X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=3rdparty%2Fmodules%2Fapache%2Fmanifests%2Fvhost.pp;fp=3rdparty%2Fmodules%2Fapache%2Fmanifests%2Fvhost.pp;h=0000000000000000000000000000000000000000;hb=6e1426dc77fb4e5d51f07c187c6f2219431dc31e;hp=17f61e31325520f181683ae1313da3be60398059;hpb=87423ba664cd5f2bb462ebadd08b1a90d0fe1c8d;p=mirror%2Fdsa-puppet.git diff --git a/3rdparty/modules/apache/manifests/vhost.pp b/3rdparty/modules/apache/manifests/vhost.pp deleted file mode 100644 index 17f61e313..000000000 --- a/3rdparty/modules/apache/manifests/vhost.pp +++ /dev/null @@ -1,889 +0,0 @@ -# See README.md for usage information -define apache::vhost( - $docroot, - $manage_docroot = true, - $virtual_docroot = false, - $port = undef, - $ip = undef, - $ip_based = false, - $add_listen = true, - $docroot_owner = 'root', - $docroot_group = $::apache::params::root_group, - $docroot_mode = undef, - $serveradmin = undef, - $ssl = false, - $ssl_cert = $::apache::default_ssl_cert, - $ssl_key = $::apache::default_ssl_key, - $ssl_chain = $::apache::default_ssl_chain, - $ssl_ca = $::apache::default_ssl_ca, - $ssl_crl_path = $::apache::default_ssl_crl_path, - $ssl_crl = $::apache::default_ssl_crl, - $ssl_crl_check = $::apache::default_ssl_crl_check, - $ssl_certs_dir = $::apache::params::ssl_certs_dir, - $ssl_protocol = undef, - $ssl_cipher = undef, - $ssl_honorcipherorder = undef, - $ssl_verify_client = undef, - $ssl_verify_depth = undef, - $ssl_options = undef, - $ssl_proxyengine = false, - $priority = undef, - $default_vhost = false, - $servername = $name, - $serveraliases = [], - $options = ['Indexes','FollowSymLinks','MultiViews'], - $override = ['None'], - $directoryindex = '', - $vhost_name = '*', - $logroot = $::apache::logroot, - $logroot_ensure = 'directory', - $logroot_mode = undef, - $log_level = undef, - $access_log = true, - $access_log_file = false, - $access_log_pipe = false, - $access_log_syslog = false, - $access_log_format = false, - $access_log_env_var = false, - $access_logs = undef, - $aliases = undef, - $directories = undef, - $error_log = true, - $error_log_file = undef, - $error_log_pipe = undef, - $error_log_syslog = undef, - $error_documents = [], - $fallbackresource = undef, - $scriptalias = undef, - $scriptaliases = [], - $proxy_dest = undef, - $proxy_dest_match = undef, - $proxy_dest_reverse_match = undef, - $proxy_pass = undef, - $proxy_pass_match = undef, - $suphp_addhandler = $::apache::params::suphp_addhandler, - $suphp_engine = $::apache::params::suphp_engine, - $suphp_configpath = $::apache::params::suphp_configpath, - $php_flags = {}, - $php_values = {}, - $php_admin_flags = {}, - $php_admin_values = {}, - $no_proxy_uris = [], - $no_proxy_uris_match = [], - $proxy_preserve_host = false, - $proxy_error_override = false, - $redirect_source = '/', - $redirect_dest = undef, - $redirect_status = undef, - $redirectmatch_status = undef, - $redirectmatch_regexp = undef, - $redirectmatch_dest = undef, - $rack_base_uris = undef, - $headers = undef, - $request_headers = undef, - $rewrites = undef, - $rewrite_base = undef, - $rewrite_rule = undef, - $rewrite_cond = undef, - $setenv = [], - $setenvif = [], - $block = [], - $ensure = 'present', - $wsgi_application_group = undef, - $wsgi_daemon_process = undef, - $wsgi_daemon_process_options = undef, - $wsgi_import_script = undef, - $wsgi_import_script_options = undef, - $wsgi_process_group = undef, - $wsgi_script_aliases = undef, - $wsgi_pass_authorization = undef, - $wsgi_chunked_request = undef, - $custom_fragment = undef, - $itk = undef, - $action = undef, - $fastcgi_server = undef, - $fastcgi_socket = undef, - $fastcgi_dir = undef, - $additional_includes = [], - $apache_version = $::apache::apache_version, - $allow_encoded_slashes = undef, - $suexec_user_group = undef, - $passenger_app_root = undef, - $passenger_app_env = undef, - $passenger_ruby = undef, - $passenger_min_instances = undef, - $passenger_start_timeout = undef, - $passenger_pre_start = undef, - $add_default_charset = undef, - $modsec_disable_vhost = undef, - $modsec_disable_ids = undef, - $modsec_disable_ips = undef, - $modsec_body_limit = undef, -) { - # The base class must be included first because it is used by parameter defaults - if ! defined(Class['apache']) { - fail('You must include the apache base class before using any apache defined resources') - } - - $apache_name = $::apache::apache_name - - validate_re($ensure, '^(present|absent)$', - "${ensure} is not supported for ensure. - Allowed values are 'present' and 'absent'.") - validate_re($suphp_engine, '^(on|off)$', - "${suphp_engine} is not supported for suphp_engine. - Allowed values are 'on' and 'off'.") - validate_bool($ip_based) - validate_bool($access_log) - validate_bool($error_log) - validate_bool($ssl) - validate_bool($default_vhost) - validate_bool($ssl_proxyengine) - if $rewrites { - validate_array($rewrites) - validate_hash($rewrites[0]) - } - - # Input validation begins - - if $suexec_user_group { - validate_re($suexec_user_group, '^\w+ \w+$', - "${suexec_user_group} is not supported for suexec_user_group. Must be 'user group'.") - } - - if $wsgi_pass_authorization { - validate_re(downcase($wsgi_pass_authorization), '^(on|off)$', - "${wsgi_pass_authorization} is not supported for wsgi_pass_authorization. - Allowed values are 'on' and 'off'.") - } - - # Deprecated backwards-compatibility - if $rewrite_base { - warning('Apache::Vhost: parameter rewrite_base is deprecated in favor of rewrites') - } - if $rewrite_rule { - warning('Apache::Vhost: parameter rewrite_rule is deprecated in favor of rewrites') - } - if $rewrite_cond { - warning('Apache::Vhost parameter rewrite_cond is deprecated in favor of rewrites') - } - - if $wsgi_script_aliases { - validate_hash($wsgi_script_aliases) - } - if $wsgi_daemon_process_options { - validate_hash($wsgi_daemon_process_options) - } - if $wsgi_import_script_options { - validate_hash($wsgi_import_script_options) - } - if $itk { - validate_hash($itk) - } - - validate_re($logroot_ensure, '^(directory|absent)$', - "${logroot_ensure} is not supported for logroot_ensure. - Allowed values are 'directory' and 'absent'.") - - if $log_level { - validate_apache_log_level($log_level) - } - - if $access_log_file and $access_log_pipe { - fail("Apache::Vhost[${name}]: 'access_log_file' and 'access_log_pipe' cannot be defined at the same time") - } - - if $error_log_file and $error_log_pipe { - fail("Apache::Vhost[${name}]: 'error_log_file' and 'error_log_pipe' cannot be defined at the same time") - } - - if $fallbackresource { - validate_re($fallbackresource, '^/|disabled', 'Please make sure fallbackresource starts with a / (or is "disabled")') - } - - if $custom_fragment { - validate_string($custom_fragment) - } - - if $allow_encoded_slashes { - validate_re($allow_encoded_slashes, '(^on$|^off$|^nodecode$)', "${allow_encoded_slashes} is not permitted for allow_encoded_slashes. Allowed values are 'on', 'off' or 'nodecode'.") - } - - # Input validation ends - - if $ssl and $ensure == 'present' { - include ::apache::mod::ssl - # Required for the AddType lines. - include ::apache::mod::mime - } - - if $virtual_docroot { - include ::apache::mod::vhost_alias - } - - if $wsgi_daemon_process { - include ::apache::mod::wsgi - } - - if $suexec_user_group { - include ::apache::mod::suexec - } - - if $passenger_app_root or $passenger_app_env or $passenger_ruby or $passenger_min_instances or $passenger_start_timeout or $passenger_pre_start { - include ::apache::mod::passenger - } - - # Configure the defaultness of a vhost - if $priority { - $priority_real = "${priority}-" - } elsif $priority == false { - $priority_real = '' - } elsif $default_vhost { - $priority_real = '10-' - } else { - $priority_real = '25-' - } - - ## Apache include does not always work with spaces in the filename - $filename = regsubst($name, ' ', '_', 'G') - - # This ensures that the docroot exists - # But enables it to be specified across multiple vhost resources - if ! defined(File[$docroot]) and $manage_docroot { - file { $docroot: - ensure => directory, - owner => $docroot_owner, - group => $docroot_group, - mode => $docroot_mode, - require => Package['httpd'], - before => Concat["${priority_real}${filename}.conf"], - } - } - - # Same as above, but for logroot - if ! defined(File[$logroot]) { - file { $logroot: - ensure => $logroot_ensure, - mode => $logroot_mode, - require => Package['httpd'], - before => Concat["${priority_real}${filename}.conf"], - } - } - - - # Is apache::mod::passenger enabled (or apache::mod['passenger']) - $passenger_enabled = defined(Apache::Mod['passenger']) - - # Is apache::mod::shib enabled (or apache::mod['shib2']) - $shibboleth_enabled = defined(Apache::Mod['shib2']) - - if $access_log and !$access_logs { - if $access_log_file { - $_logs_dest = "${logroot}/${access_log_file}" - } elsif $access_log_pipe { - $_logs_dest = $access_log_pipe - } elsif $access_log_syslog { - $_logs_dest = $access_log_syslog - } else { - $_logs_dest = undef - } - $_access_logs = [{ - 'file' => $access_log_file, - 'pipe' => $access_log_pipe, - 'syslog' => $access_log_syslog, - 'format' => $access_log_format, - 'env' => $access_log_env_var - }] - } elsif $access_logs { - if !is_array($access_logs) { - fail("Apache::Vhost[${name}]: access_logs must be an array of hashes") - } - $_access_logs = $access_logs - } - - if $error_log_file { - $error_log_destination = "${logroot}/${error_log_file}" - } elsif $error_log_pipe { - $error_log_destination = $error_log_pipe - } elsif $error_log_syslog { - $error_log_destination = $error_log_syslog - } else { - if $ssl { - $error_log_destination = "${logroot}/${name}_error_ssl.log" - } else { - $error_log_destination = "${logroot}/${name}_error.log" - } - } - - if $ip { - if $port { - $listen_addr_port = "${ip}:${port}" - $nvh_addr_port = "${ip}:${port}" - } else { - $listen_addr_port = undef - $nvh_addr_port = $ip - if ! $servername and ! $ip_based { - fail("Apache::Vhost[${name}]: must pass 'ip' and/or 'port' parameters for name-based vhosts") - } - } - } else { - if $port { - $listen_addr_port = $port - $nvh_addr_port = "${vhost_name}:${port}" - } else { - $listen_addr_port = undef - $nvh_addr_port = $name - if ! $servername { - fail("Apache::Vhost[${name}]: must pass 'ip' and/or 'port' parameters, and/or 'servername' parameter") - } - } - } - if $add_listen { - if $ip and defined(Apache::Listen["${port}"]) { - fail("Apache::Vhost[${name}]: Mixing IP and non-IP Listen directives is not possible; check the add_listen parameter of the apache::vhost define to disable this") - } - if ! defined(Apache::Listen["${listen_addr_port}"]) and $listen_addr_port and $ensure == 'present' { - ::apache::listen { "${listen_addr_port}": } - } - } - if ! $ip_based { - if ! defined(Apache::Namevirtualhost[$nvh_addr_port]) and $ensure == 'present' and (versioncmp($apache_version, '2.4') < 0) { - ::apache::namevirtualhost { $nvh_addr_port: } - } - } - - # Load mod_rewrite if needed and not yet loaded - if $rewrites or $rewrite_cond { - if ! defined(Class['apache::mod::rewrite']) { - include ::apache::mod::rewrite - } - } - - # Load mod_alias if needed and not yet loaded - if ($scriptalias or $scriptaliases != []) or ($redirect_source and $redirect_dest) { - if ! defined(Class['apache::mod::alias']) and ($ensure == 'present') { - include ::apache::mod::alias - } - } - - # Load mod_proxy if needed and not yet loaded - if ($proxy_dest or $proxy_pass or $proxy_pass_match or $proxy_dest_match) { - if ! defined(Class['apache::mod::proxy']) { - include ::apache::mod::proxy - } - if ! defined(Class['apache::mod::proxy_http']) { - include ::apache::mod::proxy_http - } - } - - # Load mod_passenger if needed and not yet loaded - if $rack_base_uris { - if ! defined(Class['apache::mod::passenger']) { - include ::apache::mod::passenger - } - } - - # Load mod_fastci if needed and not yet loaded - if $fastcgi_server and $fastcgi_socket { - if ! defined(Class['apache::mod::fastcgi']) { - include ::apache::mod::fastcgi - } - } - - # Check if mod_headers is required to process $headers/$request_headers - if $headers or $request_headers { - if ! defined(Class['apache::mod::headers']) { - include ::apache::mod::headers - } - } - - if ($setenv and ! empty($setenv)) or ($setenvif and ! empty($setenvif)) { - if ! defined(Class['apache::mod::setenvif']) { - include ::apache::mod::setenvif - } - } - - ## Create a default directory list if none defined - if $directories { - if !is_hash($directories) and !(is_array($directories) and is_hash($directories[0])) { - fail("Apache::Vhost[${name}]: 'directories' must be either a Hash or an Array of Hashes") - } - $_directories = $directories - } else { - $_directory = { - provider => 'directory', - path => $docroot, - options => $options, - allow_override => $override, - directoryindex => $directoryindex, - } - - if versioncmp($apache_version, '2.4') >= 0 { - $_directory_version = { - require => 'all granted', - } - } else { - $_directory_version = { - order => 'allow,deny', - allow => 'from all', - } - } - - $_directories = [ merge($_directory, $_directory_version) ] - } - - ## Create a global LocationMatch if locations aren't defined - if $modsec_disable_ids { - if is_hash($modsec_disable_ids) { - $_modsec_disable_ids = $modsec_disable_ids - } elsif is_array($modsec_disable_ids) { - $_modsec_disable_ids = { '.*' => $modsec_disable_ids } - } else { - fail("Apache::Vhost[${name}]: 'modsec_disable_ids' must be either a Hash of location/IDs or an Array of IDs") - } - } - - concat { "${priority_real}${filename}.conf": - ensure => $ensure, - path => "${::apache::vhost_dir}/${priority_real}${filename}.conf", - owner => 'root', - group => $::apache::params::root_group, - mode => '0644', - order => 'numeric', - require => Package['httpd'], - notify => Class['apache::service'], - } - if $::apache::vhost_enable_dir { - $vhost_enable_dir = $::apache::vhost_enable_dir - $vhost_symlink_ensure = $ensure ? { - present => link, - default => $ensure, - } - file{ "${priority_real}${filename}.conf symlink": - ensure => $vhost_symlink_ensure, - path => "${vhost_enable_dir}/${priority_real}${filename}.conf", - target => "${::apache::vhost_dir}/${priority_real}${filename}.conf", - owner => 'root', - group => $::apache::params::root_group, - mode => '0644', - require => Concat["${priority_real}${filename}.conf"], - notify => Class['apache::service'], - } - } - - # Template uses: - # - $nvh_addr_port - # - $servername - # - $serveradmin - concat::fragment { "${name}-apache-header": - target => "${priority_real}${filename}.conf", - order => 0, - content => template('apache/vhost/_file_header.erb'), - } - - # Template uses: - # - $virtual_docroot - # - $docroot - concat::fragment { "${name}-docroot": - target => "${priority_real}${filename}.conf", - order => 10, - content => template('apache/vhost/_docroot.erb'), - } - - # Template uses: - # - $aliases - if $aliases and ! empty($aliases) { - concat::fragment { "${name}-aliases": - target => "${priority_real}${filename}.conf", - order => 20, - content => template('apache/vhost/_aliases.erb'), - } - } - - # Template uses: - # - $itk - # - $::kernelversion - if $itk and ! empty($itk) { - concat::fragment { "${name}-itk": - target => "${priority_real}${filename}.conf", - order => 30, - content => template('apache/vhost/_itk.erb'), - } - } - - # Template uses: - # - $fallbackresource - if $fallbackresource { - concat::fragment { "${name}-fallbackresource": - target => "${priority_real}${filename}.conf", - order => 40, - content => template('apache/vhost/_fallbackresource.erb'), - } - } - - # Template uses: - # - $allow_encoded_slashes - if $allow_encoded_slashes { - concat::fragment { "${name}-allow_encoded_slashes": - target => "${priority_real}${filename}.conf", - order => 50, - content => template('apache/vhost/_allow_encoded_slashes.erb'), - } - } - - # Template uses: - # - $_directories - # - $docroot - # - $apache_version - # - $suphp_engine - # - $shibboleth_enabled - if $_directories and ! empty($_directories) { - concat::fragment { "${name}-directories": - target => "${priority_real}${filename}.conf", - order => 60, - content => template('apache/vhost/_directories.erb'), - } - } - - # Template uses: - # - $additional_includes - if $additional_includes and ! empty($additional_includes) { - concat::fragment { "${name}-additional_includes": - target => "${priority_real}${filename}.conf", - order => 70, - content => template('apache/vhost/_additional_includes.erb'), - } - } - - # Template uses: - # - $error_log - # - $log_level - # - $error_log_destination - # - $log_level - if $error_log or $log_level { - concat::fragment { "${name}-logging": - target => "${priority_real}${filename}.conf", - order => 80, - content => template('apache/vhost/_logging.erb'), - } - } - - # Template uses no variables - concat::fragment { "${name}-serversignature": - target => "${priority_real}${filename}.conf", - order => 90, - content => template('apache/vhost/_serversignature.erb'), - } - - # Template uses: - # - $access_log - # - $_access_log_env_var - # - $access_log_destination - # - $_access_log_format - # - $_access_log_env_var - # - $access_logs - if $access_log or $access_logs { - concat::fragment { "${name}-access_log": - target => "${priority_real}${filename}.conf", - order => 100, - content => template('apache/vhost/_access_log.erb'), - } - } - - # Template uses: - # - $action - if $action { - concat::fragment { "${name}-action": - target => "${priority_real}${filename}.conf", - order => 110, - content => template('apache/vhost/_action.erb'), - } - } - - # Template uses: - # - $block - # - $apache_version - if $block and ! empty($block) { - concat::fragment { "${name}-block": - target => "${priority_real}${filename}.conf", - order => 120, - content => template('apache/vhost/_block.erb'), - } - } - - # Template uses: - # - $error_documents - if $error_documents and ! empty($error_documents) { - concat::fragment { "${name}-error_document": - target => "${priority_real}${filename}.conf", - order => 130, - content => template('apache/vhost/_error_document.erb'), - } - } - - # Template uses: - # - $proxy_dest - # - $proxy_pass - # - $proxy_pass_match - # - $proxy_preserve_host - # - $no_proxy_uris - if $proxy_dest or $proxy_pass or $proxy_pass_match { - concat::fragment { "${name}-proxy": - target => "${priority_real}${filename}.conf", - order => 140, - content => template('apache/vhost/_proxy.erb'), - } - } - - # Template uses: - # - $rack_base_uris - if $rack_base_uris { - concat::fragment { "${name}-rack": - target => "${priority_real}${filename}.conf", - order => 150, - content => template('apache/vhost/_rack.erb'), - } - } - - # Template uses: - # - $redirect_source - # - $redirect_dest - # - $redirect_status - # - $redirect_dest_a - # - $redirect_source_a - # - $redirect_status_a - # - $redirectmatch_status - # - $redirectmatch_regexp - # - $redirectmatch_dest - # - $redirectmatch_status_a - # - $redirectmatch_regexp_a - # - $redirectmatch_dest - if ($redirect_source and $redirect_dest) or ($redirectmatch_status and $redirectmatch_regexp and $redirectmatch_dest) { - concat::fragment { "${name}-redirect": - target => "${priority_real}${filename}.conf", - order => 160, - content => template('apache/vhost/_redirect.erb'), - } - } - - # Template uses: - # - $rewrites - # - $rewrite_base - # - $rewrite_rule - # - $rewrite_cond - # - $rewrite_map - if $rewrites or $rewrite_rule { - concat::fragment { "${name}-rewrite": - target => "${priority_real}${filename}.conf", - order => 170, - content => template('apache/vhost/_rewrite.erb'), - } - } - - # Template uses: - # - $scriptaliases - # - $scriptalias - if ( $scriptalias or $scriptaliases != [] ) { - concat::fragment { "${name}-scriptalias": - target => "${priority_real}${filename}.conf", - order => 180, - content => template('apache/vhost/_scriptalias.erb'), - } - } - - # Template uses: - # - $serveraliases - if $serveraliases and ! empty($serveraliases) { - concat::fragment { "${name}-serveralias": - target => "${priority_real}${filename}.conf", - order => 190, - content => template('apache/vhost/_serveralias.erb'), - } - } - - # Template uses: - # - $setenv - # - $setenvif - if ($setenv and ! empty($setenv)) or ($setenvif and ! empty($setenvif)) { - concat::fragment { "${name}-setenv": - target => "${priority_real}${filename}.conf", - order => 200, - content => template('apache/vhost/_setenv.erb'), - } - } - - # Template uses: - # - $ssl - # - $ssl_cert - # - $ssl_key - # - $ssl_chain - # - $ssl_certs_dir - # - $ssl_ca - # - $ssl_crl_path - # - $ssl_crl - # - $ssl_crl_check - # - $ssl_proxyengine - # - $ssl_protocol - # - $ssl_cipher - # - $ssl_honorcipherorder - # - $ssl_verify_client - # - $ssl_verify_depth - # - $ssl_options - # - $apache_version - if $ssl { - concat::fragment { "${name}-ssl": - target => "${priority_real}${filename}.conf", - order => 210, - content => template('apache/vhost/_ssl.erb'), - } - } - - # Template uses: - # - $suphp_engine - # - $suphp_addhandler - # - $suphp_configpath - if $suphp_engine == 'on' { - concat::fragment { "${name}-suphp": - target => "${priority_real}${filename}.conf", - order => 220, - content => template('apache/vhost/_suphp.erb'), - } - } - - # Template uses: - # - $php_values - # - $php_flags - if ($php_values and ! empty($php_values)) or ($php_flags and ! empty($php_flags)) { - concat::fragment { "${name}-php": - target => "${priority_real}${filename}.conf", - order => 220, - content => template('apache/vhost/_php.erb'), - } - } - - # Template uses: - # - $php_admin_values - # - $php_admin_flags - if ($php_admin_values and ! empty($php_admin_values)) or ($php_admin_flags and ! empty($php_admin_flags)) { - concat::fragment { "${name}-php_admin": - target => "${priority_real}${filename}.conf", - order => 230, - content => template('apache/vhost/_php_admin.erb'), - } - } - - # Template uses: - # - $headers - if $headers and ! empty($headers) { - concat::fragment { "${name}-header": - target => "${priority_real}${filename}.conf", - order => 240, - content => template('apache/vhost/_header.erb'), - } - } - - # Template uses: - # - $request_headers - if $request_headers and ! empty($request_headers) { - concat::fragment { "${name}-requestheader": - target => "${priority_real}${filename}.conf", - order => 250, - content => template('apache/vhost/_requestheader.erb'), - } - } - - # Template uses: - # - $wsgi_application_group - # - $wsgi_daemon_process - # - $wsgi_daemon_process_options - # - $wsgi_import_script - # - $wsgi_import_script_options - # - $wsgi_process_group - # - $wsgi_script_aliases - # - $wsgi_pass_authorization - if $wsgi_application_group or $wsgi_daemon_process or ($wsgi_import_script and $wsgi_import_script_options) or $wsgi_process_group or ($wsgi_script_aliases and ! empty($wsgi_script_aliases)) or $wsgi_pass_authorization { - concat::fragment { "${name}-wsgi": - target => "${priority_real}${filename}.conf", - order => 260, - content => template('apache/vhost/_wsgi.erb'), - } - } - - # Template uses: - # - $custom_fragment - if $custom_fragment { - concat::fragment { "${name}-custom_fragment": - target => "${priority_real}${filename}.conf", - order => 270, - content => template('apache/vhost/_custom_fragment.erb'), - } - } - - # Template uses: - # - $fastcgi_server - # - $fastcgi_socket - # - $fastcgi_dir - # - $apache_version - if $fastcgi_server or $fastcgi_dir { - concat::fragment { "${name}-fastcgi": - target => "${priority_real}${filename}.conf", - order => 280, - content => template('apache/vhost/_fastcgi.erb'), - } - } - - # Template uses: - # - $suexec_user_group - if $suexec_user_group { - concat::fragment { "${name}-suexec": - target => "${priority_real}${filename}.conf", - order => 290, - content => template('apache/vhost/_suexec.erb'), - } - } - - # Template uses: - # - $passenger_app_root - # - $passenger_app_env - # - $passenger_ruby - # - $passenger_min_instances - # - $passenger_start_timeout - # - $passenger_pre_start - if $passenger_app_root or $passenger_app_env or $passenger_ruby or $passenger_min_instances or $passenger_start_timeout or $passenger_pre_start { - concat::fragment { "${name}-passenger": - target => "${priority_real}${filename}.conf", - order => 300, - content => template('apache/vhost/_passenger.erb'), - } - } - - # Template uses: - # - $add_default_charset - if $add_default_charset { - concat::fragment { "${name}-charsets": - target => "${priority_real}${filename}.conf", - order => 310, - content => template('apache/vhost/_charsets.erb'), - } - } - - # Template uses: - # - $modsec_disable_vhost - # - $modsec_disable_ids - # - $modsec_disable_ips - # - $modsec_body_limit - if $modsec_disable_vhost or $modsec_disable_ids or $modsec_disable_ips { - concat::fragment { "${name}-security": - target => "${priority_real}${filename}.conf", - order => 320, - content => template('apache/vhost/_security.erb') - } - } - - # Template uses no variables - concat::fragment { "${name}-file_footer": - target => "${priority_real}${filename}.conf", - order => 999, - content => template('apache/vhost/_file_footer.erb'), - } -}