Set up and configure the Apache HTTP server https://github.com/saltstack-formulas/apache-formula
Go to file
N 86e334a710
Merge pull request #261 from AxaGuilDEv/modules_enabling
change way of enabling/disabling apache modules for Redhat
2020-12-05 13:51:31 +00:00
_modules Feature (rhel7/httpd 2.4) : hardening apache and code refactoring (#251) 2019-02-22 10:10:30 +01:00
.github Pull Request Template 2016-04-11 09:59:39 -05:00
apache change way of enabling/disabling apache modules for Redhat 2019-04-23 12:47:00 +02:00
test Add mod_security management 2016-05-11 15:41:07 -03:00
.gitignore Add mod_security management 2016-05-11 15:41:07 -03:00
.kitchen.yml Add kitchen/travis tests 2018-01-11 23:38:18 +00:00
.travis.yml Add kitchen/travis tests 2018-01-11 23:38:18 +00:00
FORMULA Initial commit of SPM FORMULA 2015-07-07 09:45:40 -06:00
Gemfile Add kitchen/travis tests 2018-01-11 23:38:18 +00:00
Hardening.md Feature (rhel7/httpd 2.4) : hardening apache and code refactoring (#251) 2019-02-22 10:10:30 +01:00
LICENSE Update LICENSING year 2015-03-20 20:10:44 -04:00
pillar.example.yaml remove ng stuff (#255) 2019-04-20 09:38:32 +02:00
README.rst remove ng stuff (#255) 2019-04-20 09:38:32 +02:00

apache

Formulas to set up and configure the Apache HTTP server.

This Formula uses the concepts of directive and container in pillars

see examples below for more explanation

Also it includes and enforce some hardening rules to prevent security issues

See Hardening.md and apache/hardening-values.yaml.

Available states

apache

Installs the Apache package and starts the service.

apache.config

Configures apache server.

The configuration is done by merging the pillar content with defaults present in the state apache/defaults/RedHat/defaults-apache-2.4.yaml

apache:
  server_apache_config:
    directives:
      - Timeout: 5
    containers:
      IfModule:
        -
          item: 'mime_module'
          directives:
            - AddType: 'application/x-font-ttf ttc ttf'
            - AddType: 'application/x-font-opentype otf'
            - AddType: 'application/x-font-woff woff2'

apache.modules

Enables and disables Apache modules.

apache.vhosts.vhost

Configures Apache name-based virtual hosts and creates virtual host directories using data from Pillar.

All necessary data must be provided in the pillar

Exceptions are :

  • CustomLog default is /path/apache/log/ServerName-access.log combined
  • if Logformat is defined in pillar, CustomLog is enforced to /path/apache/log/ServerName-access.log Logformat
  • ErrorLog is enforced to /path/apache/log/ServerName-error.log

Example Pillar:

Create two vhosts example.com.conf and test.example.com.conf

apache:
  VirtualHost:
    example.com:  # <-- this is an id decalaration used in salt and default ServerName
      item: '*:80'
      directives:
        - RewriteEngine: 'on'
        - Header: 'set Access-Control-Allow-Methods GET,PUT,POST,DELETE,OPTIONS'
      containers:
        Location:
          item: '/test.html'
          directives:
            - Require: 'all granted'
    site_id_declaration:
      item: '10.10.1.1:8080'
      directives:
        - ServerName: 'test.example.com'
        - LogFormat: '"%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\" %{ms}T"'

Files produced by these pillars :

example.com.conf

<VirtualHost *:80>
  ServerName example.com
  CustomLog /var/log/httpd/example.com-access.log  combined
  ErrorLog /var/log/httpd/example.com-error.log
  RewriteEngine on
  Header set Access-Control-Allow-Methods GET,PUT,POST,DELETE,OPTIONS
  <Location /test.html>
    Require all granted
  </Location>
</VirtualHost>

test.example.com.conf

<VirtualHost 10.10.1.1:8080>
  ServerName test.example.com
  CustomLog /var/log/httpd/test.example.com-access.log "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\" %{ms}T"
  ErrorLog /var/log/httpd/test.example.com-error.log
</VirtualHost>

this will delete test.example.com.conf

apache:
  VirtualHost:
    test.example.com:
      item: '10.10.1.1:8080'
      absent: True  # <-- delete test.example.com.conf
      directives:
        - ServerName: 'test.example.com'

apache.uninstall ----------

Stops the Apache service and uninstalls the package.