Defined Type: trac::apache
- Defined in:
- manifests/apache.pp
Overview
Define: trac::apache
Define to handle automatic creation of apache virtualhost. Should be called by tracenv define. This define utilizes the puppetlabs apache module.
Parameters
- apache_user
-
The name of user the apache service runs under, used to ensure proper ownership of files the service needs access to.
- apache_group
-
The name of group the apache service runs under, used to ensure proper ownership of files the service needs access to.
- envpath
-
The root path of the trac environment calling the apache define
- envpath_setype
-
Selinux type to set for related files.
- redir_http
-
Boolean value. Set to true if you want to set up a vhost to redirect all http traffic to https.
- vhost_name
-
The fqdn of your named virtualhost. Wildcards with ‘*’ are acceptable. Setting of this parameter is enforced by the trac::tracenv define.
Examples
This define is intended to be called from a tracenv define. A typical call might be:
trac::apache{$name:
apache_user => 'apache',
apache_group => 'apache',
envpath => '/trac/someenv,
envpath_setype => 'httpd_sys_rw_content_t',
vhost_name => '*',
redir_http => true,
}
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 |
# File 'manifests/apache.pp', line 45
define trac::apache(
$apache_user = $trac::params::apache_user,
$apache_group = $trac::params::apache_group,
$envpath = undef,
$envpath_setype = undef,
$redir_http = false,
$vhost_name = undef,
){
#check to see if apache is already defined so we don't hit a conflict.
if ! defined (Class['::apache']) {
class{'::apache':
default_vhost => false,
}
if ($::osfamily == 'Debian') {
apache::mod {'auth_digest':}
if ($::apache::version::default >= 2.4) {
apache::mod {'authn_core':}
}
}
apache::mod {'wsgi':}
}
#dummy http (port 80) vhost for redirection to https
if $redir_http {
if ! defined (Apache::Vhost['redir_http_host']) {
apache::vhost {'redir_http_host':
port => '80',
docroot => '/var/www/html',
rewrites => [
{
rewrite_cond => ['%{HTTPS} off'],
rewrite_rule => ['(.*) https://%{HTTP_HOST}%{REQUEST_URI}'],
},
],
}
}
}
# The "real" vhost. $vhost_name must be different for each tracenv you call.
apache::vhost{$name:
vhost_name => $vhost_name,
port => '443',
docroot => '/var/www',
ssl => true,
custom_fragment => "WSGIScriptAlias /$name ${envpath}/apache/trac.wsgi",
directories => [
{ path => '/var/www',
options => ['FollowSymLinks', 'MultiViews']},
{ path => "${envpath}/apache",
custom_fragment => 'WSGIApplicationGroup %{GLOBAL}',
order => 'deny,allow',
allow => 'from all'},
{ path => "/$name/login",
provider => 'location',
auth_type => 'Digest',
auth_name => "$name",
auth_digest_domain => $name,
auth_user_file => "$envpath/.htpasswd",
auth_require => 'valid-user',
},
],
}
#make auth file
file{"$envpath/.htpasswd":
ensure => 'present',
mode => '600',
owner => $apache_user,
group => $apache_group,
seltype => $envpath_setype,
require => File[$envpath],
}
#make directory for apache file
file{"$envpath/apache":
ensure => 'directory',
require => File[$envpath],
}
#wsgi trac bootstrap
file{"$envpath/apache/trac.wsgi":
ensure => 'present',
mode => '644',
owner => $apache_user,
group => $apache_group,
content => template('trac/trac.wsgi.erb'),
seltype => $envpath_setype,
require => File["$envpath/apache"],
}
}
|