Merge pull request #113 from genuss/fix_listen

Manage ports.conf file properly
This commit is contained in:
Forrest 2016-02-01 10:58:02 -08:00
commit 2320295d09
9 changed files with 52 additions and 17 deletions

View File

@ -32,6 +32,19 @@ include:
- pkg: apache - pkg: apache
- watch_in: - watch_in:
- service: apache - service: apache
{{ apache.portsfile }}:
file.managed:
- template: jinja
- source:
- salt://apache/files/{{ salt['grains.get']('os_family') }}/ports-{{ apache.version }}.conf.jinja
- require:
- pkg: apache
- watch_in:
- service: apache
- context:
apache: {{ apache }}
{% endif %} {% endif %}
{% if grains['os_family']=="RedHat" %} {% if grains['os_family']=="RedHat" %}

View File

@ -37,9 +37,4 @@ a2dissite 000-default{{ apache.confext }}:
- require: - require:
- pkg: apache - pkg: apache
/etc/apache2/ports.conf:
file.absent:
- require:
- pkg: apache
{% endif %} #END: os = debian {% endif %} #END: os = debian

View File

@ -34,6 +34,10 @@
# together by including all remaining configuration files when starting up the # together by including all remaining configuration files when starting up the
# web server. # web server.
# #
# * ports.conf is always included from the main configuration file. It is
# supposed to determine listening ports for incoming connections which can be
# customized anytime.
#
# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/ # * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
# directories contain particular configuration snippets which manage modules, # directories contain particular configuration snippets which manage modules,
# global configuration fragments, or virtual host configurations, # global configuration fragments, or virtual host configurations,
@ -138,6 +142,9 @@ LogLevel warn
IncludeOptional mods-enabled/*.load IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf IncludeOptional mods-enabled/*.conf
# Include list of ports to listen on
Include ports.conf
# Sets the default security model of the Apache2 HTTPD server. It does # Sets the default security model of the Apache2 HTTPD server. It does
# not allow access to the root filesystem outside of /usr/share and /var/www. # not allow access to the root filesystem outside of /usr/share and /var/www.

View File

@ -0,0 +1,30 @@
{%- from "apache/map.jinja" import apache with context -%}
# Managed by saltstack
{% if salt['pillar.get']('apache:sites') is mapping %}
{%- set listen_directives = [] %}
{%- for id, site in salt['pillar.get']('apache:sites').items() %}
{%- set interfaces = site.get('interface', '*').split() %}
{%- set port = site.get('port', 80) %}
{%- for interface in interfaces %}
{%- set listen_directive = interface ~ ':' ~ port %}
{%- if listen_directive not in listen_directives %}
{%- do listen_directives.append(listen_directive) %}
{%- endif %}
{%- endfor %}
{%- endfor %}
{%- for listen in listen_directives %}
Listen {{ listen }}
{%- endfor %}
{%- else %}
Listen 80
<IfModule mod_ssl.c>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
{%- endif %}

View File

@ -5,6 +5,7 @@
'server': 'apache2', 'server': 'apache2',
'service': 'apache2', 'service': 'apache2',
'configfile': '/etc/apache2/apache2.conf', 'configfile': '/etc/apache2/apache2.conf',
'portsfile': '/etc/apache2/ports.conf',
'mod_wsgi': 'libapache2-mod-wsgi', 'mod_wsgi': 'libapache2-mod-wsgi',
'mod_php5': 'libapache2-mod-php5', 'mod_php5': 'libapache2-mod-php5',

View File

@ -22,10 +22,6 @@
'ProxyRoute': site.get('ProxyRoute', {}), 'ProxyRoute': site.get('ProxyRoute', {}),
} %} } %}
{% for intf in vals.interfaces -%}
Listen {{ intf }}:{{ vals.port }}
{% endfor %}
<VirtualHost {%- for intf in vals.interfaces %} {{intf}}:{{ vals.port }}{% endfor -%}> <VirtualHost {%- for intf in vals.interfaces %} {{intf}}:{{ vals.port }}{% endfor -%}>
ServerName {{ vals.ServerName }} ServerName {{ vals.ServerName }}
{% if site.get('ServerAlias') != False %}ServerAlias {{ vals.ServerAlias }}{% endif %} {% if site.get('ServerAlias') != False %}ServerAlias {{ vals.ServerAlias }}{% endif %}

View File

@ -23,10 +23,6 @@
} %} } %}
{% for intf in vals.interfaces -%}
Listen {{ intf }}:{{ vals.port }}
{% endfor %}
<VirtualHost {%- for intf in vals.interfaces %} {{intf}}:{{ vals.port }}{% endfor -%}> <VirtualHost {%- for intf in vals.interfaces %} {{intf}}:{{ vals.port }}{% endfor -%}>
ServerName {{ vals.ServerName }} ServerName {{ vals.ServerName }}
{% if site.get('ServerAlias') != False %}ServerAlias {{ vals.ServerAlias }}{% endif %} {% if site.get('ServerAlias') != False %}ServerAlias {{ vals.ServerAlias }}{% endif %}

View File

@ -2,6 +2,7 @@
include: include:
- apache - apache
- apache.config
{% for id, site in salt['pillar.get']('apache:sites', {}).items() %} {% for id, site in salt['pillar.get']('apache:sites', {}).items() %}
{% set documentroot = site.get('DocumentRoot', '{0}/{1}'.format(apache.wwwdir, id)) %} {% set documentroot = site.get('DocumentRoot', '{0}/{1}'.format(apache.wwwdir, id)) %}

View File

@ -38,10 +38,6 @@
}, },
} -%} } -%}
{% for intf in vals.interfaces -%}
Listen {{ intf }}:{{ vals.port }}
{% endfor %}
<VirtualHost {% for intf in vals.interfaces %} {{intf}}:{{ vals.port }}{% endfor -%}> <VirtualHost {% for intf in vals.interfaces %} {{intf}}:{{ vals.port }}{% endfor -%}>
ServerName {{ vals.ServerName }} ServerName {{ vals.ServerName }}
{% if site.get('ServerAlias') != False %}ServerAlias {{ vals.ServerAlias }}{% endif %} {% if site.get('ServerAlias') != False %}ServerAlias {{ vals.ServerAlias }}{% endif %}