Some fedora support

apache.cf

@@ -36,6 +36,7 @@ vars:
 			{m: "version",f:"mod_version"},
 			{m: "unixd",f:"mod_unixd"},
 			{m: "php7",f:"libphp7"},
+			{m: "ssl",f:"mod_ssl"}
 		]';
 
 
@@ -60,18 +61,49 @@ vars:
 		"server_root" string => "/usr";
 
 		"modules" data => '[
-			{m:"php",f:"libphp8.2"}
+			{m:"php",f:"libphp8.2"},
+			{m:"ssl",f:"mod_ssl"},
 		]';
 
 
 	centos::
 		"pkgs" slist => {
 			"httpd",
+			"mod_ssl",
 			"libapache2-mod-php",
 			"libapache2-mod-svn",
 		};
+	fedora::
+		"pkgs" slist => {
+			"httpd",
+	#		"mod_ssl",
+		};
+	fedora|centos::
+		"log_dir" string =>"/var/log/httpd";
 		"service_name" string => "httpd";
+		"restart_cmd" string => "/usr/bin/systemctl restart $(service_name)";
+		"www_user" string => "apache";
+		"www_group" string => "apache";
+		"mime_types" string => "/etc/mime.types";
+		"www_dir" string => "/var/www",unless => isvariable( $(this.promiser) ) ;
+		"default_html_dir" string => "$(www_dir)/html";
+		"etc_dir" string => "/etc";
+		"cfg_dir" string => "$(etc_dir)/httpd";
 
+		"main_cfg" string => "$(cfg_dir)/conf/httpd.conf";
+		"libexec_dir" string => "$(cfg_dir)/modules";
+		"server_root" string => "/var";
+
+		"modules" data => '[ 
+			{m: "autoindex",f:"mod_autoindex"},
+			{m: "log_config",f:"mod_log_config"},
+			{m: "version",f:"mod_version"},
+			{m: "unixd",f:"mod_unixd"},
+		]';
+	#		{m: "php",f:"libphp8"},
+
+
+	
 	ubuntu_20::
 		"phpm" string => "php7";
 	ubuntu_22::
@@ -105,7 +137,7 @@ packages:
 			policy => "present",
 			package_module => apt_get,
 			classes => if_repaired(apache_changed);
-	centos::
+	fedora|centos::
 		"$(apache.pkgs)"
 			policy => "present",
 			package_module => yum,
@@ -235,3 +267,12 @@ methods:
 reports:
 }
 
+
+bundle agent configure_apache(sites)
+{
+vars:
+	"idx" slist => getindices(@(sites));
+methods:
+	"any" usebundle => apache_vhost($(sites[$idx]));
+	
+}

certbot.cf

@@ -40,6 +40,21 @@ packages:
 			policy => "present",
 			package_module => apt_get,
 			handle => "certbot_installed";
+files:
+	freebsd::
+		"/etc/cron.d/certbot"
+			create => "true",
+			copy_from => local_cp("$(sys.workdir)/inputs/$(def.mfdomain)/templates/certbot-cron.mustache");
+	
+#			content => '# 
+# Managed by CFEngine
+#
+#SHELL=/bin/sh
+#PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+
+#0 */12 * * * root certbot -q renew --no-random-sleep-on-renew
+
+#';
 }
 
 bundle agent certbot_cert(site,webroot)

templates/certbot-cron.mustache

@@ -0,0 +1,8 @@
+# 
+# Managed by CFEngine
+#
+SHELL=/bin/sh
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+
+0 */12 * * * root certbot -q renew --no-random-sleep-on-renew
+

templates/httpd.conf.mustache

@@ -56,7 +56,11 @@ Listen 443
 
 # Go ahead and accept connections for these vhosts
 # from non-SNI clients
+
+<IfModule ssl_module>
 SSLStrictSNIVHostCheck on
+</ifModule>
+
 #NameVirtualHost *:80
 #NameVirtualHost *:443
 ServerName localhost
@@ -156,7 +160,7 @@ LoadModule setenvif_module {{vars.apache.libexec_dir}}/mod_setenvif.so
 #LoadModule session_dbd_module {{vars.apache.libexec_dir}}/mod_session_dbd.so
 #LoadModule slotmem_shm_module {{vars.apache.libexec_dir}}/mod_slotmem_shm.so
 #LoadModule slotmem_plain_module {{vars.apache.libexec_dir}}/mod_slotmem_plain.so
-LoadModule ssl_module {{vars.apache.libexec_dir}}/mod_ssl.so
+#LoadModule ssl_module {{vars.apache.libexec_dir}}/mod_ssl.so
 #LoadModule dialup_module {{vars.apache.libexec_dir}}/mod_dialup.so
 #LoadModule http2_module {{vars.apache.libexec_dir}}/mod_http2.so
 #LoadModule proxy_http2_module {{vars.apache.libexec_dir}}/mod_proxy_http2.so