswd_user.pp @@ -1,5 +1,3 @@ -# manifests/defines/htpasswd.pp - # ToDo: This should be rewritten as native type define apache::htpasswd_user( $ensure = present, @@ -13,19 +11,19 @@ define apache::htpasswd_user( case $username { 'absent': { $real_username = $name } default: { $real_username = $username } - } + } case $site { 'absent': { $real_site = $name } default: { $real_site = $site } - } + } case $path { 'absent': { $real_path = "/var/www/htpasswds/${real_site}" } default: { $real_path = $path } } if $password_iscrypted { - $real_password = $password + $real_password = $password } else { - $real_password = htpasswd_sha1($password) + $real_password = htpasswd_sha1($password) } line{"htpasswd_for_${real_site}": diff --git a/manifests/init.pp b/manifests/init.pp index a6b6c3e..ef7867f 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -12,8 +12,6 @@ # the Free Software Foundation. # -import "defines/*.pp" - # Global variables: # # $apache_default_user: Set this to the user with which the @@ -37,231 +35,3 @@ class apache { } } -class apache::base { - file{'vhosts_dir': - path => '/etc/apache2/vhosts.d/', - ensure => directory, - owner => root, group => 0, mode => 0755; - } - file{'config_dir': - path => '/etc/apache2/conf.d/', - ensure => directory, - owner => root, group => 0, mode => 0755; - } - file{'modules_dir': - path => '/etc/apache2/modules.d/', - ensure => directory, - owner => root, group => 0, mode => 0755; - } - file{'htpasswd_dir': - path => '/var/www/htpasswds/', - ensure => directory, - owner => root, group => apache, mode => 0640; - } - file{'web_dir': - path => '/var/www/', - ensure => directory, - owner => root, group => 0, mode => 0755; - } - service { apache: - name => 'apache2', - enable => true, - ensure => running, - } - file { 'default_apache_index': - path => '/var/www/localhost/htdocs/index.html', - ensure => file, - content => template('apache/default/default_index.erb'), - owner => root, group => 0, mode => 0644; - } - - apache::config::file{ 'defaults.inc': } - apache::config::file{ 'git.conf': } - apache::vhost::file { '0-default': } -} - -class apache::package inherits apache::base { - package { 'apache': - name => 'apache', - ensure => present, - } - File['vhosts_dir']{ - require => Package[apache], - } - File['config_dir']{ - require => Package[apache], - } - Service['apache']{ - require => Package[apache], - } - File['default_apache_index']{ - require => Package[apache], - } - File['modules_dir']{ - require => Package[apache], - } - File['web_dir']{ - require => Package[apache], - } - File['htpasswd_dir']{ - require => Package[apache], - } -} - - -### distribution specific classes - -### centos -class apache::centos inherits apache::package { - $config_dir = '/etc/httpd/' - - Package[apache]{ - name => 'httpd', - } - Service[apache]{ - name => 'httpd', - restart => '/etc/init.d/httpd graceful', - } - File[vhosts_dir]{ - path => "$config_dir/vhosts.d/", - } - File[config_dir]{ - path => "$config_dir/conf.d/", - } - File[modules_dir]{ - path => "$config_dir/modules.d/", - } - File[web_dir]{ - path => "/var/www/vhosts", - } - File[default_apache_index]{ - path => '/var/www/html/index.html', - } - - file{'/etc/sysconfig/httpd': - source => [ "puppet://$server/files/apache/sysconfig/${fqdn}/httpd", - "puppet://$server/files/apache/sysconfig/httpd", - "puppet://$server/apache/sysconfig/${operatingsystem}/httpd", - "puppet://$server/apache/sysconfig/httpd" ], - require => Package['apache'], - notify => Service['apache'], - owner => root, group => 0, mode => 0644; - } - - apache::config::file{ 'welcome.conf': } - apache::config::file{ 'vhosts.conf': } -} - -### gentoo -class apache::gentoo inherits apache::package { - $config_dir = '/etc/apache2/' - - # needs module gentoo - gentoo::etcconfd { - apache2: require => "Package[apache]", - notify => Service[apache], - } - Package[apache]{ - category => 'www-servers', - } - File[vhosts_dir]{ - path => "$config_dir/vhosts.d/", - } - File[modules_dir]{ - path => "$config_dir/modules.d/", - } - - apache::gentoo::module { '00_default_settings': } - apache::gentoo::module { '00_error_documents': } - apache::config::file { 'default_vhost.include': - source => "apache/vhosts.d/default_vhost.include", - destination => "$config_dir/vhosts.d/default_vhost.include", - } - - # set the default for the ServerName - file{"${config_dir}/modules.d/00_default_settings_ServerName.conf": - content => template('apache/modules_dir_00_default_settings_ServerName.conf.erb'), - require => Package[apache], - owner => root, group => 0, mode => 0644; - } -} - -### debian -class apache::debian inherits apache::package { - $config_dir = '/etc/apache2/' - - file {"$vhosts_dir": - ensure => '/etc/apache2/sites-enabled/', - } - File[default_apache_index] { - path => '/var/www/index.html', - } -} - -### ubuntu: similar to debian therefor inheritng from there -class apache::ubuntu inherits apache::debian {} - -### openbsd -class apache::openbsd inherits apache::base { - $config_dir = '/var/www/' - - File[vhosts_dir]{ - path => "$config_dir/vhosts.d/", - } - File[modules_dir]{ - path => "$config_dir/conf/modules/", - } - File[config_dir]{ - path => "$config_dir/conf.d/", - } - File['htpasswd_dir']{ - group => www, - } - File[web_dir]{ - group => daemon, - } - line{'enable_apache_on_boot': - file => '/etc/rc.conf.local', - line => 'httpd flags=""', - } - file{"$config_dir/conf/httpd.conf": - source => [ "puppet://$server/files/apache/conf/${fqdn}/httpd.conf", - "puppet://$server/files/apache/conf/${apache_cluster_node}/httpd.conf", - "puppet://$server/files/apache/conf/httpd.conf", - "puppet://$server/apache/conf/${operatingsystem}/httpd.conf", - "puppet://$server/apache/conf/httpd.conf" ], - notify => Service['apache'], - owner => root, group => 0, mode => 0644; - } - File[default_apache_index] { - path => '/var/www/htdocs/default/www/index.html', - } - file{'/opt/bin/restart_apache.sh': - source => "puppet://$server/apache/OpenBSD/bin/restart_apache.sh", - require => File['/opt/bin'], - owner => root, group => 0, mode => 0700; - } - - apache::vhost::webdir{'default': } - - Service['apache']{ - restart => '/opt/bin/restart_apache.sh', - status => 'apachectl status', - start => 'apachectl start', - stop => 'apachectl stop', - } - file{'/opt/bin/apache_logrotate.sh': - source => "puppet://$server/apache/OpenBSD/bin/apache_logrotate.sh", - require => File['/opt/bin'], - owner => root, group => 0, mode => 0700; - } - cron { 'update_apache_logrotation': - command => '/bin/sh /opt/bin/apache_logrotate.sh > /etc/newsyslog_apache.conf', - minute => '1', - hour => '1', - } - cron { 'run_apache_logrotation': - command => '/usr/bin/newsyslog -f /etc/newsyslog_apache.conf > /dev/null', - minute => '10', - } -} diff --git a/manifests/itk.pp b/manifests/itk.pp index b53c059..5fa9dc7 100644 --- a/manifests/itk.pp +++ b/manifests/itk.pp @@ -8,26 +8,3 @@ class apache::itk inherits apache { default: { include apache::base::itk } } } -class apache::base::itk inherits apache::base { - Package['apache'] { - name => 'apache2-itk', - } - - File['htpasswd_dir']{ - group => 0, - mode => 0644, - } -} - -# http://hostby.net/home/2008/07/12/centos-5-and-mpm-itk/ -class apache::centos::itk inherits apache::centos { - Package['apache']{ - name => 'httpd-itk', - } - File['/etc/sysconfig/httpd']{ - source => [ "puppet://$server/files/apache/sysconfig/${fqdn}/httpd.itk", - "puppet://$server/files/apache/sysconfig/httpd.itk", - "puppet://$server/apache/sysconfig/${operatingsystem}/httpd.itk", - "puppet://$server/apache/sysconfig/httpd.itk" ], - } -} diff --git a/manifests/itk/base.pp b/manifests/itk/base.pp new file mode 100644 index 0000000..8a25bc5 --- /dev/null +++ b/manifests/itk/base.pp @@ -0,0 +1,10 @@ +class apache::base::itk inherits apache::base { + Package['apache'] { + name => 'apache2-itk', + } + + File['htpasswd_dir']{ + group => 0, + mode => 0644, + } +} diff --git a/manifests/itk/centos.pp b/manifests/itk/centos.pp new file mode 100644 index 0000000..8b55110 --- /dev/null +++ b/manifests/itk/centos.pp @@ -0,0 +1,13 @@ +# http://hostby.net/home/2008/07/12/centos-5-and-mpm-itk/ +class apache::centos::itk inherits apache::centos { + include ::apache::base::itk + Package['apache']{ + name => 'httpd-itk', + } + File['/etc/sysconfig/httpd']{ + source => [ "puppet://$server/files/apache/sysconfig/${fqdn}/httpd.itk", + "puppet://$server/files/apache/sysconfig/httpd.itk", + "puppet://$server/apache/sysconfig/${operatingsystem}/httpd.itk", + "puppet://$server/apache/sysconfig/httpd.itk" ], + } +} diff --git a/manifests/openbsd.pp b/manifests/openbsd.pp new file mode 100644 index 0000000..83d1694 --- /dev/null +++ b/manifests/openbsd.pp @@ -0,0 +1,64 @@ +### openbsd +class apache::openbsd inherits apache::base { + $config_dir = '/var/www/' + + File[vhosts_dir]{ + path => "$config_dir/vhosts.d/", + } + File[modules_dir]{ + path => "$config_dir/conf/modules/", + } + File[config_dir]{ + path => "$config_dir/conf.d/", + } + File['htpasswd_dir']{ + group => www, + } + File[web_dir]{ + group => daemon, + } + line{'enable_apache_on_boot': + file => '/etc/rc.conf.local', + line => 'httpd flags=""', + } + file{"$config_dir/conf/httpd.conf": + source => [ "puppet://$server/files/apache/conf/${fqdn}/httpd.conf", + "puppet://$server/files/apache/conf/${apache_cluster_node}/httpd.conf", + "puppet://$server/files/apache/conf/httpd.conf", + "puppet://$server/apache/conf/${operatingsystem}/httpd.conf", + "puppet://$server/apache/conf/httpd.conf" ], + notify => Service['apache'], + owner => root, group => 0, mode => 0644; + } + File[default_apache_index] { + path => '/var/www/htdocs/default/www/index.html', + } + file{'/opt/bin/restart_apache.sh': + source => "puppet://$server/apache/OpenBSD/bin/restart_apache.sh", + require => File['/opt/bin'], + owner => root, group => 0, mode => 0700; + } + + apache::vhost::webdir{'default': } + + Service['apache']{ + restart => '/opt/bin/restart_apache.sh', + status => 'apachectl status', + start => 'apachectl start', + stop => 'apachectl stop', + } + file{'/opt/bin/apache_logrotate.sh': + source => "puppet://$server/apache/OpenBSD/bin/apache_logrotate.sh", + require => File['/opt/bin'], + owner => root, group => 0, mode => 0700; + } + cron { 'update_apache_logrotation': + command => '/bin/sh /opt/bin/apache_logrotate.sh > /etc/newsyslog_apache.conf', + minute => '1', + hour => '1', + } + cron { 'run_apache_logrotation': + command => '/usr/bin/newsyslog -f /etc/newsyslog_apache.conf > /dev/null', + minute => '10', + } +} diff --git a/manifests/package.pp b/manifests/package.pp new file mode 100644 index 0000000..9ca5357 --- /dev/null +++ b/manifests/package.pp @@ -0,0 +1,29 @@ +# deploy apache as package +class apache::package inherits apache::base { + package { 'apache': + name => 'apache', + ensure => present, + } + File['vhosts_dir']{ + require => Package[apache], + } + File['config_dir']{ + require => Package[apache], + } + Service['apache']{ + require => Package[apache], + } + File['default_apache_index']{ + require => Package[apache], + } + File['modules_dir']{ + require => Package[apache], + } + File['web_dir']{ + require => Package[apache], + } + File['htpasswd_dir']{ + require => Package[apache], + } +} + diff --git a/manifests/selinux.pp b/manifests/selinux.pp index 030aae7..de76ddd 100644 --- a/manifests/selinux.pp +++ b/manifests/selinux.pp @@ -7,13 +7,3 @@ class apache::selinux { default: { include apache::selinux::base } } } - -class apache::selinux::base {} - -class apache::selinux::gentoo inherits apache::selinux::base { - package{'selinux-apache': - ensure => present, - category => 'sec-policy', - } - selinux::loadmodule {"apache": } -} diff --git a/manifests/selinux/base.pp b/manifests/selinux/base.pp new file mode 100644 index 0000000..bcf3b9b --- /dev/null +++ b/manifests/selinux/base.pp @@ -0,0 +1 @@ +class apache::selinux::base {} diff --git a/manifests/selinux/gentoo.pp b/manifests/selinux/gentoo.pp new file mode 100644 index 0000000..3dcb1dd --- /dev/null +++ b/manifests/selinux/gentoo.pp @@ -0,0 +1,7 @@ +class apache::selinux::gentoo inherits apache::selinux::base { + package{'selinux-apache': + ensure => present, + category => 'sec-policy', + } + selinux::loadmodule {"apache": } +} diff --git a/manifests/ssl.pp b/manifests/ssl.pp index 53848e9..a22920f 100644 --- a/manifests/ssl.pp +++ b/manifests/ssl.pp @@ -3,48 +3,7 @@ class apache::ssl inherits apache { case $operatingsystem { centos: { include apache::ssl::centos } - gentoo: { include apache::ssl::gentoo } openbsd: { include apache::ssl::openbsd } defaults: { include apache::ssl::base } } } - -class apache::ssl::base { - apache::config::file{ 'ssl_defaults.inc': } - apache::vhost::file{ '0-default_ssl': } -} - - -### distribution specific classes - -### centos -class apache::ssl::centos inherits apache::ssl::base { - package { 'mod_ssl': - name => 'mod_ssl', - ensure => present, - require => Package[apache], - } - apache::config::file{ 'ssl.conf': } -} - -### gentoo -class apache::ssl::gentoo inherits apache::ssl::base {} - -class apache::ssl::openbsd inherits apache::openbsd { - include apache::ssl::base - - Line['enable_apache_on_boot']{ - ensure => 'absent', - } - line{'enable_apachessl_on_boot': - file => '/etc/rc.conf.local', - line => 'httpd flags="-DSSL"', - } - - File['/opt/bin/restart_apache.sh']{ - source => "puppet://$server/apache/OpenBSD/bin/restart_apache_ssl.sh", - } - Service['apache']{ - start => 'apachectl startssl', - } -} diff --git a/manifests/ssl/base.pp b/manifests/ssl/base.pp new file mode 100644 index 0000000..72f61fd --- /dev/null +++ b/manifests/ssl/base.pp @@ -0,0 +1,4 @@ +class apache::ssl::base { + ::apache::config::file{ 'ssl_defaults.inc': } + ::apache::vhost::file{ '0-default_ssl': } +} diff --git a/manifests/ssl/centos.pp b/manifests/ssl/centos.pp new file mode 100644 index 0000000..a516f02 --- /dev/null +++ b/manifests/ssl/centos.pp @@ -0,0 +1,8 @@ +class apache::ssl::centos inherits apache::ssl::base { + package { 'mod_ssl': + name => 'mod_ssl', + ensure => present, + require => Package[apache], + } + ::apache::config::file{ 'ssl.conf': } +} diff --git a/manifests/ssl/itk.pp b/manifests/ssl/itk.pp index 910a48d..62c96cf 100644 --- a/manifests/ssl/itk.pp +++ b/manifests/ssl/itk.pp @@ -6,9 +6,3 @@ class apache::ssl::itk inherits apache::ssl { } } -class apache::ssl::itk::centos inherits apache::ssl::centos { - Package['mod_ssl']{ - name => 'mod_ssl-itk', - } -} - diff --git a/manifests/ssl/itk/centos.pp b/manifests/ssl/itk/centos.pp new file mode 100644 index 0000000..fb6a4a6 --- /dev/null +++ b/manifests/ssl/itk/centos.pp @@ -0,0 +1,6 @@ +class apache::ssl::itk::centos inherits apache::ssl::centos { + Package['mod_ssl']{ + name => 'mod_ssl-itk', + } +} + diff --git a/manifests/ssl/openbsd.pp b/manifests/ssl/openbsd.pp new file mode 100644 index 0000000..04dadeb --- /dev/null +++ b/manifests/ssl/openbsd.pp @@ -0,0 +1,18 @@ +class apache::ssl::openbsd inherits apache::openbsd { + include apache::ssl::base + + Line['enable_apache_on_boot']{ + ensure => 'absent', + } + line{'enable_apachessl_on_boot': + file => '/etc/rc.conf.local', + line => 'httpd flags="-DSSL"', + } + + File['/opt/bin/restart_apache.sh']{ + source => "puppet://$server/apache/OpenBSD/bin/restart_apache_ssl.sh", + } + Service['apache']{ + start => 'apachectl startssl', + } +} diff --git a/manifests/status.pp b/manifests/status.pp index 0048a64..d32069e 100644 --- a/manifests/status.pp +++ b/manifests/status.pp @@ -10,12 +10,3 @@ class apache::status inherits apache { } } -class apache::status::base {} - - -### distribution specific classes - -### centos -class apache::status::centos { - apache::config::file{ 'status.conf': } -} diff --git a/manifests/status/base.pp b/manifests/status/base.pp new file mode 100644 index 0000000..df6c90b --- /dev/null +++ b/manifests/status/base.pp @@ -0,0 +1 @@ +class apache::status::base {} diff --git a/manifests/status/centos.pp b/manifests/status/centos.pp new file mode 100644 index 0000000..a7692dd --- /dev/null +++ b/manifests/status/centos.pp @@ -0,0 +1,5 @@ +### centos +class apache::status::centos { + ::apache::config::file{ 'status.conf': } +} + diff --git a/manifests/ubuntu.pp b/manifests/ubuntu.pp new file mode 100644 index 0000000..0837296 --- /dev/null +++ b/manifests/ubuntu.pp @@ -0,0 +1,3 @@ +### ubuntu: similar to debian therefor inheritng from there +class apache::ubuntu inherits apache::debian {} + diff --git a/manifests/vhost.pp b/manifests/vhost.pp new file mode 100644 index 0000000..c5215a0 --- /dev/null +++ b/manifests/vhost.pp @@ -0,0 +1,82 @@ +# this is a wrapper for apache::vhost::file and avhost::template below +# +# vhost_mode: which option is choosed to deploy the vhost +# - template: generate it from a template (default) +# - file: deploy a vhost file (apache::vhost::file will be called directly) +# +define apache::vhost( + $ensure = present, + $path = 'absent', + $path_is_webdir = false, + $template_mode = 'static', + $vhost_mode = 'template', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $content = 'absent', + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $allow_override = 'None', + $php_upload_tmp_dir = 'absent', + $php_session_save_path = 'absent', + $cgi_binpath = 'absent', + $default_charset = 'absent', + $do_includes = false, + $options = 'absent', + $additional_options = 'absent', + $run_mode = 'normal', + $run_uid = 'absent', + $run_gid = 'absent', + $template_mode = 'static', + $ssl_mode = false, + $htpasswd_file = 'absent', + $htpasswd_path = 'absent', + $mod_security = true, + $ldap_auth = false, + $ldap_user = 'any' +) { + # file or template mode? + case $vhost_mode { + 'file': { + apache::vhost::file{$name: + ensure => $ensure, + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + do_includes => $do_includes, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + } + } + 'template': { + apache::vhost::template{$name: + ensure => $ensure, + path => $path, + path_is_webdir => $path_is_webdir, + domain => $domain, + domainalias => $domainalias, + server_admin => $server_admin, + php_upload_tmp_dir => $php_upload_tmp_dir, + php_session_save_path => $php_session_save_path, + cgi_binpath => $cgi_binpath, + allow_override => $allow_override, + do_includes => $do_includes, + options => $options, + additional_options => $additional_options, + default_charset => $default_charset, + run_mode => $run_mode, + run_uid => $run_uid, + run_gid => $run_gid, + template_mode => $template_mode, + ssl_mode => $ssl_mode, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + ldap_auth => $ldap_auth, + ldap_user => $ldap_user, + mod_security => $mod_security, + } + } + default: { fail("no such vhost_mode: $vhost_mode defined for $name.") } + } + +} + diff --git a/manifests/vhost/file.pp b/manifests/vhost/file.pp new file mode 100644 index 0000000..c31420e --- /dev/null +++ b/manifests/vhost/file.pp @@ -0,0 +1,85 @@ +# htpasswd_file: wether to deploy a passwd for this vhost or not +# - absent: ignore (default) +# - nodeploy: htpasswd file isn't deployed by this mechanism +# - else: try to deploy the file +# +# htpasswd_path: where to deploy the passwd file +# - absent: standardpath (default) +# - else: path to deploy +# +define apache::vhost::file( + $ensure = present, + $vhost_source = 'absent', + $vhost_destination = 'absent', + $content = 'absent', + $do_includes = false, + $htpasswd_file = 'absent', + $htpasswd_path = 'absent' +){ + $vhosts_dir = $operatingsystem ? { + centos => "$apache::centos::config_dir/vhosts.d/", + gentoo => "$apache::gentoo::config_dir/vhosts.d/", + debian => "$apache::debian::config_dir/vhosts.d/", + ubuntu => "$apache::ubuntu::config_dir/vhosts.d/", + openbsd => "$apache::openbsd::config_dir/vhosts.d/", + default => '/etc/apache2/vhosts.d/', + } + $real_vhost_destination = $vhost_destination ? { + 'absent' => "$vhosts_dir/$name.conf", + default => $vhost_destination, + } + file{"${name}.conf": + ensure => $ensure, + path => $real_vhost_destination, + require => File[vhosts_dir], + notify => Service[apache], + owner => root, group => 0, mode => 0644; + } + if $do_includes { + include apache::includes + } + case $content { + 'absent': { + $real_vhost_source = $vhost_source ? { + 'absent' => [ + "puppet://$server/files/apache/vhosts.d/$fqdn/$name.conf", + "puppet://$server/files/apache/vhosts.d/$apache_cluster_node/$name.conf", + "puppet://$server/files/apache/vhosts.d/$operatingsystem.$lsbdistcodename/$name.conf", + "puppet://$server/files/apache/vhosts.d/$operatingsystem/$name.conf", + "puppet://$server/files/apache/vhosts.d/$name.conf", + "puppet://$server/apache/vhosts.d/$name.conf", + "puppet://$server/apache/vhosts.d/$operatingsystem.$lsbdistcodename/$name.conf", + "puppet://$server/apache/vhosts.d/$operatingsystem/$name.conf", + "puppet://$server/apache/vhosts.d/$name.conf" + ], + default => "puppet://$server/$vhost_source", + } + File["${name}.conf"]{ + source => $real_vhost_source, + } + } + default: { + File["${name}.conf"]{ + content => $content, + } + } + } + case $htpasswd_file { + 'absent','nodeploy': { info("don't deploy a htpasswd file for ${name") } + default: { + if $htpasswd_path == 'absent' { + $real_htpasswd_path = "/var/www/htpasswds/$name" + } else { + $real_htpasswd_path = $htpasswd_path + } + file{$real_htpasswd_path: + ensure => $ensure, + source => [ "puppet://$server/files/apache/htpasswds/$fqdn/$name", + "puppet://$server/files/apache/htpasswds/$apache_cluster_node/$name", + "puppet://$server/files/apache/htpasswds/$name" ], + owner => root, group => 0, mode => 0644; + } + } + } +} + diff --git a/manifests/vhost/file/documentrootdir.pp b/manifests/vhost/file/documentrootdir.pp new file mode 100644 index 0000000..425406a --- /dev/null +++ b/manifests/vhost/file/documentrootdir.pp @@ -0,0 +1,24 @@ +define apache::vhost::file::documentrootdir( + $ensure = directory, + $documentroot, + $filename, + $thedomain, + $owner = 'root', + $group = '0', + $mode = 440 +){ + file{"$documentroot/$filename": + require => Apache::Vhost::Webdir["$thedomain"], + owner => $owner, group => $group, mode => $mode; + } + if $ensure != 'absent' { + File["$documentroot/$filename"]{ + ensure => directory, + } + } else { + File["$documentroot/$filename"]{ + ensure => $ensure, + } + } +} + diff --git a/manifests/vhost/file/documentrootfile.pp b/manifests/vhost/file/documentrootfile.pp new file mode 100644 index 0000000..c9daf9c --- /dev/null +++ b/manifests/vhost/file/documentrootfile.pp @@ -0,0 +1,25 @@ +define apache::vhost::file::documentrootfile( + $documentroot, + $filename, + $thedomain, + $owner='root', + $group='0', + $mode=440 +){ + file{"$documentroot/$filename": + source => [ "puppet://$server/files/apache/vhost_varieties/$fqdn/$thedomain/$filename", + "puppet://$server/files/apache/vhost_varieties/$apache_cluster_node/$thedomain/$filename", + "puppet://$server/files/apache/vhost_varieties/$operatingsystem.$lsbdistcodename/$thedomain/$filename", + "puppet://$server/files/apache/vhost_varieties/$operatingsystem/$thedomain/$filename", + "puppet://$server/files/apache/vhost_varieties/$thedomain/$filename", + "puppet://$server/apache/vhost_varieties/$thedomain/$filename", + "puppet://$server/apache/vhost_varieties/$operatingsystem.$lsbdistcodename/$thedomain/$filename", + "puppet://$server/apache/vhost_varieties/$operatingsystem/$thedomain/$filename", + "puppet://$server/apache/vhost_varieties/$thedomain/$filename" + ], + ensure => file, + require => Apache::Vhost::Webdir["$thedomain"], + owner => $owner, group => $group, mode => $mode; + } +} + diff --git a/manifests/vhost/modperl.pp b/manifests/vhost/modperl.pp new file mode 100644 index 0000000..35e1f93 --- /dev/null +++ b/manifests/vhost/modperl.pp @@ -0,0 +1,94 @@ +# run_mode: +# - normal: nothing special (*default*) +# - itk: apache is running with the itk module +# and run_uid and run_gid are used as vhost users +# run_uid: the uid the vhost should run as with the itk module +# run_gid: the gid the vhost should run as with the itk module +define apache::vhost::modperl( + $ensure = present, + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $path = 'absent', + $owner = root, + $group = 0, + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0640, + $run_mode = 'normal', + $run_uid = 'absent', + $run_gid = 'absent', + $allow_override = 'None', + $cgi_binpath = 'absent', + $do_includes = false, + $options = 'absent', + $additional_options = 'absent', + $default_charset = 'absent', + $mod_security = true, + $ssl_mode = false, + $vhost_mode = 'template', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent' +){ + # cgi_bin path + case $cgi_binpath { + 'absent': { + $real_path = $path ? { + 'absent' => $operatingsystem ? { + openbsd => "/var/www/htdocs/${name}", + default => "/var/www/vhosts/${name}" + }, + default => "${path}" + } + $real_cgi_binpath = "${real_path}/cgi-bin" + } + default: { $real_cgi_binpath = $cgi_binpath } + } + file{$real_cgi_binpath: + ensure => directory, + owner => $documentroot_owner, + group => $documentroot_group, + mode => $documentroot_mode; + } + + # create webdir + ::apache::vhost::webdir{$name: + ensure => $ensure, + path => $path, + owner => $owner, + group => $group, + run_mode => $run_mode, + documentroot_owner => $documentroot_owner, + documentroot_group => $documentroot_group, + documentroot_mode => $documentroot_mode, + } + + # create vhost configuration file + ::apache::vhost{$name: + ensure => $ensure, + path => $path, + template_mode => 'perl', + vhost_mode => $vhost_mode, + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + domain => $domain, + domainalias => $domainalias, + server_admin => $server_admin, + run_mode => $run_mode, + run_uid => $run_uid, + run_gid => $run_gid, + allow_override => $allow_override, + do_includes => $do_includes, + options => $options, + additional_options => $additional_options, + default_charset => $default_charset, + cgi_binpath => $real_cgi_binpath, + ssl_mode => $ssl_mode, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + mod_security => $mod_security, + } +} + diff --git a/manifests/vhost/php/drupal.pp b/manifests/vhost/php/drupal.pp new file mode 100644 index 0000000..ea0d031 --- /dev/null +++ b/manifests/vhost/php/drupal.pp @@ -0,0 +1,86 @@ +# run_mode: +# - normal: nothing special (*default*) +# - itk: apache is running with the itk module +# and run_uid and run_gid are used as vhost users +# run_uid: the uid the vhost should run as with the itk module +# run_gid: the gid the vhost should run as with the itk module +define apache::vhost::php::drupal( + $ensure = present, + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $path = 'absent', + $owner = root, + $group = 0, + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0640, + $run_mode = 'normal', + $run_uid = 'absent', + $run_gid = 'absent', + $allow_override = 'None', + $php_upload_tmp_dir = 'absent', + $php_session_save_path = 'absent', + $do_includes = false, + $options = 'absent', + $additional_options = 'absent', + $default_charset = 'absent', + $mod_security = true, + $ssl_mode = false, + $vhost_mode = 'template', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent', + $manage_cron = true +){ + $documentroot = $path ? { + 'absent' => $operatingsystem ? { + openbsd => "/var/www/htdocs/${name}/www", + default => "/var/www/vhosts/${name}/www" + }, + default => "${path}/www" + } + + if $manage_cron { + file{"/etc/cron.d/drupal_cron_${name}": + content => "0 * * * * apache wget -O - -q -t 1 http://${doamin}/cron.php\n", + owner => root, group => 0, mode => 0644; + } + } + + # create vhost configuration file + ::apache::vhost::php::webapp{$name: + ensure => $ensure, + domain => $domain, + domainalias => $domainalias, + server_admin => $server_admin, + path => $path, + template_mode => 'php_drupal', + owner => $owner, + group => $group, + documentroot_owner => $documentroot_owner, + documentroot_group => $documentroot_group, + documentroot_mode => $documentroot_mode, + run_mode => $run_mode, + run_uid => $run_uid, + run_gid => $run_gid, + allow_override => $allow_override, + php_upload_tmp_dir => $php_upload_tmp_dir, + php_session_save_path => $php_session_save_path, + do_includes => $do_includes, + options => $options, + additional_options => $additional_options, + default_charset => $default_charset, + mod_security => $mod_security, + ssl_mode => $ssl_mode, + vhost_mode => $vhost_mode, + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + manage_directories => false, + manage_config => false, + } +} + diff --git a/manifests/vhost/php/joomla.pp b/manifests/vhost/php/joomla.pp new file mode 100644 index 0000000..1294b52 --- /dev/null +++ b/manifests/vhost/php/joomla.pp @@ -0,0 +1,100 @@ + +rmal: nothing special (*default*) +# - itk: apache is running with the itk module +# and run_uid and run_gid are used as vhost users +# run_uid: the uid the vhost should run as with the itk module +# run_gid: the gid the vhost should run as with the itk module +define apache::vhost::php::joomla( + $ensure = present, + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $path = 'absent', + $owner = root, + $group = 0, + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0640, + $run_mode = 'normal', + $run_uid = 'absent', + $run_gid = 'absent', + $allow_override = 'None', + $php_upload_tmp_dir = 'absent', + $php_session_save_path = 'absent', + $do_includes = false, + $options = 'absent', + $additional_options = 'absent', + $default_charset = 'absent', + $mod_security = true, + $ssl_mode = false, + $vhost_mode = 'template', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent', + $manage_config = true, + $config_webwriteable = false, + $manage_directories = true +){ + include ::apache::joomla + + $documentroot = $path ? { + 'absent' => $operatingsystem ? { + openbsd => "/var/www/htdocs/${name}/www", + default => "/var/www/vhosts/${name}/www" + }, + default => "${path}/www" + } + + # create vhost configuration file + ::apache::vhost::php::webapp{$name: + ensure => $ensure, + domain => $domain, + domainalias => $domainalias, + server_admin => $server_admin, + path => $path, + template_mode => 'php_joomla', + owner => $owner, + group => $group, + documentroot_owner => $documentroot_owner, + documentroot_group => $documentroot_group, + documentroot_mode => $documentroot_mode, + run_mode => $run_mode, + run_uid => $run_uid, + run_gid => $run_gid, + allow_override => $allow_override, + php_upload_tmp_dir => $php_upload_tmp_dir, + php_session_save_path => $php_session_save_path, + do_includes => $do_includes, + options => $options, + additional_options => $additional_options, + default_charset => $default_charset, + mod_security => $mod_security, + ssl_mode => $ssl_mode, + vhost_mode => $vhost_mode, + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + manage_directories => $manage_directories, + managed_directories => [ "$documentroot/administrator/backups", + "$documentroot/administrator/components", + "$documentroot/administrator/language", + "$documentroot/administrator/modules", + "$documentroot/administrator/templates", + "$documentroot/components", + "$documentroot/images", + "$documentroot/language", + "$documentroot/media", + "$documentroot/modules", + "$documentroot/plugins", + "$documentroot/templates", + "$documentroot/cache", + "$documentroot/administrator/cache" ], + manage_config => $manage_config, + config_webwriteable => $config_webwriteable, + config_file => 'configuration.php', + } + +} + diff --git a/manifests/vhost/php/simplemachine.pp b/manifests/vhost/php/simplemachine.pp new file mode 100644 index 0000000..2c50a6e --- /dev/null +++ b/manifests/vhost/php/simplemachine.pp @@ -0,0 +1,90 @@ +# run_mode: +# - normal: nothing special (*default*) +# - itk: apache is running with the itk module +# and run_uid and run_gid are used as vhost users +# run_uid: the uid the vhost should run as with the itk module +# run_gid: the gid the vhost should run as with the itk module +define apache::vhost::php::simplemachine( + $ensure = present, + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $path = 'absent', + $owner = root, + $group = 0, + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0640, + $run_mode = 'normal', + $run_uid = 'absent', + $run_gid = 'absent', + $allow_override = 'None', + $php_upload_tmp_dir = 'absent', + $php_session_save_path = 'absent', + $do_includes = false, + $options = 'absent', + $additional_options = 'absent', + $default_charset = 'absent', + $mod_security = true, + $ssl_mode = false, + $vhost_mode = 'template', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent', + $manage_config = true, + $config_webwriteable = false, + $manage_directories = true +){ + $documentroot = $path ? { + 'absent' => $operatingsystem ? { + openbsd => "/var/www/htdocs/${name}/www", + default => "/var/www/vhosts/${name}/www" + }, + default => "${path}/www" + } + + # create vhost configuration file + ::apache::vhost::php::webapp{$name: + ensure => $ensure, + domain => $domain, + domainalias => $domainalias, + server_admin => $server_admin, + path => $path, + template_mode => 'php_simplemachine', + owner => $owner, + group => $group, + documentroot_owner => $documentroot_owner, + documentroot_group => $documentroot_group, + documentroot_mode => $documentroot_mode, + run_mode => $run_mode, + run_uid => $run_uid, + run_gid => $run_gid, + allow_override => $allow_override, + php_upload_tmp_dir => $php_upload_tmp_dir, + php_session_save_path => $php_session_save_path, + do_includes => $do_includes, + options => $options, + additional_options => $additional_options, + default_charset => $default_charset, + mod_security => $mod_security, + ssl_mode => $ssl_mode, + vhost_mode => $vhost_mode, + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + manage_directories => $manage_directories, + managed_directories => [ + "$documentroot/attachments", + "$documentroot/Packages", + "$documentroot/Themes", + "$documentroot/agreement.txt", + "$documentroot/Packages/installed.list", + "$documentroot/avatars" ], + manage_config => $manage_config, + config_webwriteable => $config_webwriteable, + config_file => 'Settings.php', + } +} + diff --git a/manifests/vhost/php/standard.pp b/manifests/vhost/php/standard.pp new file mode 100644 index 0000000..4e5873f --- /dev/null +++ b/manifests/vhost/php/standard.pp @@ -0,0 +1,88 @@ +# run_mode: +# - normal: nothing special (*default*) +# - itk: apache is running with the itk module +# and run_uid and run_gid are used as vhost users +# run_uid: the uid the vhost should run as with the itk module +# run_gid: the gid the vhost should run as with the itk module +define apache::vhost::php::standard( + $ensure = present, + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $path = 'absent', + $template_mode = 'php', + $owner = root, + $group = apache, + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0640, + $run_mode = 'normal', + $run_uid = 'absent', + $run_gid = 'absent', + $allow_override = 'None', + $php_upload_tmp_dir = 'absent', + $php_session_save_path = 'absent', + $do_includes = false, + $options = 'absent', + $additional_options = 'absent', + $default_charset = 'absent', + $mod_security = true, + $ssl_mode = false, + $vhost_mode = 'template', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent' +){ + + ::apache::vhost::phpdirs{"${name}": + ensure => $ensure, + php_upload_tmp_dir => $php_upload_tmp_dir, + php_session_save_path => $php_session_save_path, + documentroot_owner => $documentroot_owner, + documentroot_group => $documentroot_group, + documentroot_mode => $documentroot_mode, + run_mode => $run_mode, + run_uid => $run_uid, + } + + # create webdir + ::apache::vhost::webdir{$name: + ensure => $ensure, + path => $path, + owner => $owner, + group => $group, + run_mode => $run_mode, + documentroot_owner => $documentroot_owner, + documentroot_group => $documentroot_group, + documentroot_mode => $documentroot_mode, + } + + # create vhost configuration file + ::apache::vhost{$name: + ensure => $ensure, + path => $path, + template_mode => $template_mode, + vhost_mode => $vhost_mode, + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + domain => $domain, + domainalias => $domainalias, + server_admin => $server_admin, + run_mode => $run_mode, + run_uid => $run_uid, + run_gid => $run_gid, + allow_override => $allow_override, + do_includes => $do_includes, + options => $options, + additional_options => $additional_options, + default_charset => $default_charset, + php_upload_tmp_dir => $php_upload_tmp_dir, + php_session_save_path => $php_session_save_path, + ssl_mode => $ssl_mode, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + mod_security => $mod_security, + } +} + diff --git a/manifests/vhost/php/webapp.pp b/manifests/vhost/php/webapp.pp new file mode 100644 index 0000000..04fd29c --- /dev/null +++ b/manifests/vhost/php/webapp.pp @@ -0,0 +1,103 @@ +# run_mode: +# - normal: nothing special (*default*) +# - itk: apache is running with the itk module +# and run_uid and run_gid are used as vhost users +# run_uid: the uid the vhost should run as with the itk module +# run_gid: the gid the vhost should run as with the itk module +define apache::vhost::php::webapp( + $ensure = present, + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $path = 'absent', + $template_mode, + $owner = root, + $group = 0, + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0640, + $run_mode = 'normal', + $run_uid = 'absent', + $run_gid = 'absent', + $allow_override = 'None', + $php_upload_tmp_dir = 'absent', + $php_session_save_path = 'absent', + $do_includes = false, + $options = 'absent', + $additional_options = 'absent', + $default_charset = 'absent', + $mod_security = true, + $ssl_mode = false, + $vhost_mode = 'template', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent', + $manage_config = true, + $config_file = 'absent', + $config_webwriteable = false, + $manage_directories = true, + $managed_directories +){ + if ($ensure != 'absent') { + if $manage_directories { + ::apache::file::rw{ $managed_directories : + owner => $documentroot_owner, + group => $documentroot_group, + } + } + + if $manage_config { + if $config_file == 'absent' { fail("No config file defined for ${name} on ${fqdn}, if you'd like to manage the config, you have to add one!") } + ::apache::vhost::file::documentrootfile{"configurationfile_${name}": + documentroot => $documentroot, + filename => $config_file, + thedomain => $name, + owner => $documentroot_owner, + group => $documentroot_group, + } + if $config_webwriteable { + Apache::Vhost::File::Documentrootfile["configurationfile_${name}"]{ + mode => 0660, + } + } else { + Apache::Vhost::File::Documentrootfile["configurationfile_${name}"]{ + mode => 0440, + } + } + } + } + + # create vhost configuration file + ::apache::vhost::php::standard{$name: + ensure => $ensure, + domain => $domain, + domainalias => $domainalias, + server_admin => $server_admin, + path => $path, + template_mode => $template_mode, + owner => $owner, + group => $group, + documentroot_owner => $documentroot_owner, + documentroot_group => $documentroot_group, + documentroot_mode => $documentroot_mode, + run_mode => $run_mode, + run_uid => $run_uid, + run_gid => $run_gid, + allow_override => $allow_override, + php_upload_tmp_dir => $php_upload_tmp_dir, + php_session_save_path => $php_session_save_path, + do_includes => $do_includes, + options => $options, + additional_options => $additional_options, + default_charset => $default_charset, + mod_security => $mod_security, + ssl_mode => $ssl_mode, + vhost_mode => $vhost_mode, + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + } +} + diff --git a/manifests/vhost/php/wordpress.pp b/manifests/vhost/php/wordpress.pp new file mode 100644 index 0000000..09d38e0 --- /dev/null +++ b/manifests/vhost/php/wordpress.pp @@ -0,0 +1,85 @@ +# run_mode: +# - normal: nothing special (*default*) +# - itk: apache is running with the itk module +# and run_uid and run_gid are used as vhost users +# run_uid: the uid the vhost should run as with the itk module +# run_gid: the gid the vhost should run as with the itk module +define apache::vhost::php::wordpress( + $ensure = present, + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $path = 'absent', + $owner = root, + $group = 0, + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0640, + $run_mode = 'normal', + $run_uid = 'absent', + $run_gid = 'absent', + $allow_override = 'FileInfo', + $php_upload_tmp_dir = 'absent', + $php_session_save_path = 'absent', + $do_includes = false, + $options = 'absent', + $additional_options = 'absent', + $default_charset = 'absent', + $mod_security = true, + $ssl_mode = false, + $vhost_mode = 'template', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent', + $manage_config = true, + $config_webwriteable = false, + $manage_directories = true +){ + + $documentroot = $path ? { + 'absent' => $operatingsystem ? { + openbsd => "/var/www/htdocs/${name}/www", + default => "/var/www/vhosts/${name}/www" + }, + default => "${path}/www" + } + + # create vhost configuration file + ::apache::vhost::php::webapp{$name: + ensure => $ensure, + domain => $domain, + domainalias => $domainalias, + server_admin => $server_admin, + path => $path, + template_mode => 'php_wordpress', + owner => $owner, + group => $group, + documentroot_owner => $documentroot_owner, + documentroot_group => $documentroot_group, + documentroot_mode => $documentroot_mode, + run_mode => $run_mode, + run_uid => $run_uid, + run_gid => $run_gid, + allow_override => $allow_override, + php_upload_tmp_dir => $php_upload_tmp_dir, + php_session_save_path => $php_session_save_path, + do_includes => $do_includes, + options => $options, + additional_options => $additional_options, + default_charset => $default_charset, + mod_security => $mod_security, + ssl_mode => $ssl_mode, + vhost_mode => $vhost_mode, + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + manage_directories => $manage_directories, + managed_directories => "$documentroot/wp-content", + manage_config => $manage_config, + config_webwriteable => $config_webwriteable, + config_file => 'wp-config.php', + } +} + diff --git a/manifests/vhost/phpdirs.pp b/manifests/vhost/phpdirs.pp new file mode 100644 index 0000000..24413d0 --- /dev/null +++ b/manifests/vhost/phpdirs.pp @@ -0,0 +1,49 @@ +define apache::vhost::phpdirs( + $ensure = present, + $php_upload_tmp_dir = 'absent', + $php_session_save_path = 'absent', + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0750, + $run_mode = 'normal', + $run_uid = 'absent' +){ + # php upload_tmp_dir + case $php_upload_tmp_dir { + 'absent': { + include apache::defaultphpdirs + $real_php_upload_tmp_dir = "/var/www/upload_tmp_dir/$name" + } + default: { $real_php_upload_tmp_dir = $php_upload_tmp_dir } + } + # php session_save_path + case $php_session_save_path { + 'absent': { + include apache::defaultphpdirs + $real_php_session_save_path = "/var/www/session.save_path/$name" + } + default: { $real_php_session_save_path = $php_session_save_path } + } + + case $ensure { + absent: { + file{[$real_php_upload_tmp_dir, $real_php_session_save_path ]: + ensure => absent, + purge => true, + force => true, + recurse => true, + } + } + default: { + file{[$real_php_upload_tmp_dir, $real_php_session_save_path ]: + ensure => directory, + owner => $run_mode ? { + 'itk' => $run_uid, + default => $documentroot_owner + }, + group => $documentroot_group, mode => $documentroot_mode; + } + } + } +} + diff --git a/manifests/vhost/static.pp b/manifests/vhost/static.pp new file mode 100644 index 0000000..3c8d313 --- /dev/null +++ b/manifests/vhost/static.pp @@ -0,0 +1,61 @@ +# vhost_mode: which option is chosen to deploy the vhost +# - template: generate it from a template (default) +# - file: deploy a vhost file (apache::vhost::file will be called directly) +define apache::vhost::static( + $ensure = present, + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $path = 'absent', + $owner = root, + $group = 0, + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0640, + $allow_override = 'None', + $do_includes = false, + $options = 'absent', + $additional_options = 'absent', + $default_charset = 'absent', + $ssl_mode = false, + $vhost_mode = 'template', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent' +){ + # create webdir + ::apache::vhost::webdir{$name: + ensure => $ensure, + path => $path, + owner => $owner, + group => $group, + run_mode => 'normal', + documentroot_owner => $documentroot_owner, + documentroot_group => $documentroot_group, + documentroot_mode => $documentroot_mode, + } + + # create vhost configuration file + ::apache::vhost{$name: + ensure => $ensure, + path => $path, + template_mode => 'static', + vhost_mode => $vhost_mode, + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + domain => $domain, + domainalias => $domainalias, + server_admin => $server_admin, + allow_override => $allow_override, + do_includes => $do_includes, + options => $options, + additional_options => $additional_options, + default_charset => $default_charset, + ssl_mode => $ssl_mode, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + mod_security => false, + } +} + diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp new file mode 100644 index 0000000..07429a2 --- /dev/null +++ b/manifests/vhost/template.pp @@ -0,0 +1,107 @@ +# template_mode: +# - php: for a default php application +# - static: for a static application (default) +# - perl: for a mod_perl application +# - php_joomla: for a joomla application +# +# domainalias: +# - absent: no domainalias is set (*default*) +# - www: domainalias is set to www.$domain +# - else: domainalias is set to that +# +# ssl_mode: wether this vhost supports ssl or not +# - false: don't enable ssl for this vhost (default) +# - true: enable ssl for this vhost +# - force: enable ssl and redirect non-ssl to ssl +# +define apache::vhost::template( + $ensure = present, + $path = 'absent', + $path_is_webdir = false, + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $allow_override = 'None', + $php_upload_tmp_dir = 'absent', + $php_session_save_path = 'absent', + $cgi_binpath = 'absent', + $do_includes = false, + $options = 'absent', + $additional_options = 'absent', + $default_charset = 'absent', + $run_mode = 'normal', + $run_uid = 'absent', + $run_gid = 'absent', + $template_mode = 'static', + $ssl_mode = false, + $mod_security = true, + $htpasswd_file = 'absent', + $htpasswd_path = 'absent', + $ldap_auth = false, + $ldap_user = 'any' +){ + $real_path = $path ? { + 'absent' => $operatingsystem ? { + openbsd => "/var/www/htdocs/$name", + default => "/var/www/vhosts/$name" + }, + default => $path + } + + if $path_is_webdir { + $documentroot = "$real_path" + } else { + $documentroot = "$real_path/www" + } + $logdir = "$real_path/logs" + + $servername = $domain ? { + 'absent' => $name, + default => $domain + } + $serveralias = $domainalias ? { + 'absent' => '', + 'www' => "www.${servername}", + default => $domainalias + } + if $htpasswd_path == 'absent' { + $real_htpasswd_path = "/var/www/htpasswds/$name" + } else { + $real_htpasswd_path = $htpasswd_path + } + case $run_mode { + 'itk': { + case $run_uid { + 'absent': { fail("you have to define run_uid for $name on $fqdn") } + } + case $run_gid { + 'absent': { fail("you have to define run_gid for $name on $fqdn") } + } + } + } + + # set default dirs for templates + # php upload_tmp_dir + case $php_upload_tmp_dir { + 'absent': { + $real_php_upload_tmp_dir = "/var/www/upload_tmp_dir/$name" + } + default: { $real_php_upload_tmp_dir = $php_upload_tmp_dir } + } + # php session_save_path + case $php_session_save_path { + 'absent': { + $real_php_session_save_path = "/var/www/session.save_path/$name" + } + default: { $real_php_session_save_path = $php_session_save_path } + } + + apache::vhost::file{$name: + ensure => $ensure, + content => template("apache/vhosts/$template_mode/$operatingsystem.erb"), + do_includes => $do_includes, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + } +} + diff --git a/manifests/vhost/webdav.pp b/manifests/vhost/webdav.pp new file mode 100644 index 0000000..6eaa7cd --- /dev/null +++ b/manifests/vhost/webdav.pp @@ -0,0 +1,75 @@ +# Webdav vhost: to manage webdav accessible targets +# run_mode: +# - normal: nothing special (*default*) +# - itk: apache is running with the itk module +# and run_uid and run_gid are used as vhost users +# run_uid: the uid the vhost should run as with the itk module +# run_gid: the gid the vhost should run as with the itk module +define apache::vhost::webdav( + $ensure = present, + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $path = 'absent', + $owner = root, + $group = 0, + $manage_webdir = true, + $path_is_webdir = false, + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0640, + $run_mode = 'normal', + $run_uid = 'absent', + $run_gid = 'absent', + $options = 'absent', + $additional_options = 'absent', + $default_charset = 'absent', + $mod_security = false, + $ssl_mode = false, + $vhost_mode = 'template', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent', + $ldap_auth = false, + $ldap_user = 'any' +){ + if $manage_webdir { + # create webdir + ::apache::vhost::webdir{$name: + ensure => $ensure, + path => $path, + owner => $owner, + group => $group, + run_mode => $run_mode, + documentroot_owner => $documentroot_owner, + documentroot_group => $documentroot_group, + documentroot_mode => $documentroot_mode, + } + } + # create vhost configuration file + ::apache::vhost{$name: + ensure => $ensure, + path => $path, + path_is_webdir => $path_is_webdir, + template_mode => 'webdav', + vhost_mode => $vhost_mode, + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + domain => $domain, + domainalias => $domainalias, + server_admin => $server_admin, + run_mode => $run_mode, + run_uid => $run_uid, + options => $options, + additional_options => $additional_options, + default_charset => $default_charset, + ssl_mode => $ssl_mode, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + ldap_auth => $ldap_auth, + ldap_user => $ldap_user, + mod_security => $mod_security, + } +} + diff --git a/manifests/defines/configuration.pp b/manifests/vhost/webdir.pp index 38b044c..b3b53f9 100644 --- a/manifests/defines/configuration.pp +++ b/manifests/vhost/webdir.pp @@ -1,66 +1,3 @@ -# manifests/defines/configuration.pp - -### common configuration defines - -# deploy apache (.conf) configuration file (non-vhost) -define apache::config::file( - $ensure = present, - $source = 'absent', - $content = 'absent', - $destination = 'absent' -){ - $real_destination = $destination ? { - 'absent' => $operatingsystem ? { - centos => "$apache::centos::config_dir/conf.d/${name}", - gentoo => "$apache::gentoo::config_dir/${name}", - debian => "$apache::debian::config_dir/conf.d/${name}", - ubuntu => "$apache::ubuntu::config_dir/conf.d/${name}", - openbsd => "$apache::openbsd::config_dir/conf.d/${name}", - default => "/etc/apache2/${name}", - }, - default => $destination - } - file{"apache_${name}": - ensure => $ensure, - path => $real_destination, - notify => Service[apache], - owner => root, group => 0, mode => 0644; - } - case $content { - 'absent': { - $real_source = $source ? { - 'absent' => [ - "puppet://$server/files/apache/conf.d/${fqdn}/${name}", - "puppet://$server/files/apache/conf.d/${apache_cluster_node}/${name}", - "puppet://$server/files/apache/conf.d/${operatingsystem}.${lsbdistcodename}/${name}", - "puppet://$server/files/apache/conf.d/${operatingsystem}/${name}", - "puppet://$server/files/apache/conf.d/${name}", - "puppet://$server/apache/conf.d/${operatingsystem}.${lsbdistcodename}/${name}", - "puppet://$server/apache/conf.d/${operatingsystem}/${name}", - "puppet://$server/apache/conf.d/${name}" - ], - default => "puppet://$server/$source", - } - File["apache_${name}"]{ - source => $real_source, - } - } - default: { - File["apache_${name}"]{ - content => $content, - } - } - } - case $operatingsystem { - openbsd: { info("no package dependency on ${operatingsystem} for ${name}") } - default: { - File["apache_${name}"]{ - require => Package[apache], - } - } - } -} - # create webdir define apache::vhost::webdir( $ensure = present, @@ -166,3 +103,4 @@ define apache::vhost::webdir( } } } + |