From 7bbb0feacac0565457f5f56f65468429803454fb Mon Sep 17 00:00:00 2001 From: mh Date: Wed, 11 Aug 2010 14:06:53 +0200 Subject: introduce logmode feature We are now able to select how apache should log accesses. These modes are: * default: as you would use it * semianonym: no ips are logged for CustomLog, ErrorLog still logs ips * anonym: no ips are logged for CustomLog, ErrorLog is sent to /dev/null * nologs: all logs are sent to /dev/null --- manifests/vhost/template.pp | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index bba3437..7c1f9be 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -20,11 +20,17 @@ # php_default_charset: default charset header for php. # *default*: absent, which will set the same as default_charset # of apache +# logmode: +# - default: Do normal logging to CustomLog and ErrorLog +# - nologs: Send every logging to /dev/null +# - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null +# - semianonym: Don't log ips for CustomLog, log normal ErrorLog define apache::vhost::template( $ensure = present, $path = 'absent', $path_is_webdir = false, $logpath = 'absent', + $logmode = 'default', $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -79,6 +85,9 @@ define apache::vhost::template( 'absent' => "$real_path/logs", default => $logpath } + case $logmode { + 'semianonym','anonym': { include apache::noiplog } + } $servername = $domain ? { 'absent' => $name, -- cgit v1.2.3 From 747054969e709681072426ff2c9ef3446ba7ceb8 Mon Sep 17 00:00:00 2001 From: mh Date: Wed, 11 Aug 2010 14:38:40 +0200 Subject: only include noip logging if we actually need it --- manifests/vhost/template.pp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index 7c1f9be..c1c9935 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -85,8 +85,10 @@ define apache::vhost::template( 'absent' => "$real_path/logs", default => $logpath } - case $logmode { - 'semianonym','anonym': { include apache::noiplog } + if $ensure != 'absent' { + case $logmode { + 'semianonym','anonym': { include apache::noiplog } + } } $servername = $domain ? { -- cgit v1.2.3 From d275f9db71ffd55aeef9e96b9f923d1169dcaba9 Mon Sep 17 00:00:00 2001 From: mh Date: Wed, 11 Aug 2010 14:42:44 +0200 Subject: only manage source or content if file should be present --- manifests/vhost/template.pp | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index c1c9935..d7e9e07 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -85,11 +85,6 @@ define apache::vhost::template( 'absent' => "$real_path/logs", default => $logpath } - if $ensure != 'absent' { - case $logmode { - 'semianonym','anonym': { include apache::noiplog } - } - } $servername = $domain ? { 'absent' => $name, @@ -148,11 +143,18 @@ define apache::vhost::template( apache::vhost::file{$name: ensure => $ensure, - content => template("apache/vhosts/$template_mode/$operatingsystem.erb"), do_includes => $do_includes, htpasswd_file => $htpasswd_file, htpasswd_path => $htpasswd_path, use_mod_macro => $use_mod_macro, } + if $ensure != 'absent' { + case $logmode { + 'semianonym','anonym': { include apache::noiplog } + } + Apache::Vhost::File[$name]{ + content => template("apache/vhosts/$template_mode/$operatingsystem.erb") + } + } } -- cgit v1.2.3 From 1bdb39c6dd8ccaf76d8a4aa2e9486069afd2d476 Mon Sep 17 00:00:00 2001 From: mh Date: Mon, 16 Aug 2010 19:01:24 +0200 Subject: impelement itk plus mode itk plus mode is an additional mode to deploy itk based hostings which should be a bit more performant. The idea is that we have two apache-instances running: A) prefork based, listening on the external interface B) itk based, listening on the loopback interface A) will serve all static webpages, as well as possibly serve all static content of dynamic websites. All requests to dynamic content will be redirected to B). The idea is that A) doesn't load any modules to server dynamic content at all. B) will serve all the dynamic scripts of a vhost. This will mean that for vhosts (static ones) as well as static content (all none dynamic scripts) we can benefit from the fast prefork model, while we can use itk's security model for all the dynamic scripts. There are two new additional run_modes: - proxy-itk: this just passes all requests to apache instance B). This one is similar to plain itk based mode and should be used for vhosts that shouldn't (yet) changed to the mixed mode. - static-itk: this passes only requests to dynamic scripts to B) while all static content is served by A). Beware that the user with which A) is running should be member of the run group of B) and all static files need to readable by the group. This reduces the security model you have with plain itk, as the prefork apache user will be able to read php (config-) files of any vhost that runs in static-itk mode. If you want to keep the level of security for a certain vhost, you need to run the specific vhost in proxy-itk mode. Note 1: you cannot run vhosts in itk mode and others in proxy or static itk mode. There is a duplicate file resource definition that blocks that possibility. Note 2: This mode works currently only on CentOS based systems, as no work have been done so far to implement an init.d script that's able to run 2 apache instances. --- manifests/vhost/template.pp | 37 +++++++++++++++++++++++++++++-------- 1 file changed, 29 insertions(+), 8 deletions(-) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index d7e9e07..36aa0cd 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -25,6 +25,28 @@ # - nologs: Send every logging to /dev/null # - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null # - semianonym: Don't log ips for CustomLog, log normal ErrorLog +# +# run_mode: controls in which mode the vhost should be run, there are different setups +# possible: +# - normal: (*default*) run vhost with the current active worker (default: prefork) don't +# setup anything special +# - itk: run vhost with the mpm_itk module (Incompatibility: cannot be used in combination +# with 'proxy-itk' & 'static-itk' mode) +# - proxy-itk: run vhost with a dual prefork/itk setup, where prefork just proxies all the +# requests for the itk setup, that listens only on the loobpack device. +# (Incompatibility: cannot be used in combination with the itk setup.) +# - static-itk: run vhost with a dual prefork/itk setup, where prefork serves all the static +# content and proxies the dynamic calls to the itk setup, that listens only on +# the loobpack device (Incompatibility: cannot be used in combination with +# 'itk' mode) +# +# run_uid: the uid the vhost should run as with the itk module +# run_gid: the gid the vhost should run as with the itk module +# +# mod_security: Whether we use mod_security or not (will include mod_security module) +# - false: don't activate mod_security +# - true: (*default*) activate mod_security +# define apache::vhost::template( $ensure = present, $path = 'absent', @@ -61,13 +83,6 @@ define apache::vhost::template( $ldap_auth = false, $ldap_user = 'any' ){ - if $mod_security { - case $run_mode { - 'itk': { include mod_security::itk } - default: { include mod_security } - } - } - $real_path = $path ? { 'absent' => $operatingsystem ? { openbsd => "/var/www/htdocs/$name", @@ -101,7 +116,11 @@ define apache::vhost::template( $real_htpasswd_path = $htpasswd_path } case $run_mode { - 'itk': { + 'proxy-itk': { $logfileprefix = 'proxy' } + 'static-itk': { $logfileprefix = 'static' } + } + case $run_mode { + 'itk','proxy-itk','static-itk': { case $run_uid { 'absent': { fail("you have to define run_uid for $name on $fqdn") } } @@ -144,6 +163,8 @@ define apache::vhost::template( apache::vhost::file{$name: ensure => $ensure, do_includes => $do_includes, + run_mode => $run_mode, + mod_security => $mod_security, htpasswd_file => $htpasswd_file, htpasswd_path => $htpasswd_path, use_mod_macro => $use_mod_macro, -- cgit v1.2.3 From b3a17cff5315fbbda901a6f1d406c3500cf65a3a Mon Sep 17 00:00:00 2001 From: mh Date: Mon, 16 Aug 2010 21:51:22 +0200 Subject: fix various missing things for itk_plus mode --- manifests/vhost/template.pp | 2 ++ 1 file changed, 2 insertions(+) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index 36aa0cd..b4c2562 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -14,6 +14,7 @@ # - true: enable ssl for this vhost # - force: enable ssl and redirect non-ssl to ssl # - only: enable ssl only +# # php_safe_mode_exec_bins: An array of local binaries which should be linked in the # safe_mode_exec_bin for this hosting # *default*: None @@ -164,6 +165,7 @@ define apache::vhost::template( ensure => $ensure, do_includes => $do_includes, run_mode => $run_mode, + ssl_mode => $ssl_mode, mod_security => $mod_security, htpasswd_file => $htpasswd_file, htpasswd_path => $htpasswd_path, -- cgit v1.2.3 From e1f6d460e00761f93b3e22f4bed6f58d723adac0 Mon Sep 17 00:00:00 2001 From: mh Date: Mon, 16 Aug 2010 22:01:35 +0200 Subject: improve vhosts stuff - move various inclusion to the file define, as this is the last define for all in the chain - only include if our vhost is not set to absent --- manifests/vhost/template.pp | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index b4c2562..b0c08f9 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -166,15 +166,13 @@ define apache::vhost::template( do_includes => $do_includes, run_mode => $run_mode, ssl_mode => $ssl_mode, + logmode => $logmode, mod_security => $mod_security, htpasswd_file => $htpasswd_file, htpasswd_path => $htpasswd_path, use_mod_macro => $use_mod_macro, } if $ensure != 'absent' { - case $logmode { - 'semianonym','anonym': { include apache::noiplog } - } Apache::Vhost::File[$name]{ content => template("apache/vhosts/$template_mode/$operatingsystem.erb") } -- cgit v1.2.3 From f14fd057987b5489228a40444c3a101768c5b6bb Mon Sep 17 00:00:00 2001 From: mh Date: Tue, 22 Feb 2011 22:59:40 +0100 Subject: first way to a unified partial based vhost template --- manifests/vhost/template.pp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index b0c08f9..303de0e 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -75,6 +75,7 @@ define apache::vhost::template( $run_uid = 'absent', $run_gid = 'absent', $template_mode = 'static', + $template_partial = 'absent', $ssl_mode = false, $mod_security = true, $mod_security_relevantonly = true, @@ -174,7 +175,10 @@ define apache::vhost::template( } if $ensure != 'absent' { Apache::Vhost::File[$name]{ - content => template("apache/vhosts/$template_mode/$operatingsystem.erb") + content => $template_partial ? { + 'absent' => template("apache/vhosts/$template_mode/$operatingsystem.erb"), + default => template("apache/vhosts/default.erb"), + } } } } -- cgit v1.2.3 From cbbffa1d3de5a19a72dd7bb88fb1bcb14e5384e1 Mon Sep 17 00:00:00 2001 From: mh Date: Tue, 17 May 2011 22:52:47 +0200 Subject: improve mod_security rules * handled now by a partial * possibility to add rules that should be removed * possibility to add custom mod_sec options" * use new infrastructure for existing mod_sec tweaks --- manifests/vhost/template.pp | 2 ++ 1 file changed, 2 insertions(+) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index 303de0e..3fe78c9 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -79,6 +79,8 @@ define apache::vhost::template( $ssl_mode = false, $mod_security = true, $mod_security_relevantonly = true, + $mod_security_rules_to_disable = [], + $mod_security_additional_options = 'absent', $use_mod_macro = false, $htpasswd_file = 'absent', $htpasswd_path = 'absent', -- cgit v1.2.3 From 34df80bc271f7ed17de879e82b54f31a98926e08 Mon Sep 17 00:00:00 2001 From: mh Date: Sat, 28 May 2011 11:32:39 +0200 Subject: first work on php_settings via hash --- manifests/vhost/template.pp | 1 + 1 file changed, 1 insertion(+) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index 3fe78c9..ce74bfd 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -71,6 +71,7 @@ define apache::vhost::template( $php_use_pear = false, $php_safe_mode = true, $php_default_charset = 'absent', + $php_settings = {}, $run_mode = 'normal', $run_uid = 'absent', $run_gid = 'absent', -- cgit v1.2.3 From 2fa748dcc92e34b13bd4b6f7e452ef89b29490c4 Mon Sep 17 00:00:00 2001 From: mh Date: Sat, 8 Oct 2011 19:22:40 +0200 Subject: introduce a new template style, less duplicated things, more handy options --- manifests/vhost/template.pp | 58 +++++++++------------------------------------ 1 file changed, 11 insertions(+), 47 deletions(-) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index ce74bfd..21fdb65 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -1,8 +1,6 @@ -# template_mode: -# - php: for a default php application -# - static: for a static application (default) -# - perl: for a mod_perl application -# - php_joomla: for a joomla application +# template_partial: +# which template should be used to generate the type specific part +# of the vhost entry. # # domainalias: # - absent: no domainalias is set (*default*) @@ -15,12 +13,6 @@ # - force: enable ssl and redirect non-ssl to ssl # - only: enable ssl only # -# php_safe_mode_exec_bins: An array of local binaries which should be linked in the -# safe_mode_exec_bin for this hosting -# *default*: None -# php_default_charset: default charset header for php. -# *default*: absent, which will set the same as default_charset -# of apache # logmode: # - default: Do normal logging to CustomLog and ErrorLog # - nologs: Send every logging to /dev/null @@ -58,25 +50,18 @@ define apache::vhost::template( $domainalias = 'absent', $server_admin = 'absent', $allow_override = 'None', - $php_safe_mode_exec_bin_dir = 'absent', - $php_upload_tmp_dir = 'absent', - $php_session_save_path = 'absent', $dav_db_dir = 'absent', $cgi_binpath = 'absent', $do_includes = false, $options = 'absent', $additional_options = 'absent', $default_charset = 'absent', - $php_use_smarty = false, - $php_use_pear = false, - $php_safe_mode = true, - $php_default_charset = 'absent', + $php_options = {}, $php_settings = {}, $run_mode = 'normal', $run_uid = 'absent', $run_gid = 'absent', - $template_mode = 'static', - $template_partial = 'absent', + $template_partial = 'apache/vhosts/static/partial.erb', $ssl_mode = false, $mod_security = true, $mod_security_relevantonly = true, @@ -121,8 +106,8 @@ define apache::vhost::template( $real_htpasswd_path = $htpasswd_path } case $run_mode { - 'proxy-itk': { $logfileprefix = 'proxy' } - 'static-itk': { $logfileprefix = 'static' } + 'proxy-itk': { $logfileprefix = 'proxy' } + 'static-itk': { $logfileprefix = 'static' } } case $run_mode { 'itk','proxy-itk','static-itk': { @@ -135,28 +120,6 @@ define apache::vhost::template( } } - # set default dirs for templates - # php php_safe_mode_exec_bin directory - case $php_safe_mode_exec_bin_dir { - 'absent': { - $real_php_safe_mode_exec_bin_dir = "/var/www/vhosts/$name/bin" - } - default: { $real_php_safe_mode_exec_bin_dir = $php_safe_mode_exec_bin_dir } - } - # php upload_tmp_dir - case $php_upload_tmp_dir { - 'absent': { - $real_php_upload_tmp_dir = "/var/www/upload_tmp_dir/$name" - } - default: { $real_php_upload_tmp_dir = $php_upload_tmp_dir } - } - # php session_save_path - case $php_session_save_path { - 'absent': { - $real_php_session_save_path = "/var/www/session.save_path/$name" - } - default: { $real_php_session_save_path = $php_session_save_path } - } # dav db dir case $dav_db_dir { 'absent': { @@ -178,9 +141,10 @@ define apache::vhost::template( } if $ensure != 'absent' { Apache::Vhost::File[$name]{ - content => $template_partial ? { - 'absent' => template("apache/vhosts/$template_mode/$operatingsystem.erb"), - default => template("apache/vhosts/default.erb"), + content => $run_mode ? { + 'proxy-itk' => template("apache/vhosts/itk_plus.erb"), + 'static-itk' => template("apache/vhosts/itk_plus.erb"), + default => template("apache/vhosts/default.erb"), } } } -- cgit v1.2.3 From d2b1d040b9225b8ae077e3babd9a2f4d5b9dd4e8 Mon Sep 17 00:00:00 2001 From: mh Date: Sun, 9 Oct 2011 01:00:53 +0200 Subject: do the same for fcgid --- manifests/vhost/template.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index 21fdb65..11926a6 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -110,7 +110,7 @@ define apache::vhost::template( 'static-itk': { $logfileprefix = 'static' } } case $run_mode { - 'itk','proxy-itk','static-itk': { + 'fcgid','itk','proxy-itk','static-itk': { case $run_uid { 'absent': { fail("you have to define run_uid for $name on $fqdn") } } -- cgit v1.2.3 From 076909377eaa3aa41936e3acb7e02a9b5b14d493 Mon Sep 17 00:00:00 2001 From: mh Date: Thu, 31 May 2012 11:38:45 +0200 Subject: fix various puppet language things --- manifests/vhost/template.pp | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index 11926a6..c19faba 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -74,20 +74,20 @@ define apache::vhost::template( $ldap_user = 'any' ){ $real_path = $path ? { - 'absent' => $operatingsystem ? { - openbsd => "/var/www/htdocs/$name", - default => "/var/www/vhosts/$name" + 'absent' => $::operatingsystem ? { + openbsd => "/var/www/htdocs/${name}", + default => "/var/www/vhosts/${name}" }, default => $path } if $path_is_webdir { - $documentroot = "$real_path" + $documentroot = $real_path } else { - $documentroot = "$real_path/www" + $documentroot = "${real_path}/www" } $logdir = $logpath ? { - 'absent' => "$real_path/logs", + 'absent' => "${real_path}/logs", default => $logpath } @@ -101,7 +101,7 @@ define apache::vhost::template( default => $domainalias } if $htpasswd_path == 'absent' { - $real_htpasswd_path = "/var/www/htpasswds/$name" + $real_htpasswd_path = "/var/www/htpasswds/${name}" } else { $real_htpasswd_path = $htpasswd_path } @@ -112,10 +112,10 @@ define apache::vhost::template( case $run_mode { 'fcgid','itk','proxy-itk','static-itk': { case $run_uid { - 'absent': { fail("you have to define run_uid for $name on $fqdn") } + 'absent': { fail("you have to define run_uid for ${name} on ${::fqdn}") } } case $run_gid { - 'absent': { fail("you have to define run_gid for $name on $fqdn") } + 'absent': { fail("you have to define run_gid for ${name} on ${::fqdn}") } } } } @@ -123,7 +123,7 @@ define apache::vhost::template( # dav db dir case $dav_db_dir { 'absent': { - $real_dav_db_dir = "/var/www/dav_db_dir/$name" + $real_dav_db_dir = "/var/www/dav_db_dir/${name}" } default: { $real_dav_db_dir = $dav_db_dir } } -- cgit v1.2.3 From 9cbf2fafee3f4623b75d1a6b70458ab097e64924 Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 8 Jun 2012 12:09:39 -0300 Subject: fix dynamic scope variables, function access --- manifests/vhost/template.pp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index c19faba..4c9ab3f 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -71,7 +71,9 @@ define apache::vhost::template( $htpasswd_file = 'absent', $htpasswd_path = 'absent', $ldap_auth = false, - $ldap_user = 'any' + $ldap_user = 'any', + $passing_extension = 'absent', + $gempath = 'absent' ){ $real_path = $path ? { 'absent' => $::operatingsystem ? { -- cgit v1.2.3 From 966956844377b8aa28dba04a7460678b3d73730b Mon Sep 17 00:00:00 2001 From: mh Date: Sun, 10 Mar 2013 16:46:51 +0100 Subject: introduce logprefix --- manifests/vhost/template.pp | 1 + 1 file changed, 1 insertion(+) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index 4c9ab3f..6187368 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -46,6 +46,7 @@ define apache::vhost::template( $path_is_webdir = false, $logpath = 'absent', $logmode = 'default', + $logprefix = '', $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', -- cgit v1.2.3 From 9d4f2b45468f48b4be097d74078d16f0bfcbdc1d Mon Sep 17 00:00:00 2001 From: mh Date: Sun, 10 Mar 2013 22:38:02 +0100 Subject: linting --- manifests/vhost/template.pp | 104 ++++++++++++++++++++++---------------------- 1 file changed, 52 insertions(+), 52 deletions(-) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index 6187368..9ee650d 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -41,47 +41,47 @@ # - true: (*default*) activate mod_security # define apache::vhost::template( - $ensure = present, - $path = 'absent', - $path_is_webdir = false, - $logpath = 'absent', - $logmode = 'default', - $logprefix = '', - $domain = 'absent', - $domainalias = 'absent', - $server_admin = 'absent', - $allow_override = 'None', - $dav_db_dir = 'absent', - $cgi_binpath = 'absent', - $do_includes = false, - $options = 'absent', - $additional_options = 'absent', - $default_charset = 'absent', - $php_options = {}, - $php_settings = {}, - $run_mode = 'normal', - $run_uid = 'absent', - $run_gid = 'absent', - $template_partial = 'apache/vhosts/static/partial.erb', - $ssl_mode = false, - $mod_security = true, - $mod_security_relevantonly = true, - $mod_security_rules_to_disable = [], - $mod_security_additional_options = 'absent', - $use_mod_macro = false, - $htpasswd_file = 'absent', - $htpasswd_path = 'absent', - $ldap_auth = false, - $ldap_user = 'any', - $passing_extension = 'absent', - $gempath = 'absent' + $ensure = present, + $path = 'absent', + $path_is_webdir = false, + $logpath = 'absent', + $logmode = 'default', + $logprefix = '', + $domain = 'absent', + $domainalias = 'absent', + $server_admin = 'absent', + $allow_override = 'None', + $dav_db_dir = 'absent', + $cgi_binpath = 'absent', + $do_includes = false, + $options = 'absent', + $additional_options = 'absent', + $default_charset = 'absent', + $php_options = {}, + $php_settings = {}, + $run_mode = 'normal', + $run_uid = 'absent', + $run_gid = 'absent', + $template_partial = 'apache/vhosts/static/partial.erb', + $ssl_mode = false, + $mod_security = true, + $mod_security_relevantonly = true, + $mod_security_rules_to_disable = [], + $mod_security_additional_options = 'absent', + $use_mod_macro = false, + $htpasswd_file = 'absent', + $htpasswd_path = 'absent', + $ldap_auth = false, + $ldap_user = 'any', + $passing_extension = 'absent', + $gempath = 'absent' ){ $real_path = $path ? { - 'absent' => $::operatingsystem ? { + 'absent' => $::operatingsystem ? { openbsd => "/var/www/htdocs/${name}", default => "/var/www/vhosts/${name}" }, - default => $path + default => $path } if $path_is_webdir { @@ -90,18 +90,18 @@ define apache::vhost::template( $documentroot = "${real_path}/www" } $logdir = $logpath ? { - 'absent' => "${real_path}/logs", - default => $logpath + 'absent' => "${real_path}/logs", + default => $logpath } $servername = $domain ? { - 'absent' => $name, - default => $domain + 'absent' => $name, + default => $domain } $serveralias = $domainalias ? { - 'absent' => '', - 'www' => "www.${servername}", - default => $domainalias + 'absent' => '', + 'www' => "www.${servername}", + default => $domainalias } if $htpasswd_path == 'absent' { $real_htpasswd_path = "/var/www/htpasswds/${name}" @@ -132,12 +132,12 @@ define apache::vhost::template( } apache::vhost::file{$name: - ensure => $ensure, - do_includes => $do_includes, - run_mode => $run_mode, - ssl_mode => $ssl_mode, - logmode => $logmode, - mod_security => $mod_security, + ensure => $ensure, + do_includes => $do_includes, + run_mode => $run_mode, + ssl_mode => $ssl_mode, + logmode => $logmode, + mod_security => $mod_security, htpasswd_file => $htpasswd_file, htpasswd_path => $htpasswd_path, use_mod_macro => $use_mod_macro, @@ -145,9 +145,9 @@ define apache::vhost::template( if $ensure != 'absent' { Apache::Vhost::File[$name]{ content => $run_mode ? { - 'proxy-itk' => template("apache/vhosts/itk_plus.erb"), - 'static-itk' => template("apache/vhosts/itk_plus.erb"), - default => template("apache/vhosts/default.erb"), + 'proxy-itk' => template('apache/vhosts/itk_plus.erb'), + 'static-itk' => template('apache/vhosts/itk_plus.erb'), + default => template('apache/vhosts/default.erb'), } } } -- cgit v1.2.3 From 5ec141dfbf218dd9b2f2611d788db98f74e65073 Mon Sep 17 00:00:00 2001 From: mh Date: Wed, 27 Mar 2013 20:25:29 +0100 Subject: provide an easy way to workaround scope issues in templates in puppet 3 --- manifests/vhost/template.pp | 1 + 1 file changed, 1 insertion(+) (limited to 'manifests/vhost/template.pp') diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index 9ee650d..55d41d9 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -63,6 +63,7 @@ define apache::vhost::template( $run_uid = 'absent', $run_gid = 'absent', $template_partial = 'apache/vhosts/static/partial.erb', + $template_vars = {}, $ssl_mode = false, $mod_security = true, $mod_security_relevantonly = true, -- cgit v1.2.3