confdroid/confdroid_apache
3
0
Fork 0
Code Issues Projects Wiki Activity

adjust Parameter types, Jenkinsfile and Readme

Browse Source
This commit is contained in:
Arne Teuke
2025-05-06 14:51:28 +02:00
parent 707feab6c9
commit 12303c67e4
33 changed files with 300 additions and 4939 deletions
Download Patch File Download Diff File Expand all files Collapse all files

260
manifests/server/dirs.pp
View File

@@ -1,218 +1,198 @@
## cd_apache::server::dirs.pp
# Module name: cd_apache
# Author: Arne Teuke (arne_teuke@confdroid.com)
# License:
# This file is part of cd_apache.
#
# cd_apache is used for providing automatic configuration of
# Apache Webserver.
# Copyright (C) 2014 confdroid (copyright@confdroid.com)
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# @summary Manage all aspects of the directory structure required for the
# httpd service.
##############################################################################
class cd_apache::server::dirs (
) inherits cd_apache::params {
require cd_apache::server::user
if $ae_manage_dirs == true {
# create main dir
file { $ae_main_dir:
ensure => directory,
path => $ae_main_dir,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
ensure => directory,
path => $ae_main_dir,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
}
# conf dir
file { $ae_conf_dir:
ensure => directory,
path => $ae_conf_dir,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
ensure => directory,
path => $ae_conf_dir,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
}
# conf.d dir
file { $ae_conf_d_dir:
ensure => directory,
path => $ae_conf_d_dir,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
ensure => directory,
path => $ae_conf_d_dir,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
}
# conf.modules.d
file { $ae_conf_mods_d:
ensure => directory,
path => $ae_conf_mods_d,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
ensure => directory,
path => $ae_conf_mods_d,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
}
# /var/log/httpd
file { $ae_var_logs_dir:
ensure => directory,
path => $ae_var_logs_dir,
owner => 'root',
group => 'root',
mode => '0700',
selrange => s0,
selrole => object_r,
seltype => httpd_log_t,
seluser => system_u,
ensure => directory,
path => $ae_var_logs_dir,
owner => 'root',
group => 'root',
mode => '0700',
selrange => s0,
selrole => object_r,
seltype => httpd_log_t,
seluser => system_u,
}
# logs dir link
file { $ae_logs_dir:
ensure => link,
path => $ae_logs_dir,
target => $ae_var_logs_dir,
owner => 'root',
group => 'root',
mode => '0777',
selrange => s0,
selrole => object_r,
seltype => httpd_log_t,
seluser => system_u,
ensure => link,
path => $ae_logs_dir,
target => $ae_var_logs_dir,
owner => 'root',
group => 'root',
mode => '0777',
selrange => s0,
selrole => object_r,
seltype => httpd_log_t,
seluser => system_u,
}
# /usr/lib/httpd
file { $ae_usr_lib_dir:
ensure => directory,
path => $ae_usr_lib_dir,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => httpd_modules_t,
seluser => system_u,
ensure => directory,
path => $ae_usr_lib_dir,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => httpd_modules_t,
seluser => system_u,
}
# mods dir
file { $ae_usr_mods_dir:
ensure => directory,
path => $ae_usr_mods_dir,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => httpd_modules_t,
seluser => system_u,
ensure => directory,
path => $ae_usr_mods_dir,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => httpd_modules_t,
seluser => system_u,
}
# logs dir link
file { $ae_mods_dir:
ensure => link,
path => $ae_mods_dir,
target => $ae_usr_mods_dir,
owner => 'root',
group => 'root',
mode => '0777',
selrange => s0,
selrole => object_r,
seltype => httpd_modules_t,
seluser => system_u,
ensure => link,
path => $ae_mods_dir,
target => $ae_usr_mods_dir,
owner => 'root',
group => 'root',
mode => '0777',
selrange => s0,
selrole => object_r,
seltype => httpd_modules_t,
seluser => system_u,
}
# run dir
file { $ae_run_dir:
ensure => directory,
path => $ae_run_dir,
owner => 'root',
group => $ae_user_name,
mode => '0710',
selrange => s0,
selrole => object_r,
seltype => httpd_var_run_t,
seluser => system_u,
ensure => directory,
path => $ae_run_dir,
owner => 'root',
group => $ae_user_name,
mode => '0710',
selrange => s0,
selrole => object_r,
seltype => httpd_var_run_t,
seluser => system_u,
}
# run link
file { $ae_run_link:
ensure => link,
path => $ae_run_link,
target => $ae_run_dir,
owner => 'root',
group => 'root',
mode => '0777',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
ensure => link,
path => $ae_run_link,
target => $ae_run_dir,
owner => 'root',
group => 'root',
mode => '0777',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
}
# /usr/share/httpd dir
file { $ae_share_httpd:
ensure => directory,
path => $ae_share_httpd,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => usr_t,
seluser => system_u,
ensure => directory,
path => $ae_share_httpd,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => usr_t,
seluser => system_u,
}
# /var/cache/httpd
file { $ae_cache_httpd:
ensure => directory,
path => $ae_cache_httpd,
owner => $ae_user_name,
group => $ae_user_name,
mode => '0700',
selrange => s0,
selrole => object_r,
seltype => httpd_cache_t,
seluser => system_u,
ensure => directory,
path => $ae_cache_httpd,
owner => $ae_user_name,
group => $ae_user_name,
mode => '0700',
selrange => s0,
selrole => object_r,
seltype => httpd_cache_t,
seluser => system_u,
}
}
}

174
manifests/server/files.pp
View File

@@ -1,132 +1,110 @@
## cd_apache::server::files.pp
# Module name: cd_apache
# Author: Arne Teuke (arne_teuke@confdroid.com)
# License:
# This file is part of cd_apache.
#
# cd_apache is used for providing automatic configuration of
# Apache Webserver.
# Copyright (C) 2014 confdroid (copyright@confdroid.com)
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# @summary Manage all aspects for the httpd configuration, if enabled.
##############################################################################
class cd_apache::server::files (
) inherits cd_apache::params {
require cd_apache::server::dirs
if $ae_manage_cfg == true {
# manage main config file
file { $ae_conf_file:
ensure => file,
path => $ae_conf_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ae_conf_file_erb),
notify => Service['httpd'],
file { $ae_conf_file:
ensure => file,
path => $ae_conf_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ae_conf_file_erb),
notify => Service['httpd'],
}
# manage magic file
file { $ae_magic_file:
ensure => file,
path => $ae_magic_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ae_magic_file_erb),
notify => Service['httpd'],
file { $ae_magic_file:
ensure => file,
path => $ae_magic_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ae_magic_file_erb),
notify => Service['httpd'],
}
# manage main ssl config file
file { $ae_ssl_file:
ensure => file,
path => $ae_ssl_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ae_ssl_file_erb),
notify => Service['httpd'],
}
file { $ae_ssl_file:
ensure => file,
path => $ae_ssl_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ae_ssl_file_erb),
notify => Service['httpd'],
}
# manage autoindex.conf
file { $ae_autoindex_file:
ensure => file,
path => $ae_autoindex_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ae_autoindex_erb),
notify => Service['httpd'],
}
file { $ae_autoindex_file:
ensure => file,
path => $ae_autoindex_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ae_autoindex_erb),
notify => Service['httpd'],
}
if $ae_allow_user_dirs == true {
# manage userdir.conf
# manage userdir.conf
file { $ae_userdir_file:
ensure => file,
path => $ae_userdir_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ae_userdir_erb),
notify => Service['httpd'],
file { $ae_userdir_file:
ensure => file,
path => $ae_userdir_file,
owner => 'root',
group => 'root',
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_config_t,
seluser => system_u,
content => template($ae_userdir_erb),
notify => Service['httpd'],
}
}
}
# manage index.html
# manage index.html
file { $ae_index_file:
ensure => file,
path => $ae_index_file,
owner => $ae_user_name,
group => $ae_user_name,
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_sys_content_t,
seluser => system_u,
content => template($ae_index_erb),
notify => Service['httpd'],
file { $ae_index_file:
ensure => file,
path => $ae_index_file,
owner => $ae_user_name,
group => $ae_user_name,
mode => '0644',
selrange => s0,
selrole => object_r,
seltype => httpd_sys_content_t,
seluser => system_u,
content => template($ae_index_erb),
notify => Service['httpd'],
}
}

21
manifests/server/install.pp
View File

@@ -1,33 +1,14 @@
## cd_apache::server::install.pp
# Module name: cd_apache
# Author: Arne Teuke (arne_teuke@confdroid.com)
# License:
# This file is part of cd_apache.
#
# cd_apache is used for providing automatic configuration of
# Apache Webserver.
# Copyright (C) 2014 confdroid (copyright@confdroid.com)
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# @summary Install required binaries
##############################################################################
class cd_apache::server::install (
) inherits cd_apache::params {
require cd_resources
package {$reqpackages:
package { $reqpackages:
ensure => $pkg_ensure,
}
}

27
manifests/server/service.pp
View File

@@ -1,37 +1,18 @@
## cd_apache::server::service.pp
# Module name: cd_apache
# Author: Arne Teuke (arne_teuke@confdroid.com)
# License:
# This file is part of cd_apache.
#
# cd_apache is used for providing automatic configuration of
# Apache Webserver.
# Copyright (C) 2014 confdroid (copyright@confdroid.com)
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# @summary manage the httpd service.
##############################################################################
class cd_apache::server::service (
) inherits cd_apache::params {
require cd_apache::server::files
require cd_apache::firewall::iptables
service { $ae_service:
ensure => running,
hasstatus => true,
hasrestart => true,
enable => true,
ensure => running,
hasstatus => true,
hasrestart => true,
enable => true,
}
}

55
manifests/server/user.pp
View File

@@ -1,58 +1,37 @@
## cd_apache::server:;user.pp
# Module name: cd_apache
# Author: Arne Teuke (arne_teuke@confdroid.com)
# License:
# This file is part of cd_apache.
#
# cd_apache is used for providing automatic configuration of
# Apache Webserver.
# Copyright (C) 2014 confdroid (copyright@confdroid.com)
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# @summary manage all aspects of the httpd service user, if enabled
##############################################################################
class cd_apache::server::user (
) inherits cd_apache::params {
require cd_apache::server::install
if $ae_manage_user == true {
group { $ae_user_name:
ensure => present,
name => $ae_user_name,
gid => $ae_user_uid,
allowdupe => false,
ensure => present,
name => $ae_user_name,
gid => $ae_user_uid,
allowdupe => false,
}
user { $ae_user_name:
ensure => present,
name => $ae_user_name,
allowdupe => false,
comment => $ae_u_comment,
uid => $ae_user_uid,
gid => $ae_user_name,
groups => $ae_u_groups,
managehome => true,
home => $ae_user_home,
shell => $ae_user_shell,
require => Group[$ae_user_name],
user { $ae_user_name:
ensure => present,
name => $ae_user_name,
allowdupe => false,
comment => $ae_u_comment,
uid => $ae_user_uid,
gid => $ae_user_name,
groups => $ae_u_groups,
managehome => true,
home => $ae_user_home,
shell => $ae_user_shell,
require => Group[$ae_user_name],
}
}
else {
# do nothing
# do nothing
}
}