Commit Graph

360 Commits

Author SHA1 Message Date
14aa73e1ab
Disable superfluous config states
We are using the files and directories shipped with the apache2
package and do not want them to be overwritten.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-04-29 22:44:14 +02:00
4157db4d29
style(vhost): reduce empty lines
Avoid lots of empty lines if options are not used.

Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
2023-02-18 18:24:45 +01:00
l00d3r
c4b8538128
fix(redhat): use correct vhostdir, sitesdir and logrotate script for redhat family (#376)
* fix(redhat): use correct dirs for redhat family

Red hat family distributions do not implement sites-enabled nor vhosts.d
directories and all virtual hosts are under /etc/httpd/conf.d

Redhat based distros don't have /etc/init.d/httpd to rotate logs.
Default for them uses systemctl reload to rotate logs
2021-10-28 09:35:24 +01:00
Imran Iqbal
0c6c1d36e2
fix(vhosts): reset cleanup to previous and use dedicated clean SLS 2021-10-20 09:55:32 +01:00
Imran Iqbal
9d3e62c3cc
all the fixes for clean states to work properly 2021-09-14 20:54:31 +01:00
Imran Iqbal
c4dce07476
got all pkg/config/service running (except those disabled in kitchen.yml) 2021-09-14 19:36:03 +01:00
Imran Iqbal
1002efa909
second batch 2021-09-14 18:57:39 +01:00
Imran Iqbal
8682dff6dc
basic fixes 2021-09-14 18:31:28 +01:00
Fabian Niepelt
fe0ceb78b7
fix(suse): use correct vhostdir and sitesdir for suse family (#369)
The Suse family of distributions does not implement the sites-available/sites-enabled
distinction and puts all vhosts into /etc/apache2/vhosts.d.

Sources:
- https://documentation.suse.com/sles/15-SP3/html/SLES-all/cha-apache2.html#sec-apache2-configuration-manually
- https://build.opensuse.org/package/view_file/openSUSE:Factory/apache2/apache2-httpd.conf?expand=1
2021-08-29 00:18:10 +01:00
Imran Iqbal
4353e57a1b
feat(alma+rocky): add platforms (based on CentOS 8) [skip ci] 2021-06-30 13:10:34 +01:00
Marius van Witzenburg
4cf848da05
fix(register_site): correct semicolon to colon 2021-06-28 14:01:10 +02:00
Tom Peperkamp
a8b87a583e
fix(mod_pagespeed): add missing colon to file.directory
Fix yaml syntax error.
2021-05-14 15:27:26 +01:00
Imran Iqbal
dedb9e2f40
fix(config/vhosts/standard): remove erroneous trailing colon
Fixes #302.
2021-04-30 16:38:42 +01:00
Imran Iqbal
bc9aa78437
fix(freebsd): fix modsecurity suite implementation and tests 2021-04-03 23:01:44 +01:00
Imran Iqbal
0a0f69ee2f
fix(freebsd): fix default suite implementation and tests 2021-04-03 23:01:21 +01:00
Imran Iqbal
e7c2d20f06
test: standardise use of share suite & _mapdata state [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/302
2021-03-23 21:23:32 +00:00
Marius van Witzenburg
22c647eb5c
feature(trust): improved remote ip internal proxy support (#300)
* feat(trusted_proxy): Add support for RemoteIPInternalProxy

* fix(syntax): add semicolon
2021-01-08 11:33:46 +00:00
noelmcloughlin
28300814fc fix(memory): pass variable not dict 2020-12-08 20:46:27 +00:00
Andreas Thienemann
1f488b6af3 Do not pass full apache context to vhost templates.
The full apache context variable can grow quite large if using multiple
vhosts with SSL certificates.
With 200 sites the apache variable is being rendered 200 times which resuls
in observed renderer output of about 950MB...

state.apply will result with MemoryErrors in such cases.

This PR modifies the templating code to _only_ use a per site context
and pass a trimmed down copy of the apache context instead of the full.

Drive-By: Correct indentation for context variables.
Drive-By: Remove duplicate map/apache functionality. Only use map.
2020-12-08 21:13:07 +01:00
N
eef745c232
Merge pull request #292 from SuperTux88/fix-ssl-conf
Refactor ssl.conf for debian
2020-10-15 00:29:56 +01:00
Benjamin Neff
4b79c1dddb
refactor(vhosts): reduce empty lines in standard.tmpl and proxy.tmpl 2020-10-15 00:29:27 +02:00
Benjamin Neff
41a7a83af0
feat(ssl.conf): add SSLSessionTickets to ssl.conf on debian 2020-10-14 22:09:37 +02:00
Benjamin Neff
65043f8a61
fix(ssl.conf): fix pillar keys for SSLStapling in ssl.conf on debian 2020-10-14 22:05:41 +02:00
Benjamin Neff
b99b7b71ad
refactor(ssl.conf): reduce newlines in ssl.conf on debian 2020-10-14 22:04:01 +02:00
N
ef06f5c518
Merge pull request #286 from noelmcloughlin/clean
fix(clean): remove entire apache config directory
2020-10-14 20:42:27 +01:00
N
2e10c8a11b
Merge pull request #287 from noelmcloughlin/nochange
fix(package): avoid unnecessary state change
2020-10-14 20:41:50 +01:00
noelmcloughlin
cac5f357a4 fix(clean): remove entire apache config directory 2020-10-14 20:08:53 +01:00
noelmcloughlin
fb81d8e694 refactor(package): remove unnecessary state 2020-10-14 20:04:19 +01:00
N
9a385b4fcd
Merge pull request #290 from SuperTux88/fix-modules-enable
Fix modules enable
2020-10-14 11:44:05 +01:00
Benjamin Neff
382e053c58
fix(logs): don't change owners of logfiles with salt
The logs are created by apache or logrotate, but salt shouldn't change
permissions of existing logfiles everytime it runs.
2020-10-14 03:43:06 +02:00
Benjamin Neff
2b52e11a8a
fix(vhosts): replace %O with %b in default LogFormat
%O needs mod_logio, which isn't enabled by default everywhere, so it
also shouldn't be used as default fallback LogFormat.
2020-10-14 02:57:00 +02:00
Benjamin Neff
5844322de4
fix(debian): don't execute a2enmod on every run 2020-10-14 00:49:20 +02:00
Benjamin Neff
c17601ee42
fix(debian): fix default moddir on debian 2020-10-13 23:56:20 +02:00
Benjamin Neff
32f05e5a66
fix(config): fix old apache.service usage 2020-10-13 02:42:52 +02:00
Gaëtan Ars
441459e56f fix(package): remove own_default_vhost and debian_full from config.init 2020-10-12 08:57:48 +02:00
Imran Iqbal
7dc0ece4f5
chore: standardise structure [skip ci]
* Automated using https://github.com/myii/ssf-formula/pull/264
2020-10-06 23:26:09 +01:00
noelmcloughlin
47818fc360 refactor(formula): align to template-formula & improve ci features
FEATURE: Archlinux support
FEATURE: Windows support
FEATURE: Enhanced CI/CD
FEATURE: modular states

BREAKING CHANGE: 'apache.sls' converted to new style 'init.ssl'
BREAKING CHANGE: "logrotate.sls" became "config/logrotate.sls"
BREAKING CHANGE: "debian_full.sls" became "config/debian_full.sls"
BREAKING CHANGE: "flags.sls" became "config/flags.sls"
BREAKING CHANGE: "manage_security" became "config/manage_security.sls"
BREAKING CHANGE: "mod_*.sls" became "config/mod_*.sls"
BREAKING CHANGE: "no_default_host.sls" became "config/no_default_host.sls"
BREAKING CHANGE: "own_default_host.sls" became "config/own_default_host.sls"
BREAKING CHANGE: "register_site.sls" became "config/register_site.sls"
BREAKING CHANGE: "server_status.sls" became "config/server_status.sls"
BREAKING CHANGE: "vhosts/" became "config/vhosts/"
BREAKING CHANGE: "mod_security/" became "config/mod_security/"

NOT-BREAKING CHANGE: 'config.sls' became 'config/init.sls'
NOT-BREAKING CHANGE: 'uninstall.sls' symlinked to 'clean.sls'
2020-10-05 14:24:15 +01:00
Javier Bértoli
632802a5a9 fix(server-status): enable module in Debian family 2020-07-19 09:26:39 -03:00
Javier Bértoli
eafa4196d9 fix(server-status): manage module in debian 2020-07-18 07:28:58 -03:00
Imran Iqbal
5a186de875
Merge pull request #282 from bawuenet/script_alias
feat: Add support for ScriptAlias in standard vhost
2020-07-16 20:01:05 +01:00
Andreas Thienemann
b88b437308 feat(vhosts/standard): add support for ScriptAlias in standard vhost
The standard vhost currently handles a regular Alias configuration
statement, but not the related ScriptAlias.
Add this.
2020-07-16 20:52:22 +02:00
Andreas Thienemann
648f589cc3
feat(redhat/apache-2.x.config.jinja): allow override of default_charset
The current Red Hat config allows to set DefaultCharset to a value.
In certain situations it is necessary to leave it unconfigured thouguh.

Make the content optional, if the value of apache.default_charset is None,
the item is skipped. Otherwise it defaults to UTF-8.
2020-07-16 19:43:54 +01:00
Yoda-BZH
88373e38f5
fix(vhosts/cleanup): check sites-enabled dir exists before listing it
Co-authored-by: Tristan Charbonneau <tcharbonneau@oceanet-technology.com>

Fix #278
2020-06-21 23:37:12 +01:00
Andreas Thienemann
5591be26fd
fix(mod_ssl): update mod_ssl package variable to prevent clashes
The mod_ssl package name could be overridden in apache:lookup:mod_ssl.
Due to the way lookup keys are merged into the main apache dictionary,
the package name clashed with the mod_ssl configuration defined under
apache:mod_ssl.

Fix that by renaming the mod_ssl package variable to mod_ssl_pkg.

Drive-By: Add mod_ssl_pkg to the pillar.example file.
2020-04-02 17:29:06 +01:00
Sergio Cambra
1ed69f6c6f fix(debian): generate remoteip conf before a2enconf 2020-01-27 22:43:05 +01:00
Chris Horne
36ad2b2442 fix(redhat): add user & group lookup to configs 2019-12-20 17:38:01 +00:00
Imran Iqbal
e5579930e7
Merge pull request #272 from dimitry-unified-streaming/fix-mpm_prefork-jinja
fix(mod_mpm): cast to int to avoid Jinja type mismatch error
2019-12-20 16:52:13 +00:00
mcarlton00
a3c0022d79 feat(server-status): allow remote servers to reach server-status page 2019-12-20 11:20:26 -05:00
Dimitry Andric
21045c7a7b fix(mod_mpm): cast to int to avoid Jinja type mismatch error
This fixes the following error when Jinja tries to process
`mpm_prefork.conf.jinja` or `00-mpm.conf.jinja`, when it processes the
`max_request_workers` comparison:

```
Unable to manage file: Jinja error: '>=' not supported between instances of 'str' and 'int'
[...]
<IfModule mpm_prefork_module>
  StartServers {{ mpm_param['start_servers'] | d('5') }}
  MaxRequestWorkers {{ mpm_param['max_request_workers'] | d('150') }}
{%- if mpm_param['max_request_workers'] | d('150') >= 256 %}    <======================
  ServerLimit {{ mpm_param['max_request_workers'] | d('150') }}
{%- endif %}
  MinSpareServers {{ mpm_param['min_spare_servers'] | d('5') }}
  MaxSpareServers {{ mpm_param['max_spare_servers'] | d('10') }}
  MaxConnectionsPerChild {{ mpm_param['max_connections_per_child'] | d('0') }}
```

Add filters that convert the values to an int first.
2019-12-20 13:24:37 +01:00
Niels Abspoel
505ce0332b
Merge pull request #269 from scambra/patch-modules
fix duplicated ID
2019-11-07 17:49:43 +01:00