From f73b4d40cc09e9a54578acbb7d5791c0a6ed5197 Mon Sep 17 00:00:00 2001 From: jonoterc Date: Tue, 4 Feb 2014 00:24:10 -0500 Subject: [PATCH 01/65] enable overriding mod-level parameters for apache::mod::passenger apache::mod::passenger didn't accept/pass (optional) mod parameters through to apache::mod, so only auto-generated module parameters were used. Without this option apache::mod::passenger could not be used in conjunction with passenger modules beyond those generated by OS package system (in particular, modules compiled via passenger-install-apache2-module, which use differing paths). This commit enables passing in all parameters used with "apache::mod", documented in the passenger README includes basic spec/acceptance tests; verifying a default installation as well as passing in module loading parameters. new tests revealed undocumented Redhat dependencies on a passenger- specific repository as well as the EPEL repository; as a first step these dependencies are being manually resolved during setup for the acceptance testing suite. --- README.passenger.md | 62 +++++++++++++++++++++++++----- manifests/mod/passenger.pp | 37 ++++++++++++++---- manifests/params.pp | 4 +- spec/classes/mod/passenger_spec.rb | 31 ++++++++++++++- spec/spec_helper_acceptance.rb | 23 +++++++++++ 5 files changed, 136 insertions(+), 21 deletions(-) diff --git a/README.passenger.md b/README.passenger.md index cecacccc4f..1cc21202b8 100644 --- a/README.passenger.md +++ b/README.passenger.md @@ -2,7 +2,9 @@ Just enabling the Passenger module is insufficient for the use of Passenger in production. Passenger should be tunable to better fit the environment in which it is run while being aware of the resources it required. -To this end the Apache passenger module has been modified to apply system wide Passenger tuning declarations to `passenger.conf`. Declarations specific to a virtual host should be passed through when defining a `vhost` (e.g. `rack_base_uris' parameter on the `apache::vhost` class, check `README.md`). +To this end the Apache passenger module has been modified to apply system wide Passenger tuning declarations to `passenger.conf`. Declarations specific to a virtual host should be passed through when defining a `vhost` (e.g. `rack_base_uris` parameter on the `apache::vhost` class, check `README.md`). + +Also, general apache module loading parameters can be supplied to enable using a customized passenger module in place of a default-package-based version of the module. # Parameters for `apache::mod::passenger` @@ -12,59 +14,99 @@ The following declarations are supported and can be passed to `apache::mod::pass class {'apache::mod::passenger': passenger_high_performance => 'on', rails_autodetect => 'off', + mod_lib_path => '/usr/lib/apache2/custom_modules', } ``` The general form is using the all lower case version of the declaration. -If you pass a default value to `apache::mod::passenger` it will be ignored and not passed through to the configuration file. +## Parameters used with passenger.conf + +If you pass a default value to `apache::mod::passenger` it will be ignored and not passed through to the configuration file. -## passenger_high_performance +### passenger_high_performance Default is `off`, when turned `on` Passenger runs in a higher performance mode that can be less compatible with other Apache modules. http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerHighPerformance -## passenger_max_pool_size +### passenger_max_pool_size Set's the maximum number of Passenger application processes that may simultaneously run. The default value is 6. http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengermaxpoolsize_lt_integer_gt -## passenger_pool_idle_time +### passenger_pool_idle_time The maximum number of seconds a Passenger Application process will be allowed to remain idle before being shut down. The default value is 300. http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerPoolIdleTime -## passenger_max_requests +### passenger_max_requests The maximum number of request a Passenger application will process before being restarted. The default value is 0, which indicates that a process will only shut down if the Pool Idle Time (see above) expires. http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerMaxRequests -## passenger_stat_throttle_rate +### passenger_stat_throttle_rate Sets how often Passenger performs file system checks, at most once every _x_ seconds. Default is 0, which means the checks are performed with every request. http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengerstatthrottlerate_lt_integer_gt -## rack_autodetect +### rack_autodetect Should Passenger automatically detect if the document root of a virtual host is a Rack application. The default is `on` http://www.modrails.com/documentation/Users%20guide%20Apache.html#_rackautodetect_lt_on_off_gt -## rails_autodetect +### rails_autodetect Should Passenger automatically detect if the document root of a virtual host is a Rails application. The default is on. http://www.modrails.com/documentation/Users%20guide%20Apache.html#_railsautodetect_lt_on_off_gt -## passenger_use_global_queue +### passenger_use_global_queue Allows toggling of PassengerUseGlobalQueue. NOTE: PassengerUseGlobalQueue is the default in Passenger 4.x and the versions >= 4.x have disabled this configuration option altogether. Use with caution. +## Parameters used to load the module + +Unlike the tuning parameters specified above, the following parameters are only used when loading customized passenger modules. + +### mod_package + +Allows overriding the default package name used for the passenger module package. + +### mod_package_ensure + +Allows overriding the package installation setting used by puppet when installing the passenger module. The default is 'present'. + +### mod_id + +Allows overriding the value used by apache to identify the passenger module. The default is 'passenger_module'. + +### mod_lib_path + +Allows overriding the directory path used by apache when loading the passenger module. The default is the value of `$apache::params::lib_path`. + +### mod_lib + +Allows overriding the library file name used by apache when loading the passenger module. The default is 'mod_passenger.so'. + +### mod_path + +Allows overriding the full path to the library file used by apache when loading the passenger module. The default is the concatenation of the `mod_lib_path` and `mod_lib` parameters. + +# Dependencies + +RedHat-based systems will need to configure additional package repositories in order to install Passenger, specifically: + +* [Extra Packages for Enterprise Linux](https://fedoraproject.org/wiki/EPEL) +* [Phusion Passenger](http://passenger.stealthymonkeys.com) + +Configuration of these repositories is beyond the scope of this module and is left to the user. + # Attribution The Passenger tuning parameters for the `apache::mod::puppet` Puppet class was modified by Aaron Hicks (hicksa@landcareresearch.co.nz) for work on the NeSI Project and the Tuakiri New Zealand Access Federation as a fork from the PuppetLabs Apache module on GitHub. diff --git a/manifests/mod/passenger.pp b/manifests/mod/passenger.pp index e7561651d6..8eb7d2412d 100644 --- a/manifests/mod/passenger.pp +++ b/manifests/mod/passenger.pp @@ -11,14 +11,13 @@ $passenger_ruby = $apache::params::passenger_ruby, $passenger_max_pool_size = undef, $passenger_use_global_queue = undef, + $mod_package = undef, + $mod_package_ensure = undef, + $mod_lib = undef, + $mod_lib_path = undef, + $mod_id = undef, + $mod_path = undef, ) { - if $::osfamily == 'FreeBSD' { - apache::mod { 'passenger': - lib_path => "${passenger_root}/buildout/apache2" - } - } else { - apache::mod { 'passenger': } - } # Managed by the package, but declare it to avoid purging if $passenger_conf_package_file { @@ -27,6 +26,30 @@ } } + $_package = $mod_package + $_package_ensure = $mod_package_ensure + $_lib = $mod_lib + if $::osfamily == 'FreeBSD' { + if $mod_lib_path { + $_lib_path = $mod_lib_path + } else { + $_lib_path = "${passenger_root}/buildout/apache2" + } + } else { + $_lib_path = $mod_lib_path + } + + $_id = $mod_id + $_path = $mod_path + apache::mod { 'passenger': + package => $_package, + package_ensure => $_package_ensure, + lib => $_lib, + lib_path => $_lib_path, + id => $_id, + path => $_path, + } + # Template uses: # - $passenger_root # - $passenger_ruby diff --git a/manifests/params.pp b/manifests/params.pp index 1f5f45b413..ea24a87f71 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -58,8 +58,8 @@ $ssl_certs_dir = '/etc/pki/tls/certs' $passenger_conf_file = 'passenger_extra.conf' $passenger_conf_package_file = 'passenger.conf' - $passenger_root = undef - $passenger_ruby = undef + $passenger_root = '/usr/lib/ruby/gems/1.8/gems/passenger-3.0.19' + $passenger_ruby = '/usr/bin/ruby' $suphp_addhandler = 'php5-script' $suphp_engine = 'off' $suphp_configpath = undef diff --git a/spec/classes/mod/passenger_spec.rb b/spec/classes/mod/passenger_spec.rb index 37177f477f..a90b85d7a7 100644 --- a/spec/classes/mod/passenger_spec.rb +++ b/spec/classes/mod/passenger_spec.rb @@ -13,6 +13,9 @@ it { should contain_class("apache::params") } it { should contain_apache__mod('passenger') } it { should contain_package("libapache2-mod-passenger") } + it { should contain_file('passenger.load').with({ + 'path' => '/etc/apache2/mods-available/passenger.load', + }) } it { should contain_file('passenger.conf').with({ 'path' => '/etc/apache2/mods-available/passenger.conf', }) } @@ -78,6 +81,30 @@ end it { should contain_file('passenger.conf').with_content(/^ PassengerUseGlobalQueue true$/) } end + describe "with mod_path => '/usr/lib/foo/mod_foo.so'" do + let :params do + { :mod_path => '/usr/lib/foo/mod_foo.so' } + end + it { should contain_file('passenger.load').with_content(/^LoadModule passenger_module \/usr\/lib\/foo\/mod_foo\.so$/) } + end + describe "with mod_lib_path => '/usr/lib/foo'" do + let :params do + { :mod_lib_path => '/usr/lib/foo' } + end + it { should contain_file('passenger.load').with_content(/^LoadModule passenger_module \/usr\/lib\/foo\/mod_passenger\.so$/) } + end + describe "with mod_lib => 'mod_foo.so'" do + let :params do + { :mod_lib => 'mod_foo.so' } + end + it { should contain_file('passenger.load').with_content(/^LoadModule passenger_module \/usr\/lib\/apache2\/modules\/mod_foo\.so$/) } + end + describe "with mod_id => 'mod_foo'" do + let :params do + { :mod_id => 'mod_foo' } + end + it { should contain_file('passenger.load').with_content(/^LoadModule mod_foo \/usr\/lib\/apache2\/modules\/mod_passenger\.so$/) } + end end context "on a RedHat OS" do @@ -99,8 +126,8 @@ it { should contain_file('passenger.conf').with({ 'path' => '/etc/httpd/conf.d/passenger_extra.conf', }) } - it { should contain_file('passenger.conf').without_content(/PassengerRoot/) } - it { should contain_file('passenger.conf').without_content(/PassengerRuby/) } + it { should contain_file('passenger.conf').with_content(/^ PassengerRoot "\/usr\/lib\/ruby\/gems\/1.8\/gems\/passenger-3\.0\.19"$/) } + it { should contain_file('passenger.conf').with_content(/^ PassengerRuby "\/usr\/bin\/ruby"/) } describe "with passenger_root => '/usr/lib/example'" do let :params do { :passenger_root => '/usr/lib/example' } diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 176529fdb7..30b4fdb1f8 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -13,6 +13,29 @@ on host, 'gem install puppet --no-ri --no-rdoc' on host, "mkdir -p #{host['distmoduledir']}" end + + # host-specific repositories + repos = { + 'centos-64-x64' => [ + [ + 'http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm' , + nil + ], + [ + 'http://passenger.stealthymonkeys.com/rhel/6/passenger-release.noarch.rpm', + 'http://passenger.stealthymonkeys.com/RPM-GPG-KEY-stealthymonkeys.asc' + ] + ] + } + + host_repos = repos[host.to_s] || [] + host_repos.each do |repo_url,gpg_key| + puts "configuring #{host}-specific repo #{repo_url.inspect}" + unless gpg_key.nil? + shell("rpm --import #{gpg_key}") + end + shell("rpm -Uvh #{repo_url}") + end end RSpec.configure do |c| From 769ff363a8a3c51e24f63a2494217d2d029289c6 Mon Sep 17 00:00:00 2001 From: jrnt30 Date: Wed, 26 Feb 2014 17:05:11 -0600 Subject: [PATCH 02/65] Modifying hierarchy of the Version/Params to allow for proper parsing of release on Amazon Linux --- manifests/params.pp | 7 ------- manifests/version.pp | 11 +++++++++-- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index be6e331af8..04c3b65fe5 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -19,13 +19,6 @@ # Sample Usage: # class apache::params inherits ::apache::version { - # This will be 5 or 6 on RedHat, 6 or wheezy on Debian, 12 or quantal on Ubuntu, 3 on Amazon, etc. - $osr_array = split($::operatingsystemrelease,'[\/\.]') - $distrelease = $osr_array[0] - if ! $distrelease { - fail("Class['apache::params']: Unparsable \$::operatingsystemrelease: ${::operatingsystemrelease}") - } - if($::fqdn) { $servername = $::fqdn } else { diff --git a/manifests/version.pp b/manifests/version.pp index 4ed960df18..581fdde6fe 100644 --- a/manifests/version.pp +++ b/manifests/version.pp @@ -3,16 +3,23 @@ # Try to automatically detect the version by OS # class apache::version { + # This will be 5 or 6 on RedHat, 6 or wheezy on Debian, 12 or quantal on Ubuntu, 3 on Amazon, etc. + $osr_array = split($::operatingsystemrelease,'[\/\.]') + $distrelease = $osr_array[0] + if ! $distrelease { + fail("Class['apache::params']: Unparsable \$::operatingsystemrelease: ${::operatingsystemrelease}") + } + case $::osfamily { 'RedHat': { - if ($::operatingsystem == 'Fedora' and $::operatingsystemrelease >= 18) or ($::operatingsystem != 'Fedora' and $::operatingsystemrelease >= 7) { + if ($::operatingsystem == 'Fedora' and $distrelease >= 18) or ($::operatingsystem != 'Fedora' and $distrelease >= 7) { $default = 2.4 } else { $default = 2.2 } } 'Debian': { - if $::operatingsystem == 'Ubuntu' and $::operatingsystemrelease >= 13.10 { + if $::operatingsystem == 'Ubuntu' and $distrelease >= 13.10 { $default = 2.4 } else { $default = 2.2 From 736382c3d04932af8ebdcafdadcd020275b961c7 Mon Sep 17 00:00:00 2001 From: Adam Malone Date: Mon, 27 Jan 2014 16:35:24 +1100 Subject: [PATCH 03/65] Allows for the configuration of mod_actions, specifically the action type triggered by the request. --- README.md | 1 + manifests/default_mods.pp | 4 ++-- manifests/mod/actions.pp | 3 +++ manifests/vhost.pp | 1 + spec/acceptance/vhost_spec.rb | 19 +++++++++++++++++++ spec/defines/vhost_spec.rb | 13 ++++++++++++- templates/vhost.conf.erb | 1 + templates/vhost/_action.erb | 4 ++++ templates/vhost/_scriptalias.erb | 2 +- 9 files changed, 44 insertions(+), 4 deletions(-) create mode 100644 manifests/mod/actions.pp create mode 100644 templates/vhost/_action.erb diff --git a/README.md b/README.md index fd21507cdc..353120e3ca 100644 --- a/README.md +++ b/README.md @@ -413,6 +413,7 @@ Used to enable arbitrary Apache HTTPD modules for which there is no specific `ap There are many `apache::mod::[name]` classes within this module that can be declared using `include`: +* `actions` * `alias` * `auth_basic` * `auth_kerb` diff --git a/manifests/default_mods.pp b/manifests/default_mods.pp index 139503e3c5..af98896216 100644 --- a/manifests/default_mods.pp +++ b/manifests/default_mods.pp @@ -21,12 +21,12 @@ include ::apache::mod::reqtimeout } 'redhat': { + include ::apache::mod::actions include ::apache::mod::cache include ::apache::mod::mime include ::apache::mod::mime_magic include ::apache::mod::vhost_alias include ::apache::mod::rewrite - ::apache::mod { 'actions': } ::apache::mod { 'auth_digest': } ::apache::mod { 'authn_anon': } ::apache::mod { 'authn_dbm': } @@ -55,6 +55,7 @@ } } 'freebsd': { + include ::apache::mod::actions include ::apache::mod::cache include ::apache::mod::disk_cache include ::apache::mod::headers @@ -65,7 +66,6 @@ include ::apache::mod::userdir include ::apache::mod::vhost_alias - ::apache::mod { 'actions': } ::apache::mod { 'asis': } ::apache::mod { 'auth_digest': } ::apache::mod { 'authn_alias': } diff --git a/manifests/mod/actions.pp b/manifests/mod/actions.pp new file mode 100644 index 0000000000..3b60f297fd --- /dev/null +++ b/manifests/mod/actions.pp @@ -0,0 +1,3 @@ +class apache::mod::actions { + apache::mod { 'actions': } +} diff --git a/manifests/vhost.pp b/manifests/vhost.pp index 8525235e9d..5d61b267a6 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -169,6 +169,7 @@ $wsgi_script_aliases = undef, $custom_fragment = undef, $itk = undef, + $action = undef, $fastcgi_server = undef, $fastcgi_socket = undef, $fastcgi_dir = undef, diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index f6749d35a1..d3133e0a3d 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -682,6 +682,25 @@ class { 'apache': service_ensure => stopped, } end end + describe 'actions' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + action => 'php-fastcgi', + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe file("#{$vhost_dir}/25-test.server.conf") do + it { should be_file } + it { should contain 'Action php-fastcgi /cgi-bin virtual' } + end + end + describe 'suphp' do it 'applies cleanly' do pp = <<-EOS diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb index 46e6fd3950..b16ce88404 100644 --- a/spec/defines/vhost_spec.rb +++ b/spec/defines/vhost_spec.rb @@ -269,7 +269,7 @@ :attr => 'scriptalias', :value => '/usr/scripts', :match => [ - /^ ScriptAlias \/cgi-bin\/ "\/usr\/scripts"$/, + /^ ScriptAlias \/cgi-bin "\/usr\/scripts"$/, ], }, { @@ -1179,6 +1179,17 @@ end end + describe 'when action is specified specified' do + let :params do default_params.merge({ + :action => 'php-fastcgi', + }) end + it 'should set Action' do + should contain_file("25-#{title}.conf").with_content( + /^ Action php-fastcgi \/cgi-bin virtual$/ + ) + end + end + describe 'when suphp_engine is on and suphp_configpath is specified' do let :params do default_params.merge({ :suphp_engine => 'on', diff --git a/templates/vhost.conf.erb b/templates/vhost.conf.erb index 0eb69b0096..673ea0c2bd 100644 --- a/templates/vhost.conf.erb +++ b/templates/vhost.conf.erb @@ -44,6 +44,7 @@ <% elsif @access_log -%> CustomLog "<%= @access_log_destination %>" <%= @_access_log_format %> <% end -%> +<%= scope.function_template(['apache/vhost/_action.erb']) -%> <%= scope.function_template(['apache/vhost/_block.erb']) -%> <%= scope.function_template(['apache/vhost/_error_document.erb']) -%> <%= scope.function_template(['apache/vhost/_proxy.erb']) -%> diff --git a/templates/vhost/_action.erb b/templates/vhost/_action.erb new file mode 100644 index 0000000000..8a02290595 --- /dev/null +++ b/templates/vhost/_action.erb @@ -0,0 +1,4 @@ +<% if @action -%> + + Action <%= @action %> /cgi-bin virtual +<% end -%> diff --git a/templates/vhost/_scriptalias.erb b/templates/vhost/_scriptalias.erb index 5a757f6170..bb4f6b316e 100644 --- a/templates/vhost/_scriptalias.erb +++ b/templates/vhost/_scriptalias.erb @@ -10,7 +10,7 @@ ## Script alias directives <%# Combine scriptalais and scriptaliases into a single data structure -%> <%# for backward compatibility and ease of implementation -%> -<%- aliases << { 'alias' => '/cgi-bin/', 'path' => @scriptalias } if @scriptalias -%> +<%- aliases << { 'alias' => '/cgi-bin', 'path' => @scriptalias } if @scriptalias -%> <%- aliases.flatten.compact! -%> <%- aliases.each do |salias| -%> <%- if salias["path"] != '' -%> From efffa854f8ceed8c3b4094903df1619795eb5f95 Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Tue, 4 Mar 2014 12:49:26 +0100 Subject: [PATCH 04/65] Include mod wsgi when wsgi_daemon_process is given --- manifests/vhost.pp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/manifests/vhost.pp b/manifests/vhost.pp index 5d61b267a6..b6c75dc51e 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -251,6 +251,10 @@ include ::apache::mod::vhost_alias } + if $wsgi_daemon_process { + include ::apache::mod::wsgi + } + # This ensures that the docroot exists # But enables it to be specified across multiple vhost resources if ! defined(File[$docroot]) { From e00f2783288eeaaff90f37122cbd5a8675173c94 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Wed, 5 Mar 2014 09:04:29 -0800 Subject: [PATCH 05/65] Remove PE support for master --- metadata.json | 1 - 1 file changed, 1 deletion(-) diff --git a/metadata.json b/metadata.json index 58ef979304..26a14ae42a 100644 --- a/metadata.json +++ b/metadata.json @@ -51,7 +51,6 @@ } ], "requirements": [ - { "name": "pe", "version_requirement": "3.2.x" }, { "name": "puppet", "version_requirement": "3.x" } ], "dependencies": [] From 64fb41f85c17d9be74291f721c6d5e7f7acf5d14 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Wed, 5 Mar 2014 09:04:41 -0800 Subject: [PATCH 06/65] Remove travis autorelease --- .travis.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.travis.yml b/.travis.yml index 5efc64fa76..7269dd1390 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,9 +5,6 @@ branches: language: ruby bundler_args: --without development script: "bundle exec rake spec SPEC_OPTS='--format documentation'" -after_success: - - git clone -q git://github.com/puppetlabs/ghpublisher.git .forge-releng - - .forge-releng/publish rvm: - 1.8.7 - 1.9.3 @@ -17,12 +14,6 @@ env: - PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.6.0" - PUPPET_GEM_VERSION="~> 2.7.0" FACTER_GEM_VERSION="~> 1.7.0" - PUPPET_GEM_VERSION="~> 3.0" - global: - - PUBLISHER_LOGIN=puppetlabs - - secure: |- - MO4pB4bqBQJjm2yFHf3Mgho+y0Qv4GmMxTMhzI02tGy1V0HMtruZbR7EBN0i - n2CiR7V9V0mNR7/ymzDMF9yVBcgqyXMsp/C6u992Dd0U63ZwFpbRWkxuAeEY - ioupWBkiczjVEo+sxn+gVOnx28pcH/X8kDWbr6wFOMIjO03K66Y= matrix: fast_finish: true exclude: From 7d84d59d4e1dcbbcd6b56c482e473ee4fc574b18 Mon Sep 17 00:00:00 2001 From: Phil Fenstermacher Date: Tue, 25 Feb 2014 17:14:28 -0500 Subject: [PATCH 07/65] Add support for mod_pagespeed --- README.md | 53 ++++++++++++++ manifests/mod/pagespeed.pp | 48 ++++++++++++ manifests/params.pp | 2 + spec/acceptance/mod_pagespeed_spec.rb | 85 ++++++++++++++++++++++ spec/classes/mod/pagespeed_spec.rb | 32 ++++++++ spec/spec_helper_acceptance.rb | 4 + templates/mod/pagespeed.conf.erb | 101 ++++++++++++++++++++++++++ 7 files changed, 325 insertions(+) create mode 100644 manifests/mod/pagespeed.pp create mode 100644 spec/acceptance/mod_pagespeed_spec.rb create mode 100644 spec/classes/mod/pagespeed_spec.rb create mode 100644 templates/mod/pagespeed.conf.erb diff --git a/README.md b/README.md index 3b072f8d7e..f71ee33e53 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,7 @@ * [Class: apache::default_mods](#class-apachedefault_mods) * [Defined Type: apache::mod](#defined-type-apachemod) * [Classes: apache::mod::*](#classes-apachemodname) + * [Class: apache::mod::pagespeed](#class-apachemodpagespeed) * [Class: apache::mod::ssl](#class-apachemodssl) * [Class: apache::mod::wsgi](#class-apachemodwsgi) * [Defined Type: apache::vhost](#defined-type-apachevhost) @@ -442,6 +443,7 @@ There are many `apache::mod::[name]` classes within this module that can be decl * `mime_magic`* * `negotiation` * `nss`* +* `pagespeed` (see [`apache::mod::pagespeed`](#class-apachemodpagespeed) below) * `passenger`* * `perl` * `peruser` @@ -470,6 +472,57 @@ Modules noted with a * indicate that the module has settings and, thus, a templa The modules mentioned above, and other Apache modules that have templates, will cause template files to be dropped along with the mod install and the module will not work without the template. Any module without a template will install the package but drop no files. +####Class: `apache::mod::pagespeed` + +Installs and manages mod_pagespeed, which is a Google module that rewrites web pages to reduce latency and bandwidth. + +This module does *not* manage the software repositories needed to automatically install the +mod-pagespeed-stable package. The module does however require that the package be installed, +or be installable using the system's default package provider. You should ensure that this +pre-requisite is met or declaring `apache::mod::pagespeed` will cause the puppet run to fail. + +These are the defaults: + +```puppet + class { 'apache::mod::pagespeed': + inherit_vhost_config => 'on', + filter_xhtml => false, + cache_path => '/var/cache/mod_pagespeed/', + log_dir => '/var/log/pagespeed', + memache_servers => [], + rewrite_level => 'CoreFilters', + disable_filters => [], + enable_filters => [], + forbid_filters => [], + rewrite_deadline_per_flush_ms => 10, + additional_domains => undef, + file_cache_size_kb => 102400, + file_cache_clean_interval_ms => 3600000, + lru_cache_per_process => 1024, + lru_cache_byte_limit => 16384, + css_flatten_max_bytes => 2048, + css_inline_max_bytes => 2048, + css_image_inline_max_bytes => 2048, + image_inline_max_bytes => 2048, + js_inline_max_bytes => 2048, + css_outline_min_bytes => 3000, + js_outline_min_bytes => 3000, + inode_limit => 500000, + image_max_rewrites_at_once => 8, + num_rewrite_threads => 4, + num_expensive_rewrite_threads => 4, + collect_statistics => 'on', + statistics_logging => 'on', + allow_view_stats => [], + allow_pagespeed_console => [], + allow_pagespeed_message => [], + message_buffer_size => 100000, + additional_configuration => { } + } +``` + +Full documentation for mod_pagespeed is available from [Google](http://modpagespeed.com). + ####Class: `apache::mod::ssl` Installs Apache SSL capabilities and uses the ssl.conf.erb template. These are the defaults: diff --git a/manifests/mod/pagespeed.pp b/manifests/mod/pagespeed.pp new file mode 100644 index 0000000000..d58f99fe2e --- /dev/null +++ b/manifests/mod/pagespeed.pp @@ -0,0 +1,48 @@ +class apache::mod::pagespeed ( + $inherit_vhost_config = 'on', + $filter_xhtml = false, + $cache_path = '/var/cache/mod_pagespeed/', + $log_dir = '/var/log/pagespeed', + $memache_servers = [], + $rewrite_level = 'CoreFilters', + $disable_filters = [], + $enable_filters = [], + $forbid_filters = [], + $rewrite_deadline_per_flush_ms = 10, + $additional_domains = undef, + $file_cache_size_kb = 102400, + $file_cache_clean_interval_ms = 3600000, + $lru_cache_per_process = 1024, + $lru_cache_byte_limit = 16384, + $css_flatten_max_bytes = 2048, + $css_inline_max_bytes = 2048, + $css_image_inline_max_bytes = 2048, + $image_inline_max_bytes = 2048, + $js_inline_max_bytes = 2048, + $css_outline_min_bytes = 3000, + $js_outline_min_bytes = 3000, + $inode_limit = 500000, + $image_max_rewrites_at_once = 8, + $num_rewrite_threads = 4, + $num_expensive_rewrite_threads = 4, + $collect_statistics = 'on', + $statistics_logging = 'on', + $allow_view_stats = [], + $allow_pagespeed_console = [], + $allow_pagespeed_message = [], + $message_buffer_size = 100000, + $additional_configuration = {}, +){ + + apache::mod { 'pagespeed': } + + file { 'pagespeed.conf': + ensure => file, + path => "${::apache::mod_dir}/pagespeed.conf", + content => template('apache/mod/pagespeed.conf.erb'), + require => Exec["mkdir ${::apache::mod_dir}"], + before => File[$::apache::mod_dir], + notify => Service['httpd'], + } + +} diff --git a/manifests/params.pp b/manifests/params.pp index 04c3b65fe5..33c4927945 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -61,6 +61,7 @@ 'authnz_ldap' => 'mod_authz_ldap', 'fastcgi' => 'mod_fastcgi', 'fcgid' => 'mod_fcgid', + 'pagespeed' => 'mod-pagespeed-stable', 'passenger' => 'mod_passenger', 'perl' => 'mod_perl', 'php5' => $distrelease ? { @@ -123,6 +124,7 @@ 'fastcgi' => 'libapache2-mod-fastcgi', 'fcgid' => 'libapache2-mod-fcgid', 'nss' => 'libapache2-mod-nss', + 'pagespeed' => 'mod-pagespeed-stable', 'passenger' => 'libapache2-mod-passenger', 'perl' => 'libapache2-mod-perl2', 'php5' => 'libapache2-mod-php5', diff --git a/spec/acceptance/mod_pagespeed_spec.rb b/spec/acceptance/mod_pagespeed_spec.rb new file mode 100644 index 0000000000..de59a347c1 --- /dev/null +++ b/spec/acceptance/mod_pagespeed_spec.rb @@ -0,0 +1,85 @@ +require 'spec_helper_acceptance' + +describe 'apache::mod::pagespeed class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + case fact('osfamily') + when 'Debian' + vhost_dir = '/etc/apache2/sites-enabled' + mod_dir = '/etc/apache2/mods-available' + service_name = 'apache2' + when 'RedHat' + vhost_dir = '/etc/httpd/conf.d' + mod_dir = '/etc/httpd/conf.d' + service_name = 'httpd' + when 'FreeBSD' + vhost_dir = '/usr/local/etc/apache22/Vhosts' + mod_dir = '/usr/local/etc/apache22/Modules' + service_name = 'apache22' + end + + context "default pagespeed config" do + it 'succeeds in puppeting pagespeed' do + pp= <<-EOS + if $::osfamily == 'Debian' { + class { 'apt': } + + apt::source { 'mod-pagespeed': + key => '7FAC5991', + key_server => 'pgp.mit.edu', + location => 'http://dl.google.com/linux/mod-pagespeed/deb/', + release => 'stable', + repos => 'main', + include_src => false, + before => Class['apache'], + } + } elsif $::osfamily == 'RedHat' { + yumrepo { 'mod-pagespeed': + baseurl => 'http://dl.google.com/linux/mod-pagespeed/rpm/stable/x86_64', + enabled => 1, + gpgcheck => 1, + gpgkey => 'https://dl-ssl.google.com/linux/linux_signing_key.pub', + before => Class['apache'], + } + } + + class { 'apache': + mpm_module => 'prefork', + } + class { 'apache::mod::pagespeed': + enable_filters => ['remove_comments'], + disable_filters => ['extend_cache'], + forbid_filters => ['rewrite_javascript'], + } + apache::vhost { 'pagespeed.example.com': + port => '80', + docroot => '/var/www/pagespeed', + } + host { 'pagespeed.example.com': ip => '127.0.0.1', } + file { '/var/www/pagespeed/index.html': + ensure => file, + content => "\n\n\n

Hello World!

\n\n", + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service(service_name) do + it { should be_enabled } + it { should be_running } + end + + describe file("#{mod_dir}/pagespeed.conf") do + it { should contain "AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER text/html" } + it { should contain "ModPagespeedEnableFilters remove_comments" } + it { should contain "ModPagespeedDisableFilters extend_cache" } + it { should contain "ModPagespeedForbidFilters rewrite_javascript" } + end + + it 'should answer to pagespeed.example.com and include and be stripped of comments by mod_pagespeed' do + shell("/usr/bin/curl pagespeed.example.com:80") do |r| + r.stdout.should =~ // + r.stdout.should_not =~ // + r.exit_code.should == 0 + end + end + end +end diff --git a/spec/classes/mod/pagespeed_spec.rb b/spec/classes/mod/pagespeed_spec.rb new file mode 100644 index 0000000000..7480a2b52f --- /dev/null +++ b/spec/classes/mod/pagespeed_spec.rb @@ -0,0 +1,32 @@ +describe 'apache::mod::pagespeed', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + } + end + it { should contain_class("apache::params") } + it { should contain_apache__mod('pagespeed') } + it { should contain_package("mod-pagespeed-stable") } + it { should contain_file('pagespeed.conf') } + end + + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + } + end + it { should contain_class("apache::params") } + it { should contain_apache__mod('pagespeed') } + it { should contain_package("mod-pagespeed-stable") } + it { should contain_file('pagespeed.conf') } + end +end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 8e4115128d..370de46c0d 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -34,6 +34,10 @@ if fact('osfamily') == 'RedHat' on host, puppet('module','install','stahnma/epel'), { :acceptable_exit_codes => [0,1] } end + # Required for manifest to make mod_pagespeed repository available + if fact('osfamily') == 'Debian' + on host, puppet('module','install','puppetlabs-apt'), { :acceptable_exit_codes => [0,1] } + end on host, puppet('module','install','puppetlabs-stdlib'), { :acceptable_exit_codes => [0,1] } on host, puppet('module','install','puppetlabs-concat'), { :acceptable_exit_codes => [0,1] } end diff --git a/templates/mod/pagespeed.conf.erb b/templates/mod/pagespeed.conf.erb new file mode 100644 index 0000000000..3bbf7f29b4 --- /dev/null +++ b/templates/mod/pagespeed.conf.erb @@ -0,0 +1,101 @@ +ModPagespeed on + +ModPagespeedInheritVHostConfig <%= @inherit_vhost_config %> +AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER text/html +<% if @filter_xhtml -%> +AddOutputFilterByType MOD_PAGESPEED_OUTPUT_FILTER application/xhtml+xml +<% end -%> +ModPagespeedFileCachePath "<%= @cache_path %>" +ModPagespeedLogDir "<%= @log_dir %>" + +<% @memache_servers.each do |server| -%> +ModPagespeedMemcachedServers <%= server -%> +<% end -%> + +ModPagespeedRewriteLevel <%= @rewrite_level -%> + +<% @disable_filters.each do |filter| -%> +ModPagespeedDisableFilters <%= filter -%> +<% end -%> + +<% @enable_filters.each do |filter| -%> +ModPagespeedEnableFilters <%= filter -%> +<% end -%> + +<% @forbid_filters.each do |filter| -%> +ModPagespeedForbidFilters <%= filter -%> +<% end -%> + +ModPagespeedRewriteDeadlinePerFlushMs <%= @rewrite_deadline_per_flush_ms %> + +<% if @additional_domains -%> +ModPagespeedDomain <%= @additional_domains -%> +<% end -%> + +ModPagespeedFileCacheSizeKb <%= @file_cache_size_kb %> +ModPagespeedFileCacheCleanIntervalMs <%= @file_cache_clean_interval_ms %> +ModPagespeedLRUCacheKbPerProcess <%= @lru_cache_per_process %> +ModPagespeedLRUCacheByteLimit <%= @lru_cache_byte_limit %> +ModPagespeedCssFlattenMaxBytes <%= @css_flatten_max_bytes %> +ModPagespeedCssInlineMaxBytes <%= @css_inline_max_bytes %> +ModPagespeedCssImageInlineMaxBytes <%= @css_image_inline_max_bytes %> +ModPagespeedImageInlineMaxBytes <%= @image_inline_max_bytes %> +ModPagespeedJsInlineMaxBytes <%= @js_inline_max_bytes %> +ModPagespeedCssOutlineMinBytes <%= @css_outline_min_bytes %> +ModPagespeedJsOutlineMinBytes <%= @js_outline_min_bytes %> + + +ModPagespeedFileCacheInodeLimit <%= @inode_limit %> +ModPagespeedImageMaxRewritesAtOnce <%= @image_max_rewrites_at_once %> + +ModPagespeedNumRewriteThreads <%= @num_rewrite_threads %> +ModPagespeedNumExpensiveRewriteThreads <%= @num_expensive_rewrite_threads %> + +ModPagespeedStatistics <%= @collect_statistics %> + + + Order allow,deny + # You may insert other "Allow from" lines to add hosts you want to + # allow to look at generated statistics. Another possibility is + # to comment out the "Order" and "Allow" options from the config + # file, to allow any client that can reach your server to examine + # statistics. This might be appropriate in an experimental setup or + # if the Apache server is protected by a reverse proxy that will + # filter URLs in some fashion. + Allow from localhost + Allow from 127.0.0.1 + Allow from ::1 + <% @allow_view_stats.each do |host| -%> + Allow from <%= host %> + <% end -%> + SetHandler mod_pagespeed_statistics + + +ModPagespeedStatisticsLogging <%= @statistics_logging %> + + Order allow,deny + Allow from localhost + Allow from 127.0.0.1 + Allow from ::1 + <% @allow_pagespeed_console.each do |host| -%> + Allow from <%= host %> + <% end -%> + SetHandler pagespeed_console + + +ModPagespeedMessageBufferSize <%= @message_buffer_size %> + + + Order allow,deny + Allow from localhost + Allow from 127.0.0.1 + Allow from ::1 + <% @allow_pagespeed_message.each do |host| -%> + Allow from <%= host %> + <% end -%> + SetHandler mod_pagespeed_message + + +<% @additional_configuration.each_pair do |key, value| -%> +<%= key %> <%= value %> +<% end -%> From 094000e0b63b66a2eabc92986b77df9b5e38c96e Mon Sep 17 00:00:00 2001 From: Carlos Sanchez Date: Mon, 10 Mar 2014 12:03:58 +0100 Subject: [PATCH 08/65] lint fixes --- manifests/params.pp | 2 +- manifests/version.pp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 04c3b65fe5..fbb53c0ae4 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -63,7 +63,7 @@ 'fcgid' => 'mod_fcgid', 'passenger' => 'mod_passenger', 'perl' => 'mod_perl', - 'php5' => $distrelease ? { + 'php5' => $::apache::version::distrelease ? { '5' => 'php53', default => 'php', }, diff --git a/manifests/version.pp b/manifests/version.pp index 581fdde6fe..70fe919b6e 100644 --- a/manifests/version.pp +++ b/manifests/version.pp @@ -9,7 +9,7 @@ if ! $distrelease { fail("Class['apache::params']: Unparsable \$::operatingsystemrelease: ${::operatingsystemrelease}") } - + case $::osfamily { 'RedHat': { if ($::operatingsystem == 'Fedora' and $distrelease >= 18) or ($::operatingsystem != 'Fedora' and $distrelease >= 7) { From 391bd5b54d9eabc443fd1c3fe8c3c9baca6340e0 Mon Sep 17 00:00:00 2001 From: Carlos Sanchez Date: Mon, 10 Mar 2014 11:52:09 +0100 Subject: [PATCH 09/65] Apache version in Ubuntu 13.10 is 2.4 Fix incorrect distrelease comparison --- manifests/version.pp | 2 +- spec/classes/apache_spec.rb | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 1 deletion(-) diff --git a/manifests/version.pp b/manifests/version.pp index 581fdde6fe..f3cec42594 100644 --- a/manifests/version.pp +++ b/manifests/version.pp @@ -19,7 +19,7 @@ } } 'Debian': { - if $::operatingsystem == 'Ubuntu' and $distrelease >= 13.10 { + if $::operatingsystem == 'Ubuntu' and $::operatingsystemrelease >= 13.10 { $default = 2.4 } else { $default = 2.2 diff --git a/spec/classes/apache_spec.rb b/spec/classes/apache_spec.rb index 1a9a58d1b8..b437928973 100644 --- a/spec/classes/apache_spec.rb +++ b/spec/classes/apache_spec.rb @@ -140,6 +140,39 @@ it { should contain_file("/etc/apache2/apache2.conf").with_content %r{^Group www-data\n} } end end + + context "on Ubuntu" do + let :facts do + super().merge({ + :operatingsystem => 'Ubuntu' + }) + end + + context "13.10" do + let :facts do + super().merge({ + :operatingsystemrelease => '13.10' + }) + end + it { should contain_class('apache').with_apache_version('2.4') } + end + context "12.04" do + let :facts do + super().merge({ + :operatingsystemrelease => '12.04' + }) + end + it { should contain_class('apache').with_apache_version('2.2') } + end + context "13.04" do + let :facts do + super().merge({ + :operatingsystemrelease => '13.04' + }) + end + it { should contain_class('apache').with_apache_version('2.2') } + end + end end context "on a RedHat 5 OS" do let :facts do From ac167f3881fb8af632afc36c69a69c75db4d360b Mon Sep 17 00:00:00 2001 From: Carlos Sanchez Date: Mon, 10 Mar 2014 14:03:35 +0100 Subject: [PATCH 10/65] actions module is not included by default in Debian/Ubuntu Fix acceptance tests --- spec/acceptance/vhost_spec.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index dc759dbf62..a2fa419407 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -688,10 +688,11 @@ class { 'apache': service_ensure => stopped, } class { 'apache': } host { 'test.server': ip => '127.0.0.1' } apache::vhost { 'test.server': - docroot => '/tmp', - action => 'php-fastcgi', + docroot => '/tmp', + action => 'php-fastcgi', } EOS + pp = pp + "\nclass { 'apache::mod::actions': }" if fact('osfamily') == 'Debian' apply_manifest(pp, :catch_failures => true) end From df5df926b6adfd7dcdb2923bda932f2a3011fafe Mon Sep 17 00:00:00 2001 From: Carlos Sanchez Date: Tue, 18 Feb 2014 12:29:49 +0100 Subject: [PATCH 11/65] apache::mod::mime does not compile due to wrong file dependency Update rspec-puppet and add compilation specs to catch these errors Add basic acceptance test for apache::mod::mime Fix too many backslashes in FreeBSD regex for APACHE_PORT --- Gemfile | 2 +- manifests/mod/mime.pp | 2 +- manifests/package.pp | 2 +- spec/acceptance/mod_mime_spec.rb | 34 +++++++++++++++++++++++++ spec/classes/mod/mime_spec.rb | 43 ++++++++++++++++++++++++++++++++ spec/spec_helper.rb | 8 ++++++ 6 files changed, 88 insertions(+), 3 deletions(-) create mode 100644 spec/acceptance/mod_mime_spec.rb create mode 100644 spec/classes/mod/mime_spec.rb diff --git a/Gemfile b/Gemfile index dd87fe8cff..679e7d3efc 100644 --- a/Gemfile +++ b/Gemfile @@ -2,7 +2,7 @@ source ENV['GEM_SOURCE'] || "https://rubygems.org" group :development, :test do gem 'rake', :require => false - gem 'rspec-puppet', :require => false + gem 'rspec-puppet', '>=1.0.0', :require => false gem 'puppetlabs_spec_helper', :require => false gem 'serverspec', :require => false gem 'puppet-lint', :require => false diff --git a/manifests/mod/mime.pp b/manifests/mod/mime.pp index 8348a06ad3..ccdb5d4b3c 100644 --- a/manifests/mod/mime.pp +++ b/manifests/mod/mime.pp @@ -15,7 +15,7 @@ if $mime_support_package { package { $mime_support_package: ensure => 'installed', - before => File["${::apache::mod_dir}/mime.conf"], + before => File['mime.conf'], } } } diff --git a/manifests/package.pp b/manifests/package.pp index c5ef315366..b86167a397 100644 --- a/manifests/package.pp +++ b/manifests/package.pp @@ -26,7 +26,7 @@ ensure => $ensure, path => '/etc/make.conf', line => "APACHE_PORT=${apache_package}", - match => '^\\s*#?\\s*APACHE_PORT\\s*=\\s*', + match => '^\s*#?\s*APACHE_PORT\s*=\s*', before => Package['httpd'], } # remove other packages diff --git a/spec/acceptance/mod_mime_spec.rb b/spec/acceptance/mod_mime_spec.rb new file mode 100644 index 0000000000..71a7037a62 --- /dev/null +++ b/spec/acceptance/mod_mime_spec.rb @@ -0,0 +1,34 @@ +require 'spec_helper_acceptance' + +describe 'apache::mod::mime class' do + case fact('osfamily') + when 'Debian' + mod_dir = '/etc/apache2/mods-available' + service_name = 'apache2' + when 'RedHat' + mod_dir = '/etc/httpd/conf.d' + service_name = 'httpd' + when 'FreeBSD' + mod_dir = '/usr/local/etc/apache22/Modules' + service_name = 'apache22' + end + + context "default mime config" do + it 'succeeds in puppeting mime' do + pp= <<-EOS + class { 'apache': } + include apache::mod::mime + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service(service_name) do + it { should be_enabled } + it { should be_running } + end + + describe file("#{mod_dir}/mime.conf") do + it { should contain "AddType application/x-compress .Z" } + end + end +end diff --git a/spec/classes/mod/mime_spec.rb b/spec/classes/mod/mime_spec.rb new file mode 100644 index 0000000000..835a5a9004 --- /dev/null +++ b/spec/classes/mod/mime_spec.rb @@ -0,0 +1,43 @@ +require 'spec_helper' + +# This function is called inside the OS specific conte, :compilexts +def general_mime_specs + it { should contain_apache__mod("mime") } +end + +describe 'apache::mod::mime', :type => :class do + let :pre_condition do + 'include apache' + end + + context "On a Debian OS with default params", :compile do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + } + end + + general_mime_specs() + + it { should contain_file("mime.conf").with_path('/etc/apache2/mods-available/mime.conf') } + + end + + context "on a RedHat OS with default params", :compile do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + } + end + + general_mime_specs() + + it { should contain_file("mime.conf").with_path("/etc/httpd/conf.d/mime.conf") } + + end + +end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 2c6f56649a..f880d274d8 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1 +1,9 @@ require 'puppetlabs_spec_helper/module_spec_helper' + +RSpec.configure do |c| + c.treat_symbols_as_metadata_keys_with_true_values = true +end + +shared_examples :compile, :compile => true do + it { should compile.with_all_deps } +end From 59600890fa372be4ba459882cac4214cbcc446fe Mon Sep 17 00:00:00 2001 From: Carlos Sanchez Date: Sat, 8 Mar 2014 19:26:13 +0100 Subject: [PATCH 12/65] Bad dependency to .load files in apache::mod Fixes error "expected that the catalogue would include File[/etc/apache2/mods-available/proxy_html.load]" Add compilation specs --- manifests/mod.pp | 4 ++-- spec/classes/mod/auth_kerb_spec.rb | 6 +++--- spec/classes/mod/proxy_html_spec.rb | 6 +++--- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/manifests/mod.pp b/manifests/mod.pp index 8be99afd00..318012680a 100644 --- a/manifests/mod.pp +++ b/manifests/mod.pp @@ -53,10 +53,10 @@ # the module gets installed. $package_before = $::osfamily ? { 'freebsd' => [ - File["${mod_dir}/${mod}.load"], + File["${mod}.load"], File["${::apache::params::conf_dir}/${::apache::params::conf_file}"] ], - default => File["${mod_dir}/${mod}.load"], + default => File["${mod}.load"], } # $_package may be an array package { $_package: diff --git a/spec/classes/mod/auth_kerb_spec.rb b/spec/classes/mod/auth_kerb_spec.rb index 71c2349c39..670270d228 100644 --- a/spec/classes/mod/auth_kerb_spec.rb +++ b/spec/classes/mod/auth_kerb_spec.rb @@ -2,7 +2,7 @@ let :pre_condition do 'include apache' end - context "on a Debian OS" do + context "on a Debian OS", :compile do let :facts do { :osfamily => 'Debian', @@ -14,7 +14,7 @@ it { should contain_apache__mod("auth_kerb") } it { should contain_package("libapache2-mod-auth-kerb") } end - context "on a RedHat OS" do + context "on a RedHat OS", :compile do let :facts do { :osfamily => 'RedHat', @@ -26,7 +26,7 @@ it { should contain_apache__mod("auth_kerb") } it { should contain_package("mod_auth_kerb") } end - context "on a FreeBSD OS" do + context "on a FreeBSD OS", :compile do let :facts do { :osfamily => 'FreeBSD', diff --git a/spec/classes/mod/proxy_html_spec.rb b/spec/classes/mod/proxy_html_spec.rb index 90be60b0fe..5ae11f6d06 100644 --- a/spec/classes/mod/proxy_html_spec.rb +++ b/spec/classes/mod/proxy_html_spec.rb @@ -6,7 +6,7 @@ 'include apache::mod::proxy_http', ] end - context "on a Debian OS" do + context "on a Debian OS", :compile do let :facts do { :osfamily => 'Debian', @@ -18,7 +18,7 @@ it { should contain_apache__mod('proxy_html') } it { should contain_package("libapache2-mod-proxy-html") } end - context "on a RedHat OS" do + context "on a RedHat OS", :compile do let :facts do { :osfamily => 'RedHat', @@ -30,7 +30,7 @@ it { should contain_apache__mod('proxy_html') } it { should contain_package("mod_proxy_html") } end - context "on a FreeBSD OS" do + context "on a FreeBSD OS", :compile do let :facts do { :osfamily => 'FreeBSD', From eee54e962a8c3039427e78984d6e1f7d49972376 Mon Sep 17 00:00:00 2001 From: Carlos Sanchez Date: Sun, 9 Mar 2014 12:23:00 +0100 Subject: [PATCH 13/65] proxy_html needs to load libxml2 library before loading module in Debian Allow passing list of files to load before loading the module to apache::mod libxml2 path in i686 hardwaremodel is /usr/lib/i386-linux-gnu/libxml2.so.2 Add acceptance tests for proxy_html and debian 7.3 --- manifests/mod.pp | 3 +- manifests/mod/proxy_html.pp | 23 +++++++---- spec/acceptance/mod_proxy_html_spec.rb | 36 ++++++++++++++++++ spec/acceptance/nodesets/debian-73-i386.yml | 11 ++++++ spec/acceptance/nodesets/debian-73-x64.yml | 11 ++++++ spec/classes/mod/proxy_html_spec.rb | 42 ++++++++++++++++----- templates/mod/load.erb | 7 ++++ templates/mod/proxy_html.conf.erb | 6 --- 8 files changed, 115 insertions(+), 24 deletions(-) create mode 100644 spec/acceptance/mod_proxy_html_spec.rb create mode 100644 spec/acceptance/nodesets/debian-73-i386.yml create mode 100644 spec/acceptance/nodesets/debian-73-x64.yml create mode 100644 templates/mod/load.erb diff --git a/manifests/mod.pp b/manifests/mod.pp index 318012680a..9d65bd91f1 100644 --- a/manifests/mod.pp +++ b/manifests/mod.pp @@ -5,6 +5,7 @@ $lib_path = $::apache::params::lib_path, $id = undef, $path = undef, + $loadfiles = undef, ) { if ! defined(Class['apache']) { fail('You must include the apache base class before using any apache defined resources') @@ -72,7 +73,7 @@ owner => 'root', group => $::apache::params::root_group, mode => '0644', - content => "LoadModule ${_id} ${_path}\n", + content => template('apache/mod/load.erb'), require => [ Package['httpd'], Exec["mkdir ${mod_dir}"], diff --git a/manifests/mod/proxy_html.pp b/manifests/mod/proxy_html.pp index 91d7bd3c8f..a30c328c90 100644 --- a/manifests/mod/proxy_html.pp +++ b/manifests/mod/proxy_html.pp @@ -1,21 +1,28 @@ class apache::mod::proxy_html { Class['::apache::mod::proxy'] -> Class['::apache::mod::proxy_html'] Class['::apache::mod::proxy_http'] -> Class['::apache::mod::proxy_html'] - ::apache::mod { 'proxy_html': } + + # Add libxml2 case $::osfamily { - 'RedHat': { + /RedHat|FreeBSD/: { ::apache::mod { 'xml2enc': } } 'Debian': { - $proxy_html_loadfiles = $::apache::params::distrelease ? { - '6' => '/usr/lib/libxml2.so.2', - default => "/usr/lib/${::hardwaremodel}-linux-gnu/libxml2.so.2", + $gnu_path = $::hardwaremodel ? { + 'i686' => 'i386', + default => $::hardwaremodel, + } + $loadfiles = $::apache::params::distrelease ? { + '6' => ['/usr/lib/libxml2.so.2'], + default => ["/usr/lib/${gnu_path}-linux-gnu/libxml2.so.2"], } } - 'FreeBSD': { - ::apache::mod { 'xml2enc': } - } } + + ::apache::mod { 'proxy_html': + loadfiles => $loadfiles, + } + # Template uses $icons_path file { 'proxy_html.conf': ensure => file, diff --git a/spec/acceptance/mod_proxy_html_spec.rb b/spec/acceptance/mod_proxy_html_spec.rb new file mode 100644 index 0000000000..ddfa66dd91 --- /dev/null +++ b/spec/acceptance/mod_proxy_html_spec.rb @@ -0,0 +1,36 @@ +require 'spec_helper_acceptance' + +describe 'apache::mod::proxy_html class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + case fact('osfamily') + when 'Debian' + service_name = 'apache2' + when 'RedHat' + service_name = 'httpd' + when 'FreeBSD' + service_name = 'apache22' + end + + context "default proxy_html config" do + if fact('osfamily') == 'RedHat' + it 'adds epel' do + pp = "class { 'epel': }" + apply_manifest(pp, :catch_failures => true) + end + end + + it 'succeeds in puppeting proxy_html' do + pp= <<-EOS + class { 'apache': } + class { 'apache::mod::proxy': } + class { 'apache::mod::proxy_http': } + class { 'apache::mod::proxy_html': } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service(service_name) do + it { should be_enabled } + it { should be_running } + end + end +end diff --git a/spec/acceptance/nodesets/debian-73-i386.yml b/spec/acceptance/nodesets/debian-73-i386.yml new file mode 100644 index 0000000000..a38902d897 --- /dev/null +++ b/spec/acceptance/nodesets/debian-73-i386.yml @@ -0,0 +1,11 @@ +HOSTS: + debian-73-i386: + roles: + - master + platform: debian-7-i386 + box : debian-73-i386-virtualbox-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-i386-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + log_level: debug + type: git diff --git a/spec/acceptance/nodesets/debian-73-x64.yml b/spec/acceptance/nodesets/debian-73-x64.yml new file mode 100644 index 0000000000..f9cf0c9b8a --- /dev/null +++ b/spec/acceptance/nodesets/debian-73-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + debian-73-x64: + roles: + - master + platform: debian-7-amd64 + box : debian-73-x64-virtualbox-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/debian-73-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + log_level: debug + type: git diff --git a/spec/classes/mod/proxy_html_spec.rb b/spec/classes/mod/proxy_html_spec.rb index 5ae11f6d06..000a24e2f9 100644 --- a/spec/classes/mod/proxy_html_spec.rb +++ b/spec/classes/mod/proxy_html_spec.rb @@ -6,17 +6,41 @@ 'include apache::mod::proxy_http', ] end - context "on a Debian OS", :compile do + context "on a Debian OS" do + shared_examples "debian" do |loadfiles| + it { should contain_class("apache::params") } + it { should contain_apache__mod('proxy_html').with(:loadfiles => loadfiles) } + it { should contain_package("libapache2-mod-proxy-html") } + end let :facts do { - :osfamily => 'Debian', - :operatingsystemrelease => '6', - :concat_basedir => '/dne', + :osfamily => 'Debian', + :concat_basedir => '/dne', + :architecture => 'i386' } end - it { should contain_class("apache::params") } - it { should contain_apache__mod('proxy_html') } - it { should contain_package("libapache2-mod-proxy-html") } + + context "on squeeze" do + let(:facts) { super().merge({ :operatingsystemrelease => '6' }) } + it_behaves_like "debian", ['/usr/lib/libxml2.so.2'] + end + context "on wheezy" do + let(:facts) { super().merge({ :operatingsystemrelease => '7' }) } + context "i386" do + let(:facts) { super().merge({ + :hardwaremodel => 'i686', + :architecture => 'i386' + })} + it_behaves_like "debian", ["/usr/lib/i386-linux-gnu/libxml2.so.2"] + end + context "x64" do + let(:facts) { super().merge({ + :hardwaremodel => 'x86_64', + :architecture => 'amd64' + })} + it_behaves_like "debian", ["/usr/lib/x86_64-linux-gnu/libxml2.so.2"] + end + end end context "on a RedHat OS", :compile do let :facts do @@ -27,7 +51,7 @@ } end it { should contain_class("apache::params") } - it { should contain_apache__mod('proxy_html') } + it { should contain_apache__mod('proxy_html').with(:loadfiles => nil) } it { should contain_package("mod_proxy_html") } end context "on a FreeBSD OS", :compile do @@ -39,7 +63,7 @@ } end it { should contain_class("apache::params") } - it { should contain_apache__mod('proxy_html') } + it { should contain_apache__mod('proxy_html').with(:loadfiles => nil) } it { should contain_package("www/mod_proxy_html") } end end diff --git a/templates/mod/load.erb b/templates/mod/load.erb new file mode 100644 index 0000000000..51f45edb21 --- /dev/null +++ b/templates/mod/load.erb @@ -0,0 +1,7 @@ +<% if @loadfiles -%> +<% Array(@loadfiles).each do |loadfile| -%> +LoadFile <%= loadfile %> +<% end -%> + +<% end -%> +LoadModule <%= @_id %> <%= @_path %> diff --git a/templates/mod/proxy_html.conf.erb b/templates/mod/proxy_html.conf.erb index 7f5898ef74..fea15f393f 100644 --- a/templates/mod/proxy_html.conf.erb +++ b/templates/mod/proxy_html.conf.erb @@ -1,9 +1,3 @@ -<% if @proxy_html_loadfiles -%> -<% Array(@proxy_html_loadfiles).each do |loadfile| -%> -LoadFile <%= loadfile %> -<% end -%> - -<% end -%> ProxyHTMLLinks a href ProxyHTMLLinks area href ProxyHTMLLinks link href From eabdb5056fa65a0670905d23c8380dcc28d4fc9d Mon Sep 17 00:00:00 2001 From: Carlos Sanchez Date: Sun, 9 Mar 2014 17:00:21 +0100 Subject: [PATCH 14/65] Add a CentOS 6.5 beaker node --- spec/acceptance/nodesets/centos-65-x64.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 spec/acceptance/nodesets/centos-65-x64.yml diff --git a/spec/acceptance/nodesets/centos-65-x64.yml b/spec/acceptance/nodesets/centos-65-x64.yml new file mode 100644 index 0000000000..89de021346 --- /dev/null +++ b/spec/acceptance/nodesets/centos-65-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + centos-65-x64: + roles: + - master + platform: el-6-x86_65 + box : centos-65-x64-virtualbox-nocm + box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box + hypervisor : vagrant +CONFIG: + log_level: debug + type: git From 43c175f58d3089846a540d4154431303cf7421e7 Mon Sep 17 00:00:00 2001 From: Niek Beernink Date: Mon, 17 Mar 2014 15:15:23 +0100 Subject: [PATCH 15/65] Add extra parameters to mod::php --- manifests/mod/php.pp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/manifests/mod/php.pp b/manifests/mod/php.pp index ace596d42d..ed9b008b30 100644 --- a/manifests/mod/php.pp +++ b/manifests/mod/php.pp @@ -1,11 +1,15 @@ class apache::mod::php ( + $package = undef, $package_ensure = 'present', + $path = undef, ) { if ! defined(Class['apache::mod::prefork']) { fail('apache::mod::php requires apache::mod::prefork; please enable mpm_module => \'prefork\' on Class[\'apache\']') } ::apache::mod { 'php5': + package => $package, package_ensure => $package_ensure, + path => $path, } include ::apache::mod::mime From 98f21a076fc0d20c71537a708e140faeaf4995b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jean-Fran=C3=A7ois=20Roche?= Date: Tue, 18 Mar 2014 14:37:16 +0100 Subject: [PATCH 16/65] fix missing ensure on concat::fragment resources --- manifests/balancer.pp | 3 +++ manifests/balancermember.pp | 1 + manifests/init.pp | 1 + manifests/listen.pp | 1 + manifests/namevirtualhost.pp | 1 + 5 files changed, 7 insertions(+) diff --git a/manifests/balancer.pp b/manifests/balancer.pp index 30887823b6..ac2bc88e44 100644 --- a/manifests/balancer.pp +++ b/manifests/balancer.pp @@ -55,6 +55,7 @@ } concat::fragment { "00-${name}-header": + ensure => present, target => $target, order => '01', content => "\n", @@ -67,12 +68,14 @@ # concat fragments. We don't have to do anything about them. concat::fragment { "01-${name}-proxyset": + ensure => present, target => $target, order => '19', content => inline_template("<% proxy_set.each do |key, value| %> Proxyset <%= key %>=<%= value %>\n<% end %>"), } concat::fragment { "01-${name}-footer": + ensure => present, target => $target, order => '20', content => "\n", diff --git a/manifests/balancermember.pp b/manifests/balancermember.pp index c48cb1ebbf..121e2c5533 100644 --- a/manifests/balancermember.pp +++ b/manifests/balancermember.pp @@ -46,6 +46,7 @@ ) { concat::fragment { "BalancerMember ${url}": + ensure => present, target => "${::apache::params::confd_dir}/balancer_${balancer_cluster}.conf", content => inline_template(" BalancerMember ${url} <%= @options.join ' ' %>\n"), } diff --git a/manifests/init.pp b/manifests/init.pp index 7f2565cf98..6287ff8580 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -212,6 +212,7 @@ require => Package['httpd'], } concat::fragment { 'Apache ports header': + ensure => present, target => $ports_file, content => template('apache/ports_header.erb') } diff --git a/manifests/listen.pp b/manifests/listen.pp index 503ee8860b..e6a8a3c767 100644 --- a/manifests/listen.pp +++ b/manifests/listen.pp @@ -3,6 +3,7 @@ # Template uses: $listen_addr_port concat::fragment { "Listen ${listen_addr_port}": + ensure => present, target => $::apache::ports_file, content => template('apache/listen.erb'), } diff --git a/manifests/namevirtualhost.pp b/manifests/namevirtualhost.pp index 4fa8795185..f8c3a80d85 100644 --- a/manifests/namevirtualhost.pp +++ b/manifests/namevirtualhost.pp @@ -3,6 +3,7 @@ # Template uses: $addr_port concat::fragment { "NameVirtualHost ${addr_port}": + ensure => present, target => $::apache::ports_file, content => template('apache/namevirtualhost.erb'), } From 3b6a46faea0728b89732e8d59bfb9a6087793c5a Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Sun, 23 Mar 2014 10:33:50 -0400 Subject: [PATCH 17/65] fix missing comma in sample config there was a missing comma in the sample to handle redirect from http to https site, making it invalid puppet syntax. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f71ee33e53..d4a454c685 100644 --- a/README.md +++ b/README.md @@ -1555,7 +1555,7 @@ Configure a vhost to redirect non-SSL connections to SSL servername => 'sixteenth.example.com', port => '80', docroot => '/var/www/sixteenth', - redirect_status => 'permanent' + redirect_status => 'permanent', redirect_dest => 'https://sixteenth.example.com/' } apache::vhost { 'sixteenth.example.com ssl': From af13807b8e528ecc8e379213a19ceb9056d51d86 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Igor=20Gali=C4=87?= Date: Wed, 19 Mar 2014 10:24:47 +0100 Subject: [PATCH 18/65] Allow extending LogFormats by passing a hash of additional LogFormats, we can extend the existing definitions. --- README.md | 8 ++++++++ manifests/init.pp | 1 + spec/acceptance/apache_parameters_spec.rb | 23 +++++++++++++++++++++++ spec/classes/apache_spec.rb | 14 ++++++++++++++ templates/httpd.conf.erb | 5 +++++ 5 files changed, 51 insertions(+) diff --git a/README.md b/README.md index d4a454c685..4bbda2952d 100644 --- a/README.md +++ b/README.md @@ -309,6 +309,14 @@ Sets the amount of time the server will wait for subsequent requests on a persis Changes the verbosity level of the error log. Defaults to 'warn'. Valid values are 'emerg', 'alert', 'crit', 'error', 'warn', 'notice', 'info', or 'debug'. +#####`log_formats` + +Define additional [LogFormats](https://httpd.apache.org/docs/current/mod/mod_log_config.html#logformat). This is done in a Hash: + +```puppet + $log_formats = { vhost_common => '%v %h %l %u %t \"%r\" %>s %b' } +``` + #####`logroot` Changes the directory where Apache log files for the virtual host are placed. Defaults to '/var/log/httpd' on RedHat, '/var/log/apache2' on Debian, and '/var/log/apache22' on FreeBSD. diff --git a/manifests/init.pp b/manifests/init.pp index 6287ff8580..cabeee4c0e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -51,6 +51,7 @@ $keepalive_timeout = $::apache::params::keepalive_timeout, $logroot = $::apache::params::logroot, $log_level = $::apache::params::log_level, + $log_formats = {}, $ports_file = $::apache::params::ports_file, $apache_version = $::apache::version::default, $server_tokens = 'OS', diff --git a/spec/acceptance/apache_parameters_spec.rb b/spec/acceptance/apache_parameters_spec.rb index eeae55d45e..90134be144 100644 --- a/spec/acceptance/apache_parameters_spec.rb +++ b/spec/acceptance/apache_parameters_spec.rb @@ -286,6 +286,29 @@ class { 'apache': end end + describe 'logformats' do + describe 'setup' do + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': + { log_formats => { + 'vhost_common' => '%v %h %l %u %t \"%r\" %>s %b', + 'vhost_combined' => '%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"', + } + } + EOS + apply_manifest(pp, :catch_failures => true) + end + end + + describe file($conf_file) do + it { should be_file } + it { should contain 'LogFormat %v %h %l %u %t \"%r\" %>s %b" vhost_common' } + it { should contain 'LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined' } + end + end + + describe 'keepalive' do describe 'setup' do it 'applies cleanly' do diff --git a/spec/classes/apache_spec.rb b/spec/classes/apache_spec.rb index b437928973..6e0b705333 100644 --- a/spec/classes/apache_spec.rb +++ b/spec/classes/apache_spec.rb @@ -141,6 +141,20 @@ end end + describe "Add extra LogFormats" do + context "When parameter log_formats is a hash" do + let :params do + { :log_formats => { + 'vhost_common' => "%v %h %l %u %t \"%r\" %>s %b", + 'vhost_combined' => "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" + } } + end + + it { should contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common\n} } + it { should contain_file("/etc/apache2/apache2.conf").with_content %r{^LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined\n} } + end + end + context "on Ubuntu" do let :facts do super().merge({ diff --git a/templates/httpd.conf.erb b/templates/httpd.conf.erb index 66b70836bb..43b32bda2c 100644 --- a/templates/httpd.conf.erb +++ b/templates/httpd.conf.erb @@ -55,6 +55,11 @@ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combine LogFormat "%h %l %u %t \"%r\" %>s %b" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent +<% if @log_formats and !@log_formats.empty? -%> + <%- @log_formats.each do |nickname,format| -%> +LogFormat "<%= format -%>" <%= nickname %> + <%- end -%> +<% end -%> <%- if @apache_version >= '2.4' -%> IncludeOptional "<%= @confd_dir %>/*.conf" From 0bb362ad68797816ac0b01e58286dc5e149d26e1 Mon Sep 17 00:00:00 2001 From: William Van Hevelingen Date: Tue, 25 Mar 2014 08:45:05 -0700 Subject: [PATCH 19/65] Fixed travis by updating Gemfile to pin Rake to 10.1.1 The latest Rake update requires Ruby >= 1.9. This update fixes the failing 1.8.7 tests by pinning Rake to the last supported version on ruby 1.8.7. --- Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile b/Gemfile index 679e7d3efc..0ad4ddffca 100644 --- a/Gemfile +++ b/Gemfile @@ -1,7 +1,7 @@ source ENV['GEM_SOURCE'] || "https://rubygems.org" group :development, :test do - gem 'rake', :require => false + gem 'rake', '10.1.1', :require => false gem 'rspec-puppet', '>=1.0.0', :require => false gem 'puppetlabs_spec_helper', :require => false gem 'serverspec', :require => false From fd3ebd143b6c5b84528013245afb305e6946c286 Mon Sep 17 00:00:00 2001 From: Niek Beernink Date: Tue, 25 Mar 2014 17:19:11 +0100 Subject: [PATCH 20/65] rename package param, add tests and documentation --- README.md | 13 +++++++++++++ manifests/mod/php.pp | 4 ++-- spec/classes/mod/php_spec.rb | 18 ++++++++++++++++++ 3 files changed, 33 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index f71ee33e53..1804fe5971 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,7 @@ * [Defined Type: apache::mod](#defined-type-apachemod) * [Classes: apache::mod::*](#classes-apachemodname) * [Class: apache::mod::pagespeed](#class-apachemodpagespeed) + * [Class: apache::mod::php](#class-apachemodphp) * [Class: apache::mod::ssl](#class-apachemodssl) * [Class: apache::mod::wsgi](#class-apachemodwsgi) * [Defined Type: apache::vhost](#defined-type-apachevhost) @@ -523,6 +524,18 @@ These are the defaults: Full documentation for mod_pagespeed is available from [Google](http://modpagespeed.com). +####Class: `apache::mod::php` + +Installs and configures mod_php. The defaults are OS-dependant. + +Overriding the package name: +``` + class {'::apache::mod::php': + package_name => "php54-php", + path => "${::apache::params::lib_path}/libphp54-php5.so", + } +``` + ####Class: `apache::mod::ssl` Installs Apache SSL capabilities and uses the ssl.conf.erb template. These are the defaults: diff --git a/manifests/mod/php.pp b/manifests/mod/php.pp index ed9b008b30..8c1b94d6bb 100644 --- a/manifests/mod/php.pp +++ b/manifests/mod/php.pp @@ -1,5 +1,5 @@ class apache::mod::php ( - $package = undef, + $package_name = undef, $package_ensure = 'present', $path = undef, ) { @@ -7,7 +7,7 @@ fail('apache::mod::php requires apache::mod::prefork; please enable mpm_module => \'prefork\' on Class[\'apache\']') } ::apache::mod { 'php5': - package => $package, + package => $package_name, package_ensure => $package_ensure, path => $path, } diff --git a/spec/classes/mod/php_spec.rb b/spec/classes/mod/php_spec.rb index 57708a398c..29adc870f4 100644 --- a/spec/classes/mod/php_spec.rb +++ b/spec/classes/mod/php_spec.rb @@ -46,6 +46,24 @@ :content => "LoadModule php5_module modules/libphp5.so\n" ) } end + context "with alternative package name" do let :pre_condition do + 'class { "apache": }' + end + let :params do + { :package_name => 'php54'} + end + it { should contain_package("php54") } + end + context "with alternative path" do let :pre_condition do + 'class { "apache": }' + end + let :params do + { :path => 'alternative-path'} + end + it { should contain_file("php5.load").with( + :content => "LoadModule php5_module alternative-path\n" + ) } + end context "with specific version" do let :pre_condition do 'class { "apache": }' From 835b3422ee585c9503e61b5009d815c20a8a4787 Mon Sep 17 00:00:00 2001 From: Christian Kaenzig Date: Thu, 27 Mar 2014 15:09:01 +0100 Subject: [PATCH 21/65] Fix typo in service.pp doc --- manifests/service.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/service.pp b/manifests/service.pp index b21a25f4b7..e958b1bc51 100644 --- a/manifests/service.pp +++ b/manifests/service.pp @@ -12,7 +12,7 @@ # Sample Usage: # # sometype { 'foo': -# notify => Class['apache::service], +# notify => Class['apache::service'], # } # # From d0883b92116939695217a72681c1a8b1c5cd85d8 Mon Sep 17 00:00:00 2001 From: jonoterc Date: Sat, 29 Mar 2014 02:56:06 -0400 Subject: [PATCH 22/65] Enable overriding mod-level parameters for apache::mod::passenger Apache::mod::passenger didn't accept/pass (optional) mod parameters through to apache::mod, so only auto-generated module parameters were used. Without this option, apache::mod::passenger could not be used in conjunction with passenger modules beyond those generated by the OS package system (in particular, modules compiled via passenger-install-apache2-module, which uses differing paths). This commit enables passing in all parameters used with "apache::mod", documented in the passenger README file. Modified default RedHat passenger parameters for cleaned-up installation (prior parameters worked with Apache, but broke passenger-* utilities, incl. passenger-status & passenger-root). Updated spec/class tests to verify mod-level parameters; also, updated RedHat tests to accomodate updated default parameters. Added spec/acceptance tests for passenger, verifying default installations for RedHat and Debian systems. RedHat installation test installs (required) EPEL and http://passenger.stealthymonkeys.com package repositories. --- .gitignore | 1 + README.passenger.md | 62 ++++++-- manifests/mod/passenger.pp | 38 ++++- manifests/params.pp | 8 +- spec/acceptance/mod_passenger_spec.rb | 213 ++++++++++++++++++++++++++ spec/classes/mod/passenger_spec.rb | 40 +++-- 6 files changed, 331 insertions(+), 31 deletions(-) create mode 100644 spec/acceptance/mod_passenger_spec.rb diff --git a/.gitignore b/.gitignore index e8f52b4451..f751a15d6e 100644 --- a/.gitignore +++ b/.gitignore @@ -4,4 +4,5 @@ vendor spec/fixtures .rspec_system .bundle +.vagrant .*sw* diff --git a/README.passenger.md b/README.passenger.md index cecacccc4f..1cc21202b8 100644 --- a/README.passenger.md +++ b/README.passenger.md @@ -2,7 +2,9 @@ Just enabling the Passenger module is insufficient for the use of Passenger in production. Passenger should be tunable to better fit the environment in which it is run while being aware of the resources it required. -To this end the Apache passenger module has been modified to apply system wide Passenger tuning declarations to `passenger.conf`. Declarations specific to a virtual host should be passed through when defining a `vhost` (e.g. `rack_base_uris' parameter on the `apache::vhost` class, check `README.md`). +To this end the Apache passenger module has been modified to apply system wide Passenger tuning declarations to `passenger.conf`. Declarations specific to a virtual host should be passed through when defining a `vhost` (e.g. `rack_base_uris` parameter on the `apache::vhost` class, check `README.md`). + +Also, general apache module loading parameters can be supplied to enable using a customized passenger module in place of a default-package-based version of the module. # Parameters for `apache::mod::passenger` @@ -12,59 +14,99 @@ The following declarations are supported and can be passed to `apache::mod::pass class {'apache::mod::passenger': passenger_high_performance => 'on', rails_autodetect => 'off', + mod_lib_path => '/usr/lib/apache2/custom_modules', } ``` The general form is using the all lower case version of the declaration. -If you pass a default value to `apache::mod::passenger` it will be ignored and not passed through to the configuration file. +## Parameters used with passenger.conf + +If you pass a default value to `apache::mod::passenger` it will be ignored and not passed through to the configuration file. -## passenger_high_performance +### passenger_high_performance Default is `off`, when turned `on` Passenger runs in a higher performance mode that can be less compatible with other Apache modules. http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerHighPerformance -## passenger_max_pool_size +### passenger_max_pool_size Set's the maximum number of Passenger application processes that may simultaneously run. The default value is 6. http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengermaxpoolsize_lt_integer_gt -## passenger_pool_idle_time +### passenger_pool_idle_time The maximum number of seconds a Passenger Application process will be allowed to remain idle before being shut down. The default value is 300. http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerPoolIdleTime -## passenger_max_requests +### passenger_max_requests The maximum number of request a Passenger application will process before being restarted. The default value is 0, which indicates that a process will only shut down if the Pool Idle Time (see above) expires. http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerMaxRequests -## passenger_stat_throttle_rate +### passenger_stat_throttle_rate Sets how often Passenger performs file system checks, at most once every _x_ seconds. Default is 0, which means the checks are performed with every request. http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengerstatthrottlerate_lt_integer_gt -## rack_autodetect +### rack_autodetect Should Passenger automatically detect if the document root of a virtual host is a Rack application. The default is `on` http://www.modrails.com/documentation/Users%20guide%20Apache.html#_rackautodetect_lt_on_off_gt -## rails_autodetect +### rails_autodetect Should Passenger automatically detect if the document root of a virtual host is a Rails application. The default is on. http://www.modrails.com/documentation/Users%20guide%20Apache.html#_railsautodetect_lt_on_off_gt -## passenger_use_global_queue +### passenger_use_global_queue Allows toggling of PassengerUseGlobalQueue. NOTE: PassengerUseGlobalQueue is the default in Passenger 4.x and the versions >= 4.x have disabled this configuration option altogether. Use with caution. +## Parameters used to load the module + +Unlike the tuning parameters specified above, the following parameters are only used when loading customized passenger modules. + +### mod_package + +Allows overriding the default package name used for the passenger module package. + +### mod_package_ensure + +Allows overriding the package installation setting used by puppet when installing the passenger module. The default is 'present'. + +### mod_id + +Allows overriding the value used by apache to identify the passenger module. The default is 'passenger_module'. + +### mod_lib_path + +Allows overriding the directory path used by apache when loading the passenger module. The default is the value of `$apache::params::lib_path`. + +### mod_lib + +Allows overriding the library file name used by apache when loading the passenger module. The default is 'mod_passenger.so'. + +### mod_path + +Allows overriding the full path to the library file used by apache when loading the passenger module. The default is the concatenation of the `mod_lib_path` and `mod_lib` parameters. + +# Dependencies + +RedHat-based systems will need to configure additional package repositories in order to install Passenger, specifically: + +* [Extra Packages for Enterprise Linux](https://fedoraproject.org/wiki/EPEL) +* [Phusion Passenger](http://passenger.stealthymonkeys.com) + +Configuration of these repositories is beyond the scope of this module and is left to the user. + # Attribution The Passenger tuning parameters for the `apache::mod::puppet` Puppet class was modified by Aaron Hicks (hicksa@landcareresearch.co.nz) for work on the NeSI Project and the Tuakiri New Zealand Access Federation as a fork from the PuppetLabs Apache module on GitHub. diff --git a/manifests/mod/passenger.pp b/manifests/mod/passenger.pp index 6a7404daa0..b39ae2634e 100644 --- a/manifests/mod/passenger.pp +++ b/manifests/mod/passenger.pp @@ -11,15 +11,13 @@ $passenger_ruby = $::apache::params::passenger_ruby, $passenger_max_pool_size = undef, $passenger_use_global_queue = undef, + $mod_package = undef, + $mod_package_ensure = undef, + $mod_lib = undef, + $mod_lib_path = undef, + $mod_id = undef, + $mod_path = undef, ) { - if $::osfamily == 'FreeBSD' { - ::apache::mod { 'passenger': - lib_path => "${passenger_root}/buildout/apache2" - } - } else { - ::apache::mod { 'passenger': } - } - # Managed by the package, but declare it to avoid purging if $passenger_conf_package_file { file { 'passenger_package.conf': @@ -27,6 +25,30 @@ } } + $_package = $mod_package + $_package_ensure = $mod_package_ensure + $_lib = $mod_lib + if $::osfamily == 'FreeBSD' { + if $mod_lib_path { + $_lib_path = $mod_lib_path + } else { + $_lib_path = "${passenger_root}/buildout/apache2" + } + } else { + $_lib_path = $mod_lib_path + } + + $_id = $mod_id + $_path = $mod_path + ::apache::mod { 'passenger': + package => $_package, + package_ensure => $_package_ensure, + lib => $_lib, + lib_path => $_lib_path, + id => $_id, + path => $_path, + } + # Template uses: # - $passenger_root # - $passenger_ruby diff --git a/manifests/params.pp b/manifests/params.pp index 43f3566aff..eaedc148e7 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -49,10 +49,10 @@ $default_ssl_cert = '/etc/pki/tls/certs/localhost.crt' $default_ssl_key = '/etc/pki/tls/private/localhost.key' $ssl_certs_dir = '/etc/pki/tls/certs' - $passenger_conf_file = 'passenger_extra.conf' - $passenger_conf_package_file = 'passenger.conf' - $passenger_root = undef - $passenger_ruby = undef + $passenger_conf_file = 'passenger.conf' + $passenger_conf_package_file = undef + $passenger_root = '/usr/lib/ruby/gems/1.8/gems/passenger-3.0.19' + $passenger_ruby = '/usr/bin/ruby' $suphp_addhandler = 'php5-script' $suphp_engine = 'off' $suphp_configpath = undef diff --git a/spec/acceptance/mod_passenger_spec.rb b/spec/acceptance/mod_passenger_spec.rb new file mode 100644 index 0000000000..7443b0e8b5 --- /dev/null +++ b/spec/acceptance/mod_passenger_spec.rb @@ -0,0 +1,213 @@ +require 'spec_helper_acceptance' + +describe 'apache::mod::passenger class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do + case fact('osfamily') + when 'Debian' + service_name = 'apache2' + mod_dir = '/etc/apache2/mods-available/' + conf_file = "#{mod_dir}passenger.conf" + load_file = "#{mod_dir}passenger.load" + passenger_root = '/usr' + passenger_ruby = '/usr/bin/ruby' + passenger_module_path = '/usr/lib/apache2/modules/mod_passenger.so' + rackapp_user = 'www-data' + rackapp_group = 'www-data' + when 'RedHat' + service_name = 'httpd' + mod_dir = '/etc/httpd/conf.d/' + conf_file = "#{mod_dir}passenger.conf" + load_file = "#{mod_dir}passenger.load" + passenger_root = '/usr/lib/ruby/gems/1.8/gems/passenger-3.0.19' + passenger_ruby = '/usr/bin/ruby' + passenger_module_path = 'modules/mod_passenger.so' + rackapp_user = 'apache' + rackapp_group = 'apache' + end + + pp_rackapp = <<-EOS + /* a simple ruby rack 'hellow world' app */ + file { '/var/www/passenger': + ensure => directory, + owner => '#{rackapp_user}', + group => '#{rackapp_group}', + require => Class['apache::mod::passenger'], + } + file { '/var/www/passenger/config.ru': + ensure => file, + owner => '#{rackapp_user}', + group => '#{rackapp_group}', + content => "app = proc { |env| [200, { \\"Content-Type\\" => \\"text/html\\" }, [\\"hello world\\"]] }\\nrun app", + require => File['/var/www/passenger'] , + } + apache::vhost { 'passenger.example.com': + port => '80', + docroot => '/var/www/passenger/public', + docroot_group => '#{rackapp_group}' , + docroot_owner => '#{rackapp_user}' , + custom_fragment => "PassengerRuby #{passenger_ruby}\\nRailsEnv development" , + require => File['/var/www/passenger/config.ru'] , + } + host { 'passenger.example.com': ip => '127.0.0.1', } + EOS + + case fact('osfamily') + when 'Debian' + context "default passenger config" do + it 'succeeds in puppeting passenger' do + pp = <<-EOS + /* stock apache and mod_passenger */ + class { 'apache': } + class { 'apache::mod::passenger': } + #{pp_rackapp} + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service(service_name) do + it { should be_enabled } + it { should be_running } + end + + describe file(conf_file) do + it { should contain "PassengerRoot \"#{passenger_root}\"" } + it { should contain "PassengerRuby \"#{passenger_ruby}\"" } + end + + describe file(load_file) do + it { should contain "LoadModule passenger_module #{passenger_module_path}" } + end + + it 'should output status via passenger-memory-stats' do + shell("sudo /usr/sbin/passenger-memory-stats") do |r| + r.stdout.should =~ /Apache processes/ + r.stdout.should =~ /Nginx processes/ + r.stdout.should =~ /Passenger processes/ + r.stdout.should =~ /### Processes: [0-9]+/ + r.stdout.should =~ /### Total private dirty RSS: [0-9\.]+ MB/ + + r.exit_code.should == 0 + end + end + + # passenger-status fails under stock ubuntu-server-12042-x64 + mod_passenger, + # even when the passenger process is successfully installed and running + unless fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemrelease') == '12.04' + it 'should output status via passenger-status' do + # xml output not available on ubunutu <= 10.04, so sticking with default pool output + shell("sudo /usr/sbin/passenger-status") do |r| + # spacing may vary + r.stdout.should =~ /[\-]+ General information [\-]+/ + r.stdout.should =~ /max[ ]+= [0-9]+/ + r.stdout.should =~ /count[ ]+= [0-9]+/ + r.stdout.should =~ /active[ ]+= [0-9]+/ + r.stdout.should =~ /inactive[ ]+= [0-9]+/ + r.stdout.should =~ /Waiting on global queue: [0-9]+/ + + r.exit_code.should == 0 + end + end + end + + it 'should answer to passenger.example.com' do + shell("/usr/bin/curl passenger.example.com:80") do |r| + r.stdout.should =~ /^hello world<\/b>$/ + r.exit_code.should == 0 + end + end + + end + + when 'RedHat' + # no fedora 18 passenger package yet + unless (fact('operatingsystem') == 'Fedora' and fact('operatingsystemrelease').to_f >= 18) + + context "default passenger config" do + it 'succeeds in puppeting passenger' do + pp = <<-EOS + /* EPEL and passenger repositories */ + class { 'epel': } + exec { 'passenger.repo GPG key': + command => '/usr/bin/sudo /usr/bin/curl -o /etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc http://passenger.stealthymonkeys.com/RPM-GPG-KEY-stealthymonkeys.asc', + creates => '/etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc', + } + file { 'passenger.repo GPG key': + ensure => file, + path => '/etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc', + require => Exec['passenger.repo GPG key'], + } + epel::rpm_gpg_key { 'passenger.stealthymonkeys.com': + path => '/etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc', + require => [ + Class['epel'], + File['passenger.repo GPG key'], + ] + } + yumrepo { 'passenger': + baseurl => 'http://passenger.stealthymonkeys.com/rhel/$releasever/$basearch' , + descr => 'Red Hat Enterprise $releasever - Phusion Passenger', + enabled => 1, + gpgcheck => 1, + gpgkey => 'http://passenger.stealthymonkeys.com/RPM-GPG-KEY-stealthymonkeys.asc', + mirrorlist => 'http://passenger.stealthymonkeys.com/rhel/mirrors', + require => [ + Epel::Rpm_gpg_key['passenger.stealthymonkeys.com'], + ], + } + /* apache and mod_passenger */ + class { 'apache': + require => [ + Class['epel'], + ], + } + class { 'apache::mod::passenger': + require => [ + Yumrepo['passenger'] + ], + } + #{pp_rackapp} + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service(service_name) do + it { should be_enabled } + it { should be_running } + end + + describe file(conf_file) do + it { should contain "PassengerRoot \"#{passenger_root}\"" } + it { should contain "PassengerRuby \"#{passenger_ruby}\"" } + end + + describe file(load_file) do + it { should contain "LoadModule passenger_module #{passenger_module_path}" } + end + + # note: passenger-memory-stats is not installed on Redhat + + it 'should output status via passenger-status' do + shell("sudo /usr/bin/passenger-status") do |r| + # spacing may vary + r.stdout.should =~ /[\-]+ General information [\-]+/ + r.stdout.should =~ /max[ ]+= [0-9]+/ + r.stdout.should =~ /count[ ]+= [0-9]+/ + r.stdout.should =~ /active[ ]+= [0-9]+/ + r.stdout.should =~ /inactive[ ]+= [0-9]+/ + r.stdout.should =~ /Waiting on global queue: [0-9]+/ + + r.exit_code.should == 0 + end + end + + it 'should answer to passenger.example.com' do + shell("/usr/bin/curl passenger.example.com:80") do |r| + r.stdout.should =~ /^hello world<\/b>$/ + r.exit_code.should == 0 + end + end + end + + end + + end +end diff --git a/spec/classes/mod/passenger_spec.rb b/spec/classes/mod/passenger_spec.rb index 37177f477f..e65798a355 100644 --- a/spec/classes/mod/passenger_spec.rb +++ b/spec/classes/mod/passenger_spec.rb @@ -13,6 +13,9 @@ it { should contain_class("apache::params") } it { should contain_apache__mod('passenger') } it { should contain_package("libapache2-mod-passenger") } + it { should contain_file('passenger.load').with({ + 'path' => '/etc/apache2/mods-available/passenger.load', + }) } it { should contain_file('passenger.conf').with({ 'path' => '/etc/apache2/mods-available/passenger.conf', }) } @@ -78,6 +81,30 @@ end it { should contain_file('passenger.conf').with_content(/^ PassengerUseGlobalQueue true$/) } end + describe "with mod_path => '/usr/lib/foo/mod_foo.so'" do + let :params do + { :mod_path => '/usr/lib/foo/mod_foo.so' } + end + it { should contain_file('passenger.load').with_content(/^LoadModule passenger_module \/usr\/lib\/foo\/mod_foo\.so$/) } + end + describe "with mod_lib_path => '/usr/lib/foo'" do + let :params do + { :mod_lib_path => '/usr/lib/foo' } + end + it { should contain_file('passenger.load').with_content(/^LoadModule passenger_module \/usr\/lib\/foo\/mod_passenger\.so$/) } + end + describe "with mod_lib => 'mod_foo.so'" do + let :params do + { :mod_lib => 'mod_foo.so' } + end + it { should contain_file('passenger.load').with_content(/^LoadModule passenger_module \/usr\/lib\/apache2\/modules\/mod_foo\.so$/) } + end + describe "with mod_id => 'mod_foo'" do + let :params do + { :mod_id => 'mod_foo' } + end + it { should contain_file('passenger.load').with_content(/^LoadModule mod_foo \/usr\/lib\/apache2\/modules\/mod_passenger\.so$/) } + end end context "on a RedHat OS" do @@ -91,16 +118,11 @@ it { should contain_class("apache::params") } it { should contain_apache__mod('passenger') } it { should contain_package("mod_passenger") } - it { should contain_file('passenger_package.conf').with({ - 'path' => '/etc/httpd/conf.d/passenger.conf', - }) } - it { should contain_file('passenger_package.conf').without_content } - it { should contain_file('passenger_package.conf').without_source } - it { should contain_file('passenger.conf').with({ - 'path' => '/etc/httpd/conf.d/passenger_extra.conf', + it { should contain_file('passenger.load').with({ + 'path' => '/etc/httpd/conf.d/passenger.load', }) } - it { should contain_file('passenger.conf').without_content(/PassengerRoot/) } - it { should contain_file('passenger.conf').without_content(/PassengerRuby/) } + it { should contain_file('passenger.conf').with_content(/^ PassengerRoot "\/usr\/lib\/ruby\/gems\/1.8\/gems\/passenger-3\.0\.19"$/) } + it { should contain_file('passenger.conf').with_content(/^ PassengerRuby "\/usr\/bin\/ruby"/) } describe "with passenger_root => '/usr/lib/example'" do let :params do { :passenger_root => '/usr/lib/example' } From fa0fd41938cba1ae2433fd89a15af217aef6cee9 Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Sat, 29 Mar 2014 07:29:19 -0400 Subject: [PATCH 23/65] fix inverted ssl compression Apache 2.4 defaults SSLCompression Off. The ssl module provides a parameter for ssl_compression which defaults false. If it is set to true, the template actually would add another SSLCompression Off stanza (not the expected SSLCompression On). --- templates/mod/ssl.conf.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/mod/ssl.conf.erb b/templates/mod/ssl.conf.erb index e1597f2f8b..bcaddffe70 100644 --- a/templates/mod/ssl.conf.erb +++ b/templates/mod/ssl.conf.erb @@ -11,7 +11,7 @@ SSLSessionCache "shmcb:<%= @session_cache %>" SSLSessionCacheTimeout 300 <% if @ssl_compression -%> - SSLCompression Off + SSLCompression On <% end -%> <% if @apache_version >= '2.4' -%> Mutex <%= @ssl_mutex %> From 679e3ddd6ee2ee6fd6a631568cc2ef68ac07ed30 Mon Sep 17 00:00:00 2001 From: Sean Dague Date: Sat, 29 Mar 2014 07:33:30 -0400 Subject: [PATCH 24/65] allow global setting of SSL cipher ssl_cipher is setable per vhost already, this makes it an option that can be sent once per the entire configuration instead of at each vhost. --- manifests/mod/ssl.pp | 1 + templates/mod/ssl.conf.erb | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/manifests/mod/ssl.pp b/manifests/mod/ssl.pp index d644ac5ef7..7370746e60 100644 --- a/manifests/mod/ssl.pp +++ b/manifests/mod/ssl.pp @@ -1,6 +1,7 @@ class apache::mod::ssl ( $ssl_compression = false, $ssl_options = [ 'StdEnvVars' ], + $ssl_cipher = 'HIGH:MEDIUM:!aNULL:!MD5', $apache_version = $::apache::apache_version, ) { $session_cache = $::osfamily ? { diff --git a/templates/mod/ssl.conf.erb b/templates/mod/ssl.conf.erb index bcaddffe70..a393193a76 100644 --- a/templates/mod/ssl.conf.erb +++ b/templates/mod/ssl.conf.erb @@ -20,7 +20,7 @@ <% end -%> SSLCryptoDevice builtin SSLHonorCipherOrder On - SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 + SSLCipherSuite <%= @ssl_cipher %> SSLProtocol all -SSLv2 <% if @ssl_options -%> SSLOptions <%= @ssl_options.compact.join(' ') %> From 97ba6c5c53fcaddce51f4387cb343d946f474c32 Mon Sep 17 00:00:00 2001 From: Matt Dainty Date: Mon, 3 Feb 2014 16:12:11 +0000 Subject: [PATCH 25/65] Add support for SetHandler directive --- README.md | 15 +++++++++++++++ templates/vhost/_directories.erb | 3 +++ 2 files changed, 18 insertions(+) diff --git a/README.md b/README.md index 53e68e164d..9bfc8e7516 100644 --- a/README.md +++ b/README.md @@ -1335,6 +1335,21 @@ Sets the order of processing Allow and Deny statements as per [Apache core docum } ``` +######`sethandler` + +Sets a `SetHandler` directive as per the [Apache Core documentation](http://httpd.apache.org/docs/2.2/mod/core.html#sethandler). An example: + +```puppet + apache::vhost { 'sample.example.net': + docroot => '/path/to/directory', + directories => [ + { path => '/path/to/directory', + sethandler => 'None', + } + ], + } +``` + ######`passenger_enabled` Sets the value for the [PassengerEnabled](http://www.modrails.com/documentation/Users%20guide%20Apache.html#PassengerEnabled) directory to 'on' or 'off'. Requires `apache::mod::passenger` to be included. diff --git a/templates/vhost/_directories.erb b/templates/vhost/_directories.erb index 516d0798da..efa26ce4e9 100644 --- a/templates/vhost/_directories.erb +++ b/templates/vhost/_directories.erb @@ -63,6 +63,9 @@ AddHandler <%= addhandler['handler'] %> <%= Array(addhandler['extensions']).join(' ') %> <%- end -%> <%- end -%> + <%- if directory['sethandler'] and directory['sethandler'] != '' -%> + SetHandler <%= directory['sethandler'] %> + <%- end -%> <%- if directory['passenger_enabled'] and directory['passenger_enabled'] != '' -%> PassengerEnabled <%= directory['passenger_enabled'] %> <%- end -%> From b05d141a8d81f871e9540f8fb53aba926e9d82d4 Mon Sep 17 00:00:00 2001 From: Matt Dainty Date: Tue, 4 Feb 2014 16:33:36 +0000 Subject: [PATCH 26/65] Add SetHandler tests --- spec/acceptance/vhost_spec.rb | 32 ++++++++++++++++++++++++++++++++ spec/defines/vhost_spec.rb | 2 ++ 2 files changed, 34 insertions(+) diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index a2fa419407..01c9dcbb0f 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -252,6 +252,38 @@ class { 'apache': } shell("/usr/bin/curl -sSf files.example.net:80/private.html", {:acceptable_exit_codes => 22}).stderr.should match(/curl: \(22\) The requested URL returned error: 403/) end end + + describe 'SetHandler directive' do + it 'should configure a vhost with a SetHandler directive' do + pp = <<-EOS + class { 'apache': } + apache::mod { 'status': } + host { 'files.example.net': ip => '127.0.0.1', } + apache::vhost { 'files.example.net': + docroot => '/var/www/files', + directories => [ + { path => '/var/www/files', }, + { path => '/server-status', provider => 'location', sethandler => 'server-status', }, + ], + } + file { '/var/www/files/index.html': + ensure => file, + content => "Hello World\\n", + } + EOS + apply_manifest(pp, :catch_failures => true) + end + + describe service($service_name) do + it { should be_enabled } + it { should be_running } + end + + it 'should answer to files.example.net' do + shell("/usr/bin/curl -sSf files.example.net:80/index.html").stdout.should eq("Hello World\n") + shell("/usr/bin/curl -sSf files.example.net:80/server-status?auto").stdout.should match(/Scoreboard: /) + end + end end case fact('lsbdistcodename') diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb index b16ce88404..234fdbd0b0 100644 --- a/spec/defines/vhost_spec.rb +++ b/spec/defines/vhost_spec.rb @@ -686,6 +686,7 @@ 'options' => '-MultiViews', 'order' => 'deny,yned', 'passenger_enabled' => 'onf', + 'sethandler' => 'None', }, :match => [ /^ $/, @@ -695,6 +696,7 @@ /^ Deny from google.com$/, /^ Options -MultiViews$/, /^ Order deny,yned$/, + /^ SetHandler None$/, /^ PassengerEnabled onf$/, /^ <\/Directory>$/, ], From 9aa2ded1a2aec47aa31f1ccc592defed5547c585 Mon Sep 17 00:00:00 2001 From: Ryan Chouinard Date: Wed, 26 Feb 2014 18:27:21 -0500 Subject: [PATCH 27/65] Add basic support for mod_speling --- README.md | 1 + manifests/default_mods.pp | 4 ++-- manifests/mod/speling.pp | 3 +++ spec/classes/mod/speling_spec.rb | 26 ++++++++++++++++++++++++++ 4 files changed, 32 insertions(+), 2 deletions(-) create mode 100644 manifests/mod/speling.pp create mode 100644 spec/classes/mod/speling_spec.rb diff --git a/README.md b/README.md index 9bfc8e7516..3d422fd092 100644 --- a/README.md +++ b/README.md @@ -468,6 +468,7 @@ There are many `apache::mod::[name]` classes within this module that can be decl * `rewrite` * `rpaf`* * `setenvif` +* `speling` * `ssl`* (see [`apache::mod::ssl`](#class-apachemodssl) below) * `status`* * `suphp` diff --git a/manifests/default_mods.pp b/manifests/default_mods.pp index af98896216..cf26e2802f 100644 --- a/manifests/default_mods.pp +++ b/manifests/default_mods.pp @@ -27,6 +27,7 @@ include ::apache::mod::mime_magic include ::apache::mod::vhost_alias include ::apache::mod::rewrite + include ::apache::mod::speling ::apache::mod { 'auth_digest': } ::apache::mod { 'authn_anon': } ::apache::mod { 'authn_dbm': } @@ -36,7 +37,6 @@ ::apache::mod { 'ext_filter': } ::apache::mod { 'include': } ::apache::mod { 'logio': } - ::apache::mod { 'speling': } ::apache::mod { 'substitute': } ::apache::mod { 'suexec': } ::apache::mod { 'usertrack': } @@ -65,6 +65,7 @@ include ::apache::mod::rewrite include ::apache::mod::userdir include ::apache::mod::vhost_alias + include ::apache::mod::speling ::apache::mod { 'asis': } ::apache::mod { 'auth_digest': } @@ -83,7 +84,6 @@ ::apache::mod { 'imagemap':} ::apache::mod { 'include': } ::apache::mod { 'logio': } - ::apache::mod { 'speling': } ::apache::mod { 'unique_id': } ::apache::mod { 'usertrack': } ::apache::mod { 'version': } diff --git a/manifests/mod/speling.pp b/manifests/mod/speling.pp new file mode 100644 index 0000000000..eb46d78f04 --- /dev/null +++ b/manifests/mod/speling.pp @@ -0,0 +1,3 @@ +class apache::mod::speling { + ::apache::mod { 'speling': } +} diff --git a/spec/classes/mod/speling_spec.rb b/spec/classes/mod/speling_spec.rb new file mode 100644 index 0000000000..987291a3f3 --- /dev/null +++ b/spec/classes/mod/speling_spec.rb @@ -0,0 +1,26 @@ +describe 'apache::mod::speling', :type => :class do + let :pre_condition do + 'include apache' + end + context "on a Debian OS" do + let :facts do + { + :osfamily => 'Debian', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + } + end + it { should contain_apache__mod('speling') } + end + + context "on a RedHat OS" do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '6', + :concat_basedir => '/dne', + } + end + it { should contain_apache__mod('speling') } + end +end From 1fa0d705fde87e86ffe2e7608c872976c9802d80 Mon Sep 17 00:00:00 2001 From: Christian Kaenzig Date: Sat, 5 Apr 2014 15:37:30 +0200 Subject: [PATCH 28/65] add docroot_mode parameter to vhost --- README.md | 4 ++++ manifests/vhost.pp | 2 ++ spec/acceptance/vhost_spec.rb | 2 ++ spec/defines/vhost_spec.rb | 6 ++++-- tests/vhost.pp | 3 ++- 5 files changed, 14 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 53e68e164d..50ca5ea00e 100644 --- a/README.md +++ b/README.md @@ -674,6 +674,10 @@ Sets group access to the docroot directory. Defaults to 'root'. Sets individual user access to the docroot directory. Defaults to 'root'. +#####`docroot_mode` + +Sets access permissions of the docroot directory. Defaults to 'undef'. + #####`error_log` Specifies whether `*_error.log` directives should be configured. Defaults to 'true'. diff --git a/manifests/vhost.pp b/manifests/vhost.pp index b6c75dc51e..7cfe11ab4d 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -94,6 +94,7 @@ $add_listen = true, $docroot_owner = 'root', $docroot_group = $::apache::params::root_group, + $docroot_mode = undef, $serveradmin = undef, $ssl = false, $ssl_cert = $::apache::default_ssl_cert, @@ -262,6 +263,7 @@ ensure => directory, owner => $docroot_owner, group => $docroot_group, + mode => $docroot_mode, require => Package['httpd'], } } diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index a2fa419407..0353f58c04 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -427,6 +427,7 @@ class { 'apache': } docroot => '/tmp/test', docroot_owner => 'test_owner', docroot_group => 'test_group', + docroot_mode => '0750', } EOS apply_manifest(pp, :catch_failures => true) @@ -436,6 +437,7 @@ class { 'apache': } it { should be_directory } it { should be_owned_by 'test_owner' } it { should be_grouped_into 'test_group' } + it { should be_mode '0750' } end end diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb index b16ce88404..efba89dd90 100644 --- a/spec/defines/vhost_spec.rb +++ b/spec/defines/vhost_spec.rb @@ -1096,16 +1096,18 @@ expect { subject }.to raise_error(Puppet::Error, /'error_log_file' and 'error_log_pipe' cannot be defined at the same time/) end end - describe 'when docroot owner is specified' do + describe 'when docroot owner and mode is specified' do let :params do default_params.merge({ :docroot_owner => 'testuser', :docroot_group => 'testgroup', + :docroot_mode => '0750', }) end - it 'should set vhost ownership' do + it 'should set vhost ownership and permissions' do should contain_file(params[:docroot]).with({ :ensure => :directory, :owner => 'testuser', :group => 'testgroup', + :mode => '0750', }) end end diff --git a/tests/vhost.pp b/tests/vhost.pp index f0d3f58e47..a6c61360a7 100644 --- a/tests/vhost.pp +++ b/tests/vhost.pp @@ -13,12 +13,13 @@ docroot => '/var/www/first', } -# Vhost with different docroot owner/group +# Vhost with different docroot owner/group/mode apache::vhost { 'second.example.com': port => '80', docroot => '/var/www/second', docroot_owner => 'third', docroot_group => 'third', + docroot_mode => '0770', } # Vhost with serveradmin From 73f94870ebbf39f62073675c7228faf4cbee19b8 Mon Sep 17 00:00:00 2001 From: jonoterc Date: Mon, 7 Apr 2014 13:41:47 -0400 Subject: [PATCH 29/65] revert apache::mod::passenger default parameters for RedHat The prior commit modified the default parameters for mod::passenger for RedHat, hardcoding paths related to the installed package; these changes were unnecessary and are being reverted. The changes were originally prompted by (new) spec acceptance temps leveraging passenger-status (to verify that passenger is running); these tests were not working under RedHat; revisiting with the original default parameters revealed that the RedHat tests were misconfigured (the required PASSENGER_TMPDIR environment was not being set), so those have been corrected. Also, spec/class tests have be reverted to reflect the (reverted) expected parameters. --- manifests/params.pp | 8 +++--- spec/acceptance/mod_passenger_spec.rb | 41 ++++++++++++++++++--------- spec/classes/mod/passenger_spec.rb | 9 ++++-- 3 files changed, 38 insertions(+), 20 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index eaedc148e7..43f3566aff 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -49,10 +49,10 @@ $default_ssl_cert = '/etc/pki/tls/certs/localhost.crt' $default_ssl_key = '/etc/pki/tls/private/localhost.key' $ssl_certs_dir = '/etc/pki/tls/certs' - $passenger_conf_file = 'passenger.conf' - $passenger_conf_package_file = undef - $passenger_root = '/usr/lib/ruby/gems/1.8/gems/passenger-3.0.19' - $passenger_ruby = '/usr/bin/ruby' + $passenger_conf_file = 'passenger_extra.conf' + $passenger_conf_package_file = 'passenger.conf' + $passenger_root = undef + $passenger_ruby = undef $suphp_addhandler = 'php5-script' $suphp_engine = 'off' $suphp_configpath = undef diff --git a/spec/acceptance/mod_passenger_spec.rb b/spec/acceptance/mod_passenger_spec.rb index 7443b0e8b5..e1ea23ec80 100644 --- a/spec/acceptance/mod_passenger_spec.rb +++ b/spec/acceptance/mod_passenger_spec.rb @@ -17,8 +17,10 @@ mod_dir = '/etc/httpd/conf.d/' conf_file = "#{mod_dir}passenger.conf" load_file = "#{mod_dir}passenger.load" - passenger_root = '/usr/lib/ruby/gems/1.8/gems/passenger-3.0.19' + # sometimes installs as 3.0.12, sometimes as 3.0.19 - so just check for the stable part + passenger_root = '/usr/lib/ruby/gems/1.8/gems/passenger-3.0.1' passenger_ruby = '/usr/bin/ruby' + passenger_tempdir = '/var/run/rubygem-passenger' passenger_module_path = 'modules/mod_passenger.so' rackapp_user = 'apache' rackapp_group = 'apache' @@ -67,7 +69,7 @@ class { 'apache::mod::passenger': } it { should be_enabled } it { should be_running } end - + describe file(conf_file) do it { should contain "PassengerRoot \"#{passenger_root}\"" } it { should contain "PassengerRuby \"#{passenger_ruby}\"" } @@ -84,11 +86,11 @@ class { 'apache::mod::passenger': } r.stdout.should =~ /Passenger processes/ r.stdout.should =~ /### Processes: [0-9]+/ r.stdout.should =~ /### Total private dirty RSS: [0-9\.]+ MB/ - + r.exit_code.should == 0 end end - + # passenger-status fails under stock ubuntu-server-12042-x64 + mod_passenger, # even when the passenger process is successfully installed and running unless fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemrelease') == '12.04' @@ -102,19 +104,19 @@ class { 'apache::mod::passenger': } r.stdout.should =~ /active[ ]+= [0-9]+/ r.stdout.should =~ /inactive[ ]+= [0-9]+/ r.stdout.should =~ /Waiting on global queue: [0-9]+/ - + r.exit_code.should == 0 end end end - + it 'should answer to passenger.example.com' do shell("/usr/bin/curl passenger.example.com:80") do |r| r.stdout.should =~ /^hello world<\/b>$/ r.exit_code.should == 0 end end - + end when 'RedHat' @@ -173,20 +175,31 @@ class { 'apache::mod::passenger': it { should be_enabled } it { should be_running } end - + describe file(conf_file) do - it { should contain "PassengerRoot \"#{passenger_root}\"" } - it { should contain "PassengerRuby \"#{passenger_ruby}\"" } + it { should contain "PassengerRoot #{passenger_root}" } + it { should contain "PassengerRuby #{passenger_ruby}" } + it { should contain "PassengerTempDir #{passenger_tempdir}" } end describe file(load_file) do it { should contain "LoadModule passenger_module #{passenger_module_path}" } end - # note: passenger-memory-stats is not installed on Redhat + it 'should output status via passenger-memory-stats' do + shell("sudo /usr/bin/passenger-memory-stats") do |r| + r.stdout.should =~ /Apache processes/ + r.stdout.should =~ /Nginx processes/ + r.stdout.should =~ /Passenger processes/ + r.stdout.should =~ /### Processes: [0-9]+/ + r.stdout.should =~ /### Total private dirty RSS: [0-9\.]+ MB/ + + r.exit_code.should == 0 + end + end it 'should output status via passenger-status' do - shell("sudo /usr/bin/passenger-status") do |r| + shell("sudo PASSENGER_TMPDIR=/var/run/rubygem-passenger /usr/bin/passenger-status") do |r| # spacing may vary r.stdout.should =~ /[\-]+ General information [\-]+/ r.stdout.should =~ /max[ ]+= [0-9]+/ @@ -194,11 +207,11 @@ class { 'apache::mod::passenger': r.stdout.should =~ /active[ ]+= [0-9]+/ r.stdout.should =~ /inactive[ ]+= [0-9]+/ r.stdout.should =~ /Waiting on global queue: [0-9]+/ - + r.exit_code.should == 0 end end - + it 'should answer to passenger.example.com' do shell("/usr/bin/curl passenger.example.com:80") do |r| r.stdout.should =~ /^hello world<\/b>$/ diff --git a/spec/classes/mod/passenger_spec.rb b/spec/classes/mod/passenger_spec.rb index e65798a355..08cff41554 100644 --- a/spec/classes/mod/passenger_spec.rb +++ b/spec/classes/mod/passenger_spec.rb @@ -118,11 +118,16 @@ it { should contain_class("apache::params") } it { should contain_apache__mod('passenger') } it { should contain_package("mod_passenger") } + it { should contain_file('passenger_package.conf').with({ + 'path' => '/etc/httpd/conf.d/passenger.conf', + }) } + it { should contain_file('passenger_package.conf').without_content } + it { should contain_file('passenger_package.conf').without_source } it { should contain_file('passenger.load').with({ 'path' => '/etc/httpd/conf.d/passenger.load', }) } - it { should contain_file('passenger.conf').with_content(/^ PassengerRoot "\/usr\/lib\/ruby\/gems\/1.8\/gems\/passenger-3\.0\.19"$/) } - it { should contain_file('passenger.conf').with_content(/^ PassengerRuby "\/usr\/bin\/ruby"/) } + it { should contain_file('passenger.conf').without_content(/PassengerRoot/) } + it { should contain_file('passenger.conf').without_content(/PassengerRuby/) } describe "with passenger_root => '/usr/lib/example'" do let :params do { :passenger_root => '/usr/lib/example' } From 00fb3fa4c8d7cf37791a433586e1e28181bf97a4 Mon Sep 17 00:00:00 2001 From: Chris Baldauf Date: Fri, 11 Apr 2014 20:54:48 -0400 Subject: [PATCH 30/65] Fixing typo with braces in the rewrite section. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 9bfc8e7516..98cebb9a97 100644 --- a/README.md +++ b/README.md @@ -927,7 +927,7 @@ Multiple rewrites and conditions are also possible rewrite_cond => ['%{HTTP_USER_AGENT} ^MSIE'], rewrite_rule => ['^index\.html$ /index.IE.html [L]'], }, - } + { rewrite_base => /apps/, rewrite_rule => ['^index\.cgi$ index.php', '^index\.html$ index.php', '^index\.asp$ index.html'], }, From a444355f84445c0dcf2ca475f07bbbd1a64eb963 Mon Sep 17 00:00:00 2001 From: Sander Hoentjen Date: Mon, 14 Apr 2014 14:34:25 +0200 Subject: [PATCH 31/65] order proxy_set option so it doesn't change between runs --- manifests/balancer.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/balancer.pp b/manifests/balancer.pp index ac2bc88e44..173aaec2dd 100644 --- a/manifests/balancer.pp +++ b/manifests/balancer.pp @@ -71,7 +71,7 @@ ensure => present, target => $target, order => '19', - content => inline_template("<% proxy_set.each do |key, value| %> Proxyset <%= key %>=<%= value %>\n<% end %>"), + content => inline_template("<% proxy_set.keys.sort.each do |key| %> Proxyset <%= key %>=<%= proxy_set[key] %>\n<% end %>"), } concat::fragment { "01-${name}-footer": From a6f92a98b864e218eb3fde0405ffcca1a1bde2f3 Mon Sep 17 00:00:00 2001 From: Bram Vogelaar Date: Tue, 22 Apr 2014 15:04:18 +0200 Subject: [PATCH 32/65] turning MaxKeepAliveRequests into a variable --- manifests/init.pp | 2 ++ manifests/params.pp | 3 +++ spec/acceptance/apache_parameters_spec.rb | 3 ++- templates/httpd.conf.erb | 2 +- 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/manifests/init.pp b/manifests/init.pp index cabeee4c0e..6f94f44e70 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -49,6 +49,7 @@ $group = $::apache::params::group, $keepalive = $::apache::params::keepalive, $keepalive_timeout = $::apache::params::keepalive_timeout, + $maxkeepaliverequests = $apache::params::maxkeepaliverequests, $logroot = $::apache::params::logroot, $log_level = $::apache::params::log_level, $log_formats = {}, @@ -270,6 +271,7 @@ # - $apxs_workaround # - $keepalive # - $keepalive_timeout + # - $maxkeepaliverequests # - $server_root # - $server_tokens # - $server_signature diff --git a/manifests/params.pp b/manifests/params.pp index eaedc148e7..fc8e29c4f2 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -85,6 +85,7 @@ $conf_template = 'apache/httpd.conf.erb' $keepalive = 'Off' $keepalive_timeout = 15 + $maxkeepaliverequests = 100 $fastcgi_lib_path = undef $mime_support_package = 'mailcap' $mime_types_config = '/etc/mime.types' @@ -141,6 +142,7 @@ $conf_template = 'apache/httpd.conf.erb' $keepalive = 'Off' $keepalive_timeout = 15 + $maxkeepaliverequests = 100 $fastcgi_lib_path = '/var/lib/apache2/fastcgi' $mime_support_package = 'mime-support' $mime_types_config = '/etc/mime.types' @@ -199,6 +201,7 @@ $conf_template = 'apache/httpd.conf.erb' $keepalive = 'Off' $keepalive_timeout = 15 + $maxkeepaliverequests = 100 $fastcgi_lib_path = undef # TODO: revisit $mime_support_package = 'misc/mime-support' $mime_types_config = '/usr/local/etc/mime.types' diff --git a/spec/acceptance/apache_parameters_spec.rb b/spec/acceptance/apache_parameters_spec.rb index 90134be144..45903cd3d3 100644 --- a/spec/acceptance/apache_parameters_spec.rb +++ b/spec/acceptance/apache_parameters_spec.rb @@ -312,7 +312,7 @@ class { 'apache': describe 'keepalive' do describe 'setup' do it 'applies cleanly' do - pp = "class { 'apache': keepalive => 'On', keepalive_timeout => '30' }" + pp = "class { 'apache': keepalive => 'On', keepalive_timeout => '30', maxkeepaliverequests => '200' }" apply_manifest(pp, :catch_failures => true) end end @@ -321,6 +321,7 @@ class { 'apache': it { should be_file } it { should contain 'KeepAlive On' } it { should contain 'KeepAliveTimeout 30' } + it { should contain 'MaxKeepAliveRequests 200' } end end diff --git a/templates/httpd.conf.erb b/templates/httpd.conf.erb index 43b32bda2c..7ee8f1fe66 100644 --- a/templates/httpd.conf.erb +++ b/templates/httpd.conf.erb @@ -8,7 +8,7 @@ ServerRoot "<%= @server_root %>" PidFile <%= @pidfile %> Timeout <%= @timeout %> KeepAlive <%= @keepalive %> -MaxKeepAliveRequests 100 +MaxKeepAliveRequests <%= @maxkeepaliverequests %> KeepAliveTimeout <%= @keepalive_timeout %> User <%= @user %> From e42f7685e5229ba3b4fcf58ebeaa50bcdbb6d657 Mon Sep 17 00:00:00 2001 From: Bram Vogelaar Date: Tue, 22 Apr 2014 16:08:32 +0200 Subject: [PATCH 33/65] introducing new setting to documentation --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 98cebb9a97..ad37b72dc3 100644 --- a/README.md +++ b/README.md @@ -306,6 +306,10 @@ Enables persistent connections. Sets the amount of time the server will wait for subsequent requests on a persistent connection. Defaults to '15'. +#####`maxkeepaliverequests` + +Sets the limit of the number of requests allowed per connection when KeepAlive is on. Defaults to '100'. + #####`log_level` Changes the verbosity level of the error log. Defaults to 'warn'. Valid values are 'emerg', 'alert', 'crit', 'error', 'warn', 'notice', 'info', or 'debug'. From 94f2d772360a2a9e7acbf15e513d50753c209771 Mon Sep 17 00:00:00 2001 From: Bram Vogelaar Date: Wed, 23 Apr 2014 09:35:00 +0200 Subject: [PATCH 34/65] renaming variable to be inline with other variables maxkeepaliverequests => max_keepalive_requests --- README.md | 2 +- manifests/init.pp | 4 ++-- manifests/params.pp | 6 +++--- spec/acceptance/apache_parameters_spec.rb | 2 +- templates/httpd.conf.erb | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index ad37b72dc3..df07f09b46 100644 --- a/README.md +++ b/README.md @@ -306,7 +306,7 @@ Enables persistent connections. Sets the amount of time the server will wait for subsequent requests on a persistent connection. Defaults to '15'. -#####`maxkeepaliverequests` +#####`max_keepalive_requests` Sets the limit of the number of requests allowed per connection when KeepAlive is on. Defaults to '100'. diff --git a/manifests/init.pp b/manifests/init.pp index 6f94f44e70..069399b6da 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -49,7 +49,7 @@ $group = $::apache::params::group, $keepalive = $::apache::params::keepalive, $keepalive_timeout = $::apache::params::keepalive_timeout, - $maxkeepaliverequests = $apache::params::maxkeepaliverequests, + $max_keepalive_requests = $apache::params::max_keepalive_requests, $logroot = $::apache::params::logroot, $log_level = $::apache::params::log_level, $log_formats = {}, @@ -271,7 +271,7 @@ # - $apxs_workaround # - $keepalive # - $keepalive_timeout - # - $maxkeepaliverequests + # - $max_keepalive_requests # - $server_root # - $server_tokens # - $server_signature diff --git a/manifests/params.pp b/manifests/params.pp index fc8e29c4f2..33297674cd 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -85,7 +85,7 @@ $conf_template = 'apache/httpd.conf.erb' $keepalive = 'Off' $keepalive_timeout = 15 - $maxkeepaliverequests = 100 + $max_keepalive_requests = 100 $fastcgi_lib_path = undef $mime_support_package = 'mailcap' $mime_types_config = '/etc/mime.types' @@ -142,7 +142,7 @@ $conf_template = 'apache/httpd.conf.erb' $keepalive = 'Off' $keepalive_timeout = 15 - $maxkeepaliverequests = 100 + $max_keepalive_requests = 100 $fastcgi_lib_path = '/var/lib/apache2/fastcgi' $mime_support_package = 'mime-support' $mime_types_config = '/etc/mime.types' @@ -201,7 +201,7 @@ $conf_template = 'apache/httpd.conf.erb' $keepalive = 'Off' $keepalive_timeout = 15 - $maxkeepaliverequests = 100 + $max_keepalive_requests = 100 $fastcgi_lib_path = undef # TODO: revisit $mime_support_package = 'misc/mime-support' $mime_types_config = '/usr/local/etc/mime.types' diff --git a/spec/acceptance/apache_parameters_spec.rb b/spec/acceptance/apache_parameters_spec.rb index 45903cd3d3..670ceaebe1 100644 --- a/spec/acceptance/apache_parameters_spec.rb +++ b/spec/acceptance/apache_parameters_spec.rb @@ -312,7 +312,7 @@ class { 'apache': describe 'keepalive' do describe 'setup' do it 'applies cleanly' do - pp = "class { 'apache': keepalive => 'On', keepalive_timeout => '30', maxkeepaliverequests => '200' }" + pp = "class { 'apache': keepalive => 'On', keepalive_timeout => '30', max_keepalive_requests => '200' }" apply_manifest(pp, :catch_failures => true) end end diff --git a/templates/httpd.conf.erb b/templates/httpd.conf.erb index 7ee8f1fe66..dd43cb95d2 100644 --- a/templates/httpd.conf.erb +++ b/templates/httpd.conf.erb @@ -8,7 +8,7 @@ ServerRoot "<%= @server_root %>" PidFile <%= @pidfile %> Timeout <%= @timeout %> KeepAlive <%= @keepalive %> -MaxKeepAliveRequests <%= @maxkeepaliverequests %> +MaxKeepAliveRequests <%= @max_keepalive_requests %> KeepAliveTimeout <%= @keepalive_timeout %> User <%= @user %> From 8c504df09f614f69269409e605c6274dba107850 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Thu, 24 Apr 2014 13:36:44 -0700 Subject: [PATCH 35/65] Fixing typos! --- spec/acceptance/apache_parameters_spec.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/spec/acceptance/apache_parameters_spec.rb b/spec/acceptance/apache_parameters_spec.rb index 90134be144..058bd6452e 100644 --- a/spec/acceptance/apache_parameters_spec.rb +++ b/spec/acceptance/apache_parameters_spec.rb @@ -291,9 +291,9 @@ class { 'apache': it 'applies cleanly' do pp = <<-EOS class { 'apache': - { log_formats => { - 'vhost_common' => '%v %h %l %u %t \"%r\" %>s %b', - 'vhost_combined' => '%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"', + log_formats => { + 'vhost_common' => '%v %h %l %u %t \\\"%r\\\" %>s %b', + 'vhost_combined' => '%v %h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-agent}i\\\"', } } EOS @@ -303,7 +303,7 @@ class { 'apache': describe file($conf_file) do it { should be_file } - it { should contain 'LogFormat %v %h %l %u %t \"%r\" %>s %b" vhost_common' } + it { should contain 'LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common' } it { should contain 'LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined' } end end From 373a8a9e6b9e43b23e6cd641602a8cf7aa5e8a65 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Fri, 25 Apr 2014 15:04:38 -0700 Subject: [PATCH 36/65] Don't include the NameVirtualHost directives in apache >= 2.4, and add tests for this that will at least work with Ubuntu 13.10 and Ubuntu 14.04. Tests will still work anywhere with apache < 2.4, but haven't been updated to support RHEL7 yet. --- manifests/vhost.pp | 2 +- spec/acceptance/vhost_spec.rb | 10 ++++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/manifests/vhost.pp b/manifests/vhost.pp index b6c75dc51e..24b782e76d 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -348,7 +348,7 @@ } } if ! $ip_based { - if ! defined(Apache::Namevirtualhost[$nvh_addr_port]) and $ensure == 'present' { + if ! defined(Apache::Namevirtualhost[$nvh_addr_port]) and $ensure == 'present' and $apache_version < 2.4 { ::apache::namevirtualhost { $nvh_addr_port: } } } diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index 01c9dcbb0f..72294e2ea8 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -484,6 +484,16 @@ class { 'apache': } apply_manifest(pp, :catch_failures => true) end + describe file($ports_file) do + it { should be_file } + case fact('lsbdistcodename') + when 'saucy', 'trusty' + it { should_not contain 'NameVirtualHost test.server' } + else + it { should contain 'NameVirtualHost test.server' } + end + end + describe file("#{$vhost_dir}/10-test.server.conf") do it { should be_file } end From c733ea438e8c105b90faf1aec425a1187402d85f Mon Sep 17 00:00:00 2001 From: cvdwel Date: Sat, 26 Apr 2014 20:50:00 +0200 Subject: [PATCH 37/65] Remove non-SSL rewrite example from apache::vhost As apache::vhosts requires $docroot to be set, this example doesn't work. However the non-SSL to SSL rewrite is a very common use case (and setting $docroot to /dev/null doesn't work either). Parameter $docroot should be optional. Or at least it should be possible to skip docroot management (create dir, set owner etc.) for example by setting $manage_docroot = false. --- manifests/vhost.pp | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/manifests/vhost.pp b/manifests/vhost.pp index b6c75dc51e..0a9bf2e418 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -70,16 +70,6 @@ # docroot => '/path/to/docroot', # } # apache::vhost { 'site.name.fqdn': -# port => '80', -# rewrites => [ -# { -# comment => "redirect non-SSL traffic to SSL site", -# rewrite_cond => ['%{HTTPS} off'], -# rewrite_rule => ['(.*) https://%{HTTPS_HOST}%{REQUEST_URI}'] -# } -# ] -# } -# apache::vhost { 'site.name.fqdn': # port => '80', # docroot => '/path/to/other_docroot', # custom_fragment => template("${module_name}/my_fragment.erb"), From 2e6648d2eacb2b8f3375acb495226830fbe25e8a Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Sat, 26 Apr 2014 21:02:21 +0200 Subject: [PATCH 38/65] Fix platform for centos-6.5 It looks like an accidental replace from 64 to 65 in the platform. --- spec/acceptance/nodesets/centos-65-x64.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/acceptance/nodesets/centos-65-x64.yml b/spec/acceptance/nodesets/centos-65-x64.yml index 89de021346..ac76349736 100644 --- a/spec/acceptance/nodesets/centos-65-x64.yml +++ b/spec/acceptance/nodesets/centos-65-x64.yml @@ -2,7 +2,7 @@ HOSTS: centos-65-x64: roles: - master - platform: el-6-x86_65 + platform: el-6-x86_64 box : centos-65-x64-virtualbox-nocm box_url : http://puppet-vagrant-boxes.puppetlabs.com/centos-65-x64-virtualbox-nocm.box hypervisor : vagrant From c647db040758cbe2a3fb08662126819701062831 Mon Sep 17 00:00:00 2001 From: Xavier leune Date: Tue, 1 Apr 2014 11:48:03 +0200 Subject: [PATCH 39/65] Allow custom extensions for php handler --- manifests/mod/php.pp | 2 ++ templates/mod/php5.conf.erb | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/manifests/mod/php.pp b/manifests/mod/php.pp index 8c1b94d6bb..2d954db5b7 100644 --- a/manifests/mod/php.pp +++ b/manifests/mod/php.pp @@ -2,10 +2,12 @@ $package_name = undef, $package_ensure = 'present', $path = undef, + $extensions = ['.php'], ) { if ! defined(Class['apache::mod::prefork']) { fail('apache::mod::php requires apache::mod::prefork; please enable mpm_module => \'prefork\' on Class[\'apache\']') } + validate_array($extensions) ::apache::mod { 'php5': package => $package_name, package_ensure => $package_ensure, diff --git a/templates/mod/php5.conf.erb b/templates/mod/php5.conf.erb index 9eef7628a8..2b0c8f7845 100644 --- a/templates/mod/php5.conf.erb +++ b/templates/mod/php5.conf.erb @@ -14,7 +14,7 @@ # # Cause the PHP interpreter to handle files with a .php extension. # -AddHandler php5-script .php +AddHandler php5-script <%= @extensions.join(' ') %> AddType text/html .php # From 5a8df9ff5c7033cdf302425444fa4f5abd1d3808 Mon Sep 17 00:00:00 2001 From: Xavier leune Date: Tue, 1 Apr 2014 16:01:26 +0200 Subject: [PATCH 40/65] Changing extensions.join to extensions.flatten.compact.join --- templates/mod/php5.conf.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/mod/php5.conf.erb b/templates/mod/php5.conf.erb index 2b0c8f7845..25ae102e09 100644 --- a/templates/mod/php5.conf.erb +++ b/templates/mod/php5.conf.erb @@ -14,7 +14,7 @@ # # Cause the PHP interpreter to handle files with a .php extension. # -AddHandler php5-script <%= @extensions.join(' ') %> +AddHandler php5-script <%= @@extensions.flatten.compact.join(' ') %> AddType text/html .php # From fc347a870155dbfb9b8e9075ed15c296ccb66f29 Mon Sep 17 00:00:00 2001 From: Xavier leune Date: Tue, 1 Apr 2014 16:10:33 +0200 Subject: [PATCH 41/65] Typo --- templates/mod/php5.conf.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/mod/php5.conf.erb b/templates/mod/php5.conf.erb index 25ae102e09..44df2ae066 100644 --- a/templates/mod/php5.conf.erb +++ b/templates/mod/php5.conf.erb @@ -14,7 +14,7 @@ # # Cause the PHP interpreter to handle files with a .php extension. # -AddHandler php5-script <%= @@extensions.flatten.compact.join(' ') %> +AddHandler php5-script <%= @extensions.flatten.compact.join(' ') %> AddType text/html .php # From 15b3adc6f6d2b587db1b97b6ba742cc0e713b756 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Thu, 1 May 2014 17:01:19 -0700 Subject: [PATCH 42/65] Use access_compat on 2.4, and update pagespeed to load the correct module in 2.4. --- manifests/default_mods.pp | 3 +++ manifests/mod/pagespeed.pp | 10 ++++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/manifests/default_mods.pp b/manifests/default_mods.pp index cf26e2802f..e38f2422a4 100644 --- a/manifests/default_mods.pp +++ b/manifests/default_mods.pp @@ -121,6 +121,9 @@ # filter is needed by mod_deflate ::apache::mod { 'filter': } + + # lots of stuff seems to break without access_compat + ::apache::mod { 'access_compat': } } else { ::apache::mod { 'authz_default': } } diff --git a/manifests/mod/pagespeed.pp b/manifests/mod/pagespeed.pp index d58f99fe2e..cca30eb50e 100644 --- a/manifests/mod/pagespeed.pp +++ b/manifests/mod/pagespeed.pp @@ -34,7 +34,14 @@ $additional_configuration = {}, ){ - apache::mod { 'pagespeed': } + $_lib = $::apache::apache_version ? { + 2.4 => 'mod_pagespeed_ap24.so', + default => undef + } + + apache::mod { 'pagespeed': + lib => $_lib, + } file { 'pagespeed.conf': ensure => file, @@ -44,5 +51,4 @@ before => File[$::apache::mod_dir], notify => Service['httpd'], } - } From 8fb2dfd46c5a17a36bef16081b25ce4e401115b7 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Thu, 1 May 2014 17:04:09 -0700 Subject: [PATCH 43/65] Update specs --- manifests/mod/php.pp | 1 + spec/acceptance/mod_php_spec.rb | 8 +++++--- spec/classes/mod/php_spec.rb | 8 ++++++++ 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/manifests/mod/php.pp b/manifests/mod/php.pp index 2d954db5b7..b797936bde 100644 --- a/manifests/mod/php.pp +++ b/manifests/mod/php.pp @@ -18,6 +18,7 @@ include ::apache::mod::dir Class['::apache::mod::mime'] -> Class['::apache::mod::dir'] -> Class['::apache::mod::php'] + # Template uses $extensions file { 'php5.conf': ensure => file, path => "${::apache::mod_dir}/php5.conf", diff --git a/spec/acceptance/mod_php_spec.rb b/spec/acceptance/mod_php_spec.rb index d1c991621d..cf8054053e 100644 --- a/spec/acceptance/mod_php_spec.rb +++ b/spec/acceptance/mod_php_spec.rb @@ -53,13 +53,15 @@ class { 'apache::mod::php': } end end - context "custom php admin_flag and php_admin_value" do + context "custom extensions, php_admin_flag, and php_admin_value" do it 'succeeds in puppeting php' do pp= <<-EOS class { 'apache': mpm_module => 'prefork', } - class { 'apache::mod::php': } + class { 'apache::mod::php': + extensions => ['.php','.php5'], + } apache::vhost { 'php.example.com': port => '80', docroot => '/var/www/php', @@ -67,7 +69,7 @@ class { 'apache::mod::php': } php_admin_flags => { 'engine' => 'on', }, } host { 'php.example.com': ip => '127.0.0.1', } - file { '/var/www/php/index.php': + file { '/var/www/php/index.php5': ensure => file, content => "\\n", } diff --git a/spec/classes/mod/php_spec.rb b/spec/classes/mod/php_spec.rb index 29adc870f4..32b2ff0994 100644 --- a/spec/classes/mod/php_spec.rb +++ b/spec/classes/mod/php_spec.rb @@ -64,6 +64,14 @@ :content => "LoadModule php5_module alternative-path\n" ) } end + context "with alternative extensions" do let :pre_condition do + 'class { "apache": }' + end + let :params do + { :extensions => ['.php','.php5']} + end + it { should contain_file("php5.conf").with_content =~ /AddHandler php5-script .php .php5\n/ } + end context "with specific version" do let :pre_condition do 'class { "apache": }' From 9d2067c2e71ecc9bea9402e535536d47db4f3a4c Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Thu, 1 May 2014 19:22:52 +0200 Subject: [PATCH 44/65] Add suexec support This adds the suexec_user_group parameter to vhost and introduces a class apache::mod::suexec, which is included when the parameter is used. --- manifests/default_mods.pp | 2 +- manifests/mod/suexec.pp | 3 +++ manifests/vhost.pp | 12 +++++++++++- spec/defines/vhost_spec.rb | 10 ++++++++++ templates/vhost.conf.erb | 1 + templates/vhost/_suexec.erb | 4 ++++ 6 files changed, 30 insertions(+), 2 deletions(-) create mode 100644 manifests/mod/suexec.pp create mode 100644 templates/vhost/_suexec.erb diff --git a/manifests/default_mods.pp b/manifests/default_mods.pp index af98896216..adeef8f25c 100644 --- a/manifests/default_mods.pp +++ b/manifests/default_mods.pp @@ -26,6 +26,7 @@ include ::apache::mod::mime include ::apache::mod::mime_magic include ::apache::mod::vhost_alias + include ::apache::mod::suexec include ::apache::mod::rewrite ::apache::mod { 'auth_digest': } ::apache::mod { 'authn_anon': } @@ -38,7 +39,6 @@ ::apache::mod { 'logio': } ::apache::mod { 'speling': } ::apache::mod { 'substitute': } - ::apache::mod { 'suexec': } ::apache::mod { 'usertrack': } ::apache::mod { 'version': } diff --git a/manifests/mod/suexec.pp b/manifests/mod/suexec.pp new file mode 100644 index 0000000000..ded013d499 --- /dev/null +++ b/manifests/mod/suexec.pp @@ -0,0 +1,3 @@ +class apache::mod::suexec { + ::apache::mod { 'suexec': } +} diff --git a/manifests/vhost.pp b/manifests/vhost.pp index 24b782e76d..90162f13a8 100644 --- a/manifests/vhost.pp +++ b/manifests/vhost.pp @@ -174,7 +174,8 @@ $fastcgi_socket = undef, $fastcgi_dir = undef, $additional_includes = [], - $apache_version = $::apache::apache_version + $apache_version = $::apache::apache_version, + $suexec_user_group = undef, ) { # The base class must be included first because it is used by parameter defaults if ! defined(Class['apache']) { @@ -200,6 +201,11 @@ validate_hash($rewrites[0]) } + if $suexec_user_group { + validate_re($suexec_user_group, '^\w+ \w+$', + "${suexec_user_group} is not supported for suexec_user_group. Must be 'user group'.") + } + # Deprecated backwards-compatibility if $rewrite_base { warning('Apache::Vhost: parameter rewrite_base is deprecated in favor of rewrites') @@ -255,6 +261,10 @@ include ::apache::mod::wsgi } + if $suexec_user_group { + include ::apache::mod::suexec + } + # This ensures that the docroot exists # But enables it to be specified across multiple vhost resources if ! defined(File[$docroot]) { diff --git a/spec/defines/vhost_spec.rb b/spec/defines/vhost_spec.rb index 234fdbd0b0..0e63701486 100644 --- a/spec/defines/vhost_spec.rb +++ b/spec/defines/vhost_spec.rb @@ -1308,6 +1308,16 @@ end end + describe 'when suexec_user_group is specified' do + let :params do + default_params.merge({ + :suexec_user_group => 'nobody nogroup', + }) + end + + it { should contain_file("25-#{title}.conf").with_content %r{^ SuexecUserGroup nobody nogroup$} } + end + describe 'redirect rules' do describe 'without lockstep arrays' do let :params do diff --git a/templates/vhost.conf.erb b/templates/vhost.conf.erb index 673ea0c2bd..64024cfef3 100644 --- a/templates/vhost.conf.erb +++ b/templates/vhost.conf.erb @@ -62,4 +62,5 @@ <%= scope.function_template(['apache/vhost/_wsgi.erb']) -%> <%= scope.function_template(['apache/vhost/_custom_fragment.erb']) -%> <%= scope.function_template(['apache/vhost/_fastcgi.erb']) -%> +<%= scope.function_template(['apache/vhost/_suexec.erb']) -%> diff --git a/templates/vhost/_suexec.erb b/templates/vhost/_suexec.erb new file mode 100644 index 0000000000..8a7ae0f17f --- /dev/null +++ b/templates/vhost/_suexec.erb @@ -0,0 +1,4 @@ +<% if @suexec_user_group -%> + + SuexecUserGroup <%= @suexec_user_group %> +<% end -%> From 6b14fd08e13a27fa11eb5169c2baa8079b0228c5 Mon Sep 17 00:00:00 2001 From: Greg Sutcliffe Date: Mon, 28 Apr 2014 15:38:59 +0100 Subject: [PATCH 45/65] Configure Passenger in separate .conf file on Debian so PassengerRoot isn't lost The changes in 005bf615c are also necessary for Ubuntu 14.04 which now ships Passenger 4.x --- manifests/params.pp | 72 +++++++++++++-------------- spec/acceptance/mod_passenger_spec.rb | 23 ++++++--- spec/classes/mod/passenger_spec.rb | 35 +++++++++---- 3 files changed, 77 insertions(+), 53 deletions(-) diff --git a/manifests/params.pp b/manifests/params.pp index 29e9fd2fc9..c7a042a7db 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -90,36 +90,36 @@ $mime_support_package = 'mailcap' $mime_types_config = '/etc/mime.types' } elsif $::osfamily == 'Debian' { - $user = 'www-data' - $group = 'www-data' - $root_group = 'root' - $apache_name = 'apache2' - $service_name = 'apache2' - $httpd_dir = '/etc/apache2' - $server_root = '/etc/apache2' - $conf_dir = $httpd_dir - $confd_dir = "${httpd_dir}/conf.d" - $mod_dir = "${httpd_dir}/mods-available" - $mod_enable_dir = "${httpd_dir}/mods-enabled" - $vhost_dir = "${httpd_dir}/sites-available" - $vhost_enable_dir = "${httpd_dir}/sites-enabled" - $conf_file = 'apache2.conf' - $ports_file = "${conf_dir}/ports.conf" - $logroot = '/var/log/apache2' - $lib_path = '/usr/lib/apache2/modules' - $mpm_module = 'worker' - $dev_packages = ['libaprutil1-dev', 'libapr1-dev', 'apache2-prefork-dev'] - $default_ssl_cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem' - $default_ssl_key = '/etc/ssl/private/ssl-cert-snakeoil.key' - $ssl_certs_dir = '/etc/ssl/certs' - $passenger_conf_file = 'passenger.conf' - $passenger_conf_package_file = undef - $passenger_root = '/usr' - $passenger_ruby = '/usr/bin/ruby' - $suphp_addhandler = 'x-httpd-php' - $suphp_engine = 'off' - $suphp_configpath = '/etc/php5/apache2' - $mod_packages = { + $user = 'www-data' + $group = 'www-data' + $root_group = 'root' + $apache_name = 'apache2' + $service_name = 'apache2' + $httpd_dir = '/etc/apache2' + $server_root = '/etc/apache2' + $conf_dir = $httpd_dir + $confd_dir = "${httpd_dir}/conf.d" + $mod_dir = "${httpd_dir}/mods-available" + $mod_enable_dir = "${httpd_dir}/mods-enabled" + $vhost_dir = "${httpd_dir}/sites-available" + $vhost_enable_dir = "${httpd_dir}/sites-enabled" + $conf_file = 'apache2.conf' + $ports_file = "${conf_dir}/ports.conf" + $logroot = '/var/log/apache2' + $lib_path = '/usr/lib/apache2/modules' + $mpm_module = 'worker' + $dev_packages = ['libaprutil1-dev', 'libapr1-dev', 'apache2-prefork-dev'] + $default_ssl_cert = '/etc/ssl/certs/ssl-cert-snakeoil.pem' + $default_ssl_key = '/etc/ssl/private/ssl-cert-snakeoil.key' + $ssl_certs_dir = '/etc/ssl/certs' + $passenger_conf_file = 'passenger_extra.conf' + $passenger_conf_package_file = 'passenger.conf' + $passenger_root = undef + $passenger_ruby = undef + $suphp_addhandler = 'x-httpd-php' + $suphp_engine = 'off' + $suphp_configpath = '/etc/php5/apache2' + $mod_packages = { 'auth_kerb' => 'libapache2-mod-auth-kerb', 'dav_svn' => 'libapache2-svn', 'fastcgi' => 'libapache2-mod-fastcgi', @@ -136,16 +136,16 @@ 'wsgi' => 'libapache2-mod-wsgi', 'xsendfile' => 'libapache2-mod-xsendfile', } - $mod_libs = { + $mod_libs = { 'php5' => 'libphp5.so', } - $conf_template = 'apache/httpd.conf.erb' - $keepalive = 'Off' - $keepalive_timeout = 15 + $conf_template = 'apache/httpd.conf.erb' + $keepalive = 'Off' + $keepalive_timeout = 15 $max_keepalive_requests = 100 - $fastcgi_lib_path = '/var/lib/apache2/fastcgi' + $fastcgi_lib_path = '/var/lib/apache2/fastcgi' $mime_support_package = 'mime-support' - $mime_types_config = '/etc/mime.types' + $mime_types_config = '/etc/mime.types' } elsif $::osfamily == 'FreeBSD' { $user = 'www' $group = 'www' diff --git a/spec/acceptance/mod_passenger_spec.rb b/spec/acceptance/mod_passenger_spec.rb index e1ea23ec80..5b6c6d8570 100644 --- a/spec/acceptance/mod_passenger_spec.rb +++ b/spec/acceptance/mod_passenger_spec.rb @@ -5,7 +5,7 @@ when 'Debian' service_name = 'apache2' mod_dir = '/etc/apache2/mods-available/' - conf_file = "#{mod_dir}passenger.conf" + conf_file = "#{mod_dir}passenger_extra.conf" load_file = "#{mod_dir}passenger.load" passenger_root = '/usr' passenger_ruby = '/usr/bin/ruby' @@ -71,8 +71,9 @@ class { 'apache::mod::passenger': } end describe file(conf_file) do - it { should contain "PassengerRoot \"#{passenger_root}\"" } - it { should contain "PassengerRuby \"#{passenger_ruby}\"" } + # passenger_extra.conf only contains directives if overridden from the class params + it { should_not contain "PassengerRoot \"#{passenger_root}\"" } + it { should_not contain "PassengerRuby \"#{passenger_ruby}\"" } end describe file(load_file) do @@ -99,11 +100,17 @@ class { 'apache::mod::passenger': } shell("sudo /usr/sbin/passenger-status") do |r| # spacing may vary r.stdout.should =~ /[\-]+ General information [\-]+/ - r.stdout.should =~ /max[ ]+= [0-9]+/ - r.stdout.should =~ /count[ ]+= [0-9]+/ - r.stdout.should =~ /active[ ]+= [0-9]+/ - r.stdout.should =~ /inactive[ ]+= [0-9]+/ - r.stdout.should =~ /Waiting on global queue: [0-9]+/ + if fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemrelease') == '14.04' + r.stdout.should =~ /Max pool size[ ]+: [0-9]+/ + r.stdout.should =~ /Processes[ ]+: [0-9]+/ + r.stdout.should =~ /Requests in top-level queue[ ]+: [0-9]+/ + else + r.stdout.should =~ /max[ ]+= [0-9]+/ + r.stdout.should =~ /count[ ]+= [0-9]+/ + r.stdout.should =~ /active[ ]+= [0-9]+/ + r.stdout.should =~ /inactive[ ]+= [0-9]+/ + r.stdout.should =~ /Waiting on global queue: [0-9]+/ + end r.exit_code.should == 0 end diff --git a/spec/classes/mod/passenger_spec.rb b/spec/classes/mod/passenger_spec.rb index 08cff41554..608b3c47d9 100644 --- a/spec/classes/mod/passenger_spec.rb +++ b/spec/classes/mod/passenger_spec.rb @@ -16,11 +16,28 @@ it { should contain_file('passenger.load').with({ 'path' => '/etc/apache2/mods-available/passenger.load', }) } - it { should contain_file('passenger.conf').with({ + it { should contain_file('passenger_package.conf').with({ 'path' => '/etc/apache2/mods-available/passenger.conf', }) } - it { should contain_file('passenger.conf').with_content(/^ PassengerRoot "\/usr"$/) } - it { should contain_file('passenger.conf').with_content(/^ PassengerRuby "\/usr\/bin\/ruby"$/) } + it { should contain_file('passenger_package.conf').without_content } + it { should contain_file('passenger_package.conf').without_source } + it { should contain_file('passenger.conf').with({ + 'path' => '/etc/apache2/mods-available/passenger_extra.conf', + }) } + it { should contain_file('passenger.conf').without_content(/PassengerRoot/) } + it { should contain_file('passenger.conf').without_content(/PassengerRuby/) } + describe "with passenger_root => '/usr/lib/example'" do + let :params do + { :passenger_root => '/usr/lib/example' } + end + it { should contain_file('passenger.conf').with_content(%r{PassengerRoot "/usr/lib/example"}) } + end + describe "with passenger_ruby => /usr/lib/example/ruby" do + let :params do + { :passenger_ruby => '/usr/lib/example/ruby' } + end + it { should contain_file('passenger.conf').with_content(%r{PassengerRuby "/usr/lib/example/ruby"}) } + end describe "with passenger_high_performance => true" do let :params do { :passenger_high_performance => 'true' } @@ -69,11 +86,11 @@ end it { should contain_file('passenger.conf').with_content(/^ PassengerRoot "\/usr\/lib\/example"$/) } end - describe "with passenger_ruby => /user/lib/example/ruby" do + describe "with passenger_ruby => /usr/lib/example/ruby" do let :params do - { :passenger_ruby => '/user/lib/example/ruby' } + { :passenger_ruby => '/usr/lib/example/ruby' } end - it { should contain_file('passenger.conf').with_content(/^ PassengerRuby "\/user\/lib\/example\/ruby"$/) } + it { should contain_file('passenger.conf').with_content(/^ PassengerRuby "\/usr\/lib\/example\/ruby"$/) } end describe "with passenger_use_global_queue => true" do let :params do @@ -134,11 +151,11 @@ end it { should contain_file('passenger.conf').with_content(/^ PassengerRoot "\/usr\/lib\/example"$/) } end - describe "with passenger_ruby => /user/lib/example/ruby" do + describe "with passenger_ruby => /usr/lib/example/ruby" do let :params do - { :passenger_ruby => '/user/lib/example/ruby' } + { :passenger_ruby => '/usr/lib/example/ruby' } end - it { should contain_file('passenger.conf').with_content(/^ PassengerRuby "\/user\/lib\/example\/ruby"$/) } + it { should contain_file('passenger.conf').with_content(/^ PassengerRuby "\/usr\/lib\/example\/ruby"$/) } end end context "on a FreeBSD OS" do From 1d72c4146034dc94e02cb9c37fa6c050f1b08a24 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Thu, 24 Apr 2014 13:36:15 -0700 Subject: [PATCH 46/65] Add a nodeset for Ubuntu 14.04. --- spec/acceptance/nodesets/ubuntu-server-1404-x64.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 spec/acceptance/nodesets/ubuntu-server-1404-x64.yml diff --git a/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml b/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml new file mode 100644 index 0000000000..cba1cd04c2 --- /dev/null +++ b/spec/acceptance/nodesets/ubuntu-server-1404-x64.yml @@ -0,0 +1,11 @@ +HOSTS: + ubuntu-server-1404-x64: + roles: + - master + platform: ubuntu-14.04-amd64 + box : puppetlabs/ubuntu-14.04-64-nocm + box_url : https://vagrantcloud.com/puppetlabs/ubuntu-14.04-64-nocm + hypervisor : vagrant +CONFIG: + log_level : debug + type: git From 7895319cd0cb5ac3172ecbf59fe71791e7724453 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Mon, 5 May 2014 14:27:03 -0400 Subject: [PATCH 47/65] 'be_mode' was getting confused by the leading 0. --- spec/acceptance/vhost_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index 6fa42a6b16..93b3f1f3a2 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -469,7 +469,7 @@ class { 'apache': } it { should be_directory } it { should be_owned_by 'test_owner' } it { should be_grouped_into 'test_group' } - it { should be_mode '0750' } + it { should be_mode 750 } end end From f19ec7670fbc10913867c102478dd8e2381f85e7 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Wed, 7 May 2014 19:23:07 -0400 Subject: [PATCH 48/65] Some initial cleanup for RHEL7. There are still some test issues, although mostly related to the lack of 'normal' EPEL and passenger packages. Also, still need to fix SELinux for non-standard paths, but that's going to be a big change. --- manifests/default_mods.pp | 9 +++++---- spec/acceptance/apache_parameters_spec.rb | 12 ++++++++---- spec/acceptance/class_spec.rb | 7 ++++--- spec/acceptance/mod_proxy_html_spec.rb | 2 +- spec/acceptance/vhost_spec.rb | 16 +++++++++------- 5 files changed, 27 insertions(+), 19 deletions(-) diff --git a/manifests/default_mods.pp b/manifests/default_mods.pp index 3800b5b79c..c8f7446cf6 100644 --- a/manifests/default_mods.pp +++ b/manifests/default_mods.pp @@ -9,6 +9,11 @@ case $::osfamily { 'redhat', 'freebsd': { ::apache::mod { 'log_config': } + if $apache_version >= 2.4 { + # Lets fork it + ::apache::mod { 'systemd': } + ::apache::mod { 'unixd': } + } } default: {} } @@ -43,10 +48,6 @@ ::apache::mod { 'version': } if $apache_version >= 2.4 { - # Lets fork it - ::apache::mod { 'systemd': } - - ::apache::mod { 'unixd': } ::apache::mod { 'authn_core': } } else { diff --git a/spec/acceptance/apache_parameters_spec.rb b/spec/acceptance/apache_parameters_spec.rb index 629c360e34..808190dfaa 100644 --- a/spec/acceptance/apache_parameters_spec.rb +++ b/spec/acceptance/apache_parameters_spec.rb @@ -328,12 +328,15 @@ class { 'apache': describe 'logging' do describe 'setup' do it 'applies cleanly' do - pp = "class { 'apache': logroot => '/tmp' }" + pp = <<-EOS + file { '/apache_spec': ensure => directory, } + class { 'apache': logroot => '/apache_spec' } + EOS apply_manifest(pp, :catch_failures => true) end end - describe file("/tmp/#{$error_log}") do + describe file("/apache_spec/#{$error_log}") do it { should be_file } end end @@ -341,8 +344,9 @@ class { 'apache': describe 'ports_file' do it 'applys cleanly' do pp = <<-EOS + file { '/apache_spec': ensure => directory, } class { 'apache': - ports_file => '/tmp/ports_file', + ports_file => '/apache_spec/ports_file', ip => '10.1.1.1', service_ensure => stopped } @@ -350,7 +354,7 @@ class { 'apache': apply_manifest(pp, :catch_failures => true) end - describe file('/tmp/ports_file') do + describe file('/apache_spec/ports_file') do it { should be_file } it { should contain 'Listen 10.1.1.1' } end diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index 1f5921d596..ca1255745f 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -38,10 +38,11 @@ class { 'apache': } # Using puppet_apply as a helper it 'should work with no errors' do pp = <<-EOS - file { '/tmp/apache_custom': ensure => directory, } + file { '/apache_spec': ensure => directory, } + file { '/apache_spec/apache_custom': ensure => directory, } class { 'apache': - mod_dir => '/tmp/apache_custom/mods', - vhost_dir => '/tmp/apache_custom/vhosts', + mod_dir => '/apache_spec/apache_custom/mods', + vhost_dir => '/apache_spec/apache_custom/vhosts', } EOS diff --git a/spec/acceptance/mod_proxy_html_spec.rb b/spec/acceptance/mod_proxy_html_spec.rb index ddfa66dd91..b34daacbff 100644 --- a/spec/acceptance/mod_proxy_html_spec.rb +++ b/spec/acceptance/mod_proxy_html_spec.rb @@ -11,7 +11,7 @@ end context "default proxy_html config" do - if fact('osfamily') == 'RedHat' + if fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') =~ /(5|6)/ it 'adds epel' do pp = "class { 'epel': }" apply_manifest(pp, :catch_failures => true) diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index 93b3f1f3a2..816327f3c9 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -488,8 +488,9 @@ class { 'apache': } describe file($ports_file) do it { should be_file } - case fact('lsbdistcodename') - when 'saucy', 'trusty' + if fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') == '7' + it { should_not contain 'NameVirtualHost test.server' } + elsif fact('operatingsystem') == 'Ubuntu' and fact('operatingsystemrelease') =~ /(14\.04|13\.10)/ it { should_not contain 'NameVirtualHost test.server' } else it { should contain 'NameVirtualHost test.server' } @@ -1012,7 +1013,7 @@ class { 'apache': } end # So what does this work on? - if default['platform'] !~ /^(debian-(6|7)|el-(5|6))/ + if default['platform'] !~ /^(debian-(6|7)|el-(5|6|7))/ describe 'fastcgi' do it 'applies cleanly' do pp = <<-EOS @@ -1042,10 +1043,11 @@ class { 'apache::mod::fastcgi': } pp = <<-EOS class { 'apache': } host { 'test.server': ip => '127.0.0.1' } - file { '/tmp/include': ensure => present, content => '#additional_includes' } + file { '/apache_spec': ensure => directory, } + file { '/apache_spec/include': ensure => present, content => '#additional_includes' } apache::vhost { 'test.server': - docroot => '/tmp', - additional_includes => '/tmp/include', + docroot => '/apache_spec', + additional_includes => '/apache_spec/include', } EOS apply_manifest(pp, :catch_failures => true) @@ -1053,7 +1055,7 @@ class { 'apache': } describe file("#{$vhost_dir}/25-test.server.conf") do it { should be_file } - it { should contain 'Include "/tmp/include"' } + it { should contain 'Include "/apache_spec/include"' } end end From 8f03f6c873706a70127b3e96532bbb4a5962c019 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Thu, 8 May 2014 18:50:16 -0400 Subject: [PATCH 49/65] SELinux updates. Updates to the tests to make them work when SELinux is in enforcing mode. Also update the documentation with information on what needs to be done if you're using custom paths with SELinux. --- README.md | 33 ++++++++++++++++++++++- spec/acceptance/apache_parameters_spec.rb | 14 ++++++++++ spec/acceptance/class_spec.rb | 14 ++++++++++ spec/acceptance/vhost_spec.rb | 14 ++++++++++ 4 files changed, 74 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 4b317cd50b..2e509cb9d6 100644 --- a/README.md +++ b/README.md @@ -1823,10 +1823,41 @@ The `apache::vhost::WSGIImportScript` parameter creates a statement inside the V ###General -This module is CI tested on Centos 5 & 6, Ubuntu 12.04, Debian 7, and RHEL 5 & 6 platforms against both the OSS and Enterprise version of Puppet. +This module is CI tested on Centos 5 & 6, Ubuntu 12.04 & 14.04, Debian 7, and RHEL 5, 6 & 7 platforms against both the OSS and Enterprise version of Puppet. The module contains support for other distributions and operating systems, such as FreeBSD and Amazon Linux, but is not formally tested on those and regressions may occur. +###SELinux and Custom Paths + +If you are running with SELinux in enforcing mode and want to use custom paths for your `logroot`, `mod_dir`, `vhost_dir`, and `docroot`, you will need to manage the context for the files yourself. + +Something along the lines of: + +```puppet + exec { 'set_apache_defaults': + command => 'semanage fcontext -a -t httpd_sys_content_t "/custom/path(/.*)?"', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + require => Package['policycoreutils-python'], + } + package { 'policycoreutils-python': ensure => installed } + exec { 'restorecon_apache': + command => 'restorecon -Rv /apache_spec', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + before => Service['httpd'], + require => Class['apache'], + } + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + file { '/custom/path': ensure => directory, } + file { '/custom/path/include': ensure => present, content => '#additional_includes' } + apache::vhost { 'test.server': + docroot => '/custom/path', + additional_includes => '/custom/path/include', + } +``` + +You need to set the contexts using `semanage fcontext` not `chcon` because `file {...}` resources will reset the context to the values in the database if the resource isn't specifying the context. + ##Development ###Contributing diff --git a/spec/acceptance/apache_parameters_spec.rb b/spec/acceptance/apache_parameters_spec.rb index 808190dfaa..187d6ffe81 100644 --- a/spec/acceptance/apache_parameters_spec.rb +++ b/spec/acceptance/apache_parameters_spec.rb @@ -329,6 +329,20 @@ class { 'apache': describe 'setup' do it 'applies cleanly' do pp = <<-EOS + if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '7' { + package { 'policycoreutils-python': ensure => installed } + exec { 'set_apache_defaults': + command => 'semanage fcontext -a -t httpd_log_t "/apache_spec(/.*)?"', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + require => Package['policycoreutils-python'], + } + exec { 'restorecon_apache': + command => 'restorecon -Rv /apache_spec', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + before => Service['httpd'], + require => Class['apache'], + } + } file { '/apache_spec': ensure => directory, } class { 'apache': logroot => '/apache_spec' } EOS diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index ca1255745f..c942cf8377 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -38,6 +38,20 @@ class { 'apache': } # Using puppet_apply as a helper it 'should work with no errors' do pp = <<-EOS + if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '7' { + package { 'policycoreutils-python': ensure => installed } + exec { 'set_apache_defaults': + command => 'semanage fcontext -a -t httpd_sys_content_t "/apache_spec(/.*)?"', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + require => Package['policycoreutils-python'], + } + exec { 'restorecon_apache': + command => 'restorecon -Rv /apache_spec', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + before => Service['httpd'], + require => Class['apache'], + } + } file { '/apache_spec': ensure => directory, } file { '/apache_spec/apache_custom': ensure => directory, } class { 'apache': diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index 816327f3c9..3591a07322 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -1041,6 +1041,20 @@ class { 'apache::mod::fastcgi': } describe 'additional_includes' do it 'applies cleanly' do pp = <<-EOS + if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '7' { + exec { 'set_apache_defaults': + command => 'semanage fcontext -a -t httpd_sys_content_t "/apache_spec(/.*)?"', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + require => Package['policycoreutils-python'], + } + package { 'policycoreutils-python': ensure => installed } + exec { 'restorecon_apache': + command => 'restorecon -Rv /apache_spec', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + before => Service['httpd'], + require => Class['apache'], + } + } class { 'apache': } host { 'test.server': ip => '127.0.0.1' } file { '/apache_spec': ensure => directory, } From e7a512e0163d3f198b44402dc3555a665dd4081d Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Fri, 9 May 2014 14:29:19 -0400 Subject: [PATCH 50/65] Fix issues in the travis-ci build. --- spec/classes/mod/php_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/classes/mod/php_spec.rb b/spec/classes/mod/php_spec.rb index 32b2ff0994..e228dd7817 100644 --- a/spec/classes/mod/php_spec.rb +++ b/spec/classes/mod/php_spec.rb @@ -70,7 +70,7 @@ let :params do { :extensions => ['.php','.php5']} end - it { should contain_file("php5.conf").with_content =~ /AddHandler php5-script .php .php5\n/ } + it { should contain_file("php5.conf").with_content(/AddHandler php5-script .php .php5\n/) } end context "with specific version" do let :pre_condition do From fc9e519214398588eed6f32cbf24f94b69d3183b Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Mon, 12 May 2014 14:38:26 -0400 Subject: [PATCH 51/65] Fix failing tests on RHEL5. A couple of missing packages, and the RHEL5 image also had SELinux in enforcing mode. --- spec/acceptance/apache_parameters_spec.rb | 11 ++++++++--- spec/acceptance/class_spec.rb | 11 ++++++++--- spec/acceptance/mod_passenger_spec.rb | 4 ++-- spec/acceptance/mod_proxy_html_spec.rb | 5 ++++- spec/acceptance/vhost_spec.rb | 11 ++++++++--- 5 files changed, 30 insertions(+), 12 deletions(-) diff --git a/spec/acceptance/apache_parameters_spec.rb b/spec/acceptance/apache_parameters_spec.rb index 187d6ffe81..14e5a1b8e3 100644 --- a/spec/acceptance/apache_parameters_spec.rb +++ b/spec/acceptance/apache_parameters_spec.rb @@ -329,12 +329,17 @@ class { 'apache': describe 'setup' do it 'applies cleanly' do pp = <<-EOS - if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '7' { - package { 'policycoreutils-python': ensure => installed } + if $::osfamily == 'RedHat' and $::selinux == 'true' { + $semanage_package = $::operatingsystemmajrelease ? { + '5' => 'policycoreutils', + 'default' => 'policycoreutils-python', + } + + package { $semanage_package: ensure => installed } exec { 'set_apache_defaults': command => 'semanage fcontext -a -t httpd_log_t "/apache_spec(/.*)?"', path => '/bin:/usr/bin/:/sbin:/usr/sbin', - require => Package['policycoreutils-python'], + require => Package[$semanage_package], } exec { 'restorecon_apache': command => 'restorecon -Rv /apache_spec', diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index c942cf8377..830e3ed5b6 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -38,12 +38,17 @@ class { 'apache': } # Using puppet_apply as a helper it 'should work with no errors' do pp = <<-EOS - if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '7' { - package { 'policycoreutils-python': ensure => installed } + if $::osfamily == 'RedHat' and $::selinux == 'true' { + $semanage_package = $::operatingsystemmajrelease ? { + '5' => 'policycoreutils', + 'default' => 'policycoreutils-python', + } + + package { $semanage_package: ensure => installed } exec { 'set_apache_defaults': command => 'semanage fcontext -a -t httpd_sys_content_t "/apache_spec(/.*)?"', path => '/bin:/usr/bin/:/sbin:/usr/sbin', - require => Package['policycoreutils-python'], + require => Package[$semanage_package], } exec { 'restorecon_apache': command => 'restorecon -Rv /apache_spec', diff --git a/spec/acceptance/mod_passenger_spec.rb b/spec/acceptance/mod_passenger_spec.rb index 5b6c6d8570..68622eecbc 100644 --- a/spec/acceptance/mod_passenger_spec.rb +++ b/spec/acceptance/mod_passenger_spec.rb @@ -127,8 +127,8 @@ class { 'apache::mod::passenger': } end when 'RedHat' - # no fedora 18 passenger package yet - unless (fact('operatingsystem') == 'Fedora' and fact('operatingsystemrelease').to_f >= 18) + # no fedora 18 passenger package yet, and rhel5 packages only exist for ruby 1.8.5 + unless (fact('operatingsystem') == 'Fedora' and fact('operatingsystemrelease').to_f >= 18) or (fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') == '5' and fact('rubyversion') != '1.8.5') context "default passenger config" do it 'succeeds in puppeting passenger' do diff --git a/spec/acceptance/mod_proxy_html_spec.rb b/spec/acceptance/mod_proxy_html_spec.rb index b34daacbff..f015f99941 100644 --- a/spec/acceptance/mod_proxy_html_spec.rb +++ b/spec/acceptance/mod_proxy_html_spec.rb @@ -23,7 +23,10 @@ class { 'apache': } class { 'apache::mod::proxy': } class { 'apache::mod::proxy_http': } - class { 'apache::mod::proxy_html': } + # mod_proxy_html doesn't exist in RHEL5 + if $::osfamily == 'RedHat' and $::operatingsystemmajrelease != '5' { + class { 'apache::mod::proxy_html': } + } EOS apply_manifest(pp, :catch_failures => true) end diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index 3591a07322..34778cc049 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -1041,13 +1041,18 @@ class { 'apache::mod::fastcgi': } describe 'additional_includes' do it 'applies cleanly' do pp = <<-EOS - if $::osfamily == 'RedHat' and $::operatingsystemmajrelease == '7' { + if $::osfamily == 'RedHat' and $::selinux == 'true' { exec { 'set_apache_defaults': command => 'semanage fcontext -a -t httpd_sys_content_t "/apache_spec(/.*)?"', path => '/bin:/usr/bin/:/sbin:/usr/sbin', - require => Package['policycoreutils-python'], + require => Package[$semanage_package], } - package { 'policycoreutils-python': ensure => installed } + $semanage_package = $::operatingsystemmajrelease ? { + '5' => 'policycoreutils', + 'default' => 'policycoreutils-python', + } + + package { $semanage_package: ensure => installed } exec { 'restorecon_apache': command => 'restorecon -Rv /apache_spec', path => '/bin:/usr/bin/:/sbin:/usr/sbin', From 8e7ef1550cc8a4f816a0f4d7235df36b48664998 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Mon, 12 May 2014 15:01:44 -0400 Subject: [PATCH 52/65] Fix lib path for Ubuntu 10.04. --- manifests/mod/proxy_html.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/mod/proxy_html.pp b/manifests/mod/proxy_html.pp index a30c328c90..69894f21c3 100644 --- a/manifests/mod/proxy_html.pp +++ b/manifests/mod/proxy_html.pp @@ -14,6 +14,7 @@ } $loadfiles = $::apache::params::distrelease ? { '6' => ['/usr/lib/libxml2.so.2'], + '10' => ['/usr/lib/libxml2.so.2'], default => ["/usr/lib/${gnu_path}-linux-gnu/libxml2.so.2"], } } From 204038e1f8767db504b3ccf07dd54f3f0aa7958b Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Mon, 12 May 2014 16:50:12 -0400 Subject: [PATCH 53/65] Add notes in README about untested functionality for RHEL5 and RHEL7. --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.md b/README.md index 2e509cb9d6..3f5fbfecaa 100644 --- a/README.md +++ b/README.md @@ -1821,6 +1821,14 @@ The Apache module relies heavily on templates to enable the `vhost` and `apache: The `apache::vhost::WSGIImportScript` parameter creates a statement inside the VirtualHost which is unsupported on older versions of Apache, causing this to fail. This will be remedied in a future refactoring. +###RHEL/CentOS 5 + +The `apache::mod::passenger` and `apache::mod::proxy_html` classes are untested since repositories are missing compatible packages. + +###RHEL/CentOS 7 + +The `apache::mod::passenger` class is untested as the repository does not have packages for EL7 yet. The fact that passenger packages aren't available also makes us unable to test the `rack_base_uri` parameter in `apache::vhost`. + ###General This module is CI tested on Centos 5 & 6, Ubuntu 12.04 & 14.04, Debian 7, and RHEL 5, 6 & 7 platforms against both the OSS and Enterprise version of Puppet. From e083e8f306bb3879c92da9050ed9622a9fcbab2c Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Tue, 13 May 2014 16:55:53 -0400 Subject: [PATCH 54/65] Update supported versions in metadata.json --- metadata.json | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/metadata.json b/metadata.json index 26a14ae42a..92663a43c4 100644 --- a/metadata.json +++ b/metadata.json @@ -11,28 +11,35 @@ "operatingsystem": "RedHat", "operatingsystemrelease": [ "5", - "6" + "6", + "7" ] }, { "operatingsystem": "CentOS", "operatingsystemrelease": [ "5", - "6" + "6", + "7" + ] }, { "operatingsystem": "OracleLinux", "operatingsystemrelease": [ "5", - "6" + "6", + "7" + ] }, { "operatingsystem": "Scientific", "operatingsystemrelease": [ "5", - "6" + "6", + "7" + ] }, { @@ -46,7 +53,8 @@ "operatingsystem": "Ubuntu", "operatingsystemrelease": [ "10.04", - "12.04" + "12.04", + "14.04" ] } ], From 2c58046332145c024f7b848f040b6f139be784ba Mon Sep 17 00:00:00 2001 From: Ashley Penney Date: Wed, 14 May 2014 17:39:23 -0400 Subject: [PATCH 55/65] Prepare a 1.1.0 release. --- CHANGELOG.md | 35 +++++++++++++++++++++++++++++++++++ Modulefile | 2 +- metadata.json | 2 +- 3 files changed, 37 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 26e8d75d4d..c77316a488 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,38 @@ +## 2014-04-14 Supported Release 1.1.0 + +###Summary + +This release primarily focuses on extending the httpd 2.4 support, tested +through adding RHEL7 and Ubuntu 14.04 support. It also includes Passenger +4 support, as well as several new modules and important bugfixes. + +####Features + +- Add support for RHEL7 and Ubuntu 14.04 +- More complete apache24 support +- Passenger 4 support +- Add support for max_keepalive_requests and log_formats parameters +- Add mod_pagespeed support +- Add mod_speling support +- Added several parameters for mod_passenger +- Added ssl_cipher parameter to apache::mod::ssl +- Improved examples in documentation +- Added docroot_mode, action, and suexec_user_group parameters to apache::vhost +- Add support for custom extensions for mod_php +- Improve proxy_html support for Debian + +####Bugfixes + +- Remove NameVirtualHost directive for apache >= 2.4 +- Order proxy_set option so it doesn't change between runs +- Fix inverted SSL compression +- Fix missing ensure on concat::fragment resources +- Fix bad dependencies in apache::mod and apache::mod::mime + +####Known Bugs +* By default, the version of Apache that ships with Ubuntu 10.04 does not work with `wsgi_import_script`. +* SLES is unsupported. + ## 2014-03-04 Supported Release 1.0.1 ###Summary diff --git a/Modulefile b/Modulefile index 227947cbba..49a712bcdd 100644 --- a/Modulefile +++ b/Modulefile @@ -1,5 +1,5 @@ name 'puppetlabs-apache' -version '1.0.1' +version '1.1.0' source 'git://github.com/puppetlabs/puppetlabs-apache.git' author 'puppetlabs' license 'Apache 2.0' diff --git a/metadata.json b/metadata.json index 92663a43c4..5fd476b7f1 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "puppetlabs-apache", - "version": "1.0.1", + "version": "1.1.0", "source": "https://github.com/puppetlabs/puppetlabs-apache", "author": "Puppet Labs", "license": "Apache-2.0", From 644cb9694db682880196a7ed10daf00fddb59f6e Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Wed, 21 May 2014 18:20:10 -0400 Subject: [PATCH 56/65] default shouldn't be quoted in the selector. --- spec/acceptance/apache_parameters_spec.rb | 4 ++-- spec/acceptance/class_spec.rb | 4 ++-- spec/acceptance/vhost_spec.rb | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/spec/acceptance/apache_parameters_spec.rb b/spec/acceptance/apache_parameters_spec.rb index 14e5a1b8e3..019ad24deb 100644 --- a/spec/acceptance/apache_parameters_spec.rb +++ b/spec/acceptance/apache_parameters_spec.rb @@ -331,8 +331,8 @@ class { 'apache': pp = <<-EOS if $::osfamily == 'RedHat' and $::selinux == 'true' { $semanage_package = $::operatingsystemmajrelease ? { - '5' => 'policycoreutils', - 'default' => 'policycoreutils-python', + '5' => 'policycoreutils', + default => 'policycoreutils-python', } package { $semanage_package: ensure => installed } diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index 830e3ed5b6..bb41bf8f80 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -40,8 +40,8 @@ class { 'apache': } pp = <<-EOS if $::osfamily == 'RedHat' and $::selinux == 'true' { $semanage_package = $::operatingsystemmajrelease ? { - '5' => 'policycoreutils', - 'default' => 'policycoreutils-python', + '5' => 'policycoreutils', + default => 'policycoreutils-python', } package { $semanage_package: ensure => installed } diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index 34778cc049..7b229d1f5f 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -1048,8 +1048,8 @@ class { 'apache::mod::fastcgi': } require => Package[$semanage_package], } $semanage_package = $::operatingsystemmajrelease ? { - '5' => 'policycoreutils', - 'default' => 'policycoreutils-python', + '5' => 'policycoreutils', + default => 'policycoreutils-python', } package { $semanage_package: ensure => installed } From 731329c8586c8af67203c3757a88af5a332fedfb Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Wed, 21 May 2014 19:23:51 -0400 Subject: [PATCH 57/65] Update PE version requirements. --- metadata.json | 1 + 1 file changed, 1 insertion(+) diff --git a/metadata.json b/metadata.json index 5fd476b7f1..15317ff18e 100644 --- a/metadata.json +++ b/metadata.json @@ -59,6 +59,7 @@ } ], "requirements": [ + { "name": "pe", "version_requirement": ">= 3.2.0 < 3.4.0" }, { "name": "puppet", "version_requirement": "3.x" } ], "dependencies": [] From 6a60fe48b1c8a2a813191cd9670258b559fc3c49 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Thu, 22 May 2014 18:56:04 -0400 Subject: [PATCH 58/65] Resolve test failures on apache. --- spec/acceptance/class_spec.rb | 17 ++++++++++------- spec/acceptance/mod_passenger_spec.rb | 10 +++++----- spec/acceptance/vhost_spec.rb | 9 ++++----- 3 files changed, 19 insertions(+), 17 deletions(-) diff --git a/spec/acceptance/class_spec.rb b/spec/acceptance/class_spec.rb index bb41bf8f80..a2899f6bfb 100644 --- a/spec/acceptance/class_spec.rb +++ b/spec/acceptance/class_spec.rb @@ -46,15 +46,18 @@ class { 'apache': } package { $semanage_package: ensure => installed } exec { 'set_apache_defaults': - command => 'semanage fcontext -a -t httpd_sys_content_t "/apache_spec(/.*)?"', - path => '/bin:/usr/bin/:/sbin:/usr/sbin', - require => Package[$semanage_package], + command => 'semanage fcontext -a -t httpd_sys_content_t "/apache_spec(/.*)?"', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + subscribe => Package[$semanage_package], + refreshonly => true, } exec { 'restorecon_apache': - command => 'restorecon -Rv /apache_spec', - path => '/bin:/usr/bin/:/sbin:/usr/sbin', - before => Service['httpd'], - require => Class['apache'], + command => 'restorecon -Rv /apache_spec', + path => '/bin:/usr/bin/:/sbin:/usr/sbin', + before => Service['httpd'], + require => Class['apache'], + subscribe => Exec['set_apache_defaults'], + refreshonly => true, } } file { '/apache_spec': ensure => directory, } diff --git a/spec/acceptance/mod_passenger_spec.rb b/spec/acceptance/mod_passenger_spec.rb index 68622eecbc..dd65c5d3ed 100644 --- a/spec/acceptance/mod_passenger_spec.rb +++ b/spec/acceptance/mod_passenger_spec.rb @@ -81,7 +81,7 @@ class { 'apache::mod::passenger': } end it 'should output status via passenger-memory-stats' do - shell("sudo /usr/sbin/passenger-memory-stats") do |r| + shell("/usr/sbin/passenger-memory-stats") do |r| r.stdout.should =~ /Apache processes/ r.stdout.should =~ /Nginx processes/ r.stdout.should =~ /Passenger processes/ @@ -97,7 +97,7 @@ class { 'apache::mod::passenger': } unless fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemrelease') == '12.04' it 'should output status via passenger-status' do # xml output not available on ubunutu <= 10.04, so sticking with default pool output - shell("sudo /usr/sbin/passenger-status") do |r| + shell("/usr/sbin/passenger-status") do |r| # spacing may vary r.stdout.should =~ /[\-]+ General information [\-]+/ if fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemrelease') == '14.04' @@ -136,7 +136,7 @@ class { 'apache::mod::passenger': } /* EPEL and passenger repositories */ class { 'epel': } exec { 'passenger.repo GPG key': - command => '/usr/bin/sudo /usr/bin/curl -o /etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc http://passenger.stealthymonkeys.com/RPM-GPG-KEY-stealthymonkeys.asc', + command => '/usr/bin/curl -o /etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc http://passenger.stealthymonkeys.com/RPM-GPG-KEY-stealthymonkeys.asc', creates => '/etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc', } file { 'passenger.repo GPG key': @@ -194,7 +194,7 @@ class { 'apache::mod::passenger': end it 'should output status via passenger-memory-stats' do - shell("sudo /usr/bin/passenger-memory-stats") do |r| + shell("/usr/bin/passenger-memory-stats") do |r| r.stdout.should =~ /Apache processes/ r.stdout.should =~ /Nginx processes/ r.stdout.should =~ /Passenger processes/ @@ -206,7 +206,7 @@ class { 'apache::mod::passenger': end it 'should output status via passenger-status' do - shell("sudo PASSENGER_TMPDIR=/var/run/rubygem-passenger /usr/bin/passenger-status") do |r| + shell("PASSENGER_TMPDIR=/var/run/rubygem-passenger /usr/bin/passenger-status") do |r| # spacing may vary r.stdout.should =~ /[\-]+ General information [\-]+/ r.stdout.should =~ /max[ ]+= [0-9]+/ diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index 7b229d1f5f..c99e7d5246 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -1042,16 +1042,15 @@ class { 'apache::mod::fastcgi': } it 'applies cleanly' do pp = <<-EOS if $::osfamily == 'RedHat' and $::selinux == 'true' { + $semanage_package = $::operatingsystemmajrelease ? { + '5' => 'policycoreutils', + default => 'policycoreutils-python', + } exec { 'set_apache_defaults': command => 'semanage fcontext -a -t httpd_sys_content_t "/apache_spec(/.*)?"', path => '/bin:/usr/bin/:/sbin:/usr/sbin', require => Package[$semanage_package], } - $semanage_package = $::operatingsystemmajrelease ? { - '5' => 'policycoreutils', - default => 'policycoreutils-python', - } - package { $semanage_package: ensure => installed } exec { 'restorecon_apache': command => 'restorecon -Rv /apache_spec', From a3632214e3e793d5199d015054715bf4e706630d Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Tue, 27 May 2014 12:48:45 -0400 Subject: [PATCH 59/65] Let's not hardcode x86_64... --- spec/acceptance/mod_pagespeed_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/acceptance/mod_pagespeed_spec.rb b/spec/acceptance/mod_pagespeed_spec.rb index de59a347c1..2b55627295 100644 --- a/spec/acceptance/mod_pagespeed_spec.rb +++ b/spec/acceptance/mod_pagespeed_spec.rb @@ -33,7 +33,7 @@ class { 'apt': } } } elsif $::osfamily == 'RedHat' { yumrepo { 'mod-pagespeed': - baseurl => 'http://dl.google.com/linux/mod-pagespeed/rpm/stable/x86_64', + baseurl => "http://dl.google.com/linux/mod-pagespeed/rpm/stable/$::architecture", enabled => 1, gpgcheck => 1, gpgkey => 'https://dl-ssl.google.com/linux/linux_signing_key.pub', From a4f8c39509e4ef4b078d9f2ad4ca5277e2fc4922 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Thu, 29 May 2014 12:36:15 -0400 Subject: [PATCH 60/65] Only run mod_mime test on supported platforms. --- spec/acceptance/mod_mime_spec.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spec/acceptance/mod_mime_spec.rb b/spec/acceptance/mod_mime_spec.rb index 71a7037a62..04b7dacc3e 100644 --- a/spec/acceptance/mod_mime_spec.rb +++ b/spec/acceptance/mod_mime_spec.rb @@ -1,6 +1,6 @@ require 'spec_helper_acceptance' -describe 'apache::mod::mime class' do +describe 'apache::mod::mime class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do case fact('osfamily') when 'Debian' mod_dir = '/etc/apache2/mods-available' From 22e660dca231526e4c9ff8c28f25c41119a6c4f7 Mon Sep 17 00:00:00 2001 From: Hunter Haugen Date: Fri, 30 May 2014 15:56:37 -0700 Subject: [PATCH 61/65] Fix passenger repo on Scientific linux Because passenger is lame and only provides repos for `$releasever` of 6, 6Server, and 6.0 through 6.3, but Scientific linux has a `$releasever` of `6.5` (rhel6 has `6Sverver`) --- spec/acceptance/mod_passenger_spec.rb | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/spec/acceptance/mod_passenger_spec.rb b/spec/acceptance/mod_passenger_spec.rb index dd65c5d3ed..085904975c 100644 --- a/spec/acceptance/mod_passenger_spec.rb +++ b/spec/acceptance/mod_passenger_spec.rb @@ -151,9 +151,13 @@ class { 'epel': } File['passenger.repo GPG key'], ] } + $releasever_string = $operatingsystem ? { + 'Scientific' => '6', + default => '$releasever', + } yumrepo { 'passenger': - baseurl => 'http://passenger.stealthymonkeys.com/rhel/$releasever/$basearch' , - descr => 'Red Hat Enterprise $releasever - Phusion Passenger', + baseurl => "http://passenger.stealthymonkeys.com/rhel/${releasever_string}/\\$basearch" , + descr => "Red Hat Enterprise ${releasever_string} - Phusion Passenger", enabled => 1, gpgcheck => 1, gpgkey => 'http://passenger.stealthymonkeys.com/RPM-GPG-KEY-stealthymonkeys.asc', From aa012cf397e5bc54c1fab6bb1755f826c7673e1f Mon Sep 17 00:00:00 2001 From: Ashley Penney Date: Mon, 9 Jun 2014 11:28:15 -0400 Subject: [PATCH 62/65] Pin rspec to 2.x. --- Gemfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Gemfile b/Gemfile index 0ad4ddffca..ae7ff8c56b 100644 --- a/Gemfile +++ b/Gemfile @@ -2,6 +2,7 @@ source ENV['GEM_SOURCE'] || "https://rubygems.org" group :development, :test do gem 'rake', '10.1.1', :require => false + gem 'rspec', '~> 2.11', :require => false gem 'rspec-puppet', '>=1.0.0', :require => false gem 'puppetlabs_spec_helper', :require => false gem 'serverspec', :require => false From 0925fc2991841c1d59bfcdc820eef2b9dcb4e830 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Mon, 9 Jun 2014 13:12:37 -0400 Subject: [PATCH 63/65] Delete gentoo a2mod tests. The tests are broken and we don't support gentoo, so deleting. --- spec/unit/provider/a2mod/gentoo_spec.rb | 184 ------------------------ 1 file changed, 184 deletions(-) delete mode 100644 spec/unit/provider/a2mod/gentoo_spec.rb diff --git a/spec/unit/provider/a2mod/gentoo_spec.rb b/spec/unit/provider/a2mod/gentoo_spec.rb deleted file mode 100644 index ddb9dddda4..0000000000 --- a/spec/unit/provider/a2mod/gentoo_spec.rb +++ /dev/null @@ -1,184 +0,0 @@ -#!/usr/bin/env rspec - -require 'spec_helper' - -provider_class = Puppet::Type.type(:a2mod).provider(:gentoo) - -describe provider_class do - before :each do - provider_class.clear - end - - [:conf_file, :instances, :modules, :initvars, :conf_file, :clear].each do |method| - it "should respond to the class method #{method}" do - provider_class.should respond_to(method) - end - end - - describe "when fetching modules" do - before do - @filetype = mock() - end - - it "should return a sorted array of the defined parameters" do - @filetype.expects(:read).returns(%Q{APACHE2_OPTS="-D FOO -D BAR -D BAZ"\n}) - provider_class.expects(:filetype).returns(@filetype) - - provider_class.modules.should == %w{bar baz foo} - end - - it "should cache the module list" do - @filetype.expects(:read).once.returns(%Q{APACHE2_OPTS="-D FOO -D BAR -D BAZ"\n}) - provider_class.expects(:filetype).once.returns(@filetype) - - 2.times { provider_class.modules.should == %w{bar baz foo} } - end - - it "should normalize parameters" do - @filetype.expects(:read).returns(%Q{APACHE2_OPTS="-D FOO -D BAR -D BAR"\n}) - provider_class.expects(:filetype).returns(@filetype) - - provider_class.modules.should == %w{bar foo} - end - end - - describe "when prefetching" do - it "should match providers to resources" do - provider = mock("ssl_provider", :name => "ssl") - resource = mock("ssl_resource") - resource.expects(:provider=).with(provider) - - provider_class.expects(:instances).returns([provider]) - provider_class.prefetch("ssl" => resource) - end - end - - describe "when flushing" do - before :each do - @filetype = mock() - @filetype.stubs(:backup) - provider_class.expects(:filetype).at_least_once.returns(@filetype) - - @info = mock() - @info.stubs(:[]).with(:name).returns("info") - @info.stubs(:provider=) - - @mpm = mock() - @mpm.stubs(:[]).with(:name).returns("mpm") - @mpm.stubs(:provider=) - - @ssl = mock() - @ssl.stubs(:[]).with(:name).returns("ssl") - @ssl.stubs(:provider=) - end - - it "should add modules whose ensure is present" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) - @filetype.expects(:write).with(%Q{APACHE2_OPTS="-D INFO"}) - - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - - provider_class.flush - end - - it "should remove modules whose ensure is present" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-D INFO"}) - @filetype.expects(:write).with(%Q{APACHE2_OPTS=""}) - - @info.stubs(:should).with(:ensure).returns(:absent) - @info.stubs(:provider=) - provider_class.prefetch("info" => @info) - - provider_class.flush - end - - it "should not modify providers without resources" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-D INFO -D MPM"}) - @filetype.expects(:write).with(%Q{APACHE2_OPTS="-D MPM -D SSL"}) - - @info.stubs(:should).with(:ensure).returns(:absent) - provider_class.prefetch("info" => @info) - - @ssl.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("ssl" => @ssl) - - provider_class.flush - end - - it "should write the modules in sorted order" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) - @filetype.expects(:write).with(%Q{APACHE2_OPTS="-D INFO -D MPM -D SSL"}) - - @mpm.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("mpm" => @mpm) - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - @ssl.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("ssl" => @ssl) - - provider_class.flush - end - - it "should write the records back once" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) - @filetype.expects(:write).once.with(%Q{APACHE2_OPTS="-D INFO -D SSL"}) - - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - - @ssl.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("ssl" => @ssl) - - provider_class.flush - end - - it "should only modify the line containing APACHE2_OPTS" do - @filetype.expects(:read).at_least_once.returns(%Q{# Comment\nAPACHE2_OPTS=""\n# Another comment}) - @filetype.expects(:write).once.with(%Q{# Comment\nAPACHE2_OPTS="-D INFO"\n# Another comment}) - - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - provider_class.flush - end - - it "should restore any arbitrary arguments" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-Y -D MPM -X"}) - @filetype.expects(:write).once.with(%Q{APACHE2_OPTS="-Y -X -D INFO -D MPM"}) - - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - provider_class.flush - end - - it "should backup the file once if changes were made" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS=""}) - @filetype.expects(:write).once.with(%Q{APACHE2_OPTS="-D INFO -D SSL"}) - - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - - @ssl.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("ssl" => @ssl) - - @filetype.unstub(:backup) - @filetype.expects(:backup) - provider_class.flush - end - - it "should not write the file or run backups if no changes were made" do - @filetype.expects(:read).at_least_once.returns(%Q{APACHE2_OPTS="-X -D INFO -D SSL -Y"}) - @filetype.expects(:write).never - - @info.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("info" => @info) - - @ssl.stubs(:should).with(:ensure).returns(:present) - provider_class.prefetch("ssl" => @ssl) - - @filetype.unstub(:backup) - @filetype.expects(:backup).never - provider_class.flush - end - end -end From a306c0c77f39c55661bf0f8048845f3b5c64e322 Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Wed, 11 Jun 2014 14:22:28 -0400 Subject: [PATCH 64/65] Add test case for graceful failure on OSX. --- spec/classes/apache_spec.rb | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/spec/classes/apache_spec.rb b/spec/classes/apache_spec.rb index 6e0b705333..429ab805b0 100644 --- a/spec/classes/apache_spec.rb +++ b/spec/classes/apache_spec.rb @@ -540,4 +540,18 @@ it { should contain_apache__vhost('default-ssl').with_ensure('present') } end end + context 'with unsupported osfamily' do + let :facts do + { :osfamily => 'Darwin', + :operatingsystemrelease => '13.1.0', + :concat_basedir => '/dne', + } + end + + it do + expect { + should compile + }.to raise_error(Puppet::Error, /Unsupported osfamily/) + end + end end From b62bb06ae59933f2552e8e231db1829fb778e8cb Mon Sep 17 00:00:00 2001 From: Morgan Haskel Date: Tue, 8 Jul 2014 15:36:17 -0400 Subject: [PATCH 65/65] Mark tests depending on passenger as pending on RHEL7. --- spec/acceptance/mod_passenger_spec.rb | 176 +++++++++++++------------- spec/acceptance/vhost_spec.rb | 44 ++++--- 2 files changed, 113 insertions(+), 107 deletions(-) diff --git a/spec/acceptance/mod_passenger_spec.rb b/spec/acceptance/mod_passenger_spec.rb index 085904975c..a51fc9cd51 100644 --- a/spec/acceptance/mod_passenger_spec.rb +++ b/spec/acceptance/mod_passenger_spec.rb @@ -130,108 +130,110 @@ class { 'apache::mod::passenger': } # no fedora 18 passenger package yet, and rhel5 packages only exist for ruby 1.8.5 unless (fact('operatingsystem') == 'Fedora' and fact('operatingsystemrelease').to_f >= 18) or (fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') == '5' and fact('rubyversion') != '1.8.5') - context "default passenger config" do - it 'succeeds in puppeting passenger' do - pp = <<-EOS - /* EPEL and passenger repositories */ - class { 'epel': } - exec { 'passenger.repo GPG key': - command => '/usr/bin/curl -o /etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc http://passenger.stealthymonkeys.com/RPM-GPG-KEY-stealthymonkeys.asc', - creates => '/etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc', - } - file { 'passenger.repo GPG key': - ensure => file, - path => '/etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc', - require => Exec['passenger.repo GPG key'], - } - epel::rpm_gpg_key { 'passenger.stealthymonkeys.com': - path => '/etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc', - require => [ - Class['epel'], - File['passenger.repo GPG key'], - ] - } - $releasever_string = $operatingsystem ? { - 'Scientific' => '6', - default => '$releasever', - } - yumrepo { 'passenger': - baseurl => "http://passenger.stealthymonkeys.com/rhel/${releasever_string}/\\$basearch" , - descr => "Red Hat Enterprise ${releasever_string} - Phusion Passenger", - enabled => 1, - gpgcheck => 1, - gpgkey => 'http://passenger.stealthymonkeys.com/RPM-GPG-KEY-stealthymonkeys.asc', - mirrorlist => 'http://passenger.stealthymonkeys.com/rhel/mirrors', - require => [ - Epel::Rpm_gpg_key['passenger.stealthymonkeys.com'], - ], - } - /* apache and mod_passenger */ - class { 'apache': + if fact('operatingsystem') == 'RedHat' and fact('operatingsystemmajrelease') == '7' + pending('test passenger - RHEL7 packages don\'t exist') + else + context "default passenger config" do + it 'succeeds in puppeting passenger' do + pp = <<-EOS + /* EPEL and passenger repositories */ + class { 'epel': } + exec { 'passenger.repo GPG key': + command => '/usr/bin/curl -o /etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc http://passenger.stealthymonkeys.com/RPM-GPG-KEY-stealthymonkeys.asc', + creates => '/etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc', + } + file { 'passenger.repo GPG key': + ensure => file, + path => '/etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc', + require => Exec['passenger.repo GPG key'], + } + epel::rpm_gpg_key { 'passenger.stealthymonkeys.com': + path => '/etc/yum.repos.d/RPM-GPG-KEY-stealthymonkeys.asc', require => [ Class['epel'], - ], - } - class { 'apache::mod::passenger': - require => [ - Yumrepo['passenger'] - ], - } - #{pp_rackapp} - EOS - apply_manifest(pp, :catch_failures => true) - end + File['passenger.repo GPG key'], + ] + } + $releasever_string = $operatingsystem ? { + 'Scientific' => '6', + default => '$releasever', + } + yumrepo { 'passenger': + baseurl => "http://passenger.stealthymonkeys.com/rhel/${releasever_string}/\\$basearch" , + descr => "Red Hat Enterprise ${releasever_string} - Phusion Passenger", + enabled => 1, + gpgcheck => 1, + gpgkey => 'http://passenger.stealthymonkeys.com/RPM-GPG-KEY-stealthymonkeys.asc', + mirrorlist => 'http://passenger.stealthymonkeys.com/rhel/mirrors', + require => [ + Epel::Rpm_gpg_key['passenger.stealthymonkeys.com'], + ], + } + /* apache and mod_passenger */ + class { 'apache': + require => [ + Class['epel'], + ], + } + class { 'apache::mod::passenger': + require => [ + Yumrepo['passenger'] + ], + } + #{pp_rackapp} + EOS + apply_manifest(pp, :catch_failures => true) + end - describe service(service_name) do - it { should be_enabled } - it { should be_running } - end + describe service(service_name) do + it { should be_enabled } + it { should be_running } + end - describe file(conf_file) do - it { should contain "PassengerRoot #{passenger_root}" } - it { should contain "PassengerRuby #{passenger_ruby}" } - it { should contain "PassengerTempDir #{passenger_tempdir}" } - end + describe file(conf_file) do + it { should contain "PassengerRoot #{passenger_root}" } + it { should contain "PassengerRuby #{passenger_ruby}" } + it { should contain "PassengerTempDir #{passenger_tempdir}" } + end - describe file(load_file) do - it { should contain "LoadModule passenger_module #{passenger_module_path}" } - end + describe file(load_file) do + it { should contain "LoadModule passenger_module #{passenger_module_path}" } + end - it 'should output status via passenger-memory-stats' do - shell("/usr/bin/passenger-memory-stats") do |r| - r.stdout.should =~ /Apache processes/ - r.stdout.should =~ /Nginx processes/ - r.stdout.should =~ /Passenger processes/ - r.stdout.should =~ /### Processes: [0-9]+/ - r.stdout.should =~ /### Total private dirty RSS: [0-9\.]+ MB/ + it 'should output status via passenger-memory-stats' do + shell("/usr/bin/passenger-memory-stats") do |r| + r.stdout.should =~ /Apache processes/ + r.stdout.should =~ /Nginx processes/ + r.stdout.should =~ /Passenger processes/ + r.stdout.should =~ /### Processes: [0-9]+/ + r.stdout.should =~ /### Total private dirty RSS: [0-9\.]+ MB/ - r.exit_code.should == 0 + r.exit_code.should == 0 + end end - end - it 'should output status via passenger-status' do - shell("PASSENGER_TMPDIR=/var/run/rubygem-passenger /usr/bin/passenger-status") do |r| - # spacing may vary - r.stdout.should =~ /[\-]+ General information [\-]+/ - r.stdout.should =~ /max[ ]+= [0-9]+/ - r.stdout.should =~ /count[ ]+= [0-9]+/ - r.stdout.should =~ /active[ ]+= [0-9]+/ - r.stdout.should =~ /inactive[ ]+= [0-9]+/ - r.stdout.should =~ /Waiting on global queue: [0-9]+/ + it 'should output status via passenger-status' do + shell("PASSENGER_TMPDIR=/var/run/rubygem-passenger /usr/bin/passenger-status") do |r| + # spacing may vary + r.stdout.should =~ /[\-]+ General information [\-]+/ + r.stdout.should =~ /max[ ]+= [0-9]+/ + r.stdout.should =~ /count[ ]+= [0-9]+/ + r.stdout.should =~ /active[ ]+= [0-9]+/ + r.stdout.should =~ /inactive[ ]+= [0-9]+/ + r.stdout.should =~ /Waiting on global queue: [0-9]+/ - r.exit_code.should == 0 + r.exit_code.should == 0 + end end - end - it 'should answer to passenger.example.com' do - shell("/usr/bin/curl passenger.example.com:80") do |r| - r.stdout.should =~ /^hello world<\/b>$/ - r.exit_code.should == 0 + it 'should answer to passenger.example.com' do + shell("/usr/bin/curl passenger.example.com:80") do |r| + r.stdout.should =~ /^hello world<\/b>$/ + r.exit_code.should == 0 + end end end end - end - end end diff --git a/spec/acceptance/vhost_spec.rb b/spec/acceptance/vhost_spec.rb index c99e7d5246..63309da521 100644 --- a/spec/acceptance/vhost_spec.rb +++ b/spec/acceptance/vhost_spec.rb @@ -814,29 +814,33 @@ class { 'apache': } # Passenger isn't even in EPEL on el-5 if default['platform'] !~ /^el-5/ - describe 'rack_base_uris' do - if fact('osfamily') == 'RedHat' - it 'adds epel' do - pp = "class { 'epel': }" - apply_manifest(pp, :catch_failures => true) + if fact('osfamily') == 'RedHat' and fact('operatingsystemmajrelease') == '7' + pending('Since we don\'t have passenger on RHEL7 rack_base_uris tests will fail') + else + describe 'rack_base_uris' do + if fact('osfamily') == 'RedHat' + it 'adds epel' do + pp = "class { 'epel': }" + apply_manifest(pp, :catch_failures => true) + end end - end - it 'applies cleanly' do - pp = <<-EOS - class { 'apache': } - host { 'test.server': ip => '127.0.0.1' } - apache::vhost { 'test.server': - docroot => '/tmp', - rack_base_uris => ['/test'], - } - EOS - apply_manifest(pp, :catch_failures => true) - end + it 'applies cleanly' do + pp = <<-EOS + class { 'apache': } + host { 'test.server': ip => '127.0.0.1' } + apache::vhost { 'test.server': + docroot => '/tmp', + rack_base_uris => ['/test'], + } + EOS + apply_manifest(pp, :catch_failures => true) + end - describe file("#{$vhost_dir}/25-test.server.conf") do - it { should be_file } - it { should contain 'RackBaseURI /test' } + describe file("#{$vhost_dir}/25-test.server.conf") do + it { should be_file } + it { should contain 'RackBaseURI /test' } + end end end end