Merge "Add apache configuration for zanata"

This commit is contained in:
Jenkins 2015-04-08 00:25:28 +00:00 committed by Gerrit Code Review
commit a30bc61be3
4 changed files with 144 additions and 1 deletions

83
manifests/apache.pp Normal file
View File

@ -0,0 +1,83 @@
# Copyright 2014 Hewlett-Packard Development Company, L.P.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: zanata::apache
#
class zanata::apache (
$vhost_name = $::fqdn,
$serveradmin = "webmaster@${::fqdn}",
$ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem',
$ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key',
$ssl_chain_file = '',
$ssl_cert_file_contents = '', # If left empty puppet will not create file.
$ssl_key_file_contents = '', # If left empty puppet will not create file.
$ssl_chain_file_contents = '', # If left empty puppet will not create file.
) {
include ::apache
include ::apache::ssl
a2mod { 'proxy':
ensure => present,
}
a2mod { 'proxy_http':
ensure => present,
}
a2mod { 'proxy_ajp':
ensure => present,
}
apache::vhost { $vhost_name:
port => 443,
docroot => 'MEANINGLESS ARGUMENT',
priority => '50',
template => 'zanata/zanata.vhost.erb',
ssl => true,
subscribe => File['/opt/wildfly/standalone/configuration/standalone.xml'],
}
if $ssl_cert_file_contents != '' {
file { $ssl_cert_file:
owner => 'root',
group => 'root',
mode => '0640',
content => $ssl_cert_file_contents,
before => Apache::Vhost[$vhost_name],
}
}
if $ssl_key_file_contents != '' {
file { $ssl_key_file:
owner => 'root',
group => 'root',
mode => '0640',
content => $ssl_key_file_contents,
before => Apache::Vhost[$vhost_name],
}
}
if $ssl_chain_file_contents != '' {
file { $ssl_chain_file:
owner => 'root',
group => 'root',
mode => '0640',
content => $ssl_chain_file_contents,
before => Apache::Vhost[$vhost_name],
}
}
}

View File

@ -35,12 +35,17 @@ class zanata(
$zanata_openid_provider_url = '',
$zanata_admin_users = '',
$zanata_listeners = [],
) {
$zanata_file = inline_template('<%= File.basename(@zanata_url) %>')
$zanata_hibernate_file = inline_template('<%= File.basename(@zanata_hibernate_url) %>')
$zanata_mojarra_file = inline_template('<%= File.basename(@zanata_mojarra_url) %>')
zanata::validate_listener { $zanata_listeners:
}
class { 'zanata::wildfly':
wildfly_version => $zanata_wildfly_version,
wildfly_install_source => $zanata_wildfly_install_url,
@ -143,5 +148,13 @@ class zanata(
Exec['unzip_hibernate'],
],
}
}
# == Define: zanata::validate_listener
#
define zanata::validate_listener ($listener = $name) {
$listeners = [ 'https', 'ajp' ]
if $listener and !($listener in $listeners) {
fail("${listener} is not a valid listener type")
}
}

View File

@ -534,6 +534,15 @@
<subsystem xmlns="urn:jboss:domain:undertow:1.1">
<buffer-cache name="default"/>
<server name="default-server">
<% @zanata_listeners.each do |listener| -%>
<% if listener == 'https' -%>
<% @listener_realm = ' security-realm="ApplicationRealm"' -%>
<% else -%>
<% @listener_realm = '' -%>
<% end -%>
<<%= listener %>-listener name="default.<%= listener %>" socket-binding="<%= listener %>"<%= @listener_realm %>/>
<% end -%>
<http-listener name="default" socket-binding="http"/>
<host name="default-host" alias="localhost">
<location name="/" handler="welcome-content"/>

View File

@ -0,0 +1,38 @@
<VirtualHost *:80>
ServerName <%= scope.lookupvar("zanata::apache::vhost_name") %>
ServerAdmin <%= scope.lookupvar("zanata::apache::serveradmin") %>
ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("zanata::apache::vhost_name") %>-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("zanata::apache::vhost_name") %>-access.log combined
Redirect / https://<%= scope.lookupvar("zanata::apache::vhost_name") %>/
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName <%= scope.lookupvar("zanata::apache::vhost_name") %>
ServerAdmin <%= scope.lookupvar("zanata::apache::serveradmin") %>
ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("zanata::apache::vhost_name") %>-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("zanata::apache::vhost_name") %>-access.log combined
SSLEngine on
SSLProtocol All -SSLv2 -SSLv3
SSLCertificateFile <%= scope.lookupvar("zanata::apache::ssl_cert_file") %>
SSLCertificateKeyFile <%= scope.lookupvar("zanata::apache::ssl_key_file") %>
<% if scope.lookupvar("zanata::apache::ssl_chain_file") != "" %>
SSLCertificateChainFile <%= scope.lookupvar("zanata::apache::ssl_chain_file") %>
<% end -%>
ProxyPass / ajp://127.0.0.1:8009/ retry=0
</VirtualHost>
</IfModule>