Skip to content

Commit

Permalink
Merge pull request #32 from akumria/vhost-logroot
Browse files Browse the repository at this point in the history 
virtualhost logroot location
  • Loading branch information
@jamtur01
jamtur01 committed Jun 16, 2012
2 parents c590e64 + 11ad3fc commit c2c75a6
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 4 deletions.
19 changes: 17 additions & 2 deletions manifests/vhost.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,8 @@
$redirect_ssl = $apache::params::redirect_ssl,
$options = $apache::params::options,
$apache_name = $apache::params::apache_name,
$vhost_name = $apache::params::vhost_name
$vhost_name = $apache::params::vhost_name,
$logroot = "/var/log/" + $apache::params::apache_name
) {

include apache
Expand All @@ -67,13 +68,27 @@
}
}

file {"${apache::params::vdir}/${priority}-${name}-$docroot":
path => $docroot,
ensure => directory,
}

file {"${apache::params::vdir}/${priority}-${name}-$logroot":
path => $logroot,

This comment has been minimized.

Sign in to view

Copy link
@bodepd

bodepd Aug 1, 2012

Contributor

this actually looks like it should not have been merged. By default, everything in a defined resource type should be parameterized so that multiple instances can be declared.
ensure => directory,
}

file { "${priority}-${name}.conf":
path => "${apache::params::vdir}/${priority}-${name}.conf",
content => template($template),
owner => 'root',
group => 'root',
mode => '0755',
require => Package['httpd'],
require => [
Package['httpd'],
File["${apache::params::vdir}/${priority}-${name}-$docroot"],
File["${apache::params::vdir}/${priority}-${name}-$logroot"],
]
notify => Service['httpd'],
}

Expand Down
4 changes: 2 additions & 2 deletions templates/vhost-default.conf.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,9 @@ NameVirtualHost <%= vhost_name %>:<%= port %>
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/<%= scope.lookupvar("apache::params::apache_name") %>/<%= name %>_error.log
ErrorLog <%= logroot %>/<%= name %>_error.log
LogLevel warn
CustomLog /var/log/<%= scope.lookupvar("apache::params::apache_name") %>/<%= name %>_access.log combined
CustomLog <%= logroot %>/<%= name %>_access.log combined
ServerSignature Off
</VirtualHost>

10 comments on commit c2c75a6

@jarib
Copy link

@jarib jarib commented on c2c75a6 Jul 30, 2012

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change is giving me a slight headache:

  • It forces anyone with more than one vhost to override $logroot, or Puppet will complain of File['/var/log/apache2'] being defined twice.
  • Often the parent directory of $docroot is a symlink that is managed outside Puppet (e.g. with Capistrano or other deployment tools). After this change, the user must create the parent directories of $docroot or the file resource here will fail, which means there's no way of keeping Puppet from reverting app deployments!

@jamtur01 or @akumria: Thoughts?

@akumria
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, I'm not seeing the same problem.

I also deploy, actually via puppetlabs/vcsrepo, things managed externally.

I use it as:

apache::vhost { 'www.example.com':
    priority           => '10',
    vhost_name         => 'w.x.y.z',
    port               => '80',
    docroot            => '/home/wwwexamplecom/docroot/',
    logroot            => '/home/wwwexamplecom',
    servername         => 'www.example.com',
    serveradmin        => 'webmaster@example.com',
    serveraliases      => ['example.com', ],
    template           => 'apache/vhost-example.conf.erb',
    configure_firewall => false,
}

apache::vhost { 'www.example.com-IPv6':
    priority           => '10',
    vhost_name         => 'a:b:c:w:x:y:z:d',
    port               => '80',
    docroot            => '/home/wwwexamplecom/docroot/',
    logroot            => '/home/wwwexamplecom',
    servername         => 'www.example.com',
    serveradmin        => 'webmaster@example.com',
    serveraliases      => ['example.com', ],
    template           => 'apache/vhost-example.conf.erb',
    configure_firewall => false,
    ensure_dirs        => false
}

Perhaps to solve the first problem you need to have ensure_dirs set to false?

Actually, I think in your case if you set ensure_dirs to false it will solve both issues?

Does that work for you?

@jarib
Copy link

@jarib jarib commented on c2c75a6 Jul 31, 2012

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

An ensure_dirs option would indeed solve both issues, but I can't see it in the current HEAD, so I guess I'll have to wait for your pull request to be merged :)

Personally I'd suggest making the ensure_dirs option false by default; then it won't break backwards compatibility and be less of a surprise for users who already have their own docroot resource.

Thanks!

@jtopjian
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm seeing the same behavior as @jarib but with docroots as well as logroots. Creating multiple vhosts that use the same docroot will yield an error. I also agree that ensure_dirs would solve the problem, but it seems more like a hack.

Wouldn't the better solution be to use virtual resources and realize a single directory resource?

If ensure_dirs is to be used, though, I agree that it should be false by default for compatibility. Also, maybe it should be broken out of the ipv6 pull request? Maybe it would make it to HEAD sooner... but unless I am mistaken, virtual resources should be the better way.

@jarib
Copy link

@jarib jarib commented on c2c75a6 Aug 1, 2012

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just to explain my second scenario:

A typical Rails deployment with Capistrano will set up things like this:

symlink: /webapps/my-app/current -> /webapps/my-app/releases/201208011200/
$docroot: /webapps/my-app/current/public

So it seems that even with ensure_dirs set to false, the fact that File["${priority}-${name}.conf"] depends on File[$docroot] means that I must create the docroot with puppet.

On deployment, the symlink is updated to the correct timestamped directory. If puppet is then run some time after deploy, it will revert the symlink to whatever it thinks is right. So I can't see how to make this work as long as this module won't allow me to point the docroot at a non-existing directory.

EDIT: Ooops, never mind. Looks like ensure_dirs => false will remove the dependencies on $docroot, so the issue goes away.

I agree with @jtopjian that ensure_dirs seems somewhat hacky.

@akumria
Copy link
Contributor

@akumria akumria commented on c2c75a6 Aug 1, 2012 via email

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jarib
Copy link

@jarib jarib commented on c2c75a6 Aug 1, 2012

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why isn't docroot set to '/webapps/my-app/current' ?

The mod_rails/passenger Apache module wants docroot pointed at Rails' public/ directory, whereas /webapps/my-app/current holds the actual application code. Though even if I could use that as docroot, Puppet would still need to know what release to point the symlink at, which is what breaks the intended separation between configuring the server (with Puppet) and deploying new versions of the app (with Capistrano).

Anyway, I realize ensure_dirs => false will do the trick. I don't have enough Puppet experience to tell whether virtual resources is a better solution.

@akumria
Copy link
Contributor

@akumria akumria commented on c2c75a6 Aug 1, 2012 via email

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jtopjian
Copy link
Contributor

@jtopjian jtopjian commented on c2c75a6 Aug 1, 2012 via email

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@hunner
Copy link
Contributor

@hunner hunner commented on c2c75a6 Aug 6, 2012

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Virtual resources still have to be only defined a single time per node, usually via a parameterized class. But this would have to be done at the level of the original apache::vhost definitions (increasing the LOC and human overhead) otherwise you run the risk of creating duplicate resources in the same way that you are trying to avoid.

The use of defined() or ensure_resource() in #54 is a much more direct way to code around this problem of ambiguously-named potentially-conflicting resources.

Please sign in to comment.