Initial commit
This commit is contained in:
parent
a18af0e8b4
commit
7d1e1fb149
183
chef/cookbooks/apache2/CHANGELOG.md
Normal file
183
chef/cookbooks/apache2/CHANGELOG.md
Normal file
@ -0,0 +1,183 @@
|
||||
## v1.7.0:
|
||||
|
||||
### Improvement
|
||||
|
||||
- [COOK-3073]: make access.log location configurable per-platform
|
||||
- [COOK-3074]: don't hardcode the error.log location in the default site config
|
||||
- [COOK-3268]: don't hardcode DocumentRoot and cgi-bin locations in `default_site`
|
||||
|
||||
### New Feature
|
||||
|
||||
- [COOK-3184]: Add `mod_filter` recipe to Apache2-cookbook
|
||||
- [COOK-3236]: Add `mod_action` recipe to Apache2-cookbook
|
||||
|
||||
## v1.6.6:
|
||||
|
||||
1.6.4 had a missed step in the automated release, long live 1.6.6.
|
||||
|
||||
### Bug
|
||||
|
||||
- [COOK-3018]: apache2_module does duplicate delayed restart of
|
||||
apache2 service when conf = true
|
||||
- [COOK-3027]: Default site enable true, then false, does not disable
|
||||
default site
|
||||
- [COOK-3109]: fix apache lib_dir arch attribute regexp
|
||||
|
||||
## v1.6.2
|
||||
|
||||
* [COOK-2535] - `mod_auth_openid` requires libtool to run autogen.sh
|
||||
* [COOK-2667] - Typo in usage documentation
|
||||
* [COOK-2461] - `apache2::mod_auth_openid` fails on some ubuntu systems
|
||||
* [COOK-2720] - Apache2 minitest helper function `ran_recipe` is not
|
||||
portable
|
||||
|
||||
## v1.6.0:
|
||||
|
||||
* [COOK-2372] - apache2 mpm_worker: add ServerLimit attribute (default
|
||||
to 16)
|
||||
|
||||
## v1.5.0:
|
||||
|
||||
**NOTE** The `mod_auth_openid` attributes are changed. The upstream
|
||||
maintainer deprecated the older release versions, and the source
|
||||
repository has releases available at specific SHA1SUM references.
|
||||
The new attribute, `node['apache']['mod_auth_openid']['ref']` is
|
||||
used to set this.
|
||||
|
||||
* [COOK-2198] - `apache::mod_auth_openid` compiles from source, but
|
||||
does not install make on debian/ubuntu
|
||||
* [COOK-2224] - version conflict between cucumber and other gems
|
||||
* [COOK-2248] - `apache2::mod_php5` uses `not_if` "which php" without
|
||||
ensuring package 'which' is installed
|
||||
* [COOK-2269] - Set allow list for mod_status incase external monitor scripts need
|
||||
* [COOK-2276] - cookbook apache2 documentation regarding listening
|
||||
ports doesn't match default attributes
|
||||
* [COOK-2296] - `mod_auth_openid` doesn't have tags/releases for the
|
||||
version I need for features and fixes
|
||||
* [COOK-2323] - Add Oracle linux support
|
||||
|
||||
## v1.4.2:
|
||||
|
||||
* [COOK-1721] - fix logrotate recipe
|
||||
|
||||
## v1.4.0:
|
||||
|
||||
* [COOK-1456] - iptables enhancements
|
||||
* [COOK-1473] - apache2 does not disable default site when setting
|
||||
"`default_site_enabled`" back to false
|
||||
* [COOK-1824] - the apache2 cookbook needs to specify which binary is
|
||||
used on rhel platform
|
||||
* [COOK-1916] - Download location wrong for apache2 `mod_auth_openid`
|
||||
>= 0.7
|
||||
* [COOK-1917] - Improve `mod_auth_openid` recipe to handle module
|
||||
upgrade more gracefully
|
||||
* [COOK-2029] - apache2 restarts on every run on RHEL and friends,
|
||||
generate-module-list on every run.
|
||||
* [COOK-2036] - apache2: Cookbook style
|
||||
|
||||
## v1.3.2:
|
||||
|
||||
* [COOK-1804] - fix `web_app` definition parameter so site can be
|
||||
disabled.
|
||||
|
||||
## v1.3.0:
|
||||
|
||||
* [COOK-1738] - Better configuration for `mod_include` and some
|
||||
overrides in `web_app` definition
|
||||
* [COOK-1470] - Change SSL Ciphers to Mitigate BEAST attack
|
||||
|
||||
## v1.2.0:
|
||||
|
||||
* [COOK-692] - delete package conf.d files in module recipes, for EL
|
||||
* [COOK-1693] - Foodcritic finding for unnecessary string interpolation
|
||||
* [COOK-1757] - platform_family and better style / usage practices
|
||||
|
||||
## v1.1.16:
|
||||
|
||||
re-releasing as .16 due to error on tag 1.1.14
|
||||
|
||||
* [COOK-1466] - add `mod_auth_cas` recipe
|
||||
* [COOK-1609] - apache2 changes ports.conf twice per run when using
|
||||
apache2::mod_ssl
|
||||
|
||||
## v1.1.12:
|
||||
|
||||
* [COOK-1436] - restore apache2 web_app definition
|
||||
* [COOK-1356] - allow ExtendedStatus via attribute
|
||||
* [COOK-1403] - add mod_fastcgi recipe
|
||||
|
||||
## v1.1.10:
|
||||
|
||||
* [COOK-1315] - allow the default site to not be enabled
|
||||
* [COOK-1328] - cookbook tests (minitest, cucumber)
|
||||
|
||||
## v1.1.8:
|
||||
|
||||
* Some platforms with minimal installations that don't have perl won't
|
||||
have a `node['languages']['perl']` attribute, so remove the
|
||||
conditional and rely on the power of idempotence in the package
|
||||
resource.
|
||||
* [COOK-1214] - address foodcritic warnings
|
||||
* [COOK-1180] - add `mod_logio` and fix `mod_proxy`
|
||||
|
||||
## v1.1.6:
|
||||
|
||||
FreeBSD users: This release requires the `freebsd` cookbook. See README.md.
|
||||
|
||||
* [COOK-1025] - freebsd support in mod_php5 recipe
|
||||
|
||||
## v1.1.4:
|
||||
|
||||
* [COOK-1100] - support amazon linux
|
||||
|
||||
## v1.1.2:
|
||||
|
||||
* [COOK-996] - apache2::mod_php5 can cause PHP and module API mismatches
|
||||
* [COOK-1083] - return string for v_f_p and use correct value for
|
||||
default
|
||||
|
||||
## v1.1.0:
|
||||
|
||||
* [COOK-861] - Add `mod_perl` and apreq2
|
||||
* [COOK-941] - fix `mod_auth_openid` on FreeBSD
|
||||
* [COOK-1021] - add a commented-out LoadModule directive to keep apxs happy
|
||||
* [COOK-1022] - consistency for icondir attribute
|
||||
* [COOK-1023] - fix platform test for attributes
|
||||
* [COOK-1024] - fix a2enmod script so it runs cleanly on !bash
|
||||
* [COOK-1026] - fix `error_log` location on FreeBSD
|
||||
|
||||
## v1.0.8:
|
||||
|
||||
* COOK-548 - directory resource doesn't have backup parameter
|
||||
|
||||
## v1.0.6:
|
||||
|
||||
* COOK-915 - update to `mod_auth_openid` version 0.6, see __Recipes/mod_auth_openid__ below.
|
||||
* COOK-548 - Add support for FreeBSD.
|
||||
|
||||
## v1.0.4:
|
||||
|
||||
* COOK-859 - don't hardcode module paths
|
||||
|
||||
## v1.0.2
|
||||
|
||||
* Tickets resolved in this release: COOK-788, COOK-782, COOK-780
|
||||
|
||||
## v1.0.0
|
||||
|
||||
* Red Hat family support is greatly improved, all recipes except `god_monitor` converge.
|
||||
* Recipe `mod_auth_openid` now works on RHEL family distros
|
||||
* Recipe `mod_php5` will now remove config from package on RHEL family so it doesn't conflict with the cookbook's.
|
||||
* Added `php5.conf.erb` template for `mod_php5` recipe.
|
||||
* Create the run state directory for `mod_fcgid` to prevent a startup error on RHEL version 6.
|
||||
* New attribute `node['apache']['lib_dir']` to handle lib vs lib64 on RHEL family distributions.
|
||||
* New attribute `node['apache']['group']`.
|
||||
* Scientific Linux support added.
|
||||
* Use a file resource instead of the generate-module-list executed perl script on RHEL family.
|
||||
* "default" site can now be disabled.
|
||||
* web_app now has an "enable" parameter.
|
||||
* Support for dav_fs apache module.
|
||||
* Tickets resolved in this release: COOK-754, COOK-753, COOK-665, COOK-624, COOK-579, COOK-519, COOK-518
|
||||
* Fix node references in template for a2dissite
|
||||
* Use proper user and group attributes on files and templates.
|
||||
* Replace the anemic README.rdoc with this new and improved superpowered README.md :).
|
257
chef/cookbooks/apache2/CONTRIBUTING.md
Normal file
257
chef/cookbooks/apache2/CONTRIBUTING.md
Normal file
@ -0,0 +1,257 @@
|
||||
# Contributing to Opscode Cookbooks
|
||||
|
||||
We are glad you want to contribute to Opscode Cookbooks! The first
|
||||
step is the desire to improve the project.
|
||||
|
||||
You can find the answers to additional frequently asked questions
|
||||
[on the wiki](http://wiki.opscode.com/display/chef/How+to+Contribute).
|
||||
|
||||
You can find additional information about
|
||||
[contributing to cookbooks](http://wiki.opscode.com/display/chef/How+to+Contribute+to+Opscode+Cookbooks)
|
||||
on the wiki as well.
|
||||
|
||||
## Quick-contribute
|
||||
|
||||
* Create an account on our [bug tracker](http://tickets.opscode.com)
|
||||
* Sign our contributor agreement (CLA)
|
||||
[ online](https://secure.echosign.com/public/hostedForm?formid=PJIF5694K6L)
|
||||
(keep reading if you're contributing on behalf of your employer)
|
||||
* Create a ticket for your change on the
|
||||
[bug tracker](http://tickets.opscode.com)
|
||||
* Link to your patch as a rebased git branch or pull request from the
|
||||
ticket
|
||||
* Resolve the ticket as fixed
|
||||
|
||||
We regularly review contributions and will get back to you if we have
|
||||
any suggestions or concerns.
|
||||
|
||||
## The Apache License and the CLA/CCLA
|
||||
|
||||
Licensing is very important to open source projects, it helps ensure
|
||||
the software continues to be available under the terms that the author
|
||||
desired. Chef uses the Apache 2.0 license to strike a balance between
|
||||
open contribution and allowing you to use the software however you
|
||||
would like to.
|
||||
|
||||
The license tells you what rights you have that are provided by the
|
||||
copyright holder. It is important that the contributor fully
|
||||
understands what rights they are licensing and agrees to them.
|
||||
Sometimes the copyright holder isn't the contributor, most often when
|
||||
the contributor is doing work for a company.
|
||||
|
||||
To make a good faith effort to ensure these criteria are met, Opscode
|
||||
requires a Contributor License Agreement (CLA) or a Corporate
|
||||
Contributor License Agreement (CCLA) for all contributions. This is
|
||||
without exception due to some matters not being related to copyright
|
||||
and to avoid having to continually check with our lawyers about small
|
||||
patches.
|
||||
|
||||
It only takes a few minutes to complete a CLA, and you retain the
|
||||
copyright to your contribution.
|
||||
|
||||
You can complete our contributor agreement (CLA)
|
||||
[ online](https://secure.echosign.com/public/hostedForm?formid=PJIF5694K6L).
|
||||
If you're contributing on behalf of your employer, have your employer
|
||||
fill out our
|
||||
[Corporate CLA](https://secure.echosign.com/public/hostedForm?formid=PIE6C7AX856)
|
||||
instead.
|
||||
|
||||
## Ticket Tracker (JIRA)
|
||||
|
||||
The [ticket tracker](http://tickets.opscode.com) is the most important
|
||||
documentation for the code base. It provides significant historical
|
||||
information, such as:
|
||||
|
||||
* Which release a bug fix is included in
|
||||
* Discussion regarding the design and merits of features
|
||||
* Error output to aid in finding similar bugs
|
||||
|
||||
Each ticket should aim to fix one bug or add one feature.
|
||||
|
||||
## Using git
|
||||
|
||||
You can get a quick copy of the repository for this cookbook by
|
||||
running `git clone
|
||||
git://github.com/opscode-coobkooks/COOKBOOKNAME.git`.
|
||||
|
||||
For collaboration purposes, it is best if you create a Github account
|
||||
and fork the repository to your own account. Once you do this you will
|
||||
be able to push your changes to your Github repository for others to
|
||||
see and use.
|
||||
|
||||
If you have another repository in your GitHub account named the same
|
||||
as the cookbook, we suggest you suffix the repository with -cookbook.
|
||||
|
||||
### Branches and Commits
|
||||
|
||||
You should submit your patch as a git branch named after the ticket,
|
||||
such as COOK-1337. This is called a _topic branch_ and allows users to
|
||||
associate a branch of code with the ticket.
|
||||
|
||||
It is a best practice to have your commit message have a _summary
|
||||
line_ that includes the ticket number, followed by an empty line and
|
||||
then a brief description of the commit. This also helps other
|
||||
contributors understand the purpose of changes to the code.
|
||||
|
||||
[COOK-1757] - platform_family and style
|
||||
|
||||
* use platform_family for platform checking
|
||||
* update notifies syntax to "resource_type[resource_name]" instead of
|
||||
resources() lookup
|
||||
* COOK-692 - delete config files dropped off by packages in conf.d
|
||||
* dropped debian 4 support because all other platforms have the same
|
||||
values, and it is older than "old stable" debian release
|
||||
|
||||
Remember that not all users use Chef in the same way or on the same
|
||||
operating systems as you, so it is helpful to be clear about your use
|
||||
case and change so they can understand it even when it doesn't apply
|
||||
to them.
|
||||
|
||||
### Github and Pull Requests
|
||||
|
||||
All of Opscode's open source cookbook projects are available on
|
||||
[Github](http://www.github.com/opscode-cookbooks).
|
||||
|
||||
We don't require you to use Github, and we will even take patch diffs
|
||||
attached to tickets on the tracker. However Github has a lot of
|
||||
convenient features, such as being able to see a diff of changes
|
||||
between a pull request and the main repository quickly without
|
||||
downloading the branch.
|
||||
|
||||
If you do choose to use a pull request, please provide a link to the
|
||||
pull request from the ticket __and__ a link to the ticket from the
|
||||
pull request. Because pull requests only have two states, open and
|
||||
closed, we can't easily filter pull requests that are waiting for a
|
||||
reply from the author for various reasons.
|
||||
|
||||
### More information
|
||||
|
||||
Additional help with git is available on the
|
||||
[Working with Git](http://wiki.opscode.com/display/chef/Working+with+Git)
|
||||
wiki page.
|
||||
|
||||
## Functional and Unit Tests
|
||||
|
||||
This cookbook is set up to run tests under
|
||||
[Opscode's test-kitchen](https://github.com/opscode/test-kitchen). It
|
||||
uses minitest-chef to run integration tests after the node has been
|
||||
converged to verify that the state of the node.
|
||||
|
||||
Test kitchen should run completely without exception using the default
|
||||
[baseboxes provided by Opscode](https://github.com/opscode/bento).
|
||||
Because Test Kitchen creates VirtualBox machines and runs through
|
||||
every configuration in the Kitchenfile, it may take some time for
|
||||
these tests to complete.
|
||||
|
||||
If your changes are only for a specific recipe, run only its
|
||||
configuration with Test Kitchen. If you are adding a new recipe, or
|
||||
other functionality such as a LWRP or definition, please add
|
||||
appropriate tests and ensure they run with Test Kitchen.
|
||||
|
||||
If any don't pass, investigate them before submitting your patch.
|
||||
|
||||
Any new feature should have unit tests included with the patch with
|
||||
good code coverage to help protect it from future changes. Similarly,
|
||||
patches that fix a bug or regression should have a _regression test_.
|
||||
Simply put, this is a test that would fail without your patch but
|
||||
passes with it. The goal is to ensure this bug doesn't regress in the
|
||||
future. Consider a regular expression that doesn't match a certain
|
||||
pattern that it should, so you provide a patch and a test to ensure
|
||||
that the part of the code that uses this regular expression works as
|
||||
expected. Later another contributor may modify this regular expression
|
||||
in a way that breaks your use cases. The test you wrote will fail,
|
||||
signalling to them to research your ticket and use case and accounting
|
||||
for it.
|
||||
|
||||
If you need help writing tests, please ask on the Chef Developer's
|
||||
mailing list, or the #chef-hacking IRC channel.
|
||||
|
||||
## Code Review
|
||||
|
||||
Opscode regularly reviews code contributions and provides suggestions
|
||||
for improvement in the code itself or the implementation.
|
||||
|
||||
We find contributions by searching the ticket tracker for _resolved_
|
||||
tickets with a status of _fixed_. If we have feedback we will reopen
|
||||
the ticket and you should resolve it again when you've made the
|
||||
changes or have a response to our feedback. When we believe the patch
|
||||
is ready to be merged, we will tag the _Code Reviewed_ field with
|
||||
_Reviewed_.
|
||||
|
||||
Depending on the project, these tickets are then merged within a week
|
||||
or two, depending on the current release cycle.
|
||||
|
||||
## Release Cycle
|
||||
|
||||
The versioning for Opscode Cookbook projects is X.Y.Z.
|
||||
|
||||
* X is a major release, which may not be fully compatible with prior
|
||||
major releases
|
||||
* Y is a minor release, which adds both new features and bug fixes
|
||||
* Z is a patch release, which adds just bug fixes
|
||||
|
||||
A released version of a cookbook will end in an even number, e.g.
|
||||
"1.2.4" or "0.8.0". When development for the next version of the
|
||||
cookbook begins, the "Z" patch number is incremented to the next odd
|
||||
number, however the next release of the cookbook may be a major or
|
||||
minor incrementing version.
|
||||
|
||||
Releases of Opscode's cookbooks are usually announced on the Chef user
|
||||
mailing list. Releases of several cookbooks may be batched together
|
||||
and announced on the [Opscode Blog](http://www.opscode.com/blog).
|
||||
|
||||
## Working with the community
|
||||
|
||||
These resources will help you learn more about Chef and connect to
|
||||
other members of the Chef community:
|
||||
|
||||
* [chef](http://lists.opscode.com/sympa/info/chef) and
|
||||
[chef-dev](http://lists.opscode.com/sympa/info/chef-dev) mailing
|
||||
lists
|
||||
* #chef and #chef-hacking IRC channels on irc.freenode.net
|
||||
* [Community Cookbook site](http://community.opscode.com)
|
||||
* [Chef wiki](http://wiki.opscode.com/display/chef)
|
||||
* Opscode Chef [product page](http://www.opscode.com/chef)
|
||||
|
||||
|
||||
## Cookbook Contribution Do's and Don't's
|
||||
|
||||
Please do include tests for your contribution. If you need help, ask
|
||||
on the
|
||||
[chef-dev mailing list](http://lists.opscode.com/sympa/info/chef-dev)
|
||||
or the
|
||||
[#chef-hacking IRC channel](http://community.opscode.com/chat/chef-hacking).
|
||||
Not all platforms that a cookbook supports may be supported by Test
|
||||
Kitchen. Please provide evidence of testing your contribution if it
|
||||
isn't trivial so we don't have to duplicate effort in testing. Chef
|
||||
10.14+ "doc" formatted output is sufficient.
|
||||
|
||||
Please do indicate new platform (families) or platform versions in the
|
||||
commit message, and update the relevant ticket.
|
||||
|
||||
If a contribution adds new platforms or platform versions, indicate
|
||||
such in the body of the commit message(s), and update the relevant
|
||||
COOK ticket. When writing commit messages, it is helpful for others if
|
||||
you indicate the COOK ticket. For example:
|
||||
|
||||
git commit -m '[COOK-1041] - Updated pool resource to correctly
|
||||
delete.'
|
||||
|
||||
Please do use [foodcritic](http://acrmp.github.com/foodcritic) to
|
||||
lint-check the cookbook. Except FC007, it should pass all correctness
|
||||
rules. FC007 is okay as long as the dependent cookbooks are *required*
|
||||
for the default behavior of the cookbook, such as to support an
|
||||
uncommon platform, secondary recipe, etc.
|
||||
|
||||
Please do ensure that your changes do not break or modify behavior for
|
||||
other platforms supported by the cookbook. For example if your changes
|
||||
are for Debian, make sure that they do not break on CentOS.
|
||||
|
||||
Please do not modify the version number in the metadata.rb, Opscode
|
||||
will select the appropriate version based on the release cycle
|
||||
information above.
|
||||
|
||||
Please do not update the CHANGELOG.md for a new version. Not all
|
||||
changes to a cookbook may be merged and released in the same versions.
|
||||
Opscode will update the CHANGELOG.md when releasing a new version of
|
||||
the cookbook.
|
10
chef/cookbooks/apache2/Gemfile
Normal file
10
chef/cookbooks/apache2/Gemfile
Normal file
@ -0,0 +1,10 @@
|
||||
source "https://rubygems.org"
|
||||
|
||||
gem 'cucumber', '~> 1.2.0'
|
||||
gem 'httparty', '~> 0.8.3'
|
||||
gem 'minitest', '~> 3.0.0'
|
||||
gem 'nokogiri', '~> 1.5.0'
|
||||
|
||||
group :kitchen do
|
||||
gem 'test-kitchen', '< 1.0'
|
||||
end
|
201
chef/cookbooks/apache2/LICENSE
Normal file
201
chef/cookbooks/apache2/LICENSE
Normal file
@ -0,0 +1,201 @@
|
||||
Apache License
|
||||
Version 2.0, January 2004
|
||||
http://www.apache.org/licenses/
|
||||
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||
|
||||
1. Definitions.
|
||||
|
||||
"License" shall mean the terms and conditions for use, reproduction,
|
||||
and distribution as defined by Sections 1 through 9 of this document.
|
||||
|
||||
"Licensor" shall mean the copyright owner or entity authorized by
|
||||
the copyright owner that is granting the License.
|
||||
|
||||
"Legal Entity" shall mean the union of the acting entity and all
|
||||
other entities that control, are controlled by, or are under common
|
||||
control with that entity. For the purposes of this definition,
|
||||
"control" means (i) the power, direct or indirect, to cause the
|
||||
direction or management of such entity, whether by contract or
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||
|
||||
"You" (or "Your") shall mean an individual or Legal Entity
|
||||
exercising permissions granted by this License.
|
||||
|
||||
"Source" form shall mean the preferred form for making modifications,
|
||||
including but not limited to software source code, documentation
|
||||
source, and configuration files.
|
||||
|
||||
"Object" form shall mean any form resulting from mechanical
|
||||
transformation or translation of a Source form, including but
|
||||
not limited to compiled object code, generated documentation,
|
||||
and conversions to other media types.
|
||||
|
||||
"Work" shall mean the work of authorship, whether in Source or
|
||||
Object form, made available under the License, as indicated by a
|
||||
copyright notice that is included in or attached to the work
|
||||
(an example is provided in the Appendix below).
|
||||
|
||||
"Derivative Works" shall mean any work, whether in Source or Object
|
||||
form, that is based on (or derived from) the Work and for which the
|
||||
editorial revisions, annotations, elaborations, or other modifications
|
||||
represent, as a whole, an original work of authorship. For the purposes
|
||||
of this License, Derivative Works shall not include works that remain
|
||||
separable from, or merely link (or bind by name) to the interfaces of,
|
||||
the Work and Derivative Works thereof.
|
||||
|
||||
"Contribution" shall mean any work of authorship, including
|
||||
the original version of the Work and any modifications or additions
|
||||
to that Work or Derivative Works thereof, that is intentionally
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||
or by an individual or Legal Entity authorized to submit on behalf of
|
||||
the copyright owner. For the purposes of this definition, "submitted"
|
||||
means any form of electronic, verbal, or written communication sent
|
||||
to the Licensor or its representatives, including but not limited to
|
||||
communication on electronic mailing lists, source code control systems,
|
||||
and issue tracking systems that are managed by, or on behalf of, the
|
||||
Licensor for the purpose of discussing and improving the Work, but
|
||||
excluding communication that is conspicuously marked or otherwise
|
||||
designated in writing by the copyright owner as "Not a Contribution."
|
||||
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||
on behalf of whom a Contribution has been received by Licensor and
|
||||
subsequently incorporated within the Work.
|
||||
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
copyright license to reproduce, prepare Derivative Works of,
|
||||
publicly display, publicly perform, sublicense, and distribute the
|
||||
Work and such Derivative Works in Source or Object form.
|
||||
|
||||
3. Grant of Patent License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
(except as stated in this section) patent license to make, have made,
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||
where such license applies only to those patent claims licensable
|
||||
by such Contributor that are necessarily infringed by their
|
||||
Contribution(s) alone or by combination of their Contribution(s)
|
||||
with the Work to which such Contribution(s) was submitted. If You
|
||||
institute patent litigation against any entity (including a
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||
or a Contribution incorporated within the Work constitutes direct
|
||||
or contributory patent infringement, then any patent licenses
|
||||
granted to You under this License for that Work shall terminate
|
||||
as of the date such litigation is filed.
|
||||
|
||||
4. Redistribution. You may reproduce and distribute copies of the
|
||||
Work or Derivative Works thereof in any medium, with or without
|
||||
modifications, and in Source or Object form, provided that You
|
||||
meet the following conditions:
|
||||
|
||||
(a) You must give any other recipients of the Work or
|
||||
Derivative Works a copy of this License; and
|
||||
|
||||
(b) You must cause any modified files to carry prominent notices
|
||||
stating that You changed the files; and
|
||||
|
||||
(c) You must retain, in the Source form of any Derivative Works
|
||||
that You distribute, all copyright, patent, trademark, and
|
||||
attribution notices from the Source form of the Work,
|
||||
excluding those notices that do not pertain to any part of
|
||||
the Derivative Works; and
|
||||
|
||||
(d) If the Work includes a "NOTICE" text file as part of its
|
||||
distribution, then any Derivative Works that You distribute must
|
||||
include a readable copy of the attribution notices contained
|
||||
within such NOTICE file, excluding those notices that do not
|
||||
pertain to any part of the Derivative Works, in at least one
|
||||
of the following places: within a NOTICE text file distributed
|
||||
as part of the Derivative Works; within the Source form or
|
||||
documentation, if provided along with the Derivative Works; or,
|
||||
within a display generated by the Derivative Works, if and
|
||||
wherever such third-party notices normally appear. The contents
|
||||
of the NOTICE file are for informational purposes only and
|
||||
do not modify the License. You may add Your own attribution
|
||||
notices within Derivative Works that You distribute, alongside
|
||||
or as an addendum to the NOTICE text from the Work, provided
|
||||
that such additional attribution notices cannot be construed
|
||||
as modifying the License.
|
||||
|
||||
You may add Your own copyright statement to Your modifications and
|
||||
may provide additional or different license terms and conditions
|
||||
for use, reproduction, or distribution of Your modifications, or
|
||||
for any such Derivative Works as a whole, provided Your use,
|
||||
reproduction, and distribution of the Work otherwise complies with
|
||||
the conditions stated in this License.
|
||||
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||
any Contribution intentionally submitted for inclusion in the Work
|
||||
by You to the Licensor shall be under the terms and conditions of
|
||||
this License, without any additional terms or conditions.
|
||||
Notwithstanding the above, nothing herein shall supersede or modify
|
||||
the terms of any separate license agreement you may have executed
|
||||
with Licensor regarding such Contributions.
|
||||
|
||||
6. Trademarks. This License does not grant permission to use the trade
|
||||
names, trademarks, service marks, or product names of the Licensor,
|
||||
except as required for reasonable and customary use in describing the
|
||||
origin of the Work and reproducing the content of the NOTICE file.
|
||||
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||
agreed to in writing, Licensor provides the Work (and each
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
implied, including, without limitation, any warranties or conditions
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||
appropriateness of using or redistributing the Work and assume any
|
||||
risks associated with Your exercise of permissions under this License.
|
||||
|
||||
8. Limitation of Liability. In no event and under no legal theory,
|
||||
whether in tort (including negligence), contract, or otherwise,
|
||||
unless required by applicable law (such as deliberate and grossly
|
||||
negligent acts) or agreed to in writing, shall any Contributor be
|
||||
liable to You for damages, including any direct, indirect, special,
|
||||
incidental, or consequential damages of any character arising as a
|
||||
result of this License or out of the use or inability to use the
|
||||
Work (including but not limited to damages for loss of goodwill,
|
||||
work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses), even if such Contributor
|
||||
has been advised of the possibility of such damages.
|
||||
|
||||
9. Accepting Warranty or Additional Liability. While redistributing
|
||||
the Work or Derivative Works thereof, You may choose to offer,
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||
or other liability obligations and/or rights consistent with this
|
||||
License. However, in accepting such obligations, You may act only
|
||||
on Your own behalf and on Your sole responsibility, not on behalf
|
||||
of any other Contributor, and only if You agree to indemnify,
|
||||
defend, and hold each Contributor harmless for any liability
|
||||
incurred by, or claims asserted against, such Contributor by reason
|
||||
of your accepting any such warranty or additional liability.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
APPENDIX: How to apply the Apache License to your work.
|
||||
|
||||
To apply the Apache License to your work, attach the following
|
||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
||||
replaced with your own identifying information. (Don't include
|
||||
the brackets!) The text should be enclosed in the appropriate
|
||||
comment syntax for the file format. We also recommend that a
|
||||
file or class name and description of purpose be included on the
|
||||
same "printed page" as the copyright notice for easier
|
||||
identification within third-party archives.
|
||||
|
||||
Copyright [yyyy] [name of copyright owner]
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
583
chef/cookbooks/apache2/README.md
Normal file
583
chef/cookbooks/apache2/README.md
Normal file
@ -0,0 +1,583 @@
|
||||
Description
|
||||
===========
|
||||
|
||||
This cookbook provides a complete Debian/Ubuntu style Apache HTTPD
|
||||
configuration. Non-Debian based distributions such as Red Hat/CentOS,
|
||||
ArchLinux and others supported by this cookbook will have a
|
||||
configuration that mimics Debian/Ubuntu style as it is easier to
|
||||
manage with Chef.
|
||||
|
||||
Debian-style Apache configuration uses scripts to manage modules and
|
||||
sites (vhosts). The scripts are:
|
||||
|
||||
* a2ensite
|
||||
* a2dissite
|
||||
* a2enmod
|
||||
* a2dismod
|
||||
|
||||
This cookbook ships with templates of these scripts for non
|
||||
Debian/Ubuntu platforms. The scripts are used in the __Definitions__
|
||||
below.
|
||||
|
||||
Requirements
|
||||
============
|
||||
|
||||
## Ohai and Chef:
|
||||
|
||||
* Ohai: 0.6.12+
|
||||
* Chef: 0.10.10+
|
||||
|
||||
As of v1.2.0, this cookbook makes use of `node['platform_family']` to
|
||||
simplify platform selection logic. This attribute was introduced in
|
||||
Ohai v0.6.12. The recipe methods were introduced in Chef v0.10.10. If
|
||||
you must run an older version of Chef or Ohai, use [version 1.1.16 of
|
||||
this cookbook](http://community.opscode.com/cookbooks/apache2/versions/1_1_16/downloads).
|
||||
|
||||
## Cookbooks:
|
||||
|
||||
This cookbook doesn't have direct dependencies on other cookbooks, as
|
||||
none are needed for the default recipe or the general use cases.
|
||||
|
||||
Depending on your OS configuration and security policy, you may need
|
||||
additional recipes or cookbooks for this cookbook's recipes to
|
||||
converge on the node. In particular, the following Operating System
|
||||
settings may affect the behavior of this cookbook:
|
||||
|
||||
* apt cache outdated
|
||||
* SELinux enabled
|
||||
* IPtables
|
||||
* Compile tools
|
||||
* 3rd party repositories
|
||||
|
||||
On Ubuntu/Debian, use Opscode's `apt` cookbook to ensure the package
|
||||
cache is updated so Chef can install packages, or consider putting
|
||||
apt-get in your bootstrap process or
|
||||
[knife bootstrap template](http://wiki.opscode.com/display/chef/Knife+Bootstrap).
|
||||
|
||||
On RHEL, SELinux is enabled by default. The `selinux` cookbook
|
||||
contains a `permissive` recipe that can be used to set SELinux to
|
||||
"Permissive" state. Otherwise, additional recipes need to be created
|
||||
by the user to address SELinux permissions.
|
||||
|
||||
The easiest but **certainly not ideal way** to deal with IPtables is
|
||||
to flush all rules. Opscode does provide an `iptables` cookbook but is
|
||||
migrating from the approach used there to a more robust solution
|
||||
utilizing a general "firewall" LWRP that would have an "iptables"
|
||||
provider. Alternately, you can use ufw, with Opscode's `ufw` and
|
||||
`firewall` cookbooks to set up rules. See those cookbooks' READMEs for
|
||||
documentation.
|
||||
|
||||
Build/compile tools may not be installed on the system by default.
|
||||
Some recipes (e.g., `apache2::mod_auth_openid`) build the module from
|
||||
source. Use Opscode's `build-essential` cookbook to get essential
|
||||
build packages installed.
|
||||
|
||||
On ArchLinux, if you are using the `apache2::mod_auth_openid` recipe,
|
||||
you also need the `pacman` cookbook for the `pacman_aur` LWRP. Put
|
||||
`recipe[pacman]` on the node's expanded run list (on the node or in a
|
||||
role). This is not an explicit dependency because it is only required
|
||||
for this single recipe and platform; the pacman default recipe
|
||||
performs `pacman -Sy` to keep pacman's package cache updated.
|
||||
|
||||
The `apache2::god_monitor` recipe uses a definition from the `god`
|
||||
cookbook. Include `recipe[god]` in the node's expanded run list to
|
||||
ensure that the cookbook is available to the node, and to set up `god`.
|
||||
|
||||
## Platforms:
|
||||
|
||||
The following platforms and versions are tested and supported using
|
||||
Opscode's [test-kitchen](http://github.com/opscode/test-kitchen).
|
||||
|
||||
* Ubuntu 10.04, 12.04
|
||||
* CentOS 5.8, 6.3
|
||||
|
||||
The following platform families are supported in the code, and are
|
||||
assumed to work based on the successful testing on Ubuntu and CentOS.
|
||||
|
||||
* Debian
|
||||
* Red Hat (rhel)
|
||||
* Fedora
|
||||
* Amazon Linux
|
||||
|
||||
The following platforms are also supported in the code, have been
|
||||
tested manually but are not tested under test-kitchen.
|
||||
|
||||
* SUSE/OpenSUSE
|
||||
* ArchLinux
|
||||
* FreeBSD
|
||||
|
||||
### Notes for RHEL Family:
|
||||
|
||||
On Red Hat Enterprise Linux and derivatives, the EPEL repository may
|
||||
be necessary to install packages used in certain recipes. The
|
||||
`apache2::default` recipe, however, does not require any additional
|
||||
repositories. Opscode's `yum` cookbook contains a recipe to add the
|
||||
EPEL repository. See __Examples__ for more information.
|
||||
|
||||
### Notes for FreeBSD:
|
||||
|
||||
The `apache2::mod_php5` recipe depends on the `freebsd` cookbook,
|
||||
which it uses to set the correct options for compiling the `php5` port
|
||||
from sources. You need to ensure the `freebsd` is in the expanded run
|
||||
list, or this recipe will fail. We don't set an explicit dependency
|
||||
because we feel the `freebsd` cookbook is something users would want
|
||||
on their nodes, and due to the generality of this cookbook we don't
|
||||
want additional specific dependencies.
|
||||
|
||||
Tests
|
||||
=====
|
||||
|
||||
This cookbook in the
|
||||
[source repository](https://github.com/opscode-cookbooks/apache2)
|
||||
contains minitest and cucumber tests. This is an initial proof of
|
||||
concept that will be fleshed out with more supporting infrastructure
|
||||
at a future time.
|
||||
|
||||
Please see the CONTRIBUTING file for information on how to add tests
|
||||
for your contributions.
|
||||
|
||||
Attributes
|
||||
==========
|
||||
|
||||
This cookbook uses many attributes, broken up into a few different
|
||||
kinds.
|
||||
|
||||
Platform specific
|
||||
-----------------
|
||||
|
||||
In order to support the broadest number of platforms, several
|
||||
attributes are determined based on the node's platform. See the
|
||||
attributes/default.rb file for default values in the case statement at
|
||||
the top of the file.
|
||||
|
||||
* `node['apache']['dir']` - Location for the Apache configuration
|
||||
* `node['apache']['log_dir']` - Location for Apache logs
|
||||
* `node['apache']['error_log']` - Location for the default error log
|
||||
* `node['apache']['access_log']` - Location for the default access log
|
||||
* `node['apache']['user']` - User Apache runs as
|
||||
* `node['apache']['group']` - Group Apache runs as
|
||||
* `node['apache']['binary']` - Apache httpd server daemon
|
||||
* `node['apache']['icondir']` - Location for icons
|
||||
* `node['apache']['cache_dir']` - Location for cached files used by Apache itself or recipes
|
||||
* `node['apache']['pid_file']` - Location of the PID file for Apache httpd
|
||||
* `node['apache']['lib_dir']` - Location for shared libraries
|
||||
* `node['apache']['default_site_enabled']` - Default site enabled. Defaults to true on redhat-family platforms
|
||||
* `node['apache']['ext_status']` - if true, enables ExtendedStatus for `mod_status`
|
||||
|
||||
General settings
|
||||
----------------
|
||||
|
||||
These are general settings used in recipes and templates. Default
|
||||
values are noted.
|
||||
|
||||
* `node['apache']['listen_ports']` - Ports that httpd should listen on. Default is port 80.
|
||||
* `node['apache']['contact']` - Value for ServerAdmin directive. Default "ops@example.com".
|
||||
* `node['apache']['timeout']` - Value for the Timeout directive. Default is 300.
|
||||
* `node['apache']['keepalive']` - Value for the KeepAlive directive. Default is On.
|
||||
* `node['apache']['keepaliverequests']` - Value for MaxKeepAliveRequests. Default is 100.
|
||||
* `node['apache']['keepalivetimeout']` - Value for the KeepAliveTimeout directive. Default is 5.
|
||||
* `node['apache']['default_modules']` - Array of module names. Can take "mod_FOO" or "FOO" as names, where FOO is the apache module, e.g. "`mod_status`" or "`status`".
|
||||
|
||||
The modules listed in `default_modules` will be included as recipes in `recipe[apache::default]`.
|
||||
|
||||
Prefork attributes
|
||||
------------------
|
||||
|
||||
Prefork attributes are used for tuning the Apache HTTPD prefork MPM
|
||||
configuration.
|
||||
|
||||
* `node['apache']['prefork']['startservers']` - initial number of server processes to start. Default is 16.
|
||||
* `node['apache']['prefork']['minspareservers']` - minimum number of spare server processes. Default 16.
|
||||
* `node['apache']['prefork']['maxspareservers']` - maximum number of spare server processes. Default 32.
|
||||
* `node['apache']['prefork']['serverlimit']` - upper limit on configurable server processes. Default 400.
|
||||
* `node['apache']['prefork']['maxclients']` - Maximum number of simultaneous connections.
|
||||
* `node['apache']['prefork']['maxrequestsperchild']` - Maximum number of request a child process will handle. Default 10000.
|
||||
|
||||
Worker attributes
|
||||
-----------------
|
||||
|
||||
Worker attributes are used for tuning the Apache HTTPD worker MPM
|
||||
configuration.
|
||||
|
||||
* `node['apache']['worker']['startservers']` - Initial number of server processes to start. Default 4
|
||||
* `node['apache']['worker']['serverlimit']` - upper limit on configurable server processes. Default 16.
|
||||
* `node['apache']['worker']['maxclients']` - Maximum number of simultaneous connections. Default 1024.
|
||||
* `node['apache']['worker']['minsparethreads']` - Minimum number of spare worker threads. Default 64
|
||||
* `node['apache']['worker']['maxsparethreads']` - Maximum number of spare worker threads. Default 192.
|
||||
* `node['apache']['worker']['maxrequestsperchild']` - Maximum number of requests a child process will handle.
|
||||
|
||||
mod\_auth\_openid attributes
|
||||
----------------------------
|
||||
|
||||
The following attributes are in the `attributes/mod_auth_openid.rb`
|
||||
file. Like all Chef attributes files, they are loaded as well, but
|
||||
they're logistically unrelated to the others, being specific to the
|
||||
`mod_auth_openid` recipe.
|
||||
|
||||
* `node['apache']['mod_auth_openid']['checksum']` - sha256sum of the tarball containing the source.
|
||||
* `node['apache']['mod_auth_openid']['ref']` - Any sha, tag, or branch found from https://github.com/bmuller/mod_auth_openid
|
||||
* `node['apache']['mod_auth_openid']['cache_dir']` - the cache directory is where the sqlite3 database is stored. It is separate so it can be managed as a directory resource.
|
||||
* `node['apache']['mod_auth_openid']['dblocation']` - filename of the sqlite3 database used for directive `AuthOpenIDDBLocation`, stored in the `cache_dir` by default.
|
||||
* `node['apache']['mod_auth_openid']['configure_flags']` - optional array of configure flags passed to the `./configure` step in the compilation of the module.
|
||||
|
||||
mod\_ssl attributes
|
||||
-------------------
|
||||
|
||||
* `node['apache']['mod_ssl']['cipher_suite']` - sets the
|
||||
SSLCiphersuite value to the specified string. The default is
|
||||
considered "sane" but you may need to change it for your local
|
||||
security policy, e.g. if you have PCI-DSS requirements. Additional
|
||||
commentary on the
|
||||
[original pull request](https://github.com/opscode-cookbooks/apache2/pull/15#commitcomment-1605406).
|
||||
|
||||
Recipes
|
||||
=======
|
||||
|
||||
Most of the recipes in the cookbook are for enabling Apache modules.
|
||||
Where additional configuration or behavior is used, it is documented
|
||||
below in more detail.
|
||||
|
||||
The following recipes merely enable the specified module: `mod_alias`,
|
||||
`mod_basic`, `mod_digest`, `mod_authn_file`, `mod_authnz_ldap`,
|
||||
`mod_authz_default`, `mod_authz_groupfile`, `mod_authz_host`,
|
||||
`mod_authz_user`, `mod_autoindex`, `mod_cgi`, `mod_dav_fs`,
|
||||
`mod_dav_svn`, `mod_deflate`, `mod_dir`, `mod_env`, `mod_expires`,
|
||||
`mod_headers`, `mod_ldap`, `mod_log_config`, `mod_mime`,
|
||||
`mod_negotiation`, `mod_proxy`, `mod_proxy_ajp`, `mod_proxy_balancer`,
|
||||
`mod_proxy_connect`, `mod_proxy_http`, `mod_python`, `mod_rewrite`,
|
||||
`mod_setenvif`, `mod_status`, `mod_wsgi`, `mod_xsendfile`.
|
||||
|
||||
On RHEL Family distributions, certain modules ship with a config file
|
||||
with the package. The recipes here may delete those configuration
|
||||
files to ensure they don't conflict with the settings from the
|
||||
cookbook, which will use per-module configuration in
|
||||
`/etc/httpd/mods-enabled`.
|
||||
|
||||
default
|
||||
-------
|
||||
|
||||
The default recipe does a number of things to set up Apache HTTPd. It
|
||||
also includes a number of modules based on the attribute
|
||||
`node['apache']['default_modules']` as recipes.
|
||||
|
||||
logrotate
|
||||
---------
|
||||
|
||||
Logrotate adds a logrotate entry for your apache2 logs. This recipe
|
||||
requires the `logrotate` cookbook; ensure that `recipe[logrotate]` is
|
||||
in the node's expanded run list.
|
||||
|
||||
mod\_auth\_cas
|
||||
--------------
|
||||
|
||||
This recipe installs the proper package and enables the `auth_cas`
|
||||
module. It can install from source or package. Package is the default,
|
||||
set the attribute `node['apache']['mod_auth_cas']['from_source']` to
|
||||
true to enable source installation. Modify the version to install by
|
||||
changing the attribute
|
||||
`node['apache']['mod_auth_cas']['source_revision']`. It is a version
|
||||
tag by default, but could be master, or another tag, or branch.
|
||||
|
||||
The module configuration is written out with the `CASCookiePath` set,
|
||||
otherwise an error loading the module may cause Apache to not start.
|
||||
|
||||
**Note**: This recipe does not work on EL 6 platforms unless
|
||||
epel-testing repository is enabled (outside the scope of this
|
||||
cookbook), or the package version 1.0.8.1-3.el6 or higher is otherwise
|
||||
available to the system due to this bug:
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=708550
|
||||
|
||||
mod\_auth\_openid
|
||||
-----------------
|
||||
|
||||
**Changed via COOK-915**
|
||||
|
||||
This recipe compiles the module from source. In addition to
|
||||
`build-essential`, some other packages are included for installation
|
||||
like the GNU C++ compiler and development headers.
|
||||
|
||||
To use the module in your own cookbooks to authenticate systems using
|
||||
OpenIDs, specify an array of OpenIDs that are allowed to authenticate
|
||||
with the attribute `node['apache']['allowed_openids']`. Use the
|
||||
following in a vhost to protect with OpenID authentication:
|
||||
|
||||
AuthType OpenID require user <%= node['apache']['allowed_openids'].join(' ') %>
|
||||
AuthOpenIDDBLocation <%= node['apache']['mod_auth_openid']['dblocation'] %>
|
||||
|
||||
Change the DBLocation with the attribute as required; this file is in
|
||||
a different location than previous versions, see below. It should be a
|
||||
sane default for most platforms, though, see
|
||||
`attributes/mod_auth_openid.rb`.
|
||||
|
||||
### Changes from COOK-915:
|
||||
|
||||
* `AuthType OpenID` instead of `AuthOpenIDEnabled On`.
|
||||
* `require user` instead of `AuthOpenIDUserProgram`.
|
||||
* A bug(?) in `mod_auth_openid` causes it to segfault when attempting
|
||||
to update the database file if the containing directory is not
|
||||
writable by the HTTPD process owner (e.g., www-data), even if the
|
||||
file is writable. In order to not interfere with other settings from
|
||||
the default recipe in this cookbook, the db file is moved.
|
||||
|
||||
mod\_fastcgi
|
||||
------------
|
||||
|
||||
Install the fastcgi package and enable the module.
|
||||
|
||||
Only work on Debian/Ubuntu
|
||||
|
||||
mod\_fcgid
|
||||
----------
|
||||
|
||||
Installs the fcgi package and enables the module. Requires EPEL on
|
||||
RHEL family.
|
||||
|
||||
On RHEL family, this recipe will delete the fcgid.conf and on version
|
||||
6+, create the /var/run/httpd/mod_fcgid` directory, which prevents the
|
||||
emergency error:
|
||||
|
||||
[emerg] (2)No such file or directory: mod_fcgid: Can't create shared memory for size XX bytes
|
||||
|
||||
mod\_php5
|
||||
--------
|
||||
|
||||
Simply installs the appropriate package on Debian, Ubuntu and
|
||||
ArchLinux.
|
||||
|
||||
On Red Hat family distributions including Fedora, the php.conf that
|
||||
comes with the package is removed. On RHEL platforms less than v6, the
|
||||
`php53` package is used.
|
||||
|
||||
mod\_ssl
|
||||
--------
|
||||
|
||||
Besides installing and enabling `mod_ssl`, this recipe will append
|
||||
port 443 to the `node['apache']['listen_ports']` attribute array and
|
||||
update the ports.conf.
|
||||
|
||||
god\_monitor
|
||||
------------
|
||||
|
||||
Sets up a `god` monitor for Apache. External requirements are the
|
||||
`god` and `runit` cookbooks from Opscode. When using this recipe,
|
||||
include `recipe[god]` in the node's expanded run list to ensure the
|
||||
client downloads it; `god` depends on runit so that will also be
|
||||
downloaded.
|
||||
|
||||
**Note** This recipe is not tested under test-kitchen yet and is
|
||||
pending fix in COOK-744.
|
||||
|
||||
Definitions
|
||||
===========
|
||||
|
||||
The cookbook provides a few definitions. At some point in the future
|
||||
these definitions may be refactored into lightweight resources and
|
||||
providers as suggested by
|
||||
[foodcritic rule FC015](http://acrmp.github.com/foodcritic/#FC015).
|
||||
|
||||
apache\_conf
|
||||
------------
|
||||
|
||||
Sets up configuration file for an Apache module from a template. The
|
||||
template should be in the same cookbook where the definition is used.
|
||||
This is used by the `apache_module` definition and is not often used
|
||||
directly.
|
||||
|
||||
This will use a template resource to write the module's configuration
|
||||
file in the `mods-available` under the Apache configuration directory
|
||||
(`node['apache']['dir']`). This is a platform-dependent location. See
|
||||
__apache\_module__.
|
||||
|
||||
### Parameters:
|
||||
|
||||
* `name` - Name of the template. When used from the `apache_module`,
|
||||
it will use the same name as the module.
|
||||
|
||||
### Examples:
|
||||
|
||||
Create `#{node['apache']['dir']}/mods-available/alias.conf`.
|
||||
|
||||
apache_conf "alias"
|
||||
|
||||
apache\_module
|
||||
--------------
|
||||
|
||||
Enable or disable an Apache module in
|
||||
`#{node['apache']['dir']}/mods-available` by calling `a2enmod` or
|
||||
`a2dismod` to manage the symbolic link in
|
||||
`#{node['apache']['dir']}/mods-enabled`. If the module has a
|
||||
configuration file, a template should be created in the cookbook where
|
||||
the definition is used. See __Examples__.
|
||||
|
||||
### Parameters:
|
||||
|
||||
* `name` - Name of the module enabled or disabled with the `a2enmod` or `a2dismod` scripts.
|
||||
* `enable` - Default true, which uses `a2enmod` to enable the module. If false, the module will be disabled with `a2dismod`.
|
||||
* `conf` - Default false. Set to true if the module has a config file, which will use `apache_conf` for the file.
|
||||
* `filename` - specify the full name of the file, e.g.
|
||||
|
||||
### Examples:
|
||||
|
||||
Enable the ssl module, which also has a configuration template in `templates/default/ssl.conf.erb`.
|
||||
|
||||
apache_module "ssl" do
|
||||
conf true
|
||||
end
|
||||
|
||||
Enable the php5 module, which has a different filename than the module default:
|
||||
|
||||
apache_module "php5" do
|
||||
filename "libphp5.so"
|
||||
end
|
||||
|
||||
Disable a module:
|
||||
|
||||
apache_module "disabled_module" do
|
||||
enable false
|
||||
end
|
||||
|
||||
See the recipes directory for many more examples of `apache_module`.
|
||||
|
||||
apache\_site
|
||||
------------
|
||||
|
||||
Enable or disable a VirtualHost in
|
||||
`#{node['apache']['dir']}/sites-available` by calling a2ensite or
|
||||
a2dissite to manage the symbolic link in
|
||||
`#{node['apache']['dir']}/sites-enabled`.
|
||||
|
||||
The template for the site must be managed as a separate resource. To
|
||||
combine the template with enabling a site, see `web_app`.
|
||||
|
||||
### Parameters:
|
||||
|
||||
* `name` - Name of the site.
|
||||
* `enable` - Default true, which uses `a2ensite` to enable the site. If false, the site will be disabled with `a2dissite`.
|
||||
|
||||
web\_app
|
||||
--------
|
||||
|
||||
Manage a template resource for a VirtualHost site, and enable it with
|
||||
`apache_site`. This is commonly done for managing web applications
|
||||
such as Ruby on Rails, PHP or Django, and the default behavior
|
||||
reflects that. However it is flexible.
|
||||
|
||||
This definition includes some recipes to make sure the system is
|
||||
configured to have Apache and some sane default modules:
|
||||
|
||||
* `apache2`
|
||||
* `apache2::mod_rewrite`
|
||||
* `apache2::mod_deflate`
|
||||
* `apache2::mod_headers`
|
||||
|
||||
It will then configure the template (see __Parameters__ and
|
||||
__Examples__ below), and enable or disable the site per the `enable`
|
||||
parameter.
|
||||
|
||||
### Parameters:
|
||||
|
||||
Current parameters used by the definition:
|
||||
|
||||
* `name` - The name of the site. The template will be written to
|
||||
`#{node['apache']['dir']}/sites-available/#{params['name']}.conf`
|
||||
* `cookbook` - Optional. Cookbook where the source template is. If
|
||||
this is not defined, Chef will use the named template in the
|
||||
cookbook where the definition is used.
|
||||
* `template` - Default `web_app.conf.erb`, source template file.
|
||||
* `enable` - Default true. Passed to the `apache_site` definition.
|
||||
|
||||
Additional parameters can be defined when the definition is called in
|
||||
a recipe, see __Examples__.
|
||||
|
||||
### Examples:
|
||||
|
||||
All parameters are passed into the template. You can use whatever you
|
||||
like. The apache2 cookbook comes with a `web_app.conf.erb` template as
|
||||
an example. The following parameters are used in the template:
|
||||
|
||||
* `server_name` - ServerName directive.
|
||||
* `server_aliases` - ServerAlias directive. Must be an array of aliases.
|
||||
* `docroot` - DocumentRoot directive.
|
||||
* `application_name` - Used in RewriteLog directive. Will be set to the `name` parameter.
|
||||
* `directory_index` - Allow overriding the default DirectoryIndex setting, optional
|
||||
* `directory_options` - Override Options on the docroot, for example to add parameters like Includes or Indexes, optional.
|
||||
* `allow_override` - Modify the AllowOverride directive on the docroot to support apps that need .htaccess to modify configuration or require authentication.
|
||||
|
||||
To use the default web_app, for example:
|
||||
|
||||
web_app "my_site" do
|
||||
server_name node['hostname']
|
||||
server_aliases [node['fqdn'], "my-site.example.com"]
|
||||
docroot "/srv/www/my_site"
|
||||
end
|
||||
|
||||
The parameters specified will be used as:
|
||||
|
||||
* `@params[:server_name]`
|
||||
* `@params[:server_aliases]`
|
||||
* `@params[:docroot]`
|
||||
|
||||
In the template. When you write your own, the `@` is significant.
|
||||
|
||||
For more information about Definitions and parameters, see the
|
||||
[Chef Wiki](http://wiki.opscode.com/display/chef/Definitions)
|
||||
|
||||
Usage
|
||||
=====
|
||||
|
||||
Using this cookbook is relatively straightforward. Add the desired
|
||||
recipes to the run list of a node, or create a role. Depending on your
|
||||
environment, you may have multiple roles that use different recipes
|
||||
from this cookbook. Adjust any attributes as desired. For example, to
|
||||
create a basic role for web servers that provide both HTTP and HTTPS:
|
||||
|
||||
% cat roles/webserver.rb
|
||||
name "webserver"
|
||||
description "Systems that serve HTTP and HTTPS"
|
||||
run_list(
|
||||
"recipe[apache2]",
|
||||
"recipe[apache2::mod_ssl]"
|
||||
)
|
||||
default_attributes(
|
||||
"apache" => {
|
||||
"listen_ports" => ["80", "443"]
|
||||
}
|
||||
)
|
||||
|
||||
For examples of using the definitions in your own recipes, see their
|
||||
respective sections above.
|
||||
|
||||
License and Authors
|
||||
===================
|
||||
|
||||
* Author:: Adam Jacob <adam@opscode.com>
|
||||
* Author:: Joshua Timberman <joshua@opscode.com>
|
||||
* Author:: Bryan McLellan <bryanm@widemile.com>
|
||||
* Author:: Dave Esposito <esposito@espolinux.corpnet.local>
|
||||
* Author:: David Abdemoulaie <github@hobodave.com>
|
||||
* Author:: Edmund Haselwanter <edmund@haselwanter.com>
|
||||
* Author:: Eric Rochester <err8n@virginia.edu>
|
||||
* Author:: Jim Browne <jbrowne@42lines.net>
|
||||
* Author:: Matthew Kent <mkent@magoazul.com>
|
||||
* Author:: Nathen Harvey <nharvey@customink.com>
|
||||
* Author:: Ringo De Smet <ringo.de.smet@amplidata.com>
|
||||
* Author:: Sean OMeara <someara@opscode.com>
|
||||
* Author:: Seth Chisamore <schisamo@opscode.com>
|
||||
* Author:: Gilles Devaux <gilles@peerpong.com>
|
||||
|
||||
* Copyright:: 2009-2012, Opscode, Inc
|
||||
* Copyright:: 2011, Atriso
|
||||
* Copyright:: 2011, CustomInk, LLC.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
168
chef/cookbooks/apache2/attributes/default.rb
Normal file
168
chef/cookbooks/apache2/attributes/default.rb
Normal file
@ -0,0 +1,168 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Attributes:: apache
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
default['apache']['root_group'] = "root"
|
||||
|
||||
# Where the various parts of apache are
|
||||
case platform
|
||||
when "redhat", "centos", "scientific", "fedora", "suse", "amazon", "oracle"
|
||||
default['apache']['package'] = "httpd"
|
||||
default['apache']['dir'] = "/etc/httpd"
|
||||
default['apache']['log_dir'] = "/var/log/httpd"
|
||||
default['apache']['error_log'] = "error.log"
|
||||
default['apache']['access_log'] = "access.log"
|
||||
default['apache']['user'] = "apache"
|
||||
default['apache']['group'] = "apache"
|
||||
default['apache']['binary'] = "/usr/sbin/httpd"
|
||||
default['apache']['docroot_dir'] = "/var/www/html"
|
||||
default['apache']['cgibin_dir'] = "/var/www/cgi-bin"
|
||||
default['apache']['icondir'] = "/var/www/icons"
|
||||
default['apache']['cache_dir'] = "/var/cache/httpd"
|
||||
if node['platform_version'].to_f >= 6 then
|
||||
default['apache']['pid_file'] = "/var/run/httpd/httpd.pid"
|
||||
else
|
||||
default['apache']['pid_file'] = "/var/run/httpd.pid"
|
||||
end
|
||||
default['apache']['lib_dir'] = node['kernel']['machine'] =~ /^i[36]86$/ ? "/usr/lib/httpd" : "/usr/lib64/httpd"
|
||||
default['apache']['libexecdir'] = "#{node['apache']['lib_dir']}/modules"
|
||||
default['apache']['default_site_enabled'] = false
|
||||
when "debian", "ubuntu"
|
||||
default['apache']['package'] = "apache2"
|
||||
default['apache']['dir'] = "/etc/apache2"
|
||||
default['apache']['log_dir'] = "/var/log/apache2"
|
||||
default['apache']['error_log'] = "error.log"
|
||||
default['apache']['access_log'] = "access.log"
|
||||
default['apache']['user'] = "www-data"
|
||||
default['apache']['group'] = "www-data"
|
||||
default['apache']['binary'] = "/usr/sbin/apache2"
|
||||
default['apache']['docroot_dir'] = "/var/www"
|
||||
default['apache']['cgibin_dir'] = "/usr/lib/cgi-bin"
|
||||
default['apache']['icondir'] = "/usr/share/apache2/icons"
|
||||
default['apache']['cache_dir'] = "/var/cache/apache2"
|
||||
default['apache']['pid_file'] = "/var/run/apache2.pid"
|
||||
default['apache']['lib_dir'] = "/usr/lib/apache2"
|
||||
default['apache']['libexecdir'] = "#{node['apache']['lib_dir']}/modules"
|
||||
default['apache']['default_site_enabled'] = false
|
||||
when "arch"
|
||||
default['apache']['package'] = "apache"
|
||||
default['apache']['dir'] = "/etc/httpd"
|
||||
default['apache']['log_dir'] = "/var/log/httpd"
|
||||
default['apache']['error_log'] = "error.log"
|
||||
default['apache']['access_log'] = "access.log"
|
||||
default['apache']['user'] = "http"
|
||||
default['apache']['group'] = "http"
|
||||
default['apache']['binary'] = "/usr/sbin/httpd"
|
||||
default['apache']['docroot_dir'] = "/srv/http"
|
||||
default['apache']['cgibin_dir'] = "/usr/share/httpd/cgi-bin"
|
||||
default['apache']['icondir'] = "/usr/share/httpd/icons"
|
||||
default['apache']['cache_dir'] = "/var/cache/httpd"
|
||||
default['apache']['pid_file'] = "/var/run/httpd/httpd.pid"
|
||||
default['apache']['lib_dir'] = "/usr/lib/httpd"
|
||||
default['apache']['libexecdir'] = "#{node['apache']['lib_dir']}/modules"
|
||||
default['apache']['default_site_enabled'] = false
|
||||
when "freebsd"
|
||||
default['apache']['package'] = "apache22"
|
||||
default['apache']['dir'] = "/usr/local/etc/apache22"
|
||||
default['apache']['log_dir'] = "/var/log"
|
||||
default['apache']['error_log'] = "httpd-error.log"
|
||||
default['apache']['access_log'] = "httpd-access.log"
|
||||
default['apache']['root_group'] = "wheel"
|
||||
default['apache']['user'] = "www"
|
||||
default['apache']['group'] = "www"
|
||||
default['apache']['binary'] = "/usr/local/sbin/httpd"
|
||||
default['apache']['docroot_dir'] = "/usr/local/www/apache22/data"
|
||||
default['apache']['cgibin_dir'] = "/usr/local/www/apache22/cgi-bin"
|
||||
default['apache']['icondir'] = "/usr/local/www/apache22/icons"
|
||||
default['apache']['cache_dir'] = "/var/run/apache22"
|
||||
default['apache']['pid_file'] = "/var/run/httpd.pid"
|
||||
default['apache']['lib_dir'] = "/usr/local/libexec/apache22"
|
||||
default['apache']['libexecdir'] = node['apache']['lib_dir']
|
||||
default['apache']['default_site_enabled'] = false
|
||||
else
|
||||
default['apache']['dir'] = "/etc/apache2"
|
||||
default['apache']['log_dir'] = "/var/log/apache2"
|
||||
default['apache']['error_log'] = "error.log"
|
||||
default['apache']['access_log'] = "access.log"
|
||||
default['apache']['user'] = "www-data"
|
||||
default['apache']['group'] = "www-data"
|
||||
default['apache']['binary'] = "/usr/sbin/apache2"
|
||||
default['apache']['docroot_dir'] = "/var/www"
|
||||
default['apache']['cgibin_dir'] = "/usr/lib/cgi-bin"
|
||||
default['apache']['icondir'] = "/usr/share/apache2/icons"
|
||||
default['apache']['cache_dir'] = "/var/cache/apache2"
|
||||
default['apache']['pid_file'] = "logs/httpd.pid"
|
||||
default['apache']['lib_dir'] = "/usr/lib/apache2"
|
||||
default['apache']['libexecdir'] = "#{node['apache']['lib_dir']}/modules"
|
||||
default['apache']['default_site_enabled'] = false
|
||||
end
|
||||
|
||||
###
|
||||
# These settings need the unless, since we want them to be tunable,
|
||||
# and we don't want to override the tunings.
|
||||
###
|
||||
|
||||
# General settings
|
||||
default['apache']['listen_ports'] = ["80"]
|
||||
default['apache']['contact'] = "ops@example.com"
|
||||
default['apache']['timeout'] = 300
|
||||
default['apache']['keepalive'] = "On"
|
||||
default['apache']['keepaliverequests'] = 100
|
||||
default['apache']['keepalivetimeout'] = 5
|
||||
|
||||
# Security
|
||||
default['apache']['servertokens'] = "Prod"
|
||||
default['apache']['serversignature'] = "On"
|
||||
default['apache']['traceenable'] = "On"
|
||||
|
||||
# mod_auth_openids
|
||||
default['apache']['allowed_openids'] = Array.new
|
||||
|
||||
# mod_status Allow list, space seprated list of allowed entries.
|
||||
default['apache']['status_allow_list'] = "localhost ip6-localhost"
|
||||
|
||||
# mod_status ExtendedStatus, set to 'true' to enable
|
||||
default['apache']['ext_status'] = false
|
||||
|
||||
# Prefork Attributes
|
||||
default['apache']['prefork']['startservers'] = 16
|
||||
default['apache']['prefork']['minspareservers'] = 16
|
||||
default['apache']['prefork']['maxspareservers'] = 32
|
||||
default['apache']['prefork']['serverlimit'] = 400
|
||||
default['apache']['prefork']['maxclients'] = 400
|
||||
default['apache']['prefork']['maxrequestsperchild'] = 10000
|
||||
|
||||
# Worker Attributes
|
||||
default['apache']['worker']['startservers'] = 4
|
||||
default['apache']['worker']['serverlimit'] = 16
|
||||
default['apache']['worker']['maxclients'] = 1024
|
||||
default['apache']['worker']['minsparethreads'] = 64
|
||||
default['apache']['worker']['maxsparethreads'] = 192
|
||||
default['apache']['worker']['threadsperchild'] = 64
|
||||
default['apache']['worker']['maxrequestsperchild'] = 0
|
||||
|
||||
# Default modules to enable via include_recipe
|
||||
|
||||
default['apache']['default_modules'] = %w{
|
||||
status alias auth_basic authn_file authz_default authz_groupfile authz_host authz_user autoindex
|
||||
dir env mime negotiation setenvif
|
||||
}
|
||||
|
||||
%w{ log_config logio }.each do |log_mod|
|
||||
default['apache']['default_modules'] << log_mod if ["rhel", "fedora", "suse", "arch", "freebsd"].include?(node['platform_family'])
|
||||
end
|
2
chef/cookbooks/apache2/attributes/mod_auth_cas.rb
Normal file
2
chef/cookbooks/apache2/attributes/mod_auth_cas.rb
Normal file
@ -0,0 +1,2 @@
|
||||
default['apache']['mod_auth_cas']['from_source'] = false
|
||||
default['apache']['mod_auth_cas']['source_revision'] = "v1.0.8.1"
|
32
chef/cookbooks/apache2/attributes/mod_auth_openid.rb
Normal file
32
chef/cookbooks/apache2/attributes/mod_auth_openid.rb
Normal file
@ -0,0 +1,32 @@
|
||||
#
|
||||
# Author:: Joshua Timberman <joshua@opscode.com>
|
||||
# Copyright:: Copyright (c) 2011, Opscode, Inc.
|
||||
# License:: Apache License, Version 2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
default['apache']['mod_auth_openid']['ref'] = "95043901eab868400937642d9bc55d17e9dd069f"
|
||||
default['apache']['mod_auth_openid']['source_url'] = "https://github.com/bmuller/mod_auth_openid/archive/#{node['apache']['mod_auth_openid']['ref']}.tar.gz"
|
||||
default['apache']['mod_auth_openid']['cache_dir'] = "/var/cache/mod_auth_openid"
|
||||
default['apache']['mod_auth_openid']['dblocation'] = "#{node['apache']['mod_auth_openid']['cache_dir']}/mod_auth_openid.db"
|
||||
|
||||
case node['platform_family']
|
||||
when "freebsd"
|
||||
default['apache']['mod_auth_openid']['configure_flags'] = [
|
||||
"CPPFLAGS=-I/usr/local/include",
|
||||
"LDFLAGS=-I/usr/local/lib -lsqlite3"
|
||||
]
|
||||
else
|
||||
default['apache']['mod_auth_openid']['configure_flags'] = []
|
||||
end
|
19
chef/cookbooks/apache2/attributes/mod_ssl.rb
Normal file
19
chef/cookbooks/apache2/attributes/mod_ssl.rb
Normal file
@ -0,0 +1,19 @@
|
||||
#
|
||||
# Author:: Nathan L Smith <nlloyds@gmail.com>
|
||||
# Copyright:: Copyright (c) 2012, Opscode, Inc.
|
||||
# License:: Apache License, Version 2.0
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
default['apache']['mod_ssl']['cipher_suite'] = 'RC4-SHA:HIGH:!ADH'
|
26
chef/cookbooks/apache2/definitions/apache_conf.rb
Normal file
26
chef/cookbooks/apache2/definitions/apache_conf.rb
Normal file
@ -0,0 +1,26 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Definition:: apache_conf
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
define :apache_conf do
|
||||
template "#{node['apache']['dir']}/mods-available/#{params[:name]}.conf" do
|
||||
source "mods/#{params[:name]}.conf.erb"
|
||||
notifies :restart, "service[apache2]"
|
||||
mode 0644
|
||||
end
|
||||
end
|
53
chef/cookbooks/apache2/definitions/apache_module.rb
Normal file
53
chef/cookbooks/apache2/definitions/apache_module.rb
Normal file
@ -0,0 +1,53 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Definition:: apache_module
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
define :apache_module, :enable => true, :conf => false do
|
||||
include_recipe "apache2"
|
||||
|
||||
params[:filename] = params[:filename] || "mod_#{params[:name]}.so"
|
||||
params[:module_path] = params[:module_path] || "#{node['apache']['libexecdir']}/#{params[:filename]}"
|
||||
|
||||
if params[:conf]
|
||||
apache_conf params[:name]
|
||||
end
|
||||
|
||||
if platform_family?("rhel", "fedora", "arch", "suse", "freebsd")
|
||||
file "#{node['apache']['dir']}/mods-available/#{params[:name]}.load" do
|
||||
content "LoadModule #{params[:name]}_module #{params[:module_path]}\n"
|
||||
mode 0644
|
||||
end
|
||||
end
|
||||
|
||||
if params[:enable]
|
||||
execute "a2enmod #{params[:name]}" do
|
||||
command "/usr/sbin/a2enmod #{params[:name]}"
|
||||
notifies :restart, "service[apache2]"
|
||||
not_if do (::File.symlink?("#{node['apache']['dir']}/mods-enabled/#{params[:name]}.load") and
|
||||
((::File.exists?("#{node['apache']['dir']}/mods-available/#{params[:name]}.conf"))?
|
||||
(::File.symlink?("#{node['apache']['dir']}/mods-enabled/#{params[:name]}.conf")):(true)))
|
||||
end
|
||||
end
|
||||
else
|
||||
execute "a2dismod #{params[:name]}" do
|
||||
command "/usr/sbin/a2dismod #{params[:name]}"
|
||||
notifies :restart, "service[apache2]"
|
||||
only_if do ::File.symlink?("#{node['apache']['dir']}/mods-enabled/#{params[:name]}.load") end
|
||||
end
|
||||
end
|
||||
end
|
43
chef/cookbooks/apache2/definitions/apache_site.rb
Normal file
43
chef/cookbooks/apache2/definitions/apache_site.rb
Normal file
@ -0,0 +1,43 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Definition:: apache_site
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
define :apache_site, :enable => true do
|
||||
include_recipe "apache2"
|
||||
|
||||
if params[:enable]
|
||||
execute "a2ensite #{params[:name]}" do
|
||||
command "/usr/sbin/a2ensite #{params[:name]}"
|
||||
notifies :restart, resources(:service => "apache2")
|
||||
not_if do
|
||||
::File.symlink?("#{node['apache']['dir']}/sites-enabled/#{params[:name]}") or
|
||||
::File.symlink?("#{node['apache']['dir']}/sites-enabled/000-#{params[:name]}")
|
||||
end
|
||||
only_if do ::File.exists?("#{node['apache']['dir']}/sites-available/#{params[:name]}") end
|
||||
end
|
||||
else
|
||||
execute "a2dissite #{params[:name]}" do
|
||||
command "/usr/sbin/a2dissite #{params[:name]}"
|
||||
notifies :restart, resources(:service => "apache2")
|
||||
only_if do
|
||||
::File.symlink?("#{node['apache']['dir']}/sites-enabled/#{params[:name]}") or
|
||||
::File.symlink?("#{node['apache']['dir']}/sites-enabled/000-#{params[:name]}")
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
50
chef/cookbooks/apache2/definitions/web_app.rb
Normal file
50
chef/cookbooks/apache2/definitions/web_app.rb
Normal file
@ -0,0 +1,50 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Definition:: web_app
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
define :web_app, :template => "web_app.conf.erb", :enable => true do
|
||||
|
||||
application_name = params[:name]
|
||||
|
||||
include_recipe "apache2"
|
||||
include_recipe "apache2::mod_rewrite"
|
||||
include_recipe "apache2::mod_deflate"
|
||||
include_recipe "apache2::mod_headers"
|
||||
|
||||
template "#{node['apache']['dir']}/sites-available/#{application_name}.conf" do
|
||||
source params[:template]
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
mode 0644
|
||||
if params[:cookbook]
|
||||
cookbook params[:cookbook]
|
||||
end
|
||||
variables(
|
||||
:application_name => application_name,
|
||||
:params => params
|
||||
)
|
||||
if ::File.exists?("#{node['apache']['dir']}/sites-enabled/#{application_name}.conf")
|
||||
notifies :reload, resources(:service => "apache2"), :delayed
|
||||
end
|
||||
end
|
||||
|
||||
site_enabled = params[:enable]
|
||||
apache_site "#{params[:name]}.conf" do
|
||||
enable site_enabled
|
||||
end
|
||||
end
|
@ -0,0 +1,41 @@
|
||||
#!/usr/bin/perl
|
||||
|
||||
=begin
|
||||
|
||||
Generates Ubuntu style module.load files.
|
||||
|
||||
./apache2_module_conf_generate.pl /usr/lib64/httpd/modules /etc/httpd/mods-available
|
||||
|
||||
ARGV[0] is the apache modules directory, ARGV[1] is where you want 'em.
|
||||
|
||||
=cut
|
||||
|
||||
use File::Find;
|
||||
|
||||
use strict;
|
||||
use warnings;
|
||||
|
||||
die "Must have '/path/to/modules' and '/path/to/modules.load'"
|
||||
unless $ARGV[0] && $ARGV[1];
|
||||
|
||||
find(
|
||||
{
|
||||
wanted => sub {
|
||||
return 1 if $File::Find::name !~ /\.so$/;
|
||||
my $modfile = $_;
|
||||
$modfile =~ /(lib|mod_)(.+)\.so$/;
|
||||
my $modname = $2;
|
||||
my $filename = "$ARGV[1]/$modname.load";
|
||||
unless ( -f $filename ) {
|
||||
open( FILE, ">", $filename ) or die "Cannot open $filename";
|
||||
print FILE "LoadModule " . $modname . "_module $File::Find::name\n";
|
||||
close(FILE);
|
||||
}
|
||||
},
|
||||
follow => 1,
|
||||
},
|
||||
$ARGV[0]
|
||||
);
|
||||
|
||||
exit 0;
|
||||
|
@ -0,0 +1,77 @@
|
||||
require File.expand_path('../support/helpers', __FILE__)
|
||||
|
||||
describe 'apache2::default' do
|
||||
include Helpers::Apache
|
||||
|
||||
it 'installs apache' do
|
||||
package(node['apache']['package']).must_be_installed
|
||||
end
|
||||
|
||||
it 'starts apache' do
|
||||
apache_service.must_be_running
|
||||
end
|
||||
|
||||
it 'enables apache' do
|
||||
apache_service.must_be_enabled
|
||||
end
|
||||
|
||||
it 'creates the conf.d directory' do
|
||||
directory("#{node['apache']['dir']}/conf.d").must_exist.with(:mode, "755")
|
||||
end
|
||||
|
||||
it 'creates the logs directory' do
|
||||
directory(node['apache']['log_dir']).must_exist
|
||||
end
|
||||
|
||||
it 'enables the default site unless it is disabled' do
|
||||
skip unless node['apache']['default_site_enabled']
|
||||
file("#{node['apache']['dir']}/sites-enabled/000-default").must_exist
|
||||
file("#{node['apache']['dir']}/sites-available/default").must_exist
|
||||
end
|
||||
|
||||
it 'ensures the debian-style apache module scripts are present' do
|
||||
%w{a2ensite a2dissite a2enmod a2dismod}.each do |mod_script|
|
||||
file("/usr/sbin/#{mod_script}").must_exist
|
||||
end
|
||||
end
|
||||
|
||||
it 'reports server name only, not detailed version info' do
|
||||
assert_match(/^ServerTokens Prod *$/, File.read("#{node['apache']['dir']}/conf.d/security"))
|
||||
end
|
||||
|
||||
it 'listens on port 80' do
|
||||
apache_configured_ports.must_include(80)
|
||||
end
|
||||
|
||||
it 'only listens on port 443 when SSL is enabled' do
|
||||
unless ran_recipe?('apache2::mod_ssl')
|
||||
apache_configured_ports.wont_include(443)
|
||||
end
|
||||
end
|
||||
|
||||
it 'reports server name only, not detailed version info' do
|
||||
file("#{node['apache']['dir']}/conf.d/security").must_match(/^ServerTokens Prod *$/)
|
||||
end
|
||||
|
||||
it "enables default_modules" do
|
||||
node['apache']['default_modules'].each do |a2mod|
|
||||
apache_enabled_modules.must_include "#{a2mod}_module"
|
||||
end
|
||||
end
|
||||
|
||||
describe 'centos' do
|
||||
it 'ensures no modules are loaded in conf.d' do
|
||||
Dir["#{node['apache']['dir']}/conf.d/*"].each do |f|
|
||||
file(f).wont_include 'LoadModule'
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'configuration' do
|
||||
it { config.must_include '# Generated by Chef' }
|
||||
it { config.must_include %Q{ServerRoot "#{node['apache']['dir']}"} }
|
||||
it { config.must_include "Include #{node['apache']['dir']}/conf.d/" }
|
||||
it { apache_config_parses? }
|
||||
end
|
||||
|
||||
end
|
@ -0,0 +1,34 @@
|
||||
#
|
||||
# Author:: Joshua Timberman <joshua@opscode.com>
|
||||
# Copyright:: Copyright (c) 2012, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
require File.expand_path('../support/helpers', __FILE__)
|
||||
|
||||
describe "apache2::god_monitor" do
|
||||
include Helpers::Apache
|
||||
|
||||
it 'starts god service to supervise apache2' do
|
||||
service("god").must_be_running
|
||||
end
|
||||
|
||||
it 'creates the god service template for apache' do
|
||||
file("/etc/god/conf.d/apache2.god").must_exist
|
||||
end
|
||||
|
||||
it 'starts an apache2 service that works like a regular service' do
|
||||
# to be implemented when COOK-744 is fixed
|
||||
end
|
||||
end
|
@ -0,0 +1,19 @@
|
||||
require File.expand_path('../support/helpers', __FILE__)
|
||||
|
||||
describe 'apache2::mod_apreq2' do
|
||||
include Helpers::Apache
|
||||
|
||||
it 'enables apreq_module' do
|
||||
apache_enabled_modules.must_include "apreq_module"
|
||||
end
|
||||
|
||||
it 'symlinks the module on EL' do
|
||||
skip unless %w{rhel fedora}.include?(node['platform_family'])
|
||||
libdir = node['kernel']['machine'] == 'x86_64' ? "lib64" : "lib"
|
||||
link(
|
||||
"/usr/#{libdir}/httpd/modules/mod_apreq.so"
|
||||
).must_exist.with(
|
||||
:link_type, :symbolic).and(:to, "/usr/#{libdir}/httpd/modules/mod_apreq2.so"
|
||||
)
|
||||
end
|
||||
end
|
@ -0,0 +1,11 @@
|
||||
require File.expand_path('../support/helpers', __FILE__)
|
||||
|
||||
describe "apache2::mod_auth_cas" do
|
||||
include Helpers::Apache
|
||||
|
||||
it 'enables auth_cas_module' do
|
||||
skip if %w{rhel fedora}.include?(node['platform_family']) && node['platform_version'].to_f > 6.0
|
||||
apache_enabled_modules.must_include "auth_cas_module"
|
||||
end
|
||||
|
||||
end
|
@ -0,0 +1,37 @@
|
||||
require File.expand_path('../support/helpers', __FILE__)
|
||||
require 'pathname'
|
||||
|
||||
describe 'apache2::mod_auth_openid' do
|
||||
include Helpers::Apache
|
||||
|
||||
it "installs the opekele library" do
|
||||
lib_dir = Pathname.new(node['apache']['lib_dir']).dirname.to_s
|
||||
file("#{lib_dir}/libopkele.so").must_exist
|
||||
end
|
||||
|
||||
it "does not add the module to httpd.conf" do
|
||||
conffile = case node['platform']
|
||||
when 'debian', 'ubuntu'
|
||||
"apache2.conf"
|
||||
when "redhat", "centos", "scientific", "fedora", "arch", "amazon"
|
||||
"conf/httpd.conf"
|
||||
when "freebsd"
|
||||
"httpd.conf"
|
||||
end
|
||||
httpd_config = File.read(File.join(node['apache']['dir'], conffile))
|
||||
refute_match /^LoadModule authopenid_module /, httpd_config
|
||||
end
|
||||
|
||||
it "creates a cache directory for the module" do
|
||||
directory(node['apache']['mod_auth_openid']['cache_dir']).must_exist.with(:owner, node['apache']['user'])
|
||||
end
|
||||
|
||||
it "ensures the db file is writable by apache" do
|
||||
file(node['apache']['mod_auth_openid']['dblocation']).must_exist.with(:owner, node['apache']['user']).and(:mode, "644")
|
||||
end
|
||||
|
||||
it 'enables authopenid_module' do
|
||||
apache_enabled_modules.must_include "authopenid_module"
|
||||
end
|
||||
|
||||
end
|
@ -0,0 +1,13 @@
|
||||
require File.expand_path('../support/helpers', __FILE__)
|
||||
|
||||
describe 'apache2::mod_cgi' do
|
||||
include Helpers::Apache
|
||||
|
||||
# the cgi module can be either cgi or cgid
|
||||
it 'enables cgi or cgid_module' do
|
||||
assert(apache_enabled_modules.include?('cgi_module') ||
|
||||
apache_enabled_modules.include?('cgid_module')
|
||||
)
|
||||
end
|
||||
|
||||
end
|
@ -0,0 +1,14 @@
|
||||
require File.expand_path('../support/helpers', __FILE__)
|
||||
|
||||
describe 'apache2::mod_dav_svn' do
|
||||
include Helpers::Apache
|
||||
|
||||
it 'enables dav_svn_module' do
|
||||
apache_enabled_modules.must_include "dav_svn_module"
|
||||
end
|
||||
|
||||
it 'enables dav_module' do
|
||||
apache_enabled_modules.must_include "dav_module"
|
||||
end
|
||||
|
||||
end
|
@ -0,0 +1,11 @@
|
||||
require File.expand_path('../support/helpers', __FILE__)
|
||||
|
||||
describe "apache2::mod_fastcgi" do
|
||||
include Helpers::Apache
|
||||
|
||||
it 'enables fastcgi_module' do
|
||||
skip if %w{rhel fedora}.include?(node['platform_family'])
|
||||
apache_enabled_modules.must_include "fastcgi_module"
|
||||
end
|
||||
|
||||
end
|
@ -0,0 +1,15 @@
|
||||
require File.expand_path('../support/helpers', __FILE__)
|
||||
|
||||
describe 'apache2::mod_include' do
|
||||
include Helpers::Apache
|
||||
|
||||
it 'enables include_module' do
|
||||
apache_enabled_modules.must_include "include_module"
|
||||
end
|
||||
|
||||
it 'drops off the include module configuration' do
|
||||
assert_match(/AddType text\/html .shtml/, File.read("#{node['apache']['dir']}/mods-enabled/include.conf"))
|
||||
assert_match(/AddOutputFilter INCLUDES .shtml/, File.read("#{node['apache']['dir']}/mods-enabled/include.conf"))
|
||||
end
|
||||
|
||||
end
|
@ -0,0 +1,18 @@
|
||||
require File.expand_path('../support/helpers', __FILE__)
|
||||
|
||||
describe 'apache2::mod_perl' do
|
||||
include Helpers::Apache
|
||||
|
||||
it 'enables perl_module' do
|
||||
apache_enabled_modules.must_include "perl_module"
|
||||
end
|
||||
|
||||
it 'installs the apache request library' do
|
||||
req_pkg = case node['platform']
|
||||
when 'debian', 'ubuntu' then 'libapache2-request-perl'
|
||||
else 'perl-libapreq2'
|
||||
end
|
||||
package(req_pkg).must_be_installed
|
||||
end
|
||||
|
||||
end
|
@ -0,0 +1,13 @@
|
||||
require File.expand_path('../support/helpers', __FILE__)
|
||||
|
||||
describe 'apache2::mod_php5' do
|
||||
include Helpers::Apache
|
||||
|
||||
it 'enables php5_module' do
|
||||
apache_enabled_modules.must_include "php5_module"
|
||||
end
|
||||
|
||||
it "deletes the packaged php config if any" do
|
||||
file("#{node['apache']['dir']}/conf.d/php.conf").wont_exist
|
||||
end
|
||||
end
|
@ -0,0 +1,10 @@
|
||||
require File.expand_path('../support/helpers', __FILE__)
|
||||
|
||||
describe 'apache2::mod_python' do
|
||||
include Helpers::Apache
|
||||
|
||||
it 'enables python_module' do
|
||||
apache_enabled_modules.must_include "python_module"
|
||||
end
|
||||
|
||||
end
|
@ -0,0 +1,28 @@
|
||||
require File.expand_path('../support/helpers', __FILE__)
|
||||
|
||||
describe 'apache2::mod_ssl' do
|
||||
include Helpers::Apache
|
||||
|
||||
it 'installs the mod_ssl package on RHEL distributions' do
|
||||
skip unless ["rhel", "fedora"].include? node['platform_family']
|
||||
package("mod_ssl").must_be_installed
|
||||
end
|
||||
|
||||
it 'enables ssl_module' do
|
||||
apache_enabled_modules.must_include "ssl_module"
|
||||
end
|
||||
|
||||
it 'does not store SSL config in conf.d' do
|
||||
file("#{node['apache']['dir']}/conf.d/ssl.conf").wont_exist
|
||||
end
|
||||
|
||||
it "is configured to listen on port 443" do
|
||||
apache_configured_ports.must_include(443)
|
||||
end
|
||||
|
||||
it 'configures SSLCiphersuit from an attribute' do
|
||||
assert_match(/^SSLCipherSuite #{node['apache']['mod_ssl']['cipher_suite']}$/,
|
||||
File.read("#{node['apache']['dir']}/mods-enabled/ssl.conf"))
|
||||
end
|
||||
|
||||
end
|
@ -0,0 +1,65 @@
|
||||
module Helpers
|
||||
module Apache
|
||||
require 'chef/mixin/shell_out'
|
||||
include Chef::Mixin::ShellOut
|
||||
include MiniTest::Chef::Assertions
|
||||
include MiniTest::Chef::Context
|
||||
include MiniTest::Chef::Resources
|
||||
|
||||
def apache_config_parses?
|
||||
acp = shell_out("#{node['apache']['binary']} -t")
|
||||
acp.exitstatus == 0
|
||||
end
|
||||
|
||||
def apache_configured_ports
|
||||
port_config = File.read("#{node['apache']['dir']}/ports.conf")
|
||||
port_config.scan(/^Listen ([0-9]+)/).flatten.map { |p| p.to_i }
|
||||
end
|
||||
|
||||
def apache_enabled_modules
|
||||
apache_modules = shell_out("#{node['apache']['binary']} -M")
|
||||
apache_modules.send(
|
||||
if node['platform_family'] == 'rhel' && node['platform_version'].to_f < 6.0
|
||||
:stderr
|
||||
else
|
||||
:stdout
|
||||
end
|
||||
).split.select! { |i| i =~ /_module$/ }
|
||||
end
|
||||
|
||||
def apache_service
|
||||
service(
|
||||
case node['platform']
|
||||
when "debian", "ubuntu" then "apache2"
|
||||
when "freebsd" then "apache22"
|
||||
else "httpd"
|
||||
end
|
||||
)
|
||||
end
|
||||
|
||||
def config
|
||||
file(
|
||||
case node['platform']
|
||||
when "debian", "ubuntu" then "#{node['apache']['dir']}/apache2.conf"
|
||||
when "freebsd" then "#{node['apache']['dir']}/httpd.conf"
|
||||
else "#{node['apache']['dir']}/conf/httpd.conf"
|
||||
end
|
||||
)
|
||||
end
|
||||
|
||||
def ran_recipe?(recipe)
|
||||
if Chef::VERSION < "11.0"
|
||||
seen_recipes = node.run_state[:seen_recipes]
|
||||
recipes = seen_recipes.keys.each { |i| i }
|
||||
else
|
||||
recipes = run_context.loaded_recipes
|
||||
end
|
||||
if recipes.empty? and Chef::Config[:solo]
|
||||
#If you have roles listed in your run list they are NOT expanded
|
||||
recipes = node.run_list.map {|item| item.name if item.type == :recipe }
|
||||
end
|
||||
recipes.include?(recipe)
|
||||
end
|
||||
|
||||
end
|
||||
end
|
213
chef/cookbooks/apache2/metadata.rb
Normal file
213
chef/cookbooks/apache2/metadata.rb
Normal file
@ -0,0 +1,213 @@
|
||||
name "apache2"
|
||||
maintainer "Opscode, Inc."
|
||||
maintainer_email "cookbooks@opscode.com"
|
||||
license "Apache 2.0"
|
||||
description "Installs and configures all aspects of apache2 using Debian style symlinks with helper definitions"
|
||||
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
|
||||
version "1.7.0"
|
||||
recipe "apache2", "Main Apache configuration"
|
||||
recipe "apache2::logrotate", "Rotate apache2 logs. Requires logrotate cookbook"
|
||||
recipe "apache2::mod_alias", "Apache module 'alias' with config file"
|
||||
recipe "apache2::mod_apreq2", "Apache module 'apreq'"
|
||||
recipe "apache2::mod_auth_basic", "Apache module 'auth_basic'"
|
||||
recipe "apache2::mod_auth_digest", "Apache module 'auth_digest'"
|
||||
recipe "apache2::mod_auth_openid", "Apache module 'authopenid'"
|
||||
recipe "apache2::mod_authn_file", "Apache module 'authn_file'"
|
||||
recipe "apache2::mod_authnz_ldap", "Apache module 'authnz_ldap'"
|
||||
recipe "apache2::mod_authz_default", "Apache module 'authz_default'"
|
||||
recipe "apache2::mod_authz_groupfile", "Apache module 'authz_groupfile'"
|
||||
recipe "apache2::mod_authz_host", "Apache module 'authz_host'"
|
||||
recipe "apache2::mod_authz_user", "Apache module 'authz_user'"
|
||||
recipe "apache2::mod_autoindex", "Apache module 'autoindex' with config file"
|
||||
recipe "apache2::mod_cgi", "Apache module 'cgi'"
|
||||
recipe "apache2::mod_dav", "Apache module 'dav'"
|
||||
recipe "apache2::mod_dav_svn", "Apache module 'dav_svn'"
|
||||
recipe "apache2::mod_deflate", "Apache module 'deflate' with config file"
|
||||
recipe "apache2::mod_dir", "Apache module 'dir' with config file"
|
||||
recipe "apache2::mod_env", "Apache module 'env'"
|
||||
recipe "apache2::mod_expires", "Apache module 'expires'"
|
||||
recipe "apache2::mod_fcgid", "Apache module 'fcgid', package on ubuntu/debian, rhel/centos, compile source on suse; with config file"
|
||||
recipe "apache2::mod_headers", "Apache module 'headers'"
|
||||
recipe "apache2::mod_include", "Apache module 'include'"
|
||||
recipe "apache2::mod_ldap", "Apache module 'ldap'"
|
||||
recipe "apache2::mod_log_config", "Apache module 'log_config'"
|
||||
recipe "apache2::mod_mime", "Apache module 'mime' with config file"
|
||||
recipe "apache2::mod_negotiation", "Apache module 'negotiation' with config file"
|
||||
recipe "apache2::mod_perl", "Apache module 'perl'"
|
||||
recipe "apache2::mod_php5", "Apache module 'php5'"
|
||||
recipe "apache2::mod_proxy", "Apache module 'proxy' with config file"
|
||||
recipe "apache2::mod_proxy_ajp", "Apache module 'proxy_ajp'"
|
||||
recipe "apache2::mod_proxy_balancer", "Apache module 'proxy_balancer'"
|
||||
recipe "apache2::mod_proxy_connect", "Apache module 'proxy_connect'"
|
||||
recipe "apache2::mod_proxy_http", "Apache module 'proxy_http'"
|
||||
recipe "apache2::mod_python", "Apache module 'python'"
|
||||
recipe "apache2::mod_rewrite", "Apache module 'rewrite'"
|
||||
recipe "apache2::mod_setenvif", "Apache module 'setenvif' with config file"
|
||||
recipe "apache2::mod_ssl", "Apache module 'ssl' with config file, adds port 443 to listen_ports"
|
||||
recipe "apache2::mod_status", "Apache module 'status' with config file"
|
||||
recipe "apache2::mod_xsendfile", "Apache module 'xsendfile'"
|
||||
|
||||
%w{redhat centos scientific fedora debian ubuntu arch freebsd amazon}.each do |os|
|
||||
supports os
|
||||
end
|
||||
|
||||
attribute "apache",
|
||||
:display_name => "Apache Hash",
|
||||
:description => "Hash of Apache attributes",
|
||||
:type => "hash"
|
||||
|
||||
attribute "apache/dir",
|
||||
:display_name => "Apache Directory",
|
||||
:description => "Location for Apache configuration",
|
||||
:default => "/etc/apache2"
|
||||
|
||||
attribute "apache/log_dir",
|
||||
:display_name => "Apache Log Directory",
|
||||
:description => "Location for Apache logs",
|
||||
:default => "/etc/apache2"
|
||||
|
||||
attribute "apache/user",
|
||||
:display_name => "Apache User",
|
||||
:description => "User Apache runs as",
|
||||
:default => "www-data"
|
||||
|
||||
attribute "apache/binary",
|
||||
:display_name => "Apache Binary",
|
||||
:description => "Apache server daemon program",
|
||||
:default => "/usr/sbin/apache2"
|
||||
|
||||
attribute "apache/icondir",
|
||||
:display_name => "Apache Icondir",
|
||||
:description => "Directory location for icons",
|
||||
:default => "/usr/share/apache2/icons"
|
||||
|
||||
attribute "apache/listen_ports",
|
||||
:display_name => "Apache Listen Ports",
|
||||
:description => "Ports that Apache should listen on",
|
||||
:type => "array",
|
||||
:default => ["80", "443"]
|
||||
|
||||
attribute "apache/contact",
|
||||
:display_name => "Apache Contact",
|
||||
:description => "Email address of webmaster",
|
||||
:default => "ops@example.com"
|
||||
|
||||
attribute "apache/timeout",
|
||||
:display_name => "Apache Timeout",
|
||||
:description => "Connection timeout value",
|
||||
:default => "300"
|
||||
|
||||
attribute "apache/keepalive",
|
||||
:display_name => "Apache Keepalive",
|
||||
:description => "HTTP persistent connections",
|
||||
:default => "On"
|
||||
|
||||
attribute "apache/keepaliverequests",
|
||||
:display_name => "Apache Keepalive Requests",
|
||||
:description => "Number of requests allowed on a persistent connection",
|
||||
:default => "100"
|
||||
|
||||
attribute "apache/keepalivetimeout",
|
||||
:display_name => "Apache Keepalive Timeout",
|
||||
:description => "Time to wait for requests on persistent connection",
|
||||
:default => "5"
|
||||
|
||||
attribute "apache/servertokens",
|
||||
:display_name => "Apache Server Tokens",
|
||||
:description => "Server response header",
|
||||
:default => "Prod"
|
||||
|
||||
attribute "apache/serversignature",
|
||||
:display_name => "Apache Server Signature",
|
||||
:description => "Configure footer on server-generated documents",
|
||||
:default => "On"
|
||||
|
||||
attribute "apache/traceenable",
|
||||
:display_name => "Apache Trace Enable",
|
||||
:description => "Determine behavior of TRACE requests",
|
||||
:default => "On"
|
||||
|
||||
attribute "apache/allowed_openids",
|
||||
:display_name => "Apache Allowed OpenIDs",
|
||||
:description => "Array of OpenIDs allowed to authenticate",
|
||||
:default => ""
|
||||
|
||||
attribute "apache/prefork",
|
||||
:display_name => "Apache Prefork",
|
||||
:description => "Hash of Apache prefork tuning attributes.",
|
||||
:type => "hash"
|
||||
|
||||
attribute "apache/prefork/startservers",
|
||||
:display_name => "Apache Prefork MPM StartServers",
|
||||
:description => "Number of MPM servers to start",
|
||||
:default => "16"
|
||||
|
||||
attribute "apache/prefork/minspareservers",
|
||||
:display_name => "Apache Prefork MPM MinSpareServers",
|
||||
:description => "Minimum number of spare server processes",
|
||||
:default => "16"
|
||||
|
||||
attribute "apache/prefork/maxspareservers",
|
||||
:display_name => "Apache Prefork MPM MaxSpareServers",
|
||||
:description => "Maximum number of spare server processes",
|
||||
:default => "32"
|
||||
|
||||
attribute "apache/prefork/serverlimit",
|
||||
:display_name => "Apache Prefork MPM ServerLimit",
|
||||
:description => "Upper limit on configurable server processes",
|
||||
:default => "400"
|
||||
|
||||
attribute "apache/prefork/maxclients",
|
||||
:display_name => "Apache Prefork MPM MaxClients",
|
||||
:description => "Maximum number of simultaneous connections",
|
||||
:default => "400"
|
||||
|
||||
attribute "apache/prefork/maxrequestsperchild",
|
||||
:display_name => "Apache Prefork MPM MaxRequestsPerChild",
|
||||
:description => "Maximum number of request a child process will handle",
|
||||
:default => "10000"
|
||||
|
||||
attribute "apache/worker",
|
||||
:display_name => "Apache Worker",
|
||||
:description => "Hash of Apache prefork tuning attributes.",
|
||||
:type => "hash"
|
||||
|
||||
attribute "apache/worker/startservers",
|
||||
:display_name => "Apache Worker MPM StartServers",
|
||||
:description => "Initial number of server processes to start",
|
||||
:default => "4"
|
||||
|
||||
attribute "apache/worker/maxclients",
|
||||
:display_name => "Apache Worker MPM MaxClients",
|
||||
:description => "Maximum number of simultaneous connections",
|
||||
:default => "1024"
|
||||
|
||||
attribute "apache/worker/minsparethreads",
|
||||
:display_name => "Apache Worker MPM MinSpareThreads",
|
||||
:description => "Minimum number of spare worker threads",
|
||||
:default => "64"
|
||||
|
||||
attribute "apache/worker/maxsparethreads",
|
||||
:display_name => "Apache Worker MPM MaxSpareThreads",
|
||||
:description => "Maximum number of spare worker threads",
|
||||
:default => "192"
|
||||
|
||||
attribute "apache/worker/threadsperchild",
|
||||
:display_name => "Apache Worker MPM ThreadsPerChild",
|
||||
:description => "Constant number of worker threads in each server process",
|
||||
:default => "64"
|
||||
|
||||
attribute "apache/worker/maxrequestsperchild",
|
||||
:display_name => "Apache Worker MPM MaxRequestsPerChild",
|
||||
:description => "Maximum number of request a child process will handle",
|
||||
:default => "0"
|
||||
|
||||
attribute "apache/default_modules",
|
||||
:display_name => "Apache Default Modules",
|
||||
:description => "Default modules to enable via recipes",
|
||||
:default => "status alias auth_basic authn_file authz_default authz_groupfile authz_host authz_user autoindex dir env mime negotiation setenvif"
|
||||
|
||||
attribute "apache/mod_ssl/cipher_suite",
|
||||
:display_name => "Apache mod_ssl Cipher Suite",
|
||||
:description => "String of SSL ciphers to use for SSLCipherSuite",
|
||||
:default => "RC4-SHA:HIGH:!ADH"
|
223
chef/cookbooks/apache2/recipes/default.rb
Normal file
223
chef/cookbooks/apache2/recipes/default.rb
Normal file
@ -0,0 +1,223 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: default
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
package "apache2" do
|
||||
package_name node['apache']['package']
|
||||
end
|
||||
|
||||
service "apache2" do
|
||||
case node['platform_family']
|
||||
when "rhel", "fedora", "suse"
|
||||
service_name "httpd"
|
||||
# If restarted/reloaded too quickly httpd has a habit of failing.
|
||||
# This may happen with multiple recipes notifying apache to restart - like
|
||||
# during the initial bootstrap.
|
||||
restart_command "/sbin/service httpd restart && sleep 1"
|
||||
reload_command "/sbin/service httpd reload && sleep 1"
|
||||
when "debian"
|
||||
service_name "apache2"
|
||||
restart_command "/usr/sbin/invoke-rc.d apache2 restart && sleep 1"
|
||||
reload_command "/usr/sbin/invoke-rc.d apache2 reload && sleep 1"
|
||||
when "arch"
|
||||
service_name "httpd"
|
||||
when "freebsd"
|
||||
service_name "apache22"
|
||||
end
|
||||
supports [:restart, :reload, :status]
|
||||
action :enable
|
||||
end
|
||||
|
||||
if platform_family?("rhel", "fedora", "arch", "suse", "freebsd")
|
||||
directory node['apache']['log_dir'] do
|
||||
mode 00755
|
||||
end
|
||||
|
||||
package "perl"
|
||||
|
||||
cookbook_file "/usr/local/bin/apache2_module_conf_generate.pl" do
|
||||
source "apache2_module_conf_generate.pl"
|
||||
mode 00755
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
end
|
||||
|
||||
%w{sites-available sites-enabled mods-available mods-enabled}.each do |dir|
|
||||
directory "#{node['apache']['dir']}/#{dir}" do
|
||||
mode 00755
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
end
|
||||
end
|
||||
|
||||
execute "generate-module-list" do
|
||||
command "/usr/local/bin/apache2_module_conf_generate.pl #{node['apache']['lib_dir']} #{node['apache']['dir']}/mods-available"
|
||||
action :nothing
|
||||
end
|
||||
|
||||
%w{a2ensite a2dissite a2enmod a2dismod}.each do |modscript|
|
||||
template "/usr/sbin/#{modscript}" do
|
||||
source "#{modscript}.erb"
|
||||
mode 00700
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
end
|
||||
end
|
||||
|
||||
# installed by default on centos/rhel, remove in favour of mods-enabled
|
||||
%w{ proxy_ajp auth_pam authz_ldap webalizer ssl welcome }.each do |f|
|
||||
file "#{node['apache']['dir']}/conf.d/#{f}.conf" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
end
|
||||
|
||||
# installed by default on centos/rhel, remove in favour of mods-enabled
|
||||
file "#{node['apache']['dir']}/conf.d/README" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
|
||||
# enable mod_deflate for consistency across distributions
|
||||
include_recipe "apache2::mod_deflate"
|
||||
end
|
||||
|
||||
if platform_family?("freebsd")
|
||||
|
||||
file "#{node['apache']['dir']}/Includes/no-accf.conf" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
|
||||
directory "#{node['apache']['dir']}/Includes" do
|
||||
action :delete
|
||||
end
|
||||
|
||||
%w{
|
||||
httpd-autoindex.conf httpd-dav.conf httpd-default.conf httpd-info.conf
|
||||
httpd-languages.conf httpd-manual.conf httpd-mpm.conf
|
||||
httpd-multilang-errordoc.conf httpd-ssl.conf httpd-userdir.conf
|
||||
httpd-vhosts.conf
|
||||
}.each do |f|
|
||||
|
||||
file "#{node['apache']['dir']}/extra/#{f}" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
directory "#{node['apache']['dir']}/extra" do
|
||||
action :delete
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
directory "#{node['apache']['dir']}/ssl" do
|
||||
mode 00755
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
end
|
||||
|
||||
directory "#{node['apache']['dir']}/conf.d" do
|
||||
mode 00755
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
end
|
||||
|
||||
directory node['apache']['cache_dir'] do
|
||||
mode 00755
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
end
|
||||
|
||||
# Set the preferred execution binary - prefork or worker
|
||||
template "/etc/sysconfig/httpd" do
|
||||
source "etc-sysconfig-httpd.erb"
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
mode 00644
|
||||
notifies :restart, "service[apache2]"
|
||||
only_if { platform_family?("rhel", "fedora") }
|
||||
end
|
||||
|
||||
template "apache2.conf" do
|
||||
case node['platform_family']
|
||||
when "rhel", "fedora", "arch"
|
||||
path "#{node['apache']['dir']}/conf/httpd.conf"
|
||||
when "debian"
|
||||
path "#{node['apache']['dir']}/apache2.conf"
|
||||
when "freebsd"
|
||||
path "#{node['apache']['dir']}/httpd.conf"
|
||||
end
|
||||
source "apache2.conf.erb"
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
mode 00644
|
||||
notifies :restart, "service[apache2]"
|
||||
end
|
||||
|
||||
template "apache2-conf-security" do
|
||||
path "#{node['apache']['dir']}/conf.d/security"
|
||||
source "security.erb"
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
mode 00644
|
||||
backup false
|
||||
notifies :restart, "service[apache2]"
|
||||
end
|
||||
|
||||
template "apache2-conf-charset" do
|
||||
path "#{node['apache']['dir']}/conf.d/charset"
|
||||
source "charset.erb"
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
mode 00644
|
||||
backup false
|
||||
notifies :restart, "service[apache2]"
|
||||
end
|
||||
|
||||
template "#{node['apache']['dir']}/ports.conf" do
|
||||
source "ports.conf.erb"
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
variables :apache_listen_ports => node['apache']['listen_ports'].map { |p| p.to_i }.uniq
|
||||
mode 00644
|
||||
notifies :restart, "service[apache2]"
|
||||
end
|
||||
|
||||
template "#{node['apache']['dir']}/sites-available/default" do
|
||||
source "default-site.erb"
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
mode 00644
|
||||
notifies :restart, "service[apache2]"
|
||||
end
|
||||
|
||||
node['apache']['default_modules'].each do |mod|
|
||||
module_recipe_name = mod =~ /^mod_/ ? mod : "mod_#{mod}"
|
||||
include_recipe "apache2::#{module_recipe_name}"
|
||||
end
|
||||
|
||||
apache_site "default" do
|
||||
enable node['apache']['default_site_enabled']
|
||||
end
|
||||
|
||||
service "apache2" do
|
||||
action :start
|
||||
end
|
33
chef/cookbooks/apache2/recipes/god_monitor.rb
Normal file
33
chef/cookbooks/apache2/recipes/god_monitor.rb
Normal file
@ -0,0 +1,33 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: god_monitor
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_service = service "apache2" do
|
||||
action :nothing
|
||||
end
|
||||
|
||||
start_command = apache_service.start_command
|
||||
stop_command = apache_service.stop_command
|
||||
restart_command = apache_service.restart_command
|
||||
|
||||
god_monitor "apache2" do
|
||||
config "apache2.god.erb"
|
||||
start (start_command)?start_command : "/etc/init.d/#{apache_service.service_name} start"
|
||||
restart (restart_command)?restart_command : "/etc/init.d/#{apache_service.service_name} restart"
|
||||
stop (stop_command)?stop_command : "/etc/init.d/#{apache_service.service_name} stop"
|
||||
end
|
20
chef/cookbooks/apache2/recipes/iptables.rb
Normal file
20
chef/cookbooks/apache2/recipes/iptables.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: iptables
|
||||
#
|
||||
# Copyright 2012, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
iptables_rule "port_apache"
|
31
chef/cookbooks/apache2/recipes/logrotate.rb
Normal file
31
chef/cookbooks/apache2/recipes/logrotate.rb
Normal file
@ -0,0 +1,31 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: logrotate
|
||||
#
|
||||
# Copyright 2012, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_service = service "apache2" do
|
||||
action :nothing
|
||||
end
|
||||
|
||||
begin
|
||||
include_recipe 'logrotate'
|
||||
rescue
|
||||
Chef::Log.warn("The apache::logrotate recipe requires the logrotate cookbook. Install the cookbook with `knife cookbook site install logrotate`.")
|
||||
end
|
||||
logrotate_app apache_service.service_name do
|
||||
path node['apache']['log_dir']
|
||||
end
|
20
chef/cookbooks/apache2/recipes/mod_actions.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_actions.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: actions
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "actions"
|
22
chef/cookbooks/apache2/recipes/mod_alias.rb
Normal file
22
chef/cookbooks/apache2/recipes/mod_alias.rb
Normal file
@ -0,0 +1,22 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: alias
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "alias" do
|
||||
conf true
|
||||
end
|
54
chef/cookbooks/apache2/recipes/mod_apreq2.rb
Normal file
54
chef/cookbooks/apache2/recipes/mod_apreq2.rb
Normal file
@ -0,0 +1,54 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: apreq2
|
||||
#
|
||||
# modified from the python recipe by Jeremy Bingham
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
include_recipe "apache2"
|
||||
|
||||
case node['platform_family']
|
||||
when "debian"
|
||||
|
||||
package "libapache2-mod-apreq2"
|
||||
|
||||
when "rhel", "fedora"
|
||||
|
||||
package "libapreq2" do
|
||||
notifies :run, "execute[generate-module-list]", :immediately
|
||||
end
|
||||
|
||||
# seems that the apreq lib is weirdly broken or something - it needs to be
|
||||
# loaded as "apreq", but on RHEL & derivitatives the file needs a symbolic
|
||||
# link to mod_apreq.so.
|
||||
link "/usr/lib64/httpd/modules/mod_apreq.so" do
|
||||
to "/usr/lib64/httpd/modules/mod_apreq2.so"
|
||||
only_if "test -f /usr/lib64/httpd/modules/mod_apreq2.so"
|
||||
end
|
||||
|
||||
link "/usr/lib/httpd/modules/mod_apreq.so" do
|
||||
to "/usr/lib/httpd/modules/mod_apreq2.so"
|
||||
only_if "test -f /usr/lib/httpd/modules/mod_apreq2.so"
|
||||
end
|
||||
end
|
||||
|
||||
file "#{node['apache']['dir']}/conf.d/apreq.conf" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
|
||||
apache_module "apreq"
|
20
chef/cookbooks/apache2/recipes/mod_auth_basic.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_auth_basic.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: auth_basic
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "auth_basic"
|
59
chef/cookbooks/apache2/recipes/mod_auth_cas.rb
Normal file
59
chef/cookbooks/apache2/recipes/mod_auth_cas.rb
Normal file
@ -0,0 +1,59 @@
|
||||
include_recipe "apache2"
|
||||
|
||||
if node['apache']['mod_auth_cas']['from_source']
|
||||
|
||||
package "httpd-devel" do
|
||||
package_name value_for_platform_family(
|
||||
["rhel", "fedora", "suse"] => "httpd-devel",
|
||||
"debian" => "apache2-dev"
|
||||
)
|
||||
end
|
||||
|
||||
git '/tmp/mod_auth_cas' do
|
||||
repository 'git://github.com/Jasig/mod_auth_cas.git'
|
||||
revision node['apache']['mod_auth_cas']['source_revision']
|
||||
notifies :run, 'execute[compile mod_auth_cas]', :immediately
|
||||
end
|
||||
|
||||
execute 'compile mod_auth_cas' do
|
||||
command './configure && make && make install'
|
||||
cwd '/tmp/mod_auth_cas'
|
||||
not_if "test -f #{node['apache']['libexecdir']}/mod_auth_cas.so"
|
||||
end
|
||||
|
||||
template "#{node['apache']['dir']}/mods-available/auth_cas.load" do
|
||||
source 'mods/auth_cas.load.erb'
|
||||
owner 'root'
|
||||
group node['apache']['root_group']
|
||||
mode 00644
|
||||
end
|
||||
|
||||
else
|
||||
case node['platform_family']
|
||||
when "debian"
|
||||
|
||||
package "libapache2-mod-auth-cas"
|
||||
|
||||
when "rhel", "fedora"
|
||||
|
||||
yum_package "mod_auth_cas" do
|
||||
notifies :run, "execute[generate-module-list]", :immediately
|
||||
end
|
||||
|
||||
file "#{node['apache']['dir']}/conf.d/auth_cas.conf" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
apache_module 'auth_cas' do
|
||||
conf true
|
||||
end
|
||||
|
||||
directory "#{node['apache']['cache_dir']}/mod_auth_cas" do
|
||||
owner node['apache']['user']
|
||||
group node['apache']['group']
|
||||
mode 00700
|
||||
end
|
20
chef/cookbooks/apache2/recipes/mod_auth_digest.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_auth_digest.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: auth_digest
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "auth_digest"
|
125
chef/cookbooks/apache2/recipes/mod_auth_openid.rb
Normal file
125
chef/cookbooks/apache2/recipes/mod_auth_openid.rb
Normal file
@ -0,0 +1,125 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: mod_auth_openid
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
openid_dev_pkgs = value_for_platform_family(
|
||||
["debian"] => %w{automake make g++ apache2-prefork-dev libopkele-dev libopkele3 libtool},
|
||||
["rhel", "fedora"] => %w{gcc-c++ httpd-devel curl-devel libtidy libtidy-devel sqlite-devel pcre-devel openssl-devel make libtool},
|
||||
"arch" => ["libopkele"],
|
||||
"freebsd" => %w{libopkele pcre sqlite3}
|
||||
)
|
||||
|
||||
make_cmd = value_for_platform_family(
|
||||
"freebsd" => { "default" => "gmake" },
|
||||
"default" => "make"
|
||||
)
|
||||
|
||||
case node['platform_family']
|
||||
when "arch"
|
||||
|
||||
include_recipe "pacman"
|
||||
package "tidyhtml"
|
||||
pacman_aur openid_dev_pkgs.first do
|
||||
action [:build, :install]
|
||||
end
|
||||
|
||||
else
|
||||
openid_dev_pkgs.each do |pkg|
|
||||
|
||||
package pkg
|
||||
|
||||
end
|
||||
end
|
||||
|
||||
case node['platform_family']
|
||||
when "rhel", "fedora"
|
||||
remote_file "#{Chef::Config['file_cache_path']}/libopkele-2.0.4.tar.gz" do
|
||||
source "http://kin.klever.net/dist/libopkele-2.0.4.tar.gz"
|
||||
mode 00644
|
||||
checksum "57a5bc753b7e80c5ece1e5968b2051b0ce7ed9ce4329d17122c61575a9ea7648"
|
||||
end
|
||||
|
||||
bash "install libopkele" do
|
||||
cwd Chef::Config['file_cache_path']
|
||||
# Ruby 1.8.6 does not have rpartition, unfortunately
|
||||
syslibdir = node['apache']['lib_dir'][0..node['apache']['lib_dir'].rindex("/")]
|
||||
code <<-EOH
|
||||
tar zxvf libopkele-2.0.4.tar.gz
|
||||
cd libopkele-2.0.4 && ./configure --prefix=/usr --libdir=#{syslibdir}
|
||||
#{make_cmd} && #{make_cmd} install
|
||||
EOH
|
||||
creates "#{syslibdir}/libopkele.a"
|
||||
end
|
||||
end
|
||||
|
||||
version = node['apache']['mod_auth_openid']['ref']
|
||||
configure_flags = node['apache']['mod_auth_openid']['configure_flags']
|
||||
|
||||
remote_file "#{Chef::Config['file_cache_path']}/mod_auth_openid-#{version}.tar.gz" do
|
||||
source node['apache']['mod_auth_openid']['source_url']
|
||||
mode 00644
|
||||
action :create_if_missing
|
||||
end
|
||||
|
||||
file "mod_auth_openid_dblocation" do
|
||||
path node['apache']['mod_auth_openid']['dblocation']
|
||||
action :nothing
|
||||
end
|
||||
|
||||
bash "untar mod_auth_openid" do
|
||||
cwd Chef::Config['file_cache_path']
|
||||
code <<-EOH
|
||||
tar zxvf mod_auth_openid-#{version}.tar.gz
|
||||
EOH
|
||||
end
|
||||
|
||||
bash "compile mod_auth_openid" do
|
||||
cwd "#{Chef::Config['file_cache_path']}/mod_auth_openid-#{version}"
|
||||
code <<-EOH
|
||||
./autogen.sh
|
||||
./configure #{configure_flags.join(' ')}
|
||||
perl -pi -e "s/-i -a -n 'authopenid'/-i -n 'authopenid'/g" Makefile
|
||||
#{make_cmd} && #{make_cmd} install
|
||||
EOH
|
||||
creates "#{node['apache']['libexecdir']}/mod_auth_openid.so"
|
||||
notifies :delete, "file[mod_auth_openid_dblocation]", :immediately
|
||||
notifies :restart, "service[apache2]"
|
||||
end
|
||||
|
||||
directory node['apache']['mod_auth_openid']['cache_dir'] do
|
||||
owner node['apache']['user']
|
||||
group node['apache']['group']
|
||||
mode 00700
|
||||
end
|
||||
|
||||
file node['apache']['mod_auth_openid']['dblocation'] do
|
||||
owner node['apache']['user']
|
||||
group node['apache']['group']
|
||||
mode 00644
|
||||
end
|
||||
|
||||
template "#{node['apache']['dir']}/mods-available/authopenid.load" do
|
||||
source "mods/authopenid.load.erb"
|
||||
owner "root"
|
||||
group node['apache']['root_group']
|
||||
mode 00644
|
||||
end
|
||||
|
||||
apache_module "authopenid" do
|
||||
filename "mod_auth_openid.so"
|
||||
end
|
20
chef/cookbooks/apache2/recipes/mod_authn_file.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_authn_file.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: authn_file
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "authn_file"
|
20
chef/cookbooks/apache2/recipes/mod_authnz_ldap.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_authnz_ldap.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: authnz_ldap
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "authnz_ldap"
|
20
chef/cookbooks/apache2/recipes/mod_authz_default.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_authz_default.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: authz_default
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "authz_default"
|
20
chef/cookbooks/apache2/recipes/mod_authz_groupfile.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_authz_groupfile.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: authz_groupfile
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "authz_groupfile"
|
20
chef/cookbooks/apache2/recipes/mod_authz_host.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_authz_host.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: authz_host
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "authz_host"
|
20
chef/cookbooks/apache2/recipes/mod_authz_user.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_authz_user.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: authz_user
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "authz_user"
|
22
chef/cookbooks/apache2/recipes/mod_autoindex.rb
Normal file
22
chef/cookbooks/apache2/recipes/mod_autoindex.rb
Normal file
@ -0,0 +1,22 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: autoindex
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "autoindex" do
|
||||
conf true
|
||||
end
|
20
chef/cookbooks/apache2/recipes/mod_cgi.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_cgi.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: cgi
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "cgi"
|
20
chef/cookbooks/apache2/recipes/mod_dav.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_dav.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: dav
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "dav"
|
21
chef/cookbooks/apache2/recipes/mod_dav_fs.rb
Normal file
21
chef/cookbooks/apache2/recipes/mod_dav_fs.rb
Normal file
@ -0,0 +1,21 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: dav_fs
|
||||
#
|
||||
# Copyright 2011, Atriso
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
include_recipe "apache2::mod_dav"
|
||||
apache_module "dav_fs"
|
41
chef/cookbooks/apache2/recipes/mod_dav_svn.rb
Normal file
41
chef/cookbooks/apache2/recipes/mod_dav_svn.rb
Normal file
@ -0,0 +1,41 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: dav_svn
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
include_recipe "apache2::mod_dav"
|
||||
|
||||
package "libapache2-svn" do
|
||||
case node['platform_family']
|
||||
when "rhel", "fedora", "suse"
|
||||
package_name "mod_dav_svn"
|
||||
else
|
||||
package_name "libapache2-svn"
|
||||
end
|
||||
end
|
||||
|
||||
case node['platform_family']
|
||||
when "rhel", "fedora", "suse"
|
||||
|
||||
file "#{node['apache']['conf']}/conf.d/subversion.conf" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
apache_module "dav_svn"
|
22
chef/cookbooks/apache2/recipes/mod_deflate.rb
Normal file
22
chef/cookbooks/apache2/recipes/mod_deflate.rb
Normal file
@ -0,0 +1,22 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: deflate
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "deflate" do
|
||||
conf true
|
||||
end
|
22
chef/cookbooks/apache2/recipes/mod_dir.rb
Normal file
22
chef/cookbooks/apache2/recipes/mod_dir.rb
Normal file
@ -0,0 +1,22 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: dir
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "dir" do
|
||||
conf true
|
||||
end
|
20
chef/cookbooks/apache2/recipes/mod_env.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_env.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: env
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "env"
|
20
chef/cookbooks/apache2/recipes/mod_expires.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_expires.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: expires
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "expires"
|
26
chef/cookbooks/apache2/recipes/mod_fastcgi.rb
Normal file
26
chef/cookbooks/apache2/recipes/mod_fastcgi.rb
Normal file
@ -0,0 +1,26 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: fastcgi
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
if platform_family?("debian")
|
||||
package "libapache2-mod-fastcgi"
|
||||
|
||||
apache_module "fastcgi" do
|
||||
conf true
|
||||
end
|
||||
end
|
55
chef/cookbooks/apache2/recipes/mod_fcgid.rb
Normal file
55
chef/cookbooks/apache2/recipes/mod_fcgid.rb
Normal file
@ -0,0 +1,55 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: fcgid
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
if platform_family?("debian")
|
||||
package "libapache2-mod-fcgid"
|
||||
elsif platform_family?("rhel", "fedora")
|
||||
|
||||
package "mod_fcgid" do
|
||||
notifies :run, resources(:execute => "generate-module-list"), :immediately
|
||||
end
|
||||
|
||||
file "#{node['apache']['dir']}/conf.d/fcgid.conf" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
|
||||
directory "/var/run/httpd/mod_fcgid" do
|
||||
recursive true
|
||||
only_if { node['platform_version'].to_i >= 6 }
|
||||
end
|
||||
|
||||
elsif platform_family?("suse")
|
||||
apache_lib_path = node['apache']['lib_dir']
|
||||
|
||||
package "httpd-devel"
|
||||
|
||||
bash "install-fcgid" do
|
||||
code <<-EOH
|
||||
(cd #{Chef::Config['file_cache_path']}; wget http://superb-east.dl.sourceforge.net/sourceforge/mod-fcgid/mod_fcgid.2.2.tgz)
|
||||
(cd #{Chef::Config['file_cache_path']}; tar zxvf mod_fcgid.2.2.tgz)
|
||||
(cd #{Chef::Config['file_cache_path']}; perl -pi -e 's!/usr/local/apache2!#{apache_lib_path}!g' ./mod_fcgid.2.2/Makefile)
|
||||
(cd #{Chef::Config['file_cache_path']}/mod_fcgid.2.2; make install)
|
||||
EOH
|
||||
end
|
||||
end
|
||||
|
||||
apache_module "fcgid" do
|
||||
conf true
|
||||
end
|
20
chef/cookbooks/apache2/recipes/mod_filter.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_filter.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: filter
|
||||
#
|
||||
# Copyright 2008-2013, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "filter"
|
20
chef/cookbooks/apache2/recipes/mod_headers.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_headers.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: headers
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "headers"
|
22
chef/cookbooks/apache2/recipes/mod_include.rb
Normal file
22
chef/cookbooks/apache2/recipes/mod_include.rb
Normal file
@ -0,0 +1,22 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: include
|
||||
#
|
||||
# Copyright 2012, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "include" do
|
||||
conf true
|
||||
end
|
20
chef/cookbooks/apache2/recipes/mod_ldap.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_ldap.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: ldap
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "ldap"
|
24
chef/cookbooks/apache2/recipes/mod_log_config.rb
Normal file
24
chef/cookbooks/apache2/recipes/mod_log_config.rb
Normal file
@ -0,0 +1,24 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: log_config
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
if platform_family?("rhel", "fedora", "suse", "arch", "freebsd")
|
||||
apache_module "log_config"
|
||||
else
|
||||
include_recipe "apache2"
|
||||
end
|
24
chef/cookbooks/apache2/recipes/mod_logio.rb
Normal file
24
chef/cookbooks/apache2/recipes/mod_logio.rb
Normal file
@ -0,0 +1,24 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: logio
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
if platform_family?("rhel", "fedora", "suse", "arch", "freebsd")
|
||||
apache_module "logio"
|
||||
else
|
||||
include_recipe "apache2"
|
||||
end
|
22
chef/cookbooks/apache2/recipes/mod_mime.rb
Normal file
22
chef/cookbooks/apache2/recipes/mod_mime.rb
Normal file
@ -0,0 +1,22 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: mime
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "mime" do
|
||||
conf true
|
||||
end
|
22
chef/cookbooks/apache2/recipes/mod_negotiation.rb
Normal file
22
chef/cookbooks/apache2/recipes/mod_negotiation.rb
Normal file
@ -0,0 +1,22 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: negotiation
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "negotiation" do
|
||||
conf true
|
||||
end
|
44
chef/cookbooks/apache2/recipes/mod_perl.rb
Normal file
44
chef/cookbooks/apache2/recipes/mod_perl.rb
Normal file
@ -0,0 +1,44 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: perl
|
||||
#
|
||||
# adapted from the mod_python recipe by Jeremy Bingham
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
case node['platform_family']
|
||||
when "debian"
|
||||
%w{libapache2-mod-perl2 libapache2-request-perl apache2-mpm-prefork}.each do |pkg|
|
||||
|
||||
package pkg
|
||||
|
||||
end
|
||||
when "rhel", "fedora"
|
||||
|
||||
package "mod_perl" do
|
||||
notifies :run, "execute[generate-module-list]", :immediately
|
||||
end
|
||||
|
||||
package "perl-libapreq2"
|
||||
|
||||
end
|
||||
|
||||
file "#{node['apache']['dir']}/conf.d/perl.conf" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
|
||||
apache_module "perl"
|
78
chef/cookbooks/apache2/recipes/mod_php5.rb
Normal file
78
chef/cookbooks/apache2/recipes/mod_php5.rb
Normal file
@ -0,0 +1,78 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: php5
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
case node['platform_family']
|
||||
when "debian"
|
||||
|
||||
package "libapache2-mod-php5"
|
||||
|
||||
when "arch"
|
||||
|
||||
package "php-apache" do
|
||||
notifies :run, "execute[generate-module-list]", :immediately
|
||||
end
|
||||
|
||||
when "rhel"
|
||||
|
||||
package "which"
|
||||
package "php package" do
|
||||
if node['platform_version'].to_f < 6.0
|
||||
package_name "php53"
|
||||
else
|
||||
package_name "php"
|
||||
end
|
||||
notifies :run, "execute[generate-module-list]", :immediately
|
||||
not_if "which php"
|
||||
end
|
||||
|
||||
when "fedora"
|
||||
|
||||
package "php package" do
|
||||
package_name "php"
|
||||
notifies :run, "execute[generate-module-list]", :immediately
|
||||
not_if "which php"
|
||||
end
|
||||
|
||||
when "freebsd"
|
||||
|
||||
freebsd_port_options "php5" do
|
||||
options "APACHE" => true
|
||||
action :create
|
||||
end
|
||||
|
||||
package "php package" do
|
||||
package_name "php5"
|
||||
source "ports"
|
||||
notifies :run, "execute[generate-module-list]", :immediately
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
file "#{node['apache']['dir']}/conf.d/php.conf" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
|
||||
apache_module "php5" do
|
||||
case node['platform_family']
|
||||
when "rhel", "fedora", "freebsd"
|
||||
conf true
|
||||
filename "libphp5.so"
|
||||
end
|
||||
end
|
22
chef/cookbooks/apache2/recipes/mod_proxy.rb
Normal file
22
chef/cookbooks/apache2/recipes/mod_proxy.rb
Normal file
@ -0,0 +1,22 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: proxy
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "proxy" do
|
||||
conf true
|
||||
end
|
21
chef/cookbooks/apache2/recipes/mod_proxy_ajp.rb
Normal file
21
chef/cookbooks/apache2/recipes/mod_proxy_ajp.rb
Normal file
@ -0,0 +1,21 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: proxy
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
include_recipe "apache2::mod_proxy"
|
||||
apache_module "proxy_ajp"
|
20
chef/cookbooks/apache2/recipes/mod_proxy_balancer.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_proxy_balancer.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: proxy
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "proxy_balancer"
|
20
chef/cookbooks/apache2/recipes/mod_proxy_connect.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_proxy_connect.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: proxy
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "proxy_connect"
|
20
chef/cookbooks/apache2/recipes/mod_proxy_http.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_proxy_http.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: proxy_http
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "proxy_http"
|
37
chef/cookbooks/apache2/recipes/mod_python.rb
Normal file
37
chef/cookbooks/apache2/recipes/mod_python.rb
Normal file
@ -0,0 +1,37 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: python
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
case node['platform_family']
|
||||
when "debian"
|
||||
|
||||
package "libapache2-mod-python"
|
||||
|
||||
when "rhel", "fedora"
|
||||
|
||||
package "mod_python" do
|
||||
notifies :run, "execute[generate-module-list]", :immediately
|
||||
end
|
||||
end
|
||||
|
||||
file "#{node['apache']['dir']}/conf.d/python.conf" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
|
||||
apache_module "python"
|
20
chef/cookbooks/apache2/recipes/mod_rewrite.rb
Normal file
20
chef/cookbooks/apache2/recipes/mod_rewrite.rb
Normal file
@ -0,0 +1,20 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: rewrite
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "rewrite"
|
22
chef/cookbooks/apache2/recipes/mod_setenvif.rb
Normal file
22
chef/cookbooks/apache2/recipes/mod_setenvif.rb
Normal file
@ -0,0 +1,22 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: setenvif
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "setenvif" do
|
||||
conf true
|
||||
end
|
46
chef/cookbooks/apache2/recipes/mod_ssl.rb
Normal file
46
chef/cookbooks/apache2/recipes/mod_ssl.rb
Normal file
@ -0,0 +1,46 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: ssl
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
unless node['apache']['listen_ports'].include?("443")
|
||||
node.set['apache']['listen_ports'] = node['apache']['listen_ports'] + ["443"]
|
||||
end
|
||||
|
||||
ports = node['apache']['listen_ports']
|
||||
|
||||
if platform_family?("rhel", "fedora", "suse")
|
||||
|
||||
package "mod_ssl" do
|
||||
notifies :run, "execute[generate-module-list]", :immediately
|
||||
end
|
||||
|
||||
file "#{node['apache']['dir']}/conf.d/ssl.conf" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
end
|
||||
|
||||
template "#{node['apache']['dir']}/ports.conf" do
|
||||
source "ports.conf.erb"
|
||||
variables :apache_listen_ports => ports.map { |p| p.to_i }.uniq
|
||||
notifies :restart, "service[apache2]"
|
||||
mode 00644
|
||||
end
|
||||
|
||||
apache_module "ssl" do
|
||||
conf true
|
||||
end
|
22
chef/cookbooks/apache2/recipes/mod_status.rb
Normal file
22
chef/cookbooks/apache2/recipes/mod_status.rb
Normal file
@ -0,0 +1,22 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: status
|
||||
#
|
||||
# Copyright 2008-2009, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
apache_module "status" do
|
||||
conf true
|
||||
end
|
38
chef/cookbooks/apache2/recipes/mod_wsgi.rb
Normal file
38
chef/cookbooks/apache2/recipes/mod_wsgi.rb
Normal file
@ -0,0 +1,38 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: mod_wsgi
|
||||
#
|
||||
# Copyright 2008-2012, Opscode, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
case node['platform_family']
|
||||
when "debian"
|
||||
|
||||
package "libapache2-mod-wsgi"
|
||||
|
||||
when "rhel", "fedora", "arch"
|
||||
|
||||
package "mod_wsgi" do
|
||||
notifies :run, "execute[generate-module-list]", :immediately
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
file "#{node['apache']['dir']}/conf.d/wsgi.conf" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
|
||||
apache_module "wsgi"
|
38
chef/cookbooks/apache2/recipes/mod_xsendfile.rb
Normal file
38
chef/cookbooks/apache2/recipes/mod_xsendfile.rb
Normal file
@ -0,0 +1,38 @@
|
||||
#
|
||||
# Cookbook Name:: apache2
|
||||
# Recipe:: mod_xsendfile
|
||||
#
|
||||
# Copyright 2011, CustomInk, LLC.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
case node['platform_family']
|
||||
when "debian"
|
||||
|
||||
package "libapache2-mod-xsendfile"
|
||||
|
||||
when "rhel", "fedora"
|
||||
|
||||
package "mod_xsendfile" do
|
||||
notifies :run, "execute[generate-module-list]", :immediately
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
file "#{node['apache']['dir']}/conf.d/xsendfile.conf" do
|
||||
action :delete
|
||||
backup false
|
||||
end
|
||||
|
||||
apache_module "xsendfile"
|
22
chef/cookbooks/apache2/templates/default/a2dismod.erb
Normal file
22
chef/cookbooks/apache2/templates/default/a2dismod.erb
Normal file
@ -0,0 +1,22 @@
|
||||
#!/bin/sh -e
|
||||
|
||||
SYSCONFDIR='<%= node['apache']['dir'] %>'
|
||||
|
||||
if [ -z $1 ]; then
|
||||
echo "Which module would you like to disable?"
|
||||
echo -n "Your choices are: "
|
||||
ls $SYSCONFDIR/mods-enabled/*.load | \
|
||||
sed -e "s,$SYSCONFDIR/mods-enabled/,,g" | sed -e 's/\.load$//g;' | xargs echo
|
||||
echo -n "Module name? "
|
||||
read MODNAME
|
||||
else
|
||||
MODNAME=$1
|
||||
fi
|
||||
|
||||
if ! [ -e $SYSCONFDIR/mods-enabled/$MODNAME.load ]; then
|
||||
echo "This module is already disabled, or does not exist!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
rm -f $SYSCONFDIR/mods-enabled/$MODNAME.*
|
||||
echo "Module $MODNAME disabled; reload apache to fully disable."
|
29
chef/cookbooks/apache2/templates/default/a2dissite.erb
Normal file
29
chef/cookbooks/apache2/templates/default/a2dissite.erb
Normal file
@ -0,0 +1,29 @@
|
||||
#!/bin/sh -e
|
||||
|
||||
SYSCONFDIR='<%= node['apache']['dir'] %>'
|
||||
|
||||
if [ -z $1 ]; then
|
||||
echo "Which site would you like to disable?"
|
||||
echo -n "Your choices are: "
|
||||
ls $SYSCONFDIR/sites-enabled/* | \
|
||||
sed -e "s,$SYSCONFDIR/sites-enabled/,,g" | xargs echo
|
||||
echo -n "Site name? "
|
||||
read SITENAME
|
||||
else
|
||||
SITENAME=$1
|
||||
fi
|
||||
|
||||
if [ $SITENAME = "default" ]; then
|
||||
PRIORITY="000"
|
||||
fi
|
||||
|
||||
if ! [ -e $SYSCONFDIR/sites-enabled/$SITENAME -o \
|
||||
-e $SYSCONFDIR/sites-enabled/"$PRIORITY"-"$SITENAME" ]; then
|
||||
echo "This site is already disabled, or does not exist!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if ! rm $SYSCONFDIR/sites-enabled/$SITENAME 2>/dev/null; then
|
||||
rm -f $SYSCONFDIR/sites-enabled/"$PRIORITY"-"$SITENAME"
|
||||
fi
|
||||
echo "Site $SITENAME disabled; reload apache to disable."
|
37
chef/cookbooks/apache2/templates/default/a2enmod.erb
Normal file
37
chef/cookbooks/apache2/templates/default/a2enmod.erb
Normal file
@ -0,0 +1,37 @@
|
||||
#!/bin/sh -e
|
||||
|
||||
SYSCONFDIR='<%= node['apache']['dir'] %>'
|
||||
|
||||
if [ -z $1 ]; then
|
||||
echo "Which module would you like to enable?"
|
||||
echo -n "Your choices are: "
|
||||
ls $SYSCONFDIR/mods-available/*.load | \
|
||||
sed -e "s,$SYSCONFDIR/mods-available/,,g" | sed -e 's/\.load$//g;' | xargs echo
|
||||
echo -n "Module name? "
|
||||
read MODNAME
|
||||
else
|
||||
MODNAME=$1
|
||||
fi
|
||||
|
||||
#figure out if we're on a prefork or threaded mpm
|
||||
if [ -x /usr/sbin/apache2 ]; then
|
||||
PREFORK=`/usr/sbin/apache2 -l | grep prefork || true`
|
||||
fi
|
||||
|
||||
if [ -e $SYSCONFDIR/mods-enabled/$MODNAME.load -a -e $SYSCONFDIR/mods-enabled/$MODNAME.conf ]; then
|
||||
echo "This module is already enabled!"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if ! [ -e $SYSCONFDIR/mods-available/$MODNAME.load ]; then
|
||||
echo "This module does not exist!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
for i in conf load; do
|
||||
if [ -e $SYSCONFDIR/mods-available/$MODNAME.$i -a ! -e $SYSCONFDIR/mods-enabled/$MODNAME.$i ]; then
|
||||
ln -sf $SYSCONFDIR/mods-available/$MODNAME.$i $SYSCONFDIR/mods-enabled/$MODNAME.$i;
|
||||
fi
|
||||
done
|
||||
|
||||
echo "Module $MODNAME installed; reload apache to enable."
|
38
chef/cookbooks/apache2/templates/default/a2ensite.erb
Normal file
38
chef/cookbooks/apache2/templates/default/a2ensite.erb
Normal file
@ -0,0 +1,38 @@
|
||||
#!/bin/sh -e
|
||||
|
||||
SYSCONFDIR='<%= node['apache']['dir'] %>'
|
||||
|
||||
if [ -z $1 ]; then
|
||||
echo "Which site would you like to enable?"
|
||||
echo -n "Your choices are: "
|
||||
ls $SYSCONFDIR/sites-available/* | \
|
||||
sed -e "s,$SYSCONFDIR/sites-available/,,g" | xargs echo
|
||||
echo -n "Site name? "
|
||||
read SITENAME
|
||||
else
|
||||
SITENAME=$1
|
||||
fi
|
||||
|
||||
if [ $SITENAME = "default" ]; then
|
||||
PRIORITY="000"
|
||||
fi
|
||||
|
||||
if [ -e $SYSCONFDIR/sites-enabled/$SITENAME -o \
|
||||
-e $SYSCONFDIR/sites-enabled/"$PRIORITY"-"$SITENAME" ]; then
|
||||
echo "This site is already enabled!"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if ! [ -e $SYSCONFDIR/sites-available/$SITENAME ]; then
|
||||
echo "This site does not exist!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ $SITENAME = "default" ]; then
|
||||
ln -sf $SYSCONFDIR/sites-available/$SITENAME \
|
||||
$SYSCONFDIR/sites-enabled/"$PRIORITY"-"$SITENAME"
|
||||
else
|
||||
ln -sf $SYSCONFDIR/sites-available/$SITENAME $SYSCONFDIR/sites-enabled/$SITENAME
|
||||
fi
|
||||
|
||||
echo "Site $SITENAME installed; reload apache to enable."
|
238
chef/cookbooks/apache2/templates/default/apache2.conf.erb
Normal file
238
chef/cookbooks/apache2/templates/default/apache2.conf.erb
Normal file
@ -0,0 +1,238 @@
|
||||
#
|
||||
# Generated by Chef
|
||||
#
|
||||
# Based on the Ubuntu apache2.conf
|
||||
|
||||
ServerRoot "<%= node['apache']['dir'] %>"
|
||||
|
||||
#
|
||||
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
|
||||
#
|
||||
<% if %w{debian}.include?(node['platform_family']) -%>
|
||||
LockFile /var/lock/apache2/accept.lock
|
||||
<% elsif %w{freebsd}.include?(node['platform_family']) -%>
|
||||
LockFile /var/log/accept.lock
|
||||
<% else %>
|
||||
LockFile logs/accept.lock
|
||||
<% end -%>
|
||||
|
||||
#
|
||||
# PidFile: The file in which the server should record its process
|
||||
# identification number when it starts.
|
||||
#
|
||||
PidFile <%= node['apache']['pid_file'] %>
|
||||
|
||||
#
|
||||
# Timeout: The number of seconds before receives and sends time out.
|
||||
#
|
||||
Timeout <%= node['apache']['timeout'] %>
|
||||
|
||||
#
|
||||
# KeepAlive: Whether or not to allow persistent connections (more than
|
||||
# one request per connection). Set to "Off" to deactivate.
|
||||
#
|
||||
KeepAlive <%= node['apache']['keepalive'] %>
|
||||
|
||||
#
|
||||
# MaxKeepAliveRequests: The maximum number of requests to allow
|
||||
# during a persistent connection. Set to 0 to allow an unlimited amount.
|
||||
# We recommend you leave this number high, for maximum performance.
|
||||
#
|
||||
MaxKeepAliveRequests <%= node['apache']['keepaliverequests'] %>
|
||||
|
||||
#
|
||||
# KeepAliveTimeout: Number of seconds to wait for the next request from the
|
||||
# same client on the same connection.
|
||||
#
|
||||
KeepAliveTimeout <%= node['apache']['keepalivetimeout'] %>
|
||||
|
||||
##
|
||||
## Server-Pool Size Regulation (MPM specific)
|
||||
##
|
||||
|
||||
# prefork MPM
|
||||
# StartServers: number of server processes to start
|
||||
# MinSpareServers: minimum number of server processes which are kept spare
|
||||
# MaxSpareServers: maximum number of server processes which are kept spare
|
||||
# MaxClients: maximum number of server processes allowed to start
|
||||
# MaxRequestsPerChild: maximum number of requests a server process serves
|
||||
<IfModule mpm_prefork_module>
|
||||
StartServers <%= node['apache']['prefork']['startservers'] %>
|
||||
MinSpareServers <%= node['apache']['prefork']['minspareservers'] %>
|
||||
MaxSpareServers <%= node['apache']['prefork']['maxspareservers'] %>
|
||||
ServerLimit <%= node['apache']['prefork']['serverlimit'] %>
|
||||
MaxClients <%= node['apache']['prefork']['maxclients'] %>
|
||||
MaxRequestsPerChild <%= node['apache']['prefork']['maxrequestsperchild'] %>
|
||||
</IfModule>
|
||||
|
||||
# worker MPM
|
||||
# StartServers: initial number of server processes to start
|
||||
# MaxClients: maximum number of simultaneous client connections
|
||||
# MinSpareThreads: minimum number of worker threads which are kept spare
|
||||
# MaxSpareThreads: maximum number of worker threads which are kept spare
|
||||
# ThreadsPerChild: constant number of worker threads in each server process
|
||||
# MaxRequestsPerChild: maximum number of requests a server process serves
|
||||
<IfModule mpm_worker_module>
|
||||
StartServers <%= node['apache']['worker']['startservers'] %>
|
||||
ServerLimit <%= node['apache']['worker']['serverlimit'] %>
|
||||
MaxClients <%= node['apache']['worker']['maxclients'] %>
|
||||
MinSpareThreads <%= node['apache']['worker']['minsparethreads'] %>
|
||||
MaxSpareThreads <%= node['apache']['worker']['maxsparethreads'] %>
|
||||
ThreadsPerChild <%= node['apache']['worker']['threadsperchild'] %>
|
||||
MaxRequestsPerChild <%= node['apache']['worker']['maxrequestsperchild'] %>
|
||||
</IfModule>
|
||||
|
||||
User <%= node['apache']['user'] %>
|
||||
Group <%= node['apache']['group'] %>
|
||||
|
||||
#
|
||||
# AccessFileName: The name of the file to look for in each directory
|
||||
# for additional configuration directives. See also the AllowOverride
|
||||
# directive.
|
||||
#
|
||||
|
||||
AccessFileName .htaccess
|
||||
|
||||
#
|
||||
# The following lines prevent .htaccess and .htpasswd files from being
|
||||
# viewed by Web clients.
|
||||
#
|
||||
<Files ~ "^\.ht">
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</Files>
|
||||
|
||||
#
|
||||
# DefaultType is the default MIME type the server will use for a document
|
||||
# if it cannot otherwise determine one, such as from filename extensions.
|
||||
# If your server contains mostly text or HTML documents, "text/plain" is
|
||||
# a good value. If most of your content is binary, such as applications
|
||||
# or images, you may want to use "application/octet-stream" instead to
|
||||
# keep browsers from trying to display binary files as though they are
|
||||
# text.
|
||||
#
|
||||
DefaultType text/plain
|
||||
|
||||
|
||||
#
|
||||
# HostnameLookups: Log the names of clients or just their IP addresses
|
||||
# e.g., www.apache.org (on) or 204.62.129.132 (off).
|
||||
# The default is off because it'd be overall better for the net if people
|
||||
# had to knowingly turn this feature on, since enabling it means that
|
||||
# each client request will result in AT LEAST one lookup request to the
|
||||
# nameserver.
|
||||
#
|
||||
HostnameLookups Off
|
||||
|
||||
# ErrorLog: The location of the error log file.
|
||||
# If you do not specify an ErrorLog directive within a <VirtualHost>
|
||||
# container, error messages relating to that virtual host will be
|
||||
# logged here. If you *do* define an error logfile for a <VirtualHost>
|
||||
# container, that host's errors will be logged there and not here.
|
||||
#
|
||||
ErrorLog <%= node['apache']['log_dir'] %>/<%= node['apache']['error_log'] %>
|
||||
|
||||
#
|
||||
# LogLevel: Control the number of messages logged to the error_log.
|
||||
# Possible values include: debug, info, notice, warn, error, crit,
|
||||
# alert, emerg.
|
||||
#
|
||||
LogLevel warn
|
||||
|
||||
# COOK-1021: Dummy LoadModule directive to aid module installations
|
||||
#LoadModule dummy_module modules/mod_dummy.so
|
||||
|
||||
# Include module configuration:
|
||||
Include <%= node['apache']['dir'] %>/mods-enabled/*.load
|
||||
Include <%= node['apache']['dir'] %>/mods-enabled/*.conf
|
||||
|
||||
<% if %w{freebsd}.include?(node['platform_family']) -%>
|
||||
<IfDefine NOHTTPACCEPT>
|
||||
AcceptFilter http none
|
||||
AcceptFilter https none
|
||||
</IfDefine>
|
||||
<% end %>
|
||||
|
||||
# Include ports listing
|
||||
Include <%= node['apache']['dir'] %>/ports.conf
|
||||
|
||||
#
|
||||
# The following directives define some format nicknames for use with
|
||||
# a CustomLog directive (see below).
|
||||
#
|
||||
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
|
||||
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
|
||||
LogFormat "%h %l %u %t \"%r\" %>s %b" common
|
||||
LogFormat "%{Referer}i -> %U" referer
|
||||
LogFormat "%{User-agent}i" agent
|
||||
#
|
||||
|
||||
# Customizable error responses come in three flavors:
|
||||
# 1) plain text 2) local redirects 3) external redirects
|
||||
#
|
||||
# Some examples:
|
||||
#ErrorDocument 500 "The server made a boo boo."
|
||||
#ErrorDocument 404 /missing.html
|
||||
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
|
||||
#ErrorDocument 402 http://www.example.com/subscription_info.html
|
||||
#
|
||||
|
||||
#
|
||||
# Putting this all together, we can internationalize error responses.
|
||||
#
|
||||
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
|
||||
# our collection of by-error message multi-language collections. We use
|
||||
# includes to substitute the appropriate text.
|
||||
#
|
||||
# You can modify the messages' appearance without changing any of the
|
||||
# default HTTP_<error>.html.var files by adding the line:
|
||||
#
|
||||
# Alias /error/include/ "/your/include/path/"
|
||||
#
|
||||
# which allows you to create your own set of files by starting with the
|
||||
# /usr/share/apache2/error/include/ files and copying them to /your/include/path/,
|
||||
# even on a per-VirtualHost basis. The default include files will display
|
||||
# your Apache version number and your ServerAdmin email address regardless
|
||||
# of the setting of ServerSignature.
|
||||
#
|
||||
# The internationalized error documents require mod_alias, mod_include
|
||||
# and mod_negotiation. To activate them, uncomment the following 30 lines.
|
||||
|
||||
# Alias /error/ "/usr/share/apache2/error/"
|
||||
#
|
||||
# <Directory "/usr/share/apache2/error">
|
||||
# AllowOverride None
|
||||
# Options IncludesNoExec
|
||||
# AddOutputFilter Includes html
|
||||
# AddHandler type-map var
|
||||
# Order allow,deny
|
||||
# Allow from all
|
||||
# LanguagePriority en cs de es fr it nl sv pt-br ro
|
||||
# ForceLanguagePriority Prefer Fallback
|
||||
# </Directory>
|
||||
#
|
||||
# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
|
||||
# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
|
||||
# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
|
||||
# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
|
||||
# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
|
||||
# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
|
||||
# ErrorDocument 410 /error/HTTP_GONE.html.var
|
||||
# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
|
||||
# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
|
||||
# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
|
||||
# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
|
||||
# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
|
||||
# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
|
||||
# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
|
||||
# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
|
||||
# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
|
||||
# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
|
||||
|
||||
|
||||
|
||||
# Include generic snippets of statements
|
||||
Include <%= node['apache']['dir'] %>/conf.d/
|
||||
|
||||
# Include the virtual host configurations:
|
||||
Include <%= node['apache']['dir'] %>/sites-enabled/
|
19
chef/cookbooks/apache2/templates/default/apache2.god.erb
Normal file
19
chef/cookbooks/apache2/templates/default/apache2.god.erb
Normal file
@ -0,0 +1,19 @@
|
||||
God.watch do |w|
|
||||
w.name = "apache2"
|
||||
w.interval = 30.seconds # default
|
||||
w.start = "<%= @params[:start] %>"
|
||||
w.stop = "<%= @params[:stop] %>"
|
||||
w.restart = "<%= @params[:restart] %>"
|
||||
w.start_grace = 10.seconds
|
||||
w.restart_grace = 10.seconds
|
||||
w.pid_file = "/var/run/apache2.pid"
|
||||
w.behavior(:clean_pid_file)
|
||||
|
||||
w.start_if do |start|
|
||||
start.condition(:process_running) do |c|
|
||||
c.interval = 5.seconds
|
||||
c.running = false
|
||||
c.notify = 'admin'
|
||||
end
|
||||
end
|
||||
end
|
6
chef/cookbooks/apache2/templates/default/charset.erb
Normal file
6
chef/cookbooks/apache2/templates/default/charset.erb
Normal file
@ -0,0 +1,6 @@
|
||||
# Read the documentation before enabling AddDefaultCharset.
|
||||
# In general, it is only a good idea if you know that all your files
|
||||
# have this encoding. It will override any encoding given in the files
|
||||
# in meta http-equiv or xml encoding tags.
|
||||
|
||||
#AddDefaultCharset UTF-8
|
57
chef/cookbooks/apache2/templates/default/default-site.erb
Normal file
57
chef/cookbooks/apache2/templates/default/default-site.erb
Normal file
@ -0,0 +1,57 @@
|
||||
<VirtualHost *:80>
|
||||
ServerAdmin <%= node['apache']['contact'] %>
|
||||
|
||||
DocumentRoot <%= node['apache']['docroot_dir'] %>/
|
||||
<Directory />
|
||||
Options FollowSymLinks
|
||||
AllowOverride None
|
||||
</Directory>
|
||||
<Directory <%= node['apache']['docroot_dir'] %>/>
|
||||
Options Indexes FollowSymLinks MultiViews
|
||||
AllowOverride None
|
||||
Order allow,deny
|
||||
allow from all
|
||||
# This directive allows us to have apache2's default start page
|
||||
# in /apache2-default/, but still have / go to the right place
|
||||
#RedirectMatch ^/$ /apache2-default/
|
||||
</Directory>
|
||||
|
||||
ScriptAlias /cgi-bin/ <%= node['apache']['cgibin_dir'] %>/
|
||||
<Directory "<%= node['apache']['cgibin_dir'] %>">
|
||||
AllowOverride None
|
||||
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
</Directory>
|
||||
|
||||
ErrorLog <%= node['apache']['log_dir'] %>/<%= node['apache']['error_log'] %>
|
||||
|
||||
# Possible values include: debug, info, notice, warn, error, crit,
|
||||
# alert, emerg.
|
||||
LogLevel warn
|
||||
|
||||
CustomLog <%= node['apache']['log_dir'] %>/<%= node['apache']['access_log'] %> combined
|
||||
ServerSignature On
|
||||
|
||||
Alias /doc/ "/usr/share/doc/"
|
||||
<Directory "/usr/share/doc/">
|
||||
Options Indexes MultiViews FollowSymLinks
|
||||
AllowOverride None
|
||||
Order deny,allow
|
||||
Deny from all
|
||||
Allow from 127.0.0.0/255.0.0.0 ::1/128
|
||||
</Directory>
|
||||
|
||||
<% if %w{ rhel fedora }.include?(node['platform_family']) -%>
|
||||
#
|
||||
# This configuration file enables the default "Welcome"
|
||||
# page if there is no default index page present for
|
||||
# the root URL. To disable the Welcome page, comment
|
||||
# out all the lines below.
|
||||
#
|
||||
<LocationMatch "^/+$">
|
||||
Options -Indexes
|
||||
ErrorDocument 403 /error/noindex.html
|
||||
</LocationMatch>
|
||||
<% end -%>
|
||||
</VirtualHost>
|
@ -0,0 +1,31 @@
|
||||
# This file managed by Chef. Changes will be overwritten.
|
||||
|
||||
#
|
||||
# The default processing model (MPM) is the process-based
|
||||
# 'prefork' model. A thread-based model, 'worker', is also
|
||||
# available, but does not work with some modules (such as PHP).
|
||||
# The service must be stopped before changing this variable.
|
||||
#
|
||||
HTTPD=<%= node['apache']['binary'] %>
|
||||
|
||||
#
|
||||
# To pass additional options (for instance, -D definitions) to the
|
||||
# httpd binary at startup, set OPTIONS here.
|
||||
#
|
||||
#OPTIONS=
|
||||
|
||||
#
|
||||
# By default, the httpd process is started in the C locale; to
|
||||
# change the locale in which the server runs, the HTTPD_LANG
|
||||
# variable can be set.
|
||||
#
|
||||
#HTTPD_LANG=C
|
||||
|
||||
#
|
||||
# By default, the httpd process will create the file
|
||||
# /var/run/httpd/httpd.pid in which it records its process
|
||||
# identification number when it starts. If an alternate location is
|
||||
# specified in httpd.conf (via the PidFile directive), the new
|
||||
# location needs to be reported in the PIDFILE.
|
||||
#
|
||||
#PIDFILE=<%= node['apache']['pid_file'] %>
|
2
chef/cookbooks/apache2/templates/default/mods/README
Normal file
2
chef/cookbooks/apache2/templates/default/mods/README
Normal file
@ -0,0 +1,2 @@
|
||||
These configs are taken from a Debian apache2.2-common 2.2.11-3 install. They
|
||||
work on CentOS 5.3 with a few conditions using erb.
|
24
chef/cookbooks/apache2/templates/default/mods/alias.conf.erb
Normal file
24
chef/cookbooks/apache2/templates/default/mods/alias.conf.erb
Normal file
@ -0,0 +1,24 @@
|
||||
<IfModule alias_module>
|
||||
#
|
||||
# Aliases: Add here as many aliases as you need (with no limit). The format is
|
||||
# Alias fakename realname
|
||||
#
|
||||
# Note that if you include a trailing / on fakename then the server will
|
||||
# require it to be present in the URL. So "/icons" isn't aliased in this
|
||||
# example, only "/icons/". If the fakename is slash-terminated, then the
|
||||
# realname must also be slash terminated, and if the fakename omits the
|
||||
# trailing slash, the realname must also omit it.
|
||||
#
|
||||
# We include the /icons/ alias for FancyIndexed directory listings. If
|
||||
# you do not use FancyIndexing, you may comment this out.
|
||||
#
|
||||
Alias /icons/ "<%= node['apache']['icondir'] %>/"
|
||||
|
||||
<Directory "<%= node['apache']['icondir'] %>">
|
||||
Options Indexes MultiViews
|
||||
AllowOverride None
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
</Directory>
|
||||
|
||||
</IfModule>
|
@ -0,0 +1 @@
|
||||
CASCookiePath <%= node['apache']['cache_dir'] %>/mod_auth_cas/
|
@ -0,0 +1 @@
|
||||
LoadModule auth_cas_module <%= node['apache']['libexecdir'] %>/mod_auth_cas.so
|
@ -0,0 +1 @@
|
||||
LoadModule authopenid_module <%= node['apache']['libexecdir'] %>/mod_auth_openid.so
|
101
chef/cookbooks/apache2/templates/default/mods/autoindex.conf.erb
Normal file
101
chef/cookbooks/apache2/templates/default/mods/autoindex.conf.erb
Normal file
@ -0,0 +1,101 @@
|
||||
<IfModule mod_autoindex.c>
|
||||
#
|
||||
# Directives controlling the display of server-generated directory listings.
|
||||
#
|
||||
|
||||
#
|
||||
# IndexOptions: Controls the appearance of server-generated directory
|
||||
# listings.
|
||||
# Remove/replace the "Charset=UTF-8" if you don't use UTF-8 for your filenames.
|
||||
#
|
||||
IndexOptions FancyIndexing VersionSort HTMLTable NameWidth=* DescriptionWidth=* Charset=UTF-8
|
||||
|
||||
#
|
||||
# AddIcon* directives tell the server which icon to show for different
|
||||
# files or filename extensions. These are only displayed for
|
||||
# FancyIndexed directories.
|
||||
#
|
||||
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip x-bzip2
|
||||
|
||||
AddIconByType (TXT,/icons/text.gif) text/*
|
||||
AddIconByType (IMG,/icons/image2.gif) image/*
|
||||
AddIconByType (SND,/icons/sound2.gif) audio/*
|
||||
AddIconByType (VID,/icons/movie.gif) video/*
|
||||
|
||||
AddIcon /icons/binary.gif .bin .exe
|
||||
AddIcon /icons/binhex.gif .hqx
|
||||
AddIcon /icons/tar.gif .tar
|
||||
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
|
||||
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
|
||||
AddIcon /icons/a.gif .ps .ai .eps
|
||||
AddIcon /icons/layout.gif .html .shtml .htm .pdf
|
||||
AddIcon /icons/text.gif .txt
|
||||
AddIcon /icons/c.gif .c
|
||||
AddIcon /icons/p.gif .pl .py
|
||||
AddIcon /icons/f.gif .for
|
||||
AddIcon /icons/dvi.gif .dvi
|
||||
AddIcon /icons/uuencoded.gif .uu
|
||||
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
|
||||
AddIcon /icons/tex.gif .tex
|
||||
# It's a suffix rule, so simply matching "core" matches "score" as well !
|
||||
AddIcon /icons/bomb.gif /core
|
||||
AddIcon (SND,/icons/sound2.gif) .ogg
|
||||
AddIcon (VID,/icons/movie.gif) .ogm
|
||||
|
||||
AddIcon /icons/back.gif ..
|
||||
AddIcon /icons/hand.right.gif README
|
||||
AddIcon /icons/folder.gif ^^DIRECTORY^^
|
||||
AddIcon /icons/blank.gif ^^BLANKICON^^
|
||||
|
||||
# Default icons for OpenDocument format
|
||||
AddIcon /icons/odf6odt-20x22.png .odt
|
||||
AddIcon /icons/odf6ods-20x22.png .ods
|
||||
AddIcon /icons/odf6odp-20x22.png .odp
|
||||
AddIcon /icons/odf6odg-20x22.png .odg
|
||||
AddIcon /icons/odf6odc-20x22.png .odc
|
||||
AddIcon /icons/odf6odf-20x22.png .odf
|
||||
AddIcon /icons/odf6odb-20x22.png .odb
|
||||
AddIcon /icons/odf6odi-20x22.png .odi
|
||||
AddIcon /icons/odf6odm-20x22.png .odm
|
||||
|
||||
AddIcon /icons/odf6ott-20x22.png .ott
|
||||
AddIcon /icons/odf6ots-20x22.png .ots
|
||||
AddIcon /icons/odf6otp-20x22.png .otp
|
||||
AddIcon /icons/odf6otg-20x22.png .otg
|
||||
AddIcon /icons/odf6otc-20x22.png .otc
|
||||
AddIcon /icons/odf6otf-20x22.png .otf
|
||||
AddIcon /icons/odf6oti-20x22.png .oti
|
||||
AddIcon /icons/odf6oth-20x22.png .oth
|
||||
|
||||
#
|
||||
# DefaultIcon is which icon to show for files which do not have an icon
|
||||
# explicitly set.
|
||||
#
|
||||
DefaultIcon /icons/unknown.gif
|
||||
|
||||
#
|
||||
# AddDescription allows you to place a short description after a file in
|
||||
# server-generated indexes. These are only displayed for FancyIndexed
|
||||
# directories.
|
||||
# Format: AddDescription "description" filename
|
||||
#
|
||||
#AddDescription "GZIP compressed document" .gz
|
||||
#AddDescription "tar archive" .tar
|
||||
#AddDescription "GZIP compressed tar archive" .tgz
|
||||
|
||||
#
|
||||
# ReadmeName is the name of the README file the server will look for by
|
||||
# default, and append to directory listings.
|
||||
#
|
||||
# HeaderName is the name of a file which should be prepended to
|
||||
# directory indexes.
|
||||
ReadmeName README.html
|
||||
HeaderName HEADER.html
|
||||
|
||||
#
|
||||
# IndexIgnore is a set of filenames which directory indexing should ignore
|
||||
# and not include in the listing. Shell-style wildcarding is permitted.
|
||||
#
|
||||
IndexIgnore .??* *~ *# RCS CVS *,v *,t
|
||||
|
||||
</IfModule>
|
@ -0,0 +1,16 @@
|
||||
<IfModule mod_deflate.c>
|
||||
AddOutputFilterByType DEFLATE text/html
|
||||
AddOutputFilterByType DEFLATE text/css
|
||||
AddOutputFilterByType DEFLATE text/plain
|
||||
AddOutputFilterByType DEFLATE text/xml
|
||||
AddOutputFilterByType DEFLATE application/xhtml+xml
|
||||
AddOutputFilterByType DEFLATE application/xml
|
||||
AddOutputFilterByType DEFLATE image/svg+xml
|
||||
AddOutputFilterByType DEFLATE application/rss+xml
|
||||
AddOutputFilterByType DEFLATE application/atom_xml
|
||||
AddOutputFilterByType DEFLATE application/javascript
|
||||
AddOutputFilterByType DEFLATE application/x-javascript
|
||||
AddOutputFilterByType DEFLATE application/x-httpd-php
|
||||
AddOutputFilterByType DEFLATE application/x-httpd-fastphp
|
||||
AddOutputFilterByType DEFLATE application/x-httpd-eruby
|
||||
</IfModule>
|
@ -0,0 +1,5 @@
|
||||
<IfModule mod_dir.c>
|
||||
|
||||
DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
|
||||
|
||||
</IfModule>
|
@ -0,0 +1,5 @@
|
||||
<IfModule mod_fastcgi.c>
|
||||
AddHandler fastcgi-script .fcgi
|
||||
#FastCgiWrapper /usr/lib/apache2/suexec
|
||||
FastCgiIpcDir /var/lib/apache2/fastcgi
|
||||
</IfModule>
|
10
chef/cookbooks/apache2/templates/default/mods/fcgid.conf.erb
Normal file
10
chef/cookbooks/apache2/templates/default/mods/fcgid.conf.erb
Normal file
@ -0,0 +1,10 @@
|
||||
<IfModule mod_fcgid.c>
|
||||
AddHandler fcgid-script .fcgi
|
||||
IPCConnectTimeout 20
|
||||
</IfModule>
|
||||
|
||||
<% if %w{ rhel fedora }.include?(node['platform_family']) -%>
|
||||
# Sane place to put sockets and shared memory file
|
||||
SocketPath run/mod_fcgid
|
||||
SharememPath run/mod_fcgid/fcgid_shm
|
||||
<% end -%>
|
@ -0,0 +1,4 @@
|
||||
<IfModule mod_include.c>
|
||||
AddType text/html .shtml
|
||||
AddOutputFilter INCLUDES .shtml
|
||||
</IfModule>
|
@ -0,0 +1,4 @@
|
||||
<IfModule mod_include.c>
|
||||
AddType text/html .shtml
|
||||
AddOutputFilter INCLUDES .shtml
|
||||
</IfModule>
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user