Compare commits

...

2 Commits

Author SHA1 Message Date
Tobias Herre 30c312b361 Some fedora support 2023-09-29 07:59:41 +02:00
Tobias Herre 35144901fa Added cron job for freebsd 2023-09-27 23:05:52 +02:00
4 changed files with 71 additions and 3 deletions

View File

@ -36,6 +36,7 @@ vars:
{m: "version",f:"mod_version"}, {m: "version",f:"mod_version"},
{m: "unixd",f:"mod_unixd"}, {m: "unixd",f:"mod_unixd"},
{m: "php7",f:"libphp7"}, {m: "php7",f:"libphp7"},
{m: "ssl",f:"mod_ssl"}
]'; ]';
@ -60,18 +61,49 @@ vars:
"server_root" string => "/usr"; "server_root" string => "/usr";
"modules" data => '[ "modules" data => '[
{m:"php",f:"libphp8.2"} {m:"php",f:"libphp8.2"},
{m:"ssl",f:"mod_ssl"},
]'; ]';
centos:: centos::
"pkgs" slist => { "pkgs" slist => {
"httpd", "httpd",
"mod_ssl",
"libapache2-mod-php", "libapache2-mod-php",
"libapache2-mod-svn", "libapache2-mod-svn",
}; };
fedora::
"pkgs" slist => {
"httpd",
# "mod_ssl",
};
fedora|centos::
"log_dir" string =>"/var/log/httpd";
"service_name" string => "httpd"; "service_name" string => "httpd";
"restart_cmd" string => "/usr/bin/systemctl restart $(service_name)";
"www_user" string => "apache";
"www_group" string => "apache";
"mime_types" string => "/etc/mime.types";
"www_dir" string => "/var/www",unless => isvariable( $(this.promiser) ) ;
"default_html_dir" string => "$(www_dir)/html";
"etc_dir" string => "/etc";
"cfg_dir" string => "$(etc_dir)/httpd";
"main_cfg" string => "$(cfg_dir)/conf/httpd.conf";
"libexec_dir" string => "$(cfg_dir)/modules";
"server_root" string => "/var";
"modules" data => '[
{m: "autoindex",f:"mod_autoindex"},
{m: "log_config",f:"mod_log_config"},
{m: "version",f:"mod_version"},
{m: "unixd",f:"mod_unixd"},
]';
# {m: "php",f:"libphp8"},
ubuntu_20:: ubuntu_20::
"phpm" string => "php7"; "phpm" string => "php7";
ubuntu_22:: ubuntu_22::
@ -105,7 +137,7 @@ packages:
policy => "present", policy => "present",
package_module => apt_get, package_module => apt_get,
classes => if_repaired(apache_changed); classes => if_repaired(apache_changed);
centos:: fedora|centos::
"$(apache.pkgs)" "$(apache.pkgs)"
policy => "present", policy => "present",
package_module => yum, package_module => yum,
@ -235,3 +267,12 @@ methods:
reports: reports:
} }
bundle agent configure_apache(sites)
{
vars:
"idx" slist => getindices(@(sites));
methods:
"any" usebundle => apache_vhost($(sites[$idx]));
}

View File

@ -40,6 +40,21 @@ packages:
policy => "present", policy => "present",
package_module => apt_get, package_module => apt_get,
handle => "certbot_installed"; handle => "certbot_installed";
files:
freebsd::
"/etc/cron.d/certbot"
create => "true",
copy_from => local_cp("$(sys.workdir)/inputs/$(def.mfdomain)/templates/certbot-cron.mustache");
# content => '#
# Managed by CFEngine
#
#SHELL=/bin/sh
#PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
#0 */12 * * * root certbot -q renew --no-random-sleep-on-renew
#';
} }
bundle agent certbot_cert(site,webroot) bundle agent certbot_cert(site,webroot)

View File

@ -0,0 +1,8 @@
#
# Managed by CFEngine
#
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
0 */12 * * * root certbot -q renew --no-random-sleep-on-renew

View File

@ -56,7 +56,11 @@ Listen 443
# Go ahead and accept connections for these vhosts # Go ahead and accept connections for these vhosts
# from non-SNI clients # from non-SNI clients
<IfModule ssl_module>
SSLStrictSNIVHostCheck on SSLStrictSNIVHostCheck on
</ifModule>
#NameVirtualHost *:80 #NameVirtualHost *:80
#NameVirtualHost *:443 #NameVirtualHost *:443
ServerName localhost ServerName localhost
@ -156,7 +160,7 @@ LoadModule setenvif_module {{vars.apache.libexec_dir}}/mod_setenvif.so
#LoadModule session_dbd_module {{vars.apache.libexec_dir}}/mod_session_dbd.so #LoadModule session_dbd_module {{vars.apache.libexec_dir}}/mod_session_dbd.so
#LoadModule slotmem_shm_module {{vars.apache.libexec_dir}}/mod_slotmem_shm.so #LoadModule slotmem_shm_module {{vars.apache.libexec_dir}}/mod_slotmem_shm.so
#LoadModule slotmem_plain_module {{vars.apache.libexec_dir}}/mod_slotmem_plain.so #LoadModule slotmem_plain_module {{vars.apache.libexec_dir}}/mod_slotmem_plain.so
LoadModule ssl_module {{vars.apache.libexec_dir}}/mod_ssl.so #LoadModule ssl_module {{vars.apache.libexec_dir}}/mod_ssl.so
#LoadModule dialup_module {{vars.apache.libexec_dir}}/mod_dialup.so #LoadModule dialup_module {{vars.apache.libexec_dir}}/mod_dialup.so
#LoadModule http2_module {{vars.apache.libexec_dir}}/mod_http2.so #LoadModule http2_module {{vars.apache.libexec_dir}}/mod_http2.so
#LoadModule proxy_http2_module {{vars.apache.libexec_dir}}/mod_proxy_http2.so #LoadModule proxy_http2_module {{vars.apache.libexec_dir}}/mod_proxy_http2.so