Initial commit

apache.cf

@@ -0,0 +1,226 @@
+#
+# Install and configure Apache with SSL and certbot
+#
+# Use:
+# 	usebundle => install_apache;
+# 	usebundle => apache_vhost(site_data);
+#
+#
+
+bundle agent apache
+{
+vars:
+
+	freebsd::
+		"pkgs" slist => {
+			"apache24",
+			"mod_php74"
+		};
+		"log_dir" string =>"/var/log/httpd";
+		"service_name" string => "apache24";
+		"www_user" string => "www";
+		"www_group" string => "www";
+		"mime_types" string => "/usr/local/etc/apache24/mime.types";
+		"service_name" string => "apache24";
+		"restart_cmd" string => "/usr/sbin/service $(service_name) restart";
+		"etc_dir" string => "/usr/local/etc";
+		"cfg_dir" string => "$(etc_dir)/apache24";
+		"main_cfg" string => "$(cfg_dir)/httpd.conf";
+		"libexec_dir" string => "libexec/apache24";
+		"www_dir" string => "/usr/local/www";
+		"default_html_dir" string => "$(www_dir)/apache24";
+		"server_root" string => "/usr/local";
+		"modules" data => '[ 
+			{m: "autoindex",f:"mod_autoindex"},
+			{m: "log_config",f:"mod_log_config"},
+			{m: "version",f:"mod_version"},
+			{m: "unixd",f:"mod_unixd"},
+			{m: "php7",f:"libphp7"},
+		]';
+
+
+	debian::
+		"pkgs" slist => {
+			"apache2",
+			"libapache2-mod-php",
+			"libapache2-mod-svn",
+		};
+		"log_dir" string =>"/var/log/apache2";
+		"service_name" string => "apache2";
+		"restart_cmd" string => "/usr/bin/systemctl restart $(service_name)";
+		"www_user" string => "www-data";
+		"www_group" string => "www-data";
+		"mime_types" string => "/etc/mime.types";
+		"www_dir" string => "/var/www";
+		"default_html_dir" string => "$(www_dir)/html";
+		"etc_dir" string => "/etc";
+		"cfg_dir" string => "$(etc_dir)/apache2";
+		"main_cfg" string => "$(cfg_dir)/apache2.conf";
+		"libexec_dir" string => "lib/apache2/modules";
+		"server_root" string => "/usr";
+
+		"modules" data => '[
+			{m:"php",f:"libphp8.2"}
+		]';
+
+
+	centos::
+		"pkgs" slist => {
+			"httpd",
+			"libapache2-mod-php",
+			"libapache2-mod-svn",
+		};
+		"service_name" string => "httpd";
+
+	ubuntu_20::
+		"phpm" string => "php7";
+	ubuntu_22::
+		"phpm" string => "php";
+
+	ubuntu::
+		"modules" string => '[
+			{m:"$(phpm)",f:"libphp$(install_php.version)"},
+			{m:"proxy",f:"mod_proxy"},
+			{m:"proxy_http",f:"mod_proxy_http"},
+			{m: "autoindex",f:"mod_autoindex"},
+			{m: "dav",f:"mod_dav"},
+			{m: "dav_svn", f:"mod_dav_svn"},
+			{m: "authz_svn", f:"mod_authz_svn"},
+		]';
+}
+
+
+bundle agent install_apache(params)
+{
+classes:
+
+packages:
+	freebsd::
+		"$(apache.pkgs)"
+			policy => "present",
+			package_module => pkg,
+			classes => if_repaired(apache_changed);
+	debian::
+		"$(apache.pkgs)"
+			policy => "present",
+			package_module => apt_get,
+			classes => if_repaired(apache_changed);
+	centos::
+		"$(apache.pkgs)"
+			policy => "present",
+			package_module => yum,
+			classes => if_repaired(apache_changed);
+commands:
+	freebsd::
+		"/usr/sbin/sysrc"
+		handle => "apache_editrc",
+		args => "apache24_enable=yes",
+		inform=>"false";
+	debian|centos::
+		"/bin/true" handle => "apache_editrc",
+		inform => "false";
+
+files:
+	"$(apache.www_dir)/."
+	create=>"true",
+	perms => uperm("root","root","755"),
+	handle => "apache_www_dir_created";	
+
+	"$(apache.default_html_dir)/."
+	create=>"true",
+	perms => uperm("$(apache.www_user)","$(apache.www_group)","755"),
+	depends_on => {"apache_www_dir_created"},
+	handle=>"apache_default_html_dir_created";
+
+	"$(apache.cfg_dir)/Vhosts/dummy.conf"
+	create=>"true",
+	content=>"",
+	perms => uperm("root","root","644"),
+	handle=> "apache_vhost_dir_created";	
+
+	"$(apache.main_cfg)"
+		create => "true",
+		edit_template => "$(sys.workdir)/inputs/$(def.mfdomain)/templates/httpd.conf.mustache",
+		template_method => "mustache",
+		classes => if_repaired(apache_changed);
+
+services:
+	"$(apache.service_name)"
+		depends_on => {"apache_editrc","apache_vhost_dir_created"},
+		service_policy => "start",
+		handle => "apache_running";
+		
+	php_changed|apache_changed::
+		"$(apache.service_name)"
+		service_policy => "restart";
+}
+
+bundle agent restart_apache(arg)
+{
+commands:
+	"/bin/sh -c "
+		args =>  "'/bin/echo $(arg) > /dev/null  && /usr/bin/systemctl  restart $(apache.service_name)'";
+}
+
+
+bundle agent apache_vhost
+(site)
+{
+classes:
+	"delete" expression => $(site[disable]);
+	"use_ssl" expression => $(site[ssl]);
+vars:
+	"cert_file" string => "$(certbot.certbot_dir)/live/$(site[domain])";
+
+	"template_file" 
+	string => 
+		"$(sys.workdir)/inputs/$(def.mfdomain)/templates/httpd-vhost.conf.mustache";
+
+	"domain_file" string => "$(apache.cfg_dir)/Vhosts/$(site[domain]).conf";
+	"domain_dir" string => "$(apache.www_dir)/$(site[domain])/";
+
+use_ssl::
+	"vhostdeps" slist => {"apache_ssl_created$(site[domain])"};
+!use_ssl::
+	"vhostdeps" slist => {};
+files:
+
+	delete::
+		"$(domain_file)"
+		delete => tidy,
+		classes => if_repaired(apache_restart);
+		
+	!delete::
+		"$(domain_file)"
+		perms => uperm("$(apache.www_user)","$(apache.www_group)","644"),
+		create => "true",
+		edit_template => "$(template_file)",
+		template_method => "mustache",
+		handle => "vhost_cfg_done$(site[domain])",
+		depends_on => @(vhostdeps),
+		classes => if_repaired("apache_vhost_restart");
+
+		"$(domain_dir)."
+			create => "true",
+			perms => uperm("$(apache.www_user)","$(apache.www_group)","750");
+
+methods:
+	use_ssl::
+		"any" usebundle => certbot_cert(@(site),"$(apache.default_html_dir)","$(site[domain])"),
+		handle => "apache_ssl_created$(site[domain])";
+
+	
+		"apache_vhost_restart"::
+			"any" usebundle => restart_apache("$(site[domain])"),
+			depends_on => {"vhost_cfg_done$(site[domain])","apache_ssl_created$(site[domain])" };
+
+	!use_ssl::
+		"apache_vhost_restart"::
+			"any" usebundle => restart_apache("$(site[domain])"),
+			depends_on => {"vhost_cfg_done$(site[domain])" };
+
+
+
+reports:
+}
+