3 # This class installs Apache
9 # - Manage Apache service
16 $apache_name = $::apache::params::apache_name,
17 $service_name = $::apache::params::service_name,
19 $default_vhost = true,
20 $default_charset = undef,
21 $default_confd_files = true,
22 $default_ssl_vhost = false,
23 $default_ssl_cert = $::apache::params::default_ssl_cert,
24 $default_ssl_key = $::apache::params::default_ssl_key,
25 $default_ssl_chain = undef,
26 $default_ssl_ca = undef,
27 $default_ssl_crl_path = undef,
28 $default_ssl_crl = undef,
29 $default_ssl_crl_check = undef,
30 $default_type = 'none',
32 $service_enable = true,
33 $service_manage = true,
34 $service_ensure = 'running',
35 $service_restart = undef,
36 $purge_configs = true,
37 $purge_vhost_dir = undef,
39 $serveradmin = 'root@localhost',
41 $error_documents = false,
43 $httpd_dir = $::apache::params::httpd_dir,
44 $server_root = $::apache::params::server_root,
45 $conf_dir = $::apache::params::conf_dir,
46 $confd_dir = $::apache::params::confd_dir,
47 $vhost_dir = $::apache::params::vhost_dir,
48 $vhost_enable_dir = $::apache::params::vhost_enable_dir,
49 $mod_dir = $::apache::params::mod_dir,
50 $mod_enable_dir = $::apache::params::mod_enable_dir,
51 $mpm_module = $::apache::params::mpm_module,
52 $lib_path = $::apache::params::lib_path,
53 $conf_template = $::apache::params::conf_template,
54 $servername = $::apache::params::servername,
57 $user = $::apache::params::user,
58 $group = $::apache::params::group,
59 $keepalive = $::apache::params::keepalive,
60 $keepalive_timeout = $::apache::params::keepalive_timeout,
61 $max_keepalive_requests = $::apache::params::max_keepalive_requests,
62 $logroot = $::apache::params::logroot,
63 $logroot_mode = $::apache::params::logroot_mode,
64 $log_level = $::apache::params::log_level,
66 $ports_file = $::apache::params::ports_file,
67 $docroot = $::apache::params::docroot,
68 $apache_version = $::apache::version::default,
69 $server_tokens = 'OS',
70 $server_signature = 'On',
72 $allow_encoded_slashes = undef,
73 $package_ensure = 'installed',
74 $use_optional_includes = $::apache::params::use_optional_includes,
75 ) inherits ::apache::params {
76 validate_bool($default_vhost)
77 validate_bool($default_ssl_vhost)
78 validate_bool($default_confd_files)
79 # true/false is sufficient for both ensure and enable
80 validate_bool($service_enable)
81 validate_bool($service_manage)
82 validate_bool($use_optional_includes)
84 $valid_mpms_re = $apache_version ? {
85 '2.4' => '(event|itk|peruser|prefork|worker)',
86 default => '(event|itk|prefork|worker)'
90 validate_re($mpm_module, $valid_mpms_re)
93 if $allow_encoded_slashes {
94 validate_re($allow_encoded_slashes, '(^on$|^off$|^nodecode$)', "${allow_encoded_slashes} is not permitted for allow_encoded_slashes. Allowed values are 'on', 'off' or 'nodecode'.")
97 # NOTE: on FreeBSD it's mpm module's responsibility to install httpd package.
98 # NOTE: the same strategy may be introduced for other OSes. For this, you
99 # should delete the 'if' block below and modify all MPM modules' manifests
100 # such that they include apache::package class (currently event.pp, itk.pp,
101 # peruser.pp, prefork.pp, worker.pp).
102 if $::osfamily != 'FreeBSD' {
104 ensure => $package_ensure,
105 name => $apache_name,
106 notify => Class['Apache::Service'],
109 validate_re($sendfile, [ '^[oO]n$' , '^[oO]ff$' ])
111 # declare the web server user and group
112 # Note: requiring the package means the package ought to create them and not puppet
113 validate_bool($manage_user)
118 require => Package['httpd'],
121 validate_bool($manage_group)
125 require => Package['httpd']
129 validate_apache_log_level($log_level)
131 class { '::apache::service':
132 service_name => $service_name,
133 service_enable => $service_enable,
134 service_manage => $service_manage,
135 service_ensure => $service_ensure,
136 service_restart => $service_restart,
139 # Deprecated backwards-compatibility
141 warning('Class[\'apache\'] parameter purge_vdir is deprecated in favor of purge_configs')
142 $purge_confd = $purge_vdir
144 $purge_confd = $purge_configs
147 # Set purge vhostd appropriately
148 if $purge_vhost_dir == undef {
149 $purge_vhostd = $purge_confd
151 $purge_vhostd = $purge_vhost_dir
155 path => '/bin:/sbin:/usr/bin:/usr/sbin',
158 exec { "mkdir ${confd_dir}":
159 creates => $confd_dir,
160 require => Package['httpd'],
165 purge => $purge_confd,
166 notify => Class['Apache::Service'],
167 require => Package['httpd'],
170 if ! defined(File[$mod_dir]) {
171 exec { "mkdir ${mod_dir}":
173 require => Package['httpd'],
175 # Don't purge available modules if an enable dir is used
176 $purge_mod_dir = $purge_configs and !$mod_enable_dir
180 purge => $purge_mod_dir,
181 notify => Class['Apache::Service'],
182 require => Package['httpd'],
186 if $mod_enable_dir and ! defined(File[$mod_enable_dir]) {
187 $mod_load_dir = $mod_enable_dir
188 exec { "mkdir ${mod_enable_dir}":
189 creates => $mod_enable_dir,
190 require => Package['httpd'],
192 file { $mod_enable_dir:
195 purge => $purge_configs,
196 notify => Class['Apache::Service'],
197 require => Package['httpd'],
200 $mod_load_dir = $mod_dir
203 if ! defined(File[$vhost_dir]) {
204 exec { "mkdir ${vhost_dir}":
205 creates => $vhost_dir,
206 require => Package['httpd'],
211 purge => $purge_vhostd,
212 notify => Class['Apache::Service'],
213 require => Package['httpd'],
217 if $vhost_enable_dir and ! defined(File[$vhost_enable_dir]) {
218 $vhost_load_dir = $vhost_enable_dir
219 exec { "mkdir ${vhost_load_dir}":
220 creates => $vhost_load_dir,
221 require => Package['httpd'],
223 file { $vhost_enable_dir:
226 purge => $purge_vhostd,
227 notify => Class['Apache::Service'],
228 require => Package['httpd'],
231 $vhost_load_dir = $vhost_dir
234 concat { $ports_file:
236 group => $::apache::params::root_group,
238 notify => Class['Apache::Service'],
239 require => Package['httpd'],
241 concat::fragment { 'Apache ports header':
243 target => $ports_file,
244 content => template('apache/ports_header.erb')
247 if $::apache::conf_dir and $::apache::params::conf_file {
250 $pidfile = "\${APACHE_PID_FILE}"
251 $error_log = 'error.log'
252 $scriptalias = '/usr/lib/cgi-bin'
253 $access_log_file = 'access.log'
256 $pidfile = 'run/httpd.pid'
257 $error_log = 'error_log'
258 $scriptalias = '/var/www/cgi-bin'
259 $access_log_file = 'access_log'
262 $pidfile = '/var/run/httpd.pid'
263 $error_log = 'httpd-error.log'
264 $scriptalias = '/usr/local/www/apache24/cgi-bin'
265 $access_log_file = 'httpd-access.log'
267 $pidfile = '/run/apache2.pid'
268 $error_log = 'error.log'
269 $error_documents_path = '/usr/share/apache2/error'
270 $scriptalias = '/var/www/localhost/cgi-bin'
271 $access_log_file = 'access.log'
273 ::portage::makeconf { 'apache2_modules':
274 content => $default_mods,
277 '/etc/apache2/modules.d/.keep_www-servers_apache-2',
278 '/etc/apache2/vhosts.d/.keep_www-servers_apache-2'
281 require => Package['httpd'],
285 $pidfile = '/var/run/httpd2.pid'
286 $error_log = 'error.log'
287 $scriptalias = '/usr/lib/cgi-bin'
288 $access_log_file = 'access.log'
291 fail("Unsupported osfamily ${::osfamily}")
295 $apxs_workaround = $::osfamily ? {
312 # - $error_documents_path
315 # - $keepalive_timeout
316 # - $max_keepalive_requests
319 # - $server_signature
321 file { "${::apache::conf_dir}/${::apache::params::conf_file}":
323 content => template($conf_template),
324 notify => Class['Apache::Service'],
325 require => Package['httpd'],
328 # preserve back-wards compatibility to the times when default_mods was
329 # only a boolean value. Now it can be an array (too)
330 if is_array($default_mods) {
331 class { '::apache::default_mods':
333 mods => $default_mods,
336 class { '::apache::default_mods':
337 all => $default_mods,
340 class { '::apache::default_confd_files':
341 all => $default_confd_files
344 class { "::apache::mod::${mpm_module}": }
347 $default_vhost_ensure = $default_vhost ? {
351 $default_ssl_vhost_ensure = $default_ssl_vhost ? {
356 ::apache::vhost { 'default':
357 ensure => $default_vhost_ensure,
360 scriptalias => $scriptalias,
361 serveradmin => $serveradmin,
362 access_log_file => $access_log_file,
365 logroot_mode => $logroot_mode,
366 manage_docroot => $default_vhost,
368 $ssl_access_log_file = $::osfamily ? {
369 'freebsd' => $access_log_file,
370 default => "ssl_${access_log_file}",
372 ::apache::vhost { 'default-ssl':
373 ensure => $default_ssl_vhost_ensure,
377 scriptalias => $scriptalias,
378 serveradmin => $serveradmin,
379 access_log_file => $ssl_access_log_file,
382 logroot_mode => $logroot_mode,
383 manage_docroot => $default_ssl_vhost,