hello list!!
I have developed a custom apache module for my company that setups up
our own particular config of httpd and php in order to run our sites..
However, there is one wrinkle. It take two puppet runs to start the
httpd service with this module and we'd like to get that down to one
run!
The reason seems to be that we have our own custom ssl vhost conf
that we use called 001-chrome-ssl.conf. What happens is that apache
gets installed and plops it's own version of ssl.conf in there, then
my module puts OUR version of ssl.conf in there and both files glom
onto 443 thereby preventing the apache service from starting!
The solution I came up with is to tidy the default apache ssl.conf
file that gets installed by apache. However, on the first puppet run
it tries to tidy the ssl.conf file which isn't there! then apache
installs it's ssl.conf and we install our ssl.conf and the two
disagree with each other.
My attempt to solve this problem was to put a tidy resource right
before the service resource that starts apache. And then I require
that tidy resource in the apache service resource itself. However that
didn't solve the problem. I was wondering if I could have an opinion
on how to get this puppet run down to one run!
class apache {
$packagelist =
["httpd.$architecture","httpd-devel.$architecture","webalizer.$architecture","php.$architecture","php-common.$architecture","php-devel.$architecture","php-xmlrpc.$architecture","php-gd.$architecture",
"php-pear.noarch", "php-pdo.$architecture",
"php-mcrypt.$architecture", "php-mhash.$architecture",
"php-mysql.$architecture", "php-cli.$architecture",
"php-soap.$architecture", "php-xml.$architecture",
"mod_ssl.$architecture"]
package { $packagelist:
ensure => "installed"
}
exec { "create httpd dir":
command => "/bin/mkdir -p /etc/httpd",
creates => "/etc/httpd"
}
exec {"create apache module dir":
command => "/bin/mkdir -p /usr/lib/httpd/modules",
creates => "/usr/lib/httpd/modules/mod_file_cache.so"
}
exec { "create apache module link":
command => "/bin/ln -s /usr/lib/httpd/modules /etc/httpd/modules",
require => Exec["create apache module dir"],
creates => "/etc/httpd/modules"
}
exec { "create apache log dir":
command => "/bin/mkdir -p /var/log/httpd/logs",
creates => "/var/log/httpd/logs"
}
exec { "create apache error log":
command => "/bin/touch /etc/httpd/logs/error_log",
require => Exec["create apache log dir"],
creates => "/etc/httpd/logs/error_log"
}
exec { "create apache log link":
command => "/bin/ln -s /var/log/httpd/logs /etc/httpd/logs",
require => Exec["create apache log dir"],
creates => "/etc/httpd/logs"
}
exec { "create apache run dir":
command => "/bin/mkdir -p /var/run/httpd",
creates => "/var/run/httpd"
}
exec { "create apache run link":
command => "/bin/ln -s /var/run/httpd /etc/httpd/run",
require => Exec["create apache log dir"],
creates => "/etc/httpd/run"
}
exec { "create httpd conf dir":
command => "/bin/mkdir -p /etc/httpd/conf.d",
creates => "/etc/httpd/conf.d"
}
exec { "create httpd vhost conf dir":
command => "/bin/mkdir -p /etc/httpd/conf",
creates => "/etc/httpd/conf"
}
file { "/etc/php.ini":
owner => root,
group => root,
mode => 440,
source => "puppet:///apache/php.ini"
}
file { "/usr/lib/httpd/modules/mod_file_cache.so":
owner => root,
group => root,
mode => 766,
require => Exec["create apache module dir"],
source => "puppet:///apache/krome/httpd/modules/mod_file_cache.so"
}
file {
"/etc/httpd/conf/httpd.conf":
owner => root,
group => root,
mode => 440,
require => Exec["create httpd conf dir"],
source => "puppet:///apache/krome/httpd/conf/httpd.conf"
}
file {
"/usr/lib/httpd/modules/mod_auth_basic.so":
owner => root,
group => root,
mode => 766,
source => "puppet:///apache/krome/httpd/modules/mod_auth_basic.so"
}
file {
"/etc/httpd/conf.d/000-ssl.conf":
owner => root,
group => root,
mode => 440,
require => Exec["create httpd conf dir"],
source => "puppet:///apache/krome/httpd/conf.d/000-ssl.conf"
}
file {
"/etc/httpd/conf.d/001-chrome-ssl.conf":
owner => root,
group => root,
mode => 440,
require => Exec["create httpd conf dir"],
source => "puppet:///apache/krome/httpd/conf.d/001-chrome-ssl.conf"
}
file {
"/etc/httpd/conf.d/002-chrome.conf":
owner => root,
group => root,
mode => 440,
require => Exec["create httpd conf dir"],
source => "puppet:///apache/krome/httpd/conf.d/002-chrome.conf"
}
file {
"/etc/httpd/conf.d/php.conf":
owner => root,
group => root,
mode => 440,
require => Exec["create httpd conf dir"],
source => "puppet:///apache/krome/httpd/conf.d/php.conf"
}
file {
"/etc/httpd/conf.d/proxy_ajp.conf":
owner => root,
group => root,
mode => 440,
require => Exec["create httpd conf dir"],
source => "puppet:///apache/krome/httpd/conf.d/proxy_ajp.conf"
}
file {
"/etc/httpd/conf.d/welcome.conf":
owner => root,
group => root,
mode => 440,
require => Exec["create httpd conf dir"],
source => "puppet:///apache/krome/httpd/conf.d/welcome.conf"
}
tidy { "/etc/httpd/conf.d/ssl.conf":
age => '0s',
}
service { "httpd":
enable => "true",
ensure => "running",
hasrestart => "true",
hasstatus => "true",
require => [ Package["httpd.$architecture"],
Tidy["/etc/httpd/conf.d/ssl.conf"] ]
}
}
Thanks guys!!!
Tim
--
GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
