Inital commit

apache.cf

@@ -14,7 +14,6 @@ vars:
 	freebsd::
 		"pkgs" slist => {
 			"apache24",
-			"mod_php74"
 		};
 		"log_dir" string =>"/var/log/httpd";
 		"service_name" string => "apache24";
@@ -43,7 +42,6 @@ vars:
 	debian::
 		"pkgs" slist => {
 			"apache2",
-			"libapache2-mod-php",
 			"libapache2-mod-svn",
 		};
 		"log_dir" string =>"/var/log/apache2";
@@ -70,7 +68,6 @@ vars:
 		"pkgs" slist => {
 			"httpd",
 			"mod_ssl",
-			"libapache2-mod-php",
 			"libapache2-mod-svn",
 		};
 	fedora::
@@ -123,6 +120,45 @@ vars:
 }
 
 
+bundle agent install_apache_php
+{
+vars:
+	freeebsd::
+		"pkgs" slist => {"mod_php74"};
+	debian::
+		"pkgs" slist => {"libapache2-mod-php"};
+	centos::
+		"pkgs" slist => {"libapache2-mod-php"};
+
+packages:
+	freebsd::
+		"$(pkgs)"
+			policy => "present",
+			package_module => pkg,
+			handle => "apache_php_installed",
+			classes => if_repaired(apache_changed);
+	debian::
+		"$(pkgs)"
+			policy => "present",
+			package_module => apt_get,
+			handle => "apache_php_installed",
+			depends_on => { "apache_mpm_event_disabled" },
+			classes => if_repaired(apache_changed);
+	fedora|centos::
+		"$(pkgs)"
+			policy => "present",
+			package_module => yum,
+			handle => "apache_php_installed",
+			classes => if_repaired(apache_changed);
+
+commands:
+	"/bin/sh" 
+	args => "-c '/usr/sbin/a2dismod mpm_event > /dev/null'",
+	inform=>"false",
+	handle => "apache_mpm_event_disabled";
+
+}
+
 bundle agent install_apache(raw)
 {
 classes:
@@ -132,17 +168,23 @@ packages:
 		"$(apache.pkgs)"
 			policy => "present",
 			package_module => pkg,
+			handle => "apache_pkgs_installed",
 			classes => if_repaired(apache_changed);
 	debian::
 		"$(apache.pkgs)"
 			policy => "present",
 			package_module => apt_get,
+			handle => "apache_pkgs_installed",
 			classes => if_repaired(apache_changed);
 	fedora|centos::
 		"$(apache.pkgs)"
 			policy => "present",
 			package_module => yum,
+			handle => "apache_pkgs_installed",
 			classes => if_repaired(apache_changed);
+methods:
+	"any" usebundle => install_apache_php,
+		depends_on => { "apache_pkgs_installed" };
 commands:
 	freebsd::
 		"/usr/sbin/sysrc"
@@ -157,6 +199,7 @@ files:
 	"$(apache.www_dir)/."
 	create=>"true",
 	perms => uperm("root","root","755"),
+	depends_on => { "apache_pkgs_installed" },
 	handle => "apache_www_dir_created";	
 
 	"$(apache.default_html_dir)/."
@@ -169,6 +212,7 @@ files:
 	create=>"true",
 	content=>"",
 	perms => uperm("root","root","644"),
+	depends_on => { "apache_pkgs_installed" },
 	handle=> "apache_vhost_dir_created";	
 
 	"$(apache.main_cfg)"
@@ -176,6 +220,7 @@ files:
 		edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/httpd.conf.mustache",
 		template_method => "mustache",
 		handle => "apache_main_cfg_crreated",
+		depends_on => { "apache_pkgs_installed","apache_php_installed" },
 		classes => if_repaired(apache_changed);
 
 services:

lib.cf

@@ -7,7 +7,108 @@ body perms uperm(user,group,mode)
         mode => "$(mode)";
         rxdirs => "false";
         groups => { "$(group)" };
-        owners => { "$(user)" };
+	owners => { "$(user)" };
+}
+
+
+#
+# wmdelib.cf
+#
+
+bundle agent wmde_install_packages(pkgs,name)
+{
+packages:
+	freebsd::
+		"$(pkgs)"
+			policy => "present",
+			package_module => pkg,
+			classes => if_repaired("$(name)_repaired"),
+			classes => if_ok("$(name)_ok");
+	debian::
+		"$(pkgs)"
+			policy => "present",
+			package_module => apt_get,
+			classes => if_repaired("$(name)_repaired"),
+			classes => if_ok("$(name)_ok");
+}
+
+body perms wmde_perms(user,group,mode)
+{
+	owners => { "$(user)" };
+	groups => { "$(group)" };
+	mode => "$(mode)";
+	rxdirs=>"false";
+}
+
+
+
+
+bundle agent wmde_srv(service_name,cmd)
+{
+
+classes:
+	"start" expression => strcmp("start","$(cmd)");
+	"restart" expression => strcmp("restart",cmd);
+
+
+commands:
+	freebsd::
+        "/bin/sh"
+        args => "-c '/usr/sbin/service $(service_name) onestatus > /dev/null &&  echo +$(service_name)_running || echo -$(service_name)_running'",
+	inform => "false",
+	module => "true",
+	handle => "$(service_name)_status_tested";
+
+	"!$(service_name)_running&start"::
+	"/bin/sh"
+        args => "-c '/usr/sbin/service $(service_name) onestart 2> /dev/null > /dev/null &&  echo +$(service_name)_started || echo -$(service_name)_started'",
+	module => "true",
+	depends_on => {"$(service_name)_status_tested"};
+	
+	"!$(service_name)_running&restart"::
+	"/bin/sh"
+        args => "-c '/usr/sbin/service $(service_name) onerestart 2> /dev/null > /dev/null &&  echo +$(service_name)_started || echo -$(service_name)_started'",
+	module => "true",
+	depends_on => {"$(service_name)_status_tested"};
+	
+
+
+reports:
+	start::
+#		"MUST START";
+	!start::
+#		"MUST NOT START";
+
+     #   running::
+     #           "Server $(service_name) - running";
+     #   !running::
+     #           "Server $(service_name) - not running";
+
+
+}
+
+
+body service_method wmde
+{
+	service_type => "generic";
+	service_bundle => wmde_srv ($(this.promiser), $(this.service_policy));
+}
+
+
+
+
+bundle agent wmde_service(service_name,start_cond, restart_cond)
+{
+services:
+	"$(start_cond)"::
+		"$(service_name)"
+			service_policy => "start";
+		
+	"$(restart_cond)"::
+		"$(service_name)"
+			service_policy => "restart";
+reports:
+	"SERVICE $(service_name) - Start on: $(start_cond) Restart if: $(restart_cond)";
 }
 
 

rspamd.cf

@@ -0,0 +1,86 @@
+#
+#
+#
+
+bundle agent rspamd(cfg)
+{
+vars:
+	"cfgfiles" slist => {
+		"local.d/milter_headers.conf",
+#		"local.d/actions.conf",
+      		"local.d/worker-normal.inc",
+#		"local.d/worker-proxy.inc",
+#		"local.d/worker-controller.inc",
+#		"local.d/classifier-bayes.conf",
+#		"local.d/worker-fuzzy.inc",
+#		"local.d/fuzzy_check.conf"
+	};
+
+	freebsd::
+		"pkgs" slist => {"rspamd"};
+		"cfg_dir" string => "/usr/local/etc/rspamd";
+		"service_name" string => "rspamd";
+		"root_user" string => "root";
+		"root_group" string => "wheel";
+
+	debian::
+		"pkgs" slist => {"rspamd"};
+		"cfg_dir" string => "/etc/rspamd";
+		"service_name" string => "rspamd";
+		"root_user" string => "root";
+		"root_group" string => "root";
+packages:
+	freebsd::
+		"$(rspamd.pkgs)"
+			policy => "present",
+			package_module => pkg,
+			handle => "rspamd_pkg_installed",
+			classes => if_repaired(rspamd_changed);
+	debian::
+		"$(rspamd.pkgs)"
+			policy => "present",
+			package_module => apt_get,
+			handle => "rspamd_pkg_installed",
+			classes => if_repaired(rspamd_changed);
+	fedora|centos::
+		"$(rspamd.pkgs)"
+			policy => "present",
+			package_module => yum,
+			handle => "rspamd_pkg_installed",
+			classes => if_repaired(rspamd_changed);
+files:
+	"$(cfg_dir)/."
+	perms => uperm("$(root_user)","$(root_group)","755"),
+	depends_on => { "rspamd_pkg_installed" },
+	handle => "rspamd_cfg_dir_created";
+
+	"$(cfg_dir)/$(cfgfiles)"
+	create => "true",
+	edit_template => "$(sys.workdir)/inputs/$(def.wmde_libdir)/templates/rspamd/$(cfgfiles).mustache",
+	template_method => "mustache",
+	perms => uperm("$(root_user)","$(root_group)","644"),
+	template_data => bundlestate("$(this.bundle)"),
+	depends_on => { "rspamd_pkg_installed","rspamd_cfg_dir_created" },
+	classes => if_repaired(rspamd_restart),
+	handle => "rspamd_cfgs_done";
+
+
+services:
+	"$(service_name)"
+	service_policy => "start",
+	depends_on => { "rspamd_cfgs_done" },
+	handle => "rspamd_running";
+
+	rspamd_restart::
+		"$(service_name)"
+		service_policy => "restart",
+		depends_on => { "rspamd_running", "rspamd_cfgs_done"};
+
+reports:
+#	"RSPAMD: $(cfgjs)";
+#	"RSJ: $(worker_normalx)";
+
+}
+
+
+

templates/rspamd/local.d/milter_headers.conf.mustache

@@ -0,0 +1,12 @@
+#
+# Managed by CFEngine
+#
+
+use = ["x-spamd-bar", "x-spam-level", "authentication-results"];
+
+local_headers = ["x-spamd-bar"];
+extended_spam_headers = true;
+skip_local = false;
+skip_authenticated = true;
+
+

templates/rspamd/local.d/worker-normal.inc.mustache

@@ -0,0 +1,5 @@
+#
+# Managed by CFEngine
+#
+{{cfg.worker_normal}}
+