diff options
Diffstat (limited to 'manifests/vhost/template.pp')
| -rw-r--r-- | manifests/vhost/template.pp | 200 |
1 files changed, 103 insertions, 97 deletions
diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index 324a96a..55d41d9 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -1,8 +1,6 @@ -# template_mode: -# - php: for a default php application -# - static: for a static application (default) -# - perl: for a mod_perl application -# - php_joomla: for a joomla application +# template_partial: +# which template should be used to generate the type specific part +# of the vhost entry. # # domainalias: # - absent: no domainalias is set (*default*) @@ -14,137 +12,145 @@ # - true: enable ssl for this vhost # - force: enable ssl and redirect non-ssl to ssl # - only: enable ssl only -# php_safe_mode_exec_bins: An array of local binaries which should be linked in the -# safe_mode_exec_bin for this hosting -# *default*: None -# php_default_charset: default charset header for php. -# *default*: absent, which will set the same as default_charset -# of apache +# +# logmode: +# - default: Do normal logging to CustomLog and ErrorLog +# - nologs: Send every logging to /dev/null +# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null +# - semianonym: Don't log ips for CustomLog, log normal ErrorLog +# +# run_mode: controls in which mode the vhost should be run, there are different setups +# possible: +# - normal: (*default*) run vhost with the current active worker (default: prefork) don't +# setup anything special +# - itk: run vhost with the mpm_itk module (Incompatibility: cannot be used in combination +# with 'proxy-itk' & 'static-itk' mode) +# - proxy-itk: run vhost with a dual prefork/itk setup, where prefork just proxies all the +# requests for the itk setup, that listens only on the loobpack device. +# (Incompatibility: cannot be used in combination with the itk setup.) +# - static-itk: run vhost with a dual prefork/itk setup, where prefork serves all the static +# content and proxies the dynamic calls to the itk setup, that listens only on +# the loobpack device (Incompatibility: cannot be used in combination with +# 'itk' mode) +# +# run_uid: the uid the vhost should run as with the itk module +# run_gid: the gid the vhost should run as with the itk module +# +# mod_security: Whether we use mod_security or not (will include mod_security module) +# - false: don't activate mod_security +# - true: (*default*) activate mod_security +# define apache::vhost::template( - $ensure = present, - $path = 'absent', - $path_is_webdir = false, - $logpath = 'absent', - $domain = 'absent', - $domainalias = 'absent', - $server_admin = 'absent', - $allow_override = 'None', - $php_safe_mode_exec_bin_dir = 'absent', - $php_upload_tmp_dir = 'absent', - $php_session_save_path = 'absent', - $dav_db_dir = 'absent', - $cgi_binpath = 'absent', - $do_includes = false, - $options = 'absent', - $additional_options = 'absent', - $default_charset = 'absent', - $php_use_smarty = false, - $php_use_pear = false, - $php_safe_mode = true, - $php_default_charset = 'absent', - $php_additional_open_basedirs = 'absent', - $php_additional_options = 'absent', - $run_mode = 'normal', - $run_uid = 'absent', - $run_gid = 'absent', - $template_mode = 'static', - $ssl_mode = false, - $mod_security = true, - $mod_security_relevantonly = true, - $use_mod_macro = false, - $htpasswd_file = 'absent', - $htpasswd_path = 'absent', - $ldap_auth = false, - $ldap_user = 'any' + $ensure = present, + $path = 'absent', + $path_is_webdir = false, + $logpath = 'absent', + $logmode = 'default', + $logprefix = '', + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $allow_override = 'None', + $dav_db_dir = 'absent', + $cgi_binpath = 'absent', + $do_includes = false, + $options = 'absent', + $additional_options = 'absent', + $default_charset = 'absent', + $php_options = {}, + $php_settings = {}, + $run_mode = 'normal', + $run_uid = 'absent', + $run_gid = 'absent', + $template_partial = 'apache/vhosts/static/partial.erb', + $template_vars = {}, + $ssl_mode = false, + $mod_security = true, + $mod_security_relevantonly = true, + $mod_security_rules_to_disable = [], + $mod_security_additional_options = 'absent', + $use_mod_macro = false, + $htpasswd_file = 'absent', + $htpasswd_path = 'absent', + $ldap_auth = false, + $ldap_user = 'any', + $passing_extension = 'absent', + $gempath = 'absent' ){ - if $mod_security { - case $run_mode { - 'itk': { include mod_security::itk } - default: { include mod_security } - } - } - $real_path = $path ? { - 'absent' => $operatingsystem ? { - openbsd => "/var/www/htdocs/$name", - default => "/var/www/vhosts/$name" + 'absent' => $::operatingsystem ? { + openbsd => "/var/www/htdocs/${name}", + default => "/var/www/vhosts/${name}" }, - default => $path + default => $path } if $path_is_webdir { - $documentroot = "$real_path" + $documentroot = $real_path } else { - $documentroot = "$real_path/www" + $documentroot = "${real_path}/www" } $logdir = $logpath ? { - 'absent' => "$real_path/logs", - default => $logpath + 'absent' => "${real_path}/logs", + default => $logpath } $servername = $domain ? { - 'absent' => $name, - default => $domain + 'absent' => $name, + default => $domain } $serveralias = $domainalias ? { - 'absent' => '', - 'www' => "www.${servername}", - default => $domainalias + 'absent' => '', + 'www' => "www.${servername}", + default => $domainalias } if $htpasswd_path == 'absent' { - $real_htpasswd_path = "/var/www/htpasswds/$name" + $real_htpasswd_path = "/var/www/htpasswds/${name}" } else { $real_htpasswd_path = $htpasswd_path } case $run_mode { - 'itk': { + 'proxy-itk': { $logfileprefix = 'proxy' } + 'static-itk': { $logfileprefix = 'static' } + } + case $run_mode { + 'fcgid','itk','proxy-itk','static-itk': { case $run_uid { - 'absent': { fail("you have to define run_uid for $name on $fqdn") } + 'absent': { fail("you have to define run_uid for ${name} on ${::fqdn}") } } case $run_gid { - 'absent': { fail("you have to define run_gid for $name on $fqdn") } + 'absent': { fail("you have to define run_gid for ${name} on ${::fqdn}") } } } } - - # set default dirs for templates - # php php_safe_mode_exec_bin directory - case $php_safe_mode_exec_bin_dir { - 'absent': { - $real_php_safe_mode_exec_bin_dir = "/var/www/vhosts/$name/bin" - } - default: { $real_php_safe_mode_exec_bin_dir = $php_safe_mode_exec_bin_dir } - } - # php upload_tmp_dir - case $php_upload_tmp_dir { - 'absent': { - $real_php_upload_tmp_dir = "/var/www/upload_tmp_dir/$name" - } - default: { $real_php_upload_tmp_dir = $php_upload_tmp_dir } - } - # php session_save_path - case $php_session_save_path { - 'absent': { - $real_php_session_save_path = "/var/www/session.save_path/$name" - } - default: { $real_php_session_save_path = $php_session_save_path } - } # dav db dir case $dav_db_dir { 'absent': { - $real_dav_db_dir = "/var/www/dav_db_dir/$name" + $real_dav_db_dir = "/var/www/dav_db_dir/${name}" } default: { $real_dav_db_dir = $dav_db_dir } } apache::vhost::file{$name: - ensure => $ensure, - content => template("apache/vhosts/$template_mode/$operatingsystem.erb"), - do_includes => $do_includes, + ensure => $ensure, + do_includes => $do_includes, + run_mode => $run_mode, + ssl_mode => $ssl_mode, + logmode => $logmode, + mod_security => $mod_security, htpasswd_file => $htpasswd_file, htpasswd_path => $htpasswd_path, use_mod_macro => $use_mod_macro, } + if $ensure != 'absent' { + Apache::Vhost::File[$name]{ + content => $run_mode ? { + 'proxy-itk' => template('apache/vhosts/itk_plus.erb'), + 'static-itk' => template('apache/vhosts/itk_plus.erb'), + default => template('apache/vhosts/default.erb'), + } + } + } } |