Moving site and module definitions to different files

author: Silvio Rhatto <rhatto@riseup.net> 2013-01-18 18:23:51 -0200
committer: Silvio Rhatto <rhatto@riseup.net> 2013-01-18 18:23:51 -0200
commit: 35690aec253a16ca0c48f4fb249ce940dc5f48e0 (patch)
tree: 31e7b7ecb45e2dbc11f518ab0f1fbfe894895e1f /manifests
parent: 0785451f5599f0c6dad60908a5773742f3188f05 (diff)
download: puppet-apache-35690aec253a16ca0c48f4fb249ce940dc5f48e0.tar.gz
puppet-apache-35690aec253a16ca0c48f4fb249ce940dc5f48e0.tar.bz2
3 files changed, 218 insertions, 220 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
index 5e0aae1..d6428c0 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -182,226 +182,6 @@ class apache {
     notify  => Service["apache"],
   }
 
-  define site($ensure = present, $docroot = false, $redirect = false,
-              $redirect_match = false, $protocol = 'http', $aliases = false,
-              $server_alias = false, $use = false, $ticket = false,
-              $source = false, $template = 'apache/site.erb', $filename = '',
-              $manage_docroot = true, $owner = 'root', $group = 'root',
-              $mpm = true, $mpm_user = '', $mpm_group = '', $password = '*',
-              $comment = '', $sshkey = absent,
-              $groups = '', $shell = '/bin/false', $manage_user = true,
-              $ssl = false, $listen = '*', $https_redirect = false,
-              $canonical = false, $canonical_exceptions = '', $hidden_service = false) {
-
-    $vhost = $filename ? {
-      ''      => "$title",
-      default => "$filename",
-    }
-
-    $hosting_domain = $base_domain ? {
-      ''      => $domain,
-      default => $base_domain,
-    }
-
-    $user = $mpm_user ? {
-      ''      => regsubst($title, '\.', '_', 'G'),
-      default => $mpm_user,
-    }
-
-    $gid = $mpm_group? {
-      ''      => regsubst($title, '\.', '_', 'G'),
-      default => $mpm_group,
-    }
-
-    if $hidden_service == true {
-      # Make sure that the tor daemon is included
-      include tor::daemon
-
-      # It's important to use a subdir from the tor datadir
-      # to ease backup/restore procedures as we don't mix
-      # hidden service data with other tor files.
-      if !defined(File["$tor::daemon::data_dir/hidden"]) {
-        file { "$tor::daemon::data_dir/hidden":
-          ensure => directory, 
-          owner  => 'debian-tor',
-          group  => 'debian-tor',
-          mode   => 0700,
-        }
-      }
-
-      tor::daemon::hidden_service { $title:
-        ports    => "80 127.0.0.1:80",
-        data_dir => "$tor::daemon::data_dir/hidden",
-        require  => File["$tor::daemon::data_dir/hidden"],
-        ensure   => $ensure,
-      }
-    }
-
-    if $mpm == true and $manage_user == true and $user != 'root' {
-      if $ensure == present {
-        if !defined(Group[$gid]) {
-          group { "$gid":
-            ensure => present,
-          }
-        }
-  
-        if !defined(User["$user"]) {
-          user::manage { "$user":
-            tag      => "virtual",
-            password => $password,
-            gid      => $gid,
-            comment  => $comment,
-            ticket   => $ticket,
-            groups   => $groups,
-            sshkey   => $sshkey,
-            shell    => $shell,
-            ensure   => present,
-            require  => Group[$gid],
-          }
-        }
-      }
-      else {
-        if !defined(User["$user"]) {
-          user::manage { "$user":
-            tag      => "virtual",
-            password => $password,
-            ensure   => absent,
-          }
-        }
-
-        if !defined(Group[$gid]) {
-          group { "$gid":
-            ensure  => absent,
-            require => User[$user],
-          }
-        }
-      }
-    }
-
-    if $ssl == true {
-      ssl::cert { "$name":
-        group    => $gid,
-        privmode => '0640',
-        ensure   => $ensure,
-      }
-    
-      ssl::check { "$name":
-        file   => "/etc/ssl/certs/$name.crt",
-        ensure => $ensure,
-      }
-    }
-
-    case $source {
-      true: {
-               file { "${apache2_sites}-available/$vhost":
-                 ensure  => $ensure,
-                 source  => [ "puppet:///modules/site-apache/vhosts/$domain/$title", 
-                              "puppet:///modules/site-apache/vhosts/$title" ],
-                 owner   => root,
-                 group   => root,
-                 mode    => 0644,
-                 require => File["${apache2_macros}"],
-                 notify  => Service["apache"],
-               }
-             }
-      false: {
-               file { "${apache2_sites}-available/$vhost":
-                 ensure  => $ensure,
-                 content => template("$template"),
-                 owner   => root,
-                 group   => root,
-                 mode    => 0644,
-                 require => File["${apache2_macros}"],
-                 notify  => Service["apache"],
-               }
-             }
-    }
-
-    # Enable the site without a2ensite
-    #
-    #$status = $ensure ? {
-    #  'present' => "${apache2_sites}-available/$vhost",
-    #  default   => 'absent',
-    #}
-    #
-    #file { "/etc/apache2/sites-enabled/$title":
-    #  ensure  => $status,
-    #  owner   => root,
-    #  group   => root,
-    #  require => File["${apache2_sites}-available/$title"],
-    #  notify  => Service["apache"],
-    #}
-
-    case $ensure {
-      'present': {
-        if ($docroot != false) and ($manage_docroot == true) {
-          if !defined(File["${docroot}"]) {
-            file { "${docroot}":
-              ensure  => present,
-              owner   => $owner,
-              group   => $group,
-              mode    => 0755,
-              recurse => false,
-            }
-          }
-          if !defined(Exec["check_docroot_${docroot}"]) {
-            # Ensure parent folder exist
-            exec { "check_docroot_${docroot}":
-              command => "/bin/mkdir -p ${docroot}",
-              unless  => "/bin/sh -c '[ -e ${docroot} ]'",
-              user    => root,
-              before  => File["${docroot}"], 
-            }
-          }
-        }
-        exec { "/usr/sbin/a2ensite $vhost":
-          unless  => "/bin/sh -c '[ -L ${apache2_sites}-enabled/$vhost ] \
-                  && [ ${apache2_sites}-enabled/$vhost -ef ${apache2_sites}-available/$vhost ]'",
-          notify  => Exec["reload-apache2"],
-        }
-      }
-      'absent': {
-        exec { "/usr/sbin/a2dissite $vhost":
-          onlyif  => "/bin/sh -c '[ -L ${apache2_sites}-enabled/$vhost ] \
-                  && [ ${apache2_sites}-enabled/$vhost -ef ${apache2_sites}-available/$vhost ]'",
-          notify  => Exec["reload-apache2"],
-        }
-
-        file { "${apache2_sites}-enabled/$vhost":
-          ensure => absent,
-          notify => Exec["reload-apache2"],
-        }
-      }
-      default: { err ("Unknown ensure value: '$ensure'") }
-    }
-  }
-
-  # Define an apache2 module. Debian packages place the module config
-  # into /etc/apache2/mods-available.
-  #
-  # You can add a custom require (string) if the module depends on 
-  # packages that aren't part of the default apache2 package. Because of 
-  # the package dependencies, apache2 will automagically be included.
-  define module($ensure = 'present') {
-    case $ensure {
-      'present': {
-        exec { "/usr/sbin/a2enmod $name":
-          unless  => "/bin/sh -c '[ -L ${apache2_mods}-enabled/${name}.load ] \
-                  && [ ${apache2_mods}-enabled/${name}.load -ef ${apache2_mods}-available/${name}.load ]'",
-          notify  => Exec["force-reload-apache2"],
-        }
-      }
-      'absent': {
-        exec { "/usr/sbin/a2dismod $name":
-          onlyif  => "/bin/sh -c '[ -L ${apache2_mods}-enabled/${name}.load ] \
-                  && [ ${apache2_mods}-enabled/${name}.load -ef ${apache2_mods}-available/${name}.load ]'",
-          notify  => Exec["force-reload-apache2"],
-        }
-      }
-      default: { err ("Unknown ensure value: '$ensure'") }
-    }
-  }
-
   # Notify this when apache needs a reload. This is only needed when
   # sites are added or removed, since a full restart then would be
   # a waste of time. When the module-config changes, a force-reload is
diff --git a/manifests/module.pp b/manifests/module.pp
new file mode 100644
index 0000000..8a36432
--- /dev/null
+++ b/manifests/module.pp
@@ -0,0 +1,25 @@
+# Define an apache2 module. Debian packages place the module config
+# into /etc/apache2/mods-available.
+#
+# You can add a custom require (string) if the module depends on 
+# packages that aren't part of the default apache2 package. Because of 
+# the package dependencies, apache2 will automagically be included.
+define apache::module($ensure = 'present') {
+  case $ensure {
+    'present': {
+      exec { "/usr/sbin/a2enmod $name":
+        unless  => "/bin/sh -c '[ -L ${apache2_mods}-enabled/${name}.load ] \
+                && [ ${apache2_mods}-enabled/${name}.load -ef ${apache2_mods}-available/${name}.load ]'",
+        notify  => Exec["force-reload-apache2"],
+      }
+    }
+    'absent': {
+      exec { "/usr/sbin/a2dismod $name":
+        onlyif  => "/bin/sh -c '[ -L ${apache2_mods}-enabled/${name}.load ] \
+                && [ ${apache2_mods}-enabled/${name}.load -ef ${apache2_mods}-available/${name}.load ]'",
+        notify  => Exec["force-reload-apache2"],
+      }
+    }
+    default: { err ("Unknown ensure value: '$ensure'") }
+  }
+}
diff --git a/manifests/site.pp b/manifests/site.pp
new file mode 100644
index 0000000..0c68361
--- /dev/null
+++ b/manifests/site.pp
@@ -0,0 +1,193 @@
+define apache::site($ensure = present, $docroot = false, $redirect = false,
+            $redirect_match = false, $protocol = 'http', $aliases = false,
+            $server_alias = false, $use = false, $ticket = false,
+            $source = false, $template = 'apache/site.erb', $filename = '',
+            $manage_docroot = true, $owner = 'root', $group = 'root',
+            $mpm = true, $mpm_user = '', $mpm_group = '', $password = '*',
+            $comment = '', $sshkey = absent,
+            $groups = '', $shell = '/bin/false', $manage_user = true,
+            $ssl = false, $listen = '*', $https_redirect = false,
+            $canonical = false, $canonical_exceptions = '', $hidden_service = false) {
+
+  $vhost = $filename ? {
+    ''      => "$title",
+    default => "$filename",
+  }
+
+  $hosting_domain = $base_domain ? {
+    ''      => $domain,
+    default => $base_domain,
+  }
+
+  $user = $mpm_user ? {
+    ''      => regsubst($title, '\.', '_', 'G'),
+    default => $mpm_user,
+  }
+
+  $gid = $mpm_group? {
+    ''      => regsubst($title, '\.', '_', 'G'),
+    default => $mpm_group,
+  }
+
+  if $hidden_service == true {
+    # Make sure that the tor daemon is included
+    include tor::daemon
+
+    # It's important to use a subdir from the tor datadir
+    # to ease backup/restore procedures as we don't mix
+    # hidden service data with other tor files.
+    if !defined(File["$tor::daemon::data_dir/hidden"]) {
+      file { "$tor::daemon::data_dir/hidden":
+        ensure => directory, 
+        owner  => 'debian-tor',
+        group  => 'debian-tor',
+        mode   => 0700,
+      }
+    }
+
+    tor::daemon::hidden_service { $title:
+      ports    => "80 127.0.0.1:80",
+      data_dir => "$tor::daemon::data_dir/hidden",
+      require  => File["$tor::daemon::data_dir/hidden"],
+      ensure   => $ensure,
+    }
+  }
+
+  if $mpm == true and $manage_user == true and $user != 'root' {
+    if $ensure == present {
+      if !defined(Group[$gid]) {
+        group { "$gid":
+          ensure => present,
+        }
+      }
+
+      if !defined(User["$user"]) {
+        user::manage { "$user":
+          tag      => "virtual",
+          password => $password,
+          gid      => $gid,
+          comment  => $comment,
+          ticket   => $ticket,
+          groups   => $groups,
+          sshkey   => $sshkey,
+          shell    => $shell,
+          ensure   => present,
+          require  => Group[$gid],
+        }
+      }
+    }
+    else {
+      if !defined(User["$user"]) {
+        user::manage { "$user":
+          tag      => "virtual",
+          password => $password,
+          ensure   => absent,
+        }
+      }
+
+      if !defined(Group[$gid]) {
+        group { "$gid":
+          ensure  => absent,
+          require => User[$user],
+        }
+      }
+    }
+  }
+
+  if $ssl == true {
+    ssl::cert { "$name":
+      group    => $gid,
+      privmode => '0640',
+      ensure   => $ensure,
+    }
+  
+    ssl::check { "$name":
+      file   => "/etc/ssl/certs/$name.crt",
+      ensure => $ensure,
+    }
+  }
+
+  case $source {
+    true: {
+             file { "${apache2_sites}-available/$vhost":
+               ensure  => $ensure,
+               source  => [ "puppet:///modules/site-apache/vhosts/$domain/$title", 
+                            "puppet:///modules/site-apache/vhosts/$title" ],
+               owner   => root,
+               group   => root,
+               mode    => 0644,
+               require => File["${apache2_macros}"],
+               notify  => Service["apache"],
+             }
+           }
+    false: {
+             file { "${apache2_sites}-available/$vhost":
+               ensure  => $ensure,
+               content => template("$template"),
+               owner   => root,
+               group   => root,
+               mode    => 0644,
+               require => File["${apache2_macros}"],
+               notify  => Service["apache"],
+             }
+           }
+  }
+
+  # Enable the site without a2ensite
+  #
+  #$status = $ensure ? {
+  #  'present' => "${apache2_sites}-available/$vhost",
+  #  default   => 'absent',
+  #}
+  #
+  #file { "/etc/apache2/sites-enabled/$title":
+  #  ensure  => $status,
+  #  owner   => root,
+  #  group   => root,
+  #  require => File["${apache2_sites}-available/$title"],
+  #  notify  => Service["apache"],
+  #}
+
+  case $ensure {
+    'present': {
+      if ($docroot != false) and ($manage_docroot == true) {
+        if !defined(File["${docroot}"]) {
+          file { "${docroot}":
+            ensure  => present,
+            owner   => $owner,
+            group   => $group,
+            mode    => 0755,
+            recurse => false,
+          }
+        }
+        if !defined(Exec["check_docroot_${docroot}"]) {
+          # Ensure parent folder exist
+          exec { "check_docroot_${docroot}":
+            command => "/bin/mkdir -p ${docroot}",
+            unless  => "/bin/sh -c '[ -e ${docroot} ]'",
+            user    => root,
+            before  => File["${docroot}"], 
+          }
+        }
+      }
+      exec { "/usr/sbin/a2ensite $vhost":
+        unless  => "/bin/sh -c '[ -L ${apache2_sites}-enabled/$vhost ] \
+                && [ ${apache2_sites}-enabled/$vhost -ef ${apache2_sites}-available/$vhost ]'",
+        notify  => Exec["reload-apache2"],
+      }
+    }
+    'absent': {
+      exec { "/usr/sbin/a2dissite $vhost":
+        onlyif  => "/bin/sh -c '[ -L ${apache2_sites}-enabled/$vhost ] \
+                && [ ${apache2_sites}-enabled/$vhost -ef ${apache2_sites}-available/$vhost ]'",
+        notify  => Exec["reload-apache2"],
+      }
+
+      file { "${apache2_sites}-enabled/$vhost":
+        ensure => absent,
+        notify => Exec["reload-apache2"],
+      }
+    }
+    default: { err ("Unknown ensure value: '$ensure'") }
+  }
+}
author	Silvio Rhatto <rhatto@riseup.net>	2013-01-18 18:23:51 -0200
committer	Silvio Rhatto <rhatto@riseup.net>	2013-01-18 18:23:51 -0200
commit	35690aec253a16ca0c48f4fb249ce940dc5f48e0 (patch)
tree	31e7b7ecb45e2dbc11f518ab0f1fbfe894895e1f /manifests
parent	0785451f5599f0c6dad60908a5773742f3188f05 (diff)
download	puppet-apache-35690aec253a16ca0c48f4fb249ce940dc5f48e0.tar.gz puppet-apache-35690aec253a16ca0c48f4fb249ce940dc5f48e0.tar.bz2