Merge pull request #10 from hosungsmsft/pr-apache

Allow choice of apache or nginx Fixes #2 

I'll move the remaining items noted in the PR comment to a separate issue

README.md

@@ -13,7 +13,7 @@ CLI](docs/Deploy.md).
 ## What this stack will give you
 
 This template set deploys the following infrastructure:
-- Autoscaling web frontend layer (Nginx, php-fpm, Varnish)
+- Autoscaling web frontend layer (Nginx for https termination, Varnish for caching, Nginx/php-fpm or Apache/php)
 - Private virtual network for frontend instances
 - Controller instance running cron and handling syslog for the autoscaled site
 - Load balancer to balance across the autoscaled instances

azuredeploy.json

@@ -48,6 +48,17 @@
             },
             "type": "string"
         },
+        "webServerType": {
+            "defaultValue": "apache",
+            "allowedValues": [
+                "apache",
+                "nginx"
+            ],
+            "metadata": {
+                "description": "Web server type"
+            },
+            "type": "string"
+        },
         "controllerVmSku": {
             "defaultValue": "Standard_DS1_v2",
             "metadata": {
@@ -606,7 +617,8 @@
             "vmssName": "[concat('vmss-',variables('resourceprefix'))]",
             "vmssdStorageAccounttName": "[concat('vmss',uniqueString(resourceGroup().id))]",
             "vnetName": "[concat('vnet-',variables('resourceprefix'))]",
-            "vpnType": "[parameters('vpnType')]"
+            "vpnType": "[parameters('vpnType')]",
+            "webServerType": "[parameters('webServerType')]"
         },
         "octets": "[split(parameters('vNetAddressSpace'), '.')]",
         "resourceprefix": "[substring(uniqueString(resourceGroup().id, deployment().name), 3, 6)]"

azuredeploy.parameters.json

@@ -8,6 +8,7 @@
                 "blobStorageAccountType":      { "value": "Standard_LRS"},
                 "controllerVmSku":             { "value": "Standard_DS1_v2" },
                 "dbServerType":                { "value": "postgres" },
+                "webServerType":               { "value": "apache" },
                 "elasticVmSku":                { "value": "Standard_DS2_v2" },
                 "glusterDiskCount":            { "value": 4 },
                 "glusterDiskSize":             { "value": 127 },

nested/webvmss.json

@@ -197,7 +197,7 @@
         }
     ],
     "variables": {
-        "cmdExec": "[concat('bash ',parameters('moodleCommon').moodleSetupScriptFilename,' ',parameters('moodleCommon').gfsNameRoot,'0', ' ','data', ' ', parameters('moodleCommon').siteURL, ' ', concat('jumpbox-vm-',parameters('moodleCommon').resourcesPrefix))]",
+        "cmdExec": "[concat('bash ',parameters('moodleCommon').moodleSetupScriptFilename,' ',parameters('moodleCommon').gfsNameRoot,'0', ' ','data', ' ', parameters('moodleCommon').siteURL, ' ', concat('jumpbox-vm-',parameters('moodleCommon').resourcesPrefix), ' ', parameters('moodleCommon').webServerType)]",
         "dstorID": "[resourceId('Microsoft.Storage/storageAccounts',parameters('moodleCommon').vmssdStorageAccounttName)]",
         "extBeID": "[concat(variables('extLbID'),'/backendAddressPools/',parameters('moodleCommon').extBeName)]",
         "extFeID": "[concat(variables('extLbID'),'/frontendIPConfigurations/',parameters('moodleCommon').extFeName)]",

nested/webvmssconfig1.json

@@ -34,7 +34,7 @@
 
     ],
     "variables": {
-        "cmdExec": "[concat('bash ',parameters('moodleCommon').moodleSetupScriptFilename,' ',parameters('moodleCommon').gfsNameRoot,'0', ' ','data', ' ', parameters('moodleCommon').siteURL, ' ', concat('jumpbox-vm-',parameters('moodleCommon').resourcesPrefix))]",
+        "cmdExec": "[concat('bash ',parameters('moodleCommon').moodleSetupScriptFilename,' ',parameters('moodleCommon').gfsNameRoot,'0', ' ','data', ' ', parameters('moodleCommon').siteURL, ' ', concat('jumpbox-vm-',parameters('moodleCommon').resourcesPrefix), ' ', parameters('moodleCommon').webServerType)]",
         "scriptUri": "[concat(parameters('moodleCommon').ScriptLocation,parameters('moodleCommon').moodleSetupScriptFilename)]"
     }
 }

scripts/setup_moodle.sh

@@ -26,10 +26,13 @@ glusterNode=$1
 glusterVolume=$2 
 siteFQDN=$3
 syslogserver=$4
+webServerType=$5
 
 echo $glusterNode    >> /tmp/vars.txt
 echo $glusterVolume  >> /tmp/vars.txt
 echo $siteFQDN >> /tmp/vars.txt
+echo $syslogserver >> /tmp/vars.txt
+echo $webServerType >> /tmp/vars.txt
 
 {
   # make sure the system does automatic update
@@ -45,7 +48,15 @@ echo $siteFQDN >> /tmp/vars.txt
   sudo apt-get -y install glusterfs-client postgresql-client mysql-client git
 
   # install the base stack
-  sudo apt-get -y install nginx php-fpm varnish php php-cli php-curl php-zip
+  sudo apt-get -y install nginx varnish php php-cli php-curl php-zip
+
+  if [ "$webServerType" = "apache" ]; then
+    # install apache pacakges
+    sudo apt-get -y install apache2 libapache2-mod-php
+  else
+    # for nginx-only option
+    sudo apt-get -y install php-fpm
+  fi
 
   # Moodle requirements
   sudo apt-get install -y graphviz aspell php-soap php-json php-redis php-bcmath php-gd php-pgsql php-mysql php-xmlrpc php-intl php-xml php-bz2
@@ -129,6 +140,41 @@ http {
 }
 EOF
 
+    cat <<EOF >> /etc/nginx/sites-enabled/${siteFQDN}.conf
+server {
+        listen 443 ssl;
+        root /moodle/html/moodle;
+	index index.php index.html index.htm;
+
+        ssl on;
+        ssl_certificate /moodle/certs/nginx.crt;
+        ssl_certificate_key /moodle/certs/nginx.key;
+
+        # Log to syslog
+        error_log syslog:server=localhost,facility=local1,severity=error,tag=moodle;
+        access_log syslog:server=localhost,facility=local1,severity=notice,tag=moodle moodle_combined;
+
+        # Log XFF IP instead of varnish
+        set_real_ip_from    10.0.0.0/8;
+        set_real_ip_from    127.0.0.1;
+        set_real_ip_from    172.16.0.0/12;
+        set_real_ip_from    192.168.0.0/16;
+        real_ip_header      X-Forwarded-For;
+        real_ip_recursive   on;
+
+        location / {
+          proxy_set_header Host \$host;
+          proxy_set_header HTTP_REFERER \$http_referer;
+          proxy_set_header X-Forwarded-Host \$host;
+          proxy_set_header X-Forwarded-Server \$host;
+          proxy_set_header X-Forwarded-Proto https;
+          proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+          proxy_pass http://localhost:80;
+        }
+}
+EOF
+
+  if [ "$webServerType" = "nginx" ]; then
     cat <<EOF >> /etc/nginx/sites-enabled/${siteFQDN}.conf
 server {
         listen 81 default;
@@ -181,41 +227,38 @@ server {
         }
 }
 
-server {
-        listen 443 ssl;
-        root /moodle/html/moodle;
-	index index.php index.html index.htm;
+EOF
+  fi
 
-        ssl on;
-        ssl_certificate /moodle/certs/nginx.crt;
-        ssl_certificate_key /moodle/certs/nginx.key;
+  if [ "$webServerType" = "apache" ]; then
+    sed -i "s/Listen 80/Listen 81/" /etc/apache2/ports.conf
 
-        # Log to syslog
-        error_log syslog:server=localhost,facility=local1,severity=error,tag=moodle;
-        access_log syslog:server=localhost,facility=local1,severity=notice,tag=moodle moodle_combined;
+    cat <<EOF >> /etc/apache2/sites-enabled/${siteFQDN}.conf
+<VirtualHost *:81>
+	ServerName ${siteFQDN}
 
-        # Log XFF IP instead of varnish
-        set_real_ip_from    10.0.0.0/8;
-        set_real_ip_from    127.0.0.1;
-        set_real_ip_from    172.16.0.0/12;
-        set_real_ip_from    192.168.0.0/16;
-        real_ip_header      X-Forwarded-For;
-        real_ip_recursive   on;
+	ServerAdmin webmaster@localhost
+	DocumentRoot /moodle/html/moodle
 
-        location / {
-          proxy_set_header Host \$host;
-          proxy_set_header HTTP_REFERER \$http_referer;
-          proxy_set_header X-Forwarded-Host \$host;
-          proxy_set_header X-Forwarded-Server \$host;
-          proxy_set_header X-Forwarded-Proto https;
-          proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
-          proxy_pass http://localhost:80;
-        }
-}
+	<Directory /moodle/html/moodle>
+		Options FollowSymLinks
+		AllowOverride All
+		Require all granted
+	</Directory>
+
+	ErrorLog "|/usr/bin/logger -t moodle -p local1.error"
+	CustomLog "|/usr/bin/logger -t moodle -p local1.notice" combined
+
+</VirtualHost>
 EOF
+  fi
 
    # php config 
-   PhpIni=/etc/php/7.0/fpm/php.ini
+   if [ "$webServerType" = "apache" ]; then
+     PhpIni=/etc/php/7.0/apache2/php.ini
+   else
+     PhpIni=/etc/php/7.0/fpm/php.ini
+   fi
    sed -i "s/memory_limit.*/memory_limit = 512M/" $PhpIni
    sed -i "s/max_execution_time.*/max_execution_time = 18000/" $PhpIni
    sed -i "s/max_input_vars.*/max_input_vars = 100000/" $PhpIni
@@ -232,12 +275,16 @@ EOF
 
    # Remove the default site. Moodle is the only site we want
    rm -f /etc/nginx/sites-enabled/default
+   if [ "$webServerType" = "apache" ]; then
+     rm -f /etc/apache2/sites-enabled/000-default.conf
+   fi
 
    # restart Nginx
    sudo service nginx restart 
 
-   # fpm config - overload this 
-   cat <<EOF > /etc/php/7.0/fpm/pool.d/www.conf
+   if [ "$webServerType" = "nginx" ]; then
+     # fpm config - overload this 
+     cat <<EOF > /etc/php/7.0/fpm/pool.d/www.conf
 [www]
 user = www-data
 group = www-data
@@ -251,8 +298,13 @@ pm.min_spare_servers = 20
 pm.max_spare_servers = 30 
 EOF
 
-   # Restart fpm
-   service php7.0-fpm restart
+     # Restart fpm
+     service php7.0-fpm restart
+   fi
+
+   if [ "$webServerType" = "apache" ]; then
+     sudo service apache2 restart
+   fi
 
    # Configure varnish startup for 16.04
    VARNISHSTART="ExecStart=\/usr\/sbin\/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f \/etc\/varnish\/moodle.vcl -S \/etc\/varnish\/secret -s malloc,1024m -p thread_pool_min=200 -p thread_pool_max=4000 -p thread_pool_add_delay=2 -p timeout_linger=100 -p timeout_idle=30 -p send_timeout=1800 -p thread_pools=4 -p http_max_hdr=512 -p workspace_backend=512k"