diff options
Diffstat (limited to 'manifests/defines')
-rw-r--r-- | manifests/defines/0-README | 7 | ||||
-rw-r--r-- | manifests/defines/configuration.pp | 109 | ||||
-rw-r--r-- | manifests/defines/modules.pp | 59 | ||||
-rw-r--r-- | manifests/defines/vhost_files.pp | 209 | ||||
-rw-r--r-- | manifests/defines/vhost_varieties.pp | 144 |
5 files changed, 528 insertions, 0 deletions
diff --git a/manifests/defines/0-README b/manifests/defines/0-README new file mode 100644 index 0000000..f72d971 --- /dev/null +++ b/manifests/defines/0-README @@ -0,0 +1,7 @@ +# This folder contains various defines to work with apache. +# They are separated into various categories: +# +# - modules: manage apache modules +# - configuration: common configuration defines +# - vhost files: deploy vhost configuration files +# - vhost varieties: vhost varieties diff --git a/manifests/defines/configuration.pp b/manifests/defines/configuration.pp new file mode 100644 index 0000000..701f13a --- /dev/null +++ b/manifests/defines/configuration.pp @@ -0,0 +1,109 @@ +# manifests/defines/configuration.pp + +### common configuration defines + +# deploy apache (.conf) configuration file (non-vhost) +define apache::config::file( + $source = '', + $destination = '' +){ + $real_source = $source ? { + '' => [ + "puppet://$server/files/apache/conf.d/${fqdn}/${name}", + "puppet://$server/files/apache/conf.d/${apache_cluster_node}/${name}", + "puppet://$server/files/apache/conf.d/${name}", + "puppet://$server/apache/conf.d/${operatingsystem}.${lsbdistcodename}/${name}", + "puppet://$server/apache/conf.d/${operatingsystem}/${name}", + "puppet://$server/apache/conf.d/${name}" + ], + default => "puppet://$server/$source", + } + $real_destination = $destination ? { + '' => $operatingsystem ? { + centos => "$apache::centos::config_dir/conf.d/${name}", + gentoo => "$apache::gentoo::config_dir/${name}", + debian => "$apache::debian::config_dir/conf.d/${name}", + ubuntu => "$apache::ubuntu::config_dir/conf.d/${name}", + openbsd => "$apache::openbsd::config_dir/conf.d/${name}", + default => "/etc/apache2/${name}", + }, + default => $destination + } + file{"apache_${name}": + path => $real_destination, + source => $real_source, + notify => Service[apache], + owner => root, group => 0, mode => 0644; + } + case $operatingsystem { + openbsd: { info("no package dependency on ${operatingsystem} for ${name}") } + default: { + File["apache_${name}"]{ + require => Package[apache], + } + } + } +} + +# create webdir +define apache::vhost::webdir( + $path = 'absent', + $owner = root, + $group = 0, + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0640 +){ + $real_path = $path ? { + 'absent' => $operatingsystem ? { + openbsd => "/var/www/htdocs/${name}", + default => "/var/www/vhosts/${name}" + }, + default => "${path}" + } + + $documentroot = "${real_path}/www" + $logdir = "${real_path}/logs" + + case $documentroot_owner { + apache: { + case $apache_default_user { + '': { + $real_documentroot_owner = $operatingsystem ? { + openbsd => 'www', + default => $documentroot_owner + } + } + default: { $real_documentroot_owner = $apache_default_user } + } + } + default: { $real_documentroot_owner = $documentroot_owner } + } + case $apache_group { + apache: { + case $apache_default_group { + '': { + $real_documentroot_group = $operatingsystem ? { + openbsd => 'www', + default => $documentroot_group + } + } + default: { $real_documentroot_group = $apache_default_group } + } + } + default: { $real_documentroot_group = $documentroot_group } + } + file{"$real_path": + ensure => directory, + owner => $owner, group => $group, mode => '0750'; + } + file{"$documentroot": + ensure => directory, + owner => $real_documentroot_owner, group => $group, mode => $documentroot_mode; + } + # the logdir must be writeable by the apache and the user + file{$logdir: + ensure => directory, + owner => $real_documentroot_owner, group => $group, mode => 775; + } +} diff --git a/manifests/defines/modules.pp b/manifests/defines/modules.pp new file mode 100644 index 0000000..8e8ceff --- /dev/null +++ b/manifests/defines/modules.pp @@ -0,0 +1,59 @@ +# manifests/defines/modules.pp + +### manage apache modules + +define apache::centos::module( + $source = '', + $destination = '' +){ + $modules_dir = "$apache::centos::config_dir/modules.d/" + $real_destination = $destination ? { + '' => "${modules_dir}/${name}.so", + default => $destination, + } + $real_source = $source ? { + '' => [ + "puppet://$server/files/apache/modules.d/${fqdn}/${name}.so", + "puppet://$server/files/apache/modules.d/${apache_cluster_node}/${name}.so", + "puppet://$server/files/apache/modules.d/${name}.so", + "puppet://$server/apache/modules.d/${operatingsystem}/${name}.so", + "puppet://$server/apache/modules.d/${name}.so" + ], + default => "puppet://$server/$source", + } + file{"modules_${name}.conf": + path => $real_destination, + source => $real_source, + require => [ File[modules_dir], Package[apache] ], + notify => Service[apache], + owner => root, group => 0, mode => 0755; + } +} + +define apache::gentoo::module( + $source = '', + $destination = '' +){ + $modules_dir = "$apache::gentoo::config_dir/modules.d/" + $real_destination = $destination ? { + '' => "${modules_dir}/${name}.conf", + default => $destination, + } + $real_source = $source ? { + '' => [ + "puppet://$server/files/apache/modules.d/${fqdn}/${name}.conf", + "puppet://$server/files/apache/modules.d/${apache_cluster_node}/${name}.conf", + "puppet://$server/files/apache/modules.d/${name}.conf", + "puppet://$server/apache/modules.d/${operatingsystem}/${name}.conf", + "puppet://$server/apache/modules.d/${name}.conf" + ], + default => "puppet://$server/$source", + } + file{"modules_${name}.conf": + path => $real_destination, + source => $real_source, + require => [ File[modules_dir], Package[apache] ], + notify => Service[apache], + owner => root, group => 0, mode => 0644; + } +} diff --git a/manifests/defines/vhost_files.pp b/manifests/defines/vhost_files.pp new file mode 100644 index 0000000..b7e1847 --- /dev/null +++ b/manifests/defines/vhost_files.pp @@ -0,0 +1,209 @@ +# manifests/defines/vhost_files.pp + +### vhost configuration files +# +# deploy vhost configuration files + + +# this is a wrapper for apache::vhost::file and avhost::template below +# +# vhost_mode: which option is choosed to deploy the vhost +# - template: generate it from a template (default) +# - file: deploy a vhost file (apache::vhost::file will be called directly) +# +define apache::vhost( + $path = 'absent', + $template_mode = 'static', + $vhost_mode = 'template', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $content = 'absent', + $domain = 'absent', + $domainalias = 'absent', + $allow_override = 'None', + $php_upload_tmp_dir = 'absent', + $php_session_save_path = 'absent', + $options = 'absent', + $additional_options = 'absent', + $template_mode = 'static', + $ssl_mode = 'false', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent', + $mod_security = 'true' +) { + # file or template mode? + case $vhost_mode { + 'file': { + apache::vhost::file{$name: + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + } + } + 'template': { + apache::vhost::template{$name: + path => $path, + domain => $domain, + domainalias => $domainalias, + php_upload_tmp_dir => $php_upload_tmp_dir, + php_session_save_path => $php_session_save_path, + allow_override => $allow_override, + options => $options, + additional_options => $additional_options, + template_mode => $template_mode, + ssl_mode => $ssl_mode, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + mod_security => 'false', + } + } + default: { fail("no such vhost_mode: $vhost_mode defined for $name.") } + } + +} + +# htpasswd_file: wether to deploy a passwd for this vhost or not +# - absent: ignore (default) +# - nodeploy: htpasswd file isn't deployed by this mechanism +# - else: try to deploy the file +# +# htpasswd_path: where to deploy the passwd file +# - absent: standardpath (default) +# - else: path to deploy +# +define apache::vhost::file( + $vhost_source = 'absent', + $vhost_destination = 'absent', + $content = 'absent', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent' +){ + $vhosts_dir = $operatingsystem ? { + centos => "$apache::centos::config_dir/vhosts.d/", + gentoo => "$apache::gentoo::config_dir/vhosts.d/", + debian => "$apache::debian::config_dir/vhosts.d/", + ubuntu => "$apache::ubuntu::config_dir/vhosts.d/", + openbsd => "$apache::openbsd::config_dir/vhosts.d/", + default => '/etc/apache2/vhosts.d/', + } + $real_vhost_destination = $vhost_destination ? { + 'absent' => "$vhosts_dir/$name.conf", + default => $vhost_destination, + } + file{"$name.conf": + path => $real_vhost_destination, + require => File[vhosts_dir], + notify => Service[apache], + owner => root, group => 0, mode => 0644; + } + case $content { + 'absent': { + $real_vhost_source = $vhost_source ? { + 'absent' => [ + "puppet://$server/files/apache/vhosts.d/$fqdn/$name.conf", + "puppet://$server/files/apache/vhosts.d/$apache_cluster_node/$name.conf", + "puppet://$server/files/apache/vhosts.d/$name.conf", + "puppet://$server/apache/vhosts.d/$name.conf", + "puppet://$server/apache/vhosts.d/$operatingsystem.$lsbdistcodename/$name.conf", + "puppet://$server/apache/vhosts.d/$operatingsystem/$name.conf", + "puppet://$server/apache/vhosts.d/$name.conf" + ], + default => "puppet://$server/$vhost_source", + } + File["$name.conf"]{ + source => $real_vhost_source, + } + } + default: { + File["$name.conf"]{ + content => $content, + } + } + } + case $htpasswd_file { + 'absent','nodeploy': { info("don't deploy a htpasswd file for ${name") } + default: { + case $htpasswd_path { + 'absent': { + $real_htpasswd_path = $operatingsystem ? { + gentoo => "$apache::gentoo::config_dir/htpasswds/$name", + debian => "$apache::debian::config_dir/htpasswds/$name", + ubuntu => "$apache::ubuntu::config_dir/htpasswds/$name", + openbsd => "$apache::openbsd::config_dir/htpasswds/$name", + default => "/etc/apache2/htpasswds/$name" + } + } + default: { $real_htpasswd_path = $htpasswd_path } + } + file{$real_htpasswd_path: + source => [ "puppet://$server/files/apache/htpasswds/$fqdn/$name", + "puppet://$server/files/apache/htpasswds/$apache_cluster_node/$name", + "puppet://$server/files/apache/htpasswds/$name" ], + owner => root, group => 0, mode => 0644; + } + } + } +} + +# template_mode: +# - php -> for a default php application +# - static -> for a static application (default) +# +# ssl_mode: wether this vhost supports ssl or not +# - false: don't enable ssl for this vhost (default) +# - true: enable ssl for this vhost +# - force: enable ssl and redirect non-ssl to ssl +# +define apache::vhost::template( + $path = 'absent', + $domain = 'absent', + $domainalias = 'absent', + $allow_override = 'None', + $php_upload_tmp_dir = 'absent', + $php_session_save_path = 'absent', + $options = 'absent', + $additional_options = 'absent', + $template_mode = 'static', + $ssl_mode = 'false', + $mod_security = 'true', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent' +){ + $real_path = $path ? { + 'absent' => $operatingsystem ? { + openbsd => "/var/www/htdocs/$name", + default => "/var/www/$name" + }, + default => $path + } + + $documentroot = "$real_path/www" + $logdir = "$real_path/logs" + + $servername = $domain ? { + 'absent' => $name, + default => $domain + } + $serveralias = $domainalias ? { + 'absent' => '', + default => $domainalias + } + case $htpasswd_path { + 'absent': { + $real_htpasswd_path = $operatingsystem ? { + gentoo => "$apache::gentoo::config_dir/htpasswds/$name", + debian => "$apache::debian::config_dir/htpasswds/$name", + ubuntu => "$apache::ubuntu::config_dir/htpasswds/$name", + openbsd => "$apache::openbsd::config_dir/htpasswds/$name", + default => "/etc/apache2/htpasswds/$name" + } + } + default: { $real_htpasswd_path = $htpasswd_path } + } + apache::vhost::file{$name: + content => template("apache/vhosts/$template_mode/$operatingsystem.erb"), + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + } +} diff --git a/manifests/defines/vhost_varieties.pp b/manifests/defines/vhost_varieties.pp new file mode 100644 index 0000000..ba104db --- /dev/null +++ b/manifests/defines/vhost_varieties.pp @@ -0,0 +1,144 @@ +# manifests/defines/vhost_varieties.pp + +### sepcific vhosts varieties +# +# - apache::vhost::static +# - apache::vhost::php +# - apache::vhost::cgi TODO +# - apache::vhost::modperl TODO +# - apache::vhost::modpython TODO +# - apache::vhost::modrails TODO + +# vhost_mode: which option is choosed to deploy the vhost +# - template: generate it from a template (default) +# - file: deploy a vhost file (apache::vhost::file will be called directly) +# +define apache::vhost::static( + $domain = 'absent', + $domainalias = 'absent', + $path = 'absent', + $owner = root, + $group = 0, + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0750, + $allow_override = 'None', + $options = 'absent', + $additional_options = 'absent', + $ssl_mode = 'false', + $vhost_mode = 'template', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent' +){ + # create webdir + apache::vhost::webdir{$name: + path => $path, + owner => $owner, + group => $group, + documentroot_owner => $documentroot_owner, + documentroot_group => $documentroot_group, + documentroot_mode => $documentroot_mode, + } + + # create vhost configuration file + apache::vhost{$name: + path => $path, + template_mode => 'static', + vhost_mode => $vhost_mode, + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + domain => $domain, + domainalias => $domainalias, + allow_override => $allow_override, + options => $options, + additional_options => $additional_options, + ssl_mode => $ssl_mode, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + mod_security => 'false', + } +} + +define apache::vhost::php::standard( + $domain = 'absent', + $domainalias = 'absent', + $path = 'absent', + $owner = root, + $group = 0, + $documentroot_owner = apache, + $documentroot_group = 0, + $documentroot_mode = 0750, + $allow_override = 'None', + $upload_tmp_dir = 'absent', + $session_save_path = 'absent', + $options = 'absent', + $additional_options = 'absent', + $mod_security = 'true', + $vhost_mode = 'template', + $vhost_source = 'absent', + $vhost_destination = 'absent', + $htpasswd_file = 'absent', + $htpasswd_path = 'absent' +){ + # php upload_tmp_dir + case $upload_tmp_dir { + 'absent': { + include apache::defaultphpdirs + $real_upload_tmp_dir = "/var/www/upload_tmp_dir/$name" + } + default: { $real_upload_tmp_dir = $upload_tmp_dir } + } + file{$real_upload_tmp_dir: + ensure => directory, + owner => $documentroot_owner, + group => $documentroot_group, + mode => $documentroot_mode; + } + + # php session_save_path + case $session_save_path { + 'absent': { + include apache::defaultphpdirs + $real_session_save_path = "/var/www/session.save_path/$name" + } + default: { $real_session_save_path = $session_save_path } + } + file{"$real_session_save_path": + ensure => directory, + owner => $documentroot_owner, + group => $documentroot_group, + mode => $documentroot_mode; + } + + # create webdir + apache::vhost::webdir{$name: + path => $path, + owner => $owner, + group => $group, + documentroot_owner => $documentroot_owner, + documentroot_group => $documentroot_group, + documentroot_mode => $documentroot_mode, + } + + # create vhost configuration file + apache::vhost{$name: + path => $path, + template_mode => 'php', + vhost_mode => $vhost_mode, + vhost_source => $vhost_source, + vhost_destination => $vhost_destination, + domain => $domain, + domainalias => $domainalias, + allow_override => $allow_override, + options => $options, + additional_options => $additional_options, + php_upload_tmp_dir => $real_upload_tmp_dir, + php_session_save_path => $real_session_save_path, + ssl_mode => $ssl_mode, + htpasswd_file => $htpasswd_file, + htpasswd_path => $htpasswd_path, + mod_security => $mod_security, + } +} |