Refactor puppetlabs-apache

lib/puppet/provider/a2mod/modfix.rb

@@ -0,0 +1,12 @@
+Puppet::Type.type(:a2mod).provide :modfix do
+    desc "Dummy provider for A2mod.
+
+    Fake nil resources when there is no crontab binary available. Allows
+    puppetd to run on a bootstrapped machine before a Cron package has been
+    installed. Workaround for: http://projects.puppetlabs.com/issues/2384
+    "
+
+    def self.instances
+        []
+    end
+end

manifests/init.pp

@@ -16,22 +16,27 @@
   include apache::params
   package { 'httpd': 
     name   => $apache::params::apache_name,
-    ensure => present,
+    ensure => installed,
   }
   service { 'httpd':
     name      => $apache::params::apache_name,
     ensure    => running,
     enable    => true,
     subscribe => Package['httpd'],
   }
-  #
+
   # May want to purge all none realize modules using the resources resource type.
   #
   A2mod { require => Package['httpd'], notify => Service['httpd']}
-  @a2mod {
-   'rewrite' : ensure => present;
-   'headers' : ensure => present;
-   'expires' : ensure => present;
+  case $operatingsystem {
+    'debian','ubuntu': {
+      @a2mod {
+       'rewrite' : ensure => present;
+       'headers' : ensure => present;
+       'expires' : ensure => present;
+      }
+    }
+    default: { }
   }
 
 

manifests/mod/python.pp

@@ -0,0 +1,17 @@
+class apache::mod::python {
+  include apache
+
+  package { "python":
+    name => $operatingsystem ? {
+      centos  => "mod_python",
+      default => "libapache2-mod-python",
+    },
+    ensure  => installed,
+    require => Package["httpd"];
+  }
+
+  a2mod { "python": ensure => present; }
+
+}
+
+

manifests/mod/wsgi.pp

@@ -0,0 +1,16 @@
+class apache::mod::wsgi {
+  include apache
+
+  package { "wsgi":
+    name => $operatingsystem ? {
+      centos  => "mod_wsgi",
+      default => "libapache2-mod-wsgi",
+    },
+    ensure  => installed,
+    require => Package["httpd"];
+  }
+
+  a2mod { "wsgi": ensure => present; }
+
+}
+

manifests/params.pp

@@ -18,9 +18,18 @@
 #
 class apache::params {
 
-  $user  = 'www-data'
-  $group = 'www-data'
-
+  $user          = 'www-data'
+  $group         = 'www-data'
+  $ssl           = 'true'
+  $template      = 'apache/vhost-default.conf.erb'
+  $priority      = '25'
+  $servername    = ''
+  $serveraliases = ''
+  $auth          = false
+  $redirect_ssl  = false
+  $options       = 'Indexes FollowSymLinks MultiViews'
+  $vhost_name    = '*'
+
   case $operatingsystem {
     'centos', 'redhat', 'fedora': {
        $apache_name = 'httpd'
@@ -32,7 +41,6 @@
     'ubuntu', 'debian': {
        $apache_name = 'apache2'
        $php_package = 'libapache2-mod-php5'
-       $python_package = 'libapache2-mod-python'
        $ssl_package = 'apache-ssl'
        $apache_dev  = [ 'libaprutil1-dev', 'libapr1-dev', 'apache2-prefork-dev' ]
        $vdir = '/etc/apache2/sites-enabled/'

manifests/vhost.pp

@@ -9,6 +9,8 @@
 # - The $template option specifies whether to use the default template or override
 # - The $priority of the site
 # - The $serveraliases of the site
+# - The $options for the given vhost
+# - The $vhost_name for name based virtualhosting, defaulting to *
 #
 # Actions:
 # - Install Apache Virtual Hosts
@@ -23,16 +25,59 @@
 #    docroot => '/path/to/docroot',
 #  }
 #
-define apache::vhost( $port, $docroot, $ssl=true, $template='apache/vhost-default.conf.erb', $priority, $serveraliases = '' ) {
+define apache::vhost(
+    $port,
+    $docroot,
+    $ssl           = $apache::params::ssl,
+    $template      = $apache::params::template,
+    $priority      = $apache::params::priority,
+    $servername    = $apache::params::servername,
+    $serveraliases = $apache::params::serveraliases,
+    $auth          = $apache::params::auth,
+    $redirect_ssl  = $apache::params::redirect_ssl,
+    $options       = $apache::params::options,
+    $vhost_name    = $apache::params::vhost_name
+  ) {
 
   include apache
 
-  file {"${apache::params::vdir}/${priority}-${name}":
-    content => template($template),
-    owner => 'root',
-    group => 'root',
-    mode => '777',
-    require => Package['httpd'],
-    notify => Service['httpd'],
+  if $servername == '' {
+    $srvname = $name
+  } else {
+    $srvname = $servername
+  }
+
+  if $ssl == true {
+    include apache::ssl
+  }
+
+  # Since the template will use auth, redirect to https requires mod_rewrite
+  if $redirect_ssl == true {
+    case $operatingsystem {
+      'debian','ubuntu': {
+        A2mod <| title == 'rewrite' |>
+      }
+      default: { }
+    }
+  }
+
+  file {
+    "${apache::params::vdir}/${priority}-${name}.conf":
+      content => template($template),
+      owner   => 'root',
+      group   => 'root',
+      mode    => '755',
+      require => Package['httpd'],
+      notify  => Service['httpd'],
+  }
+
+  if ! defined(Firewall["0100-INPUT ACCEPT $port"]) {
+    @firewall {
+      "0100-INPUT ACCEPT $port":
+        jump  => 'ACCEPT',
+        dport => "$port",
+        proto => 'tcp'
+    }
   }
 }
+

manifests/vhost/proxy.pp

@@ -0,0 +1,50 @@
+# Define: apache::vhost::proxy
+#
+# Configures an apache vhost that will only proxy requests
+#
+# Parameters:
+# * $port: 
+#     The port on which the vhost will respond
+# * $dest: 
+#     URI that the requests will be proxied for
+# - $priority
+# - $template -- the template to use for the vhost
+# - $vhost_name - the name to use for the vhost, defaults to '*'
+#
+# Actions:
+# * Install Apache Virtual Host
+#
+# Requires:
+#
+# Sample Usage:
+#
+define apache::vhost::proxy (
+    $port,
+    $dest,
+    $priority      = '10',
+    $template      = "apache/vhost-proxy.conf.erb",
+    $servername    = '',
+    $serveraliases = '',
+    $ssl           = false,
+    $vhost_name    = '*'
+  ) {
+
+  include apache
+
+  $srvname = $name
+
+  if $ssl == true {
+    include apache::ssl
+  }
+
+  file {"${apache::params::vdir}/${priority}-${name}":
+    content => template($template),
+    owner   => 'root',
+    group   => 'root',
+    mode    => '755',
+    require => Package['httpd'],
+    notify  => Service['httpd'],
+  }
+
+
+}

manifests/vhost/redirect.pp

@@ -0,0 +1,50 @@
+# Define: apache::vhost::redirect
+#
+# This class will create a vhost that does nothing more than redirect to a given location
+#
+# Parameters:
+#   $port:
+#       Which port to list on
+#   $dest:
+#       Where to redirect to
+# - $vhost_name
+#
+# Actions:
+#   Installs apache and creates a vhost
+#
+# Requires:
+#
+# Sample Usage:
+#
+define apache::vhost::redirect (
+    $port,
+    $dest,
+    $priority      = '10',
+    $serveraliases = '',
+    $template      = "apache/vhost-redirect.conf.erb",
+    $vhost_name    = '*'
+  ) {
+
+  include apache
+
+  $srvname = $name
+
+  file {"${apache::params::vdir}/${priority}-${name}":
+    content => template($template),
+    owner   => 'root',
+    group   => 'root',
+    mode    => '755',
+    require => Package['httpd'],
+    notify  => Service['httpd'],
+  }
+
+  if ! defined(Firewall["0100-INPUT ACCEPT $port"]) {
+    @firewall {
+      "0100-INPUT ACCEPT $port":
+        jump  => 'ACCEPT',
+        dport => "$port",
+        proto => 'tcp'
+    }
+  }
+}
+

templates/vhost-default.conf.erb

@@ -3,23 +3,24 @@
 # Managed by Puppet
 # ************************************
 
-NameVirtualHost *:<%= port %>
-<VirtualHost *:<%= port %>>
-  ServerName <%= name %>
-<%if serveraliases.is_a? Array -%>
+NameVirtualHost <%= vhost_name %>:<%= port %>
+<VirtualHost <%= vhost_name %>:<%= port %>>
+  ServerName <%= srvname %>
+<% if serveraliases.is_a? Array -%>
 <% serveraliases.each do |name| -%><%= "  ServerAlias #{name}\n" %><% end -%>
 <% elsif serveraliases != '' -%>
 <%= "  ServerAlias #{serveraliases}" -%>
 <% end -%>
   DocumentRoot <%= docroot %>
   <Directory <%= docroot %>>
-    Options Indexes FollowSymLinks MultiViews
+    Options <%= options %>
     AllowOverride None
     Order allow,deny
     allow from all
   </Directory>
   ErrorLog /var/log/apache2/<%= name %>_error.log
   LogLevel warn
   CustomLog /var/log/apache2/<%= name %>_access.log combined
-  ServerSignature On
+  ServerSignature Off
 </VirtualHost>
+

templates/vhost-proxy.conf.erb

@@ -0,0 +1,28 @@
+NameVirtualHost <%= vhost_name %>:<%= port %>
+<VirtualHost <%= vhost_name %>:<%= port %>>
+  <% if ssl == true %>
+  SSLEngine on
+  SSLCertificateFile <%= ssl_path %>/certs/pl.cert
+  SSLCertificateKeyFile <%= ssl_path %>/private/pl.key
+  <% end %>
+  ServerName <%= srvname %>
+<% if serveraliases.is_a? Array %>
+<% serveraliases.each do |name| %><%= "  ServerAlias #{name}\n" %><% end %>
+<% elsif serveraliases != '' %>
+<%= "  ServerAlias #{serveraliases}" %>
+<% end %>
+   ProxyRequests Off
+   <Proxy *>
+     Order deny,allow
+     Allow from all
+   </Proxy>
+   ProxyPass        / <%= dest %>/
+   ProxyPassReverse / <%= dest %>/
+   ProxyPreserveHost On 
+
+   ErrorLog /var/log/apache2/<%= name %>_error.log
+   LogLevel warn
+   CustomLog /var/log/apache2/<%= name %>_access.log combined
+
+</VirtualHost>
+

templates/vhost-redirect.conf.erb

@@ -0,0 +1,11 @@
+NameVirtualHost <%= vhost_name %>:<%= port %>
+<VirtualHost <%= vhost_name %>:<%= port %>>
+  ServerName <%= srvname %>
+<% if serveraliases.is_a? Array %>
+<% serveraliases.each do |name| %><%= "  ServerAlias #{name}\n" %><% end %>
+<% elsif serveraliases != '' %>
+<%= "  ServerAlias #{serveraliases}" %>
+<% end %>
+  Redirect / <%= dest %>/
+</VirtualHost>
+