Permalink
Switch branches/tags
production_RELEASE_RELEASE_CANDIDATE_STABLE_34 production_RELEASE_RELEASE_CANDIDATE_STABLE_32 production_RELEASE_RELEASE_CANDIDATE_STABLE_31 production_RELEASE_RELEASE_CANDIDATE_STABLE_30 production_RELEASE_RELEASE_CANDIDATE_STABLE_28 production_RELEASE_RELEASE_CANDIDATE_STABLE_27 production_RELEASE_RELEASE_CANDIDATE_STABLE_26 production_RELEASE_RELEASE_CANDIDATE_STABLE_25 production_RELEASE_RELEASE_CANDIDATE_STABLE_24 production_RELEASE_RELEASE_CANDIDATE_STABLE_23 production_RELEASE_RELEASE_CANDIDATE_STABLE_22 production_RELEASE_RELEASE_CANDIDATE_STABLE_21 production_RELEASE_RELEASE_CANDIDATE_STABLE_20 production_RELEASE_RELEASE_CANDIDATE_STABLE_19 production_RELEASE_RELEASE_CANDIDATE_STABLE_18 production_RELEASE_RELEASE_CANDIDATE_STABLE_17 production_RELEASE_RELEASE_CANDIDATE_STABLE_16 production_RELEASE_RELEASE_CANDIDATE_STABLE_15 production_RELEASE_RELEASE_CANDIDATE_STABLE_14 production_RELEASE_RELEASE_CANDIDATE_STABLE_13 production_RELEASE_RELEASE_CANDIDATE_STABLE_12 production_RELEASE_RELEASE_CANDIDATE_STABLE_11 production_RELEASE_RELEASE_CANDIDATE_STABLE_10 production_RELEASE_RELEASE_CANDIDATE_STABLE_8 production_RELEASE_RELEASE_CANDIDATE_STABLE_6 production_RELEASE_RELEASE_CANDIDATE_STABLE_5 production_RELEASE_RELEASE_CANDIDATE_STABLE_2 production_RELEASE_RELEASE_CANDIDATE_BETA_1 production_RELEASE_DEV_597 production_RELEASE_DEV_596 production_RELEASE_DEV_595 production_RELEASE_DEV_594 production_RELEASE_DEV_593 production_RELEASE_DEV_592 production_RELEASE_DEV_591 production_RELEASE_DEV_590 production_RELEASE_DEV_589 production_RELEASE_DEV_588 production_RELEASE_DEV_587 production_RELEASE_DEV_586 production_RELEASE_DEV_585 production_RELEASE_DEV_584 production_RELEASE_DEV_583 production_RELEASE_DEV_582 production_RELEASE_DEV_581 production_RELEASE_DEV_580 production_RELEASE_DEV_579 production_RELEASE_DEV_578 production_RELEASE_DEV_577 production_RELEASE_DEV_576 production_RELEASE_DEV_575 production_RELEASE_DEV_574 production_RELEASE_DEV_573 production_RELEASE_DEV_572 production_RELEASE_DEV_571 production_RELEASE_DEV_570 production_RELEASE_DEV_569 production_RELEASE_DEV_568 production_RELEASE_DEV_567 production_RELEASE_DEV_566 production_RELEASE_DEV_565 production_RELEASE_DEV_564 production_RELEASE_DEV_563 production_RELEASE_DEV_562 production_RELEASE_DEV_561 production_RELEASE_DEV_560 production_RELEASE_DEV_559 production_RELEASE_DEV_558 production_RELEASE_DEV_557 production_RELEASE_DEV_556 production_RELEASE_DEV_555 production_RELEASE_DEV_554 production_RELEASE_DEV_553 production_RELEASE_DEV_552 production_RELEASE_DEV_551 production_RELEASE_DEV_550 production_RELEASE_DEV_549 production_RELEASE_DEV_548 production_RELEASE_DEV_547 production_RELEASE_DEV_546 production_RELEASE_DEV_545 production_RELEASE_DEV_544 production_RELEASE_DEV_543 production_RELEASE_DEV_542 production_RELEASE_DEV_541 production_RELEASE_DEV_540 production_RELEASE_DEV_539 production_RELEASE_DEV_538 production_RELEASE_DEV_537 production_RELEASE_DEV_536 production_RELEASE_DEV_535 production_RELEASE_DEV_534 production_RELEASE_DEV_533 production_RELEASE_DEV_532 production_RELEASE_DEV_531 production_RELEASE_DEV_530 production_RELEASE_DEV_529 production_RELEASE_DEV_528 production_RELEASE_DEV_527 production_RELEASE_DEV_526
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
360 lines (313 sloc) 9.88 KB
# taken from http://github.com/tricycle/babushka-deps and adapted for my needs (same for apache2/*)
# hard works been done by them ;)
meta :apache2 do
template {
def apachectl_command(command)
"/usr/sbin/apache2ctl #{command}"
end
def apachectl(command)
# sudo apachectl_command(command)
puts "I won't restart apache2. I won't restart apache2. I won't restart apache2..."
true
end
def config_path
'/etc/apache2'
end
def vhost_config_path(domain)
config_path / "sites-available/#{domain}"
end
def site_available?(domain)
shell "[ -e #{vhost_config_path(domain)} ]"
end
def site_enabled?(domain)
shell "[ -e #{config_path}/sites-enabled/*#{domain} ]"
end
def site_disabled?(domain)
not site_enabled?(domain)
end
def enable_site(domain)
sudo "a2ensite #{domain}"
end
def disable_site(domain)
sudo "a2dissite #{domain}"
end
def mod_enabled?(mod)
shell "[ -e #{config_path}/mods-enabled/#{mod}.load ]"
end
def mod_disabled?(mod)
not mod_enabled?(mod)
end
def enable_mod(mod)
sudo "a2enmod #{mod}"
end
def disable_mod(mod)
sudo "a2dismod #{mod}"
end
}
end
dep 'apache2', :template => 'managed' do
installs %w[apache2 apache2-mpm-prefork]
end
dep 'apache2 dev packages', :template => 'managed' do
installs %w[apache2-prefork-dev libapr1-dev libaprutil1-dev]
provides %w[apxs2 apr-config]
end
dep 'configured.apache2' do
requires 'apache2'
met? {
[
config_path / "mods-available/status.conf",
config_path / "conf.d/types.conf",
config_path / "conf.d/virtualhost.conf",
"/etc/logrotate.d/apache2"
].all? { |file|
babushka_config? file
}
}
meet {
# stub out the default status location
render_erb 'apache2/status.conf.erb', :to => config_path / 'mods-available/status.conf', :sudo => true
# include custom types
render_erb 'apache2/types.conf.erb', :to => config_path / 'conf.d/types.conf', :sudo => true
# configure the virtualhost conf
render_erb 'apache2/virtualhost.conf.erb', :to => config_path / 'conf.d/virtualhost.conf', :sudo => true
# configure logrotate
render_erb 'apache2/logrotate.erb', :to => '/etc/logrotate.d/apache2', :sudo => true
}
end
dep 'default site disabled.apache2' do
met? { site_disabled? 'default' }
meet { disable_site 'default' }
end
dep 'mod_rewrite enabled.apache2' do
setup { set :module_name, 'rewrite' }
requires 'module enabled.apache2'
end
dep 'proxy enabled.apache2' do
setup { set :module_name, 'proxy' }
requires 'module enabled.apache2'
end
dep 'proxy_http enabled.apache2' do
setup { set :module_name, 'proxy_http' }
requires 'module enabled.apache2'
end
dep 'proxy_connect enabled.apache2' do
setup { set :module_name, 'proxy_connect' }
requires 'module enabled.apache2'
end
dep 'ssl enabled.apache2' do
setup { set :module_name, 'ssl' }
requires 'module enabled.apache2'
end
dep 'headers enabled.apache2' do
setup { set :module_name, 'headers' }
requires 'module enabled.apache2'
end
dep 'include enabled.apache2' do
setup { set :module_name, 'include' }
requires 'module enabled.apache2'
end
dep 'dav enabled.apache2' do
setup { set :module_name, 'dav' }
requires 'module enabled.apache2'
end
dep 'dav_fs enabled.apache2' do
setup { set :module_name, 'dav_fs' }
requires 'module enabled.apache2'
end
dep 'authnz_external enabled.apache2' do
setup { set :module_name, 'authnz_external' }
requires 'module enabled.apache2'
end
dep 'vhost enabled.apache2' do
requires 'apache2'
met? { site_enabled? var(:domain) }
meet { enable_site var(:domain) }
end
dep 'module enabled.apache2' do
requires 'apache2'
met? { mod_enabled? var(:module_name) }
meet { enable_mod var(:module_name) }
end
dep 'libapache2-mod-authz-unixgroup.managed' do
provides []
end
dep "pwauth.managed"
dep "pwauth unixgroup" do
met? { which("unixgroup") }
meet {
cd("/tmp") do
log_shell "cleaning ", "rm -f pwauth-2.3.10.tar.gz; rm -rf pwauth-2.3.10"
log_shell "downloading", "wget -O pwauth-2.3.10.tar.gz 'http://pwauth.googlecode.com/files/pwauth-2.3.10.tar.gz'"
if File.exists?("pwauth-2.3.10.tar.gz")
log_shell "unpacking ", "tar xzf pwauth-2.3.10.tar.gz"
log_shell "moving ", "sudo mv pwauth-2.3.10/unixgroup /usr/local/bin/"
end
end
}
end
dep 'webdav authorization tools' do
requires "libapache2-mod-authz-unixgroup.managed", "pwauth.managed", "pwauth unixgroup", "authnz_external enabled.apache2", "fix apache2 permissions with udev"
met? {
!sudo('cat /etc/apache2/envvars').split("\n").grep(/protonet-webdav-umask/).empty?
}
meet {
umask = "umask u=rwx,g=rwx,o="
append_to_file_with_section umask, "/etc/apache2/envvars", 'protonet-webdav-umask', {:sudo => true}
}
end
dep 'fix apache2 permissions with udev' do
met? {
grep "protonet-umask-fix", '/usr/sbin/apache2ctl'
}
meet {
config = <<-EOS
# START protonet-umask-fix
if [ "$ARGV" = "start" ] || [ "$ARGV" = "restart" ]; then
CHECK_COUNTER=0
echo "waiting for pid"
until [ -e "$APACHE_PID_FILE" ] || [ $CHECK_COUNTER -gt 3 ]; do
echo "."
CHECK_COUNTER=$((CHECK_COUNTER+1))
sleep 1
done
if [ -e "$APACHE_PID_FILE" ]; then
echo "fixing pid file"
chmod 664 $APACHE_PID_FILE
fi
fi
# END protonet-umask-fix
exit $ERROR
EOS
change_line("exit $ERROR", config, "/usr/sbin/apache2ctl")
}
end
dep 'apache2 runs on boot' do
requires 'apache2'
requires 'rcconf.managed'
met? { shell("rcconf --list").val_for('apache2') == 'on' }
meet { sudo "update-rc.d apache2 defaults" }
end
dep "remove apache2 from autostart" do
requires 'apache2'
requires 'rcconf.managed'
met? { shell("rcconf --list").val_for('apache2') == 'off' }
meet { sudo "update-rc.d -f apache2 remove" }
end
dep 'passenger vhost configured.apache2' do
requires 'apache2 passenger mods configured'
met? {
site_available?(var(:domain)) && babushka_config?(vhost_config_path(var(:domain)))
}
meet {
if(var(:domain) == "admin")
render_erb 'apache2/passenger_vhost_admin.conf.erb', :to => vhost_config_path(var(:domain)), :sudo => true
else
render_erb 'apache2/passenger_vhost.conf.erb', :to => vhost_config_path(var(:domain)), :sudo => true
end
}
end
dep 'apache2-prefork-dev.managed' do
installs { via :apt, 'apache2-prefork-dev' }
provides ["apxs2"]
end
dep 'xsendfile.apache2' do
requires 'apache2-prefork-dev.managed'
met? {
!!sudo("a2enmod xsendfile")
}
meet {
cd "/tmp" do
log_shell "cleaning ", "rm -rf mod_xsendfile.c"
log_shell "downloading", "wget --no-check-certificate -O mod_xsendfile.c https://tn123.org/mod_xsendfile/mod_xsendfile.c"
log_shell "installing", "sudo apxs2 -cia mod_xsendfile.c"
end
}
end
dep 'websocket_proxy.apache2' do
requires 'apache2-prefork-dev.managed'
met? {
["websocket_vnc_proxy", "websocket", "websocket_draft76"].all? {|name| sudo("a2enmod #{name}") }
}
meet {
cd "/tmp" do
log_shell "cleaning ", "sudo rm -rf apache-websocket"
log_shell "cloning ", "git clone git://github.com/protonet/apache-websocket.git"
cd "apache-websocket" do
["mod_websocket_draft76.c", "mod_websocket.c"].each do |c_file|
log_shell "installing ", "sudo apxs2 -cia #{c_file}"
end
cd "vncproxy" do
log_shell "installing ", "sudo apxs2 -cia -I.. mod_websocket_vnc_proxy.c"
end
end
end
}
end
dep 'websocket_read_timeouts.apache2' do
requires 'apache2-prefork-dev.managed'
met? {
grep "RequestReadTimeout body=30,MinRate=1", '/etc/apache2/mods-available/reqtimeout.conf'
}
meet {
change_line "RequestReadTimeout body=10,minrate=500", "RequestReadTimeout body=30,MinRate=1", "/etc/apache2/mods-available/reqtimeout.conf"
}
end
dep 'up_maxclient.apache2' do
met? {
!!grep(/MaxClients 256/, "/etc/apache2/apache2.conf")
}
meet {
sudo("ruby -pi -e \"gsub(/MaxClients\s.*[0-9]*/, 'MaxClients 256')\" /etc/apache2/apache2.conf")
}
end
dep 'prepare apache2 envvars for precise' do
met? {
!sudo('cat /etc/apache2/envvars').split("\n").grep(/protonet-envvars/).empty?
}
meet {
vars = <<-EOF
# this won't be correct after changing uid
unset HOME
# for supporting multiple apache2 instances
if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then
SUFFIX="-${APACHE_CONFDIR##/etc/apache2-}"
else
SUFFIX=
fi
# Since there is no sane way to get the parsed apache2 config in scripts, some
# settings are defined via environment variables and then used in apache2ctl,
# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc.
export APACHE_RUN_USER=www-data
export APACHE_RUN_GROUP=www-data
export APACHE_PID_FILE=/var/run/apache2$SUFFIX.pid
export APACHE_RUN_DIR=/var/run/apache2$SUFFIX
export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX
# Only /var/log/apache2 is handled by /etc/logrotate.d/apache2.
export APACHE_LOG_DIR=/var/log/apache2$SUFFIX
EOF
append_to_file_with_section vars, "/etc/apache2/envvars", 'protonet-envvars', {:sudo => true}
}
end
dep "passenger configuration for german-shepherd.apache2" do
requires 'apache2', 'apache2 passenger mods configured'
met? {
site_available?(var(:domain)) && babushka_config?(vhost_config_path(var(:domain)))
}
meet {
if(var(:domain) == "admin")
render_erb 'apache2/passenger_vhost_admin.conf.erb', :to => vhost_config_path(var(:domain)), :sudo => true
else
render_erb 'apache2/passenger_vhost_german_shepherd.conf.erb', :to => vhost_config_path(var(:domain)), :sudo => true
end
}
end
dep 'change ports for nginx proxying.apache2' do
requires 'passenger configuration for german-shepherd.apache2'
met? {
babushka_config?(File.join(config_path, 'ports.conf'))
}
meet {
render_erb 'apache2/ports.conf.erb', :to => File.join(config_path, 'ports.conf'), :sudo => true
}
end