From 9b77ec98b15fcc89596b74a72b4b7a9d5aebf874 Mon Sep 17 00:00:00 2001 From: jwilkins Date: Sat, 1 Feb 2014 16:23:44 -0500 Subject: [PATCH 01/35] templates/vhost/_proxy.erb misconfigures ProxyPassReverse See here: http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypassreverse When enclosing ProxyPassReverse in a directive, you drop the *first* argument, as it will be taken from the enclosing Location. The second argument is the URL to which we are attempting to proxy. Very simple change. Tested in my environment, works. --- templates/vhost/_proxy.erb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/vhost/_proxy.erb b/templates/vhost/_proxy.erb index a126dbc970..7e0221f957 100644 --- a/templates/vhost/_proxy.erb +++ b/templates/vhost/_proxy.erb @@ -6,7 +6,7 @@ <% [@proxy_pass].flatten.compact.each do |proxy| %> ProxyPass <%= proxy['path'] %> <%= proxy['url'] %> > - ProxyPassReverse / + ProxyPassReverse <%= proxy['url'] %> <% end %> <% if @proxy_dest -%> @@ -15,6 +15,6 @@ <% end %> ProxyPass / <%= @proxy_dest %>/ - ProxyPassReverse / + ProxyPassReverse <%= @proxy_dest %>/ <% end -%> From 4f8f1640a7922b997ad6be788248fdf1ad58a2af Mon Sep 17 00:00:00 2001 From: Keith Johnson Date: Thu, 6 Feb 2014 11:21:31 -0500 Subject: [PATCH 02/35] Fix typo in mod passenger documentation The rails_auto_detect and rack_auto_detect should not have an underscore between auto and detect. --- README.passenger.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.passenger.md b/README.passenger.md index 4b36149dc2..cecacccc4f 100644 --- a/README.passenger.md +++ b/README.passenger.md @@ -49,13 +49,13 @@ Sets how often Passenger performs file system checks, at most once every _x_ sec http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengerstatthrottlerate_lt_integer_gt -## rack_auto_detect +## rack_autodetect Should Passenger automatically detect if the document root of a virtual host is a Rack application. The default is `on` http://www.modrails.com/documentation/Users%20guide%20Apache.html#_rackautodetect_lt_on_off_gt -## rails_auto_detect +## rails_autodetect Should Passenger automatically detect if the document root of a virtual host is a Rails application. The default is on. From 37fced34ef82dc48d7488763f02694cf019e0f2c Mon Sep 17 00:00:00 2001 From: Scott Smith Date: Sat, 28 Dec 2013 10:03:49 +0000 Subject: [PATCH 03/35] Added apache24 support --- manifests/default_mods.pp | 33 ++++- manifests/init.pp | 8 +- manifests/mod/alias.pp | 4 +- manifests/mod/event.pp | 14 ++- manifests/mod/itk.pp | 19 +-- manifests/mod/prefork.pp | 38 +++--- manifests/mod/ssl.pp | 10 +- manifests/mod/worker.pp | 37 +++--- manifests/mpm.pp | 68 ++++++++++ manifests/params.pp | 2 +- manifests/version.pp | 28 +++++ manifests/vhost.pp | 17 ++- spec/classes/apache_spec.rb | 34 ++++- spec/classes/mod/event_spec.rb | 71 +++++++++++ spec/classes/mod/itk_spec.rb | 29 ++++- spec/classes/mod/prefork_spec.rb | 62 +++++++++- spec/classes/mod/worker_spec.rb | 59 ++++++++- spec/classes/params_spec.rb | 4 +- spec/defines/vhost_spec.rb | 206 +++++++++++++++++++++++++++---- templates/httpd.conf.erb | 12 ++ templates/mod/alias.conf.erb | 8 +- templates/mod/ssl.conf.erb | 4 + templates/vhost/_directories.erb | 26 ++-- 23 files changed, 669 insertions(+), 124 deletions(-) create mode 100644 manifests/mpm.pp create mode 100644 manifests/version.pp diff --git a/manifests/default_mods.pp b/manifests/default_mods.pp index f1f271eae3..c8523fced1 100644 --- a/manifests/default_mods.pp +++ b/manifests/default_mods.pp @@ -1,6 +1,7 @@ class apache::default_mods ( - $all = true, - $mods = undef, + $all = true, + $mods = undef, + $apache_version = $apache::apache_version ) { # These are modules required to run the default configuration. # They are not configurable at this time, so we just include @@ -27,10 +28,8 @@ include apache::mod::rewrite apache::mod { 'actions': } apache::mod { 'auth_digest': } - apache::mod { 'authn_alias': } apache::mod { 'authn_anon': } apache::mod { 'authn_dbm': } - apache::mod { 'authn_default': } apache::mod { 'authz_dbm': } apache::mod { 'authz_owner': } apache::mod { 'expires': } @@ -42,6 +41,18 @@ apache::mod { 'suexec': } apache::mod { 'usertrack': } apache::mod { 'version': } + + if $apache_version >= 2.4 { + # Lets fork it + apache::mod { 'systemd': } + + apache::mod { 'unixd': } + apache::mod { 'authn_core': } + } + else { + apache::mod { 'authn_alias': } + apache::mod { 'authn_default': } + } } 'freebsd': { include apache::mod::cache @@ -101,7 +112,19 @@ include apache::mod::setenvif apache::mod { 'auth_basic': } apache::mod { 'authn_file': } - apache::mod { 'authz_default': } + + if $apache_version >= 2.4 { + # authz_core is needed for 'Require' directive + apache::mod { 'authz_core': + id => 'authz_core_module', + } + + # filter is needed by mod_deflate + apache::mod { 'filter': } + } else { + apache::mod { 'authz_default': } + } + apache::mod { 'authz_groupfile': } apache::mod { 'authz_user': } apache::mod { 'env': } diff --git a/manifests/init.pp b/manifests/init.pp index 71a7e75569..94900ea5c1 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -52,21 +52,21 @@ $logroot = $apache::params::logroot, $log_level = $apache::params::log_level, $ports_file = $apache::params::ports_file, + $apache_version = $apache::version::default, $server_tokens = 'OS', $server_signature = 'On', $trace_enable = 'On', $package_ensure = 'installed', ) inherits apache::params { - validate_bool($default_vhost) validate_bool($default_ssl_vhost) validate_bool($default_confd_files) # true/false is sufficient for both ensure and enable validate_bool($service_enable) - $valid_mpms_re = $::osfamily ? { - 'FreeBSD' => '(event|itk|peruser|prefork|worker)', - default => '(itk|prefork|worker)' + $valid_mpms_re = $apache_version ? { + 2.4 => '(event|itk|peruser|prefork|worker)', + default => '(event|itk|prefork|worker)' } if $mpm_module { diff --git a/manifests/mod/alias.pp b/manifests/mod/alias.pp index 2880697236..29ec831559 100644 --- a/manifests/mod/alias.pp +++ b/manifests/mod/alias.pp @@ -1,4 +1,6 @@ -class apache::mod::alias { +class apache::mod::alias( + $apache_version = $apache::apache_version +) { $icons_path = $::osfamily ? { 'debian' => '/usr/share/apache2/icons', 'redhat' => '/var/www/icons', diff --git a/manifests/mod/event.pp b/manifests/mod/event.pp index 473f7c24cd..172113a287 100644 --- a/manifests/mod/event.pp +++ b/manifests/mod/event.pp @@ -6,6 +6,7 @@ $threadsperchild = '25', $maxrequestsperchild = '0', $serverlimit = '25', + $apache_version = $apache::apache_version, ) { if defined(Class['apache::mod::itk']) { fail('May not include both apache::mod::event and apache::mod::itk on the same node') @@ -42,9 +43,16 @@ } case $::osfamily { - 'freebsd' : { - class { 'apache::package': - mpm_module => 'event' + 'redhat': { + if $apache_version >= 2.4 { + apache::mpm{ 'event': + apache_version => $apache_version, + } + } + } + 'debian','freebsd' : { + apache::mpm{ 'event': + apache_version => $apache_version, } } default: { diff --git a/manifests/mod/itk.pp b/manifests/mod/itk.pp index 68ece8681a..cc582ac942 100644 --- a/manifests/mod/itk.pp +++ b/manifests/mod/itk.pp @@ -5,6 +5,7 @@ $serverlimit = '256', $maxclients = '256', $maxrequestsperchild = '4000', + $apache_version = $apache::apache_version, ) { if defined(Class['apache::mod::event']) { fail('May not include both apache::mod::itk and apache::mod::event on the same node') @@ -40,21 +41,9 @@ } case $::osfamily { - 'debian' : { - file { "${apache::mod_enable_dir}/itk.conf": - ensure => link, - target => "${apache::mod_dir}/itk.conf", - require => Exec["mkdir ${apache::mod_enable_dir}"], - before => File[$apache::mod_enable_dir], - notify => Service['httpd'], - } - package { 'apache2-mpm-itk': - ensure => present, - } - } - 'freebsd' : { - class { 'apache::package': - mpm_module => 'itk' + 'debian', 'freebsd': { + apache::mpm{ 'itk': + apache_version => $apache_version, } } default: { diff --git a/manifests/mod/prefork.pp b/manifests/mod/prefork.pp index ecbf809a20..e5810829e4 100644 --- a/manifests/mod/prefork.pp +++ b/manifests/mod/prefork.pp @@ -5,6 +5,7 @@ $serverlimit = '256', $maxclients = '256', $maxrequestsperchild = '4000', + $apache_version = $apache::apache_version, ) { if defined(Class['apache::mod::event']) { fail('May not include both apache::mod::prefork and apache::mod::event on the same node') @@ -41,30 +42,25 @@ case $::osfamily { 'redhat': { - file_line { '/etc/sysconfig/httpd prefork enable': - ensure => present, - path => '/etc/sysconfig/httpd', - line => '#HTTPD=/usr/sbin/httpd.worker', - match => '#?HTTPD=/usr/sbin/httpd.worker', - require => Package['httpd'], - notify => Service['httpd'], + if $apache_version >= 2.4 { + apache::mpm{ 'prefork': + apache_version => $apache_version, + } } - } - 'debian': { - file { "${apache::mod_enable_dir}/prefork.conf": - ensure => link, - target => "${apache::mod_dir}/prefork.conf", - require => Exec["mkdir ${apache::mod_enable_dir}"], - before => File[$apache::mod_enable_dir], - notify => Service['httpd'], - } - package { 'apache2-mpm-prefork': - ensure => present, + else { + file_line { '/etc/sysconfig/httpd prefork enable': + ensure => present, + path => '/etc/sysconfig/httpd', + line => '#HTTPD=/usr/sbin/httpd.worker', + match => '#?HTTPD=/usr/sbin/httpd.worker', + require => Package['httpd'], + notify => Service['httpd'], + } } } - 'freebsd' : { - class { 'apache::package': - mpm_module => 'prefork' + 'debian', 'freebsd' : { + apache::mpm{ 'prefork': + apache_version => $apache_version, } } default: { diff --git a/manifests/mod/ssl.pp b/manifests/mod/ssl.pp index 3002d14be0..5756d89e7d 100644 --- a/manifests/mod/ssl.pp +++ b/manifests/mod/ssl.pp @@ -1,6 +1,7 @@ class apache::mod::ssl ( $ssl_compression = false, $ssl_options = [ 'StdEnvVars' ], + $apache_version = $apache::apache_version, ) { $session_cache = $::osfamily ? { 'debian' => '${APACHE_RUN_DIR}/ssl_scache(512000)', @@ -14,7 +15,14 @@ } apache::mod { 'ssl': } - # Template uses $ssl_compression, $ssl_options, $session_cache, $ssl_mutex + # Template uses + # + # $ssl_compression + # $ssl_options + # $session_cache, + # $ssl_mutex + # $apache_version + # file { 'ssl.conf': ensure => file, path => "${apache::mod_dir}/ssl.conf", diff --git a/manifests/mod/worker.pp b/manifests/mod/worker.pp index 272891176c..ae259fa0ed 100644 --- a/manifests/mod/worker.pp +++ b/manifests/mod/worker.pp @@ -6,6 +6,7 @@ $threadsperchild = '25', $maxrequestsperchild = '0', $serverlimit = '25', + $apache_version = $apache::apache_version, ) { if defined(Class['apache::mod::event']) { fail('May not include both apache::mod::worker and apache::mod::event on the same node') @@ -43,29 +44,25 @@ case $::osfamily { 'redhat': { - file_line { '/etc/sysconfig/httpd worker enable': - ensure => present, - path => '/etc/sysconfig/httpd', - line => 'HTTPD=/usr/sbin/httpd.worker', - match => '#?HTTPD=/usr/sbin/httpd.worker', - notify => Service['httpd'], + if $apache_version >= 2.4 { + apache::mpm{ 'worker': + apache_version => $apache_version, + } } - } - 'debian': { - file { "${apache::mod_enable_dir}/worker.conf": - ensure => link, - target => "${apache::mod_dir}/worker.conf", - require => Exec["mkdir ${apache::mod_enable_dir}"], - before => File[$apache::mod_enable_dir], - notify => Service['httpd'], - } - package { 'apache2-mpm-worker': - ensure => present, + else { + file_line { '/etc/sysconfig/httpd worker enable': + ensure => present, + path => '/etc/sysconfig/httpd', + line => 'HTTPD=/usr/sbin/httpd.worker', + match => '#?HTTPD=/usr/sbin/httpd.worker', + require => Package['httpd'], + notify => Service['httpd'], + } } } - 'freebsd' : { - class { 'apache::package': - mpm_module => 'worker' + 'debian', 'freebsd': { + apache::mpm{ 'worker': + apache_version => $apache_version, } } default: { diff --git a/manifests/mpm.pp b/manifests/mpm.pp new file mode 100644 index 0000000000..fd6f764183 --- /dev/null +++ b/manifests/mpm.pp @@ -0,0 +1,68 @@ +define apache::mpm ( + $lib_path = $apache::params::lib_path, + $apache_version = $apache::apache_version, +) { + if ! defined(Class['apache']) { + fail('You must include the apache base class before using any apache defined resources') + } + + $mpm = $name + $mod_dir = $apache::mod_dir + + $_lib = "mod_mpm_${mpm}.so" + $_path = "${lib_path}/${_lib}" + $_id = "mpm_${mpm}_module" + + if $apache_version >= 2.4 { + file { "${mod_dir}/${mpm}.load": + ensure => file, + path => "${mod_dir}/${mpm}.load", + content => "LoadModule ${_id} ${_path}\n", + require => [ + Package['httpd'], + Exec["mkdir ${mod_dir}"], + ], + before => File[$mod_dir], + notify => Service['httpd'], + } + } + + case $::osfamily { + 'debian': { + file { "${apache::mod_enable_dir}/${mpm}.conf": + ensure => link, + target => "${apache::mod_dir}/${mpm}.conf", + require => Exec["mkdir ${apache::mod_enable_dir}"], + before => File[$apache::mod_enable_dir], + notify => Service['httpd'], + } + + if $apache_version >= 2.4 { + file { "${apache::mod_enable_dir}/${mpm}.load": + ensure => link, + target => "${apache::mod_dir}/${mpm}.load", + require => Exec["mkdir ${apache::mod_enable_dir}"], + before => File[$apache::mod_enable_dir], + notify => Service['httpd'], + } + } + + if $apache_version < 2.4 { + package { "apache2-mpm-${mpm}": + ensure => present, + } + } + } + 'freebsd': { + class { 'apache::package': + mpm_module => $mpm + } + } + 'redhat': { + # so we don't fail + } + default: { + fail("Unsupported osfamily ${::osfamily}") + } + } +} diff --git a/manifests/params.pp b/manifests/params.pp index 2a0554db12..1f5f45b413 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -18,7 +18,7 @@ # # Sample Usage: # -class apache::params { +class apache::params inherits apache::version { # This will be 5 or 6 on RedHat, 6 or wheezy on Debian, 12 or quantal on Ubuntu, 3 on Amazon, etc. $osr_array = split($::operatingsystemrelease,'[\/\.]') $distrelease = $osr_array[0] diff --git a/manifests/version.pp b/manifests/version.pp new file mode 100644 index 0000000000..4ed960df18 --- /dev/null +++ b/manifests/version.pp @@ -0,0 +1,28 @@ +# Class: apache::version +# +# Try to automatically detect the version by OS +# +class apache::version { + case $::osfamily { + 'RedHat': { + if ($::operatingsystem == 'Fedora' and $::operatingsystemrelease >= 18) or ($::operatingsystem != 'Fedora' and $::operatingsystemrelease >= 7) { + $default = 2.4 + } else { + $default = 2.2 + } + } + 'Debian': { + if $::operatingsystem == 'Ubuntu' and $::operatingsystemrelease >= 13.10 { + $default = 2.4 + } else { + $default = 2.2 + } + } + 'FreeBSD': { + $default = 2.2 + } + default: { + fail("Class['apache::version']: Unsupported osfamily: ${::osfamily}") + } + } +} diff --git a/manifests/vhost.pp b/manifests/vhost.pp index 2f24314ff5..cac091dee9 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -169,11 +169,13 @@ $fastcgi_socket = undef, $fastcgi_dir = undef, $additional_includes = [], + $apache_version = $apache::apache_version ) { # The base class must be included first because it is used by parameter defaults if ! defined(Class['apache']) { fail('You must include the apache base class before using any apache defined resources') } + $apache_name = $apache::params::apache_name validate_re($ensure, '^(present|absent)$', @@ -400,15 +402,22 @@ } $_directories = $directories } else { - $_directories = [ { + $_directory = { provider => 'directory', path => $docroot, options => $options, allow_override => $override, directoryindex => $directoryindex, - order => 'allow,deny', - allow => 'from all', - } ] + } + + if $apache_version == 2.4 { + $_directory[require] = 'all granted' + } else { + $_directory[order] = 'allow,deny' + $_directory[allow] = 'from all' + } + + $_directories = [ $_directory ] } # Template uses: diff --git a/spec/classes/apache_spec.rb b/spec/classes/apache_spec.rb index 655a0cf30a..1a9a58d1b8 100644 --- a/spec/classes/apache_spec.rb +++ b/spec/classes/apache_spec.rb @@ -73,6 +73,22 @@ it { should_not contain_file("#{modname}.conf symlink") } end + context "with Apache version < 2.4" do + let :params do + { :apache_version => 2.2 } + end + + it { should contain_file("/etc/apache2/apache2.conf").with_content %r{^Include "/etc/apache2/conf\.d/\*\.conf"$} } + end + + context "with Apache version >= 2.4" do + let :params do + { :apache_version => 2.4 } + end + + it { should contain_file("/etc/apache2/apache2.conf").with_content %r{^IncludeOptional "/etc/apache2/conf\.d/\*\.conf"$} } + end + # Assert that both load files and conf files are placed and symlinked for these mods [ 'alias', @@ -103,6 +119,7 @@ 'target' => "/etc/apache2/mods-available/#{modname}.conf" ) } end + describe "Don't create user resource" do context "when parameter manage_user is false" do let :params do @@ -213,7 +230,22 @@ ) } end - it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include "/etc/httpd/conf\.d/\*\.conf"$} } + context "with Apache version < 2.4" do + let :params do + { :apache_version => 2.2 } + end + + it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include "/etc/httpd/conf\.d/\*\.conf"$} } + end + + context "with Apache version >= 2.4" do + let :params do + { :apache_version => 2.4 } + end + + it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^IncludeOptional "/etc/httpd/conf\.d/\*\.conf"$} } + end + it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include "/etc/httpd/site\.d/\*\.conf"$} } it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include "/etc/httpd/mod\.d/\*\.conf"$} } it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include "/etc/httpd/mod\.d/\*\.load"$} } diff --git a/spec/classes/mod/event_spec.rb b/spec/classes/mod/event_spec.rb index 7363e2fc92..320374a00d 100644 --- a/spec/classes/mod/event_spec.rb +++ b/spec/classes/mod/event_spec.rb @@ -14,4 +14,75 @@ it { should_not contain_apache__mod('event') } it { should contain_file("/usr/local/etc/apache22/Modules/event.conf").with_ensure('file') } end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + } + end + + it { should contain_class("apache::params") } + it { should_not contain_apache__mod('event') } + it { should contain_file("/etc/apache2/mods-available/event.conf").with_ensure('file') } + it { should contain_file("/etc/apache2/mods-enabled/event.conf").with_ensure('link') } + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => 2.2, + } + end + + it { should_not contain_file("/etc/apache2/mods-available/event.load") } + it { should_not contain_file("/etc/apache2/mods-enabled/event.load") } + + it { should contain_package("apache2-mpm-event") } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => 2.4, + } + end + + it { should contain_file("/etc/apache2/mods-available/event.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_event_module /usr/lib/apache2/modules/mod_mpm_event.so\n" + }) + } + it { should contain_file("/etc/apache2/mods-enabled/event.load").with_ensure('link') } + end + end + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => 2.4, + } + end + + it { should contain_class("apache::params") } + it { should_not contain_apache__mod('worker') } + it { should_not contain_apache__mod('prefork') } + + it { should contain_file("/etc/httpd/conf.d/event.conf").with_ensure('file') } + + it { should contain_file("/etc/httpd/conf.d/event.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_event_module modules/mod_mpm_event.so\n", + }) + } + end + end end diff --git a/spec/classes/mod/itk_spec.rb b/spec/classes/mod/itk_spec.rb index 443ace0cce..032e122d48 100644 --- a/spec/classes/mod/itk_spec.rb +++ b/spec/classes/mod/itk_spec.rb @@ -14,7 +14,34 @@ it { should_not contain_apache__mod('itk') } it { should contain_file("/etc/apache2/mods-available/itk.conf").with_ensure('file') } it { should contain_file("/etc/apache2/mods-enabled/itk.conf").with_ensure('link') } - it { should contain_package("apache2-mpm-itk") } + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => 2.2, + } + end + + it { should_not contain_file("/etc/apache2/mods-available/itk.load") } + it { should_not contain_file("/etc/apache2/mods-enabled/itk.load") } + + it { should contain_package("apache2-mpm-itk") } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => 2.4, + } + end + + it { should contain_file("/etc/apache2/mods-available/itk.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_itk_module /usr/lib/apache2/modules/mod_mpm_itk.so\n" + }) + } + it { should contain_file("/etc/apache2/mods-enabled/itk.load").with_ensure('link') } + end end context "on a FreeBSD OS" do let :facts do diff --git a/spec/classes/mod/prefork_spec.rb b/spec/classes/mod/prefork_spec.rb index 5436894227..8eff78e4ab 100644 --- a/spec/classes/mod/prefork_spec.rb +++ b/spec/classes/mod/prefork_spec.rb @@ -14,7 +14,34 @@ it { should_not contain_apache__mod('prefork') } it { should contain_file("/etc/apache2/mods-available/prefork.conf").with_ensure('file') } it { should contain_file("/etc/apache2/mods-enabled/prefork.conf").with_ensure('link') } - it { should contain_package("apache2-mpm-prefork") } + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => 2.2, + } + end + + it { should_not contain_file("/etc/apache2/mods-available/prefork.load") } + it { should_not contain_file("/etc/apache2/mods-enabled/prefork.load") } + + it { should contain_package("apache2-mpm-prefork") } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => 2.4, + } + end + + it { should contain_file("/etc/apache2/mods-available/prefork.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_prefork_module /usr/lib/apache2/modules/mod_mpm_prefork.so\n" + }) + } + it { should contain_file("/etc/apache2/mods-enabled/prefork.load").with_ensure('link') } + end end context "on a RedHat OS" do let :facts do @@ -27,10 +54,35 @@ it { should contain_class("apache::params") } it { should_not contain_apache__mod('prefork') } it { should contain_file("/etc/httpd/conf.d/prefork.conf").with_ensure('file') } - it { should contain_file_line("/etc/sysconfig/httpd prefork enable").with({ - 'require' => 'Package[httpd]', - }) - } + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => 2.2, + } + end + + it { should contain_file_line("/etc/sysconfig/httpd prefork enable").with({ + 'require' => 'Package[httpd]', + }) + } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => 2.4, + } + end + + it { should_not contain_apache__mod('event') } + + it { should contain_file("/etc/httpd/conf.d/prefork.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_prefork_module modules/mod_mpm_prefork.so\n", + }) + } + end end context "on a FreeBSD OS" do let :facts do diff --git a/spec/classes/mod/worker_spec.rb b/spec/classes/mod/worker_spec.rb index 1af8ff8c68..504018e689 100644 --- a/spec/classes/mod/worker_spec.rb +++ b/spec/classes/mod/worker_spec.rb @@ -14,7 +14,34 @@ it { should_not contain_apache__mod('worker') } it { should contain_file("/etc/apache2/mods-available/worker.conf").with_ensure('file') } it { should contain_file("/etc/apache2/mods-enabled/worker.conf").with_ensure('link') } - it { should contain_package("apache2-mpm-worker") } + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => 2.2, + } + end + + it { should_not contain_file("/etc/apache2/mods-available/worker.load") } + it { should_not contain_file("/etc/apache2/mods-enabled/worker.load") } + + it { should contain_package("apache2-mpm-worker") } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => 2.4, + } + end + + it { should contain_file("/etc/apache2/mods-available/worker.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_worker_module /usr/lib/apache2/modules/mod_mpm_worker.so\n" + }) + } + it { should contain_file("/etc/apache2/mods-enabled/worker.load").with_ensure('link') } + end end context "on a RedHat OS" do let :facts do @@ -27,7 +54,35 @@ it { should contain_class("apache::params") } it { should_not contain_apache__mod('worker') } it { should contain_file("/etc/httpd/conf.d/worker.conf").with_ensure('file') } - it { should contain_file_line("/etc/sysconfig/httpd worker enable") } + + context "with Apache version < 2.4" do + let :params do + { + :apache_version => 2.2, + } + end + + it { should contain_file_line("/etc/sysconfig/httpd worker enable").with({ + 'require' => 'Package[httpd]', + }) + } + end + + context "with Apache version >= 2.4" do + let :params do + { + :apache_version => 2.4, + } + end + + it { should_not contain_apache__mod('event') } + + it { should contain_file("/etc/httpd/conf.d/worker.load").with({ + 'ensure' => 'file', + 'content' => "LoadModule mpm_worker_module modules/mod_mpm_worker.so\n", + }) + } + end end context "on a FreeBSD OS" do let :facts do diff --git a/spec/classes/params_spec.rb b/spec/classes/params_spec.rb index 39e16b6f31..de1108af08 100644 --- a/spec/classes/params_spec.rb +++ b/spec/classes/params_spec.rb @@ -13,9 +13,9 @@ # There are 4 resources in this class currently # there should not be any more resources because it is a params class - # The resources are class[apache::params], class[main], class[settings], stage[main] + # The resources are class[apache::version], class[apache::params], class[main], class[settings], stage[main] it "Should not contain any resources" do - subject.resources.size.should == 4 + subject.resources.size.should == 5 end end end diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb index 4fcb23dd47..3b39c26e0c 100644 --- a/spec/defines/vhost_spec.rb +++ b/spec/defines/vhost_spec.rb @@ -601,6 +601,60 @@ /^ WSGIScriptAlias \/ "\/usr\/local\/wsgi\/scripts\/myapp.wsgi"$/, ], }, + { + :title => 'should contain environment variables', + :attr => 'access_log_env_var', + :value => 'admin', + :match => [/CustomLog "\/var\/log\/.+_access\.log" combined env=admin$/] + }, + { + :title => 'should contain virtual_docroot', + :attr => 'virtual_docroot', + :value => '/not/default', + :match => [ + /^ VirtualDocumentRoot "\/not\/default"$/, + ], + }, + { + :title => 'should accept multiple directories', + :attr => 'directories', + :value => [ + { 'path' => '/opt/app' }, + { 'path' => '/var/www' }, + { 'path' => '/rspec/docroot'} + ], + :match => [ + /^ $/, + /^ $/, + /^ $/, + ], + }, + ].each do |param| + describe "when #{param[:attr]} is #{param[:value]}" do + let :params do default_params.merge({ param[:attr].to_sym => param[:value] }) end + + it { should contain_file("25-#{title}.conf").with_mode('0644') } + if param[:match] + it "#{param[:title]}: matches" do + param[:match].each do |match| + should contain_file("25-#{title}.conf").with_content( match ) + end + end + end + if param[:notmatch] + it "#{param[:title]}: notmatches" do + param[:notmatch].each do |notmatch| + should_not contain_file("25-#{title}.conf").with_content( notmatch ) + end + end + end + end + end + end + + # Apache below 2.4 (Default Version). All match and notmatch should be a list of regexs and exact match strings + context ".conf content with $apache_version < 2.4" do + [ { :title => 'should accept a directory', :attr => 'directories', @@ -678,17 +732,128 @@ ], }, { - :title => 'should accept multiple directories', + :title => 'should accept location for provider', + :attr => 'directories', + :value => { + 'path' => '/', + 'provider' => 'location', + }, + :notmatch => [' AllowOverride None'], + :match => [ + /^ $/, + /^ Order allow,deny$/, + /^ Allow from all$/, + /^ <\/Location>$/, + ], + }, + { + :title => 'should accept files for provider', + :attr => 'directories', + :value => { + 'path' => 'index.html', + 'provider' => 'files', + }, + :notmatch => [' AllowOverride None'], + :match => [ + /^ $/, + /^ Order allow,deny$/, + /^ Allow from all$/, + /^ <\/Files>$/, + ], + }, + ].each do |param| + describe "when #{param[:attr]} is #{param[:value]}" do + let :params do default_params.merge({ + param[:attr].to_sym => param[:value], + :apache_version => 2.2, + }) end + + it { should contain_file("25-#{title}.conf").with_mode('0644') } + if param[:match] + it "#{param[:title]}: matches" do + param[:match].each do |match| + should contain_file("25-#{title}.conf").with_content( match ) + end + end + end + if param[:notmatch] + it "#{param[:title]}: notmatches" do + param[:notmatch].each do |notmatch| + should_not contain_file("25-#{title}.conf").with_content( notmatch ) + end + end + end + end + end + end + + # Apache equals or above 2.4. All match and notmatch should be a list of regexs and exact match strings + context ".conf content with $apache_version >= 2.4" do + [ + { + :title => 'should accept a directory', :attr => 'directories', - :value => [ - { 'path' => '/opt/app' }, - { 'path' => '/var/www' }, - { 'path' => '/rspec/docroot'} + :value => { 'path' => '/opt/app' }, + :notmatch => [' '], + :match => [ + /^ $/, + /^ AllowOverride None$/, + /^ Require all granted$/, + /^ <\/Directory>$/, ], + }, + { + :title => 'should accept directory directives hash', + :attr => 'directories', + :value => { + 'path' => '/opt/app', + 'headers' => 'Set X-Robots-Tag "noindex, noarchive, nosnippet"', + 'allow_override' => 'Lol', + 'options' => '-MultiViews', + 'require' => 'something denied', + 'passenger_enabled' => 'onf', + }, :match => [ /^ $/, - /^ $/, - /^ $/, + /^ Header Set X-Robots-Tag "noindex, noarchive, nosnippet"$/, + /^ AllowOverride Lol$/, + /^ Options -MultiViews$/, + /^ Require something denied$/, + /^ PassengerEnabled onf$/, + /^ <\/Directory>$/, + ], + }, + { + :title => 'should accept directory directives with arrays and hashes', + :attr => 'directories', + :value => [ + { + 'path' => '/opt/app1', + 'allow_override' => ['AuthConfig','Indexes'], + 'options' => ['-MultiViews','+MultiViews'], + 'require' => ['host','example.org'], + 'passenger_enabled' => 'onf', + }, + { + 'path' => '/opt/app2', + 'addhandlers' => { + 'handler' => 'cgi-script', + 'extensions' => '.cgi', + }, + }, + ], + :match => [ + /^ $/, + /^ AllowOverride AuthConfig Indexes$/, + /^ Options -MultiViews \+MultiViews$/, + /^ Require host example.org$/, + /^ PassengerEnabled onf$/, + /^ <\/Directory>$/, + /^ $/, + /^ AllowOverride None$/, + /^ Require all granted$/, + /^ AddHandler cgi-script .cgi$/, + /^ <\/Directory>$/, ], }, { @@ -701,8 +866,7 @@ :notmatch => [' AllowOverride None'], :match => [ /^ $/, - /^ Order allow,deny$/, - /^ Allow from all$/, + /^ Require all granted$/, /^ <\/Location>$/, ], }, @@ -716,8 +880,7 @@ :notmatch => [' AllowOverride None'], :match => [ /^ $/, - /^ Order allow,deny$/, - /^ Allow from all$/, + /^ Require all granted$/, /^ <\/Files>$/, ], }, @@ -736,24 +899,12 @@ /^ <\/FilesMatch>$/, ], }, - { - :title => 'should contain virtual_docroot', - :attr => 'virtual_docroot', - :value => '/not/default', - :match => [ - /^ VirtualDocumentRoot "\/not\/default"$/, - ], - }, - { - :title => 'should contain environment variables', - :attr => 'access_log_env_var', - :value => 'admin', - :match => [/CustomLog "\/var\/log\/.+_access\.log" combined env=admin$/] - }, - ].each do |param| describe "when #{param[:attr]} is #{param[:value]}" do - let :params do default_params.merge({ param[:attr].to_sym => param[:value] }) end + let :params do default_params.merge({ + param[:attr].to_sym => param[:value], + :apache_version => 2.4, + }) end it { should contain_file("25-#{title}.conf").with_mode('0644') } if param[:match] @@ -774,6 +925,7 @@ end end + # All match and notmatch should be a list of regexs and exact match strings context ".conf content with SSL" do [ { diff --git a/templates/httpd.conf.erb b/templates/httpd.conf.erb index 0a03995b86..66b70836bb 100644 --- a/templates/httpd.conf.erb +++ b/templates/httpd.conf.erb @@ -16,9 +16,13 @@ Group <%= @group %> AccessFileName .htaccess +<%- if @apache_version >= '2.4' -%> + Require all denied +<%- else -%> Order allow,deny Deny from all Satisfy all +<%- end -%> @@ -52,7 +56,11 @@ LogFormat "%h %l %u %t \"%r\" %>s %b" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent +<%- if @apache_version >= '2.4' -%> +IncludeOptional "<%= @confd_dir %>/*.conf" +<%- else -%> Include "<%= @confd_dir %>/*.conf" +<%- end -%> <% if @vhost_load_dir != @confd_dir -%> Include "<%= @vhost_load_dir %>/*.conf" <% end -%> @@ -66,8 +74,12 @@ Alias /error/ "<%= @error_documents_path %>/" Options IncludesNoExec AddOutputFilter Includes html AddHandler type-map var +<%- if @apache_version == '2.4' -%> + Require all granted +<%- else -%> Order allow,deny Allow from all +<%- end -%> LanguagePriority en cs de es fr it nl sv pt-br ro ForceLanguagePriority Prefer Fallback diff --git a/templates/mod/alias.conf.erb b/templates/mod/alias.conf.erb index 52f16c1719..0a0c81593d 100644 --- a/templates/mod/alias.conf.erb +++ b/templates/mod/alias.conf.erb @@ -3,7 +3,11 @@ Alias /icons/ "<%= @icons_path %>/" "> Options Indexes MultiViews AllowOverride None - Order allow,deny - Allow from all +<%- if @apache_version == '2.4' -%> + Require all granted +<%- else -%> + Order allow,deny + Allow from all +<%- end -%> diff --git a/templates/mod/ssl.conf.erb b/templates/mod/ssl.conf.erb index f66b1c958c..763e13a9cf 100644 --- a/templates/mod/ssl.conf.erb +++ b/templates/mod/ssl.conf.erb @@ -13,7 +13,11 @@ <% if @ssl_compression -%> SSLCompression Off <% end -%> + <% if @apache_version >= '2.4' -%> + SSLMutex sysvsem <%= @ssl_mutex %> + <% else -%> SSLMutex <%= @ssl_mutex %> + <% end -%> SSLCryptoDevice builtin SSLHonorCipherOrder On SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 diff --git a/templates/vhost/_directories.erb b/templates/vhost/_directories.erb index 986216a2cb..516d0798da 100644 --- a/templates/vhost/_directories.erb +++ b/templates/vhost/_directories.erb @@ -34,21 +34,29 @@ AllowOverride None <%- end -%> <%- end -%> - <%- if directory['order'] and directory['order'] != '' -%> - Order <%= Array(directory['order']).join(',') %> + <%- if @apache_version == '2.4' -%> + <%- if directory['require'] and directory['require'] != '' -%> + Require <%= Array(directory['require']).join(' ') %> + <%- else -%> + Require all granted + <%- end -%> <%- else -%> + <%- if directory['order'] and directory['order'] != '' -%> + Order <%= Array(directory['order']).join(',') %> + <%- else -%> Order allow,deny - <%- end -%> - <%- if directory['deny'] and directory['deny'] != '' -%> + <%- end -%> + <%- if directory['deny'] and directory['deny'] != '' -%> Deny <%= directory['deny'] %> - <%- end -%> - <%- if directory['allow'] and ! [ false, 'false', '' ].include?(directory['allow']) -%> + <%- end -%> + <%- if directory['allow'] and ! [ false, 'false', '' ].include?(directory['allow']) -%> Allow <%= directory['allow'] %> - <%- elsif [ 'from all', 'from All' ].include?(directory['deny']) -%> - <%- elsif ! directory['deny'] and [ false, 'false', '' ].include?(directory['allow']) -%> + <%- elsif [ 'from all', 'from All' ].include?(directory['deny']) -%> + <%- elsif ! directory['deny'] and [ false, 'false', '' ].include?(directory['allow']) -%> Deny from all - <%- else -%> + <%- else -%> Allow from all + <%- end -%> <%- end -%> <%- if directory['addhandlers'] and ! directory['addhandlers'].empty? -%> <%- [directory['addhandlers']].flatten.compact.each do |addhandler| -%> From 1ab4bef3e19e9aac38335c4e10092e11dbf24d03 Mon Sep 17 00:00:00 2001 From: Scott Smith Date: Wed, 5 Feb 2014 21:16:43 +0000 Subject: [PATCH 04/35] Fix to lots of tests to work with apache24 --- manifests/default_mods.pp | 20 ++ manifests/mod/info.pp | 5 +- manifests/mod/ssl.pp | 28 ++- spec/acceptance/apache_parameters_spec.rb | 83 ++++----- .../nodesets/ubuntu-server-1310-x64.yml | 11 ++ spec/acceptance/version.rb | 57 ++++++ spec/acceptance/vhost_spec.rb | 173 +++++++++--------- spec/defines/vhost_spec.rb | 18 +- templates/mod/info.conf.erb | 4 + templates/mod/ssl.conf.erb | 2 +- templates/vhost/_block.erb | 4 + templates/vhost/_fastcgi.erb | 6 +- 12 files changed, 269 insertions(+), 142 deletions(-) create mode 100644 spec/acceptance/nodesets/ubuntu-server-1310-x64.yml create mode 100644 spec/acceptance/version.rb diff --git a/manifests/default_mods.pp b/manifests/default_mods.pp index c8523fced1..09cc3be1eb 100644 --- a/manifests/default_mods.pp +++ b/manifests/default_mods.pp @@ -130,5 +130,25 @@ apache::mod { 'env': } } elsif $mods { apache::default_mods::load { $mods: } + + if $apache_version >= 2.4 { + # authz_core is needed for 'Require' directive + apache::mod { 'authz_core': + id => 'authz_core_module', + } + + # filter is needed by mod_deflate + apache::mod { 'filter': } + } + } else { + if $apache_version >= 2.4 { + # authz_core is needed for 'Require' directive + apache::mod { 'authz_core': + id => 'authz_core_module', + } + + # filter is needed by mod_deflate + apache::mod { 'filter': } + } } } diff --git a/manifests/mod/info.pp b/manifests/mod/info.pp index b76e1efb2a..627bf85ddf 100644 --- a/manifests/mod/info.pp +++ b/manifests/mod/info.pp @@ -1,8 +1,11 @@ class apache::mod::info ( $allow_from = ['127.0.0.1','::1'], + $apache_version = $apache::apache_version, ){ apache::mod { 'info': } - # Template uses $allow_from + # Template uses + # $allow_from + # $apache_version file { 'info.conf': ensure => file, path => "${apache::mod_dir}/info.conf", diff --git a/manifests/mod/ssl.pp b/manifests/mod/ssl.pp index 5756d89e7d..f8e6c248c2 100644 --- a/manifests/mod/ssl.pp +++ b/manifests/mod/ssl.pp @@ -8,13 +8,33 @@ 'redhat' => '/var/cache/mod_ssl/scache(512000)', 'freebsd' => '/var/run/ssl_scache(512000)', } - $ssl_mutex = $::osfamily ? { - 'debian' => 'file:${APACHE_RUN_DIR}/ssl_mutex', - 'redhat' => 'default', - 'freebsd' => 'default', + + case $::osfamily { + 'debian': { + if $apache_version >= 2.4 and $::operatingsystem == 'Ubuntu' { + file { "${APACHE_RUN_DIR}/ssl_mutex": + ensure => directory + } + + $ssl_mutex = 'file:${APACHE_RUN_DIR}/ssl_mutex default' + } else { + $ssl_mutex = 'file:${APACHE_RUN_DIR}/ssl_mutex' + } + } + 'redhat': { + $ssl_mutex = 'default' + } + 'freebsd': { + $ssl_mutex = 'default' + } } + apache::mod { 'ssl': } + if $apache_version >= 2.4 and $::operatingsystem == 'Ubuntu' { + apache::mod { 'socache_shmcb': } + } + # Template uses # # $ssl_compression diff --git a/spec/acceptance/apache_parameters_spec.rb b/spec/acceptance/apache_parameters_spec.rb index bcaa21f955..597739f5c2 100644 --- a/spec/acceptance/apache_parameters_spec.rb +++ b/spec/acceptance/apache_parameters_spec.rb @@ -1,23 +1,5 @@ require 'spec_helper_acceptance' - -case fact('osfamily') -when 'RedHat' - confd_dir = '/etc/httpd/conf.d' - conf_file = '/etc/httpd/conf/httpd.conf' - ports_file = '/etc/httpd/conf/ports.conf' - vhost = '/etc/httpd/conf.d/15-default.conf' - service_name = 'httpd' - package_name = 'httpd' - error_log = 'error_log' -when 'Debian' - confd_dir = '/etc/apache2/mods-available' - conf_file = '/etc/apache2/apache2.conf' - ports_file = '/etc/apache2/ports.conf' - vhost = '/etc/apache2/sites-available/15-default.conf' - service_name = 'apache2' - package_name = 'apache2' - error_log = 'error.log' -end +require_relative './version.rb' describe 'apache parameters' do @@ -41,7 +23,7 @@ end if fact('osfamily') == 'FreeBSD' - describe file("#{confd_dir}/no-accf.conf.erb") do + describe file("#{$confd_dir}/no-accf.conf.erb") do it { should be_file } end end @@ -53,7 +35,7 @@ apply_manifest(pp, :catch_failures => true) end - describe file(ports_file) do + describe file($ports_file) do it { should be_file } it { should contain 'Listen 10.1.1.1' } end @@ -70,7 +52,7 @@ class { 'apache': apply_manifest(pp, :catch_failures => true) end - describe service(service_name) do + describe service($service_name) do it { should be_running } it { should be_enabled } end @@ -87,7 +69,7 @@ class { 'apache': apply_manifest(pp, :catch_failures => true) end - describe service(service_name) do + describe service($service_name) do it { should_not be_running } it { should_not be_enabled } end @@ -101,12 +83,12 @@ class { 'apache': purge_vdir => false, } EOS - shell("touch #{confd_dir}/test.conf") + shell("touch #{$confd_dir}/test.conf") apply_manifest(pp, :catch_failures => true) end # Ensure the file didn't disappear. - describe file("#{confd_dir}/test.conf") do + describe file("#{$confd_dir}/test.conf") do it { should be_file } end end @@ -120,12 +102,12 @@ class { 'apache': purge_vdir => true, } EOS - shell("touch #{confd_dir}/test.conf") + shell("touch #{$confd_dir}/test.conf") apply_manifest(pp, :catch_failures => true) end # File should be gone - describe file("#{confd_dir}/test.conf") do + describe file("#{$confd_dir}/test.conf") do it { should_not be_file } end end @@ -137,7 +119,7 @@ class { 'apache': apply_manifest(pp, :catch_failures => true) end - describe file(vhost) do + describe file($vhost) do it { should be_file } it { should contain 'ServerAdmin test@example.com' } end @@ -151,7 +133,7 @@ class { 'apache': end end - describe file(conf_file) do + describe file($conf_file) do it { should be_file } it { should contain 'EnableSendfile On' } end @@ -163,7 +145,7 @@ class { 'apache': end end - describe file(conf_file) do + describe file($conf_file) do it { should be_file } it { should contain 'Sendfile Off' } end @@ -177,7 +159,7 @@ class { 'apache': end end - describe file(conf_file) do + describe file($conf_file) do it { should be_file } it { should contain 'Alias /error/' } end @@ -191,7 +173,7 @@ class { 'apache': end end - describe file(conf_file) do + describe file($conf_file) do it { should be_file } it { should contain 'Timeout 1234' } end @@ -208,7 +190,7 @@ class { 'apache': httpd_dir => '/tmp', service_ensure => stopped } end end - describe file("#{confd_dir}/mime.conf") do + describe file("#{$confd_dir}/mime.conf") do it { should be_file } it { should contain 'AddLanguage eo .eo' } end @@ -222,7 +204,7 @@ class { 'apache': httpd_dir => '/tmp', service_ensure => stopped } end end - describe file(conf_file) do + describe file($conf_file) do it { should be_file } it { should contain 'ServerRoot "/tmp/root"' } end @@ -236,9 +218,16 @@ class { 'apache': httpd_dir => '/tmp', service_ensure => stopped } end end - describe file(conf_file) do - it { should be_file } - it { should contain 'Include "/tmp/root/*.conf"' } + if $apache_version >= 2.4 + describe file($conf_file) do + it { should be_file } + it { should contain 'IncludeOptional "/tmp/root/*.conf"' } + end + else + describe file($conf_file) do + it { should be_file } + it { should contain 'Include "/tmp/root/*.conf"' } + end end end @@ -252,7 +241,7 @@ class { 'apache': httpd_dir => '/tmp', service_ensure => stopped } end end - describe file(conf_file) do + describe file($conf_file) do it { should be_file } it { should contain 'testcontent' } end @@ -266,7 +255,7 @@ class { 'apache': httpd_dir => '/tmp', service_ensure => stopped } end end - describe file(conf_file) do + describe file($conf_file) do it { should be_file } it { should contain 'ServerName "test.server"' } end @@ -305,7 +294,7 @@ class { 'apache': end end - describe file(conf_file) do + describe file($conf_file) do it { should be_file } it { should contain 'KeepAlive On' } it { should contain 'KeepAliveTimeout 30' } @@ -320,7 +309,7 @@ class { 'apache': end end - describe file("/tmp/#{error_log}") do + describe file("/tmp/#{$error_log}") do it { should be_file } end end @@ -347,15 +336,15 @@ class { 'apache': it 'applys cleanly' do pp = <<-EOS class { 'apache': - server_tokens => 'testtokens', + server_tokens => 'Minor', } EOS apply_manifest(pp, :catch_failures => true) end - describe file(conf_file) do + describe file($conf_file) do it { should be_file } - it { should contain 'ServerTokens testtokens' } + it { should contain 'ServerTokens Minor' } end end @@ -370,7 +359,7 @@ class { 'apache': apply_manifest(pp, :catch_failures => true) end - describe file(conf_file) do + describe file($conf_file) do it { should be_file } it { should contain 'ServerSignature testsig' } end @@ -386,7 +375,7 @@ class { 'apache': apply_manifest(pp, :catch_failures => true) end - describe file(conf_file) do + describe file($conf_file) do it { should be_file } it { should contain 'TraceEnable Off' } end @@ -402,7 +391,7 @@ class { 'apache': apply_manifest(pp, :catch_failures => true) end - describe package(package_name) do + describe package($package_name) do it { should be_installed } end end diff --git a/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml b/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml new file mode 100644 index 0000000000..f4b2366f3b --- /dev/null +++ b/spec/acceptance/nodesets/ubuntu-server-1310-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + ubuntu-server-1310-x64: + roles: + - master + platform: ubuntu-13.10-amd64 + box : ubuntu-server-1310-x64-vbox4210-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/ubuntu-1310-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + log_level : debug + type: git diff --git a/spec/acceptance/version.rb b/spec/acceptance/version.rb new file mode 100644 index 0000000000..62c5f3c397 --- /dev/null +++ b/spec/acceptance/version.rb @@ -0,0 +1,57 @@ +_osfamily = fact('osfamily') +_operatingsystem = fact('operatingsystem') +_operatingsystemrelease = fact('operatingsystemrelease').to_f + +case _osfamily +when 'RedHat' + $confd_dir = '/etc/httpd/conf.d' + $conf_file = '/etc/httpd/conf/httpd.conf' + $ports_file = '/etc/httpd/conf/ports.conf' + $vhost_dir = '/etc/httpd/conf.d' + $vhost = '/etc/httpd/conf.d/15-default.conf' + $run_dir = '/var/run/httpd' + $service_name = 'httpd' + $package_name = 'httpd' + $error_log = 'error_log' + $suphp_handler = 'php5-script' + $suphp_configpath = 'undef' + + if (_operatingsystem == 'Fedora' and _operatingsystemrelease >= 18) or (_operatingsystem != 'Fedora' and _operatingsystemrelease >= 7) + $apache_version = 2.4 + else + $apache_version = 2.2 + end +when 'Debian' + $confd_dir = '/etc/apache2/mods-available' + $conf_file = '/etc/apache2/apache2.conf' + $ports_file = '/etc/apache2/ports.conf' + $vhost = '/etc/apache2/sites-available/15-default.conf' + $vhost_dir = '/etc/apache2/sites-enabled' + $run_dir = '/var/run/apache2' + $service_name = 'apache2' + $package_name = 'apache2' + $error_log = 'error.log' + $suphp_handler = 'x-httpd-php' + $suphp_configpath = '/etc/php5/apache2' + + if _operatingsystem == 'Ubuntu' and _operatingsystemrelease >= 13.10 + $apache_version = 2.4 + else + $apache_version = 2.2 + end +when 'FreeBSD' + $confd_dir = '/usr/local/etc/apache22/Includes' + $conf_file = '/usr/local/etc/apache22/httpd.conf' + $ports_file = '/usr/local/etc/apache22/Includes/ports.conf' + $vhost = '/usr/local/etc/apache22/Vhosts/15-default.conf' + $vhost_dir = '/usr/local/etc/apache22/Vhosts' + $run_dir = '/var/run/apache22' + $service_name = 'apache22' + $package_name = 'apache22' + $error_log = 'http-error.log' + + $apache_version = 2.2 +else + fail RuntimeError, "Unsupported osfamily: #{_osfamily}" +end + diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index e6b8f1b928..7d066241f7 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -1,28 +1,7 @@ require 'spec_helper_acceptance' +require_relative './version.rb' describe 'apache::vhost define' do - case fact('osfamily') - when 'RedHat' - vhost_dir = '/etc/httpd/conf.d' - package_name = 'httpd' - service_name = 'httpd' - ports_file = '/etc/httpd/conf/ports.conf' - suphp_handler = 'php5-script' - suphp_configpath = 'undef' - when 'FreeBSD' - vhost_dir = '/usr/local/etc/apache22/Vhosts' - package_name = 'apache22' - service_name = 'apache22' - ports_file = '/usr/local/etc/apache22/ports.conf' - when 'Debian' - vhost_dir = '/etc/apache2/sites-enabled' - package_name = 'apache2' - service_name = 'apache2' - ports_file = '/etc/apache2/ports.conf' - suphp_handler = 'x-httpd-php' - suphp_configpath = '/etc/php5/apache2' - end - context 'no default vhosts' do it 'should create no default vhosts' do pp = <<-EOS @@ -36,11 +15,11 @@ class { 'apache': apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/15-default.conf") do + describe file("#{$vhost_dir}/15-default.conf") do it { should_not be_file } end - describe file("#{vhost_dir}/15-default-ssl.conf") do + describe file("#{$vhost_dir}/15-default-ssl.conf") do it { should_not be_file } end end @@ -54,11 +33,11 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/15-default.conf") do + describe file("#{$vhost_dir}/15-default.conf") do it { should contain '' } end - describe file("#{vhost_dir}/15-default-ssl.conf") do + describe file("#{$vhost_dir}/15-default-ssl.conf") do it { should_not be_file } end end @@ -69,18 +48,24 @@ class { 'apache': } # 'file:/var/run/apache2/ssl_mutex' but contains # 'file:${APACHE_RUN_DIR}/ssl_mutex' pp = <<-EOS + file { '#{$run_dir}': + ensure => 'directory', + recurse => true, + } + class { 'apache': default_ssl_vhost => true, + require => File['#{$run_dir}'], } EOS apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/15-default.conf") do + describe file("#{$vhost_dir}/15-default.conf") do it { should contain '' } end - describe file("#{vhost_dir}/15-default-ssl.conf") do + describe file("#{$vhost_dir}/15-default-ssl.conf") do it { should contain '' } it { should contain "SSLEngine on" } end @@ -90,15 +75,21 @@ class { 'apache': it 'should configure an apache vhost' do pp = <<-EOS class { 'apache': } + file { '#{$run_dir}': + ensure => 'directory', + recurse => true, + } + apache::vhost { 'first.example.com': port => '80', docroot => '/var/www/first', + require => File['#{$run_dir}'], } EOS apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-first.example.com.conf") do + describe file("#{$vhost_dir}/25-first.example.com.conf") do it { should contain '' } it { should contain "ServerName first.example.com" } end @@ -119,7 +110,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-proxy.example.com.conf") do + describe file("#{$vhost_dir}/25-proxy.example.com.conf") do it { should contain '' } it { should contain "ServerName proxy.example.com" } it { should contain "ProxyPass" } @@ -153,7 +144,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe service(service_name) do + describe service($service_name) do it { should be_enabled } it { should be_running } end @@ -176,12 +167,21 @@ class { 'apache': } it 'should configure a vhost with Files' do pp = <<-EOS class { 'apache': } + + if $apache::apache_version >= 2.4 { + $_files_match_directory = { 'path' => '(\.swp|\.bak|~)$', 'provider' => 'filesmatch', 'require' => 'all denied', } + } else { + $_files_match_directory = { 'path' => '(\.swp|\.bak|~)$', 'provider' => 'filesmatch', 'deny' => 'from all', } + } + + $_directories = [ + { 'path' => '/var/www/files', }, + $_files_match_directory, + ] + apache::vhost { 'files.example.net': docroot => '/var/www/files', - directories => [ - { 'path' => '/var/www/files', }, - { 'path' => '(\.swp|\.bak|~)$', 'provider' => 'filesmatch', 'deny' => 'from all' }, - ], + directories => $_directories, } file { '/var/www/files/index.html': ensure => file, @@ -196,7 +196,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe service(service_name) do + describe service($service_name) do it { should be_enabled } it { should be_running } end @@ -211,21 +211,22 @@ class { 'apache': } it 'should configure a vhost with multiple Directory sections' do pp = <<-EOS class { 'apache': } + + if $apache::apache_version >= 2.4 { + $_files_match_directory = { 'path' => 'private.html$', 'provider' => 'filesmatch', 'require' => 'all denied' } + } else { + $_files_match_directory = { 'path' => 'private.html$', 'provider' => 'filesmatch', 'deny' => 'from all' } + } + + $_directories = [ + { 'path' => '/var/www/files', }, + { 'path' => '/foo/', 'provider' => 'location', 'directoryindex' => 'notindex.html', }, + $_files_match_directory, + ] + apache::vhost { 'files.example.net': docroot => '/var/www/files', - directories => [ - { 'path' => '/var/www/files', }, - { - 'provider' => 'location', - 'path' => '/foo/', - 'directoryindex' => 'notindex.html', - }, - { - 'provider' => 'filesmatch', - 'path' => 'private.html$', - 'deny' => 'from all', - }, - ], + directories => $_directories, } file { '/var/www/files/foo': ensure => directory, @@ -243,7 +244,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe service(service_name) do + describe service($service_name) do it { should be_enabled } it { should be_running } end @@ -275,7 +276,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe service(service_name) do + describe service($service_name) do it { should be_enabled } it { should be_running } end @@ -316,7 +317,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe service(service_name) do + describe service($service_name) do it { should be_enabled } it { should be_running } end @@ -362,7 +363,7 @@ class { 'apache': default_vhost => false, } }, :catch_failures => true) end - describe service(service_name) do + describe service($service_name) do it { should be_enabled } it { should be_running } end @@ -389,7 +390,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file(ports_file) do + describe file($ports_file) do it { should be_file } it { should_not contain 'NameVirtualHost test.server' } end @@ -411,7 +412,7 @@ class { 'apache': default_vhost => false } apply_manifest(pp, :catch_failures => true) end - describe file(ports_file) do + describe file($ports_file) do it { should be_file } it { should_not contain 'Listen 80' } it { should contain 'Listen 81' } @@ -452,7 +453,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/10-test.server.conf") do + describe file("#{$vhost_dir}/10-test.server.conf") do it { should be_file } end end @@ -470,7 +471,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'Options Indexes FollowSymLinks ExecCGI' } end @@ -489,7 +490,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'AllowOverride All' } end @@ -508,7 +509,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain ' CustomLog "/tmp' } end @@ -536,7 +537,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should_not contain " #{logname} \"/tmp" } end @@ -550,15 +551,15 @@ class { 'apache': } apache::vhost { 'test.server': docroot => '/tmp', logroot => '/tmp', - #{logtype}_log_pipe => '|test', + #{logtype}_log_pipe => '|/bin/sh', } EOS apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } - it { should contain " #{logname} \"|test" } + it { should contain " #{logname} \"|/bin/sh" } end end @@ -576,7 +577,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain " #{logname} \"syslog\"" } end @@ -598,7 +599,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'CustomLog "syslog" "%h %l"' } end @@ -619,7 +620,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'CustomLog "syslog" combined env=admin' } end @@ -638,7 +639,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'Alias /image "/ftp/pub/image"' } end @@ -657,7 +658,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'ScriptAlias /myscript "/usr/share/myscript"' } end @@ -676,7 +677,7 @@ class { 'apache': service_ensure => stopped, } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'ProxyPass / test2/' } end @@ -689,19 +690,19 @@ class { 'apache': service_ensure => stopped, } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp', - suphp_addhandler => '#{suphp_handler}', + suphp_addhandler => '#{$suphp_handler}', suphp_engine => 'on', - suphp_configpath => '#{suphp_configpath}', + suphp_configpath => '#{$suphp_configpath}', } EOS apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } - it { should contain "suPHP_AddHandler #{suphp_handler}" } + it { should contain "suPHP_AddHandler #{$suphp_handler}" } it { should contain 'suPHP_Engine on' } - it { should contain "suPHP_ConfigPath \"#{suphp_configpath}\"" } + it { should contain "suPHP_ConfigPath \"#{$suphp_configpath}\"" } end end @@ -719,7 +720,7 @@ class { 'apache': service_ensure => stopped, } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'ProxyPass / http://test2/' } it { should contain 'ProxyPass http://test2/test !' } @@ -741,7 +742,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'Redirect permanent /images http://test.server/' } end @@ -769,7 +770,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'RackBaseURI /test' } end @@ -790,7 +791,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'append MirrorID "mirror 12"' } end @@ -814,7 +815,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain '#test' } it { should contain 'RewriteCond %{HTTP_USER_AGENT} ^Lynx/ [OR]' } @@ -836,7 +837,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'SetEnv TEST /test' } it { should contain 'SetEnvIf Request_URI "\.gif$" object_is_image=gif' } @@ -856,7 +857,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain '' } end @@ -879,7 +880,7 @@ class { 'apache::mod::wsgi': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'WSGIDaemonProcess wsgi processes=2' } it { should contain 'WSGIProcessGroup vagrant' } @@ -900,7 +901,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain '#weird test string' } end @@ -919,7 +920,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'AssignUserId vagrant vagrant' } end @@ -943,7 +944,7 @@ class { 'apache::mod::fastcgi': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'FastCgiExternalServer localhost -socket /tmp/fast/1234' } it { should contain '' } @@ -965,7 +966,7 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end - describe file("#{vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } it { should contain 'Include "/tmp/include"' } end diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb index 3b39c26e0c..150e20833f 100644 --- a/spec/defines/vhost_spec.rb +++ b/spec/defines/vhost_spec.rb @@ -761,6 +761,21 @@ /^ <\/Files>$/, ], }, + { + :title => 'should accept files match for provider', + :attr => 'directories', + :value => { + 'path' => 'index.html', + 'provider' => 'filesmatch', + }, + :notmatch => [' AllowOverride None'], + :match => [ + /^ $/, + /^ Order allow,deny$/, + /^ Allow from all$/, + /^ <\/FilesMatch>$/, + ], + }, ].each do |param| describe "when #{param[:attr]} is #{param[:value]}" do let :params do default_params.merge({ @@ -894,8 +909,7 @@ :notmatch => [' AllowOverride None'], :match => [ /^ $/, - /^ Order allow,deny$/, - /^ Allow from all$/, + /^ Require all granted$/, /^ <\/FilesMatch>$/, ], }, diff --git a/templates/mod/info.conf.erb b/templates/mod/info.conf.erb index 01ffe95a91..0747da4307 100644 --- a/templates/mod/info.conf.erb +++ b/templates/mod/info.conf.erb @@ -1,6 +1,10 @@ SetHandler server-info + <%- if @apache_version >= '2.4' -%> + Require ip <%= Array(@allow_from).join(" ") %> + <%- else -%> Order deny,allow Deny from all Allow from <%= Array(@allow_from).join(" ") %> + <%- end -%> diff --git a/templates/mod/ssl.conf.erb b/templates/mod/ssl.conf.erb index 763e13a9cf..e1597f2f8b 100644 --- a/templates/mod/ssl.conf.erb +++ b/templates/mod/ssl.conf.erb @@ -14,7 +14,7 @@ SSLCompression Off <% end -%> <% if @apache_version >= '2.4' -%> - SSLMutex sysvsem <%= @ssl_mutex %> + Mutex <%= @ssl_mutex %> <% else -%> SSLMutex <%= @ssl_mutex %> <% end -%> diff --git a/templates/vhost/_block.erb b/templates/vhost/_block.erb index f235f89d28..f3c835d2cb 100644 --- a/templates/vhost/_block.erb +++ b/templates/vhost/_block.erb @@ -4,7 +4,11 @@ <% if @block.include? 'scm' -%> # Block access to SCM directories. + <%- if @apache_version >= '2.4' -%> + Require all denied + <%- else -%> Deny From All + <%- end -%> <% end -%> <% end -%> diff --git a/templates/vhost/_fastcgi.erb b/templates/vhost/_fastcgi.erb index 86ecf92184..07129bc197 100644 --- a/templates/vhost/_fastcgi.erb +++ b/templates/vhost/_fastcgi.erb @@ -8,8 +8,12 @@ Options +ExecCGI AllowOverride All SetHandler fastcgi-script + <%- if @apache_version >= '2.4' -%> + Require all granted + <%- else -%> Order allow,deny - Allow from all + Allow From All + <%- end -%> AuthBasicAuthoritative Off From c416bf40de261b80a93d39fd92a04fdcf07710c8 Mon Sep 17 00:00:00 2001 From: Scott Smith Date: Wed, 5 Feb 2014 23:12:58 +0000 Subject: [PATCH 05/35] Apache24 on Ubuntu SSL to use default mutex Changed the ssl module to use default for the new Mutex with Apache 2.4 on Ubuntu --- manifests/mod/ssl.pp | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/manifests/mod/ssl.pp b/manifests/mod/ssl.pp index f8e6c248c2..55bcbc7d5f 100644 --- a/manifests/mod/ssl.pp +++ b/manifests/mod/ssl.pp @@ -12,11 +12,7 @@ case $::osfamily { 'debian': { if $apache_version >= 2.4 and $::operatingsystem == 'Ubuntu' { - file { "${APACHE_RUN_DIR}/ssl_mutex": - ensure => directory - } - - $ssl_mutex = 'file:${APACHE_RUN_DIR}/ssl_mutex default' + $ssl_mutex = 'default' } else { $ssl_mutex = 'file:${APACHE_RUN_DIR}/ssl_mutex' } From 04ddeaad56a3a54e183ac2f2026aadc67b3e55d1 Mon Sep 17 00:00:00 2001 From: Dominic Cleal Date: Fri, 7 Feb 2014 12:07:05 +0000 Subject: [PATCH 06/35] Ensure socache_shmcb is enabled on all Apache 2.4 OSes The SSLSessionCache option is specified as socache_shmcb, so the module must be enabled. --- manifests/mod/ssl.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/mod/ssl.pp b/manifests/mod/ssl.pp index 55bcbc7d5f..fe171842d2 100644 --- a/manifests/mod/ssl.pp +++ b/manifests/mod/ssl.pp @@ -27,7 +27,7 @@ apache::mod { 'ssl': } - if $apache_version >= 2.4 and $::operatingsystem == 'Ubuntu' { + if $apache_version >= 2.4 { apache::mod { 'socache_shmcb': } } From a5dda0158fc18265e84796a9f41a5d6d7b1f1b1c Mon Sep 17 00:00:00 2001 From: Justin Stoller Date: Sat, 8 Feb 2014 21:53:19 -0800 Subject: [PATCH 07/35] fix simple linting errors --- manifests/mod/ssl.pp | 3 +++ manifests/package.pp | 2 +- manifests/vhost.pp | 4 ++-- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/manifests/mod/ssl.pp b/manifests/mod/ssl.pp index fe171842d2..323d092b28 100644 --- a/manifests/mod/ssl.pp +++ b/manifests/mod/ssl.pp @@ -23,6 +23,9 @@ 'freebsd': { $ssl_mutex = 'default' } + default: { + fail("Unsupported osfamily ${::osfamily}") + } } apache::mod { 'ssl': } diff --git a/manifests/package.pp b/manifests/package.pp index 31bd311982..b91e25f6b1 100644 --- a/manifests/package.pp +++ b/manifests/package.pp @@ -26,7 +26,7 @@ ensure => $ensure, path => '/etc/make.conf', line => "APACHE_PORT=${apache_package}", - match => "^\\s*#?\\s*APACHE_PORT\\s*=\\s*", + match => '^\\s*#?\\s*APACHE_PORT\\s*=\\s*', before => Package['httpd'], } # remove other packages diff --git a/manifests/vhost.pp b/manifests/vhost.pp index cac091dee9..b019b74e8e 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -267,7 +267,7 @@ if $access_log_file { $access_log_destination = "${logroot}/${access_log_file}" } elsif $access_log_pipe { - $access_log_destination = "${access_log_pipe}" + $access_log_destination = $access_log_pipe } elsif $access_log_syslog { $access_log_destination = $access_log_syslog } else { @@ -281,7 +281,7 @@ if $error_log_file { $error_log_destination = "${logroot}/${error_log_file}" } elsif $error_log_pipe { - $error_log_destination = "${error_log_pipe}" + $error_log_destination = $error_log_pipe } elsif $error_log_syslog { $error_log_destination = $error_log_syslog } else { From c9be62255bedfb128ea057e98e98f84daa8e9a86 Mon Sep 17 00:00:00 2001 From: Justin Stoller Date: Sat, 8 Feb 2014 21:53:47 -0800 Subject: [PATCH 08/35] disable lint check for "single quoted variables" Previously we were checking (and failing every linting run) because the values for Debian configurations uses a syntax that looks like Puppet variables. This is regrettable since it's a valuable check but the fix will probably require changing how the conf variables are handled which is out of the scope of this PR. --- Rakefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Rakefile b/Rakefile index 9020623179..5868545f20 100644 --- a/Rakefile +++ b/Rakefile @@ -6,4 +6,5 @@ PuppetLint.configuration.send('disable_80chars') PuppetLint.configuration.send('disable_class_inherits_from_params_class') PuppetLint.configuration.send('disable_class_parameter_defaults') PuppetLint.configuration.send('disable_documentation') +PuppetLint.configuration.send('disable_single_quote_string_with_variables') PuppetLint.configuration.ignore_paths = ["spec/**/*.pp", "pkg/**/*.pp"] From 69139c7d3b5cbfee5a6615effa1c42126fb30886 Mon Sep 17 00:00:00 2001 From: Justin Stoller Date: Sat, 8 Feb 2014 21:58:02 -0800 Subject: [PATCH 09/35] use a .puppet-lint.rc for usage outside of rake tasks --- .puppet-lint.rc | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .puppet-lint.rc diff --git a/.puppet-lint.rc b/.puppet-lint.rc new file mode 100644 index 0000000000..df733ca811 --- /dev/null +++ b/.puppet-lint.rc @@ -0,0 +1,5 @@ +--no-single_quote_string_with_variables-check +--no-80chars-check +--no-class_inherits_from_params_class-check +--no-class_parameter_defaults-check +--no-documentation-check From 245224efc5671d7d774e349e9d84b1f8a55f7386 Mon Sep 17 00:00:00 2001 From: David Teirney Date: Sun, 9 Feb 2014 21:18:59 +1300 Subject: [PATCH 10/35] Update rspec definitions for the ProxyPassReverse location fix. --- spec/defines/vhost_spec.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb index 150e20833f..76c908c80a 100644 --- a/spec/defines/vhost_spec.rb +++ b/spec/defines/vhost_spec.rb @@ -353,7 +353,7 @@ :match => [ /^ ProxyPass \/ http:\/\/fake.com\/$/, /^ $/, - /^ ProxyPassReverse \/$/, + /^ ProxyPassReverse http:\/\/fake.com\/$/, /^ <\/Location>$/, ], :notmatch => [/ProxyPass .+!$/], @@ -365,7 +365,7 @@ :match => [ /^ ProxyPass \/path-a http:\/\/fake.com\/a$/, /^ $/, - /^ ProxyPassReverse \/$/, + /^ ProxyPassReverse http:\/\/fake.com\/a$/, /^ <\/Location>$/, ], @@ -381,11 +381,11 @@ :match => [ /^ ProxyPass \/path-a\/ http:\/\/fake.com\/a\/$/, /^ $/, - /^ ProxyPassReverse \/$/, + /^ ProxyPassReverse http:\/\/fake.com\/a\/$/, /^ <\/Location>$/, /^ ProxyPass \/path-b http:\/\/fake.com\/b$/, /^ $/, - /^ ProxyPassReverse \/$/, + /^ ProxyPassReverse http:\/\/fake.com\/b$/, /^ <\/Location>$/, ], :notmatch => [/ProxyPass .+!$/], From 99d66352ad7bd5e92a3a3f7a59051ecd680d88fe Mon Sep 17 00:00:00 2001 From: Matt Dainty Date: Mon, 3 Feb 2014 16:40:13 +0000 Subject: [PATCH 11/35] Add WSGIApplicationGroup and WSGIImportScript directives --- README.md | 4 ++++ manifests/vhost.pp | 8 ++++++++ templates/vhost/_wsgi.erb | 6 ++++++ 3 files changed, 18 insertions(+) diff --git a/README.md b/README.md index 97fb7b963c..b36d7d2224 100644 --- a/README.md +++ b/README.md @@ -155,9 +155,13 @@ To set up a virtual host with WSGI apache::vhost { 'wsgi.example.com': port => '80', docroot => '/var/www/pythonapp', + wsgi_application_group => '%{GLOBAL}', wsgi_daemon_process => 'wsgi', wsgi_daemon_process_options => { processes => '2', threads => '15', display-name => '%{GROUP}' }, + wsgi_import_script => '/var/www/demo.wsgi', + wsgi_import_script_options => + { process-group => 'wsgi', application-group => '%{GLOBAL}' }, wsgi_process_group => 'wsgi', wsgi_script_aliases => { '/' => '/var/www/demo.wsgi' }, } diff --git a/manifests/vhost.pp b/manifests/vhost.pp index cac091dee9..0742c80b41 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -159,8 +159,11 @@ $setenvif = [], $block = [], $ensure = 'present', + $wsgi_application_group = undef, $wsgi_daemon_process = undef, $wsgi_daemon_process_options = undef, + $wsgi_import_script = undef, + $wsgi_import_script_options = undef, $wsgi_process_group = undef, $wsgi_script_aliases = undef, $custom_fragment = undef, @@ -209,6 +212,9 @@ if $wsgi_daemon_process_options { validate_hash($wsgi_daemon_process_options) } + if $wsgi_import_script_options { + validate_hash($wsgi_import_script_options) + } if $itk { validate_hash($itk) } @@ -495,7 +501,9 @@ # - $suphp_engine # - $suphp_configpath # wsgi fragment: + # - $wsgi_application_group # - $wsgi_daemon_process + # - $wsgi_import_script # - $wsgi_process_group # - $wsgi_script_aliases file { "${priority_real}-${filename}.conf": diff --git a/templates/vhost/_wsgi.erb b/templates/vhost/_wsgi.erb index 4a68eed8d6..474c30ff19 100644 --- a/templates/vhost/_wsgi.erb +++ b/templates/vhost/_wsgi.erb @@ -1,8 +1,14 @@ +<% if @wsgi_application_group -%> + WSGIApplicationGroup <%= @wsgi_application_group %> +<% end -%> <% if @wsgi_daemon_process and @wsgi_daemon_process_options -%> WSGIDaemonProcess <%= @wsgi_daemon_process %> <%= @wsgi_daemon_process_options.collect { |k,v| "#{k}=#{v}"}.sort.join(' ') %> <% elsif @wsgi_daemon_process and !@wsgi_daemon_process_options -%> WSGIDaemonProcess <%= @wsgi_daemon_process %> <% end -%> +<% if @wsgi_import_script and @wsgi_import_script_options -%> + WSGIImportScript <%= @wsgi_import_script %> <%= @wsgi_import_script_options.collect { |k,v| "#{k}=#{v}"}.sort.join(' ') %> +<% end -%> <% if @wsgi_process_group -%> WSGIProcessGroup <%= @wsgi_process_group %> <% end -%> From 32791446c7264a1a5187dddfa18a546c47854907 Mon Sep 17 00:00:00 2001 From: Matt Dainty Date: Wed, 5 Feb 2014 14:15:17 +0000 Subject: [PATCH 12/35] Add WSGIApplicationGroup & WSGIImportScript tests. --- spec/acceptance/vhost_spec.rb | 5 +++++ spec/defines/vhost_spec.rb | 18 ++++++++++++++++++ 2 files changed, 23 insertions(+) diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index 7d066241f7..205496a944 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -871,8 +871,11 @@ class { 'apache::mod::wsgi': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp', + wsgi_application_group => '%{GLOBAL}', wsgi_daemon_process => 'wsgi', wsgi_daemon_process_options => {processes => '2'}, + wsgi_import_script => '/test1', + wsgi_import_script_options => { application-group => '%{GLOBAL}', process-group => 'wsgi' }, wsgi_process_group => 'vagrant', wsgi_script_aliases => { '/test' => '/test1' }, } @@ -882,7 +885,9 @@ class { 'apache::mod::wsgi': } describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } + it { should contain 'WSGIApplicationGroup %{GLOBAL}' } it { should contain 'WSGIDaemonProcess wsgi processes=2' } + it { should contain 'WSGIImportScript /test1 application-group=%{GLOBAL} process-group=wsgi' } it { should contain 'WSGIProcessGroup vagrant' } it { should contain 'WSGIScriptAlias /test "/test1"' } end diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb index 150e20833f..2cd2bb29d7 100644 --- a/spec/defines/vhost_spec.rb +++ b/spec/defines/vhost_spec.rb @@ -601,6 +601,12 @@ /^ WSGIScriptAlias \/ "\/usr\/local\/wsgi\/scripts\/myapp.wsgi"$/, ], }, + { + :title => 'should accept a wsgi application group', + :attr => 'wsgi_application_group', + :value => '%{GLOBAL}', + :match => [/^ WSGIApplicationGroup %{GLOBAL}$/], + }, { :title => 'should contain environment variables', :attr => 'access_log_env_var', @@ -1116,6 +1122,18 @@ end end + describe 'when wsgi_import_script and wsgi_import_script_options are specified' do + let :params do default_params.merge({ + :wsgi_import_script => '/var/www/demo.wsgi', + :wsgi_import_script_options => { 'application-group' => '%{GLOBAL}', 'process-group' => 'wsgi' }, + }) end + it 'should set wsgi_import_script_options' do + should contain_file("25-#{title}.conf").with_content( + /^ WSGIImportScript \/var\/www\/demo.wsgi application-group=%{GLOBAL} process-group=wsgi$/ + ) + end + end + describe 'when rewrites are specified' do let :params do default_params.merge({ :rewrites => [ From 709e2e16cbb1c21821673aa038b91a77da55be6d Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Tue, 11 Feb 2014 14:53:12 -0800 Subject: [PATCH 13/35] The vagrant user doesn't exist on non-vagrant machines --- spec/acceptance/vhost_spec.rb | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index 205496a944..1ac3d8d570 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -426,8 +426,8 @@ class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp/test', - docroot_owner => 'vagrant', - docroot_group => 'vagrant', + docroot_owner => 'nobody', + docroot_group => 'nobody', } EOS apply_manifest(pp, :catch_failures => true) @@ -435,8 +435,8 @@ class { 'apache': } describe file('/tmp/test') do it { should be_directory } - it { should be_owned_by 'vagrant' } - it { should be_grouped_into 'vagrant' } + it { should be_owned_by 'nobody' } + it { should be_grouped_into 'nobody' } end end @@ -876,7 +876,7 @@ class { 'apache::mod::wsgi': } wsgi_daemon_process_options => {processes => '2'}, wsgi_import_script => '/test1', wsgi_import_script_options => { application-group => '%{GLOBAL}', process-group => 'wsgi' }, - wsgi_process_group => 'vagrant', + wsgi_process_group => 'nobody', wsgi_script_aliases => { '/test' => '/test1' }, } EOS @@ -888,7 +888,7 @@ class { 'apache::mod::wsgi': } it { should contain 'WSGIApplicationGroup %{GLOBAL}' } it { should contain 'WSGIDaemonProcess wsgi processes=2' } it { should contain 'WSGIImportScript /test1 application-group=%{GLOBAL} process-group=wsgi' } - it { should contain 'WSGIProcessGroup vagrant' } + it { should contain 'WSGIProcessGroup nobody' } it { should contain 'WSGIScriptAlias /test "/test1"' } end end @@ -919,7 +919,7 @@ class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp', - itk => { user => 'vagrant', group => 'vagrant' } + itk => { user => 'nobody', group => 'nobody' } } EOS apply_manifest(pp, :catch_failures => true) @@ -927,7 +927,7 @@ class { 'apache': } describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } - it { should contain 'AssignUserId vagrant vagrant' } + it { should contain 'AssignUserId nobody nobody' } end end From b6c6c00efffb0c194197c053815aa6c510d56b99 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Tue, 11 Feb 2014 16:32:50 -0800 Subject: [PATCH 14/35] Allow custom gemsource --- Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 9dfc87712f..dd87fe8cff 100644 --- a/Gemfile +++ b/Gemfile @@ -1,4 +1,4 @@ -source 'https://rubygems.org' +source ENV['GEM_SOURCE'] || "https://rubygems.org" group :development, :test do gem 'rake', :require => false From f1069cd34a7c3c615dc89754aaa3430e0de711b4 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Wed, 12 Feb 2014 17:54:35 -0800 Subject: [PATCH 15/35] Create user/group instead of using existing ones The group `nobody` doesn't exist on debian so this fixes that failure. --- spec/acceptance/vhost_spec.rb | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index 1ac3d8d570..a45db82b01 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -422,12 +422,14 @@ class { 'apache': default_vhost => false } describe 'docroot' do it 'applies cleanly' do pp = <<-EOS + user { 'test_owner': ensure => present, } + group { 'test_group': ensure => present, } class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': docroot => '/tmp/test', - docroot_owner => 'nobody', - docroot_group => 'nobody', + docroot_owner => 'test_owner', + docroot_group => 'test_group', } EOS apply_manifest(pp, :catch_failures => true) @@ -435,8 +437,8 @@ class { 'apache': } describe file('/tmp/test') do it { should be_directory } - it { should be_owned_by 'nobody' } - it { should be_grouped_into 'nobody' } + it { should be_owned_by 'test_owner' } + it { should be_grouped_into 'test_group' } end end From 1ee31e340b10419dd0b274e8d3cb91941e4df4e0 Mon Sep 17 00:00:00 2001 From: Dominic Cleal Date: Tue, 18 Feb 2014 08:41:11 +0000 Subject: [PATCH 16/35] Replace mutating hashes with merge() for Puppet 3.5 --- manifests/vhost.pp | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/manifests/vhost.pp b/manifests/vhost.pp index 2b129311a3..22beec2e82 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -417,13 +417,17 @@ } if $apache_version == 2.4 { - $_directory[require] = 'all granted' + $_directory_version = { + require => 'all granted', + } } else { - $_directory[order] = 'allow,deny' - $_directory[allow] = 'from all' + $_directory_version = { + order => 'allow,deny', + allow => 'from all', + } } - $_directories = [ $_directory ] + $_directories = [ merge($_directory, $_directory_version) ] } # Template uses: From 8f248f72478a4c9b09a9d2b8695cf2969f4e0123 Mon Sep 17 00:00:00 2001 From: Lauren Rother Date: Wed, 15 Jan 2014 16:41:14 -0800 Subject: [PATCH 17/35] Updates README Adds sections for new parameters, classes, and defined types not previously documented. Updates sections for parameters, classes, defined types, testing, and examples to reflect ongoing changes to the module. Edits for punctuation, spelling, grammar, clarity, consistency, formatting, and code correctness. Updates links to external documentation to point to the most recent and most pertinent docs. --- README.md | 1384 +++++++++++++++++++++++++++++++---------------------- 1 file changed, 807 insertions(+), 577 deletions(-) diff --git a/README.md b/README.md index b36d7d2224..c960814f5c 100644 --- a/README.md +++ b/README.md @@ -4,27 +4,43 @@ ####Table of Contents -1. [Overview - What is the Apache module?](#overview) +1. [Overview - What is the apache module?](#overview) 2. [Module Description - What does the module do?](#module-description) -3. [Setup - The basics of getting started with Apache](#setup) - * [Beginning with Apache - Installation](#beginning-with-apache) - * [Configure a Virtual Host - Basic options for getting started](#configure-a-virtual-host) -4. [Usage - The classes, defined types, and their parameters available for configuration](#usage) +3. [Setup - The basics of getting started with apache](#setup) + * [Beginning with apache - Installation](#beginning-with-apache) + * [Configure a virtual host - Basic options for getting started](#configure-a-virtual-host) +4. [Usage - The classes and defined types available for configuration](#usage) * [Classes and Defined Types](#classes-and-defined-types) * [Class: apache](#class-apache) + * [Class: apache::default_mods](#class-apachedefault_mods) + * [Defined Type: apache::mod](#defined-type-apachemod) * [Classes: apache::mod::*](#classes-apachemodname) + * [Class: apache::mod::ssl](#class-apachemodssl) + * [Class: apache::mod::wsgi](#class-apachemodwsgi) * [Defined Type: apache::vhost](#defined-type-apachevhost) + * [Parameter: `directories` for apache::vhost](#parameter-directories-for-apachevhost) + * [SSL parameters for apache::vhost](#ssl-parameters-for-apachevhost) * [Virtual Host Examples - Demonstrations of some configuration options](#virtual-host-examples) -5. [Implementation - An under-the-hood peek at what the module is doing](#implementation) - * [Classes and Defined Types](#classes-and-defined-types) + * [Load Balancing](#load-balancing) + * [Defined Type: apache::balancer](#defined-type-apachebalancer) + * [Defined Type: apache::balancermember](#defined-type-apachebalancermember) + * [Examples - Load balancing with exported and non-exported resources](#examples) +5. [Reference - An under-the-hood peek at what the module is doing and how](#reference) + * [Classes](#classes) + * [Public Classes](#public-classes) + * [Private Classes](#private-classes) + * [Defined Types](#defined-types) + * [Public Defined Types](#public-defined-types) + * [Private Defined Types](#private-defined-types) * [Templates](#templates) 6. [Limitations - OS compatibility, etc.](#limitations) 7. [Development - Guide for contributing to the module](#development) -8. [Release Notes - Notes on the most recent updates to the module](#release-notes) + * [Contributing to the apache module](#contributing) + * [Running tests - A quick guide](#running-tests) ##Overview -The Apache module allows you to set up virtual hosts and manage web services with minimal effort. +The apache module allows you to set up virtual hosts and manage web services with minimal effort. ##Module Description @@ -32,15 +48,15 @@ Apache is a widely-used web server, and this module provides a simplified way of ##Setup -**What Apache affects:** +**What apache affects:** * configuration files and directories (created and written to) - * **NOTE**: Configurations that are *not* managed by Puppet will be purged. + * **WARNING**: Configurations that are *not* managed by Puppet will be purged. * package/service/configuration files for Apache * Apache modules * virtual hosts * listened-to ports -* `/etc/make.conf` on FreeBSD +* `/etc/make.conf` on FreeBSD ###Beginning with Apache @@ -50,7 +66,7 @@ To install Apache with the default parameters class { 'apache': } ``` -The defaults are determined by your operating system (e.g. Debian systems have one set of defaults, RedHat systems have another). These defaults will work well in a testing environment, but are not suggested for production. To establish customized parameters +The defaults are determined by your operating system (e.g. Debian systems have one set of defaults, and RedHat systems have another, as do FreeBSD systems). These defaults will work well in a testing environment, but are not suggested for production. To establish customized parameters ```puppet class { 'apache': @@ -78,7 +94,7 @@ To configure a very basic, name-based virtual host *Note:* The default priority is 15. If nothing matches this priority, the alphabetically first name-based vhost will be used. This is also true if you pass a higher priority and no names match anything else. -A slightly more complicated example, which moves the docroot owner/group +A slightly more complicated example, changes the docroot owner/group from the default 'root' ```puppet apache::vhost { 'second.example.com': @@ -111,23 +127,22 @@ To set up a virtual host with SSL and specific SSL certificates } ``` -To set up a virtual host with IP address different than '*' +Virtual hosts listen on '*' by default. To listen on a specific IP address ```puppet apache::vhost { 'subdomain.example.com': ip => '127.0.0.1', port => '80', - docrout => '/var/www/subdomain', + docroot => '/var/www/subdomain', } ``` -To set up a virtual host with wildcard alias for subdomain mapped to same named directory -`http://examle.com.loc => /var/www/example.com` +To set up a virtual host with a wildcard alias for the subdomain mapped to a same-named directory, for example: `http://example.com.loc` to `/var/www/example.com` ```puppet apache::vhost { 'subdomain.loc': - vhost_name => '*', - port => '80', + vhost_name => '*', + port => '80', virtual_docroot' => '/var/www/%-2+', docroot => '/var/www', serveraliases => ['*.loc',], @@ -157,8 +172,11 @@ To set up a virtual host with WSGI docroot => '/var/www/pythonapp', wsgi_application_group => '%{GLOBAL}', wsgi_daemon_process => 'wsgi', - wsgi_daemon_process_options => - { processes => '2', threads => '15', display-name => '%{GROUP}' }, + wsgi_daemon_process_options => { + processes => '2', + threads => '15', + display-name => '%{GROUP}', + }, wsgi_import_script => '/var/www/demo.wsgi', wsgi_import_script_options => { process-group => 'wsgi', application-group => '%{GLOBAL}' }, @@ -167,7 +185,7 @@ To set up a virtual host with WSGI } ``` -Starting 2.2.16, httpd supports [FallbackResource](https://httpd.apache.org/docs/2.2/mod/mod_dir.html#fallbackresource) which is a simple replace for common RewriteRules: +Starting in Apache 2.2.16, httpd supports [FallbackResource](https://httpd.apache.org/docs/current/mod/mod_dir.html#fallbackresource), a simple replace for common RewriteRules. ```puppet apache::vhost { 'wordpress.example.com': @@ -177,190 +195,202 @@ Starting 2.2.16, httpd supports [FallbackResource](https://httpd.apache.org/docs } ``` -Please note that the `disabled` argument to FallbackResource is only supported since 2.2.24. +Please note that the 'disabled' argument to FallbackResource is only supported since Apache 2.2.24. -To see a list of all virtual host parameters, [please go here](#defined-type-apachevhost). To see an extensive list of virtual host examples [please look here](#virtual-host-examples). +See a list of all [virtual host parameters](#defined-type-apachevhost). See an extensive list of [virtual host examples](#virtual-host-examples). ##Usage ###Classes and Defined Types -This module modifies Apache configuration files and directories and will purge any configuration not managed by Puppet. Configuration of Apache should be managed by Puppet, as non-puppet configuration files can cause unexpected failures. +This module modifies Apache configuration files and directories, and will purge any configuration not managed by Puppet. Configuration of Apache should be managed by Puppet, as non-Puppet configuration files can cause unexpected failures. -It is possible to temporarily disable full Puppet management by setting the `purge_configs` parameter within the base `apache` class to 'false'. This option should only be used as a temporary means of saving and relocating customized configurations. +It is possible to temporarily disable full Puppet management by setting the [`purge_configs`](#purge_configs) parameter within the base `apache` class to 'false'. This option should only be used as a temporary means of saving and relocating customized configurations. See the [`purge_configs` parameter](#purge_configs) for more information. ####Class: `apache` -The Apache module's primary class, `apache`, guides the basic setup of Apache on your system. +The apache module's primary class, `apache`, guides the basic setup of Apache on your system. You may establish a default vhost in this class, the `vhost` class, or both. You may add additional vhost configurations for specific virtual hosts using a declaration of the `vhost` type. **Parameters within `apache`:** -#####`default_mods` +#####`confd_dir` -Sets up Apache with default settings based on your OS. Defaults to 'true', set to 'false' for customized configuration. +Changes the location of the configuration directory your custom configuration files are placed in. Defaults to '/etc/httpd/conf' on RedHat, '/etc/apache2' on Debian, and '/usr/local/etc/apache22' on FreeBSD. -#####`default_vhost` +#####`conf_template` -Sets up a default virtual host. Defaults to 'true', set to 'false' to set up [customized virtual hosts](#configure-a-virtual-host). +Overrides the template used for the main apache configuration file. Defaults to 'apache/httpd.conf.erb'. + +*Note:* Using this parameter is potentially risky, as the module has been built for a minimal configuration file with the configuration primarily coming from conf.d/ entries. #####`default_confd_files` -Generates default set of include-able apache configuration files under `${apache::confd_dir}` directory. These configuration files correspond to what is usually installed with apache package on given platform. +Generates default set of include-able Apache configuration files under `${apache::confd_dir}` directory. These configuration files correspond to what is usually installed with the Apache package on a given platform. -#####`default_ssl_vhost` +#####`default_mods` -Sets up a default SSL virtual host. Defaults to 'false'. +Sets up Apache with default settings based on your OS. Valid values are 'true', 'false', or an array of mod names. -```puppet - apache::vhost { 'default-ssl': - port => 443, - ssl => true, - docroot => $docroot, - scriptalias => $scriptalias, - serveradmin => $serveradmin, - access_log_file => "ssl_${access_log_file}", - } -``` +Defaults to 'true', which will include the default [HTTPD mods](https://github.com/puppetlabs/puppetlabs-apache/blob/master/manifests/default_mods.pp). -SSL vhosts only respond to HTTPS queries. +If false, it will only include the mods required to make HTTPD work, and any other mods can be declared on their own. -#####`default_ssl_cert` +If an array, the apache module will include the array of mods listed. + +#####`default_ssl_ca` -The default SSL certification, which is automatically set based on your operating system (`/etc/pki/tls/certs/localhost.crt` for RedHat, `/etc/ssl/certs/ssl-cert-snakeoil.pem` for Debian, `/usr/local/etc/apache22/server.crt` for FreeBSD). This default will work out of the box but must be updated with your specific certificate information before being used in production. +The default certificate authority, which is automatically set to 'undef'. This default will work out of the box but must be updated with your specific certificate information before being used in production. -#####`default_ssl_key` +#####`default_ssl_cert` -The default SSL key, which is automatically set based on your operating system (`/etc/pki/tls/private/localhost.key` for RedHat, `/etc/ssl/private/ssl-cert-snakeoil.key` for Debian, `/usr/local/etc/apache22/server.key` for FreeBSD). This default will work out of the box but must be updated with your specific certificate information before being used in production. +The default SSL certification, which is automatically set based on your operating system ('/etc/pki/tls/certs/localhost.crt' for RedHat, '/etc/ssl/certs/ssl-cert-snakeoil.pem' for Debian, and '/usr/local/etc/apache22/server.crt' for FreeBSD). This default will work out of the box but must be updated with your specific certificate information before being used in production. #####`default_ssl_chain` The default SSL chain, which is automatically set to 'undef'. This default will work out of the box but must be updated with your specific certificate information before being used in production. -#####`default_ssl_ca` +#####`default_ssl_crl` -The default certificate authority, which is automatically set to 'undef'. This default will work out of the box but must be updated with your specific certificate information before being used in production. +The default certificate revocation list to use, which is automatically set to 'undef'. This default will work out of the box but must be updated with your specific certificate information before being used in production. #####`default_ssl_crl_path` The default certificate revocation list path, which is automatically set to 'undef'. This default will work out of the box but must be updated with your specific certificate information before being used in production. -#####`default_ssl_crl` +#####`default_ssl_key` -The default certificate revocation list to use, which is automatically set to 'undef'. This default will work out of the box but must be updated with your specific certificate information before being used in production. +The default SSL key, which is automatically set based on your operating system ('/etc/pki/tls/private/localhost.key' for RedHat, '/etc/ssl/private/ssl-cert-snakeoil.key' for Debian, and '/usr/local/etc/apache22/server.key' for FreeBSD). This default will work out of the box but must be updated with your specific certificate information before being used in production. -#####`service_name` +#####`default_ssl_vhost` -Name of apache service to run. Defaults to: `'httpd'` on RedHat, `'apache2'` on Debian, and `'apache22'` on FreeBSD. +Sets up a default SSL virtual host. Defaults to 'false'. If set to 'true', will set up the following vhost: -#####`service_enable` +```puppet + apache::vhost { 'default-ssl': + port => 443, + ssl => true, + docroot => $docroot, + scriptalias => $scriptalias, + serveradmin => $serveradmin, + access_log_file => "ssl_${access_log_file}", + } +``` -Determines whether the 'httpd' service is enabled when the machine is booted. Defaults to 'true'. +SSL vhosts only respond to HTTPS queries. -#####`service_ensure` +#####`default_vhost` -Determines whether the service should be running. Can be set to 'undef' which is useful when you want to let the service be managed by some other application like pacemaker. Defaults to 'running'. +Sets up a default virtual host. Defaults to 'true', set to 'false' to set up [customized virtual hosts](#configure-a-virtual-host). -#####`purge_configs` +#####`error_documents` -Removes all other apache configs and vhosts, which is automatically set to true. Setting this to false is a stopgap measure to allow the apache module to coexist with existing or otherwise managed configuration. It is recommended that you move your configuration entirely to resources within this module. +Enables custom error documents. Defaults to 'false'. -#####`serveradmin` +#####`httpd_dir` -Sets the server administrator. Defaults to 'root@localhost'. +Changes the base location of the configuration directories used for the apache service. This is useful for specially repackaged HTTPD builds, but may have unintended consequences when used in combination with the default distribution packages. Defaults to '/etc/httpd' on RedHat, '/etc/apache2' on Debian, and '/usr/local/etc/apache22' on FreeBSD. -#####`servername` +#####`keepalive` -Sets the servername. Defaults to fqdn provided by facter. +Enables persistent connections. -#####`server_root` +#####`keepalive_timeout` -A value to be set as `ServerRoot` in main configuration file (`httpd.conf`). Defaults to `/etc/httpd` on RedHat, `/etc/apache2` on Debian and `/usr/local` on FreeBSD. +Sets the amount of time the server will wait for subsequent requests on a persistent connection. Defaults to '15'. -#####`sendfile` +#####`log_level` -Makes Apache use the Linux kernel 'sendfile' to serve static files. Defaults to 'On'. +Changes the verbosity level of the error log. Defaults to 'warn'. Valid values are 'emerg', 'alert', 'crit', 'error', 'warn', 'notice', 'info', or 'debug'. -#####`server_root` +#####`logroot` -A value to be set as `ServerRoot` in main configuration file (`httpd.conf`). Defaults to `/etc/httpd` on RedHat and `/etc/apache2` on Debian. +Changes the directory where Apache log files for the virtual host are placed. Defaults to '/var/log/httpd' on RedHat, '/var/log/apache2' on Debian, and '/var/log/apache22' on FreeBSD. -#####`error_documents` +#####`manage_group` -Enables custom error documents. Defaults to 'false'. +Setting this to 'false' will stop the group resource from being created. This is for when you have a group, created from another Puppet module, you want to use to run Apache. Without this parameter, attempting to use a previously established group would result in a duplicate resource error. -#####`httpd_dir` +#####`manage_user` -Changes the base location of the configuration directories used for the service. This is useful for specially repackaged HTTPD builds but may have unintended consequences when used in combination with the default distribution packages. Default is based on your OS. +Setting this to 'false' will stop the user resource from being created. This is for instances when you have a user, created from another Puppet module, you want to use to run Apache. Without this parameter, attempting to use a previously established user would result in a duplicate resource error. -#####`confd_dir` +#####`mod_dir` -Changes the location of the configuration directory your custom configuration files are placed in. Default is based on your OS. +Changes the location of the configuration directory your Apache modules configuration files are placed in. Defaults to '/etc/httpd/conf.d' for RedHat, '/etc/apache2/mods-available' for Debian, and '/usr/local/etc/apache22/Modules' for FreeBSD. -#####`vhost_dir` +#####`mpm_module` -Changes the location of the configuration directory your virtual host configuration files are placed in. Default is based on your OS. +Determines which MPM is loaded and configured for the HTTPD process. Valid values are 'event', 'itk', 'peruser', 'prefork', 'worker', or 'false'. Defaults to 'prefork' on RedHat and FreeBSD, and 'worker' on Debian. Must be set to 'false' to explicitly declare the following classes with custom parameters: -#####`mod_dir` +* `apache::mod::event` +* `apache::mod::itk` +* `apache::mod::peruser` +* `apache::mod::prefork` +* `apache::mod::worker` -Changes the location of the configuration directory your Apache modules configuration files are placed in. Default is based on your OS. +*Note:* Switching between different MPMs on FreeBSD is possible but quite difficult. Before changing `$mpm_module` you must uninstall all packages that depend on your currently-installed Apache. -#####`mpm_module` +#####`package_ensure` -Configures which mpm module is loaded and configured for the httpd process by the `apache::mod::event`, `apache::mod::itk`, `apache::mod::peruser`, `apache::mod::prefork` and `apache::mod::worker` classes. Must be set to `false` to explicitly declare `apache::mod::event`, `apache::mod::itk`, `apache::mod::peruser`, `apache::mod::prefork` or `apache::mod::worker` classes with parameters. All possible values are `event`, `itk`, `peruser`, `prefork`, `worker` (valid values depend on agent's OS), or the boolean `false`. Defaults to `prefork` on RedHat and FreeBSD and `worker` on Debian. Note: on FreeBSD switching between different mpm modules is quite difficult (but possible). Before changing `$mpm_module` one has to deinstall all packages that depend on currently installed `apache`. +Allows control over the package ensure attribute. Can be 'present','absent', or a version string. -#####`conf_template` +#####`ports_file` -Setting this allows you to override the template used for the main apache configuration file. This is a potentially risky thing to do as this module has been built around the concept of a minimal configuration file with most of the configuration coming in the form of conf.d/ entries. Defaults to 'apache/httpd.conf.erb'. +Changes the name of the file containing Apache ports configuration. Default is `${conf_dir}/ports.conf`. -#####`keepalive` +#####`purge_configs` -Setting this allows you to enable persistent connections. +Removes all other Apache configs and vhosts, defaults to 'true'. Setting this to 'false' is a stopgap measure to allow the apache module to coexist with existing or otherwise-managed configuration. It is recommended that you move your configuration entirely to resources within this module. -#####`keepalive_timeout` +#####`sendfile` -Amount of time the server will wait for subsequent requests on a persistent connection. Defaults to '15'. +Makes Apache use the Linux kernel sendfile to serve static files. Defaults to 'On'. -#####`logroot` +#####`serveradmin` + +Sets the server administrator. Defaults to 'root@localhost'. + +#####`servername` -Changes the location of the directory Apache log files are placed in. Defaut is based on your OS. +Sets the server name. Defaults to `fqdn` provided by Facter. -#####`log_level` +#####`server_root` -Changes the verbosity level of the error log. Defaults to 'warn'. Valid values are `emerg`, `alert`, `crit`, `error`, `warn`, `notice`, `info` or `debug`. +Sets the root directory in which the server resides. Defaults to '/etc/httpd' on RedHat, '/etc/apache2' on Debian, and '/usr/local' on FreeBSD. -#####`ports_file` +#####`server_signature` -Changes the name of the file containing Apache ports configuration. Default is `${conf_dir}/ports.conf`. +Configures a trailing footer line under server-generated documents. More information about [ServerSignature](http://httpd.apache.org/docs/current/mod/core.html#serversignature). Defaults to 'On'. #####`server_tokens` -Controls how much information Apache sends to the browser about itself and the operating system. See Apache documentation for 'ServerTokens'. Defaults to 'OS'. +Controls how much information Apache sends to the browser about itself and the operating system. More information about [ServerTokens](http://httpd.apache.org/docs/current/mod/core.html#servertokens). Defaults to 'OS'. -#####`server_signature` +#####`service_enable` -Allows the configuration of a trailing footer line under server-generated documents. See Apache documentation for 'ServerSignature'. Defaults to 'On'. +Determines whether the HTTPD service is enabled when the machine is booted. Defaults to 'true'. -#####`trace_enable` +#####`service_ensure` -Controls, how TRACE requests per RFC 2616 are handled. See Apache documentation for 'TraceEnable'. Defaults to 'On'. +Determines whether the service should be running. Can be set to 'undef', which is useful when you want to let the service be managed by some other application like Pacemaker. Defaults to 'running'. -#####`manage_user` +#####`service_name` -Setting this to false will avoid the user resource to be created by this module. This is useful when you already have a user created in another puppet module and that you want to used it to run apache. Without this, it would result in a duplicate resource error. +Name of the Apache service to run. Defaults to: 'httpd' on RedHat, 'apache2' on Debian, and 'apache22' on FreeBSD. -#####`manage_group` +#####`trace_enable` -Setting this to false will avoid the group resource to be created by this module. This is useful when you already have a group created in another puppet module and that you want to used it for apache. Without this, it would result in a duplicate resource error. +Controls how TRACE requests per RFC 2616 are handled. More information about [TraceEnable](http://httpd.apache.org/docs/current/mod/core.html#traceenable). Defaults to 'On'. -#####`package_ensure` +#####`vhost_dir` -Allow control over the package ensure statement. This is useful if you want to make sure apache is always at the latest version or whether it is only installed. +Changes the location of the configuration directory your virtual host configuration files are placed in. Defaults to 'etc/httpd/conf.d' on RedHat, '/etc/apache2/sites-available' on Debian, and '/usr/local/etc/apache22/Vhosts' on FreeBSD. ####Class: `apache::default_mods` -Installs default Apache modules based on what OS you are running +Installs default Apache modules based on what OS you are running. ```puppet class { 'apache::default_mods': } @@ -368,7 +398,7 @@ Installs default Apache modules based on what OS you are running ####Defined Type: `apache::mod` -Used to enable arbitrary Apache httpd modules for which there is no specific `apache::mod::[name]` class. The `apache::mod` defined type will also install the required packages to enable the module, if any. +Used to enable arbitrary Apache HTTPD modules for which there is no specific `apache::mod::[name]` class. The `apache::mod` defined type will also install the required packages to enable the module, if any. ```puppet apache::mod { 'rewrite': } @@ -422,22 +452,22 @@ There are many `apache::mod::[name]` classes within this module that can be decl * `rewrite` * `rpaf`* * `setenvif` -* `ssl`* (see [apache::mod::ssl](#class-apachemodssl) below) +* `ssl`* (see [`apache::mod::ssl`](#class-apachemodssl) below) * `status`* * `suphp` * `userdir`* * `vhost_alias` * `worker`* -* `wsgi` (see [apache::mod::wsgi](#class-apachemodwsgi) below) +* `wsgi` (see [`apache::mod::wsgi`](#class-apachemodwsgi) below) * `xsendfile` Modules noted with a * indicate that the module has settings and, thus, a template that includes parameters. These parameters control the module's configuration. Most of the time, these parameters will not require any configuration or attention. -The modules mentioned above, and other Apache modules that have templates, will cause template files to be dropped along with the mod install, and the module will not work without the template. Any mod without a template will install package but drop no files. +The modules mentioned above, and other Apache modules that have templates, will cause template files to be dropped along with the mod install and the module will not work without the template. Any module without a template will install the package but drop no files. ####Class: `apache::mod::ssl` -Installs Apache SSL capabilities and utilizes `ssl.conf.erb` template. These are the defaults: +Installs Apache SSL capabilities and uses the ssl.conf.erb template. These are the defaults: ```puppet class { 'apache::mod::ssl': @@ -446,24 +476,31 @@ Installs Apache SSL capabilities and utilizes `ssl.conf.erb` template. These are } ``` -To *use* SSL with a virtual host, you must either set the`default_ssl_vhost` parameter in `apache` to 'true' or set the `ssl` parameter in `apache::vhost` to 'true'. +To *use* SSL with a virtual host, you must either set the`default_ssl_vhost` parameter in `::apache` to 'true' or set the `ssl` parameter in `apache::vhost` to 'true'. ####Class: `apache::mod::wsgi` +Enables Python support in the WSGI module. To use, simply `include 'apache::mod::wsgi'`. + +For customized parameters, which tell Apache how Python is currently configured on the operating system, + ```puppet class { 'apache::mod::wsgi': wsgi_socket_prefix => "\${APACHE_RUN_DIR}WSGI", - wsgi_python_home => '/path/to/virtenv', - wsgi_python_path => '/path/to/virtenv/site-packages', + wsgi_python_home => '/path/to/venv', + wsgi_python_path => '/path/to/venv/site-packages', } ``` + +More information about [WSGI](http://modwsgi.readthedocs.org/en/latest/). + ####Defined Type: `apache::vhost` -The Apache module allows a lot of flexibility in the set up and configuration of virtual hosts. This flexibility is due, in part, to `vhost`'s setup as a defined resource type, which allows it to be evaluated multiple times with different parameters. +The Apache module allows a lot of flexibility in the setup and configuration of virtual hosts. This flexibility is due, in part, to `vhost`'s being a defined resource type, which allows it to be evaluated multiple times with different parameters. -The `vhost` defined type allows you to have specialized configurations for virtual hosts that have requirements outside of the defaults. You can set up a default vhost within the base `apache` class as well as set a customized vhost setup as default. Your customized vhost (priority 10) will be privileged over the base class vhost (15). +The `vhost` defined type allows you to have specialized configurations for virtual hosts that have requirements outside the defaults. You can set up a default vhost within the base `::apache` class, as well as set a customized vhost as default. Your customized vhost (priority 10) will be privileged over the base class vhost (15). -If you have a series of specific configurations and do not want a base `apache` class default vhost, make sure to set the base class default host to 'false'. +If you have a series of specific configurations and do not want a base `::apache` class default vhost, make sure to set the base class `default_vhost` to 'false'. ```puppet class { 'apache': @@ -473,15 +510,13 @@ If you have a series of specific configurations and do not want a base `apache` **Parameters within `apache::vhost`:** -The default values for each parameter will vary based on operating system and type of virtual host. - #####`access_log` -Specifies whether `*_access.log` directives should be configured. Valid values are 'true' and 'false'. Defaults to 'true'. +Specifies whether `*_access.log` directives (`*_file`,`*_pipe`, or `*_syslog`) should be configured. Setting the value to 'false' will choose none. Defaults to 'true'. #####`access_log_file` -Points to the `*_access.log` file. Defaults to 'undef'. +Sets the `*_access.log` filename that is placed in `$logroot`. Given a vhost, example.com, it defaults to 'example.com_ssl.log' for SSL vhosts and 'example.com_access.log' for non-SSL vhosts. #####`access_log_pipe` @@ -493,40 +528,48 @@ Sends all access log messages to syslog. Defaults to 'undef'. #####`access_log_format` -Specifies either a LogFormat nickname or custom format string for access log. Defaults to 'undef'. +Specifies the use of either a LogFormat nickname or a custom format string for the access log. Defaults to 'combined'. See [these examples](http://httpd.apache.org/docs/current/mod/mod_log_config.html). #####`access_log_env_var` -Adds writing control of access log via environment variable of the access. Defaults to 'undef'. +Specifies that only requests with particular environment variables be logged. Defaults to 'undef'. #####`add_listen` -Determines whether the vhost creates a listen statement. The default value is 'true'. +Determines whether the vhost creates a Listen statement. The default value is 'true'. + +Setting `add_listen` to 'false' stops the vhost from creating a Listen statement, and this is important when you combine vhosts that are not passed an `ip` parameter with vhosts that *are* passed the `ip` parameter. -Setting `add_listen` to 'false' stops the vhost from creating a listen statement, and this is important when you combine vhosts that are not passed an `ip` parameter with vhosts that *are* passed the `ip` parameter. +#####`additional_includes` + +Specifies paths to additional static, vhost-specific Apache configuration files. Useful for implementing a unique, custom configuration not supported by this module. Can be an array. Defaults to '[]'. #####`aliases` -Passes a list of hashes to the vhost to create `Alias` or `AliasMatch` statements as per the [`mod_alias` documentation](http://httpd.apache.org/docs/current/mod/mod_alias.html). Each hash is expected to be of the form: +Passes a list of hashes to the vhost to create Alias or AliasMatch directives as per the [mod_alias documentation](http://httpd.apache.org/docs/current/mod/mod_alias.html). These hashes are formatted as follows: -``` +```puppet aliases => [ - { aliasmatch => '^/image/(.*)\.jpg$', path => '/files/jpg.images/$1.jpg' } - { alias => '/image', path => '/ftp/pub/image' }, + { aliasmatch => '^/image/(.*)\.jpg$', + path => '/files/jpg.images/$1.jpg', + } + { alias => '/image', + path => '/ftp/pub/image', + }, ], ``` -For `Alias` and `AliasMatch` to work, each will need a corresponding `` or `` block. The `Alias` and `AliasMatch` directives are created in the order specified in the `aliases` paramter. As described in the [`mod_alias` documentation](http://httpd.apache.org/docs/current/mod/mod_alias.html) more specific `Alias` or `AliasMatch` directives should come before the more general ones to avoid shadowing. +For `alias` and `aliasmatch` to work, each will need a corresponding context, such as '< Directory /path/to/directory>' or ''. The Alias and AliasMatch directives are created in the order specified in the `aliases` parameter. As described in the [`mod_alias` documentation](http://httpd.apache.org/docs/current/mod/mod_alias.html), more specific `alias` or `aliasmatch` parameters should come before the more general ones to avoid shadowing. -**Note:** If `apache::mod::passenger` is loaded and `PassengerHighPerformance true` is set, then `Alias` may have issues honouring the `PassengerEnabled off` statement. See [this article](http://www.conandalton.net/2010/06/passengerenabled-off-not-working.html) for details. +*Note:* If `apache::mod::passenger` is loaded and `PassengerHighPerformance => true` is set, then Alias may have issues honoring the `PassengerEnabled => off` statement. See [this article](http://www.conandalton.net/2010/06/passengerenabled-off-not-working.html) for details. #####`block` -Specifies the list of things Apache will block access to. The default is an empty set, '[]'. Currently, the only option is 'scm', which blocks web access to .svn, .git and .bzr directories. To add to this, please see the [Development](#development) section. +Specifies the list of things Apache will block access to. The default is an empty set, '[]'. Currently, the only option is 'scm', which blocks web access to .svn, .git and .bzr directories. #####`custom_fragment` -Pass a string of custom configuration directives to be placed at the end of the vhost configuration. +Passes a string of custom configuration directives to be placed at the end of the vhost configuration. Defaults to 'undef'. #####`default_vhost` @@ -534,656 +577,797 @@ Sets a given `apache::vhost` as the default to serve requests that do not match #####`directories` -Passes a list of hashes to the vhost to create `...` directive blocks as per the [Apache core documentation](http://httpd.apache.org/docs/2.2/mod/core.html#directory). The `path` key is required in these hashes. An optional `provider` defaults to `directory`. Usage will typically look like: +See the [`directories` section](#parameter-directories-for-apachevhost). -```puppet - apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', => }, - { path => '/path/to/another/directory', => }, - ], - } -``` +#####`directoryindex` -*Note:* At least one directory should match `docroot` parameter, once you start declaring directories `apache::vhost` assumes that all required `` blocks will be declared. +Sets the list of resources to look for when a client requests an index of the directory by specifying a '/' at the end of the directory name. [DirectoryIndex](http://httpd.apache.org/docs/current/mod/mod_dir.html#directoryindex) has more information. Defaults to 'undef'. -*Note:* If not defined a single default `` block will be created that matches the `docroot` parameter. +#####`docroot` -`provider` can be set to any of `directory`, `files`, or `location`. If the [pathspec starts with a `~`](https://httpd.apache.org/docs/2.2/mod/core.html#files), httpd will interpret this as the equivalent of `DirectoryMatch`, `FilesMatch`, or `LocationMatch`, respectively. +Provides the [DocumentRoot](http://httpd.apache.org/docs/current/mod/core.html#documentroot) directive, which identifies the directory Apache serves files from. Required. -```puppet - apache::vhost { 'files.example.net': - docroot => '/var/www/files', - directories => [ - { path => '~ (\.swp|\.bak|~)$', 'provider' => 'files', 'deny' => 'from all' }, - ], - } -``` +#####`docroot_group` -The directives will be embedded within the `Directory` (`Files`, or `Location`) directive block, missing directives should be undefined and not be added, resulting in their default vaules in Apache. Currently this is the list of supported directives: +Sets group access to the docroot directory. Defaults to 'root'. -######`addhandlers` +#####`docroot_owner` -Sets `AddHandler` directives as per the [Apache Core documentation](http://httpd.apache.org/docs/2.2/mod/mod_mime.html#addhandler). Accepts a list of hashes of the form `{ handler => 'handler-name', extensions => ['extension']}`. Note that `extensions` is a list of extenstions being handled by the handler. -An example: +Sets individual user access to the docroot directory. Defaults to 'root'. -```puppet - apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ { path => '/path/to/directory', - addhandlers => [ { handler => 'cgi-script', extensions => ['.cgi']} ], - } ], - } -``` +#####`error_log` -######`allow` +Specifies whether `*_error.log` directives should be configured. Defaults to 'true'. -Sets an `Allow` directive as per the [Apache Core documentation](http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow). An example: +#####`error_log_file` -```puppet - apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ { path => '/path/to/directory', allow => 'from example.org' } ], - } -``` +Points to the `*_error.log` file. Given a vhost, example.com, it defaults to 'example.com_ssl_error.log' for SSL vhosts and 'example.com_access_error.log' for non-SSL vhosts. -######`allow_override` +#####`error_log_pipe` -Sets the usage of `.htaccess` files as per the [Apache core documentation](http://httpd.apache.org/docs/2.2/mod/core.html#allowoverride). Should accept in the form of a list or a string. An example: +Specifies a pipe to send error log messages to. Defaults to 'undef'. -```puppet - apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ { path => '/path/to/directory', allow_override => ['AuthConfig', 'Indexes'] } ], - } -``` +#####`error_log_syslog` -######`deny` +Sends all error log messages to syslog. Defaults to 'undef'. + +#####`error_documents` -Sets an `Deny` directive as per the [Apache Core documentation](http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#deny). An example: +A list of hashes which can be used to override the [ErrorDocument](https://httpd.apache.org/docs/current/mod/core.html#errordocument) settings for this vhost. Defaults to '[]'. Example: ```puppet apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ { path => '/path/to/directory', deny => 'from example.org' } ], + error_documents => [ + { 'error_code' => '503', 'document' => '/service-unavail' }, + { 'error_code' => '407', 'document' => 'https://example.com/proxy/login' }, + ], } ``` -######`error_documents` -A list of hashes which can be used to override the [ErrorDocument](https://httpd.apache.org/docs/2.2/mod/core.html#errordocument) settings for this directory. Example: +#####`ensure` -```puppet - apache::vhost { 'sample.example.net': - directories => [ { path => '/srv/www' - error_documents => [ - { 'error_code' => '503', 'document' => '/service-unavail' }, - ], - }] - } -``` +Specifies if the vhost file is present or absent. Defaults to 'present'. -######`headers` +#####`fallbackresource` -Adds lines for `Header` directives as per the [Apache Header documentation](http://httpd.apache.org/docs/2.2/mod/mod_headers.html#header). An example: +Sets the [FallbackResource](http://httpd.apache.org/docs/current/mod/mod_dir.html#fallbackresource) directive, which specifies an action to take for any URL that doesn't map to anything in your filesystem and would otherwise return 'HTTP 404 (Not Found)'. Valid values must either begin with a / or be 'disabled'. Defaults to 'undef'. -```puppet - apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => { - path => '/path/to/directory', - headers => 'Set X-Robots-Tag "noindex, noarchive, nosnippet"', - }, - } -``` +#####`headers` -######`options` +Adds lines to replace, merge, or remove response headers. See [Header](http://httpd.apache.org/docs/current/mod/mod_headers.html#header) for more information. Can be an array. Defaults to 'undef'. -Lists the options for the given `` block +#####`ip` -```puppet - apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ { path => '/path/to/directory', options => ['Indexes','FollowSymLinks','MultiViews'] }], - } -``` +Sets the IP address the vhost listens on. Defaults to listen on all IPs. -######`index_options` +#####`ip_based` -Styles the list +Enables an [IP-based](httpd.apache.org/docs/current/vhosts/ip-based.html) vhost. This parameter inhibits the creation of a NameVirtualHost directive, since those are used to funnel requests to name-based vhosts. Defaults to 'false'. -```puppet - apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ { path => '/path/to/directory', options => ['Indexes','FollowSymLinks','MultiViews'], index_options => ['IgnoreCase', 'FancyIndexing', 'FoldersFirst', 'NameWidth=*', 'DescriptionWidth=*', 'SuppressHTMLPreamble'] }], - } -``` +#####`itk` -######`index_order_default` -Sets the order of the list +Configures [ITK](http://mpm-itk.sesse.net/) in a hash. Keys may be: -```puppet - apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ { path => '/path/to/directory', order => 'Allow,Deny', index_order_default => ['Descending', 'Date']}, ], - } -``` +* user + group +* `assignuseridexpr` +* `assigngroupidexpr` +* `maxclientvhost` +* `nice` +* `limituidrange` (Linux 3.5.0 or newer) +* `limitgidrange` (Linux 3.5.0 or newer) -######`order` -Sets the order of processing `Allow` and `Deny` statements as per [Apache core documentation](http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#order). An example: +Usage will typically look like: ```puppet apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ { path => '/path/to/directory', order => 'Allow,Deny' } ], + docroot => '/path/to/directory', + itk => { + user => 'someuser', + group => 'somegroup', + }, } ``` -######`auth_type` +#####`logroot` -Sets the value for `AuthType` as per the [Apache AuthType -documentation](https://httpd.apache.org/docs/2.2/mod/core.html#authtype). +Specifies the location of the virtual host's logfiles. Defaults to '/var/log//'. -######`auth_name` +#####`log_level` -Sets the value for `AuthName` as per the [Apache AuthName -documentation](https://httpd.apache.org/docs/2.2/mod/core.html#authname). +Specifies the verbosity of the error log. Defaults to 'warn' for the global server configuration and can be overridden on a per-vhost basis. Valid values are 'emerg', 'alert', 'crit', 'error', 'warn', 'notice', 'info' or 'debug'. -######`auth_digest_algorithm` +#####`no_proxy_uris` -Sets the value for `AuthDigestAlgorithm` as per the [Apache -AuthDigestAlgorithm -documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#authdigestalgorithm) +Specifies URLs you do not want to proxy. This parameter is meant to be used in combination with [`proxy_dest`](#proxy_dest). -######`auth_digest_domain` +#####`options` -Sets the value for `AuthDigestDomain` as per the [Apache AuthDigestDomain -documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#authdigestdomain). +Sets the [Options](http://httpd.apache.org/docs/current/mod/core.html#options) for the specified virtual host. Defaults to '['Indexes','FollowSymLinks','MultiViews']', as demonstrated below: -######`auth_digest_nonce_lifetime` +```puppet + apache::vhost { 'site.name.fdqn': + … + options => ['Indexes','FollowSymLinks','MultiViews'], + } +``` -Sets the value for `AuthDigestNonceLifetime` as per the [Apache -AuthDigestNonceLifetime -documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#authdigestnoncelifetime) +*Note:* If you use [`directories`](#parameter-directories-for-apachevhost), 'Options', 'Override', and 'DirectoryIndex' are ignored because they are parameters within `directories`. -######`auth_digest_provider` +#####`override` -Sets the value for `AuthDigestProvider` as per the [Apache AuthDigestProvider -documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#authdigestprovider). +Sets the overrides for the specified virtual host. Accepts an array of [AllowOverride](http://httpd.apache.org/docs/current/mod/core.html#allowoverride) arguments. Defaults to '[none]'. -######`auth_digest_qop` +#####`php_admin_flags & values` -Sets the value for `AuthDigestQop` as per the [Apache AuthDigestQop -documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#authdigestqop). +Allows per-vhost setting [`php_admin_value`s or `php_admin_flag`s](http://php.net/manual/en/configuration.changes.php). These flags or values cannot be overwritten by a user or an application. Defaults to '[]'. -######`auth_digest_shmem_size` +#####`port` -Sets the value for `AuthAuthDigestShmemSize` as per the [Apache AuthDigestShmemSize -documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html#authdigestshmemsize). +Sets the port the host is configured on. The module's defaults ensure the host listens on port 80 for non-SSL vhosts and port 443 for SSL vhosts. The host will only listen on the port set in this parameter. -######`auth_basic_authoritative` +#####`priority` -Sets the value for `AuthBasicAuthoritative` as per the [Apache -AuthBasicAuthoritative -documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html#authbasicauthoritative). +Sets the relative load-order for Apache HTTPD VirtualHost configuration files. Defaults to '25'. -######`auth_basic_fake` +If nothing matches the priority, the first name-based vhost will be used. Likewise, passing a higher priority will cause the alphabetically first name-based vhost to be used if no other names match. -Sets the value for `AuthBasicFake` as per the [Apache AuthBasicFake -documentation](https://httpd.apache.org/docs/trunk/mod/mod_auth_basic.html#authbasicfake). +*Note:* You should not need to use this parameter. However, if you do use it, be aware that the `default_vhost` parameter for `apache::vhost` passes a priority of '15'. -######`auth_basic_provider` +#####`proxy_dest` -Sets the value for `AuthBasicProvider` as per the [Apache AuthBasicProvider -documentation](https://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html#authbasicprovider). +Specifies the destination address of a [ProxyPass](http://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypass) configuration. Defaults to 'undef'. -######`auth_user_file` +#####`proxy_pass` -Sets the value for `AuthUserFile` as per the [Apache AuthUserFile -documentation](https://httpd.apache.org/docs/2.2/mod/mod_authn_file.html#authuserfile). +Specifies an array of `path => URI` for a [ProxyPass](http://httpd.apache.org/docs/current/mod/mod_proxy.html#proxypass) configuration. Defaults to 'undef'. -######`auth_group_file` +```puppet +apache::vhost { 'site.name.fdqn': + … + proxy_pass => [ + { 'path' => '/a', 'url' => 'http://backend-a/' }, + { 'path' => '/b', 'url' => 'http://backend-b/' }, + { 'path' => '/c', 'url' => 'http://backend-a/c' }, + ], +} +``` -Sets the value for `AuthGroupFile` as per the [Apache AuthGroupFile -documentation](https://httpd.apache.org/docs/2.2/mod/mod_authz_groupfile.html#authgroupfile). +#####`rack_base_uris` -######`auth_require` +Specifies the resource identifiers for a rack configuration. The file paths specified will be listed as rack application roots for [Phusion Passenger](http://www.modrails.com/documentation/Users%20guide%20Apache.html#_railsbaseuri_and_rackbaseuri) in the _rack.erb template. Defaults to 'undef'. -Sets the value for `AuthName` as per the [Apache Require -documentation](https://httpd.apache.org/docs/2.2/mod/core.html#require) +#####`redirect_dest` +Specifies the address to redirect to. Defaults to 'undef'. -######`passenger_enabled` +#####`redirect_source` -Sets the value for the `PassengerEnabled` directory to `on` or `off` as per the [Passenger documentation](http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerEnabled). +Specifies the source URIs that will redirect to the destination specified in `redirect_dest`. If more than one item for redirect is supplied, the source and destination must be the same length and the items will be order-dependent. ```puppet - apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - directories => [ { path => '/path/to/directory', passenger_enabled => 'off' } ], + apache::vhost { 'site.name.fdqn': + … + redirect_source => ['/images','/downloads'], + redirect_dest => ['http://img.example.com/','http://downloads.example.com/'], } ``` -**Note:** This directive requires `apache::mod::passenger` to be active, Apache may not start with an unrecognised directive without it. +#####`redirect_status` -**Note:** Be aware that there is an [issue](http://www.conandalton.net/2010/06/passengerenabled-off-not-working.html) using the `PassengerEnabled` directive with the `PassengerHighPerformance` directive. +Specifies the status to append to the redirect. Defaults to 'undef'. -######`ssl_options` +```puppet + apache::vhost { 'site.name.fdqn': + … + redirect_status => ['temp','permanent'], + } +``` -String or list of [`SSLOptions`](https://httpd.apache.org/docs/2.2/mod/mod_ssl.html#ssloptions) for the given `` block. This overrides, or refines the [`SSLOptions`](https://httpd.apache.org/docs/2.2/mod/mod_ssl.html#ssloptions) of the parent block (either vhost, or server). +#####`redirectmatch_regexp` & `redirectmatch_status` + +Determines which server status should be raised for a given regular expression. Entered as an array. Defaults to 'undef'. ```puppet - apache::vhost { 'secure.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', ssl_options => '+ExportCertData' } - { path => '/path/to/different/dir', ssl_options => [ '-StdEnvVars', '+ExportCertData'] }, + apache::vhost { 'site.name.fdqn': + … + redirectmatch_status => ['404','404'], + redirectmatch_regexp => ['\.git(/.*|$)/','\.svn(/.*|$)'], + } +``` + +#####`request_headers` + +Modifies collected [request headers](http://httpd.apache.org/docs/current/mod/mod_headers.html#requestheader) in various ways, including adding additional request headers, removing request headers, etc. Defaults to 'undef'. + +```puppet + apache::vhost { 'site.name.fdqn': + … + request_headers => [ + 'append MirrorID "mirror 12"', + 'unset MirrorID', ], } ``` -######`suphp` +#####`rewrites` + +Creates URL rewrite rules. Expects an array of hashes, and the hash keys can be any of 'comment', 'rewrite_base', 'rewrite_cond', or 'rewrite_rule'. Defaults to 'undef'. -An array containing two values: User and group for the [suPHP_UserGroup](http://www.suphp.org/DocumentationView.html?file=apache/CONFIG) setting. -This directive must be used with `suphp_engine => on` in the vhost declaration. This directive only works in `` or ``. +For example, you can specify that anyone trying to access index.html will be served welcome.html ```puppet - apache::vhost { 'secure.example.net': - docroot => '/path/to/directory', - directories => [ - { path => '/path/to/directory', suphp => { user => 'myappuser', group => 'myappgroup' } + apache::vhost { 'site.name.fdqn': + … + rewrites => [ { rewrite_rule => ['^index\.html$ welcome.html'] } ] + } +``` + +The parameter allows rewrite conditions that, when true, will execute the associated rule. For instance, if you wanted to rewrite URLs only if the visitor is using IE + +```puppet + apache::vhost { 'site.name.fdqn': + … + rewrites => [ + { + comment => 'redirect IE', + rewrite_cond => ['%{HTTP_USER_AGENT} ^MSIE'], + rewrite_rule => ['^index\.html$ welcome.html'], + }, ], } ``` -######`php_admin_value` and `php_admin_flag` +You can also apply multiple conditions. For instance, rewrite index.html to welcome.html only when the browser is Lynx or Mozilla (version 1 or 2) -Allows per-vhost (and per-directory) setting [`php_admin_value`s or `php_admin_flag`s](http://php.net/manual/en/configuration.changes.php). These flags or values cannot be overwritten by a user, or an application. +```puppet + apache::vhost { 'site.name.fdqn': + … + rewrites => [ + { + comment => 'Lynx or Mozilla v1/2', + rewrite_cond => ['%{HTTP_USER_AGENT} ^Lynx/ [OR]', '%{HTTP_USER_AGENT} ^Mozilla/[12]'], + rewrite_rule => ['^index\.html$ welcome.html'], + }, + ], + } +``` -######`custom_fragment` +Multiple rewrites and conditions are also possible -Pass a string of custom configuration directives to be placed at the end of the -directory configuration. +```puppet + apache::vhost { 'site.name.fdqn': + … + rewrites => [ + { + comment => 'Lynx or Mozilla v1/2', + rewrite_cond => ['%{HTTP_USER_AGENT} ^Lynx/ [OR]', '%{HTTP_USER_AGENT} ^Mozilla/[12]'], + rewrite_rule => ['^index\.html$ welcome.html'], + }, + { + comment => 'Internet Explorer', + rewrite_cond => ['%{HTTP_USER_AGENT} ^MSIE'], + rewrite_rule => ['^index\.html$ /index.IE.html [L]'], + }, + } + rewrite_base => /apps/, + rewrite_rule => ['^index\.cgi$ index.php', '^index\.html$ index.php', '^index\.asp$ index.html'], + }, + ], + } +``` -#####`directoryindex` +Refer to the [`mod_rewrite` documentation](http://httpd.apache.org/docs/current/mod/mod_rewrite.html) for more details on what is possible with rewrite rules and conditions. -Set a DirectoryIndex directive, to set the list of resources to look for, when the client requests an index of the directory by specifying a / at the end of the directory name.. +#####`scriptalias` -#####`docroot` +Defines a directory of CGI scripts to be aliased to the path '/cgi-bin', for example: '/usr/scripts'. Defaults to 'undef'. -Provides the DocumentRoot directive, identifying the directory Apache serves files from. +#####`scriptaliases` -#####`docroot_group` +Passes an array of hashes to the vhost to create either ScriptAlias or ScriptAliasMatch statements as per the [`mod_alias` documentation](http://httpd.apache.org/docs/current/mod/mod_alias.html). These hashes are formatted as follows: -Sets group access to the docroot directory. Defaults to 'root'. +```puppet + scriptaliases => [ + { + alias => '/myscript', + path => '/usr/share/myscript', + }, + { + aliasmatch => '^/foo(.*)', + path => '/usr/share/fooscripts$1', + }, + { + aliasmatch => '^/bar/(.*)', + path => '/usr/share/bar/wrapper.sh/$1', + }, + { + alias => '/neatscript', + path => '/usr/share/neatscript', + }, + ] +``` -#####`docroot_owner` +The ScriptAlias and ScriptAliasMatch directives are created in the order specified. As with [Alias and AliasMatch](#aliases) directives, more specific aliases should come before more general ones to avoid shadowing. -Sets individual user access to the docroot directory. Defaults to 'root'. +#####`serveradmin` -#####`error_log` +Specifies the email address Apache will display when it renders one of its error pages. Defaults to 'undef'. -Specifies whether `*_error.log` directives should be configured. Defaults to 'true'. +#####`serveraliases` -#####`error_log_file` +Sets the [ServerAliases](http://httpd.apache.org/docs/current/mod/core.html#serveralias) of the site. Defaults to '[]'. -Points to the `*_error.log` file. Defaults to 'undef'. +#####`servername` -#####`error_log_pipe` +Sets the servername corresponding to the hostname you connect to the virtual host at. Defaults to the title of the resource. -Specifies a pipe to send error log messages to. Defaults to 'undef'. +#####`setenv` -#####`error_log_syslog` +Used by HTTPD to set environment variables for vhosts. Defaults to '[]'. -Sends all error log messages to syslog. Defaults to 'undef'. +#####`setenvif` -#####`error_documents` +Used by HTTPD to conditionally set environment variables for vhosts. Defaults to '[]'. + +#####`suphp_addhandler`, `suphp_configpath`, & `suphp_engine` + +Set up a virtual host with [suPHP](http://suphp.org/DocumentationView.html?file=apache/CONFIG). + +`suphp_addhandler` defaults to 'php5-script' on RedHat and FreeBSD, and 'x-httpd-php' on Debian. -A list of hashes which can be used to override the [ErrorDocument](https://httpd.apache.org/docs/2.2/mod/core.html#errordocument) settings for this vhost. Defaults to `[]`. Example: +`suphp_configpath` defaults to 'undef' on RedHat and FreeBSD, and '/etc/php5/apache2' on Debian. + +`suphp_engine` allows values 'on' or 'off'. Defaults to 'off' + +To set up a virtual host with suPHP ```puppet - apache::vhost { 'sample.example.net': - error_documents => [ - { 'error_code' => '503', 'document' => '/service-unavail' }, - { 'error_code' => '407', 'document' => 'https://example.com/proxy/login' }, - ], + apache::vhost { 'suphp.example.com': + port => '80', + docroot => '/home/appuser/myphpapp', + suphp_addhandler => 'x-httpd-php', + suphp_engine => 'on', + suphp_configpath => '/etc/php5/apache2', + directories => { path => '/home/appuser/myphpapp', + 'suphp' => { user => 'myappuser', group => 'myappgroup' }, + } } ``` -#####`ensure` +#####`vhost_name` -Specifies if the vhost file is present or absent. +Enables name-based virtual hosting. If no IP is passed to the virtual host but the vhost is assigned a port, then the vhost name will be 'vhost_name:port'. If the virtual host has no assigned IP or port, the vhost name will be set to the title of the resource. Defaults to '*'. -#####`fastcgi_server` +#####`virtual_docroot` -Specifies the filename as an external FastCGI application. Defaults to 'undef'. +Sets up a virtual host with a wildcard alias subdomain mapped to a directory with the same name. For example, 'http://example.com' would map to '/var/www/example.com'. Defaults to 'false'. -#####`fastcgi_socket` +```puppet + apache::vhost { 'subdomain.loc': + vhost_name => '*', + port => '80', + virtual_docroot' => '/var/www/%-2+', + docroot => '/var/www', + serveraliases => ['*.loc',], + } +``` -Filename used to communicate with the web server. Defaults to 'undef'. +#####`wsgi_daemon_process`, `wsgi_daemon_process_options`, `wsgi_process_group`, & `wsgi_script_aliases` -#####`fastcgi_dir` +Set up a virtual host with [WSGI](https://code.google.com/p/modwsgi/). -Directory to enable for FastCGI. Defaults to 'undef'. +`wsgi_daemon_process` sets the name of the WSGI daemon. It is a hash, accepting [these keys](http://modwsgi.readthedocs.org/en/latest/configuration-directives/WSGIDaemonProcess.html), and it defaults to 'undef'. -#####`additional_includes` +`wsgi_daemon_process_options` is optional and defaults to 'undef'. -Specifies paths to additional static vhost-specific Apache configuration files. -This option is useful when you need to implement a unique and/or custom -configuration not supported by this module. +`wsgi_process_group` sets the group ID the virtual host will run under. Defaults to 'undef'. -#####`headers` +`wsgi_script_aliases` requires a hash of web paths to filesystem .wsgi paths. Defaults to 'undef'. -Specifies additional response headers as per [the `mod_headers` documentation](http://httpd.apache.org/docs/2.2/mod/mod_headers.html#header). +To set up a virtual host with WSGI ```puppet - apache::vhost { 'site.name.fdqn': - … - headers => [ - 'add Strict-Transport-Security "max-age=15768000"', - 'merge Cache-Control no-cache env=CGI', + apache::vhost { 'wsgi.example.com': + port => '80', + docroot => '/var/www/pythonapp', + wsgi_daemon_process => 'wsgi', + wsgi_daemon_process_options => + { processes => '2', + threads => '15', + display-name => '%{GROUP}', + }, + wsgi_process_group => 'wsgi', + wsgi_script_aliases => { '/' => '/var/www/demo.wsgi' }, + } +``` + +####Parameter `directories` for `apache::vhost` + +The `directories` parameter within the `apache::vhost` class passes an array of hashes to the vhost to create [Directory](http://httpd.apache.org/docs/current/mod/core.html#directory), [File](http://httpd.apache.org/docs/current/mod/core.html#files), and [Location](http://httpd.apache.org/docs/current/mod/core.html#location) directive blocks. These blocks take the form, '< Directory /path/to/directory>...< /Directory>'. + +Each hash passed to `directories` must contain `path` as one of the keys. You may also pass in `provider` which, if missing, defaults to 'directory'. (A full list of acceptable keys is below.) General usage will look something like + +```puppet + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', => }, + { path => '/path/to/another/directory', => }, ], } ``` -#####`ip` +*Note:* At least one directory should match the `docroot` parameter. Once you start declaring directories, `apache::vhost` assumes that all required Directory blocks will be declared. If not defined, a single default Directory block will be created that matches the `docroot` parameter. -The IP address the vhost listens on. Defaults to 'undef'. +The `provider` key can be set to 'directory', 'files', or 'location'. If the path starts with a [~](https://httpd.apache.org/docs/current/mod/core.html#files), HTTPD will interpret this as the equivalent of DirectoryMatch, FilesMatch, or LocationMatch. -#####`ip_based` +```puppet + apache::vhost { 'files.example.net': + docroot => '/var/www/files', + directories => [ + { 'path' => '/var/www/files', + 'provider' => 'files', + 'deny' => 'from all' + }, + ], + } +``` -Enables an IP-based vhost. This parameter inhibits the creation of a NameVirtualHost directive, since those are used to funnel requests to name-based vhosts. Defaults to 'false'. +Available handlers, represented as keys, should be placed within the `directory`,`'files`, or `location` hashes. This looks like -#####`logroot` +```puppet + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ { path => '/path/to/directory', handler => value } ], +} +``` -Specifies the location of the virtual host's logfiles. Defaults to `/var/log//`. +Any handlers you do not set in these hashes will be considered 'undefined' within Puppet and will not be added to the virtual host, resulting in the module using their default values. Currently this is the list of supported handlers: -#####`log_level` +######`addhandlers` -Specifies the verbosity level of the error log. Defaults to `warn` for the global server configuration and can be overridden on a per-vhost basis using this parameter. Valid value for `log_level` is one of `emerg`, `alert`, `crit`, `error`, `warn`, `notice`, `info` or `debug`. +Sets [AddHandler](http://httpd.apache.org/docs/current/mod/mod_mime.html#addhandler) directives, which map filename extensions to the specified handler. Accepts a list of hashes, with `extensions` serving to list the extensions being managed by the handler, and takes the form: `{ handler => 'handler-name', extensions => ['extension']}`. -#####`no_proxy_uris` +```puppet + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + addhandlers => [{ handler => 'cgi-script', extensions => ['.cgi']}], + }, + ], + } +``` + +######`allow` -Specifies URLs you do not want to proxy. This parameter is meant to be used in combination with `proxy_dest`. +Sets an [Allow](http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow) directive, which groups authorizations based on hostnames or IPs. **Deprecated:** This parameter is being deprecated due to a change in Apache. It will only work with Apache 2.2 and lower. -#####`options` +```puppet + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + allow => 'from example.org', + }, + ], + } +``` -Lists the options for the given virtual host +######`allow_override` + +Sets the types of directives allowed in [.htaccess](http://httpd.apache.org/docs/current/mod/core.html#allowoverride) files. Accepts an array. ```puppet - apache::vhost { 'site.name.fdqn': - … - options => ['Indexes','FollowSymLinks','MultiViews'], + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + allow_override => ['AuthConfig', 'Indexes'], + }, + ], } ``` -#####`override` +######`auth_basic_authoritative` -Sets the overrides for the given virtual host. Accepts an array of AllowOverride arguments. +Sets the value for [AuthBasicAuthoritative](https://httpd.apache.org/docs/current/mod/mod_auth_basic.html#authbasicauthoritative), which determines whether authorization and authentication are passed to lower level Apache modules. -#####`port` +######`auth_basic_fake` -Sets the port the host is configured on. +Sets the value for [AuthBasicFake](httpd.apache.org/docs/current/mod/mod_auth_basic.html#authbasicfake), which statically configures authorization credentials for a given directive block. -#####`priority` +######`auth_basic_provider` -Sets the relative load-order for Apache httpd VirtualHost configuration files. Defaults to '25'. +Sets the value for [AuthBasicProvider] (httpd.apache.org/docs/current/mod/mod_auth_basic.html#authbasicprovider), which sets the authentication provider for a given location. -If nothing matches the priority, the first name-based vhost will be used. Likewise, passing a higher priority will cause the alphabetically first name-based vhost to be used if no other names match. +######`auth_digest_algorithm` -*Note*: You should not need to use this parameter. However, if you do use it, be aware that the `default_vhost` parameter for `apache::vhost` passes a priority of '15'. +Sets the value for [AuthDigestAlgorithm](httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestalgorithm), which selects the algorithm used to calculate the challenge and response hashes. -#####`proxy_dest` +######`auth_digest_domain` -Specifies the destination address of a proxypass configuration. Defaults to 'undef'. +Sets the value for [AuthDigestDomain](httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestdomain), which allows you to specify one or more URIs in the same protection space for digest authentication. -#####`proxy_pass` +######`auth_digest_nonce_lifetime` -Specifies an array of path => uri for a proxypass configuration. Defaults to 'undef'. +Sets the value for [AuthDigestNonceLifetime](httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestnoncelifetime), which controls how long the server nonce is valid. -Example: +######`auth_digest_provider` -```puppet -$proxy_pass = [ - { 'path' => '/a', 'url' => 'http://backend-a/' }, - { 'path' => '/b', 'url' => 'http://backend-b/' }, - { 'path' => '/c', 'url' => 'http://backend-a/c' } -] +Sets the value for [AuthDigestProvider](httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestprovider), which sets the authentication provider for a given location. -apache::vhost { 'site.name.fdqn': - … - proxy_pass => $proxy_pass, -} -``` +######`auth_digest_qop` -#####`rack_base_uris` +Sets the value for [AuthDigestQop](httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestqop), which determines the quality-of-protection to use in digest authentication. -Specifies the resource identifiers for a rack configuration. The file paths specified will be listed as rack application roots for passenger/rack in the `_rack.erb` template. Defaults to 'undef'. +######`auth_digest_shmem_size` -#####`redirect_dest` +Sets the value for [AuthAuthDigestShmemSize](httpd.apache.org/docs/current/mod/mod_auth_digest.html#authdigestshmemsize), which defines the amount of shared memory allocated to the server for keeping track of clients. -Specifies the address to redirect to. Defaults to 'undef'. +######`auth_group_file` -#####`redirect_source` +Sets the value for [AuthGroupFile](https://httpd.apache.org/docs/current/mod/mod_authz_groupfile.html#authgroupfile), which sets the name of the text file containing the list of user groups for authorization. -Specifies the source items? that will redirect to the destination specified in `redirect_dest`. If more than one item for redirect is supplied, the source and destination must be the same length, and the items are order-dependent. +######`auth_name` -```puppet - apache::vhost { 'site.name.fdqn': - … - redirect_source => ['/images','/downloads'], - redirect_dest => ['http://img.example.com/','http://downloads.example.com/'], - } -``` +Sets the value for [AuthName](http://httpd.apache.org/docs/current/mod/mod_authn_core.html#authname), which sets the name of the authorization realm. -#####`redirect_status` +######`auth_require` -Specifies the status to append to the redirect. Defaults to 'undef'. +Sets the entity name you're requiring to allow access. Read more about [Require](http://httpd.apache.org/docs/current/mod/mod_authz_host.html#requiredirectives). -```puppet - apache::vhost { 'site.name.fdqn': - … - redirect_status => ['temp','permanent'], - } +######`auth_type` + +Sets the value for [AuthType](httpd.apache.org/docs/current/mod/mod_authn_core.html#authtype), which guides the type of user authentication. + +######`auth_user_file` + +Sets the value for [AuthUserFile](httpd.apache.org/docs/current/mod/mod_authn_file.html#authuserfile), which sets the name of the text file containing the users/passwords for authentication. + +######`custom_fragment` + +Pass a string of custom configuration directives to be placed at the end of the directory configuration. + +```puppet + apache::vhost { 'monitor': + … + custom_fragment => ' + + SetHandler balancer-manager + Order allow,deny + Allow from all + + + SetHandler server-status + Order allow,deny + Allow from all + + ProxyStatus On', +} ``` -#####`request_headers` +######`deny` -Specifies additional request headers. +Sets a [Deny](http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#deny) directive, specifying which hosts are denied access to the server. **Deprecated:** This parameter is being deprecated due to a change in Apache. It will only work with Apache 2.2 and lower. ```puppet - apache::vhost { 'site.name.fdqn': - … - request_headers => [ - 'append MirrorID "mirror 12"', - 'unset MirrorID', + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + deny => 'from example.org', + }, ], } ``` -#####`rewrite_base` +######`error_documents` -Limits the `rewrites` to the specified base URL. Defaults to 'undef'. +An array of hashes used to override the [ErrorDocument](https://httpd.apache.org/docs/current/mod/core.html#errordocument) settings for the directory. ```puppet - apache::vhost { 'site.name.fdqn': - … - rewrite_base => '/blog/', - rewrites => [ - { rewrite_rule => ['^index\.html$ welcome.html'] } - ] + apache::vhost { 'sample.example.net': + directories => [ + { path => '/srv/www', + error_documents => [ + { 'error_code' => '503', + 'document' => '/service-unavail', + }, + ], + }, + ], } ``` -The above example would limit the index.html -> welcome.html rewrite to only something inside of http://example.com/blog/. - -#####`rewrites` +######`headers` -Creates URL rewrite rules. Defaults to 'undef'. This parameter allows you to specify, for example, that anyone trying to access index.html will be served welcome.html. +Adds lines for [Header](http://httpd.apache.org/docs/current/mod/mod_headers.html#header) directives. ```puppet - apache::vhost { 'site.name.fdqn': - … - rewrites => [ { rewrite_rule => ['^index\.html$ welcome.html'] } ] + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => { + path => '/path/to/directory', + headers => 'Set X-Robots-Tag "noindex, noarchive, nosnippet"', + }, } ``` -Allows rewrite conditions, that when true, will execute the associated rule. For example +######`index_options` + +Allows configuration settings for [directory indexing](httpd.apache.org/docs/current/mod/mod_autoindex.html#indexoptions). ```puppet - apache::vhost { 'site.name.fdqn': - … - rewrites => [ - { - comment => 'redirect IE', - rewrite_cond => ['%{HTTP_USER_AGENT} ^MSIE'], - rewrite_rule => ['^index\.html$ welcome.html'], - } - ] + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + options => ['Indexes','FollowSymLinks','MultiViews'], + index_options => ['IgnoreCase', 'FancyIndexing', 'FoldersFirst', 'NameWidth=*', 'DescriptionWidth=*', 'SuppressHTMLPreamble'], + }, + ], } ``` -will rewrite URLs only if the visitor is using IE. +######`index_order_default` -Multiple conditions can be applied, the following will rewrite index.html to welcome.html only when the browser is lynx or mozilla version 1 or 2 +Sets the [default ordering](http://httpd.apache.org/docs/current/mod/mod_autoindex.html#indexorderdefault) of the directory index. ```puppet - apache::vhost { 'site.name.fdqn': - … - rewrites => [ - { - comment => 'Lynx or Mozilla v1/2', - rewrite_cond => ['%{HTTP_USER_AGENT} ^Lynx/ [OR]', '%{HTTP_USER_AGENT} ^Mozilla/[12]'], - rewrite_rule => ['^index\.html$ welcome.html'], - } - ] + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + order => 'Allow,Deny', + index_order_default => ['Descending', 'Date'], + }, + ], } ``` -Multiple rewrites and conditions are also possible +######`options` + +Lists the [Options](httpd.apache.org/docs/current/mod/core.html#options) for the given Directory block. ```puppet - apache::vhost { 'site.name.fdqn': - … - rewrites => [ - { - comment => 'Lynx or Mozilla v1/2', - rewrite_cond => ['%{HTTP_USER_AGENT} ^Lynx/ [OR]', '%{HTTP_USER_AGENT} ^Mozilla/[12]'], - rewrite_rule => ['^index\.html$ welcome.html'], - }, - { - comment => 'Internet Explorer', - rewrite_cond => ['%{HTTP_USER_AGENT} ^MSIE'], - rewrite_rule => ['^index\.html$ /index.IE.html [L]'], + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + options => ['Indexes','FollowSymLinks','MultiViews'], }, - } - rewrite_rule => ['^index\.cgi$ index.php', '^index\.html$ index.php', '^index\.asp$ index.html'], - } - ] + ], } ``` -refer to the [`mod_rewrite` documentation](http://httpd.apache.org/docs/current/mod/mod_rewrite.html) for more details on what is possible with rewrite rules and conditions +######`order` -#####`scriptalias` +Sets the order of processing Allow and Deny statements as per [Apache core documentation](httpd.apache.org/docs/2.2/mod/mod_authz_host.html#order). **Deprecated:** This parameter is being deprecated due to a change in Apache. It will only work with Apache 2.2 and lower. -Defines a directory of CGI scripts to be aliased to the path '/cgi-bin' +```puppet + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + order => 'Allow,Deny', + }, + ], + } +``` -#####`scriptaliases` +######`passenger_enabled` -Passes a list of hashes to the vhost to create `ScriptAlias` or `ScriptAliasMatch` statements as per the [`mod_alias` documentation](http://httpd.apache.org/docs/current/mod/mod_alias.html). Each hash is expected to be of the form: +Sets the value for the [PassengerEnabled](http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerEnabled) directory to 'on' or 'off'. Requires `apache::mod::passenger` to be included. ```puppet - scriptaliases => [ - { - alias => '/myscript', - path => '/usr/share/myscript', - }, - { - aliasmatch => '^/foo(.*)', - path => '/usr/share/fooscripts$1', - }, - { - aliasmatch => '^/bar/(.*)', - path => '/usr/share/bar/wrapper.sh/$1', - }, - { - alias => '/neatscript', - path => '/usr/share/neatscript', - }, - ] + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + passenger_enabled => 'on', + }, + ], + } ``` -These directives are created in the order specified. As with `Alias` and `AliasMatch` directives the more specific aliases should come before the more general ones to avoid shadowing. +*Note:* Be aware that there is an [issue](http://www.conandalton.net/2010/06/passengerenabled-off-not-working.html) using the PassengerEnabled directive with the PassengerHighPerformance directive. -#####`serveradmin` +######`php_admin_value` and `php_admin_flag` -Specifies the email address Apache will display when it renders one of its error pages. +`php_admin_value` sets the value of the directory, and `php_admin_flag` uses a boolean to configure the directory. Further information can be found [here](http://php.net/manual/en/configuration.changes.php). -#####`serveraliases` +######`ssl_options` -Sets the server aliases of the site. +String or list of [SSLOptions](https://httpd.apache.org/docs/current/mod/mod_ssl.html#ssloptions), which configure SSL engine run-time options. This handler takes precedence over SSLOptions set in the parent block of the vhost. -#####`servername` +```puppet + apache::vhost { 'secure.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + ssl_options => '+ExportCertData', + }, + { path => '/path/to/different/dir', + ssl_options => [ '-StdEnvVars', '+ExportCertData'], + }, + ], + } +``` -Sets the primary name of the virtual host. +######`suphp` -#####`setenv` +A hash containing the 'user' and 'group' keys for the [suPHP_UserGroup](http://www.suphp.org/DocumentationView.html?file=apache/CONFIG) setting. It must be used with `suphp_engine => on` in the vhost declaration, and may only be passed within `directories`. -Used by HTTPD to set environment variables for vhosts. Defaults to '[]'. +```puppet + apache::vhost { 'secure.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + suphp => + { user => 'myappuser', + group => 'myappgroup', + }, + }, + ], + } +``` -#####`setenvif` +####SSL parameters for `apache::vhost` -Used by HTTPD to conditionally set environment variables for vhosts. Defaults to '[]'. +All of the SSL parameters for `::vhost` will default to whatever is set in the base `apache` class. Use the below parameters to tweak individual SSL settings for specific vhosts. #####`ssl` -Enables SSL for the virtual host. SSL vhosts only respond to HTTPS queries. Valid values are 'true' or 'false'. +Enables SSL for the virtual host. SSL vhosts only respond to HTTPS queries. Valid values are 'true' or 'false'. Defaults to 'false'. #####`ssl_ca` -Specifies the certificate authority. +Specifies the SSL certificate authority. Defaults to 'undef'. #####`ssl_cert` -Specifies the SSL certification. +Specifies the SSL certification. Defaults are based on your OS: '/etc/pki/tls/certs/localhost.crt' for RedHat, '/etc/ssl/certs/ssl-cert-snakeoil.pem' for Debian, and '/usr/local/etc/apache22/server.crt' for FreeBSD. #####`ssl_protocol` -Specifies the SSL Protocol (SSLProtocol). +Specifies [SSLProtocol](http://httpd.apache.org/docs/current/mod/mod_ssl.html#sslprotocol). Defaults to 'undef'. + +If you do not use this parameter, it will use the HTTPD default from ssl.conf.erb, 'all -SSLv2'. #####`ssl_cipher` -Specifies the SSLCipherSuite. +Specifies [SSLCipherSuite](http://httpd.apache.org/docs/current/mod/mod_ssl.html#sslciphersuite). Defaults to 'undef'. + +If you do not use this parameter, it will use the HTTPD default from ssl.conf.erb, 'HIGH:MEDIUM:!aNULL:!MD5'. #####`ssl_honorcipherorder` -Sets SSLHonorCipherOrder directive, used to prefer the server's cipher preference order +Sets [SSLHonorCipherOrder](http://httpd.apache.org/docs/current/mod/mod_ssl.html#sslhonorcipherorder), which is used to prefer the server's cipher preference order. Defaults to 'On' in the base `apache` config. #####`ssl_certs_dir` -Specifies the location of the SSL certification directory. Defaults to `/etc/ssl/certs` on Debian and `/etc/pki/tls/certs` on RedHat. +Specifies the location of the SSL certification directory. Defaults to '/etc/ssl/certs' on Debian, '/etc/pki/tls/certs' on RedHat, and '/usr/local/etc/apache22' on FreeBSD. #####`ssl_chain` -Specifies the SSL chain. +Specifies the SSL chain. Defaults to 'undef'. (This default will work out of the box but must be updated in the base `apache` class with your specific certificate information before being used in production.) #####`ssl_crl` -Specifies the certificate revocation list to use. +Specifies the certificate revocation list to use. Defaults to 'undef'. (This default will work out of the box but must be updated in the base `apache` class with your specific certificate information before being used in production.) #####`ssl_crl_path` -Specifies the location of the certificate revocation list. +Specifies the location of the certificate revocation list. Defaults to 'undef'. (This default will work out of the box but must be updated in the base `apache` class with your specific certificate information before being used in production.) #####`ssl_key` -Specifies the SSL key. +Specifies the SSL key. Defaults are based on your operating system: '/etc/pki/tls/private/localhost.key' for RedHat, '/etc/ssl/private/ssl-cert-snakeoil.key' for Debian, and '/usr/local/etc/apache22/server.key' for FreeBSD. (This default will work out of the box but must be updated in the base `apache` class with your specific certificate information before being used in production.) #####`ssl_verify_client` -Sets `SSLVerifyClient` directives as per the [Apache Core documentation](http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslverifyclient). Defaults to undef. -An example: +Sets the [SSLVerifyClient](http://httpd.apache.org/docs/current/mod/mod_ssl.html#sslverifyclient) directive, which sets the certificate verification level for client authentication. Valid values are: 'none', 'optional', 'require', and 'optional_no_ca'. Defaults to 'undef'. ```puppet apache::vhost { 'sample.example.net': @@ -1194,8 +1378,7 @@ An example: #####`ssl_verify_depth` -Sets `SSLVerifyDepth` directives as per the [Apache Core documentation](http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslverifydepth). Defaults to undef. -An example: +Sets the [SSLVerifyDepth](http://httpd.apache.org/docs/current/mod/mod_ssl.html#sslverifydepth) directive, which specifies the maximum depth of CA certificates in client certificate verification. Defaults to 'undef'. ```puppet apache::vhost { 'sample.example.net': @@ -1206,7 +1389,9 @@ An example: #####`ssl_options` -Sets `SSLOptions` directives as per the [Apache Core documentation](http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#ssloptions). This is the global setting for the vhost and can be a string or an array. Defaults to undef. A single string example: +Sets the [SSLOptions](http://httpd.apache.org/docs/current/mod/mod_ssl.html#ssloptions) directive, which configures various SSL engine run-time options. This is the global setting for the given vhost and can be a string or an array. Defaults to 'undef'. + +A string: ```puppet apache::vhost { 'sample.example.net': @@ -1215,7 +1400,7 @@ Sets `SSLOptions` directives as per the [Apache Core documentation](http://httpd } ``` -An array of strings example: +An array: ```puppet apache::vhost { 'sample.example.net': @@ -1226,40 +1411,12 @@ An array of strings example: #####`ssl_proxyengine` -Specifies whether to use `SSLProxyEngine` or not. Defaults to `false`. - -#####`vhost_name` - -This parameter is for use with name-based virtual hosting. Defaults to '*'. - -#####`itk` - -Hash containing infos to configure itk as per the [ITK documentation](http://mpm-itk.sesse.net/). +Specifies whether or not to use [SSLProxyEngine](http://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxyengine). Valid values are 'true' and 'false'. Defaults to 'false'. -Keys could be: -* user + group -* assignuseridexpr -* assigngroupidexpr -* maxclientvhost -* nice -* limituidrange (Linux 3.5.0 or newer) -* limitgidrange (Linux 3.5.0 or newer) - -Usage will typically look like: - -```puppet - apache::vhost { 'sample.example.net': - docroot => '/path/to/directory', - itk => { - user => 'someuser', - group => 'somegroup', - }, - } -``` ###Virtual Host Examples -The Apache module allows you to set up pretty much any configuration of virtual host you might desire. This section will address some common configurations. Please see the [Tests section](https://github.com/puppetlabs/puppetlabs-apache/tree/master/tests) for even more examples. +The apache module allows you to set up pretty much any configuration of virtual host you might need. This section will address some common configurations, but look at the [Tests section](https://github.com/puppetlabs/puppetlabs-apache/tree/master/tests) for even more examples. Configure a vhost with a server administrator @@ -1427,48 +1584,67 @@ If you want to add two name-based vhosts so that they will answer on either 10.0 } ``` -##Implementation +###Load Balancing -###Classes and Defined Types +####Defined Type: `apache::balancer` -####Class: `apache::dev` +`apache::balancer` creates an Apache balancer cluster. Each balancer cluster needs one or more balancer members, which are declared with [`apache::balancermember`](#defined-type-apachebalancermember). -Installs Apache development libraries +One `apache::balancer` defined resource should be defined for each Apache load balanced set of servers. The `apache::balancermember` resources for all balancer members can be exported and collected on a single Apache load balancer server using exported resources. -```puppet - class { 'apache::dev': } -``` +**Parameters within `apache::balancer`:** -On FreeBSD you're required to define `apache::package` or `apache` class before `apache::dev`. +#####`name` -####Defined Type: `apache::listen` +Sets the balancer cluster's title. This parameter will also set the title of the conf.d file. -Controls which ports Apache binds to for listening based on the title: +#####`proxy_set` -```puppet - apache::listen { '80': } - apache::listen { '443': } -``` +Configures key-value pairs as [ProxySet](http://httpd.apache.org/docs/current/mod/mod_proxy.html#proxyset) lines. Accepts a hash, and defaults to '{}'. -Declaring this defined type will add all `Listen` directives to the `ports.conf` file in the Apache httpd configuration directory. `apache::listen` titles should always take the form of: ``, `:`, or `[]:` +#####`collect_exported` -Apache httpd requires that `Listen` directives must be added for every port. The `apache::vhost` defined type will automatically add `Listen` directives unless the `apache::vhost` is passed `add_listen => false`. +Determines whether or not to use exported resources. Valid values 'true' and 'false', defaults to 'true'. -####Defined Type: `apache::namevirtualhost` +If you statically declare all of your backend servers, you should set this to 'false' to rely on existing declared balancer member resources. Also make sure to use `apache::balancermember` with array arguments. -Enables named-based hosting of a virtual host +If you wish to dynamically declare your backend servers via [exported resources](http://docs.puppetlabs.com/guides/exported_resources.html) collected on a central node, you must set this parameter to 'true' in order to collect the exported balancer member resources that were exported by the balancer member nodes. +<<<<<<< HEAD ```puppet apache::namevirtualhost { '*:80': } ``` Declaring this defined type will add all `NameVirtualHost` directives to the `ports.conf` file in the Apache https configuration directory. `apache::namevirtualhost` titles should always take the form of: `*`, `*:`, `_default_:`, ``, or `:`. +======= +If you choose not to use exported resources, all balancer members will be configured in a single puppet run. If you are using exported resources, Puppet has to run on the balanced nodes, then run on the balancer. +>>>>>>> Updates README ####Defined Type: `apache::balancermember` -Define members of a proxy_balancer set (mod_proxy_balancer). Very useful when using exported resources. +Defines members of [mod_proxy_balancer](http://httpd.apache.org/docs/current/mod/mod_proxy_balancer.html), which will set up a balancer member inside a listening service configuration block in etc/apache/apache.cfg on the load balancer. + +**Parameters within `apache::balancermember`:** + +#####`name` + +Sets the title of the resource. This name will also set the name of the concat fragment. -On every app server you can export a balancermember like this: +#####`balancer_cluster` + +Sets the Apache service's instance name. This must match the name of a declared `apache::balancer` resource. Required. + +#####`url` + +Specifies the URL used to contact the balancer member server. Defaults to 'http://${::fqdn}/'. + +#####`options` + +An array of [options](http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#balancermember) to be specified after the URL. Accepts any key-value pairs available to [ProxyPass](http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass). + +####Examples + +To load balance with exported resources, export the `balancermember` from the balancer member ```puppet @@apache::balancermember { "${::fqdn}-puppet00": @@ -1478,13 +1654,26 @@ On every app server you can export a balancermember like this: } ``` -And on the proxy itself you create the balancer cluster using the defined type apache::balancer: +Then, on the proxy server, create the balancer cluster ```puppet apache::balancer { 'puppet00': } ``` -If you need to use ProxySet in the balncer config you can do as so: +To load balance without exported resources, declare the following on the proxy + +```puppet + apache::balancer { 'puppet00': } + apache::balancermember { "${::fqdn}-puppet00": + balancer_cluster => 'puppet00', + url => "ajp://${::fqdn}:8009" + options => ['ping=5', 'disablereuse=on', 'retry=5', 'ttl=120'], + } +``` + +Then declare `apache::balancer` and `apache::balancermember` on the proxy server. + +If you need to use ProxySet in the balancer config ```puppet apache::balancer { 'puppet01': @@ -1492,17 +1681,54 @@ If you need to use ProxySet in the balncer config you can do as so: } ``` +##Reference + +###Classes + +####Public Classes + +* [`apache`](#class-apache): Guides the basic setup of Apache. +* `apache::dev`: Installs Apache development libraries. (*Note:* On FreeBSD, you must declare `apache::package` or `apache` before `apache::dev`.) +* [`apache::mod::[name]`](#classes-apachemodname): Enables specific Apache HTTPD modules. + +####Private Classes + +* `apache::confd::no_accf`: Creates the no-accf.conf configuration file in conf.d, required by FreeBSD's Apache 2.4. +* `apache::default_confd_files`: Includes conf.d files for FreeBSD. +* `apache::default_mods`: Installs the Apache modules required to run the default configuration. +* `apache::package`: Installs and configures basic Apache packages. +* `apache::params`: Manages Apache parameters. +* `apache::service`: Manages the Apache daemon. + +###Defined Types + +####Public Defined Types + +* `apache::balancer`: Creates an Apache balancer cluster. +* `apache::balancermember`: Defines members of [mod_proxy_balancer](http://httpd.apache.org/docs/current/mod/mod_proxy_balancer.html). +* `apache::listen`: Based on the title, controls which ports Apache binds to for listening. Adds [Listen](http://httpd.apache.org/docs/current/bind.html) directives to ports.conf in the Apache HTTPD configuration directory. Titles take the form '', ':', or ':'. +* `apache::mod`: Used to enable arbitrary Apache HTTPD modules for which there is no specific `apache::mod::[name]` class. +* `apache::namevirtualhost`: Enables name-based hosting of a virtual host. Adds all [NameVirtualHost](http://httpd.apache.org/docs/current/vhosts/name-based.html) directives to the `ports.conf` file in the Apache HTTPD configuration directory. Titles take the form '\*', '*:', '\_default_:, '', or ':'. +* `apache::vhost`: Allows specialized configurations for virtual hosts that have requirements outside the defaults. + +####Private Defined Types + +* `apache::peruser::multiplexer`: Enables the [Peruser](http://www.freebsd.org/cgi/url.cgi?ports/www/apache22-peruser-mpm/pkg-descr) module for FreeBSD only. +* `apache::peruser::processor`: Enables the [Peruser](http://www.freebsd.org/cgi/url.cgi?ports/www/apache22-peruser-mpm/pkg-descr) module for FreeBSD only. + ###Templates The Apache module relies heavily on templates to enable the `vhost` and `apache::mod` defined types. These templates are built based on Facter facts around your operating system. Unless explicitly called out, most templates are not meant for configuration. ##Limitations -This has been tested on Ubuntu Precise, Debian Wheezy, CentOS 5.8, and FreeBSD 9.1. +This module is CI tested on Centos 5 & 6, Ubuntu 12.04, Debian 7, and RHEL 5 & 6 platforms against both the OSS and Enterprise version of Puppet. + +The module contains support for other distributions and operating systems, such as FreeBSD and Amazon Linux, but is not formally tested on those and regressions may occur. ##Development -### Overview +###Contributing Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can’t access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve. @@ -1510,9 +1736,9 @@ We want to keep it as easy as possible to contribute changes so that our modules You can read the complete module contribution guide [on the Puppet Labs wiki.](http://projects.puppetlabs.com/projects/module-site/wiki/Module_contributing) -### Running tests +###Running tests -This project contains tests for both [rspec-puppet](http://rspec-puppet.com/) and [rspec-system](https://github.com/puppetlabs/rspec-system) to verify functionality. For in-depth information please see their respective documentation. +This project contains tests for both [rspec-puppet](http://rspec-puppet.com/) and [beaker-rspec](https://github.com/puppetlabs/beaker-rspec) to verify functionality. For in-depth information please see their respective documentation. Quickstart: @@ -1520,6 +1746,7 @@ Quickstart: bundle install bundle exec rake spec bundle exec rspec spec/acceptance +<<<<<<< HEAD ##Copyright and License @@ -1538,3 +1765,6 @@ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. +======= + RS_DEBUG=yes bundle exec rspec spec/acceptance +>>>>>>> Updates README From 2712be8569628773b916eae6746e730263282c85 Mon Sep 17 00:00:00 2001 From: Lauren Rother Date: Tue, 18 Feb 2014 16:30:33 -0800 Subject: [PATCH 18/35] Final edits to fix merge conflicts --- README.md | 31 +------------------------------ 1 file changed, 1 insertion(+), 30 deletions(-) diff --git a/README.md b/README.md index c960814f5c..2644c88f7d 100644 --- a/README.md +++ b/README.md @@ -1610,15 +1610,7 @@ If you statically declare all of your backend servers, you should set this to 'f If you wish to dynamically declare your backend servers via [exported resources](http://docs.puppetlabs.com/guides/exported_resources.html) collected on a central node, you must set this parameter to 'true' in order to collect the exported balancer member resources that were exported by the balancer member nodes. -<<<<<<< HEAD -```puppet - apache::namevirtualhost { '*:80': } -``` - -Declaring this defined type will add all `NameVirtualHost` directives to the `ports.conf` file in the Apache https configuration directory. `apache::namevirtualhost` titles should always take the form of: `*`, `*:`, `_default_:`, ``, or `:`. -======= If you choose not to use exported resources, all balancer members will be configured in a single puppet run. If you are using exported resources, Puppet has to run on the balanced nodes, then run on the balancer. ->>>>>>> Updates README ####Defined Type: `apache::balancermember` @@ -1746,25 +1738,4 @@ Quickstart: bundle install bundle exec rake spec bundle exec rspec spec/acceptance -<<<<<<< HEAD - -##Copyright and License - -Copyright (C) 2012 [Puppet Labs](https://www.puppetlabs.com/) Inc - -Puppet Labs can be contacted at: info@puppetlabs.com - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -======= - RS_DEBUG=yes bundle exec rspec spec/acceptance ->>>>>>> Updates README + RS_DEBUG=yes bundle exec rspec spec/acceptance \ No newline at end of file From 109c25f82ab7bd8bab7d932e5d6bafe6da6d0c78 Mon Sep 17 00:00:00 2001 From: Lauren Rother Date: Tue, 18 Feb 2014 16:32:20 -0800 Subject: [PATCH 19/35] Fix replace/replacements --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2644c88f7d..21b7719327 100644 --- a/README.md +++ b/README.md @@ -185,7 +185,7 @@ To set up a virtual host with WSGI } ``` -Starting in Apache 2.2.16, httpd supports [FallbackResource](https://httpd.apache.org/docs/current/mod/mod_dir.html#fallbackresource), a simple replace for common RewriteRules. +Starting in Apache 2.2.16, HTTPD supports [FallbackResource](https://httpd.apache.org/docs/current/mod/mod_dir.html#fallbackresource), a simple replacement for common RewriteRules. ```puppet apache::vhost { 'wordpress.example.com': From eb0218ba4d22213acdd6cac76cf873c3c0b06d83 Mon Sep 17 00:00:00 2001 From: Ashley Penney Date: Wed, 19 Feb 2014 10:58:45 -0500 Subject: [PATCH 20/35] Change test location to be under /tmp/. --- spec/acceptance/class_spec.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index 62107ed61b..b28121be6a 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -38,16 +38,16 @@ class { 'apache': } # Using puppet_apply as a helper it 'should work with no errors' do pp = <<-EOS - file { '/apache': ensure => directory, } + file { '/tmp/apache_custom': ensure => directory, } class { 'apache': - mod_dir => '/apache/mods', - vhost_dir => '/apache/vhosts', + mod_dir => '/tmp/apache_custom/mods', + vhost_dir => '/tmp/apache_custom/vhosts', } EOS # Run it twice and test for idempotency apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero + apply_manifest(pp, :catch_changes => true) end describe service(service_name) do From 964884e2350b06f25dcfca38016098ab7aa21e24 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Tue, 18 Feb 2014 15:04:24 -0800 Subject: [PATCH 21/35] Add rewrite_base functionality to rewrites Previously rewrite_base was a parameter to vhost, but was removed incorrectly. When rewrites was created to replace rewrite_* parameters, rewrite_base was forgotten. This adds back the deprecated rewrite_base parameter and adds the rewrite_base support to the rewrites parameter. --- manifests/vhost.pp | 4 ++++ spec/defines/vhost_spec.rb | 6 +++++- templates/vhost/_rewrite.erb | 37 +++++++++++++++++++----------------- 3 files changed, 29 insertions(+), 18 deletions(-) diff --git a/manifests/vhost.pp b/manifests/vhost.pp index 22beec2e82..77c340ace9 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -153,6 +153,7 @@ $headers = undef, $request_headers = undef, $rewrites = undef, + $rewrite_base = undef, $rewrite_rule = undef, $rewrite_cond = undef, $setenv = [], @@ -199,6 +200,9 @@ } # Deprecated backwards-compatibility + if $rewrite_base { + warning('Apache::Vhost: parameter rewrite_base is deprecated in favor of rewrites') + } if $rewrite_rule { warning('Apache::Vhost: parameter rewrite_rule is deprecated in favor of rewrites') } diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb index 2cd2bb29d7..c166c9315f 100644 --- a/spec/defines/vhost_spec.rb +++ b/spec/defines/vhost_spec.rb @@ -1138,7 +1138,8 @@ let :params do default_params.merge({ :rewrites => [ { - 'comment' => 'test rewrites', + 'comment' => 'test rewrites', + 'rewrite_base' => '/mytestpath/', 'rewrite_cond' => ['%{HTTP_USER_AGENT} ^Lynx/ [OR]', '%{HTTP_USER_AGENT} ^Mozilla/[12]'], 'rewrite_rule' => ['^index\.html$ welcome.html', '^index\.cgi$ index.php'], } @@ -1151,6 +1152,9 @@ should contain_file("25-#{title}.conf").with_content( /^ RewriteCond %\{HTTP_USER_AGENT\} \^Lynx\/ \[OR\]$/ ) + should contain_file("25-#{title}.conf").with_content( + /^ RewriteBase \/mytestpath\/$/ + ) should contain_file("25-#{title}.conf").with_content( /^ RewriteCond %\{HTTP_USER_AGENT\} \^Mozilla\/\[12\]$/ ) diff --git a/templates/vhost/_rewrite.erb b/templates/vhost/_rewrite.erb index dbb437c1d6..af8b45001e 100644 --- a/templates/vhost/_rewrite.erb +++ b/templates/vhost/_rewrite.erb @@ -1,28 +1,31 @@ -<% if @rewrites -%> +<%- if @rewrites -%> ## Rewrite rules RewriteEngine On -<% if @rewrite_base -%> + <%- if @rewrite_base -%> RewriteBase <%= @rewrite_base %> -<% end -%> + <%- end -%> -<% [@rewrites].flatten.compact.each do |rewrite_details| -%> -<% if rewrite_details['comment'] -%> + <%- [@rewrites].flatten.compact.each do |rewrite_details| -%> + <%- if rewrite_details['comment'] -%> #<%= rewrite_details['comment'] %> -<% end -%> -<% if rewrite_details['rewrite_cond'] -%> -<%- Array(rewrite_details['rewrite_cond']).each do |commands| -%> -<%- Array(commands).each do |command| -%> + <%- end -%> + <%- if rewrite_details['rewrite_base'] -%> + RewriteBase <%= rewrite_details['rewrite_base'] %> + <%- end -%> + <%- if rewrite_details['rewrite_cond'] -%> + <%- Array(rewrite_details['rewrite_cond']).each do |commands| -%> + <%- Array(commands).each do |command| -%> RewriteCond <%= command %> -<%- end -%> -<% end -%> -<% end -%> -<%- Array(rewrite_details['rewrite_rule']).each do |commands| -%> -<%- Array(commands).each do |command| -%> + <%- end -%> + <%- end -%> + <%- end -%> + <%- Array(rewrite_details['rewrite_rule']).each do |commands| -%> + <%- Array(commands).each do |command| -%> RewriteRule <%= command %> -<%- end -%> + <%- end -%> -<% end -%> -<% end -%> + <%- end -%> + <%- end -%> <%- end -%> <%# reverse compatibility %> <% if @rewrite_rule and !@rewrites -%> From b1668d8598e57e5f10085da872193b843c39cfc4 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Thu, 20 Feb 2014 11:58:04 -0800 Subject: [PATCH 22/35] Document apache::apache_version --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 21b7719327..fd21507cdc 100644 --- a/README.md +++ b/README.md @@ -215,6 +215,10 @@ You may establish a default vhost in this class, the `vhost` class, or both. You **Parameters within `apache`:** +#####`apache_version` + +Configures the behavior of the module templates, package names, and default mods by setting the Apache version. Default is determined by the class `apache::version` using the OS family and release. It should not be configured manually without special reason. + #####`confd_dir` Changes the location of the configuration directory your custom configuration files are placed in. Defaults to '/etc/httpd/conf' on RedHat, '/etc/apache2' on Debian, and '/usr/local/etc/apache22' on FreeBSD. @@ -1738,4 +1742,4 @@ Quickstart: bundle install bundle exec rake spec bundle exec rspec spec/acceptance - RS_DEBUG=yes bundle exec rspec spec/acceptance \ No newline at end of file + RS_DEBUG=yes bundle exec rspec spec/acceptance From 9478cdb1db16f3d449149c3d839169aaf93b2974 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Fri, 21 Feb 2014 14:01:25 -0800 Subject: [PATCH 23/35] Windows, Suse, Solaris, and AIX are not supported. --- spec/acceptance/apache_parameters_spec.rb | 2 +- spec/acceptance/apache_ssl_spec.rb | 2 +- spec/acceptance/basic_spec.rb | 2 +- spec/acceptance/class_spec.rb | 2 +- spec/acceptance/default_mods_spec.rb | 2 +- spec/acceptance/itk_spec.rb | 28 +++++++++++------------ spec/acceptance/mod_php_spec.rb | 2 +- spec/acceptance/mod_suphp_spec.rb | 2 +- spec/acceptance/prefork_worker_spec.rb | 6 ++--- spec/acceptance/service_spec.rb | 2 +- spec/acceptance/unsupported_spec.rb | 13 +++++++++++ spec/acceptance/version.rb | 2 -- spec/acceptance/vhost_spec.rb | 2 +- spec/spec_helper_acceptance.rb | 6 ++--- 14 files changed, 40 insertions(+), 33 deletions(-) create mode 100644 spec/acceptance/unsupported_spec.rb diff --git a/spec/acceptance/apache_parameters_spec.rb b/spec/acceptance/apache_parameters_spec.rb index 597739f5c2..eeae55d45e 100644 --- a/spec/acceptance/apache_parameters_spec.rb +++ b/spec/acceptance/apache_parameters_spec.rb @@ -1,7 +1,7 @@ require 'spec_helper_acceptance' require_relative './version.rb' -describe 'apache parameters' do +describe 'apache parameters', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do # Currently this test only does something on FreeBSD. describe 'default_confd_files => false' do diff --git a/spec/acceptance/apache_ssl_spec.rb b/spec/acceptance/apache_ssl_spec.rb index 2d45e40498..649c02d841 100644 --- a/spec/acceptance/apache_ssl_spec.rb +++ b/spec/acceptance/apache_ssl_spec.rb @@ -7,7 +7,7 @@ vhostd = '/etc/apache2/sites-available' end -describe 'apache ssl' do +describe 'apache ssl', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do describe 'ssl parameters' do it 'runs without error' do diff --git a/spec/acceptance/basic_spec.rb b/spec/acceptance/basic_spec.rb index bc456e9ed1..6c2b3f462f 100644 --- a/spec/acceptance/basic_spec.rb +++ b/spec/acceptance/basic_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'disable selinux:' do +describe 'disable selinux:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it "because otherwise apache won't work" do apply_manifest(%{ exec { "setenforce 0": diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index b28121be6a..1f5921d596 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'apache class' do +describe 'apache class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do case fact('osfamily') when 'RedHat' package_name = 'httpd' diff --git a/spec/acceptance/default_mods_spec.rb b/spec/acceptance/default_mods_spec.rb index df6463eca4..03e1445601 100644 --- a/spec/acceptance/default_mods_spec.rb +++ b/spec/acceptance/default_mods_spec.rb @@ -11,7 +11,7 @@ raise "Unconfigured OS for apache service on #{fact('osfamily')}" end -describe 'apache::default_mods class' do +describe 'apache::default_mods class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do describe 'no default mods' do # Using puppet_apply as a helper it 'should apply with no errors' do diff --git a/spec/acceptance/itk_spec.rb b/spec/acceptance/itk_spec.rb index cabd71c5c6..86fc2c01ce 100644 --- a/spec/acceptance/itk_spec.rb +++ b/spec/acceptance/itk_spec.rb @@ -10,26 +10,24 @@ service_name = :skip end -unless service_name.equal? :skip - describe 'apache::mod::itk class' do - describe 'running puppet code' do - # Using puppet_apply as a helper - it 'should work with no errors' do - pp = <<-EOS +describe 'apache::mod::itk class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) or service_name.equal? :skip do + describe 'running puppet code' do + # Using puppet_apply as a helper + it 'should work with no errors' do + pp = <<-EOS class { 'apache': mpm_module => 'itk', } - EOS + EOS - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero - end + # Run it twice and test for idempotency + apply_manifest(pp, :catch_failures => true) + expect(apply_manifest(pp, :catch_failures => true).exit_code).to be_zero end + end - describe service(service_name) do - it { should be_running } - it { should be_enabled } - end + describe service(service_name) do + it { should be_running } + it { should be_enabled } end end diff --git a/spec/acceptance/mod_php_spec.rb b/spec/acceptance/mod_php_spec.rb index 3f3faaf9fe..d1c991621d 100644 --- a/spec/acceptance/mod_php_spec.rb +++ b/spec/acceptance/mod_php_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'apache::mod::php class' do +describe 'apache::mod::php class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do case fact('osfamily') when 'Debian' vhost_dir = '/etc/apache2/sites-enabled' diff --git a/spec/acceptance/mod_suphp_spec.rb b/spec/acceptance/mod_suphp_spec.rb index 725ec2adb8..9e26731d61 100644 --- a/spec/acceptance/mod_suphp_spec.rb +++ b/spec/acceptance/mod_suphp_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'apache::mod::suphp class' do +describe 'apache::mod::suphp class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do case fact('osfamily') when 'Debian' context "default suphp config" do diff --git a/spec/acceptance/prefork_worker_spec.rb b/spec/acceptance/prefork_worker_spec.rb index 8427fd045a..beffe0a014 100644 --- a/spec/acceptance/prefork_worker_spec.rb +++ b/spec/acceptance/prefork_worker_spec.rb @@ -7,8 +7,6 @@ servicename = 'apache2' when 'FreeBSD' servicename = 'apache22' -else - raise "Unconfigured OS for apache service on #{fact('osfamily')}" end case fact('osfamily') @@ -36,7 +34,7 @@ class { 'apache': end end -describe 'apache::mod::worker class' do +describe 'apache::mod::worker class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do describe 'running puppet code' do # Using puppet_apply as a helper it 'should work with no errors' do @@ -58,7 +56,7 @@ class { 'apache': end end -describe 'apache::mod::prefork class' do +describe 'apache::mod::prefork class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do describe 'running puppet code' do # Using puppet_apply as a helper it 'should work with no errors' do diff --git a/spec/acceptance/service_spec.rb b/spec/acceptance/service_spec.rb index c3124c8461..b51ca386f0 100644 --- a/spec/acceptance/service_spec.rb +++ b/spec/acceptance/service_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'apache::service class' do +describe 'apache::service class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do describe 'adding dependencies in between the base class and service class' do it 'should work with no errors' do pp = <<-EOS diff --git a/spec/acceptance/unsupported_spec.rb b/spec/acceptance/unsupported_spec.rb new file mode 100644 index 0000000000..5a89cd2137 --- /dev/null +++ b/spec/acceptance/unsupported_spec.rb @@ -0,0 +1,13 @@ +equire 'spec_helper_acceptance' + +describe 'unsupported distributions and OSes', :if => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + it 'should fail' do + pp = <<-EOS + class { 'apache': } + apache::vhost { 'test.lan': + docroot => '/var/www', + } + EOS + expect(apply_manifest(pp, :expect_failures => true).to match(/is not supported/)) + end +end diff --git a/spec/acceptance/version.rb b/spec/acceptance/version.rb index 62c5f3c397..169054ec21 100644 --- a/spec/acceptance/version.rb +++ b/spec/acceptance/version.rb @@ -51,7 +51,5 @@ $error_log = 'http-error.log' $apache_version = 2.2 -else - fail RuntimeError, "Unsupported osfamily: #{_osfamily}" end diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index a45db82b01..b4458bf257 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -1,7 +1,7 @@ require 'spec_helper_acceptance' require_relative './version.rb' -describe 'apache::vhost define' do +describe 'apache::vhost define', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do context 'no default vhosts' do it 'should create no default vhosts' do pp = <<-EOS diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 176529fdb7..7d334ae9bd 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -8,13 +8,13 @@ if host.is_pe? install_pe else - # Install Puppet - install_package host, 'rubygems' - on host, 'gem install puppet --no-ri --no-rdoc' + install_puppet on host, "mkdir -p #{host['distmoduledir']}" end end +UNSUPPORTED_PLATFORMS = ['Suse','windows','AIX','Solaris'] + RSpec.configure do |c| # Project root proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) From 2a6c28a5e31251ab44b6db49ec89073752867567 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Fri, 21 Feb 2014 14:28:31 -0800 Subject: [PATCH 24/35] Fix WSGI import_script and mod_ssl issues on Lucid The WSGIImportScript directive can't be used directly inside a VirtualHost on Lucid, says the apache daemon. --- manifests/mod/ssl.pp | 2 ++ spec/acceptance/vhost_spec.rb | 22 ++++++++++++++++++---- 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/manifests/mod/ssl.pp b/manifests/mod/ssl.pp index 323d092b28..c38c111e49 100644 --- a/manifests/mod/ssl.pp +++ b/manifests/mod/ssl.pp @@ -13,6 +13,8 @@ 'debian': { if $apache_version >= 2.4 and $::operatingsystem == 'Ubuntu' { $ssl_mutex = 'default' + } elsif $::operatingsystem == 'Ubuntu' and $::operatingsystemrelease == '10.04' { + $ssl_mutex = 'file:/var/run/apache2/ssl_mutex' } else { $ssl_mutex = 'file:${APACHE_RUN_DIR}/ssl_mutex' } diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index b4458bf257..f6749d35a1 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -44,9 +44,6 @@ class { 'apache': } context 'default vhost with ssl' do it 'should create default vhost configs' do - # Doesn't work on Ubuntu 10.04 because ssl.conf should contain - # 'file:/var/run/apache2/ssl_mutex' but contains - # 'file:${APACHE_RUN_DIR}/ssl_mutex' pp = <<-EOS file { '#{$run_dir}': ensure => 'directory', @@ -866,7 +863,24 @@ class { 'apache': } end describe 'wsgi' do - it 'applies cleanly' do + it 'import_script applies cleanly' do + pp = <<-EOS + class { 'apache': } + class { 'apache::mod::wsgi': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + wsgi_application_group => '%{GLOBAL}', + wsgi_daemon_process => 'wsgi', + wsgi_daemon_process_options => {processes => '2'}, + wsgi_process_group => 'nobody', + wsgi_script_aliases => { '/test' => '/test1' }, + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + it 'import_script applies cleanly', :unless => fact('lsbcodename') == 'lucid' do pp = <<-EOS class { 'apache': } class { 'apache::mod::wsgi': } From 176dc39d2a932fd006e9a3e21d393d70da5f8ac4 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Sat, 22 Feb 2014 15:19:26 -0800 Subject: [PATCH 25/35] Checking the stderr wasn't specified correctly --- spec/acceptance/unsupported_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/acceptance/unsupported_spec.rb b/spec/acceptance/unsupported_spec.rb index 5a89cd2137..f3efa5f5ad 100644 --- a/spec/acceptance/unsupported_spec.rb +++ b/spec/acceptance/unsupported_spec.rb @@ -8,6 +8,6 @@ class { 'apache': } docroot => '/var/www', } EOS - expect(apply_manifest(pp, :expect_failures => true).to match(/is not supported/)) + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/is not supported/) end end From 127c4ff28533a323ceca39a078d05e6b538312ea Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Mon, 24 Feb 2014 13:54:13 -0800 Subject: [PATCH 26/35] Typo'd require and wrong fail message --- spec/acceptance/unsupported_spec.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/acceptance/unsupported_spec.rb b/spec/acceptance/unsupported_spec.rb index f3efa5f5ad..085845dbfc 100644 --- a/spec/acceptance/unsupported_spec.rb +++ b/spec/acceptance/unsupported_spec.rb @@ -1,4 +1,4 @@ -equire 'spec_helper_acceptance' +require 'spec_helper_acceptance' describe 'unsupported distributions and OSes', :if => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do it 'should fail' do @@ -8,6 +8,6 @@ class { 'apache': } docroot => '/var/www', } EOS - expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/is not supported/) + expect(apply_manifest(pp, :expect_failures => true).stderr).to match(/unsupported/i) end end From bbf9278b24931444022aa67140d3505b748151da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Igor=20Gali=C4=87?= Date: Mon, 24 Feb 2014 17:20:38 +0100 Subject: [PATCH 27/35] ensure tests run faster we do this by fully-qualifying classes, defines and variables. --- manifests/balancer.pp | 2 +- manifests/confd/no_accf.pp | 6 +- manifests/default_confd_files.pp | 2 +- manifests/default_mods.pp | 170 +++++++++++++++---------------- manifests/default_mods/load.pp | 4 +- manifests/dev.pp | 4 +- manifests/init.pp | 66 ++++++------ manifests/listen.pp | 2 +- manifests/mod.pp | 18 ++-- manifests/mod/alias.pp | 6 +- manifests/mod/auth_basic.pp | 2 +- manifests/mod/auth_kerb.pp | 2 +- manifests/mod/authnz_ldap.pp | 10 +- manifests/mod/autoindex.pp | 8 +- manifests/mod/cache.pp | 2 +- manifests/mod/cgi.pp | 4 +- manifests/mod/cgid.pp | 10 +- manifests/mod/dav.pp | 2 +- manifests/mod/dav_fs.pp | 10 +- manifests/mod/dav_svn.pp | 6 +- manifests/mod/deflate.pp | 8 +- manifests/mod/dev.pp | 2 +- manifests/mod/dir.pp | 8 +- manifests/mod/disk_cache.pp | 10 +- manifests/mod/event.pp | 10 +- manifests/mod/expires.pp | 2 +- manifests/mod/fastcgi.pp | 10 +- manifests/mod/fcgid.pp | 2 +- manifests/mod/headers.pp | 4 +- manifests/mod/include.pp | 2 +- manifests/mod/info.pp | 8 +- manifests/mod/itk.pp | 10 +- manifests/mod/ldap.pp | 8 +- manifests/mod/mime.pp | 12 +-- manifests/mod/mime_magic.pp | 8 +- manifests/mod/negotiation.pp | 8 +- manifests/mod/nss.pp | 16 +-- manifests/mod/passenger.pp | 20 ++-- manifests/mod/perl.pp | 2 +- manifests/mod/peruser.pp | 26 ++--- manifests/mod/php.pp | 16 +-- manifests/mod/prefork.pp | 14 +-- manifests/mod/proxy.pp | 8 +- manifests/mod/proxy_ajp.pp | 4 +- manifests/mod/proxy_balancer.pp | 10 +- manifests/mod/proxy_html.pp | 18 ++-- manifests/mod/proxy_http.pp | 4 +- manifests/mod/python.pp | 2 +- manifests/mod/reqtimeout.pp | 8 +- manifests/mod/rewrite.pp | 4 +- manifests/mod/rpaf.pp | 8 +- manifests/mod/setenvif.pp | 8 +- manifests/mod/ssl.pp | 12 +-- manifests/mod/status.pp | 8 +- manifests/mod/suphp.pp | 8 +- manifests/mod/userdir.pp | 8 +- manifests/mod/vhost_alias.pp | 2 +- manifests/mod/worker.pp | 14 +-- manifests/mod/wsgi.pp | 8 +- manifests/mod/xsendfile.pp | 4 +- manifests/mpm.pp | 24 ++--- manifests/namevirtualhost.pp | 2 +- manifests/package.pp | 4 +- manifests/params.pp | 2 +- manifests/peruser/multiplexer.pp | 8 +- manifests/peruser/processor.pp | 4 +- manifests/php.pp | 2 +- manifests/proxy.pp | 2 +- manifests/python.pp | 2 +- manifests/service.pp | 2 +- manifests/ssl.pp | 2 +- manifests/vhost.pp | 62 +++++------ 72 files changed, 398 insertions(+), 398 deletions(-) diff --git a/manifests/balancer.pp b/manifests/balancer.pp index 1e4130fa35..30887823b6 100644 --- a/manifests/balancer.pp +++ b/manifests/balancer.pp @@ -43,7 +43,7 @@ $collect_exported = true, ) { include concat::setup - include apache::mod::proxy_balancer + include ::apache::mod::proxy_balancer $target = "${::apache::params::confd_dir}/balancer_${name}.conf" diff --git a/manifests/confd/no_accf.pp b/manifests/confd/no_accf.pp index 5f86eab107..f35c0c8b9d 100644 --- a/manifests/confd/no_accf.pp +++ b/manifests/confd/no_accf.pp @@ -2,9 +2,9 @@ # Template uses no variables file { 'no-accf.conf': ensure => 'file', - path => "${apache::confd_dir}/no-accf.conf", + path => "${::apache::confd_dir}/no-accf.conf", content => template('apache/confd/no-accf.conf.erb'), - require => Exec["mkdir ${apache::confd_dir}"], - before => File[$apache::confd_dir], + require => Exec["mkdir ${::apache::confd_dir}"], + before => File[$::apache::confd_dir], } } diff --git a/manifests/default_confd_files.pp b/manifests/default_confd_files.pp index e40840e335..c06b30c83b 100644 --- a/manifests/default_confd_files.pp +++ b/manifests/default_confd_files.pp @@ -5,7 +5,7 @@ if $all { case $::osfamily { 'freebsd': { - include apache::confd::no_accf + include ::apache::confd::no_accf } default: { # do nothing diff --git a/manifests/default_mods.pp b/manifests/default_mods.pp index 09cc3be1eb..139503e3c5 100644 --- a/manifests/default_mods.pp +++ b/manifests/default_mods.pp @@ -1,154 +1,154 @@ class apache::default_mods ( $all = true, $mods = undef, - $apache_version = $apache::apache_version + $apache_version = $::apache::apache_version ) { # These are modules required to run the default configuration. # They are not configurable at this time, so we just include # them to make sure it works. case $::osfamily { 'redhat', 'freebsd': { - apache::mod { 'log_config': } + ::apache::mod { 'log_config': } } default: {} } - apache::mod { 'authz_host': } + ::apache::mod { 'authz_host': } # The rest of the modules only get loaded if we want all modules enabled if $all { case $::osfamily { 'debian': { - include apache::mod::reqtimeout + include ::apache::mod::reqtimeout } 'redhat': { - include apache::mod::cache - include apache::mod::mime - include apache::mod::mime_magic - include apache::mod::vhost_alias - include apache::mod::rewrite - apache::mod { 'actions': } - apache::mod { 'auth_digest': } - apache::mod { 'authn_anon': } - apache::mod { 'authn_dbm': } - apache::mod { 'authz_dbm': } - apache::mod { 'authz_owner': } - apache::mod { 'expires': } - apache::mod { 'ext_filter': } - apache::mod { 'include': } - apache::mod { 'logio': } - apache::mod { 'speling': } - apache::mod { 'substitute': } - apache::mod { 'suexec': } - apache::mod { 'usertrack': } - apache::mod { 'version': } + include ::apache::mod::cache + include ::apache::mod::mime + include ::apache::mod::mime_magic + include ::apache::mod::vhost_alias + include ::apache::mod::rewrite + ::apache::mod { 'actions': } + ::apache::mod { 'auth_digest': } + ::apache::mod { 'authn_anon': } + ::apache::mod { 'authn_dbm': } + ::apache::mod { 'authz_dbm': } + ::apache::mod { 'authz_owner': } + ::apache::mod { 'expires': } + ::apache::mod { 'ext_filter': } + ::apache::mod { 'include': } + ::apache::mod { 'logio': } + ::apache::mod { 'speling': } + ::apache::mod { 'substitute': } + ::apache::mod { 'suexec': } + ::apache::mod { 'usertrack': } + ::apache::mod { 'version': } if $apache_version >= 2.4 { # Lets fork it - apache::mod { 'systemd': } + ::apache::mod { 'systemd': } - apache::mod { 'unixd': } - apache::mod { 'authn_core': } + ::apache::mod { 'unixd': } + ::apache::mod { 'authn_core': } } else { - apache::mod { 'authn_alias': } - apache::mod { 'authn_default': } + ::apache::mod { 'authn_alias': } + ::apache::mod { 'authn_default': } } } 'freebsd': { - include apache::mod::cache - include apache::mod::disk_cache - include apache::mod::headers - include apache::mod::info - include apache::mod::mime_magic - include apache::mod::reqtimeout - include apache::mod::rewrite - include apache::mod::userdir - include apache::mod::vhost_alias + include ::apache::mod::cache + include ::apache::mod::disk_cache + include ::apache::mod::headers + include ::apache::mod::info + include ::apache::mod::mime_magic + include ::apache::mod::reqtimeout + include ::apache::mod::rewrite + include ::apache::mod::userdir + include ::apache::mod::vhost_alias - apache::mod { 'actions': } - apache::mod { 'asis': } - apache::mod { 'auth_digest': } - apache::mod { 'authn_alias': } - apache::mod { 'authn_anon': } - apache::mod { 'authn_dbm': } - apache::mod { 'authn_default': } - apache::mod { 'authz_dbm': } - apache::mod { 'authz_owner': } - apache::mod { 'cern_meta': } - apache::mod { 'charset_lite': } - apache::mod { 'dumpio': } - apache::mod { 'expires': } - apache::mod { 'file_cache': } - apache::mod { 'filter':} - apache::mod { 'imagemap':} - apache::mod { 'include': } - apache::mod { 'logio': } - apache::mod { 'speling': } - apache::mod { 'unique_id': } - apache::mod { 'usertrack': } - apache::mod { 'version': } + ::apache::mod { 'actions': } + ::apache::mod { 'asis': } + ::apache::mod { 'auth_digest': } + ::apache::mod { 'authn_alias': } + ::apache::mod { 'authn_anon': } + ::apache::mod { 'authn_dbm': } + ::apache::mod { 'authn_default': } + ::apache::mod { 'authz_dbm': } + ::apache::mod { 'authz_owner': } + ::apache::mod { 'cern_meta': } + ::apache::mod { 'charset_lite': } + ::apache::mod { 'dumpio': } + ::apache::mod { 'expires': } + ::apache::mod { 'file_cache': } + ::apache::mod { 'filter':} + ::apache::mod { 'imagemap':} + ::apache::mod { 'include': } + ::apache::mod { 'logio': } + ::apache::mod { 'speling': } + ::apache::mod { 'unique_id': } + ::apache::mod { 'usertrack': } + ::apache::mod { 'version': } } default: {} } - case $apache::mpm_module { + case $::apache::mpm_module { 'prefork': { - include apache::mod::cgi + include ::apache::mod::cgi } 'worker': { - include apache::mod::cgid + include ::apache::mod::cgid } default: { # do nothing } } - include apache::mod::alias - include apache::mod::autoindex - include apache::mod::dav - include apache::mod::dav_fs - include apache::mod::deflate - include apache::mod::dir - include apache::mod::mime - include apache::mod::negotiation - include apache::mod::setenvif - apache::mod { 'auth_basic': } - apache::mod { 'authn_file': } + include ::apache::mod::alias + include ::apache::mod::autoindex + include ::apache::mod::dav + include ::apache::mod::dav_fs + include ::apache::mod::deflate + include ::apache::mod::dir + include ::apache::mod::mime + include ::apache::mod::negotiation + include ::apache::mod::setenvif + ::apache::mod { 'auth_basic': } + ::apache::mod { 'authn_file': } if $apache_version >= 2.4 { # authz_core is needed for 'Require' directive - apache::mod { 'authz_core': + ::apache::mod { 'authz_core': id => 'authz_core_module', } # filter is needed by mod_deflate - apache::mod { 'filter': } + ::apache::mod { 'filter': } } else { - apache::mod { 'authz_default': } + ::apache::mod { 'authz_default': } } - apache::mod { 'authz_groupfile': } - apache::mod { 'authz_user': } - apache::mod { 'env': } + ::apache::mod { 'authz_groupfile': } + ::apache::mod { 'authz_user': } + ::apache::mod { 'env': } } elsif $mods { - apache::default_mods::load { $mods: } + ::apache::default_mods::load { $mods: } if $apache_version >= 2.4 { # authz_core is needed for 'Require' directive - apache::mod { 'authz_core': + ::apache::mod { 'authz_core': id => 'authz_core_module', } # filter is needed by mod_deflate - apache::mod { 'filter': } + ::apache::mod { 'filter': } } } else { if $apache_version >= 2.4 { # authz_core is needed for 'Require' directive - apache::mod { 'authz_core': + ::apache::mod { 'authz_core': id => 'authz_core_module', } # filter is needed by mod_deflate - apache::mod { 'filter': } + ::apache::mod { 'filter': } } } } diff --git a/manifests/default_mods/load.pp b/manifests/default_mods/load.pp index ae2f76e64c..356e9fa00e 100644 --- a/manifests/default_mods/load.pp +++ b/manifests/default_mods/load.pp @@ -1,8 +1,8 @@ # private define define apache::default_mods::load ($module = $title) { if defined("apache::mod::${module}") { - include "apache::mod::${module}" + include "::apache::mod::${module}" } else { - apache::mod { $module: } + ::apache::mod { $module: } } } diff --git a/manifests/dev.pp b/manifests/dev.pp index 057475b159..4eaeb55782 100644 --- a/manifests/dev.pp +++ b/manifests/dev.pp @@ -2,8 +2,8 @@ if $::osfamily == 'FreeBSD' and !defined(Class['apache::package']) { fail('apache::dev requires apache::package; please include apache or apache::package class first') } - include apache::params - $packages = $apache::params::dev_packages + include ::apache::params + $packages = $::apache::params::dev_packages package { $packages: ensure => present, require => Package['httpd'], diff --git a/manifests/init.pp b/manifests/init.pp index 94900ea5c1..7f2565cf98 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -13,13 +13,13 @@ # Sample Usage: # class apache ( - $service_name = $apache::params::service_name, + $service_name = $::apache::params::service_name, $default_mods = true, $default_vhost = true, $default_confd_files = true, $default_ssl_vhost = false, - $default_ssl_cert = $apache::params::default_ssl_cert, - $default_ssl_key = $apache::params::default_ssl_key, + $default_ssl_cert = $::apache::params::default_ssl_cert, + $default_ssl_key = $::apache::params::default_ssl_key, $default_ssl_chain = undef, $default_ssl_ca = undef, $default_ssl_crl_path = undef, @@ -33,31 +33,31 @@ $sendfile = 'On', $error_documents = false, $timeout = '120', - $httpd_dir = $apache::params::httpd_dir, - $server_root = $apache::params::server_root, - $confd_dir = $apache::params::confd_dir, - $vhost_dir = $apache::params::vhost_dir, - $vhost_enable_dir = $apache::params::vhost_enable_dir, - $mod_dir = $apache::params::mod_dir, - $mod_enable_dir = $apache::params::mod_enable_dir, - $mpm_module = $apache::params::mpm_module, - $conf_template = $apache::params::conf_template, - $servername = $apache::params::servername, + $httpd_dir = $::apache::params::httpd_dir, + $server_root = $::apache::params::server_root, + $confd_dir = $::apache::params::confd_dir, + $vhost_dir = $::apache::params::vhost_dir, + $vhost_enable_dir = $::apache::params::vhost_enable_dir, + $mod_dir = $::apache::params::mod_dir, + $mod_enable_dir = $::apache::params::mod_enable_dir, + $mpm_module = $::apache::params::mpm_module, + $conf_template = $::apache::params::conf_template, + $servername = $::apache::params::servername, $manage_user = true, $manage_group = true, - $user = $apache::params::user, - $group = $apache::params::group, - $keepalive = $apache::params::keepalive, - $keepalive_timeout = $apache::params::keepalive_timeout, - $logroot = $apache::params::logroot, - $log_level = $apache::params::log_level, - $ports_file = $apache::params::ports_file, - $apache_version = $apache::version::default, + $user = $::apache::params::user, + $group = $::apache::params::group, + $keepalive = $::apache::params::keepalive, + $keepalive_timeout = $::apache::params::keepalive_timeout, + $logroot = $::apache::params::logroot, + $log_level = $::apache::params::log_level, + $ports_file = $::apache::params::ports_file, + $apache_version = $::apache::version::default, $server_tokens = 'OS', $server_signature = 'On', $trace_enable = 'On', $package_ensure = 'installed', -) inherits apache::params { +) inherits ::apache::params { validate_bool($default_vhost) validate_bool($default_ssl_vhost) validate_bool($default_confd_files) @@ -81,7 +81,7 @@ if $::osfamily != 'FreeBSD' { package { 'httpd': ensure => $package_ensure, - name => $apache::params::apache_name, + name => $::apache::params::apache_name, notify => Class['Apache::Service'], } } @@ -110,7 +110,7 @@ validate_re($log_level, $valid_log_level_re, "Log level '${log_level}' is not one of the supported Apache HTTP Server log levels.") - class { 'apache::service': + class { '::apache::service': service_name => $service_name, service_enable => $service_enable, service_ensure => $service_ensure, @@ -206,7 +206,7 @@ concat { $ports_file: owner => 'root', - group => $apache::params::root_group, + group => $::apache::params::root_group, mode => '0644', notify => Class['Apache::Service'], require => Package['httpd'], @@ -216,7 +216,7 @@ content => template('apache/ports_header.erb') } - if $apache::params::conf_dir and $apache::params::conf_file { + if $::apache::params::conf_dir and $::apache::params::conf_file { case $::osfamily { 'debian': { $docroot = '/var/www' @@ -272,7 +272,7 @@ # - $server_tokens # - $server_signature # - $trace_enable - file { "${apache::params::conf_dir}/${apache::params::conf_file}": + file { "${::apache::params::conf_dir}/${::apache::params::conf_file}": ensure => file, content => template($conf_template), notify => Class['Apache::Service'], @@ -282,20 +282,20 @@ # preserve back-wards compatibility to the times when default_mods was # only a boolean value. Now it can be an array (too) if is_array($default_mods) { - class { 'apache::default_mods': + class { '::apache::default_mods': all => false, mods => $default_mods, } } else { - class { 'apache::default_mods': + class { '::apache::default_mods': all => $default_mods, } } - class { 'apache::default_confd_files': + class { '::apache::default_confd_files': all => $default_confd_files } if $mpm_module { - class { "apache::mod::${mpm_module}": } + class { "::apache::mod::${mpm_module}": } } $default_vhost_ensure = $default_vhost ? { @@ -307,7 +307,7 @@ false => 'absent' } - apache::vhost { 'default': + ::apache::vhost { 'default': ensure => $default_vhost_ensure, port => 80, docroot => $docroot, @@ -321,7 +321,7 @@ 'freebsd' => $access_log_file, default => "ssl_${access_log_file}", } - apache::vhost { 'default-ssl': + ::apache::vhost { 'default-ssl': ensure => $default_ssl_vhost_ensure, port => 443, ssl => true, diff --git a/manifests/listen.pp b/manifests/listen.pp index 3189fa8f77..503ee8860b 100644 --- a/manifests/listen.pp +++ b/manifests/listen.pp @@ -3,7 +3,7 @@ # Template uses: $listen_addr_port concat::fragment { "Listen ${listen_addr_port}": - target => $apache::ports_file, + target => $::apache::ports_file, content => template('apache/listen.erb'), } } diff --git a/manifests/mod.pp b/manifests/mod.pp index e8ce8a9ab5..8be99afd00 100644 --- a/manifests/mod.pp +++ b/manifests/mod.pp @@ -2,7 +2,7 @@ $package = undef, $package_ensure = 'present', $lib = undef, - $lib_path = $apache::params::lib_path, + $lib_path = $::apache::params::lib_path, $id = undef, $path = undef, ) { @@ -12,10 +12,10 @@ $mod = $name #include apache #This creates duplicate resources in rspec-puppet - $mod_dir = $apache::mod_dir + $mod_dir = $::apache::mod_dir # Determine if we have special lib - $mod_libs = $apache::params::mod_libs + $mod_libs = $::apache::params::mod_libs $mod_lib = $mod_libs[$mod] # 2.6 compatibility hack if $lib { $_lib = $lib @@ -39,7 +39,7 @@ } # Determine if we have a package - $mod_packages = $apache::params::mod_packages + $mod_packages = $::apache::params::mod_packages $mod_package = $mod_packages[$mod] # 2.6 compatibility hack if $package { $_package = $package @@ -54,7 +54,7 @@ $package_before = $::osfamily ? { 'freebsd' => [ File["${mod_dir}/${mod}.load"], - File["${apache::params::conf_dir}/${apache::params::conf_file}"] + File["${::apache::params::conf_dir}/${::apache::params::conf_file}"] ], default => File["${mod_dir}/${mod}.load"], } @@ -70,7 +70,7 @@ ensure => file, path => "${mod_dir}/${mod}.load", owner => 'root', - group => $apache::params::root_group, + group => $::apache::params::root_group, mode => '0644', content => "LoadModule ${_id} ${_path}\n", require => [ @@ -82,13 +82,13 @@ } if $::osfamily == 'Debian' { - $enable_dir = $apache::mod_enable_dir + $enable_dir = $::apache::mod_enable_dir file{ "${mod}.load symlink": ensure => link, path => "${enable_dir}/${mod}.load", target => "${mod_dir}/${mod}.load", owner => 'root', - group => $apache::params::root_group, + group => $::apache::params::root_group, mode => '0644', require => [ File["${mod}.load"], @@ -106,7 +106,7 @@ path => "${enable_dir}/${mod}.conf", target => "${mod_dir}/${mod}.conf", owner => 'root', - group => $apache::params::root_group, + group => $::apache::params::root_group, mode => '0644', require => [ File["${mod}.conf"], diff --git a/manifests/mod/alias.pp b/manifests/mod/alias.pp index 29ec831559..ee017b490f 100644 --- a/manifests/mod/alias.pp +++ b/manifests/mod/alias.pp @@ -10,10 +10,10 @@ # Template uses $icons_path file { 'alias.conf': ensure => file, - path => "${apache::mod_dir}/alias.conf", + path => "${::apache::mod_dir}/alias.conf", content => template('apache/mod/alias.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/auth_basic.pp b/manifests/mod/auth_basic.pp index 8c613eef7e..cacfafa4d3 100644 --- a/manifests/mod/auth_basic.pp +++ b/manifests/mod/auth_basic.pp @@ -1,3 +1,3 @@ class apache::mod::auth_basic { - apache::mod { 'auth_basic': } + ::apache::mod { 'auth_basic': } } diff --git a/manifests/mod/auth_kerb.pp b/manifests/mod/auth_kerb.pp index 76c2de5b7b..6b53262a1b 100644 --- a/manifests/mod/auth_kerb.pp +++ b/manifests/mod/auth_kerb.pp @@ -1,5 +1,5 @@ class apache::mod::auth_kerb { - apache::mod { 'auth_kerb': } + ::apache::mod { 'auth_kerb': } } diff --git a/manifests/mod/authnz_ldap.pp b/manifests/mod/authnz_ldap.pp index 2ca2fc45fd..800e656e89 100644 --- a/manifests/mod/authnz_ldap.pp +++ b/manifests/mod/authnz_ldap.pp @@ -1,8 +1,8 @@ class apache::mod::authnz_ldap ( $verifyServerCert = true, ) { - include 'apache::mod::ldap' - apache::mod { 'authnz_ldap': } + include '::apache::mod::ldap' + ::apache::mod { 'authnz_ldap': } validate_bool($verifyServerCert) @@ -10,10 +10,10 @@ # - $verifyServerCert file { 'authnz_ldap.conf': ensure => file, - path => "${apache::mod_dir}/authnz_ldap.conf", + path => "${::apache::mod_dir}/authnz_ldap.conf", content => template('apache/mod/authnz_ldap.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/autoindex.pp b/manifests/mod/autoindex.pp index 85b4278ef7..f5f0f07458 100644 --- a/manifests/mod/autoindex.pp +++ b/manifests/mod/autoindex.pp @@ -1,12 +1,12 @@ class apache::mod::autoindex { - apache::mod { 'autoindex': } + ::apache::mod { 'autoindex': } # Template uses no variables file { 'autoindex.conf': ensure => file, - path => "${apache::mod_dir}/autoindex.conf", + path => "${::apache::mod_dir}/autoindex.conf", content => template('apache/mod/autoindex.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/cache.pp b/manifests/mod/cache.pp index 26d71bd06a..4ab9f44bae 100644 --- a/manifests/mod/cache.pp +++ b/manifests/mod/cache.pp @@ -1,3 +1,3 @@ class apache::mod::cache { - apache::mod { 'cache': } + ::apache::mod { 'cache': } } diff --git a/manifests/mod/cgi.pp b/manifests/mod/cgi.pp index 2ad368a0ef..6c3c6aec8d 100644 --- a/manifests/mod/cgi.pp +++ b/manifests/mod/cgi.pp @@ -1,4 +1,4 @@ class apache::mod::cgi { - Class['apache::mod::prefork'] -> Class['apache::mod::cgi'] - apache::mod { 'cgi': } + Class['::apache::mod::prefork'] -> Class['::apache::mod::cgi'] + ::apache::mod { 'cgi': } } diff --git a/manifests/mod/cgid.pp b/manifests/mod/cgid.pp index c932ae2bec..5c89251a1c 100644 --- a/manifests/mod/cgid.pp +++ b/manifests/mod/cgid.pp @@ -1,5 +1,5 @@ class apache::mod::cgid { - Class['apache::mod::worker'] -> Class['apache::mod::cgid'] + Class['::apache::mod::worker'] -> Class['::apache::mod::cgid'] # Debian specifies it's cgid sock path, but RedHat uses the default value # with no config file @@ -8,15 +8,15 @@ 'freebsd' => 'cgisock', default => undef, } - apache::mod { 'cgid': } + ::apache::mod { 'cgid': } if $cgisock_path { # Template uses $cgisock_path file { 'cgid.conf': ensure => file, - path => "${apache::mod_dir}/cgid.conf", + path => "${::apache::mod_dir}/cgid.conf", content => template('apache/mod/cgid.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/dav.pp b/manifests/mod/dav.pp index 06aa087e30..ade9c0809c 100644 --- a/manifests/mod/dav.pp +++ b/manifests/mod/dav.pp @@ -1,3 +1,3 @@ class apache::mod::dav { - apache::mod { 'dav': } + ::apache::mod { 'dav': } } diff --git a/manifests/mod/dav_fs.pp b/manifests/mod/dav_fs.pp index 53219be793..482f316171 100644 --- a/manifests/mod/dav_fs.pp +++ b/manifests/mod/dav_fs.pp @@ -5,16 +5,16 @@ default => '/var/lib/dav/lockdb', } - Class['apache::mod::dav'] -> Class['apache::mod::dav_fs'] - apache::mod { 'dav_fs': } + Class['::apache::mod::dav'] -> Class['::apache::mod::dav_fs'] + ::apache::mod { 'dav_fs': } # Template uses: $dav_lock file { 'dav_fs.conf': ensure => file, - path => "${apache::mod_dir}/dav_fs.conf", + path => "${::apache::mod_dir}/dav_fs.conf", content => template('apache/mod/dav_fs.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/dav_svn.pp b/manifests/mod/dav_svn.pp index 4f34bd6954..3ffa759112 100644 --- a/manifests/mod/dav_svn.pp +++ b/manifests/mod/dav_svn.pp @@ -1,5 +1,5 @@ class apache::mod::dav_svn { - Class['apache::mod::dav'] -> Class['apache::mod::dav_svn'] - include apache::mod::dav - apache::mod { 'dav_svn': } + Class['::apache::mod::dav'] -> Class['::apache::mod::dav_svn'] + include ::apache::mod::dav + ::apache::mod { 'dav_svn': } } diff --git a/manifests/mod/deflate.pp b/manifests/mod/deflate.pp index 97d1fdd8a1..9b597d9466 100644 --- a/manifests/mod/deflate.pp +++ b/manifests/mod/deflate.pp @@ -1,12 +1,12 @@ class apache::mod::deflate { - apache::mod { 'deflate': } + ::apache::mod { 'deflate': } # Template uses no variables file { 'deflate.conf': ensure => file, - path => "${apache::mod_dir}/deflate.conf", + path => "${::apache::mod_dir}/deflate.conf", content => template('apache/mod/deflate.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/dev.pp b/manifests/mod/dev.pp index b5d146fbe4..5abdedd361 100644 --- a/manifests/mod/dev.pp +++ b/manifests/mod/dev.pp @@ -1,5 +1,5 @@ class apache::mod::dev { # Development packages are not apache modules warning('apache::mod::dev is deprecated; please use apache::dev') - include apache::dev + include ::apache::dev } diff --git a/manifests/mod/dir.pp b/manifests/mod/dir.pp index 39543e1167..11631305a4 100644 --- a/manifests/mod/dir.pp +++ b/manifests/mod/dir.pp @@ -6,16 +6,16 @@ $indexes = ['index.html','index.html.var','index.cgi','index.pl','index.php','index.xhtml'], ) { validate_array($indexes) - apache::mod { 'dir': } + ::apache::mod { 'dir': } # Template uses # - $indexes file { 'dir.conf': ensure => file, - path => "${apache::mod_dir}/dir.conf", + path => "${::apache::mod_dir}/dir.conf", content => template('apache/mod/dir.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/disk_cache.pp b/manifests/mod/disk_cache.pp index d28196768f..13c9c78352 100644 --- a/manifests/mod/disk_cache.pp +++ b/manifests/mod/disk_cache.pp @@ -7,18 +7,18 @@ if $::osfamily != 'FreeBSD' { # FIXME: investigate why disk_cache was dependent on proxy # NOTE: on FreeBSD disk_cache is compiled by default but proxy is not - Class['apache::mod::proxy'] -> Class['apache::mod::disk_cache'] + Class['::apache::mod::proxy'] -> Class['::apache::mod::disk_cache'] } - Class['apache::mod::cache'] -> Class['apache::mod::disk_cache'] + Class['::apache::mod::cache'] -> Class['::apache::mod::disk_cache'] apache::mod { 'disk_cache': } # Template uses $cache_proxy file { 'disk_cache.conf': ensure => file, - path => "${apache::mod_dir}/disk_cache.conf", + path => "${::apache::mod_dir}/disk_cache.conf", content => template('apache/mod/disk_cache.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/event.pp b/manifests/mod/event.pp index 172113a287..cad00774c3 100644 --- a/manifests/mod/event.pp +++ b/manifests/mod/event.pp @@ -6,7 +6,7 @@ $threadsperchild = '25', $maxrequestsperchild = '0', $serverlimit = '25', - $apache_version = $apache::apache_version, + $apache_version = $::apache::apache_version, ) { if defined(Class['apache::mod::itk']) { fail('May not include both apache::mod::event and apache::mod::itk on the same node') @@ -22,7 +22,7 @@ } File { owner => 'root', - group => $apache::params::root_group, + group => $::apache::params::root_group, mode => '0644', } @@ -34,11 +34,11 @@ # - $threadsperchild # - $maxrequestsperchild # - $serverlimit - file { "${apache::mod_dir}/event.conf": + file { "${::apache::mod_dir}/event.conf": ensure => file, content => template('apache/mod/event.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } diff --git a/manifests/mod/expires.pp b/manifests/mod/expires.pp index 6c4b30aca9..aae4c59d98 100644 --- a/manifests/mod/expires.pp +++ b/manifests/mod/expires.pp @@ -1,3 +1,3 @@ class apache::mod::expires { - apache::mod { 'expires': } + ::apache::mod { 'expires': } } diff --git a/manifests/mod/fastcgi.pp b/manifests/mod/fastcgi.pp index 28673d7bbe..a185bb31fa 100644 --- a/manifests/mod/fastcgi.pp +++ b/manifests/mod/fastcgi.pp @@ -2,9 +2,9 @@ # Debian specifies it's fastcgi lib path, but RedHat uses the default value # with no config file - $fastcgi_lib_path = $apache::params::fastcgi_lib_path + $fastcgi_lib_path = $::apache::params::fastcgi_lib_path - apache::mod { 'fastcgi': } + ::apache::mod { 'fastcgi': } if $fastcgi_lib_path { # Template uses: @@ -13,10 +13,10 @@ # - $fastcgi_dir file { 'fastcgi.conf': ensure => file, - path => "${apache::mod_dir}/fastcgi.conf", + path => "${::apache::mod_dir}/fastcgi.conf", content => template('apache/mod/fastcgi.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/fcgid.pp b/manifests/mod/fcgid.pp index 4c777701e9..9eb7997427 100644 --- a/manifests/mod/fcgid.pp +++ b/manifests/mod/fcgid.pp @@ -1,3 +1,3 @@ class apache::mod::fcgid { - apache::mod { 'fcgid': } + ::apache::mod { 'fcgid': } } diff --git a/manifests/mod/headers.pp b/manifests/mod/headers.pp index 5ff9887b15..d18c5e2793 100644 --- a/manifests/mod/headers.pp +++ b/manifests/mod/headers.pp @@ -1,3 +1,3 @@ class apache::mod::headers { - apache::mod { 'headers': } -} \ No newline at end of file + ::apache::mod { 'headers': } +} diff --git a/manifests/mod/include.pp b/manifests/mod/include.pp index 9f2592f093..edbe81f324 100644 --- a/manifests/mod/include.pp +++ b/manifests/mod/include.pp @@ -1,3 +1,3 @@ class apache::mod::include { - apache::mod { 'include': } + ::apache::mod { 'include': } } diff --git a/manifests/mod/info.pp b/manifests/mod/info.pp index 627bf85ddf..18f9ea1dfe 100644 --- a/manifests/mod/info.pp +++ b/manifests/mod/info.pp @@ -1,6 +1,6 @@ class apache::mod::info ( $allow_from = ['127.0.0.1','::1'], - $apache_version = $apache::apache_version, + $apache_version = $::apache::apache_version, ){ apache::mod { 'info': } # Template uses @@ -8,10 +8,10 @@ # $apache_version file { 'info.conf': ensure => file, - path => "${apache::mod_dir}/info.conf", + path => "${::apache::mod_dir}/info.conf", content => template('apache/mod/info.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/itk.pp b/manifests/mod/itk.pp index cc582ac942..1083e5ed24 100644 --- a/manifests/mod/itk.pp +++ b/manifests/mod/itk.pp @@ -5,7 +5,7 @@ $serverlimit = '256', $maxclients = '256', $maxrequestsperchild = '4000', - $apache_version = $apache::apache_version, + $apache_version = $::apache::apache_version, ) { if defined(Class['apache::mod::event']) { fail('May not include both apache::mod::itk and apache::mod::event on the same node') @@ -21,7 +21,7 @@ } File { owner => 'root', - group => $apache::params::root_group, + group => $::apache::params::root_group, mode => '0644', } @@ -32,11 +32,11 @@ # - $serverlimit # - $maxclients # - $maxrequestsperchild - file { "${apache::mod_dir}/itk.conf": + file { "${::apache::mod_dir}/itk.conf": ensure => file, content => template('apache/mod/itk.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } diff --git a/manifests/mod/ldap.pp b/manifests/mod/ldap.pp index 097622c51e..f489291a28 100644 --- a/manifests/mod/ldap.pp +++ b/manifests/mod/ldap.pp @@ -1,12 +1,12 @@ class apache::mod::ldap { - apache::mod { 'ldap': } + ::apache::mod { 'ldap': } # Template uses no variables file { 'ldap.conf': ensure => file, - path => "${apache::mod_dir}/ldap.conf", + path => "${::apache::mod_dir}/ldap.conf", content => template('apache/mod/ldap.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/mime.pp b/manifests/mod/mime.pp index 5c9f4b7ada..8348a06ad3 100644 --- a/manifests/mod/mime.pp +++ b/manifests/mod/mime.pp @@ -1,21 +1,21 @@ class apache::mod::mime ( - $mime_support_package = $apache::params::mime_support_package, - $mime_types_config = $apache::params::mime_types_config, + $mime_support_package = $::apache::params::mime_support_package, + $mime_types_config = $::apache::params::mime_types_config, ) { apache::mod { 'mime': } # Template uses $mime_types_config file { 'mime.conf': ensure => file, - path => "${apache::mod_dir}/mime.conf", + path => "${::apache::mod_dir}/mime.conf", content => template('apache/mod/mime.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } if $mime_support_package { package { $mime_support_package: ensure => 'installed', - before => File["${apache::mod_dir}/mime.conf"], + before => File["${::apache::mod_dir}/mime.conf"], } } } diff --git a/manifests/mod/mime_magic.pp b/manifests/mod/mime_magic.pp index 5539d20e65..9de8bc4bc6 100644 --- a/manifests/mod/mime_magic.pp +++ b/manifests/mod/mime_magic.pp @@ -1,14 +1,14 @@ class apache::mod::mime_magic ( - $magic_file = "${apache::params::conf_dir}/magic" + $magic_file = "${::apache::params::conf_dir}/magic" ) { apache::mod { 'mime_magic': } # Template uses $magic_file file { 'mime_magic.conf': ensure => file, - path => "${apache::mod_dir}/mime_magic.conf", + path => "${::apache::mod_dir}/mime_magic.conf", content => template('apache/mod/mime_magic.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/negotiation.pp b/manifests/mod/negotiation.pp index e10c4921de..eff685b15c 100644 --- a/manifests/mod/negotiation.pp +++ b/manifests/mod/negotiation.pp @@ -1,12 +1,12 @@ class apache::mod::negotiation { - apache::mod { 'negotiation': } + ::apache::mod { 'negotiation': } # Template uses no variables file { 'negotiation.conf': ensure => file, - path => "${apache::mod_dir}/negotiation.conf", + path => "${::apache::mod_dir}/negotiation.conf", content => template('apache/mod/negotiation.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/nss.pp b/manifests/mod/nss.pp index a9a50a1068..f0eff1cdf7 100644 --- a/manifests/mod/nss.pp +++ b/manifests/mod/nss.pp @@ -1,13 +1,13 @@ class apache::mod::nss ( $transfer_log = "${::apache::params::logroot}/access.log", - $error_log = "${::apache::params::logroot}/error.log", - $passwd_file = undef - ) { - include apache::mod::mime + $error_log = "${::apache::params::logroot}/error.log", + $passwd_file = undef +) { + include ::apache::mod::mime apache::mod { 'nss': } - $httpd_dir = $apache::httpd_dir + $httpd_dir = $::apache::httpd_dir # Template uses: # $transfer_log @@ -16,10 +16,10 @@ # passwd_file file { 'nss.conf': ensure => file, - path => "${apache::mod_dir}/nss.conf", + path => "${::apache::mod_dir}/nss.conf", content => template('apache/mod/nss.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/passenger.pp b/manifests/mod/passenger.pp index e7561651d6..6a7404daa0 100644 --- a/manifests/mod/passenger.pp +++ b/manifests/mod/passenger.pp @@ -1,29 +1,29 @@ class apache::mod::passenger ( - $passenger_conf_file = $apache::params::passenger_conf_file, - $passenger_conf_package_file = $apache::params::passenger_conf_package_file, + $passenger_conf_file = $::apache::params::passenger_conf_file, + $passenger_conf_package_file = $::apache::params::passenger_conf_package_file, $passenger_high_performance = undef, $passenger_pool_idle_time = undef, $passenger_max_requests = undef, $passenger_stat_throttle_rate = undef, $rack_autodetect = undef, $rails_autodetect = undef, - $passenger_root = $apache::params::passenger_root, - $passenger_ruby = $apache::params::passenger_ruby, + $passenger_root = $::apache::params::passenger_root, + $passenger_ruby = $::apache::params::passenger_ruby, $passenger_max_pool_size = undef, $passenger_use_global_queue = undef, ) { if $::osfamily == 'FreeBSD' { - apache::mod { 'passenger': + ::apache::mod { 'passenger': lib_path => "${passenger_root}/buildout/apache2" } } else { - apache::mod { 'passenger': } + ::apache::mod { 'passenger': } } # Managed by the package, but declare it to avoid purging if $passenger_conf_package_file { file { 'passenger_package.conf': - path => "${apache::mod_dir}/${passenger_conf_package_file}", + path => "${::apache::mod_dir}/${passenger_conf_package_file}", } } @@ -39,10 +39,10 @@ # - $rails_autodetect file { 'passenger.conf': ensure => file, - path => "${apache::mod_dir}/${passenger_conf_file}", + path => "${::apache::mod_dir}/${passenger_conf_file}", content => template('apache/mod/passenger.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/perl.pp b/manifests/mod/perl.pp index 65832a0342..b57f25fd5f 100644 --- a/manifests/mod/perl.pp +++ b/manifests/mod/perl.pp @@ -1,3 +1,3 @@ class apache::mod::perl { - apache::mod { 'perl': } + ::apache::mod { 'perl': } } diff --git a/manifests/mod/peruser.pp b/manifests/mod/peruser.pp index fafeff23a9..518655a1d4 100644 --- a/manifests/mod/peruser.pp +++ b/manifests/mod/peruser.pp @@ -22,11 +22,11 @@ } File { owner => 'root', - group => $apache::params::root_group, + group => $::apache::params::root_group, mode => '0644', } - $mod_dir = $apache::mod_dir + $mod_dir = $::apache::mod_dir # Template uses: # - $minspareprocessors @@ -38,31 +38,31 @@ # - $expiretimeout # - $keepalive # - $mod_dir - file { "${apache::mod_dir}/peruser.conf": + file { "${::apache::mod_dir}/peruser.conf": ensure => file, content => template('apache/mod/peruser.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } - file { "${apache::mod_dir}/peruser": + file { "${::apache::mod_dir}/peruser": ensure => directory, - require => File[$apache::mod_dir], + require => File[$::apache::mod_dir], } - file { "${apache::mod_dir}/peruser/multiplexers": + file { "${::apache::mod_dir}/peruser/multiplexers": ensure => directory, - require => File["${apache::mod_dir}/peruser"], + require => File["${::apache::mod_dir}/peruser"], } - file { "${apache::mod_dir}/peruser/processors": + file { "${::apache::mod_dir}/peruser/processors": ensure => directory, - require => File["${apache::mod_dir}/peruser"], + require => File["${::apache::mod_dir}/peruser"], } - apache::peruser::multiplexer { '01-default': } + ::apache::peruser::multiplexer { '01-default': } case $::osfamily { 'freebsd' : { - class { 'apache::package': + class { '::apache::package': mpm_module => 'peruser' } } diff --git a/manifests/mod/php.pp b/manifests/mod/php.pp index f4e01fe3b4..ace596d42d 100644 --- a/manifests/mod/php.pp +++ b/manifests/mod/php.pp @@ -4,23 +4,23 @@ if ! defined(Class['apache::mod::prefork']) { fail('apache::mod::php requires apache::mod::prefork; please enable mpm_module => \'prefork\' on Class[\'apache\']') } - apache::mod { 'php5': + ::apache::mod { 'php5': package_ensure => $package_ensure, } - include apache::mod::mime - include apache::mod::dir - Class['apache::mod::mime'] -> Class['apache::mod::dir'] -> Class['apache::mod::php'] + include ::apache::mod::mime + include ::apache::mod::dir + Class['::apache::mod::mime'] -> Class['::apache::mod::dir'] -> Class['::apache::mod::php'] file { 'php5.conf': ensure => file, - path => "${apache::mod_dir}/php5.conf", + path => "${::apache::mod_dir}/php5.conf", content => template('apache/mod/php5.conf.erb'), require => [ - Class['apache::mod::prefork'], - Exec["mkdir ${apache::mod_dir}"], + Class['::apache::mod::prefork'], + Exec["mkdir ${::apache::mod_dir}"], ], - before => File[$apache::mod_dir], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/prefork.pp b/manifests/mod/prefork.pp index e5810829e4..d615acbddc 100644 --- a/manifests/mod/prefork.pp +++ b/manifests/mod/prefork.pp @@ -5,7 +5,7 @@ $serverlimit = '256', $maxclients = '256', $maxrequestsperchild = '4000', - $apache_version = $apache::apache_version, + $apache_version = $::apache::apache_version, ) { if defined(Class['apache::mod::event']) { fail('May not include both apache::mod::prefork and apache::mod::event on the same node') @@ -21,7 +21,7 @@ } File { owner => 'root', - group => $apache::params::root_group, + group => $::apache::params::root_group, mode => '0644', } @@ -32,18 +32,18 @@ # - $serverlimit # - $maxclients # - $maxrequestsperchild - file { "${apache::mod_dir}/prefork.conf": + file { "${::apache::mod_dir}/prefork.conf": ensure => file, content => template('apache/mod/prefork.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } case $::osfamily { 'redhat': { if $apache_version >= 2.4 { - apache::mpm{ 'prefork': + ::apache::mpm{ 'prefork': apache_version => $apache_version, } } @@ -59,7 +59,7 @@ } } 'debian', 'freebsd' : { - apache::mpm{ 'prefork': + ::apache::mpm{ 'prefork': apache_version => $apache_version, } } diff --git a/manifests/mod/proxy.pp b/manifests/mod/proxy.pp index f916734304..b6c0d6df7c 100644 --- a/manifests/mod/proxy.pp +++ b/manifests/mod/proxy.pp @@ -2,14 +2,14 @@ $proxy_requests = 'Off', $allow_from = undef, ) { - apache::mod { 'proxy': } + ::apache::mod { 'proxy': } # Template uses $proxy_requests file { 'proxy.conf': ensure => file, - path => "${apache::mod_dir}/proxy.conf", + path => "${::apache::mod_dir}/proxy.conf", content => template('apache/mod/proxy.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/proxy_ajp.pp b/manifests/mod/proxy_ajp.pp index b366cb1df6..a011a17895 100644 --- a/manifests/mod/proxy_ajp.pp +++ b/manifests/mod/proxy_ajp.pp @@ -1,4 +1,4 @@ class apache::mod::proxy_ajp { - Class['apache::mod::proxy'] -> Class['apache::mod::proxy_ajp'] - apache::mod { 'proxy_ajp': } + Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_ajp'] + ::apache::mod { 'proxy_ajp': } } diff --git a/manifests/mod/proxy_balancer.pp b/manifests/mod/proxy_balancer.pp index f31e5eaffc..5a0768d8d0 100644 --- a/manifests/mod/proxy_balancer.pp +++ b/manifests/mod/proxy_balancer.pp @@ -1,10 +1,10 @@ class apache::mod::proxy_balancer { - include apache::mod::proxy - include apache::mod::proxy_http + include ::apache::mod::proxy + include ::apache::mod::proxy_http - Class['apache::mod::proxy'] -> Class['apache::mod::proxy_balancer'] - Class['apache::mod::proxy_http'] -> Class['apache::mod::proxy_balancer'] - apache::mod { 'proxy_balancer': } + Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_balancer'] + Class['::apache::mod::proxy_http'] -> Class['::apache::mod::proxy_balancer'] + ::apache::mod { 'proxy_balancer': } } diff --git a/manifests/mod/proxy_html.pp b/manifests/mod/proxy_html.pp index 050b65d4fc..91d7bd3c8f 100644 --- a/manifests/mod/proxy_html.pp +++ b/manifests/mod/proxy_html.pp @@ -1,28 +1,28 @@ class apache::mod::proxy_html { - Class['apache::mod::proxy'] -> Class['apache::mod::proxy_html'] - Class['apache::mod::proxy_http'] -> Class['apache::mod::proxy_html'] - apache::mod { 'proxy_html': } + Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_html'] + Class['::apache::mod::proxy_http'] -> Class['::apache::mod::proxy_html'] + ::apache::mod { 'proxy_html': } case $::osfamily { 'RedHat': { - apache::mod { 'xml2enc': } + ::apache::mod { 'xml2enc': } } 'Debian': { - $proxy_html_loadfiles = $apache::params::distrelease ? { + $proxy_html_loadfiles = $::apache::params::distrelease ? { '6' => '/usr/lib/libxml2.so.2', default => "/usr/lib/${::hardwaremodel}-linux-gnu/libxml2.so.2", } } 'FreeBSD': { - apache::mod { 'xml2enc': } + ::apache::mod { 'xml2enc': } } } # Template uses $icons_path file { 'proxy_html.conf': ensure => file, - path => "${apache::mod_dir}/proxy_html.conf", + path => "${::apache::mod_dir}/proxy_html.conf", content => template('apache/mod/proxy_html.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/proxy_http.pp b/manifests/mod/proxy_http.pp index 5b83df2c59..1579e68ee2 100644 --- a/manifests/mod/proxy_http.pp +++ b/manifests/mod/proxy_http.pp @@ -1,4 +1,4 @@ class apache::mod::proxy_http { - Class['apache::mod::proxy'] -> Class['apache::mod::proxy_http'] - apache::mod { 'proxy_http': } + Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_http'] + ::apache::mod { 'proxy_http': } } diff --git a/manifests/mod/python.pp b/manifests/mod/python.pp index 8158b7e8ad..e326c8d757 100644 --- a/manifests/mod/python.pp +++ b/manifests/mod/python.pp @@ -1,5 +1,5 @@ class apache::mod::python { - apache::mod { 'python': } + ::apache::mod { 'python': } } diff --git a/manifests/mod/reqtimeout.pp b/manifests/mod/reqtimeout.pp index b763b37850..80b3018306 100644 --- a/manifests/mod/reqtimeout.pp +++ b/manifests/mod/reqtimeout.pp @@ -1,12 +1,12 @@ class apache::mod::reqtimeout { - apache::mod { 'reqtimeout': } + ::apache::mod { 'reqtimeout': } # Template uses no variables file { 'reqtimeout.conf': ensure => file, - path => "${apache::mod_dir}/reqtimeout.conf", + path => "${::apache::mod_dir}/reqtimeout.conf", content => template('apache/mod/reqtimeout.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/rewrite.pp b/manifests/mod/rewrite.pp index 147faab998..694f0b6f5c 100644 --- a/manifests/mod/rewrite.pp +++ b/manifests/mod/rewrite.pp @@ -1,4 +1,4 @@ class apache::mod::rewrite { - include apache::params - apache::mod { 'rewrite': } + include ::apache::params + ::apache::mod { 'rewrite': } } diff --git a/manifests/mod/rpaf.pp b/manifests/mod/rpaf.pp index 94dc31ccac..6fbc1d4e04 100644 --- a/manifests/mod/rpaf.pp +++ b/manifests/mod/rpaf.pp @@ -3,7 +3,7 @@ $proxy_ips = [ '127.0.0.1' ], $header = 'X-Forwarded-For' ) { - apache::mod { 'rpaf': } + ::apache::mod { 'rpaf': } # Template uses: # - $sethostname @@ -11,10 +11,10 @@ # - $header file { 'rpaf.conf': ensure => file, - path => "${apache::mod_dir}/rpaf.conf", + path => "${::apache::mod_dir}/rpaf.conf", content => template('apache/mod/rpaf.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/setenvif.pp b/manifests/mod/setenvif.pp index 1b60edde8b..15b1441d83 100644 --- a/manifests/mod/setenvif.pp +++ b/manifests/mod/setenvif.pp @@ -1,12 +1,12 @@ class apache::mod::setenvif { - apache::mod { 'setenvif': } + ::apache::mod { 'setenvif': } # Template uses no variables file { 'setenvif.conf': ensure => file, - path => "${apache::mod_dir}/setenvif.conf", + path => "${::apache::mod_dir}/setenvif.conf", content => template('apache/mod/setenvif.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/ssl.pp b/manifests/mod/ssl.pp index 323d092b28..7b20a9ba72 100644 --- a/manifests/mod/ssl.pp +++ b/manifests/mod/ssl.pp @@ -1,7 +1,7 @@ class apache::mod::ssl ( $ssl_compression = false, $ssl_options = [ 'StdEnvVars' ], - $apache_version = $apache::apache_version, + $apache_version = $::apache::apache_version, ) { $session_cache = $::osfamily ? { 'debian' => '${APACHE_RUN_DIR}/ssl_scache(512000)', @@ -28,10 +28,10 @@ } } - apache::mod { 'ssl': } + ::apache::mod { 'ssl': } if $apache_version >= 2.4 { - apache::mod { 'socache_shmcb': } + ::apache::mod { 'socache_shmcb': } } # Template uses @@ -44,10 +44,10 @@ # file { 'ssl.conf': ensure => file, - path => "${apache::mod_dir}/ssl.conf", + path => "${::apache::mod_dir}/ssl.conf", content => template('apache/mod/ssl.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/status.pp b/manifests/mod/status.pp index ed73b99fdb..fdaba4b07a 100644 --- a/manifests/mod/status.pp +++ b/manifests/mod/status.pp @@ -29,14 +29,14 @@ ){ validate_array($allow_from) validate_re(downcase($extended_status), '^(on|off)$', "${extended_status} is not supported for extended_status. Allowed values are 'On' and 'Off'.") - apache::mod { 'status': } + ::apache::mod { 'status': } # Template uses $allow_from, $extended_status file { 'status.conf': ensure => file, - path => "${apache::mod_dir}/status.conf", + path => "${::apache::mod_dir}/status.conf", content => template('apache/mod/status.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/suphp.pp b/manifests/mod/suphp.pp index 26473cf2e5..f9a572f463 100644 --- a/manifests/mod/suphp.pp +++ b/manifests/mod/suphp.pp @@ -1,13 +1,13 @@ class apache::mod::suphp ( ){ - apache::mod { 'suphp': } + ::apache::mod { 'suphp': } file {'suphp.conf': ensure => file, - path => "${apache::mod_dir}/suphp.conf", + path => "${::apache::mod_dir}/suphp.conf", content => template('apache/mod/suphp.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'] } } diff --git a/manifests/mod/userdir.pp b/manifests/mod/userdir.pp index 69f4044fd4..27af54c667 100644 --- a/manifests/mod/userdir.pp +++ b/manifests/mod/userdir.pp @@ -3,15 +3,15 @@ $dir = 'public_html', $disable_root = true, ) { - apache::mod { 'userdir': } + ::apache::mod { 'userdir': } # Template uses $home, $dir, $disable_root file { 'userdir.conf': ensure => file, - path => "${apache::mod_dir}/userdir.conf", + path => "${::apache::mod_dir}/userdir.conf", content => template('apache/mod/userdir.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } } diff --git a/manifests/mod/vhost_alias.pp b/manifests/mod/vhost_alias.pp index ec40447a35..30ae122e15 100644 --- a/manifests/mod/vhost_alias.pp +++ b/manifests/mod/vhost_alias.pp @@ -1,3 +1,3 @@ class apache::mod::vhost_alias { - apache::mod { 'vhost_alias': } + ::apache::mod { 'vhost_alias': } } diff --git a/manifests/mod/worker.pp b/manifests/mod/worker.pp index ae259fa0ed..8007953cf8 100644 --- a/manifests/mod/worker.pp +++ b/manifests/mod/worker.pp @@ -6,7 +6,7 @@ $threadsperchild = '25', $maxrequestsperchild = '0', $serverlimit = '25', - $apache_version = $apache::apache_version, + $apache_version = $::apache::apache_version, ) { if defined(Class['apache::mod::event']) { fail('May not include both apache::mod::worker and apache::mod::event on the same node') @@ -22,7 +22,7 @@ } File { owner => 'root', - group => $apache::params::root_group, + group => $::apache::params::root_group, mode => '0644', } @@ -34,18 +34,18 @@ # - $threadsperchild # - $maxrequestsperchild # - $serverlimit - file { "${apache::mod_dir}/worker.conf": + file { "${::apache::mod_dir}/worker.conf": ensure => file, content => template('apache/mod/worker.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'], } case $::osfamily { 'redhat': { if $apache_version >= 2.4 { - apache::mpm{ 'worker': + ::apache::mpm{ 'worker': apache_version => $apache_version, } } @@ -61,7 +61,7 @@ } } 'debian', 'freebsd': { - apache::mpm{ 'worker': + ::apache::mpm{ 'worker': apache_version => $apache_version, } } diff --git a/manifests/mod/wsgi.pp b/manifests/mod/wsgi.pp index 0d42714091..244a3458b4 100644 --- a/manifests/mod/wsgi.pp +++ b/manifests/mod/wsgi.pp @@ -3,7 +3,7 @@ $wsgi_python_path = undef, $wsgi_python_home = undef, ){ - apache::mod { 'wsgi': } + ::apache::mod { 'wsgi': } # Template uses: # - $wsgi_socket_prefix @@ -11,10 +11,10 @@ # - $wsgi_python_home file {'wsgi.conf': ensure => file, - path => "${apache::mod_dir}/wsgi.conf", + path => "${::apache::mod_dir}/wsgi.conf", content => template('apache/mod/wsgi.conf.erb'), - require => Exec["mkdir ${apache::mod_dir}"], - before => File[$apache::mod_dir], + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], notify => Service['httpd'] } } diff --git a/manifests/mod/xsendfile.pp b/manifests/mod/xsendfile.pp index 571501a03b..7c5e88437a 100644 --- a/manifests/mod/xsendfile.pp +++ b/manifests/mod/xsendfile.pp @@ -1,4 +1,4 @@ class apache::mod::xsendfile { - include apache::params - apache::mod { 'xsendfile': } + include ::apache::params + ::apache::mod { 'xsendfile': } } diff --git a/manifests/mpm.pp b/manifests/mpm.pp index fd6f764183..b6b2cfebe8 100644 --- a/manifests/mpm.pp +++ b/manifests/mpm.pp @@ -1,13 +1,13 @@ define apache::mpm ( - $lib_path = $apache::params::lib_path, - $apache_version = $apache::apache_version, + $lib_path = $::apache::params::lib_path, + $apache_version = $::apache::apache_version, ) { if ! defined(Class['apache']) { fail('You must include the apache base class before using any apache defined resources') } $mpm = $name - $mod_dir = $apache::mod_dir + $mod_dir = $::apache::mod_dir $_lib = "mod_mpm_${mpm}.so" $_path = "${lib_path}/${_lib}" @@ -29,20 +29,20 @@ case $::osfamily { 'debian': { - file { "${apache::mod_enable_dir}/${mpm}.conf": + file { "${::apache::mod_enable_dir}/${mpm}.conf": ensure => link, - target => "${apache::mod_dir}/${mpm}.conf", - require => Exec["mkdir ${apache::mod_enable_dir}"], - before => File[$apache::mod_enable_dir], + target => "${::apache::mod_dir}/${mpm}.conf", + require => Exec["mkdir ${::apache::mod_enable_dir}"], + before => File[$::apache::mod_enable_dir], notify => Service['httpd'], } if $apache_version >= 2.4 { - file { "${apache::mod_enable_dir}/${mpm}.load": + file { "${::apache::mod_enable_dir}/${mpm}.load": ensure => link, - target => "${apache::mod_dir}/${mpm}.load", - require => Exec["mkdir ${apache::mod_enable_dir}"], - before => File[$apache::mod_enable_dir], + target => "${::apache::mod_dir}/${mpm}.load", + require => Exec["mkdir ${::apache::mod_enable_dir}"], + before => File[$::apache::mod_enable_dir], notify => Service['httpd'], } } @@ -54,7 +54,7 @@ } } 'freebsd': { - class { 'apache::package': + class { '::apache::package': mpm_module => $mpm } } diff --git a/manifests/namevirtualhost.pp b/manifests/namevirtualhost.pp index f5f0dad538..4fa8795185 100644 --- a/manifests/namevirtualhost.pp +++ b/manifests/namevirtualhost.pp @@ -3,7 +3,7 @@ # Template uses: $addr_port concat::fragment { "NameVirtualHost ${addr_port}": - target => $apache::ports_file, + target => $::apache::ports_file, content => template('apache/namevirtualhost.erb'), } } diff --git a/manifests/package.pp b/manifests/package.pp index b91e25f6b1..c5ef315366 100644 --- a/manifests/package.pp +++ b/manifests/package.pp @@ -1,6 +1,6 @@ class apache::package ( $ensure = 'present', - $mpm_module = $apache::params::mpm_module, + $mpm_module = $::apache::params::mpm_module, ) { case $::osfamily { 'freebsd' : { @@ -37,7 +37,7 @@ }) } default: { - $apache_package = $apache::params::apache_name + $apache_package = $::apache::params::apache_name } } package { 'httpd': diff --git a/manifests/params.pp b/manifests/params.pp index 1f5f45b413..be6e331af8 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -18,7 +18,7 @@ # # Sample Usage: # -class apache::params inherits apache::version { +class apache::params inherits ::apache::version { # This will be 5 or 6 on RedHat, 6 or wheezy on Debian, 12 or quantal on Ubuntu, 3 on Amazon, etc. $osr_array = split($::operatingsystemrelease,'[\/\.]') $distrelease = $osr_array[0] diff --git a/manifests/peruser/multiplexer.pp b/manifests/peruser/multiplexer.pp index 260f1b5a3d..9e57ac30b2 100644 --- a/manifests/peruser/multiplexer.pp +++ b/manifests/peruser/multiplexer.pp @@ -1,6 +1,6 @@ define apache::peruser::multiplexer ( - $user = $apache::user, - $group = $apache::group, + $user = $::apache::user, + $group = $::apache::group, $file = undef, ) { if ! $file { @@ -8,10 +8,10 @@ } else { $filename = $file } - file { "${apache::mod_dir}/peruser/multiplexers/${filename}": + file { "${::apache::mod_dir}/peruser/multiplexers/${filename}": ensure => file, content => "Multiplexer ${user} ${group}\n", - require => File["${apache::mod_dir}/peruser/multiplexers"], + require => File["${::apache::mod_dir}/peruser/multiplexers"], notify => Service['httpd'], } } diff --git a/manifests/peruser/processor.pp b/manifests/peruser/processor.pp index c677cd6ca1..1d68934657 100644 --- a/manifests/peruser/processor.pp +++ b/manifests/peruser/processor.pp @@ -8,10 +8,10 @@ } else { $filename = $file } - file { "${apache::mod_dir}/peruser/processors/${filename}": + file { "${::apache::mod_dir}/peruser/processors/${filename}": ensure => file, content => "Processor ${user} ${group}\n", - require => File["${apache::mod_dir}/peruser/processors"], + require => File["${::apache::mod_dir}/peruser/processors"], notify => Service['httpd'], } } diff --git a/manifests/php.pp b/manifests/php.pp index feb903e7be..9fa9c682e2 100644 --- a/manifests/php.pp +++ b/manifests/php.pp @@ -14,5 +14,5 @@ # class apache::php { warning('apache::php is deprecated; please use apache::mod::php') - include apache::mod::php + include ::apache::mod::php } diff --git a/manifests/proxy.pp b/manifests/proxy.pp index 0f4fde540b..050f36c278 100644 --- a/manifests/proxy.pp +++ b/manifests/proxy.pp @@ -11,5 +11,5 @@ # class apache::proxy { warning('apache::proxy is deprecated; please use apache::mod::proxy') - include apache::mod::proxy + include ::apache::mod::proxy } diff --git a/manifests/python.pp b/manifests/python.pp index 99ef289872..723a753f82 100644 --- a/manifests/python.pp +++ b/manifests/python.pp @@ -14,5 +14,5 @@ # class apache::python { warning('apache::python is deprecated; please use apache::mod::python') - include apache::mod::python + include ::apache::mod::python } diff --git a/manifests/service.pp b/manifests/service.pp index 82a0b8ca61..b21a25f4b7 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -17,7 +17,7 @@ # # class apache::service ( - $service_name = $apache::params::service_name, + $service_name = $::apache::params::service_name, $service_enable = true, $service_ensure = 'running', ) { diff --git a/manifests/ssl.pp b/manifests/ssl.pp index 21662e1685..d0b36593d6 100644 --- a/manifests/ssl.pp +++ b/manifests/ssl.pp @@ -14,5 +14,5 @@ # class apache::ssl { warning('apache::ssl is deprecated; please use apache::mod::ssl') - include apache::mod::ssl + include ::apache::mod::ssl } diff --git a/manifests/vhost.pp b/manifests/vhost.pp index 77c340ace9..8525235e9d 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -93,16 +93,16 @@ $ip_based = false, $add_listen = true, $docroot_owner = 'root', - $docroot_group = $apache::params::root_group, + $docroot_group = $::apache::params::root_group, $serveradmin = undef, $ssl = false, - $ssl_cert = $apache::default_ssl_cert, - $ssl_key = $apache::default_ssl_key, - $ssl_chain = $apache::default_ssl_chain, - $ssl_ca = $apache::default_ssl_ca, - $ssl_crl_path = $apache::default_ssl_crl_path, - $ssl_crl = $apache::default_ssl_crl, - $ssl_certs_dir = $apache::params::ssl_certs_dir, + $ssl_cert = $::apache::default_ssl_cert, + $ssl_key = $::apache::default_ssl_key, + $ssl_chain = $::apache::default_ssl_chain, + $ssl_ca = $::apache::default_ssl_ca, + $ssl_crl_path = $::apache::default_ssl_crl_path, + $ssl_crl = $::apache::default_ssl_crl, + $ssl_certs_dir = $::apache::params::ssl_certs_dir, $ssl_protocol = undef, $ssl_cipher = undef, $ssl_honorcipherorder = undef, @@ -118,7 +118,7 @@ $override = ['None'], $directoryindex = '', $vhost_name = '*', - $logroot = $apache::logroot, + $logroot = $::apache::logroot, $log_level = undef, $access_log = true, $access_log_file = undef, @@ -138,9 +138,9 @@ $scriptaliases = [], $proxy_dest = undef, $proxy_pass = undef, - $suphp_addhandler = $apache::params::suphp_addhandler, - $suphp_engine = $apache::params::suphp_engine, - $suphp_configpath = $apache::params::suphp_configpath, + $suphp_addhandler = $::apache::params::suphp_addhandler, + $suphp_engine = $::apache::params::suphp_engine, + $suphp_configpath = $::apache::params::suphp_configpath, $php_admin_flags = [], $php_admin_values = [], $no_proxy_uris = [], @@ -173,14 +173,14 @@ $fastcgi_socket = undef, $fastcgi_dir = undef, $additional_includes = [], - $apache_version = $apache::apache_version + $apache_version = $::apache::apache_version ) { # The base class must be included first because it is used by parameter defaults if ! defined(Class['apache']) { fail('You must include the apache base class before using any apache defined resources') } - $apache_name = $apache::params::apache_name + $apache_name = $::apache::params::apache_name validate_re($ensure, '^(present|absent)$', "${ensure} is not supported for ensure. @@ -241,13 +241,13 @@ } if $ssl and $ensure == 'present' { - include apache::mod::ssl + include ::apache::mod::ssl # Required for the AddType lines. - include apache::mod::mime + include ::apache::mod::mime } if $virtual_docroot { - include apache::mod::vhost_alias + include ::apache::mod::vhost_alias } # This ensures that the docroot exists @@ -339,50 +339,50 @@ fail("Apache::Vhost[${name}]: Mixing IP and non-IP Listen directives is not possible; check the add_listen parameter of the apache::vhost define to disable this") } if ! defined(Apache::Listen[$listen_addr_port]) and $listen_addr_port and $ensure == 'present' { - apache::listen { $listen_addr_port: } + ::apache::listen { $listen_addr_port: } } } if ! $ip_based { if ! defined(Apache::Namevirtualhost[$nvh_addr_port]) and $ensure == 'present' { - apache::namevirtualhost { $nvh_addr_port: } + ::apache::namevirtualhost { $nvh_addr_port: } } } # Load mod_rewrite if needed and not yet loaded if $rewrites or $rewrite_cond { if ! defined(Apache::Mod['rewrite']) { - apache::mod { 'rewrite': } + ::apache::mod { 'rewrite': } } } # Load mod_alias if needed and not yet loaded if ($scriptalias or $scriptaliases != []) or ($redirect_source and $redirect_dest) { if ! defined(Class['apache::mod::alias']) { - include apache::mod::alias + include ::apache::mod::alias } } # Load mod_proxy if needed and not yet loaded if ($proxy_dest or $proxy_pass) { if ! defined(Class['apache::mod::proxy']) { - include apache::mod::proxy + include ::apache::mod::proxy } if ! defined(Class['apache::mod::proxy_http']) { - include apache::mod::proxy_http + include ::apache::mod::proxy_http } } # Load mod_passenger if needed and not yet loaded if $rack_base_uris { if ! defined(Class['apache::mod::passenger']) { - include apache::mod::passenger + include ::apache::mod::passenger } } # Load mod_fastci if needed and not yet loaded if $fastcgi_server and $fastcgi_socket { if ! defined(Class['apache::mod::fastcgi']) { - include apache::mod::fastcgi + include ::apache::mod::fastcgi } } @@ -398,7 +398,7 @@ # Check if mod_headers is required to process $headers/$request_headers if $headers or $request_headers { if ! defined(Class['apache::mod::headers']) { - include apache::mod::headers + include ::apache::mod::headers } } @@ -516,10 +516,10 @@ # - $wsgi_script_aliases file { "${priority_real}-${filename}.conf": ensure => $ensure, - path => "${apache::vhost_dir}/${priority_real}-${filename}.conf", + path => "${::apache::vhost_dir}/${priority_real}-${filename}.conf", content => template('apache/vhost.conf.erb'), owner => 'root', - group => $apache::params::root_group, + group => $::apache::params::root_group, mode => '0644', require => [ Package['httpd'], @@ -529,7 +529,7 @@ notify => Service['httpd'], } if $::osfamily == 'Debian' { - $vhost_enable_dir = $apache::vhost_enable_dir + $vhost_enable_dir = $::apache::vhost_enable_dir $vhost_symlink_ensure = $ensure ? { present => link, default => $ensure, @@ -537,9 +537,9 @@ file{ "${priority_real}-${filename}.conf symlink": ensure => $vhost_symlink_ensure, path => "${vhost_enable_dir}/${priority_real}-${filename}.conf", - target => "${apache::vhost_dir}/${priority_real}-${filename}.conf", + target => "${::apache::vhost_dir}/${priority_real}-${filename}.conf", owner => 'root', - group => $apache::params::root_group, + group => $::apache::params::root_group, mode => '0644', require => File["${priority_real}-${filename}.conf"], notify => Service['httpd'], From eef1ea1ee5714eb4ed8729fef9efa0f3e530cfc0 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Fri, 28 Feb 2014 09:45:27 -0800 Subject: [PATCH 28/35] Correct the tests for aix --- spec/acceptance/default_mods_spec.rb | 2 -- spec/acceptance/version.rb | 2 ++ spec/acceptance/vhost_spec.rb | 2 +- spec/spec_helper_acceptance.rb | 21 ++++++++++++--------- 4 files changed, 15 insertions(+), 12 deletions(-) diff --git a/spec/acceptance/default_mods_spec.rb b/spec/acceptance/default_mods_spec.rb index 03e1445601..2b8b409e35 100644 --- a/spec/acceptance/default_mods_spec.rb +++ b/spec/acceptance/default_mods_spec.rb @@ -7,8 +7,6 @@ servicename = 'apache2' when 'FreeBSD' servicename = 'apache22' -else - raise "Unconfigured OS for apache service on #{fact('osfamily')}" end describe 'apache::default_mods class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do diff --git a/spec/acceptance/version.rb b/spec/acceptance/version.rb index 169054ec21..a3b80c1730 100644 --- a/spec/acceptance/version.rb +++ b/spec/acceptance/version.rb @@ -51,5 +51,7 @@ $error_log = 'http-error.log' $apache_version = 2.2 +else + $apache_version = 0 end diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index f6749d35a1..b5c07290a7 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -880,7 +880,7 @@ class { 'apache::mod::wsgi': } apply_manifest(pp, :catch_failures => true) end - it 'import_script applies cleanly', :unless => fact('lsbcodename') == 'lucid' do + it 'import_script applies cleanly', :unless => (fact('lsbcodename') == 'lucid' or UNSUPPORTED_PLATFORMS.include?(fact('osfamily'))) do pp = <<-EOS class { 'apache': } class { 'apache::mod::wsgi': } diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 7d334ae9bd..8e4115128d 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,15 +1,18 @@ require 'beaker-rspec/spec_helper' require 'beaker-rspec/helpers/serverspec' -hosts.each do |host| - if host['platform'] =~ /debian/ - on host, 'echo \'export PATH=/var/lib/gems/1.8/bin/:${PATH}\' >> ~/.bashrc' - end - if host.is_pe? - install_pe - else - install_puppet - on host, "mkdir -p #{host['distmoduledir']}" + +unless ENV['RS_PROVISION'] == 'no' + hosts.each do |host| + if host['platform'] =~ /debian/ + on host, 'echo \'export PATH=/var/lib/gems/1.8/bin/:${PATH}\' >> ~/.bashrc' + end + if host.is_pe? + install_pe + else + install_puppet + on host, "mkdir -p #{host['distmoduledir']}" + end end end From 655d8dc601d939754e022120c3ec7048f345181d Mon Sep 17 00:00:00 2001 From: Ashley Penney Date: Fri, 28 Feb 2014 16:28:23 +0000 Subject: [PATCH 29/35] Block out WSGI tests for Ubuntu 10. --- README.md | 6 ++++++ spec/acceptance/vhost_spec.rb | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index fd21507cdc..ddba31de03 100644 --- a/README.md +++ b/README.md @@ -1718,6 +1718,12 @@ The Apache module relies heavily on templates to enable the `vhost` and `apache: ##Limitations +###Ubuntu 10.04 + +The `apache::vhost::WSGIImportScript` parameter creates a statement inside the VirtualHost which is unsupported on older versions of Apache, causing this to fail. This will be remedied in a future refactoring. + +###General + This module is CI tested on Centos 5 & 6, Ubuntu 12.04, Debian 7, and RHEL 5 & 6 platforms against both the OSS and Enterprise version of Puppet. The module contains support for other distributions and operating systems, such as FreeBSD and Amazon Linux, but is not formally tested on those and regressions may occur. diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index b5c07290a7..e715e28ee4 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -899,7 +899,7 @@ class { 'apache::mod::wsgi': } apply_manifest(pp, :catch_failures => true) end - describe file("#{$vhost_dir}/25-test.server.conf") do + describe file("#{$vhost_dir}/25-test.server.conf"), :unless => (fact('lsbcodename') == 'lucid' or UNSUPPORTED_PLATFORMS.include?(fact('osfamily'))) do it { should be_file } it { should contain 'WSGIApplicationGroup %{GLOBAL}' } it { should contain 'WSGIDaemonProcess wsgi processes=2' } From 6f45b714b28e44ffb45d990f581c3c928e8d3af2 Mon Sep 17 00:00:00 2001 From: Ashley Penney Date: Sat, 1 Mar 2014 00:06:58 +0000 Subject: [PATCH 30/35] Correct the name of this fact. --- spec/acceptance/vhost_spec.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index e715e28ee4..547612e73f 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -880,7 +880,7 @@ class { 'apache::mod::wsgi': } apply_manifest(pp, :catch_failures => true) end - it 'import_script applies cleanly', :unless => (fact('lsbcodename') == 'lucid' or UNSUPPORTED_PLATFORMS.include?(fact('osfamily'))) do + it 'import_script applies cleanly', :unless => (fact('lsbdistcodename') == 'lucid' or UNSUPPORTED_PLATFORMS.include?(fact('osfamily'))) do pp = <<-EOS class { 'apache': } class { 'apache::mod::wsgi': } @@ -899,7 +899,7 @@ class { 'apache::mod::wsgi': } apply_manifest(pp, :catch_failures => true) end - describe file("#{$vhost_dir}/25-test.server.conf"), :unless => (fact('lsbcodename') == 'lucid' or UNSUPPORTED_PLATFORMS.include?(fact('osfamily'))) do + describe file("#{$vhost_dir}/25-test.server.conf"), :unless => (fact('lsbdistcodename') == 'lucid' or UNSUPPORTED_PLATFORMS.include?(fact('osfamily'))) do it { should be_file } it { should contain 'WSGIApplicationGroup %{GLOBAL}' } it { should contain 'WSGIDaemonProcess wsgi processes=2' } From 416d4fc381fd4d615b23b8736770fb7872cf9590 Mon Sep 17 00:00:00 2001 From: Lauren Rother Date: Sat, 1 Mar 2014 12:51:18 -0800 Subject: [PATCH 31/35] Adds "Release Notes/Known Bugs" to Changelog, updates file format to markdown, standardizes the format of previous entries Per a request to have initial release notes that specifically listed known issues for this PE 3.2 release, and barred by time constraints from automating a pull from open issues in JIRA, this commit adds a Release Note and Known Bug section to the Changelog for the imminent 3.2 release. As it will display on the Forge, updates file type to markdown and standardizes previous entries. Adds template for release notes to be filled in later. --- CHANGELOG.md | 43 ++++++++++++++++++++++++++++--------------- 1 file changed, 28 insertions(+), 15 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 57d62e4c19..ddeed5285e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,14 +1,27 @@ +## 2014-03-04 Supported Release 1.0.x +###Summary + +####Features + +####Bugfixes + +####Known Bugs +* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`. +* SLES is unsupported. + +--- + ## 2014-01-31 Release 0.11.0 ### Summary: This release adds preliminary support for Windows compatibility and multiple rewrite support. -### Backwards-incompatible Changes: +#### Backwards-incompatible Changes: - The rewrite_rule parameter is deprecated in favor of the new rewrite parameter and will be removed in a future release. -### Features: +#### Features: - add Match directive - quote paths for windows compatibility @@ -25,7 +38,7 @@ This release adds preliminary support for Windows compatibility and multiple rew - Convert spec tests to beaker. - Support php_admin_(flag|value)s -### Bugfixes: +#### Bugfixes: - directories are either a Hash or an Array of Hashes - Configure Passenger in separate .conf file on RH so PassengerRoot isn't lost @@ -40,7 +53,7 @@ This release adds preliminary support for Windows compatibility and multiple rew This release adds FreeBSD osfamily support and various other improvements to some mods. -### Features: +#### Features: - Add suPHP_UserGroup directive to directory context - Add support for ScriptAliasMatch directives @@ -68,7 +81,7 @@ This release adds FreeBSD osfamily support and various other improvements to som - Add documentation about $ip - Add ability to pass ip (instead of wildcard) in default vhost files -### Bugfixes: +#### Bugfixes: - Don't listen on port or set NameVirtualHost for non-existent vhost - only apply Directory defaults when provider is a directory @@ -80,7 +93,7 @@ This release adds more parameters to the base apache class and apache defined resource to make the module more flexible. It also adds or enhances SuPHP, WSGI, and Passenger mod support, and support for the ITK mpm module. -### Backwards-incompatible Changes: +#### Backwards-incompatible Changes: - Remove many default mods that are not normally needed. - Remove `rewrite_base` `apache::vhost` parameter; did not work anyway. - Specify dependencies on stdlib >=2.4.0 (this was already the case, but @@ -88,7 +101,7 @@ making explicit) - Deprecate `a2mod` in favor of the `apache::mod::*` classes and `apache::mod` defined resource. -### Features: +#### Features: - `apache` class - Add `httpd_dir` parameter to change the location of the configuration files. @@ -123,7 +136,7 @@ dependency chaining of `Class['apache'] -> ~> Class['apache::service']` - Added `apache::mod::proxy_balancer` class for `apache::balancer` -### Bugfixes: +#### Bugfixes: - Change dependency to puppetlabs-concat - Fix ruby 1.9 bug for `a2mod` - Change servername to be `$::hostname` if there is no `$::fqdn` @@ -133,17 +146,17 @@ Class['apache::service']` array. ## 2013-07-26 Release 0.8.1 -### Bugfixes: +#### Bugfixes: - Update `apache::mpm_module` detection for worker/prefork - Update `apache::mod::cgi` and `apache::mod::cgid` detection for worker/prefork ## 2013-07-16 Release 0.8.0 -### Features: +#### Features: - Add `servername` parameter to `apache` class - Add `proxy_set` parameter to `apache::balancer` define -### Bugfixes: +#### Bugfixes: - Fix ordering for multiple `apache::balancer` clusters - Fix symlinking for sites-available on Debian-based OSs - Fix dependency ordering for recursive confdir management @@ -151,13 +164,13 @@ worker/prefork - Documentation updates ## 2013-07-09 Release 0.7.0 -### Changes: +#### Changes: - Essentially rewrite the module -- too many to list - `apache::vhost` has many abilities -- see README.md for details - `apache::mod::*` classes provide httpd mod-loading capabilities - `apache` base class is much more configurable -### Bugfixes: +#### Bugfixes: - Many. And many more to come ## 2013-03-2 Release 0.6.0 @@ -166,10 +179,10 @@ worker/prefork - make purging of vhost dir configurable ## 2012-08-24 Release 0.4.0 -### Changes: +#### Changes: - `include apache` is now required when using `apache::mod::*` -### Bugfixes: +#### Bugfixes: - Fix syntax for validate_re - Fix formatting in vhost template - Fix spec tests such that they pass From c39c04dbf8fce9531f2a8090d34ee7406bb73fb7 Mon Sep 17 00:00:00 2001 From: Lauren Rother Date: Sun, 2 Mar 2014 09:12:57 -0800 Subject: [PATCH 32/35] Cleans up first entry formatting in changelog Somehow I just totally missed that the very first changelog entry wasn't formatted at all. --- CHANGELOG.md | 66 ++++++++++++++++++++++++++-------------------------- 1 file changed, 33 insertions(+), 33 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ddeed5285e..2c7ee39e77 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -187,36 +187,36 @@ worker/prefork - Fix formatting in vhost template - Fix spec tests such that they pass - 2012-05-08 Puppet Labs - 0.0.4 - e62e362 Fix broken tests for ssl, vhost, vhost::* - 42c6363 Changes to match style guide and pass puppet-lint without error - 42bc8ba changed name => path for file resources in order to name namevar by it's name - 72e13de One end too much - 0739641 style guide fixes: 'true' <> true, $operatingsystem needs to be $::operatingsystem, etc. - 273f94d fix tests - a35ede5 (#13860) Make a2enmod/a2dismo commands optional - 98d774e (#13860) Autorequire Package['httpd'] - 05fcec5 (#13073) Add missing puppet spec tests - 541afda (#6899) Remove virtual a2mod definition - 976cb69 (#13072) Move mod python and wsgi package names to params - 323915a (#13060) Add .gitignore to repo - fdf40af (#13060) Remove pkg directory from source tree - fd90015 Add LICENSE file and update the ModuleFile - d3d0d23 Re-enable local php class - d7516c7 Make management of firewalls configurable for vhosts - 60f83ba Explicitly lookup scope of apache_name in templates. - f4d287f (#12581) Add explicit ordering for vdir directory - 88a2ac6 (#11706) puppetlabs-apache depends on puppetlabs-firewall - a776a8b (#11071) Fix to work with latest firewall module - 2b79e8b (#11070) Add support for Scientific Linux - 405b3e9 Fix for a2mod - 57b9048 Commit apache::vhost::redirect Manifest - 8862d01 Commit apache::vhost::proxy Manifest - d5c1fd0 Commit apache::mod::wsgi Manifest - a825ac7 Commit apache::mod::python Manifest - b77062f Commit Templates - 9a51b4a Vhost File Declarations - 6cf7312 Defaults for Parameters - 6a5b11a Ensure installed - f672e46 a2mod fix - 8a56ee9 add pthon support to apache +##2012-05-08 Puppet Labs - 0.0.4 +* e62e362 Fix broken tests for ssl, vhost, vhost::* +* 42c6363 Changes to match style guide and pass puppet-lint without error +* 42bc8ba changed name => path for file resources in order to name namevar by it's name +* 72e13de One end too much +* 0739641 style guide fixes: 'true' <> true, $operatingsystem needs to be $::operatingsystem, etc. +* 273f94d fix tests +* a35ede5 (#13860) Make a2enmod/a2dismo commands optional +* 98d774e (#13860) Autorequire Package['httpd'] +* 05fcec5 (#13073) Add missing puppet spec tests +* 541afda (#6899) Remove virtual a2mod definition +* 976cb69 (#13072) Move mod python and wsgi package names to params +* 323915a (#13060) Add .gitignore to repo +* fdf40af (#13060) Remove pkg directory from source tree +* fd90015 Add LICENSE file and update the ModuleFile +* d3d0d23 Re-enable local php class +* d7516c7 Make management of firewalls configurable for vhosts +* 60f83ba Explicitly lookup scope of apache_name in templates. +* f4d287f (#12581) Add explicit ordering for vdir directory +* 88a2ac6 (#11706) puppetlabs-apache depends on puppetlabs-firewall +* a776a8b (#11071) Fix to work with latest firewall module +* 2b79e8b (#11070) Add support for Scientific Linux +* 405b3e9 Fix for a2mod +* 57b9048 Commit apache::vhost::redirect Manifest +* 8862d01 Commit apache::vhost::proxy Manifest +* d5c1fd0 Commit apache::mod::wsgi Manifest +* a825ac7 Commit apache::mod::python Manifest +* b77062f Commit Templates +* 9a51b4a Vhost File Declarations +* 6cf7312 Defaults for Parameters +* 6a5b11a Ensure installed +* f672e46 a2mod fix +* 8a56ee9 add pthon support to apache \ No newline at end of file From b4153791317f895d64fcbe5bd4102156246548e7 Mon Sep 17 00:00:00 2001 From: Ashley Penney Date: Mon, 3 Mar 2014 11:56:31 -0500 Subject: [PATCH 33/35] Add metadata for supported modules. --- metadata.json | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 metadata.json diff --git a/metadata.json b/metadata.json new file mode 100644 index 0000000000..2bfd442979 --- /dev/null +++ b/metadata.json @@ -0,0 +1,50 @@ +{ + "operatingsystem_support": [ + { + "operatingsystem": "RedHat", + "operatingsystemrelease": [ + "5", + "6" + ] + }, + { + "operatingsystem": "CentOS", + "operatingsystemrelease": [ + "5", + "6" + ] + }, + { + "operatingsystem": "OracleLinux", + "operatingsystemrelease": [ + "5", + "6" + ] + }, + { + "operatingsystem": "Scientific", + "operatingsystemrelease": [ + "5", + "6" + ] + }, + { + "operatingsystem": "Debian", + "operatingsystemrelease": [ + "6", + "7" + ] + }, + { + "operatingsystem": "Ubuntu", + "operatingsystemrelease": [ + "10.04", + "12.04" + ] + } + ], + "requirements": [ + { "name": "pe", "version_requirement": "3.2.x" }, + { "name": "puppet", "version_requirement": "3.x" } + ] +} From eba8df9a630ddcdc68baa4fcbd84122e234eaad3 Mon Sep 17 00:00:00 2001 From: Ashley Penney Date: Mon, 3 Mar 2014 19:14:26 +0000 Subject: [PATCH 34/35] Prepare supported module release 1.0.0. --- CHANGELOG.md | 15 +++++++++++++-- Modulefile | 2 +- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2c7ee39e77..74622ba84e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,10 +1,21 @@ -## 2014-03-04 Supported Release 1.0.x +## 2014-03-04 Supported Release 1.0.0 ###Summary +This is a supported release. This release introduces Apache 2.4 support for +Debian and RHEL based osfamilies. + ####Features +- Add apache24 support +- Add rewrite_base functionality to rewrites +- Updated README documentation +- Add WSGIApplicationGroup and WSGIImportScript directives + ####Bugfixes +- Replace mutating hashes with merge() for Puppet 3.5 +- Fix WSGI import_script and mod_ssl issues on Lucid + ####Known Bugs * By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`. * SLES is unsupported. @@ -219,4 +230,4 @@ worker/prefork * 6cf7312 Defaults for Parameters * 6a5b11a Ensure installed * f672e46 a2mod fix -* 8a56ee9 add pthon support to apache \ No newline at end of file +* 8a56ee9 add pthon support to apache diff --git a/Modulefile b/Modulefile index 1a1db1427f..1bee8e4ce5 100644 --- a/Modulefile +++ b/Modulefile @@ -1,5 +1,5 @@ name 'puppetlabs-apache' -version '0.11.0' +version '1.0.0' source 'git://github.com/puppetlabs/puppetlabs-apache.git' author 'puppetlabs' license 'Apache 2.0' From 67d284a05d39076faedd4897a529c148a82f33c8 Mon Sep 17 00:00:00 2001 From: Ashley Penney Date: Mon, 3 Mar 2014 21:41:38 +0000 Subject: [PATCH 35/35] Add in missing fields to work around a Puppet bug. --- metadata.json | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/metadata.json b/metadata.json index 2bfd442979..e5a6ae0eb3 100644 --- a/metadata.json +++ b/metadata.json @@ -1,4 +1,11 @@ { + "name": "puppetlabs-apache", + "version": "1.0.0", + "source": "https://github.com/puppetlabs/puppetlabs-apache", + "author": "Puppet Labs", + "license": "Apache-2.0", + "project_page": "https://github.com/puppetlabs/puppetlabs-apache", + "summary": "Puppet module for Apache", "operatingsystem_support": [ { "operatingsystem": "RedHat", @@ -46,5 +53,6 @@ "requirements": [ { "name": "pe", "version_requirement": "3.2.x" }, { "name": "puppet", "version_requirement": "3.x" } - ] + ], + "dependencies": [] }