diff --git a/install_modules.sh b/install_modules.sh
index 6fde1aa0b9..e591aadd0b 100644
--- a/install_modules.sh
+++ b/install_modules.sh
@@ -26,7 +26,13 @@ if ! puppet help module >/dev/null 2>&1 ; then
apt-get install -y -o Dpkg::Options::="--force-confold" puppet facter
fi
-MODULES="puppetlabs-apt puppetlabs-mysql openstackci-dashboard openstackci-vcsrepo"
+MODULES="
+ openstackci-dashboard
+ openstackci-vcsrepo
+ puppetlabs-apache
+ puppetlabs-apt
+ puppetlabs-mysql
+ "
MODULE_LIST=`puppet module list`
# Transition away from old things
diff --git a/modules/etherpad_lite/manifests/apache.pp b/modules/etherpad_lite/manifests/apache.pp
new file mode 100644
index 0000000000..f4817db537
--- /dev/null
+++ b/modules/etherpad_lite/manifests/apache.pp
@@ -0,0 +1,58 @@
+class etherpad_lite::apache (
+ $vhost_name = $fqdn,
+ $etherpad_crt,
+ $etherpad_key
+) {
+
+ include remove_nginx
+
+ apache::vhost { $vhost_name:
+ post => 443,
+ docroot => 'MEANINGLESS ARGUMENT',
+ priority => '50',
+ template => 'etherpadlite/etherpadlite.vhost.erb',
+ require => File["/etc/ssl/certs/${vhost_name}.pem",
+ "/etc/ssl/private/${vhost_name}.key"],
+ ssl => true,
+ }
+ a2mod { 'rewrite':
+ ensure => present
+ }
+ a2mod { 'proxy':
+ ensure => present
+ }
+ a2mod { 'proxy_http':
+ ensure => present
+ }
+
+ file { '/etc/ssl/certs':
+ ensure => directory,
+ owner => 'root',
+ mode => 0700,
+ }
+
+ file { '/etc/ssl/private':
+ ensure => directory,
+ owner => 'root',
+ mode => 0700,
+ }
+
+ file { "/etc/ssl/cert/${vhost_name}.pem":
+ ensure => present,
+ replace => true,
+ owner => 'root',
+ mode => 0600,
+ content => template('etherpad_lite/eplite.crt.erb'),
+ require => Apache::Vhost[$vhost_name],
+ }
+
+ file { '/etc/ssl/private/${vhost_name}.key':
+ ensure => present,
+ replace => true,
+ owner => 'root',
+ mode => 0600,
+ content => template('etherpad_lite/eplite.key.erb'),
+ require => Apache::Vhost[$vhost_name],
+ }
+
+}
diff --git a/modules/etherpad_lite/manifests/init.pp b/modules/etherpad_lite/manifests/init.pp
index b5c7ebaefc..1a6da2cde4 100644
--- a/modules/etherpad_lite/manifests/init.pp
+++ b/modules/etherpad_lite/manifests/init.pp
@@ -38,7 +38,7 @@ define buildsource(
# include etherpad_lite
# include etherpad_lite::mysql # necessary to use mysql as the backend
# include etherpad_lite::site # configures etherpad lite instance
-# include etherpad_lite::nginx # will add reverse proxy on localhost
+# include etherpad_lite::apache # will add reverse proxy on localhost
# The defaults for all the classes should just work (tm)
#
#
diff --git a/modules/etherpad_lite/manifests/nginx.pp b/modules/etherpad_lite/manifests/nginx.pp
deleted file mode 100644
index bb7574b481..0000000000
--- a/modules/etherpad_lite/manifests/nginx.pp
+++ /dev/null
@@ -1,62 +0,0 @@
-class etherpad_lite::nginx (
- $default_server = 'default_server',
- $server_name = $fqdn,
- $etherpad_crt,
- $etherpad_key
-) {
-
- package { 'nginx':
- ensure => present
- }
-
- file { '/etc/nginx/sites-enabled/default':
- ensure => absent,
- require => Package['nginx'],
- notify => Service['nginx']
- }
-
- file { '/etc/nginx/sites-available/etherpad-lite':
- ensure => present,
- content => template('etherpad_lite/nginx.erb'),
- replace => 'true',
- owner => 'root',
- require => File['/etc/nginx/ssl/eplite.crt', '/etc/nginx/ssl/eplite.key'],
- notify => Service['nginx']
- }
-
- file { '/etc/nginx/sites-enabled/etherpad-lite':
- ensure => link,
- target => '/etc/nginx/sites-available/etherpad-lite'
- }
-
- file { '/etc/nginx/ssl':
- ensure => directory,
- owner => 'root',
- mode => 0700,
- }
-
- file { '/etc/nginx/ssl/eplite.crt':
- ensure => present,
- replace => true,
- owner => 'root',
- mode => 0600,
- content => template('etherpad_lite/eplite.crt.erb'),
- require => Package['nginx'],
- }
-
- file { '/etc/nginx/ssl/eplite.key':
- ensure => present,
- replace => true,
- owner => 'root',
- mode => 0600,
- content => template('etherpad_lite/eplite.key.erb'),
- require => Package['nginx'],
- }
-
- service { 'nginx':
- enable => true,
- ensure => running,
- hasrestart => true
- }
-
-}
diff --git a/modules/etherpad_lite/templates/etherpadlite.vhost.erb b/modules/etherpad_lite/templates/etherpadlite.vhost.erb
new file mode 100644
index 0000000000..64cb28963a
--- /dev/null
+++ b/modules/etherpad_lite/templates/etherpadlite.vhost.erb
@@ -0,0 +1,44 @@
+:80>
+ ServerAdmin <%= scope.lookupvar("etherpad_lite::serveradmin") %>
+
+ ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::vhost_name") %>-error.log
+
+ LogLevel warn
+
+ CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::vhost_name") %>-access.log combined
+
+ Redirect / https://<%= scope.lookupvar("etherpad_lite::vhost_name") %>/
+
+
+
+
+:443>
+ ServerName <%= scope.lookupvar("etherpad_lite::vhost_name") %>
+ ServerAdmin <%= scope.lookupvar("etherpad_lite::serveradmin") %>
+
+ ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::vhost_name") %>-ssl-error.log
+
+ LogLevel warn
+
+ CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::vhost_name") %>-ssl-access.log combined
+
+ SSLEngine on
+
+ SSLCertificateFile /etc/ssl/certs/<%= scope.lookupvar("etherpad_lite::vhost_name") %>.pem
+ SSLCertificateKeyFile /etc/ssl/private/<%= scope.lookupvar("etherpad_lite::vhost_name") %>.key
+
+ BrowserMatch "MSIE [2-6]" \
+ nokeepalive ssl-unclean-shutdown \
+ downgrade-1.0 force-response-1.0
+ # MSIE 7 and newer should be able to use keepalive
+ BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
+
+ RewriteEngine on
+ RewriteCond %{HTTP_HOST} !<%= scope.lookupvar("etherpad_lite::vhost_name") %>
+ RewriteRule ^.*$ https://<%= scope.lookupvar("etherpad_lite::vhost_name") %>
+ RewriteRule ^/(.*)$ http://localhost:9001/$1 [P]
+
+ ProxyPassReverse / http://localhost:9001/
+
+
+
diff --git a/modules/etherpad_lite/templates/nginx.erb b/modules/etherpad_lite/templates/nginx.erb
deleted file mode 100644
index a816749df4..0000000000
--- a/modules/etherpad_lite/templates/nginx.erb
+++ /dev/null
@@ -1,29 +0,0 @@
-server {
- listen 443 <%= default_server %>;
- server_name <%= server_name %>;
-
- access_log /var/log/nginx/eplite.access.log;
- error_log /var/log/nginx/eplite.error.log;
-
- ssl on;
- ssl_certificate /etc/nginx/ssl/eplite.crt;
- ssl_certificate_key /etc/nginx/ssl/eplite.key;
-
- ssl_session_timeout 5m;
-
- ssl_protocols SSLv2 SSLv3 TLSv1;
- ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
- ssl_prefer_server_ciphers on;
-
- location / {
- proxy_pass http://localhost:9001/;
- proxy_set_header Host $host;
- proxy_buffering off;
- }
-}
-
-server {
- listen 80 <%= default_server %>;
- server_name <%= server_name %>;
- rewrite ^(.*) https://$server_name$1 permanent;
-}
diff --git a/modules/gerrit/manifests/init.pp b/modules/gerrit/manifests/init.pp
index 71a51804b3..219a6a9c51 100644
--- a/modules/gerrit/manifests/init.pp
+++ b/modules/gerrit/manifests/init.pp
@@ -1,6 +1,6 @@
# Install and maintain Gerrit Code Review.
# params:
-# virtual_hostname:
+# vhost_name:
# used in the Apache virtual host, eg., review.example.com
# canonicalweburl:
# Used in the Gerrit config to generate links, eg., https://review.example.com/
@@ -53,8 +53,9 @@
# which can interfere with testing.
# TODO: make more gerrit options configurable here
-class gerrit($virtual_hostname=$fqdn,
+class gerrit($vhost_name=$fqdn,
$canonicalweburl="https://$fqdn/",
+ $serveradmin="webmaster@$fqdn",
$ssl_cert_file='/etc/ssl/certs/ssl-cert-snakeoil.pem',
$ssl_key_file='/etc/ssl/private/ssl-cert-snakeoil.key',
$ssl_chain_file='',
@@ -87,7 +88,6 @@ class gerrit($virtual_hostname=$fqdn,
) {
include apache
- require apache::dev
$java_home = $lsbdistcodename ? {
"precise" => "/usr/lib/jvm/java-6-openjdk-amd64/jre",
@@ -248,7 +248,7 @@ class gerrit($virtual_hostname=$fqdn,
# Set up apache.
- apache::vhost { $virtual_hostname:
+ apache::vhost { $vhost_name:
port => 443,
docroot => 'MEANINGLESS ARGUMENT',
priority => '50',
diff --git a/modules/gerrit/templates/gerrit.vhost.erb b/modules/gerrit/templates/gerrit.vhost.erb
index b978ddce3e..40ec8b6fd3 100644
--- a/modules/gerrit/templates/gerrit.vhost.erb
+++ b/modules/gerrit/templates/gerrit.vhost.erb
@@ -1,17 +1,20 @@
-
+:80>
+ ServerAdmin <%= scope.lookupvar("gerrit::serveradmin") %>
+
ErrorLog ${APACHE_LOG_DIR}/gerrit-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/gerrit-access.log combined
- Redirect / <%= scope.lookupvar("gerrit::canonicalweburl") %>
+ Redirect / https://<%= scope.lookupvar("gerrit::vhost_name") %>/
-
- ServerName <%= scope.lookupvar("gerrit::virtual_hostname") %>
+:443>
+ ServerName <%= scope.lookupvar("gerrit::vhost_name") %>
+ ServerAdmin <%= scope.lookupvar("gerrit::serveradmin") %>
ErrorLog ${APACHE_LOG_DIR}/gerrit-ssl-error.log
@@ -41,7 +44,7 @@
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
RewriteEngine on
- RewriteCond %{HTTP_HOST} !<%= scope.lookupvar("gerrit::virtual_hostname") %>
+ RewriteCond %{HTTP_HOST} !<%= scope.lookupvar("gerrit::vhost_name") %>
RewriteRule ^.*$ <%= scope.lookupvar("gerrit::canonicalweburl") %>
<% if scope.lookupvar("gerrit::replicate_local") -%>
RewriteCond %{REQUEST_URI} !^/p/
diff --git a/modules/gerritbot/manifests/init.pp b/modules/gerritbot/manifests/init.pp
index 89b488de5f..45864e72f0 100644
--- a/modules/gerritbot/manifests/init.pp
+++ b/modules/gerritbot/manifests/init.pp
@@ -3,7 +3,7 @@ class gerritbot(
$password,
$server,
$user,
- $virtual_hostname
+ $vhost_name
) {
file { "/usr/local/gerrit/gerritbot":
diff --git a/modules/gerritbot/templates/gerritbot.config.erb b/modules/gerritbot/templates/gerritbot.config.erb
index 5bcb5658ca..0712697c3a 100644
--- a/modules/gerritbot/templates/gerritbot.config.erb
+++ b/modules/gerritbot/templates/gerritbot.config.erb
@@ -9,5 +9,5 @@ lockfile=/var/run/gerritbot/gerritbot.pid
[gerrit]
user=<%= user %>
key=/home/gerrit2/.ssh/gerritbot_rsa
-host=<%= virtual_hostname %>
+host=<%= vhost_name %>
port=29418
diff --git a/modules/jenkins_master/manifests/init.pp b/modules/jenkins_master/manifests/init.pp
index dab3ada059..701f9fa210 100644
--- a/modules/jenkins_master/manifests/init.pp
+++ b/modules/jenkins_master/manifests/init.pp
@@ -1,4 +1,6 @@
-class jenkins_master($site, $serveradmin, $logo,
+class jenkins_master($vhost_name=$fqdn,
+ $serveradmin="webmaster@$fqdn",
+ $logo,
$ssl_cert_file='',
$ssl_key_file='',
$ssl_chain_file=''
@@ -6,6 +8,7 @@ class jenkins_master($site, $serveradmin, $logo,
include pip
include apt
+ include apache
#This key is at http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key
apt::key { "jenkins":
@@ -22,74 +25,25 @@ class jenkins_master($site, $serveradmin, $logo,
include_src => false,
}
- file { '/etc/apache2/sites-available/jenkins':
- owner => 'root',
- group => 'root',
- mode => 444,
- ensure => 'present',
- content => template("jenkins_master/jenkins.vhost.erb"),
- replace => 'true',
- require => Package['apache2'],
+ apache::vhost { $vhost_name:
+ port => 443,
+ docroot => 'MEANINGLESS ARGUMENT',
+ priority => '50',
+ template => 'jenkins_master/jenkins.vhost.erb',
+ ssl => true,
}
-
- file { '/etc/apache2/sites-enabled/jenkins':
- target => '/etc/apache2/sites-available/jenkins',
- ensure => link,
- require => [
- File['/etc/apache2/sites-available/jenkins'],
- File['/etc/apache2/mods-enabled/ssl.conf'],
- File['/etc/apache2/mods-enabled/ssl.load'],
- File['/etc/apache2/mods-enabled/rewrite.load'],
- File['/etc/apache2/mods-enabled/proxy.conf'],
- File['/etc/apache2/mods-enabled/proxy.load'],
- File['/etc/apache2/mods-enabled/proxy_http.load'],
- ],
+ a2mod { 'rewrite':
+ ensure => present
}
-
- file { '/etc/apache2/sites-enabled/000-default':
- require => File['/etc/apache2/sites-available/jenkins'],
- ensure => absent,
+ a2mod { 'proxy':
+ ensure => present
}
-
- file { '/etc/apache2/mods-enabled/ssl.conf':
- target => '/etc/apache2/mods-available/ssl.conf',
- ensure => link,
- require => Package['apache2'],
- }
-
- file { '/etc/apache2/mods-enabled/ssl.load':
- target => '/etc/apache2/mods-available/ssl.load',
- ensure => link,
- require => Package['apache2'],
- }
-
- file { '/etc/apache2/mods-enabled/rewrite.load':
- target => '/etc/apache2/mods-available/rewrite.load',
- ensure => link,
- require => Package['apache2'],
- }
-
- file { '/etc/apache2/mods-enabled/proxy.conf':
- target => '/etc/apache2/mods-available/proxy.conf',
- ensure => link,
- require => Package['apache2'],
- }
-
- file { '/etc/apache2/mods-enabled/proxy.load':
- target => '/etc/apache2/mods-available/proxy.load',
- ensure => link,
- require => Package['apache2'],
- }
-
- file { '/etc/apache2/mods-enabled/proxy_http.load':
- target => '/etc/apache2/mods-available/proxy_http.load',
- ensure => link,
- require => Package['apache2'],
+ a2mod { 'proxy_http':
+ ensure => present
}
$packages = [
"python-babel",
- "apache2",
"wget",
]
@@ -142,13 +96,6 @@ class jenkins_master($site, $serveradmin, $logo,
command => "apt-get update",
}
- exec { "gracefully restart apache":
- subscribe => [ File["/etc/apache2/sites-available/jenkins"]],
- refreshonly => true,
- path => "/bin:/usr/bin:/usr/sbin",
- command => "apache2ctl graceful",
- }
-
file { "/var/lib/jenkins/plugins/simple-theme-plugin":
ensure => directory,
owner => 'jenkins',
diff --git a/modules/jenkins_master/templates/jenkins.vhost.erb b/modules/jenkins_master/templates/jenkins.vhost.erb
index 795c4c877d..6d7612705a 100644
--- a/modules/jenkins_master/templates/jenkins.vhost.erb
+++ b/modules/jenkins_master/templates/jenkins.vhost.erb
@@ -1,37 +1,32 @@
-
- ServerAdmin <%= serveradmin %>
+:80>
+ ServerAdmin <%= scope.lookupvar("jenkins::serveradmin") %>
ErrorLog ${APACHE_LOG_DIR}/jenkins-error.log
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/jenkins-access.log combined
- Redirect / https://<%= site %>/
+ Redirect / https://<%= scope.lookupvar("jenkins::vhost_name") %>/
-
- ServerAdmin <%= serveradmin %>
+:443>
+ ServerName <%= scope.lookupvar("jenkins::vhost_name") %>
+ ServerAdmin <%= scope.lookupvar("jenkins::serveradmin") %>
ErrorLog ${APACHE_LOG_DIR}/jenkins-ssl-error.log
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/jenkins-ssl-access.log combined
- # SSL Engine Switch:
- # Enable/Disable SSL for this virtual host.
SSLEngine on
- SSLCertificateFile <%= ssl_cert_file %>
- SSLCertificateKeyFile <%= ssl_key_file %>
- <% if ssl_chain_file != "" %>
- SSLCertificateChainFile <%= ssl_chain_file %>
+ SSLCertificateFile <%= scope.lookupvar("jenkins::ssl_cert_file") %>
+ SSLCertificateKeyFile <%= scope.lookupvar("jenkins::ssl_key_file") %>
+ <% if scope.lookupvar("jenkins::ssl_chain_file") != "" %>
+ SSLCertificateChainFile <%= scope.lookupvar("jenkins::ssl_chain_file") %>
<% end %>
BrowserMatch "MSIE [2-6]" \
@@ -41,8 +36,8 @@
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
RewriteEngine on
- RewriteCond %{HTTP_HOST} !<%= site %>
- RewriteRule ^.*$ https://<%= site %>/
+ RewriteCond %{HTTP_HOST} !<%= scope.lookupvar("jenkins::vhost_name") %>
+ RewriteRule ^.*$ https://<%= scope.lookupvar("jenkins::vhost_name") %>/
RewriteRule /zuul/status http://127.0.0.1:8001/status [P]
diff --git a/modules/jenkins_master/templates/openstack.js.erb b/modules/jenkins_master/templates/openstack.js.erb
index 8641809024..9497e32b76 100644
--- a/modules/jenkins_master/templates/openstack.js.erb
+++ b/modules/jenkins_master/templates/openstack.js.erb
@@ -10,7 +10,7 @@ function makeDoubleDelegate(function1, function2) {
function chgeLogo() {
var imgs=document.getElementsByTagName("img");
var imgTag = document.createElement("img");
- imgTag.setAttribute("src","https://<%= site %>/plugin/simple-theme-plugin/title.png");
+ imgTag.setAttribute("src","https://<%= vhost_name %>/plugin/simple-theme-plugin/title.png");
imgTag.setAttribute("style", "vertical-align: middle;padding-left: 0.75em;");
imgs[0].parentNode.appendChild(imgTag);
var spanTag = document.createElement("span");
diff --git a/modules/lodgeit/manifests/init.pp b/modules/lodgeit/manifests/init.pp
index f85ddf7858..bfe9d20b86 100644
--- a/modules/lodgeit/manifests/init.pp
+++ b/modules/lodgeit/manifests/init.pp
@@ -1,6 +1,5 @@
class lodgeit {
- $packages = [ "nginx",
- "python-imaging",
+ $packages = [ "python-imaging",
"python-jinja2",
"python-pybabel",
"python-werkzeug",
@@ -9,7 +8,15 @@ class lodgeit {
"drizzle",
"python-mysqldb" ]
+ include apache
+
include pip
+ a2mod { 'proxy':
+ ensure => present
+ }
+ a2mod { 'proxy_http':
+ ensure => present
+ }
package { $packages: ensure => present }
diff --git a/modules/lodgeit/manifests/site.pp b/modules/lodgeit/manifests/site.pp
index 031551f9e3..82f57d7636 100644
--- a/modules/lodgeit/manifests/site.pp
+++ b/modules/lodgeit/manifests/site.pp
@@ -1,17 +1,11 @@
-define lodgeit::site($port, $image="") {
+define lodgeit::site($vhost_name="paste.$name.org", $port, $image="") {
- file { "/etc/nginx/sites-available/${name}":
- ensure => 'present',
- content => template("lodgeit/nginx.erb"),
- replace => 'true',
- require => Package[nginx],
- notify => Service[nginx]
- }
+ include remove_nginx
- file { "/etc/nginx/sites-enabled/${name}":
- ensure => link,
- target => "/etc/nginx/sites-available/${name}",
- require => Package[nginx]
+ apache::vhost::proxy { $vhost_name:
+ port => 80,
+ dest => "http://localhost:$port",
+ require => File["/srv/lodgeit/${name}"],
}
file { "/etc/init/${name}-paste.conf":
diff --git a/modules/lodgeit/templates/nginx.erb b/modules/lodgeit/templates/nginx.erb
deleted file mode 100644
index 13223fd032..0000000000
--- a/modules/lodgeit/templates/nginx.erb
+++ /dev/null
@@ -1,10 +0,0 @@
-server {
- listen 80;
- server_name paste.<%= name %>.org;
- root /srv/lodgeit/<%= name %>;
-
- location / {
- proxy_pass http://localhost:<%= port %>/;
- }
-}
-
diff --git a/modules/mailman/manifests/init.pp b/modules/mailman/manifests/init.pp
index 70a452259f..c838d44377 100644
--- a/modules/mailman/manifests/init.pp
+++ b/modules/mailman/manifests/init.pp
@@ -1,17 +1,19 @@
-class mailman($mailman_host='') {
+class mailman($vhost_name=$fqdn) {
+
+ include apache
package { "mailman":
ensure => installed,
}
- package { "apache2":
- ensure => installed,
+ apache::vhost { $vhost_name:
+ port => 80,
+ docroot => "/var/www/",
+ priority => '50',
+ template => 'mailman/mailman.vhost.erb',
}
-
- file { '/etc/apache2/mods-enabled/rewrite.load':
- target => '/etc/apache2/mods-available/rewrite.load',
- ensure => link,
- require => Package['apache2'],
+ a2mod { 'rewrite':
+ ensure => present
}
file { "/var/www/index.html":
@@ -34,37 +36,6 @@ class mailman($mailman_host='') {
require => Package["mailman"]
}
- file { "/etc/apache2/sites-available/mailman":
- content => template('mailman/mailman.vhost.erb'),
- owner => 'root',
- group => 'root',
- ensure => 'present',
- replace => 'true',
- mode => 444,
- require => Package["apache2"],
- }
-
- file { "/etc/apache2/sites-enabled/mailman":
- ensure => link,
- target => '/etc/apache2/sites-available/mailman',
- require => [
- File['/etc/apache2/sites-available/mailman'],
- File['/etc/apache2/mods-enabled/rewrite.load'],
- ],
- }
-
- file { '/etc/apache2/sites-enabled/000-default':
- require => File['/etc/apache2/sites-available/mailman'],
- ensure => absent,
- }
-
- exec { "gracefully restart apache":
- subscribe => [ File["/etc/apache2/sites-available/mailman"]],
- refreshonly => true,
- path => "/bin:/usr/bin:/usr/sbin",
- command => "apache2ctl graceful",
- }
-
service { 'mailman':
ensure => running,
hasrestart => true,
@@ -73,13 +44,6 @@ class mailman($mailman_host='') {
require => Package["mailman"]
}
- service { 'apache2':
- ensure => running,
- hasrestart => true,
- subscribe => File["/etc/apache2/sites-available/mailman"],
- require => Package["apache2"]
- }
-
file { '/etc/mailman/en':
owner => 'root',
group => 'list',
diff --git a/modules/mailman/templates/mailman.vhost.erb b/modules/mailman/templates/mailman.vhost.erb
index 16f613abb6..263a0b2a2a 100644
--- a/modules/mailman/templates/mailman.vhost.erb
+++ b/modules/mailman/templates/mailman.vhost.erb
@@ -1,13 +1,13 @@
- ServerName <%= mailman_host %>
+ ServerName <%= scope.lookupvar("mailman::vhost_name") %>
- ErrorLog ${APACHE_LOG_DIR}/mailman-error.log
+ ErrorLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("mailman::vhost_name") %>-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
- CustomLog ${APACHE_LOG_DIR}/mailman-access.log combined
+ CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("mailman::vhost_name") %>-access.log combined
DocumentRoot /var/www
diff --git a/modules/meetbot/manifests/init.pp b/modules/meetbot/manifests/init.pp
index a28bd1e2c5..de3fdf99b5 100644
--- a/modules/meetbot/manifests/init.pp
+++ b/modules/meetbot/manifests/init.pp
@@ -1,5 +1,7 @@
class meetbot {
+ include apache
+
vcsrepo { "/opt/meetbot":
ensure => latest,
provider => git,
diff --git a/modules/meetbot/manifests/site.pp b/modules/meetbot/manifests/site.pp
index feafdca46f..70bc23fc7b 100644
--- a/modules/meetbot/manifests/site.pp
+++ b/modules/meetbot/manifests/site.pp
@@ -1,17 +1,11 @@
-define meetbot::site($nick, $nickpass, $network, $server, $url=$fqdn, $channels, $use_ssl) {
+define meetbot::site($nick, $nickpass, $network, $server, $vhost_name=$fqdn, $channels, $use_ssl) {
- file { "/etc/nginx/sites-available/${name}-meetbot":
- ensure => 'present',
- content => template("meetbot/nginx.erb"),
- replace => 'true',
- require => Package[nginx],
- notify => Service[nginx]
- }
+ include remove_nginx
- file { "/etc/nginx/sites-enabled/${name}-meetbot":
- ensure => link,
- target => "/etc/nginx/sites-available/${name}-meetbot",
- require => Package[nginx]
+ apache::vhost { $vhost_name:
+ port => 80,
+ docroot => "/srv/meetbot-$name",
+ priority => '50',
}
file { "/var/lib/meetbot/${name}":
diff --git a/modules/meetbot/templates/nginx.erb b/modules/meetbot/templates/nginx.erb
deleted file mode 100644
index 8ce7d625b7..0000000000
--- a/modules/meetbot/templates/nginx.erb
+++ /dev/null
@@ -1,19 +0,0 @@
-server {
- listen 80;
- server_name <%= url %>;
- root /srv/meetbot-<%= name %>;
-
- types {
- text/plain log;
- text/plain txt;
- text/html html;
- }
-
- location /meetings {
- autoindex on;
- }
-
- location /irclogs {
- autoindex on;
- }
-}
diff --git a/modules/openstack_project/manifests/etherpad.pp b/modules/openstack_project/manifests/etherpad.pp
index cd2d32ce73..f407b227b4 100644
--- a/modules/openstack_project/manifests/etherpad.pp
+++ b/modules/openstack_project/manifests/etherpad.pp
@@ -7,7 +7,7 @@ class openstack_project::etherpad(
}
include etherpad_lite
- class { 'etherpad_lite::nginx':
+ class { 'etherpad_lite::apache':
etherpad_crt => $etherpad_crt,
etherpad_key => $etherpad_key,
}
diff --git a/modules/openstack_project/manifests/gerrit.pp b/modules/openstack_project/manifests/gerrit.pp
index ba1a7a01ca..5e7c986dad 100644
--- a/modules/openstack_project/manifests/gerrit.pp
+++ b/modules/openstack_project/manifests/gerrit.pp
@@ -4,8 +4,9 @@
# TODO: launchpadlib creds for user sync script
class openstack_project::gerrit (
- $virtual_hostname=$fqdn,
+ $vhost_name=$fqdn,
$canonicalweburl="https://$fqdn/",
+ $serveradmin='webmaster@openstack.org',
$ssl_cert_file='',
$ssl_key_file='',
$ssl_chain_file='',
@@ -36,7 +37,7 @@ class openstack_project::gerrit (
}
class { '::gerrit':
- virtual_hostname => $virtual_hostname,
+ vhost_name => $vhost_name,
canonicalweburl => $canonicalweburl,
# opinions
enable_melody => 'true',
diff --git a/modules/openstack_project/manifests/jenkins_dev.pp b/modules/openstack_project/manifests/jenkins_dev.pp
index 661dc094d3..5d064e6f52 100644
--- a/modules/openstack_project/manifests/jenkins_dev.pp
+++ b/modules/openstack_project/manifests/jenkins_dev.pp
@@ -8,7 +8,7 @@ class openstack_project::jenkins_dev {
backup_server => 'ci-backup-rs-ord.openstack.org'
}
class { 'jenkins_master':
- site => 'jenkins-dev.openstack.org',
+ vhost_name => 'jenkins-dev.openstack.org',
serveradmin => 'webmaster@openstack.org',
logo => 'openstack.png',
ssl_cert_file => '/etc/ssl/certs/ssl-cert-snakeoil.pem',
diff --git a/modules/openstack_project/manifests/pypi.pp b/modules/openstack_project/manifests/pypi.pp
index f4ee6b49e1..4523dc6cac 100644
--- a/modules/openstack_project/manifests/pypi.pp
+++ b/modules/openstack_project/manifests/pypi.pp
@@ -14,7 +14,6 @@ class openstack_project::pypi {
}
class { "pypimirror":
- base_url => "http://pypi.openstack.org",
projects => $openstack_project::project_list,
}
}
diff --git a/modules/openstack_project/manifests/review.pp b/modules/openstack_project/manifests/review.pp
index 1bac91c75f..a03f26d267 100644
--- a/modules/openstack_project/manifests/review.pp
+++ b/modules/openstack_project/manifests/review.pp
@@ -58,7 +58,7 @@ class openstack_project::review(
password => $gerritbot_password,
server => 'irc.freenode.net',
user => 'gerritbot',
- virtual_hostname => $fqdn
+ vhost_name => $fqdn
}
include gerrit::remotes
}
diff --git a/modules/openstack_project/manifests/review_dev.pp b/modules/openstack_project/manifests/review_dev.pp
index 9ecd48dfb7..bbf184c1a2 100644
--- a/modules/openstack_project/manifests/review_dev.pp
+++ b/modules/openstack_project/manifests/review_dev.pp
@@ -4,7 +4,7 @@ class openstack_project::review_dev(
$mysql_root_password,
$email_private_key) {
class { 'openstack_project::gerrit':
- virtual_hostname => 'review-dev.openstack.org',
+ vhost_name => 'review-dev.openstack.org',
canonicalweburl => "https://review-dev.openstack.org/",
ssl_cert_file => '/etc/ssl/certs/ssl-cert-snakeoil.pem',
ssl_key_file => '/etc/ssl/private/ssl-cert-snakeoil.key',
diff --git a/modules/planet/manifests/init.pp b/modules/planet/manifests/init.pp
index c4bf6d233f..9801379d2f 100644
--- a/modules/planet/manifests/init.pp
+++ b/modules/planet/manifests/init.pp
@@ -4,10 +4,6 @@ class planet {
ensure => present
}
- package { 'nginx':
- ensure => present
- }
-
file { '/srv/planet':
ensure => directory
}
@@ -20,9 +16,4 @@ class planet {
ensure => directory
}
- service { "nginx":
- ensure => running,
- hasrestart => true
- }
-
}
diff --git a/modules/planet/manifests/site.pp b/modules/planet/manifests/site.pp
index bd6912fa39..cf26ce47d5 100644
--- a/modules/planet/manifests/site.pp
+++ b/modules/planet/manifests/site.pp
@@ -1,17 +1,13 @@
-define planet::site($git_url) {
+define planet::site($git_url, $vhost_name="planet.${name}.org") {
- file { "/etc/nginx/sites-available/planet-${name}":
- ensure => present,
- content => template("planet/nginx.erb"),
- replace => true,
- require => Package[nginx],
- notify => Service[nginx]
- }
+ include apache
+ include remove_nginx
- file { "/etc/nginx/sites-enabled/planet-${name}":
- ensure => link,
- target => "/etc/nginx/sites-available/planet-${name}",
- require => Package[nginx],
+ apache::vhost { $vhost_name:
+ port => 80,
+ priority => '50',
+ docroot => "/srv/planet/${name}",
+ require => File["/srv/planet"],
}
vcsrepo { "/var/lib/planet/${name}":
diff --git a/modules/planet/templates/nginx.erb b/modules/planet/templates/nginx.erb
deleted file mode 100644
index 9448656588..0000000000
--- a/modules/planet/templates/nginx.erb
+++ /dev/null
@@ -1,5 +0,0 @@
-server {
- listen 80;
- server_name planet.<%= name %>.org;
- root /srv/planet/<%= name %>;
-}
diff --git a/modules/pypimirror/manifests/init.pp b/modules/pypimirror/manifests/init.pp
index fd831227cc..da0a008972 100644
--- a/modules/pypimirror/manifests/init.pp
+++ b/modules/pypimirror/manifests/init.pp
@@ -1,4 +1,4 @@
-class pypimirror ( $base_url,
+class pypimirror ( $vhost_name = $fqdn,
$log_filename = "/var/log/pypimirror.log",
$mirror_file_path = "/var/lib/pypimirror",
$pip_download = "/var/lib/pip-download",
@@ -7,16 +7,14 @@ class pypimirror ( $base_url,
$projects = [] )
{
+ include apache
include pip
+ include remove_nginx
package { 'python-yaml':
ensure => 'present'
}
- package { 'nginx':
- ensure => present,
- }
-
package { 'pip':
ensure => present,
provider => 'pip',
@@ -112,20 +110,9 @@ class pypimirror ( $base_url,
require => Cron["update_mirror"],
}
- # Setup the web server
-
- service { "nginx":
- ensure => running,
- hasrestart => true
- }
-
- file { "/etc/nginx/sites-available/default":
- ensure => present,
- content => template('pypimirror/nginx_default.erb'),
- replace => true,
- owner => "root",
- group => "root",
- require => Package["nginx"],
- notify => Service["nginx"],
+ apache::vhost { $vhost_name:
+ port => 80,
+ docroot => $mirror_file_path,
+ priority => 50,
}
}
diff --git a/modules/pypimirror/templates/nginx_default.erb b/modules/pypimirror/templates/nginx_default.erb
deleted file mode 100644
index efae989382..0000000000
--- a/modules/pypimirror/templates/nginx_default.erb
+++ /dev/null
@@ -1,9 +0,0 @@
-server {
- listen 80;
-
- index index.html index.htm;
-
- location / {
- root <%= mirror_file_path %>;
- }
-}
diff --git a/modules/remove_nginx/manifests/init.pp b/modules/remove_nginx/manifests/init.pp
new file mode 100644
index 0000000000..11e41c5d06
--- /dev/null
+++ b/modules/remove_nginx/manifests/init.pp
@@ -0,0 +1,8 @@
+class remove_nginx {
+ package { 'nginx':
+ ensure => absent,
+ }
+ file { "/etc/nginx/sites-available/default":
+ ensure => absent,
+ }
+}