puppetlabs-apache-0.10.0/000755 000765 000024 00000000000 12250205751 015627 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/CHANGELOG.md000644 000765 000024 00000016366 12250205751 017454 0ustar00hunnerstaff000000 000000 ## 2013-12-05 Release 0.10.0 ### Summary: This release adds FreeBSD osfamily support and various other improvements to some mods. ### Features: - Add suPHP_UserGroup directive to directory context - Add support for ScriptAliasMatch directives - Set SSLOptions StdEnvVars in server context - No implicit entry for ScriptAlias path - Add support for overriding ErrorDocument - Add support for AliasMatch directives - Disable default "allow from all" in vhost-directories - Add WSGIPythonPath as an optional parameter to mod_wsgi. - Add mod_rpaf support - Add directives: IndexOptions, IndexOrderDefault - Add ability to include additional external configurations in vhost - need to use the provider variable not the provider key value from the directory hash for matches - Support for FreeBSD and few other features - Add new params to apache::mod::mime class - Allow apache::mod to specify module id and path - added $server_root parameter - Add Allow and ExtendedStatus support to mod_status - Expand vhost/_directories.pp directive support - Add initial support for nss module (no directives in vhost template yet) - added peruser and event mpms - added $service_name parameter - add parameter for TraceEnable - Make LogLevel configurable for server and vhost - Add documentation about $ip - Add ability to pass ip (instead of wildcard) in default vhost files ### Bugfixes: - Don't listen on port or set NameVirtualHost for non-existent vhost - only apply Directory defaults when provider is a directory - Working mod_authnz_ldap support on Debian/Ubuntu ## 2013-09-06 Release 0.9.0 ### Summary: This release adds more parameters to the base apache class and apache defined resource to make the module more flexible. It also adds or enhances SuPHP, WSGI, and Passenger mod support, and support for the ITK mpm module. ### Backwards-incompatible Changes: - Remove many default mods that are not normally needed. - Remove `rewrite_base` `apache::vhost` parameter; did not work anyway. - Specify dependencies on stdlib >=2.4.0 (this was already the case, but making explicit) - Deprecate `a2mod` in favor of the `apache::mod::*` classes and `apache::mod` defined resource. ### Features: - `apache` class - Add `httpd_dir` parameter to change the location of the configuration files. - Add `logroot` parameter to change the logroot - Add `ports_file` parameter to changes the `ports.conf` file location - Add `keepalive` parameter to enable persistent connections - Add `keepalive_timeout` parameter to change the timeout - Update `default_mods` to be able to take an array of mods to enable. - `apache::vhost` - Add `wsgi_daemon_process`, `wsgi_daemon_process_options`, `wsgi_process_group`, and `wsgi_script_aliases` parameters for per-vhost WSGI configuration. - Add `access_log_syslog` parameter to enable syslogging. - Add `error_log_syslog` parameter to enable syslogging of errors. - Add `directories` hash parameter. Please see README for documentation. - Add `sslproxyengine` parameter to enable SSLProxyEngine - Add `suphp_addhandler`, `suphp_engine`, and `suphp_configpath` for configuring SuPHP. - Add `custom_fragment` parameter to allow for arbitrary apache configuration injection. (Feature pull requests are prefered over using this, but it is available in a pinch.) - Add `apache::mod::suphp` class for configuring SuPHP. - Add `apache::mod::itk` class for configuring ITK mpm module. - Update `apache::mod::wsgi` class for global WSGI configuration with `wsgi_socket_prefix` and `wsgi_python_home` parameters. - Add README.passenger.md to document the `apache::mod::passenger` usage. Added `passenger_high_performance`, `passenger_pool_idle_time`, `passenger_max_requests`, `passenger_stat_throttle_rate`, `rack_autodetect`, and `rails_autodetect` parameters. - Separate the httpd service resource into a new `apache::service` class for dependency chaining of `Class['apache'] -> ~> Class['apache::service']` - Added `apache::mod::proxy_balancer` class for `apache::balancer` ### Bugfixes: - Change dependency to puppetlabs-concat - Fix ruby 1.9 bug for `a2mod` - Change servername to be `$::hostname` if there is no `$::fqdn` - Make `/etc/ssl/certs` the default ssl certs directory for RedHat non-5. - Make `php` the default php package for RedHat non-5. - Made `aliases` able to take a single alias hash instead of requiring an array. ## 2013-07-26 Release 0.8.1 ### Bugfixes: - Update `apache::mpm_module` detection for worker/prefork - Update `apache::mod::cgi` and `apache::mod::cgid` detection for worker/prefork ## 2013-07-16 Release 0.8.0 ### Features: - Add `servername` parameter to `apache` class - Add `proxy_set` parameter to `apache::balancer` define ### Bugfixes: - Fix ordering for multiple `apache::balancer` clusters - Fix symlinking for sites-available on Debian-based OSs - Fix dependency ordering for recursive confdir management - Fix `apache::mod::*` to notify the service on config change - Documentation updates ## 2013-07-09 Release 0.7.0 ### Changes: - Essentially rewrite the module -- too many to list - `apache::vhost` has many abilities -- see README.md for details - `apache::mod::*` classes provide httpd mod-loading capabilities - `apache` base class is much more configurable ### Bugfixes: - Many. And many more to come ## 2013-03-2 Release 0.6.0 - update travis tests (add more supported versions) - add access log_parameter - make purging of vhost dir configurable ## 2012-08-24 Release 0.4.0 ### Changes: - `include apache` is now required when using `apache::mod::*` ### Bugfixes: - Fix syntax for validate_re - Fix formatting in vhost template - Fix spec tests such that they pass 2012-05-08 Puppet Labs - 0.0.4 e62e362 Fix broken tests for ssl, vhost, vhost::* 42c6363 Changes to match style guide and pass puppet-lint without error 42bc8ba changed name => path for file resources in order to name namevar by it's name 72e13de One end too much 0739641 style guide fixes: 'true' <> true, $operatingsystem needs to be $::operatingsystem, etc. 273f94d fix tests a35ede5 (#13860) Make a2enmod/a2dismo commands optional 98d774e (#13860) Autorequire Package['httpd'] 05fcec5 (#13073) Add missing puppet spec tests 541afda (#6899) Remove virtual a2mod definition 976cb69 (#13072) Move mod python and wsgi package names to params 323915a (#13060) Add .gitignore to repo fdf40af (#13060) Remove pkg directory from source tree fd90015 Add LICENSE file and update the ModuleFile d3d0d23 Re-enable local php class d7516c7 Make management of firewalls configurable for vhosts 60f83ba Explicitly lookup scope of apache_name in templates. f4d287f (#12581) Add explicit ordering for vdir directory 88a2ac6 (#11706) puppetlabs-apache depends on puppetlabs-firewall a776a8b (#11071) Fix to work with latest firewall module 2b79e8b (#11070) Add support for Scientific Linux 405b3e9 Fix for a2mod 57b9048 Commit apache::vhost::redirect Manifest 8862d01 Commit apache::vhost::proxy Manifest d5c1fd0 Commit apache::mod::wsgi Manifest a825ac7 Commit apache::mod::python Manifest b77062f Commit Templates 9a51b4a Vhost File Declarations 6cf7312 Defaults for Parameters 6a5b11a Ensure installed f672e46 a2mod fix 8a56ee9 add pthon support to apache puppetlabs-apache-0.10.0/CONTRIBUTING.md000644 000765 000024 00000020415 12250205751 020062 0ustar00hunnerstaff000000 000000 Checklist (and a short version for the impatient) ================================================= * Commits: - Make commits of logical units. - Check for unnecessary whitespace with "git diff --check" before committing. - Commit using Unix line endings (check the settings around "crlf" in git-config(1)). - Do not check in commented out code or unneeded files. - The first line of the commit message should be a short description (50 characters is the soft limit, excluding ticket number(s)), and should skip the full stop. - Associate the issue in the message. The first line should include the issue number in the form "(#XXXX) Rest of message". - The body should provide a meaningful commit message, which: - uses the imperative, present tense: "change", not "changed" or "changes". - includes motivation for the change, and contrasts its implementation with the previous behavior. - Make sure that you have tests for the bug you are fixing, or feature you are adding. - Make sure the test suites passe after your commit: `rake spec spec:system` More information on [testing](#Testing) below - When introducing a new feature, make sure it is properly documented in the README.md * Submission: * Pre-requisites: - Sign the [Contributor License Agreement](https://cla.puppetlabs.com/) - Make sure you have a [GitHub account](https://github.com/join) - [Create a ticket](http://projects.puppetlabs.com/projects/modules/issues/new), or [watch the ticket](http://projects.puppetlabs.com/projects/modules/issues) you are patching for. * Preferred method: - Fork the repository on GitHub. - Push your changes to a topic branch in your fork of the repository. (the format ticket/1234-short_description_of_change is usually preferred for this project). - Submit a pull request to the repository in the puppetlabs organization. The long version ================ 1. Make separate commits for logically separate changes. Please break your commits down into logically consistent units which include new or changed tests relevent to the rest of the change. The goal of doing this is to make the diff easier to read for whoever is reviewing your code. In general, the easier your diff is to read, the more likely someone will be happy to review it and get it into the code base. If you are going to refactor a piece of code, please do so as a separate commit from your feature or bug fix changes. We also really appreciate changes that include tests to make sure the bug is not re-introduced, and that the feature is not accidentally broken. Describe the technical detail of the change(s). If your description starts to get too long, that is a good sign that you probably need to split up your commit into more finely grained pieces. Commits which plainly describe the things which help reviewers check the patch and future developers understand the code are much more likely to be merged in with a minimum of bike-shedding or requested changes. Ideally, the commit message would include information, and be in a form suitable for inclusion in the release notes for the version of Puppet that includes them. Please also check that you are not introducing any trailing whitespaces or other "whitespace errors". You can do this by running "git diff --check" on your changes before you commit. 2. Sign the Contributor License Agreement Before we can accept your changes, we do need a signed Puppet Labs Contributor License Agreement (CLA). You can access the CLA via the [Contributor License Agreement link](https://cla.puppetlabs.com/) If you have any questions about the CLA, please feel free to contact Puppet Labs via email at cla-submissions@puppetlabs.com. 3. Sending your patches To submit your changes via a GitHub pull request, we _highly_ recommend that you have them on a topic branch, instead of directly on "master". It makes things much easier to keep track of, especially if you decide to work on another thing before your first change is merged in. GitHub has some pretty good [general documentation](http://help.github.com/) on using their site. They also have documentation on [creating pull requests](http://help.github.com/send-pull-requests/). In general, after pushing your topic branch up to your repository on GitHub, you can switch to the branch in the GitHub UI and click "Pull Request" towards the top of the page in order to open a pull request. 4. Update the related GitHub issue. If there is a GitHub issue associated with the change you submitted, then you should update the ticket to include the location of your branch, along with any other commentary you may wish to make. Testing ======= Getting Started --------------- Our puppet modules provide [`Gemfile`](./Gemfile)s which can tell a ruby package manager such as [bundler](http://bundler.io/) what Ruby packages, or Gems, are required to build, develop, and test this software. Please make sure you have [bundler installed](http://bundler.io/#getting-started) on your system, then use it to install all dependencies needed for this project, by running ```shell % bundle install Fetching gem metadata from https://rubygems.org/........ Fetching gem metadata from https://rubygems.org/.. Using rake (10.1.0) Using builder (3.2.2) -- 8><-- many more --><8 -- Using rspec-system-puppet (2.2.0) Using serverspec (0.6.3) Using rspec-system-serverspec (1.0.0) Using bundler (1.3.5) Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed. ``` NOTE some systems may require you to run this command with sudo. With all dependencies installed we can now run the tests: ```shell % rake spec ``` This will execute all the [rspec tests](http://rspec-puppet.com/) tests under [spec/defines](./spec/defines), [spec/classes](./spec/classes), and so on. rspec tests may have the same kind of dependencies as the module they are testing. While the module defines in its [Modulefile](./Modulefile), rspec tests define them in [.fixtures.yml](./fixtures.yml). Some puppet modules also come with [rspec-system](https://github.com/puppetlabs/rspec-system) tests. These tests spin up a virtual machine under [VirtualBox](https://www.virtualbox.org/)) with, controlling it with [Vagrant](http://www.vagrantup.com/) to actually simulate scripted test scenarios. In order to run these, you will need both of those tools installed on your system. You can run them by issuing the following command ```shell % rake spec:system ``` This will now download a pre-fabricated image configured in [.nodeset.yml](./.nodeset.yml), install puppet, copy this module and install its dependencies per [spec/spec_helper_system.rb](./spec/spec_helper_system.rb) and then run all the tests under [spec/system](./spec/system). Writing Tests ------------- XXX getting started writing tests. If you have commit access to the repository =========================================== Even if you have commit access to the repository, you will still need to go through the process above, and have someone else review and merge in your changes. The rule is that all changes must be reviewed by a developer on the project (that did not write the code) to ensure that all changes go through a code review process. Having someone other than the author of the topic branch recorded as performing the merge is the record that they performed the code review. Additional Resources ==================== * [Getting additional help](http://projects.puppetlabs.com/projects/puppet/wiki/Getting_Help) * [Writing tests](http://projects.puppetlabs.com/projects/puppet/wiki/Development_Writing_Tests) * [Bug tracker (Redmine)](http://projects.puppetlabs.com/projects/modules) * [Patchwork](https://patchwork.puppetlabs.com) * [Contributor License Agreement](https://projects.puppetlabs.com/contributor_licenses/sign) * [General GitHub documentation](http://help.github.com/) * [GitHub pull request documentation](http://help.github.com/send-pull-requests/) puppetlabs-apache-0.10.0/files/000755 000765 000024 00000000000 12250205751 016731 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/Gemfile000644 000765 000024 00000001373 12250205751 017126 0ustar00hunnerstaff000000 000000 source 'https://rubygems.org' group :development, :test do gem 'rake', :require => false gem 'rspec-puppet', :require => false gem 'puppetlabs_spec_helper', :require => false gem 'serverspec', :require => false gem 'rspec-system', :require => false gem 'rspec-system-puppet', :require => false gem 'rspec-system-serverspec', :require => false gem 'puppet-lint', :require => false end if facterversion = ENV['FACTER_GEM_VERSION'] gem 'facter', facterversion, :require => false else gem 'facter', :require => false end if puppetversion = ENV['PUPPET_GEM_VERSION'] gem 'puppet', puppetversion, :require => false else gem 'puppet', :require => false end # vim:ft=ruby puppetlabs-apache-0.10.0/Gemfile.lock000644 000765 000024 00000004005 12250205751 020050 0ustar00hunnerstaff000000 000000 GEM remote: https://rubygems.org/ specs: builder (3.2.2) diff-lcs (1.2.5) excon (0.28.0) facter (1.7.3) fog (1.18.0) builder excon (~> 0.28.0) formatador (~> 0.2.0) mime-types multi_json (~> 1.0) net-scp (~> 1.1) net-ssh (>= 2.1.3) nokogiri (~> 1.5) ruby-hmac formatador (0.2.4) hiera (1.3.0) json_pure highline (1.6.20) json_pure (1.8.1) kwalify (0.7.2) metaclass (0.0.1) mime-types (1.25.1) mocha (0.14.0) metaclass (~> 0.0.1) multi_json (1.8.2) net-scp (1.1.2) net-ssh (>= 2.6.5) net-ssh (2.7.0) nokogiri (1.5.10) puppet (3.3.2) facter (~> 1.6) hiera (~> 1.0) rgen (~> 0.6.5) puppet-lint (0.3.2) puppetlabs_spec_helper (0.4.1) mocha (>= 0.10.5) rake rspec (>= 2.9.0) rspec-puppet (>= 0.1.1) rake (10.1.0) rbvmomi (1.6.0) builder nokogiri (>= 1.4.1) trollop rgen (0.6.6) rspec (2.14.1) rspec-core (~> 2.14.0) rspec-expectations (~> 2.14.0) rspec-mocks (~> 2.14.0) rspec-core (2.14.7) rspec-expectations (2.14.4) diff-lcs (>= 1.1.3, < 2.0) rspec-mocks (2.14.4) rspec-puppet (0.1.6) rspec rspec-system (2.8.0) fog (~> 1.18) kwalify (~> 0.7.2) mime-types (~> 1.16) net-scp (~> 1.1) net-ssh (~> 2.7) nokogiri (~> 1.5.10) rbvmomi (~> 1.6) rspec (~> 2.14) systemu (~> 2.5) rspec-system-puppet (2.2.1) rspec-system (~> 2.0) rspec-system-serverspec (2.0.1) rspec-system (~> 2.0) serverspec (~> 0.0) specinfra (~> 0.0) ruby-hmac (0.4.0) serverspec (0.13.2) highline net-ssh rspec (>= 2.13.0) specinfra (>= 0.0.6) specinfra (0.0.8) systemu (2.5.2) trollop (2.0) PLATFORMS ruby DEPENDENCIES facter puppet puppet-lint puppetlabs_spec_helper rake rspec-puppet rspec-system rspec-system-puppet rspec-system-serverspec serverspec puppetlabs-apache-0.10.0/lib/000755 000765 000024 00000000000 12250205751 016375 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/LICENSE000644 000765 000024 00000001146 12250205751 016636 0ustar00hunnerstaff000000 000000 Copyright (C) 2012 Puppet Labs Inc Puppet Labs can be contacted at: info@puppetlabs.com Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. puppetlabs-apache-0.10.0/manifests/000755 000765 000024 00000000000 12250205751 017620 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/metadata.json000644 000765 000024 00000037354 12250205751 020316 0ustar00hunnerstaff000000 000000 { "name": "puppetlabs-apache", "version": "0.10.0", "source": "git://github.com/puppetlabs/puppetlabs-apache.git", "author": "puppetlabs", "license": "Apache 2.0", "summary": "Puppet module for Apache", "description": "Module for Apache configuration", "project_page": "https://github.com/puppetlabs/puppetlabs-apache", "dependencies": [ { "name": "puppetlabs/stdlib", "version_requirement": ">= 2.4.0" }, { "name": "puppetlabs/concat", "version_requirement": ">= 1.0.0" } ], "types": [ { "name": "a2mod", "doc": "Manage Apache 2 modules", "properties": [ { "name": "ensure", "doc": "The basic property that the resource should be in. Valid values are `present`, `absent`." } ], "parameters": [ { "name": "name", "doc": "The name of the module to be managed" }, { "name": "lib", "doc": "The name of the .so library to be loaded" }, { "name": "identifier", "doc": "Module identifier string used by LoadModule. Default: module-name_module" } ], "providers": [ { "name": "a2mod", "doc": "Manage Apache 2 modules on Debian and Ubuntu\n\nRequired binaries: `a2enmod`, `a2dismod`, `apache2ctl`. Default for `operatingsystem` == `debian, ubuntu`." }, { "name": "gentoo", "doc": "Manage Apache 2 modules on Gentoo\n\nDefault for `operatingsystem` == `gentoo`." }, { "name": "modfix", "doc": "Dummy provider for A2mod.\n\n Fake nil resources when there is no crontab binary available. Allows\n puppetd to run on a bootstrapped machine before a Cron package has been\n installed. Workaround for: http://projects.puppetlabs.com/issues/2384\n " }, { "name": "redhat", "doc": "Manage Apache 2 modules on RedHat family OSs\n\nRequired binaries: `apachectl`. Default for `osfamily` == `redhat`." } ] } ], "checksums": { "CHANGELOG.md": "2ed7b976e9c4542fd1626006cb44783b", "CONTRIBUTING.md": "5520c75162725951733fa7d88e57f31f", "Gemfile": "c1cd7b0477f1a99e0156a471aac6cd58", "Gemfile.lock": "13733647826ec5cff955b593fd9a9c5c", "LICENSE": "b3f8a01d8699078d82e8c3c992307517", "Modulefile": "560b5e9d2b04ddbc23f3803645bfbda5", "README.md": "c937c2d34a76185fe8cfc61d671c47ec", "README.passenger.md": "0316c4a152fd51867ece8ea403250fcb", "Rakefile": "0428ea3759a4692c91604396c406a9c1", "files/httpd": "295f5e924afe6f752d29327e73fe6d0a", "lib/puppet/provider/a2mod/a2mod.rb": "d986d8e8373f3f31c97359381c180628", "lib/puppet/provider/a2mod/gentoo.rb": "2492d446adbb68f678e86a75eb7ff3bd", "lib/puppet/provider/a2mod/modfix.rb": "b689a1c83c9ccd8590399c67f3e588e5", "lib/puppet/provider/a2mod/redhat.rb": "c39b80e75e7d0666def31c2a6cdedb0b", "lib/puppet/provider/a2mod.rb": "03ed73d680787dd126ea37a03be0b236", "lib/puppet/type/a2mod.rb": "9042ccc045bfeecca28bebb834114f05", "manifests/balancer.pp": "c635b2d2dec8b5972509960152e169a3", "manifests/balancermember.pp": "8afe51921a42545402fa457820162ae2", "manifests/confd/no_accf.pp": "c44b75749a3a56c0306433868d6b762c", "manifests/default_confd_files.pp": "7cbc2f15bfd34eb2f5160c671775c0f6", "manifests/default_mods/load.pp": "b3f21b3186216795dd18ee051f01e3c2", "manifests/default_mods.pp": "ea267ac599fc3d76db6298c3710cee60", "manifests/dev.pp": "639ba24711be5d7cea0c792e05008c86", "manifests/init.pp": "ffc69874d88f7ac581138fbf47d04d04", "manifests/listen.pp": "5efc62bd75a0a9a9565b12bd8cb2a9e4", "manifests/mod/alias.pp": "3c144a2aa8231de61e68eced58dc9287", "manifests/mod/auth_basic.pp": "47ff846317d52d2161c6d09cac05f7f8", "manifests/mod/auth_kerb.pp": "7876ffdca25396285a26afae8dd030eb", "manifests/mod/authnz_ldap.pp": "10c795251b2327614ef0b433591ed128", "manifests/mod/autoindex.pp": "1b07e7737b4b27f977f80c289172a55b", "manifests/mod/cache.pp": "51b4826a72090da8e463bc007695f05b", "manifests/mod/cgi.pp": "8c9265733584e188196fe69fd3b9fdd7", "manifests/mod/cgid.pp": "d218c11d4798453d6075f8f1553c94de", "manifests/mod/dav.pp": "f0228b06b7101864f7c943b541e570d2", "manifests/mod/dav_fs.pp": "a166fc9b780abea2eec1ab723ce3a773", "manifests/mod/dav_svn.pp": "641911969d921123865e6566954c0edb", "manifests/mod/deflate.pp": "f317ddf1cbfee52945d0433a3b25c728", "manifests/mod/dev.pp": "d6a001af402d8e82e952c8243c5e5321", "manifests/mod/dir.pp": "f3c3e6a21653ebda12f35b4b140e68d5", "manifests/mod/disk_cache.pp": "f19193d4f119224e19713e0c96a0de6d", "manifests/mod/event.pp": "e48aefd215dd61980f0b9c4d16ef094a", "manifests/mod/expires.pp": "a9b7537846258af84f12b8ce3510dfa8", "manifests/mod/fastcgi.pp": "fec8afea5424f25109a0b7ca912b16b1", "manifests/mod/fcgid.pp": "d03eb1add8f2cef603331dde96f1f7fd", "manifests/mod/headers.pp": "224438518465d09c951eb00dbaf8123c", "manifests/mod/info.pp": "9a45dd07a2681dc1fef9204de3f42bd9", "manifests/mod/itk.pp": "7c32234950dc74354b06a2da15197179", "manifests/mod/ldap.pp": "f5033ee5197938d402854d8ffa9fb1d3", "manifests/mod/mime.pp": "0fa7835f270e511616927afe01a0526c", "manifests/mod/mime_magic.pp": "fe249dd7e1faa5ec5dd936877c64e856", "manifests/mod/negotiation.pp": "9f5d70e4c961175a78a049fedaac85c9", "manifests/mod/nss.pp": "f7a7efaac854599aa7b872665eb5d93c", "manifests/mod/passenger.pp": "e6c48c22a69933b0975609f2bacf2b5d", "manifests/mod/perl.pp": "72195ad624f68e2c0009074d118bf8e4", "manifests/mod/peruser.pp": "3a2eaab65d7be2373740302eac33e5b1", "manifests/mod/php.pp": "a3725f487f58eb354c84a4fee704daa9", "manifests/mod/prefork.pp": "84b64cb7b46ab0c544dfecb476d65e3d", "manifests/mod/proxy.pp": "eb1e8895edee5e97edc789923fc128c8", "manifests/mod/proxy_ajp.pp": "f9b72f1339cc03f068fa684f38793120", "manifests/mod/proxy_balancer.pp": "5ab6987614f8a1afde3a8b701fbbe22a", "manifests/mod/proxy_html.pp": "1a96fd029a305eb88639bf5baf06abdd", "manifests/mod/proxy_http.pp": "773d0fbb934440a24b3bc87517faa4d4", "manifests/mod/python.pp": "0b22df3d0e9a39ce948212e18329155f", "manifests/mod/reqtimeout.pp": "2ff860e05de7352d4a1bcd57c0ee08f0", "manifests/mod/rewrite.pp": "165fdccc8acc61e5fb088d9917861a3c", "manifests/mod/rpaf.pp": "1125f0c5296ca584fa71de474c95475f", "manifests/mod/setenvif.pp": "32098aaab01723cae4c44d2fff8114ea", "manifests/mod/ssl.pp": "c8ab5728fda7814dace9a8eebf13476c", "manifests/mod/status.pp": "d7366470082970ac62984581a0ea3fd7", "manifests/mod/suphp.pp": "c42d20b057007eff1a75595fc3fe7adf", "manifests/mod/userdir.pp": "7166fee20a3e5b97d61dfae18fb745c9", "manifests/mod/vhost_alias.pp": "ea2d06875ed4f47ba65da0f7169e529e", "manifests/mod/worker.pp": "b1809ac41b322b090be410d41e57157e", "manifests/mod/wsgi.pp": "a0073502c2267d7e72caaf9f4942ab7c", "manifests/mod/xsendfile.pp": "ebe6241729f1b0d8125043a1f34caa54", "manifests/mod.pp": "2d4ab8907db92e50c5ed6e1357fed9fb", "manifests/namevirtualhost.pp": "27bb9faa95147fcd15ec2aa0a95bc3af", "manifests/package.pp": "c32ba42fe3ab4acc49d2e28258108ba1", "manifests/params.pp": "221fa0dcbdd00066e074bc443c0d8fdb", "manifests/peruser/multiplexer.pp": "712017c1d1cee710cd7392a4c4821044", "manifests/peruser/processor.pp": "293fcb9d2e7ae98b36f544953e33074e", "manifests/php.pp": "a4478838b4cf9b0525b04db150cf55b8", "manifests/proxy.pp": "54e7657920b580546f3bef3980f2fd03", "manifests/python.pp": "2edb06e8119b67a5a62fb24fb280d3e5", "manifests/service.pp": "56e90e48165989a7df3360dc55b01360", "manifests/ssl.pp": "7f944d1c103a59ebd04d02e68af69f7a", "manifests/vhost/custom.pp": "58bd40d3d12d01549545b85667855d38", "manifests/vhost.pp": "41c68c9ef48c3ef9d1c4feb167d71dd2", "spec/classes/apache_spec.rb": "70ebba6cbb794fe0239b0e353796bae9", "spec/classes/dev_spec.rb": "051fcee20c1b04a7d52481c4a23682b3", "spec/classes/mod/auth_kerb_spec.rb": "229c730ac88b05c4ea4e64d395f26f27", "spec/classes/mod/authnz_ldap_spec.rb": "19cef4733927bc3548af8c75a66a8b11", "spec/classes/mod/dav_svn_spec.rb": "b41e721c0b5c7bac1295187f89d27ab7", "spec/classes/mod/dev_spec.rb": "81d37ad0a51e6cae22e79009e719d648", "spec/classes/mod/dir_spec.rb": "a8d473ce36e0aaec0f9f3463cd4bb549", "spec/classes/mod/event_spec.rb": "cce445ab0a7140bdb50897c6f692ec17", "spec/classes/mod/fastcgi_spec.rb": "ff35691208f95aee61150682728c2891", "spec/classes/mod/fcgid_spec.rb": "ca3ee773bdf9ac82e63edee4411d0281", "spec/classes/mod/info_spec.rb": "90f35932812cc86058b6ccfd48eba6e8", "spec/classes/mod/itk_spec.rb": "261aa7759e232f07d70b102f0e8ab828", "spec/classes/mod/mime_magic_spec.rb": "a3748b9bd66514b56aa29a377a233606", "spec/classes/mod/passenger_spec.rb": "ece983e4b228f99f670a5f98878f964b", "spec/classes/mod/perl_spec.rb": "123e73d8de752e83336bed265a354c08", "spec/classes/mod/peruser_spec.rb": "72d00a427208a3bc0dda5578d36e7b0e", "spec/classes/mod/php_spec.rb": "3907e0075049b0d3cdadb17445acae2d", "spec/classes/mod/prefork_spec.rb": "537882d6f314a17c3ead6f51a67b20b8", "spec/classes/mod/proxy_html_spec.rb": "3587873d56172c431f93a78845b7d24e", "spec/classes/mod/python_spec.rb": "9011cd2ac1d452daec091e5cf337dbe7", "spec/classes/mod/rpaf_spec.rb": "b419712d8e6acbe00f5c4034161e40af", "spec/classes/mod/ssl_spec.rb": "969111556de99092152735764194d267", "spec/classes/mod/status_spec.rb": "a1f70673810840e591ac25a1803c39d7", "spec/classes/mod/suphp_spec.rb": "1da3f6561f19d8c7f2a71655fa7772ea", "spec/classes/mod/worker_spec.rb": "cf005d3606362360f7fcccce04e53be6", "spec/classes/mod/wsgi_spec.rb": "37ad1d623b1455e237a75405776d58d9", "spec/classes/params_spec.rb": "9b1984a3e8a485ff128512833400dfbd", "spec/classes/service_spec.rb": "d522ae1652cc87a4b9c6e33034ee5774", "spec/defines/mod_spec.rb": "80d167b475191b63713087462e960a44", "spec/defines/vhost_spec.rb": "89905755a72b938e99f4a01ef64203e9", "spec/fixtures/modules/site_apache/templates/fake.conf.erb": "6b0431dd0b9a0bf803eb0684300c2cff", "spec/spec.opts": "c407193b3d9028941ef59edd114f5968", "spec/spec_helper.rb": "0db89c9a486df193c0e40095422e19dc", "spec/spec_helper_system.rb": "c54584d03120766bac28221597920d3d", "spec/system/basic_spec.rb": "73bab7cf3eb0554b7d7801613c4b483e", "spec/system/class_spec.rb": "6f29d603a809ae6208243911c0b250e4", "spec/system/default_mods_spec.rb": "fff758602ee95ee67cad2abc71bc54fb", "spec/system/itk_spec.rb": "c645ac3b306da4d3733c33f662959e36", "spec/system/mod_php_spec.rb": "b823cdcfe4288359a3d2dfd70868691d", "spec/system/mod_suphp_spec.rb": "9d38045b3dcb052153e7c08164301c13", "spec/system/prefork_worker_spec.rb": "a6f1b3fb3024a0dce75e45a7c2d6cfd0", "spec/system/service_spec.rb": "3cd71e4e40790e1624487fd233f18a07", "spec/system/vhost_spec.rb": "86e147833f1acebf2b08451f02919581", "spec/unit/provider/a2mod/gentoo_spec.rb": "24ad9db4f6ba0b4fc7ed77b509b4244c", "templates/confd/no-accf.conf.erb": "a614f28c4b54370e4fa88403dfe93eb0", "templates/httpd.conf.erb": "6e768a748deb4737a8faf82ea80196c1", "templates/listen.erb": "6286aa08f9e28caee54b1e1ee031b9d6", "templates/mod/alias.conf.erb": "e65c27aafd88c825ab35b34dd04221ea", "templates/mod/authnz_ldap.conf.erb": "12c9a1482694ddad3143e5eef03fb531", "templates/mod/autoindex.conf.erb": "2421a3c6df32c7e38c2a7a22afdf5728", "templates/mod/cgid.conf.erb": "3d4e24001b50eb16561e45f5a8237b32", "templates/mod/dav_fs.conf.erb": "fdf1f8cff4708a282ef491d60868d1d7", "templates/mod/deflate.conf.erb": "44d54f557a5612be8da04c49dd6da862", "templates/mod/dir.conf.erb": "2485da78a2506c14bf51dde38dd03360", "templates/mod/disk_cache.conf.erb": "7d3e7a5ee3bd7b6a839924b06a60667f", "templates/mod/event.conf.erb": "dc4223dfb2729e54d4a33cdec03bd518", "templates/mod/fastcgi.conf.erb": "8692d14c4462335c845eede011f6db2f", "templates/mod/info.conf.erb": "bb48951beaeaf582d1a1023cb661ac32", "templates/mod/itk.conf.erb": "eff84b78e4f2f8c5c3a2e9fc4b8aad16", "templates/mod/ldap.conf.erb": "a8a33f645497e0dbcec363c98be43795", "templates/mod/mime.conf.erb": "8f953519790a5900369fb656054cae35", "templates/mod/mime_magic.conf.erb": "f910e66299cba6ead5f0444e522a0c76", "templates/mod/mpm_event.conf.erb": "80097a19d063a4f973465d9ef5c0c0bf", "templates/mod/negotiation.conf.erb": "47284b5580b986a6ba32580b6ffb9fd7", "templates/mod/nss.conf.erb": "9a9667d308f0783448ca2689b9fc2b93", "templates/mod/passenger.conf.erb": "68a350cf4cf037c2ae64f015cc7a61a3", "templates/mod/peruser.conf.erb": "ac1c2bf2a771ed366f688ec337d6da02", "templates/mod/php5.conf.erb": "49e2d214790835c141fcaf6d74b5a96d", "templates/mod/prefork.conf.erb": "f9ec5a7eaea78a19b04fa69f8acd8a84", "templates/mod/proxy.conf.erb": "38668e1cb5a19d7708e9d26f99e21264", "templates/mod/proxy_html.conf.erb": "67546d56f2d6bb1860338257e3ac9d29", "templates/mod/reqtimeout.conf.erb": "81c51851ab7ee7942bef389dc7c0e985", "templates/mod/rpaf.conf.erb": "5447539c083ae54f3a9e93c1ac8c988b", "templates/mod/setenvif.conf.erb": "c7ede4173da1915b7ec088201f030c28", "templates/mod/ssl.conf.erb": "907dc25931c6bdb7ce4b61a81be788f8", "templates/mod/status.conf.erb": "afb05015a8337b232127199aa085a023", "templates/mod/suphp.conf.erb": "05bb7b3ea23976b032ce405bfd4edd18", "templates/mod/userdir.conf.erb": "e5a7a7229dbf0de07bc034dd3d108ea2", "templates/mod/worker.conf.erb": "9661e7a59eaefb9f17d4c2680c0d243d", "templates/mod/wsgi.conf.erb": "125949c9120aee15303ad755e105d852", "templates/namevirtualhost.erb": "fbfca19a639e18e6c477e191344ac8ae", "templates/ports_header.erb": "afe35cb5747574b700ebaa0f0b3a626e", "templates/vhost/_aliases.erb": "e5e3ba8a9ce994334644bd19ad342d8b", "templates/vhost/_block.erb": "7cb56db9254729b54e8d30686c4f3b1a", "templates/vhost/_custom_fragment.erb": "67a4475275ec9208e6421b047b9ed7f4", "templates/vhost/_directories.erb": "eca2a0abc3a23d1e08b1132baeade372", "templates/vhost/_error_document.erb": "81d3007c1301a5c5f244c082cfee9de2", "templates/vhost/_fastcgi.erb": "e0a1702445e9be189dabe04b829acd7f", "templates/vhost/_itk.erb": "db5b12d7236dbc19b62ce13625d9d60e", "templates/vhost/_proxy.erb": "1f9cc42aaafb80a658294fc39cf61395", "templates/vhost/_rack.erb": "ebe187c1bdc81eec9c8e0d9026120b18", "templates/vhost/_redirect.erb": "0e2eed04e30240fbbd6c4ef7db6b7058", "templates/vhost/_requestheader.erb": "db1b0cdda069ae809b5b83b0871ef991", "templates/vhost/_rewrite.erb": "dcf423c014bdb222bcf15314a2f3a41f", "templates/vhost/_scriptalias.erb": "9c714277eaad73d05d073c1b6c62106a", "templates/vhost/_serveralias.erb": "2ef30c2152b9284463588f408f7f371f", "templates/vhost/_setenv.erb": "da6778b324857234c8441ef346d08969", "templates/vhost/_ssl.erb": "e9fca0c12325af10797b80d827dfddee", "templates/vhost/_suphp.erb": "6ea2553a4c4284d41b435fa2f4f4edc7", "templates/vhost/_wsgi.erb": "3bbab1e5757dfb584504f05354275f81", "templates/vhost.conf.erb": "5dc0337da18ff36184df07343982dc93", "tests/apache.pp": "819cf9116ffd349e6757e1926d11ca2f", "tests/dev.pp": "4cf15c1fecea3ca86009f182b402c7ab", "tests/init.pp": "4eac4a7ef68499854c54a78879e25535", "tests/mod_load_params.pp": "5981af4d625a906fce1cedeb3f70cb90", "tests/mods.pp": "0085911ba562b7e56ad8d793099c9240", "tests/mods_custom.pp": "9afd068edce0538b5c55a3bc19f9c24a", "tests/php.pp": "60e7939034d531dd6b95af35338bcbe7", "tests/vhost.pp": "164bec943d7d5eee1ad6d6c41fe7c28e", "tests/vhost_directories.pp": "b79a3bcf72474ce4e3b75f6a70cbf272", "tests/vhost_ip_based.pp": "7d9f7b6976de7488ab6ff0a6e647fc73", "tests/vhost_ssl.pp": "9f3716bc15a9a6760f1d6cc3bf8ce8ac", "tests/vhosts_without_listen.pp": "a6692104056a56517b4365bcc816e7f4" } }puppetlabs-apache-0.10.0/Modulefile000644 000765 000024 00000000622 12250205751 017637 0ustar00hunnerstaff000000 000000 name 'puppetlabs-apache' version '0.10.0' source 'git://github.com/puppetlabs/puppetlabs-apache.git' author 'puppetlabs' license 'Apache 2.0' summary 'Puppet module for Apache' description 'Module for Apache configuration' project_page 'https://github.com/puppetlabs/puppetlabs-apache' ## Add dependencies, if any: dependency 'puppetlabs/stdlib', '>= 2.4.0' dependency 'puppetlabs/concat', '>= 1.0.0' puppetlabs-apache-0.10.0/Rakefile000644 000765 000024 00000000115 12250205751 017271 0ustar00hunnerstaff000000 000000 require 'puppetlabs_spec_helper/rake_tasks' require 'rspec-system/rake_task' puppetlabs-apache-0.10.0/README.md000644 000765 000024 00000142327 12250205751 017117 0ustar00hunnerstaff000000 000000 #apache [![Build Status](https://travis-ci.org/puppetlabs/puppetlabs-apache.png?branch=master)](https://travis-ci.org/puppetlabs/puppetlabs-apache) ####Table of Contents 1. [Overview - What is the Apache module?](#overview) 2. [Module Description - What does the module do?](#module-description) 3. [Setup - The basics of getting started with Apache](#setup) * [Beginning with Apache - Installation](#beginning-with-apache) * [Configure a Virtual Host - Basic options for getting started](#configure-a-virtual-host) 4. [Usage - The classes, defined types, and their parameters available for configuration](#usage) * [Classes and Defined Types](#classes-and-defined-types) * [Class: apache](#class-apache) * [Classes: apache::mod::*](#classes-apachemodname) * [Defined Type: apache::vhost](#defined-type-apachevhost) * [Virtual Host Examples - Demonstrations of some configuration options](#virtual-host-examples) 5. [Implementation - An under-the-hood peek at what the module is doing](#implementation) * [Classes and Defined Types](#classes-and-defined-types) * [Templates](#templates) 6. [Limitations - OS compatibility, etc.](#limitations) 7. [Development - Guide for contributing to the module](#development) 8. [Release Notes - Notes on the most recent updates to the module](#release-notes) ##Overview The Apache module allows you to set up virtual hosts and manage web services with minimal effort. ##Module Description Apache is a widely-used web server, and this module provides a simplified way of creating configurations to manage your infrastructure. This includes the ability to configure and manage a range of different virtual host setups, as well as a streamlined way to install and configure Apache modules. ##Setup **What Apache affects:** * configuration files and directories (created and written to) * **NOTE**: Configurations that are *not* managed by Puppet will be purged. * package/service/configuration files for Apache * Apache modules * virtual hosts * listened-to ports * `/etc/make.conf` on FreeBSD ###Beginning with Apache To install Apache with the default parameters ```puppet class { 'apache': } ``` The defaults are determined by your operating system (e.g. Debian systems have one set of defaults, RedHat systems have another). These defaults will work well in a testing environment, but are not suggested for production. To establish customized parameters ```puppet class { 'apache': default_mods => false, default_confd_files => false, } ``` ###Configure a virtual host Declaring the `apache` class will create a default virtual host by setting up a vhost on port 80, listening on all interfaces and serving `$apache::docroot`. ```puppet class { 'apache': } ``` To configure a very basic, name-based virtual host ```puppet apache::vhost { 'first.example.com': port => '80', docroot => '/var/www/first', } ``` *Note:* The default priority is 15. If nothing matches this priority, the alphabetically first name-based vhost will be used. This is also true if you pass a higher priority and no names match anything else. A slightly more complicated example, which moves the docroot owner/group ```puppet apache::vhost { 'second.example.com': port => '80', docroot => '/var/www/second', docroot_owner => 'third', docroot_group => 'third', } ``` To set up a virtual host with SSL and default SSL certificates ```puppet apache::vhost { 'ssl.example.com': port => '443', docroot => '/var/www/ssl', ssl => true, } ``` To set up a virtual host with SSL and specific SSL certificates ```puppet apache::vhost { 'fourth.example.com': port => '443', docroot => '/var/www/fourth', ssl => true, ssl_cert => '/etc/ssl/fourth.example.com.cert', ssl_key => '/etc/ssl/fourth.example.com.key', } ``` To set up a virtual host with IP address different than '*' ```puppet apache::vhost { 'subdomain.example.com': ip => '127.0.0.1', port => '80', docrout => '/var/www/subdomain', } ``` To set up a virtual host with wildcard alias for subdomain mapped to same named directory `http://examle.com.loc => /var/www/example.com` ```puppet apache::vhost { 'subdomain.loc': vhost_name => '*', port => '80', virtual_docroot' => '/var/www/%-2+', docroot => '/var/www', serveraliases => ['*.loc',], } ``` To set up a virtual host with suPHP ```puppet apache::vhost { 'suphp.example.com': port => '80', docroot => '/home/appuser/myphpapp', suphp_addhandler => 'x-httpd-php', suphp_engine => 'on', suphp_configpath => '/etc/php5/apache2', directories => { path => '/home/appuser/myphpapp', 'suphp' => { user => 'myappuser', group => 'myappgroup' }, } } ``` To set up a virtual host with WSGI ```puppet apache::vhost { 'wsgi.example.com': port => '80', docroot => '/var/www/pythonapp', wsgi_daemon_process => 'wsgi', wsgi_daemon_process_options => { processes => '2', threads => '15', display-name => '%{GROUP}' }, wsgi_process_group => 'wsgi', wsgi_script_aliases => { '/' => '/var/www/demo.wsgi' }, } ``` Starting 2.2.16, httpd supports [FallbackResource](https://httpd.apache.org/docs/2.2/mod/mod_dir.html#fallbackresource) which is a simple replace for common RewriteRules: ```puppet apache::vhost { 'wordpress.example.com': port => '80', docroot => '/var/www/wordpress', fallbackresource => '/index.php', } ``` Please note that the `disabled` argument to FallbackResource is only supported since 2.2.24. To see a list of all virtual host parameters, [please go here](#defined-type-apachevhost). To see an extensive list of virtual host examples [please look here](#virtual-host-examples). ##Usage ###Classes and Defined Types This module modifies Apache configuration files and directories and will purge any configuration not managed by Puppet. Configuration of Apache should be managed by Puppet, as non-puppet configuration files can cause unexpected failures. It is possible to temporarily disable full Puppet management by setting the `purge_configs` parameter within the base `apache` class to 'false'. This option should only be used as a temporary means of saving and relocating customized configurations. ####Class: `apache` The Apache module's primary class, `apache`, guides the basic setup of Apache on your system. You may establish a default vhost in this class, the `vhost` class, or both. You may add additional vhost configurations for specific virtual hosts using a declaration of the `vhost` type. **Parameters within `apache`:** #####`default_mods` Sets up Apache with default settings based on your OS. Defaults to 'true', set to 'false' for customized configuration. #####`default_vhost` Sets up a default virtual host. Defaults to 'true', set to 'false' to set up [customized virtual hosts](#configure-a-virtual-host). #####`default_confd_files` Generates default set of include-able apache configuration files under `${apache::confd_dir}` directory. These configuration files correspond to what is usually installed with apache package on given platform. #####`default_ssl_vhost` Sets up a default SSL virtual host. Defaults to 'false'. ```puppet apache::vhost { 'default-ssl': port => 443, ssl => true, docroot => $docroot, scriptalias => $scriptalias, serveradmin => $serveradmin, access_log_file => "ssl_${access_log_file}", } ``` SSL vhosts only respond to HTTPS queries. #####`default_ssl_cert` The default SSL certification, which is automatically set based on your operating system (`/etc/pki/tls/certs/localhost.crt` for RedHat, `/etc/ssl/certs/ssl-cert-snakeoil.pem` for Debian, `/usr/local/etc/apache22/server.crt` for FreeBSD). This default will work out of the box but must be updated with your specific certificate information before being used in production. #####`default_ssl_key` The default SSL key, which is automatically set based on your operating system (`/etc/pki/tls/private/localhost.key` for RedHat, `/etc/ssl/private/ssl-cert-snakeoil.key` for Debian, `/usr/local/etc/apache22/server.key` for FreeBSD). This default will work out of the box but must be updated with your specific certificate information before being used in production. #####`default_ssl_chain` The default SSL chain, which is automatically set to 'undef'. This default will work out of the box but must be updated with your specific certificate information before being used in production. #####`default_ssl_ca` The default certificate authority, which is automatically set to 'undef'. This default will work out of the box but must be updated with your specific certificate information before being used in production. #####`default_ssl_crl_path` The default certificate revocation list path, which is automatically set to 'undef'. This default will work out of the box but must be updated with your specific certificate information before being used in production. #####`default_ssl_crl` The default certificate revocation list to use, which is automatically set to 'undef'. This default will work out of the box but must be updated with your specific certificate information before being used in production. #####`service_name` Name of apache service to run. Defaults to: `'httpd'` on RedHat, `'apache2'` on Debian, and `'apache22'` on FreeBSD. #####`service_enable` Determines whether the 'httpd' service is enabled when the machine is booted. Defaults to 'true'. #####`service_ensure` Determines whether the service should be running. Can be set to 'undef' which is useful when you want to let the service be managed by some other application like pacemaker. Defaults to 'running'. #####`purge_configs` Removes all other apache configs and vhosts, which is automatically set to true. Setting this to false is a stopgap measure to allow the apache module to coexist with existing or otherwise managed configuration. It is recommended that you move your configuration entirely to resources within this module. #####`serveradmin` Sets the server administrator. Defaults to 'root@localhost'. #####`servername` Sets the servername. Defaults to fqdn provided by facter. #####`server_root` A value to be set as `ServerRoot` in main configuration file (`httpd.conf`). Defaults to `/etc/httpd` on RedHat, `/etc/apache2` on Debian and `/usr/local` on FreeBSD. #####`sendfile` Makes Apache use the Linux kernel 'sendfile' to serve static files. Defaults to 'On'. #####`server_root` A value to be set as `ServerRoot` in main configuration file (`httpd.conf`). Defaults to `/etc/httpd` on RedHat and `/etc/apache2` on Debian. #####`error_documents` Enables custom error documents. Defaults to 'false'. #####`httpd_dir` Changes the base location of the configuration directories used for the service. This is useful for specially repackaged HTTPD builds but may have unintended consequences when used in combination with the default distribution packages. Default is based on your OS. #####`confd_dir` Changes the location of the configuration directory your custom configuration files are placed in. Default is based on your OS. #####`vhost_dir` Changes the location of the configuration directory your virtual host configuration files are placed in. Default is based on your OS. #####`mod_dir` Changes the location of the configuration directory your Apache modules configuration files are placed in. Default is based on your OS. #####`mpm_module` Configures which mpm module is loaded and configured for the httpd process by the `apache::mod::event`, `apache::mod::itk`, `apache::mod::peruser`, `apache::mod::prefork` and `apache::mod::worker` classes. Must be set to `false` to explicitly declare `apache::mod::event`, `apache::mod::itk`, `apache::mod::peruser`, `apache::mod::prefork` or `apache::mod::worker` classes with parameters. All possible values are `event`, `itk`, `peruser`, `prefork`, `worker` (valid values depend on agent's OS), or the boolean `false`. Defaults to `prefork` on RedHat and FreeBSD and `worker` on Debian. Note: on FreeBSD switching between different mpm modules is quite difficult (but possible). Before changing `$mpm_module` one has to deinstall all packages that depend on currently installed `apache`. #####`conf_template` Setting this allows you to override the template used for the main apache configuration file. This is a potentially risky thing to do as this module has been built around the concept of a minimal configuration file with most of the configuration coming in the form of conf.d/ entries. Defaults to 'apache/httpd.conf.erb'. #####`keepalive` Setting this allows you to enable persistent connections. #####`keepalive_timeout` Amount of time the server will wait for subsequent requests on a persistent connection. Defaults to '15'. #####`logroot` Changes the location of the directory Apache log files are placed in. Defaut is based on your OS. #####`log_level` Changes the verbosity level of the error log. Defaults to 'warn'. Valid values are `emerg`, `alert`, `crit`, `error`, `warn`, `notice`, `info` or `debug`. #####`ports_file` Changes the name of the file containing Apache ports configuration. Default is `${conf_dir}/ports.conf`. #####`server_tokens` Controls how much information Apache sends to the browser about itself and the operating system. See Apache documentation for 'ServerTokens'. Defaults to 'OS'. #####`server_signature` Allows the configuration of a trailing footer line under server-generated documents. See Apache documentation for 'ServerSignature'. Defaults to 'On'. #####`trace_enable` Controls, how TRACE requests per RFC 2616 are handled. See Apache documentation for 'TraceEnable'. Defaults to 'On'. #####`manage_user` Setting this to false will avoid the user resource to be created by this module. This is useful when you already have a user created in another puppet module and that you want to used it to run apache. Without this, it would result in a duplicate resource error. #####`manage_group` Setting this to false will avoid the group resource to be created by this module. This is useful when you already have a group created in another puppet module and that you want to used it for apache. Without this, it would result in a duplicate resource error. #####`package_ensure` Allow control over the package ensure statement. This is useful if you want to make sure apache is always at the latest version or whether it is only installed. ####Class: `apache::default_mods` Installs default Apache modules based on what OS you are running ```puppet class { 'apache::default_mods': } ``` ####Defined Type: `apache::mod` Used to enable arbitrary Apache httpd modules for which there is no specific `apache::mod::[name]` class. The `apache::mod` defined type will also install the required packages to enable the module, if any. ```puppet apache::mod { 'rewrite': } apache::mod { 'ldap': } ``` ####Classes: `apache::mod::[name]` There are many `apache::mod::[name]` classes within this module that can be declared using `include`: * `alias` * `auth_basic` * `auth_kerb` * `autoindex` * `cache` * `cgi` * `cgid` * `dav` * `dav_fs` * `dav_svn` * `deflate` * `dev` * `dir`* * `disk_cache` * `event` * `fastcgi` * `fcgid` * `headers` * `info` * `itk` * `ldap` * `mime` * `mime_magic`* * `mpm_event` * `negotiation` * `nss`* * `passenger`* * `perl` * `peruser` * `php` (requires [`mpm_module`](#mpm_module) set to `prefork`) * `prefork`* * `proxy`* * `proxy_ajp` * `proxy_html` * `proxy_http` * `python` * `reqtimeout` * `rewrite` * `rpaf`* * `setenvif` * `ssl`* (see [apache::mod::ssl](#class-apachemodssl) below) * `status`* * `suphp` * `userdir`* * `vhost_alias` * `worker`* * `wsgi` (see [apache::mod::wsgi](#class-apachemodwsgi) below) * `xsendfile` Modules noted with a * indicate that the module has settings and, thus, a template that includes parameters. These parameters control the module's configuration. Most of the time, these parameters will not require any configuration or attention. The modules mentioned above, and other Apache modules that have templates, will cause template files to be dropped along with the mod install, and the module will not work without the template. Any mod without a template will install package but drop no files. ####Class: `apache::mod::ssl` Installs Apache SSL capabilities and utilizes `ssl.conf.erb` template. These are the defaults: ```puppet class { 'apache::mod::ssl': ssl_compression => false, ssl_options => [ 'StdEnvVars' ], } ``` To *use* SSL with a virtual host, you must either set the`default_ssl_vhost` parameter in `apache` to 'true' or set the `ssl` parameter in `apache::vhost` to 'true'. ####Class: `apache::mod::wsgi` ```puppet class { 'apache::mod::wsgi': wsgi_socket_prefix => "\${APACHE_RUN_DIR}WSGI", wsgi_python_home => '/path/to/virtenv', wsgi_python_path => '/path/to/virtenv/site-packages', } ``` ####Defined Type: `apache::vhost` The Apache module allows a lot of flexibility in the set up and configuration of virtual hosts. This flexibility is due, in part, to `vhost`'s setup as a defined resource type, which allows it to be evaluated multiple times with different parameters. The `vhost` defined type allows you to have specialized configurations for virtual hosts that have requirements outside of the defaults. You can set up a default vhost within the base `apache` class as well as set a customized vhost setup as default. Your customized vhost (priority 10) will be privileged over the base class vhost (15). If you have a series of specific configurations and do not want a base `apache` class default vhost, make sure to set the base class default host to 'false'. ```puppet class { 'apache': default_vhost => false, } ``` **Parameters within `apache::vhost`:** The default values for each parameter will vary based on operating system and type of virtual host. #####`access_log` Specifies whether `*_access.log` directives should be configured. Valid values are 'true' and 'false'. Defaults to 'true'. #####`access_log_file` Points to the `*_access.log` file. Defaults to 'undef'. #####`access_log_pipe` Specifies a pipe to send access log messages to. Defaults to 'undef'. #####`access_log_syslog` Sends all access log messages to syslog. Defaults to 'undef'. #####`access_log_format` Specifies either a LogFormat nickname or custom format string for access log. Defaults to 'undef'. #####`add_listen` Determines whether the vhost creates a listen statement. The default value is 'true'. Setting `add_listen` to 'false' stops the vhost from creating a listen statement, and this is important when you combine vhosts that are not passed an `ip` parameter with vhosts that *are* passed the `ip` parameter. #####`aliases` Passes a list of hashes to the vhost to create `Alias` or `AliasMatch` statements as per the [`mod_alias` documentation](http://httpd.apache.org/docs/current/mod/mod_alias.html). Each hash is expected to be of the form: ``` aliases => [ { aliasmatch => '^/image/(.*)\.jpg$', path => '/files/jpg.images/$1.jpg' } { alias => '/image', path => '/ftp/pub/image' }, ], ``` For `Alias` and `AliasMatch` to work, each will need a corresponding `` or `` block. The `Alias` and `AliasMatch` directives are created in the order specified in the `aliases` paramter. As described in the [`mod_alias` documentation](http://httpd.apache.org/docs/current/mod/mod_alias.html) more specific `Alias` or `AliasMatch` directives should come before the more general ones to avoid shadowing. **Note:** If `apache::mod::passenger` is loaded and `PassengerHighPerformance true` is set, then `Alias` may have issues honouring the `PassengerEnabled off` statement. See [this article](http://www.conandalton.net/2010/06/passengerenabled-off-not-working.html) for details. #####`block` Specifies the list of things Apache will block access to. The default is an empty set, '[]'. Currently, the only option is 'scm', which blocks web access to .svn, .git and .bzr directories. To add to this, please see the [Development](#development) section. #####`custom_fragment` Pass a string of custom configuration directives to be placed at the end of the vhost configuration. #####`default_vhost` Sets a given `apache::vhost` as the default to serve requests that do not match any other `apache::vhost` definitions. The default value is 'false'. #####`directories` Passes a list of hashes to the vhost to create `...` directive blocks as per the [Apache core documentation](http://httpd.apache.org/docs/2.2/mod/core.html#directory). The `path` key is required in these hashes. An optional `provider` defaults to `directory`. Usage will typically look like: ```puppet apache::vhost { 'sample.example.net': docroot => '/path/to/directory', directories => [ { path => '/path/to/directory', => }, { path => '/path/to/another/directory', => }, ], } ``` *Note:* At least one directory should match `docroot` parameter, once you start declaring directories `apache::vhost` assumes that all required `` blocks will be declared. *Note:* If not defined a single default `` block will be created that matches the `docroot` parameter. `provider` can be set to any of `directory`, `files`, or `location`. If the [pathspec starts with a `~`](https://httpd.apache.org/docs/2.2/mod/core.html#files), httpd will interpret this as the equivalent of `DirectoryMatch`, `FilesMatch`, or `LocationMatch`, respectively. ```puppet apache::vhost { 'files.example.net': docroot => '/var/www/files', directories => [ { path => '~ (\.swp|\.bak|~)$', 'provider' => 'files', 'deny' => 'from all' }, ], } ``` The directives will be embedded within the `Directory` (`Files`, or `Location`) directive block, missing directives should be undefined and not be added, resulting in their default vaules in Apache. Currently this is the list of supported directives: ######`addhandlers` Sets `AddHandler` directives as per the [Apache Core documentation](http://httpd.apache.org/docs/2.2/mod/mod_mime.html#addhandler). Accepts a list of hashes of the form `{ handler => 'handler-name', extensions => ['extension']}`. Note that `extensions` is a list of extenstions being handled by the handler. An example: ```puppet apache::vhost { 'sample.example.net': docroot => '/path/to/directory', directories => [ { path => '/path/to/directory', addhandlers => [ { handler => 'cgi-script', extensions => ['.cgi']} ], } ], } ``` ######`allow` Sets an `Allow` directive as per the [Apache Core documentation](http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow). An example: ```puppet apache::vhost { 'sample.example.net': docroot => '/path/to/directory', directories => [ { path => '/path/to/directory', allow => 'from example.org' } ], } ``` ######`allow_override` Sets the usage of `.htaccess` files as per the [Apache core documentation](http://httpd.apache.org/docs/2.2/mod/core.html#allowoverride). Should accept in the form of a list or a string. An example: ```puppet apache::vhost { 'sample.example.net': docroot => '/path/to/directory', directories => [ { path => '/path/to/directory', allow_override => ['AuthConfig', 'Indexes'] } ], } ``` ######`deny` Sets an `Deny` directive as per the [Apache Core documentation](http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#deny). An example: ```puppet apache::vhost { 'sample.example.net': docroot => '/path/to/directory', directories => [ { path => '/path/to/directory', deny => 'from example.org' } ], } ``` ######`error_documents` A list of hashes which can be used to override the [ErrorDocument](https://httpd.apache.org/docs/2.2/mod/core.html#errordocument) settings for this directory. Example: ```puppet apache::vhost { 'sample.example.net': directories => [ { path => '/srv/www' error_documents => [ { 'error_code' => '503', 'document' => '/service-unavail' }, ], }] } ``` ######`headers` Adds lines for `Header` directives as per the [Apache Header documentation](http://httpd.apache.org/docs/2.2/mod/mod_headers.html#header). An example: ```puppet apache::vhost { 'sample.example.net': docroot => '/path/to/directory', directories => { path => '/path/to/directory', headers => 'Set X-Robots-Tag "noindex, noarchive, nosnippet"', }, } ``` ######`options` Lists the options for the given `` block ```puppet apache::vhost { 'sample.example.net': docroot => '/path/to/directory', directories => [ { path => '/path/to/directory', options => ['Indexes','FollowSymLinks','MultiViews'] }], } ``` ######`index_options` Styles the list ```puppet apache::vhost { 'sample.example.net': docroot => '/path/to/directory', directories => [ { path => '/path/to/directory', options => ['Indexes','FollowSymLinks','MultiViews'], index_options => ['IgnoreCase', 'FancyIndexing', 'FoldersFirst', 'NameWidth=*', 'DescriptionWidth=*', 'SuppressHTMLPreamble'] }], } ``` ######`index_order_default` Sets the order of the list ```puppet apache::vhost { 'sample.example.net': docroot => '/path/to/directory', directories => [ { path => '/path/to/directory', order => 'Allow,Deny', index_order_default => ['Descending', 'Date']}, ], } ``` ######`order` Sets the order of processing `Allow` and `Deny` statements as per [Apache core documentation](http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#order). An example: ```puppet apache::vhost { 'sample.example.net': docroot => '/path/to/directory', directories => [ { path => '/path/to/directory', order => 'Allow,Deny' } ], } ``` ######`auth_type` Sets the value for `AuthType` as per the [Apache AuthType documentation](https://httpd.apache.org/docs/2.2/mod/core.html#authtype). ######`auth_name` Sets the value for `AuthName` as per the [Apache AuthName documentation](https://httpd.apache.org/docs/2.2/mod/core.html#authname). ######`auth_digest_algorithm` Sets the value for `AuthDigestAlgorithm` as per the [Apache AuthDigestAlgorithm documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#authdigestalgorithm) ######`auth_digest_domain` Sets the value for `AuthDigestDomain` as per the [Apache AuthDigestDomain documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#authdigestdomain). ######`auth_digest_nonce_lifetime` Sets the value for `AuthDigestNonceLifetime` as per the [Apache AuthDigestNonceLifetime documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#authdigestnoncelifetime) ######`auth_digest_provider` Sets the value for `AuthDigestProvider` as per the [Apache AuthDigestProvider documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#authdigestprovider). ######`auth_digest_qop` Sets the value for `AuthDigestQop` as per the [Apache AuthDigestQop documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#authdigestqop). ######`auth_digest_shmem_size` Sets the value for `AuthAuthDigestShmemSize` as per the [Apache AuthDigestShmemSize documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#authdigestshmemsize). ######`auth_basic_authoritative` Sets the value for `AuthBasicAuthoritative` as per the [Apache AuthBasicAuthoritative documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html#authbasicauthoritative). ######`auth_basic_fake` Sets the value for `AuthBasicFake` as per the [Apache AuthBasicFake documentation](https://httpd.apache.org/docs/trunk/mod/mod_auth_basic.html#authbasicfake). ######`auth_basic_provider` Sets the value for `AuthBasicProvider` as per the [Apache AuthBasicProvider documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html#authbasicprovider). ######`auth_user_file` Sets the value for `AuthUserFile` as per the [Apache AuthUserFile documentation](https://httpd.apache.org/docs/2.2/mod/mod_authn_file.html#authuserfile). ######`auth_require` Sets the value for `AuthName` as per the [Apache Require documentation](https://httpd.apache.org/docs/2.2/mod/core.html#require) ######`passenger_enabled` Sets the value for the `PassengerEnabled` directory to `on` or `off` as per the [Passenger documentation](http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerEnabled). ```puppet apache::vhost { 'sample.example.net': docroot => '/path/to/directory', directories => [ { path => '/path/to/directory', passenger_enabled => 'off' } ], } ``` **Note:** This directive requires `apache::mod::passenger` to be active, Apache may not start with an unrecognised directive without it. **Note:** Be aware that there is an [issue](http://www.conandalton.net/2010/06/passengerenabled-off-not-working.html) using the `PassengerEnabled` directive with the `PassengerHighPerformance` directive. ######`ssl_options` String or list of [`SSLOptions`](https://httpd.apache.org/docs/2.2/mod/mod_ssl.html#ssloptions) for the given `` block. This overrides, or refines the [`SSLOptions`](https://httpd.apache.org/docs/2.2/mod/mod_ssl.html#ssloptions) of the parent block (either vhost, or server). ```puppet apache::vhost { 'secure.example.net': docroot => '/path/to/directory', directories => [ { path => '/path/to/directory', ssl_options => '+ExportCertData' } { path => '/path/to/different/dir', ssl_options => [ '-StdEnvVars', '+ExportCertData'] }, ], } ``` ######`suphp` An array containing two values: User and group for the [suPHP_UserGroup](http://www.suphp.org/DocumentationView.html?file=apache/CONFIG) setting. This directive must be used with `suphp_engine => on` in the vhost declaration. This directive only works in `` or ``. ```puppet apache::vhost { 'secure.example.net': docroot => '/path/to/directory', directories => [ { path => '/path/to/directory', suphp => { user => 'myappuser', group => 'myappgroup' } ], } ``` ######`custom_fragment` Pass a string of custom configuration directives to be placed at the end of the directory configuration. #####`directoryindex` Set a DirectoryIndex directive, to set the list of resources to look for, when the client requests an index of the directory by specifying a / at the end of the directory name.. #####`docroot` Provides the DocumentRoot directive, identifying the directory Apache serves files from. #####`docroot_group` Sets group access to the docroot directory. Defaults to 'root'. #####`docroot_owner` Sets individual user access to the docroot directory. Defaults to 'root'. #####`error_log` Specifies whether `*_error.log` directives should be configured. Defaults to 'true'. #####`error_log_file` Points to the `*_error.log` file. Defaults to 'undef'. #####`error_log_pipe` Specifies a pipe to send error log messages to. Defaults to 'undef'. #####`error_log_syslog` Sends all error log messages to syslog. Defaults to 'undef'. #####`error_documents` A list of hashes which can be used to override the [ErrorDocument](https://httpd.apache.org/docs/2.2/mod/core.html#errordocument) settings for this vhost. Defaults to `[]`. Example: ```puppet apache::vhost { 'sample.example.net': error_documents => [ { 'error_code' => '503', 'document' => '/service-unavail' }, { 'error_code' => '407', 'document' => 'https://example.com/proxy/login' }, ], } ``` #####`ensure` Specifies if the vhost file is present or absent. #####`fastcgi_server` Specifies the filename as an external FastCGI application. Defaults to 'undef'. #####`fastcgi_socket` Filename used to communicate with the web server. Defaults to 'undef'. #####`fastcgi_dir` Directory to enable for FastCGI. Defaults to 'undef'. #####`additional_includes` Specifies paths to additional static vhost-specific Apache configuration files. This option is useful when you need to implement a unique and/or custom configuration not supported by this module. #####`ip` The IP address the vhost listens on. Defaults to 'undef'. #####`ip_based` Enables an IP-based vhost. This parameter inhibits the creation of a NameVirtualHost directive, since those are used to funnel requests to name-based vhosts. Defaults to 'false'. #####`logroot` Specifies the location of the virtual host's logfiles. Defaults to `/var/log//`. #####`log_level` Specifies the verbosity level of the error log. Defaults to `warn` for the global server configuration and can be overridden on a per-vhost basis using this parameter. Valid value for `log_level` is one of `emerg`, `alert`, `crit`, `error`, `warn`, `notice`, `info` or `debug`. #####`no_proxy_uris` Specifies URLs you do not want to proxy. This parameter is meant to be used in combination with `proxy_dest`. #####`options` Lists the options for the given virtual host ```puppet apache::vhost { 'site.name.fdqn': … options => ['Indexes','FollowSymLinks','MultiViews'], } ``` #####`override` Sets the overrides for the given virtual host. Accepts an array of AllowOverride arguments. #####`port` Sets the port the host is configured on. #####`priority` Sets the relative load-order for Apache httpd VirtualHost configuration files. Defaults to '25'. If nothing matches the priority, the first name-based vhost will be used. Likewise, passing a higher priority will cause the alphabetically first name-based vhost to be used if no other names match. *Note*: You should not need to use this parameter. However, if you do use it, be aware that the `default_vhost` parameter for `apache::vhost` passes a priority of '15'. #####`proxy_dest` Specifies the destination address of a proxypass configuration. Defaults to 'undef'. #####`proxy_pass` Specifies an array of path => uri for a proxypass configuration. Defaults to 'undef'. Example: ```puppet $proxy_pass = [ { 'path' => '/a', 'url' => 'http://backend-a/' }, { 'path' => '/b', 'url' => 'http://backend-b/' }, { 'path' => '/c', 'url' => 'http://backend-a/c' } ] apache::vhost { 'site.name.fdqn': … proxy_pass => $proxy_pass, } ``` #####`rack_base_uris` Specifies the resource identifiers for a rack configuration. The file paths specified will be listed as rack application roots for passenger/rack in the `_rack.erb` template. Defaults to 'undef'. #####`redirect_dest` Specifies the address to redirect to. Defaults to 'undef'. #####`redirect_source` Specifies the source items? that will redirect to the destination specified in `redirect_dest`. If more than one item for redirect is supplied, the source and destination must be the same length, and the items are order-dependent. ```puppet apache::vhost { 'site.name.fdqn': … redirect_source => ['/images','/downloads'], redirect_dest => ['http://img.example.com/','http://downloads.example.com/'], } ``` #####`redirect_status` Specifies the status to append to the redirect. Defaults to 'undef'. ```puppet apache::vhost { 'site.name.fdqn': … redirect_status => ['temp','permanent'], } ``` #####`request_headers` Specifies additional request headers. ```puppet apache::vhost { 'site.name.fdqn': … request_headers => [ 'append MirrorID "mirror 12"', 'unset MirrorID', ], } ``` #####`rewrite_base` Limits the `rewrite_rule` to the specified base URL. Defaults to 'undef'. ```puppet apache::vhost { 'site.name.fdqn': … rewrite_rule => '^index\.html$ welcome.html', rewrite_base => '/blog/', } ``` The above example would limit the index.html -> welcome.html rewrite to only something inside of http://example.com/blog/. #####`rewrite_cond` Rewrites a URL via `rewrite_rule` based on the truth of specified conditions. For example ```puppet apache::vhost { 'site.name.fdqn': … rewrite_cond => '%{HTTP_USER_AGENT} ^MSIE', } ``` will rewrite URLs only if the visitor is using IE. Defaults to 'undef'. *Note*: At the moment, each vhost is limited to a single list of rewrite conditions. In the future, you will be able to specify multiple `rewrite_cond` and `rewrite_rules` per vhost, so that different conditions get different rewrites. #####`rewrite_rule` Creates URL rewrite rules. Defaults to 'undef'. This parameter allows you to specify, for example, that anyone trying to access index.html will be served welcome.html. ```puppet apache::vhost { 'site.name.fdqn': … rewrite_rule => '^index\.html$ welcome.html', } ``` #####`scriptalias` Defines a directory of CGI scripts to be aliased to the path '/cgi-bin' #####`scriptaliases` Passes a list of hashes to the vhost to create `ScriptAlias` or `ScriptAliasMatch` statements as per the [`mod_alias` documentation](http://httpd.apache.org/docs/current/mod/mod_alias.html). Each hash is expected to be of the form: ```puppet scriptaliases => [ { alias => '/myscript', path => '/usr/share/myscript', }, { aliasmatch => '^/foo(.*)', path => '/usr/share/fooscripts$1', }, { aliasmatch => '^/bar/(.*)', path => '/usr/share/bar/wrapper.sh/$1', }, { alias => '/neatscript', path => '/usr/share/neatscript', }, ] ``` These directives are created in the order specified. As with `Alias` and `AliasMatch` directives the more specific aliases should come before the more general ones to avoid shadowing. #####`serveradmin` Specifies the email address Apache will display when it renders one of its error pages. #####`serveraliases` Sets the server aliases of the site. #####`servername` Sets the primary name of the virtual host. #####`setenv` Used by HTTPD to set environment variables for vhosts. Defaults to '[]'. #####`setenvif` Used by HTTPD to conditionally set environment variables for vhosts. Defaults to '[]'. #####`ssl` Enables SSL for the virtual host. SSL vhosts only respond to HTTPS queries. Valid values are 'true' or 'false'. #####`ssl_ca` Specifies the certificate authority. #####`ssl_cert` Specifies the SSL certification. #####`ssl_protocol` Specifies the SSL Protocol (SSLProtocol). #####`ssl_cipher` Specifies the SSLCipherSuite. #####`ssl_honorcipherorder` Sets SSLHonorCipherOrder directive, used to prefer the server's cipher preference order #####`ssl_certs_dir` Specifies the location of the SSL certification directory. Defaults to `/etc/ssl/certs` on Debian and `/etc/pki/tls/certs` on RedHat. #####`ssl_chain` Specifies the SSL chain. #####`ssl_crl` Specifies the certificate revocation list to use. #####`ssl_crl_path` Specifies the location of the certificate revocation list. #####`ssl_key` Specifies the SSL key. #####`ssl_verify_client` Sets `SSLVerifyClient` directives as per the [Apache Core documentation](http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslverifyclient). Defaults to undef. An example: ```puppet apache::vhost { 'sample.example.net': … ssl_verify_client => 'optional', } ``` #####`ssl_verify_depth` Sets `SSLVerifyDepth` directives as per the [Apache Core documentation](http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslverifydepth). Defaults to undef. An example: ```puppet apache::vhost { 'sample.example.net': … ssl_verify_depth => 1, } ``` #####`ssl_options` Sets `SSLOptions` directives as per the [Apache Core documentation](http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#ssloptions). This is the global setting for the vhost and can be a string or an array. Defaults to undef. A single string example: ```puppet apache::vhost { 'sample.example.net': … ssl_options => '+ExportCertData', } ``` An array of strings example: ```puppet apache::vhost { 'sample.example.net': … ssl_options => [ '+StrictRequire', '+ExportCertData' ], } ``` #####`ssl_proxyengine` Specifies whether to use `SSLProxyEngine` or not. Defaults to `false`. #####`vhost_name` This parameter is for use with name-based virtual hosting. Defaults to '*'. #####`itk` Hash containing infos to configure itk as per the [ITK documentation](http://mpm-itk.sesse.net/). Keys could be: * user + group * assignuseridexpr * assigngroupidexpr * maxclientvhost * nice * limituidrange (Linux 3.5.0 or newer) * limitgidrange (Linux 3.5.0 or newer) Usage will typically look like: ```puppet apache::vhost { 'sample.example.net': docroot => '/path/to/directory', itk => { user => 'someuser', group => 'somegroup', }, } ``` ###Virtual Host Examples The Apache module allows you to set up pretty much any configuration of virtual host you might desire. This section will address some common configurations. Please see the [Tests section](https://github.com/puppetlabs/puppetlabs-apache/tree/master/tests) for even more examples. Configure a vhost with a server administrator ```puppet apache::vhost { 'third.example.com': port => '80', docroot => '/var/www/third', serveradmin => 'admin@example.com', } ``` - - - Set up a vhost with aliased servers ```puppet apache::vhost { 'sixth.example.com': serveraliases => [ 'sixth.example.org', 'sixth.example.net', ], port => '80', docroot => '/var/www/fifth', } ``` - - - Configure a vhost with a cgi-bin ```puppet apache::vhost { 'eleventh.example.com': port => '80', docroot => '/var/www/eleventh', scriptalias => '/usr/lib/cgi-bin', } ``` - - - Set up a vhost with a rack configuration ```puppet apache::vhost { 'fifteenth.example.com': port => '80', docroot => '/var/www/fifteenth', rack_base_uris => ['/rackapp1', '/rackapp2'], } ``` - - - Set up a mix of SSL and non-SSL vhosts at the same domain ```puppet #The non-ssl vhost apache::vhost { 'first.example.com non-ssl': servername => 'first.example.com', port => '80', docroot => '/var/www/first', } #The SSL vhost at the same domain apache::vhost { 'first.example.com ssl': servername => 'first.example.com', port => '443', docroot => '/var/www/first', ssl => true, } ``` - - - Configure a vhost to redirect non-SSL connections to SSL ```puppet apache::vhost { 'sixteenth.example.com non-ssl': servername => 'sixteenth.example.com', port => '80', docroot => '/var/www/sixteenth', redirect_status => 'permanent' redirect_dest => 'https://sixteenth.example.com/' } apache::vhost { 'sixteenth.example.com ssl': servername => 'sixteenth.example.com', port => '443', docroot => '/var/www/sixteenth', ssl => true, } ``` - - - Set up IP-based vhosts on any listen port and have them respond to requests on specific IP addresses. In this example, we will set listening on ports 80 and 81. This is required because the example vhosts are not declared with a port parameter. ```puppet apache::listen { '80': } apache::listen { '81': } ``` Then we will set up the IP-based vhosts ```puppet apache::vhost { 'first.example.com': ip => '10.0.0.10', docroot => '/var/www/first', ip_based => true, } apache::vhost { 'second.example.com': ip => '10.0.0.11', docroot => '/var/www/second', ip_based => true, } ``` - - - Configure a mix of name-based and IP-based vhosts. First, we will add two IP-based vhosts on 10.0.0.10, one SSL and one non-SSL ```puppet apache::vhost { 'The first IP-based vhost, non-ssl': servername => 'first.example.com', ip => '10.0.0.10', port => '80', ip_based => true, docroot => '/var/www/first', } apache::vhost { 'The first IP-based vhost, ssl': servername => 'first.example.com', ip => '10.0.0.10', port => '443', ip_based => true, docroot => '/var/www/first-ssl', ssl => true, } ``` Then, we will add two name-based vhosts listening on 10.0.0.20 ```puppet apache::vhost { 'second.example.com': ip => '10.0.0.20', port => '80', docroot => '/var/www/second', } apache::vhost { 'third.example.com': ip => '10.0.0.20', port => '80', docroot => '/var/www/third', } ``` If you want to add two name-based vhosts so that they will answer on either 10.0.0.10 or 10.0.0.20, you **MUST** declare `add_listen => 'false'` to disable the otherwise automatic 'Listen 80', as it will conflict with the preceding IP-based vhosts. ```puppet apache::vhost { 'fourth.example.com': port => '80', docroot => '/var/www/fourth', add_listen => false, } apache::vhost { 'fifth.example.com': port => '80', docroot => '/var/www/fifth', add_listen => false, } ``` ##Implementation ###Classes and Defined Types ####Class: `apache::dev` Installs Apache development libraries ```puppet class { 'apache::dev': } ``` On FreeBSD you're required to define `apache::package` or `apache` class before `apache::dev`. ####Defined Type: `apache::listen` Controls which ports Apache binds to for listening based on the title: ```puppet apache::listen { '80': } apache::listen { '443': } ``` Declaring this defined type will add all `Listen` directives to the `ports.conf` file in the Apache httpd configuration directory. `apache::listen` titles should always take the form of: ``, `:`, or `[]:` Apache httpd requires that `Listen` directives must be added for every port. The `apache::vhost` defined type will automatically add `Listen` directives unless the `apache::vhost` is passed `add_listen => false`. ####Defined Type: `apache::namevirtualhost` Enables named-based hosting of a virtual host ```puppet class { 'apache::namevirtualhost`: } ``` Declaring this defined type will add all `NameVirtualHost` directives to the `ports.conf` file in the Apache https configuration directory. `apache::namevirtualhost` titles should always take the form of: `*`, `*:`, `_default_:`, ``, or `:`. ####Defined Type: `apache::balancermember` Define members of a proxy_balancer set (mod_proxy_balancer). Very useful when using exported resources. On every app server you can export a balancermember like this: ```puppet @@apache::balancermember { "${::fqdn}-puppet00": balancer_cluster => 'puppet00', url => "ajp://${::fqdn}:8009" options => ['ping=5', 'disablereuse=on', 'retry=5', 'ttl=120'], } ``` And on the proxy itself you create the balancer cluster using the defined type apache::balancer: ```puppet apache::balancer { 'puppet00': } ``` If you need to use ProxySet in the balncer config you can do as so: ```puppet apache::balancer { 'puppet01': proxy_set => {'stickysession' => 'JSESSIONID'}, } ``` ###Templates The Apache module relies heavily on templates to enable the `vhost` and `apache::mod` defined types. These templates are built based on Facter facts around your operating system. Unless explicitly called out, most templates are not meant for configuration. ##Limitations This has been tested on Ubuntu Precise, Debian Wheezy, CentOS 5.8, and FreeBSD 9.1. ##Development ### Overview Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things. You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) ### Running tests This project contains tests for both [rspec-puppet](http://rspec-puppet.com/) and [rspec-system](https://github.com/puppetlabs/rspec-system) to verify functionality. For in-depth information please see their respective documentation. Quickstart: gem install bundler bundle install bundle exec rake spec bundle exec rake spec:system ##Copyright and License Copyright (C) 2012 [Puppet Labs](https://www.puppetlabs.com/) Inc Puppet Labs can be contacted at: info@puppetlabs.com Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. puppetlabs-apache-0.10.0/README.passenger.md000644 000765 000024 00000010223 12250205751 021072 0ustar00hunnerstaff000000 000000 # Passenger Just enabling the Passenger module is insufficient for the use of Passenger in production. Passenger should be tunable to better fit the environment in which it is run while being aware of the resources it required. To this end the Apache passenger module has been modified to apply system wide Passenger tuning declarations to `passenger.conf`. Declarations specific to a virtual host should be passed through when defining a `vhost` (e.g. `rack_base_uris' parameter on the `apache::vhost` class, check `README.md`). # Parameters for `apache::mod::passenger` The following declarations are supported and can be passed to `apache::mod::passenger` as parameters, for example: ``` class {'apache::mod::passenger': passenger_high_performance => 'on', rails_autodetect => 'off', } ``` The general form is using the all lower case version of the declaration. If you pass a default value to `apache::mod::passenger` it will be ignored and not passed through to the configuration file. ## passenger_high_performance Default is `off`, when turned `on` Passenger runs in a higher performance mode that can be less compatible with other Apache modules. http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerHighPerformance ## passenger_max_pool_size Set's the maximum number of Passenger application processes that may simultaneously run. The default value is 6. http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengermaxpoolsize_lt_integer_gt ## passenger_pool_idle_time The maximum number of seconds a Passenger Application process will be allowed to remain idle before being shut down. The default value is 300. http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerPoolIdleTime ## passenger_max_requests The maximum number of request a Passenger application will process before being restarted. The default value is 0, which indicates that a process will only shut down if the Pool Idle Time (see above) expires. http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerMaxRequests ## passenger_stat_throttle_rate Sets how often Passenger performs file system checks, at most once every _x_ seconds. Default is 0, which means the checks are performed with every request. http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengerstatthrottlerate_lt_integer_gt ## rack_auto_detect Should Passenger automatically detect if the document root of a virtual host is a Rack application. The default is `on` http://www.modrails.com/documentation/Users%20guide%20Apache.html#_rackautodetect_lt_on_off_gt ## rails_auto_detect Should Passenger automatically detect if the document root of a virtual host is a Rails application. The default is on. http://www.modrails.com/documentation/Users%20guide%20Apache.html#_railsautodetect_lt_on_off_gt ## passenger_use_global_queue Allows toggling of PassengerUseGlobalQueue. NOTE: PassengerUseGlobalQueue is the default in Passenger 4.x and the versions >= 4.x have disabled this configuration option altogether. Use with caution. # Attribution The Passenger tuning parameters for the `apache::mod::puppet` Puppet class was modified by Aaron Hicks (hicksa@landcareresearch.co.nz) for work on the NeSI Project and the Tuakiri New Zealand Access Federation as a fork from the PuppetLabs Apache module on GitHub. * https://github.com/puppetlabs/puppetlabs-apache * https://github.com/nesi/puppetlabs-apache * http://www.nesi.org.nz// * https://tuakiri.ac.nz/confluence/display/Tuakiri/Home # Copyright and License Copyright (C) 2012 [Puppet Labs](https://www.puppetlabs.com/) Inc Puppet Labs can be contacted at: info@puppetlabs.com Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. puppetlabs-apache-0.10.0/spec/000755 000765 000024 00000000000 12250205751 016561 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/templates/000755 000765 000024 00000000000 12250205751 017625 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/tests/000755 000765 000024 00000000000 12250205751 016771 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/tests/apache.pp000644 000765 000024 00000000236 12250205751 020554 0ustar00hunnerstaff000000 000000 include apache include apache::mod::php include apache::mod::cgi include apache::mod::userdir include apache::mod::disk_cache include apache::mod::proxy_http puppetlabs-apache-0.10.0/tests/dev.pp000644 000765 000024 00000000024 12250205751 020104 0ustar00hunnerstaff000000 000000 include apache::dev puppetlabs-apache-0.10.0/tests/init.pp000644 000765 000024 00000000017 12250205751 020273 0ustar00hunnerstaff000000 000000 include apache puppetlabs-apache-0.10.0/tests/mod_load_params.pp000644 000765 000024 00000000367 12250205751 022461 0ustar00hunnerstaff000000 000000 # Tests the path and identifier parameters for the apache::mod class # Base class for clarity: class { 'apache': } # Exaple parameter usage: apache::mod { 'testmod': path => '/usr/some/path/mod_testmod.so', id => 'testmod_custom_name', } puppetlabs-apache-0.10.0/tests/mods.pp000644 000765 000024 00000000370 12250205751 020274 0ustar00hunnerstaff000000 000000 ## Default mods # Base class. Declares default vhost on port 80 and default ssl # vhost on port 443 listening on all interfaces and serving # $apache::docroot, and declaring our default set of modules. class { 'apache': default_mods => true, } puppetlabs-apache-0.10.0/tests/mods_custom.pp000644 000765 000024 00000000502 12250205751 021663 0ustar00hunnerstaff000000 000000 ## custom mods # Base class. Declares default vhost on port 80 and default ssl # vhost on port 443 listening on all interfaces and serving # $apache::docroot, and declaring a custom set of modules. class { 'apache': default_mods => [ 'info', 'alias', 'mime', 'env', 'setenv', 'expires', ], } puppetlabs-apache-0.10.0/tests/php.pp000644 000765 000024 00000000110 12250205751 020111 0ustar00hunnerstaff000000 000000 class { 'apache': mpm_module => 'prefork', } include apache::mod::php puppetlabs-apache-0.10.0/tests/vhost.pp000644 000765 000024 00000013210 12250205751 020472 0ustar00hunnerstaff000000 000000 ## Default vhosts, and custom vhosts # NB: Please see the other vhost_*.pp example files for further # examples. # Base class. Declares default vhost on port 80 and default ssl # vhost on port 443 listening on all interfaces and serving # $apache::docroot class { 'apache': } # Most basic vhost apache::vhost { 'first.example.com': port => '80', docroot => '/var/www/first', } # Vhost with different docroot owner/group apache::vhost { 'second.example.com': port => '80', docroot => '/var/www/second', docroot_owner => 'third', docroot_group => 'third', } # Vhost with serveradmin apache::vhost { 'third.example.com': port => '80', docroot => '/var/www/third', serveradmin => 'admin@example.com', } # Vhost with ssl (uses default ssl certs) apache::vhost { 'ssl.example.com': port => '443', docroot => '/var/www/ssl', ssl => true, } # Vhost with ssl and specific ssl certs apache::vhost { 'fourth.example.com': port => '443', docroot => '/var/www/fourth', ssl => true, ssl_cert => '/etc/ssl/fourth.example.com.cert', ssl_key => '/etc/ssl/fourth.example.com.key', } # Vhost with english title and servername parameter apache::vhost { 'The fifth vhost': servername => 'fifth.example.com', port => '80', docroot => '/var/www/fifth', } # Vhost with server aliases apache::vhost { 'sixth.example.com': serveraliases => [ 'sixth.example.org', 'sixth.example.net', ], port => '80', docroot => '/var/www/fifth', } # Vhost with alternate options apache::vhost { 'seventh.example.com': port => '80', docroot => '/var/www/seventh', options => [ 'Indexes', 'MultiViews', ], } # Vhost with AllowOverride for .htaccess apache::vhost { 'eighth.example.com': port => '80', docroot => '/var/www/eighth', override => 'All', } # Vhost with access and error logs disabled apache::vhost { 'ninth.example.com': port => '80', docroot => '/var/www/ninth', access_log => false, error_log => false, } # Vhost with custom access and error logs and logroot apache::vhost { 'tenth.example.com': port => '80', docroot => '/var/www/tenth', access_log_file => 'tenth_vhost.log', error_log_file => 'tenth_vhost_error.log', logroot => '/var/log', } # Vhost with a cgi-bin apache::vhost { 'eleventh.example.com': port => '80', docroot => '/var/www/eleventh', scriptalias => '/usr/lib/cgi-bin', } # Vhost with a proxypass configuration apache::vhost { 'twelfth.example.com': port => '80', docroot => '/var/www/twelfth', proxy_dest => 'http://internal.example.com:8080/twelfth', no_proxy_uris => ['/login','/logout'], } # Vhost to redirect /login and /logout apache::vhost { 'thirteenth.example.com': port => '80', docroot => '/var/www/thirteenth', redirect_source => [ '/login', '/logout', ], redirect_dest => [ 'http://10.0.0.10/login', 'http://10.0.0.10/logout', ], } # Vhost to permamently redirect apache::vhost { 'fourteenth.example.com': port => '80', docroot => '/var/www/fourteenth', redirect_source => '/blog', redirect_dest => 'http://blog.example.com', redirect_status => 'permanent', } # Vhost with a rack configuration apache::vhost { 'fifteenth.example.com': port => '80', docroot => '/var/www/fifteenth', rack_base_uris => ['/rackapp1', '/rackapp2'], } # Vhost to redirect non-ssl to ssl apache::vhost { 'sixteenth.example.com non-ssl': servername => 'sixteenth.example.com', port => '80', docroot => '/var/www/sixteenth', rewrite_cond => '%{HTTPS} off', rewrite_rule => '(.*) https://%{HTTPS_HOST}%{REQUEST_URI}', } apache::vhost { 'sixteenth.example.com ssl': servername => 'sixteenth.example.com', port => '443', docroot => '/var/www/sixteenth', ssl => true, } # Vhost to block repository files apache::vhost { 'seventeenth.example.com': port => '80', docroot => '/var/www/seventeenth', block => 'scm', } # Vhost with special environment variables apache::vhost { 'eighteenth.example.com': port => '80', docroot => '/var/www/eighteenth', setenv => ['SPECIAL_PATH /foo/bin','KILROY was_here'], } apache::vhost { 'nineteenth.example.com': port => '80', docroot => '/var/www/nineteenth', setenvif => 'Host "^([^\.]*)\.website\.com$" CLIENT_NAME=$1', } # Vhost with additional include files apache::vhost { 'twentyieth.example.com': port => '80', docroot => '/var/www/twelfth', additional_includes => ['/tmp/proxy_group_a','/tmp/proxy_group_b'], } # Vhost with alias for subdomain mapped to same named directory # http://example.com.loc => /var/www/example.com apache::vhost { 'subdomain.loc': vhost_name => '*', port => '80', virtual_docroot => '/var/www/%-2+', docroot => '/var/www', serveraliases => ['*.loc',], } # Vhost with SSLProtocol,SSLCipherSuite, SSLHonorCipherOrder apache::vhost { 'securedomain.com': priority => '10', vhost_name => 'www.securedomain.com', port => '443', docroot => '/var/www/secure', ssl => true, ssl_cert => '/etc/ssl/securedomain.cert', ssl_key => '/etc/ssl/securedomain.key', ssl_chain => '/etc/ssl/securedomain.crt', ssl_protocol => '-ALL +SSLv3 +TLSv1', ssl_cipher => 'ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM', ssl_honorcipherorder => 'On', add_listen => 'false', } puppetlabs-apache-0.10.0/tests/vhost_directories.pp000644 000765 000024 00000001543 12250205751 023074 0ustar00hunnerstaff000000 000000 # Base class. Declares default vhost on port 80 and default ssl # vhost on port 443 listening on all interfaces and serving # $apache::docroot class { 'apache': } # Example from README adapted. apache::vhost { 'readme.example.net': docroot => '/var/www/readme', directories => [ { path => '/var/www/readme', 'ServerTokens' => 'prod' }, { path => '/usr/share/empty', 'allow' => 'from all' }, ], } # location test apache::vhost { 'location.example.net': docroot => '/var/www/location', directories => [ { path => '/location', 'provider' => 'location', 'ServerTokens' => 'prod' }, ], } # files test, curedly disable access to accidental backup files. apache::vhost { 'files.example.net': docroot => '/var/www/files', directories => [ { path => '~ (\.swp|\.bak|~)$', 'provider' => 'files', 'deny' => 'from all' }, ], } puppetlabs-apache-0.10.0/tests/vhost_ip_based.pp000644 000765 000024 00000001211 12250205751 022316 0ustar00hunnerstaff000000 000000 ## IP-based vhosts on any listen port # IP-based vhosts respond to requests on specific IP addresses. # Base class. Turn off the default vhosts; we will be declaring # all vhosts below. class { 'apache': default_vhost => false, } # Listen on port 80 and 81; required because the following vhosts # are not declared with a port parameter. apache::listen { '80': } apache::listen { '81': } # IP-based vhosts apache::vhost { 'first.example.com': ip => '10.0.0.10', docroot => '/var/www/first', ip_based => true, } apache::vhost { 'second.example.com': ip => '10.0.0.11', docroot => '/var/www/second', ip_based => true, } puppetlabs-apache-0.10.0/tests/vhost_ssl.pp000644 000765 000024 00000001051 12250205751 021353 0ustar00hunnerstaff000000 000000 ## SSL-enabled vhosts # SSL-enabled vhosts respond only to HTTPS queries. # Base class. Turn off the default vhosts; we will be declaring # all vhosts below. class { 'apache': default_vhost => false, } # Non-ssl vhost apache::vhost { 'first.example.com non-ssl': servername => 'first.example.com', port => '80', docroot => '/var/www/first', } # SSL vhost at the same domain apache::vhost { 'first.example.com ssl': servername => 'first.example.com', port => '443', docroot => '/var/www/first', ssl => true, } puppetlabs-apache-0.10.0/tests/vhosts_without_listen.pp000644 000765 000024 00000002771 12250205751 024030 0ustar00hunnerstaff000000 000000 ## Declare ip-based and name-based vhosts # Mixing Name-based vhost with IP-specific vhosts requires `add_listen => # 'false'` on the non-IP vhosts # Base class. Turn off the default vhosts; we will be declaring # all vhosts below. class { 'apache': default_vhost => false, } # Add two an IP-based vhost on 10.0.0.10, ssl and non-ssl apache::vhost { 'The first IP-based vhost, non-ssl': servername => 'first.example.com', ip => '10.0.0.10', port => '80', ip_based => true, docroot => '/var/www/first', } apache::vhost { 'The first IP-based vhost, ssl': servername => 'first.example.com', ip => '10.0.0.10', port => '443', ip_based => true, docroot => '/var/www/first-ssl', ssl => true, } # Two name-based vhost listening on 10.0.0.20 apache::vhost { 'second.example.com': ip => '10.0.0.20', port => '80', docroot => '/var/www/second', } apache::vhost { 'third.example.com': ip => '10.0.0.20', port => '80', docroot => '/var/www/third', } # Two name-based vhosts without IPs specified, so that they will answer on either 10.0.0.10 or 10.0.0.20 . It is requried to declare # `add_listen => 'false'` to disable declaring "Listen 80" which will conflict # with the IP-based preceeding vhosts. apache::vhost { 'fourth.example.com': port => '80', docroot => '/var/www/fourth', add_listen => false, } apache::vhost { 'fifth.example.com': port => '80', docroot => '/var/www/fifth', add_listen => false, } puppetlabs-apache-0.10.0/templates/confd/000755 000765 000024 00000000000 12250205751 020716 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/templates/httpd.conf.erb000644 000765 000024 00000005502 12250205751 022370 0ustar00hunnerstaff000000 000000 # Security ServerTokens <%= @server_tokens %> ServerSignature <%= @server_signature %> TraceEnable <%= @trace_enable %> ServerName "<%= @servername %>" ServerRoot "<%= @server_root %>" PidFile <%= @pidfile %> Timeout <%= @timeout %> KeepAlive <%= @keepalive %> MaxKeepAliveRequests 100 KeepAliveTimeout <%= @keepalive_timeout %> User <%= @user %> Group <%= @group %> AccessFileName .htaccess Order allow,deny Deny from all Satisfy all Options FollowSymLinks AllowOverride None DefaultType none HostnameLookups Off ErrorLog <%= @logroot %>/<%= @error_log %> LogLevel <%= @log_level %> EnableSendfile <%= @sendfile %> #Listen 80 <% if @apxs_workaround -%> # Workaround: without this hack apxs would be confused about where to put # LoadModule directives and fail entire procedure of apache package # installation/reinstallation. This problem was observed on FreeBSD (apache22). #LoadModule fake_module libexec/apache22/mod_fake.so <% end -%> Include <%= @mod_load_dir %>/*.load <% if @mod_load_dir != @confd_dir and @mod_load_dir != @vhost_load_dir -%> Include <%= @mod_load_dir %>/*.conf <% end -%> Include <%= @ports_file %> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent Include <%= @confd_dir %>/*.conf <% if @vhost_load_dir != @confd_dir -%> Include <%= @vhost_load_dir %>/*.conf <% end -%> <% if @error_documents -%> # /usr/share/apache2/error on debian Alias /error/ "<%= @error_documents_path %>/" "> AllowOverride None Options IncludesNoExec AddOutputFilter Includes html AddHandler type-map var Order allow,deny Allow from all LanguagePriority en cs de es fr it nl sv pt-br ro ForceLanguagePriority Prefer Fallback ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var ErrorDocument 410 /error/HTTP_GONE.html.var ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var <% end -%> puppetlabs-apache-0.10.0/templates/listen.erb000644 000765 000024 00000000170 12250205751 021613 0ustar00hunnerstaff000000 000000 <%# Listen should always be one of: - - : - [ -%> Listen <%= @listen_addr_port %> puppetlabs-apache-0.10.0/templates/mod/000755 000765 000024 00000000000 12250205751 020404 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/templates/namevirtualhost.erb000644 000765 000024 00000000224 12250205751 023542 0ustar00hunnerstaff000000 000000 <%# NameVirtualHost should always be one of: - * - *: - _default_: - - : -%> NameVirtualHost <%= @addr_port %> puppetlabs-apache-0.10.0/templates/ports_header.erb000644 000765 000024 00000000244 12250205751 022776 0ustar00hunnerstaff000000 000000 # ************************************ # Listen & NameVirtualHost resources in module puppetlabs-apache # Managed by Puppet # ************************************ puppetlabs-apache-0.10.0/templates/vhost/000755 000765 000024 00000000000 12250205751 020770 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/templates/vhost.conf.erb000644 000765 000024 00000004146 12250205751 022413 0ustar00hunnerstaff000000 000000 # ************************************ # Vhost template in module puppetlabs-apache # Managed by Puppet # ************************************ > ServerName <%= @servername %> <% if @serveradmin -%> ServerAdmin <%= @serveradmin %> <% end -%> ## Vhost docroot <% if @virtual_docroot -%> VirtualDocumentRoot <%= @virtual_docroot %> <% else -%> DocumentRoot <%= @docroot %> <% end -%> <%= scope.function_template(['apache/vhost/_aliases.erb']) -%> <%= scope.function_template(['apache/vhost/_itk.erb']) -%> <% if @fallbackresource -%> FallbackResource <%= @fallbackresource %> <% end -%> ## Directories, there should at least be a declaration for <%= @docroot %> <%= scope.function_template(['apache/vhost/_directories.erb']) -%> ## Load additional static includes <% Array(@additional_includes).each do |include| %> Include <%= include %> <% end %> ## Logging <% if @error_log -%> ErrorLog <%= @error_log_destination %> <% end -%> <% if @log_level -%> LogLevel <%= @log_level %> <% end -%> ServerSignature Off <% if @access_log -%> CustomLog <%= @access_log_destination %> <%= @_access_log_format %> <% end -%> <%= scope.function_template(['apache/vhost/_block.erb']) -%> <%= scope.function_template(['apache/vhost/_error_document.erb']) -%> <%= scope.function_template(['apache/vhost/_proxy.erb']) -%> <%= scope.function_template(['apache/vhost/_rack.erb']) -%> <%= scope.function_template(['apache/vhost/_redirect.erb']) -%> <%= scope.function_template(['apache/vhost/_rewrite.erb']) -%> <%= scope.function_template(['apache/vhost/_scriptalias.erb']) -%> <%= scope.function_template(['apache/vhost/_serveralias.erb']) -%> <%= scope.function_template(['apache/vhost/_setenv.erb']) -%> <%= scope.function_template(['apache/vhost/_ssl.erb']) -%> <%= scope.function_template(['apache/vhost/_suphp.erb']) -%> <%= scope.function_template(['apache/vhost/_requestheader.erb']) -%> <%= scope.function_template(['apache/vhost/_wsgi.erb']) -%> <%= scope.function_template(['apache/vhost/_custom_fragment.erb']) -%> <%= scope.function_template(['apache/vhost/_fastcgi.erb']) -%> puppetlabs-apache-0.10.0/templates/vhost/_aliases.erb000644 000765 000024 00000001116 12250205751 023241 0ustar00hunnerstaff000000 000000 <% if @aliases and ! @aliases.empty? -%> ## Alias declarations for resources outside the DocumentRoot <%- [@aliases].flatten.compact.each do |alias_statement| -%> <%- if alias_statement["path"] != '' -%> <%- if alias_statement["alias"] and alias_statement["alias"] != '' -%> Alias <%= alias_statement["alias"] %> <%= alias_statement["path"] %> <%- elsif alias_statement["aliasmatch"] and alias_statement["aliasmatch"] != '' -%> AliasMatch <%= alias_statement["aliasmatch"] %> <%= alias_statement["path"] %> <%- end -%> <%- end -%> <%- end -%> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_block.erb000644 000765 000024 00000000354 12250205751 022715 0ustar00hunnerstaff000000 000000 <% if @block and ! @block.empty? -%> ## Block access statements <% if @block.include? 'scm' -%> # Block access to SCM directories. Deny From All <% end -%> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_custom_fragment.erb000644 000765 000024 00000000124 12250205751 025013 0ustar00hunnerstaff000000 000000 <% if @custom_fragment -%> ## Custom fragment <%= @custom_fragment %> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_directories.erb000644 000765 000024 00000012463 12250205751 024143 0ustar00hunnerstaff000000 000000 <% if @_directories and ! @_directories.empty? -%> <%- [@_directories].flatten.compact.each do |directory| -%> <%- if directory['path'] and directory['path'] != '' -%> <%- if directory['provider'] and [ 'directory', 'location', 'files' ].include?(directory['provider']) -%> <%- provider = directory['provider'].capitalize -%> <%- else -%> <%- provider = 'Directory' -%> <%- end -%> <<%= provider + ' ' + directory['path'] %>> <%- if directory['headers'] -%> <%- Array(directory['headers']).each do |header| -%> Header <%= header %> <%- end -%> <%- end -%> <%- if directory['options'] -%> Options <%= Array(directory['options']).join(' ') %> <%- end -%> <%- if provider == 'Directory' -%> <%- if directory['index_options'] -%> IndexOptions <%= Array(directory['index_options']).join(' ') %> <%- end -%> <%- if directory['index_order_default'] -%> IndexOrderDefault <%= Array(directory['index_order_default']).join(' ') %> <%- end -%> <%- if directory['allow_override'] -%> AllowOverride <%= Array(directory['allow_override']).join(' ') %> <%- elsif provider == 'Directory' -%> AllowOverride None <%- end -%> <%- end -%> <%- if directory['order'] and directory['order'] != '' -%> Order <%= Array(directory['order']).join(',') %> <%- else -%> Order allow,deny <%- end -%> <%- if directory['deny'] and directory['deny'] != '' -%> Deny <%= directory['deny'] %> <%- end -%> <%- if directory['allow'] and ! [ false, 'false', '' ].include?(directory['allow']) -%> Allow <%= directory['allow'] %> <%- elsif [ 'from all', 'from All' ].include?(directory['deny']) -%> <%- elsif ! directory['deny'] and [ false, 'false', '' ].include?(directory['allow']) -%> Deny from all <%- else -%> Allow from all <%- end -%> <%- if directory['addhandlers'] and ! directory['addhandlers'].empty? -%> <%- [directory['addhandlers']].flatten.compact.each do |addhandler| -%> AddHandler <%= addhandler['handler'] %> <%= Array(addhandler['extensions']).join(' ') %> <%- end -%> <%- end -%> <%- if directory['passenger_enabled'] and directory['passenger_enabled'] != '' -%> PassengerEnabled <%= directory['passenger_enabled'] %> <%- end -%> <%- if directory['directoryindex'] and directory['directoryindex'] != '' -%> DirectoryIndex <%= directory['directoryindex'] %> <%- end -%> <%- if directory['error_documents'] and ! directory['error_documents'].empty? -%> <%- [directory['error_documents']].flatten.compact.each do |error_document| -%> ErrorDocument <%= error_document['error_code'] %> <%= error_document['document'] %> <%- end -%> <%- end -%> <%- if directory['auth_type'] -%> AuthType <%= directory['auth_type'] %> <%- end -%> <%- if directory['auth_name'] -%> AuthName "<%= directory['auth_name'] %>" <%- end -%> <%- if directory['auth_digest_algorithm'] -%> AuthDigestAlgorithm <%= directory['auth_digest_algorithm'] %> <%- end -%> <%- if directory['auth_digest_domain'] -%> AuthDigestDomain <%= Array(directory['auth_digest_domain']).join(' ') %> <%- end -%> <%- if directory['auth_digest_nonce_lifetime'] -%> AuthDigestNonceLifetime <%= directory['auth_digest_nonce_lifetime'] %> <%- end -%> <%- if directory['auth_digest_provider'] -%> AuthDigestProvider <%= directory['auth_digest_provider'] %> <%- end -%> <%- if directory['auth_digest_qop'] -%> AuthDigestQop <%= directory['auth_digest_qop'] %> <%- end -%> <%- if directory['auth_digest_shmem_size'] -%> AuthDigestShmemSize <%= directory['auth_digest_shmem_size'] %> <%- end -%> <%- if directory['auth_basic_authoritative'] -%> AuthBasicAuthoritative <%= directory['auth_basic_authoritative'] %> <%- end -%> <%- if directory['auth_basic_fake'] -%> AuthBasicFake <%= directory['auth_basic_fake'] %> <%- end -%> <%- if directory['auth_basic_provider'] -%> AuthBasicProvider <%= directory['auth_basic_provider'] %> <%- end -%> <%- if directory['auth_user_file'] -%> AuthUserFile <%= directory['auth_user_file'] %> <%- end -%> <%- if directory['auth_require'] -%> Require <%= directory['auth_require'] %> <%- end -%> <%- if directory['fallbackresource'] -%> FallbackResource <%= directory['fallbackresource'] %> <%- end -%> <%- if directory['expires_active'] -%> ExpiresActive <%= directory['expires_active'] %> <%- end -%> <%- if directory['expires_default'] -%> ExpiresDefault <%= directory['expires_default'] %> <%- end -%> <%- if directory['expires_by_type'] -%> <%- Array(directory['expires_by_type']).each do |rule| -%> ExpiresByType <%= rule %> <%- end -%> <%- end -%> <%- if directory['force_type'] -%> ForceType <%= directory['force_type'] %> <%- end -%> <%- if directory['ssl_options'] -%> SSLOptions <%= Array(directory['ssl_options']).join(' ') %> <%- end -%> <%- if directory['suphp'] and @suphp_engine == 'on' -%> suPHP_UserGroup <%= directory['suphp']['user'] %> <%= directory['suphp']['group'] %> <%- end -%> <%- if directory['custom_fragment'] -%> <%= directory['custom_fragment'] %> <%- end -%> > <%- end -%> <%- end -%> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_error_document.erb000644 000765 000024 00000000525 12250205751 024652 0ustar00hunnerstaff000000 000000 <% if @error_documents and ! @error_documents.empty? -%> <%- [@error_documents].flatten.compact.each do |error_document| -%> <%- if error_document["error_code"] != '' and error_document["document"] != '' -%> ErrorDocument <%= error_document["error_code"] %> <%= error_document["document"] %> <%- end -%> <%- end -%> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_fastcgi.erb000644 000765 000024 00000000610 12250205751 023236 0ustar00hunnerstaff000000 000000 <% if @fastcgi_server -%> FastCgiExternalServer <%= @fastcgi_server %> -socket <%= @fastcgi_socket %> <% end -%> <% if @fastcgi_dir -%> > Options +ExecCGI AllowOverride All SetHandler fastcgi-script Order allow,deny Allow from all AuthBasicAuthoritative Off AllowEncodedSlashes On ServerSignature Off <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_itk.erb000644 000765 000024 00000001630 12250205751 022410 0ustar00hunnerstaff000000 000000 <% if @itk and ! @itk.empty? -%> ## ITK statement <%- if @itk["user"] and @itk["group"] -%> AssignUserId <%= @itk["user"] %> <%= @itk["group"] %> <%- end -%> <%- if @itk["assignuieridexpr"] -%> AssignUserIdExpr <%= @itk["assignuieridexpr"] %> <%- end -%> <%- if @itk["assignuiergroupexpr"] -%> AssignGroupIdExpr <%= @itk["assignuiergroupexpr"] %> <%- end -%> <%- if @itk["maxclientvhost"] -%> MaxClientsVHost <%= @itk["maxclientvhost"] %> <%- end -%> <%- if @itk["nice"] -%> NiceValue <%= @itk["nice"] %> <%- end -%> <%- if @kernelversion >= '3.5.0' -%> <%- if @itk["limituidrange"] -%> LimitUIDRange <%= @itk["limituidrange"] %> <%- end -%> <%- if @itk["limitgidrange"] -%> LimitGIDRange <%= @itk["limitgidrange"] %> <%- end -%> <%- end -%> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_proxy.erb000644 000765 000024 00000000755 12250205751 023011 0ustar00hunnerstaff000000 000000 <% if @proxy_dest or @proxy_pass -%> ## Proxy rules ProxyRequests Off <%- end -%> <% [@proxy_pass].flatten.compact.each do |proxy| %> ProxyPass <%= proxy['path'] %> <%= proxy['url'] %> > ProxyPassReverse / <% end %> <% if @proxy_dest -%> <% Array(@no_proxy_uris).each do |uri| %> ProxyPass <%= uri %> ! <% end %> ProxyPass / <%= @proxy_dest %>/ ProxyPassReverse / <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_rack.erb000644 000765 000024 00000000207 12250205751 022540 0ustar00hunnerstaff000000 000000 <% if @rack_base_uris -%> ## Enable rack <% Array(@rack_base_uris).each do |uri| -%> RackBaseURI <%= uri %> <% end -%> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_redirect.erb000644 000765 000024 00000000754 12250205751 023430 0ustar00hunnerstaff000000 000000 <% if @redirect_source and @redirect_dest -%> <% @redirect_dest_a = Array(@redirect_dest) -%> <% @redirect_source_a = Array(@redirect_source) -%> <% @redirect_status_a = Array(@redirect_status) -%> ## Redirect rules <% @redirect_source_a.each_with_index do |source, i| -%> <% @redirect_dest_a[i] ||= @redirect_dest_a[0] -%> <% @redirect_status_a[i] ||= @redirect_status_a[0] -%> Redirect <%= "#{@redirect_status_a[i]} " %><%= source %> <%= @redirect_dest_a[i] %> <% end -%> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_requestheader.erb000644 000765 000024 00000000533 12250205751 024463 0ustar00hunnerstaff000000 000000 <% if @request_headers and ! @request_headers.empty? -%> ## Request header rules ## as per http://httpd.apache.org/docs/2.2/mod/mod_headers.html#requestheader <%- Array(@request_headers).each do |request_statement| -%> <%- if request_statement != '' -%> RequestHeader <%= request_statement %> <%- end -%> <%- end -%> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_rewrite.erb000644 000765 000024 00000000446 12250205751 023306 0ustar00hunnerstaff000000 000000 <% if @rewrite_rule -%> ## Rewrite rules RewriteEngine On <% if @rewrite_base -%> RewriteBase <%= @rewrite_base %> <% end -%> <% if @rewrite_cond -%> <% Array(@rewrite_cond).each do |cond| -%> RewriteCond <%= cond %> <% end -%> <% end -%> RewriteRule <%= @rewrite_rule %> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_scriptalias.erb000644 000765 000024 00000001667 12250205751 024151 0ustar00hunnerstaff000000 000000 <%- if @scriptaliases.is_a?(Array) -%> <%- aliases = @scriptaliases -%> <%- elsif @scriptaliases.is_a?(Hash) -%> <%- aliases = [@scriptaliases] -%> <%- else -%> <%- # Nothing to do with any other data type -%> <%- aliases = [] -%> <%- end -%> <%- if @scriptalias or !aliases.empty? -%> ## Script alias directives <%# Combine scriptalais and scriptaliases into a single data structure -%> <%# for backward compatibility and ease of implementation -%> <%- aliases << { 'alias' => '/cgi-bin/', 'path' => @scriptalias } if @scriptalias -%> <%- aliases.flatten.compact! -%> <%- aliases.each do |salias| -%> <%- if salias["path"] != '' -%> <%- if salias["alias"] and salias["alias"] != '' -%> ScriptAlias <%= salias['alias'] %> <%= salias['path'] %> <%- elsif salias["aliasmatch"] and salias["aliasmatch"] != '' -%> ScriptAliasMatch <%= salias['aliasmatch'] %> <%= salias['path'] %> <%- end -%> <%- end -%> <%- end -%> <%- end -%> puppetlabs-apache-0.10.0/templates/vhost/_serveralias.erb000644 000765 000024 00000000264 12250205751 024143 0ustar00hunnerstaff000000 000000 <% if @serveraliases and ! @serveraliases.empty? -%> ## Server aliases <% Array(@serveraliases).each do |serveralias| -%> ServerAlias <%= serveralias %> <% end -%> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_setenv.erb000644 000765 000024 00000000462 12250205751 023127 0ustar00hunnerstaff000000 000000 <% if @setenv and ! @setenv.empty? -%> ## SetEnv/SetEnvIf for environment variables <% Array(@setenv).each do |envvar| -%> SetEnv <%= envvar %> <% end -%> <% end -%> <% if @setenvif and ! @setenvif.empty? -%> <% Array(@setenvif).each do |envifvar| -%> SetEnvIf <%= envifvar %> <% end -%> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_ssl.erb000644 000765 000024 00000002065 12250205751 022425 0ustar00hunnerstaff000000 000000 <% if @ssl -%> ## SSL directives SSLEngine on SSLCertificateFile <%= @ssl_cert %> SSLCertificateKeyFile <%= @ssl_key %> <% if @ssl_chain -%> SSLCertificateChainFile <%= @ssl_chain %> <% end -%> SSLCACertificatePath <%= @ssl_certs_dir %> <% if @ssl_ca -%> SSLCACertificateFile <%= @ssl_ca %> <% end -%> <% if @ssl_crl_path -%> SSLCARevocationPath <%= @ssl_crl_path %> <% end -%> <% if @ssl_crl -%> SSLCARevocationFile <%= @ssl_crl %> <% end -%> <% if @ssl_proxyengine -%> SSLProxyEngine On <% end -%> <% if @ssl_protocol -%> SSLProtocol <%= @ssl_protocol %> <% end -%> <% if @ssl_cipher -%> SSLCipherSuite <%= @ssl_cipher %> <% end -%> <% if @ssl_honorcipherorder -%> SSLHonorCipherOrder <%= @ssl_honorcipherorder %> <% end -%> <% if @ssl_verify_client -%> SSLVerifyClient <%= @ssl_verify_client %> <% end -%> <% if @ssl_verify_depth -%> SSLVerifyDepth <%= @ssl_verify_depth %> <% end -%> <% if @ssl_options -%> SSLOptions <%= Array(@ssl_options).join(' ') %> <% end -%> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_suphp.erb000644 000765 000024 00000000430 12250205751 022755 0ustar00hunnerstaff000000 000000 <% if @suphp_engine == 'on' -%> <% if @suphp_addhandler -%> suPHP_AddHandler <%= @suphp_addhandler %> <% end -%> <% if @suphp_engine -%> suPHP_Engine <%= @suphp_engine %> <% end -%> <% if @suphp_configpath -%> suPHP_ConfigPath <%= @suphp_configpath %> <% end -%> <% end -%> puppetlabs-apache-0.10.0/templates/vhost/_wsgi.erb000644 000765 000024 00000001164 12250205751 022574 0ustar00hunnerstaff000000 000000 <% if @wsgi_daemon_process and @wsgi_daemon_process_options -%> WSGIDaemonProcess <%= @wsgi_daemon_process %> <%= @wsgi_daemon_process_options.collect { |k,v| "#{k}=#{v}"}.sort.join(' ') %> <% elsif @wsgi_daemon_process and !@wsgi_daemon_process_options -%> WSGIDaemonProcess <%= @wsgi_daemon_process %> <% end -%> <% if @wsgi_process_group -%> WSGIProcessGroup <%= @wsgi_process_group %> <% end -%> <% if @wsgi_script_aliases and ! @wsgi_script_aliases.empty? -%> <%- @wsgi_script_aliases.each do |a, p| -%> <%- if a != '' and p != ''-%> WSGIScriptAlias <%= a %> <%= p %> <%- end -%> <%- end -%> <% end -%> puppetlabs-apache-0.10.0/templates/mod/alias.conf.erb000644 000765 000024 00000000324 12250205751 023112 0ustar00hunnerstaff000000 000000 Alias /icons/ "<%= @icons_path %>/" "> Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all puppetlabs-apache-0.10.0/templates/mod/authnz_ldap.conf.erb000644 000765 000024 00000000154 12250205751 024333 0ustar00hunnerstaff000000 000000 <% if @verifyServerCert == true -%> LDAPVerifyServerCert On <% else -%> LDAPVerifyServerCert Off <% end -%> puppetlabs-apache-0.10.0/templates/mod/autoindex.conf.erb000644 000765 000024 00000003571 12250205751 024030 0ustar00hunnerstaff000000 000000 IndexOptions FancyIndexing VersionSort HTMLTable NameWidth=* DescriptionWidth=* Charset=UTF-8 AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip x-bzip2 AddIconByType (TXT,/icons/text.gif) text/* AddIconByType (IMG,/icons/image2.gif) image/* AddIconByType (SND,/icons/sound2.gif) audio/* AddIconByType (VID,/icons/movie.gif) video/* AddIcon /icons/binary.gif .bin .exe AddIcon /icons/binhex.gif .hqx AddIcon /icons/tar.gif .tar AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip AddIcon /icons/a.gif .ps .ai .eps AddIcon /icons/layout.gif .html .shtml .htm .pdf AddIcon /icons/text.gif .txt AddIcon /icons/c.gif .c AddIcon /icons/p.gif .pl .py AddIcon /icons/f.gif .for AddIcon /icons/dvi.gif .dvi AddIcon /icons/uuencoded.gif .uu AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl AddIcon /icons/tex.gif .tex AddIcon /icons/bomb.gif /core AddIcon (SND,/icons/sound2.gif) .ogg AddIcon (VID,/icons/movie.gif) .ogm AddIcon /icons/back.gif .. AddIcon /icons/hand.right.gif README AddIcon /icons/folder.gif ^^DIRECTORY^^ AddIcon /icons/blank.gif ^^BLANKICON^^ AddIcon /icons/odf6odt-20x22.png .odt AddIcon /icons/odf6ods-20x22.png .ods AddIcon /icons/odf6odp-20x22.png .odp AddIcon /icons/odf6odg-20x22.png .odg AddIcon /icons/odf6odc-20x22.png .odc AddIcon /icons/odf6odf-20x22.png .odf AddIcon /icons/odf6odb-20x22.png .odb AddIcon /icons/odf6odi-20x22.png .odi AddIcon /icons/odf6odm-20x22.png .odm AddIcon /icons/odf6ott-20x22.png .ott AddIcon /icons/odf6ots-20x22.png .ots AddIcon /icons/odf6otp-20x22.png .otp AddIcon /icons/odf6otg-20x22.png .otg AddIcon /icons/odf6otc-20x22.png .otc AddIcon /icons/odf6otf-20x22.png .otf AddIcon /icons/odf6oti-20x22.png .oti AddIcon /icons/odf6oth-20x22.png .oth DefaultIcon /icons/unknown.gif ReadmeName README.html HeaderName HEADER.html IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t puppetlabs-apache-0.10.0/templates/mod/cgid.conf.erb000644 000765 000024 00000000040 12250205751 022722 0ustar00hunnerstaff000000 000000 ScriptSock <%= @cgisock_path %> puppetlabs-apache-0.10.0/templates/mod/dav_fs.conf.erb000644 000765 000024 00000000033 12250205751 023260 0ustar00hunnerstaff000000 000000 DAVLockDB <%= @dav_lock %> puppetlabs-apache-0.10.0/templates/mod/deflate.conf.erb000644 000765 000024 00000000372 12250205751 023430 0ustar00hunnerstaff000000 000000 AddOutputFilterByType DEFLATE text/html text/plain text/xml AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE application/x-javascript application/javascript application/ecmascript AddOutputFilterByType DEFLATE application/rss+xml puppetlabs-apache-0.10.0/templates/mod/dir.conf.erb000644 000765 000024 00000000051 12250205751 022574 0ustar00hunnerstaff000000 000000 DirectoryIndex <%= @indexes.join(' ') %> puppetlabs-apache-0.10.0/templates/mod/disk_cache.conf.erb000644 000765 000024 00000000267 12250205751 024104 0ustar00hunnerstaff000000 000000 CacheEnable disk / CacheRoot "<%= @cache_root %>" CacheDirLevels 2 CacheDirLength 1 puppetlabs-apache-0.10.0/templates/mod/event.conf.erb000644 000765 000024 00000000542 12250205751 023144 0ustar00hunnerstaff000000 000000 ServerLimit <%= @serverlimit %> StartServers <%= @startservers %> MaxClients <%= @maxclients %> MinSpareThreads <%= @minsparethreads %> MaxSpareThreads <%= @maxsparethreads %> ThreadsPerChild <%= @threadsperchild %> MaxRequestsPerChild <%= @maxrequestsperchild %> puppetlabs-apache-0.10.0/templates/mod/fastcgi.conf.erb000644 000765 000024 00000000335 12250205751 023443 0ustar00hunnerstaff000000 000000 # The Fastcgi Apache module configuration file is being # managed by Puppet and changes will be overwritten. AddHandler fastcgi-script .fcgi FastCgiIpcDir <%= @fastcgi_lib_path %> puppetlabs-apache-0.10.0/templates/mod/info.conf.erb000644 000765 000024 00000000231 12250205751 022751 0ustar00hunnerstaff000000 000000 SetHandler server-info Order deny,allow Deny from all Allow from <%= Array(@allow_from).join(" ") %> puppetlabs-apache-0.10.0/templates/mod/itk.conf.erb000644 000765 000024 00000000462 12250205751 022613 0ustar00hunnerstaff000000 000000 StartServers <%= @startservers %> MinSpareServers <%= @minspareservers %> MaxSpareServers <%= @maxspareservers %> ServerLimit <%= @serverlimit %> MaxClients <%= @maxclients %> MaxRequestsPerChild <%= @maxrequestsperchild %> puppetlabs-apache-0.10.0/templates/mod/ldap.conf.erb000644 000765 000024 00000000223 12250205751 022737 0ustar00hunnerstaff000000 000000 SetHandler ldap-status Order deny,allow Deny from all Allow from 127.0.0.1 ::1 Satisfy all puppetlabs-apache-0.10.0/templates/mod/mime.conf.erb000644 000765 000024 00000001347 12250205751 022756 0ustar00hunnerstaff000000 000000 TypesConfig <%= @mime_types_config %> AddType application/x-compress .Z AddType application/x-gzip .gz .tgz AddType application/x-bzip2 .bz2 AddLanguage ca .ca AddLanguage cs .cz .cs AddLanguage da .dk AddLanguage de .de AddLanguage el .el AddLanguage en .en AddLanguage eo .eo AddLanguage es .es AddLanguage et .et AddLanguage fr .fr AddLanguage he .he AddLanguage hr .hr AddLanguage it .it AddLanguage ja .ja AddLanguage ko .ko AddLanguage ltz .ltz AddLanguage nl .nl AddLanguage nn .nn AddLanguage no .no AddLanguage pl .po AddLanguage pt .pt AddLanguage pt-BR .pt-br AddLanguage ru .ru AddLanguage sv .sv AddLanguage zh-CN .zh-cn AddLanguage zh-TW .zh-tw AddHandler type-map var AddType text/html .shtml AddOutputFilter INCLUDES .shtml puppetlabs-apache-0.10.0/templates/mod/mime_magic.conf.erb000644 000765 000024 00000000041 12250205751 024104 0ustar00hunnerstaff000000 000000 MIMEMagicFile <%= @magic_file %> puppetlabs-apache-0.10.0/templates/mod/mpm_event.conf.erb000644 000765 000024 00000000336 12250205751 024016 0ustar00hunnerstaff000000 000000 StartServers 2 MinSpareThreads 25 MaxSpareThreads 75 ThreadLimit 64 ThreadsPerChild 25 MaxClients 150 MaxRequestsPerChild 0 puppetlabs-apache-0.10.0/templates/mod/negotiation.conf.erb000644 000765 000024 00000000217 12250205751 024342 0ustar00hunnerstaff000000 000000 LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW ForceLanguagePriority Prefer Fallback puppetlabs-apache-0.10.0/templates/mod/nss.conf.erb000644 000765 000024 00000022501 12250205751 022625 0ustar00hunnerstaff000000 000000 # # This is the Apache server configuration file providing SSL support using. # the mod_nss plugin. It contains the configuration directives to instruct # the server how to serve pages over an https connection. # # Do NOT simply read the instructions in here without understanding # what they do. They're here only as hints or reminders. If you are unsure # consult the online docs. You have been warned. # #LoadModule nss_module modules/libmodnss.so # # When we also provide SSL we have to listen to the # standard HTTP port (see above) and to the HTTPS port # # Note: Configurations that use IPv6 but not IPv4-mapped addresses need two # Listen directives: "Listen [::]:8443" and "Listen 0.0.0.0:443" # Listen 8443 ## ## SSL Global Context ## ## All SSL configuration in this context applies both to ## the main server and all SSL-enabled virtual hosts. ## # # Some MIME-types for downloading Certificates and CRLs # AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl # Pass Phrase Dialog: # Configure the pass phrase gathering process. # The filtering dialog program (`builtin' is a internal # terminal dialog) has to provide the pass phrase on stdout. <% if @passwd_file -%> NSSPassPhraseDialog file:<%= @passwd_file %> <% else -%> NSSPassPhraseDialog builtin <% end -%> # Pass Phrase Helper: # This helper program stores the token password pins between # restarts of Apache. NSSPassPhraseHelper /usr/sbin/nss_pcache # Configure the SSL Session Cache. # NSSSessionCacheSize is the number of entries in the cache. # NSSSessionCacheTimeout is the SSL2 session timeout (in seconds). # NSSSession3CacheTimeout is the SSL3/TLS session timeout (in seconds). NSSSessionCacheSize 10000 NSSSessionCacheTimeout 100 NSSSession3CacheTimeout 86400 # # Pseudo Random Number Generator (PRNG): # Configure one or more sources to seed the PRNG of the SSL library. # The seed data should be of good random quality. # WARNING! On some platforms /dev/random blocks if not enough entropy # is available. Those platforms usually also provide a non-blocking # device, /dev/urandom, which may be used instead. # # This does not support seeding the RNG with each connection. NSSRandomSeed startup builtin #NSSRandomSeed startup file:/dev/random 512 #NSSRandomSeed startup file:/dev/urandom 512 # # TLS Negotiation configuration under RFC 5746 # # Only renegotiate if the peer's hello bears the TLS renegotiation_info # extension. Default off. NSSRenegotiation off # Peer must send Signaling Cipher Suite Value (SCSV) or # Renegotiation Info (RI) extension in ALL handshakes. Default: off NSSRequireSafeNegotiation off ## ## SSL Virtual Host Context ## # General setup for the virtual host #DocumentRoot "/etc/httpd/htdocs" #ServerName www.example.com:8443 #ServerAdmin you@example.com # mod_nss can log to separate log files, you can choose to do that if you'd like # LogLevel is not inherited from httpd.conf. ErrorLog <%= @error_log %> TransferLog <%= @transfer_log %> LogLevel warn # SSL Engine Switch: # Enable/Disable SSL for this virtual host. NSSEngine on # SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate. # See the mod_nss documentation for a complete list. # SSL 3 ciphers. SSL 2 is disabled by default. NSSCipherSuite +rsa_rc4_128_md5,+rsa_rc4_128_sha,+rsa_3des_sha,-rsa_des_sha,-rsa_rc4_40_md5,-rsa_rc2_40_md5,-rsa_null_md5,-rsa_null_sha,+fips_3des_sha,-fips_des_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-rsa_des_56_sha,-rsa_rc4_56_sha,+rsa_aes_128_sha,+rsa_aes_256_sha # SSL 3 ciphers + ECC ciphers. SSL 2 is disabled by default. # # Comment out the NSSCipherSuite line above and use the one below if you have # ECC enabled NSS and mod_nss and want to use Elliptical Curve Cryptography #NSSCipherSuite +rsa_rc4_128_md5,+rsa_rc4_128_sha,+rsa_3des_sha,-rsa_des_sha,-rsa_rc4_40_md5,-rsa_rc2_40_md5,-rsa_null_md5,-rsa_null_sha,+fips_3des_sha,-fips_des_sha,-fortezza,-fortezza_rc4_128_sha,-fortezza_null,-rsa_des_56_sha,-rsa_rc4_56_sha,+rsa_aes_128_sha,+rsa_aes_256_sha,-ecdh_ecdsa_null_sha,+ecdh_ecdsa_rc4_128_sha,+ecdh_ecdsa_3des_sha,+ecdh_ecdsa_aes_128_sha,+ecdh_ecdsa_aes_256_sha,-ecdhe_ecdsa_null_sha,+ecdhe_ecdsa_rc4_128_sha,+ecdhe_ecdsa_3des_sha,+ecdhe_ecdsa_aes_128_sha,+ecdhe_ecdsa_aes_256_sha,-ecdh_rsa_null_sha,+ecdh_rsa_128_sha,+ecdh_rsa_3des_sha,+ecdh_rsa_aes_128_sha,+ecdh_rsa_aes_256_sha,-echde_rsa_null,+ecdhe_rsa_rc4_128_sha,+ecdhe_rsa_3des_sha,+ecdhe_rsa_aes_128_sha,+ecdhe_rsa_aes_256_sha # SSL Protocol: # Cryptographic protocols that provide communication security. # NSS handles the specified protocols as "ranges", and automatically # negotiates the use of the strongest protocol for a connection starting # with the maximum specified protocol and downgrading as necessary to the # minimum specified protocol that can be used between two processes. # Since all protocol ranges are completely inclusive, and no protocol in the # middle of a range may be excluded, the entry "NSSProtocol SSLv3,TLSv1.1" # is identical to the entry "NSSProtocol SSLv3,TLSv1.0,TLSv1.1". NSSProtocol SSLv3,TLSv1.0,TLSv1.1 # SSL Certificate Nickname: # The nickname of the RSA server certificate you are going to use. NSSNickname Server-Cert # SSL Certificate Nickname: # The nickname of the ECC server certificate you are going to use, if you # have an ECC-enabled version of NSS and mod_nss #NSSECCNickname Server-Cert-ecc # Server Certificate Database: # The NSS security database directory that holds the certificates and # keys. The database consists of 3 files: cert8.db, key3.db and secmod.db. # Provide the directory that these files exist. NSSCertificateDatabase <%= @httpd_dir -%>/alias # Database Prefix: # In order to be able to store multiple NSS databases in one directory # they need unique names. This option sets the database prefix used for # cert8.db and key3.db. #NSSDBPrefix my-prefix- # Client Authentication (Type): # Client certificate verification type. Types are none, optional and # require. #NSSVerifyClient none # # Online Certificate Status Protocol (OCSP). # Verify that certificates have not been revoked before accepting them. #NSSOCSP off # # Use a default OCSP responder. If enabled this will be used regardless # of whether one is included in a client certificate. Note that the # server certificate is verified during startup. # # NSSOCSPDefaultURL defines the service URL of the OCSP responder # NSSOCSPDefaultName is the nickname of the certificate to trust to # sign the OCSP responses. #NSSOCSPDefaultResponder on #NSSOCSPDefaultURL http://example.com/ocsp/status #NSSOCSPDefaultName ocsp-nickname # Access Control: # With SSLRequire you can do per-directory access control based # on arbitrary complex boolean expressions containing server # variable checks and other lookup directives. The syntax is a # mixture between C and Perl. See the mod_nss documentation # for more details. # #NSSRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ # # SSL Engine Options: # Set various options for the SSL engine. # o FakeBasicAuth: # Translate the client X.509 into a Basic Authorisation. This means that # the standard Auth/DBMAuth methods can be used for access control. The # user name is the `one line' version of the client's X.509 certificate. # Note that no password is obtained from the user. Every entry in the user # file needs this password: `xxj31ZMTZzkVA'. # o ExportCertData: # This exports two additional environment variables: SSL_CLIENT_CERT and # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the # server (always existing) and the client (only existing when client # authentication is used). This can be used to import the certificates # into CGI scripts. # o StdEnvVars: # This exports the standard SSL/TLS related `SSL_*' environment variables. # Per default this exportation is switched off for performance reasons, # because the extraction step is an expensive operation and is usually # useless for serving static content. So one usually enables the # exportation for CGI and SSI requests only. # o StrictRequire: # This denies access when "NSSRequireSSL" or "NSSRequire" applied even # under a "Satisfy any" situation, i.e. when it applies access is denied # and no other module can change it. # o OptRenegotiate: # This enables optimized SSL connection renegotiation handling when SSL # directives are used in per-directory context. #NSSOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire NSSOptions +StdEnvVars NSSOptions +StdEnvVars # Per-Server Logging: # The home of a custom SSL log file. Use this when you want a # compact non-error SSL logfile on a virtual host basis. #CustomLog /home/rcrit/redhat/apache/logs/ssl_request_log \ # "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" puppetlabs-apache-0.10.0/templates/mod/passenger.conf.erb000644 000765 000024 00000002067 12250205751 024016 0ustar00hunnerstaff000000 000000 # The Passanger Apache module configuration file is being # managed by Puppet and changes will be overwritten. PassengerRoot <%= @passenger_root %> PassengerRuby <%= @passenger_ruby %> <%- if @passenger_high_performance -%> PassengerHighPerformance <%= @passenger_high_performance %> <%- end -%> <%- if @passenger_max_pool_size -%> PassengerMaxPoolSize <%= @passenger_max_pool_size %> <%- end -%> <%- if @passenger_pool_idle_time -%> PassengerPoolIdleTime <%= @passenger_pool_idle_time %> <%- end -%> <%- if @passenger_max_requests -%> PassengerMaxRequests <%= @passenger_max_requests %> <%- end -%> <%- if @passenger_stat_throttle_rate -%> PassengerStatThrottleRate <%= @passenger_stat_throttle_rate %> <%- end -%> <%- if @rack_autodetect -%> RackAutoDetect <%= @rack_autodetect %> <%- end -%> <%- if @rails_autodetect -%> RailsAutoDetect <%= @rails_autodetect %> <%- end -%> <%- if @passenger_use_global_queue -%> PassengerUseGlobalQueue <%= @passenger_use_global_queue %> <%- end -%> puppetlabs-apache-0.10.0/templates/mod/peruser.conf.erb000644 000765 000024 00000001016 12250205751 023505 0ustar00hunnerstaff000000 000000 MinSpareProcessors <%= @minspareprocessors %> MinProcessors <%= @minprocessors %> MaxProcessors <%= @maxprocessors %> MaxClients <%= @maxclients %> MaxRequestsPerChild <%= @maxrequestsperchild %> IdleTimeout <%= @idletimeout %> ExpireTimeout <%= @expiretimeout %> KeepAlive <%= @keepalive %> Include <%= @mod_dir %>/peruser/multiplexers/*.conf Include <%= @mod_dir %>/peruser/processors/*.conf puppetlabs-apache-0.10.0/templates/mod/php5.conf.erb000644 000765 000024 00000001413 12250205751 022675 0ustar00hunnerstaff000000 000000 # # PHP is an HTML-embedded scripting language which attempts to make it # easy for developers to write dynamically generated webpages. # # # LoadModule php5_module modules/libphp5.so # # # # Use of the "ZTS" build with worker is experimental, and no shared # # modules are supported. # LoadModule php5_module modules/libphp5-zts.so # # # Cause the PHP interpreter to handle files with a .php extension. # AddHandler php5-script .php AddType text/html .php # # Add index.php to the list of files that will be served as directory # indexes. # DirectoryIndex index.php # # Uncomment the following line to allow PHP to pretty-print .phps # files as PHP source code: # #AddType application/x-httpd-php-source .phps puppetlabs-apache-0.10.0/templates/mod/prefork.conf.erb000644 000765 000024 00000000466 12250205751 023500 0ustar00hunnerstaff000000 000000 StartServers <%= @startservers %> MinSpareServers <%= @minspareservers %> MaxSpareServers <%= @maxspareservers %> ServerLimit <%= @serverlimit %> MaxClients <%= @maxclients %> MaxRequestsPerChild <%= @maxrequestsperchild %> puppetlabs-apache-0.10.0/templates/mod/proxy.conf.erb000644 000765 000024 00000001352 12250205751 023204 0ustar00hunnerstaff000000 000000 # # Proxy Server directives. Uncomment the following lines to # enable the proxy server: # # Do not enable proxying with ProxyRequests until you have secured your # server. Open proxy servers are dangerous both to your network and to the # Internet at large. ProxyRequests <%= @proxy_requests %> <% if @proxy_requests != 'Off' or ( @allow_from and ! @allow_from.empty? ) -%> Order deny,allow Deny from all Allow from <%= Array(@allow_from).join(" ") %> <% end -%> # Enable/disable the handling of HTTP/1.1 "Via:" headers. # ("Full" adds the server version; "Block" removes all outgoing Via: headers) # Set to one of: Off | On | Full | Block ProxyVia On puppetlabs-apache-0.10.0/templates/mod/proxy_html.conf.erb000644 000765 000024 00000001663 12250205751 024235 0ustar00hunnerstaff000000 000000 <% if @proxy_html_loadfiles -%> <% Array(@proxy_html_loadfiles).each do |loadfile| -%> LoadFile <%= loadfile %> <% end -%> <% end -%> ProxyHTMLLinks a href ProxyHTMLLinks area href ProxyHTMLLinks link href ProxyHTMLLinks img src longdesc usemap ProxyHTMLLinks object classid codebase data usemap ProxyHTMLLinks q cite ProxyHTMLLinks blockquote cite ProxyHTMLLinks ins cite ProxyHTMLLinks del cite ProxyHTMLLinks form action ProxyHTMLLinks input src usemap ProxyHTMLLinks head profileProxyHTMLLinks base href ProxyHTMLLinks script src for ProxyHTMLEvents onclick ondblclick onmousedown onmouseup \ onmouseover onmousemove onmouseout onkeypress \ onkeydown onkeyup onfocus onblur onload \ onunload onsubmit onreset onselect onchange puppetlabs-apache-0.10.0/templates/mod/reqtimeout.conf.erb000644 000765 000024 00000000123 12250205751 024214 0ustar00hunnerstaff000000 000000 RequestReadTimeout header=20-40,minrate=500 RequestReadTimeout body=10,minrate=500 puppetlabs-apache-0.10.0/templates/mod/rpaf.conf.erb000644 000765 000024 00000001132 12250205751 022747 0ustar00hunnerstaff000000 000000 # Enable reverse proxy add forward RPAFenable On # RPAFsethostname will, when enabled, take the incoming X-Host header and # update the virtual host settings accordingly. This allows to have the same # hostnames as in the "real" configuration for the forwarding proxy. <% if @sethostname -%> RPAFsethostname On <% else -%> RPAFsethostname Off <% end -%> # Which IPs are forwarding requests to us RPAFproxy_ips <%= Array(@proxy_ips).join(" ") %> # Setting RPAFheader allows you to change the header name to parse from the # default X-Forwarded-For to something of your choice. RPAFheader <%= @header %> puppetlabs-apache-0.10.0/templates/mod/setenvif.conf.erb000644 000765 000024 00000002607 12250205751 023652 0ustar00hunnerstaff000000 000000 # # The following directives modify normal HTTP response behavior to # handle known problems with browser implementations. # BrowserMatch "Mozilla/2" nokeepalive BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 BrowserMatch "RealPlayer 4\.0" force-response-1.0 BrowserMatch "Java/1\.0" force-response-1.0 BrowserMatch "JDK/1\.0" force-response-1.0 # # The following directive disables redirects on non-GET requests for # a directory that does not include the trailing slash. This fixes a # problem with Microsoft WebFolders which does not appropriately handle # redirects for folders with DAV methods. # Same deal with Apple's DAV filesystem and Gnome VFS support for DAV. # BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully BrowserMatch "MS FrontPage" redirect-carefully BrowserMatch "^WebDrive" redirect-carefully BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully BrowserMatch "^gnome-vfs/1.0" redirect-carefully BrowserMatch "^gvfs/1" redirect-carefully BrowserMatch "^XML Spy" redirect-carefully BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully BrowserMatch " Konqueror/4" redirect-carefully BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # MSIE 7 and newer should be able to use keepalive BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown puppetlabs-apache-0.10.0/templates/mod/ssl.conf.erb000644 000765 000024 00000001237 12250205751 022626 0ustar00hunnerstaff000000 000000 SSLRandomSeed startup builtin SSLRandomSeed startup file:/dev/urandom 512 SSLRandomSeed connect builtin SSLRandomSeed connect file:/dev/urandom 512 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl SSLPassPhraseDialog builtin SSLSessionCache shmcb:<%= @session_cache %> SSLSessionCacheTimeout 300 <% if @ssl_compression -%> SSLCompression Off <% end -%> SSLMutex <%= @ssl_mutex %> SSLCryptoDevice builtin SSLHonorCipherOrder On SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 SSLProtocol all -SSLv2 <% if @ssl_options -%> SSLOptions <%= @ssl_options.compact.join(' ') %> <% end -%> puppetlabs-apache-0.10.0/templates/mod/status.conf.erb000644 000765 000024 00000000456 12250205751 023352 0ustar00hunnerstaff000000 000000 SetHandler server-status Order deny,allow Deny from all Allow from <%= Array(@allow_from).join(" ") %> ExtendedStatus <%= @extended_status %> # Show Proxy LoadBalancer status in mod_status ProxyStatus On puppetlabs-apache-0.10.0/templates/mod/suphp.conf.erb000644 000765 000024 00000001230 12250205751 023155 0ustar00hunnerstaff000000 000000 AddType application/x-httpd-suphp .php .php3 .php4 .php5 .phtml suPHP_AddHandler application/x-httpd-suphp suPHP_Engine on # By default, disable suPHP for debian packaged web applications as files # are owned by root and cannot be executed by suPHP because of min_uid. suPHP_Engine off # # Use a specific php config file (a dir which contains a php.ini file) # suPHP_ConfigPath /etc/php4/cgi/suphp/ # # Tells mod_suphp NOT to handle requests with the type . # suPHP_RemoveHandler puppetlabs-apache-0.10.0/templates/mod/userdir.conf.erb000644 000765 000024 00000000735 12250205751 023504 0ustar00hunnerstaff000000 000000 <% if @disable_root -%> UserDir disabled root <% end -%> UserDir <%= @dir %> /*/<%= @dir %>> AllowOverride FileInfo AuthConfig Limit Indexes Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec Order allow,deny Allow from all Order deny,allow Deny from all puppetlabs-apache-0.10.0/templates/mod/worker.conf.erb000644 000765 000024 00000000543 12250205751 023335 0ustar00hunnerstaff000000 000000 ServerLimit <%= @serverlimit %> StartServers <%= @startservers %> MaxClients <%= @maxclients %> MinSpareThreads <%= @minsparethreads %> MaxSpareThreads <%= @maxsparethreads %> ThreadsPerChild <%= @threadsperchild %> MaxRequestsPerChild <%= @maxrequestsperchild %> puppetlabs-apache-0.10.0/templates/mod/wsgi.conf.erb000644 000765 000024 00000000630 12250205751 022772 0ustar00hunnerstaff000000 000000 # The WSGI Apache module configuration file is being # managed by Puppet an changes will be overwritten. <%- if @wsgi_socket_prefix -%> WSGISocketPrefix <%= @wsgi_socket_prefix %> <%- end -%> <%- if @wsgi_python_home -%> WSGIPythonHome <%= @wsgi_python_home %> <%- end -%> <%- if @wsgi_python_path -%> WSGIPythonPath <%= @wsgi_python_path %> <%- end -%> puppetlabs-apache-0.10.0/templates/confd/no-accf.conf.erb000644 000765 000024 00000000131 12250205751 023635 0ustar00hunnerstaff000000 000000 AcceptFilter http none AcceptFilter https none puppetlabs-apache-0.10.0/spec/classes/000755 000765 000024 00000000000 12250205751 020216 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/spec/defines/000755 000765 000024 00000000000 12250205751 020176 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/spec/fixtures/000755 000765 000024 00000000000 12250205751 020432 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/spec/spec.opts000644 000765 000024 00000000057 12250205751 020424 0ustar00hunnerstaff000000 000000 --format s --colour --loadby mtime --backtrace puppetlabs-apache-0.10.0/spec/spec_helper.rb000644 000765 000024 00000000064 12250205751 021377 0ustar00hunnerstaff000000 000000 require 'puppetlabs_spec_helper/module_spec_helper' puppetlabs-apache-0.10.0/spec/spec_helper_system.rb000644 000765 000024 00000001443 12250205751 023005 0ustar00hunnerstaff000000 000000 require 'rspec-system/spec_helper' require 'rspec-system-puppet/helpers' require 'rspec-system-serverspec/helpers' include Serverspec::Helper::RSpecSystem include Serverspec::Helper::DetectOS include RSpecSystemPuppet::Helpers RSpec.configure do |c| # Project root proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) # Enable colour c.tty = true c.include RSpecSystemPuppet::Helpers # This is where we 'setup' the nodes before running our tests c.before :suite do # Install puppet puppet_install # Install modules and dependencies puppet_module_install(:source => proj_root, :module_name => 'apache') shell('puppet module install puppetlabs-concat --version 1.0.0') shell('puppet module install puppetlabs-stdlib --version 2.4.0') end end puppetlabs-apache-0.10.0/spec/system/000755 000765 000024 00000000000 12250205751 020105 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/spec/unit/000755 000765 000024 00000000000 12250205751 017540 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/spec/unit/provider/000755 000765 000024 00000000000 12250205751 021372 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/spec/unit/provider/a2mod/000755 000765 000024 00000000000 12250205751 022374 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/spec/unit/provider/a2mod/gentoo_spec.rb000644 000765 000024 00000013740 12250205751 025233 0ustar00hunnerstaff000000 000000 #!/usr/bin/env rspec require 'spec_helper' provider_class = Puppet::Type.type(:a2mod).provider(:gentoo) describe provider_class do before :each do provider_class.clear end [:conf_file, :instances, :modules, :initvars, :conf_file, :clear].each do |method| it "should respond to the class method #{method}" do provider_class.should respond_to(method) end end describe "when fetching modules" do before do @filetype = mock() end it "should return a sorted array of the defined parameters" do @filetype.expects(:read).returns(%Q{APACHE2_OPTS="-D FOO -D BAR -D BAZ"\n}) provider_class.expects(:filetype).returns(@filetype) provider_class.modules.should == %w{bar baz foo} end it "should cache the module list" do @filetype.expects(:read).once.returns(%Q{APACHE2_OPTS="-D FOO -D BAR -D BAZ"\n}) provider_class.expects(:filetype).once.returns(@filetype) 2.times { provider_class.modules.should == %w{bar baz foo} } end it "should normalize parameters" do @filetype.expects(:read).returns(%Q{APACHE2_OPTS="-D FOO -D BAR -D BAR"\n}) provider_class.expects(:filetype).returns(@filetype) provider_class.modules.should == %w{bar foo} end end describe "when prefetching" do it "should match providers to resources" do provider = mock("ssl_provider", :name => "ssl") resource = mock("ssl_resource") resource.expects(:provider=).with(provider) provider_class.expects(:instances).returns([provider]) provider_class.prefetch("ssl" => resource) end end describe "when flushing" do before :each do @filetype = mock() @filetype.stubs(:backup) provider_class.expects(:filetype).at_least_once.returns(@filetype) @info = mock() @info.stubs(:[]).with(:name).returns("info") @info.stubs(:provider=) @mpm = mock() @mpm.stubs(:[]).with(:name).returns("mpm") @mpm.stubs(:provider=) @ssl = mock() @ssl.stubs(:[]).with(:name).returns("ssl") @ssl.stubs(:provider=) end it "should add modules whose ensure is present" do @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) @filetype.expects(:write).with(%Q{APACHE2_OPTS="-D INFO"}) @info.stubs(:should).with(:ensure).returns(:present) provider_class.prefetch("info" => @info) provider_class.flush end it "should remove modules whose ensure is present" do @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-D INFO"}) @filetype.expects(:write).with(%Q{APACHE2_OPTS=""}) @info.stubs(:should).with(:ensure).returns(:absent) @info.stubs(:provider=) provider_class.prefetch("info" => @info) provider_class.flush end it "should not modify providers without resources" do @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-D INFO -D MPM"}) @filetype.expects(:write).with(%Q{APACHE2_OPTS="-D MPM -D SSL"}) @info.stubs(:should).with(:ensure).returns(:absent) provider_class.prefetch("info" => @info) @ssl.stubs(:should).with(:ensure).returns(:present) provider_class.prefetch("ssl" => @ssl) provider_class.flush end it "should write the modules in sorted order" do @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) @filetype.expects(:write).with(%Q{APACHE2_OPTS="-D INFO -D MPM -D SSL"}) @mpm.stubs(:should).with(:ensure).returns(:present) provider_class.prefetch("mpm" => @mpm) @info.stubs(:should).with(:ensure).returns(:present) provider_class.prefetch("info" => @info) @ssl.stubs(:should).with(:ensure).returns(:present) provider_class.prefetch("ssl" => @ssl) provider_class.flush end it "should write the records back once" do @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) @filetype.expects(:write).once.with(%Q{APACHE2_OPTS="-D INFO -D SSL"}) @info.stubs(:should).with(:ensure).returns(:present) provider_class.prefetch("info" => @info) @ssl.stubs(:should).with(:ensure).returns(:present) provider_class.prefetch("ssl" => @ssl) provider_class.flush end it "should only modify the line containing APACHE2_OPTS" do @filetype.expects(:read).at_least_once.returns(%Q{# Comment\nAPACHE2_OPTS=""\n# Another comment}) @filetype.expects(:write).once.with(%Q{# Comment\nAPACHE2_OPTS="-D INFO"\n# Another comment}) @info.stubs(:should).with(:ensure).returns(:present) provider_class.prefetch("info" => @info) provider_class.flush end it "should restore any arbitrary arguments" do @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-Y -D MPM -X"}) @filetype.expects(:write).once.with(%Q{APACHE2_OPTS="-Y -X -D INFO -D MPM"}) @info.stubs(:should).with(:ensure).returns(:present) provider_class.prefetch("info" => @info) provider_class.flush end it "should backup the file once if changes were made" do @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) @filetype.expects(:write).once.with(%Q{APACHE2_OPTS="-D INFO -D SSL"}) @info.stubs(:should).with(:ensure).returns(:present) provider_class.prefetch("info" => @info) @ssl.stubs(:should).with(:ensure).returns(:present) provider_class.prefetch("ssl" => @ssl) @filetype.unstub(:backup) @filetype.expects(:backup) provider_class.flush end it "should not write the file or run backups if no changes were made" do @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-X -D INFO -D SSL -Y"}) @filetype.expects(:write).never @info.stubs(:should).with(:ensure).returns(:present) provider_class.prefetch("info" => @info) @ssl.stubs(:should).with(:ensure).returns(:present) provider_class.prefetch("ssl" => @ssl) @filetype.unstub(:backup) @filetype.expects(:backup).never provider_class.flush end end end puppetlabs-apache-0.10.0/spec/system/basic_spec.rb000644 000765 000024 00000001046 12250205751 022526 0ustar00hunnerstaff000000 000000 require 'spec_helper_system' describe 'basic tests:' do # Using puppet_apply as a subject context puppet_apply 'notice("foo")' do its(:stdout) { should =~ /foo/ } its(:stderr) { should be_empty } its(:exit_code) { should be_zero } end end describe 'disable selinux:' do context puppet_apply ' exec { "setenforce 0": path => "/bin:/sbin:/usr/bin:/usr/sbin", onlyif => "which setenforce && getenforce | grep Enforcing", } ' do its(:stderr) { should be_empty } its(:exit_code) { should_not == 1 } end end puppetlabs-apache-0.10.0/spec/system/class_spec.rb000644 000765 000024 00000002673 12250205751 022561 0ustar00hunnerstaff000000 000000 require 'spec_helper_system' describe 'apache class' do case node.facts['osfamily'] when 'RedHat' package_name = 'httpd' service_name = 'httpd' when 'Debian' package_name = 'apache2' service_name = 'apache2' when 'FreeBSD' package_name = 'apache22' service_name = 'apache22' end context 'default parameters' do # Using puppet_apply as a helper it 'should work with no errors' do pp = <<-EOS class { 'apache': } EOS # Run it twice and test for idempotency puppet_apply(pp) do |r| r.exit_code.should_not == 1 r.refresh r.exit_code.should be_zero end end describe package(package_name) do it { should be_installed } end describe service(service_name) do it { should be_enabled } it { should be_running } end end context 'custom site/mod dir parameters' do # Using puppet_apply as a helper it 'should work with no errors' do pp = <<-EOS file { '/apache': ensure => directory, } class { 'apache': mod_dir => '/apache/mods', vhost_dir => '/apache/vhosts', } EOS # Run it twice and test for idempotency puppet_apply(pp) do |r| r.exit_code.should_not == 1 r.refresh r.exit_code.should be_zero end end describe service(service_name) do it { should be_enabled } it { should be_running } end end end puppetlabs-apache-0.10.0/spec/system/default_mods_spec.rb000644 000765 000024 00000004632 12250205751 024117 0ustar00hunnerstaff000000 000000 require 'spec_helper_system' case node.facts['osfamily'] when 'RedHat' servicename = 'httpd' when 'Debian' servicename = 'apache2' when 'FreeBSD' servicename = 'apache22' else raise "Unconfigured OS for apache service on #{node.facts['osfamily']}" end describe 'apache::default_mods class' do describe 'no default mods' do # Using puppet_apply as a helper it 'should apply with no errors' do pp = <<-EOS class { 'apache': default_mods => false, } EOS # Run it twice and test for idempotency puppet_apply(pp) do |r| [0,2].should include(r.exit_code) r.refresh r.exit_code.should be_zero end end describe service(servicename) do it { should be_running } end end describe 'no default mods and failing' do # Using puppet_apply as a helper it 'should apply with errors' do pp = <<-EOS class { 'apache': default_mods => false, } apache::vhost { 'defaults.example.com': docroot => '/var/www/defaults', aliases => { alias => '/css', path => '/var/www/css', }, setenv => 'TEST1 one', } EOS # Run it twice and test for idempotency puppet_apply(pp) do |r| [4,6].should include(r.exit_code) end end describe "service #{servicename}" do it 'should not be running' do shell("pidof #{servicename}") do |r| r.exit_code.should eq(1) end end end end describe 'alternative default mods' do # Using puppet_apply as a helper it 'should apply with no errors' do pp = <<-EOS class { 'apache': default_mods => [ 'info', 'alias', 'mime', 'env', 'expires', ], } apache::vhost { 'defaults.example.com': docroot => '/var/www/defaults', aliases => { alias => '/css', path => '/var/www/css', }, setenv => 'TEST1 one', } EOS # Run it twice and test for idempotency puppet_apply(pp) do |r| [0,2].should include(r.exit_code) sleep 10 # avoid race condition on centos :( r.refresh r.exit_code.should be_zero end end describe service(servicename) do it { should be_running } end end end puppetlabs-apache-0.10.0/spec/system/itk_spec.rb000644 000765 000024 00000001463 12250205751 022237 0ustar00hunnerstaff000000 000000 require 'spec_helper_system' case node.facts['osfamily'] when 'Debian' service_name = 'apache2' when 'FreeBSD' service_name = 'apache22' else # Not implemented yet service_name = :skip end unless service_name.equal? :skip describe 'apache::mod::itk class' do describe 'running puppet code' do # Using puppet_apply as a helper it 'should work with no errors' do pp = <<-EOS class { 'apache': mpm_module => 'itk', } EOS # Run it twice and test for idempotency puppet_apply(pp) do |r| r.exit_code.should_not == 1 r.refresh r.exit_code.should be_zero end end end describe service(service_name) do it { should be_running } it { should be_enabled } end end end puppetlabs-apache-0.10.0/spec/system/mod_php_spec.rb000644 000765 000024 00000002515 12250205751 023075 0ustar00hunnerstaff000000 000000 require 'spec_helper_system' describe 'apache::mod::php class' do case node.facts['osfamily'] when 'Debian' mod_dir = '/etc/apache2/mods-available' service_name = 'apache2' when 'RedHat' mod_dir = '/etc/httpd/conf.d' service_name = 'httpd' when 'FreeBSD' mod_dir = '/usr/local/etc/apache22/Modules' service_name = 'apache22' end context "default php config" do it 'succeeds in puppeting php' do puppet_apply(%{ class { 'apache': mpm_module => 'prefork', } class { 'apache::mod::php': } apache::vhost { 'php.example.com': port => '80', docroot => '/var/www/php', } host { 'php.example.com': ip => '127.0.0.1', } file { '/var/www/php/index.php': ensure => file, content => "\\n", } }) { |r| [0,2].should include r.exit_code} end describe service(service_name) do it { should be_enabled } it { should be_running } end describe file("#{mod_dir}/php5.conf") do it { should contain "DirectoryIndex index.php" } end it 'should answer to php.example.com' do shell("/usr/bin/curl php.example.com:80") do |r| r.stdout.should =~ /PHP Version/ r.exit_code.should == 0 end end end end puppetlabs-apache-0.10.0/spec/system/mod_suphp_spec.rb000644 000765 000024 00000002305 12250205751 023442 0ustar00hunnerstaff000000 000000 require 'spec_helper_system' describe 'apache::mod::suphp class' do case node.facts['osfamily'] when 'Debian' context "default suphp config" do it 'succeeds in puppeting suphp' do puppet_apply(%{ class { 'apache': mpm_module => 'prefork', } class { 'apache::mod::php': } class { 'apache::mod::suphp': } apache::vhost { 'suphp.example.com': port => '80', docroot => '/var/www/suphp', } host { 'suphp.example.com': ip => '127.0.0.1', } file { '/var/www/suphp/index.php': ensure => file, owner => 'puppet', group => 'puppet', content => "\\n", } }) { |r| [0,2].should include r.exit_code} end describe service('apache2') do it { should be_enabled } it { should be_running } end it 'should answer to suphp.example.com' do shell("/usr/bin/curl suphp.example.com:80") do |r| r.stdout.should =~ /^puppet$/ r.exit_code.should == 0 end end end when 'RedHat' # Not implemented yet end end puppetlabs-apache-0.10.0/spec/system/prefork_worker_spec.rb000644 000765 000024 00000003703 12250205751 024510 0ustar00hunnerstaff000000 000000 require 'spec_helper_system' case node.facts['osfamily'] when 'RedHat' servicename = 'httpd' when 'Debian' servicename = 'apache2' when 'FreeBSD' servicename = 'apache22' else raise "Unconfigured OS for apache service on #{node.facts['osfamily']}" end case node.facts['osfamily'] when 'FreeBSD' describe 'apache::mod::event class' do describe 'running puppet code' do # Using puppet_apply as a helper it 'should work with no errors' do pp = <<-EOS class { 'apache': mpm_module => 'event', } EOS # Run it twice and test for idempotency puppet_apply(pp) do |r| r.exit_code.should_not == 1 r.refresh r.exit_code.should be_zero end end end describe service(servicename) do it { should be_running } it { should be_enabled } end end end describe 'apache::mod::worker class' do describe 'running puppet code' do # Using puppet_apply as a helper it 'should work with no errors' do pp = <<-EOS class { 'apache': mpm_module => 'worker', } EOS # Run it twice and test for idempotency puppet_apply(pp) do |r| r.exit_code.should_not == 1 r.refresh r.exit_code.should be_zero end end end describe service(servicename) do it { should be_running } it { should be_enabled } end end describe 'apache::mod::prefork class' do describe 'running puppet code' do # Using puppet_apply as a helper it 'should work with no errors' do pp = <<-EOS class { 'apache': mpm_module => 'prefork', } EOS # Run it twice and test for idempotency puppet_apply(pp) do |r| r.exit_code.should_not == 1 r.refresh r.exit_code.should be_zero end end end describe service(servicename) do it { should be_running } it { should be_enabled } end end puppetlabs-apache-0.10.0/spec/system/service_spec.rb000644 000765 000024 00000001052 12250205751 023102 0ustar00hunnerstaff000000 000000 require 'spec_helper_system' describe 'apache::service class' do describe 'adding dependencies in between the base class and service class' do it 'should work with no errors' do pp = <<-EOS class { 'apache': } file { '/tmp/test': require => Class['apache'], notify => Class['apache::service'], } EOS # Run it twice and test for idempotency puppet_apply(pp) do |r| [0,2].should include(r.exit_code) r.refresh r.exit_code.should be_zero end end end end puppetlabs-apache-0.10.0/spec/system/vhost_spec.rb000644 000765 000024 00000021516 12250205751 022614 0ustar00hunnerstaff000000 000000 require 'spec_helper_system' describe 'apache::vhost define' do case node.facts['osfamily'] when 'RedHat' vhost_dir = '/etc/httpd/conf.d' package_name = 'httpd' service_name = 'httpd' when 'FreeBSD' vhost_dir = '/usr/local/etc/apache22/Vhosts' package_name = 'apache22' service_name = 'apache22' when 'Debian' vhost_dir = '/etc/apache2/sites-enabled' package_name = 'apache2' service_name = 'apache2' end context "default vhost without ssl" do it 'should create a default vhost config' do puppet_apply(%{ class { 'apache': } }) { |r| [0,2].should include r.exit_code} end describe file("#{vhost_dir}/15-default.conf") do it { should contain '' } end describe file("#{vhost_dir}/15-default-ssl.conf") do it { should_not be_file } end end context 'default vhost with ssl' do it 'should create default vhost configs' do puppet_apply(%{ class { 'apache': default_ssl_vhost => true, } }) { |r| [0,2].should include r.exit_code} end describe file("#{vhost_dir}/15-default.conf") do it { should contain '' } end describe file("#{vhost_dir}/15-default-ssl.conf") do it { should contain '' } it { should contain "SSLEngine on" } end end context 'new vhost on port 80' do it 'should configure an apache vhost' do puppet_apply(%{ class { 'apache': } apache::vhost { 'first.example.com': port => '80', docroot => '/var/www/first', } }) { |r| [0,2].should include r.exit_code} end describe file("#{vhost_dir}/25-first.example.com.conf") do it { should contain '' } it { should contain "ServerName first.example.com" } end end context 'new proxy vhost on port 80' do it 'should configure an apache proxy vhost' do puppet_apply(%{ class { 'apache': } apache::vhost { 'proxy.example.com': port => '80', docroot => '/var/www/proxy', proxy_pass => [ { 'path' => '/foo', 'url' => 'http://backend-foo/'}, ], } }) { |r| [0,2].should include r.exit_code} end describe file("#{vhost_dir}/25-proxy.example.com.conf") do it { should contain '' } it { should contain "ServerName proxy.example.com" } it { should contain "ProxyPass" } it { should_not contain "" } end end context 'new vhost on port 80' do it 'should configure two apache vhosts' do puppet_apply(%{ class { 'apache': } apache::vhost { 'first.example.com': port => '80', docroot => '/var/www/first', } host { 'first.example.com': ip => '127.0.0.1', } file { '/var/www/first/index.html': ensure => file, content => "Hello from first\\n", } apache::vhost { 'second.example.com': port => '80', docroot => '/var/www/second', } host { 'second.example.com': ip => '127.0.0.1', } file { '/var/www/second/index.html': ensure => file, content => "Hello from second\\n", } }) { |r| [0,2].should include r.exit_code} end describe service(service_name) do it { should be_enabled } it { should be_running } end it 'should answer to first.example.com' do shell("/usr/bin/curl first.example.com:80") do |r| r.stdout.should == "Hello from first\n" r.exit_code.should == 0 end end it 'should answer to second.example.com' do shell("/usr/bin/curl second.example.com:80") do |r| r.stdout.should == "Hello from second\n" r.exit_code.should == 0 end end end context 'apache_directories readme example, adapted' do it 'should configure a vhost with Files' do puppet_apply(%{ class { 'apache': } apache::vhost { 'files.example.net': docroot => '/var/www/files', directories => [ { path => '~ (\.swp|\.bak|~)$', 'provider' => 'files', 'deny' => 'from all' }, ], } file { '/var/www/files/index.html.bak': ensure => file, content => "Hello World\\n", } host { 'files.example.net': ip => '127.0.0.1', } }) { |r| [0,2].should include r.exit_code} end describe service(service_name) do it { should be_enabled } it { should be_running } end it 'should answer to files.example.net' do shell("/usr/bin/curl -sSf files.example.net:80/index.html.bak") do |r| r.stderr.should =~ /curl: \(22\) The requested URL returned error: 403/ r.exit_code.should == 22 end end end case node.facts['lsbdistcodename'] when 'precise', 'wheezy' context 'vhost fallbackresouce example' do it 'should configure a vhost with Fallbackresource' do puppet_apply(%{ class { 'apache': } apache::vhost { 'fallback.example.net': docroot => '/var/www/fallback', fallbackresource => '/index.html' } file { '/var/www/fallback/index.html': ensure => file, content => "Hello World\\n", } host { 'fallback.example.net': ip => '127.0.0.1', } }) { |r| [0,2].should include r.exit_code} end describe service(service_name) do it { should be_enabled } it { should be_running } end it 'should answer to fallback.example.net' do shell("/usr/bin/curl fallback.example.net:80/Does/Not/Exist") do |r| r.stdout.should == "Hello World\n" r.exit_code.should == 0 end end end else # The current stable RHEL release (6.4) comes with Apache httpd 2.2.15 # That was released March 6, 2010. # FallbackResource was backported to 2.2.16, and released July 25, 2010. # Ubuntu Lucid (10.04) comes with apache2 2.2.14, released October 3, 2009. # https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/STATUS end context 'virtual_docroot hosting separate sites' do it 'should configure a vhost with VirtualDocumentRoot' do puppet_apply(%{ class { 'apache': } apache::vhost { 'virt.example.com': vhost_name => '*', serveraliases => '*virt.example.com', port => '80', docroot => '/var/www/virt', virtual_docroot => '/var/www/virt/%1', } host { 'virt.example.com': ip => '127.0.0.1', } host { 'a.virt.example.com': ip => '127.0.0.1', } host { 'b.virt.example.com': ip => '127.0.0.1', } file { [ '/var/www/virt/a', '/var/www/virt/b', ]: ensure => directory, } file { '/var/www/virt/a/index.html': ensure => file, content => "Hello from a.virt\\n", } file { '/var/www/virt/b/index.html': ensure => file, content => "Hello from b.virt\\n", } }) { |r| [0,2].should include r.exit_code} end describe service(service_name) do it { should be_enabled } it { should be_running } end it 'should answer to a.virt.example.com' do shell("/usr/bin/curl a.virt.example.com:80") do |r| r.stdout.should == "Hello from a.virt\n" r.exit_code.should == 0 end end it 'should answer to b.virt.example.com' do shell("/usr/bin/curl b.virt.example.com:80") do |r| r.stdout.should == "Hello from b.virt\n" r.exit_code.should == 0 end end end context 'proxy_pass for alternative vhost' do it 'should configure a local vhost and a proxy vhost' do puppet_apply(%{ class { 'apache': default_vhost => false, } apache::vhost { 'localhost': docroot => '/var/www/local', ip => '127.0.0.1', port => '8888', } apache::listen { '*:80': } apache::vhost { 'proxy.example.com': docroot => '/var/www', port => '80', add_listen => false, proxy_pass => { 'path' => '/', 'url' => 'http://localhost:8888/subdir/', }, } host { 'proxy.example.com': ip => '127.0.0.1', } file { ['/var/www/local', '/var/www/local/subdir']: ensure => directory, } file { '/var/www/local/subdir/index.html': ensure => file, content => "Hello from localhost\\n", } }) { |r| [0,2].should include r.exit_code} end describe service(service_name) do it { should be_enabled } it { should be_running } end it 'should get a response from the back end' do shell("/usr/bin/curl --max-redirs 0 proxy.example.com:80") do |r| r.stdout.should == "Hello from localhost\n" r.exit_code.should == 0 end end end end puppetlabs-apache-0.10.0/spec/fixtures/manifests/000755 000765 000024 00000000000 12250205751 022423 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/spec/fixtures/modules/000755 000765 000024 00000000000 12250205751 022102 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/spec/fixtures/modules/site_apache/000755 000765 000024 00000000000 12250205751 024347 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/spec/fixtures/modules/site_apache/templates/000755 000765 000024 00000000000 12250205751 026345 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/spec/fixtures/modules/site_apache/templates/fake.conf.erb000644 000765 000024 00000000031 12250205751 030663 0ustar00hunnerstaff000000 000000 Fake template for rspec. puppetlabs-apache-0.10.0/spec/defines/mod_spec.rb000644 000765 000024 00000005652 12250205751 022324 0ustar00hunnerstaff000000 000000 require 'spec_helper' describe 'apache::mod', :type => :define do let :pre_condition do 'include apache' end context "on a RedHat osfamily" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end describe "for non-special modules" do let :title do 'spec_m' end it { should include_class("apache::params") } it "should manage the module load file" do should contain_file('spec_m.load').with({ :path => '/etc/httpd/conf.d/spec_m.load', :content => "LoadModule spec_m_module modules/mod_spec_m.so\n", :owner => 'root', :group => 'root', :mode => '0644', } ) end end describe "with shibboleth module and package param passed" do # name/title for the apache::mod define let :title do 'xsendfile' end # parameters let(:params) { {:package => 'mod_xsendfile'} } it { should include_class("apache::params") } it { should contain_package('mod_xsendfile') } end end context "on a Debian osfamily" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end describe "for non-special modules" do let :title do 'spec_m' end it { should include_class("apache::params") } it "should manage the module load file" do should contain_file('spec_m.load').with({ :path => '/etc/apache2/mods-available/spec_m.load', :content => "LoadModule spec_m_module /usr/lib/apache2/modules/mod_spec_m.so\n", :owner => 'root', :group => 'root', :mode => '0644', } ) end it "should link the module load file" do should contain_file('spec_m.load symlink').with({ :path => '/etc/apache2/mods-enabled/spec_m.load', :target => '/etc/apache2/mods-available/spec_m.load', :owner => 'root', :group => 'root', :mode => '0644', } ) end end end context "on a FreeBSD osfamily" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end describe "for non-special modules" do let :title do 'spec_m' end it { should include_class("apache::params") } it "should manage the module load file" do should contain_file('spec_m.load').with({ :path => '/usr/local/etc/apache22/Modules/spec_m.load', :content => "LoadModule spec_m_module /usr/local/libexec/apache22/mod_spec_m.so\n", :owner => 'root', :group => 'wheel', :mode => '0644', } ) end end end end puppetlabs-apache-0.10.0/spec/defines/vhost_spec.rb000644 000765 000024 00000115534 12250205751 022711 0ustar00hunnerstaff000000 000000 require 'spec_helper' describe 'apache::vhost', :type => :define do let :pre_condition do 'class { "apache": default_vhost => false, }' end let :title do 'rspec.example.com' end let :default_params do { :docroot => '/rspec/docroot', :port => '84', } end describe 'os-dependent items' do context "on RedHat based systems" do let :default_facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end let :params do default_params end let :facts do default_facts end it { should include_class("apache") } it { should include_class("apache::params") } end context "on Debian based systems" do let :default_facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end let :params do default_params end let :facts do default_facts end it { should include_class("apache") } it { should include_class("apache::params") } it { should contain_file("25-rspec.example.com.conf").with( :ensure => 'present', :path => '/etc/apache2/sites-available/25-rspec.example.com.conf' ) } it { should contain_file("25-rspec.example.com.conf symlink").with( :ensure => 'link', :path => '/etc/apache2/sites-enabled/25-rspec.example.com.conf', :target => '/etc/apache2/sites-available/25-rspec.example.com.conf' ) } end context "on FreeBSD systems" do let :default_facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end let :params do default_params end let :facts do default_facts end it { should include_class("apache") } it { should include_class("apache::params") } it { should contain_file("25-rspec.example.com.conf").with( :ensure => 'present', :path => '/usr/local/etc/apache22/Vhosts/25-rspec.example.com.conf' ) } end end describe 'os-independent items' do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end describe 'basic assumptions' do let :params do default_params end it { should include_class("apache") } it { should include_class("apache::params") } it { should contain_apache__listen(params[:port]) } it { should contain_apache__namevirtualhost("*:#{params[:port]}") } end # All match and notmatch should be a list of regexs and exact match strings context ".conf content" do [ { :title => 'should contain docroot', :attr => 'docroot', :value => '/not/default', :match => [/^ DocumentRoot \/not\/default$/,/ /], }, { :title => 'should set a port', :attr => 'port', :value => '8080', :match => [/^$/], }, { :title => 'should set an ip', :attr => 'ip', :value => '10.0.0.1', :match => [/^$/], }, { :title => 'should set a serveradmin', :attr => 'serveradmin', :value => 'test@test.com', :match => [/^ ServerAdmin test@test.com$/], }, { :title => 'should enable ssl', :attr => 'ssl', :value => true, :match => [/^ SSLEngine on$/], }, { :title => 'should set a servername', :attr => 'servername', :value => 'param.test', :match => [/^ ServerName param.test$/], }, { :title => 'should accept server aliases', :attr => 'serveraliases', :value => ['one.com','two.com'], :match => [ /^ ServerAlias one\.com$/, /^ ServerAlias two\.com$/ ], }, { :title => 'should accept setenv', :attr => 'setenv', :value => ['TEST1 one','TEST2 two'], :match => [ /^ SetEnv TEST1 one$/, /^ SetEnv TEST2 two$/ ], }, { :title => 'should accept setenvif', :attr => 'setenvif', ## These are bugged in rspec-puppet; the $1 is droped #:value => ['Host "^([^\.]*)\.website\.com$" CLIENT_NAME=$1'], #:match => [' SetEnvIf Host "^([^\.]*)\.website\.com$" CLIENT_NAME=$1'], :value => ['Host "^test\.com$" VHOST_ACCESS=test'], :match => [/^ SetEnvIf Host "\^test\\.com\$" VHOST_ACCESS=test$/], }, { :title => 'should accept options', :attr => 'options', :value => ['Fake','Options'], :match => [/^ Options Fake Options$/], }, { :title => 'should accept overrides', :attr => 'override', :value => ['Fake', 'Override'], :match => [/^ AllowOverride Fake Override$/], }, { :title => 'should accept logroot', :attr => 'logroot', :value => '/fake/log', :match => [/CustomLog \/fake\/log\//,/ErrorLog \/fake\/log\//], }, { :title => 'should accept log_level', :attr => 'log_level', :value => 'info', :match => [/LogLevel info/], }, { :title => 'should accept pipe destination for access log', :attr => 'access_log_pipe', :value => '| /bin/fake/logging', :match => [/CustomLog "| \/bin\/fake\/logging" combined$/], }, { :title => 'should accept pipe destination for error log', :attr => 'error_log_pipe', :value => '| /bin/fake/logging', :match => [/ErrorLog "| \/bin\/fake\/logging" combined$/], }, { :title => 'should accept syslog destination for access log', :attr => 'access_log_syslog', :value => 'syslog:local1', :match => [/CustomLog syslog:local1 combined$/], }, { :title => 'should accept syslog destination for error log', :attr => 'error_log_syslog', :value => 'syslog', :match => [/ErrorLog syslog$/], }, { :title => 'should accept custom format for access logs', :attr => 'access_log_format', :value => '%h %{X-Forwarded-For}i %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\" \"Host: %{Host}i\" %T %D', :match => [/CustomLog \/var\/log\/.+_access\.log "%h %\{X-Forwarded-For\}i %l %u %t \\"%r\\" %s %b \\"%\{Referer\}i\\" \\"%\{User-agent\}i\\" \\"Host: %\{Host\}i\\" %T %D"$/], }, { :title => 'should contain access logs', :attr => 'access_log', :value => true, :match => [/CustomLog \/var\/log\/.+_access\.log combined$/], }, { :title => 'should not contain access logs', :attr => 'access_log', :value => false, :notmatch => [/CustomLog \/var\/log\/.+_access\.log combined$/], }, { :title => 'should contain error logs', :attr => 'error_log', :value => true, :match => [/ErrorLog.+$/], }, { :title => 'should not contain error logs', :attr => 'error_log', :value => false, :notmatch => [/ErrorLog.+$/], }, { :title => 'should set ErrorDocument 503', :attr => 'error_documents', :value => [ { 'error_code' => '503', 'document' => '"Go away, the backend is broken."'}], :match => [/^ ErrorDocument 503 "Go away, the backend is broken."$/], }, { :title => 'should set ErrorDocuments 503 407', :attr => 'error_documents', :value => [ { 'error_code' => '503', 'document' => '/service-unavail'}, { 'error_code' => '407', 'document' => 'https://example.com/proxy/login'}, ], :match => [ /^ ErrorDocument 503 \/service-unavail$/, /^ ErrorDocument 407 https:\/\/example\.com\/proxy\/login$/, ], }, { :title => 'should set ErrorDocument 503 in directory', :attr => 'directories', :value => { 'path' => '/srv/www', 'error_documents' => [{ 'error_code' => '503', 'document' => '"Go away, the backend is broken."'}] }, :match => [/^ ErrorDocument 503 "Go away, the backend is broken."$/], }, { :title => 'should set ErrorDocuments 503 407 in directory', :attr => 'directories', :value => { 'path' => '/srv/www', 'error_documents' => [ { 'error_code' => '503', 'document' => '/service-unavail'}, { 'error_code' => '407', 'document' => 'https://example.com/proxy/login'}, ]}, :match => [ /^ ErrorDocument 503 \/service-unavail$/, /^ ErrorDocument 407 https:\/\/example\.com\/proxy\/login$/, ], }, { :title => 'should accept a scriptalias', :attr => 'scriptalias', :value => '/usr/scripts', :match => [ /^ ScriptAlias \/cgi-bin\/ \/usr\/scripts$/, ], }, { :title => 'should accept a single scriptaliases', :attr => 'scriptaliases', :value => { 'alias' => '/blah/', 'path' => '/usr/scripts' }, :match => [ /^ ScriptAlias \/blah\/ \/usr\/scripts$/, ], :nomatch => [/ScriptAlias \/cgi\-bin\//], }, { :title => 'should accept multiple scriptaliases', :attr => 'scriptaliases', :value => [ { 'alias' => '/blah', 'path' => '/usr/scripts' }, { 'alias' => '/blah2', 'path' => '/usr/scripts' } ], :match => [ /^ ScriptAlias \/blah \/usr\/scripts$/, /^ ScriptAlias \/blah2 \/usr\/scripts$/, ], :nomatch => [/ScriptAlias \/cgi\-bin\//], }, { :title => 'should accept multiple scriptaliases with and without trailing slashes', :attr => 'scriptaliases', :value => [ { 'alias' => '/blah', 'path' => '/usr/scripts' }, { 'alias' => '/blah2/', 'path' => '/usr/scripts2/' } ], :match => [ /^ ScriptAlias \/blah \/usr\/scripts$/, /^ ScriptAlias \/blah2\/ \/usr\/scripts2\/$/, ], :nomatch => [/ScriptAlias \/cgi\-bin\//], }, { :title => 'should accept a ScriptAliasMatch directive', :attr => 'scriptaliases', ## XXX As mentioned above, rspec-puppet drops constructs like $1. ## Thus, these tests don't work as they should. As a workaround we ## use FOO instead of $1 here. :value => [ { 'aliasmatch' => '^/cgi-bin(.*)', 'path' => '/usr/local/apache/cgi-binFOO' } ], :match => [ /^ ScriptAliasMatch \^\/cgi-bin\(\.\*\) \/usr\/local\/apache\/cgi-binFOO$/ ], }, { :title => 'should accept multiple ScriptAliasMatch directives', :attr => 'scriptaliases', ## XXX As mentioned above, rspec-puppet drops constructs like $1. ## Thus, these tests don't work as they should. As a workaround we ## use FOO instead of $1 here. :value => [ { 'aliasmatch' => '^/cgi-bin(.*)', 'path' => '/usr/local/apache/cgi-binFOO' }, { 'aliasmatch' => '"(?x)^/git/(.*/(HEAD|info/refs|objects/(info/[^/]+|[0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(pack|idx))|git-(upload|receive)-pack))"', 'path' => '/var/www/bin/gitolite-suexec-wrapper/FOO' }, ], :match => [ /^ ScriptAliasMatch \^\/cgi-bin\(\.\*\) \/usr\/local\/apache\/cgi-binFOO$/, /^ ScriptAliasMatch "\(\?x\)\^\/git\/\(\.\*\/\(HEAD\|info\/refs\|objects\/\(info\/\[\^\/\]\+\|\[0-9a-f\]\{2\}\/\[0-9a-f\]\{38\}\|pack\/pack-\[0-9a-f\]\{40\}\\\.\(pack\|idx\)\)\|git-\(upload\|receive\)-pack\)\)" \/var\/www\/bin\/gitolite-suexec-wrapper\/FOO$/, ], }, { :title => 'should accept mixed ScriptAlias and ScriptAliasMatch directives', :attr => 'scriptaliases', ## XXX As mentioned above, rspec-puppet drops constructs like $1. ## Thus, these tests don't work as they should. As a workaround we ## use FOO instead of $1 here. :value => [ { 'aliasmatch' => '"(?x)^/git/(.*/(HEAD|info/refs|objects/(info/[^/]+|[0-9a-f]{2}/[0-9a-f]{38}|pack/pack-[0-9a-f]{40}\.(pack|idx))|git-(upload|receive)-pack))"', 'path' => '/var/www/bin/gitolite-suexec-wrapper/FOO' }, { 'alias' => '/git', 'path' => '/var/www/gitweb/index.cgi' }, { 'aliasmatch' => '^/cgi-bin(.*)', 'path' => '/usr/local/apache/cgi-binFOO' }, { 'alias' => '/trac', 'path' => '/etc/apache2/trac.fcgi' }, ], :match => [ /^ ScriptAliasMatch "\(\?x\)\^\/git\/\(\.\*\/\(HEAD\|info\/refs\|objects\/\(info\/\[\^\/\]\+\|\[0-9a-f\]\{2\}\/\[0-9a-f\]\{38\}\|pack\/pack-\[0-9a-f\]\{40\}\\\.\(pack\|idx\)\)\|git-\(upload\|receive\)-pack\)\)" \/var\/www\/bin\/gitolite-suexec-wrapper\/FOO$/, /^ ScriptAlias \/git \/var\/www\/gitweb\/index\.cgi$/, /^ ScriptAliasMatch \^\/cgi-bin\(\.\*\) \/usr\/local\/apache\/cgi-binFOO$/, /^ ScriptAlias \/trac \/etc\/apache2\/trac.fcgi$/, ], }, { :title => 'should accept proxy destinations', :attr => 'proxy_dest', :value => 'http://fake.com', :match => [ /^ ProxyPass \/ http:\/\/fake.com\/$/, /^ $/, /^ ProxyPassReverse \/$/, /^ <\/Location>$/, ], :notmatch => [/ProxyPass .+!$/], }, { :title => 'should accept proxy_pass hash', :attr => 'proxy_pass', :value => { 'path' => '/path-a', 'url' => 'http://fake.com/a' }, :match => [ /^ ProxyPass \/path-a http:\/\/fake.com\/a$/, /^ $/, /^ ProxyPassReverse \/$/, /^ <\/Location>$/, ], :notmatch => [/ProxyPass .+!$/], }, { :title => 'should accept proxy_pass array of hash', :attr => 'proxy_pass', :value => [ { 'path' => '/path-a/', 'url' => 'http://fake.com/a/' }, { 'path' => '/path-b', 'url' => 'http://fake.com/b' }, ], :match => [ /^ ProxyPass \/path-a\/ http:\/\/fake.com\/a\/$/, /^ $/, /^ ProxyPassReverse \/$/, /^ <\/Location>$/, /^ ProxyPass \/path-b http:\/\/fake.com\/b$/, /^ $/, /^ ProxyPassReverse \/$/, /^ <\/Location>$/, ], :notmatch => [/ProxyPass .+!$/], }, { :title => 'should enable rack', :attr => 'rack_base_uris', :value => ['/rack1','/rack2'], :match => [ /^ RackBaseURI \/rack1$/, /^ RackBaseURI \/rack2$/, ], }, { :title => 'should accept request headers', :attr => 'request_headers', :value => ['append something', 'unset something_else'], :match => [ /^ RequestHeader append something$/, /^ RequestHeader unset something_else$/, ], }, { :title => 'should accept rewrite rules', :attr => 'rewrite_rule', :value => 'not a real rule', :match => [/^ RewriteRule not a real rule$/], }, { :title => 'should block scm', :attr => 'block', :value => 'scm', :match => [/^ $/], }, { :title => 'should accept a custom fragment', :attr => 'custom_fragment', :value => " Some custom fragment line\n That spans multiple lines", :match => [ /^ Some custom fragment line$/, /^ That spans multiple lines$/, /^<\/VirtualHost>$/, ], }, { :title => 'should accept an array of alias hashes', :attr => 'aliases', :value => [ { 'alias' => '/', 'path' => '/var/www'} ], :match => [/^ Alias \/ \/var\/www$/], }, { :title => 'should accept an alias hash', :attr => 'aliases', :value => { 'alias' => '/', 'path' => '/var/www'}, :match => [/^ Alias \/ \/var\/www$/], }, { :title => 'should accept multiple aliases', :attr => 'aliases', :value => [ { 'alias' => '/', 'path' => '/var/www'}, { 'alias' => '/cgi-bin', 'path' => '/var/www/cgi-bin'}, { 'alias' => '/css', 'path' => '/opt/someapp/css'}, ], :match => [ /^ Alias \/ \/var\/www$/, /^ Alias \/cgi-bin \/var\/www\/cgi-bin$/, /^ Alias \/css \/opt\/someapp\/css$/, ], }, { :title => 'should accept an aliasmatch hash', :attr => 'aliases', ## XXX As mentioned above, rspec-puppet drops the $1. Thus, these # tests don't work. #:value => { 'aliasmatch' => '^/image/(.*).gif', 'path' => '/files/gifs/$1.gif' }, #:match => [/^ AliasMatch \^\/image\/\(\.\*\)\.gif \/files\/gifs\/\$1\.gif$/], }, { :title => 'should accept a array of alias and aliasmatch hashes mixed', :attr => 'aliases', ## XXX As mentioned above, rspec-puppet drops the $1. Thus, these # tests don't work. #:value => [ # { 'alias' => '/css', 'path' => '/files/css' }, # { 'aliasmatch' => '^/image/(.*).gif', 'path' => '/files/gifs/$1.gif' }, # { 'aliasmatch' => '^/image/(.*).jpg', 'path' => '/files/jpgs/$1.jpg' }, # { 'alias' => '/image', 'path' => '/files/images' }, #], #:match => [ # /^ Alias \/css \/files\/css$/, # /^ AliasMatch \^\/image\/\(.\*\)\.gif \/files\/gifs\/\$1\.gif$/, # /^ AliasMatch \^\/image\/\(.\*\)\.jpg \/files\/jpgs\/\$1\.jpg$/, # /^ Alias \/image \/files\/images$/ #], }, { :title => 'should accept multiple additional includes', :attr => 'additional_includes', :value => [ '/tmp/proxy_group_a', '/tmp/proxy_group_b', '/tmp/proxy_group_c', ], :match => [ /^ Include \/tmp\/proxy_group_a$/, /^ Include \/tmp\/proxy_group_b$/, /^ Include \/tmp\/proxy_group_c$/, ], }, { :title => 'should accept a suPHP_Engine', :attr => 'suphp_engine', :value => 'on', :match => [/^ suPHP_Engine on$/], }, { :title => 'should accept a wsgi script alias', :attr => 'wsgi_script_aliases', :value => { '/' => '/var/www/myapp.wsgi'}, :match => [/^ WSGIScriptAlias \/ \/var\/www\/myapp.wsgi$/], }, { :title => 'should accept multiple wsgi aliases', :attr => 'wsgi_script_aliases', :value => { '/wiki' => '/usr/local/wsgi/scripts/mywiki.wsgi', '/blog' => '/usr/local/wsgi/scripts/myblog.wsgi', '/' => '/usr/local/wsgi/scripts/myapp.wsgi', }, :match => [ /^ WSGIScriptAlias \/wiki \/usr\/local\/wsgi\/scripts\/mywiki.wsgi$/, /^ WSGIScriptAlias \/blog \/usr\/local\/wsgi\/scripts\/myblog.wsgi$/, /^ WSGIScriptAlias \/ \/usr\/local\/wsgi\/scripts\/myapp.wsgi$/, ], }, { :title => 'should accept a directory', :attr => 'directories', :value => { 'path' => '/opt/app' }, :notmatch => [' '], :match => [ /^ $/, /^ AllowOverride None$/, /^ Order allow,deny$/, /^ Allow from all$/, /^ <\/Directory>$/, ], }, { :title => 'should accept directory directives hash', :attr => 'directories', :value => { 'path' => '/opt/app', 'headers' => 'Set X-Robots-Tag "noindex, noarchive, nosnippet"', 'allow' => 'from rspec.org', 'allow_override' => 'Lol', 'deny' => 'from google.com', 'options' => '-MultiViews', 'order' => 'deny,yned', 'passenger_enabled' => 'onf', }, :match => [ /^ $/, /^ Header Set X-Robots-Tag "noindex, noarchive, nosnippet"$/, /^ Allow from rspec.org$/, /^ AllowOverride Lol$/, /^ Deny from google.com$/, /^ Options -MultiViews$/, /^ Order deny,yned$/, /^ PassengerEnabled onf$/, /^ <\/Directory>$/, ], }, { :title => 'should accept directory directives with arrays and hashes', :attr => 'directories', :value => [ { 'path' => '/opt/app1', 'allow' => 'from rspec.org', 'allow_override' => ['AuthConfig','Indexes'], 'deny' => 'from google.com', 'options' => ['-MultiViews','+MultiViews'], 'order' => ['deny','yned'], 'passenger_enabled' => 'onf', }, { 'path' => '/opt/app2', 'addhandlers' => { 'handler' => 'cgi-script', 'extensions' => '.cgi', }, }, ], :match => [ /^ $/, /^ Allow from rspec.org$/, /^ AllowOverride AuthConfig Indexes$/, /^ Deny from google.com$/, /^ Options -MultiViews \+MultiViews$/, /^ Order deny,yned$/, /^ PassengerEnabled onf$/, /^ <\/Directory>$/, /^ $/, /^ AllowOverride None$/, /^ Order allow,deny$/, /^ Allow from all$/, /^ AddHandler cgi-script .cgi$/, /^ <\/Directory>$/, ], }, { :title => 'should accept multiple directories', :attr => 'directories', :value => [ { 'path' => '/opt/app' }, { 'path' => '/var/www' }, { 'path' => '/rspec/docroot'} ], :match => [ /^ $/, /^ $/, /^ $/, ], }, { :title => 'should accept location for provider', :attr => 'directories', :value => { 'path' => '/', 'provider' => 'location', }, :notmatch => [' AllowOverride None'], :match => [ /^ $/, /^ Order allow,deny$/, /^ Allow from all$/, /^ <\/Location>$/, ], }, { :title => 'should accept files for provider', :attr => 'directories', :value => { 'path' => 'index.html', 'provider' => 'files', }, :notmatch => [' AllowOverride None'], :match => [ /^ $/, /^ Order allow,deny$/, /^ Allow from all$/, /^ <\/Files>$/, ], }, { :title => 'should contain virtual_docroot', :attr => 'virtual_docroot', :value => '/not/default', :match => [ /^ VirtualDocumentRoot \/not\/default$/, ], }, ].each do |param| describe "when #{param[:attr]} is #{param[:value]}" do let :params do default_params.merge({ param[:attr].to_sym => param[:value] }) end it { should contain_file("25-#{title}.conf").with_mode('0644') } if param[:match] it "#{param[:title]}: matches" do param[:match].each do |match| should contain_file("25-#{title}.conf").with_content( match ) end end end if param[:notmatch] it "#{param[:title]}: notmatches" do param[:notmatch].each do |notmatch| should_not contain_file("25-#{title}.conf").with_content( notmatch ) end end end end end end context ".conf content with SSL" do [ { :title => 'should accept setting SSLCertificateFile', :attr => 'ssl_cert', :value => '/path/to/cert.pem', :match => [/^ SSLCertificateFile \/path\/to\/cert\.pem$/], }, { :title => 'should accept setting SSLCertificateKeyFile', :attr => 'ssl_key', :value => '/path/to/cert.pem', :match => [/^ SSLCertificateKeyFile \/path\/to\/cert\.pem$/], }, { :title => 'should accept setting SSLCertificateChainFile', :attr => 'ssl_chain', :value => '/path/to/cert.pem', :match => [/^ SSLCertificateChainFile \/path\/to\/cert\.pem$/], }, { :title => 'should accept setting SSLCertificatePath', :attr => 'ssl_certs_dir', :value => '/path/to/certs', :match => [/^ SSLCACertificatePath \/path\/to\/certs$/], }, { :title => 'should accept setting SSLCertificateFile', :attr => 'ssl_ca', :value => '/path/to/ca.pem', :match => [/^ SSLCACertificateFile \/path\/to\/ca\.pem$/], }, { :title => 'should accept setting SSLRevocationPath', :attr => 'ssl_crl_path', :value => '/path/to/crl', :match => [/^ SSLCARevocationPath \/path\/to\/crl$/], }, { :title => 'should accept setting SSLRevocationFile', :attr => 'ssl_crl', :value => '/path/to/crl.pem', :match => [/^ SSLCARevocationFile \/path\/to\/crl\.pem$/], }, { :title => 'should accept setting SSLProxyEngine', :attr => 'ssl_proxyengine', :value => true, :match => [/^ SSLProxyEngine On$/], }, { :title => 'should accept setting SSLProtocol', :attr => 'ssl_protocol', :value => 'all -SSLv2', :match => [/^ SSLProtocol all -SSLv2$/], }, { :title => 'should accept setting SSLCipherSuite', :attr => 'ssl_cipher', :value => 'RC4-SHA:HIGH:!ADH:!SSLv2', :match => [/^ SSLCipherSuite RC4-SHA:HIGH:!ADH:!SSLv2$/], }, { :title => 'should accept setting SSLHonorCipherOrder', :attr => 'ssl_honorcipherorder', :value => 'On', :match => [/^ SSLHonorCipherOrder On$/], }, { :title => 'should accept setting SSLVerifyClient', :attr => 'ssl_verify_client', :value => 'optional', :match => [/^ SSLVerifyClient optional$/], }, { :title => 'should accept setting SSLVerifyDepth', :attr => 'ssl_verify_depth', :value => '1', :match => [/^ SSLVerifyDepth 1$/], }, { :title => 'should accept setting SSLOptions with a string', :attr => 'ssl_options', :value => '+ExportCertData', :match => [/^ SSLOptions \+ExportCertData$/], }, { :title => 'should accept setting SSLOptions with an array', :attr => 'ssl_options', :value => ['+StrictRequire','+ExportCertData'], :match => [/^ SSLOptions \+StrictRequire \+ExportCertData/], }, { :title => 'should accept setting SSLOptions with a string in directories', :attr => 'directories', :value => { 'path' => '/srv/www', 'ssl_options' => '+ExportCertData'}, :match => [/^ SSLOptions \+ExportCertData$/], }, { :title => 'should accept setting SSLOptions with an array in directories', :attr => 'directories', :value => { 'path' => '/srv/www', 'ssl_options' => ['-StdEnvVars','+ExportCertData']}, :match => [/^ SSLOptions -StdEnvVars \+ExportCertData/], }, ].each do |param| describe "when #{param[:attr]} is #{param[:value]} with SSL" do let :params do default_params.merge( { param[:attr].to_sym => param[:value], :ssl => true, } ) end it { should contain_file("25-#{title}.conf").with_mode('0644') } if param[:match] it "#{param[:title]}: matches" do param[:match].each do |match| should contain_file("25-#{title}.conf").with_content( match ) end end end if param[:notmatch] it "#{param[:title]}: notmatches" do param[:notmatch].each do |notmatch| should_not contain_file("25-#{title}.conf").with_content( notmatch ) end end end end end end context 'attribute resources' do describe 'when access_log_file and access_log_pipe are specified' do let :params do default_params.merge({ :access_log_file => 'fake.log', :access_log_pipe => '| /bin/fake', }) end it 'should cause a failure' do expect { subject }.to raise_error(Puppet::Error, /'access_log_file' and 'access_log_pipe' cannot be defined at the same time/) end end describe 'when error_log_file and error_log_pipe are specified' do let :params do default_params.merge({ :error_log_file => 'fake.log', :error_log_pipe => '| /bin/fake', }) end it 'should cause a failure' do expect { subject }.to raise_error(Puppet::Error, /'error_log_file' and 'error_log_pipe' cannot be defined at the same time/) end end describe 'when docroot owner is specified' do let :params do default_params.merge({ :docroot_owner => 'testuser', :docroot_group => 'testgroup', }) end it 'should set vhost ownership' do should contain_file(params[:docroot]).with({ :ensure => :directory, :owner => 'testuser', :group => 'testgroup', }) end end describe 'when wsgi_daemon_process and wsgi_daemon_process_options are specified' do let :params do default_params.merge({ :wsgi_daemon_process => 'example.org', :wsgi_daemon_process_options => { 'processes' => '2', 'threads' => '15' }, }) end it 'should set wsgi_daemon_process_options' do should contain_file("25-#{title}.conf").with_content( /^ WSGIDaemonProcess example.org processes=2 threads=15$/ ) end end describe 'when rewrite_rule and rewrite_cond are specified' do let :params do default_params.merge({ :rewrite_cond => '%{HTTPS} off', :rewrite_rule => '(.*) https://%{HTTPS_HOST}%{REQUEST_URI}', }) end it 'should set RewriteCond' do should contain_file("25-#{title}.conf").with_content( /^ RewriteCond %\{HTTPS\} off$/ ) end end describe 'when suphp_engine is on and suphp_configpath is specified' do let :params do default_params.merge({ :suphp_engine => 'on', :suphp_configpath => '/etc/php5/apache2', }) end it 'should set suphp_configpath' do should contain_file("25-#{title}.conf").with_content( /^ suPHP_ConfigPath \/etc\/php5\/apache2$/ ) end end describe 'when suphp_engine is on and suphp_addhandler is specified' do let :params do default_params.merge({ :suphp_engine => 'on', :suphp_addhandler => 'x-httpd-php', }) end it 'should set suphp_addhandler' do should contain_file("25-#{title}.conf").with_content( /^ suPHP_AddHandler x-httpd-php/ ) end end describe 'when suphp_engine is on and suphp { user & group } is specified' do let :params do default_params.merge({ :suphp_engine => 'on', :directories => { 'path' => '/srv/www', 'suphp' => { 'user' => 'myappuser', 'group' => 'myappgroup' }, } }) end it 'should set suphp_UserGroup' do should contain_file("25-#{title}.conf").with_content( /^ suPHP_UserGroup myappuser myappgroup/ ) end end describe 'priority/default settings' do describe 'when neither priority/default is specified' do let :params do default_params end it { should contain_file("25-#{title}.conf").with_path( /25-#{title}.conf/ ) } end describe 'when both priority/default_vhost is specified' do let :params do default_params.merge({ :priority => 15, :default_vhost => true, }) end it { should contain_file("15-#{title}.conf").with_path( /15-#{title}.conf/ ) } end describe 'when only priority is specified' do let :params do default_params.merge({ :priority => 14, }) end it { should contain_file("14-#{title}.conf").with_path( /14-#{title}.conf/ ) } end describe 'when only default is specified' do let :params do default_params.merge({ :default_vhost => true, }) end it { should contain_file("10-#{title}.conf").with_path( /10-#{title}.conf/ ) } end end describe 'various ip/port combos' do describe 'when ip_based is true' do let :params do default_params.merge({ :ip_based => true }) end it 'should not specify a NameVirtualHost' do should contain_apache__listen(params[:port]) should_not contain_apache__namevirtualhost("*:#{params[:port]}") end end describe 'when ip_based is default' do let :params do default_params end it 'should specify a NameVirtualHost' do should contain_apache__listen(params[:port]) should contain_apache__namevirtualhost("*:#{params[:port]}") end end describe 'when an ip is set' do let :params do default_params.merge({ :ip => '10.0.0.1' }) end it 'should specify a NameVirtualHost for the ip' do should_not contain_apache__listen(params[:port]) should contain_apache__listen("10.0.0.1:#{params[:port]}") should contain_apache__namevirtualhost("10.0.0.1:#{params[:port]}") end end describe 'an ip_based vhost without a port' do let :params do { :docroot => '/fake', :ip => '10.0.0.1', :ip_based => true, } end it 'should specify a NameVirtualHost for the ip' do should_not contain_apache__listen(params[:ip]) should_not contain_apache__namevirtualhost(params[:ip]) should contain_file("25-#{title}.conf").with_content %r{} end end end describe 'redirect rules' do describe 'without lockstep arrays' do let :params do default_params.merge({ :redirect_source => [ '/login', '/logout', ], :redirect_dest => [ 'http://10.0.0.10/login', 'http://10.0.0.10/logout', ], :redirect_status => [ 'permanent', '', ], }) end it { should contain_file("25-#{title}.conf").with_content %r{ Redirect permanent /login http://10\.0\.0\.10/login} } it { should contain_file("25-#{title}.conf").with_content %r{ Redirect /logout http://10\.0\.0\.10/logout} } end describe 'without a status' do let :params do default_params.merge({ :redirect_source => [ '/login', '/logout', ], :redirect_dest => [ 'http://10.0.0.10/login', 'http://10.0.0.10/logout', ], }) end it { should contain_file("25-#{title}.conf").with_content %r{ Redirect /login http://10\.0\.0\.10/login} } it { should contain_file("25-#{title}.conf").with_content %r{ Redirect /logout http://10\.0\.0\.10/logout} } end describe 'with a single status and dest' do let :params do default_params.merge({ :redirect_source => [ '/login', '/logout', ], :redirect_dest => 'http://10.0.0.10/test', :redirect_status => 'permanent', }) end it { should contain_file("25-#{title}.conf").with_content %r{ Redirect permanent /login http://10\.0\.0\.10/test} } it { should contain_file("25-#{title}.conf").with_content %r{ Redirect permanent /logout http://10\.0\.0\.10/test} } end describe 'with a directoryindex specified' do let :params do default_params.merge({ :directoryindex => 'index.php' }) end it { should contain_file("25-#{title}.conf").with_content %r{DirectoryIndex index.php} } end end end end end puppetlabs-apache-0.10.0/spec/classes/apache_spec.rb000644 000765 000024 00000034766 12250205751 023016 0ustar00hunnerstaff000000 000000 require 'spec_helper' describe 'apache', :type => :class do context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_package("httpd").with( 'notify' => 'Class[Apache::Service]', 'ensure' => 'installed' ) } it { should contain_user("www-data") } it { should contain_group("www-data") } it { should contain_class("apache::service") } it { should contain_file("/etc/apache2/sites-enabled").with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { should contain_file("/etc/apache2/mods-enabled").with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { should contain_file("/etc/apache2/mods-available").with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { should contain_concat("/etc/apache2/ports.conf").with( 'owner' => 'root', 'group' => 'root', 'mode' => '0644', 'notify' => 'Class[Apache::Service]' ) } # Assert that load files are placed and symlinked for these mods, but no conf file. [ 'auth_basic', 'authn_file', 'authz_default', 'authz_groupfile', 'authz_host', 'authz_user', 'dav', 'env' ].each do |modname| it { should contain_file("#{modname}.load").with( 'path' => "/etc/apache2/mods-available/#{modname}.load", 'ensure' => 'file' ) } it { should contain_file("#{modname}.load symlink").with( 'path' => "/etc/apache2/mods-enabled/#{modname}.load", 'ensure' => 'link', 'target' => "/etc/apache2/mods-available/#{modname}.load" ) } it { should_not contain_file("#{modname}.conf") } it { should_not contain_file("#{modname}.conf symlink") } end # Assert that both load files and conf files are placed and symlinked for these mods [ 'alias', 'autoindex', 'dav_fs', 'deflate', 'dir', 'mime', 'negotiation', 'setenvif', ].each do |modname| it { should contain_file("#{modname}.load").with( 'path' => "/etc/apache2/mods-available/#{modname}.load", 'ensure' => 'file' ) } it { should contain_file("#{modname}.load symlink").with( 'path' => "/etc/apache2/mods-enabled/#{modname}.load", 'ensure' => 'link', 'target' => "/etc/apache2/mods-available/#{modname}.load" ) } it { should contain_file("#{modname}.conf").with( 'path' => "/etc/apache2/mods-available/#{modname}.conf", 'ensure' => 'file' ) } it { should contain_file("#{modname}.conf symlink").with( 'path' => "/etc/apache2/mods-enabled/#{modname}.conf", 'ensure' => 'link', 'target' => "/etc/apache2/mods-available/#{modname}.conf" ) } end describe "Don't create user resource" do context "when parameter manage_user is false" do let :params do { :manage_user => false } end it { should_not contain_user('www-data') } it { should contain_file("/etc/apache2/apache2.conf").with_content %r{^User www-data\n} } end end describe "Don't create group resource" do context "when parameter manage_group is false" do let :params do { :manage_group => false } end it { should_not contain_group('www-data') } it { should contain_file("/etc/apache2/apache2.conf").with_content %r{^Group www-data\n} } end end end context "on a RedHat 5 OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '5', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_package("httpd").with( 'notify' => 'Class[Apache::Service]', 'ensure' => 'installed' ) } it { should contain_user("apache") } it { should contain_group("apache") } it { should contain_class("apache::service") } it { should contain_file("/etc/httpd/conf.d").with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { should contain_concat("/etc/httpd/conf/ports.conf").with( 'owner' => 'root', 'group' => 'root', 'mode' => '0644', 'notify' => 'Class[Apache::Service]' ) } describe "Alternate confd/mod/vhosts directory" do let :params do { :vhost_dir => '/etc/httpd/site.d', :confd_dir => '/etc/httpd/conf.d', :mod_dir => '/etc/httpd/mod.d', } end ['mod.d','site.d','conf.d'].each do |dir| it { should contain_file("/etc/httpd/#{dir}").with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } end # Assert that load files are placed for these mods, but no conf file. [ 'auth_basic', 'authn_file', 'authz_default', 'authz_groupfile', 'authz_host', 'authz_user', 'dav', 'env', ].each do |modname| it { should contain_file("#{modname}.load").with_path( "/etc/httpd/mod.d/#{modname}.load" ) } it { should_not contain_file("#{modname}.conf").with_path( "/etc/httpd/mod.d/#{modname}.conf" ) } end # Assert that both load files and conf files are placed for these mods [ 'alias', 'autoindex', 'dav_fs', 'deflate', 'dir', 'mime', 'negotiation', 'setenvif', ].each do |modname| it { should contain_file("#{modname}.load").with_path( "/etc/httpd/mod.d/#{modname}.load" ) } it { should contain_file("#{modname}.conf").with_path( "/etc/httpd/mod.d/#{modname}.conf" ) } end it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include /etc/httpd/conf\.d/\*\.conf$} } it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include /etc/httpd/site\.d/\*\.conf$} } it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include /etc/httpd/mod\.d/\*\.conf$} } it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include /etc/httpd/mod\.d/\*\.load$} } end describe "Alternate conf.d directory" do let :params do { :confd_dir => '/etc/httpd/special_conf.d' } end it { should contain_file("/etc/httpd/special_conf.d").with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } end describe "Alternate mpm_modules" do context "when declaring mpm_module is false" do let :params do { :mpm_module => false } end it 'should not declare mpm modules' do should_not contain_class('apache::mod::event') should_not contain_class('apache::mod::itk') should_not contain_class('apache::mod::peruser') should_not contain_class('apache::mod::prefork') should_not contain_class('apache::mod::worker') end end context "when declaring mpm_module => prefork" do let :params do { :mpm_module => 'prefork' } end it { should contain_class('apache::mod::prefork') } it { should_not contain_class('apache::mod::event') } it { should_not contain_class('apache::mod::itk') } it { should_not contain_class('apache::mod::peruser') } it { should_not contain_class('apache::mod::worker') } end context "when declaring mpm_module => worker" do let :params do { :mpm_module => 'worker' } end it { should contain_class('apache::mod::worker') } it { should_not contain_class('apache::mod::event') } it { should_not contain_class('apache::mod::itk') } it { should_not contain_class('apache::mod::peruser') } it { should_not contain_class('apache::mod::prefork') } end context "when declaring mpm_module => breakme" do let :params do { :mpm_module => 'breakme' } end it { expect { subject }.to raise_error Puppet::Error, /does not match/ } end end describe "different templates for httpd.conf" do context "with default" do let :params do { :conf_template => 'apache/httpd.conf.erb' } end it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^# Security\n} } end context "with non-default" do let :params do { :conf_template => 'site_apache/fake.conf.erb' } end it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Fake template for rspec.$} } end end describe "default mods" do context "without" do let :params do { :default_mods => false } end it { should contain_apache__mod('authz_host') } it { should_not contain_apache__mod('env') } end context "custom" do let :params do { :default_mods => [ 'info', 'alias', 'mime', 'env', 'setenv', 'expires', ]} end it { should contain_apache__mod('authz_host') } it { should contain_apache__mod('env') } it { should contain_class('apache::mod::info') } it { should contain_class('apache::mod::mime') } end end describe "Don't create user resource" do context "when parameter manage_user is false" do let :params do { :manage_user => false } end it { should_not contain_user('apache') } it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^User apache\n} } end end describe "Don't create group resource" do context "when parameter manage_group is false" do let :params do { :manage_group => false } end it { should_not contain_group('apache') } it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Group apache\n} } end end describe "sendfile" do context "with invalid value" do let :params do { :sendfile => 'foo' } end it "should fail" do expect do subject end.to raise_error(Puppet::Error, /"foo" does not match/) end end context "On" do let :params do { :sendfile => 'On' } end it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^EnableSendfile On\n} } end context "Off" do let :params do { :sendfile => 'Off' } end it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^EnableSendfile Off\n} } end end end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_class("apache::package").with({'ensure' => 'present'}) } it { should contain_user("www") } it { should contain_group("www") } it { should contain_class("apache::service") } it { should contain_file("/usr/local/etc/apache22/Vhosts").with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { should contain_file("/usr/local/etc/apache22/Modules").with( 'ensure' => 'directory', 'recurse' => 'true', 'purge' => 'true', 'notify' => 'Class[Apache::Service]', 'require' => 'Package[httpd]' ) } it { should contain_concat("/usr/local/etc/apache22/ports.conf").with( 'owner' => 'root', 'group' => 'wheel', 'mode' => '0644', 'notify' => 'Class[Apache::Service]' ) } # Assert that load files are placed for these mods, but no conf file. [ 'auth_basic', 'authn_file', 'authz_default', 'authz_groupfile', 'authz_host', 'authz_user', 'dav', 'env' ].each do |modname| it { should contain_file("#{modname}.load").with( 'path' => "/usr/local/etc/apache22/Modules/#{modname}.load", 'ensure' => 'file' ) } it { should_not contain_file("#{modname}.conf") } end # Assert that both load files and conf files are placed for these mods [ 'alias', 'autoindex', 'dav_fs', 'deflate', 'dir', 'mime', 'negotiation', 'setenvif', ].each do |modname| it { should contain_file("#{modname}.load").with( 'path' => "/usr/local/etc/apache22/Modules/#{modname}.load", 'ensure' => 'file' ) } it { should contain_file("#{modname}.conf").with( 'path' => "/usr/local/etc/apache22/Modules/#{modname}.conf", 'ensure' => 'file' ) } end end context 'on all OSes' do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end context 'default vhost defaults' do it { should contain_apache__vhost('default').with_ensure('present') } it { should contain_apache__vhost('default-ssl').with_ensure('absent') } end context 'without default non-ssl vhost' do let :params do { :default_vhost => false } end it { should contain_apache__vhost('default').with_ensure('absent') } end context 'with default ssl vhost' do let :params do { :default_ssl_vhost => true } end it { should contain_apache__vhost('default-ssl').with_ensure('present') } end end end puppetlabs-apache-0.10.0/spec/classes/dev_spec.rb000644 000765 000024 00000001731 12250205751 022335 0ustar00hunnerstaff000000 000000 require 'spec_helper' describe 'apache::dev', :type => :class do context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', } end it { should include_class("apache::params") } it { should contain_package("libaprutil1-dev") } it { should contain_package("libapr1-dev") } it { should contain_package("apache2-prefork-dev") } end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', } end it { should include_class("apache::params") } it { should contain_package("httpd-devel") } end context "on a FreeBSD OS" do let :pre_condition do 'include apache::package' end let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', } end it { should include_class("apache::params") } end end puppetlabs-apache-0.10.0/spec/classes/mod/000755 000765 000024 00000000000 12250205751 020775 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/spec/classes/params_spec.rb000644 000765 000024 00000001166 12250205751 023044 0ustar00hunnerstaff000000 000000 require 'spec_helper' describe 'apache::params', :type => :class do context "On a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should contain_apache__params } # There are 4 resources in this class currently # there should not be any more resources because it is a params class # The resources are class[apache::params], class[main], class[settings], stage[main] it "Should not contain any resources" do subject.resources.size.should == 4 end end end puppetlabs-apache-0.10.0/spec/classes/service_spec.rb000644 000765 000024 00000005176 12250205751 023226 0ustar00hunnerstaff000000 000000 require 'spec_helper' describe 'apache::service', :type => :class do let :pre_condition do 'include apache::params' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should contain_service("httpd").with( 'name' => 'apache2', 'ensure' => 'running', 'enable' => 'true' ) } context "with $service_name => 'foo'" do let (:params) {{ :service_name => 'foo' }} it { should contain_service("httpd").with( 'name' => 'foo' ) } end context "with $service_enable => true" do let (:params) {{ :service_enable => true }} it { should contain_service("httpd").with( 'name' => 'apache2', 'ensure' => 'running', 'enable' => 'true' ) } end context "with $service_enable => false" do let (:params) {{ :service_enable => false }} it { should contain_service("httpd").with( 'name' => 'apache2', 'ensure' => 'running', 'enable' => 'false' ) } end context "$service_enable must be a bool" do let (:params) {{ :service_enable => 'not-a-boolean' }} it 'should fail' do expect { subject }.to raise_error(Puppet::Error, /is not a boolean/) end end context "with $service_ensure => 'running'" do let (:params) {{ :service_ensure => 'running', }} it { should contain_service("httpd").with( 'ensure' => 'running', 'enable' => 'true' ) } end context "with $service_ensure => 'stopped'" do let (:params) {{ :service_ensure => 'stopped', }} it { should contain_service("httpd").with( 'ensure' => 'stopped', 'enable' => 'true' ) } end end context "on a RedHat 5 OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '5', :concat_basedir => '/dne', } end it { should contain_service("httpd").with( 'name' => 'httpd', 'ensure' => 'running', 'enable' => 'true' ) } end context "on a FreeBSD 5 OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should contain_service("httpd").with( 'name' => 'apache22', 'ensure' => 'running', 'enable' => 'true' ) } end end puppetlabs-apache-0.10.0/spec/classes/mod/auth_kerb_spec.rb000644 000765 000024 00000002261 12250205751 024301 0ustar00hunnerstaff000000 000000 describe 'apache::mod::auth_kerb', :type => :class do let :pre_condition do 'include apache' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod("auth_kerb") } it { should contain_package("libapache2-mod-auth-kerb") } end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod("auth_kerb") } it { should contain_package("mod_auth_kerb") } end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod("auth_kerb") } it { should contain_package("www/mod_auth_kerb2") } end end puppetlabs-apache-0.10.0/spec/classes/mod/authnz_ldap_spec.rb000644 000765 000024 00000003650 12250205751 024651 0ustar00hunnerstaff000000 000000 describe 'apache::mod::authnz_ldap', :type => :class do let :pre_condition do 'include apache' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should include_class("apache::mod::ldap") } it { should contain_apache__mod('authnz_ldap') } context 'default verifyServerCert' do it { should contain_file('authnz_ldap.conf').with_content(/^LDAPVerifyServerCert On$/) } end context 'verifyServerCert = false' do let(:params) { { :verifyServerCert => false } } it { should contain_file('authnz_ldap.conf').with_content(/^LDAPVerifyServerCert Off$/) } end context 'verifyServerCert = wrong' do let(:params) { { :verifyServerCert => 'wrong' } } it 'should raise an error' do expect { should raise_error Puppet::Error } end end end #Debian context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should include_class("apache::mod::ldap") } it { should contain_apache__mod('authnz_ldap') } context 'default verifyServerCert' do it { should contain_file('authnz_ldap.conf').with_content(/^LDAPVerifyServerCert On$/) } end context 'verifyServerCert = false' do let(:params) { { :verifyServerCert => false } } it { should contain_file('authnz_ldap.conf').with_content(/^LDAPVerifyServerCert Off$/) } end context 'verifyServerCert = wrong' do let(:params) { { :verifyServerCert => 'wrong' } } it 'should raise an error' do expect { should raise_error Puppet::Error } end end end # Redhat end puppetlabs-apache-0.10.0/spec/classes/mod/dav_svn_spec.rb000644 000765 000024 00000002233 12250205751 023774 0ustar00hunnerstaff000000 000000 describe 'apache::mod::dav_svn', :type => :class do let :pre_condition do 'include apache' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('dav_svn') } it { should contain_package("libapache2-svn") } end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('dav_svn') } it { should contain_package("mod_dav_svn") } end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('dav_svn') } it { should contain_package("devel/subversion") } end end puppetlabs-apache-0.10.0/spec/classes/mod/dev_spec.rb000644 000765 000024 00000001056 12250205751 023114 0ustar00hunnerstaff000000 000000 require 'spec_helper' describe 'apache::mod::dev', :type => :class do [ ['RedHat', '6'], ['Debian', '6'], ['FreeBSD', '9'], ].each do |osfamily, operatingsystemrelease| if osfamily == 'FreeBSD' let :pre_condition do 'include apache::package' end end context "on a #{osfamily} OS" do let :facts do { :osfamily => osfamily, :operatingsystemrelease => operatingsystemrelease, } end it { should include_class('apache::dev') } end end end puppetlabs-apache-0.10.0/spec/classes/mod/dir_spec.rb000644 000765 000024 00000007226 12250205751 023121 0ustar00hunnerstaff000000 000000 describe 'apache::mod::dir', :type => :class do let :pre_condition do 'class { "apache": default_mods => false, }' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end context "passing no parameters" do it { should include_class("apache::params") } it { should contain_apache__mod('dir') } it { should contain_file('dir.conf').with_content(/^DirectoryIndex /) } it { should contain_file('dir.conf').with_content(/ index\.html /) } it { should contain_file('dir.conf').with_content(/ index\.html\.var /) } it { should contain_file('dir.conf').with_content(/ index\.cgi /) } it { should contain_file('dir.conf').with_content(/ index\.pl /) } it { should contain_file('dir.conf').with_content(/ index\.php /) } it { should contain_file('dir.conf').with_content(/ index\.xhtml$/) } end context "passing indexes => ['example.txt','fearsome.aspx']" do let :params do {:indexes => ['example.txt','fearsome.aspx']} end it { should contain_file('dir.conf').with_content(/ example\.txt /) } it { should contain_file('dir.conf').with_content(/ fearsome\.aspx$/) } end end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end context "passing no parameters" do it { should include_class("apache::params") } it { should contain_apache__mod('dir') } it { should contain_file('dir.conf').with_content(/^DirectoryIndex /) } it { should contain_file('dir.conf').with_content(/ index\.html /) } it { should contain_file('dir.conf').with_content(/ index\.html\.var /) } it { should contain_file('dir.conf').with_content(/ index\.cgi /) } it { should contain_file('dir.conf').with_content(/ index\.pl /) } it { should contain_file('dir.conf').with_content(/ index\.php /) } it { should contain_file('dir.conf').with_content(/ index\.xhtml$/) } end context "passing indexes => ['example.txt','fearsome.aspx']" do let :params do {:indexes => ['example.txt','fearsome.aspx']} end it { should contain_file('dir.conf').with_content(/ example\.txt /) } it { should contain_file('dir.conf').with_content(/ fearsome\.aspx$/) } end end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end context "passing no parameters" do it { should include_class("apache::params") } it { should contain_apache__mod('dir') } it { should contain_file('dir.conf').with_content(/^DirectoryIndex /) } it { should contain_file('dir.conf').with_content(/ index\.html /) } it { should contain_file('dir.conf').with_content(/ index\.html\.var /) } it { should contain_file('dir.conf').with_content(/ index\.cgi /) } it { should contain_file('dir.conf').with_content(/ index\.pl /) } it { should contain_file('dir.conf').with_content(/ index\.php /) } it { should contain_file('dir.conf').with_content(/ index\.xhtml$/) } end context "passing indexes => ['example.txt','fearsome.aspx']" do let :params do {:indexes => ['example.txt','fearsome.aspx']} end it { should contain_file('dir.conf').with_content(/ example\.txt /) } it { should contain_file('dir.conf').with_content(/ fearsome\.aspx$/) } end end end puppetlabs-apache-0.10.0/spec/classes/mod/event_spec.rb000644 000765 000024 00000001031 12250205751 023450 0ustar00hunnerstaff000000 000000 describe 'apache::mod::event', :type => :class do let :pre_condition do 'class { "apache": mpm_module => false, }' end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should_not contain_apache__mod('event') } it { should contain_file("/usr/local/etc/apache22/Modules/event.conf").with_ensure('file') } end end puppetlabs-apache-0.10.0/spec/classes/mod/fastcgi_spec.rb000644 000765 000024 00000001635 12250205751 023761 0ustar00hunnerstaff000000 000000 describe 'apache::mod::fastcgi', :type => :class do let :pre_condition do 'include apache' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('fastcgi') } it { should contain_package("libapache2-mod-fastcgi") } it { should contain_file('fastcgi.conf') } end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('fastcgi') } it { should contain_package("mod_fastcgi") } it { should_not contain_file('fastcgi.conf') } end end puppetlabs-apache-0.10.0/spec/classes/mod/fcgid_spec.rb000644 000765 000024 00000002224 12250205751 023410 0ustar00hunnerstaff000000 000000 describe 'apache::mod::fcgid', :type => :class do let :pre_condition do 'include apache' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('fcgid') } it { should contain_package("libapache2-mod-fcgid") } end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('fcgid') } it { should contain_package("mod_fcgid") } end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('fcgid') } it { should contain_package("www/mod_fcgid") } end end puppetlabs-apache-0.10.0/spec/classes/mod/info_spec.rb000644 000765 000024 00000005001 12250205751 023263 0ustar00hunnerstaff000000 000000 # This function is called inside the OS specific contexts def general_info_specs it { should contain_apache__mod("info") } it do should contain_file("info.conf").with_content( "\n"\ " SetHandler server-info\n"\ " Order deny,allow\n"\ " Deny from all\n"\ " Allow from 127.0.0.1 ::1\n"\ "\n" ) end end describe 'apache::mod::info', :type => :class do let :pre_condition do 'include apache' end context "On a Debian OS with default params" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end # Load the more generic tests for this context general_info_specs() it { should contain_file("info.conf").with({ :ensure => 'file', :path => '/etc/apache2/mods-available/info.conf', } ) } it { should contain_file("info.conf symlink").with({ :ensure => 'link', :path => '/etc/apache2/mods-enabled/info.conf', } ) } end context "on a RedHat OS with default params" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end # Load the more generic tests for this context general_info_specs() it { should contain_file("info.conf").with_path("/etc/httpd/conf.d/info.conf") } end context "On a FreeBSD OS with default params" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end # Load the more generic tests for this context general_info_specs() it { should contain_file("info.conf").with({ :ensure => 'file', :path => '/usr/local/etc/apache22/Modules/info.conf', } ) } end context "with $allow_from => ['10.10.10.10','11.11.11.11']" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end let :params do { :allow_from => ['10.10.10.10','11.11.11.11'] } end it do should contain_file("info.conf").with_content( "\n"\ " SetHandler server-info\n"\ " Order deny,allow\n"\ " Deny from all\n"\ " Allow from 10.10.10.10 11.11.11.11\n"\ "\n" ) end end end puppetlabs-apache-0.10.0/spec/classes/mod/itk_spec.rb000644 000765 000024 00000002055 12250205751 023125 0ustar00hunnerstaff000000 000000 describe 'apache::mod::itk', :type => :class do let :pre_condition do 'class { "apache": mpm_module => false, }' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should_not contain_apache__mod('itk') } it { should contain_file("/etc/apache2/mods-available/itk.conf").with_ensure('file') } it { should contain_file("/etc/apache2/mods-enabled/itk.conf").with_ensure('link') } it { should contain_package("apache2-mpm-itk") } end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should_not contain_apache__mod('itk') } it { should contain_file("/usr/local/etc/apache22/Modules/itk.conf").with_ensure('file') } end end puppetlabs-apache-0.10.0/spec/classes/mod/mime_magic_spec.rb000644 000765 000024 00000004140 12250205751 024422 0ustar00hunnerstaff000000 000000 # This function is called inside the OS specific contexts def general_mime_magic_specs it { should contain_apache__mod("mime_magic") } end describe 'apache::mod::mime_magic', :type => :class do let :pre_condition do 'include apache' end context "On a Debian OS with default params" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end general_mime_magic_specs() it do should contain_file("mime_magic.conf").with_content( "MIMEMagicFile /etc/apache2/magic\n" ) end it { should contain_file("mime_magic.conf").with({ :ensure => 'file', :path => '/etc/apache2/mods-available/mime_magic.conf', } ) } it { should contain_file("mime_magic.conf symlink").with({ :ensure => 'link', :path => '/etc/apache2/mods-enabled/mime_magic.conf', } ) } context "with magic_file => /tmp/Debian_magic" do let :params do { :magic_file => "/tmp/Debian_magic" } end it do should contain_file("mime_magic.conf").with_content( "MIMEMagicFile /tmp/Debian_magic\n" ) end end end context "on a RedHat OS with default params" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end general_mime_magic_specs() it do should contain_file("mime_magic.conf").with_content( "MIMEMagicFile /etc/httpd/conf/magic\n" ) end it { should contain_file("mime_magic.conf").with_path("/etc/httpd/conf.d/mime_magic.conf") } end context "with magic_file => /tmp/magic" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end let :params do { :magic_file => "/tmp/magic" } end it do should contain_file("mime_magic.conf").with_content( "MIMEMagicFile /tmp/magic\n" ) end end end puppetlabs-apache-0.10.0/spec/classes/mod/passenger_spec.rb000644 000765 000024 00000010241 12250205751 024321 0ustar00hunnerstaff000000 000000 describe 'apache::mod::passenger', :type => :class do let :pre_condition do 'include apache' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('passenger') } it { should contain_package("libapache2-mod-passenger") } it { should contain_file('passenger.conf').with({ 'path' => '/etc/apache2/mods-available/passenger.conf', }) } it { should contain_file('passenger.conf').with_content(/^ PassengerRoot \/usr$/) } it { should contain_file('passenger.conf').with_content(/^ PassengerRuby \/usr\/bin\/ruby$/) } describe "with passenger_high_performance => true" do let :params do { :passenger_high_performance => 'true' } end it { should contain_file('passenger.conf').with_content(/^ PassengerHighPerformance true$/) } end describe "with passenger_pool_idle_time => 1200" do let :params do { :passenger_pool_idle_time => 1200 } end it { should contain_file('passenger.conf').with_content(/^ PassengerPoolIdleTime 1200$/) } end describe "with passenger_max_requests => 20" do let :params do { :passenger_max_requests => 20 } end it { should contain_file('passenger.conf').with_content(/^ PassengerMaxRequests 20$/) } end describe "with passenger_stat_throttle_rate => 10" do let :params do { :passenger_stat_throttle_rate => 10 } end it { should contain_file('passenger.conf').with_content(/^ PassengerStatThrottleRate 10$/) } end describe "with passenger_max_pool_size => 16" do let :params do { :passenger_max_pool_size => 16 } end it { should contain_file('passenger.conf').with_content(/^ PassengerMaxPoolSize 16$/) } end describe "with rack_autodetect => true" do let :params do { :rack_autodetect => true } end it { should contain_file('passenger.conf').with_content(/^ RackAutoDetect true$/) } end describe "with rails_autodetect => true" do let :params do { :rails_autodetect => true } end it { should contain_file('passenger.conf').with_content(/^ RailsAutoDetect true$/) } end describe "with passenger_root => '/usr/lib/example'" do let :params do { :passenger_root => '/usr/lib/example' } end it { should contain_file('passenger.conf').with_content(/^ PassengerRoot \/usr\/lib\/example$/) } end describe "with passenger_ruby => /user/lib/example/ruby" do let :params do { :passenger_ruby => '/user/lib/example/ruby' } end it { should contain_file('passenger.conf').with_content(/^ PassengerRuby \/user\/lib\/example\/ruby$/) } end describe "with passenger_use_global_queue => true" do let :params do { :passenger_use_global_queue => 'true' } end it { should contain_file('passenger.conf').with_content(/^ PassengerUseGlobalQueue true$/) } end end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('passenger') } it { should contain_package("mod_passenger") } it { should contain_file('passenger.conf').with({ 'path' => '/etc/httpd/conf.d/passenger.conf', }) } it { should contain_file('passenger.conf').with_content(/^ PassengerRoot \/usr\/share\/rubygems\/gems\/passenger-3.0.17$/) } it { should contain_file('passenger.conf').with_content(/^ PassengerRuby \/usr\/bin\/ruby$/) } end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('passenger') } it { should contain_package("www/rubygem-passenger") } end end puppetlabs-apache-0.10.0/spec/classes/mod/perl_spec.rb000644 000765 000024 00000002217 12250205751 023300 0ustar00hunnerstaff000000 000000 describe 'apache::mod::perl', :type => :class do let :pre_condition do 'include apache' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('perl') } it { should contain_package("libapache2-mod-perl2") } end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('perl') } it { should contain_package("mod_perl") } end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('perl') } it { should contain_package("www/mod_perl2") } end end puppetlabs-apache-0.10.0/spec/classes/mod/peruser_spec.rb000644 000765 000024 00000001037 12250205751 024022 0ustar00hunnerstaff000000 000000 describe 'apache::mod::peruser', :type => :class do let :pre_condition do 'class { "apache": mpm_module => false, }' end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should_not contain_apache__mod('peruser') } it { should contain_file("/usr/local/etc/apache22/Modules/peruser.conf").with_ensure('file') } end end puppetlabs-apache-0.10.0/spec/classes/mod/php_spec.rb000644 000765 000024 00000006113 12250205751 023124 0ustar00hunnerstaff000000 000000 describe 'apache::mod::php', :type => :class do describe "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end context "with mpm_module => prefork" do let :pre_condition do 'class { "apache": mpm_module => prefork, }' end it { should include_class("apache::params") } it { should contain_apache__mod('php5') } it { should contain_package("libapache2-mod-php5") } it { should contain_file("php5.load").with( :content => "LoadModule php5_module /usr/lib/apache2/modules/libphp5.so\n" ) } end context 'with mpm_module => worker' do let :pre_condition do 'class { "apache": mpm_module => worker, }' end it 'should raise an error' do expect { subject }.to raise_error Puppet::Error, /mpm_module => 'prefork'/ end end end describe "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end context "with default params" do let :pre_condition do 'class { "apache": }' end it { should include_class("apache::params") } it { should contain_apache__mod('php5') } it { should contain_package("php") } it { should contain_file("php5.load").with( :content => "LoadModule php5_module modules/libphp5.so\n" ) } end context "with specific version" do let :pre_condition do 'class { "apache": }' end let :params do { :package_ensure => '5.3.13'} end it { should contain_package("php").with( :ensure => '5.3.13' ) } end context "with mpm_module => prefork" do let :pre_condition do 'class { "apache": mpm_module => prefork, }' end it { should include_class("apache::params") } it { should contain_apache__mod('php5') } it { should contain_package("php") } it { should contain_file("php5.load").with( :content => "LoadModule php5_module modules/libphp5.so\n" ) } end end describe "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end context "with mpm_module => prefork" do let :pre_condition do 'class { "apache": mpm_module => prefork, }' end it { should include_class('apache::params') } it { should contain_apache__mod('php5') } it { should contain_package("lang/php5") } it { should contain_file('php5.load') } end # FIXME: not sure about the following context context 'with mpm_module => worker' do let :pre_condition do 'class { "apache": mpm_module => worker, }' end it 'should raise an error' do expect { subject.should contain_apache__mod('php5') }.to raise_error Puppet::Error, /mpm_module => 'prefork'/ end end end end puppetlabs-apache-0.10.0/spec/classes/mod/prefork_spec.rb000644 000765 000024 00000003125 12250205751 024005 0ustar00hunnerstaff000000 000000 describe 'apache::mod::prefork', :type => :class do let :pre_condition do 'class { "apache": mpm_module => false, }' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should_not contain_apache__mod('prefork') } it { should contain_file("/etc/apache2/mods-available/prefork.conf").with_ensure('file') } it { should contain_file("/etc/apache2/mods-enabled/prefork.conf").with_ensure('link') } it { should contain_package("apache2-mpm-prefork") } end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should_not contain_apache__mod('prefork') } it { should contain_file("/etc/httpd/conf.d/prefork.conf").with_ensure('file') } it { should contain_file_line("/etc/sysconfig/httpd prefork enable").with({ 'require' => 'Package[httpd]', }) } end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should_not contain_apache__mod('prefork') } it { should contain_file("/usr/local/etc/apache22/Modules/prefork.conf").with_ensure('file') } end end puppetlabs-apache-0.10.0/spec/classes/mod/proxy_html_spec.rb000644 000765 000024 00000002423 12250205751 024542 0ustar00hunnerstaff000000 000000 describe 'apache::mod::proxy_html', :type => :class do let :pre_condition do [ 'include apache', 'include apache::mod::proxy', 'include apache::mod::proxy_http', ] end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('proxy_html') } it { should contain_package("libapache2-mod-proxy-html") } end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('proxy_html') } it { should contain_package("mod_proxy_html") } end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('proxy_html') } it { should contain_package("www/mod_proxy_html") } end end puppetlabs-apache-0.10.0/spec/classes/mod/python_spec.rb000644 000765 000024 00000002234 12250205751 023656 0ustar00hunnerstaff000000 000000 describe 'apache::mod::python', :type => :class do let :pre_condition do 'include apache' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod("python") } it { should contain_package("libapache2-mod-python") } end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod("python") } it { should contain_package("mod_python") } end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod("python") } it { should contain_package("www/mod_python3") } end end puppetlabs-apache-0.10.0/spec/classes/mod/rpaf_spec.rb000644 000765 000024 00000004765 12250205751 023300 0ustar00hunnerstaff000000 000000 describe 'apache::mod::rpaf', :type => :class do let :pre_condition do [ 'include apache', ] end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('rpaf') } it { should contain_package("libapache2-mod-rpaf") } it { should contain_file('rpaf.conf').with({ 'path' => '/etc/apache2/mods-available/rpaf.conf', }) } it { should contain_file('rpaf.conf').with_content(/^RPAFenable On$/) } describe "with sethostname => true" do let :params do { :sethostname => 'true' } end it { should contain_file('rpaf.conf').with_content(/^RPAFsethostname On$/) } end describe "with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]" do let :params do { :proxy_ips => [ '10.42.17.8', '10.42.18.99' ] } end it { should contain_file('rpaf.conf').with_content(/^RPAFproxy_ips 10.42.17.8 10.42.18.99$/) } end describe "with header => X-Real-IP" do let :params do { :header => 'X-Real-IP' } end it { should contain_file('rpaf.conf').with_content(/^RPAFheader X-Real-IP$/) } end end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('rpaf') } it { should contain_package("www/mod_rpaf2") } it { should contain_file('rpaf.conf').with({ 'path' => '/usr/local/etc/apache22/Modules/rpaf.conf', }) } it { should contain_file('rpaf.conf').with_content(/^RPAFenable On$/) } describe "with sethostname => true" do let :params do { :sethostname => 'true' } end it { should contain_file('rpaf.conf').with_content(/^RPAFsethostname On$/) } end describe "with proxy_ips => [ 10.42.17.8, 10.42.18.99 ]" do let :params do { :proxy_ips => [ '10.42.17.8', '10.42.18.99' ] } end it { should contain_file('rpaf.conf').with_content(/^RPAFproxy_ips 10.42.17.8 10.42.18.99$/) } end describe "with header => X-Real-IP" do let :params do { :header => 'X-Real-IP' } end it { should contain_file('rpaf.conf').with_content(/^RPAFheader X-Real-IP$/) } end end end puppetlabs-apache-0.10.0/spec/classes/mod/ssl_spec.rb000644 000765 000024 00000002604 12250205751 023137 0ustar00hunnerstaff000000 000000 describe 'apache::mod::ssl', :type => :class do let :pre_condition do 'include apache' end context 'on an unsupported OS' do let :facts do { :osfamily => 'Magic', :operatingsystemrelease => '0', :concat_basedir => '/dne', } end it { expect { subject }.to raise_error(Puppet::Error, /Unsupported osfamily:/) } end context 'on a RedHat OS' do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class('apache::params') } it { should contain_apache__mod('ssl') } it { should contain_package('mod_ssl') } end context 'on a Debian OS' do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class('apache::params') } it { should contain_apache__mod('ssl') } it { should_not contain_package('libapache2-mod-ssl') } end context 'on a FreeBSD OS' do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class('apache::params') } it { should contain_apache__mod('ssl') } end end puppetlabs-apache-0.10.0/spec/classes/mod/status_spec.rb000644 000765 000024 00000010413 12250205751 023656 0ustar00hunnerstaff000000 000000 require 'spec_helper' # Helper function for testing the contents of `status.conf` def status_conf_spec(allow_from, extended_status) it do should contain_file("status.conf").with_content( "\n"\ " SetHandler server-status\n"\ " Order deny,allow\n"\ " Deny from all\n"\ " Allow from #{Array(allow_from).join(' ')}\n"\ "\n"\ "ExtendedStatus #{extended_status}\n"\ "\n"\ "\n"\ " # Show Proxy LoadBalancer status in mod_status\n"\ " ProxyStatus On\n"\ "\n" ) end end describe 'apache::mod::status', :type => :class do let :pre_condition do 'include apache' end context "on a Debian OS with default params" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should contain_apache__mod("status") } status_conf_spec(["127.0.0.1", "::1"], "On") it { should contain_file("status.conf").with({ :ensure => 'file', :path => '/etc/apache2/mods-available/status.conf', } ) } it { should contain_file("status.conf symlink").with({ :ensure => 'link', :path => '/etc/apache2/mods-enabled/status.conf', } ) } end context "on a RedHat OS with default params" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should contain_apache__mod("status") } status_conf_spec(["127.0.0.1", "::1"], "On") it { should contain_file("status.conf").with_path("/etc/httpd/conf.d/status.conf") } end context "with custom parameters $allow_from => ['10.10.10.10','11.11.11.11'], $extended_status => 'Off'" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end let :params do { :allow_from => ['10.10.10.10','11.11.11.11'], :extended_status => 'Off', } end status_conf_spec(["10.10.10.10", "11.11.11.11"], "Off") end context "with valid parameter type $allow_from => ['10.10.10.10']" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end let :params do { :allow_from => ['10.10.10.10'] } end it 'should expect to succeed array validation' do expect { should contain_file("status.conf") }.not_to raise_error() end end context "with invalid parameter type $allow_from => '10.10.10.10'" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end let :params do { :allow_from => '10.10.10.10' } end it 'should expect to fail array validation' do expect { should contain_file("status.conf") }.to raise_error(Puppet::Error) end end # Only On or Off are valid options ['On', 'Off'].each do |valid_param| context "with valid value $extended_status => '#{valid_param}'" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end let :params do { :extended_status => valid_param } end it 'should expect to succeed regular expression validation' do expect { should contain_file("status.conf") }.not_to raise_error() end end end ['Yes', 'No'].each do |invalid_param| context "with invalid value $extended_status => '#{invalid_param}'" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end let :params do { :extended_status => invalid_param } end it 'should expect to fail regular expression validation' do expect { should contain_file("status.conf") }.to raise_error(Puppet::Error) end end end end puppetlabs-apache-0.10.0/spec/classes/mod/suphp_spec.rb000644 000765 000024 00000001322 12250205751 023471 0ustar00hunnerstaff000000 000000 describe 'apache::mod::suphp', :type => :class do let :pre_condition do 'include apache' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_package("libapache2-mod-suphp") } end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_package("mod_suphp") } end end puppetlabs-apache-0.10.0/spec/classes/mod/worker_spec.rb000644 000765 000024 00000003024 12250205751 023644 0ustar00hunnerstaff000000 000000 describe 'apache::mod::worker', :type => :class do let :pre_condition do 'class { "apache": mpm_module => false, }' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should_not contain_apache__mod('worker') } it { should contain_file("/etc/apache2/mods-available/worker.conf").with_ensure('file') } it { should contain_file("/etc/apache2/mods-enabled/worker.conf").with_ensure('link') } it { should contain_package("apache2-mpm-worker") } end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should_not contain_apache__mod('worker') } it { should contain_file("/etc/httpd/conf.d/worker.conf").with_ensure('file') } it { should contain_file_line("/etc/sysconfig/httpd worker enable") } end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should_not contain_apache__mod('worker') } it { should contain_file("/usr/local/etc/apache22/Modules/worker.conf").with_ensure('file') } end end puppetlabs-apache-0.10.0/spec/classes/mod/wsgi_spec.rb000644 000765 000024 00000003130 12250205751 023302 0ustar00hunnerstaff000000 000000 describe 'apache::mod::wsgi', :type => :class do let :pre_condition do 'include apache' end context "on a Debian OS" do let :facts do { :osfamily => 'Debian', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('wsgi') } it { should contain_package("libapache2-mod-wsgi") } end context "on a RedHat OS" do let :facts do { :osfamily => 'RedHat', :operatingsystemrelease => '6', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('wsgi') } it { should contain_package("mod_wsgi") } describe "with custom WSGISocketPrefix" do let :params do { :wsgi_socket_prefix => 'run/wsgi' } end it {should contain_file('wsgi.conf').with_content(/^ WSGISocketPrefix run\/wsgi$/)} end describe "with custom WSGIPythonHome" do let :params do { :wsgi_python_home => '/path/to/virtenv' } end it {should contain_file('wsgi.conf').with_content(/^ WSGIPythonHome \/path\/to\/virtenv$/)} end end context "on a FreeBSD OS" do let :facts do { :osfamily => 'FreeBSD', :operatingsystemrelease => '9', :concat_basedir => '/dne', } end it { should include_class("apache::params") } it { should contain_apache__mod('wsgi') } it { should contain_package("www/mod_wsgi") } end end puppetlabs-apache-0.10.0/manifests/balancer.pp000644 000765 000024 00000004661 12250205751 021737 0ustar00hunnerstaff000000 000000 # == Define Resource Type: apache::balancer # # This type will create an apache balancer cluster file inside the conf.d # directory. Each balancer cluster needs one or more balancer members (that can # be declared with the apache::balancermember defined resource type). Using # storeconfigs, you can export the apache::balancermember resources on all # balancer members, and then collect them on a single apache load balancer # server. # # === Requirement/Dependencies: # # Currently requires the puppetlabs/concat module on the Puppet Forge and uses # storeconfigs on the Puppet Master to export/collect resources from all # balancer members. # # === Parameters # # [*name*] # The namevar of the defined resource type is the balancer clusters name. # This name is also used in the name of the conf.d file # # [*proxy_set*] # Hash, default empty. If given, each key-value pair will be used as a ProxySet # line in the configuration. # # [*collect_exported*] # Boolean, default 'true'. True means 'collect exported @@balancermember # resources' (for the case when every balancermember node exports itself), # false means 'rely on the existing declared balancermember resources' (for the # case when you know the full set of balancermembers in advance and use # apache::balancermember with array arguments, which allows you to deploy # everything in 1 run) # # # === Examples # # Exporting the resource for a balancer member: # # apache::balancer { 'puppet00': } # define apache::balancer ( $proxy_set = {}, $collect_exported = true, ) { include concat::setup include apache::mod::proxy_balancer $target = "${::apache::params::confd_dir}/balancer_${name}.conf" concat { $target: owner => '0', group => '0', mode => '0644', notify => Service['httpd'], } concat::fragment { "00-${name}-header": target => $target, order => '01', content => "\n", } if $collect_exported { Apache::Balancermember <<| balancer_cluster == $name |>> } # else: the resources have been created and they introduced their # concat fragments. We don't have to do anything about them. concat::fragment { "01-${name}-proxyset": target => $target, order => '19', content => inline_template("<% proxy_set.each do |key, value| %> Proxyset <%= key %>=<%= value %>\n<% end %>"), } concat::fragment { "01-${name}-footer": target => $target, order => '20', content => "\n", } } puppetlabs-apache-0.10.0/manifests/balancermember.pp000644 000765 000024 00000003272 12250205751 023124 0ustar00hunnerstaff000000 000000 # == Define Resource Type: apache::balancermember # # This type will setup a balancer member inside a listening service # configuration block in /etc/apache/apache.cfg on the load balancer. # currently it only has the ability to specify the instance name, url and an # array of options. More features can be added as needed. The best way to # implement this is to export this resource for all apache balancer member # servers, and then collect them on the main apache load balancer. # # === Requirement/Dependencies: # # Currently requires the puppetlabs/concat module on the Puppet Forge and # uses storeconfigs on the Puppet Master to export/collect resources # from all balancer members. # # === Parameters # # [*name*] # The title of the resource is arbitrary and only utilized in the concat # fragment name. # # [*balancer_cluster*] # The apache service's instance name (or, the title of the apache::balancer # resource). This must match up with a declared apache::balancer resource. # # [*url*] # The url used to contact the balancer member server. # # [*options*] # An array of options to be specified after the url. # # === Examples # # Exporting the resource for a balancer member: # # @@apache::balancermember { 'apache': # balancer_cluster => 'puppet00', # url => "ajp://${::fqdn}:8009" # options => ['ping=5', 'disablereuse=on', 'retry=5', 'ttl=120'], # } # define apache::balancermember( $balancer_cluster, $url = "http://${::fqdn}/", $options = [], ) { concat::fragment { "BalancerMember ${url}": target => "${::apache::params::confd_dir}/balancer_${balancer_cluster}.conf", content => inline_template(" BalancerMember ${url} <%= @options.join ' ' %>\n"), } } puppetlabs-apache-0.10.0/manifests/confd/000755 000765 000024 00000000000 12250205751 020711 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/manifests/default_confd_files.pp000644 000765 000024 00000000353 12250205751 024141 0ustar00hunnerstaff000000 000000 class apache::default_confd_files ( $all = true, ) { # The rest of the conf.d/* files only get loaded if we want them if $all { case $::osfamily { 'freebsd': { include apache::confd::no_accf } } } } puppetlabs-apache-0.10.0/manifests/default_mods/000755 000765 000024 00000000000 12250205751 022266 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/manifests/default_mods.pp000644 000765 000024 00000006337 12250205751 022640 0ustar00hunnerstaff000000 000000 class apache::default_mods ( $all = true, $mods = undef, ) { # These are modules required to run the default configuration. # They are not configurable at this time, so we just include # them to make sure it works. case $::osfamily { 'redhat', 'freebsd': { apache::mod { 'log_config': } } default: {} } apache::mod { 'authz_host': } # The rest of the modules only get loaded if we want all modules enabled if $all { case $::osfamily { 'debian': { include apache::mod::reqtimeout } 'redhat': { include apache::mod::cache include apache::mod::mime include apache::mod::mime_magic include apache::mod::vhost_alias include apache::mod::rewrite apache::mod { 'actions': } apache::mod { 'auth_digest': } apache::mod { 'authn_alias': } apache::mod { 'authn_anon': } apache::mod { 'authn_dbm': } apache::mod { 'authn_default': } apache::mod { 'authz_dbm': } apache::mod { 'authz_owner': } apache::mod { 'expires': } apache::mod { 'ext_filter': } apache::mod { 'include': } apache::mod { 'logio': } apache::mod { 'speling': } apache::mod { 'substitute': } apache::mod { 'suexec': } apache::mod { 'usertrack': } apache::mod { 'version': } } 'freebsd': { include apache::mod::cache include apache::mod::disk_cache include apache::mod::headers include apache::mod::info include apache::mod::mime_magic include apache::mod::reqtimeout include apache::mod::rewrite include apache::mod::userdir include apache::mod::vhost_alias apache::mod { 'actions': } apache::mod { 'asis': } apache::mod { 'auth_digest': } apache::mod { 'authn_alias': } apache::mod { 'authn_anon': } apache::mod { 'authn_dbm': } apache::mod { 'authn_default': } apache::mod { 'authz_dbm': } apache::mod { 'authz_owner': } apache::mod { 'cern_meta': } apache::mod { 'charset_lite': } apache::mod { 'dumpio': } apache::mod { 'expires': } apache::mod { 'file_cache': } apache::mod { 'filter':} apache::mod { 'imagemap':} apache::mod { 'include': } apache::mod { 'logio': } apache::mod { 'speling': } apache::mod { 'unique_id': } apache::mod { 'usertrack': } apache::mod { 'version': } } default: {} } case $apache::mpm_module { 'prefork': { include apache::mod::cgi } 'worker': { include apache::mod::cgid } } include apache::mod::alias include apache::mod::autoindex include apache::mod::dav include apache::mod::dav_fs include apache::mod::deflate include apache::mod::dir include apache::mod::mime include apache::mod::negotiation include apache::mod::setenvif apache::mod { 'auth_basic': } apache::mod { 'authn_file': } apache::mod { 'authz_default': } apache::mod { 'authz_groupfile': } apache::mod { 'authz_user': } apache::mod { 'env': } } elsif $mods { apache::default_mods::load { $mods: } } } puppetlabs-apache-0.10.0/manifests/dev.pp000644 000765 000024 00000000541 12250205751 020737 0ustar00hunnerstaff000000 000000 class apache::dev { if $::osfamily == 'FreeBSD' and !defined(Class['apache::package']) { fail('apache::dev requires apache::package; please include apache or apache::package class first') } include apache::params $packages = $apache::params::dev_packages package { $packages: ensure => present, require => Package['httpd'], } } puppetlabs-apache-0.10.0/manifests/init.pp000644 000765 000024 00000023123 12250205751 021125 0ustar00hunnerstaff000000 000000 # Class: apache # # This class installs Apache # # Parameters: # # Actions: # - Install Apache # - Manage Apache service # # Requires: # # Sample Usage: # class apache ( $service_name = $apache::params::service_name, $default_mods = true, $default_vhost = true, $default_confd_files = true, $default_ssl_vhost = false, $default_ssl_cert = $apache::params::default_ssl_cert, $default_ssl_key = $apache::params::default_ssl_key, $default_ssl_chain = undef, $default_ssl_ca = undef, $default_ssl_crl_path = undef, $default_ssl_crl = undef, $ip = undef, $service_enable = true, $service_ensure = 'running', $purge_configs = true, $purge_vdir = false, $serveradmin = 'root@localhost', $sendfile = 'On', $error_documents = false, $timeout = '120', $httpd_dir = $apache::params::httpd_dir, $server_root = $apache::params::server_root, $confd_dir = $apache::params::confd_dir, $vhost_dir = $apache::params::vhost_dir, $vhost_enable_dir = $apache::params::vhost_enable_dir, $mod_dir = $apache::params::mod_dir, $mod_enable_dir = $apache::params::mod_enable_dir, $mpm_module = $apache::params::mpm_module, $conf_template = $apache::params::conf_template, $servername = $apache::params::servername, $manage_user = true, $manage_group = true, $user = $apache::params::user, $group = $apache::params::group, $keepalive = $apache::params::keepalive, $keepalive_timeout = $apache::params::keepalive_timeout, $logroot = $apache::params::logroot, $log_level = $apache::params::log_level, $ports_file = $apache::params::ports_file, $server_tokens = 'OS', $server_signature = 'On', $trace_enable = 'On', $package_ensure = 'installed', ) inherits apache::params { validate_bool($default_vhost) validate_bool($default_ssl_vhost) validate_bool($default_confd_files) # true/false is sufficient for both ensure and enable validate_bool($service_enable) $valid_mpms_re = $::osfamily ? { 'FreeBSD' => '(event|itk|peruser|prefork|worker)', default => '(itk|prefork|worker)' } if $mpm_module { validate_re($mpm_module, $valid_mpms_re) } # NOTE: on FreeBSD it's mpm module's responsibility to install httpd package. # NOTE: the same strategy may be introduced for other OSes. For this, you # should delete the 'if' block below and modify all MPM modules' manifests # such that they include apache::package class (currently event.pp, itk.pp, # peruser.pp, prefork.pp, worker.pp). if $::osfamily != 'FreeBSD' { package { 'httpd': ensure => $package_ensure, name => $apache::params::apache_name, notify => Class['Apache::Service'], } } validate_re($sendfile, [ '^[oO]n$' , '^[oO]ff$' ]) # declare the web server user and group # Note: requiring the package means the package ought to create them and not puppet validate_bool($manage_user) if $manage_user { user { $user: ensure => present, gid => $group, require => Package['httpd'], } } validate_bool($manage_group) if $manage_group { group { $group: ensure => present, require => Package['httpd'] } } $valid_log_level_re = '(emerg|alert|crit|error|warn|notice|info|debug)' validate_re($log_level, $valid_log_level_re, "Log level '${log_level}' is not one of the supported Apache HTTP Server log levels.") class { 'apache::service': service_name => $service_name, service_enable => $service_enable, service_ensure => $service_ensure, } # Deprecated backwards-compatibility if $purge_vdir { warning('Class[\'apache\'] parameter purge_vdir is deprecated in favor of purge_configs') $purge_confd = $purge_vdir } else { $purge_confd = $purge_configs } Exec { path => '/bin:/sbin:/usr/bin:/usr/sbin', } exec { "mkdir ${confd_dir}": creates => $confd_dir, require => Package['httpd'], } file { $confd_dir: ensure => directory, recurse => true, purge => $purge_confd, notify => Class['Apache::Service'], require => Package['httpd'], } if ! defined(File[$mod_dir]) { exec { "mkdir ${mod_dir}": creates => $mod_dir, require => Package['httpd'], } file { $mod_dir: ensure => directory, recurse => true, purge => $purge_configs, notify => Class['Apache::Service'], require => Package['httpd'], } } if $mod_enable_dir and ! defined(File[$mod_enable_dir]) { $mod_load_dir = $mod_enable_dir exec { "mkdir ${mod_enable_dir}": creates => $mod_enable_dir, require => Package['httpd'], } file { $mod_enable_dir: ensure => directory, recurse => true, purge => $purge_configs, notify => Class['Apache::Service'], require => Package['httpd'], } } else { $mod_load_dir = $mod_dir } if ! defined(File[$vhost_dir]) { exec { "mkdir ${vhost_dir}": creates => $vhost_dir, require => Package['httpd'], } file { $vhost_dir: ensure => directory, recurse => true, purge => $purge_configs, notify => Class['Apache::Service'], require => Package['httpd'], } } if $vhost_enable_dir and ! defined(File[$vhost_enable_dir]) { $vhost_load_dir = $vhost_enable_dir exec { "mkdir ${vhost_load_dir}": creates => $vhost_load_dir, require => Package['httpd'], } file { $vhost_enable_dir: ensure => directory, recurse => true, purge => $purge_configs, notify => Class['Apache::Service'], require => Package['httpd'], } } else { $vhost_load_dir = $vhost_dir } concat { $ports_file: owner => 'root', group => $apache::params::root_group, mode => '0644', notify => Class['Apache::Service'], require => Package['httpd'], } concat::fragment { 'Apache ports header': target => $ports_file, content => template('apache/ports_header.erb') } if $apache::params::conf_dir and $apache::params::conf_file { case $::osfamily { 'debian': { $docroot = '/var/www' $pidfile = '${APACHE_PID_FILE}' $error_log = 'error.log' $error_documents_path = '/usr/share/apache2/error' $scriptalias = '/usr/lib/cgi-bin' $access_log_file = 'access.log' } 'redhat': { $docroot = '/var/www/html' $pidfile = 'run/httpd.pid' $error_log = 'error_log' $error_documents_path = '/var/www/error' $scriptalias = '/var/www/cgi-bin' $access_log_file = 'access_log' } 'freebsd': { $docroot = '/usr/local/www/apache22/data' $pidfile = '/var/run/httpd.pid' $error_log = 'httpd-error.log' $error_documents_path = '/usr/local/www/apache22/error' $scriptalias = '/usr/local/www/apache22/cgi-bin' $access_log_file = 'httpd-access.log' } default: { fail("Unsupported osfamily ${::osfamily}") } } $apxs_workaround = $::osfamily ? { 'freebsd' => true, default => false } # Template uses: # - $pidfile # - $user # - $group # - $logroot # - $error_log # - $sendfile # - $mod_dir # - $ports_file # - $confd_dir # - $vhost_dir # - $error_documents # - $error_documents_path # - $apxs_workaround # - $keepalive # - $keepalive_timeout # - $server_root # - $server_tokens # - $server_signature # - $trace_enable file { "${apache::params::conf_dir}/${apache::params::conf_file}": ensure => file, content => template($conf_template), notify => Class['Apache::Service'], require => Package['httpd'], } # preserve back-wards compatibility to the times when default_mods was # only a boolean value. Now it can be an array (too) if is_array($default_mods) { class { 'apache::default_mods': all => false, mods => $default_mods, } } else { class { 'apache::default_mods': all => $default_mods, } } class { 'apache::default_confd_files': all => $default_confd_files } if $mpm_module { class { "apache::mod::${mpm_module}": } } $default_vhost_ensure = $default_vhost ? { true => 'present', false => 'absent' } $default_ssl_vhost_ensure = $default_ssl_vhost ? { true => 'present', false => 'absent' } apache::vhost { 'default': ensure => $default_vhost_ensure, port => 80, docroot => $docroot, scriptalias => $scriptalias, serveradmin => $serveradmin, access_log_file => $access_log_file, priority => '15', ip => $ip, } $ssl_access_log_file = $::osfamily ? { 'freebsd' => $access_log_file, default => "ssl_${access_log_file}", } apache::vhost { 'default-ssl': ensure => $default_ssl_vhost_ensure, port => 443, ssl => true, docroot => $docroot, scriptalias => $scriptalias, serveradmin => $serveradmin, access_log_file => $ssl_access_log_file, priority => '15', ip => $ip, } } } puppetlabs-apache-0.10.0/manifests/listen.pp000644 000765 000024 00000000406 12250205751 021457 0ustar00hunnerstaff000000 000000 define apache::listen { $listen_addr_port = $name include apache::params # Template uses: $listen_addr_port concat::fragment { "Listen ${listen_addr_port}": target => $apache::params::ports_file, content => template('apache/listen.erb'), } } puppetlabs-apache-0.10.0/manifests/mod/000755 000765 000024 00000000000 12250205751 020377 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/manifests/mod.pp000644 000765 000024 00000006413 12250205751 020744 0ustar00hunnerstaff000000 000000 define apache::mod ( $package = undef, $package_ensure = 'present', $lib = undef, $lib_path = $apache::params::lib_path, $id = undef, $path = undef, ) { if ! defined(Class['apache']) { fail('You must include the apache base class before using any apache defined resources') } $mod = $name #include apache #This creates duplicate resources in rspec-puppet $mod_dir = $apache::mod_dir # Determine if we have special lib $mod_libs = $apache::params::mod_libs $mod_lib = $mod_libs[$mod] # 2.6 compatibility hack if $lib { $_lib = $lib } elsif "${mod_lib}" { $_lib = $mod_lib } else { $_lib = "mod_${mod}.so" } # Determine if declaration specified a path to the module if $path { $_path = $path } else { $_path = "${lib_path}/${_lib}" } if $id { $_id = $id } else { $_id = "${mod}_module" } # Determine if we have a package $mod_packages = $apache::params::mod_packages $mod_package = $mod_packages[$mod] # 2.6 compatibility hack if $package { $_package = $package } elsif "${mod_package}" { $_package = $mod_package } if $_package and ! defined(Package[$_package]) { # note: FreeBSD/ports uses apxs tool to activate modules; apxs clutters # httpd.conf with 'LoadModule' directives; here, by proper resource # ordering, we ensure that our version of httpd.conf is reverted after # the module gets installed. $package_before = $::osfamily ? { 'freebsd' => [ File["${mod_dir}/${mod}.load"], File["${apache::params::conf_dir}/${apache::params::conf_file}"] ], default => File["${mod_dir}/${mod}.load"], } # $_package may be an array package { $_package: ensure => $package_ensure, require => Package['httpd'], before => $package_before, } } file { "${mod}.load": ensure => file, path => "${mod_dir}/${mod}.load", owner => 'root', group => $apache::params::root_group, mode => '0644', content => "LoadModule ${_id} ${_path}\n", require => [ Package['httpd'], Exec["mkdir ${mod_dir}"], ], before => File[$mod_dir], notify => Service['httpd'], } if $::osfamily == 'Debian' { $enable_dir = $apache::mod_enable_dir file{ "${mod}.load symlink": ensure => link, path => "${enable_dir}/${mod}.load", target => "${mod_dir}/${mod}.load", owner => 'root', group => $apache::params::root_group, mode => '0644', require => [ File["${mod}.load"], Exec["mkdir ${enable_dir}"], ], before => File[$enable_dir], notify => Service['httpd'], } # Each module may have a .conf file as well, which should be # defined in the class apache::mod::module # Some modules do not require this file. if defined(File["${mod}.conf"]) { file{ "${mod}.conf symlink": ensure => link, path => "${enable_dir}/${mod}.conf", target => "${mod_dir}/${mod}.conf", owner => 'root', group => $apache::params::root_group, mode => '0644', require => [ File["${mod}.conf"], Exec["mkdir ${enable_dir}"], ], before => File[$enable_dir], notify => Service['httpd'], } } } } puppetlabs-apache-0.10.0/manifests/namevirtualhost.pp000644 000765 000024 00000000414 12250205751 023405 0ustar00hunnerstaff000000 000000 define apache::namevirtualhost { $addr_port = $name include apache::params # Template uses: $addr_port concat::fragment { "NameVirtualHost ${addr_port}": target => $apache::params::ports_file, content => template('apache/namevirtualhost.erb'), } } puppetlabs-apache-0.10.0/manifests/package.pp000644 000765 000024 00000002645 12250205751 021563 0ustar00hunnerstaff000000 000000 class apache::package ( $ensure = 'present', $mpm_module = $apache::params::mpm_module, ) { case $::osfamily { 'freebsd' : { $all_mpms = [ 'www/apache22', 'www/apache22-worker-mpm', 'www/apache22-event-mpm', 'www/apache22-itk-mpm', 'www/apache22-peruser-mpm', ] if $mpm_module { $apache_package = $mpm_module ? { 'prefork' => 'www/apache22', default => "www/apache22-${mpm_module}-mpm" } } else { $apache_package = 'www/apache22' } $other_mpms = delete($all_mpms, $apache_package) # Configure ports to have apache module packages dependent on correct # version of apache package (apache22, apache22-worker-mpm, ...) file_line { 'APACHE_PORT in /etc/make.conf': ensure => $ensure, path => '/etc/make.conf', line => "APACHE_PORT=${apache_package}", match => "^\\s*#?\\s*APACHE_PORT\\s*=\\s*", before => Package['httpd'], } # remove other packages ensure_resource('package', $other_mpms, { ensure => absent, before => Package['httpd'], require => File_line['APACHE_PORT in /etc/make.conf'], }) } default: { $apache_package = $apache::params::apache_name } } package { 'httpd': ensure => $ensure, name => $apache_package, notify => Class['Apache::Service'], } } puppetlabs-apache-0.10.0/manifests/params.pp000644 000765 000024 00000017451 12250205751 021454 0ustar00hunnerstaff000000 000000 # Class: apache::params # # This class manages Apache parameters # # Parameters: # - The $user that Apache runs as # - The $group that Apache runs as # - The $apache_name is the name of the package and service on the relevant # distribution # - The $php_package is the name of the package that provided PHP # - The $ssl_package is the name of the Apache SSL package # - The $apache_dev is the name of the Apache development libraries package # - The $conf_contents is the contents of the Apache configuration file # # Actions: # # Requires: # # Sample Usage: # class apache::params { # This will be 5 or 6 on RedHat, 6 or wheezy on Debian, 12 or quantal on Ubuntu, 3 on Amazon, etc. $osr_array = split($::operatingsystemrelease,'[\/\.]') $distrelease = $osr_array[0] if ! $distrelease { fail("Class['apache::params']: Unparsable \$::operatingsystemrelease: ${::operatingsystemrelease}") } if($::fqdn) { $servername = $::fqdn } else { $servername = $::hostname } # The default error log level $log_level = 'warn' if $::osfamily == 'RedHat' or $::operatingsystem == 'amazon' { $user = 'apache' $group = 'apache' $root_group = 'root' $apache_name = 'httpd' $service_name = 'httpd' $httpd_dir = '/etc/httpd' $server_root = '/etc/httpd' $conf_dir = "${httpd_dir}/conf" $confd_dir = "${httpd_dir}/conf.d" $mod_dir = "${httpd_dir}/conf.d" $vhost_dir = "${httpd_dir}/conf.d" $conf_file = 'httpd.conf' $ports_file = "${conf_dir}/ports.conf" $logroot = '/var/log/httpd' $lib_path = 'modules' $mpm_module = 'prefork' $dev_packages = 'httpd-devel' $default_ssl_cert = '/etc/pki/tls/certs/localhost.crt' $default_ssl_key = '/etc/pki/tls/private/localhost.key' $ssl_certs_dir = '/etc/pki/tls/certs' $passenger_root = '/usr/share/rubygems/gems/passenger-3.0.17' $passenger_ruby = '/usr/bin/ruby' $suphp_addhandler = 'php5-script' $suphp_engine = 'off' $suphp_configpath = undef $mod_packages = { 'auth_kerb' => 'mod_auth_kerb', 'authnz_ldap' => 'mod_authz_ldap', 'fastcgi' => 'mod_fastcgi', 'fcgid' => 'mod_fcgid', 'passenger' => 'mod_passenger', 'perl' => 'mod_perl', 'php5' => $distrelease ? { '5' => 'php53', default => 'php', }, 'proxy_html' => 'mod_proxy_html', 'python' => 'mod_python', 'shibboleth' => 'shibboleth', 'ssl' => 'mod_ssl', 'wsgi' => 'mod_wsgi', 'dav_svn' => 'mod_dav_svn', 'suphp' => 'mod_suphp', 'xsendfile' => 'mod_xsendfile', 'nss' => 'mod_nss', } $mod_libs = { 'php5' => 'libphp5.so', 'nss' => 'libmodnss.so', } $conf_template = 'apache/httpd.conf.erb' $keepalive = 'Off' $keepalive_timeout = 15 $fastcgi_lib_path = undef $mime_support_package = 'mailcap' $mime_types_config = '/etc/mime.types' } elsif $::osfamily == 'Debian' { $user = 'www-data' $group = 'www-data' $root_group = 'root' $apache_name = 'apache2' $service_name = 'apache2' $httpd_dir = '/etc/apache2' $server_root = '/etc/apache2' $conf_dir = $httpd_dir $confd_dir = "${httpd_dir}/conf.d" $mod_dir = "${httpd_dir}/mods-available" $mod_enable_dir = "${httpd_dir}/mods-enabled" $vhost_dir = "${httpd_dir}/sites-available" $vhost_enable_dir = "${httpd_dir}/sites-enabled" $conf_file = 'apache2.conf' $ports_file = "${conf_dir}/ports.conf" $logroot = '/var/log/apache2' $lib_path = '/usr/lib/apache2/modules' $mpm_module = 'worker' $dev_packages = ['libaprutil1-dev', 'libapr1-dev', 'apache2-prefork-dev'] $default_ssl_cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem' $default_ssl_key = '/etc/ssl/private/ssl-cert-snakeoil.key' $ssl_certs_dir = '/etc/ssl/certs' $passenger_root = '/usr' $passenger_ruby = '/usr/bin/ruby' $suphp_addhandler = 'x-httpd-php' $suphp_engine = 'off' $suphp_configpath = '/etc/php5/apache2' $mod_packages = { 'auth_kerb' => 'libapache2-mod-auth-kerb', 'dav_svn' => 'libapache2-svn', 'fastcgi' => 'libapache2-mod-fastcgi', 'fcgid' => 'libapache2-mod-fcgid', 'nss' => 'libapache2-mod-nss', 'passenger' => 'libapache2-mod-passenger', 'perl' => 'libapache2-mod-perl2', 'php5' => 'libapache2-mod-php5', 'proxy_html' => 'libapache2-mod-proxy-html', 'python' => 'libapache2-mod-python', 'rpaf' => 'libapache2-mod-rpaf', 'suphp' => 'libapache2-mod-suphp', 'wsgi' => 'libapache2-mod-wsgi', 'xsendfile' => 'libapache2-mod-xsendfile', } $mod_libs = { 'php5' => 'libphp5.so', } $conf_template = 'apache/httpd.conf.erb' $keepalive = 'Off' $keepalive_timeout = 15 $fastcgi_lib_path = '/var/lib/apache2/fastcgi' $mime_support_package = 'mime-support' $mime_types_config = '/etc/mime.types' } elsif $::osfamily == 'FreeBSD' { $user = 'www' $group = 'www' $root_group = 'wheel' $apache_name = 'apache22' $service_name = 'apache22' $httpd_dir = '/usr/local/etc/apache22' $server_root = '/usr/local' $conf_dir = $httpd_dir $confd_dir = "${httpd_dir}/Includes" $mod_dir = "${httpd_dir}/Modules" $mod_enable_dir = undef $vhost_dir = "${httpd_dir}/Vhosts" $vhost_enable_dir = undef $conf_file = 'httpd.conf' $ports_file = "${conf_dir}/ports.conf" $logroot = '/var/log/apache22' $lib_path = '/usr/local/libexec/apache22' $mpm_module = 'prefork' $dev_packages = undef $default_ssl_cert = '/usr/local/etc/apache22/server.crt' $default_ssl_key = '/usr/local/etc/apache22/server.key' $ssl_certs_dir = '/usr/local/etc/apache22' $passenger_root = '/usr/local/lib/ruby/gems/1.9/gems/passenger-4.0.10' $passenger_ruby = '/usr/bin/ruby' $suphp_addhandler = 'php5-script' $suphp_engine = 'off' $suphp_configpath = undef $mod_packages = { # NOTE: I list here only modules that are not included in www/apache22 # NOTE: 'passenger' needs to enable APACHE_SUPPORT in make config # NOTE: 'php' needs to enable APACHE option in make config # NOTE: 'dav_svn' needs to enable MOD_DAV_SVN make config # NOTE: not sure where the shibboleth should come from # NOTE: don't know where the shibboleth module should come from 'auth_kerb' => 'www/mod_auth_kerb2', 'fcgid' => 'www/mod_fcgid', 'passenger' => 'www/rubygem-passenger', 'perl' => 'www/mod_perl2', 'php5' => 'lang/php5', 'proxy_html' => 'www/mod_proxy_html', 'python' => 'www/mod_python3', 'wsgi' => 'www/mod_wsgi', 'dav_svn' => 'devel/subversion', 'xsendfile' => 'www/mod_xsendfile', 'rpaf' => 'www/mod_rpaf2' } $mod_libs = { 'php5' => 'libphp5.so', } $conf_template = 'apache/httpd.conf.erb' $keepalive = 'Off' $keepalive_timeout = 15 $fastcgi_lib_path = undef # TODO: revisit $mime_support_package = 'misc/mime-support' $mime_types_config = '/usr/local/etc/mime.types' } else { fail("Class['apache::params']: Unsupported osfamily: ${::osfamily}") } } puppetlabs-apache-0.10.0/manifests/peruser/000755 000765 000024 00000000000 12250205751 021305 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/manifests/php.pp000644 000765 000024 00000000442 12250205751 020750 0ustar00hunnerstaff000000 000000 # Class: apache::php # # This class installs PHP for Apache # # Parameters: # - $php_package # # Actions: # - Install Apache PHP package # # Requires: # # Sample Usage: # class apache::php { warning('apache::php is deprecated; please use apache::mod::php') include apache::mod::php } puppetlabs-apache-0.10.0/manifests/proxy.pp000644 000765 000024 00000000430 12250205751 021337 0ustar00hunnerstaff000000 000000 # Class: apache::proxy # # This class enabled the proxy module for Apache # # Actions: # - Enables Apache Proxy module # # Requires: # # Sample Usage: # class apache::proxy { warning('apache::proxy is deprecated; please use apache::mod::proxy') include apache::mod::proxy } puppetlabs-apache-0.10.0/manifests/python.pp000644 000765 000024 00000000467 12250205751 021511 0ustar00hunnerstaff000000 000000 # Class: apache::python # # This class installs Python for Apache # # Parameters: # - $php_package # # Actions: # - Install Apache Python package # # Requires: # # Sample Usage: # class apache::python { warning('apache::python is deprecated; please use apache::mod::python') include apache::mod::python } puppetlabs-apache-0.10.0/manifests/service.pp000644 000765 000024 00000001336 12250205751 021624 0ustar00hunnerstaff000000 000000 # Class: apache::service # # Manages the Apache daemon # # Parameters: # # Actions: # - Manage Apache service # # Requires: # # Sample Usage: # # sometype { 'foo': # notify => Class['apache::service], # } # # class apache::service ( $service_name = $apache::params::service_name, $service_enable = true, $service_ensure = 'running', ) { # The base class must be included first because parameter defaults depend on it if ! defined(Class['apache::params']) { fail('You must include the apache::params class before using any apache defined resources') } validate_bool($service_enable) service { 'httpd': ensure => $service_ensure, name => $service_name, enable => $service_enable, } } puppetlabs-apache-0.10.0/manifests/ssl.pp000644 000765 000024 00000000527 12250205751 020766 0ustar00hunnerstaff000000 000000 # Class: apache::ssl # # This class installs Apache SSL capabilities # # Parameters: # - The $ssl_package name from the apache::params class # # Actions: # - Install Apache SSL capabilities # # Requires: # # Sample Usage: # class apache::ssl { warning('apache::ssl is deprecated; please use apache::mod::ssl') include apache::mod::ssl } puppetlabs-apache-0.10.0/manifests/vhost/000755 000765 000024 00000000000 12250205751 020763 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/manifests/vhost.pp000644 000765 000024 00000036013 12250205751 021327 0ustar00hunnerstaff000000 000000 # Definition: apache::vhost # # This class installs Apache Virtual Hosts # # Parameters: # - The $port to configure the host on # - The $docroot provides the DocumentRoot variable # - The $virtual_docroot provides VirtualDocumentationRoot variable # - The $serveradmin will specify an email address for Apache that it will # display when it renders one of it's error pages # - The $ssl option is set true or false to enable SSL for this Virtual Host # - The $priority of the site # - The $servername is the primary name of the virtual host # - The $serveraliases of the site # - The $ip to configure the host on, defaulting to * # - The $options for the given vhost # - The $override for the given vhost (list of AllowOverride arguments) # - The $vhost_name for name based virtualhosting, defaulting to * # - The $logroot specifies the location of the virtual hosts logfiles, default # to /var/log// # - The $log_level specifies the verbosity of the error log for this vhost. Not # set by default for the vhost, instead the global server configuration default # of 'warn' is used. # - The $access_log specifies if *_access.log directives should be configured. # - The $ensure specifies if vhost file is present or absent. # - The $request_headers is a list of RequestHeader statement strings as per http://httpd.apache.org/docs/2.2/mod/mod_headers.html#requestheader # - $aliases is a list of Alias hashes for mod_alias as per http://httpd.apache.org/docs/current/mod/mod_alias.html # each statement is a hash in the form of { alias => '/alias', path => '/real/path/to/directory' } # - $directories is a lost of hashes for creating statements as per http://httpd.apache.org/docs/2.2/mod/core.html#directory # each statement is a hash in the form of { path => '/path/to/directory', => } # see README.md for list of supported directives. # # Actions: # - Install Apache Virtual Hosts # # Requires: # - The apache class # # Sample Usage: # # # Simple vhost definition: # apache::vhost { 'site.name.fqdn': # port => '80', # docroot => '/path/to/docroot', # } # # # SSL vhost with non-SSL rewrite: # apache::vhost { 'site.name.fqdn': # port => '443', # ssl => true, # docroot => '/path/to/docroot', # } # apache::vhost { 'site.name.fqdn': # port => '80', # rewrite_cond => '%{HTTPS} off', # rewrite_rule => '(.*) https://%{HTTPS_HOST}%{REQUEST_URI}', # } # apache::vhost { 'site.name.fqdn': # port => '80', # docroot => '/path/to/other_docroot', # custom_fragment => template("${module_name}/my_fragment.erb"), # } # define apache::vhost( $docroot, $virtual_docroot = false, $port = undef, $ip = undef, $ip_based = false, $add_listen = true, $docroot_owner = 'root', $docroot_group = $apache::params::root_group, $serveradmin = false, $ssl = false, $ssl_cert = $apache::default_ssl_cert, $ssl_key = $apache::default_ssl_key, $ssl_chain = $apache::default_ssl_chain, $ssl_ca = $apache::default_ssl_ca, $ssl_crl_path = $apache::default_ssl_crl_path, $ssl_crl = $apache::default_ssl_crl, $ssl_certs_dir = $apache::params::ssl_certs_dir, $ssl_protocol = undef, $ssl_cipher = undef, $ssl_honorcipherorder = undef, $ssl_verify_client = undef, $ssl_verify_depth = undef, $ssl_options = undef, $ssl_proxyengine = false, $priority = undef, $default_vhost = false, $servername = $name, $serveraliases = [], $options = ['Indexes','FollowSymLinks','MultiViews'], $index_options = [], $index_order_default = [], $override = ['None'], $directoryindex = '', $vhost_name = '*', $logroot = $apache::logroot, $log_level = undef, $access_log = true, $access_log_file = undef, $access_log_pipe = undef, $access_log_syslog = undef, $access_log_format = undef, $aliases = undef, $directories = undef, $error_log = true, $error_log_file = undef, $error_log_pipe = undef, $error_log_syslog = undef, $error_documents = [], $fallbackresource = undef, $scriptalias = undef, $scriptaliases = [], $proxy_dest = undef, $proxy_pass = undef, $suphp_addhandler = $apache::params::suphp_addhandler, $suphp_engine = $apache::params::suphp_engine, $suphp_configpath = $apache::params::suphp_configpath, $no_proxy_uris = [], $redirect_source = '/', $redirect_dest = undef, $redirect_status = undef, $rack_base_uris = undef, $request_headers = undef, $rewrite_rule = undef, $rewrite_cond = undef, $setenv = [], $setenvif = [], $block = [], $ensure = 'present', $wsgi_daemon_process = undef, $wsgi_daemon_process_options = undef, $wsgi_process_group = undef, $wsgi_script_aliases = undef, $custom_fragment = undef, $itk = undef, $fastcgi_server = undef, $fastcgi_socket = undef, $fastcgi_dir = undef, $additional_includes = [], ) { # The base class must be included first because it is used by parameter defaults if ! defined(Class['apache']) { fail('You must include the apache base class before using any apache defined resources') } $apache_name = $apache::params::apache_name validate_re($ensure, '^(present|absent)$', "${ensure} is not supported for ensure. Allowed values are 'present' and 'absent'.") validate_re($suphp_engine, '^(on|off)$', "${suphp_engine} is not supported for suphp_engine. Allowed values are 'on' and 'off'.") validate_bool($ip_based) validate_bool($access_log) validate_bool($error_log) validate_bool($ssl) validate_bool($default_vhost) validate_bool($ssl_proxyengine) if $wsgi_script_aliases { validate_hash($wsgi_script_aliases) } if $wsgi_daemon_process_options { validate_hash($wsgi_daemon_process_options) } if $itk { validate_hash($itk) } if $log_level { validate_re($log_level, '^(emerg|alert|crit|error|warn|notice|info|debug)$', "Log level '${log_level}' is not one of the supported Apache HTTP Server log levels.") } if $access_log_file and $access_log_pipe { fail("Apache::Vhost[${name}]: 'access_log_file' and 'access_log_pipe' cannot be defined at the same time") } if $error_log_file and $error_log_pipe { fail("Apache::Vhost[${name}]: 'error_log_file' and 'error_log_pipe' cannot be defined at the same time") } if $fallbackresource { validate_re($fallbackresource, '^/|disabled', 'Please make sure fallbackresource starts with a / (or is "disabled")') } if $ssl and $ensure == 'present' { include apache::mod::ssl # Required for the AddType lines. include apache::mod::mime } if $virtual_docroot { include apache::mod::vhost_alias } # This ensures that the docroot exists # But enables it to be specified across multiple vhost resources if ! defined(File[$docroot]) { file { $docroot: ensure => directory, owner => $docroot_owner, group => $docroot_group, require => Package['httpd'], } } # Same as above, but for logroot if ! defined(File[$logroot]) { file { $logroot: ensure => directory, require => Package['httpd'], } } # Is apache::mod::passenger enabled (or apache::mod['passenger']) $passenger_enabled = defined(Apache::Mod['passenger']) # Define log file names if $access_log_file { $access_log_destination = "${logroot}/${access_log_file}" } elsif $access_log_pipe { $access_log_destination = "\"${access_log_pipe}\"" } elsif $access_log_syslog { $access_log_destination = $access_log_syslog } else { if $ssl { $access_log_destination = "${logroot}/${servername}_access_ssl.log" } else { $access_log_destination = "${logroot}/${servername}_access.log" } } if $error_log_file { $error_log_destination = "${logroot}/${error_log_file}" } elsif $error_log_pipe { $error_log_destination = "\"${error_log_pipe}\"" } elsif $error_log_syslog { $error_log_destination = $error_log_syslog } else { if $ssl { $error_log_destination = "${logroot}/${servername}_error_ssl.log" } else { $error_log_destination = "${logroot}/${servername}_error.log" } } # Set access log format if $access_log_format { $_access_log_format = "\"${access_log_format}\"" } else { $_access_log_format = 'combined' } if $ip { if $port { $listen_addr_port = "${ip}:${port}" $nvh_addr_port = "${ip}:${port}" } else { $nvh_addr_port = $ip if ! $servername and ! $ip_based { fail("Apache::Vhost[${name}]: must pass 'ip' and/or 'port' parameters for name-based vhosts") } } } else { if $port { $listen_addr_port = $port $nvh_addr_port = "${vhost_name}:${port}" } else { $nvh_addr_port = $name if ! $servername { fail("Apache::Vhost[${name}]: must pass 'ip' and/or 'port' parameters, and/or 'servername' parameter") } } } if $add_listen { if $ip and defined(Apache::Listen[$port]) { fail("Apache::Vhost[${name}]: Mixing IP and non-IP Listen directives is not possible; check the add_listen parameter of the apache::vhost define to disable this") } if ! defined(Apache::Listen[$listen_addr_port]) and $listen_addr_port and $ensure == 'present' { apache::listen { $listen_addr_port: } } } if ! $ip_based { if ! defined(Apache::Namevirtualhost[$nvh_addr_port]) and $ensure == 'present' { apache::namevirtualhost { $nvh_addr_port: } } } # Load mod_rewrite if needed and not yet loaded if $rewrite_rule { if ! defined(Class['apache::mod::rewrite']) { include apache::mod::rewrite } } # Load mod_alias if needed and not yet loaded if ($scriptalias or $scriptaliases != []) or ($redirect_source and $redirect_dest) { if ! defined(Class['apache::mod::alias']) { include apache::mod::alias } } # Load mod_proxy if needed and not yet loaded if ($proxy_dest or $proxy_pass) { if ! defined(Class['apache::mod::proxy']) { include apache::mod::proxy } if ! defined(Class['apache::mod::proxy_http']) { include apache::mod::proxy_http } } # Load mod_passenger if needed and not yet loaded if $rack_base_uris { if ! defined(Class['apache::mod::passenger']) { include apache::mod::passenger } } # Load mod_fastci if needed and not yet loaded if $fastcgi_server and $fastcgi_socket { if ! defined(Class['apache::mod::fastcgi']) { include apache::mod::fastcgi } } # Configure the defaultness of a vhost if $priority { $priority_real = $priority } elsif $default_vhost { $priority_real = '10' } else { $priority_real = '25' } # Check if mod_headers is required to process $request_headers if $request_headers { if ! defined(Class['apache::mod::headers']) { include apache::mod::headers } } ## Apache include does not always work with spaces in the filename $filename = regsubst($name, ' ', '_', 'G') ## Create a default directory list if none defined if $directories { $_directories = $directories } else { $_directories = [ { provider => 'directory', path => $docroot, options => $options, allow_override => $override, directoryindex => $directoryindex, order => 'allow,deny', allow => 'from all', } ] } # Template uses: # - $nvh_addr_port # - $servername # - $serveradmin # - $docroot # - $virtual_docroot # - $options # - $override # - $logroot # - $name # - $aliases # - $_directories # - $log_level # - $access_log # - $access_log_destination # - $_access_log_format # - $error_log # - $error_log_destination # - $error_documents # - $fallbackresource # - $custom_fragment # - $additional_includes # block fragment: # - $block # directories fragment: # - $passenger_enabled # - $directories (a list of key-value hashes is expected) # fastcgi fragment: # - $fastcgi_server # - $fastcgi_socket # - $fastcgi_dir # proxy fragment: # - $proxy_dest # - $no_proxy_uris # rack fragment: # - $rack_base_uris # redirect fragment: # - $redirect_source # - $redirect_dest # - $redirect_status # requestheader fragment: # - $request_headers # rewrite fragment: # - $rewrite_rule # - $rewrite_cond # scriptalias fragment: # - $scriptalias # - $scriptaliases # - $ssl # serveralias fragment: # - $serveraliases # setenv fragment: # - $setenv # - $setenvif # ssl fragment: # - $ssl # - $ssl_cert # - $ssl_key # - $ssl_chain # - $ssl_certs_dir # - $ssl_ca # - $ssl_crl # - $ssl_crl_path # - $ssl_verify_client # - $ssl_verify_depth # - $ssl_options # suphp fragment: # - $suphp_addhandler # - $suphp_engine # - $suphp_configpath # wsgi fragment: # - $wsgi_daemon_process # - $wsgi_process_group # - $wsgi_script_aliases file { "${priority_real}-${filename}.conf": ensure => $ensure, path => "${apache::vhost_dir}/${priority_real}-${filename}.conf", content => template('apache/vhost.conf.erb'), owner => 'root', group => $apache::params::root_group, mode => '0644', require => [ Package['httpd'], File[$docroot], File[$logroot], ], notify => Service['httpd'], } if $::osfamily == 'Debian' { $vhost_enable_dir = $apache::vhost_enable_dir $vhost_symlink_ensure = $ensure ? { present => link, default => $ensure, } file{ "${priority_real}-${filename}.conf symlink": ensure => $vhost_symlink_ensure, path => "${vhost_enable_dir}/${priority_real}-${filename}.conf", target => "${apache::vhost_dir}/${priority_real}-${filename}.conf", owner => 'root', group => $apache::params::root_group, mode => '0644', require => File["${priority_real}-${filename}.conf"], notify => Service['httpd'], } } } puppetlabs-apache-0.10.0/manifests/vhost/custom.pp000644 000765 000024 00000000045 12250205751 022635 0ustar00hunnerstaff000000 000000 define apache::vhost::custom ( ) { } puppetlabs-apache-0.10.0/manifests/peruser/multiplexer.pp000644 000765 000024 00000000657 12250205751 024230 0ustar00hunnerstaff000000 000000 define apache::peruser::multiplexer ( $user = $apache::user, $group = $apache::group, $file = undef, ) { if ! $file { $filename = "${name}.conf" } else { $filename = $file } file { "${apache::mod_dir}/peruser/multiplexers/${filename}": ensure => file, content => "Multiplexer ${user} ${group}\n", require => File["${apache::mod_dir}/peruser/multiplexers"], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/peruser/processor.pp000644 000765 000024 00000000606 12250205751 023667 0ustar00hunnerstaff000000 000000 define apache::peruser::processor ( $user, $group, $file = undef, ) { if ! $file { $filename = "${name}.conf" } else { $filename = $file } file { "${apache::mod_dir}/peruser/processors/${filename}": ensure => file, content => "Processor ${user} ${group}\n", require => File["${apache::mod_dir}/peruser/processors"], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/alias.pp000644 000765 000024 00000001013 12250205751 022024 0ustar00hunnerstaff000000 000000 class apache::mod::alias { $icons_path = $::osfamily ? { 'debian' => '/usr/share/apache2/icons', 'redhat' => '/var/www/icons', 'freebsd' => '/usr/local/www/apache22/icons', } apache::mod { 'alias': } # Template uses $icons_path file { 'alias.conf': ensure => file, path => "${apache::mod_dir}/alias.conf", content => template('apache/mod/alias.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/auth_basic.pp000644 000765 000024 00000000102 12250205751 023033 0ustar00hunnerstaff000000 000000 class apache::mod::auth_basic { apache::mod { 'auth_basic': } } puppetlabs-apache-0.10.0/manifests/mod/auth_kerb.pp000644 000765 000024 00000000102 12250205751 022675 0ustar00hunnerstaff000000 000000 class apache::mod::auth_kerb { apache::mod { 'auth_kerb': } } puppetlabs-apache-0.10.0/manifests/mod/authnz_ldap.pp000644 000765 000024 00000000763 12250205751 023257 0ustar00hunnerstaff000000 000000 class apache::mod::authnz_ldap ( $verifyServerCert = true, ) { include 'apache::mod::ldap' apache::mod { 'authnz_ldap': } validate_bool($verifyServerCert) # Template uses: # - $verifyServerCert file { 'authnz_ldap.conf': ensure => file, path => "${apache::mod_dir}/authnz_ldap.conf", content => template('apache/mod/authnz_ldap.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/autoindex.pp000644 000765 000024 00000000572 12250205751 022744 0ustar00hunnerstaff000000 000000 class apache::mod::autoindex { apache::mod { 'autoindex': } # Template uses no variables file { 'autoindex.conf': ensure => file, path => "${apache::mod_dir}/autoindex.conf", content => template('apache/mod/autoindex.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/cache.pp000644 000765 000024 00000000070 12250205751 022000 0ustar00hunnerstaff000000 000000 class apache::mod::cache { apache::mod { 'cache': } } puppetlabs-apache-0.10.0/manifests/mod/cgi.pp000644 000765 000024 00000000161 12250205751 021500 0ustar00hunnerstaff000000 000000 class apache::mod::cgi { Class['apache::mod::prefork'] -> Class['apache::mod::cgi'] apache::mod { 'cgi': } } puppetlabs-apache-0.10.0/manifests/mod/cgid.pp000644 000765 000024 00000001267 12250205751 021654 0ustar00hunnerstaff000000 000000 class apache::mod::cgid { Class['apache::mod::worker'] -> Class['apache::mod::cgid'] # Debian specifies it's cgid sock path, but RedHat uses the default value # with no config file $cgisock_path = $::osfamily ? { 'debian' => '${APACHE_RUN_DIR}/cgisock', 'freebsd' => 'cgisock', default => undef, } apache::mod { 'cgid': } if $cgisock_path { # Template uses $cgisock_path file { 'cgid.conf': ensure => file, path => "${apache::mod_dir}/cgid.conf", content => template('apache/mod/cgid.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } } puppetlabs-apache-0.10.0/manifests/mod/dav.pp000644 000765 000024 00000000064 12250205751 021512 0ustar00hunnerstaff000000 000000 class apache::mod::dav { apache::mod { 'dav': } } puppetlabs-apache-0.10.0/manifests/mod/dav_fs.pp000644 000765 000024 00000001113 12250205751 022176 0ustar00hunnerstaff000000 000000 class apache::mod::dav_fs { $dav_lock = $::osfamily ? { 'debian' => '${APACHE_LOCK_DIR}/DAVLock', 'freebsd' => '/usr/local/var/DavLock', default => '/var/lib/dav/lockdb', } Class['apache::mod::dav'] -> Class['apache::mod::dav_fs'] apache::mod { 'dav_fs': } # Template uses: $dav_lock file { 'dav_fs.conf': ensure => file, path => "${apache::mod_dir}/dav_fs.conf", content => template('apache/mod/dav_fs.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/dav_svn.pp000644 000765 000024 00000000224 12250205751 022376 0ustar00hunnerstaff000000 000000 class apache::mod::dav_svn { Class['apache::mod::dav'] -> Class['apache::mod::dav_svn'] include apache::mod::dav apache::mod { 'dav_svn': } } puppetlabs-apache-0.10.0/manifests/mod/deflate.pp000644 000765 000024 00000000560 12250205751 022345 0ustar00hunnerstaff000000 000000 class apache::mod::deflate { apache::mod { 'deflate': } # Template uses no variables file { 'deflate.conf': ensure => file, path => "${apache::mod_dir}/deflate.conf", content => template('apache/mod/deflate.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/dev.pp000644 000765 000024 00000000245 12250205751 021517 0ustar00hunnerstaff000000 000000 class apache::mod::dev { # Development packages are not apache modules warning('apache::mod::dev is deprecated; please use apache::dev') include apache::dev } puppetlabs-apache-0.10.0/manifests/mod/dir.pp000644 000765 000024 00000001510 12250205751 021513 0ustar00hunnerstaff000000 000000 # Note: this sets the global DirectoryIndex directive, it may be necessary to consider being able to modify the apache::vhost to declare DirectoryIndex statements in a vhost configuration # Parameters: # - $indexes provides a string for the DirectoryIndex directive http://httpd.apache.org/docs/current/mod/mod_dir.html#directoryindex class apache::mod::dir ( $dir = 'public_html', $indexes = ['index.html','index.html.var','index.cgi','index.pl','index.php','index.xhtml'], ) { validate_array($indexes) apache::mod { 'dir': } # Template uses # - $indexes file { 'dir.conf': ensure => file, path => "${apache::mod_dir}/dir.conf", content => template('apache/mod/dir.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/disk_cache.pp000644 000765 000024 00000001544 12250205751 023021 0ustar00hunnerstaff000000 000000 class apache::mod::disk_cache { $cache_root = $::osfamily ? { 'debian' => '/var/cache/apache2/mod_disk_cache', 'redhat' => '/var/cache/mod_proxy', 'freebsd' => '/var/cache/mod_disk_cache', } if $::osfamily != 'FreeBSD' { # FIXME: investigate why disk_cache was dependent on proxy # NOTE: on FreeBSD disk_cache is compiled by default but proxy is not Class['apache::mod::proxy'] -> Class['apache::mod::disk_cache'] } Class['apache::mod::cache'] -> Class['apache::mod::disk_cache'] apache::mod { 'disk_cache': } # Template uses $cache_proxy file { 'disk_cache.conf': ensure => file, path => "${apache::mod_dir}/disk_cache.conf", content => template('apache/mod/disk_cache.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/event.pp000644 000765 000024 00000002756 12250205751 022073 0ustar00hunnerstaff000000 000000 class apache::mod::event ( $startservers = '2', $maxclients = '150', $minsparethreads = '25', $maxsparethreads = '75', $threadsperchild = '25', $maxrequestsperchild = '0', $serverlimit = '25', ) { if defined(Class['apache::mod::itk']) { fail('May not include both apache::mod::event and apache::mod::itk on the same node') } if defined(Class['apache::mod::peruser']) { fail('May not include both apache::mod::event and apache::mod::peruser on the same node') } if defined(Class['apache::mod::prefork']) { fail('May not include both apache::mod::event and apache::mod::prefork on the same node') } if defined(Class['apache::mod::worker']) { fail('May not include both apache::mod::event and apache::mod::worker on the same node') } File { owner => 'root', group => $apache::params::root_group, mode => '0644', } # Template uses: # - $startservers # - $maxclients # - $minsparethreads # - $maxsparethreads # - $threadsperchild # - $maxrequestsperchild # - $serverlimit file { "${apache::mod_dir}/event.conf": ensure => file, content => template('apache/mod/event.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } case $::osfamily { 'freebsd' : { class { 'apache::package': mpm_module => 'event' } } default: { fail("Unsupported osfamily ${::osfamily}") } } } puppetlabs-apache-0.10.0/manifests/mod/expires.pp000644 000765 000024 00000000074 12250205751 022420 0ustar00hunnerstaff000000 000000 class apache::mod::expires { apache::mod { 'expires': } } puppetlabs-apache-0.10.0/manifests/mod/fastcgi.pp000644 000765 000024 00000001172 12250205751 022361 0ustar00hunnerstaff000000 000000 class apache::mod::fastcgi { # Debian specifies it's fastcgi lib path, but RedHat uses the default value # with no config file $fastcgi_lib_path = $apache::params::fastcgi_lib_path apache::mod { 'fastcgi': } if $fastcgi_lib_path { # Template uses: # - $fastcgi_server # - $fastcgi_socket # - $fastcgi_dir file { 'fastcgi.conf': ensure => file, path => "${apache::mod_dir}/fastcgi.conf", content => template('apache/mod/fastcgi.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } } puppetlabs-apache-0.10.0/manifests/mod/fcgid.pp000644 000765 000024 00000000070 12250205751 022011 0ustar00hunnerstaff000000 000000 class apache::mod::fcgid { apache::mod { 'fcgid': } } puppetlabs-apache-0.10.0/manifests/mod/headers.pp000644 000765 000024 00000000073 12250205751 022353 0ustar00hunnerstaff000000 000000 class apache::mod::headers { apache::mod { 'headers': } }puppetlabs-apache-0.10.0/manifests/mod/info.pp000644 000765 000024 00000000610 12250205751 021670 0ustar00hunnerstaff000000 000000 class apache::mod::info ( $allow_from = ['127.0.0.1','::1'], ){ apache::mod { 'info': } # Template uses $allow_from file { 'info.conf': ensure => file, path => "${apache::mod_dir}/info.conf", content => template('apache/mod/info.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/itk.pp000644 000765 000024 00000003445 12250205751 021535 0ustar00hunnerstaff000000 000000 class apache::mod::itk ( $startservers = '8', $minspareservers = '5', $maxspareservers = '20', $serverlimit = '256', $maxclients = '256', $maxrequestsperchild = '4000', ) { if defined(Class['apache::mod::event']) { fail('May not include both apache::mod::itk and apache::mod::event on the same node') } if defined(Class['apache::mod::peruser']) { fail('May not include both apache::mod::itk and apache::mod::peruser on the same node') } if defined(Class['apache::mod::prefork']) { fail('May not include both apache::mod::itk and apache::mod::prefork on the same node') } if defined(Class['apache::mod::worker']) { fail('May not include both apache::mod::itk and apache::mod::worker on the same node') } File { owner => 'root', group => $apache::params::root_group, mode => '0644', } # Template uses: # - $startservers # - $minspareservers # - $maxspareservers # - $serverlimit # - $maxclients # - $maxrequestsperchild file { "${apache::mod_dir}/itk.conf": ensure => file, content => template('apache/mod/itk.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } case $::osfamily { 'debian' : { file { "${apache::mod_enable_dir}/itk.conf": ensure => link, target => "${apache::mod_dir}/itk.conf", require => Exec["mkdir ${apache::mod_enable_dir}"], before => File[$apache::mod_enable_dir], notify => Service['httpd'], } package { 'apache2-mpm-itk': ensure => present, } } 'freebsd' : { class { 'apache::package': mpm_module => 'itk' } } default: { fail("Unsupported osfamily ${::osfamily}") } } } puppetlabs-apache-0.10.0/manifests/mod/ldap.pp000644 000765 000024 00000000541 12250205751 021660 0ustar00hunnerstaff000000 000000 class apache::mod::ldap { apache::mod { 'ldap': } # Template uses no variables file { 'ldap.conf': ensure => file, path => "${apache::mod_dir}/ldap.conf", content => template('apache/mod/ldap.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/mime.pp000644 000765 000024 00000001211 12250205751 021662 0ustar00hunnerstaff000000 000000 class apache::mod::mime ( $mime_support_package = $apache::params::mime_support_package, $mime_types_config = $apache::params::mime_types_config, ) { apache::mod { 'mime': } # Template uses $mime_types_config file { 'mime.conf': ensure => file, path => "${apache::mod_dir}/mime.conf", content => template('apache/mod/mime.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } if $mime_support_package { package { $mime_support_package: ensure => 'installed', before => File["${apache::mod_dir}/mime.conf"], } } } puppetlabs-apache-0.10.0/manifests/mod/mime_magic.pp000644 000765 000024 00000000666 12250205751 023037 0ustar00hunnerstaff000000 000000 class apache::mod::mime_magic ( $magic_file = "${apache::params::conf_dir}/magic" ) { apache::mod { 'mime_magic': } # Template uses $magic_file file { 'mime_magic.conf': ensure => file, path => "${apache::mod_dir}/mime_magic.conf", content => template('apache/mod/mime_magic.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/negotiation.pp000644 000765 000024 00000000604 12250205751 023260 0ustar00hunnerstaff000000 000000 class apache::mod::negotiation { apache::mod { 'negotiation': } # Template uses no variables file { 'negotiation.conf': ensure => file, path => "${apache::mod_dir}/negotiation.conf", content => template('apache/mod/negotiation.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/nss.pp000644 000765 000024 00000001147 12250205751 021546 0ustar00hunnerstaff000000 000000 class apache::mod::nss ( $transfer_log = "${::apache::params::logroot}/access.log", $error_log = "${::apache::params::logroot}/error.log", $passwd_file = undef ) { include apache::mod::mime apache::mod { 'nss': } $httpd_dir = $apache::httpd_dir # Template uses: # $transfer_log # $error_log # $http_dir # passwd_file file { 'nss.conf': ensure => file, path => "${apache::mod_dir}/nss.conf", content => template('apache/mod/nss.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/passenger.pp000644 000765 000024 00000002341 12250205751 022727 0ustar00hunnerstaff000000 000000 class apache::mod::passenger ( $passenger_high_performance = undef, $passenger_pool_idle_time = undef, $passenger_max_requests = undef, $passenger_stat_throttle_rate = undef, $rack_autodetect = undef, $rails_autodetect = undef, $passenger_root = $apache::params::passenger_root, $passenger_ruby = $apache::params::passenger_ruby, $passenger_max_pool_size = undef, $passenger_use_global_queue = undef, ) { if $::osfamily == 'FreeBSD' { apache::mod { 'passenger': lib_path => "${passenger_root}/buildout/apache2" } } else { apache::mod { 'passenger': } } # Template uses: # - $passenger_root # - $passenger_ruby # - $passenger_max_pool_size # - $passenger_high_performance # - $passenger_max_requests # - $passenger_stat_throttle_rate # - $passenger_use_global_queue # - $rack_autodetect # - $rails_autodetect file { 'passenger.conf': ensure => file, path => "${apache::mod_dir}/passenger.conf", content => template('apache/mod/passenger.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/perl.pp000644 000765 000024 00000000066 12250205751 021704 0ustar00hunnerstaff000000 000000 class apache::mod::perl { apache::mod { 'perl': } } puppetlabs-apache-0.10.0/manifests/mod/peruser.pp000644 000765 000024 00000003725 12250205751 022434 0ustar00hunnerstaff000000 000000 class apache::mod::peruser ( $minspareprocessors = '2', $minprocessors = '2', $maxprocessors = '10', $maxclients = '150', $maxrequestsperchild = '1000', $idletimeout = '120', $expiretimeout = '120', $keepalive = 'Off', ) { if defined(Class['apache::mod::event']) { fail('May not include both apache::mod::peruser and apache::mod::event on the same node') } if defined(Class['apache::mod::itk']) { fail('May not include both apache::mod::peruser and apache::mod::itk on the same node') } if defined(Class['apache::mod::prefork']) { fail('May not include both apache::mod::peruser and apache::mod::prefork on the same node') } if defined(Class['apache::mod::worker']) { fail('May not include both apache::mod::peruser and apache::mod::worker on the same node') } File { owner => 'root', group => $apache::params::root_group, mode => '0644', } $mod_dir = $apache::mod_dir # Template uses: # - $minspareprocessors # - $minprocessors # - $maxprocessors # - $maxclients # - $maxrequestsperchild # - $idletimeout # - $expiretimeout # - $keepalive # - $mod_dir file { "${apache::mod_dir}/peruser.conf": ensure => file, content => template('apache/mod/peruser.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } file { "${apache::mod_dir}/peruser": ensure => directory, require => File[$apache::mod_dir], } file { "${apache::mod_dir}/peruser/multiplexers": ensure => directory, require => File["${apache::mod_dir}/peruser"], } file { "${apache::mod_dir}/peruser/processors": ensure => directory, require => File["${apache::mod_dir}/peruser"], } apache::peruser::multiplexer { '01-default': } case $::osfamily { 'freebsd' : { class { 'apache::package': mpm_module => 'peruser' } } default: { fail("Unsupported osfamily ${::osfamily}") } } } puppetlabs-apache-0.10.0/manifests/mod/php.pp000644 000765 000024 00000001376 12250205751 021536 0ustar00hunnerstaff000000 000000 class apache::mod::php ( $package_ensure = 'present', ) { if ! defined(Class['apache::mod::prefork']) { fail('apache::mod::php requires apache::mod::prefork; please enable mpm_module => \'prefork\' on Class[\'apache\']') } apache::mod { 'php5': package_ensure => $package_ensure, } include apache::mod::mime include apache::mod::dir Class['apache::mod::mime'] -> Class['apache::mod::dir'] -> Class['apache::mod::php'] file { 'php5.conf': ensure => file, path => "${apache::mod_dir}/php5.conf", content => template('apache/mod/php5.conf.erb'), require => [ Class['apache::mod::prefork'], Exec["mkdir ${apache::mod_dir}"], ], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/prefork.pp000644 000765 000024 00000004231 12250205751 022410 0ustar00hunnerstaff000000 000000 class apache::mod::prefork ( $startservers = '8', $minspareservers = '5', $maxspareservers = '20', $serverlimit = '256', $maxclients = '256', $maxrequestsperchild = '4000', ) { if defined(Class['apache::mod::event']) { fail('May not include both apache::mod::prefork and apache::mod::event on the same node') } if defined(Class['apache::mod::itk']) { fail('May not include both apache::mod::prefork and apache::mod::itk on the same node') } if defined(Class['apache::mod::peruser']) { fail('May not include both apache::mod::prefork and apache::mod::peruser on the same node') } if defined(Class['apache::mod::worker']) { fail('May not include both apache::mod::prefork and apache::mod::worker on the same node') } File { owner => 'root', group => $apache::params::root_group, mode => '0644', } # Template uses: # - $startservers # - $minspareservers # - $maxspareservers # - $serverlimit # - $maxclients # - $maxrequestsperchild file { "${apache::mod_dir}/prefork.conf": ensure => file, content => template('apache/mod/prefork.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } case $::osfamily { 'redhat': { file_line { '/etc/sysconfig/httpd prefork enable': ensure => present, path => '/etc/sysconfig/httpd', line => '#HTTPD=/usr/sbin/httpd.worker', match => '#?HTTPD=/usr/sbin/httpd.worker', require => Package['httpd'], notify => Service['httpd'], } } 'debian': { file { "${apache::mod_enable_dir}/prefork.conf": ensure => link, target => "${apache::mod_dir}/prefork.conf", require => Exec["mkdir ${apache::mod_enable_dir}"], before => File[$apache::mod_enable_dir], notify => Service['httpd'], } package { 'apache2-mpm-prefork': ensure => present, } } 'freebsd' : { class { 'apache::package': mpm_module => 'prefork' } } default: { fail("Unsupported osfamily ${::osfamily}") } } } puppetlabs-apache-0.10.0/manifests/mod/proxy.pp000644 000765 000024 00000000637 12250205751 022127 0ustar00hunnerstaff000000 000000 class apache::mod::proxy ( $proxy_requests = 'Off', $allow_from = undef, ) { apache::mod { 'proxy': } # Template uses $proxy_requests file { 'proxy.conf': ensure => file, path => "${apache::mod_dir}/proxy.conf", content => template('apache/mod/proxy.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/proxy_ajp.pp000644 000765 000024 00000000201 12250205751 022744 0ustar00hunnerstaff000000 000000 class apache::mod::proxy_ajp { Class['apache::mod::proxy'] -> Class['apache::mod::proxy_ajp'] apache::mod { 'proxy_ajp': } } puppetlabs-apache-0.10.0/manifests/mod/proxy_balancer.pp000644 000765 000024 00000000441 12250205751 023747 0ustar00hunnerstaff000000 000000 class apache::mod::proxy_balancer { include apache::mod::proxy include apache::mod::proxy_http Class['apache::mod::proxy'] -> Class['apache::mod::proxy_balancer'] Class['apache::mod::proxy_http'] -> Class['apache::mod::proxy_balancer'] apache::mod { 'proxy_balancer': } } puppetlabs-apache-0.10.0/manifests/mod/proxy_html.pp000644 000765 000024 00000001541 12250205751 023146 0ustar00hunnerstaff000000 000000 class apache::mod::proxy_html { Class['apache::mod::proxy'] -> Class['apache::mod::proxy_html'] Class['apache::mod::proxy_http'] -> Class['apache::mod::proxy_html'] apache::mod { 'proxy_html': } case $::osfamily { 'RedHat': { apache::mod { 'xml2enc': } } 'Debian': { $proxy_html_loadfiles = $apache::params::distrelease ? { '6' => '/usr/lib/libxml2.so.2', default => "/usr/lib/${::hardwaremodel}-linux-gnu/libxml2.so.2", } } 'FreeBSD': { apache::mod { 'xml2enc': } } } # Template uses $icons_path file { 'proxy_html.conf': ensure => file, path => "${apache::mod_dir}/proxy_html.conf", content => template('apache/mod/proxy_html.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/proxy_http.pp000644 000765 000024 00000000204 12250205751 023154 0ustar00hunnerstaff000000 000000 class apache::mod::proxy_http { Class['apache::mod::proxy'] -> Class['apache::mod::proxy_http'] apache::mod { 'proxy_http': } } puppetlabs-apache-0.10.0/manifests/mod/python.pp000644 000765 000024 00000000074 12250205751 022262 0ustar00hunnerstaff000000 000000 class apache::mod::python { apache::mod { 'python': } } puppetlabs-apache-0.10.0/manifests/mod/reqtimeout.pp000644 000765 000024 00000000577 12250205751 023147 0ustar00hunnerstaff000000 000000 class apache::mod::reqtimeout { apache::mod { 'reqtimeout': } # Template uses no variables file { 'reqtimeout.conf': ensure => file, path => "${apache::mod_dir}/reqtimeout.conf", content => template('apache/mod/reqtimeout.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/rewrite.pp000644 000765 000024 00000000125 12250205751 022417 0ustar00hunnerstaff000000 000000 class apache::mod::rewrite { include apache::params apache::mod { 'rewrite': } } puppetlabs-apache-0.10.0/manifests/mod/rpaf.pp000644 000765 000024 00000000750 12250205751 021672 0ustar00hunnerstaff000000 000000 class apache::mod::rpaf ( $sethostname = true, $proxy_ips = [ '127.0.0.1' ], $header = 'X-Forwarded-For' ) { apache::mod { 'rpaf': } # Template uses: # - $sethostname # - $proxy_ips # - $header file { 'rpaf.conf': ensure => file, path => "${apache::mod_dir}/rpaf.conf", content => template('apache/mod/rpaf.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/setenvif.pp000644 000765 000024 00000000565 12250205751 022571 0ustar00hunnerstaff000000 000000 class apache::mod::setenvif { apache::mod { 'setenvif': } # Template uses no variables file { 'setenvif.conf': ensure => file, path => "${apache::mod_dir}/setenvif.conf", content => template('apache/mod/setenvif.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/ssl.pp000644 000765 000024 00000001450 12250205751 021541 0ustar00hunnerstaff000000 000000 class apache::mod::ssl ( $ssl_compression = false, $ssl_options = [ 'StdEnvVars' ], ) { $session_cache = $::osfamily ? { 'debian' => '${APACHE_RUN_DIR}/ssl_scache(512000)', 'redhat' => '/var/cache/mod_ssl/scache(512000)', 'freebsd' => '/var/run/ssl_scache(512000)', } $ssl_mutex = $::osfamily ? { 'debian' => 'file:${APACHE_RUN_DIR}/ssl_mutex', 'redhat' => 'default', 'freebsd' => 'default', } apache::mod { 'ssl': } # Template uses $ssl_compression, $ssl_options, $session_cache, $ssl_mutex file { 'ssl.conf': ensure => file, path => "${apache::mod_dir}/ssl.conf", content => template('apache/mod/ssl.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/status.pp000644 000765 000024 00000002600 12250205751 022261 0ustar00hunnerstaff000000 000000 # Class: apache::mod::status # # This class enables and configures Apache mod_status # See: http://httpd.apache.org/docs/current/mod/mod_status.html # # Parameters: # - $allow_from is an array of hosts, ip addresses, partial network numbers # or networks in CIDR notation specifying what hosts can view the special # /server-status URL. Defaults to ['127.0.0.1', '::1']. # - $extended_status track and display extended status information. Valid # values are 'On' or 'Off'. Defaults to 'On'. # # Actions: # - Enable and configure Apache mod_status # # Requires: # - The apache class # # Sample Usage: # # # Simple usage allowing access from localhost and a private subnet # class { 'apache::mod::status': # $allow_from => ['127.0.0.1', '10.10.10.10/24'], # } # class apache::mod::status ( $allow_from = ['127.0.0.1','::1'], $extended_status = 'On', ){ validate_array($allow_from) validate_re(downcase($extended_status), '^(on|off)$', "${extended_status} is not supported for extended_status. Allowed values are 'On' and 'Off'.") apache::mod { 'status': } # Template uses $allow_from, $extended_status file { 'status.conf': ensure => file, path => "${apache::mod_dir}/status.conf", content => template('apache/mod/status.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/suphp.pp000644 000765 000024 00000000512 12250205751 022075 0ustar00hunnerstaff000000 000000 class apache::mod::suphp ( ){ apache::mod { 'suphp': } file {'suphp.conf': ensure => file, path => "${apache::mod_dir}/suphp.conf", content => template('apache/mod/suphp.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'] } } puppetlabs-apache-0.10.0/manifests/mod/userdir.pp000644 000765 000024 00000000706 12250205751 022420 0ustar00hunnerstaff000000 000000 class apache::mod::userdir ( $home = '/home', $dir = 'public_html', $disable_root = true, ) { apache::mod { 'userdir': } # Template uses $home, $dir, $disable_root file { 'userdir.conf': ensure => file, path => "${apache::mod_dir}/userdir.conf", content => template('apache/mod/userdir.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } } puppetlabs-apache-0.10.0/manifests/mod/vhost_alias.pp000644 000765 000024 00000000104 12250205751 023247 0ustar00hunnerstaff000000 000000 class apache::mod::vhost_alias { apache::mod { 'vhost_alias': } } puppetlabs-apache-0.10.0/manifests/mod/worker.pp000644 000765 000024 00000004227 12250205751 022256 0ustar00hunnerstaff000000 000000 class apache::mod::worker ( $startservers = '2', $maxclients = '150', $minsparethreads = '25', $maxsparethreads = '75', $threadsperchild = '25', $maxrequestsperchild = '0', $serverlimit = '25', ) { if defined(Class['apache::mod::event']) { fail('May not include both apache::mod::worker and apache::mod::event on the same node') } if defined(Class['apache::mod::itk']) { fail('May not include both apache::mod::worker and apache::mod::itk on the same node') } if defined(Class['apache::mod::peruser']) { fail('May not include both apache::mod::worker and apache::mod::peruser on the same node') } if defined(Class['apache::mod::prefork']) { fail('May not include both apache::mod::worker and apache::mod::prefork on the same node') } File { owner => 'root', group => $apache::params::root_group, mode => '0644', } # Template uses: # - $startservers # - $maxclients # - $minsparethreads # - $maxsparethreads # - $threadsperchild # - $maxrequestsperchild # - $serverlimit file { "${apache::mod_dir}/worker.conf": ensure => file, content => template('apache/mod/worker.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'], } case $::osfamily { 'redhat': { file_line { '/etc/sysconfig/httpd worker enable': ensure => present, path => '/etc/sysconfig/httpd', line => 'HTTPD=/usr/sbin/httpd.worker', match => '#?HTTPD=/usr/sbin/httpd.worker', notify => Service['httpd'], } } 'debian': { file { "${apache::mod_enable_dir}/worker.conf": ensure => link, target => "${apache::mod_dir}/worker.conf", require => Exec["mkdir ${apache::mod_enable_dir}"], before => File[$apache::mod_enable_dir], notify => Service['httpd'], } package { 'apache2-mpm-worker': ensure => present, } } 'freebsd' : { class { 'apache::package': mpm_module => 'worker' } } default: { fail("Unsupported osfamily ${::osfamily}") } } } puppetlabs-apache-0.10.0/manifests/mod/wsgi.pp000644 000765 000024 00000000777 12250205751 021724 0ustar00hunnerstaff000000 000000 class apache::mod::wsgi ( $wsgi_socket_prefix = undef, $wsgi_python_path = undef, $wsgi_python_home = undef, ){ apache::mod { 'wsgi': } # Template uses: # - $wsgi_socket_prefix # - $wsgi_python_path # - $wsgi_python_home file {'wsgi.conf': ensure => file, path => "${apache::mod_dir}/wsgi.conf", content => template('apache/mod/wsgi.conf.erb'), require => Exec["mkdir ${apache::mod_dir}"], before => File[$apache::mod_dir], notify => Service['httpd'] } } puppetlabs-apache-0.10.0/manifests/mod/xsendfile.pp000644 000765 000024 00000000131 12250205751 022714 0ustar00hunnerstaff000000 000000 class apache::mod::xsendfile { include apache::params apache::mod { 'xsendfile': } } puppetlabs-apache-0.10.0/manifests/default_mods/load.pp000644 000765 000024 00000000304 12250205751 023543 0ustar00hunnerstaff000000 000000 # private define define apache::default_mods::load ($module = $title) { if defined("apache::mod::${module}") { include "apache::mod::${module}" } else { apache::mod { $module: } } } puppetlabs-apache-0.10.0/manifests/confd/no_accf.pp000644 000765 000024 00000000476 12250205751 022651 0ustar00hunnerstaff000000 000000 class apache::confd::no_accf { # Template uses no variables file { 'no-accf.conf': ensure => 'file', path => "${apache::confd_dir}/no-accf.conf", content => template('apache/confd/no-accf.conf.erb'), require => Exec["mkdir ${apache::confd_dir}"], before => File[$apache::confd_dir], } } puppetlabs-apache-0.10.0/lib/puppet/000755 000765 000024 00000000000 12250205751 017712 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/lib/puppet/provider/000755 000765 000024 00000000000 12250205751 021544 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/lib/puppet/type/000755 000765 000024 00000000000 12250205751 020673 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/lib/puppet/type/a2mod.rb000644 000765 000024 00000001337 12250205751 022226 0ustar00hunnerstaff000000 000000 Puppet::Type.newtype(:a2mod) do @doc = "Manage Apache 2 modules" ensurable newparam(:name) do Puppet.warning "The a2mod provider is deprecated, please use apache::mod instead" desc "The name of the module to be managed" isnamevar end newparam(:lib) do desc "The name of the .so library to be loaded" defaultto { "mod_#{@resource[:name]}.so" } end newparam(:identifier) do desc "Module identifier string used by LoadModule. Default: module-name_module" # http://httpd.apache.org/docs/2.2/mod/module-dict.html#ModuleIdentifier defaultto { "#{resource[:name]}_module" } end autorequire(:package) { catalog.resource(:package, 'httpd')} end puppetlabs-apache-0.10.0/lib/puppet/provider/a2mod/000755 000765 000024 00000000000 12250205751 022546 5ustar00hunnerstaff000000 000000 puppetlabs-apache-0.10.0/lib/puppet/provider/a2mod.rb000644 000765 000024 00000001240 12250205751 023070 0ustar00hunnerstaff000000 000000 class Puppet::Provider::A2mod < Puppet::Provider def self.prefetch(mods) instances.each do |prov| if mod = mods[prov.name] mod.provider = prov end end end def flush @property_hash.clear end def properties if @property_hash.empty? @property_hash = query || {:ensure => :absent} @property_hash[:ensure] = :absent if @property_hash.empty? end @property_hash.dup end def query self.class.instances.each do |mod| if mod.name == self.name or mod.name.downcase == self.name return mod.properties end end nil end def exists? properties[:ensure] != :absent end end puppetlabs-apache-0.10.0/lib/puppet/provider/a2mod/a2mod.rb000644 000765 000024 00000001471 12250205751 024100 0ustar00hunnerstaff000000 000000 require 'puppet/provider/a2mod' Puppet::Type.type(:a2mod).provide(:a2mod, :parent => Puppet::Provider::A2mod) do desc "Manage Apache 2 modules on Debian and Ubuntu" optional_commands :encmd => "a2enmod" optional_commands :discmd => "a2dismod" commands :apache2ctl => "apache2ctl" confine :osfamily => :debian defaultfor :operatingsystem => [:debian, :ubuntu] def self.instances modules = apache2ctl("-M").lines.collect { |line| m = line.match(/(\w+)_module \(shared\)$/) m[1] if m }.compact modules.map do |mod| new( :name => mod, :ensure => :present, :provider => :a2mod ) end end def create encmd resource[:name] end def destroy discmd resource[:name] end end puppetlabs-apache-0.10.0/lib/puppet/provider/a2mod/gentoo.rb000644 000765 000024 00000005401 12250205751 024366 0ustar00hunnerstaff000000 000000 require 'puppet/util/filetype' Puppet::Type.type(:a2mod).provide(:gentoo, :parent => Puppet::Provider) do desc "Manage Apache 2 modules on Gentoo" confine :operatingsystem => :gentoo defaultfor :operatingsystem => :gentoo attr_accessor :property_hash def create @property_hash[:ensure] = :present end def exists? (!(@property_hash[:ensure].nil?) and @property_hash[:ensure] == :present) end def destroy @property_hash[:ensure] = :absent end def flush self.class.flush end class << self attr_reader :conf_file end def self.clear @mod_resources = [] @modules = [] @other_args = "" end def self.initvars @conf_file = "/etc/conf.d/apache2" @filetype = Puppet::Util::FileType.filetype(:flat).new(conf_file) @mod_resources = [] @modules = [] @other_args = "" end self.initvars # Retrieve an array of all existing modules def self.modules if @modules.length <= 0 # Locate the APACHE_OPTS variable records = filetype.read.split(/\n/) apache2_opts = records.grep(/^\s*APACHE2_OPTS=/).first # Extract all defines while apache2_opts.sub!(/-D\s+(\w+)/, '') @modules << $1.downcase end # Hang on to any remaining options. if apache2_opts.match(/APACHE2_OPTS="(.+)"/) @other_args = $1.strip end @modules.sort!.uniq! end @modules end def self.prefetch(resources={}) # Match resources with existing providers instances.each do |provider| if resource = resources[provider.name] resource.provider = provider end end # Store all resources using this provider for flushing resources.each do |name, resource| @mod_resources << resource end end def self.instances modules.map {|mod| new(:name => mod, :provider => :gentoo, :ensure => :present)} end def self.flush mod_list = modules mods_to_remove = @mod_resources.select {|mod| mod.should(:ensure) == :absent}.map {|mod| mod[:name]} mods_to_add = @mod_resources.select {|mod| mod.should(:ensure) == :present}.map {|mod| mod[:name]} mod_list -= mods_to_remove mod_list += mods_to_add mod_list.sort!.uniq! if modules != mod_list opts = @other_args + " " opts << mod_list.map {|mod| "-D #{mod.upcase}"}.join(" ") opts.strip! opts.gsub!(/\s+/, ' ') apache2_opts = %Q{APACHE2_OPTS="#{opts}"} Puppet.debug("Writing back \"#{apache2_opts}\" to #{conf_file}") records = filetype.read.split(/\n/) opts_index = records.find_index {|i| i.match(/^\s*APACHE2_OPTS/)} records[opts_index] = apache2_opts filetype.backup filetype.write(records.join("\n")) @modules = mod_list end end end puppetlabs-apache-0.10.0/lib/puppet/provider/a2mod/modfix.rb000644 000765 000024 00000000545 12250205751 024365 0ustar00hunnerstaff000000 000000 Puppet::Type.type(:a2mod).provide :modfix do desc "Dummy provider for A2mod. Fake nil resources when there is no crontab binary available. Allows puppetd to run on a bootstrapped machine before a Cron package has been installed. Workaround for: http://projects.puppetlabs.com/issues/2384 " def self.instances [] end endpuppetlabs-apache-0.10.0/lib/puppet/provider/a2mod/redhat.rb000644 000765 000024 00000002722 12250205751 024345 0ustar00hunnerstaff000000 000000 require 'puppet/provider/a2mod' Puppet::Type.type(:a2mod).provide(:redhat, :parent => Puppet::Provider::A2mod) do desc "Manage Apache 2 modules on RedHat family OSs" commands :apachectl => "apachectl" confine :osfamily => :redhat defaultfor :osfamily => :redhat require 'pathname' # modpath: Path to default apache modules directory /etc/httpd/mod.d # modfile: Path to module load configuration file; Default: resides under modpath directory # libfile: Path to actual apache module library. Added in modfile LoadModule attr_accessor :modfile, :libfile class << self attr_accessor :modpath def preinit @modpath = "/etc/httpd/mod.d" end end self.preinit def create File.open(modfile,'w') do |f| f.puts "LoadModule #{resource[:identifier]} #{libfile}" end end def destroy File.delete(modfile) end def self.instances modules = apachectl("-M").lines.collect { |line| m = line.match(/(\w+)_module \(shared\)$/) m[1] if m }.compact modules.map do |mod| new( :name => mod, :ensure => :present, :provider => :redhat ) end end def modfile modfile ||= "#{self.class.modpath}/#{resource[:name]}.load" end # Set libfile path: If absolute path is passed, then maintain it. Else, make it default from 'modules' dir. def libfile libfile = Pathname.new(resource[:lib]).absolute? ? resource[:lib] : "modules/#{resource[:lib]}" end end puppetlabs-apache-0.10.0/files/httpd000644 000765 000024 00000001227 12250205751 020001 0ustar00hunnerstaff000000 000000 # Configuration file for the httpd service. # # The default processing model (MPM) is the process-based # 'prefork' model. A thread-based model, 'worker', is also # available, but does not work with some modules (such as PHP). # The service must be stopped before changing this variable. # #HTTPD=/usr/sbin/httpd.worker # # To pass additional options (for instance, -D definitions) to the # httpd binary at startup, set OPTIONS here. # #OPTIONS= #OPTIONS=-DDOWN # # By default, the httpd process is started in the C locale; to # change the locale in which the server runs, the HTTPD_LANG # variable can be set. # #HTTPD_LANG=C export SHORTHOST=`hostname -s`