From 49064cc0ad4f89dd7aaa2690436c30a26a0385f9 Mon Sep 17 00:00:00 2001 From: o Date: Fri, 14 Nov 2014 11:47:35 +0100 Subject: sni: make ssl_cert configurable per vhost to support sni we configure ssl_certs on a vhost basis. additionally this commit introduces a generic configuration hash which will be used to replace most other parameters in the future. --- manifests/init.pp | 14 +++++++++----- manifests/ssl/base.pp | 13 ++++++++++--- manifests/vhost.pp | 3 +++ manifests/vhost/file.pp | 1 + manifests/vhost/gitweb.pp | 2 ++ manifests/vhost/modperl.pp | 2 ++ manifests/vhost/passenger.pp | 2 ++ manifests/vhost/php/drupal.pp | 2 ++ manifests/vhost/php/gallery2.pp | 2 ++ manifests/vhost/php/joomla.pp | 2 ++ manifests/vhost/php/mediawiki.pp | 2 ++ manifests/vhost/php/silverstripe.pp | 2 ++ manifests/vhost/php/simplemachine.pp | 2 ++ manifests/vhost/php/spip.pp | 2 ++ manifests/vhost/php/standard.pp | 2 ++ manifests/vhost/php/typo3.pp | 2 ++ manifests/vhost/php/webapp.pp | 2 ++ manifests/vhost/php/wordpress.pp | 2 ++ manifests/vhost/proxy.pp | 2 ++ manifests/vhost/redirect.pp | 2 ++ manifests/vhost/static.pp | 2 ++ manifests/vhost/template.pp | 2 ++ manifests/vhost/webdav.pp | 2 ++ 23 files changed, 61 insertions(+), 8 deletions(-) (limited to 'manifests') diff --git a/manifests/init.pp b/manifests/init.pp index a974c9c..badac8f 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -14,11 +14,15 @@ # manage a simple apache class apache( - $cluster_node = '', - $manage_shorewall = false, - $manage_munin = false, - $no_default_site = false, - $ssl = false + $cluster_node = '', + $manage_shorewall = false, + $manage_munin = false, + $no_default_site = false, + $ssl = false, + $default_ssl_certificate_file = absent, + $default_ssl_certificate_key_file = absent, + $default_ssl_certificate_chain_file = absent, + $ssl_cipher_suite = "${certs::ssl_config::ciphers}" ) { case $::operatingsystem { centos: { include apache::centos } diff --git a/manifests/ssl/base.pp b/manifests/ssl/base.pp index 65bd5f7..3f32913 100644 --- a/manifests/ssl/base.pp +++ b/manifests/ssl/base.pp @@ -1,8 +1,15 @@ # basic defaults for ssl support -class apache::ssl::base { - ::apache::config::include{ 'ssl_defaults.inc': } +class apache::ssl::base ( +) { + apache::config::include { + 'ssl_defaults.inc': + content => template('apache/include.d/ssl_defaults.inc.erb'); + } if !$apache::no_default_site { - ::apache::vhost::file{ '0-default_ssl': } + apache::vhost::file{ + '0-default_ssl': + content => template('apache/vhosts/0-default_ssl.conf.erb'); + } } } diff --git a/manifests/vhost.pp b/manifests/vhost.pp index 0b3e4f3..da1ce90 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -30,6 +30,7 @@ # define apache::vhost( $ensure = present, + $configuration = {}, $path = 'absent', $path_is_webdir = false, $logpath = 'absent', @@ -72,6 +73,7 @@ define apache::vhost( 'file': { apache::vhost::file{$name: ensure => $ensure, + configuration => $configuration, vhost_source => $vhost_source, vhost_destination => $vhost_destination, do_includes => $do_includes, @@ -85,6 +87,7 @@ define apache::vhost( 'template': { apache::vhost::template{$name: ensure => $ensure, + configuration => $configuration, path => $path, path_is_webdir => $path_is_webdir, logpath => $logpath, diff --git a/manifests/vhost/file.pp b/manifests/vhost/file.pp index 087d478..686cb1a 100644 --- a/manifests/vhost/file.pp +++ b/manifests/vhost/file.pp @@ -40,6 +40,7 @@ # define apache::vhost::file( $ensure = present, + $configuration = {}, $vhost_source = 'absent', $vhost_destination = 'absent', $content = 'absent', diff --git a/manifests/vhost/gitweb.pp b/manifests/vhost/gitweb.pp index dab4983..6dd8643 100644 --- a/manifests/vhost/gitweb.pp +++ b/manifests/vhost/gitweb.pp @@ -6,6 +6,7 @@ # define apache::vhost::gitweb( $ensure = present, + $configuration = {}, $domain = 'absent', $logmode = 'default', $domainalias = 'absent', @@ -28,6 +29,7 @@ define apache::vhost::gitweb( # create vhost configuration file ::apache::vhost{$name: ensure => $ensure, + configuration => $configuration, path => '/var/www/git', path_is_webdir => true, logpath => $::operatingsystem ? { diff --git a/manifests/vhost/modperl.pp b/manifests/vhost/modperl.pp index c93e6cf..31e46b6 100644 --- a/manifests/vhost/modperl.pp +++ b/manifests/vhost/modperl.pp @@ -27,6 +27,7 @@ # define apache::vhost::modperl( $ensure = present, + $configuration = configuration, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -120,6 +121,7 @@ define apache::vhost::modperl( # create vhost configuration file ::apache::vhost{$name: ensure => $ensure, + configuration => $configuration, path => $path, logmode => $logmode, vhost_mode => $vhost_mode, diff --git a/manifests/vhost/passenger.pp b/manifests/vhost/passenger.pp index 6886f13..4621890 100644 --- a/manifests/vhost/passenger.pp +++ b/manifests/vhost/passenger.pp @@ -14,6 +14,7 @@ # define apache::vhost::passenger( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -105,6 +106,7 @@ define apache::vhost::passenger( # create vhost configuration file ::apache::vhost{$name: ensure => $ensure, + configuration => $configuration, path => "${real_path}/www/public", path_is_webdir => true, template_partial => $template_partial, diff --git a/manifests/vhost/php/drupal.pp b/manifests/vhost/php/drupal.pp index 4a41a20..5b15e6a 100644 --- a/manifests/vhost/php/drupal.pp +++ b/manifests/vhost/php/drupal.pp @@ -33,6 +33,7 @@ # define apache::vhost::php::drupal( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -104,6 +105,7 @@ define apache::vhost::php::drupal( # create vhost configuration file ::apache::vhost::php::webapp{$name: ensure => $ensure, + configuration => $configuration, domain => $domain, domainalias => $domainalias, server_admin => $server_admin, diff --git a/manifests/vhost/php/gallery2.pp b/manifests/vhost/php/gallery2.pp index 78d5256..3acb011 100644 --- a/manifests/vhost/php/gallery2.pp +++ b/manifests/vhost/php/gallery2.pp @@ -32,6 +32,7 @@ # - semianonym: Don't log ips for CustomLog, log normal ErrorLog define apache::vhost::php::gallery2( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -100,6 +101,7 @@ define apache::vhost::php::gallery2( # create vhost configuration file ::apache::vhost::php::webapp{$name: ensure => $ensure, + configuration => $configuration, domain => $domain, domainalias => $domainalias, server_admin => $server_admin, diff --git a/manifests/vhost/php/joomla.pp b/manifests/vhost/php/joomla.pp index 38d41e7..eea39b5 100644 --- a/manifests/vhost/php/joomla.pp +++ b/manifests/vhost/php/joomla.pp @@ -26,6 +26,7 @@ # - semianonym: Don't log ips for CustomLog, log normal ErrorLog define apache::vhost::php::joomla( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -107,6 +108,7 @@ define apache::vhost::php::joomla( ::apache::vhost::php::webapp{ $name: ensure => $ensure, + configuration => $configuration, domain => $domain, domainalias => $domainalias, server_admin => $server_admin, diff --git a/manifests/vhost/php/mediawiki.pp b/manifests/vhost/php/mediawiki.pp index 3068c79..25881ca 100644 --- a/manifests/vhost/php/mediawiki.pp +++ b/manifests/vhost/php/mediawiki.pp @@ -26,6 +26,7 @@ # - semianonym: Don't log ips for CustomLog, log normal ErrorLog define apache::vhost::php::mediawiki( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -66,6 +67,7 @@ define apache::vhost::php::mediawiki( # create vhost configuration file ::apache::vhost::php::webapp{$name: ensure => $ensure, + configuration => $configuration, domain => $domain, domainalias => $domainalias, server_admin => $server_admin, diff --git a/manifests/vhost/php/silverstripe.pp b/manifests/vhost/php/silverstripe.pp index 81b0d7f..1f19eab 100644 --- a/manifests/vhost/php/silverstripe.pp +++ b/manifests/vhost/php/silverstripe.pp @@ -26,6 +26,7 @@ # - semianonym: Don't log ips for CustomLog, log normal ErrorLog define apache::vhost::php::silverstripe( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -77,6 +78,7 @@ define apache::vhost::php::silverstripe( # create vhost configuration file ::apache::vhost::php::webapp{$name: ensure => $ensure, + configuration => $configuration, domain => $domain, domainalias => $domainalias, server_admin => $server_admin, diff --git a/manifests/vhost/php/simplemachine.pp b/manifests/vhost/php/simplemachine.pp index 48386b6..3fa11a7 100644 --- a/manifests/vhost/php/simplemachine.pp +++ b/manifests/vhost/php/simplemachine.pp @@ -26,6 +26,7 @@ # - semianonym: Don't log ips for CustomLog, log normal ErrorLog define apache::vhost::php::simplemachine( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -72,6 +73,7 @@ define apache::vhost::php::simplemachine( # create vhost configuration file ::apache::vhost::php::webapp{$name: ensure => $ensure, + configuration => $configuration, domain => $domain, domainalias => $domainalias, server_admin => $server_admin, diff --git a/manifests/vhost/php/spip.pp b/manifests/vhost/php/spip.pp index 74be5d4..e33c1df 100644 --- a/manifests/vhost/php/spip.pp +++ b/manifests/vhost/php/spip.pp @@ -26,6 +26,7 @@ # - semianonym: Don't log ips for CustomLog, log normal ErrorLog define apache::vhost::php::spip( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -69,6 +70,7 @@ define apache::vhost::php::spip( # create vhost configuration file ::apache::vhost::php::webapp{$name: ensure => $ensure, + configuration => $configuration, domain => $domain, domainalias => $domainalias, server_admin => $server_admin, diff --git a/manifests/vhost/php/standard.pp b/manifests/vhost/php/standard.pp index 86373a4..3870707 100644 --- a/manifests/vhost/php/standard.pp +++ b/manifests/vhost/php/standard.pp @@ -26,6 +26,7 @@ # - semianonym: Don't log ips for CustomLog, log normal ErrorLog define apache::vhost::php::standard( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -266,6 +267,7 @@ define apache::vhost::php::standard( # create vhost configuration file ::apache::vhost{$name: ensure => $ensure, + configuration => $configuration, path => $path, path_is_webdir => $path_is_webdir, vhost_mode => $vhost_mode, diff --git a/manifests/vhost/php/typo3.pp b/manifests/vhost/php/typo3.pp index a963c70..d9e877a 100644 --- a/manifests/vhost/php/typo3.pp +++ b/manifests/vhost/php/typo3.pp @@ -26,6 +26,7 @@ # - semianonym: Don't log ips for CustomLog, log normal ErrorLog define apache::vhost::php::typo3( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -91,6 +92,7 @@ define apache::vhost::php::typo3( # create vhost configuration file ::apache::vhost::php::webapp{$name: ensure => $ensure, + configuration => $configuration, domain => $domain, domainalias => $domainalias, server_admin => $server_admin, diff --git a/manifests/vhost/php/webapp.pp b/manifests/vhost/php/webapp.pp index 1569260..225b45b 100644 --- a/manifests/vhost/php/webapp.pp +++ b/manifests/vhost/php/webapp.pp @@ -26,6 +26,7 @@ # - semianonym: Don't log ips for CustomLog, log normal ErrorLog define apache::vhost::php::webapp( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -106,6 +107,7 @@ define apache::vhost::php::webapp( # create vhost configuration file ::apache::vhost::php::standard{$name: ensure => $ensure, + configuration => $configuration, domain => $domain, domainalias => $domainalias, server_admin => $server_admin, diff --git a/manifests/vhost/php/wordpress.pp b/manifests/vhost/php/wordpress.pp index 00e1898..be77eba 100644 --- a/manifests/vhost/php/wordpress.pp +++ b/manifests/vhost/php/wordpress.pp @@ -26,6 +26,7 @@ # - semianonym: Don't log ips for CustomLog, log normal ErrorLog define apache::vhost::php::wordpress( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -75,6 +76,7 @@ define apache::vhost::php::wordpress( # create vhost configuration file apache::vhost::php::webapp{$name: ensure => $ensure, + configuration => $configuration, domain => $domain, domainalias => $domainalias, server_admin => $server_admin, diff --git a/manifests/vhost/proxy.pp b/manifests/vhost/proxy.pp index 1c3b500..95ae205 100644 --- a/manifests/vhost/proxy.pp +++ b/manifests/vhost/proxy.pp @@ -21,6 +21,7 @@ # define apache::vhost::proxy( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $htpasswd_file = 'absent', @@ -38,6 +39,7 @@ define apache::vhost::proxy( # we use the options field as the target_url ::apache::vhost::template{$name: ensure => $ensure, + configuration => $configuration, template_partial => 'apache/vhosts/proxy/partial.erb', domain => $domain, path => 'really_absent', diff --git a/manifests/vhost/redirect.pp b/manifests/vhost/redirect.pp index a106c59..0ac40cc 100644 --- a/manifests/vhost/redirect.pp +++ b/manifests/vhost/redirect.pp @@ -21,6 +21,7 @@ # define apache::vhost::redirect( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $target_url, @@ -32,6 +33,7 @@ define apache::vhost::redirect( # we use the options field as the target_url ::apache::vhost::template{$name: ensure => $ensure, + configuration => $configuration, template_partial => 'apache/vhosts/redirect/partial.erb', domain => $domain, path => 'really_absent', diff --git a/manifests/vhost/static.pp b/manifests/vhost/static.pp index 21b062e..f919766 100644 --- a/manifests/vhost/static.pp +++ b/manifests/vhost/static.pp @@ -14,6 +14,7 @@ # define apache::vhost::static( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -58,6 +59,7 @@ define apache::vhost::static( # create vhost configuration file ::apache::vhost{$name: ensure => $ensure, + configuration => $configuration, path => $path, template_partial => $template_partial, vhost_mode => $vhost_mode, diff --git a/manifests/vhost/template.pp b/manifests/vhost/template.pp index 55d41d9..8e9b798 100644 --- a/manifests/vhost/template.pp +++ b/manifests/vhost/template.pp @@ -42,6 +42,7 @@ # define apache::vhost::template( $ensure = present, + $configuration = {}, $path = 'absent', $path_is_webdir = false, $logpath = 'absent', @@ -133,6 +134,7 @@ define apache::vhost::template( } apache::vhost::file{$name: + configuration => $configuration, ensure => $ensure, do_includes => $do_includes, run_mode => $run_mode, diff --git a/manifests/vhost/webdav.pp b/manifests/vhost/webdav.pp index e1b6c3f..ff9e8ab 100644 --- a/manifests/vhost/webdav.pp +++ b/manifests/vhost/webdav.pp @@ -25,6 +25,7 @@ # define apache::vhost::webdav( $ensure = present, + $configuration = {}, $domain = 'absent', $domainalias = 'absent', $server_admin = 'absent', @@ -93,6 +94,7 @@ define apache::vhost::webdav( # create vhost configuration file ::apache::vhost{$name: ensure => $ensure, + configuration => $configuration, path => $path, path_is_webdir => $path_is_webdir, logpath => $logpath, -- cgit v1.2.3