Page MenuHomeSoftware Heritage
Files F9697787

No OneTemporary
Actions

View Options

diff --git a/manifests/init.pp b/manifests/init.pp
index 5147ebc3..e7d6ce98 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,329 +1,331 @@
# Class: apache
#
# This class installs Apache
#
# Parameters:
#
# Actions:
# - Install Apache
# - Manage Apache service
#
# Requires:
#
# Sample Usage:
#
class apache (
$service_name = $apache::params::service_name,
$default_mods = true,
$default_vhost = true,
$default_confd_files = true,
$default_ssl_vhost = false,
$default_ssl_cert = $apache::params::default_ssl_cert,
$default_ssl_key = $apache::params::default_ssl_key,
$default_ssl_chain = undef,
$default_ssl_ca = undef,
$default_ssl_crl_path = undef,
$default_ssl_crl = undef,
$ip = undef,
$service_enable = true,
$service_ensure = 'running',
$purge_configs = true,
$purge_vdir = false,
$serveradmin = 'root@localhost',
$sendfile = 'On',
$error_documents = false,
$timeout = '120',
$httpd_dir = $apache::params::httpd_dir,
$server_root = $apache::params::server_root,
$confd_dir = $apache::params::confd_dir,
$vhost_dir = $apache::params::vhost_dir,
$vhost_enable_dir = $apache::params::vhost_enable_dir,
$mod_dir = $apache::params::mod_dir,
$mod_enable_dir = $apache::params::mod_enable_dir,
$mpm_module = $apache::params::mpm_module,
$conf_template = $apache::params::conf_template,
$servername = $apache::params::servername,
$manage_user = true,
$manage_group = true,
$user = $apache::params::user,
$group = $apache::params::group,
$keepalive = $apache::params::keepalive,
$keepalive_timeout = $apache::params::keepalive_timeout,
$logroot = $apache::params::logroot,
$log_level = $apache::params::log_level,
$ports_file = $apache::params::ports_file,
$server_tokens = 'OS',
$server_signature = 'On',
$trace_enable = 'On',
$package_ensure = 'installed',
) inherits apache::params {
validate_bool($default_vhost)
validate_bool($default_ssl_vhost)
validate_bool($default_confd_files)
# true/false is sufficient for both ensure and enable
validate_bool($service_enable)
$valid_mpms_re = $::osfamily ? {
'FreeBSD' => '(event|itk|peruser|prefork|worker)',
default => '(itk|prefork|worker)'
}
if $mpm_module {
validate_re($mpm_module, $valid_mpms_re)
}
# NOTE: on FreeBSD it's mpm module's responsibility to install httpd package.
# NOTE: the same strategy may be introduced for other OSes. For this, you
# should delete the 'if' block below and modify all MPM modules' manifests
# such that they include apache::package class (currently event.pp, itk.pp,
# peruser.pp, prefork.pp, worker.pp).
if $::osfamily != 'FreeBSD' {
package { 'httpd':
ensure => $package_ensure,
name => $apache::params::apache_name,
notify => Class['Apache::Service'],
}
}
validate_re($sendfile, [ '^[oO]n$' , '^[oO]ff$' ])
# declare the web server user and group
# Note: requiring the package means the package ought to create them and not puppet
validate_bool($manage_user)
if $manage_user {
user { $user:
ensure => present,
gid => $group,
require => Package['httpd'],
}
}
validate_bool($manage_group)
if $manage_group {
group { $group:
ensure => present,
require => Package['httpd']
}
}
$valid_log_level_re = '(emerg|alert|crit|error|warn|notice|info|debug)'
validate_re($log_level, $valid_log_level_re,
"Log level '${log_level}' is not one of the supported Apache HTTP Server log levels.")
class { 'apache::service':
service_name => $service_name,
service_enable => $service_enable,
service_ensure => $service_ensure,
}
# Deprecated backwards-compatibility
if $purge_vdir {
warning('Class[\'apache\'] parameter purge_vdir is deprecated in favor of purge_configs')
$purge_confd = $purge_vdir
} else {
$purge_confd = $purge_configs
}
Exec {
path => '/bin:/sbin:/usr/bin:/usr/sbin',
}
exec { "mkdir ${confd_dir}":
creates => $confd_dir,
require => Package['httpd'],
}
file { $confd_dir:
ensure => directory,
recurse => true,
purge => $purge_confd,
notify => Class['Apache::Service'],
require => Package['httpd'],
}
if ! defined(File[$mod_dir]) {
exec { "mkdir ${mod_dir}":
creates => $mod_dir,
require => Package['httpd'],
}
+ # Don't purge available modules if an enable dir is used
+ $purge_mod_dir = $purge_configs and !$mod_enable_dir
file { $mod_dir:
ensure => directory,
recurse => true,
- purge => $purge_configs,
+ purge => $purge_mod_dir,
notify => Class['Apache::Service'],
require => Package['httpd'],
}
}
if $mod_enable_dir and ! defined(File[$mod_enable_dir]) {
$mod_load_dir = $mod_enable_dir
exec { "mkdir ${mod_enable_dir}":
creates => $mod_enable_dir,
require => Package['httpd'],
}
file { $mod_enable_dir:
ensure => directory,
recurse => true,
purge => $purge_configs,
notify => Class['Apache::Service'],
require => Package['httpd'],
}
} else {
$mod_load_dir = $mod_dir
}
if ! defined(File[$vhost_dir]) {
exec { "mkdir ${vhost_dir}":
creates => $vhost_dir,
require => Package['httpd'],
}
file { $vhost_dir:
ensure => directory,
recurse => true,
purge => $purge_configs,
notify => Class['Apache::Service'],
require => Package['httpd'],
}
}
if $vhost_enable_dir and ! defined(File[$vhost_enable_dir]) {
$vhost_load_dir = $vhost_enable_dir
exec { "mkdir ${vhost_load_dir}":
creates => $vhost_load_dir,
require => Package['httpd'],
}
file { $vhost_enable_dir:
ensure => directory,
recurse => true,
purge => $purge_configs,
notify => Class['Apache::Service'],
require => Package['httpd'],
}
} else {
$vhost_load_dir = $vhost_dir
}
concat { $ports_file:
owner => 'root',
group => $apache::params::root_group,
mode => '0644',
notify => Class['Apache::Service'],
require => Package['httpd'],
}
concat::fragment { 'Apache ports header':
target => $ports_file,
content => template('apache/ports_header.erb')
}
if $apache::params::conf_dir and $apache::params::conf_file {
if $::osfamily == 'redhat' or $::operatingsystem == 'amazon' {
$docroot = '/var/www/html'
$pidfile = 'run/httpd.pid'
$error_log = 'error_log'
$error_documents_path = '/var/www/error'
$scriptalias = '/var/www/cgi-bin'
$access_log_file = 'access_log'
} elsif $::osfamily == 'debian' {
$docroot = '/var/www'
$pidfile = '${APACHE_PID_FILE}'
$error_log = 'error.log'
$error_documents_path = '/usr/share/apache2/error'
$scriptalias = '/usr/lib/cgi-bin'
$access_log_file = 'access.log'
} elsif $::osfamily == 'freebsd' {
$docroot = '/usr/local/www/apache22/data'
$pidfile = '/var/run/httpd.pid'
$error_log = 'httpd-error.log'
$error_documents_path = '/usr/local/www/apache22/error'
$scriptalias = '/usr/local/www/apache22/cgi-bin'
$access_log_file = 'httpd-access.log'
} else {
fail("Unsupported osfamily ${::osfamily}")
}
$apxs_workaround = $::osfamily ? {
'freebsd' => true,
default => false
}
# Template uses:
# - $pidfile
# - $user
# - $group
# - $logroot
# - $error_log
# - $sendfile
# - $mod_dir
# - $ports_file
# - $confd_dir
# - $vhost_dir
# - $error_documents
# - $error_documents_path
# - $apxs_workaround
# - $keepalive
# - $keepalive_timeout
# - $server_root
# - $server_tokens
# - $server_signature
# - $trace_enable
file { "${apache::params::conf_dir}/${apache::params::conf_file}":
ensure => file,
content => template($conf_template),
notify => Class['Apache::Service'],
require => Package['httpd'],
}
# preserve back-wards compatibility to the times when default_mods was
# only a boolean value. Now it can be an array (too)
if is_array($default_mods) {
class { 'apache::default_mods':
all => false,
mods => $default_mods,
}
} else {
class { 'apache::default_mods':
all => $default_mods,
}
}
class { 'apache::default_confd_files':
all => $default_confd_files
}
if $mpm_module {
class { "apache::mod::${mpm_module}": }
}
$default_vhost_ensure = $default_vhost ? {
true => 'present',
false => 'absent'
}
$default_ssl_vhost_ensure = $default_ssl_vhost ? {
true => 'present',
false => 'absent'
}
apache::vhost { 'default':
ensure => $default_vhost_ensure,
port => 80,
docroot => $docroot,
scriptalias => $scriptalias,
serveradmin => $serveradmin,
access_log_file => $access_log_file,
priority => '15',
ip => $ip,
}
$ssl_access_log_file = $::osfamily ? {
'freebsd' => $access_log_file,
default => "ssl_${access_log_file}",
}
apache::vhost { 'default-ssl':
ensure => $default_ssl_vhost_ensure,
port => 443,
ssl => true,
docroot => $docroot,
scriptalias => $scriptalias,
serveradmin => $serveradmin,
access_log_file => $ssl_access_log_file,
priority => '15',
ip => $ip,
}
}
}
diff --git a/spec/classes/apache_spec.rb b/spec/classes/apache_spec.rb
index 58d23d1d..7dd82d35 100644
--- a/spec/classes/apache_spec.rb
+++ b/spec/classes/apache_spec.rb
@@ -1,464 +1,464 @@
require 'spec_helper'
describe 'apache', :type => :class do
context "on a Debian OS" do
let :facts do
{
:osfamily => 'Debian',
:operatingsystemrelease => '6',
:concat_basedir => '/dne',
}
end
it { should contain_class("apache::params") }
it { should contain_package("httpd").with(
'notify' => 'Class[Apache::Service]',
'ensure' => 'installed'
)
}
it { should contain_user("www-data") }
it { should contain_group("www-data") }
it { should contain_class("apache::service") }
it { should contain_file("/etc/apache2/sites-enabled").with(
'ensure' => 'directory',
'recurse' => 'true',
'purge' => 'true',
'notify' => 'Class[Apache::Service]',
'require' => 'Package[httpd]'
)
}
it { should contain_file("/etc/apache2/mods-enabled").with(
'ensure' => 'directory',
'recurse' => 'true',
'purge' => 'true',
'notify' => 'Class[Apache::Service]',
'require' => 'Package[httpd]'
)
}
it { should contain_file("/etc/apache2/mods-available").with(
'ensure' => 'directory',
'recurse' => 'true',
- 'purge' => 'true',
+ 'purge' => 'false',
'notify' => 'Class[Apache::Service]',
'require' => 'Package[httpd]'
)
}
it { should contain_concat("/etc/apache2/ports.conf").with(
'owner' => 'root',
'group' => 'root',
'mode' => '0644',
'notify' => 'Class[Apache::Service]'
)
}
# Assert that load files are placed and symlinked for these mods, but no conf file.
[
'auth_basic',
'authn_file',
'authz_default',
'authz_groupfile',
'authz_host',
'authz_user',
'dav',
'env'
].each do |modname|
it { should contain_file("#{modname}.load").with(
'path' => "/etc/apache2/mods-available/#{modname}.load",
'ensure' => 'file'
) }
it { should contain_file("#{modname}.load symlink").with(
'path' => "/etc/apache2/mods-enabled/#{modname}.load",
'ensure' => 'link',
'target' => "/etc/apache2/mods-available/#{modname}.load"
) }
it { should_not contain_file("#{modname}.conf") }
it { should_not contain_file("#{modname}.conf symlink") }
end
# Assert that both load files and conf files are placed and symlinked for these mods
[
'alias',
'autoindex',
'dav_fs',
'deflate',
'dir',
'mime',
'negotiation',
'setenvif',
].each do |modname|
it { should contain_file("#{modname}.load").with(
'path' => "/etc/apache2/mods-available/#{modname}.load",
'ensure' => 'file'
) }
it { should contain_file("#{modname}.load symlink").with(
'path' => "/etc/apache2/mods-enabled/#{modname}.load",
'ensure' => 'link',
'target' => "/etc/apache2/mods-available/#{modname}.load"
) }
it { should contain_file("#{modname}.conf").with(
'path' => "/etc/apache2/mods-available/#{modname}.conf",
'ensure' => 'file'
) }
it { should contain_file("#{modname}.conf symlink").with(
'path' => "/etc/apache2/mods-enabled/#{modname}.conf",
'ensure' => 'link',
'target' => "/etc/apache2/mods-available/#{modname}.conf"
) }
end
describe "Don't create user resource" do
context "when parameter manage_user is false" do
let :params do
{ :manage_user => false }
end
it { should_not contain_user('www-data') }
it { should contain_file("/etc/apache2/apache2.conf").with_content %r{^User www-data\n} }
end
end
describe "Don't create group resource" do
context "when parameter manage_group is false" do
let :params do
{ :manage_group => false }
end
it { should_not contain_group('www-data') }
it { should contain_file("/etc/apache2/apache2.conf").with_content %r{^Group www-data\n} }
end
end
end
context "on a RedHat 5 OS" do
let :facts do
{
:osfamily => 'RedHat',
:operatingsystemrelease => '5',
:concat_basedir => '/dne',
}
end
it { should contain_class("apache::params") }
it { should contain_package("httpd").with(
'notify' => 'Class[Apache::Service]',
'ensure' => 'installed'
)
}
it { should contain_user("apache") }
it { should contain_group("apache") }
it { should contain_class("apache::service") }
it { should contain_file("/etc/httpd/conf.d").with(
'ensure' => 'directory',
'recurse' => 'true',
'purge' => 'true',
'notify' => 'Class[Apache::Service]',
'require' => 'Package[httpd]'
)
}
it { should contain_concat("/etc/httpd/conf/ports.conf").with(
'owner' => 'root',
'group' => 'root',
'mode' => '0644',
'notify' => 'Class[Apache::Service]'
)
}
describe "Alternate confd/mod/vhosts directory" do
let :params do
{
:vhost_dir => '/etc/httpd/site.d',
:confd_dir => '/etc/httpd/conf.d',
:mod_dir => '/etc/httpd/mod.d',
}
end
['mod.d','site.d','conf.d'].each do |dir|
it { should contain_file("/etc/httpd/#{dir}").with(
'ensure' => 'directory',
'recurse' => 'true',
'purge' => 'true',
'notify' => 'Class[Apache::Service]',
'require' => 'Package[httpd]'
) }
end
# Assert that load files are placed for these mods, but no conf file.
[
'auth_basic',
'authn_file',
'authz_default',
'authz_groupfile',
'authz_host',
'authz_user',
'dav',
'env',
].each do |modname|
it { should contain_file("#{modname}.load").with_path(
"/etc/httpd/mod.d/#{modname}.load"
) }
it { should_not contain_file("#{modname}.conf").with_path(
"/etc/httpd/mod.d/#{modname}.conf"
) }
end
# Assert that both load files and conf files are placed for these mods
[
'alias',
'autoindex',
'dav_fs',
'deflate',
'dir',
'mime',
'negotiation',
'setenvif',
].each do |modname|
it { should contain_file("#{modname}.load").with_path(
"/etc/httpd/mod.d/#{modname}.load"
) }
it { should contain_file("#{modname}.conf").with_path(
"/etc/httpd/mod.d/#{modname}.conf"
) }
end
it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include /etc/httpd/conf\.d/\*\.conf$} }
it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include /etc/httpd/site\.d/\*\.conf$} }
it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include /etc/httpd/mod\.d/\*\.conf$} }
it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Include /etc/httpd/mod\.d/\*\.load$} }
end
describe "Alternate conf.d directory" do
let :params do
{ :confd_dir => '/etc/httpd/special_conf.d' }
end
it { should contain_file("/etc/httpd/special_conf.d").with(
'ensure' => 'directory',
'recurse' => 'true',
'purge' => 'true',
'notify' => 'Class[Apache::Service]',
'require' => 'Package[httpd]'
) }
end
describe "Alternate mpm_modules" do
context "when declaring mpm_module is false" do
let :params do
{ :mpm_module => false }
end
it 'should not declare mpm modules' do
should_not contain_class('apache::mod::event')
should_not contain_class('apache::mod::itk')
should_not contain_class('apache::mod::peruser')
should_not contain_class('apache::mod::prefork')
should_not contain_class('apache::mod::worker')
end
end
context "when declaring mpm_module => prefork" do
let :params do
{ :mpm_module => 'prefork' }
end
it { should contain_class('apache::mod::prefork') }
it { should_not contain_class('apache::mod::event') }
it { should_not contain_class('apache::mod::itk') }
it { should_not contain_class('apache::mod::peruser') }
it { should_not contain_class('apache::mod::worker') }
end
context "when declaring mpm_module => worker" do
let :params do
{ :mpm_module => 'worker' }
end
it { should contain_class('apache::mod::worker') }
it { should_not contain_class('apache::mod::event') }
it { should_not contain_class('apache::mod::itk') }
it { should_not contain_class('apache::mod::peruser') }
it { should_not contain_class('apache::mod::prefork') }
end
context "when declaring mpm_module => breakme" do
let :params do
{ :mpm_module => 'breakme' }
end
it { expect { subject }.to raise_error Puppet::Error, /does not match/ }
end
end
describe "different templates for httpd.conf" do
context "with default" do
let :params do
{ :conf_template => 'apache/httpd.conf.erb' }
end
it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^# Security\n} }
end
context "with non-default" do
let :params do
{ :conf_template => 'site_apache/fake.conf.erb' }
end
it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Fake template for rspec.$} }
end
end
describe "default mods" do
context "without" do
let :params do
{ :default_mods => false }
end
it { should contain_apache__mod('authz_host') }
it { should_not contain_apache__mod('env') }
end
context "custom" do
let :params do
{ :default_mods => [
'info',
'alias',
'mime',
'env',
'setenv',
'expires',
]}
end
it { should contain_apache__mod('authz_host') }
it { should contain_apache__mod('env') }
it { should contain_class('apache::mod::info') }
it { should contain_class('apache::mod::mime') }
end
end
describe "Don't create user resource" do
context "when parameter manage_user is false" do
let :params do
{ :manage_user => false }
end
it { should_not contain_user('apache') }
it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^User apache\n} }
end
end
describe "Don't create group resource" do
context "when parameter manage_group is false" do
let :params do
{ :manage_group => false }
end
it { should_not contain_group('apache') }
it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^Group apache\n} }
end
end
describe "sendfile" do
context "with invalid value" do
let :params do
{ :sendfile => 'foo' }
end
it "should fail" do
expect do
subject
end.to raise_error(Puppet::Error, /"foo" does not match/)
end
end
context "On" do
let :params do
{ :sendfile => 'On' }
end
it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^EnableSendfile On\n} }
end
context "Off" do
let :params do
{ :sendfile => 'Off' }
end
it { should contain_file("/etc/httpd/conf/httpd.conf").with_content %r{^EnableSendfile Off\n} }
end
end
end
context "on a FreeBSD OS" do
let :facts do
{
:osfamily => 'FreeBSD',
:operatingsystemrelease => '9',
:concat_basedir => '/dne',
}
end
it { should contain_class("apache::params") }
it { should contain_class("apache::package").with({'ensure' => 'present'}) }
it { should contain_user("www") }
it { should contain_group("www") }
it { should contain_class("apache::service") }
it { should contain_file("/usr/local/etc/apache22/Vhosts").with(
'ensure' => 'directory',
'recurse' => 'true',
'purge' => 'true',
'notify' => 'Class[Apache::Service]',
'require' => 'Package[httpd]'
) }
it { should contain_file("/usr/local/etc/apache22/Modules").with(
'ensure' => 'directory',
'recurse' => 'true',
'purge' => 'true',
'notify' => 'Class[Apache::Service]',
'require' => 'Package[httpd]'
) }
it { should contain_concat("/usr/local/etc/apache22/ports.conf").with(
'owner' => 'root',
'group' => 'wheel',
'mode' => '0644',
'notify' => 'Class[Apache::Service]'
) }
# Assert that load files are placed for these mods, but no conf file.
[
'auth_basic',
'authn_file',
'authz_default',
'authz_groupfile',
'authz_host',
'authz_user',
'dav',
'env'
].each do |modname|
it { should contain_file("#{modname}.load").with(
'path' => "/usr/local/etc/apache22/Modules/#{modname}.load",
'ensure' => 'file'
) }
it { should_not contain_file("#{modname}.conf") }
end
# Assert that both load files and conf files are placed for these mods
[
'alias',
'autoindex',
'dav_fs',
'deflate',
'dir',
'mime',
'negotiation',
'setenvif',
].each do |modname|
it { should contain_file("#{modname}.load").with(
'path' => "/usr/local/etc/apache22/Modules/#{modname}.load",
'ensure' => 'file'
) }
it { should contain_file("#{modname}.conf").with(
'path' => "/usr/local/etc/apache22/Modules/#{modname}.conf",
'ensure' => 'file'
) }
end
end
context 'on all OSes' do
let :facts do
{
:osfamily => 'RedHat',
:operatingsystemrelease => '6',
:concat_basedir => '/dne',
}
end
context 'default vhost defaults' do
it { should contain_apache__vhost('default').with_ensure('present') }
it { should contain_apache__vhost('default-ssl').with_ensure('absent') }
end
context 'without default non-ssl vhost' do
let :params do {
:default_vhost => false
}
end
it { should contain_apache__vhost('default').with_ensure('absent') }
end
context 'with default ssl vhost' do
let :params do {
:default_ssl_vhost => true
}
end
it { should contain_apache__vhost('default-ssl').with_ensure('present') }
end
end
end

File Metadata

Mime Type
text/x-diff
Expires
Tue, Aug 19, 12:56 AM (3 w, 9 h ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3254684

Event Timeline

About · Developer information · Legal