kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 26 Pull Requests 2 Projects 2 Activity
chef/cookbooks/apache2/attributes/default.rb
Greg Karékinian a32f34b408 Vendor the external cookbooks 
Knife-Zero doesn't include Berkshelf support, so vendoring everything in
the repo is convenient again
2019-10-13 19:17:42 +02:00

356 lines
14 KiB
Ruby
Raw Blame History

#
# Cookbook:: apache2
# Attributes:: default
#
# Copyright:: 2008-2013, Chef Software, Inc.
# Copyright:: 2014, Viverae, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
default['apache']['mpm'] =
case node['platform_family']
when 'debian'
case node['platform']
when 'ubuntu'
if node['platform_version'].to_f >= 14.04
'event'
elsif node['platform_version'].to_f >= 12.04
'worker'
else
'prefork'
end
when 'debian'
node['platform_version'].to_f >= 7.0 ? 'worker' : 'prefork'
when 'linuxmint'
node['platform_version'].to_i >= 17 ? 'event' : 'prefork'
else
'prefork'
end
when 'suse'
'prefork'
when 'rhel'
'prefork'
when 'amazon'
'prefork'
else
'prefork'
end
default['apache']['version'] =
case node['platform_family']
when 'debian'
case node['platform']
when 'ubuntu'
node['platform_version'].to_f >= 13.10 ? '2.4' : '2.2'
when 'linuxmint'
node['platform_version'].to_i >= 16 ? '2.4' : '2.2'
when 'debian', 'raspbian'
node['platform_version'].to_f >= 8.0 ? '2.4' : '2.2'
else
'2.4'
end
when 'amazon'
node['platform_version'].to_f >= 2013.09 ? '2.4' : '2.2'
when 'rhel'
case node['platform']
when 'amazon'
node['platform_version'].to_f >= 2013.09 ? '2.4' : '2.2'
else
node['platform_version'].to_f >= 7.0 ? '2.4' : '2.2'
end
when 'fedora'
'2.4'
when 'suse'
case node['platform']
when 'suse'
node['platform_version'].to_f >= 12.1 ? '2.4' : '2.2'
else
'2.4'
end
when 'freebsd'
'2.4'
end
default['apache']['root_group'] = 'root'
default['apache']['default_site_name'] = 'default'
# Where the various parts of apache are
case node['platform']
when 'redhat', 'centos', 'scientific', 'fedora', 'amazon', 'oracle'
if node['platform'] == 'amazon'
if node['apache']['version'] == '2.4'
default['apache']['package'] = 'httpd24'
default['apache']['devel_package'] = 'httpd24-devel'
else
default['apache']['package'] = 'httpd22'
default['apache']['devel_package'] = 'httpd22-devel'
end
else
default['apache']['package'] = 'httpd'
default['apache']['devel_package'] = 'httpd-devel'
end
default['apache']['service_name'] = 'httpd'
default['apache']['perl_pkg'] = 'perl'
default['apache']['apachectl'] = '/usr/sbin/apachectl'
default['apache']['dir'] = '/etc/httpd'
default['apache']['log_dir'] = '/var/log/httpd'
default['apache']['error_log'] = 'error.log'
default['apache']['access_log'] = 'access.log'
default['apache']['user'] = 'apache'
default['apache']['group'] = 'apache'
default['apache']['binary'] = '/usr/sbin/httpd'
default['apache']['conf_dir'] = '/etc/httpd/conf'
default['apache']['docroot_dir'] = '/var/www/html'
default['apache']['cgibin_dir'] = '/var/www/cgi-bin'
default['apache']['icondir'] =
if node['apache']['version'] == '2.4'
'/usr/share/httpd/icons'
else
'/var/www/icons'
end
default['apache']['cache_dir'] = '/var/cache/httpd'
default['apache']['run_dir'] = '/var/run/httpd'
default['apache']['lock_dir'] = '/var/run/httpd'
default['apache']['pid_file'] =
if node['platform_version'].to_f >= 6
'/var/run/httpd/httpd.pid'
else
'/var/run/httpd.pid'
end
default['apache']['lib_dir'] = node['kernel']['machine'] =~ /^i[36]86$/ ? '/usr/lib/httpd' : '/usr/lib64/httpd'
default['apache']['libexec_dir'] = "#{node['apache']['lib_dir']}/modules"
when 'suse', 'opensuse', 'opensuseleap'
default['apache']['package'] = 'apache2'
default['apache']['perl_pkg'] = 'perl'
default['apache']['devel_package'] = 'httpd-devel'
default['apache']['apachectl'] = '/usr/sbin/apache2ctl'
default['apache']['dir'] = '/etc/apache2'
default['apache']['log_dir'] = '/var/log/apache2'
default['apache']['error_log'] = 'error.log'
default['apache']['access_log'] = 'access.log'
default['apache']['user'] = 'wwwrun'
default['apache']['group'] = 'www'
default['apache']['binary'] = '/usr/sbin/httpd2'
default['apache']['conf_dir'] = '/etc/apache2'
default['apache']['docroot_dir'] = '/srv/www/htdocs'
default['apache']['cgibin_dir'] = '/srv/www/cgi-bin'
default['apache']['icondir'] = '/usr/share/apache2/icons'
default['apache']['cache_dir'] = '/var/cache/apache2'
default['apache']['run_dir'] = '/var/run/httpd'
default['apache']['lock_dir'] = '/var/run/httpd'
default['apache']['pid_file'] =
if node['platform_version'].to_f > 11.4
'/var/run/httpd.pid'
else
'/var/run/httpd2.pid'
end
default['apache']['lib_dir'] = node['kernel']['machine'] =~ /^i[36]86$/ ? '/usr/lib/apache2' : '/usr/lib64/apache2'
default['apache']['libexec_dir'] = node['apache']['lib_dir']
when 'debian', 'ubuntu'
default['apache']['package'] = 'apache2'
default['apache']['perl_pkg'] = 'perl'
default['apache']['devel_package'] =
if node['apache']['mpm'] == 'prefork'
'apache2-prefork-dev'
else
'apache2-dev'
end
default['apache']['apachectl'] = '/usr/sbin/apache2ctl'
default['apache']['dir'] = '/etc/apache2'
default['apache']['log_dir'] = '/var/log/apache2'
default['apache']['error_log'] = 'error.log'
default['apache']['access_log'] = 'access.log'
default['apache']['user'] = 'www-data'
default['apache']['group'] = 'www-data'
default['apache']['binary'] = '/usr/sbin/apache2'
default['apache']['conf_dir'] = '/etc/apache2'
default['apache']['cgibin_dir'] = '/usr/lib/cgi-bin'
default['apache']['icondir'] = '/usr/share/apache2/icons'
default['apache']['cache_dir'] = '/var/cache/apache2'
default['apache']['run_dir'] = '/var/run/apache2'
default['apache']['lock_dir'] = '/var/lock/apache2'
# this should use COOK-3917 to educate the initscript of the pid location
if node['apache']['version'] == '2.4'
default['apache']['pid_file'] = '/var/run/apache2/apache2.pid'
default['apache']['docroot_dir'] = '/var/www/html'
else
default['apache']['pid_file'] = '/var/run/apache2.pid'
default['apache']['docroot_dir'] = '/var/www'
end
default['apache']['lib_dir'] = '/usr/lib/apache2'
default['apache']['build_dir'] = '/usr/share/apache2'
default['apache']['libexec_dir'] = "#{node['apache']['lib_dir']}/modules"
default['apache']['default_site_name'] = '000-default'
when 'arch'
default['apache']['package'] = 'apache'
default['apache']['service_name'] = 'httpd'
default['apache']['perl_pkg'] = 'perl'
# default['apache']['apachectl'] = '/usr/sbin/apachectl'
default['apache']['dir'] = '/etc/httpd'
default['apache']['log_dir'] = '/var/log/httpd'
default['apache']['error_log'] = 'error.log'
default['apache']['access_log'] = 'access.log'
default['apache']['user'] = 'http'
default['apache']['group'] = 'http'
default['apache']['binary'] = '/usr/sbin/httpd'
default['apache']['conf_dir'] = '/etc/httpd'
default['apache']['docroot_dir'] = '/srv/http'
default['apache']['cgibin_dir'] = '/usr/share/httpd/cgi-bin'
default['apache']['icondir'] = '/usr/share/httpd/icons'
default['apache']['cache_dir'] = '/var/cache/httpd'
default['apache']['run_dir'] = '/var/run/httpd'
default['apache']['lock_dir'] = '/var/run/httpd'
default['apache']['pid_file'] = '/var/run/httpd/httpd.pid'
default['apache']['lib_dir'] = '/usr/lib/httpd'
default['apache']['libexec_dir'] = "#{node['apache']['lib_dir']}/modules"
when 'freebsd'
default['apache']['package'] = 'apache24'
default['apache']['dir'] = '/usr/local/etc/apache24'
default['apache']['conf_dir'] = '/usr/local/etc/apache24'
default['apache']['docroot_dir'] = '/usr/local/www/apache24/data'
default['apache']['cgibin_dir'] = '/usr/local/www/apache24/cgi-bin'
default['apache']['icondir'] = '/usr/local/www/apache24/icons'
default['apache']['cache_dir'] = '/var/cache/apache24'
default['apache']['run_dir'] = '/var/run'
default['apache']['lock_dir'] = '/var/run'
default['apache']['lib_dir'] = '/usr/local/libexec/apache24'
default['apache']['devel_package'] = 'httpd-devel'
default['apache']['perl_pkg'] = 'perl5'
default['apache']['apachectl'] = '/usr/local/sbin/apachectl'
default['apache']['pid_file'] = '/var/run/httpd.pid'
default['apache']['log_dir'] = '/var/log'
default['apache']['error_log'] = 'httpd-error.log'
default['apache']['access_log'] = 'httpd-access.log'
default['apache']['root_group'] = 'wheel'
default['apache']['user'] = 'www'
default['apache']['group'] = 'www'
default['apache']['binary'] = '/usr/local/sbin/httpd'
default['apache']['libexec_dir'] = node['apache']['lib_dir']
else
default['apache']['package'] = 'apache2'
default['apache']['devel_package'] = 'apache2-dev'
default['apache']['perl_pkg'] = 'perl'
default['apache']['dir'] = '/etc/apache2'
default['apache']['log_dir'] = '/var/log/apache2'
default['apache']['error_log'] = 'error.log'
default['apache']['access_log'] = 'access.log'
default['apache']['user'] = 'www-data'
default['apache']['group'] = 'www-data'
default['apache']['binary'] = '/usr/sbin/apache2'
default['apache']['conf_dir'] = '/etc/apache2'
default['apache']['docroot_dir'] = '/var/www'
default['apache']['cgibin_dir'] = '/usr/lib/cgi-bin'
default['apache']['icondir'] = '/usr/share/apache2/icons'
default['apache']['cache_dir'] = '/var/cache/apache2'
default['apache']['run_dir'] = 'logs'
default['apache']['lock_dir'] = 'logs'
default['apache']['pid_file'] = 'logs/httpd.pid'
default['apache']['lib_dir'] = '/usr/lib/apache2'
default['apache']['libexec_dir'] = "#{node['apache']['lib_dir']}/modules"
end
###
# These settings need the unless, since we want them to be tunable,
# and we don't want to override the tunings.
###
# General settings
if node['apache']['service_name'].nil?
default['apache']['service_name'] = node['apache']['package']
end
default['apache']['listen'] = ['*:80']
default['apache']['contact'] = 'ops@example.com'
default['apache']['timeout'] = 300
default['apache']['keepalive'] = 'On'
default['apache']['keepaliverequests'] = 100
default['apache']['keepalivetimeout'] = 5
default['apache']['locale'] = 'C'
default['apache']['sysconfig_additional_params'] = {}
default['apache']['default_site_enabled'] = false
default['apache']['default_site_port'] = '80'
default['apache']['access_file_name'] = '.htaccess'
default['apache']['default_release'] = nil
default['apache']['log_level'] = 'warn'
# Security
default['apache']['servertokens'] = 'Prod'
default['apache']['serversignature'] = 'On'
default['apache']['traceenable'] = 'Off'
# mod_status Allow list, space seprated list of allowed entries.
default['apache']['status_allow_list'] = '127.0.0.1 ::1'
# mod_status ExtendedStatus, set to 'true' to enable
default['apache']['ext_status'] = false
# mod_info Allow list, space seprated list of allowed entries.
default['apache']['info_allow_list'] = '127.0.0.1 ::1'
# Supported mpm list
default['apache']['mpm_support'] = %w(prefork worker event)
# Prefork Attributes
default['apache']['prefork']['startservers'] = 16
default['apache']['prefork']['minspareservers'] = 16
default['apache']['prefork']['maxspareservers'] = 32
default['apache']['prefork']['serverlimit'] = 256
default['apache']['prefork']['maxrequestworkers'] = 256
default['apache']['prefork']['maxconnectionsperchild'] = 10_000
# Worker Attributes
default['apache']['worker']['startservers'] = 4
default['apache']['worker']['serverlimit'] = 16
default['apache']['worker']['minsparethreads'] = 64
default['apache']['worker']['maxsparethreads'] = 192
default['apache']['worker']['threadlimit'] = 192
default['apache']['worker']['threadsperchild'] = 64
default['apache']['worker']['maxrequestworkers'] = 1024
default['apache']['worker']['maxconnectionsperchild'] = 0
# Event Attributes
default['apache']['event']['startservers'] = 4
default['apache']['event']['serverlimit'] = 16
default['apache']['event']['minsparethreads'] = 64
default['apache']['event']['maxsparethreads'] = 192
default['apache']['event']['threadlimit'] = 192
default['apache']['event']['threadsperchild'] = 64
default['apache']['event']['maxrequestworkers'] = 1024
default['apache']['event']['maxconnectionsperchild'] = 0
# mod_proxy settings
default['apache']['proxy']['require'] = 'all denied'
default['apache']['proxy']['order'] = 'deny,allow'
default['apache']['proxy']['deny_from'] = 'all'
default['apache']['proxy']['allow_from'] = 'none'
# Default modules to enable via include_recipe
default['apache']['default_modules'] = %w(
status alias auth_basic authn_core authn_file authz_core authz_groupfile
authz_host authz_user autoindex deflate dir env mime negotiation setenvif
)
%w(log_config logio).each do |log_mod|
default['apache']['default_modules'] << log_mod if %w(rhel amazon fedora suse arch freebsd).include?(node['platform_family'])
end
if node['apache']['version'] == '2.4'
%w(unixd).each do |unix_mod|
default['apache']['default_modules'] << unix_mod if %w(rhel amazon fedora suse arch freebsd).include?(node['platform_family'])
end
unless node['platform'] == 'amazon'
default['apache']['default_modules'] << 'systemd' if %w(rhel fedora amazon).include?(node['platform_family'])
end
end
Reference in New Issue View Git Blame Copy Permalink