summaryrefslogtreecommitdiff
path: root/manifests/vhost
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/vhost')
-rw-r--r--manifests/vhost/file.pp62
-rw-r--r--manifests/vhost/file/documentrootfile.pp26
-rw-r--r--manifests/vhost/gitweb.pp2
-rw-r--r--manifests/vhost/modperl.pp2
-rw-r--r--manifests/vhost/passenger.pp2
-rw-r--r--manifests/vhost/php/drupal.pp200
-rw-r--r--manifests/vhost/php/gallery2.pp242
-rw-r--r--manifests/vhost/php/global_exec_bin_dir.pp7
-rw-r--r--manifests/vhost/php/joomla.pp142
-rw-r--r--manifests/vhost/php/mediawiki.pp146
-rw-r--r--manifests/vhost/php/safe_mode_bin.pp13
-rw-r--r--manifests/vhost/php/silverstripe.pp168
-rw-r--r--manifests/vhost/php/simplemachine.pp186
-rw-r--r--manifests/vhost/php/spip.pp164
-rw-r--r--manifests/vhost/php/standard.pp440
-rw-r--r--manifests/vhost/php/typo3.pp225
-rw-r--r--manifests/vhost/php/webapp.pp226
-rw-r--r--manifests/vhost/php/wordpress.pp201
-rw-r--r--manifests/vhost/proxy.pp2
-rw-r--r--manifests/vhost/redirect.pp2
-rw-r--r--manifests/vhost/static.pp117
-rw-r--r--manifests/vhost/template.pp2
-rw-r--r--manifests/vhost/webdav.pp183
-rw-r--r--manifests/vhost/webdir.pp34
24 files changed, 1446 insertions, 1348 deletions
diff --git a/manifests/vhost/file.pp b/manifests/vhost/file.pp
index b42c4ce..686cb1a 100644
--- a/manifests/vhost/file.pp
+++ b/manifests/vhost/file.pp
@@ -33,42 +33,46 @@
# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
#
#
-# mod_security: Whether we use mod_security or not (will include mod_security module)
+# mod_security: Whether we use mod_security or not
+# (will include mod_security module)
# - false: (*default*) don't activate mod_security
# - true: activate mod_security
#
define apache::vhost::file(
- $ensure = present,
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $content = 'absent',
- $do_includes = false,
- $run_mode = 'normal',
- $logmode = 'default',
- $ssl_mode = false,
- $mod_security = false,
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent',
- $use_mod_macro = false
+ $ensure = present,
+ $configuration = {},
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $content = 'absent',
+ $do_includes = false,
+ $run_mode = 'normal',
+ $logmode = 'default',
+ $ssl_mode = false,
+ $mod_security = false,
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent',
+ $use_mod_macro = false
){
$vhosts_dir = $::operatingsystem ? {
- centos => "${apache::centos::config_dir}/vhosts.d",
- gentoo => "${apache::gentoo::config_dir}/vhosts.d",
- debian => "${apache::debian::config_dir}/sites-enabled",
- ubuntu => "${apache::ubuntu::config_dir}/sites-enabled",
+ centos => "${apache::centos::config_dir}/vhosts.d",
+ gentoo => "${apache::gentoo::config_dir}/vhosts.d",
+ debian => "${apache::debian::config_dir}/sites-enabled",
+ ubuntu => "${apache::ubuntu::config_dir}/sites-enabled",
openbsd => "${apache::openbsd::config_dir}/vhosts.d",
default => '/etc/apache2/vhosts.d',
}
$real_vhost_destination = $vhost_destination ? {
- 'absent' => "${vhosts_dir}/${name}.conf",
- default => $vhost_destination,
+ 'absent' => "${vhosts_dir}/${name}.conf",
+ default => $vhost_destination,
}
file{"${name}.conf":
- ensure => $ensure,
- path => $real_vhost_destination,
+ ensure => $ensure,
+ path => $real_vhost_destination,
require => File[vhosts_dir],
- notify => Service[apache],
- owner => root, group => 0, mode => 0644;
+ notify => Service[apache],
+ owner => root,
+ group => 0,
+ mode => '0644';
}
if $ensure != 'absent' {
if $do_includes {
@@ -99,11 +103,11 @@ define apache::vhost::file(
$real_vhost_source = $vhost_source ? {
'absent' => [
"puppet:///modules/site_apache/vhosts.d/${::fqdn}/${name}.conf",
- "puppet:///modules/site_apache/vhosts.d/{$apache::cluster_node}/${name}.conf",
- "puppet:///modules/site_apache/vhosts.d/${::operatingsystem}.${::lsbdistcodename}/${name}.conf",
+ "puppet:///modules/site_apache/vhosts.d/${apache::cluster_node}/${name}.conf",
+ "puppet:///modules/site_apache/vhosts.d/${::operatingsystem}.${::operatingsystemmajrelease}/${name}.conf",
"puppet:///modules/site_apache/vhosts.d/${::operatingsystem}/${name}.conf",
"puppet:///modules/site_apache/vhosts.d/${name}.conf",
- "puppet:///modules/apache/vhosts.d/${::operatingsystem}.${::lsbdistcodename}/${name}.conf",
+ "puppet:///modules/apache/vhosts.d/${::operatingsystem}.${::operatingsystemmajrelease}/${name}.conf",
"puppet:///modules/apache/vhosts.d/${::operatingsystem}/${name}.conf",
"puppet:///modules/apache/vhosts.d/${name}.conf"
],
@@ -133,10 +137,12 @@ define apache::vhost::file(
}
if ($ensure!='absent') {
File[$real_htpasswd_path]{
- source => [ "puppet:///modules/site_apache/htpasswds/${::fqdn}/${name}",
+ source => [ "puppet:///modules/site_apache/htpasswds/${::fqdn}/${name}",
"puppet:///modules/site_apache/htpasswds/${apache::cluster_node}/${name}",
"puppet:///modules/site_apache/htpasswds/${name}" ],
- owner => root, group => 0, mode => 0644,
+ owner => root,
+ group => 0,
+ mode => '0644',
}
}
}
diff --git a/manifests/vhost/file/documentrootfile.pp b/manifests/vhost/file/documentrootfile.pp
index 610d71c..c5bc72a 100644
--- a/manifests/vhost/file/documentrootfile.pp
+++ b/manifests/vhost/file/documentrootfile.pp
@@ -1,25 +1,27 @@
+# place a file in the documentroot
define apache::vhost::file::documentrootfile(
- $documentroot,
- $filename,
- $thedomain,
- $owner='root',
- $group='0',
- $mode=440
+ $documentroot,
+ $filename,
+ $thedomain,
+ $owner = 'root',
+ $group = '0',
+ $mode = '0440',
){
file{"${documentroot}/${filename}":
source => [ "puppet:///modules/site_apache/vhost_varieties/${::fqdn}/${thedomain}/${filename}",
"puppet:///modules/site_apache/vhost_varieties/${apache::cluster_node}/${thedomain}/${filename}",
- "puppet:///modules/site_apache/vhost_varieties/${::operatingsystem}.${::lsbdistcodename}/${thedomain}/${filename}",
+ "puppet:///modules/site_apache/vhost_varieties/${::operatingsystem}.${::operatingsystemmajrelease}/${thedomain}/${filename}",
"puppet:///modules/site_apache/vhost_varieties/${::operatingsystem}/${thedomain}/${filename}",
"puppet:///modules/site_apache/vhost_varieties/${thedomain}/${filename}",
"puppet:///modules/apache/vhost_varieties/${thedomain}/${filename}",
- "puppet:///modules/apache/vhost_varieties/${::operatingsystem}.${::lsbdistcodename}/${thedomain}/${filename}",
+ "puppet:///modules/apache/vhost_varieties/${::operatingsystem}.${::operatingsystemmajrelease}/${thedomain}/${filename}",
"puppet:///modules/apache/vhost_varieties/${::operatingsystem}/${thedomain}/${filename}",
- "puppet:///modules/apache/vhost_varieties/${thedomain}/${filename}"
- ],
- ensure => file,
+ "puppet:///modules/apache/vhost_varieties/${thedomain}/${filename}",
+ ],
require => Apache::Vhost::Webdir[$thedomain],
- owner => $owner, group => $group, mode => $mode;
+ owner => $owner,
+ group => $group,
+ mode => $mode;
}
}
diff --git a/manifests/vhost/gitweb.pp b/manifests/vhost/gitweb.pp
index dab4983..6dd8643 100644
--- a/manifests/vhost/gitweb.pp
+++ b/manifests/vhost/gitweb.pp
@@ -6,6 +6,7 @@
#
define apache::vhost::gitweb(
$ensure = present,
+ $configuration = {},
$domain = 'absent',
$logmode = 'default',
$domainalias = 'absent',
@@ -28,6 +29,7 @@ define apache::vhost::gitweb(
# create vhost configuration file
::apache::vhost{$name:
ensure => $ensure,
+ configuration => $configuration,
path => '/var/www/git',
path_is_webdir => true,
logpath => $::operatingsystem ? {
diff --git a/manifests/vhost/modperl.pp b/manifests/vhost/modperl.pp
index c93e6cf..31e46b6 100644
--- a/manifests/vhost/modperl.pp
+++ b/manifests/vhost/modperl.pp
@@ -27,6 +27,7 @@
#
define apache::vhost::modperl(
$ensure = present,
+ $configuration = configuration,
$domain = 'absent',
$domainalias = 'absent',
$server_admin = 'absent',
@@ -120,6 +121,7 @@ define apache::vhost::modperl(
# create vhost configuration file
::apache::vhost{$name:
ensure => $ensure,
+ configuration => $configuration,
path => $path,
logmode => $logmode,
vhost_mode => $vhost_mode,
diff --git a/manifests/vhost/passenger.pp b/manifests/vhost/passenger.pp
index 6886f13..4621890 100644
--- a/manifests/vhost/passenger.pp
+++ b/manifests/vhost/passenger.pp
@@ -14,6 +14,7 @@
#
define apache::vhost::passenger(
$ensure = present,
+ $configuration = {},
$domain = 'absent',
$domainalias = 'absent',
$server_admin = 'absent',
@@ -105,6 +106,7 @@ define apache::vhost::passenger(
# create vhost configuration file
::apache::vhost{$name:
ensure => $ensure,
+ configuration => $configuration,
path => "${real_path}/www/public",
path_is_webdir => true,
template_partial => $template_partial,
diff --git a/manifests/vhost/php/drupal.pp b/manifests/vhost/php/drupal.pp
index 4025ada..5b15e6a 100644
--- a/manifests/vhost/php/drupal.pp
+++ b/manifests/vhost/php/drupal.pp
@@ -32,109 +32,113 @@
# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
#
define apache::vhost::php::drupal(
- $ensure = present,
- $domain = 'absent',
- $domainalias = 'absent',
- $server_admin = 'absent',
- $logmode = 'default',
- $path = 'absent',
- $owner = root,
- $group = apache,
- $documentroot_owner = apache,
- $documentroot_group = 0,
- $documentroot_mode = 0640,
- $run_mode = 'normal',
- $run_uid = 'absent',
- $run_gid = 'absent',
- $allow_override = 'None',
- $php_settings = {},
- $php_options = {},
- $do_includes = false,
- $options = 'absent',
- $additional_options = 'absent',
- $default_charset = 'absent',
- $mod_security = true,
- $mod_security_relevantonly = true,
- $mod_security_rules_to_disable = [],
- $mod_security_additional_options = 'absent',
- $ssl_mode = false,
- $vhost_mode = 'template',
- $template_partial = 'apache/vhosts/php_drupal/partial.erb',
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent',
- $manage_directories = true,
- $config_webwriteable = false,
- $manage_config = true,
- $manage_cron = true
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $path = 'absent',
+ $owner = root,
+ $group = apache,
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = '0640',
+ $run_mode = 'normal',
+ $run_uid = 'absent',
+ $run_gid = 'absent',
+ $allow_override = 'None',
+ $php_settings = {},
+ $php_options = {},
+ $do_includes = false,
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $mod_security = true,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent',
+ $ssl_mode = false,
+ $vhost_mode = 'template',
+ $template_partial = 'apache/vhosts/php_drupal/partial.erb',
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent',
+ $manage_directories = true,
+ $config_webwriteable = false,
+ $manage_config = true,
+ $manage_cron = true
){
- $documentroot = $path ? {
- 'absent' => $::operatingsystem ? {
- openbsd => "/var/www/htdocs/${name}/www",
- default => "/var/www/vhosts/${name}/www"
- },
- default => "${path}/www"
- }
-
- if $manage_cron {
- if $domain == 'absent' {
- $real_domain = $name
- } else {
- $real_domain = $domain
- }
+ $documentroot = $path ? {
+ 'absent' => $::operatingsystem ? {
+ openbsd => "/var/www/htdocs/${name}/www",
+ default => "/var/www/vhosts/${name}/www"
+ },
+ default => "${path}/www"
+ }
- file{"/etc/cron.d/drupal_cron_${name}":
- content => "0 * * * * apache wget -O - -q -t 1 http://${real_domain}/cron.php\n",
- owner => root, group => 0, mode => 0644;
- }
+ if $manage_cron {
+ if $domain == 'absent' {
+ $real_domain = $name
+ } else {
+ $real_domain = $domain
}
- $std_drupal_php_settings = {
- magic_quotes_gpc => 0,
- register_globals => 0,
- 'session.auto_start' => 0,
- 'mbstring.http_input' => 'pass',
- 'mbstring.http_output' => 'pass',
- 'mbstring.encoding_translation' => 0,
+ file{"/etc/cron.d/drupal_cron_${name}":
+ content => "0 * * * * apache wget -O - -q -t 1 http://${real_domain}/cron.php\n",
+ owner => root,
+ group => 0,
+ mode => '0644';
}
+ }
- # create vhost configuration file
- ::apache::vhost::php::webapp{$name:
- ensure => $ensure,
- domain => $domain,
- domainalias => $domainalias,
- server_admin => $server_admin,
- logmode => $logmode,
- path => $path,
- owner => $owner,
- group => $group,
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
- run_mode => $run_mode,
- run_uid => $run_uid,
- run_gid => $run_gid,
- allow_override => $allow_override,
- php_settings =>merge($std_drupal_php_settings, $php_settings),
- php_options => $php_options,
- do_includes => $do_includes,
- options => $options,
- additional_options => $additional_options,
- default_charset => $default_charset,
- mod_security => $mod_security,
- mod_security_relevantonly => $mod_security_relevantonly,
- mod_security_rules_to_disable => $mod_security_rules_to_disable,
- mod_security_additional_options => $mod_security_additional_options,
- ssl_mode => $ssl_mode,
- vhost_mode => $vhost_mode,
- template_partial => $template_partial,
- vhost_source => $vhost_source,
- vhost_destination => $vhost_destination,
- htpasswd_file => $htpasswd_file,
- htpasswd_path => $htpasswd_path,
- manage_directories => false,
- manage_config => false,
- }
+ $std_drupal_php_settings = {
+ magic_quotes_gpc => 0,
+ register_globals => 0,
+ 'session.auto_start' => 0,
+ 'mbstring.http_input' => 'pass',
+ 'mbstring.http_output' => 'pass',
+ 'mbstring.encoding_translation' => 0,
+ }
+
+ # create vhost configuration file
+ ::apache::vhost::php::webapp{$name:
+ ensure => $ensure,
+ configuration => $configuration,
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ logmode => $logmode,
+ path => $path,
+ owner => $owner,
+ group => $group,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
+ run_mode => $run_mode,
+ run_uid => $run_uid,
+ run_gid => $run_gid,
+ allow_override => $allow_override,
+ php_settings => merge($std_drupal_php_settings, $php_settings),
+ php_options => $php_options,
+ do_includes => $do_includes,
+ options => $options,
+ additional_options => $additional_options,
+ default_charset => $default_charset,
+ mod_security => $mod_security,
+ mod_security_relevantonly => $mod_security_relevantonly,
+ mod_security_rules_to_disable => $mod_security_rules_to_disable,
+ mod_security_additional_options => $mod_security_additional_options,
+ ssl_mode => $ssl_mode,
+ vhost_mode => $vhost_mode,
+ template_partial => $template_partial,
+ vhost_source => $vhost_source,
+ vhost_destination => $vhost_destination,
+ htpasswd_file => $htpasswd_file,
+ htpasswd_path => $htpasswd_path,
+ manage_directories => false,
+ manage_config => false,
+ }
}
diff --git a/manifests/vhost/php/gallery2.pp b/manifests/vhost/php/gallery2.pp
index d1876ff..3acb011 100644
--- a/manifests/vhost/php/gallery2.pp
+++ b/manifests/vhost/php/gallery2.pp
@@ -31,151 +31,111 @@
# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null
# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
define apache::vhost::php::gallery2(
- $ensure = present,
- $domain = 'absent',
- $domainalias = 'absent',
- $server_admin = 'absent',
- $logmode = 'default',
- $path = 'absent',
- $owner = root,
- $group = apache,
- $documentroot_owner = apache,
- $documentroot_group = 0,
- $documentroot_mode = 0640,
- $run_mode = 'normal',
- $run_uid = 'absent',
- $run_gid = 'absent',
- $allow_override = 'None',
- $php_settings = {},
- $php_options = {},
- $do_includes = false,
- $options = 'absent',
- $additional_options = 'absent',
- $default_charset = 'absent',
- $mod_security = false,
- $mod_security_relevantonly = true,
- $mod_security_rules_to_disable = [],
- $mod_security_additional_options = 'absent',
- $ssl_mode = false,
- $vhost_mode = 'template',
- $template_partial = 'apache/vhosts/php_gallery2/partial.erb',
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent',
- $manage_config = true,
- $config_webwriteable = false,
- $manage_directories = true,
- $upload_dir = 'present'
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $path = 'absent',
+ $owner = root,
+ $group = apache,
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = 0640,
+ $run_mode = 'normal',
+ $run_uid = 'absent',
+ $run_gid = 'absent',
+ $allow_override = 'None',
+ $php_settings = {},
+ $php_options = {},
+ $do_includes = false,
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $mod_security = false,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent',
+ $ssl_mode = false,
+ $vhost_mode = 'template',
+ $template_partial = 'apache/vhosts/php_gallery2/partial.erb',
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent',
+ $manage_config = true,
+ $config_webwriteable = false,
+ $manage_directories = true,
){
- $documentroot = $path ? {
- 'absent' => $::operatingsystem ? {
- openbsd => "/var/www/htdocs/${name}/www",
- default => "/var/www/vhosts/${name}/www"
- },
- default => "${path}/www"
- }
- $gdatadir = $path ? {
- 'absent' => $::operatingsystem ? {
- openbsd => "/var/www/htdocs/${name}/g2data",
- default => "/var/www/vhosts/${name}/g2data"
- },
- default => "${path}/g2data"
- }
- if ($upload_dir == 'present') or ($upload_dir == 'absent') {
- $real_upload_dir = $::operatingsystem ? {
- openbsd => "/var/www/htdocs/${name}/upload",
- default => "/var/www/vhosts/${name}/upload"
- }
- } else {
- $real_upload_dir = $upload_dir
- }
+ $documentroot = $path ? {
+ 'absent' => $::operatingsystem ? {
+ openbsd => "/var/www/htdocs/${name}/www",
+ default => "/var/www/vhosts/${name}/www"
+ },
+ default => "${path}/www"
+ }
+ $upload_dir = "/var/www/vhosts/${name}/data/upload"
+ $gdata_dir = "/var/www/vhosts/${name}/data/gdata"
+ if $ensure != 'absent' {
file{
- $gdatadir:
- ensure => $ensure ? {
- 'present' => directory,
- default => absent
- },
- owner => $documentroot_owner, group => $documentroot_group, mode => 0660;
- $real_upload_dir:
- owner => $documentroot_owner, group => $documentroot_group, mode => 0660;
- }
- if ($ensure == 'absent') or ($upload_dir == 'absent') {
- File[$real_upload_dir]{
- ensure => absent,
- purge => true,
- force => true,
- recurse => true
- }
- } else {
- File[$real_upload_dir]{
- ensure => directory
- }
- }
-
- $gallery_php_settings = {
- safe_mode => 'Off',
- output_buffering => 'Off',
+ $gdata_dir:
+ ensure => 'directory',
+ owner => $documentroot_owner,
+ group => $documentroot_group,
+ mode => '0660';
+ $upload_dir:
+ ensure => 'directory',
+ owner => $documentroot_owner,
+ group => $documentroot_group,
+ mode => '0660';
}
+ }
- # php upload_tmp_dir
- case $php_settings[upload_tmp_dir] {
- '',undef: {
- $php_settings[upload_tmp_dir] = "/var/www/upload_tmp_dir/$name"
- }
- }
- # php session_save_path
- case $php_settings['session.save_path'] {
- '',undef: {
- $php_settings['session.save_path'] = "/var/www/session.save_path/$name"
- }
- }
-
- if $upload_dir != 'absent' {
- $gallery_php_settings[open_basedir] = "${documentroot}:${php_settings[upload_tmp_dir]}:${php_settings['session.save_path']}:${gdatadir}:${real_upload_dir}"
- } else {
- $gallery_php_settings[open_basedir] = "${documentroot}:${php_settings[upload_tmp_dir]}:${php_settings['session.save_path']}:${gdatadir}"
- }
-
- $real_php_settings = merge($gallery_php_settings,$php_settings)
+ $gallery_php_settings = {
+ safe_mode => 'Off',
+ output_buffering => 'Off',
+ }
+ $real_php_settings = merge($gallery_php_settings,$php_settings)
- # create vhost configuration file
- ::apache::vhost::php::webapp{$name:
- ensure => $ensure,
- domain => $domain,
- domainalias => $domainalias,
- server_admin => $server_admin,
- logmode => $logmode,
- path => $path,
- owner => $owner,
- group => $group,
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
- run_mode => $run_mode,
- run_uid => $run_uid,
- run_gid => $run_gid,
- allow_override => $allow_override,
- php_settings => $real_php_settings,
- php_options => $php_options,
- do_includes => $do_includes,
- options => $options,
- additional_options => $additional_options,
- default_charset => $default_charset,
- mod_security => $mod_security,
- mod_security_relevantonly => $mod_security_relevantonly,
- mod_security_rules_to_disable => $mod_security_rules_to_disable,
- mod_security_additional_options => $mod_security_additional_options,
- ssl_mode => $ssl_mode,
- vhost_mode => $vhost_mode,
- template_partial => $template_partial,
- vhost_source => $vhost_source,
- vhost_destination => $vhost_destination,
- htpasswd_file => $htpasswd_file,
- htpasswd_path => $htpasswd_path,
- manage_directories => $manage_directories,
- manage_config => $manage_config,
- config_file => 'config.php',
- }
+ # create vhost configuration file
+ ::apache::vhost::php::webapp{$name:
+ ensure => $ensure,
+ configuration => $configuration,
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ logmode => $logmode,
+ path => $path,
+ owner => $owner,
+ group => $group,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
+ run_mode => $run_mode,
+ run_uid => $run_uid,
+ run_gid => $run_gid,
+ allow_override => $allow_override,
+ php_settings => $real_php_settings,
+ php_options => $php_options,
+ do_includes => $do_includes,
+ options => $options,
+ additional_options => $additional_options,
+ default_charset => $default_charset,
+ mod_security => $mod_security,
+ mod_security_relevantonly => $mod_security_relevantonly,
+ mod_security_rules_to_disable => $mod_security_rules_to_disable,
+ mod_security_additional_options => $mod_security_additional_options,
+ ssl_mode => $ssl_mode,
+ vhost_mode => $vhost_mode,
+ template_partial => $template_partial,
+ vhost_source => $vhost_source,
+ vhost_destination => $vhost_destination,
+ htpasswd_file => $htpasswd_file,
+ htpasswd_path => $htpasswd_path,
+ manage_directories => $manage_directories,
+ manage_config => $manage_config,
+ config_file => 'config.php',
+ }
}
diff --git a/manifests/vhost/php/global_exec_bin_dir.pp b/manifests/vhost/php/global_exec_bin_dir.pp
index cbb9803..efcdaf7 100644
--- a/manifests/vhost/php/global_exec_bin_dir.pp
+++ b/manifests/vhost/php/global_exec_bin_dir.pp
@@ -1,6 +1,9 @@
+# manage global exec_bin_dir
class apache::vhost::php::global_exec_bin_dir {
file{'/var/www/php_safe_exec_bins':
- ensure => directory,
- owner => root, group => apache, mode => 0640;
+ ensure => directory,
+ owner => root,
+ group => apache,
+ mode => '0640';
}
}
diff --git a/manifests/vhost/php/joomla.pp b/manifests/vhost/php/joomla.pp
index 3962efa..ed0696f 100644
--- a/manifests/vhost/php/joomla.pp
+++ b/manifests/vhost/php/joomla.pp
@@ -1,21 +1,26 @@
-# run_mode: controls in which mode the vhost should be run, there are different setups
-# possible:
-# - normal: (*default*) run vhost with the current active worker (default: prefork) don't
-# setup anything special
-# - itk: run vhost with the mpm_itk module (Incompatibility: cannot be used in combination
-# with 'proxy-itk' & 'static-itk' mode)
-# - proxy-itk: run vhost with a dual prefork/itk setup, where prefork just proxies all the
-# requests for the itk setup, that listens only on the loobpack device.
-# (Incompatibility: cannot be used in combination with the itk setup.)
-# - static-itk: run vhost with a dual prefork/itk setup, where prefork serves all the static
-# content and proxies the dynamic calls to the itk setup, that listens only on
-# the loobpack device (Incompatibility: cannot be used in combination with
-# 'itk' mode)
+# run_mode: controls in which mode the vhost should be run, there are different
+# setups possible:
+# - normal: (*default*) run vhost with the current active worker
+# (default: prefork) don't setup anything special
+# - itk: run vhost with the mpm_itk module (Incompatibility: cannot be used in
+# combination with 'proxy-itk' & 'static-itk' mode)
+# - proxy-itk: run vhost with a dual prefork/itk setup, where prefork just
+# proxies all the requests for the itk setup, that listens only
+# on the loobpack device.
+# (Incompatibility: cannot be used in combination with the itk
+# setup.)
+# - static-itk: run vhost with a dual prefork/itk setup, where prefork serves
+# all the static
+# content and proxies the dynamic calls to the itk setup, that
+# listens only on the loobpack device
+# (Incompatibility: cannot be used in combination with 'itk'
+# mode)
#
# run_uid: the uid the vhost should run as with the itk module
# run_gid: the gid the vhost should run as with the itk module
#
-# mod_security: Whether we use mod_security or not (will include mod_security module)
+# mod_security: Whether we use mod_security or not (will include mod_security
+# module)
# - false: don't activate mod_security
# - true: (*default*) activate mod_security
#
@@ -25,41 +30,43 @@
# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null
# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
define apache::vhost::php::joomla(
- $ensure = present,
- $domain = 'absent',
- $domainalias = 'absent',
- $server_admin = 'absent',
- $logmode = 'default',
- $path = 'absent',
- $owner = root,
- $group = apache,
- $documentroot_owner = apache,
- $documentroot_group = 0,
- $documentroot_mode = '0640',
- $run_mode = 'normal',
- $run_uid = 'absent',
- $run_gid = 'absent',
- $allow_override = 'None',
- $php_settings = {},
- $php_options = {},
- $do_includes = false,
- $options = 'absent',
- $additional_options = 'absent',
- $default_charset = 'absent',
- $mod_security = true,
- $mod_security_relevantonly = true,
- $mod_security_rules_to_disable = [],
- $mod_security_additional_options = 'absent',
- $ssl_mode = false,
- $vhost_mode = 'template',
- $template_partial = 'apache/vhosts/php_joomla/partial.erb',
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent',
- $manage_config = true,
- $config_webwriteable = false,
- $manage_directories = true
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $path = 'absent',
+ $owner = root,
+ $group = apache,
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = '0640',
+ $run_mode = 'normal',
+ $run_uid = 'absent',
+ $run_gid = 'absent',
+ $allow_override = 'None',
+ $php_settings = {},
+ $php_options = {},
+ $php_installation = 'system',
+ $do_includes = false,
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $mod_security = true,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent',
+ $ssl_mode = false,
+ $vhost_mode = 'template',
+ $template_partial = 'apache/vhosts/php_joomla/partial.erb',
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent',
+ $manage_config = true,
+ $config_webwriteable = false,
+ $manage_directories = true
){
include ::apache::include::joomla
@@ -73,34 +80,41 @@ define apache::vhost::php::joomla(
if $mod_security_additional_options == 'absent' {
$id_str = $::operatingsystem ? {
- 'CentOS' => $::lsbmajdistrelease ? {
+ 'CentOS' => $::operatingsystemmajrelease ? {
5 => '',
default => 'id:1199400,'
},
default => ''
}
- $real_mod_security_additional_options = "# http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html
- # Exceptions for Joomla Root Directory
- <LocationMatch \"^/\">
- SecRuleRemoveById 950013
- </LocationMatch>
+ $real_mod_security_additional_options = "
+ # http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f9/howto/modsecurity.html
+ # Exceptions for Joomla Root Directory
+ <LocationMatch \"^/\">
+ SecRuleRemoveById 950013
+ </LocationMatch>
- # Exceptions for Joomla Administration Panel
- SecRule REQUEST_FILENAME \"/administrator/index2.php\" \"${id_str}allow,phase:1,nolog,ctl:ruleEngine=Off\"
+ # Exceptions for Joomla Administration Panel
+ SecRule REQUEST_FILENAME \"/administrator/index2.php\" \"${id_str}allow,phase:1,nolog,ctl:ruleEngine=Off\"
- # Exceptions for Joomla Component Expose
- <LocationMatch \"^/components/com_expose/expose/manager/amfphp/gateway.php\">
- SecRuleRemoveById 960010
- </LocationMatch>
+ # Exceptions for Joomla Component Expose
+ <LocationMatch \"^/components/com_expose/expose/manager/amfphp/gateway.php\">
+ SecRuleRemoveById 960010
+ </LocationMatch>
"
} else {
$real_mod_security_additional_options = $mod_security_additional_options
}
+ $std_joomla_php_settings = {
+ 'allow_url_fopen' => 'on',
+ 'allow_url_include' => 'off',
+ }
+
# create vhost configuration file
::apache::vhost::php::webapp{
$name:
ensure => $ensure,
+ configuration => $configuration,
domain => $domain,
domainalias => $domainalias,
server_admin => $server_admin,
@@ -115,8 +129,10 @@ define apache::vhost::php::joomla(
run_uid => $run_uid,
run_gid => $run_gid,
allow_override => $allow_override,
- php_settings => $php_settings,
+ php_settings => merge($std_joomla_php_settings,
+ $php_settings),
php_options => $php_options,
+ php_installation => $php_installation,
do_includes => $do_includes,
options => $options,
additional_options => $additional_options,
@@ -133,7 +149,7 @@ define apache::vhost::php::joomla(
htpasswd_file => $htpasswd_file,
htpasswd_path => $htpasswd_path,
manage_directories => $manage_directories,
- managed_directories => [ "${documentroot}/administrator/backups",
+ managed_directories => [ "${documentroot}/administrator/backups",
"${documentroot}/administrator/components",
"${documentroot}/administrator/language",
"${documentroot}/administrator/modules",
diff --git a/manifests/vhost/php/mediawiki.pp b/manifests/vhost/php/mediawiki.pp
index 502af53..25881ca 100644
--- a/manifests/vhost/php/mediawiki.pp
+++ b/manifests/vhost/php/mediawiki.pp
@@ -25,80 +25,82 @@
# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null
# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
define apache::vhost::php::mediawiki(
- $ensure = present,
- $domain = 'absent',
- $domainalias = 'absent',
- $server_admin = 'absent',
- $logmode = 'default',
- $path = 'absent',
- $manage_docroot = true,
- $owner = root,
- $group = apache,
- $documentroot_owner = apache,
- $documentroot_group = 0,
- $documentroot_mode = 0640,
- $run_mode = 'normal',
- $run_uid = 'absent',
- $run_gid = 'absent',
- $allow_override = 'FileInfo Limit',
- $php_settings = {},
- $php_options = {},
- $options = 'absent',
- $additional_options = 'absent',
- $default_charset = 'absent',
- $mod_security = true,
- $mod_security_relevantonly = true,
- $mod_security_rules_to_disable = [],
- $mod_security_additional_options = 'absent',
- $ssl_mode = false,
- $vhost_mode = 'template',
- $template_partial = 'apache/vhosts/php_mediawiki/partial.erb',
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent'
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $path = 'absent',
+ $manage_docroot = true,
+ $owner = root,
+ $group = apache,
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = 0640,
+ $run_mode = 'normal',
+ $run_uid = 'absent',
+ $run_gid = 'absent',
+ $allow_override = 'FileInfo Limit',
+ $php_settings = {},
+ $php_options = {},
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $mod_security = true,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent',
+ $ssl_mode = false,
+ $vhost_mode = 'template',
+ $template_partial = 'apache/vhosts/php_mediawiki/partial.erb',
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent'
){
- $mediawiki_php_settings = {
- safe_mode => false,
- }
+ $mediawiki_php_settings = {
+ safe_mode => false,
+ }
- # create vhost configuration file
- ::apache::vhost::php::webapp{$name:
- ensure => $ensure,
- domain => $domain,
- domainalias => $domainalias,
- server_admin => $server_admin,
- logmode => $logmode,
- path => $path,
- manage_docroot => $manage_docroot,
- owner => $owner,
- group => $group,
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
- run_mode => $run_mode,
- run_uid => $run_uid,
- run_gid => $run_gid,
- allow_override => $allow_override,
- php_settings => merge($mediawiki_php_settings,$php_settings),
- php_options => $php_options,
- options => $options,
- additional_options => $additional_options,
- default_charset => $default_charset,
- mod_security => $mod_security,
- mod_security_relevantonly => $mod_security_relevantonly,
- mod_security_rules_to_disable => $mod_security_rules_to_disable,
- mod_security_additional_options => $mod_security_additional_options,
- ssl_mode => $ssl_mode,
- vhost_mode => $vhost_mode,
- template_partial => $template_partial,
- vhost_source => $vhost_source,
- vhost_destination => $vhost_destination,
- htpasswd_file => $htpasswd_file,
- htpasswd_path => $htpasswd_path,
- manage_directories => false,
- manage_config => false,
- }
+ # create vhost configuration file
+ ::apache::vhost::php::webapp{$name:
+ ensure => $ensure,
+ configuration => $configuration,
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ logmode => $logmode,
+ path => $path,
+ manage_docroot => $manage_docroot,
+ owner => $owner,
+ group => $group,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
+ run_mode => $run_mode,
+ run_uid => $run_uid,
+ run_gid => $run_gid,
+ allow_override => $allow_override,
+ php_settings => merge($mediawiki_php_settings,$php_settings),
+ php_options => $php_options,
+ options => $options,
+ additional_options => $additional_options,
+ default_charset => $default_charset,
+ mod_security => $mod_security,
+ mod_security_relevantonly => $mod_security_relevantonly,
+ mod_security_rules_to_disable => $mod_security_rules_to_disable,
+ mod_security_additional_options => $mod_security_additional_options,
+ ssl_mode => $ssl_mode,
+ vhost_mode => $vhost_mode,
+ template_partial => $template_partial,
+ vhost_source => $vhost_source,
+ vhost_destination => $vhost_destination,
+ htpasswd_file => $htpasswd_file,
+ htpasswd_path => $htpasswd_path,
+ manage_directories => false,
+ manage_config => false,
+ }
}
diff --git a/manifests/vhost/php/safe_mode_bin.pp b/manifests/vhost/php/safe_mode_bin.pp
index 4a3574d..1c82e19 100644
--- a/manifests/vhost/php/safe_mode_bin.pp
+++ b/manifests/vhost/php/safe_mode_bin.pp
@@ -1,14 +1,17 @@
+# safe_mode binaries
define apache::vhost::php::safe_mode_bin(
$ensure = 'present',
$path
){
$substr=regsubst($name,'^.*\/','','G')
- $real_path = "$path/$substr"
+ $real_path = "${path}/${substr}"
+ $target = $ensure ? {
+ 'present' => regsubst($name,'^.*@',''),
+ default => absent,
+ }
file{$real_path:
- ensure => $ensure ? {
- 'present' => regsubst($name,'^.*@',''),
- default => absent,
- }
+ ensure => link,
+ target => $target,
}
}
diff --git a/manifests/vhost/php/silverstripe.pp b/manifests/vhost/php/silverstripe.pp
index da58296..1f19eab 100644
--- a/manifests/vhost/php/silverstripe.pp
+++ b/manifests/vhost/php/silverstripe.pp
@@ -25,93 +25,95 @@
# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null
# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
define apache::vhost::php::silverstripe(
- $ensure = present,
- $domain = 'absent',
- $domainalias = 'absent',
- $server_admin = 'absent',
- $logmode = 'default',
- $path = 'absent',
- $owner = root,
- $group = apache,
- $documentroot_owner = apache,
- $documentroot_group = 0,
- $documentroot_mode = 0640,
- $run_mode = 'normal',
- $run_uid = 'absent',
- $run_gid = 'absent',
- $allow_override = 'None',
- $php_settings = {},
- $php_options = {},
- $do_includes = false,
- $options = 'absent',
- $additional_options = 'absent',
- $default_charset = 'absent',
- $mod_security = true,
- $mod_security_relevantonly = true,
- $mod_security_rules_to_disable = [],
- $mod_security_additional_options = 'absent',
- $ssl_mode = false,
- $vhost_mode = 'template',
- $template_partial = 'apache/vhosts/php_silverstripe/partial.erb',
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent',
- $manage_config = true,
- $config_webwriteable = false,
- $manage_directories = true
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $path = 'absent',
+ $owner = root,
+ $group = apache,
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = '0640',
+ $run_mode = 'normal',
+ $run_uid = 'absent',
+ $run_gid = 'absent',
+ $allow_override = 'None',
+ $php_settings = {},
+ $php_options = {},
+ $do_includes = false,
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $mod_security = true,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent',
+ $ssl_mode = false,
+ $vhost_mode = 'template',
+ $template_partial = 'apache/vhosts/php_silverstripe/partial.erb',
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent',
+ $manage_config = true,
+ $config_webwriteable = false,
+ $manage_directories = true,
){
- include ::apache::include::silverstripe
+ include ::apache::include::silverstripe
- $documentroot = $path ? {
- 'absent' => $::operatingsystem ? {
- openbsd => "/var/www/htdocs/${name}/www",
- default => "/var/www/vhosts/${name}/www"
- },
- default => "${path}/www"
- }
- $modsec_rules = ["960010"]
- $real_mod_security_rules_to_disable = array_union($mod_security_rules_to_disable,$modsec_rules)
+ $documentroot = $path ? {
+ 'absent' => $::operatingsystem ? {
+ openbsd => "/var/www/htdocs/${name}/www",
+ default => "/var/www/vhosts/${name}/www"
+ },
+ default => "${path}/www"
+ }
+ $modsec_rules = ['960010']
+ $real_mod_security_rules_to_disable = union($mod_security_rules_to_disable,$modsec_rules)
- # create vhost configuration file
- ::apache::vhost::php::webapp{$name:
- ensure => $ensure,
- domain => $domain,
- domainalias => $domainalias,
- server_admin => $server_admin,
- logmode => $logmode,
- path => $path,
- owner => $owner,
- group => $group,
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
- run_mode => $run_mode,
- run_uid => $run_uid,
- run_gid => $run_gid,
- allow_override => $allow_override,
- php_settings => $php_settings,
- php_options => $php_options,
- do_includes => $do_includes,
- options => $options,
- additional_options => $additional_options,
- default_charset => $default_charset,
- mod_security => $mod_security,
- mod_security_relevantonly => $mod_security_relevantonly,
- mod_security_rules_to_disable => $mod_security_rules_to_disable,
- mod_security_additional_options => $mod_security_additional_options,
- ssl_mode => $ssl_mode,
- vhost_mode => $vhost_mode,
- template_partial => $template_partial,
- vhost_source => $vhost_source,
- vhost_destination => $vhost_destination,
- htpasswd_file => $htpasswd_file,
- htpasswd_path => $htpasswd_path,
- manage_directories => $manage_directories,
- managed_directories => [ "${documentroot}/assets" ],
- manage_config => $manage_config,
- }
+ # create vhost configuration file
+ ::apache::vhost::php::webapp{$name:
+ ensure => $ensure,
+ configuration => $configuration,
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ logmode => $logmode,
+ path => $path,
+ owner => $owner,
+ group => $group,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
+ run_mode => $run_mode,
+ run_uid => $run_uid,
+ run_gid => $run_gid,
+ allow_override => $allow_override,
+ php_settings => $php_settings,
+ php_options => $php_options,
+ do_includes => $do_includes,
+ options => $options,
+ additional_options => $additional_options,
+ default_charset => $default_charset,
+ mod_security => $mod_security,
+ mod_security_relevantonly => $mod_security_relevantonly,
+ mod_security_rules_to_disable => $mod_security_rules_to_disable,
+ mod_security_additional_options => $mod_security_additional_options,
+ ssl_mode => $ssl_mode,
+ vhost_mode => $vhost_mode,
+ template_partial => $template_partial,
+ vhost_source => $vhost_source,
+ vhost_destination => $vhost_destination,
+ htpasswd_file => $htpasswd_file,
+ htpasswd_path => $htpasswd_path,
+ manage_directories => $manage_directories,
+ managed_directories => [ "${documentroot}/assets" ],
+ manage_config => $manage_config,
+ }
}
diff --git a/manifests/vhost/php/simplemachine.pp b/manifests/vhost/php/simplemachine.pp
index b5178da..3fa11a7 100644
--- a/manifests/vhost/php/simplemachine.pp
+++ b/manifests/vhost/php/simplemachine.pp
@@ -25,99 +25,101 @@
# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null
# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
define apache::vhost::php::simplemachine(
- $ensure = present,
- $domain = 'absent',
- $domainalias = 'absent',
- $server_admin = 'absent',
- $logmode = 'default',
- $path = 'absent',
- $owner = root,
- $group = apache,
- $documentroot_owner = apache,
- $documentroot_group = 0,
- $documentroot_mode = 0640,
- $run_mode = 'normal',
- $run_uid = 'absent',
- $run_gid = 'absent',
- $allow_override = 'None',
- $php_settings = {},
- $php_options = {},
- $do_includes = false,
- $options = 'absent',
- $additional_options = 'absent',
- $default_charset = 'absent',
- $mod_security = true,
- $mod_security_relevantonly = true,
- $mod_security_rules_to_disable = [],
- $mod_security_additional_options = 'absent',
- $ssl_mode = false,
- $vhost_mode = 'template',
- $template_partial = 'apache/vhosts/php/partial.erb',
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent',
- $manage_config = true,
- $config_webwriteable = false,
- $manage_directories = true
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $path = 'absent',
+ $owner = root,
+ $group = apache,
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = '0640',
+ $run_mode = 'normal',
+ $run_uid = 'absent',
+ $run_gid = 'absent',
+ $allow_override = 'None',
+ $php_settings = {},
+ $php_options = {},
+ $do_includes = false,
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $mod_security = true,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent',
+ $ssl_mode = false,
+ $vhost_mode = 'template',
+ $template_partial = 'apache/vhosts/php/partial.erb',
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent',
+ $manage_config = true,
+ $config_webwriteable = false,
+ $manage_directories = true,
){
- $documentroot = $path ? {
- 'absent' => $::operatingsystem ? {
- openbsd => "/var/www/htdocs/${name}/www",
- default => "/var/www/vhosts/${name}/www"
- },
- default => "${path}/www"
- }
+ $documentroot = $path ? {
+ 'absent' => $::operatingsystem ? {
+ openbsd => "/var/www/htdocs/${name}/www",
+ default => "/var/www/vhosts/${name}/www"
+ },
+ default => "${path}/www"
+ }
- # create vhost configuration file
- ::apache::vhost::php::webapp{$name:
- ensure => $ensure,
- domain => $domain,
- domainalias => $domainalias,
- server_admin => $server_admin,
- logmode => $logmode,
- path => $path,
- owner => $owner,
- group => $group,
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
- run_mode => $run_mode,
- run_uid => $run_uid,
- run_gid => $run_gid,
- allow_override => $allow_override,
- php_settings => $php_settings,
- php_options => $php_options,
- do_includes => $do_includes,
- options => $options,
- additional_options => $additional_options,
- default_charset => $default_charset,
- mod_security => $mod_security,
- mod_security_relevantonly => $mod_security_relevantonly,
- mod_security_rules_to_disable => $mod_security_rules_to_disable,
- mod_security_additional_options => $mod_security_additional_options,
- ssl_mode => $ssl_mode,
- vhost_mode => $vhost_mode,
- template_partial => $template_partial,
- vhost_source => $vhost_source,
- vhost_destination => $vhost_destination,
- htpasswd_file => $htpasswd_file,
- htpasswd_path => $htpasswd_path,
- manage_directories => $manage_directories,
- managed_directories => [
- "${documentroot}/agreement.txt",
- "${documentroot}/attachments",
- "${documentroot}/avatars",
- "${documentroot}/cache",
- "${documentroot}/Packages",
- "${documentroot}/Packages/installed.list",
- "${documentroot}/Smileys",
- "${documentroot}/Themes",
- "${documentroot}/Themes/default/languages/Install.english.php"
- ],
- manage_config => $manage_config,
- config_webwriteable => $config_webwriteable,
- config_file => 'Settings.php',
- }
+ # create vhost configuration file
+ ::apache::vhost::php::webapp{$name:
+ ensure => $ensure,
+ configuration => $configuration,
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ logmode => $logmode,
+ path => $path,
+ owner => $owner,
+ group => $group,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
+ run_mode => $run_mode,
+ run_uid => $run_uid,
+ run_gid => $run_gid,
+ allow_override => $allow_override,
+ php_settings => $php_settings,
+ php_options => $php_options,
+ do_includes => $do_includes,
+ options => $options,
+ additional_options => $additional_options,
+ default_charset => $default_charset,
+ mod_security => $mod_security,
+ mod_security_relevantonly => $mod_security_relevantonly,
+ mod_security_rules_to_disable => $mod_security_rules_to_disable,
+ mod_security_additional_options => $mod_security_additional_options,
+ ssl_mode => $ssl_mode,
+ vhost_mode => $vhost_mode,
+ template_partial => $template_partial,
+ vhost_source => $vhost_source,
+ vhost_destination => $vhost_destination,
+ htpasswd_file => $htpasswd_file,
+ htpasswd_path => $htpasswd_path,
+ manage_directories => $manage_directories,
+ managed_directories => [
+ "${documentroot}/agreement.txt",
+ "${documentroot}/attachments",
+ "${documentroot}/avatars",
+ "${documentroot}/cache",
+ "${documentroot}/Packages",
+ "${documentroot}/Packages/installed.list",
+ "${documentroot}/Smileys",
+ "${documentroot}/Themes",
+ "${documentroot}/Themes/default/languages/Install.english.php"
+ ],
+ manage_config => $manage_config,
+ config_webwriteable => $config_webwriteable,
+ config_file => 'Settings.php',
+ }
}
diff --git a/manifests/vhost/php/spip.pp b/manifests/vhost/php/spip.pp
index 5f4ffdb..e33c1df 100644
--- a/manifests/vhost/php/spip.pp
+++ b/manifests/vhost/php/spip.pp
@@ -25,88 +25,90 @@
# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null
# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
define apache::vhost::php::spip(
- $ensure = present,
- $domain = 'absent',
- $domainalias = 'absent',
- $server_admin = 'absent',
- $logmode = 'default',
- $path = 'absent',
- $owner = root,
- $group = apache,
- $documentroot_owner = apache,
- $documentroot_group = 0,
- $documentroot_mode = 0640,
- $run_mode = 'normal',
- $run_uid = 'absent',
- $run_gid = 'absent',
- $allow_override = 'FileInfo',
- $php_settings = {},
- $php_options = {},
- $template_partial = 'apache/vhosts/php/partial.erb',
- $do_includes = false,
- $options = 'absent',
- $additional_options = 'absent',
- $default_charset = 'absent',
- $mod_security = true,
- $mod_security_relevantonly = true,
- $mod_security_rules_to_disable = [],
- $mod_security_additional_options = 'absent',
- $ssl_mode = false,
- $vhost_mode = 'template',
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent'
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $path = 'absent',
+ $owner = root,
+ $group = apache,
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = '0640',
+ $run_mode = 'normal',
+ $run_uid = 'absent',
+ $run_gid = 'absent',
+ $allow_override = 'FileInfo',
+ $php_settings = {},
+ $php_options = {},
+ $template_partial = 'apache/vhosts/php/partial.erb',
+ $do_includes = false,
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $mod_security = true,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent',
+ $ssl_mode = false,
+ $vhost_mode = 'template',
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent'
){
- $documentroot = $path ? {
- 'absent' => $::operatingsystem ? {
- openbsd => "/var/www/htdocs/${name}/www",
- default => "/var/www/vhosts/${name}/www"
- },
- default => "${path}/www"
- }
+ $documentroot = $path ? {
+ 'absent' => $::operatingsystem ? {
+ openbsd => "/var/www/htdocs/${name}/www",
+ default => "/var/www/vhosts/${name}/www"
+ },
+ default => "${path}/www"
+ }
- # create vhost configuration file
- ::apache::vhost::php::webapp{$name:
- ensure => $ensure,
- domain => $domain,
- domainalias => $domainalias,
- server_admin => $server_admin,
- logmode => $logmode,
- path => $path,
- owner => $owner,
- group => $group,
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
- run_mode => $run_mode,
- run_uid => $run_uid,
- run_gid => $run_gid,
- allow_override => $allow_override,
- php_settings => $php_settings,
- php_options => $php_options,
- do_includes => $do_includes,
- options => $options,
- additional_options => $additional_options,
- default_charset => $default_charset,
- mod_security => $mod_security,
- mod_security_relevantonly => $mod_security_relevantonly,
- mod_security_rules_to_disable => $mod_security_rules_to_disable,
- mod_security_additional_options=> $mod_security_additional_options,
- ssl_mode => $ssl_mode,
- vhost_mode => $vhost_mode,
- template_partial => $template_partial,
- vhost_source => $vhost_source,
- vhost_destination => $vhost_destination,
- htpasswd_file => $htpasswd_file,
- htpasswd_path => $htpasswd_path,
- managed_directories => [
- "${documentroot}/IMG",
- "${documentroot}/tmp",
- "${documentroot}/local",
- "${documentroot}/config"
- ],
- manage_config => false,
- }
+ # create vhost configuration file
+ ::apache::vhost::php::webapp{$name:
+ ensure => $ensure,
+ configuration => $configuration,
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ logmode => $logmode,
+ path => $path,
+ owner => $owner,
+ group => $group,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
+ run_mode => $run_mode,
+ run_uid => $run_uid,
+ run_gid => $run_gid,
+ allow_override => $allow_override,
+ php_settings => $php_settings,
+ php_options => $php_options,
+ do_includes => $do_includes,
+ options => $options,
+ additional_options => $additional_options,
+ default_charset => $default_charset,
+ mod_security => $mod_security,
+ mod_security_relevantonly => $mod_security_relevantonly,
+ mod_security_rules_to_disable => $mod_security_rules_to_disable,
+ mod_security_additional_options => $mod_security_additional_options,
+ ssl_mode => $ssl_mode,
+ vhost_mode => $vhost_mode,
+ template_partial => $template_partial,
+ vhost_source => $vhost_source,
+ vhost_destination => $vhost_destination,
+ htpasswd_file => $htpasswd_file,
+ htpasswd_path => $htpasswd_path,
+ managed_directories => [
+ "${documentroot}/IMG",
+ "${documentroot}/tmp",
+ "${documentroot}/local",
+ "${documentroot}/config"
+ ],
+ manage_config => false,
+ }
}
diff --git a/manifests/vhost/php/standard.pp b/manifests/vhost/php/standard.pp
index 53fa8f9..3870707 100644
--- a/manifests/vhost/php/standard.pp
+++ b/manifests/vhost/php/standard.pp
@@ -25,226 +25,280 @@
# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null
# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
define apache::vhost::php::standard(
- $ensure = present,
- $domain = 'absent',
- $domainalias = 'absent',
- $server_admin = 'absent',
- $logmode = 'default',
- $logpath = 'absent',
- $path = 'absent',
- $manage_webdir = true,
- $path_is_webdir = false,
- $manage_docroot = true,
- $owner = root,
- $group = apache,
- $documentroot_owner = apache,
- $documentroot_group = 0,
- $documentroot_mode = 0640,
- $run_mode = 'normal',
- $run_uid = 'absent',
- $run_gid = 'absent',
- $allow_override = 'None',
- $php_settings = {},
- $php_options = {},
- $do_includes = false,
- $options = 'absent',
- $additional_options = 'absent',
- $default_charset = 'absent',
- $use_mod_macro = false,
- $mod_security = true,
- $mod_security_relevantonly = true,
- $mod_security_rules_to_disable = [],
- $mod_security_additional_options = 'absent',
- $ssl_mode = false,
- $vhost_mode = 'template',
- $template_partial = 'apache/vhosts/php/partial.erb',
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent'
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $logpath = 'absent',
+ $logprefix = '',
+ $path = 'absent',
+ $manage_webdir = true,
+ $path_is_webdir = false,
+ $manage_docroot = true,
+ $owner = root,
+ $group = apache,
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = 0640,
+ $run_mode = 'normal',
+ $run_uid = 'absent',
+ $run_gid = 'absent',
+ $allow_override = 'None',
+ $php_settings = {},
+ $php_options = {},
+ $php_installation = 'system',
+ $do_includes = false,
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $use_mod_macro = false,
+ $mod_security = true,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent',
+ $ssl_mode = false,
+ $vhost_mode = 'template',
+ $template_partial = 'apache/vhosts/php/partial.erb',
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent',
){
- if $manage_webdir {
- # create webdir
- ::apache::vhost::webdir{$name:
- ensure => $ensure,
- path => $path,
- owner => $owner,
- group => $group,
- run_mode => $run_mode,
- manage_docroot => $manage_docroot,
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
- }
+ if $manage_webdir {
+ # create webdir
+ ::apache::vhost::webdir{$name:
+ ensure => $ensure,
+ path => $path,
+ owner => $owner,
+ group => $group,
+ run_mode => $run_mode,
+ manage_docroot => $manage_docroot,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
}
+ }
- $real_path = $path ? {
- 'absent' => $::operatingsystem ? {
- openbsd => "/var/www/htdocs/${name}",
- default => "/var/www/vhosts/${name}"
- },
- default => $path
- }
+ $real_path = $path ? {
+ 'absent' => $::operatingsystem ? {
+ openbsd => "/var/www/htdocs/${name}",
+ default => "/var/www/vhosts/${name}"
+ },
+ default => $path
+ }
- if $path_is_webdir {
- $documentroot = $real_path
- } else {
- $documentroot = "${real_path}/www"
- }
- $logdir = $logpath ? {
- 'absent' => "$real_path/logs",
- default => $logpath
- }
+ if $path_is_webdir {
+ $documentroot = $real_path
+ } else {
+ $documentroot = "${real_path}/www"
+ }
+ $logdir = $logpath ? {
+ 'absent' => "${real_path}/logs",
+ default => $logpath
+ }
- $std_php_options = {
- smarty => false,
- pear => false,
- }
- $real_php_options = merge($std_php_options,$php_options)
+ $std_php_options = {
+ smarty => false,
+ pear => false,
+ }
+ $real_php_options = merge($std_php_options,$php_options)
- if $real_php_options[smarty] {
- include php::extensions::smarty
- $smarty_path = '/usr/share/php/Smarty/:'
- } else {
- $smarty_path = ''
- }
+ if $real_php_options[smarty] {
+ include php::extensions::smarty
+ $smarty_path = '/usr/share/php/Smarty/:'
+ } else {
+ $smarty_path = ''
+ }
- if $real_php_options[pear] {
- $pear_path = '/usr/share/pear/:'
- } else {
- $pear_path = ''
- }
+ if $real_php_options[pear] {
+ $pear_path = '/usr/share/pear/:'
+ } else {
+ $pear_path = ''
+ }
+ if $logmode != 'nologs' {
+ $php_error_log = "${logdir}/php_error_log"
+ } else {
+ $php_error_log = undef
+ }
- $std_php_settings = {
- engine => 'On',
- upload_tmp_dir => "/var/www/upload_tmp_dir/${name}",
- 'session.save_path' => "/var/www/session.save_path/${name}",
- open_basedir => "${smarty_path}${pear_path}${documentroot}:/var/www/upload_tmp_dir/${name}:/var/www/session.save_path/${name}",
- safe_mode => 'On',
+ if ('safe_mode_exec_dir' in $php_settings) {
+ $php_safe_mode_exec_dir = $php_settings[safe_mode_exec_dir]
+ } else {
+ $php_safe_mode_exec_dir = $path ? {
+ 'absent' => $::operatingsystem ? {
+ openbsd => "/var/www/htdocs/${name}/bin",
+ default => "/var/www/vhosts/${name}/bin"
+ },
+ default => "${path}/bin"
}
- if $logmode != 'nologs' {
- $std_php_settings[error_log] = "${logdir}/php_error_log"
+ }
+ file{$php_safe_mode_exec_dir:
+ recurse => true,
+ force => true,
+ purge => true,
+ }
+ if ('safe_mode_exec_bins' in $php_options) {
+ $std_php_settings_safe_mode_exec_dir = $php_safe_mode_exec_dir
+ $ensure_exec = $ensure ? {
+ 'present' => directory,
+ default => 'absent',
}
- if $run_mode == 'fcgid' {
- $std_php_settings[safe_mode_gid] = 'On'
+ File[$php_safe_mode_exec_dir]{
+ ensure => $ensure_exec,
+ owner => $documentroot_owner,
+ group => $documentroot_group,
+ mode => '0750',
}
-
- if has_key($php_settings,'safe_mode_exec_dir') {
- $php_safe_mode_exec_dir = $php_settings[safe_mode_exec_dir]
- } else {
- $php_safe_mode_exec_dir = $path ? {
- 'absent' => $::operatingsystem ? {
- openbsd => "/var/www/htdocs/${name}/bin",
- default => "/var/www/vhosts/${name}/bin"
- },
- default => "${path}/bin"
- }
+ $php_safe_mode_exec_bins_subst = regsubst($php_options[safe_mode_exec_bins],'(.+)',"${name}@\\1")
+ apache::vhost::php::safe_mode_bin{
+ $php_safe_mode_exec_bins_subst:
+ ensure => $ensure,
+ path => $php_safe_mode_exec_dir;
}
- file{$php_safe_mode_exec_dir:
- recurse => true,
- force => true,
- purge => true,
+ } else {
+ $std_php_settings_safe_mode_exec_dir = undef
+ File[$php_safe_mode_exec_dir]{
+ ensure => absent,
}
- if has_key($php_options,'safe_mode_exec_bins') {
- $std_php_settings[safe_mode_exec_dir] = $php_safe_mode_exec_dir
- File[$php_safe_mode_exec_dir]{
- ensure => $ensure ? {
- 'present' => directory,
- default => absent,
- },
- owner => $documentroot_owner, group => $documentroot_group, mode => 0750,
- }
- $php_safe_mode_exec_bins_subst = regsubst($php_options[safe_mode_exec_bins],"(.+)","${name}@\\1")
- apache::vhost::php::safe_mode_bin{ $php_safe_mode_exec_bins_subst:
- ensure => $ensure,
- path => $php_safe_mode_exec_dir
- }
- }else{
- File[$php_safe_mode_exec_dir]{
- ensure => absent,
- }
+ }
+
+ if !('default_charset' in $php_settings) and ($default_charset != 'absent') {
+ $std_php_settings_default_charset = $default_charset ? {
+ 'On' => 'iso-8859-1',
+ default => $default_charset
}
+ } else {
+ $std_php_settings_default_charset = undef
+ }
- if !has_key($php_settings,'default_charset') {
- if $default_charset != 'absent' {
- $std_php_settings[default_charset] = $default_charset ? {
- 'On' => 'iso-8859-1',
- default => $default_charset
- }
+ if ('additional_open_basedir' in $php_options) {
+ $the_open_basedir = "${smarty_path}${pear_path}${documentroot}:${real_path}/data:/var/www/upload_tmp_dir/${name}:/var/www/session.save_path/${name}:${php_options[additional_open_basedir]}"
+ } else {
+ $the_open_basedir = "${smarty_path}${pear_path}${documentroot}:${real_path}/data:/var/www/upload_tmp_dir/${name}:/var/www/session.save_path/${name}"
+ }
+
+ if $run_mode == 'fcgid' {
+ $safe_mode_gid = $::operatingsystem ? {
+ debian => undef,
+ default => $php_installation ? {
+ 'system' => 'On',
+ default => undef,
}
}
+ } else {
+ $safe_mode_gid = undef
+ }
+
+ $safe_mode = $::operatingsystem ? {
+ debian => undef,
+ default => $php_installation ? {
+ 'system' => 'On',
+ default => undef,
+ }
+ }
+ $std_php_settings = {
+ engine => 'On',
+ upload_tmp_dir => "/var/www/upload_tmp_dir/${name}",
+ 'session.save_path' => "/var/www/session.save_path/${name}",
+ error_log => $php_error_log,
+ safe_mode => $safe_mode,
+ safe_mode_gid => $safe_mode_gid,
+ safe_mode_exec_dir => $std_php_settings_safe_mode_exec_dir,
+ default_charset => $std_php_settings_default_charset,
+ open_basedir => $the_open_basedir,
+ }
- $real_php_settings = merge($std_php_settings,$php_settings)
+ $real_php_settings = merge($std_php_settings,$php_settings)
- if $ensure != 'absent' {
- case $run_mode {
- 'proxy-itk','static-itk': {
- include ::php::itk_plus
+ if $ensure != 'absent' {
+ case $run_mode {
+ 'proxy-itk','static-itk': {
+ include ::php::itk_plus
+ }
+ 'itk': { include ::php::itk }
+ 'fcgid': {
+ include ::mod_fcgid
+ include ::php::mod_fcgid
+ include apache::include::mod_fcgid
+
+ mod_fcgid::starter {$name:
+ tmp_dir => $real_php_settings[php_tmp_dir],
+ cgi_type => 'php',
+ cgi_type_options => delete($real_php_settings, php_tmp_dir),
+ owner => $run_uid,
+ group => $run_gid,
+ notify => Service['apache'],
}
- 'itk': { include ::php::itk }
- 'fcgid': {
- include ::mod_fcgid
- include ::php::mod_fcgid
- include apache::include::mod_fcgid
-
- mod_fcgid::starter {$name:
- cgi_type => 'php',
- cgi_type_options => $real_php_settings,
- owner => $run_uid,
- group => $run_gid,
- notify => Service['apache'],
+ if $php_installation == 'scl54' {
+ require php::scl::php54
+ Mod_fcgid::Starter[$name]{
+ binary => '/opt/rh/php54/root/usr/bin/php-cgi',
+ additional_cmds => 'source /opt/rh/php54/enable',
+ rc => '/opt/rh/php54/root/etc',
+ }
+ } elsif $php_installation == 'scl55' {
+ require php::scl::php55
+ Mod_fcgid::Starter[$name]{
+ binary => '/opt/rh/php55/root/usr/bin/php-cgi',
+ additional_cmds => 'source /opt/rh/php55/enable',
+ rc => '/opt/rh/php55/root/etc',
}
}
- default: { include ::php }
}
+ default: { include ::php }
}
+ }
- ::apache::vhost::phpdirs{"${name}":
- ensure => $ensure,
- php_upload_tmp_dir => $real_php_settings[upload_tmp_dir],
- php_session_save_path => $real_php_settings['session.save_path'],
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
- run_mode => $run_mode,
- run_uid => $run_uid,
- }
+ ::apache::vhost::phpdirs{$name:
+ ensure => $ensure,
+ php_upload_tmp_dir => $real_php_settings[upload_tmp_dir],
+ php_session_save_path => $real_php_settings['session.save_path'],
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
+ run_mode => $run_mode,
+ run_uid => $run_uid,
+ }
- # create vhost configuration file
- ::apache::vhost{$name:
- ensure => $ensure,
- path => $path,
- path_is_webdir => $path_is_webdir,
- vhost_mode => $vhost_mode,
- template_partial => $template_partial,
- vhost_source => $vhost_source,
- vhost_destination => $vhost_destination,
- domain => $domain,
- domainalias => $domainalias,
- server_admin => $server_admin,
- logmode => $logmode,
- logpath => $logpath,
- run_mode => $run_mode,
- run_uid => $run_uid,
- run_gid => $run_gid,
- allow_override => $allow_override,
- do_includes => $do_includes,
- options => $options,
- additional_options => $additional_options,
- default_charset => $default_charset,
- php_settings => $real_php_settings,
- php_options => $real_php_options,
- ssl_mode => $ssl_mode,
- htpasswd_file => $htpasswd_file,
- htpasswd_path => $htpasswd_path,
- mod_security => $mod_security,
- mod_security_relevantonly => $mod_security_relevantonly,
- mod_security_rules_to_disable => $mod_security_rules_to_disable,
- mod_security_additional_options => $mod_security_additional_options,
- use_mod_macro => $use_mod_macro,
- passing_extension => 'php',
- }
+ # create vhost configuration file
+ ::apache::vhost{$name:
+ ensure => $ensure,
+ configuration => $configuration,
+ path => $path,
+ path_is_webdir => $path_is_webdir,
+ vhost_mode => $vhost_mode,
+ template_partial => $template_partial,
+ vhost_source => $vhost_source,
+ vhost_destination => $vhost_destination,
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ logmode => $logmode,
+ logpath => $logpath,
+ logprefix => $logprefix,
+ run_mode => $run_mode,
+ run_uid => $run_uid,
+ run_gid => $run_gid,
+ allow_override => $allow_override,
+ do_includes => $do_includes,
+ options => $options,
+ additional_options => $additional_options,
+ default_charset => $default_charset,
+ php_settings => $real_php_settings,
+ php_options => $real_php_options,
+ ssl_mode => $ssl_mode,
+ htpasswd_file => $htpasswd_file,
+ htpasswd_path => $htpasswd_path,
+ mod_security => $mod_security,
+ mod_security_relevantonly => $mod_security_relevantonly,
+ mod_security_rules_to_disable => $mod_security_rules_to_disable,
+ mod_security_additional_options => $mod_security_additional_options,
+ use_mod_macro => $use_mod_macro,
+ passing_extension => 'php',
+ }
}
diff --git a/manifests/vhost/php/typo3.pp b/manifests/vhost/php/typo3.pp
index a9f12d8..d9e877a 100644
--- a/manifests/vhost/php/typo3.pp
+++ b/manifests/vhost/php/typo3.pp
@@ -25,123 +25,126 @@
# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null
# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
define apache::vhost::php::typo3(
- $ensure = present,
- $domain = 'absent',
- $domainalias = 'absent',
- $server_admin = 'absent',
- $logmode = 'default',
- $path = 'absent',
- $owner = root,
- $group = apache,
- $documentroot_owner = apache,
- $documentroot_group = 0,
- $documentroot_mode = 0640,
- $run_mode = 'normal',
- $run_uid = 'absent',
- $run_gid = 'absent',
- $allow_override = 'None',
- $php_settings = {},
- $php_options = {},
- $do_includes = false,
- $options = 'absent',
- $additional_options = 'absent',
- $default_charset = 'absent',
- $mod_security = true,
- $mod_security_relevantonly = true,
- $mod_security_rules_to_disable = [],
- $mod_security_additional_options = 'absent',
- $ssl_mode = false,
- $vhost_mode = 'template',
- $template_partial = 'apache/vhosts/php_typo3/partial.erb',
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent',
- $manage_config = true,
- $config_webwriteable = false,
- $manage_directories = true
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $path = 'absent',
+ $owner = root,
+ $group = apache,
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = '0640',
+ $run_mode = 'normal',
+ $run_uid = 'absent',
+ $run_gid = 'absent',
+ $allow_override = 'None',
+ $php_settings = {},
+ $php_options = {},
+ $do_includes = false,
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $mod_security = true,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent',
+ $ssl_mode = false,
+ $vhost_mode = 'template',
+ $template_partial = 'apache/vhosts/php_typo3/partial.erb',
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent',
+ $manage_config = true,
+ $config_webwriteable = false,
+ $manage_directories = true,
){
- $documentroot = $path ? {
- 'absent' => $::operatingsystem ? {
- openbsd => "/var/www/htdocs/${name}/www",
- default => "/var/www/vhosts/${name}/www"
- },
- default => "${path}/www"
- }
+ $documentroot = $path ? {
+ 'absent' => $::operatingsystem ? {
+ openbsd => "/var/www/htdocs/${name}/www",
+ default => "/var/www/vhosts/${name}/www"
+ },
+ default => "${path}/www"
+ }
- $modsec_rules = ["960010"]
- $real_mod_security_rules_to_disable = array_union($mod_security_rules_to_disable,$modsec_rules)
- if $mod_security_additional_options == 'absent' {
- $real_mod_security_additional_options = '<Location "/typo3">
- SecRuleEngine Off
- SecAuditEngine Off
+ $modsec_rules = ['960010']
+ $real_mod_security_rules_to_disable = union($mod_security_rules_to_disable,$modsec_rules)
+ if $mod_security_additional_options == 'absent' {
+ $real_mod_security_additional_options = '
+ <Location "/typo3">
+ SecRuleEngine Off
+ SecAuditEngine Off
</Location>
'
- } else {
- $real_mod_security_additional_options = $mod_security_additional_options
- }
+ } else {
+ $real_mod_security_additional_options = $mod_security_additional_options
+ }
- $typo3_php_settings = {
- # turn allow_url_fopen on for the extension manager fetch
- allow_url_fopen => 'On'
- }
- $real_php_settings = merge($typo3_php_settings,$php_settings)
+ $typo3_php_settings = {
+ # turn allow_url_fopen on for the extension manager fetch
+ allow_url_fopen => 'On'
+ }
+ $real_php_settings = merge($typo3_php_settings,$php_settings)
- # create vhost configuration file
- ::apache::vhost::php::webapp{$name:
- ensure => $ensure,
- domain => $domain,
- domainalias => $domainalias,
- server_admin => $server_admin,
- logmode => $logmode,
- path => $path,
- owner => $owner,
- group => $group,
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
- run_mode => $run_mode,
- run_uid => $run_uid,
- run_gid => $run_gid,
- allow_override => $allow_override,
- php_settings => $real_php_settings,
- php_options => $php_options,
- do_includes => $do_includes,
- options => $options,
- additional_options => $additional_options,
- default_charset => $default_charset,
- mod_security => $mod_security,
- mod_security_relevantonly => $mod_security_relevantonly,
- mod_security_rules_to_disable => $real_mod_security_rules_to_disable,
- mod_security_additional_options => $real_mod_security_additional_options,
- ssl_mode => $ssl_mode,
- vhost_mode => $vhost_mode,
- template_partial => $template_partial,
- vhost_source => $vhost_source,
- vhost_destination => $vhost_destination,
- htpasswd_file => $htpasswd_file,
- htpasswd_path => $htpasswd_path,
- manage_directories => $manage_directories,
- managed_directories => [ "${documentroot}/typo3temp",
- "${documentroot}/typo3temp/pics",
- "${documentroot}/typo3temp/temp",
- "${documentroot}/typo3temp/llxml",
- "${documentroot}/typo3temp/cs",
- "${documentroot}/typo3temp/GB",
- "${documentroot}/typo3temp/locks",
- "${documentroot}/typo3conf",
- "${documentroot}/typo3conf/ext",
- "${documentroot}/typo3conf/l10n",
- # "${documentroot}/typo3/ext/", # only needed for ext manager installing global extensions
- "${documentroot}/uploads",
- "${documentroot}/uploads/pics",
- "${documentroot}/uploads/media",
- "${documentroot}/uploads/tf",
- "${documentroot}/fileadmin",
- "${documentroot}/fileadmin/_temp_"
- ],
- manage_config => $manage_config,
- }
+ # create vhost configuration file
+ ::apache::vhost::php::webapp{$name:
+ ensure => $ensure,
+ configuration => $configuration,
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ logmode => $logmode,
+ path => $path,
+ owner => $owner,
+ group => $group,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
+ run_mode => $run_mode,
+ run_uid => $run_uid,
+ run_gid => $run_gid,
+ allow_override => $allow_override,
+ php_settings => $real_php_settings,
+ php_options => $php_options,
+ do_includes => $do_includes,
+ options => $options,
+ additional_options => $additional_options,
+ default_charset => $default_charset,
+ mod_security => $mod_security,
+ mod_security_relevantonly => $mod_security_relevantonly,
+ mod_security_rules_to_disable => $real_mod_security_rules_to_disable,
+ mod_security_additional_options => $real_mod_security_additional_options,
+ ssl_mode => $ssl_mode,
+ vhost_mode => $vhost_mode,
+ template_partial => $template_partial,
+ vhost_source => $vhost_source,
+ vhost_destination => $vhost_destination,
+ htpasswd_file => $htpasswd_file,
+ htpasswd_path => $htpasswd_path,
+ manage_directories => $manage_directories,
+ managed_directories => [ "${documentroot}/typo3temp",
+ "${documentroot}/typo3temp/pics",
+ "${documentroot}/typo3temp/temp",
+ "${documentroot}/typo3temp/llxml",
+ "${documentroot}/typo3temp/cs",
+ "${documentroot}/typo3temp/GB",
+ "${documentroot}/typo3temp/locks",
+ "${documentroot}/typo3conf",
+ "${documentroot}/typo3conf/ext",
+ "${documentroot}/typo3conf/l10n",
+ # "${documentroot}/typo3/ext/", # only needed for ext manager installing global extensions
+ "${documentroot}/uploads",
+ "${documentroot}/uploads/pics",
+ "${documentroot}/uploads/media",
+ "${documentroot}/uploads/tf",
+ "${documentroot}/fileadmin",
+ "${documentroot}/fileadmin/_temp_"
+ ],
+ manage_config => $manage_config,
+ }
}
diff --git a/manifests/vhost/php/webapp.pp b/manifests/vhost/php/webapp.pp
index 54905ca..695120d 100644
--- a/manifests/vhost/php/webapp.pp
+++ b/manifests/vhost/php/webapp.pp
@@ -25,124 +25,124 @@
# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null
# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
define apache::vhost::php::webapp(
- $ensure = present,
- $domain = 'absent',
- $domainalias = 'absent',
- $server_admin = 'absent',
- $logmode = 'default',
- $path = 'absent',
- $manage_webdir = true,
- $manage_docroot = true,
- $owner = root,
- $group = apache,
- $documentroot_owner = apache,
- $documentroot_group = 0,
- $documentroot_mode = 0640,
- $run_mode = 'normal',
- $run_uid = 'absent',
- $run_gid = 'absent',
- $allow_override = 'None',
- $php_settings = {},
- $php_options = {},
- $do_includes = false,
- $options = 'absent',
- $additional_options = 'absent',
- $default_charset = 'absent',
- $mod_security = true,
- $mod_security_relevantonly = true,
- $mod_security_rules_to_disable = [],
- $mod_security_additional_options = 'absent',
- $ssl_mode = false,
- $vhost_mode = 'template',
- $template_partial,
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent',
- $manage_config = true,
- $config_file = 'absent',
- $config_webwriteable = false,
- $manage_directories = true,
- $managed_directories = 'absent'
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $path = 'absent',
+ $manage_webdir = true,
+ $manage_docroot = true,
+ $owner = root,
+ $group = apache,
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = '0640',
+ $run_mode = 'normal',
+ $run_uid = 'absent',
+ $run_gid = 'absent',
+ $allow_override = 'None',
+ $php_settings = {},
+ $php_options = {},
+ $php_installation = 'system',
+ $do_includes = false,
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $mod_security = true,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent',
+ $ssl_mode = false,
+ $vhost_mode = 'template',
+ $template_partial,
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent',
+ $manage_config = true,
+ $config_file = 'absent',
+ $config_webwriteable = false,
+ $manage_directories = true,
+ $managed_directories = 'absent',
){
- if ($ensure != 'absent') {
- if $manage_directories and ($managed_directories != 'absent') {
- ::apache::file::rw{ $managed_directories :
- owner => $documentroot_owner,
- group => $documentroot_group,
- }
- }
+ if ($ensure != 'absent') {
+ if $manage_directories and ($managed_directories != 'absent') {
+ ::apache::file::rw{ $managed_directories :
+ owner => $documentroot_owner,
+ group => $documentroot_group,
+ }
+ }
- if $manage_config {
- if $config_file == 'absent' { fail("No config file defined for ${name} on ${::fqdn}, if you'd like to manage the config, you have to add one!") }
+ if $manage_config {
+ if $config_file == 'absent' { fail("No config file defined for ${name} on ${::fqdn}, if you'd like to manage the config, you have to add one!") }
- $real_path = $path ? {
- 'absent' => $::operatingsystem ? {
- openbsd => "/var/www/htdocs/${name}",
- default => "/var/www/vhosts/${name}"
- },
- default => $path
- }
- if $path_is_webdir {
- $documentroot = $real_path
- } else {
- $documentroot = "${real_path}/www"
- }
- ::apache::vhost::file::documentrootfile{"configurationfile_${name}":
- documentroot => $documentroot,
- filename => $config_file,
- thedomain => $name,
- owner => $documentroot_owner,
- group => $documentroot_group,
- }
- if $config_webwriteable {
- Apache::Vhost::File::Documentrootfile["configurationfile_${name}"]{
- mode => 0660,
- }
- } else {
- Apache::Vhost::File::Documentrootfile["configurationfile_${name}"]{
- mode => 0440,
- }
- }
+ $real_path = $path ? {
+ 'absent' => $::operatingsystem ? {
+ openbsd => "/var/www/htdocs/${name}",
+ default => "/var/www/vhosts/${name}"
+ },
+ default => $path
+ }
+ $documentroot = "${real_path}/www"
+ ::apache::vhost::file::documentrootfile{"configurationfile_${name}":
+ documentroot => $documentroot,
+ filename => $config_file,
+ thedomain => $name,
+ owner => $documentroot_owner,
+ group => $documentroot_group,
+ }
+ if $config_webwriteable {
+ Apache::Vhost::File::Documentrootfile["configurationfile_${name}"]{
+ mode => '0660',
}
+ } else {
+ Apache::Vhost::File::Documentrootfile["configurationfile_${name}"]{
+ mode => '0440',
+ }
+ }
}
+ }
- # create vhost configuration file
- ::apache::vhost::php::standard{$name:
- ensure => $ensure,
- domain => $domain,
- domainalias => $domainalias,
- server_admin => $server_admin,
- logmode => $logmode,
- path => $path,
- manage_webdir => $manage_webdir,
- manage_docroot => $manage_docroot,
- owner => $owner,
- group => $group,
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
- run_mode => $run_mode,
- run_uid => $run_uid,
- run_gid => $run_gid,
- allow_override => $allow_override,
- php_settings => $php_settings,
- php_options => $php_options,
- do_includes => $do_includes,
- options => $options,
- additional_options => $additional_options,
- default_charset => $default_charset,
- mod_security => $mod_security,
- mod_security_relevantonly => $mod_security_relevantonly,
- mod_security_rules_to_disable => $mod_security_rules_to_disable,
- mod_security_additional_options => $mod_security_additional_options,
- ssl_mode => $ssl_mode,
- vhost_mode => $vhost_mode,
- template_partial => $template_partial,
- vhost_source => $vhost_source,
- vhost_destination => $vhost_destination,
- htpasswd_file => $htpasswd_file,
- htpasswd_path => $htpasswd_path,
- }
+ # create vhost configuration file
+ ::apache::vhost::php::standard{$name:
+ ensure => $ensure,
+ configuration => $configuration,
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ logmode => $logmode,
+ path => $path,
+ manage_webdir => $manage_webdir,
+ manage_docroot => $manage_docroot,
+ owner => $owner,
+ group => $group,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
+ run_mode => $run_mode,
+ run_uid => $run_uid,
+ run_gid => $run_gid,
+ allow_override => $allow_override,
+ php_settings => $php_settings,
+ php_options => $php_options,
+ php_installation => $php_installation,
+ do_includes => $do_includes,
+ options => $options,
+ additional_options => $additional_options,
+ default_charset => $default_charset,
+ mod_security => $mod_security,
+ mod_security_relevantonly => $mod_security_relevantonly,
+ mod_security_rules_to_disable => $mod_security_rules_to_disable,
+ mod_security_additional_options => $mod_security_additional_options,
+ ssl_mode => $ssl_mode,
+ vhost_mode => $vhost_mode,
+ template_partial => $template_partial,
+ vhost_source => $vhost_source,
+ vhost_destination => $vhost_destination,
+ htpasswd_file => $htpasswd_file,
+ htpasswd_path => $htpasswd_path,
+ }
}
diff --git a/manifests/vhost/php/wordpress.pp b/manifests/vhost/php/wordpress.pp
index 7a41ad7..a6bbe43 100644
--- a/manifests/vhost/php/wordpress.pp
+++ b/manifests/vhost/php/wordpress.pp
@@ -1,21 +1,25 @@
-# run_mode: controls in which mode the vhost should be run, there are different setups
-# possible:
-# - normal: (*default*) run vhost with the current active worker (default: prefork) don't
-# setup anything special
-# - itk: run vhost with the mpm_itk module (Incompatibility: cannot be used in combination
-# with 'proxy-itk' & 'static-itk' mode)
-# - proxy-itk: run vhost with a dual prefork/itk setup, where prefork just proxies all the
-# requests for the itk setup, that listens only on the loobpack device.
-# (Incompatibility: cannot be used in combination with the itk setup.)
-# - static-itk: run vhost with a dual prefork/itk setup, where prefork serves all the static
-# content and proxies the dynamic calls to the itk setup, that listens only on
-# the loobpack device (Incompatibility: cannot be used in combination with
+# run_mode: controls in which mode the vhost should be run, there are different
+# setups # possible:
+# - normal: (*default*) run vhost with the current active worker
+# (default: prefork) don't setup anything special
+# - itk: run vhost with the mpm_itk module (Incompatibility: cannot be used in
+# combination with 'proxy-itk' & 'static-itk' mode)
+# - proxy-itk: run vhost with a dual prefork/itk setup, where prefork just
+# proxies all the requests for the itk setup, that listens only
+# on the loobpack device.
+# (Incompatibility: cannot be used in combination with the itk
+# setup.)
+# - static-itk: run vhost with a dual prefork/itk setup, where prefork serves
+# all the static content and proxies the dynamic calls to the
+# itk setup, that listens only on the loobpack device
+# (Incompatibility: cannot be used in combination with
# 'itk' mode)
#
# run_uid: the uid the vhost should run as with the itk module
# run_gid: the gid the vhost should run as with the itk module
#
-# mod_security: Whether we use mod_security or not (will include mod_security module)
+# mod_security: Whether we use mod_security or not (will include mod_security
+# module)
# - false: don't activate mod_security
# - true: (*default*) activate mod_security
#
@@ -25,92 +29,95 @@
# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null
# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
define apache::vhost::php::wordpress(
- $ensure = present,
- $domain = 'absent',
- $domainalias = 'absent',
- $server_admin = 'absent',
- $logmode = 'default',
- $path = 'absent',
- $owner = root,
- $group = apache,
- $documentroot_owner = apache,
- $documentroot_group = 0,
- $documentroot_mode = 0640,
- $run_mode = 'normal',
- $run_uid = 'absent',
- $run_gid = 'absent',
- $allow_override = 'FileInfo',
- $php_settings = {},
- $php_options = {},
- $do_includes = false,
- $options = 'absent',
- $additional_options = 'absent',
- $default_charset = 'absent',
- $mod_security = true,
- $mod_security_relevantonly = true,
- $mod_security_rules_to_disable = [],
- $mod_security_additional_options = 'absent',
- $ssl_mode = false,
- $vhost_mode = 'template',
- $template_partial = 'apache/vhosts/php_wordpress/partial.erb',
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent',
- $manage_config = true,
- $config_webwriteable = false,
- $manage_directories = true
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $path = 'absent',
+ $owner = root,
+ $group = apache,
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = '0640',
+ $run_mode = 'normal',
+ $run_uid = 'absent',
+ $run_gid = 'absent',
+ $allow_override = 'FileInfo Indexes',
+ $php_settings = {},
+ $php_options = {},
+ $do_includes = false,
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $mod_security = true,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent',
+ $ssl_mode = false,
+ $vhost_mode = 'template',
+ $template_partial = 'apache/vhosts/php_wordpress/partial.erb',
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent',
+ $manage_config = true,
+ $config_webwriteable = false,
+ $manage_directories = true
){
- $documentroot = $path ? {
- 'absent' => $::operatingsystem ? {
- openbsd => "/var/www/htdocs/${name}/www",
- default => "/var/www/vhosts/${name}/www"
- },
- default => "${path}/www"
- }
- $modsec_rules = ["960010", "950018"]
- $real_mod_security_rules_to_disable = array_union($mod_security_rules_to_disable,$modsec_rules)
+ $documentroot = $path ? {
+ 'absent' => $::operatingsystem ? {
+ 'openbsd' => "/var/www/htdocs/${name}/www",
+ default => "/var/www/vhosts/${name}/www"
+ },
+ default => "${path}/www"
+ }
+ $modsec_rules = ['960010', '950018']
+ $real_mod_security_rules_to_disable = union($mod_security_rules_to_disable,
+ $modsec_rules)
- # create vhost configuration file
- apache::vhost::php::webapp{$name:
- ensure => $ensure,
- domain => $domain,
- domainalias => $domainalias,
- server_admin => $server_admin,
- logmode => $logmode,
- path => $path,
- owner => $owner,
- group => $group,
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
- run_mode => $run_mode,
- run_uid => $run_uid,
- run_gid => $run_gid,
- allow_override => $allow_override,
- php_settings => $php_settings,
- php_options => $php_options,
- do_includes => $do_includes,
- options => $options,
- additional_options => $additional_options,
- default_charset => $default_charset,
- mod_security => $mod_security,
- mod_security_relevantonly => $mod_security_relevantonly,
- mod_security_rules_to_disable => $real_mod_security_rules_to_disable,
- mod_security_additional_options => $mod_security_additional_options,
- ssl_mode => $ssl_mode,
- vhost_mode => $vhost_mode,
- template_partial => $template_partial,
- vhost_source => $vhost_source,
- vhost_destination => $vhost_destination,
- htpasswd_file => $htpasswd_file,
- htpasswd_path => $htpasswd_path,
- manage_directories => $manage_directories,
- managed_directories => "${documentroot}/wp-content",
- manage_config => $manage_config,
- config_webwriteable => $config_webwriteable,
- config_file => 'wp-config.php',
- }
+ # create vhost configuration file
+ apache::vhost::php::webapp{$name:
+ ensure => $ensure,
+ configuration => $configuration,
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ logmode => $logmode,
+ path => $path,
+ owner => $owner,
+ group => $group,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
+ run_mode => $run_mode,
+ run_uid => $run_uid,
+ run_gid => $run_gid,
+ allow_override => $allow_override,
+ php_settings => $php_settings,
+ php_options => $php_options,
+ do_includes => $do_includes,
+ options => $options,
+ additional_options => $additional_options,
+ default_charset => $default_charset,
+ mod_security => $mod_security,
+ mod_security_relevantonly => $mod_security_relevantonly,
+ mod_security_rules_to_disable => $real_mod_security_rules_to_disable,
+ mod_security_additional_options => $mod_security_additional_options,
+ ssl_mode => $ssl_mode,
+ vhost_mode => $vhost_mode,
+ template_partial => $template_partial,
+ vhost_source => $vhost_source,
+ vhost_destination => $vhost_destination,
+ htpasswd_file => $htpasswd_file,
+ htpasswd_path => $htpasswd_path,
+ manage_directories => $manage_directories,
+ managed_directories => [ "${documentroot}/wp-content/uploads",],
+ manage_config => $manage_config,
+ config_webwriteable => $config_webwriteable,
+ config_file => 'wp-config.php',
+ }
}
diff --git a/manifests/vhost/proxy.pp b/manifests/vhost/proxy.pp
index 1c3b500..95ae205 100644
--- a/manifests/vhost/proxy.pp
+++ b/manifests/vhost/proxy.pp
@@ -21,6 +21,7 @@
#
define apache::vhost::proxy(
$ensure = present,
+ $configuration = {},
$domain = 'absent',
$domainalias = 'absent',
$htpasswd_file = 'absent',
@@ -38,6 +39,7 @@ define apache::vhost::proxy(
# we use the options field as the target_url
::apache::vhost::template{$name:
ensure => $ensure,
+ configuration => $configuration,
template_partial => 'apache/vhosts/proxy/partial.erb',
domain => $domain,
path => 'really_absent',
diff --git a/manifests/vhost/redirect.pp b/manifests/vhost/redirect.pp
index a106c59..0ac40cc 100644
--- a/manifests/vhost/redirect.pp
+++ b/manifests/vhost/redirect.pp
@@ -21,6 +21,7 @@
#
define apache::vhost::redirect(
$ensure = present,
+ $configuration = {},
$domain = 'absent',
$domainalias = 'absent',
$target_url,
@@ -32,6 +33,7 @@ define apache::vhost::redirect(
# we use the options field as the target_url
::apache::vhost::template{$name:
ensure => $ensure,
+ configuration => $configuration,
template_partial => 'apache/vhosts/redirect/partial.erb',
domain => $domain,
path => 'really_absent',
diff --git a/manifests/vhost/static.pp b/manifests/vhost/static.pp
index f1dbcc2..f919766 100644
--- a/manifests/vhost/static.pp
+++ b/manifests/vhost/static.pp
@@ -13,70 +13,73 @@
# - true: activate mod_security
#
define apache::vhost::static(
- $ensure = present,
- $domain = 'absent',
- $domainalias = 'absent',
- $server_admin = 'absent',
- $logmode = 'default',
- $path = 'absent',
- $owner = root,
- $group = apache,
- $documentroot_owner = apache,
- $documentroot_group = 0,
- $documentroot_mode = 0640,
- $allow_override = 'None',
- $do_includes = false,
- $options = 'absent',
- $additional_options = 'absent',
- $default_charset = 'absent',
- $ssl_mode = false,
- $run_mode = 'normal',
- $vhost_mode = 'template',
- $template_partial = 'apache/vhosts/static/partial.erb',
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent',
- $mod_security = false,
- $mod_security_relevantonly = true,
- $mod_security_rules_to_disable = [],
- $mod_security_additional_options = 'absent'
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $logmode = 'default',
+ $path = 'absent',
+ $owner = root,
+ $group = apache,
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = 0640,
+ $allow_override = 'None',
+ $do_includes = false,
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $ssl_mode = false,
+ $run_mode = 'normal',
+ $vhost_mode = 'template',
+ $template_partial = 'apache/vhosts/static/partial.erb',
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent',
+ $mod_security = false,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent'
){
# create webdir
::apache::vhost::webdir{$name:
- ensure => $ensure,
- path => $path,
- owner => $owner,
- group => $group,
- run_mode => $run_mode,
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
+ ensure => $ensure,
+ path => $path,
+ owner => $owner,
+ group => $group,
+ run_mode => $run_mode,
+ datadir => false,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
}
# create vhost configuration file
::apache::vhost{$name:
- ensure => $ensure,
- path => $path,
- template_partial => $template_partial,
- vhost_mode => $vhost_mode,
- vhost_source => $vhost_source,
- vhost_destination => $vhost_destination,
- domain => $domain,
- domainalias => $domainalias,
- server_admin => $server_admin,
- logmode => $logmode,
- allow_override => $allow_override,
- do_includes => $do_includes,
- options => $options,
- additional_options => $additional_options,
- default_charset => $default_charset,
- ssl_mode => $ssl_mode,
- htpasswd_file => $htpasswd_file,
- htpasswd_path => $htpasswd_path,
- mod_security => $mod_security,
- mod_security_relevantonly => $mod_security_relevantonly,
- mod_security_rules_to_disable => $mod_security_rules_to_disable,
+ ensure => $ensure,
+ configuration => $configuration,
+ path => $path,
+ template_partial => $template_partial,
+ vhost_mode => $vhost_mode,
+ vhost_source => $vhost_source,
+ vhost_destination => $vhost_destination,
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ logmode => $logmode,
+ allow_override => $allow_override,
+ do_includes => $do_includes,
+ options => $options,
+ additional_options => $additional_options,
+ default_charset => $default_charset,
+ ssl_mode => $ssl_mode,
+ htpasswd_file => $htpasswd_file,
+ htpasswd_path => $htpasswd_path,
+ mod_security => $mod_security,
+ mod_security_relevantonly => $mod_security_relevantonly,
+ mod_security_rules_to_disable => $mod_security_rules_to_disable,
mod_security_additional_options => $mod_security_additional_options,
}
}
diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp
index 55d41d9..8e9b798 100644
--- a/manifests/vhost/template.pp
+++ b/manifests/vhost/template.pp
@@ -42,6 +42,7 @@
#
define apache::vhost::template(
$ensure = present,
+ $configuration = {},
$path = 'absent',
$path_is_webdir = false,
$logpath = 'absent',
@@ -133,6 +134,7 @@ define apache::vhost::template(
}
apache::vhost::file{$name:
+ configuration => $configuration,
ensure => $ensure,
do_includes => $do_includes,
run_mode => $run_mode,
diff --git a/manifests/vhost/webdav.pp b/manifests/vhost/webdav.pp
index 003a308..ff9e8ab 100644
--- a/manifests/vhost/webdav.pp
+++ b/manifests/vhost/webdav.pp
@@ -24,100 +24,103 @@
# - semianonym: Don't log ips for CustomLog, log normal ErrorLog
#
define apache::vhost::webdav(
- $ensure = present,
- $domain = 'absent',
- $domainalias = 'absent',
- $server_admin = 'absent',
- $path = 'absent',
- $owner = root,
- $group = apache,
- $manage_webdir = true,
- $path_is_webdir = false,
- $logmode = 'default',
- $logpath = 'absent',
- $documentroot_owner = apache,
- $documentroot_group = 0,
- $documentroot_mode = 0640,
- $run_mode = 'normal',
- $run_uid = 'absent',
- $run_gid = 'absent',
- $options = 'absent',
- $additional_options = 'absent',
- $default_charset = 'absent',
- $mod_security = false,
- $mod_security_relevantonly = true,
- $mod_security_rules_to_disable = [],
- $mod_security_additional_options = 'absent',
- $ssl_mode = false,
- $vhost_mode = 'template',
- $vhost_source = 'absent',
- $vhost_destination = 'absent',
- $htpasswd_file = 'absent',
- $htpasswd_path = 'absent',
- $ldap_auth = false,
- $ldap_user = 'any',
- $dav_db_dir = 'absent'
+ $ensure = present,
+ $configuration = {},
+ $domain = 'absent',
+ $domainalias = 'absent',
+ $server_admin = 'absent',
+ $path = 'absent',
+ $owner = root,
+ $group = apache,
+ $manage_webdir = true,
+ $path_is_webdir = false,
+ $logmode = 'default',
+ $logpath = 'absent',
+ $documentroot_owner = apache,
+ $documentroot_group = 0,
+ $documentroot_mode = 0640,
+ $run_mode = 'normal',
+ $run_uid = 'absent',
+ $run_gid = 'absent',
+ $options = 'absent',
+ $additional_options = 'absent',
+ $default_charset = 'absent',
+ $mod_security = false,
+ $mod_security_relevantonly = true,
+ $mod_security_rules_to_disable = [],
+ $mod_security_additional_options = 'absent',
+ $ssl_mode = false,
+ $vhost_mode = 'template',
+ $vhost_source = 'absent',
+ $vhost_destination = 'absent',
+ $htpasswd_file = 'absent',
+ $htpasswd_path = 'absent',
+ $ldap_auth = false,
+ $ldap_user = 'any',
+ $dav_db_dir = 'absent'
){
- ::apache::vhost::davdbdir{$name:
- ensure => $ensure,
- dav_db_dir => $dav_db_dir,
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
- run_mode => $run_mode,
- run_uid => $run_uid,
- }
+ ::apache::vhost::davdbdir{$name:
+ ensure => $ensure,
+ dav_db_dir => $dav_db_dir,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
+ run_mode => $run_mode,
+ run_uid => $run_uid,
+ }
- if $manage_webdir {
- # create webdir
- ::apache::vhost::webdir{$name:
- ensure => $ensure,
- path => $path,
- owner => $owner,
- group => $group,
- run_mode => $run_mode,
- documentroot_owner => $documentroot_owner,
- documentroot_group => $documentroot_group,
- documentroot_mode => $documentroot_mode,
- }
+ if $manage_webdir {
+ # create webdir
+ ::apache::vhost::webdir{$name:
+ ensure => $ensure,
+ path => $path,
+ owner => $owner,
+ group => $group,
+ run_mode => $run_mode,
+ datadir => false,
+ documentroot_owner => $documentroot_owner,
+ documentroot_group => $documentroot_group,
+ documentroot_mode => $documentroot_mode,
}
+ }
- if $run_mode == 'static-itk' {
- notice("static-itk mode is not possible for webdav vhosts, rewriting it to proxy-itk")
- $real_run_mode = 'proxy-itk'
- } else {
- $real_run_mode = $run_mode
- }
+ if $run_mode == 'static-itk' {
+ notice('static-itk mode is not possible for webdav vhosts, rewriting it to proxy-itk')
+ $real_run_mode = 'proxy-itk'
+ } else {
+ $real_run_mode = $run_mode
+ }
- # create vhost configuration file
- ::apache::vhost{$name:
- ensure => $ensure,
- path => $path,
- path_is_webdir => $path_is_webdir,
- logpath => $logpath,
- logmode => $logmode,
- template_partial => 'apache/vhosts/webdav/partial.erb',
- vhost_mode => $vhost_mode,
- vhost_source => $vhost_source,
- vhost_destination => $vhost_destination,
- domain => $domain,
- domainalias => $domainalias,
- server_admin => $server_admin,
- run_mode => $real_run_mode,
- run_uid => $run_uid,
- run_gid => $run_gid,
- options => $options,
- additional_options => $additional_options,
- default_charset => $default_charset,
- ssl_mode => $ssl_mode,
- htpasswd_file => $htpasswd_file,
- htpasswd_path => $htpasswd_path,
- ldap_auth => $ldap_auth,
- ldap_user => $ldap_user,
- mod_security => $mod_security,
- mod_security_relevantonly => $mod_security_relevantonly,
- mod_security_rules_to_disable => $mod_security_rules_to_disable,
- mod_security_additional_options => $mod_security_additional_options,
- }
+ # create vhost configuration file
+ ::apache::vhost{$name:
+ ensure => $ensure,
+ configuration => $configuration,
+ path => $path,
+ path_is_webdir => $path_is_webdir,
+ logpath => $logpath,
+ logmode => $logmode,
+ template_partial => 'apache/vhosts/webdav/partial.erb',
+ vhost_mode => $vhost_mode,
+ vhost_source => $vhost_source,
+ vhost_destination => $vhost_destination,
+ domain => $domain,
+ domainalias => $domainalias,
+ server_admin => $server_admin,
+ run_mode => $real_run_mode,
+ run_uid => $run_uid,
+ run_gid => $run_gid,
+ options => $options,
+ additional_options => $additional_options,
+ default_charset => $default_charset,
+ ssl_mode => $ssl_mode,
+ htpasswd_file => $htpasswd_file,
+ htpasswd_path => $htpasswd_path,
+ ldap_auth => $ldap_auth,
+ ldap_user => $ldap_user,
+ mod_security => $mod_security,
+ mod_security_relevantonly => $mod_security_relevantonly,
+ mod_security_rules_to_disable => $mod_security_rules_to_disable,
+ mod_security_additional_options => $mod_security_additional_options,
+ }
}
diff --git a/manifests/vhost/webdir.pp b/manifests/vhost/webdir.pp
index c9729f0..e0e2546 100644
--- a/manifests/vhost/webdir.pp
+++ b/manifests/vhost/webdir.pp
@@ -1,15 +1,16 @@
# create webdir
define apache::vhost::webdir(
- $ensure = present,
- $path = 'absent',
- $owner = root,
- $group = apache,
- $mode = 0640,
- $run_mode = 'normal',
- $manage_docroot = true,
- $documentroot_owner = root,
- $documentroot_group = apache,
- $documentroot_mode = 0640,
+ $ensure = present,
+ $path = 'absent',
+ $owner = root,
+ $group = apache,
+ $mode = 0640,
+ $run_mode = 'normal',
+ $manage_docroot = true,
+ $datadir = true,
+ $documentroot_owner = root,
+ $documentroot_group = apache,
+ $documentroot_mode = 0640,
$documentroot_recurse = false
){
$real_path = $path ? {
@@ -68,6 +69,11 @@ define apache::vhost::webdir(
}
case $ensure {
absent: {
+ exec{"cleanup_webdir_${real_path}":
+ command => "rm -rf ${real_path}",
+ onlyif => "test -d ${real_path}",
+ before => File[$real_path],
+ }
file{$real_path:
ensure => absent,
purge => true,
@@ -105,6 +111,14 @@ define apache::vhost::webdir(
mode => $documentroot_mode;
}
}
+ if $datadir {
+ file{"${real_path}/data":
+ ensure => directory,
+ owner => $real_documentroot_owner,
+ group => $real_documentroot_group,
+ mode => '0640';
+ }
+ }
case $::operatingsystem {
centos: { include apache::logrotate::centos::vhosts }
default: { #nothing
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 16:34:21 +0000