# # Puppet module for Apache # # This module is distributed under the GNU Affero General Public License: # # Backup module for puppet # Copyright (C) 2009 Sarava Group # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as # published by the Free Software Foundation, either version 3 of the # License, or any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . # # Using code from Debian Apache2 recipe: # # http://reductivelabs.com/trac/puppet/wiki/Recipes/DebianApache2Recipe # $apache2_sites = "/etc/apache2/sites" $apache2_mods = "/etc/apache2/mods" $apache2_macros = "/etc/apache2/conf.d/macros" $apache2_conf = "/etc/apache2/apache2.conf" class apache { case $apache_www_folder { '': { $apache_www_folder = "/var/www" } } case $apache_sites_folder { '': { $apache_sites_folder = "${apache_www_folder}/sites" } } case $apache_error_folder { '': { $apache_error_folder = "${apache_www_folder}/error" } } case $apache_error_dest { '': { $apache_error_dest = "${apache_error_folder}/index.html" } } case $apache_server_name { '': { $apache_server_name = $hostname } } package { "apache": name => "apache2", ensure => installed, } package { "mod_macro": name => "libapache2-mod-macro", ensure => installed, } package { "apache2-mpm-itk": ensure => installed, } service { "apache": name => "apache2", ensure => running, require => Package["apache"], hasstatus => true, hasrestart => true, } module { "macro": ensure => present, require => Package["mod_macro"], } # apache mod_macro configuration file { "${apache2_macros}": ensure => present, content => template('apache/macros.erb'), owner => root, group => root, mode => 0644, require => Module["macro"], notify => Service["apache"], } # apache mod_macro configuration file { "${apache2_conf}": ensure => present, content => template('apache/apache2.conf.erb'), owner => root, group => root, mode => 0644, notify => Service["apache"], } define site($ensure = present, $docroot = false, $redirect = false, $redirect_match = false, $protocol = 'http', $aliases = false, $server_alias = false, $use = false, $ticket = false, $source = false, $template = 'apache/site.erb', $filename = '', $manage_docroot = true, $owner = 'root', $group = 'root', $mpm = true, $mpm_user = '', $mpm_group = '', $password = '*', $comment = '', $sshkey = absent, $groups = '', $shell = '/bin/false') { $vhost = $filename ? { '' => "$title", default => "$filename", } $hosting_domain = $base_domain ? { '' => $domain, default => $base_domain, } if $mpm == true and $user != 'root' { $user = $mpm_user ? { '' => $title, default => $mpm_user, } $gid = $mpm_group? { '' => $title, default => $mpm_group, } if !defined(Group[$gid]) { group { "$gid": ensure => $ensure, } } if !defined(User["$user"]) { user::manage { "$user": tag => "virtual", password => $password, gid => $gid, comment => $comment, ticket => $ticket, groups => $groups, sshkey => $sshkey, shell => $shell, ensure => $ensure, require => Group[$gid], } } } case $source { true: { file { "${apache2_sites}-available/$vhost": ensure => $ensure, source => "puppet://$server/files/apache/vhosts/$title", owner => root, group => root, mode => 0644, require => File["${apache2_macros}"], notify => Service["apache"], } } false: { file { "${apache2_sites}-available/$vhost": ensure => $ensure, content => template("$template"), owner => root, group => root, mode => 0644, require => File["${apache2_macros}"], notify => Service["apache"], } } } # Enable the site without a2ensite # #$status = $ensure ? { # 'present' => "${apache2_sites}-available/$vhost", # default => 'absent', #} # #file { "/etc/apache2/sites-enabled/$title": # ensure => $status, # owner => root, # group => root, # require => File["${apache2_sites}-available/$title"], # notify => Service["apache"], #} case $ensure { 'present': { if ($docroot != false) and ($manage_docroot == true) { if !defined(File["${docroot}"]) { file { "${docroot}": ensure => present, owner => $owner, group => $group, mode => 0755, recurse => false, } } if !defined(Exec["check_docroot_${docroot}"]) { # Ensure parent folder exist exec { "check_docroot_${docroot}": command => "/bin/mkdir -p ${docroot}", unless => "/bin/sh -c '[ -e ${docroot} ]'", user => root, before => File["${docroot}"], } } } exec { "/usr/sbin/a2ensite $vhost": unless => "/bin/sh -c '[ -L ${apache2_sites}-enabled/$vhost ] \ && [ ${apache2_sites}-enabled/$vhost -ef ${apache2_sites}-available/$vhost ]'", notify => Exec["reload-apache2"], } } 'absent': { exec { "/usr/sbin/a2dissite $vhost": onlyif => "/bin/sh -c '[ -L ${apache2_sites}-enabled/$vhost ] \ && [ ${apache2_sites}-enabled/$vhost -ef ${apache2_sites}-available/$vhost ]'", notify => Exec["reload-apache2"], } file { "${apache2_sites}-enabled/$vhost": ensure => absent, notify => Exec["reload-apache2"], } } default: { err ("Unknown ensure value: '$ensure'") } } } # Define an apache2 module. Debian packages place the module config # into /etc/apache2/mods-available. # # You can add a custom require (string) if the module depends on # packages that aren't part of the default apache2 package. Because of # the package dependencies, apache2 will automagically be included. define module($ensure = 'present') { case $ensure { 'present': { exec { "/usr/sbin/a2enmod $name": unless => "/bin/sh -c '[ -L ${apache2_mods}-enabled/${name}.load ] \ && [ ${apache2_mods}-enabled/${name}.load -ef ${apache2_mods}-available/${name}.load ]'", notify => Exec["force-reload-apache2"], } } 'absent': { exec { "/usr/sbin/a2dismod $name": onlyif => "/bin/sh -c '[ -L ${apache2_mods}-enabled/${name}.load ] \ && [ ${apache2_mods}-enabled/${name}.load -ef ${apache2_mods}-available/${name}.load ]'", notify => Exec["force-reload-apache2"], } } default: { err ("Unknown ensure value: '$ensure'") } } } # Notify this when apache needs a reload. This is only needed when # sites are added or removed, since a full restart then would be # a waste of time. When the module-config changes, a force-reload is # needed. exec { "reload-apache2": command => "/etc/init.d/apache2 reload", refreshonly => true, } exec { "force-reload-apache2": command => "/etc/init.d/apache2 force-reload", refreshonly => true, } }