view modules/apache/examples/vhost.pp @ 320:99e3ca448d55

Fix Remi PHP on CentOS 8 It uses the new "modules" approach, so we need to use a new package provider They also use different signing keys
author IBBoard <dev@ibboard.co.uk>
date Sun, 01 Mar 2020 10:58:00 +0000
parents d9352a684e62
children b8d6ada284dd
line wrap: on
line source

## Default vhosts, and custom vhosts
# NB: Please see the other vhost_*.pp example files for further
# examples.

# Base class. Declares default vhost on port 80 and default ssl
# vhost on port 443 listening on all interfaces and serving
# $apache::docroot
class { '::apache': }

# Most basic vhost
apache::vhost { 'first.example.com':
  port    => '80',
  docroot => '/var/www/first',
}

# Vhost with different docroot owner/group/mode
apache::vhost { 'second.example.com':
  port          => '80',
  docroot       => '/var/www/second',
  docroot_owner => 'third',
  docroot_group => 'third',
  docroot_mode  => '0770',
}

# Vhost with serveradmin
apache::vhost { 'third.example.com':
  port        => '80',
  docroot     => '/var/www/third',
  serveradmin => 'admin@example.com',
}

# Vhost with ssl (uses default ssl certs)
apache::vhost { 'ssl.example.com':
  port    => '443',
  docroot => '/var/www/ssl',
  ssl     => true,
}

# Vhost with ssl and specific ssl certs
apache::vhost { 'fourth.example.com':
  port     => '443',
  docroot  => '/var/www/fourth',
  ssl      => true,
  ssl_cert => '/etc/ssl/fourth.example.com.cert',
  ssl_key  => '/etc/ssl/fourth.example.com.key',
}

# Vhost with english title and servername parameter
apache::vhost { 'The fifth vhost':
  servername => 'fifth.example.com',
  port       => '80',
  docroot    => '/var/www/fifth',
}

# Vhost with server aliases
apache::vhost { 'sixth.example.com':
  serveraliases => [
    'sixth.example.org',
    'sixth.example.net',
  ],
  port          => '80',
  docroot       => '/var/www/fifth',
}

# Vhost with alternate options
apache::vhost { 'seventh.example.com':
  port    => '80',
  docroot => '/var/www/seventh',
  options => [
    'Indexes',
    'MultiViews',
  ],
}

# Vhost with AllowOverride for .htaccess
apache::vhost { 'eighth.example.com':
  port     => '80',
  docroot  => '/var/www/eighth',
  override => 'All',
}

# Vhost with access and error logs disabled
apache::vhost { 'ninth.example.com':
  port       => '80',
  docroot    => '/var/www/ninth',
  access_log => false,
  error_log  => false,
}

# Vhost with custom access and error logs and logroot
apache::vhost { 'tenth.example.com':
  port            => '80',
  docroot         => '/var/www/tenth',
  access_log_file => 'tenth_vhost.log',
  error_log_file  => 'tenth_vhost_error.log',
  logroot         => '/var/log',
}

# Vhost with a cgi-bin
apache::vhost { 'eleventh.example.com':
  port        => '80',
  docroot     => '/var/www/eleventh',
  scriptalias => '/usr/lib/cgi-bin',
}

# Vhost with a proxypass configuration
apache::vhost { 'twelfth.example.com':
  port          => '80',
  docroot       => '/var/www/twelfth',
  proxy_dest    => 'http://internal.example.com:8080/twelfth',
  no_proxy_uris => ['/login','/logout'],
}

# Vhost to redirect /login and /logout
apache::vhost { 'thirteenth.example.com':
  port            => '80',
  docroot         => '/var/www/thirteenth',
  redirect_source => [
    '/login',
    '/logout',
  ],
  redirect_dest   => [
    'http://10.0.0.10/login',
    'http://10.0.0.10/logout',
  ],
}

# Vhost to permamently redirect
apache::vhost { 'fourteenth.example.com':
  port            => '80',
  docroot         => '/var/www/fourteenth',
  redirect_source => '/blog',
  redirect_dest   => 'http://blog.example.com',
  redirect_status => 'permanent',
}

# Vhost with a rack configuration
apache::vhost { 'fifteenth.example.com':
  port           => '80',
  docroot        => '/var/www/fifteenth',
  rack_base_uris => ['/rackapp1', '/rackapp2'],
}


# Vhost to redirect non-ssl to ssl
apache::vhost { 'sixteenth.example.com non-ssl':
  servername => 'sixteenth.example.com',
  port       => '80',
  docroot    => '/var/www/sixteenth',
  rewrites   => [
    {
      comment      => 'redirect non-SSL traffic to SSL site',
      rewrite_cond => ['%{HTTPS} off'],
      rewrite_rule => ['(.*) https://%{HTTP_HOST}%{REQUEST_URI}'],
    }
  ],
}

# Rewrite a URL to lower case
apache::vhost { 'sixteenth.example.com non-ssl':
  servername => 'sixteenth.example.com',
  port       => '80',
  docroot    => '/var/www/sixteenth',
  rewrites   => [
    { comment      => 'Rewrite to lower case',
      rewrite_cond => ['%{REQUEST_URI} [A-Z]'],
      rewrite_map  => ['lc int:tolower'],
      rewrite_rule => ["(.*) \${lc:\$1} [R=301,L]"],
    }
  ],
}

apache::vhost { 'sixteenth.example.com ssl':
  servername => 'sixteenth.example.com',
  port       => '443',
  docroot    => '/var/www/sixteenth',
  ssl        => true,
}

# Vhost to redirect non-ssl to ssl using old rewrite method
apache::vhost { 'sixteenth.example.com non-ssl old rewrite':
  servername   => 'sixteenth.example.com',
  port         => '80',
  docroot      => '/var/www/sixteenth',
  rewrite_cond => '%{HTTPS} off',
  rewrite_rule => '(.*) https://%{HTTP_HOST}%{REQUEST_URI}',
}
apache::vhost { 'sixteenth.example.com ssl old rewrite':
  servername => 'sixteenth.example.com',
  port       => '443',
  docroot    => '/var/www/sixteenth',
  ssl        => true,
}

# Vhost to block repository files
apache::vhost { 'seventeenth.example.com':
  port    => '80',
  docroot => '/var/www/seventeenth',
  block   => 'scm',
}

# Vhost with special environment variables
apache::vhost { 'eighteenth.example.com':
  port    => '80',
  docroot => '/var/www/eighteenth',
  setenv  => ['SPECIAL_PATH /foo/bin','KILROY was_here'],
}

apache::vhost { 'nineteenth.example.com':
  port     => '80',
  docroot  => '/var/www/nineteenth',
  setenvif => 'Host "^([^\.]*)\.website\.com$" CLIENT_NAME=$1',
}

# Vhost with additional include files
apache::vhost { 'twentyieth.example.com':
  port                => '80',
  docroot             => '/var/www/twelfth',
  additional_includes => ['/tmp/proxy_group_a','/tmp/proxy_group_b'],
}

# Vhost with alias for subdomain mapped to same named directory
# http://example.com.loc => /var/www/example.com
apache::vhost { 'subdomain.loc':
  vhost_name      => '*',
  port            => '80',
  virtual_docroot => '/var/www/%-2+',
  docroot         => '/var/www',
  serveraliases   => ['*.loc',],
}

# Vhost with SSL (SSLProtocol, SSLCipherSuite & SSLHonorCipherOrder from default)
apache::vhost { 'securedomain.com':
  priority   => '10',
  vhost_name => 'www.securedomain.com',
  port       => '443',
  docroot    => '/var/www/secure',
  ssl        => true,
  ssl_cert   => '/etc/ssl/securedomain.cert',
  ssl_key    => '/etc/ssl/securedomain.key',
  ssl_chain  => '/etc/ssl/securedomain.crt',
  add_listen => false,
}

# Vhost with access log environment variables writing control
apache::vhost { 'twentyfirst.example.com':
  port               => '80',
  docroot            => '/var/www/twentyfirst',
  access_log_env_var => 'admin',
}

# Vhost with a passenger_base configuration
apache::vhost { 'twentysecond.example.com':
  port           => '80',
  docroot        => '/var/www/twentysecond',
  rack_base_uris => ['/passengerapp1', '/passengerapp2'],
}