Commit Graph

58 Commits

Author SHA1 Message Date
Clark Boylan c629d4779a Define params::ssl_path for vhost::proxy
The vhost::proxy vhost template file uses the ssl_path var.
Unfortuantely this isn't defined in params so we get errors like:

  Unknown variable: 'httpd::params::ssl_path'. at /etc/puppetlabs/code/modules/httpd/manifests/vhost/proxy.pp:37:15

Fix that by defining a value. Note this value should be correct for
debuntu, but is probably wrong for RHEL/CentOS.

Change-Id: Idbb1ac60a17d5506c4dd0d19eb10c1a45741c3b5
2020-03-05 09:14:29 -08:00
Clark Boylan 1609bb6a44 Fix leading :: on class includes to make linter happy
Why this needed to be a linter rule I do not know.

Change-Id: I27ba74c6060c9d2ad09b52bc38090ff9c1f83721
2020-03-05 09:14:07 -08:00
Colleen Murphy e5996fd275 Add content parameter to httpd::vhost
Evaluating the template from the vhost defined type rather than the
module where it originates causes problems when dereferencing the
variables in the ERB file. If they are not accessed via the internal
scope object, they can't be found when using puppet 4. The scope object
is also useless when the variables are defined in a defined type and not
a class.

This patch adds a new parameter, $content, which overrides the $template
parameter. If provided, $content indicates the literal string content
for the vhost, as opposed to a reference to a template that needs to be
rendered. This can be used like this:

  $content = template('example/example.vhost.erb')
  httpd::vhost { 'vhostname':
    content => $content,
    priority => 50
  }

This way the template is evaluated when the template() function is
called and has access to variables in that scope.

Change-Id: Ibe3c609d92f3321f43f4794062a64b119b07a1d0
2018-05-28 15:04:15 -07:00
Colleen Murphy 17543eceaf Parameterize the php mod package name
Change-Id: If61473b394605fa2599f53716792dd5568ad24c5
2017-06-11 19:53:48 +02:00
Yolanda Robla Mota 8fa18ba136 Fix selinux problems on vhost
When running on CentOS, that problem still persists: when trying
to access files under a vhost, apache was failing with
Access denied because search permissions are missing.

So running chcon on the docroot for each vhost

Please note that this change was reverted before. That was caused
by puppet-cgit sending a dummy location "MEANINGLESS ARGUMENT"
to docroot argument of vhost. To avoid that failure, execute only
the chcon call if docroot exists and is a directory.

Change-Id: I4ab7d4cc6d2115bd8f980be7f14a6a4557ffeb87
2016-07-22 08:57:46 +02:00
Paul Belanger fba135de66 Revert "Fix selinux problems on vhost"
We are reverting as this breaks our gitXX.o.o servers, which are centos-7. EG:

  (/Stage[main]/Cgit/Httpd::Vhost[git.openstack.org]/Exec[update_context_MEANINGLESS ARGUMENT]/returns) chcon: cannot access ‘MEANINGLESS’: No such file or directory

This reverts commit 10844f7c9e.

Change-Id: I06435e6203bd8770bc6a817d3f0b33a05d84bdf6
2016-07-20 23:24:41 +00:00
Yolanda Robla 10844f7c9e Fix selinux problems on vhost
When running on CentOS, two problems appeared:
- when using proxy, apache was failing with an error 500,
fixed by enabling httpd_can_network_connect

- when trying to access files under a vhost, apache was
failing with Access denied because search permissions
are missing. So running chcon on the docroot for each vhost

Change-Id: I87c4c0e51f05eab8f5c8e094c2c54504e60b97af
2016-06-26 09:53:35 +02:00
Andrey Nikitin 080f4bab6a Order of the classes parameters is refactored
Order and intendation of those parameters are changed
to follow Puppet Style Guide recommendation [0].
Moreover, it will allow to an user to find much faster
a variable in a list of variables.

[0]. https://docs.puppetlabs.com/guides/style_guide.html

Change-Id: If2443cbc57671784cfcb31bbe0ada0c09f78c996
2016-03-21 12:44:49 +03:00
Jenkins 3d6423ebdf Merge "Fixes vhost and vhost::proxy on Precise." 2015-11-03 17:16:51 +00:00
Jenkins f98e71bf65 Merge "Enable SNI on Ubuntu 12.04 LTS" 2015-10-21 19:43:32 +00:00
Jeremy Stanley ebdc05976f Enable SNI on Ubuntu 12.04 LTS
Enable Server Name Indication (SNI) on Ubuntu 12.04 LTS which runs
Apache 2.2. This allows running multiple HTTPS sites from one IP
address/TCP port when SubjectAltNames are specified in the
certificate, but MSIE on WinXP does not support this extension and
so will cease working for HTTPS sites managed by this module. Note
that this behavior is already implicit on Apache 2.4 based platforms
(such as Ubuntu 14.04 LTS).

Change-Id: I05c8e335f68d9461d8d81a3d12343d1920a738d4
2015-10-21 15:35:33 +00:00
Bruno Tavares d8e4764ac8 Fixes vhost and vhost::proxy on Precise.
We recently introduced on bf7ce40e2f the
use of mod_version. The module is enabled and installed by default on
Ubuntu Trusty 14.04, CentOS 6 and CentOS 7.

On Ubuntu Precise 12.04 the module comes installed, but not enabled by
default. This is needed to maintain compatibility with downstream pool
of servers.

Change-Id: I01a8a12b959e3cbecd0355562db0393404ae54bf
Co-Authored-By: Danilo Ramalho <dramalho@thoughtworks.com>
2015-10-20 18:07:41 -02:00
Jenkins 945f4f3862 Merge "Fix proxy and redirect configuration file names." 2015-10-20 08:36:32 +00:00
Bruno Tavares faf9d932ba Fix proxy and redirect configuration file names.
While working on puppet-lodgeit acceptance tests we found that the
configuration file that `httpd::mod::proxy` creates was not being picked
up by Apache because it was missing the prefix `.conf`. This transition
is required to configure httpd modules correctly on Apache >= 2.4

To prevent Apache from loading two the same configuration twice, we
remove the file without extension, so this change does not affect
running systems.

This change has fixes for `httpd::mod::proxy` and `httpd::mod::redirect`
as they have the same issue. We added tests as well to increase the
confidence on the fix.

The acceptance will be fixed on the follow-up patch, as the redirect
grants are broken for 2.4 as well.

Change-Id: I82241038d687316f91f18209fe8323c12422e2f8
Co-Authored-By: Danilo Ramalho <dramalho@thoughtworks.com>
2015-10-19 15:43:51 -02:00
Jeremy Stanley 0dcb175c42 Clean up doubled backslashes in logrotate config
According to
https://docs.puppetlabs.com/puppet/3.8/reference/lang_datatypes.html
there is no way to end a single-quoted string with a literal
backslash, so fold this content into the preceding double-quoted
string in an effort to satisfy the linter as well.

Change-Id: Ic639cd2fc1c7953cbf4311ce7c958f9bdb61e31b
2015-10-14 13:29:17 +00:00
Clint Adams a827227079 Allow specification of DocumentRoot when reverse-proxying partially
If any locations are being excluded from reverse-proxying, we need
to be able to specify a DocumentRoot to serve up un-proxied files.

Change-Id: I1c5fe6f73b5983886578975e89c5e4148b506795
2015-10-06 15:57:14 -04:00
Jenkins 2a142ac027 Merge "Allow specification of locations to not be proxied" 2015-10-06 07:27:48 +00:00
Clint Adams c39fde20ed Allow specification of locations to not be proxied
A user of httpd::vhost::proxy may wish to exclude certain URLs from
being proxied.  This change allows the template to be populated with
such exclusions.

Change-Id: I55a86d3c703a667daf55cb75cf559eb23a556219
2015-10-02 12:15:43 -04:00
Bruno Tavares edb7660f9b Add note of support on Python mods for CentOS 7.
CentOS 7 has offically deprecated mod_python in favor of mod_wsgi and
the package is not available anymore. This change add a note on the
module about the offically supported way to run python applications on
CentOS 7.

Change-Id: I9bf2e0dde6575f50db6ce12abf896b5890b42419
Co-Authored-By: Danilo Ramalho <dramalho@thoughtworks.com>
2015-09-28 14:50:03 -03:00
Bruno Tavares c180eeac3f Use httpd::mod when adding Apache modules.
Replace usage of httpd_mod with the httpd::mod wrapper to allow classes
to be applied as well on RedHat systems and have the httpd service
ordering fixed.

Change-Id: If790efd7b465e77c2eca7710f79e563d69ee3783
Co-Authored-By: Danilo Ramalho <dramalho@thoughtworks.com>
2015-09-28 14:50:03 -03:00
Bruno Tavares a6f2016567 Fix httpd::python.
While writing acceptance tests for puppet-httpd we noticed that the
manifest of httpd::python is not working on Ubuntu Trusty.

The httpd::python manifest was using a non-declared
$apache::params::mod_python_package instead of
$httpd::params::mod_python_package

Change-Id: I4db9298aba7da90a017527b2fb29dcd17af28efc
Co-Authored-By: Danilo Ramalho <dramalho@thoughtworks.com>
2015-09-28 14:50:03 -03:00
Andy James 69310a65cb Changed to match 'python_package' to 'mod_python package'
Matches the parameter name set in params.pp

Change-Id: Ib95acfbb5dd510ad6c1cb13cda8741a0ace149d2
2015-09-28 14:50:03 -03:00
Bruno Tavares 84c5d2bf6a Fix httpd::dev.
While writing acceptance tests for puppet-httpd we noticed that the
manifest of httpd::dev was not working on Ubuntu Trusty.

That is because httpd::dev was trying to install multiple package using
the wrong syntax. Also, the one of the modules for Ubuntu was wrong and
we updated to keep applying.

Co-Authored-By: Bruno Tavares <btavare@thoughtworks.com>
Co-Authored-By: Danilo Ramalho <dramalho@thoughtworks.com>

Change-Id: Ibe1e107417b4670902f74b8c2fedc0d9d927ce9b
2015-09-28 14:50:03 -03:00
Jenkins d3261cdc81 Merge "Create a httpd::mod defined type" 2015-09-28 17:31:07 +00:00
Spencer Krum 5b0ebdf555 Create a httpd::mod defined type
This allows for before => Service['httpd'] on every resource without
being explicit.

Co-Authored-By: Bruno Tavares <btavare@thoughtworks.com>
Co-Authored-By: Glauco Oliveira <gvinici@thoughtworks.com>

Change-Id: I0e991a7a63317e608cc6ef35b58dc79b518ba863
2015-09-25 12:21:31 -07:00
Jenkins f0d478b4f9 Merge "Add logrotate class to Apache" 2015-09-22 19:17:49 +00:00
Yolanda Robla 208feadbcd Add logrotate class to Apache
Adding this subclass to httpd configuration, to allow
modules using this manifest to setup log rotation for
apache on demand.
Please note that apache is installing a logrotate file by
default here, but naming that on same way will overwrite it,
and allow our desired log rotation.

Depends-On: I7451ecc550b50b85c55784ef598f6b45412117fc
Change-Id: I3ef60fd9386795007e5b55264cc6e91fa0b67c68
2015-08-15 09:13:17 +02:00
Jenkins d2e06d732b Merge "Add Gemfile and puppet 4 checks" 2015-08-11 05:07:50 +00:00
Jenkins 0b6f95fe3f Merge "Fix $httpd::vhost::proxy::servername parameter" 2015-08-09 03:00:03 +00:00
Colleen Murphy 17430b7507 Add Gemfile and puppet 4 checks
In anticipation of puppet 4, start trying to deal with puppet 4 things
that can be helpfully predicted by puppet lint plugins. Also fix errors
caught by the puppet-lint-unquoted_string-check and
puppet-lint-absolute_classname-check gems.

Change-Id: I9d74d25d2f2c95ec52a6db3bf070903240e1b933
2015-07-29 23:18:35 -07:00
Colleen Murphy eedc2abb66 Fix $httpd::vhost::proxy::servername parameter
The $httpd::vhost::proxy::servername parameter was not being used, and
the local variable $srvname was defaulting to the name of the defined
type. This patch copies the logic from httpd::vhost to conditionally
set $srvname to the $servername parameter if it is set, and default to
the old behavior if not.

Change-Id: I4936be856db1a1af279b7c3824606e2c0375e9a6
2015-07-29 23:18:17 -07:00
Timothy Chavez 6f79bf9f8c Revise offensive comment
Change-Id: I549b82c94551057fe52c47a5c859f7e7e9921450
2015-07-29 16:16:26 -05:00
Spencer Krum de611fb20e Remove a2mod definion
One snuck past the global renaming

Change-Id: I1d60946a30a32d0a117e61cc969e065fa39993e8
2015-02-25 03:27:55 -08:00
Spencer Krum dab0f45bea Rename apache2 to httpd globally
This renames the classes and defined types from apache to httpd.
With the 'httpd' module available, we can migrate usage of 'apache'
to 'httpd.' Eventually this will free the 'apache' namespace.

A native ruby type and provider is contained in this class. It is
not namespaced to the class name so it has been renamed from a2mod
to httpd_mod.

Change-Id: I056eb28a13e7ccc95f1496019bedc332c17dd458
2015-02-05 05:49:30 -08:00
Ian Wienand 482441c9af Add rake "lint" target, fix errors
Add the rake "lint" target, and fix resulting minor errors, which were:

---
 manifests/mod/python.pp - WARNING: class not documented on line 1
 manifests/mod/wsgi.pp - WARNING: class not documented on line 1
 manifests/vhost.pp - WARNING: variable not enclosed in {} on line 80
 manifests/vhost.pp - WARNING: variable not enclosed in {} on line 82
 manifests/vhost/redirect.pp - WARNING: variable not enclosed in {} on line 43
 manifests/vhost/redirect.pp - WARNING: variable not enclosed in {} on line 45
---

Change-Id: I2213f314d4bf92b4ddf58dbb19a80783380a55ce
2014-11-20 10:56:33 +11:00
Eric Shamow 42c636341f Changes to match style guide and pass puppet-lint without error
No substantive behavior changes - only spacing, line alignment,
quotation, etc.
2012-04-20 21:07:54 -07:00
Walter Heck 42bc8ba49a changed name => path for file resources in order to name namevar by it's name 2012-04-16 15:31:54 +08:00
Walter Heck 073964152d style guide fixes: 'true' <> true, $operatingsystem needs to be $::operatingsystem, etc. 2012-04-16 15:20:00 +08:00
William Van Hevelingen 05fcec5f9c (#13073) Add missing puppet spec tests
This commit adds full puppet spec coverage
for all classes and defines.
2012-03-16 00:38:53 -07:00
William Van Hevelingen 541afdaf9e (#6899) Remove virtual a2mod definition
Previously users were required to realize rewrite,
headers, and expires on debian systems. This commit
removes the virtual a2mod definition which makes the
three a2mod resources consistent with other operating
systems and other a2mod resources.
2012-03-13 11:45:03 -07:00
William Van Hevelingen 976cb69648 (#13072) Move mod python and wsgi package names to params
Previously apache::mod::python and apache::mod::wsgi used
a case statement to determine which package to install. This
commit moves the package names to the params class and fixes
the syntax errors introduced in commit 2b79e8b when the
selectors were changed to include Scientific Linux.
2012-03-12 19:58:34 -07:00
Ryan Coleman 5d8013a8c3 Merge pull request #13 from marut/ticket_12902_php_dependency_problem
(#12902) Re-enable local php class

Reviewed by Ryan Coleman (ryan@puppetlabs.com)
2012-03-12 02:11:56 -07:00
Ryan Coleman 3c0c1ac882 Merge pull request #12 from bodepd/make_vhost_firewalls_optional
Make management of firewalls configurable for vhosts

Reviewed by Ryan Coleman (ryan@puppetlabs.com)
2012-03-12 02:06:19 -07:00
Reid Vandewiele d3d0d23d06 Re-enable local php class
Previously, commit 8a56ee91 removed local control of the apache::php_package
management in favor of "include php". However, no dependency was added to the
Modulefile and to date the php module referenced in apache::php has not been
released.

This commit reinstates apache local class management of php to the apache::php
class (at least until such time as the puppetlabs-php module is released).
2012-02-29 20:17:54 -08:00
Dan Bode d7516c7662 Make management of firewalls configurable for vhosts
Previously, it was necessary to configure a firewall
entry for every port associated with a vhost.

This commit makes the confuration of firewalls for vhosts
configurable. This configuration option has been added to spare
users from having to configure firewalls if they do not wish
to.
2012-02-21 13:04:52 -08:00
Adrien Thebo f4d287f053 (#12581) Add explicit ordering for vdir directory
The apache::params::vdir directory depends on the existence of the
httpd package, and trying to include the module may cause an ordering
failure. Added the necessary explicit ordering.
2012-02-11 22:00:30 -08:00
David Alden a776a8b46d (#11071) Fix to work with latest firewall module
The firewall module deprecated the use of jump => accept, this patch now
changes this parameter to action => accept making it compatible with the
latest release.
2011-12-01 01:05:56 +00:00
David Alden 2b79e8bdd1 (#11070) Add support for Scientific Linux
This patch adds Scientific Linux to the various case statements so it is
supported. This also fixed the various templates so that the log location
is variable depending on weither the OS is Redhat based or Debian based.
2011-12-01 00:56:45 +00:00
Gary Larizza 57b904839b Commit apache::vhost::redirect Manifest 2011-07-15 15:27:50 -07:00
Gary Larizza 8862d013e6 Commit apache::vhost::proxy Manifest 2011-07-15 15:27:39 -07:00