vagrant-managed-servers 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +2 -1
- data/.travis.yml +5 -0
- data/Berksfile +1 -1
- data/CHANGELOG.md +7 -1
- data/Gemfile +8 -4
- data/README.md +5 -3
- data/Rakefile +11 -0
- data/Vagrantfile +3 -2
- data/lib/vagrant-managed-servers/action/sync_folders.rb +5 -3
- data/lib/vagrant-managed-servers/version.rb +1 -1
- data/vagrant-managed-servers.gemspec +3 -3
- metadata +10 -134
- data/cookbooks/apache2/CHANGELOG.md +0 -95
- data/cookbooks/apache2/CONTRIBUTING.md +0 -257
- data/cookbooks/apache2/Gemfile +0 -10
- data/cookbooks/apache2/LICENSE +0 -201
- data/cookbooks/apache2/README.md +0 -567
- data/cookbooks/apache2/attributes/default.rb +0 -149
- data/cookbooks/apache2/attributes/mod_auth_cas.rb +0 -2
- data/cookbooks/apache2/attributes/mod_auth_openid.rb +0 -32
- data/cookbooks/apache2/definitions/apache_conf.rb +0 -26
- data/cookbooks/apache2/definitions/apache_module.rb +0 -53
- data/cookbooks/apache2/definitions/apache_site.rb +0 -43
- data/cookbooks/apache2/definitions/web_app.rb +0 -49
- data/cookbooks/apache2/files/default/apache2_module_conf_generate.pl +0 -41
- data/cookbooks/apache2/files/default/tests/minitest/default_test.rb +0 -77
- data/cookbooks/apache2/files/default/tests/minitest/god_monitor_test.rb +0 -34
- data/cookbooks/apache2/files/default/tests/minitest/mod_apreq2_test.rb +0 -19
- data/cookbooks/apache2/files/default/tests/minitest/mod_auth_cas_test.rb +0 -11
- data/cookbooks/apache2/files/default/tests/minitest/mod_auth_openid_test.rb +0 -37
- data/cookbooks/apache2/files/default/tests/minitest/mod_cgi_test.rb +0 -13
- data/cookbooks/apache2/files/default/tests/minitest/mod_dav_svn_test.rb +0 -14
- data/cookbooks/apache2/files/default/tests/minitest/mod_fastcgi.rb +0 -11
- data/cookbooks/apache2/files/default/tests/minitest/mod_perl_test.rb +0 -18
- data/cookbooks/apache2/files/default/tests/minitest/mod_php5_test.rb +0 -13
- data/cookbooks/apache2/files/default/tests/minitest/mod_python_test.rb +0 -10
- data/cookbooks/apache2/files/default/tests/minitest/mod_ssl_test.rb +0 -23
- data/cookbooks/apache2/files/default/tests/minitest/support/helpers.rb +0 -50
- data/cookbooks/apache2/metadata.json +0 -513
- data/cookbooks/apache2/metadata.rb +0 -207
- data/cookbooks/apache2/recipes/default.rb +0 -208
- data/cookbooks/apache2/recipes/god_monitor.rb +0 -33
- data/cookbooks/apache2/recipes/logrotate.rb +0 -29
- data/cookbooks/apache2/recipes/mod_alias.rb +0 -22
- data/cookbooks/apache2/recipes/mod_apreq2.rb +0 -54
- data/cookbooks/apache2/recipes/mod_auth_basic.rb +0 -20
- data/cookbooks/apache2/recipes/mod_auth_cas.rb +0 -59
- data/cookbooks/apache2/recipes/mod_auth_digest.rb +0 -20
- data/cookbooks/apache2/recipes/mod_auth_openid.rb +0 -111
- data/cookbooks/apache2/recipes/mod_authn_file.rb +0 -20
- data/cookbooks/apache2/recipes/mod_authnz_ldap.rb +0 -20
- data/cookbooks/apache2/recipes/mod_authz_default.rb +0 -20
- data/cookbooks/apache2/recipes/mod_authz_groupfile.rb +0 -20
- data/cookbooks/apache2/recipes/mod_authz_host.rb +0 -20
- data/cookbooks/apache2/recipes/mod_authz_user.rb +0 -20
- data/cookbooks/apache2/recipes/mod_autoindex.rb +0 -22
- data/cookbooks/apache2/recipes/mod_cgi.rb +0 -20
- data/cookbooks/apache2/recipes/mod_dav.rb +0 -20
- data/cookbooks/apache2/recipes/mod_dav_fs.rb +0 -21
- data/cookbooks/apache2/recipes/mod_dav_svn.rb +0 -41
- data/cookbooks/apache2/recipes/mod_deflate.rb +0 -22
- data/cookbooks/apache2/recipes/mod_dir.rb +0 -22
- data/cookbooks/apache2/recipes/mod_env.rb +0 -20
- data/cookbooks/apache2/recipes/mod_expires.rb +0 -20
- data/cookbooks/apache2/recipes/mod_fastcgi.rb +0 -26
- data/cookbooks/apache2/recipes/mod_fcgid.rb +0 -55
- data/cookbooks/apache2/recipes/mod_headers.rb +0 -20
- data/cookbooks/apache2/recipes/mod_include.rb +0 -20
- data/cookbooks/apache2/recipes/mod_ldap.rb +0 -20
- data/cookbooks/apache2/recipes/mod_log_config.rb +0 -24
- data/cookbooks/apache2/recipes/mod_logio.rb +0 -24
- data/cookbooks/apache2/recipes/mod_mime.rb +0 -22
- data/cookbooks/apache2/recipes/mod_negotiation.rb +0 -22
- data/cookbooks/apache2/recipes/mod_perl.rb +0 -44
- data/cookbooks/apache2/recipes/mod_php5.rb +0 -77
- data/cookbooks/apache2/recipes/mod_proxy.rb +0 -22
- data/cookbooks/apache2/recipes/mod_proxy_ajp.rb +0 -21
- data/cookbooks/apache2/recipes/mod_proxy_balancer.rb +0 -20
- data/cookbooks/apache2/recipes/mod_proxy_connect.rb +0 -20
- data/cookbooks/apache2/recipes/mod_proxy_http.rb +0 -20
- data/cookbooks/apache2/recipes/mod_python.rb +0 -38
- data/cookbooks/apache2/recipes/mod_rewrite.rb +0 -20
- data/cookbooks/apache2/recipes/mod_setenvif.rb +0 -22
- data/cookbooks/apache2/recipes/mod_ssl.rb +0 -46
- data/cookbooks/apache2/recipes/mod_status.rb +0 -22
- data/cookbooks/apache2/recipes/mod_wsgi.rb +0 -38
- data/cookbooks/apache2/recipes/mod_xsendfile.rb +0 -38
- data/cookbooks/apache2/templates/default/a2dismod.erb +0 -22
- data/cookbooks/apache2/templates/default/a2dissite.erb +0 -29
- data/cookbooks/apache2/templates/default/a2enmod.erb +0 -37
- data/cookbooks/apache2/templates/default/a2ensite.erb +0 -38
- data/cookbooks/apache2/templates/default/apache2.conf.erb +0 -237
- data/cookbooks/apache2/templates/default/apache2.god.erb +0 -19
- data/cookbooks/apache2/templates/default/charset.erb +0 -6
- data/cookbooks/apache2/templates/default/default-site.erb +0 -57
- data/cookbooks/apache2/templates/default/mods/README +0 -2
- data/cookbooks/apache2/templates/default/mods/alias.conf.erb +0 -24
- data/cookbooks/apache2/templates/default/mods/auth_cas.conf.erb +0 -1
- data/cookbooks/apache2/templates/default/mods/auth_cas.load.erb +0 -1
- data/cookbooks/apache2/templates/default/mods/authopenid.load.erb +0 -1
- data/cookbooks/apache2/templates/default/mods/autoindex.conf.erb +0 -101
- data/cookbooks/apache2/templates/default/mods/deflate.conf.erb +0 -16
- data/cookbooks/apache2/templates/default/mods/dir.conf.erb +0 -5
- data/cookbooks/apache2/templates/default/mods/fastcgi.conf.erb +0 -5
- data/cookbooks/apache2/templates/default/mods/fcgid.conf.erb +0 -10
- data/cookbooks/apache2/templates/default/mods/mime.conf.erb +0 -198
- data/cookbooks/apache2/templates/default/mods/negotiation.conf.erb +0 -18
- data/cookbooks/apache2/templates/default/mods/php5.conf.erb +0 -16
- data/cookbooks/apache2/templates/default/mods/proxy.conf.erb +0 -19
- data/cookbooks/apache2/templates/default/mods/setenvif.conf.erb +0 -28
- data/cookbooks/apache2/templates/default/mods/ssl.conf.erb +0 -76
- data/cookbooks/apache2/templates/default/mods/status.conf.erb +0 -26
- data/cookbooks/apache2/templates/default/port_apache.erb +0 -2
- data/cookbooks/apache2/templates/default/ports.conf.erb +0 -6
- data/cookbooks/apache2/templates/default/security.erb +0 -50
- data/cookbooks/apache2/templates/default/web_app.conf.erb +0 -43
- data/cookbooks/apt/Berksfile +0 -8
- data/cookbooks/apt/CHANGELOG.md +0 -97
- data/cookbooks/apt/CONTRIBUTING +0 -29
- data/cookbooks/apt/LICENSE +0 -201
- data/cookbooks/apt/README.md +0 -243
- data/cookbooks/apt/TESTING.md +0 -25
- data/cookbooks/apt/attributes/default.rb +0 -4
- data/cookbooks/apt/files/default/apt-proxy-v2.conf +0 -50
- data/cookbooks/apt/metadata.json +0 -1
- data/cookbooks/apt/metadata.rb +0 -30
- data/cookbooks/apt/providers/preference.rb +0 -61
- data/cookbooks/apt/providers/repository.rb +0 -132
- data/cookbooks/apt/recipes/cacher-client.rb +0 -59
- data/cookbooks/apt/recipes/cacher-ng.rb +0 -40
- data/cookbooks/apt/recipes/default.rb +0 -68
- data/cookbooks/apt/resources/preference.rb +0 -30
- data/cookbooks/apt/resources/repository.rb +0 -40
- data/cookbooks/apt/templates/debian-6.0/acng.conf.erb +0 -174
- data/cookbooks/apt/templates/default/01proxy.erb +0 -2
- data/cookbooks/apt/templates/default/acng.conf.erb +0 -276
- data/cookbooks/apt/templates/ubuntu-10.04/acng.conf.erb +0 -270
data/cookbooks/apache2/README.md
DELETED
@@ -1,567 +0,0 @@
|
|
1
|
-
Description
|
2
|
-
===========
|
3
|
-
|
4
|
-
This cookbook provides a complete Debian/Ubuntu style Apache HTTPD
|
5
|
-
configuration. Non-Debian based distributions such as Red Hat/CentOS,
|
6
|
-
ArchLinux and others supported by this cookbook will have a
|
7
|
-
configuration that mimics Debian/Ubuntu style as it is easier to
|
8
|
-
manage with Chef.
|
9
|
-
|
10
|
-
Debian-style Apache configuration uses scripts to manage modules and
|
11
|
-
sites (vhosts). The scripts are:
|
12
|
-
|
13
|
-
* a2ensite
|
14
|
-
* a2dissite
|
15
|
-
* a2enmod
|
16
|
-
* a2dismod
|
17
|
-
|
18
|
-
This cookbook ships with templates of these scripts for non
|
19
|
-
Debian/Ubuntu platforms. The scripts are used in the __Definitions__
|
20
|
-
below.
|
21
|
-
|
22
|
-
Requirements
|
23
|
-
============
|
24
|
-
|
25
|
-
## Ohai and Chef:
|
26
|
-
|
27
|
-
* Ohai: 0.6.12+
|
28
|
-
* Chef: 0.10.10+
|
29
|
-
|
30
|
-
As of v1.2.0, this cookbook makes use of `node['platform_family']` to
|
31
|
-
simplify platform selection logic. This attribute was introduced in
|
32
|
-
Ohai v0.6.12. The recipe methods were introduced in Chef v0.10.10. If
|
33
|
-
you must run an older version of Chef or Ohai, use [version 1.1.16 of
|
34
|
-
this cookbook](http://community.opscode.com/cookbooks/apache2/versions/1_1_16/downloads).
|
35
|
-
|
36
|
-
## Cookbooks:
|
37
|
-
|
38
|
-
This cookbook doesn't have direct dependencies on other cookbooks, as
|
39
|
-
none are needed for the default recipe or the general use cases.
|
40
|
-
|
41
|
-
Depending on your OS configuration and security policy, you may need
|
42
|
-
additional recipes or cookbooks for this cookbook's recipes to
|
43
|
-
converge on the node. In particular, the following Operating System
|
44
|
-
settings may affect the behavior of this cookbook:
|
45
|
-
|
46
|
-
* apt cache outdated
|
47
|
-
* SELinux enabled
|
48
|
-
* IPtables
|
49
|
-
* Compile tools
|
50
|
-
* 3rd party repositories
|
51
|
-
|
52
|
-
On Ubuntu/Debian, use Opscode's `apt` cookbook to ensure the package
|
53
|
-
cache is updated so Chef can install packages, or consider putting
|
54
|
-
apt-get in your bootstrap process or
|
55
|
-
[knife bootstrap template](http://wiki.opscode.com/display/chef/Knife+Bootstrap).
|
56
|
-
|
57
|
-
On RHEL, SELinux is enabled by default. The `selinux` cookbook
|
58
|
-
contains a `permissive` recipe that can be used to set SELinux to
|
59
|
-
"Permissive" state. Otherwise, additional recipes need to be created
|
60
|
-
by the user to address SELinux permissions.
|
61
|
-
|
62
|
-
The easiest but **certainly not ideal way** to deal with IPtables is
|
63
|
-
to flush all rules. Opscode does provide an `iptables` cookbook but is
|
64
|
-
migrating from the approach used there to a more robust solution
|
65
|
-
utilizing a general "firewall" LWRP that would have an "iptables"
|
66
|
-
provider. Alternately, you can use ufw, with Opscode's `ufw` and
|
67
|
-
`firewall` cookbooks to set up rules. See those cookbooks' READMEs for
|
68
|
-
documentation.
|
69
|
-
|
70
|
-
Build/compile tools may not be installed on the system by default.
|
71
|
-
Some recipes (e.g., `apache2::mod_auth_openid`) build the module from
|
72
|
-
source. Use Opscode's `build-essential` cookbook to get essential
|
73
|
-
build packages installed.
|
74
|
-
|
75
|
-
On ArchLinux, if you are using the `apache2::mod_auth_openid` recipe,
|
76
|
-
you also need the `pacman` cookbook for the `pacman_aur` LWRP. Put
|
77
|
-
`recipe[pacman]` on the node's expanded run list (on the node or in a
|
78
|
-
role). This is not an explicit dependency because it is only required
|
79
|
-
for this single recipe and platform; the pacman default recipe
|
80
|
-
performs `pacman -Sy` to keep pacman's package cache updated.
|
81
|
-
|
82
|
-
The `apache2::god_monitor` recipe uses a definition from the `god`
|
83
|
-
cookbook. Include `recipe[god]` in the node's expanded run list to
|
84
|
-
ensure that the cookbook is available to the node, and to set up `god`.
|
85
|
-
|
86
|
-
## Platforms:
|
87
|
-
|
88
|
-
The following platforms and versions are tested and supported using
|
89
|
-
Opscode's [test-kitchen](http://github.com/opscode/test-kitchen).
|
90
|
-
|
91
|
-
* Ubuntu 10.04, 12.04
|
92
|
-
* CentOS 5.8, 6.3
|
93
|
-
|
94
|
-
The following platform families are supported in the code, and are
|
95
|
-
assumed to work based on the successful testing on Ubuntu and CentOS.
|
96
|
-
|
97
|
-
* Debian
|
98
|
-
* Red Hat (rhel)
|
99
|
-
* Fedora
|
100
|
-
* Amazon Linux
|
101
|
-
|
102
|
-
The following platforms are also supported in the code, have been
|
103
|
-
tested manually but are not tested under test-kitchen.
|
104
|
-
|
105
|
-
* SUSE/OpenSUSE
|
106
|
-
* ArchLinux
|
107
|
-
* FreeBSD
|
108
|
-
|
109
|
-
### Notes for RHEL Family:
|
110
|
-
|
111
|
-
On Red Hat Enterprise Linux and derivatives, the EPEL repository may
|
112
|
-
be necessary to install packages used in certain recipes. The
|
113
|
-
`apache2::default` recipe, however, does not require any additional
|
114
|
-
repositories. Opscode's `yum` cookbook contains a recipe to add the
|
115
|
-
EPEL repository. See __Examples__ for more information.
|
116
|
-
|
117
|
-
### Notes for FreeBSD:
|
118
|
-
|
119
|
-
The `apache2::mod_php5` recipe depends on the `freebsd` cookbook,
|
120
|
-
which it uses to set the correct options for compiling the `php5` port
|
121
|
-
from sources. You need to ensure the `freebsd` is in the expanded run
|
122
|
-
list, or this recipe will fail. We don't set an explicit dependency
|
123
|
-
because we feel the `freebsd` cookbook is something users would want
|
124
|
-
on their nodes, and due to the generality of this cookbook we don't
|
125
|
-
want additional specific dependencies.
|
126
|
-
|
127
|
-
Tests
|
128
|
-
=====
|
129
|
-
|
130
|
-
This cookbook in the
|
131
|
-
[source repository](https://github.com/opscode-cookbooks/apache2)
|
132
|
-
contains minitest and cucumber tests. This is an initial proof of
|
133
|
-
concept that will be fleshed out with more supporting infrastructure
|
134
|
-
at a future time.
|
135
|
-
|
136
|
-
Please see the CONTRIBUTING file for information on how to add tests
|
137
|
-
for your contributions.
|
138
|
-
|
139
|
-
Attributes
|
140
|
-
==========
|
141
|
-
|
142
|
-
This cookbook uses many attributes, broken up into a few different
|
143
|
-
kinds.
|
144
|
-
|
145
|
-
Platform specific
|
146
|
-
-----------------
|
147
|
-
|
148
|
-
In order to support the broadest number of platforms, several
|
149
|
-
attributes are determined based on the node's platform. See the
|
150
|
-
attributes/default.rb file for default values in the case statement at
|
151
|
-
the top of the file.
|
152
|
-
|
153
|
-
* `node['apache']['dir']` - Location for the Apache configuration
|
154
|
-
* `node['apache']['log_dir']` - Location for Apache logs
|
155
|
-
* `node['apache']['user']` - User Apache runs as
|
156
|
-
* `node['apache']['group']` - Group Apache runs as
|
157
|
-
* `node['apache']['binary']` - Apache httpd server daemon
|
158
|
-
* `node['apache']['icondir']` - Location for icons
|
159
|
-
* `node['apache']['cache_dir']` - Location for cached files used by Apache itself or recipes
|
160
|
-
* `node['apache']['pid_file']` - Location of the PID file for Apache httpd
|
161
|
-
* `node['apache']['lib_dir']` - Location for shared libraries
|
162
|
-
* `node['apache']['default_site_enabled']` - Default site enabled. Defaults to true on redhat-family platforms
|
163
|
-
* `node['apache']['ext_status']` - if true, enables ExtendedStatus for `mod_status`
|
164
|
-
|
165
|
-
General settings
|
166
|
-
----------------
|
167
|
-
|
168
|
-
These are general settings used in recipes and templates. Default
|
169
|
-
values are noted.
|
170
|
-
|
171
|
-
* `node['apache']['listen_ports']` - Ports that httpd should listen on. Default is an array of ports 80 and 443.
|
172
|
-
* `node['apache']['contact']` - Value for ServerAdmin directive. Default "ops@example.com".
|
173
|
-
* `node['apache']['timeout']` - Value for the Timeout directive. Default is 300.
|
174
|
-
* `node['apache']['keepalive']` - Value for the KeepAlive directive. Default is On.
|
175
|
-
* `node['apache']['keepaliverequests']` - Value for MaxKeepAliveRequests. Default is 100.
|
176
|
-
* `node['apache']['keepalivetimeout']` - Value for the KeepAliveTimeout directive. Default is 5.
|
177
|
-
* `node['apache']['default_modules']` - Array of module names. Can take "mod_FOO" or "FOO" as names, where FOO is the apache module, e.g. "`mod_status`" or "`status`".
|
178
|
-
|
179
|
-
The modules listed in `default_modules` will be included as recipes in `recipe[apache::default]`.
|
180
|
-
|
181
|
-
Prefork attributes
|
182
|
-
------------------
|
183
|
-
|
184
|
-
Prefork attributes are used for tuning the Apache HTTPD prefork MPM
|
185
|
-
configuration.
|
186
|
-
|
187
|
-
* `node['apache']['prefork']['startservers']` - initial number of server processes to start. Default is 16.
|
188
|
-
* `node['apache']['prefork']['minspareservers']` - minimum number of spare server processes. Default 16.
|
189
|
-
* `node['apache']['prefork']['maxspareservers']` - maximum number of spare server processes. Default 32.
|
190
|
-
* `node['apache']['prefork']['serverlimit']` - upper limit on configurable server processes. Default 400.
|
191
|
-
* `node['apache']['prefork']['maxclients']` - Maximum number of simultaneous connections.
|
192
|
-
* `node['apache']['prefork']['maxrequestsperchild']` - Maximum number of request a child process will handle. Default 10000.
|
193
|
-
|
194
|
-
Worker attributes
|
195
|
-
-----------------
|
196
|
-
|
197
|
-
Worker attributes are used for tuning the Apache HTTPD worker MPM
|
198
|
-
configuration.
|
199
|
-
|
200
|
-
* `node['apache']['worker']['startservers']` - Initial number of server processes to start. Default 4
|
201
|
-
* `node['apache']['worker']['maxclients']` - Maximum number of simultaneous connections. Default 1024.
|
202
|
-
* `node['apache']['worker']['minsparethreads']` - Minimum number of spare worker threads. Default 64
|
203
|
-
* `node['apache']['worker']['maxsparethreads']` - Maximum number of spare worker threads. Default 192.
|
204
|
-
* `node['apache']['worker']['maxrequestsperchild']` - Maximum number of requests a child process will handle.
|
205
|
-
|
206
|
-
mod\_auth\_openid attributes
|
207
|
-
----------------------------
|
208
|
-
|
209
|
-
The following attributes are in the `attributes/mod_auth_openid.rb`
|
210
|
-
file. Like all Chef attributes files, they are loaded as well, but
|
211
|
-
they're logistically unrelated to the others, being specific to the
|
212
|
-
`mod_auth_openid` recipe.
|
213
|
-
|
214
|
-
* `node['apache']['mod_auth_openid']['checksum']` - sha256sum of the tarball containing the source.
|
215
|
-
* `node['apache']['mod_auth_openid']['version']` - version of the `mod_auth_openid` to download.
|
216
|
-
* `node['apache']['mod_auth_openid']['cache_dir']` - the cache directory is where the sqlite3 database is stored. It is separate so it can be managed as a directory resource.
|
217
|
-
* `node['apache']['mod_auth_openid']['dblocation']` - filename of the sqlite3 database used for directive `AuthOpenIDDBLocation`, stored in the `cache_dir` by default.
|
218
|
-
* `node['apache']['mod_auth_openid']['configure_flags']` - optional array of configure flags passed to the `./configure` step in the compilation of the module.
|
219
|
-
|
220
|
-
Recipes
|
221
|
-
=======
|
222
|
-
|
223
|
-
Most of the recipes in the cookbook are for enabling Apache modules.
|
224
|
-
Where additional configuration or behavior is used, it is documented
|
225
|
-
below in more detail.
|
226
|
-
|
227
|
-
The following recipes merely enable the specified module: `mod_alias`,
|
228
|
-
`mod_basic`, `mod_digest`, `mod_authn_file`, `mod_authnz_ldap`,
|
229
|
-
`mod_authz_default`, `mod_authz_groupfile`, `mod_authz_host`,
|
230
|
-
`mod_authz_user`, `mod_autoindex`, `mod_cgi`, `mod_dav_fs`,
|
231
|
-
`mod_dav_svn`, `mod_deflate`, `mod_dir`, `mod_env`, `mod_expires`,
|
232
|
-
`mod_headers`, `mod_ldap`, `mod_log_config`, `mod_mime`,
|
233
|
-
`mod_negotiation`, `mod_proxy`, `mod_proxy_ajp`, `mod_proxy_balancer`,
|
234
|
-
`mod_proxy_connect`, `mod_proxy_http`, `mod_python`, `mod_rewrite`,
|
235
|
-
`mod_setenvif`, `mod_status`, `mod_wsgi`, `mod_xsendfile`.
|
236
|
-
|
237
|
-
On RHEL Family distributions, certain modules ship with a config file
|
238
|
-
with the package. The recipes here may delete those configuration
|
239
|
-
files to ensure they don't conflict with the settings from the
|
240
|
-
cookbook, which will use per-module configuration in
|
241
|
-
`/etc/httpd/mods-enabled`.
|
242
|
-
|
243
|
-
default
|
244
|
-
-------
|
245
|
-
|
246
|
-
The default recipe does a number of things to set up Apache HTTPd. It
|
247
|
-
also includes a number of modules based on the attribute
|
248
|
-
`node['apache']['default_modules']` as recipes.
|
249
|
-
|
250
|
-
logrotate
|
251
|
-
---------
|
252
|
-
|
253
|
-
Logrotate adds a logrotate entry for your apache2 logs. This recipe
|
254
|
-
requires the `logrotate` cookbook; ensure that `recipe[logrotate]` is
|
255
|
-
in the node's expanded run list.
|
256
|
-
|
257
|
-
mod\_auth\_cas
|
258
|
-
--------------
|
259
|
-
|
260
|
-
This recipe installs the proper package and enables the `auth_cas`
|
261
|
-
module. It can install from source or package. Package is the default,
|
262
|
-
set the attribute `node['apache']['mod_auth_cas']['from_source']` to
|
263
|
-
true to enable source installation. Modify the version to install by
|
264
|
-
changing the attribute
|
265
|
-
`node['apache']['mod_auth_cas']['source_revision']`. It is a version
|
266
|
-
tag by default, but could be master, or another tag, or branch.
|
267
|
-
|
268
|
-
The module configuration is written out with the `CASCookiePath` set,
|
269
|
-
otherwise an error loading the module may cause Apache to not start.
|
270
|
-
|
271
|
-
**Note**: This recipe does not work on EL 6 platforms unless
|
272
|
-
epel-testing repository is enabled (outside the scope of this
|
273
|
-
cookbook), or the package version 1.0.8.1-3.el6 or higher is otherwise
|
274
|
-
available to the system due to this bug:
|
275
|
-
|
276
|
-
https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=708550
|
277
|
-
|
278
|
-
mod\_auth\_openid
|
279
|
-
-----------------
|
280
|
-
|
281
|
-
**Changed via COOK-915**
|
282
|
-
|
283
|
-
This recipe compiles the module from source. In addition to
|
284
|
-
`build-essential`, some other packages are included for installation
|
285
|
-
like the GNU C++ compiler and development headers.
|
286
|
-
|
287
|
-
To use the module in your own cookbooks to authenticate systems using
|
288
|
-
OpenIDs, specify an array of OpenIDs that are allowed to authenticate
|
289
|
-
with the attribute `node['apache']['allowed_openids']`. Use the
|
290
|
-
following in a vhost to protect with OpenID authentication:
|
291
|
-
|
292
|
-
AuthType OpenID require user <%= node['apache']['allowed_openids'].join(' ') %>
|
293
|
-
AuthOpenIDDBLocation <%= node['apache']['mod_auth_openid']['dblocation'] %>
|
294
|
-
|
295
|
-
Change the DBLocation with the attribute as required; this file is in
|
296
|
-
a different location than previous versions, see below. It should be a
|
297
|
-
sane default for most platforms, though, see
|
298
|
-
`attributes/mod_auth_openid.rb`.
|
299
|
-
|
300
|
-
### Changes from COOK-915:
|
301
|
-
|
302
|
-
* `AuthType OpenID` instead of `AuthOpenIDEnabled On`.
|
303
|
-
* `require user` instead of `AuthOpenIDUserProgram`.
|
304
|
-
* A bug(?) in `mod_auth_openid` causes it to segfault when attempting
|
305
|
-
to update the database file if the containing directory is not
|
306
|
-
writable by the HTTPD process owner (e.g., www-data), even if the
|
307
|
-
file is writable. In order to not interfere with other settings from
|
308
|
-
the default recipe in this cookbook, the db file is moved.
|
309
|
-
|
310
|
-
mod\_fastcgi
|
311
|
-
------------
|
312
|
-
|
313
|
-
Install the fastcgi package and enable the module.
|
314
|
-
|
315
|
-
Only work on Debian/Ubuntu
|
316
|
-
|
317
|
-
mod\_fcgid
|
318
|
-
----------
|
319
|
-
|
320
|
-
Installs the fcgi package and enables the module. Requires EPEL on
|
321
|
-
RHEL family.
|
322
|
-
|
323
|
-
On RHEL family, this recipe will delete the fcgid.conf and on version
|
324
|
-
6+, create the /var/run/httpd/mod_fcgid` directory, which prevents the
|
325
|
-
emergency error:
|
326
|
-
|
327
|
-
[emerg] (2)No such file or directory: mod_fcgid: Can't create shared memory for size XX bytes
|
328
|
-
|
329
|
-
mod\_php5
|
330
|
-
--------
|
331
|
-
|
332
|
-
Simply installs the appropriate package on Debian, Ubuntu and
|
333
|
-
ArchLinux.
|
334
|
-
|
335
|
-
On Red Hat family distributions including Fedora, the php.conf that
|
336
|
-
comes with the package is removed. On RHEL platforms less than v6, the
|
337
|
-
`php53` package is used.
|
338
|
-
|
339
|
-
mod\_ssl
|
340
|
-
--------
|
341
|
-
|
342
|
-
Besides installing and enabling `mod_ssl`, this recipe will append
|
343
|
-
port 443 to the `node['apache']['listen_ports']` attribute array and
|
344
|
-
update the ports.conf.
|
345
|
-
|
346
|
-
god\_monitor
|
347
|
-
------------
|
348
|
-
|
349
|
-
Sets up a `god` monitor for Apache. External requirements are the
|
350
|
-
`god` and `runit` cookbooks from Opscode. When using this recipe,
|
351
|
-
include `recipe[god]` in the node's expanded run list to ensure the
|
352
|
-
client downloads it; `god` depends on runit so that will also be
|
353
|
-
downloaded.
|
354
|
-
|
355
|
-
**Note** This recipe is not tested under test-kitchen yet and is
|
356
|
-
pending fix in COOK-744.
|
357
|
-
|
358
|
-
Definitions
|
359
|
-
===========
|
360
|
-
|
361
|
-
The cookbook provides a few definitions. At some point in the future
|
362
|
-
these definitions may be refactored into lightweight resources and
|
363
|
-
providers as suggested by
|
364
|
-
[foodcritic rule FC015](http://acrmp.github.com/foodcritic/#FC015).
|
365
|
-
|
366
|
-
apache\_conf
|
367
|
-
------------
|
368
|
-
|
369
|
-
Sets up configuration file for an Apache module from a template. The
|
370
|
-
template should be in the same cookbook where the definition is used.
|
371
|
-
This is used by the `apache_module` definition and is not often used
|
372
|
-
directly.
|
373
|
-
|
374
|
-
This will use a template resource to write the module's configuration
|
375
|
-
file in the `mods-available` under the Apache configuration directory
|
376
|
-
(`node['apache']['dir']`). This is a platform-dependent location. See
|
377
|
-
__apache\_module__.
|
378
|
-
|
379
|
-
### Parameters:
|
380
|
-
|
381
|
-
* `name` - Name of the template. When used from the `apache_module`,
|
382
|
-
it will use the same name as the module.
|
383
|
-
|
384
|
-
### Examples:
|
385
|
-
|
386
|
-
Create `#{node['apache']['dir']}/mods-available/alias.conf`.
|
387
|
-
|
388
|
-
apache_conf "alias"
|
389
|
-
|
390
|
-
apache\_module
|
391
|
-
--------------
|
392
|
-
|
393
|
-
Enable or disable an Apache module in
|
394
|
-
`#{node['apache']['dir']}/mods-available` by calling `a2enmod` or
|
395
|
-
`a2dismod` to manage the symbolic link in
|
396
|
-
`#{node['apache']['dir']}/mods-enabled`. If the module has a
|
397
|
-
configuration file, a template should be created in the cookbook where
|
398
|
-
the definition is used. See __Examples__.
|
399
|
-
|
400
|
-
### Parameters:
|
401
|
-
|
402
|
-
* `name` - Name of the module enabled or disabled with the `a2enmod` or `a2dismod` scripts.
|
403
|
-
* `enable` - Default true, which uses `a2enmod` to enable the module. If false, the module will be disabled with `a2dismod`.
|
404
|
-
* `conf` - Default false. Set to true if the module has a config file, which will use `apache_conf` for the file.
|
405
|
-
* `filename` - specify the full name of the file, e.g.
|
406
|
-
|
407
|
-
### Examples:
|
408
|
-
|
409
|
-
Enable the ssl module, which also has a configuration template in `templates/default/ssl.conf.erb`.
|
410
|
-
|
411
|
-
apache_module "ssl" do
|
412
|
-
conf true
|
413
|
-
end
|
414
|
-
|
415
|
-
Enable the php5 module, which has a different filename than the module default:
|
416
|
-
|
417
|
-
apache_module "php5" do
|
418
|
-
filename "libphp5.so"
|
419
|
-
end
|
420
|
-
|
421
|
-
Disable a module:
|
422
|
-
|
423
|
-
apache_module "disabled_module" do
|
424
|
-
enable false
|
425
|
-
end
|
426
|
-
|
427
|
-
See the recipes directory for many more examples of `apache_module`.
|
428
|
-
|
429
|
-
apache\_site
|
430
|
-
------------
|
431
|
-
|
432
|
-
Enable or disable a VirtualHost in
|
433
|
-
`#{node['apache']['dir']}/sites-available` by calling a2ensite or
|
434
|
-
a2dissite to manage the symbolic link in
|
435
|
-
`#{node['apache']['dir']}/sites-enabled`.
|
436
|
-
|
437
|
-
The template for the site must be managed as a separate resource. To
|
438
|
-
combine the template with enabling a site, see `web_app`.
|
439
|
-
|
440
|
-
### Parameters:
|
441
|
-
|
442
|
-
* `name` - Name of the site.
|
443
|
-
* `enable` - Default true, which uses `a2ensite` to enable the site. If false, the site will be disabled with `a2dissite`.
|
444
|
-
|
445
|
-
web\_app
|
446
|
-
--------
|
447
|
-
|
448
|
-
Manage a template resource for a VirtualHost site, and enable it with
|
449
|
-
`apache_site`. This is commonly done for managing web applications
|
450
|
-
such as Ruby on Rails, PHP or Django, and the default behavior
|
451
|
-
reflects that. However it is flexible.
|
452
|
-
|
453
|
-
This definition includes some recipes to make sure the system is
|
454
|
-
configured to have Apache and some sane default modules:
|
455
|
-
|
456
|
-
* `apache2`
|
457
|
-
* `apache2::mod_rewrite`
|
458
|
-
* `apache2::mod_deflate`
|
459
|
-
* `apache2::mod_headers`
|
460
|
-
|
461
|
-
It will then configure the template (see __Parameters__ and
|
462
|
-
__Examples__ below), and enable or disable the site per the `enable`
|
463
|
-
parameter.
|
464
|
-
|
465
|
-
### Parameters:
|
466
|
-
|
467
|
-
Current parameters used by the definition:
|
468
|
-
|
469
|
-
* `name` - The name of the site. The template will be written to
|
470
|
-
`#{node['apache']['dir']}/sites-available/#{params['name']}.conf`
|
471
|
-
* `cookbook` - Optional. Cookbook where the source template is. If
|
472
|
-
this is not defined, Chef will use the named template in the
|
473
|
-
cookbook where the definition is used.
|
474
|
-
* `template` - Default `web_app.conf.erb`, source template file.
|
475
|
-
* `enable` - Default true. Passed to the `apache_site` definition.
|
476
|
-
|
477
|
-
Additional parameters can be defined when the definition is called in
|
478
|
-
a recipe, see __Examples__.
|
479
|
-
|
480
|
-
### Examples:
|
481
|
-
|
482
|
-
All parameters are passed into the template. You can use whatever you
|
483
|
-
like. The apache2 cookbook comes with a `web_app.conf.erb` template as
|
484
|
-
an example. The following parameters are used in the template:
|
485
|
-
|
486
|
-
* `server_name` - ServerName directive.
|
487
|
-
* `server_aliases` - ServerAlias directive. Must be an array of aliases.
|
488
|
-
* `docroot` - DocumentRoot directive.
|
489
|
-
* `application_name` - Used in RewriteLog directive. Will be set to the `name` parameter.
|
490
|
-
|
491
|
-
To use the default web_app, for example:
|
492
|
-
|
493
|
-
web_app "my_site" do
|
494
|
-
server_name node['hostname']
|
495
|
-
server_aliases [node['fqdn'], "my-site.example.com"]
|
496
|
-
docroot "/srv/www/my_site"
|
497
|
-
end
|
498
|
-
|
499
|
-
The parameters specified will be used as:
|
500
|
-
|
501
|
-
* `@params[:server_name]`
|
502
|
-
* `@params[:server_aliases]`
|
503
|
-
* `@params[:docroot]`
|
504
|
-
|
505
|
-
In the template. When you write your own, the `@` is significant.
|
506
|
-
|
507
|
-
For more information about Definitions and parameters, see the
|
508
|
-
[Chef Wiki](http://wiki.opscode.com/display/chef/Definitions)
|
509
|
-
|
510
|
-
Usage
|
511
|
-
=====
|
512
|
-
|
513
|
-
Using this cookbook is relatively straightforward. Add the desired
|
514
|
-
recipes to the run list of a node, or create a role. Depending on your
|
515
|
-
environment, you may have multiple roles that use different recipes
|
516
|
-
from this cookbook. Adjust any attributes as desired. For example, to
|
517
|
-
create a basic role for web servers that provide both HTTP and HTTPS:
|
518
|
-
|
519
|
-
% cat roles/webserver.rb
|
520
|
-
name "webserver"
|
521
|
-
description "Systems that serve HTTP and HTTPS"
|
522
|
-
run_list(
|
523
|
-
"recipe[apache2]",
|
524
|
-
"recipe[apache2::mod_ssl]"
|
525
|
-
)
|
526
|
-
default_attributes(
|
527
|
-
"apache2" => {
|
528
|
-
"listen_ports" => ["80", "443"]
|
529
|
-
}
|
530
|
-
)
|
531
|
-
|
532
|
-
For examples of using the definitions in your own recipes, see their
|
533
|
-
respective sections above.
|
534
|
-
|
535
|
-
License and Authors
|
536
|
-
===================
|
537
|
-
|
538
|
-
* Author:: Adam Jacob <adam@opscode.com>
|
539
|
-
* Author:: Joshua Timberman <joshua@opscode.com>
|
540
|
-
* Author:: Bryan McLellan <bryanm@widemile.com>
|
541
|
-
* Author:: Dave Esposito <esposito@espolinux.corpnet.local>
|
542
|
-
* Author:: David Abdemoulaie <github@hobodave.com>
|
543
|
-
* Author:: Edmund Haselwanter <edmund@haselwanter.com>
|
544
|
-
* Author:: Eric Rochester <err8n@virginia.edu>
|
545
|
-
* Author:: Jim Browne <jbrowne@42lines.net>
|
546
|
-
* Author:: Matthew Kent <mkent@magoazul.com>
|
547
|
-
* Author:: Nathen Harvey <nharvey@customink.com>
|
548
|
-
* Author:: Ringo De Smet <ringo.de.smet@amplidata.com>
|
549
|
-
* Author:: Sean OMeara <someara@opscode.com>
|
550
|
-
* Author:: Seth Chisamore <schisamo@opscode.com>
|
551
|
-
* Author:: Gilles Devaux <gilles@peerpong.com>
|
552
|
-
|
553
|
-
* Copyright:: 2009-2012, Opscode, Inc
|
554
|
-
* Copyright:: 2011, Atriso
|
555
|
-
* Copyright:: 2011, CustomInk, LLC.
|
556
|
-
|
557
|
-
Licensed under the Apache License, Version 2.0 (the "License");
|
558
|
-
you may not use this file except in compliance with the License.
|
559
|
-
You may obtain a copy of the License at
|
560
|
-
|
561
|
-
http://www.apache.org/licenses/LICENSE-2.0
|
562
|
-
|
563
|
-
Unless required by applicable law or agreed to in writing, software
|
564
|
-
distributed under the License is distributed on an "AS IS" BASIS,
|
565
|
-
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
566
|
-
See the License for the specific language governing permissions and
|
567
|
-
limitations under the License.
|