From 0b37a140352193fcf3a3c0db624b2992014df5c9 Mon Sep 17 00:00:00 2001 From: Oleksandr Porunov Date: Tue, 28 Mar 2017 17:53:50 +0300 Subject: [PATCH 01/16] Fix: wsgi.conf file not found --- apache/mod_wsgi.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apache/mod_wsgi.sls b/apache/mod_wsgi.sls index 73f9251..9dd5743 100644 --- a/apache/mod_wsgi.sls +++ b/apache/mod_wsgi.sls @@ -9,7 +9,7 @@ mod_wsgi: - require: - pkg: apache -{% if grains.get('os_family') == 'RedHat' %} +{% if grains.get('os_family') == 'RedHat' and salt['file.file_exists']('/etc/httpd/conf.d/wsgi.conf') %} /etc/httpd/conf.d/wsgi.conf: file.uncomment: - regex: LoadModule From c28a1097e38a847d86def25d57b4788cb3769290 Mon Sep 17 00:00:00 2001 From: Oleksandr Porunov Date: Wed, 5 Apr 2017 09:46:48 +0300 Subject: [PATCH 02/16] Fix wsgi.conf uncomment for RedHat based OS --- apache/mod_wsgi.sls | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/apache/mod_wsgi.sls b/apache/mod_wsgi.sls index 9dd5743..bda0274 100644 --- a/apache/mod_wsgi.sls +++ b/apache/mod_wsgi.sls @@ -9,10 +9,11 @@ mod_wsgi: - require: - pkg: apache -{% if grains.get('os_family') == 'RedHat' and salt['file.file_exists']('/etc/httpd/conf.d/wsgi.conf') %} +{% if grains.get('os_family') == 'RedHat' %} /etc/httpd/conf.d/wsgi.conf: file.uncomment: - regex: LoadModule + - onlyif: test -f /etc/httpd/conf.d/wsgi.conf - require: - pkg: mod_wsgi {% endif %} From 0cbf64209dded26bc59df77701cb106bbf30e620 Mon Sep 17 00:00:00 2001 From: Oleksandr Porunov Date: Wed, 5 Apr 2017 12:00:50 +0300 Subject: [PATCH 03/16] Add info about uninstall state --- README.rst | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.rst b/README.rst index 74d9d51..57c2ba7 100644 --- a/README.rst +++ b/README.rst @@ -188,6 +188,11 @@ Configures Apache's security.conf options by reassinging them using data from Pi Installs and configures Apache on Debian and Ubuntu systems. +``apache.uninstall`` +---------- + +Stops the Apache service and uninstalls the package. + These states are ordered using the ``order`` declaration. Different stages are divided into the following number ranges: From 7ac28f42f953fdf5bc5ac0dabfc44deb15b2d55b Mon Sep 17 00:00:00 2001 From: Oleksandr Porunov Date: Thu, 6 Apr 2017 15:03:37 +0300 Subject: [PATCH 04/16] Clear uncomment state of mod_wsgi config --- apache/map.jinja | 1 + apache/mod_wsgi.sls | 8 ++++---- apache/osfingermap.yaml | 1 + 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/apache/map.jinja b/apache/map.jinja index 7dcd50c..a623556 100644 --- a/apache/map.jinja +++ b/apache/map.jinja @@ -54,6 +54,7 @@ 'configfile': '/etc/httpd/conf/httpd.conf', 'mod_wsgi': 'mod_wsgi', + 'conf_mod_wsgi': '/etc/httpd/conf.d/wsgi.conf', 'mod_php5': 'php', 'mod_pagespeed_source': 'https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_x86_64.rpm', diff --git a/apache/mod_wsgi.sls b/apache/mod_wsgi.sls index bda0274..1b48660 100644 --- a/apache/mod_wsgi.sls +++ b/apache/mod_wsgi.sls @@ -9,11 +9,11 @@ mod_wsgi: - require: - pkg: apache -{% if grains.get('os_family') == 'RedHat' %} -/etc/httpd/conf.d/wsgi.conf: +{% if apache.conf_mod_wsgi %} +{{ apache.conf_mod_wsgi }}: file.uncomment: - regex: LoadModule - - onlyif: test -f /etc/httpd/conf.d/wsgi.conf + - onlyif: test -f {{ apache.conf_mod_wsgi }} - require: - pkg: mod_wsgi -{% endif %} +{% endif %} \ No newline at end of file diff --git a/apache/osfingermap.yaml b/apache/osfingermap.yaml index abef80b..9b77b89 100644 --- a/apache/osfingermap.yaml +++ b/apache/osfingermap.yaml @@ -10,6 +10,7 @@ CentOS Linux-6: version: '2.2' CentOS Linux-7: version: '2.4' + conf_mod_wsgi: '/etc/httpd/conf.modules.d/10-wsgi.conf' Oracle Linux Server-6: version: '2.2' Oracle Linux Server-7: From ee6b910302296befa10a1efbe65727ce0248a4b7 Mon Sep 17 00:00:00 2001 From: Oleksandr Porunov Date: Thu, 6 Apr 2017 15:11:32 +0300 Subject: [PATCH 05/16] Format mod_wsgi state --- apache/mod_wsgi.sls | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apache/mod_wsgi.sls b/apache/mod_wsgi.sls index 1b48660..aa3fd21 100644 --- a/apache/mod_wsgi.sls +++ b/apache/mod_wsgi.sls @@ -16,4 +16,4 @@ mod_wsgi: - onlyif: test -f {{ apache.conf_mod_wsgi }} - require: - pkg: mod_wsgi -{% endif %} \ No newline at end of file +{% endif %} From 4da54dd8dec5cf6066a3bcd877880a0ba56fee73 Mon Sep 17 00:00:00 2001 From: Gary Waters Date: Wed, 12 Apr 2017 14:45:00 -0700 Subject: [PATCH 06/16] in RH, vhosts.d doesnt exisit, this makes it --- apache/init.sls | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/apache/init.sls b/apache/init.sls index 9731c5b..c3e170e 100644 --- a/apache/init.sls +++ b/apache/init.sls @@ -14,6 +14,10 @@ apache: - name: {{ apache.service }} - enable: True +{{ apache.vhostdir }}: + file.directory: + - makedirs: True + # The following states are inert by default and can be used by other states to # trigger a restart or reload as needed. apache-reload: From 9bf72e5d0a5d6a2a736f3baf41c6d670c7f4b382 Mon Sep 17 00:00:00 2001 From: Mike Shade Date: Thu, 13 Apr 2017 12:41:53 -0400 Subject: [PATCH 07/16] Correct CentOS 6 osfinger map CentOS 6 reports as CentOS-6 rather than CentOS Linux-6 from osfinger grain --- apache/osfingermap.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apache/osfingermap.yaml b/apache/osfingermap.yaml index 9b77b89..27873ec 100644 --- a/apache/osfingermap.yaml +++ b/apache/osfingermap.yaml @@ -6,7 +6,7 @@ Red Hat Enterprise Linux Server-6: version: '2.2' Red Hat Enterprise Linux Server-7: version: '2.4' -CentOS Linux-6: +CentOS-6: version: '2.2' CentOS Linux-7: version: '2.4' From 9c9050595d80fff0d79723c65988b0292535b237 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20B=C3=A9rtoli?= Date: Sun, 23 Apr 2017 14:37:26 -0300 Subject: [PATCH 08/16] Remove duplicated ID (fixes #179) --- apache/config.sls | 7 ------- apache/init.sls | 6 +++++- 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/apache/config.sls b/apache/config.sls index 4691f8e..677bd6c 100644 --- a/apache/config.sls +++ b/apache/config.sls @@ -15,13 +15,6 @@ include: - context: apache: {{ apache }} -{{ apache.vhostdir }}: - file.directory: - - require: - - pkg: apache - - watch_in: - - service: apache - {% if grains['os_family']=="Debian" %} /etc/apache2/envvars: file.managed: diff --git a/apache/init.sls b/apache/init.sls index c3e170e..becb3d6 100644 --- a/apache/init.sls +++ b/apache/init.sls @@ -16,7 +16,11 @@ apache: {{ apache.vhostdir }}: file.directory: - - makedirs: True + - makedirs: True + - require: + - pkg: apache + - watch_in: + - service: apache # The following states are inert by default and can be used by other states to # trigger a restart or reload as needed. From ffac9b2381ee15f65dc2ab38e546329234bd0b23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20B=C3=A9rtoli?= Date: Sun, 23 Apr 2017 14:38:17 -0300 Subject: [PATCH 09/16] Added minimal template (fixes #34) --- apache/vhosts/minimal.tmpl | 30 ++++++++++++++++++++++++++++++ pillar.example | 2 +- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 apache/vhosts/minimal.tmpl diff --git a/apache/vhosts/minimal.tmpl b/apache/vhosts/minimal.tmpl new file mode 100644 index 0000000..d2243c7 --- /dev/null +++ b/apache/vhosts/minimal.tmpl @@ -0,0 +1,30 @@ +{# Define default values here so the template below can just focus on layout #} +{%- set sitename = site.get('ServerName', id) -%} + +{%- set vals = { + 'interfaces': site.get('interface', '*').split(), + 'port': site.get('port', '80'), + + 'ServerName': sitename, + 'ServerAlias': site.get('ServerAlias', 'www.{0}'.format(sitename)), + + 'ServerAdmin': site.get('ServerAdmin', 'webmaster@{0}'.format(sitename)), + + 'LogLevel': site.get('LogLevel', 'warn'), + 'ErrorLog': site.get('ErrorLog', '{0}/{1}-error.log'.format(map.logdir, sitename)), + 'CustomLog': site.get('CustomLog', '{0}/{1}-access.log'.format(map.logdir, sitename)), + + 'DocumentRoot': site.get('DocumentRoot', '{0}/{1}'.format(map.wwwdir, sitename)) +} -%} + + + ServerName {{ vals.ServerName }} + {% if site.get('ServerAlias') != False %}ServerAlias {{ vals.ServerAlias }}{% endif %} + {% if site.get('ServerAdmin') != False %}ServerAdmin {{ vals.ServerAdmin }}{% endif %} + + {% if site.get('DocumentRoot') != False -%}DocumentRoot {{ vals.DocumentRoot }}{% endif %} + + {% if site.get('LogLevel') != False -%}LogLevel {{ vals.LogLevel }}{% endif %} + {% if site.get('ErrorLog') != False -%}ErrorLog {{ vals.ErrorLog }}{% endif %} + {% if site.get('CustomLog') != False -%}CustomLog {{ vals.CustomLog }} {{ vals.LogFormat }}{% endif %} + diff --git a/pillar.example b/pillar.example index 17539bc..8969a2c 100644 --- a/pillar.example +++ b/pillar.example @@ -41,7 +41,7 @@ apache: example.com: # must be unique; used as an ID declaration in Salt. enabled: True - template_file: salt://apache/vhosts/standard.tmpl # or redirect.tmpl or proxy.tmpl + template_file: salt://apache/vhosts/standard.tmpl # or minimal.tmpl or redirect.tmpl or proxy.tmpl ####################### DEFAULT VALUES BELOW ############################ # NOTE: the values below are simply default settings that *can* be From a7f66b63449edab5a4c1b7c4b2851d53fc95c485 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20B=C3=A9rtoli?= Date: Mon, 24 Apr 2017 15:33:44 -0300 Subject: [PATCH 10/16] Move vhostdir `to config.sls` --- apache/config.sls | 8 ++++++++ apache/init.sls | 8 -------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/apache/config.sls b/apache/config.sls index 677bd6c..6a29683 100644 --- a/apache/config.sls +++ b/apache/config.sls @@ -15,6 +15,14 @@ include: - context: apache: {{ apache }} +{{ apache.vhostdir }}: + file.directory: + - makedirs: True + - require: + - pkg: apache + - watch_in: + - service: apache + {% if grains['os_family']=="Debian" %} /etc/apache2/envvars: file.managed: diff --git a/apache/init.sls b/apache/init.sls index becb3d6..9731c5b 100644 --- a/apache/init.sls +++ b/apache/init.sls @@ -14,14 +14,6 @@ apache: - name: {{ apache.service }} - enable: True -{{ apache.vhostdir }}: - file.directory: - - makedirs: True - - require: - - pkg: apache - - watch_in: - - service: apache - # The following states are inert by default and can be used by other states to # trigger a restart or reload as needed. apache-reload: From 7495b5fdd85fd38efc4db3f9dd6f09e9a14389bf Mon Sep 17 00:00:00 2001 From: kadogo Date: Tue, 7 Feb 2017 16:01:49 +0100 Subject: [PATCH 11/16] Add mod_xsenfile (Debian) --- apache/mod_xsendfile.sls | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 apache/mod_xsendfile.sls diff --git a/apache/mod_xsendfile.sls b/apache/mod_xsendfile.sls new file mode 100644 index 0000000..e86f075 --- /dev/null +++ b/apache/mod_xsendfile.sls @@ -0,0 +1,24 @@ +{% from "apache/map.jinja" import apache with context %} + +include: + - apache + +mod-xsendfile: + pkg.installed: + - name: {{ apache.mod_xsendfile }} + - order: 180 + - require: + - pkg: apache + +{% if grains['os_family']=="Debian" %} +a2enmod xsendfile: + cmd.run: + - order: 225 + - unless: ls /etc/apache2/mods-enabled/xsendfile.load + - require: + - pkg: mod-xsendfile + - watch_in: + - module: apache-restart + +{% endif %} + From d4e45322bf29966599fc1416bc84faebc1ca3e31 Mon Sep 17 00:00:00 2001 From: kadogo Date: Tue, 7 Feb 2017 16:02:08 +0100 Subject: [PATCH 12/16] Add mod_proxy_fcgi (Debian) --- apache/mod_proxy_fcgi.sls | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 apache/mod_proxy_fcgi.sls diff --git a/apache/mod_proxy_fcgi.sls b/apache/mod_proxy_fcgi.sls new file mode 100644 index 0000000..d95d1ed --- /dev/null +++ b/apache/mod_proxy_fcgi.sls @@ -0,0 +1,17 @@ +{% if grains['os_family']=="Debian" %} + +include: + - apache + - apache.mod_proxy + +a2enmod proxy_fcgi: + cmd.run: + - unless: ls /etc/apache2/mods-enabled/proxy_fcgi.load + - order: 225 + - require: + - pkg: apache + - cmd: a2enmod proxy + - watch_in: + - module: apache-restart + +{% endif %} From 858d012380e323ba8765ce52812e74d91aa515f9 Mon Sep 17 00:00:00 2001 From: kadogo Date: Tue, 7 Feb 2017 16:02:26 +0100 Subject: [PATCH 13/16] Add mod_fastcgi (Debian) --- apache/mod_fastcgi.sls | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 apache/mod_fastcgi.sls diff --git a/apache/mod_fastcgi.sls b/apache/mod_fastcgi.sls new file mode 100644 index 0000000..c22dfcb --- /dev/null +++ b/apache/mod_fastcgi.sls @@ -0,0 +1,31 @@ +{% if grains['os_family']=="Debian" %} + +include: + - apache + - apache.mod_actions + +repo-fastcgi: + pkgrepo.managed: + - name: "deb http://httpredir.debian.org/debian jessie" + - file: /etc/apt/sources.list.d/non-free.list + - comps: non-free + +mod-fastcgi: + pkg.installed: + - name: {{ apache.mod_fastcgi }} + - order: 180 + - require: + - pkg: apache + +a2enmod fastcgi: + cmd.run: + - unless: ls /etc/apache2/mods-enabled/fastcgi.load + - order: 225 + - require: + - pkgrepo: repo-fastcgi + - pkg: mod-fastcgi + - watch_in: + - module: apache-restart + +{% endif %} + From 14fa8d861661e04b0e6e42fd9efb51a066089cd9 Mon Sep 17 00:00:00 2001 From: kadogo Date: Tue, 7 Feb 2017 16:02:51 +0100 Subject: [PATCH 14/16] Add variables for mod_xsendfile and mod_fastcgi --- apache/map.jinja | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apache/map.jinja b/apache/map.jinja index a623556..70d4b43 100644 --- a/apache/map.jinja +++ b/apache/map.jinja @@ -35,6 +35,8 @@ 'mod_perl2': 'libapache2-mod-perl2', 'mod_fcgid': 'libapache2-mod-fcgid', 'mod_pagespeed_source': 'https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_amd64.deb', + 'mod_xsendfile': 'libapache2-mod-xsendfile', + 'mod_fastcgi': 'libapache2-mod-fastcgi', 'vhostdir': '/etc/apache2/sites-available', 'confdir': '/etc/apache2/conf.d', From 93e1a0a9cd10a2c16a19f8ae28d245725c43422f Mon Sep 17 00:00:00 2001 From: kadogo Date: Tue, 7 Feb 2017 16:03:30 +0100 Subject: [PATCH 15/16] Update README for new mod (xsendfile, fastcgi, proxy_fcgi) --- README.rst | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/README.rst b/README.rst index 57c2ba7..b207a42 100644 --- a/README.rst +++ b/README.rst @@ -55,6 +55,11 @@ Enables the Apache module mod_proxy. (Debian and FreeBSD only) Enables the Apache module mod_proxy_http and requires the Apache module mod_proxy to be enabled. (Debian Only) +``apache.mod_proxy_fcgi`` +------------------------- + +Enables the Apache module mod_proxy_fcgi and requires the Apache module mod_proxy to be enabled. (Debian Only) + ``apache.mod_wsgi`` ------------------- @@ -100,6 +105,11 @@ Enables mod_cgi. (FreeBSD only) Installs and enables the mod_fcgid module +``apache.mod_fastcgi`` +-------------------- + +Installs and enables the mod_fastcgi module + ``apache.mod_dav_svn`` -------------------- @@ -144,6 +154,11 @@ Enables the Apache module vhost_alias (Debian Only) Enables and configures the Apache module mod_remoteip using data from Pillar. (Debian Only) +``apache.mod_xsendfile`` +---------------------- + +Installs and enables mod_xsendfile module. (Debian Only) + ``apache.own_default_vhost`` -------------------------- From 69bb7744c879ec988ff9e6cf5388db6394a4748a Mon Sep 17 00:00:00 2001 From: kadogo Date: Tue, 7 Feb 2017 16:43:50 +0100 Subject: [PATCH 16/16] Correct little error for mod_fastcgi --- apache/mod_fastcgi.sls | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/apache/mod_fastcgi.sls b/apache/mod_fastcgi.sls index c22dfcb..36e8e7e 100644 --- a/apache/mod_fastcgi.sls +++ b/apache/mod_fastcgi.sls @@ -1,28 +1,29 @@ -{% if grains['os_family']=="Debian" %} +{% from "apache/map.jinja" import apache with context %} include: - apache - apache.mod_actions +{% if grains['os_family']=="Debian" %} +mod-fastcgi: + pkg.installed: + - name: {{ apache.mod_fastcgi }} + - order: 180 + - require: + - pkgrepo: repo-fastcgi + - pkg: apache + repo-fastcgi: pkgrepo.managed: - name: "deb http://httpredir.debian.org/debian jessie" - file: /etc/apt/sources.list.d/non-free.list - comps: non-free -mod-fastcgi: - pkg.installed: - - name: {{ apache.mod_fastcgi }} - - order: 180 - - require: - - pkg: apache - a2enmod fastcgi: cmd.run: - unless: ls /etc/apache2/mods-enabled/fastcgi.load - order: 225 - require: - - pkgrepo: repo-fastcgi - pkg: mod-fastcgi - watch_in: - module: apache-restart