From 475fb8347e0d6ae1e8925b47ed3b2cae2d1d92a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20B=C3=A9rtoli?= Date: Wed, 29 Mar 2017 07:32:18 -0300 Subject: [PATCH] Add default user/group attributes as required by some states --- apache/files/Debian/envvars-2.2.jinja | 5 +++-- apache/files/Debian/envvars-2.4.jinja | 5 +++-- apache/files/FreeBSD/envvars-2.4.jinja | 5 +++-- apache/init.sls | 7 +++++++ apache/map.jinja | 10 ++++++++++ apache/mod_pagespeed.sls | 8 ++++---- pillar.example | 2 ++ 7 files changed, 32 insertions(+), 10 deletions(-) diff --git a/apache/files/Debian/envvars-2.2.jinja b/apache/files/Debian/envvars-2.2.jinja index 079a5a5..a605012 100644 --- a/apache/files/Debian/envvars-2.2.jinja +++ b/apache/files/Debian/envvars-2.2.jinja @@ -1,3 +1,4 @@ +{%- from "apache/map.jinja" import apache with context -%} # Managed by saltstack # envvars - default environment variables for apache2ctl @@ -15,8 +16,8 @@ fi # Since there is no sane way to get the parsed apache2 config in scripts, some # settings are defined via environment variables and then used in apache2ctl, # /etc/init.d/apache2, /etc/logrotate.d/apache2, etc. -export APACHE_RUN_USER={{ salt['pillar.get']('apache:user', 'www-data') }} -export APACHE_RUN_GROUP={{ salt['pillar.get']('apache:group', 'www-data') }} +export APACHE_RUN_USER={{ apache.user }} +export APACHE_RUN_GROUP={{ apache.group }} export APACHE_PID_FILE=/var/run/apache2$SUFFIX.pid export APACHE_RUN_DIR=/var/run/apache2$SUFFIX export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX diff --git a/apache/files/Debian/envvars-2.4.jinja b/apache/files/Debian/envvars-2.4.jinja index a3cac31..70a4523 100644 --- a/apache/files/Debian/envvars-2.4.jinja +++ b/apache/files/Debian/envvars-2.4.jinja @@ -1,3 +1,4 @@ +{%- from "apache/map.jinja" import apache with context -%} # Managed by saltstack # envvars - default environment variables for apache2ctl @@ -15,8 +16,8 @@ fi # Since there is no sane way to get the parsed apache2 config in scripts, some # settings are defined via environment variables and then used in apache2ctl, # /etc/init.d/apache2, /etc/logrotate.d/apache2, etc. -export APACHE_RUN_USER={{ salt['pillar.get']('apache:user', 'www-data') }} -export APACHE_RUN_GROUP={{ salt['pillar.get']('apache:group', 'www-data') }} +export APACHE_RUN_USER={{ apache.user }} +export APACHE_RUN_GROUP={{ apache.group }} # temporary state file location. This might be changed to /run in Wheezy+1 export APACHE_PID_FILE=/var/run/apache2/apache2$SUFFIX.pid export APACHE_RUN_DIR=/var/run/apache2$SUFFIX diff --git a/apache/files/FreeBSD/envvars-2.4.jinja b/apache/files/FreeBSD/envvars-2.4.jinja index 7a6268f..b0d27b9 100644 --- a/apache/files/FreeBSD/envvars-2.4.jinja +++ b/apache/files/FreeBSD/envvars-2.4.jinja @@ -1,3 +1,4 @@ +{%- from "apache/map.jinja" import apache with context -%} # Managed by saltstack # envvars - default environment variables for apache2ctl @@ -7,8 +8,8 @@ unset HOME APACHE_CONFDIR=/usr/local/etc/apache24 -export APACHE_RUN_USER={{ salt['pillar.get']('apache:user', 'www') }} -export APACHE_RUN_GROUP={{ salt['pillar.get']('apache:group', 'www') }} +export APACHE_RUN_USER={{ apache.user }} +export APACHE_RUN_GROUP={{ apache.group }} export APACHE_RUN_DIR={{ salt['pillar.get']('apache:run_dir', '/var/run') }} ## The locale used by some modules like mod_dav diff --git a/apache/init.sls b/apache/init.sls index 5ce70f9..9731c5b 100644 --- a/apache/init.sls +++ b/apache/init.sls @@ -3,6 +3,13 @@ apache: pkg.installed: - name: {{ apache.server }} + group.present: + - name: {{ apache.group }} + - system: True + user.present: + - name: {{ apache.user }} + - gid: {{ apache.group }} + - system: True service.running: - name: {{ apache.service }} - enable: True diff --git a/apache/map.jinja b/apache/map.jinja index 185d688..7dcd50c 100644 --- a/apache/map.jinja +++ b/apache/map.jinja @@ -5,6 +5,8 @@ 'Gentoo': { 'server': 'www-servers/apache', 'service': 'apache2', + 'user': 'apache', + 'group': 'apache', 'configfile': '/etc/apache2/httpd.conf', 'mod_wsgi': 'www-apache/mod_wsgi', @@ -23,6 +25,8 @@ 'Debian': { 'server': 'apache2', 'service': 'apache2', + 'user': 'www-data', + 'group': 'www-data', 'configfile': '/etc/apache2/apache2.conf', 'portsfile': '/etc/apache2/ports.conf', @@ -45,6 +49,8 @@ 'RedHat': { 'server': 'httpd', 'service': 'httpd', + 'user': 'apache', + 'group': 'apache', 'configfile': '/etc/httpd/conf/httpd.conf', 'mod_wsgi': 'mod_wsgi', @@ -65,6 +71,8 @@ 'Suse': { 'server': 'apache2', 'service': 'apache2', + 'user': 'apache', + 'group': 'apache', 'configfile': '/etc/apache2/httpd.conf', 'mod_wsgi': 'apache2-mod_wsgi', @@ -83,6 +91,8 @@ 'FreeBSD': { 'server': 'apache22', 'service': 'apache22', + 'user': 'www', + 'group': 'www', 'configfile': '/usr/local/etc/apache22/httpd.conf', 'portsfile': '/usr/local/etc/apache22/ports.conf', diff --git a/apache/mod_pagespeed.sls b/apache/mod_pagespeed.sls index 7b1bc90..c8b9a70 100644 --- a/apache/mod_pagespeed.sls +++ b/apache/mod_pagespeed.sls @@ -24,12 +24,12 @@ a2enmod pagespeed: file: - directory - makedirs: true - - user: {{ salt['pillar.get']('apache:user', 'www-data') }} - - group: {{ salt['pillar.get']('apache:group', 'www-data') }} + - user: {{ apache.user }} + - group: {{ apache.group }} - require: - pkg: libapache2-mod-pagespeed - - user: {{ salt['pillar.get']('apache:user', 'www-data') }} - - group: {{ salt['pillar.get']('apache:group', 'www-data') }} + - user: {{ apache.user }} + - group: {{ apache.group }} {% endfor %} # Here we hardcode a logrotate entry to take care of the logs diff --git a/pillar.example b/pillar.example index bccc0a1..17539bc 100644 --- a/pillar.example +++ b/pillar.example @@ -5,6 +5,8 @@ apache: lookup: server: apache2 service: apache2 + user: some_system_user + group: some_system_group vhostdir: /etc/apache2/sites-available confdir: /etc/apache2/conf.d