Merge branch 'fordsa' of https://git.adam-barratt.org.uk/git/mirror/dsa-puppet

author Julien Cristau <jcristau@debian.org>

Mon, 21 Oct 2019 12:19:42 +0000 (14:19 +0200)

committer Julien Cristau <jcristau@debian.org>

Mon, 21 Oct 2019 12:19:42 +0000 (14:19 +0200)
author Julien Cristau <jcristau@debian.org>
Mon, 21 Oct 2019 12:19:42 +0000 (14:19 +0200)
committer Julien Cristau <jcristau@debian.org>
Mon, 21 Oct 2019 12:19:42 +0000 (14:19 +0200)
diff --git a/data/common.yaml b/data/common.yaml

index 1197346..4cc1d20 100644 (file)
--- a/data/common.yaml
+++ b/data/common.yaml
@@ -32,6 +32,7 @@ roles::dns_primary::allow_access:
    - '2a01:3f0:0:28::25'
  postgres::backup_cluster::db_backup_role: 'debian-backup'
  postgres::backup_server::globals::backup_unix_user: 'debbackup'
+webserver::defaultpage::defaultdomain: 'default.debian.org'
  # bacula
  #
  bacula::email_all: 'bacula-reports@admin.debian.org'
diff --git a/modules/apache2/manifests/auth_digest.pp b/modules/apache2/manifests/auth_digest.pp

index 377d14d..565f450 100644 (file)
--- a/modules/apache2/manifests/auth_digest.pp
+++ b/modules/apache2/manifests/auth_digest.pp
@@ -1,3 +1,3 @@
  class apache2::auth_digest {
-       apache2::module { 'auth_digest': }
+  include apache2::module::auth_digest
  }
diff --git a/modules/apache2/manifests/authn_anon.pp b/modules/apache2/manifests/authn_anon.pp

index 2488cd9..28ff338 100644 (file)
--- a/modules/apache2/manifests/authn_anon.pp
+++ b/modules/apache2/manifests/authn_anon.pp
@@ -1,3 +1,3 @@
  class apache2::authn_anon {
-       apache2::module { 'authn_anon': }
+  include apache2::module::authn_anon
  }
diff --git a/modules/apache2/manifests/authn_file.pp b/modules/apache2/manifests/authn_file.pp

index 09b59f7..f9c5ae7 100644 (file)
--- a/modules/apache2/manifests/authn_file.pp
+++ b/modules/apache2/manifests/authn_file.pp
@@ -1,3 +1,3 @@
  class apache2::authn_file {
-  apache2::module { 'authn_file': }
+  include apache2::module::authn_file
  }
diff --git a/modules/apache2/manifests/config.pp b/modules/apache2/manifests/config.pp

index 13697cb..15238a9 100644 (file)
--- a/modules/apache2/manifests/config.pp
+++ b/modules/apache2/manifests/config.pp
@@ -1,51 +1,41 @@
+# Install and enable (or disable) an apache config snippet
+#
+# @param source  source of the apache conf file
+# @param content content of the apache conf file
+# @param ensure  present or absent
  define apache2::config (
-       $source=undef,
-       $content=undef,
-       $nocontentok=undef,
-       $ensure=present
+  Optional[String] $source = undef,
+  Optional[String] $content = undef,
+  Enum['present','absent'] $ensure = 'present',
  ) {
+  include apache2
  
-       include apache2
+  case $ensure {
+    present: {
+      if ! ($source or $content) {
+        fail ( "No configuration found for ${name}" )
+      }
+    }
+    absent:  {}
+    default: { fail ( "Unknown ensure value: ${ensure}" ) }
+  }
  
-       case $ensure {
-               present: {
-                       if ! ($source or $content or $nocontentok) {
-                               fail ( "No configuration found for ${name}" )
-                       }
+  file { "/etc/apache2/conf-available/${name}.conf":
+    ensure  => $ensure,
+    content => $content,
+    source  => $source,
+    require => Package['apache2'],
+    notify  => Exec['service apache2 reload'],
+  }
  
-                       if $content {
-                               file { "/etc/apache2/conf-available/${name}.conf":
-                                       ensure  => $ensure,
-                                       content => $content,
-                                       require => Package['apache2'],
-                                       notify  => Exec['service apache2 reload'],
-                               }
-                       } elsif $source {
-                               file { "/etc/apache2/conf-available/${name}.conf":
-                                       ensure  => $ensure,
-                                       source  => $source,
-                                       require => Package['apache2'],
-                                       notify  => Exec['service apache2 reload'],
-                               }
-                       }
-               }
-               absent:  {
-                       file { "/etc/apache2/conf-available/${name}.conf":
-                               ensure  => $ensure,
-                               require => Package['apache2'],
-                               notify  => Exec['service apache2 reload'],
-                       }
-               }
-               default: { fail ( "Unknown ensure value: '$ensure'" ) }
-       }
-       $link_ensure = $ensure ? {
-               present => link,
-               absent  => absent
-       }
+  $link_ensure = $ensure ? {
+    present => link,
+    absent  => absent
+  }
  
-       file { "/etc/apache2/conf-enabled/${name}.conf":
-               ensure => $link_ensure,
-               target => "../conf-available/${name}.conf",
-               notify  => Exec['service apache2 reload'],
-       }
+  file { "/etc/apache2/conf-enabled/${name}.conf":
+    ensure => $link_ensure,
+    target => "../conf-available/${name}.conf",
+    notify => Exec['service apache2 reload'],
+  }
  }
diff --git a/modules/apache2/manifests/expires.pp b/modules/apache2/manifests/expires.pp

index 6043994..1dc8a86 100644 (file)
--- a/modules/apache2/manifests/expires.pp
+++ b/modules/apache2/manifests/expires.pp
@@ -1,3 +1,3 @@
  class apache2::expires {
-       apache2::module { 'expires': }
+  include apache2::module::expires
  }
diff --git a/modules/apache2/manifests/module.pp b/modules/apache2/manifests/module.pp

index ff26ea6..e3cb3c5 100644 (file)
--- a/modules/apache2/manifests/module.pp
+++ b/modules/apache2/manifests/module.pp
@@ -1,19 +1,24 @@
-define apache2::module ($ensure = present) {
-       case $ensure {
-               present: {
-                       exec { "/usr/sbin/a2enmod ${name}":
-                               creates => "/etc/apache2/mods-enabled/${name}.load",
-                               require => Package['apache2'],
-                               notify  => Service['apache2']
-                       }
-               }
-               absent: {
-                       exec { "/usr/sbin/a2dismod ${name}":
-                               onlyif  => "test -L /etc/apache2/mods-enabled/${name}.load",
-                               require => Package['apache2'],
-                               notify  => Service['apache2']
-                       }
-               }
-               default: { fail ( "Unknown ensure value: '$ensure'" ) }
-       }
+# Enable an apache module
+#
+# @param ensure  present or absent
+define apache2::module (
+  Enum['present','absent'] $ensure = 'present',
+) {
+  case $ensure {
+    present: {
+      exec { "/usr/sbin/a2enmod ${name}":
+        creates => "/etc/apache2/mods-enabled/${name}.load",
+        require => Package['apache2'],
+        notify  => Service['apache2'],
+      }
+    }
+    absent: {
+      exec { "/usr/sbin/a2dismod ${name}":
+        onlyif  => "test -L /etc/apache2/mods-enabled/${name}.load",
+        require => Package['apache2'],
+        notify  => Service['apache2'],
+      }
+    }
+    default: { fail ( "Unknown ensure value: ${ensure}" ) }
+  }
  }
diff --git a/modules/apache2/manifests/module/auth_digest.pp b/modules/apache2/manifests/module/auth_digest.pp

new file mode 100644 (file)

index 0000000..6430aec
--- /dev/null
+++ b/modules/apache2/manifests/module/auth_digest.pp
@@ -0,0 +1,3 @@
+class apache2::module::auth_digest {
+  apache2::module { 'auth_digest': }
+}
diff --git a/modules/apache2/manifests/module/authn_anon.pp b/modules/apache2/manifests/module/authn_anon.pp

new file mode 100644 (file)

index 0000000..760c359
--- /dev/null
+++ b/modules/apache2/manifests/module/authn_anon.pp
@@ -0,0 +1,3 @@
+class apache2::module::authn_anon {
+  apache2::module { 'authn_anon': }
+}
diff --git a/modules/apache2/manifests/module/authn_file.pp b/modules/apache2/manifests/module/authn_file.pp

new file mode 100644 (file)

index 0000000..82033a1
--- /dev/null
+++ b/modules/apache2/manifests/module/authn_file.pp
@@ -0,0 +1,3 @@
+class apache2::module::authn_file {
+  apache2::module { 'authn_file': }
+}
diff --git a/modules/apache2/manifests/module/expires.pp b/modules/apache2/manifests/module/expires.pp

new file mode 100644 (file)

index 0000000..905deb7
--- /dev/null
+++ b/modules/apache2/manifests/module/expires.pp
@@ -0,0 +1,3 @@
+class apache2::module::expires {
+  apache2::module { 'expires': }
+}
diff --git a/modules/apache2/manifests/module/proxy_http.pp b/modules/apache2/manifests/module/proxy_http.pp

new file mode 100644 (file)

index 0000000..59d6f6e
--- /dev/null
+++ b/modules/apache2/manifests/module/proxy_http.pp
@@ -0,0 +1,3 @@
+class apache2::module::proxy_http {
+  apache2::module { 'proxy_http': }
+}
diff --git a/modules/apache2/manifests/module/rewrite.pp b/modules/apache2/manifests/module/rewrite.pp

new file mode 100644 (file)

index 0000000..cac209b
--- /dev/null
+++ b/modules/apache2/manifests/module/rewrite.pp
@@ -0,0 +1,3 @@
+class apache2::module::rewrite {
+  apache2::module { 'rewrite': }
+}
diff --git a/modules/apache2/manifests/module/ssl.pp b/modules/apache2/manifests/module/ssl.pp

new file mode 100644 (file)

index 0000000..8828cba
--- /dev/null
+++ b/modules/apache2/manifests/module/ssl.pp
@@ -0,0 +1,3 @@
+class apache2::module::ssl {
+  apache2::module { 'ssl': }
+}
diff --git a/modules/apache2/manifests/proxy_http.pp b/modules/apache2/manifests/proxy_http.pp

index 33b9f2c..df15ab4 100644 (file)
--- a/modules/apache2/manifests/proxy_http.pp
+++ b/modules/apache2/manifests/proxy_http.pp
@@ -1,3 +1,3 @@
  class apache2::proxy_http {
-       apache2::module { 'proxy_http': }
+  include apache2::module::proxy_http
  }
diff --git a/modules/apache2/manifests/rewrite.pp b/modules/apache2/manifests/rewrite.pp

index 58b8b08..a097ccf 100644 (file)
--- a/modules/apache2/manifests/rewrite.pp
+++ b/modules/apache2/manifests/rewrite.pp
@@ -1,3 +1,3 @@
  class apache2::rewrite {
-       apache2::module { 'rewrite': }
+  include apache2::module::rewrite
  }
diff --git a/modules/apache2/manifests/site.pp b/modules/apache2/manifests/site.pp

index dc9b1ce..b847c22 100644 (file)
--- a/modules/apache2/manifests/site.pp
+++ b/modules/apache2/manifests/site.pp
@@ -1,68 +1,40 @@
+# Install and enable an apache site
+#
+# @param source  source of the apache vhost file
+# @param content content of the apache vhost file
+# @param ensure  present or absent
+# @param site    site name
  define apache2::site (
-       $source=undef,
-       $content=undef,
-       $ensure=present,
-       $site=undef
+  Optional[String] $source = undef,
+  Optional[String] $content = undef,
+  Enum['present','absent'] $ensure = 'present',
+  String $site = $name
  ) {
-
-       include apache2
-
-       case $ensure {
-               present: {
-                       if ! ($source or $content) {
-                               fail ( "No configuration found for ${name}" )
-                       }
-               }
-               absent:  {}
-               default: { fail ( "Unknown ensure value: '$ensure'" ) }
-       }
-
-       if $site {
-               $base = $site
-       } else {
-               $base = $name
-       }
-
-       $target = "/etc/apache2/sites-available/${base}"
-
-       $link_target = $ensure ? {
-               present => $target,
-               absent  => absent
-       }
-
-       if $content {
-               file { $target:
-                       ensure  => $ensure,
-                       content => $content,
-                       require => Package['apache2'],
-                       notify  => Exec['service apache2 reload'],
-               }
-       } else {
-               file { $target:
-                       ensure  => $ensure,
-                       source  => $source,
-                       require => Package['apache2'],
-                       notify  => Exec['service apache2 reload'],
-               }
-       }
-
-       $symlink = "/etc/apache2/sites-enabled/${name}.conf"
-
-       file { "/etc/apache2/sites-enabled/${name}":
-               ensure => absent,
-               notify  => Exec['service apache2 reload'],
-       }
-
-       if $ensure == present {
-               file { $symlink:
-                       ensure => link,
-                       target => $link_target,
-                       notify  => Exec['service apache2 reload'],
-               }
-       } else {
-               file { $symlink:
-                       ensure => absent,
-                       notify  => Exec['service apache2 reload'],
-               }
-       }
+  include apache2
+
+  if $ensure == 'present' {
+    if ! ($source or $content) {
+      fail ( "No configuration (source or content) found for ${name}" )
+    }
+  }
+
+  $target = "/etc/apache2/sites-available/${site}"
+  $symlink = "/etc/apache2/sites-enabled/${name}.conf"
+  $link_ensure = $ensure ? {
+    present => link,
+    absent  => absent,
+  }
+
+  file { $target:
+    ensure  => $ensure,
+    content => $content,
+    source  => $source,
+    require => Package['apache2'],
+    notify  => Exec['service apache2 reload'],
+  }
+  file { $symlink:
+    ensure => $link_ensure,
+    target => $target,
+    notify => Exec['service apache2 reload'],
+  }
  }
diff --git a/modules/apache2/manifests/ssl.pp b/modules/apache2/manifests/ssl.pp

index 4bf9d4c..21a5c17 100644 (file)
--- a/modules/apache2/manifests/ssl.pp
+++ b/modules/apache2/manifests/ssl.pp
@@ -1,3 +1,3 @@
  class apache2::ssl {
-       apache2::module { 'ssl': }
+  include apache2::module::ssl
  }
diff --git a/modules/webserver/manifests/defaultpage.pp b/modules/webserver/manifests/defaultpage.pp

index 29c7e05..0d6d895 100644 (file)
--- a/modules/webserver/manifests/defaultpage.pp
+++ b/modules/webserver/manifests/defaultpage.pp
@@ -1,15 +1,19 @@
+# Install default website content
  #
-class webserver::defaultpage {
-       file { [ '/srv/www', '/srv/www/default.debian.org', '/srv/www/default.debian.org/htdocs', '/srv/www/default.debian.org/htdocs-disabled' ]:
-               ensure  => directory,
-               mode    => '0755',
-       }
+# @param defaultdomain domain name of the default page, to create directory under /srv/www
+class webserver::defaultpage (
+  String $defaultdomain,
+) {
+  file { [ '/srv/www', "/srv/www/${defaultdomain}", "/srv/www/${defaultdomain}/htdocs", "/srv/www/${defaultdomain}/htdocs-disabled" ]:
+    ensure => directory,
+    mode   => '0755',
+  }
  
-       file { '/srv/www/default.debian.org/htdocs/index.html':
-               content => template('webserver/default-index.html'),
-       }
+  file { "/srv/www/${defaultdomain}/htdocs/index.html":
+    content => template('webserver/default-index.html'),
+  }
  
-       file { '/srv/www/default.debian.org/htdocs-disabled/index.html':
-               content => template('webserver/disabled-index.html'),
-       }
+  file { "/srv/www/${defaultdomain}/htdocs-disabled/index.html":
+    content => template('webserver/disabled-index.html'),
+  }
  }
diff --git a/modules/webserver/manifests/init.pp b/modules/webserver/manifests/init.pp

index e5b9140..1a7844a 100644 (file)
--- a/modules/webserver/manifests/init.pp
+++ b/modules/webserver/manifests/init.pp
@@ -1,4 +1,5 @@
+# base webserver class.  Currently only ships a default page
  #
  class webserver {
-       include webserver::defaultpage
+  include webserver::defaultpage
  }
author	Julien Cristau <jcristau@debian.org>
	Mon, 21 Oct 2019 12:19:42 +0000 (14:19 +0200)
committer	Julien Cristau <jcristau@debian.org>
	Mon, 21 Oct 2019 12:19:42 +0000 (14:19 +0200)
data/common.yaml		patch \| blob \| history
modules/apache2/manifests/auth_digest.pp		patch \| blob \| history
modules/apache2/manifests/authn_anon.pp		patch \| blob \| history
modules/apache2/manifests/authn_file.pp		patch \| blob \| history
modules/apache2/manifests/config.pp		patch \| blob \| history
modules/apache2/manifests/expires.pp		patch \| blob \| history
modules/apache2/manifests/module.pp		patch \| blob \| history
modules/apache2/manifests/module/auth_digest.pp	[new file with mode: 0644]	patch \| blob
modules/apache2/manifests/module/authn_anon.pp	[new file with mode: 0644]	patch \| blob
modules/apache2/manifests/module/authn_file.pp	[new file with mode: 0644]	patch \| blob
modules/apache2/manifests/module/expires.pp	[new file with mode: 0644]	patch \| blob
modules/apache2/manifests/module/proxy_http.pp	[new file with mode: 0644]	patch \| blob
modules/apache2/manifests/module/rewrite.pp	[new file with mode: 0644]	patch \| blob
modules/apache2/manifests/module/ssl.pp	[new file with mode: 0644]	patch \| blob
modules/apache2/manifests/proxy_http.pp		patch \| blob \| history
modules/apache2/manifests/rewrite.pp		patch \| blob \| history
modules/apache2/manifests/site.pp		patch \| blob \| history
modules/apache2/manifests/ssl.pp		patch \| blob \| history
modules/webserver/manifests/defaultpage.pp		patch \| blob \| history
modules/webserver/manifests/init.pp		patch \| blob \| history