confdroid_apache/manifests/params.pp

## confdroid_apache::params.pp
# Module name: confdroid_apache
# Author: 12ww1160 (12ww1160@confdroid.com)
# @summary This class holds all parameters for the confdroid_apache module, which are
#   inherited by all classes except defines.
# @param [String] pkg_ensure Specify which
#   package type to use, i.e. `latest`, `present` or `absent`.
# @param [Boolean] ae_manage_cfg Whether or not to manage the httpd
#   configuration. httpd is very often a sub system used by many other services,
#   and the required configuration depends on the use case. If using httpd as
#   sub-service ( i.e. for phpmyadmin, Nagios etc.), the main configuration
#   should be done on that end, not in confdroid_apache. IN that case, set `ae_manage_cfg`
#   to `false`.
# @param [Boolean] ae_manage_dirs Whether or not main directories required
#   to run httpd should be managed. Typically this should be set to true.
# @param [Boolean] ae_allow_user_dirs Whether or not to allow user directories
#   should be allowed to share content through httpd. Usually this is a security
#   problem and as such should be disabled.
# @param [Boolean] ae_incl_target whether or not to allow nagios monitoring.
# @param [String] ae_order_no the order number for the firewall rules
# @param [String] ae_http_port the port to use for the http protocol
# @param [String] ae_https_port the port to use for the https protocol
# @param [String] ae_target_service which service to monitor with nagios
# @param [String] ae_target_contacts which contacts to notify for nagios alerts
# @param [Boolean] ae_manage_fw whether to manage firewall settings
# @param [Array] reqpackages List of packages to install.
# @param [Boolean] ae_use_lb whether to use load balancer or not. If true, 
#   a configuration file will be created to allow reading the client ips 
#   from the X-Forwarded-For header, and the httpd service will be restarted 
#   to apply the changes. This is required when using httpd behind a 
#   load balancer like haproxy, otherwise all client ips will be logged 
#   as the load balancer ip.
# @param [String] ae_trusted_proxy the IP address of the trusted proxy, 
#   i.e. the load balancer. This is required when `ae_use_lb` is set to 
#   true, and defaults to '10.0.1.0/24'.
###########################################################################
class confdroid_apache::params (

# installation
  String $pkg_ensure          = 'present',
  Array $reqpackages          = ['httpd','mod_ssl'],

# configuration files
  Boolean $ae_manage_cfg      = false,
  Boolean $ae_manage_dirs     = true,
  Boolean $ae_allow_user_dirs = false,

# nagios
  Boolean $ae_incl_target     = true,
  String $ae_target_service   = '/etc/nagios/conf.d/httpd_service.cfg',
  String $ae_target_contacts  = 'nagiosadmin',

# firewall
  Boolean $ae_manage_fw       = true,
  String $ae_order_no         = '50',
  String $ae_http_port        = '80',
  String $ae_https_port       = '443',

# loadbalancer
  Boolean $ae_use_lb          = false,
  String $ae_trusted_proxy    = '10.0.1.0/24',

) {
# facts
  $fqdn                             = $facts['networking']['fqdn']
  $domain                           = $facts['networking']['domain']
  $os_name                          = $facts['os']['name']
  $os_release                       = $facts['os']['release']['major']

# service
  $ae_service         = 'httpd'

# directories
  $ae_main_dir        = '/etc/httpd'
  $ae_conf_dir        = "${ae_main_dir}/conf"
  $ae_conf_d_dir      = "${ae_main_dir}/conf.d"
  $ae_conf_mods_d     = "${ae_main_dir}/conf.modules.d"
  $ae_var_logs_dir    = '/var/log/httpd'
  $ae_logs_dir        = "${ae_main_dir}/logs"
  $ae_usr_lib_dir     = '/usr/lib64/httpd'
  $ae_usr_mods_dir    = "${ae_usr_lib_dir}/modules"
  $ae_mods_dir        = "${ae_main_dir}/modules"
  $ae_run_dir         = '/run/httpd'
  $ae_run_link        = "${ae_main_dir}/run"
  $ae_share_httpd     = '/usr/share/httpd'
  $ae_cache_httpd     = '/var/cache/httpd'

# files
  $ae_conf_file       = "${ae_conf_dir}/httpd.conf"
  $ae_conf_file_erb   = 'confdroid_apache/httpd_conf.erb'
  $ae_magic_file      = "${ae_conf_dir}/magic"
  $ae_magic_file_erb  = 'confdroid_apache/magic.erb'
  $ae_ssl_file        = "${ae_conf_d_dir}/ssl.conf"
  $ae_ssl_file_erb    = 'confdroid_apache/ssl_conf.erb'
  $ae_autoindex_file  = "${ae_conf_d_dir}/autoindex.conf"
  $ae_autoindex_erb   = 'confdroid_apache/autoindex_conf.erb'
  $ae_userdir_file    = "${ae_conf_d_dir}/userdir.conf"
  $ae_userdir_erb     = 'confdroid_apache/userdir_conf.erb'
  $ae_index_file      = '/var/www/html/index.html'
  $ae_index_erb       = 'confdroid_apache/index_html.erb'
  $ae_remoteip_file   = '/etc/httpd/conf.d/loadbalancer-remoteip.conf'
  $ae_remoteip_erb    = 'confdroid_apache/loadbalancer/remoteip.conf.erb'

# includes must be last
  include confdroid_apache::main::config
}