Skip to content
Browse files

Initial commit of Bakery-chef

  • Loading branch information...
0 parents commit 45f9f3f0c00dd8c8cddda51739f6eab572d32bd6 @bjeavons committed May 29, 2012
Showing with 9,758 additions and 0 deletions.
  1. +27 −0 Cheffile
  2. +1 −0 README.md
  3. +35 −0 Vagrantfile
  4. +5 −0 config/run_list.json
  5. +13 −0 config/solo.rb
  6. +388 −0 cookbooks/apache2/README.md
  7. +134 −0 cookbooks/apache2/attributes/default.rb
  8. +32 −0 cookbooks/apache2/attributes/mod_auth_openid.rb
  9. +26 −0 cookbooks/apache2/definitions/apache_conf.rb
  10. +53 −0 cookbooks/apache2/definitions/apache_module.rb
  11. +43 −0 cookbooks/apache2/definitions/apache_site.rb
  12. +49 −0 cookbooks/apache2/definitions/web_app.rb
  13. +41 −0 cookbooks/apache2/files/default/apache2_module_conf_generate.pl
  14. +205 −0 cookbooks/apache2/metadata.rb
  15. +217 −0 cookbooks/apache2/recipes/default.rb
  16. +33 −0 cookbooks/apache2/recipes/god_monitor.rb
  17. +22 −0 cookbooks/apache2/recipes/mod_alias.rb
  18. +45 −0 cookbooks/apache2/recipes/mod_apreq2.rb
  19. +20 −0 cookbooks/apache2/recipes/mod_auth_basic.rb
  20. +20 −0 cookbooks/apache2/recipes/mod_auth_digest.rb
  21. +113 −0 cookbooks/apache2/recipes/mod_auth_openid.rb
  22. +20 −0 cookbooks/apache2/recipes/mod_authn_file.rb
  23. +20 −0 cookbooks/apache2/recipes/mod_authnz_ldap.rb
  24. +20 −0 cookbooks/apache2/recipes/mod_authz_default.rb
  25. +20 −0 cookbooks/apache2/recipes/mod_authz_groupfile.rb
  26. +20 −0 cookbooks/apache2/recipes/mod_authz_host.rb
  27. +20 −0 cookbooks/apache2/recipes/mod_authz_user.rb
  28. +22 −0 cookbooks/apache2/recipes/mod_autoindex.rb
  29. +20 −0 cookbooks/apache2/recipes/mod_cgi.rb
  30. +20 −0 cookbooks/apache2/recipes/mod_dav.rb
  31. +20 −0 cookbooks/apache2/recipes/mod_dav_fs.rb
  32. +29 −0 cookbooks/apache2/recipes/mod_dav_svn.rb
  33. +22 −0 cookbooks/apache2/recipes/mod_deflate.rb
  34. +22 −0 cookbooks/apache2/recipes/mod_dir.rb
  35. +20 −0 cookbooks/apache2/recipes/mod_env.rb
  36. +20 −0 cookbooks/apache2/recipes/mod_expires.rb
  37. +54 −0 cookbooks/apache2/recipes/mod_fcgid.rb
  38. +20 −0 cookbooks/apache2/recipes/mod_headers.rb
  39. +20 −0 cookbooks/apache2/recipes/mod_ldap.rb
  40. +24 −0 cookbooks/apache2/recipes/mod_log_config.rb
  41. +22 −0 cookbooks/apache2/recipes/mod_mime.rb
  42. +22 −0 cookbooks/apache2/recipes/mod_negotiation.rb
  43. +43 −0 cookbooks/apache2/recipes/mod_perl.rb
  44. +78 −0 cookbooks/apache2/recipes/mod_php5.rb
  45. +22 −0 cookbooks/apache2/recipes/mod_proxy.rb
  46. +20 −0 cookbooks/apache2/recipes/mod_proxy_ajp.rb
  47. +20 −0 cookbooks/apache2/recipes/mod_proxy_balancer.rb
  48. +20 −0 cookbooks/apache2/recipes/mod_proxy_connect.rb
  49. +20 −0 cookbooks/apache2/recipes/mod_proxy_http.rb
  50. +32 −0 cookbooks/apache2/recipes/mod_python.rb
  51. +20 −0 cookbooks/apache2/recipes/mod_rewrite.rb
  52. +22 −0 cookbooks/apache2/recipes/mod_setenvif.rb
  53. +43 −0 cookbooks/apache2/recipes/mod_ssl.rb
  54. +22 −0 cookbooks/apache2/recipes/mod_status.rb
  55. +27 −0 cookbooks/apache2/recipes/mod_wsgi.rb
  56. +27 −0 cookbooks/apache2/recipes/mod_xsendfile.rb
  57. +22 −0 cookbooks/apache2/templates/default/a2dismod.erb
  58. +29 −0 cookbooks/apache2/templates/default/a2dissite.erb
  59. +37 −0 cookbooks/apache2/templates/default/a2enmod.erb
  60. +38 −0 cookbooks/apache2/templates/default/a2ensite.erb
  61. +233 −0 cookbooks/apache2/templates/default/apache2.conf.erb
  62. +19 −0 cookbooks/apache2/templates/default/apache2.god.erb
  63. +6 −0 cookbooks/apache2/templates/default/charset.erb
  64. +57 −0 cookbooks/apache2/templates/default/default-site.erb
  65. +2 −0 cookbooks/apache2/templates/default/mods/README
  66. +24 −0 cookbooks/apache2/templates/default/mods/alias.conf.erb
  67. +1 −0 cookbooks/apache2/templates/default/mods/authopenid.load.erb
  68. +101 −0 cookbooks/apache2/templates/default/mods/autoindex.conf.erb
  69. +16 −0 cookbooks/apache2/templates/default/mods/deflate.conf.erb
  70. +5 −0 cookbooks/apache2/templates/default/mods/dir.conf.erb
  71. +10 −0 cookbooks/apache2/templates/default/mods/fcgid.conf.erb
  72. +198 −0 cookbooks/apache2/templates/default/mods/mime.conf.erb
  73. +18 −0 cookbooks/apache2/templates/default/mods/negotiation.conf.erb
  74. +16 −0 cookbooks/apache2/templates/default/mods/php5.conf.erb
  75. +19 −0 cookbooks/apache2/templates/default/mods/proxy.conf.erb
  76. +28 −0 cookbooks/apache2/templates/default/mods/setenvif.conf.erb
  77. +76 −0 cookbooks/apache2/templates/default/mods/ssl.conf.erb
  78. +16 −0 cookbooks/apache2/templates/default/mods/status.conf.erb
  79. +2 −0 cookbooks/apache2/templates/default/port_apache.erb
  80. +6 −0 cookbooks/apache2/templates/default/ports.conf.erb
  81. +50 −0 cookbooks/apache2/templates/default/security.erb
  82. +43 −0 cookbooks/apache2/templates/default/web_app.conf.erb
  83. +31 −0 cookbooks/application/CHANGELOG.md
  84. +29 −0 cookbooks/application/CONTRIBUTING
  85. +201 −0 cookbooks/application/LICENSE
  86. +212 −0 cookbooks/application/README.md
  87. +178 −0 cookbooks/application/libraries/default.rb
  88. +47 −0 cookbooks/application/metadata.json
  89. +22 −0 cookbooks/application/metadata.rb
  90. +181 −0 cookbooks/application/providers/default.rb
  91. +30 −0 cookbooks/application/recipes/default.rb
  92. +196 −0 cookbooks/application/recipes/django.rb
  93. +57 −0 cookbooks/application/recipes/gunicorn.rb
  94. +110 −0 cookbooks/application/recipes/java_webapp.rb
  95. +55 −0 cookbooks/application/recipes/mod_php_apache2.rb
  96. +54 −0 cookbooks/application/recipes/passenger_apache2.rb
  97. +146 −0 cookbooks/application/recipes/php.rb
  98. +218 −0 cookbooks/application/recipes/rails.rb
  99. +41 −0 cookbooks/application/recipes/tomcat.rb
  100. +60 −0 cookbooks/application/recipes/unicorn.rb
  101. +124 −0 cookbooks/application/resources/default.rb
  102. +9 −0 cookbooks/application/templates/default/context.xml.erb
  103. +10 −0 cookbooks/application/templates/default/database.yml.erb
  104. +8 −0 cookbooks/application/templates/default/deploy-ssh-wrapper.erb
  105. +10 −0 cookbooks/application/templates/default/memcached.yml.erb
  106. +13 −0 cookbooks/application/templates/default/myproj.conf.erb
  107. +34 −0 cookbooks/application/templates/default/php.conf.erb
  108. +13 −0 cookbooks/application/templates/default/rails_nginx_passenger.conf.erb
  109. +19 −0 cookbooks/application/templates/default/settings.py.erb
  110. +2 −0 cookbooks/application/templates/default/sv-gunicorn-log-run.erb
  111. +10 −0 cookbooks/application/templates/default/sv-gunicorn-run.erb
  112. +3 −0 cookbooks/application/templates/default/sv-unicorn-log-run.erb
  113. +7 −0 cookbooks/application/templates/default/sv-unicorn-run.erb
  114. +134 −0 cookbooks/apt/README.md
  115. +50 −0 cookbooks/apt/files/default/apt-proxy-v2.conf
  116. +13 −0 cookbooks/apt/metadata.rb
  117. +70 −0 cookbooks/apt/providers/repository.rb
  118. +55 −0 cookbooks/apt/recipes/cacher-client.rb
  119. +30 −0 cookbooks/apt/recipes/cacher-ng.rb
  120. +56 −0 cookbooks/apt/recipes/default.rb
  121. +35 −0 cookbooks/apt/resources/repository.rb
  122. +24 −0 cookbooks/build-essential/README.md
  123. +10 −0 cookbooks/build-essential/metadata.rb
  124. +45 −0 cookbooks/build-essential/recipes/default.rb
  125. +44 −0 cookbooks/chef-drush/README.rdoc
  126. +23 −0 cookbooks/chef-drush/attributes/default.rb
  127. +20 −0 cookbooks/chef-drush/attributes/make.rb
  128. +17 −0 cookbooks/chef-drush/metadata.rb
  129. +43 −0 cookbooks/chef-drush/recipes/default.rb
  130. +40 −0 cookbooks/chef-drush/recipes/dev.rb
  131. +40 −0 cookbooks/chef-drush/recipes/drush4-dev.rb
  132. +27 −0 cookbooks/chef-drush/recipes/make.rb
  133. +110 −0 cookbooks/drupal/attributes/default.rb
  134. +20 −0 cookbooks/drupal/files/bakery-d7/bakery-d7.make
  135. +58 −0 cookbooks/drupal/recipes/bakery-d7.rb
  136. +16 −0 cookbooks/drupal/recipes/drupal_apps.rb
  137. +36 −0 cookbooks/drupal/recipes/minimal.rb
  138. +1,241 −0 cookbooks/drupal/templates/default/php.ini.erb
  139. +60 −0 cookbooks/drupal/templates/default/sites.conf.erb
  140. +44 −0 cookbooks/drush/README.rdoc
  141. +23 −0 cookbooks/drush/attributes/default.rb
  142. +20 −0 cookbooks/drush/attributes/make.rb
  143. +17 −0 cookbooks/drush/metadata.rb
  144. +43 −0 cookbooks/drush/recipes/default.rb
  145. +40 −0 cookbooks/drush/recipes/dev.rb
  146. +40 −0 cookbooks/drush/recipes/drush4-dev.rb
  147. +27 −0 cookbooks/drush/recipes/make.rb
  148. +39 −0 cookbooks/drush_make/metadata.json
  149. +11 −0 cookbooks/drush_make/metadata.rb
  150. +29 −0 cookbooks/drush_make/recipes/default.rb
  151. +58 −0 cookbooks/git/README.md
  152. +16 −0 cookbooks/git/metadata.rb
  153. +30 −0 cookbooks/git/recipes/default.rb
  154. +34 −0 cookbooks/git/recipes/server.rb
  155. +2 −0 cookbooks/git/templates/default/sv-git-daemon-log-run.erb
  156. +3 −0 cookbooks/git/templates/default/sv-git-daemon-run.erb
  157. +1 −0 cookbooks/hosts/attributes/hosts.rb
  158. +41 −0 cookbooks/hosts/metadata.json
  159. +4 −0 cookbooks/hosts/metadata.rb
  160. +6 −0 cookbooks/hosts/recipes/default.rb
  161. +27 −0 cookbooks/hosts/templates/default/hosts.erb
  162. +45 −0 cookbooks/mysql/CHANGELOG.md
  163. +29 −0 cookbooks/mysql/CONTRIBUTING
  164. +201 −0 cookbooks/mysql/LICENSE
  165. +106 −0 cookbooks/mysql/README.md
  166. +52 −0 cookbooks/mysql/attributes/client.rb
  167. +119 −0 cookbooks/mysql/attributes/server.rb
  168. +19 −0 cookbooks/mysql/libraries/database.rb
  169. +33 −0 cookbooks/mysql/libraries/helpers.rb
  170. +132 −0 cookbooks/mysql/metadata.rb
  171. +64 −0 cookbooks/mysql/recipes/client.rb
  172. +20 −0 cookbooks/mysql/recipes/default.rb
  173. +182 −0 cookbooks/mysql/recipes/server.rb
  174. +51 −0 cookbooks/mysql/recipes/server_ec2.rb
  175. +12 −0 cookbooks/mysql/templates/default/debian.cnf.erb
  176. +15 −0 cookbooks/mysql/templates/default/grants.sql.erb
  177. +176 −0 cookbooks/mysql/templates/default/my.cnf.erb
  178. +10 −0 cookbooks/mysql/templates/default/mysql-server.seed.erb
  179. +3 −0 cookbooks/mysql/templates/default/port_mysql.erb
Sorry, we could not display the entire diff because it was too big.
27 Cheffile
@@ -0,0 +1,27 @@
+#!/usr/bin/env ruby
+#^syntax detection
+
+site 'http://community.opscode.com/api/v1'
+
+# cookbook 'chef-client'
+
+cookbook 'apache2',
+ :git => 'https://github.com/cookbooks/apache2'
+cookbook 'apt',
+ :git => 'https://github.com/opscode-cookbooks/apt'
+cookbook 'build-essential',
+ :git => 'https://github.com/opscode-cookbooks/build-essential'
+cookbook 'drush',
+ :git => 'https://github.com/msonnabaum/chef-drush'
+cookbook 'git',
+ :git => 'https://github.com/opscode-cookbooks/git'
+# Use patcon's fork until https://github.com/opscode-cookbooks/mysql/pull/8 is merged.
+cookbook 'mysql',
+ :git => 'https://github.com/myplanetdigital/chef-mysql',
+ :ref => 'COOK-1236'
+cookbook 'openssl',
+ :git => 'https://github.com/opscode-cookbooks/openssl'
+cookbook 'php',
+ :git => 'https://github.com/opscode-cookbooks/php'
+cookbook 'percona',
+ :git => 'https://github.com/myplanetdigital/chef-percona'
1 README.md
@@ -0,0 +1 @@
+Bakery-enabled cluster of Drupal sites for Bakery testing using Vagrant and Chef.
35 Vagrantfile
@@ -0,0 +1,35 @@
+Vagrant::Config.run do |config|
+ # All Vagrant configuration is done here. For a detailed explanation
+ # and listing of configuration options, please view the documentation
+ # online.
+
+ # Every Vagrant virtual environment requires a box to build off of.
+ config.vm.box = "ms-ubuntu-11.10"
+
+ # Download the box automatically from S3.
+ config.vm.box_url = "http://msonnabaum-public.s3.amazonaws.com/ms-ubuntu-11.10.box"
+
+ config.vm.provision :chef_solo do |chef|
+ chef.cookbooks_path = ["cookbooks"]
+ chef.roles_path = "roles"
+ chef.data_bags_path = "data_bags"
+ chef.add_role("bakery")
+ chef.json.merge!({
+ :www_root => '/var/www',
+ :hosts => {
+ :localhost_aliases => {
+ "bakerymasterd6" => "masterd6.vbox",
+ "bakerysubd6" => "d6.masterd6.vbox",
+ "bakerysubd7" => "d7.masterd6.vbox"
+ }
+ }
+ })
+ end
+
+ # Run the host with a host-only IP of 172.22.22.22.
+ config.vm.network :hostonly, "172.22.22.22"
+ config.ssh.max_tries = 1000
+
+ # Forward port 22 to localhost:2222.
+ config.vm.forward_port 22, 2222
+end
5 config/run_list.json
@@ -0,0 +1,5 @@
+{
+ "run_list": [
+ "role[bakery]"
+ ]
+}
13 config/solo.rb
@@ -0,0 +1,13 @@
+#
+# Chef Solo Config File
+#
+#repo_root = "#{Dir.tmpdir}/chefsolo"
+
+base_path = File.expand_path(File.join(File.dirname(__FILE__), ".."))
+cookbook_path ["#{base_path}/cookbooks", "#{base_path}/site-cookbooks"]
+
+role_path "#{base_path}/roles"
+data_bag_path "#{base_path}/data_bags"
+
+Mixlib::Log::Formatter.show_time = false
+
388 cookbooks/apache2/README.md
@@ -0,0 +1,388 @@
+Description
+===========
+
+This cookbook provides a complete Debian/Ubuntu style Apache HTTPD configuration. Non-Debian based distributions such as Red Hat/CentOS, ArchLinux and others supported by this cookbook will have a configuration that mimics Debian/Ubuntu style as it is easier to manage with Chef.
+
+Debian-style Apache configuration uses scripts to manage modules and sites (vhosts). The scripts are:
+
+* a2ensite
+* a2dissite
+* a2enmod
+* a2dismod
+
+This cookbook ships with templates of these scripts for non Debian/Ubuntu platforms. The scripts are used in the __Definitions__ below.
+
+Changes/Roadmap
+===============
+
+### v1.0.8:
+
+* COOK-548 - directory resource doesn't have backup parameter
+
+### v1.0.6:
+
+* COOK-915 - update to `mod_auth_openid` version 0.6, see __Recipes/mod_auth_openid__ below.
+* COOK-548 - Add support for FreeBSD.
+
+### v1.0.4:
+
+* COOK-859 - don't hardcode module paths
+
+### v1.0.2
+
+* Tickets resolved in this release: COOK-788, COOK-782, COOK-780
+
+### v1.0.0
+
+* Red Hat family support is greatly improved, all recipes except `god_monitor` converge.
+* Recipe `mod_auth_openid` now works on RHEL family distros
+* Recipe `mod_php5` will now remove config from package on RHEL family so it doesn't conflict with the cookbook's.
+* Added `php5.conf.erb` template for `mod_php5` recipe.
+* Create the run state directory for `mod_fcgid` to prevent a startup error on RHEL version 6.
+* New attribute `node['apache']['lib_dir']` to handle lib vs lib64 on RHEL family distributions.
+* New attribute `node['apache']['group']`.
+* Scientific Linux support added.
+* Use a file resource instead of the generate-module-list executed perl script on RHEL family.
+* "default" site can now be disabled.
+* web_app now has an "enable" parameter.
+* Support for dav_fs apache module.
+* Tickets resolved in this release: COOK-754, COOK-753, COOK-665, COOK-624, COOK-579, COOK-519, COOK-518
+* Fix node references in template for a2dissite
+* Use proper user and group attributes on files and templates.
+* Replace the anemic README.rdoc with this new and improved superpowered README.md :).
+
+Requirements
+============
+
+## Cookbooks:
+
+This cookbook doesn't have direct dependencies on other cookbooks. Depending on your OS configuration and security policy, you may need additional recipes or cookbooks for this cookbook's recipes to converge on the node. In particular, the following Operating System nuances may affect the behavior:
+
+* apt cache outdated
+* SELinux enabled
+* IPtables
+* Compile tools
+
+On Ubuntu/Debian, use Opscode's `apt` cookbook to ensure the package cache is updated so Chef can install packages, or consider putting apt-get in your bootstrap process or [knife bootstrap template](http://wiki.opscode.com/display/chef/Knife+Bootstrap).
+
+On RHEL, SELinux is enabled by default. The `selinux` cookbook contains a `permissive` recipe that can be used to set SELinux to "Permissive" state.
+
+The easiest but certainly not ideal way to deal with IPtables is of course to flush all rules. Opscode does provide an `iptables` cookbook but is migrating from the approach used there to a more robust solution utilizing a general "firewall" LWRP that would have an "iptables" provider. Alternately, you can use ufw, with Opscode's `ufw` and `firewall` cookbooks to set up rules. See those cookbooks' READMEs for documentation.
+
+Build/compile tools may not be installed on the system by default. Some recipes (e.g., `apache2::mode_auth_openid`) build the module from source. Use Opscode's `build-essential` cookbook to get essential build packages installed.
+
+## Platforms:
+
+* Debian
+* Ubuntu
+* Red Hat/CentOS/Scientific Linux/Fedora (RHEL Family)
+* SUSE/OpenSUSE
+* ArchLinux
+
+### Notes for RHEL Family:
+
+On Red Hat Enterprise Linux and derivatives, the EPEL repository may be necessary to install packages used in certain recipes. The `apache2::default` recipe, however, does not require any additional repositories. Opscode's `yum` cookbook contains a recipe to add the EPEL repository. See __Examples__ for more information.
+
+Attributes
+==========
+
+This cookbook uses many attributes, broken up into a few different kinds.
+
+Platform specific
+-----------------
+
+In order to support the broadest number of platforms, several attributes are determined based on the node's platform. See the attributes/default.rb file for default values in the case statement at the top of the file.
+
+* `node['apache']['dir']` - Location for the Apache configuration
+* `node['apache']['log_dir']` - Location for Apache logs
+* `node['apache']['user']` - User Apache runs as
+* `node['apache']['group']` - Group Apache runs as
+* `node['apache']['binary']` - Apache httpd server daemon
+* `node['apache']['icondir']` - Location for icons
+* `node['apache']['cache_dir']` - Location for cached files used by Apache itself or recipes
+* `node['apache']['pid_file']` - Location of the PID file for Apache httpd
+* `node['apache']['lib_dir']` - Location for shared libraries
+
+General settings
+----------------
+
+These are general settings used in recipes and templates. Default values are noted.
+
+* `node['apache']['listen_ports']` - Ports that httpd should listen on. Default is an array of ports 80 and 443.
+* `node['apache']['contact']` - Value for ServerAdmin directive. Default "ops@example.com".
+* `node['apache']['timeout']` - Value for the Timeout directive. Default is 300.
+* `node['apache']['keepalive']` - Value for the KeepAlive directive. Default is On.
+* `node['apache']['keepaliverequests']` - Value for MaxKeepAliveRequests. Default is 100.
+* `node['apache']['keepalivetimeout']` - Value for the KeepAliveTimeout directive. Default is 5.
+* `node['apache']['default_modules']` - Array of module names. Can take "mod_FOO" or "FOO" as names, where FOO is the apache module, e.g. "`mod_status`" or "`status`".
+
+The modules listed in `default_modules` will be included as recipes in `recipe[apache::default]`.
+
+Prefork attributes
+------------------
+
+Prefork attributes are used for tuning the Apache HTTPD prefork MPM configuration.
+
+* `node['apache']['prefork']['startservers']` - initial number of server processes to start. Default is 16.
+* `node['apache']['prefork']['minspareservers']` - minimum number of spare server processes. Default 16.
+* `node['apache']['prefork']['maxspareservers']` - maximum number of spare server processes. Default 32.
+* `node['apache']['prefork']['serverlimit']` - upper limit on configurable server processes. Default 400.
+* `node['apache']['prefork']['maxclients']` - Maximum number of simultaneous connections.
+* `node['apache']['prefork']['maxrequestsperchild']` - Maximum number of request a child process will handle. Default 10000.
+
+Worker attributes
+-----------------
+
+Worker attributes are used for tuning the Apache HTTPD worker MPM configuration.
+
+* `node['apache']['worker']['startservers']` - Initial number of server processes to start. Default 4
+* `node['apache']['worker']['maxclients']` - Maximum number of simultaneous connections. Default 1024.
+* `node['apache']['worker']['minsparethreads]` - Minimum number of spare worker threads. Default 64
+* `node['apache']['worker']['maxsparethreads]` - Maximum number of spare worker threads. Default 192.
+* `node['apache']['worker']['maxrequestsperchild']` - Maximum number of requests a child process will handle.
+
+mod\_auth\_openid attributes
+----------------------------
+
+The following attributes are in the `attributes/mod_auth_openid.rb` file. Like all Chef attributes files, they are loaded as well, but they're logistically unrelated to the others, being specific to the `mod_auth_openid` recipe.
+
+* `node['apache']['mod_auth_openid']['checksum']` - sha256sum of the tarball containing the source.
+* `node['apache']['mod_auth_openid']['version']` - version of the `mod_auth_openid` to download.
+* `node['apache']['mod_auth_openid']['cache_dir']` - the cache directory is where the sqlite3 database is stored. It is separate so it can be managed as a directory resource.
+* `node['apache']['mod_auth_openid']['dblocation']` - filename of the sqlite3 database used for directive `AuthOpenIDDBLocation`, stored in the `cache_dir` by default.
+* `node['apache']['mod_auth_openid']['configure_flags']` - optional array of configure flags passed to the `./configure` step in the compilation of the module.
+
+Recipes
+=======
+
+Most of the recipes in the cookbook are for enabling Apache modules. Where additional configuration or behavior is used, it is documented below in more detail.
+
+The following recipes merely enable the specified module: `mod_alias`, `mod_basic`, `mod_digest`, `mod_authn_file`, `mod_authnz_ldap`, `mod_authz_default`, `mod_authz_groupfile`, `mod_authz_host`, `mod_authz_user`, `mod_autoindex`, `mod_cgi`, `mod_dav_fs`, `mod_dav_svn`, `mod_deflate`, `mod_dir`, `mod_env`, `mod_expires`, `mod_headers`, `mod_ldap`, `mod_log_config`, `mod_mime`, `mod_negotiation`, `mod_proxy`, `mod_proxy_ajp`, `mod_proxy_balancer`, `mod_proxy_connect`, `mod_proxy_http`, `mod_python`, `mod_rewrite`, `mod_setenvif`, `mod_status`, `mod_wsgi`, `mod_xsendfile`.
+
+On RHEL Family distributions, certain modules ship with a config file with the package. The recipes here may delete those configuration files to ensure they don't conflict with the settings from the cookbook, which will use per-module configuration in `/etc/httpd/mods-enabled`.
+
+default
+-------
+
+The default recipe does a number of things to set up Apache HTTPd. It also includes a number of modules based on the attribute `node['apache']['default_modules']` as recipes.
+
+mod\_auth\_openid
+-----------------
+
+**Changed via COOK-915**
+
+This recipe compiles the module from source. In addition to `build-essential`, some other packages are included for installation like the GNU C++ compiler and development headers.
+
+To use the module in your own cookbooks to authenticate systems using OpenIDs, specify an array of OpenIDs that are allowed to authenticate with the attribute `node['apache']['allowed_openids']`. Use the following in a vhost to protect with OpenID authentication:
+
+ AuthType OpenID
+ require user <%= node['apache']['allowed_openids'].join(' ') %>
+ AuthOpenIDDBLocation <%= node['apache']['mod_auth_openid']['dblocation'] %>
+
+Change the DBLocation with the attribute as required; this file is in a different location than previous versions, see below. It should be a sane default for most platforms, though, see `attributes/mod_auth_openid.rb`.
+
+### Changes from COOK-915:
+
+* `AuthType OpenID` instead of `AuthOpenIDEnabled On`.
+* `require user` instead of `AuthOpenIDUserProgram`.
+* A bug(?) in `mod_auth_openid` causes it to segfault when attempting to update the database file if the containing directory is not writable by the HTTPD process owner (e.g., www-data), even if the file is writable. In order to not interfere with other settings from the default recipe in this cookbook, the db file is moved.
+
+mod\_fcgid
+----------
+
+Installs the fcgi package and enables the module. Requires EPEL on RHEL family.
+
+On RHEL family, this recipe will delete the fcgid.conf and on version 6+, create the /var/run/httpd/mod_fcgid` directory, which prevents the emergency error:
+
+ [emerg] (2)No such file or directory: mod_fcgid: Can't create shared memory for size XX bytes
+
+mod\_php5
+--------
+
+Simply installs the appropriate package on Debian, Ubuntu and ArchLinux.
+
+On Red Hat family distributions including Fedora, the php.conf that comes with the package is removed. On RHEL platforms less than v6, the `php53` package is used.
+
+mod\_ssl
+--------
+
+Besides installing and enabling `mod_ssl`, this recipe will append port 443 to the `node['apache']['listen_ports']` attribute array and update the ports.conf.
+
+god\_monitor
+------------
+
+Sets up a `god` monitor for Apache. External requirements are the `god` and `runit` cookbooks from Opscode.
+
+Definitions
+===========
+
+The cookbook provides a few definitions. At some point in the future these definitions may be refactored into lightweight resources and providers.
+
+apache\_conf
+------------
+
+Sets up configuration file for an Apache module from a template. The template should be in the same cookbook where the definition is used. This is used by the `apache_module` definition and is not often used directly.
+
+This will use a template resource to write the module's configuration file in the `mods-available` under the Apache configuration directory (`node['apache']['dir']`). This is a platform-dependent location. See __apache\_module__.
+
+### Parameters:
+
+* `name` - Name of the template. When used from the `apache_module`, it will use the same name as the module.
+
+### Examples:
+
+Create `#{node['apache']['dir']}/mods-available/alias.conf`.
+
+ apache_conf "alias"
+
+apache\_module
+--------------
+
+Enable or disable an Apache module in `#{node['apache']['dir']}/mods-available` by calling `a2enmod` or `a2dismod` to manage the symbolic link in `#{node['apache']['dir']}/mods-enabled`. If the module has a configuration file, a template should be created in the cookbook where the definition is used. See __Examples__.
+
+### Parameters:
+
+* `name` - Name of the module enabled or disabled with the `a2enmod` or `a2dismod` scripts.
+* `enable` - Default true, which uses `a2enmod` to enable the module. If false, the module will be disabled with `a2dismod`.
+* `conf` - Default false. Set to true if the module has a config file, which will use `apache_conf` for the file.
+* `filename` - specify the full name of the file, e.g.
+
+### Examples:
+
+Enable the ssl module, which also has a configuration template in `templates/default/ssl.conf.erb`.
+
+ apache_module "ssl" do
+ conf true
+ end
+
+Enable the php5 module, which has a different filename than the module default:
+
+ apache_module "php5" do
+ filename "libphp5.so"
+ end
+
+Disable a module:
+
+ apache_module "disabled_module" do
+ enable false
+ end
+
+See the recipes directory for many more examples of `apache_module`.
+
+apache\_site
+------------
+
+Enable or disable a VirtualHost in `#{node['apache']['dir']}/sites-available` by calling a2ensite or a2dissite to manage the symbolic link in `#{node['apache']['dir']}/sites-enabled`.
+
+The template for the site must be managed as a separate resource. To combine the template with enabling a site, see `web_app`.
+
+### Parameters:
+
+* `name` - Name of the site.
+* `enable` - Default true, which uses `a2ensite` to enable the site. If false, the site will be disabled with `a2dissite`.
+
+web\_app
+--------
+
+Manage a template resource for a VirtualHost site, and enable it with `apache_site`. This is commonly done for managing web applications such as Ruby on Rails, PHP or Django, and the default behavior reflects that. However it is flexible.
+
+This definition includes some recipes to make sure the system is configured to have Apache and some sane default modules:
+
+* `apache2`
+* `apache2::mod_rewrite`
+* `apache2::mod_deflate`
+* `apache2::mod_headers`
+
+It will then configure the template (see __Parameters__ and __Examples__ below), and enable or disable the site per the `enable` parameter.
+
+### Parameters:
+
+Current parameters used by the definition:
+
+* `name` - The name of the site. The template will be written to `#{node['apache']['dir']}/sites-available/#{params[:name]}.conf`
+* `cookbook` - Optional. Cookbook where the source template is. If this is not defined, Chef will use the named template in the cookbook where the definition is used.
+* `template` - Default `web_app.conf.erb`, source template file.
+* `enable` - Default true. Passed to the `apache_site` definition.
+
+Additional parameters can be defined when the definition is called in a recipe, see __Examples__.
+
+### Examples:
+
+All parameters are passed into the template. You can use whatever you like. The apache2 cookbook comes with a `web_app.conf.erb` template as an example. The following parameters are used in the template:
+
+* `server_name` - ServerName directive.
+* `server_aliases` - ServerAlias directive. Must be an array of aliases.
+* `docroot` - DocumentRoot directive.
+* `application_name` - Used in RewriteLog directive. Will be set to the `name` parameter.
+
+To use the default web_app, for example:
+
+ web_app "my_site" do
+ server_name node['hostname']
+ server_aliases [node['fqdn'], "my-site.example.com"]
+ docroot "/srv/www/my_site"
+ end
+
+The parameters specified will be used as:
+
+* `@params[:server_name]`
+* `@params[:server_aliases]`
+* `@params[:docroot]`
+
+In the template. When you write your own, the `@` is significant.
+
+For more information about Definitions and parameters, see the [Chef Wiki](http://wiki.opscode.com/display/chef/Definitions)
+
+Usage
+=====
+
+Using this cookbook is relatively straightforward. Add the desired recipes to the run list of a node, or create a role. Depending on your environment, you may have multiple roles that use different recipes from this cookbook. Adjust any attributes as desired. For example, to create a basic role for web servers that provide both HTTP and HTTPS:
+
+ % cat roles/webserver.rb
+ name "webserver"
+ description "Systems that serve HTTP and HTTPS"
+ run_list(
+ "recipe[apache2]",
+ "recipe[apache2::mod_ssl]"
+ )
+ default_attributes(
+ "apache2" => {
+ "listen_ports" => ["80", "443"]
+ }
+ )
+
+For examples of using the definitions in your own recipes, see their respective sections above.
+
+License and Authors
+===================
+
+Author:: Adam Jacob <adam@opscode.com>
+Author:: Joshua Timberman <joshua@opscode.com>
+Author:: Bryan McLellan <bryanm@widemile.com>
+Author:: Dave Esposito <esposito@espolinux.corpnet.local>
+Author:: David Abdemoulaie <github@hobodave.com>
+Author:: Edmund Haselwanter <edmund@haselwanter.com>
+Author:: Eric Rochester <err8n@virginia.edu>
+Author:: Jim Browne <jbrowne@42lines.net>
+Author:: Matthew Kent <mkent@magoazul.com>
+Author:: Nathen Harvey <nharvey@customink.com>
+Author:: Ringo De Smet <ringo.de.smet@amplidata.com>
+Author:: Sean OMeara <someara@opscode.com>
+Author:: Seth Chisamore <schisamo@opscode.com>
+Author:: Gilles Devaux <gilles@peerpong.com>
+
+Copyright:: 2009-2011, Opscode, Inc
+Copyright:: 2011, Atriso
+Copyright:: 2011, CustomInk, LLC.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
134 cookbooks/apache2/attributes/default.rb
@@ -0,0 +1,134 @@
+#
+# Cookbook Name:: apache2
+# Attributes:: apache
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+set[:apache][:root_group] = "root"
+
+# Where the various parts of apache are
+case platform
+when "redhat","centos","scientific","fedora","suse"
+ set[:apache][:package] = "httpd"
+ set[:apache][:dir] = "/etc/httpd"
+ set[:apache][:log_dir] = "/var/log/httpd"
+ set[:apache][:user] = "apache"
+ set[:apache][:group] = "apache"
+ set[:apache][:binary] = "/usr/sbin/httpd"
+ set[:apache][:icondir] = "/var/www/icons/"
+ set[:apache][:cache_dir] = "/var/cache/httpd"
+ if node.platform_version.to_f >= 6 then
+ set[:apache][:pid_file] = "/var/run/httpd/httpd.pid"
+ else
+ set[:apache][:pid_file] = "/var/run/httpd.pid"
+ end
+ set[:apache][:lib_dir] = node[:kernel][:machine] =~ /^i[36]86$/ ? "/usr/lib/httpd" : "/usr/lib64/httpd"
+ set[:apache][:libexecdir] = "#{set[:apache][:lib_dir]}/modules"
+when "debian","ubuntu"
+ set[:apache][:package] = "apache2"
+ set[:apache][:dir] = "/etc/apache2"
+ set[:apache][:log_dir] = "/var/log/apache2"
+ set[:apache][:user] = "www-data"
+ set[:apache][:group] = "www-data"
+ set[:apache][:binary] = "/usr/sbin/apache2"
+ set[:apache][:icondir] = "/usr/share/apache2/icons"
+ set[:apache][:cache_dir] = "/var/cache/apache2"
+ set[:apache][:pid_file] = "/var/run/apache2.pid"
+ set[:apache][:lib_dir] = "/usr/lib/apache2"
+ set[:apache][:libexecdir] = "#{set[:apache][:lib_dir]}/modules"
+when "arch"
+ set[:apache][:package] = "apache"
+ set[:apache][:dir] = "/etc/httpd"
+ set[:apache][:log_dir] = "/var/log/httpd"
+ set[:apache][:user] = "http"
+ set[:apache][:group] = "http"
+ set[:apache][:binary] = "/usr/sbin/httpd"
+ set[:apache][:icondir] = "/usr/share/httpd/icons"
+ set[:apache][:cache_dir] = "/var/cache/httpd"
+ set[:apache][:pid_file] = "/var/run/httpd/httpd.pid"
+ set[:apache][:lib_dir] = "/usr/lib/httpd"
+ set[:apache][:libexecdir] = "#{set[:apache][:lib_dir]}/modules"
+when "freebsd"
+ set[:apache][:package] = "apache22"
+ set[:apache][:dir] = "/usr/local/etc/apache22"
+ set[:apache][:log_dir] = "/var/log"
+ set[:apache][:root_group] = "wheel"
+ set[:apache][:user] = "www"
+ set[:apache][:group] = "www"
+ set[:apache][:binary] = "/usr/local/sbin/httpd"
+ set[:apache][:icondir] = "/usr/local/www/apache22/icons"
+ set[:apache][:cache_dir] = "/var/run/apache22"
+ set[:apache][:pid_file] = "/var/run/httpd.pid"
+ set[:apache][:lib_dir] = "/usr/local/libexec/apache22"
+ set[:apache][:libexecdir] = set[:apache][:lib_dir]
+else
+ set[:apache][:dir] = "/etc/apache2"
+ set[:apache][:log_dir] = "/var/log/apache2"
+ set[:apache][:user] = "www-data"
+ set[:apache][:group] = "www-data"
+ set[:apache][:binary] = "/usr/sbin/apache2"
+ set[:apache][:icondir] = "/usr/share/apache2/icons"
+ set[:apache][:cache_dir] = "/var/cache/apache2"
+ set[:apache][:pid_file] = "logs/httpd.pid"
+ set[:apache][:lib_dir] = "/usr/lib/apache2"
+ set[:apache][:libexecdir] = "#{set[:apache][:lib_dir]}/modules"
+end
+
+###
+# These settings need the unless, since we want them to be tunable,
+# and we don't want to override the tunings.
+###
+
+# General settings
+default[:apache][:listen_ports] = [ "80","443" ]
+default[:apache][:contact] = "ops@example.com"
+default[:apache][:timeout] = 300
+default[:apache][:keepalive] = "On"
+default[:apache][:keepaliverequests] = 100
+default[:apache][:keepalivetimeout] = 5
+
+# Security
+default[:apache][:servertokens] = "Prod"
+default[:apache][:serversignature] = "On"
+default[:apache][:traceenable] = "On"
+
+# mod_auth_openids
+default[:apache][:allowed_openids] = Array.new
+
+# Prefork Attributes
+default[:apache][:prefork][:startservers] = 16
+default[:apache][:prefork][:minspareservers] = 16
+default[:apache][:prefork][:maxspareservers] = 32
+default[:apache][:prefork][:serverlimit] = 400
+default[:apache][:prefork][:maxclients] = 400
+default[:apache][:prefork][:maxrequestsperchild] = 10000
+
+# Worker Attributes
+default[:apache][:worker][:startservers] = 4
+default[:apache][:worker][:maxclients] = 1024
+default[:apache][:worker][:minsparethreads] = 64
+default[:apache][:worker][:maxsparethreads] = 192
+default[:apache][:worker][:threadsperchild] = 64
+default[:apache][:worker][:maxrequestsperchild] = 0
+
+# Default modules to enable via include_recipe
+
+default['apache']['default_modules'] = %w{
+ status alias auth_basic authn_file authz_default authz_groupfile authz_host authz_user autoindex
+ dir env mime negotiation setenvif
+}
+
+default['apache']['default_modules'] << "log_config" if node.platform?("redhat", "centos", "scientific", "fedora", "suse", "arch", "freebsd")
32 cookbooks/apache2/attributes/mod_auth_openid.rb
@@ -0,0 +1,32 @@
+#
+# Author:: Joshua Timberman <joshua@opscode.com>
+# Copyright:: Copyright (c) 2011, Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+default['apache']['mod_auth_openid']['checksum'] = "79e7ca52511d1230"
+default['apache']['mod_auth_openid']['version'] = "0.6"
+default['apache']['mod_auth_openid']['cache_dir'] = "/var/cache/mod_auth_openid"
+default['apache']['mod_auth_openid']['dblocation'] = "#{node['apache']['mod_auth_openid']['cache_dir']}/mod_auth_openid.db"
+
+case node[:platform]
+when "freebsd"
+ default['apache']['mod_auth_openid']['configure_flags'] = [
+ "CPPFLAGS=-I/usr/local/include",
+ "LDFLAGS=-I/usr/local/lib -lsqlite3"
+ ]
+else
+ default['apache']['mod_auth_openid']['configure_flags'] = []
+end
26 cookbooks/apache2/definitions/apache_conf.rb
@@ -0,0 +1,26 @@
+#
+# Cookbook Name:: apache2
+# Definition:: apache_conf
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+define :apache_conf do
+ template "#{node[:apache][:dir]}/mods-available/#{params[:name]}.conf" do
+ source "mods/#{params[:name]}.conf.erb"
+ notifies :restart, resources(:service => "apache2")
+ mode 0644
+ end
+end
53 cookbooks/apache2/definitions/apache_module.rb
@@ -0,0 +1,53 @@
+#
+# Cookbook Name:: apache2
+# Definition:: apache_module
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+define :apache_module, :enable => true, :conf => false do
+ include_recipe "apache2"
+
+ params[:filename] = params[:filename] || "mod_#{params[:name]}.so"
+ params[:module_path] = params[:module_path] || "#{node['apache']['libexecdir']}/#{params[:filename]}"
+
+ if params[:conf]
+ apache_conf params[:name]
+ end
+
+ if platform?("redhat", "centos", "scientific", "fedora", "arch", "suse" )
+ file "#{node['apache']['dir']}/mods-available/#{params[:name]}.load" do
+ content "LoadModule #{params[:name]}_module #{params[:module_path]}\n"
+ mode 0644
+ end
+ end
+
+ if params[:enable]
+ execute "a2enmod #{params[:name]}" do
+ command "/usr/sbin/a2enmod #{params[:name]}"
+ notifies :restart, resources(:service => "apache2")
+ not_if do (File.symlink?("#{node[:apache][:dir]}/mods-enabled/#{params[:name]}.load") and
+ ((File.exists?("#{node[:apache][:dir]}/mods-available/#{params[:name]}.conf"))?
+ (File.symlink?("#{node[:apache][:dir]}/mods-enabled/#{params[:name]}.conf")):(true)))
+ end
+ end
+ else
+ execute "a2dismod #{params[:name]}" do
+ command "/usr/sbin/a2dismod #{params[:name]}"
+ notifies :restart, resources(:service => "apache2")
+ only_if do ::File.symlink?("#{node[:apache][:dir]}/mods-enabled/#{params[:name]}.load") end
+ end
+ end
+end
43 cookbooks/apache2/definitions/apache_site.rb
@@ -0,0 +1,43 @@
+#
+# Cookbook Name:: apache2
+# Definition:: apache_site
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+define :apache_site, :enable => true do
+ include_recipe "apache2"
+
+ if params[:enable]
+ execute "a2ensite #{params[:name]}" do
+ command "/usr/sbin/a2ensite #{params[:name]}"
+ notifies :restart, resources(:service => "apache2")
+ not_if do
+ ::File.symlink?("#{node[:apache][:dir]}/sites-enabled/#{params[:name]}") or
+ ::File.symlink?("#{node[:apache][:dir]}/sites-enabled/000-#{params[:name]}")
+ end
+ only_if do ::File.exists?("#{node[:apache][:dir]}/sites-available/#{params[:name]}") end
+ end
+ else
+ execute "a2dissite #{params[:name]}" do
+ command "/usr/sbin/a2dissite #{params[:name]}"
+ notifies :restart, resources(:service => "apache2")
+ only_if do
+ ::File.symlink?("#{node[:apache][:dir]}/sites-enabled/#{params[:name]}") or
+ ::File.symlink?("#{node[:apache][:dir]}/sites-enabled/000-#{params[:name]}")
+ end
+ end
+ end
+end
49 cookbooks/apache2/definitions/web_app.rb
@@ -0,0 +1,49 @@
+#
+# Cookbook Name:: apache2
+# Definition:: web_app
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+define :web_app, :template => "web_app.conf.erb", :enable => true do
+
+ application_name = params[:name]
+
+ include_recipe "apache2"
+ include_recipe "apache2::mod_rewrite"
+ include_recipe "apache2::mod_deflate"
+ include_recipe "apache2::mod_headers"
+
+ template "#{node[:apache][:dir]}/sites-available/#{application_name}.conf" do
+ source params[:template]
+ owner "root"
+ group node[:apache][:root_group]
+ mode 0644
+ if params[:cookbook]
+ cookbook params[:cookbook]
+ end
+ variables(
+ :application_name => application_name,
+ :params => params
+ )
+ if ::File.exists?("#{node[:apache][:dir]}/sites-enabled/#{application_name}.conf")
+ notifies :reload, resources(:service => "apache2"), :delayed
+ end
+ end
+
+ apache_site "#{params[:name]}.conf" do
+ enable params[:enable]
+ end
+end
41 cookbooks/apache2/files/default/apache2_module_conf_generate.pl
@@ -0,0 +1,41 @@
+#!/usr/bin/perl
+
+=begin
+
+Generates Ubuntu style module.load files.
+
+./apache2_module_conf_generate.pl /usr/lib64/httpd/modules /etc/httpd/mods-available
+
+ARGV[0] is the apache modules directory, ARGV[1] is where you want 'em.
+
+=cut
+
+use File::Find;
+
+use strict;
+use warnings;
+
+die "Must have '/path/to/modules' and '/path/to/modules.load'"
+ unless $ARGV[0] && $ARGV[1];
+
+find(
+ {
+ wanted => sub {
+ return 1 if $File::Find::name !~ /\.so$/;
+ my $modfile = $_;
+ $modfile =~ /(lib|mod_)(.+)\.so$/;
+ my $modname = $2;
+ my $filename = "$ARGV[1]/$modname.load";
+ unless ( -f $filename ) {
+ open( FILE, ">", $filename ) or die "Cannot open $filename";
+ print FILE "LoadModule " . $modname . "_module $File::Find::name\n";
+ close(FILE);
+ }
+ },
+ follow => 1,
+ },
+ $ARGV[0]
+);
+
+exit 0;
+
205 cookbooks/apache2/metadata.rb
@@ -0,0 +1,205 @@
+maintainer "Opscode, Inc."
+maintainer_email "cookbooks@opscode.com"
+license "Apache 2.0"
+description "Installs and configures all aspects of apache2 using Debian style symlinks with helper definitions"
+long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
+version "1.0.8"
+recipe "apache2", "Main Apache configuration"
+recipe "apache2::mod_alias", "Apache module 'alias' with config file"
+recipe "apache2::mod_apreq2", "Apache module 'apreq'"
+recipe "apache2::mod_auth_basic", "Apache module 'auth_basic'"
+recipe "apache2::mod_auth_digest", "Apache module 'auth_digest'"
+recipe "apache2::mod_auth_openid", "Apache module 'authopenid'"
+recipe "apache2::mod_authn_file", "Apache module 'authn_file'"
+recipe "apache2::mod_authnz_ldap", "Apache module 'authnz_ldap'"
+recipe "apache2::mod_authz_default", "Apache module 'authz_default'"
+recipe "apache2::mod_authz_groupfile", "Apache module 'authz_groupfile'"
+recipe "apache2::mod_authz_host", "Apache module 'authz_host'"
+recipe "apache2::mod_authz_user", "Apache module 'authz_user'"
+recipe "apache2::mod_autoindex", "Apache module 'autoindex' with config file"
+recipe "apache2::mod_cgi", "Apache module 'cgi'"
+recipe "apache2::mod_dav", "Apache module 'dav'"
+recipe "apache2::mod_dav_svn", "Apache module 'dav_svn'"
+recipe "apache2::mod_deflate", "Apache module 'deflate' with config file"
+recipe "apache2::mod_dir", "Apache module 'dir' with config file"
+recipe "apache2::mod_env", "Apache module 'env'"
+recipe "apache2::mod_expires", "Apache module 'expires'"
+recipe "apache2::mod_fcgid", "Apache module 'fcgid', package on ubuntu/debian, rhel/centos, compile source on suse; with config file"
+recipe "apache2::mod_headers", "Apache module 'headers'"
+recipe "apache2::mod_ldap", "Apache module 'ldap'"
+recipe "apache2::mod_log_config", "Apache module 'log_config'"
+recipe "apache2::mod_mime", "Apache module 'mime' with config file"
+recipe "apache2::mod_negotiation", "Apache module 'negotiation' with config file"
+recipe "apache2::mod_perl", "Apache module 'perl'"
+recipe "apache2::mod_php5", "Apache module 'php5'"
+recipe "apache2::mod_proxy", "Apache module 'proxy' with config file"
+recipe "apache2::mod_proxy_ajp", "Apache module 'proxy_ajp'"
+recipe "apache2::mod_proxy_balancer", "Apache module 'proxy_balancer'"
+recipe "apache2::mod_proxy_connect", "Apache module 'proxy_connect'"
+recipe "apache2::mod_proxy_http", "Apache module 'proxy_http'"
+recipe "apache2::mod_python", "Apache module 'python'"
+recipe "apache2::mod_rewrite", "Apache module 'rewrite'"
+recipe "apache2::mod_setenvif", "Apache module 'setenvif' with config file"
+recipe "apache2::mod_ssl", "Apache module 'ssl' with config file, adds port 443 to listen_ports"
+recipe "apache2::mod_status", "Apache module 'status' with config file"
+recipe "apache2::mod_xsendfile", "Apache module 'xsendfile'"
+
+%w{redhat centos scientific fedora debian ubuntu arch freebsd}.each do |os|
+ supports os
+end
+
+attribute "apache",
+ :display_name => "Apache Hash",
+ :description => "Hash of Apache attributes",
+ :type => "hash"
+
+attribute "apache/dir",
+ :display_name => "Apache Directory",
+ :description => "Location for Apache configuration",
+ :default => "/etc/apache2"
+
+attribute "apache/log_dir",
+ :display_name => "Apache Log Directory",
+ :description => "Location for Apache logs",
+ :default => "/etc/apache2"
+
+attribute "apache/user",
+ :display_name => "Apache User",
+ :description => "User Apache runs as",
+ :default => "www-data"
+
+attribute "apache/binary",
+ :display_name => "Apache Binary",
+ :description => "Apache server daemon program",
+ :default => "/usr/sbin/apache2"
+
+attribute "apache/icondir",
+ :display_name => "Apache Icondir",
+ :description => "Directory location for icons",
+ :default => "/usr/share/apache2/icons"
+
+attribute "apache/listen_ports",
+ :display_name => "Apache Listen Ports",
+ :description => "Ports that Apache should listen on",
+ :type => "array",
+ :default => [ "80", "443" ]
+
+attribute "apache/contact",
+ :display_name => "Apache Contact",
+ :description => "Email address of webmaster",
+ :default => "ops@example.com"
+
+attribute "apache/timeout",
+ :display_name => "Apache Timeout",
+ :description => "Connection timeout value",
+ :default => "300"
+
+attribute "apache/keepalive",
+ :display_name => "Apache Keepalive",
+ :description => "HTTP persistent connections",
+ :default => "On"
+
+attribute "apache/keepaliverequests",
+ :display_name => "Apache Keepalive Requests",
+ :description => "Number of requests allowed on a persistent connection",
+ :default => "100"
+
+attribute "apache/keepalivetimeout",
+ :display_name => "Apache Keepalive Timeout",
+ :description => "Time to wait for requests on persistent connection",
+ :default => "5"
+
+attribute "apache/servertokens",
+ :display_name => "Apache Server Tokens",
+ :description => "Server response header",
+ :default => "Prod"
+
+attribute "apache/serversignature",
+ :display_name => "Apache Server Signature",
+ :description => "Configure footer on server-generated documents",
+ :default => "On"
+
+attribute "apache/traceenable",
+ :display_name => "Apache Trace Enable",
+ :description => "Determine behavior of TRACE requests",
+ :default => "On"
+
+attribute "apache/allowed_openids",
+ :display_name => "Apache Allowed OpenIDs",
+ :description => "Array of OpenIDs allowed to authenticate",
+ :default => ""
+
+attribute "apache/prefork",
+ :display_name => "Apache Prefork",
+ :description => "Hash of Apache prefork tuning attributes.",
+ :type => "hash"
+
+attribute "apache/prefork/startservers",
+ :display_name => "Apache Prefork MPM StartServers",
+ :description => "Number of MPM servers to start",
+ :default => "16"
+
+attribute "apache/prefork/minspareservers",
+ :display_name => "Apache Prefork MPM MinSpareServers",
+ :description => "Minimum number of spare server processes",
+ :default => "16"
+
+attribute "apache/prefork/maxspareservers",
+ :display_name => "Apache Prefork MPM MaxSpareServers",
+ :description => "Maximum number of spare server processes",
+ :default => "32"
+
+attribute "apache/prefork/serverlimit",
+ :display_name => "Apache Prefork MPM ServerLimit",
+ :description => "Upper limit on configurable server processes",
+ :default => "400"
+
+attribute "apache/prefork/maxclients",
+ :display_name => "Apache Prefork MPM MaxClients",
+ :description => "Maximum number of simultaneous connections",
+ :default => "400"
+
+attribute "apache/prefork/maxrequestsperchild",
+ :display_name => "Apache Prefork MPM MaxRequestsPerChild",
+ :description => "Maximum number of request a child process will handle",
+ :default => "10000"
+
+attribute "apache/worker",
+ :display_name => "Apache Worker",
+ :description => "Hash of Apache prefork tuning attributes.",
+ :type => "hash"
+
+attribute "apache/worker/startservers",
+ :display_name => "Apache Worker MPM StartServers",
+ :description => "Initial number of server processes to start",
+ :default => "4"
+
+attribute "apache/worker/maxclients",
+ :display_name => "Apache Worker MPM MaxClients",
+ :description => "Maximum number of simultaneous connections",
+ :default => "1024"
+
+attribute "apache/worker/minsparethreads",
+ :display_name => "Apache Worker MPM MinSpareThreads",
+ :description => "Minimum number of spare worker threads",
+ :default => "64"
+
+attribute "apache/worker/maxsparethreads",
+ :display_name => "Apache Worker MPM MaxSpareThreads",
+ :description => "Maximum number of spare worker threads",
+ :default => "192"
+
+attribute "apache/worker/threadsperchild",
+ :display_name => "Apache Worker MPM ThreadsPerChild",
+ :description => "Constant number of worker threads in each server process",
+ :default => "64"
+
+attribute "apache/worker/maxrequestsperchild",
+ :display_name => "Apache Worker MPM MaxRequestsPerChild",
+ :description => "Maximum number of request a child process will handle",
+ :default => "0"
+
+attribute "apache/default_modules",
+ :display_name => "Apache Default Modules",
+ :description => "Default modules to enable via recipes",
+ :default => "status alias auth_basic authn_file authz_default authz_groupfile authz_host authz_user autoindex dir env mime negotiation setenvif"
217 cookbooks/apache2/recipes/default.rb
@@ -0,0 +1,217 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: default
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+package "apache2" do
+ package_name node[:apache][:package]
+ action :install
+end
+
+service "apache2" do
+ case node[:platform]
+ when "redhat","centos","scientific","fedora","suse"
+ service_name "httpd"
+ # If restarted/reloaded too quickly httpd has a habit of failing.
+ # This may happen with multiple recipes notifying apache to restart - like
+ # during the initial bootstrap.
+ restart_command "/sbin/service httpd restart && sleep 1"
+ reload_command "/sbin/service httpd reload && sleep 1"
+ when "debian","ubuntu"
+ service_name "apache2"
+ restart_command "/usr/sbin/invoke-rc.d apache2 restart && sleep 1"
+ reload_command "/usr/sbin/invoke-rc.d apache2 reload && sleep 1"
+ when "arch"
+ service_name "httpd"
+ when "freebsd"
+ service_name "apache22"
+ end
+ supports value_for_platform(
+ "debian" => { "4.0" => [ :restart, :reload ], "default" => [ :restart, :reload, :status ] },
+ "ubuntu" => { "default" => [ :restart, :reload, :status ] },
+ "redhat" => { "default" => [ :restart, :reload, :status ] },
+ "centos" => { "default" => [ :restart, :reload, :status ] },
+ "scientific" => { "default" => [ :restart, :reload, :status ] },
+ "fedora" => { "default" => [ :restart, :reload, :status ] },
+ "arch" => { "default" => [ :restart, :reload, :status ] },
+ "suse" => { "default" => [ :restart, :reload, :status ] },
+ "freebsd" => { "default" => [ :restart, :reload, :status ] },
+ "default" => { "default" => [:restart, :reload ] }
+ )
+ action :enable
+end
+
+if platform?("redhat", "centos", "scientific", "fedora", "arch", "suse", "freebsd")
+ directory node[:apache][:log_dir] do
+ mode 0755
+ action :create
+ end
+
+ package "perl" unless node['languages']['perl'].attribute?('version')
+
+ cookbook_file "/usr/local/bin/apache2_module_conf_generate.pl" do
+ source "apache2_module_conf_generate.pl"
+ mode 0755
+ owner "root"
+ group node[:apache][:root_group]
+ end
+
+ %w{sites-available sites-enabled mods-available mods-enabled}.each do |dir|
+ directory "#{node[:apache][:dir]}/#{dir}" do
+ mode 0755
+ owner "root"
+ group node[:apache][:root_group]
+ action :create
+ end
+ end
+
+ execute "generate-module-list" do
+ command "/usr/local/bin/apache2_module_conf_generate.pl #{node[:apache][:lib_dir]} #{node[:apache][:dir]}/mods-available"
+ action :run
+ end
+
+ %w{a2ensite a2dissite a2enmod a2dismod}.each do |modscript|
+ template "/usr/sbin/#{modscript}" do
+ source "#{modscript}.erb"
+ mode 0755
+ owner "root"
+ group node[:apache][:root_group]
+ end
+ end
+
+ # installed by default on centos/rhel, remove in favour of mods-enabled
+ %w{ proxy_ajp auth_pam authz_ldap webalizer ssl welcome }.each do |f|
+ file "#{node[:apache][:dir]}/conf.d/#{f}.conf" do
+ action :delete
+ backup false
+ end
+ end
+
+ # installed by default on centos/rhel, remove in favour of mods-enabled
+ file "#{node[:apache][:dir]}/conf.d/README" do
+ action :delete
+ backup false
+ end
+end
+
+if platform?("freebsd")
+ file "#{node[:apache][:dir]}/Includes/no-accf.conf" do
+ action :delete
+ backup false
+ end
+ directory "#{node[:apache][:dir]}/Includes" do
+ action :delete
+ end
+
+ %w{httpd-autoindex.conf httpd-dav.conf httpd-default.conf httpd-info.conf
+ httpd-languages.conf httpd-manual.conf httpd-mpm.conf
+ httpd-multilang-errordoc.conf httpd-ssl.conf httpd-userdir.conf
+ httpd-vhosts.conf}.each do |f|
+ file "#{node[:apache][:dir]}/extra/#{f}" do
+ action :delete
+ backup false
+ end
+ end
+ directory "#{node[:apache][:dir]}/extra" do
+ action :delete
+ end
+end
+
+directory "#{node[:apache][:dir]}/ssl" do
+ action :create
+ mode 0755
+ owner "root"
+ group node[:apache][:root_group]
+end
+
+directory "#{node[:apache][:dir]}/conf.d" do
+ action :create
+ mode 0755
+ owner "root"
+ group node[:apache][:root_group]
+end
+
+directory node[:apache][:cache_dir] do
+ action :create
+ mode 0755
+ owner "root"
+ group node[:apache][:root_group]
+end
+
+template "apache2.conf" do
+ case node[:platform]
+ when "redhat", "centos", "scientific", "fedora", "arch"
+ path "#{node[:apache][:dir]}/conf/httpd.conf"
+ when "debian","ubuntu"
+ path "#{node[:apache][:dir]}/apache2.conf"
+ when "freebsd"
+ path "#{node[:apache][:dir]}/httpd.conf"
+ end
+ source "apache2.conf.erb"
+ owner "root"
+ group node[:apache][:root_group]
+ mode 0644
+ notifies :restart, resources(:service => "apache2")
+end
+
+template "security" do
+ path "#{node[:apache][:dir]}/conf.d/security"
+ source "security.erb"
+ owner "root"
+ group node[:apache][:root_group]
+ mode 0644
+ backup false
+ notifies :restart, resources(:service => "apache2")
+end
+
+template "charset" do
+ path "#{node[:apache][:dir]}/conf.d/charset"
+ source "charset.erb"
+ owner "root"
+ group node[:apache][:root_group]
+ mode 0644
+ backup false
+ notifies :restart, resources(:service => "apache2")
+end
+
+template "#{node[:apache][:dir]}/ports.conf" do
+ source "ports.conf.erb"
+ owner "root"
+ group node[:apache][:root_group]
+ variables :apache_listen_ports => node[:apache][:listen_ports].map{|p| p.to_i}.uniq
+ mode 0644
+ notifies :restart, resources(:service => "apache2")
+end
+
+template "#{node[:apache][:dir]}/sites-available/default" do
+ source "default-site.erb"
+ owner "root"
+ group node[:apache][:root_group]
+ mode 0644
+ notifies :restart, resources(:service => "apache2")
+end
+
+node['apache']['default_modules'].each do |mod|
+ recipe_name = mod =~ /^mod_/ ? mod : "mod_#{mod}"
+ include_recipe "apache2::#{recipe_name}"
+end
+
+apache_site "default" if platform?("redhat", "centos", "scientific", "fedora")
+
+service "apache2" do
+ action :start
+end
33 cookbooks/apache2/recipes/god_monitor.rb
@@ -0,0 +1,33 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: god_monitor
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_service = service "apache2" do
+ action :nothing
+end
+
+start_command = apache_service.start_command
+stop_command = apache_service.stop_command
+restart_command = apache_service.restart_command
+
+god_monitor "apache2" do
+ config "apache2.god.erb"
+ start (start_command)?start_command : "/etc/init.d/#{apache_service.service_name} start"
+ restart (restart_command)?restart_command : "/etc/init.d/#{apache_service.service_name} restart"
+ stop (stop_command)?stop_command : "/etc/init.d/#{apache_service.service_name} stop"
+end
22 cookbooks/apache2/recipes/mod_alias.rb
@@ -0,0 +1,22 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: alias
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "alias" do
+ conf true
+end
45 cookbooks/apache2/recipes/mod_apreq2.rb
@@ -0,0 +1,45 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: apreq2
+#
+# modified from the python recipe by Jeremy Bingham
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+case node[:platform]
+ when "debian", "ubuntu"
+ package "libapache2-mod-apreq2" do
+ action :install
+ end
+ when "centos", "redhat", "fedora"
+ package "libapreq2" do
+ action :install
+ notifies :run, resources(:execute => "generate-module-list"), :immediately
+ end
+ # seems that the apreq lib is weirdly broken or something - it needs to be
+ # loaded as "apreq", but on RHEL & derivitatives the file needs a symbolic
+ # link to mod_apreq.so.
+ link "/usr/lib64/httpd/modules/mod_apreq.so" do
+ to "/usr/lib64/httpd/modules/mod_apreq2.so"
+ only_if "test -f /usr/lib64/httpd/modules/mod_apreq2.so"
+ end
+ link "/usr/lib/httpd/modules/mod_apreq.so" do
+ to "/usr/lib/httpd/modules/mod_apreq2.so"
+ only_if "test -f /usr/lib/httpd/modules/mod_apreq2.so"
+ end
+end
+
+apache_module "apreq"
20 cookbooks/apache2/recipes/mod_auth_basic.rb
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: auth_basic
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "auth_basic"
20 cookbooks/apache2/recipes/mod_auth_digest.rb
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: auth_digest
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "auth_digest"
113 cookbooks/apache2/recipes/mod_auth_openid.rb
@@ -0,0 +1,113 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: mod_auth_openid
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+openid_dev_pkgs = value_for_platform(
+ ["ubuntu","debian"] => { "default" => %w{ g++ apache2-prefork-dev libopkele-dev libopkele3 } },
+ ["centos","redhat","scientific","fedora"] => {
+ "default" => %w{ gcc-c++ httpd-devel curl-devel libtidy libtidy-devel sqlite-devel pcre-devel openssl-devel make }
+ },
+ "arch" => { "default" => ["libopkele"] },
+ "freebsd" => { "default" => %w{libopkele pcre sqlite3} }
+)
+
+make_cmd = value_for_platform(
+ "freebsd" => { "default" => %w{gmake} },
+ "default" => { "default" => %w{make} }
+)
+
+case node[:platform]
+when "arch"
+ include_recipe "pacman"
+ package "tidyhtml"
+end
+
+openid_dev_pkgs.each do |pkg|
+ case node[:platform]
+ when "arch"
+ pacman_aur pkg do
+ action [:build, :install]
+ end
+ else
+ package pkg
+ end
+end
+
+case node[:platform]
+when "redhat", "centos", "scientific", "fedora"
+ remote_file "#{Chef::Config[:file_cache_path]}/libopkele-2.0.4.tar.gz" do
+ source "http://kin.klever.net/dist/libopkele-2.0.4.tar.gz"
+ mode 0644
+ end
+
+ bash "install libopkele" do
+ cwd "#{Chef::Config[:file_cache_path]}"
+ # Ruby 1.8.6 does not have rpartition, unfortunately
+ syslibdir = node[:apache][:lib_dir][0..node[:apache][:lib_dir].rindex("/")]
+ code <<-EOH
+ tar zxvf libopkele-2.0.4.tar.gz
+ cd libopkele-2.0.4 && ./configure --prefix=/usr --libdir=#{syslibdir}
+ #{make_cmd} && #{make_cmd} install
+ EOH
+ not_if { File.exists?("#{syslibdir}/libopkele.a") }
+ end
+end
+
+_checksum = node['apache']['mod_auth_openid']['checksum']
+version = node['apache']['mod_auth_openid']['version']
+configure_flags = node['apache']['mod_auth_openid']['configure_flags']
+
+remote_file "#{Chef::Config[:file_cache_path]}/mod_auth_openid-#{version}.tar.gz" do
+ source "http://butterfat.net/releases/mod_auth_openid/mod_auth_openid-#{version}.tar.gz"
+ mode 0644
+ checksum _checksum
+end
+
+bash "install mod_auth_openid" do
+ cwd Chef::Config[:file_cache_path]
+ code <<-EOH
+ tar zxvf mod_auth_openid-#{version}.tar.gz
+ cd mod_auth_openid-#{version} && ./configure #{configure_flags.join(' ')}
+ perl -pi -e "s/-i -a -n 'authopenid'/-i -n 'authopenid'/g" Makefile
+ #{make_cmd} && #{make_cmd} install
+ EOH
+ not_if { ::File.exists?("#{node['apache']['libexecdir']}/mod_auth_openid.so") }
+end
+
+directory node[:apache][:mod_auth_openid][:cache_dir] do
+ owner node[:apache][:user]
+ group node[:apache][:group]
+ mode 0700
+end
+
+file node[:apache][:mod_auth_openid][:dblocation] do
+ owner node[:apache][:user]
+ group node[:apache][:group]
+ mode 0644
+end
+
+template "#{node[:apache][:dir]}/mods-available/authopenid.load" do
+ source "mods/authopenid.load.erb"
+ owner "root"
+ group node[:apache][:root_group]
+ mode 0644
+end
+
+apache_module "authopenid" do
+ filename "mod_auth_openid.so"
+end
20 cookbooks/apache2/recipes/mod_authn_file.rb
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: authn_file
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "authn_file"
20 cookbooks/apache2/recipes/mod_authnz_ldap.rb
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: authnz_ldap
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "authnz_ldap"
20 cookbooks/apache2/recipes/mod_authz_default.rb
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: authz_default
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "authz_default"
20 cookbooks/apache2/recipes/mod_authz_groupfile.rb
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: authz_groupfile
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "authz_groupfile"
20 cookbooks/apache2/recipes/mod_authz_host.rb
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: authz_host
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "authz_host"
20 cookbooks/apache2/recipes/mod_authz_user.rb
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: authz_user
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "authz_user"
22 cookbooks/apache2/recipes/mod_autoindex.rb
@@ -0,0 +1,22 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: autoindex
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "autoindex" do
+ conf true
+end
20 cookbooks/apache2/recipes/mod_cgi.rb
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: cgi
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "cgi"
20 cookbooks/apache2/recipes/mod_dav.rb
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: dav
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "dav"
20 cookbooks/apache2/recipes/mod_dav_fs.rb
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: dav_fs
+#
+# Copyright 2011, Atriso
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "dav_fs"
29 cookbooks/apache2/recipes/mod_dav_svn.rb
@@ -0,0 +1,29 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: dav_svn
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+package "libapache2-svn" do
+ case node['platform']
+ when "centos","redhat","scientific","fedora","suse"
+ package_name "mod_dav_svn"
+ else
+ package_name "libapache2-svn"
+ end
+end
+
+apache_module "dav_svn"
22 cookbooks/apache2/recipes/mod_deflate.rb
@@ -0,0 +1,22 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: deflate
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "deflate" do
+ conf true
+end
22 cookbooks/apache2/recipes/mod_dir.rb
@@ -0,0 +1,22 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: dir
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "dir" do
+ conf true
+end
20 cookbooks/apache2/recipes/mod_env.rb
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: env
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+apache_module "env"
20 cookbooks/apache2/recipes/mod_expires.rb
@@ -0,0 +1,20 @@
+#
+# Cookbook Name:: apache2
+# Recipe:: expires
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#