Mercurial > repos > other > Puppet
annotate modules/website/manifests/init.pp @ 57:3674aac72674 puppet-3.6
Merge Default changes to Puppet 3.6 and fix conflict
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Sun, 26 Jul 2015 17:55:43 +0100 |
| parents | 5cdc1c96c477 29d330d2056a |
| children | ae30d98f294f |
| rev | line source |
|---|---|
|
0
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
1 class website( |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
2 $base_dir, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
3 $cert_dir = '/etc/pki/custom', |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
4 $ssl_chain = 'ca-chain.pem', |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
5 $primary_ip, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
6 $secondary_ip, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
7 $default_owner, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
8 $default_group, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
9 $default_tld = 'com', |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
10 $default_extra_tlds = [] |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
11 ){ |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
12 |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
13 validate_re($base_dir, '^(/[^/]+)*$', |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
14 "${base_dir} is invalid - base_dir must be a directory without trailing slash.") |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
15 validate_re($cert_dir, '^(/[^/]+)*$', |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
16 "${cert_dir} is invalid - cert_dir must be a directory without trailing slash.") |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
17 validate_array($default_extra_tlds) |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
18 |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
19 $basedir = $base_dir |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
20 $certdir = $cert_dir |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
21 $docroot_owner = $default_owner |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
22 $docroot_group = $default_group |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
23 $ca_chain = $ssl_chain |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
24 $tld = $default_tld |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
25 $extra_tlds = $default_extra_tlds |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
26 $htmlphpfragment = "Include conf.extra/html-php.conf" |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
27 $filterfragment = "Include conf.custom/filter.conf" |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
28 $cmsfragment = "Include conf.extra/cms_rewrites.conf" |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
29 |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
30 class { 'apache': |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
31 default_mods => false, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
32 default_vhost => false, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
33 mpm_module => false, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
34 } |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
35 class { 'apache::mod::dir': indexes => [ 'index.html' ] } |
|
1
f9876f71f1a3
Bump the number of server processes - the server seems to cope, and a South Korean forum's hotlinking was flooding us
IBBoard <dev@ibboard.co.uk>
parents:
0
diff
changeset
|
36 class { 'apache::mod::prefork': serverlimit => 45, maxclients => 45 } |
|
0
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
37 apache::mod { |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
38 'rewrite':; |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
39 'expires':; 'setenvif':; 'headers':; |
|
34
29d330d2056a
Make sure that we have mod_version installed so that Apache config fragments that try to support 2.2 and 2.4 work properly
IBBoard <dev@ibboard.co.uk>
parents:
1
diff
changeset
|
40 'version':; |
|
0
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
41 } |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
42 file { $base_dir: |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
43 ensure => directory; |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
44 } |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
45 file { '/var/log/apache': |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
46 ensure => directory, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
47 mode => '0750', |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
48 group => 'apache', |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
49 } |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
50 file { '/etc/httpd/conf.extra': |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
51 ensure => directory, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
52 recurse => true, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
53 source => "puppet:///modules/website/conf.extra", |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
54 notify => Service['httpd']; |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
55 } |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
56 file { '/etc/httpd/conf/mime.types': |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
57 ensure => present, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
58 source => "puppet:///modules/website/mime.types", |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
59 notify => Service['httpd']; |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
60 } |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
61 file { '/etc/php.d/datetime.ini': |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
62 ensure => present, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
63 source => "puppet:///modules/website/datetime.ini", |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
64 notify => Service['httpd']; |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
65 } |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
66 file { '/etc/httpd/conf.d/zzz-custom.conf': |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
67 ensure => present, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
68 source => "puppet:///modules/website/zzz-custom.conf", |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
69 notify => Service['httpd']; |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
70 } |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
71 file { '/etc/httpd/conf.d/php.conf': |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
72 ensure => present, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
73 source => "puppet:///modules/website/php.conf", |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
74 notify => Service['httpd']; |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
75 } |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
76 file { '/etc/httpd/conf.custom': |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
77 ensure => directory, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
78 recurse => true, |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
79 source => "puppet:///private/apache/conf.custom", |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
80 notify => Service['httpd']; |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
81 } |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
82 file { $cert_dir: |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
83 ensure => directory; |
|
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
84 } |
|
48
5cdc1c96c477
Add SELinux support for website content
IBBoard <dev@ibboard.co.uk>
parents:
1
diff
changeset
|
85 if $operatingsystem == 'CentOS' and versioncmp($operatingsystemrelease, 7) >= 0 { |
|
5cdc1c96c477
Add SELinux support for website content
IBBoard <dev@ibboard.co.uk>
parents:
1
diff
changeset
|
86 exec { 'set_apache_defaults': |
|
5cdc1c96c477
Add SELinux support for website content
IBBoard <dev@ibboard.co.uk>
parents:
1
diff
changeset
|
87 command => 'semanage fcontext -a -t httpd_sys_content_t "/srv/sites(/.*)?"', |
|
5cdc1c96c477
Add SELinux support for website content
IBBoard <dev@ibboard.co.uk>
parents:
1
diff
changeset
|
88 path => '/bin:/usr/bin/:/sbin:/usr/sbin', |
|
5cdc1c96c477
Add SELinux support for website content
IBBoard <dev@ibboard.co.uk>
parents:
1
diff
changeset
|
89 require => Package['policycoreutils-python'], |
|
5cdc1c96c477
Add SELinux support for website content
IBBoard <dev@ibboard.co.uk>
parents:
1
diff
changeset
|
90 unless => 'semanage fcontext --list | grep "/srv/sites\\(/\\.\\*\\)\\?"', |
|
5cdc1c96c477
Add SELinux support for website content
IBBoard <dev@ibboard.co.uk>
parents:
1
diff
changeset
|
91 } |
|
5cdc1c96c477
Add SELinux support for website content
IBBoard <dev@ibboard.co.uk>
parents:
1
diff
changeset
|
92 } |
|
0
956e484adc12
Initial public release of Puppet configs
IBBoard <dev@ibboard.co.uk>
parents:
diff
changeset
|
93 } |