Initial commit

apache.cf

@@ -339,6 +339,7 @@ classes:
 	"delete" expression => $(site[disable]);
 	"use_ssl" expression => $(site[ssl]);
 	"use_certbot" expression => strcmp("certbot","$(site[ssl_cert])");
+	"do_logrotate" expression => $(site[logrotate]);
 
 vars:
 		#	"email":$(apache.admin_email),
@@ -350,7 +351,10 @@ vars:
 			"doc_root":"$(apache.www_dir)/$(site_param[domain])",
 			"doc_root_options":"Indexes FollowSymLinks",
 			"php":true,
-			"php_handler":"$(apache.default_php_handler)"
+			"php_handler":"$(apache.default_php_handler)",
+			"logging80":true,
+			"logging443":true,
+			"logrotate":false,
 		}
 	';
 
@@ -420,6 +424,16 @@ methods:
 			"any" usebundle => restart_apache("$(site[domain])"),
 			depends_on => {"vhost_cfg_done$(site[domain])" };
 
+	"any" usebundle => install_logrot;
+
+files:
+	do_logrotate::
+	"$(logrot.dir)/$(site[domain])"
+	create => "true",
+	edit_defaults => backup("false"),
+	edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/httpd-weblogrot.mustache",
+	template_method => "mustache";
+
 commands:
 	
 
@@ -432,6 +446,11 @@ commands:
 
 
 reports:
+#	"SITE: $(site[domain]): $(site[logrotate])";
+#	!do_logrotate::
+#		"LOGOROOTATE FOR $(site[domain]): FALSE";
+#	do_logrotate::
+#		"LOGOROOTATE FOR $(site[domain]): TRUE";
 }
 
 
@@ -483,7 +502,7 @@ any::
 	}';
 
 	"template_file" 
-	string => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/weblogrot.mustache";
+	string => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/httpd-weblogrot-matomo.mustache";
 
 methods:
 	"any" usebundle => install_logrot;

lib.cf

@@ -408,3 +408,33 @@ files:
 		classes => results("namespace","etc_hosts");
 }
 
+
+bundle agent cron
+{
+vars:
+	"cron_d" string => "/etc/cron.d";
+	freebsd::
+	"cron_d" string => "/usr/local/etc/cron.d";
+files:
+	"$(cron_d)/."
+	create => "true",
+	handle => "cron_d_created";
+
+}
+
+bundle agent create_cron_job(name,time,command)
+{
+methods:
+	"any" usebundle => cron;
+files:
+	"$(cron.cron_d)/$(name)"
+	create => "true",
+	content => "#
+# Managed by CFEngin 
+#
+
+$(time) $(command)
+",
+	depends_on => {"cron_d_created"};
+}
+

logrot.cf

@@ -10,16 +10,21 @@ vars:
 	};
 	freebsd::
 		"dir" string => "/usr/local/etc/logrotate.d";
+		"cmd" string => "/usr/local/sbin/logrotate";
+		"conf" string => "/usr/local/etc/logrotate.conf";
 	debian::
 		"dir" string => "/etc/logrotate.d";
 	centos::
 		"dir" string => "/etc/logrotate.d";
 
+		
 }
 
 bundle agent install_logrot
 {
 methods:
-	"any" usebundle => wmde_install_packages(@(logrot.pkgs),"logrot");
+	"any" usebundle => wmde_install_packages(@(logrot.pkgs),"logrotate");
+	freebsd::
+	"any" usebundle => create_cron_job("logrotate","0 0 * * *","root $(logrot.cmd) $(logrot.conf)");
 }
 

templates/gitea-app.ini.mustache

@@ -0,0 +1,95 @@
+#
+# Sample Configuration for Gitea using SQLite
+#
+# For information on the available settings, consult the online
+# documentation, or see the accompanying file app.ini.defaults, which
+# contains the settings incorporated into the gitea binary.
+#
+# This sample configuration runs Gitea with a local database.  Before
+# running this configuration, make sure to change the INTERNAL_TOKEN,
+# JWT_SECRET, and SECRET_KEY variables.  SECRET_KEY is a password of your
+# choosing, INTERNAL_TOKEN is a 64-byte random number in BASE64 encoding,
+# JWT_SECRET is a 32-byte random number in BASE64 encoding.
+# 
+# You can generate the token using for example:
+#   openssl rand -base64 64
+# 
+# You can let Gitea add these to the config for you; you need to make
+# app.ini writeable by the git user.
+#
+# There are no pre-configured users; the first user to register becomes an
+# admin.  In this sample configuration, the HTTP server only listens on
+# localhost.
+#
+# If you'd rather use the web-based installer, remove this conf/app.ini file
+# and make /usr/local/etc/gitea/conf writeable to the git user.
+
+APP_NAME = Gitea: Git with a cup of tea
+RUN_USER = git
+RUN_MODE = prod
+
+[database]
+DB_TYPE  = sqlite3
+HOST     = 127.0.0.1:3306
+NAME     = gitea
+PASSWD   = 
+PATH     = /var/gitea/gitea.db
+SSL_MODE = disable
+USER     = root
+
+[indexer]
+ISSUE_INDEXER_PATH = /var/gitea/indexers/issues.bleve
+
+[log]
+ROOT_PATH = /var/gitea/log
+MODE      = file
+LEVEL     = Info
+
+[mailer]
+ENABLED = false
+
+[oauth2]
+JWT_SECRET = D56bmu6xCtEKs9vKKgMKnsa4X9FDwo64HVyaS4fQ4mY
+
+[picture]
+AVATAR_UPLOAD_PATH      = /var/gitea/data/avatars
+DISABLE_GRAVATAR        = false
+ENABLE_FEDERATED_AVATAR = false
+
+[repository]
+ROOT = /var/gitea/repos
+# Gitea's default is 'bash', so if you have bash installed, you can comment
+# this out.
+SCRIPT_TYPE = sh
+DEFAULT_BRANCH = master
+
+[repository.upload]
+TEMP_PATH = /var/gitea/data/tmp/uploads
+
+[security]
+INSTALL_LOCK = true
+INTERNAL_TOKEN = 1FFhAklka01JhgJTRUrFujWYiv4ijqcTIfXJ9o4n1fWxz+XVQdXhrqDTlsnD7fvz7gugdhgkx0FY2Lx6IBdPQw==
+SECRET_KEY   = ChangeMeBeforeRunning
+IMPORT_LOCAL_PATHS = true
+
+[session]
+PROVIDER = file
+PROVIDER_CONFIG = /var/gitea/data/sessions
+
+[server]
+DOMAIN       = localhost
+HTTP_ADDR    = 0.0.0.0
+HTTP_PORT    = 3033
+ROOT_URL     = https://git.planix.org/
+DISABLE_SSH  = false
+SSH_DOMAIN   = %(DOMAIN)s
+SSH_PORT     = 22
+OFFLINE_MODE = false
+APP_DATA_PATH = /var/gitea/data
+
+[service]
+REGISTER_EMAIL_CONFIRM = false
+ENABLE_NOTIFY_MAIL     = false
+DISABLE_REGISTRATION   = false
+ENABLE_CAPTCHA         = true
+REQUIRE_SIGNIN_VIEW    = false

templates/httpd-vhost.conf.mustache

@@ -23,8 +23,10 @@
 	RewriteRule "^/.well-known/acme-challenge/" - [L]
 	DocumentRoot "{{vars.apache_vhost.site.doc_root}}"
 	ServerAlias {{#vars.apache_vhost.site.aliases}}{{.}} {{/vars.apache_vhost.site.aliases}}
+	{{#vars.apache_vhost.site.logging80}}
 	ErrorLog "{{vars.apache.log_dir}}/{{vars.apache_vhost.site.domain}}-error.log"
 	CustomLog "{{vars.apache.log_dir}}/{{vars.apache_vhost.site.domain}}-access.log" combined
+	{{/vars.apache_vhost.site.logging80}}
 	{{vars.apache_vhost.site.raw}}
 </VirtualHost>
 {{/vars.apache_vhost.site.ssl}}
@@ -44,8 +46,11 @@
 	DocumentRoot "{{vars.apache_vhost.site.doc_root}}"
 	ServerName {{vars.apache_vhost.site.domain}}
 	ServerAlias {{#vars.apache_vhost.site.aliases}}{{.}} {{/vars.apache_vhost.site.aliases}}
+
+	{{#vars.apache_vhost.site.logging443}}
 	ErrorLog "{{vars.apache.log_dir}}/{{vars.apache_vhost.site.domain}}-error.log"
 	CustomLog "{{vars.apache.log_dir}}/{{vars.apache_vhost.site.domain}}-access.log" combined
+	{{/vars.apache_vhost.site.logging443}}
 	# SSL
 	SSLEngine on
 #	SSLCertificateFile {{vars.certbot.certbot_dir}}/live/{{vars.apache_vhost.site.domain}}/fullchain.pem

templates/httpd-weblogrot-matomo.mustache

@@ -0,0 +1,18 @@
+{{vars.apache.log_dir}}/{{vars.apache_matomo.site.domain}}-access.log {
+	rotate 30
+	size 100k
+
+	postrotate
+	service {{vars.apache.service_name}} restart ; {{{vars.apache_matomo.logger_script}}}  
+    endscript
+}
+
+{{vars.apache.log_dir}}/{{vars.apache_matomo.site.domain}}-error.log {
+	rotate 30
+	size 100k
+
+	postrotate
+	service {{vars.apache.service_name}} restart 
+    endscript
+}
+

templates/httpd-weblogrot.mustache

@@ -0,0 +1,18 @@
+{{vars.apache.log_dir}}/{{vars.apache_vhost.site.domain}}-access.log {
+	rotate 30
+	size 100k
+
+	postrotate
+	service {{vars.apache.service_name}} restart 
+    endscript
+}
+
+{{vars.apache.log_dir}}/{{vars.apache_vhost.site.domain}}-error.log {
+	rotate 30
+	size 100k
+
+	postrotate
+	service {{vars.apache.service_name}} restart 
+    endscript
+}
+