X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fapache2%2Fmanifests%2Finit.pp;h=283ce50e9e77249e291268443b4ad0d7bd094a49;hb=f29271d22a9f346a558cd70d2e6deb97c7900016;hp=7875bd717dad6a29a0142cc57270bc881ff67d08;hpb=6aab9d318ed672e4f00bcede926050acc8b4843f;p=mirror%2Fdsa-puppet.git

diff --git a/modules/apache2/manifests/init.pp b/modules/apache2/manifests/init.pp
index 7875bd717..283ce50e9 100644
--- a/modules/apache2/manifests/init.pp
+++ b/modules/apache2/manifests/init.pp
@@ -6,7 +6,18 @@
 #
 #   include apache2
 #
-class apache2 {
+# @param smaller_number_of_threads by default the worker config is geared towards
+#                                  serving static/cheap content.  If the host is very
+#                                  script heavy (say the bug tracking system), set this
+#                                  to reduce the number of worker threads.
+# @param rlimitnproc A resource limit for number of processes.  The default is usually fine.
+# @param public Whether this host's apache should be accessible from the public internet.
+#               Sets appropriate firewall rules and optionally rate limits.
+class apache2(
+  Boolean $smaller_number_of_threads = false,
+  Integer $rlimitnproc = 256,
+  Boolean $public = true,
+) {
   include webserver
 
   package { 'apache2':
@@ -54,12 +65,6 @@ class apache2 {
   } else {
     $memlimit = 192 * 1024 * 1024
   }
-  # debbugs cgis like to fork and don't deal well with EAGAIN
-  if has_role('bugs_base') {
-    $proclimit = 450
-  } else {
-    $proclimit = 256
-  }
 
   apache2::config { 'resource-limits':
     content => template('apache2/resource-limits.erb'),
@@ -138,7 +143,7 @@ class apache2 {
     ensure => installed,
   }
 
-  if (! has_role('apache_not_public')) {
+  if $public {
     if has_role('apache_ratelimited') {
       include apache2::dynamic
     } else {