Puppet Class: redmine::apache

Inherits:
redmine::params
Defined in:
manifests/apache.pp

Overview

Class: redmine::apache

Configure an apache VHost for redmine.

Parameters

user

Name of the user for running redmine passenger. Default: redmine

group

Name of the group for running redmine passenger. Default: redmine

redmine_home

Home directory for the redmine installation. Default: /home/redmine/redmine

template_passenger

Name of the template used for redmine passenger configuration. Default: redmine/passenger.erb

Examples

include '::redmine::apache'

Configuration is done using Hiera.

Authors

Baptiste Grenier <bgrenier@gnubila.fr>

Copyright 2015 gnúbila

Parameters:

  • user (Any) (defaults to: $redmine::owner)
  • group (Any) (defaults to: $user)
  • redmine_home (Any) (defaults to: "${redmine::install_dir}/redmine")
  • template_passenger (Any) (defaults to: params_lookup( 'template_passenger' )) 


37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
 
# File 'manifests/apache.pp', line 37

class redmine::apache (
  $user = $redmine::owner,
  $group = $user,
  $redmine_home = "${redmine::install_dir}/redmine",
  $template_passenger = params_lookup( 'template_passenger' ),
) inherits redmine::params {
  include ::redmine
  include ::apache

  if $::redmine::ssl {
    include ::apache::mod::ssl

    file { $::redmine::ssl_cert:
      ensure  => 'file',
      owner   => $::apache::user,
      group   => $::apache::group,
      mode    => '0640',
      source  => $::redmine::ssl_cert_src,
      notify  => Class['::apache::service'],
      require => [
        File[$::redmine::ssl_cert_key],
        File[$::redmine::ssl_ca_cert],
      ]
    }
    file { $::redmine::ssl_cert_key:
      ensure => 'file',
      owner  => $::apache::user,
      group  => $::apache::group,
      mode   => '0400',
      source => $::redmine::ssl_cert_key_src,
      notify => Class['::apache::service'],
    }
    if ! defined(File[$::redmine::ssl_ca_cert]) {
      file { $::redmine::ssl_ca_cert:
        ensure => 'file',
        owner  => $::apache::user,
        group  => $::apache::group,
        mode   => '0640',
        source => $::redmine::ssl_ca_cert_src,
        notify => Class['::apache::service'],
      }
    }
    if $::redmine::ssl_ca_cert_chain != undef and
      ! defined(File[$::redmine::ssl_ca_cert_chain]) {
      file { $::redmine::ssl_ca_cert_chain:
        ensure => 'file',
        owner  => $::apache::user,
        group  => $::apache::group,
        mode   => '0640',
        source => $::redmine::ssl_ca_cert_chain_src,
        notify => Class['::apache::service'],
      }
    }
  }

  $path = [
    "${::redmine::install_dir}/.rbenv/shims",
    "${::redmine::install_dir}/.rbenv/bin",
    '/bin', '/usr/bin', '/usr/sbin'
  ]
  exec { "gem install passenger --version ${::redmine::passenger_version} --no-ri --no-rdoc":
    user   => $user,
    cwd    => $redmine_home,
    path   => $path,
    unless => "gem list passenger | grep -q '^passenger.*${::redmine::passenger_version}'",
    notify => Exec['passenger-install-apache2-module -a'],
  }
  exec { 'passenger-install-apache2-module -a':
    user        => $user,
    cwd         => $redmine_home,
    path        => $path,
    refreshonly => true,
  }

  file { [ "${redmine_home}/public", "${redmine_home}/tmp" ]:
    ensure => 'directory',
    owner  => $user,
    group  => $group,
  }

  file { "${redmine_home}/config.ru":
    ensure => 'file',
    owner  => $user,
    group  => $user,
    mode   => '0644',
  }

  $rack_location = "${redmine_home}/public/"
  $custom_fragment = "LoadModule passenger_module ${::redmine::install_dir}/.rbenv/versions/${::redmine::ruby_version}/lib/ruby/gems/1.9.1/gems/passenger-${::redmine::passenger_version}/buildout/apache2/mod_passenger.so
PassengerRoot ${::redmine::install_dir}/.rbenv/versions/${::redmine::ruby_version}/lib/ruby/gems/1.9.1/gems/passenger-${::redmine::passenger_version}
PassengerDefaultRuby ${::redmine::install_dir}/.rbenv/versions/${::redmine::ruby_version}/bin/ruby
RailsBaseURI /
# you probably want to tune these settings
PassengerHighPerformance on
PassengerMaxPoolSize 12
PassengerPoolIdleTime 1500
# PassengerMaxRequests 1000
PassengerStatThrottleRate 120"
  apache::vhost { $::redmine::server_name:
    port                 => '443',
    serveraliases        => $::redmine::serveraliases,
    docroot              => $rack_location,
    directories          => [
      {
        path     => $rack_location,
        provider => 'directory',
        order    => 'allow,deny',
        allow    => 'from all',
        options  => ['None'],
        override => ['None'],
      },
    ],
    custom_fragment      => $custom_fragment,
    ssl                  => true,
    ssl_cert             => $::redmine::ssl_cert,
    ssl_key              => $::redmine::ssl_cert_key,
    ssl_chain            => $::redmine::ssl_ca_cert_chain,
    ssl_ca               => $::redmine::ssl_ca_cert,
    ssl_protocol         => $::redmine::ssl_protocol,
    ssl_cipher           => $::redmine::ssl_cipher_suite,
    ssl_honorcipherorder => 'On',
    require              => File['redmine_link']
  }
}