Compare commits

..

3 Commits

Author SHA1 Message Date
Tobias Herre 045f173665 Can be configured to use ssl or not 2023-09-30 09:58:07 +02:00
Tobias Herre 8d36fbc71f Fixed: acces to site[index] 2023-09-29 11:03:22 +02:00
Tobias Herre e5f2db9f9f renamed to apache_vhosts 2023-09-29 08:56:45 +02:00
3 changed files with 39 additions and 15 deletions

View File

@ -118,11 +118,12 @@ vars:
{m: "dav",f:"mod_dav"}, {m: "dav",f:"mod_dav"},
{m: "dav_svn", f:"mod_dav_svn"}, {m: "dav_svn", f:"mod_dav_svn"},
{m: "authz_svn", f:"mod_authz_svn"}, {m: "authz_svn", f:"mod_authz_svn"},
{m: "ssl",f:"mod_ssl"}
]'; ]';
} }
bundle agent install_apache(params) bundle agent install_apache(raw)
{ {
classes: classes:
@ -203,10 +204,14 @@ bundle agent apache_vhost
classes: classes:
"delete" expression => $(site[disable]); "delete" expression => $(site[disable]);
"use_ssl" expression => $(site[ssl]); "use_ssl" expression => $(site[ssl]);
"use_certbot" expression => strcmp("certbot","$(site[ssl_cert])");
vars: vars:
"site_defaults" data => ' "site_defaults" data => '
{ {
"aliases":[], "aliases":[],
"ssl_cert":"certbot",
"email":"$(apache.admin_email)"
} }
'; ';
@ -222,11 +227,18 @@ vars:
"domain_file" string => "$(apache.cfg_dir)/Vhosts/$(site[domain]).conf"; "domain_file" string => "$(apache.cfg_dir)/Vhosts/$(site[domain]).conf";
"domain_dir" string => "$(apache.www_dir)/$(site[domain])/"; "domain_dir" string => "$(apache.www_dir)/$(site[domain])/";
use_ssl:: "ssl_cert" string => ifelse( use_certbot,
"$(certbot.certbot_dir)/live/$(site[domain])/fullchain.pem",
"$(site[ssl_cert])");
"ssl_key" string => ifelse( use_certbot,
"$(certbot.certbot_dir)/live/$(site[domain])/privkey.pem",
"$(site[ssl_key])");
use_ssl&(use_certbot)::
"vhostdeps" slist => {"apache_ssl_created$(site[domain])"}; "vhostdeps" slist => {"apache_ssl_created$(site[domain])"};
!use_ssl:: (!use_ssl)|(!use_certbot)::
"vhostdeps" slist => {}; "vhostdeps" slist => {};
files: files:
delete:: delete::
"$(domain_file)" "$(domain_file)"
@ -248,16 +260,16 @@ files:
perms => uperm("$(apache.www_user)","$(apache.www_group)","750"); perms => uperm("$(apache.www_user)","$(apache.www_group)","750");
methods: methods:
use_ssl:: use_ssl&use_certbot::
"any" usebundle => certbot_cert(@(site),"$(apache.default_html_dir)"), #,"$(site[domain])"), "any" usebundle => certbot_cert(@(site),"$(apache.default_html_dir)"), #,"$(site[domain])"),
handle => "apache_ssl_created$(site[domain])"; handle => "apache_ssl_created$(site[domain])";
"apache_vhost_restart":: "apache_vhost_restart"::
"any" usebundle => restart_apache("$(site[domain])"), "any" usebundle => restart_apache("$(site[domain])"),
depends_on => {"vhost_cfg_done$(site[domain])","apache_ssl_created$(site[domain])" }; depends_on => {"vhost_cfg_done$(site[domain])","apache_ssl_created$(site[domain])" };
!use_ssl::
(!use_ssl)|(!use_certbot)::
"apache_vhost_restart":: "apache_vhost_restart"::
"any" usebundle => restart_apache("$(site[domain])"), "any" usebundle => restart_apache("$(site[domain])"),
depends_on => {"vhost_cfg_done$(site[domain])" }; depends_on => {"vhost_cfg_done$(site[domain])" };
@ -265,14 +277,24 @@ methods:
reports: reports:
# "SSL_CERT: $(ssl_cert) $(ssl_key) ";
# use_ssl::
# "USE SSL";
# !use_ssl::
# "NOT USE_SSL";
# "RAW: $(site[raw])";
} }
bundle agent configure_apache(sites) bundle agent apache_vhosts(sites)
{ {
vars: vars:
"idx" slist => getindices(@(sites)); "idx" slist => getindices(@(sites));
methods: methods:
"any" usebundle => apache_vhost($(sites[$idx])); "any" usebundle => apache_vhost(@(sites[$(idx)]));
reports:
# "IDXE $(idx)";
} }

View File

@ -44,12 +44,14 @@
CustomLog "{{vars.apache.log_dir}}/{{vars.apache_vhost.site.domain}}-access.log" combined CustomLog "{{vars.apache.log_dir}}/{{vars.apache_vhost.site.domain}}-access.log" combined
# SSL # SSL
SSLEngine on SSLEngine on
SSLCertificateFile {{vars.certbot.certbot_dir}}/live/{{vars.apache_vhost.site.domain}}/fullchain.pem # SSLCertificateFile {{vars.certbot.certbot_dir}}/live/{{vars.apache_vhost.site.domain}}/fullchain.pem
SSLCertificateKeyFile {{vars.certbot.certbot_dir}}/live/{{vars.apache_vhost.site.domain}}/privkey.pem # SSLCertificateKeyFile {{vars.certbot.certbot_dir}}/live/{{vars.apache_vhost.site.domain}}/privkey.pem
SSLCertificateFile {{vars.apache_vhost.ssl_cert}}
SSLCertificateKeyFile {{vars.apache_vhost.ssl_key}}
RewriteEngine On RewriteEngine On
Alias /.well-known/acme-challenge/ "{{vars.apache.default_html_dir}}/.well-known/acme-challenge/" Alias /.well-known/acme-challenge/ "{{vars.apache.default_html_dir}}/.well-known/acme-challenge/"
RewriteRule "^/.well-known/acme-challenge/" - [L] RewriteRule "^/.well-known/acme-challenge/" - [L]
{{vars.apache_vhost.site.raw}} {{{vars.apache_vhost.site.raw}}}
</VirtualHost> </VirtualHost>
{{/vars.apache_vhost.site.ssl}} {{/vars.apache_vhost.site.ssl}}

View File

@ -581,7 +581,7 @@ SSLRandomSeed connect builtin
</VirtualHost> </VirtualHost>
{{vars.install_apache.raw}}
Include {{vars.apache.cfg_dir}}/Vhosts/*.conf Include {{vars.apache.cfg_dir}}/Vhosts/*.conf