add in apache2, pgbouncer, rsync cookbooks

apache2/attributes/default.rb

@@ -0,0 +1,134 @@
+#
+# Cookbook Name:: apache2
+# Attributes:: apache
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+set[:apache][:root_group]  = "root"
+
+# Where the various parts of apache are
+case platform
+when "redhat","centos","scientific","fedora","suse"
+  set[:apache][:package] = "httpd"
+  set[:apache][:dir]     = "/etc/httpd"
+  set[:apache][:log_dir] = "/var/log/httpd"
+  set[:apache][:user]    = "apache"
+  set[:apache][:group]   = "apache"
+  set[:apache][:binary]  = "/usr/sbin/httpd"
+  set[:apache][:icondir] = "/var/www/icons/"
+  set[:apache][:cache_dir] = "/var/cache/httpd"
+  if node.platform_version.to_f >= 6 then
+    set[:apache][:pid_file] = "/var/run/httpd/httpd.pid"
+  else
+    set[:apache][:pid_file] = "/var/run/httpd.pid"
+  end
+  set[:apache][:lib_dir] = node[:kernel][:machine] =~ /^i[36]86$/ ? "/usr/lib/httpd" : "/usr/lib64/httpd"
+  set[:apache][:libexecdir] = "#{set[:apache][:lib_dir]}/modules"
+when "debian","ubuntu"
+  set[:apache][:package] = "apache2"
+  set[:apache][:dir]     = "/etc/apache2"
+  set[:apache][:log_dir] = "/var/log/apache2"
+  set[:apache][:user]    = "www-data"
+  set[:apache][:group]   = "www-data"
+  set[:apache][:binary]  = "/usr/sbin/apache2"
+  set[:apache][:icondir] = "/usr/share/apache2/icons"
+  set[:apache][:cache_dir] = "/var/cache/apache2"
+  set[:apache][:pid_file]  = "/var/run/apache2.pid"
+  set[:apache][:lib_dir] = "/usr/lib/apache2"
+  set[:apache][:libexecdir] = "#{set[:apache][:lib_dir]}/modules"
+when "arch"
+  set[:apache][:package] = "apache"
+  set[:apache][:dir]     = "/etc/httpd"
+  set[:apache][:log_dir] = "/var/log/httpd"
+  set[:apache][:user]    = "http"
+  set[:apache][:group]   = "http"
+  set[:apache][:binary]  = "/usr/sbin/httpd"
+  set[:apache][:icondir] = "/usr/share/httpd/icons"
+  set[:apache][:cache_dir] = "/var/cache/httpd"
+  set[:apache][:pid_file]  = "/var/run/httpd/httpd.pid"
+  set[:apache][:lib_dir] = "/usr/lib/httpd"
+  set[:apache][:libexecdir] = "#{set[:apache][:lib_dir]}/modules"
+when "freebsd"
+  set[:apache][:package] = "apache22"
+  set[:apache][:dir]     = "/usr/local/etc/apache22"
+  set[:apache][:log_dir] = "/var/log"
+  set[:apache][:root_group] = "wheel"
+  set[:apache][:user]    = "www"
+  set[:apache][:group]    = "www"
+  set[:apache][:binary]  = "/usr/local/sbin/httpd"
+  set[:apache][:icondir] = "/usr/local/www/apache22/icons"
+  set[:apache][:cache_dir] = "/var/run/apache22"
+  set[:apache][:pid_file]  = "/var/run/httpd.pid"
+  set[:apache][:lib_dir] = "/usr/local/libexec/apache22"
+  set[:apache][:libexecdir] = set[:apache][:lib_dir]
+else
+  set[:apache][:dir]     = "/etc/apache2"
+  set[:apache][:log_dir] = "/var/log/apache2"
+  set[:apache][:user]    = "www-data"
+  set[:apache][:group]   = "www-data"
+  set[:apache][:binary]  = "/usr/sbin/apache2"
+  set[:apache][:icondir] = "/usr/share/apache2/icons"
+  set[:apache][:cache_dir] = "/var/cache/apache2"
+  set[:apache][:pid_file]  = "logs/httpd.pid"
+  set[:apache][:lib_dir] = "/usr/lib/apache2"
+  set[:apache][:libexecdir] = "#{set[:apache][:lib_dir]}/modules"
+end
+
+###
+# These settings need the unless, since we want them to be tunable,
+# and we don't want to override the tunings.
+###
+
+# General settings
+default[:apache][:listen_ports] = [ "80","443" ]
+default[:apache][:contact] = "ops@example.com"
+default[:apache][:timeout] = 300
+default[:apache][:keepalive] = "On"
+default[:apache][:keepaliverequests] = 100
+default[:apache][:keepalivetimeout] = 5
+
+# Security
+default[:apache][:servertokens] = "Prod"
+default[:apache][:serversignature] = "On"
+default[:apache][:traceenable] = "On"
+
+# mod_auth_openids
+default[:apache][:allowed_openids] = Array.new
+
+# Prefork Attributes
+default[:apache][:prefork][:startservers] = 16
+default[:apache][:prefork][:minspareservers] = 16
+default[:apache][:prefork][:maxspareservers] = 32
+default[:apache][:prefork][:serverlimit] = 400
+default[:apache][:prefork][:maxclients] = 400
+default[:apache][:prefork][:maxrequestsperchild] = 10000
+
+# Worker Attributes
+default[:apache][:worker][:startservers] = 4
+default[:apache][:worker][:maxclients] = 1024
+default[:apache][:worker][:minsparethreads] = 64
+default[:apache][:worker][:maxsparethreads] = 192
+default[:apache][:worker][:threadsperchild] = 64
+default[:apache][:worker][:maxrequestsperchild] = 0
+
+# Default modules to enable via include_recipe
+
+default['apache']['default_modules'] = %w{
+  status alias auth_basic authn_file authz_default authz_groupfile authz_host authz_user autoindex
+  dir env mime negotiation setenvif
+}
+
+default['apache']['default_modules'] << "log_config" if node.platform?("redhat", "centos", "scientific", "fedora", "suse", "arch", "freebsd")

apache2/attributes/mod_auth_openid.rb

@@ -0,0 +1,32 @@
+# 
+# Author:: Joshua Timberman <joshua@opscode.com>
+# Copyright:: Copyright (c) 2011, Opscode, Inc.
+# License:: Apache License, Version 2.0
+# 
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#    http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# 
+
+default['apache']['mod_auth_openid']['checksum'] = "79e7ca52511d1230"
+default['apache']['mod_auth_openid']['version']  = "0.6"
+default['apache']['mod_auth_openid']['cache_dir']  = "/var/cache/mod_auth_openid"
+default['apache']['mod_auth_openid']['dblocation'] = "#{node['apache']['mod_auth_openid']['cache_dir']}/mod_auth_openid.db"
+
+case node[:platform]
+when "freebsd"
+  default['apache']['mod_auth_openid']['configure_flags'] = [
+      "CPPFLAGS=-I/usr/local/include",
+      "LDFLAGS=-I/usr/local/lib -lsqlite3"
+    ]
+else
+  default['apache']['mod_auth_openid']['configure_flags'] = []
+end

apache2/definitions/apache_conf.rb

@@ -0,0 +1,26 @@
+#
+# Cookbook Name:: apache2
+# Definition:: apache_conf
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+define :apache_conf do
+  template "#{node[:apache][:dir]}/mods-available/#{params[:name]}.conf" do
+    source "mods/#{params[:name]}.conf.erb"
+    notifies :restart, resources(:service => "apache2")
+    mode 0644
+  end
+end

apache2/definitions/apache_module.rb

@@ -0,0 +1,53 @@
+#
+# Cookbook Name:: apache2
+# Definition:: apache_module
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+define :apache_module, :enable => true, :conf => false do
+  include_recipe "apache2"
+
+  params[:filename] = params[:filename] || "mod_#{params[:name]}.so"
+  params[:module_path] = params[:module_path] || "#{node['apache']['libexecdir']}/#{params[:filename]}"
+
+  if params[:conf]
+    apache_conf params[:name]
+  end
+
+  if platform?("redhat", "centos", "scientific", "fedora", "arch", "suse" )
+    file "#{node['apache']['dir']}/mods-available/#{params[:name]}.load" do
+      content "LoadModule #{params[:name]}_module #{params[:module_path]}\n"
+      mode 0644
+    end
+  end
+
+  if params[:enable]
+    execute "a2enmod #{params[:name]}" do
+      command "/usr/sbin/a2enmod #{params[:name]}"
+      notifies :restart, resources(:service => "apache2")
+      not_if do (File.symlink?("#{node[:apache][:dir]}/mods-enabled/#{params[:name]}.load") and
+            ((File.exists?("#{node[:apache][:dir]}/mods-available/#{params[:name]}.conf"))?
+              (File.symlink?("#{node[:apache][:dir]}/mods-enabled/#{params[:name]}.conf")):(true)))
+      end
+    end
+  else
+    execute "a2dismod #{params[:name]}" do
+      command "/usr/sbin/a2dismod #{params[:name]}"
+      notifies :restart, resources(:service => "apache2")
+      only_if do ::File.symlink?("#{node[:apache][:dir]}/mods-enabled/#{params[:name]}.load") end
+    end
+  end
+end

apache2/definitions/apache_site.rb

@@ -0,0 +1,43 @@
+#
+# Cookbook Name:: apache2
+# Definition:: apache_site
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+define :apache_site, :enable => true do
+  include_recipe "apache2"
+
+  if params[:enable]
+    execute "a2ensite #{params[:name]}" do
+      command "/usr/sbin/a2ensite #{params[:name]}"
+      notifies :restart, resources(:service => "apache2")
+      not_if do
+        ::File.symlink?("#{node[:apache][:dir]}/sites-enabled/#{params[:name]}") or
+          ::File.symlink?("#{node[:apache][:dir]}/sites-enabled/000-#{params[:name]}")
+      end
+      only_if do ::File.exists?("#{node[:apache][:dir]}/sites-available/#{params[:name]}") end
+    end
+  else
+    execute "a2dissite #{params[:name]}" do
+      command "/usr/sbin/a2dissite #{params[:name]}"
+      notifies :restart, resources(:service => "apache2")
+      only_if do
+        ::File.symlink?("#{node[:apache][:dir]}/sites-enabled/#{params[:name]}") or
+          ::File.symlink?("#{node[:apache][:dir]}/sites-enabled/000-#{params[:name]}")
+      end
+    end
+  end
+end

apache2/definitions/web_app.rb

@@ -0,0 +1,49 @@
+#
+# Cookbook Name:: apache2
+# Definition:: web_app
+#
+# Copyright 2008-2009, Opscode, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+define :web_app, :template => "web_app.conf.erb", :enable => true do
+
+  application_name = params[:name]
+
+  include_recipe "apache2"
+  include_recipe "apache2::mod_rewrite"
+  include_recipe "apache2::mod_deflate"
+  include_recipe "apache2::mod_headers"
+
+  template "#{node[:apache][:dir]}/sites-available/#{application_name}.conf" do
+    source params[:template]
+    owner "root"
+    group node[:apache][:root_group]
+    mode 0644
+    if params[:cookbook]
+      cookbook params[:cookbook]
+    end
+    variables(
+      :application_name => application_name,
+      :params => params
+    )
+    if ::File.exists?("#{node[:apache][:dir]}/sites-enabled/#{application_name}.conf")
+      notifies :reload, resources(:service => "apache2"), :delayed
+    end
+  end
+
+  apache_site "#{params[:name]}.conf" do
+    enable params[:enable]
+  end
+end

apache2/files/default/apache2_module_conf_generate.pl

@@ -0,0 +1,41 @@
+#!/usr/bin/perl
+
+=begin
+
+Generates Ubuntu style module.load files.
+ 
+./apache2_module_conf_generate.pl /usr/lib64/httpd/modules /etc/httpd/mods-available
+
+ARGV[0] is the apache modules directory, ARGV[1] is where you want 'em.
+
+=cut
+
+use File::Find;
+
+use strict;
+use warnings;
+
+die "Must have '/path/to/modules' and '/path/to/modules.load'"
+  unless $ARGV[0] && $ARGV[1];
+
+find(
+  {
+    wanted => sub {
+      return 1 if $File::Find::name !~ /\.so$/;
+      my $modfile = $_;
+      $modfile =~ /(lib|mod_)(.+)\.so$/;
+      my $modname  = $2;
+      my $filename = "$ARGV[1]/$modname.load";
+      unless ( -f $filename ) {
+        open( FILE, ">", $filename ) or die "Cannot open $filename";
+        print FILE "LoadModule " . $modname . "_module $File::Find::name\n";
+        close(FILE);
+      }
+    },
+    follow => 1,
+  },
+  $ARGV[0]
+);
+
+exit 0;
+