Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

first commit

  • Loading branch information...
commit 42dafe07468261675bc4eda38761db2fe1ccf9cc 0 parents
Brian Donovan authored
13 LICENSE
@@ -0,0 +1,13 @@
+Copyright 2007 Wesabe, Inc.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
112 README
@@ -0,0 +1,112 @@
+# Apache2 Recipe #
+apache2 -- v0.4 by Sam Quigley <sq@wesabe.com>
+
+Basic module for configuring apache via puppet. Debian/Ubuntu-specific at
+the moment, but patches are welcome.
+
+Based in part on code by Tim Stoop <tim.stoop@gmail.com> and
+David Schmitt <david@schmitt.edv-bus.at>
+
+## Configuration ##
+
+This module installs apache2 from packages and promptly overwrites the default
+configuration with one that does nothing other than include various
+directories:
+
+* /etc/apache2/mods-enabled/
+* /etc/apache2/conf.d
+* /etc/apache2/sites-enabled/
+
+Defines are provided to allow recipes and child classes to interact with these
+directories -- see below.
+
+An additional class, `apache2_debian`, is provided which attempts to mimic
+the default configuration of a freshly-installed debian apache2 package.
+
+A single global configuration variable is available, `$apache2_mpm`, which
+controls which of the mpm packages are installed. Its possible values are:
+
+* 'event': Use the event driven model (experimental)
+* 'prefork': Traditional
+* 'worker': High speed threaded model
+
+'worker' is the default.
+
+See the apache2::debian and apache2::basic subclasses for examples of how to
+use and configure this class. Note that these do *NOT* install site
+definitions -- so simply including them in a node definition won't work...
+
+### `apache2::config` ###
+
+`apache2::config` installs a configuration snippet in conf.d. Takes the following options:
+
+* `name`: the name of the config snipppet [namevar]
+* `ensure`: typically set to "present" or "absent", but any value legal
+for a file resource can be used. Defaults to "present"
+* `content`: set this to the text of the snippet -- eg, through
+template(). Defaults to `template("apache2/$name.conf.erb")`, which is
+unlikely to be what you want.
+* `order`: specifies the load order for this config snippet. the snippet
+will end up in `/etc/apache2/conf.d/$order-$name.conf`, and apache will load
+files in alphanumeric order. Defaults to "500"
+* `require`: if set, this will require that a package of the given name exists
+before evaluating the rest of the config definition. It does not currently
+remove the package, even if ensure is set to absent.
+
+### `apache2::module` ###
+
+`apache2::module` enables an apache module. It does *NOT* currently install
+one for you, except through the "require" argument -- see below.
+Options are:
+
+* `name`: name of the module. A file with the name
+`mods-available/$name.load` is expected to exist in the apache2 directory
+* `ensure`: can be "present" or "absent"
+* `require`: if set, this will require that a package of the given name exists
+before evaluating the rest of the module definition. It does not currently
+remove the package, even if ensure is set to absent.
+
+### `apache2::site` ###
+
+`apache2::site` enables an apache site. Options are:
+
+* `name`: name of the site. A file with the name
+`sites-available/$name` is expected to exist in the apache2 directory
+* `ensure`: can be "present", "installed", or "absent"
+* `require`: if set, this will require that a package of the given name exists
+before evaluating the rest of the site definition. It does not currently
+remove the package, even if ensure is set to absent.
+* `content`: set this to the text of the site definition -- eg, through
+template(). If unset, the module will simply ensure that a file named
+"/etc/apache2/sites-available/$name" exists
+
+## Example ##
+
+See the code for the apache2_debian subclass for an example of how to use
+this module.
+
+## To Do ##
+
+* apache2::{module,config,site} should really be native types.
+* The configuration of apache2::basic is essentially arbitrary, based on
+what I needed to override at the moment. Some logic would probably be
+helpful.
+
+## Changes ##
+
+* stop explicitly importing stuff from manifests/classes; rely on autoload instead
+* add `site_include` definition, similar to `site`
+* add content property to site definition, similar to config
+* allow ensure=>installed for sites -- required moving site installation code
+to a new definition.
+* added apache2::debian and apache2::basic subclasses
+* added `config` definition, similar to the existing `site` and `module` defs,
+which will include given config snippets
+* Removed port configuration (via /etc/apache2/ports.conf) -- Listen
+directives make more sense in the individual site definitions, at least for
+SSL, load-balanced, and proxied environments...
+* Removed DavidS' nagios and munin stuff; will probably re-add later.
+* Removed the `no_default_site` subclass and made it the default behavior. No
+one _really_ wants to serve their distro's default page...
+* Removed the `apache2_ssl business` -- with Listen configured in the site
+defs themselves, it's not really necessary
14 files/apache2.conf
@@ -0,0 +1,14 @@
+# apache2.conf -- version for puppet-controlled installations
+#
+# this config file merely includes other files; all the truly important stuff
+# is configured in one of these directories.
+
+# Include module configuration:
+Include /etc/apache2/mods-enabled/*.load
+Include /etc/apache2/mods-enabled/*.conf
+
+# Include generic snippets of statements
+Include /etc/apache2/conf.d/*.conf
+
+# Include the virtual host configurations:
+Include /etc/apache2/sites-enabled/
34 manifests/basic.pp
@@ -0,0 +1,34 @@
+# apache2/manifests/classes/apache2_basic.pp
+# by Sam Quigley <sq@wesabe.com>
+
+# implements a basic, no-frills apache.
+
+class apache2::basic inherits apache2 {
+ apache2::config { "base":
+ order => "000",
+ ensure => present,
+ content => template("apache2/base.conf.erb"),
+ }
+ apache2::module { "dir": ensure => present } # provides DirectoryIndex
+
+ apache2::config { "mpm":
+ order => "010",
+ ensure => present,
+ content => template("apache2/mpm-$real_apache2_mpm.conf.erb"),
+ }
+
+ apache2::config { "mime":
+ order => "020",
+ ensure => present,
+ content => template("apache2/mime-minimal.conf.erb"),
+ }
+ apache2::module { "mime": ensure => present }
+
+ apache2::config { "browser_fixes":
+ order => "030",
+ ensure => present,
+ content => template("apache2/browser_fixes.conf.erb"),
+ }
+ apache2::module { "setenvif": ensure => present }
+
+}
19 manifests/debian.pp
@@ -0,0 +1,19 @@
+# apache2/manifests/classes/apache2_debian.pp
+# by Sam Quigley <sq@wesabe.com>
+
+# this class attempts to mimic the default configuration of the debian
+# apache2 package
+
+class apache2::debian inherits apache2 {
+ apache2::config { "debian.conf":
+ order => "000",
+ ensure => present,
+ }
+
+ apache2::module { ["alias", "auth_basic", "authn_file",
+ "authz_default", "authz_groupfile", "authz_host",
+ "authz_user", "autoindex", "cgid", "dir", "env", "mime",
+ "negotiation", "setenvif", "status"]:
+ ensure=> present,
+ }
+}
244 manifests/init.pp
@@ -0,0 +1,244 @@
+# apache2 module for puppet
+# by Sam Quigley <sq@wesabe.com>
+#
+# based in part on code by Tim Stoop <tim.stoop@gmail.com> and
+# David Schmitt <david@schmitt.edv-bus.at>
+
+# this file defines the base apache2 class, and does most of the heavy
+# lifting. see the other subclasses for friendlier versions.
+
+# note: this code is currently very deb/ubuntu-specific
+$apache_sites = "/etc/apache2/sites"
+$apache_includes = "/etc/apache2/site-includes"
+$apache_mods = "/etc/apache2/mods"
+$apache_conf = "/etc/apache2/conf.d"
+
+class apache2 {
+ $real_apache2_mpm = $apache2_mpm ? { '' => 'worker', default => $apache2_mpm }
+
+ case $real_apache2_mpm {
+ 'event': {
+ package { "apache2-mpm-event":
+ ensure => installed,
+ alias => apache2_mpm_provider
+ }
+ package { ["apache2-mpm-perchild", "apache2-mpm-prefork",
+ "apache2-mpm-worker"]:
+ ensure => absent,
+ }
+ }
+
+ 'prefork': {
+ package { "apache2-mpm-prefork":
+ ensure => installed,
+ alias => apache2_mpm_provider
+ }
+ package { ["apache2-mpm-event", "apache2-mpm-perchild",
+ "apache2-mpm-worker"]:
+ ensure => absent,
+ }
+ }
+
+ 'worker': {
+ package { "apache2-mpm-worker":
+ ensure => installed,
+ alias => apache2_mpm_provider
+ }
+ package { ["apache2-mpm-event", "apache2-mpm-perchild",
+ "apache2-mpm-prefork"]:
+ ensure => absent,
+ }
+ }
+ }
+ package { apache2:
+ ensure => installed,
+ require => Package[apache2_mpm_provider],
+ }
+
+ service { apache2:
+ ensure => running,
+ pattern => "/usr/sbin/apache2",
+ hasrestart => true,
+ require => Package[apache2]
+ }
+
+ # using checksum => mtime and notify ensures that any changes to this dir
+ # will result in an apache reload
+ file { $apache_conf:
+ ensure => directory, checksum => mtime,
+ mode => 644, owner => root, group => root,
+ require => Package[apache2],
+ notify => Exec["reload-apache2"];
+ }
+
+ # as above
+ file { $apache_includes:
+ ensure => directory, checksum => mtime,
+ mode => 644, owner => root, group => root,
+ require => Package[apache2],
+ notify => Exec["reload-apache2"];
+ }
+
+ # this overwrites the default distro config with one that just includes
+ # $apache_conf and friends
+ file { "/etc/apache2/apache2.conf":
+ ensure => present,
+ mode => 644,
+ owner => root,
+ group => root,
+ source => "puppet://$servername/apache2/apache2.conf",
+ require => File[$apache_conf],
+ }
+
+ # nuke the package-provided ports.conf
+ file {"/etc/apache2/ports.conf": ensure => absent }
+
+ # make sure the default site isn't present.
+ exec { "/usr/sbin/a2dissite default":
+ onlyif => "/usr/bin/test -L /etc/apache2/sites-enabled/000-default",
+ notify => Exec["reload-apache2"],
+ }
+
+ # Notify this when apache needs a reload. This is only needed when
+ # sites are added or removed, since a full restart then would be
+ # a waste of time. When the module-config changes, a force-reload is
+ # needed.
+ exec { "reload-apache2":
+ command => "/etc/init.d/apache2 reload",
+ refreshonly => true,
+ before => [ Service["apache2"], Exec["force-reload-apache2"] ]
+ }
+
+ exec { "force-reload-apache2":
+ command => "/etc/init.d/apache2 force-reload",
+ refreshonly => true,
+ before => Service["apache2"],
+ }
+
+ # Define an apache2 config snippet. Places all config snippets into
+ # /etc/apache2/conf.d, where they will be automatically loaded
+ define config ( $ensure = 'present', $content = '', $order="500") {
+ $real_content = $content ? { '' => template("apache2/${name}.conf.erb"),
+ default => $content,
+ }
+
+ file { "${apache_conf}/${order}-${name}.conf":
+ ensure => $ensure,
+ content => $content,
+ mode => 644,
+ owner => root,
+ group => root,
+ # given the way File[$apache_conf] is defined, this might lead to
+ # multiple restarts. not sure.
+ notify => Exec["reload-apache2"],
+ }
+ }
+
+
+ # Define an apache2 site. Place all site configs into
+ # /etc/apache2/sites-available and en-/disable them with this type.
+ #
+ # You can add a custom require (string) if the site depends on packages
+ # that aren't part of the default apache2 package. Because of the
+ # package dependencies, apache2 will automagically be included.
+ define site ( $ensure = 'present', $content = '' ) {
+ case $ensure {
+ 'present' : {
+ apache2::install_site { $name:
+ content => $content
+ }
+ }
+ 'installed' : {
+ apache2::install_site { $name:
+ content => $content
+ }
+ }
+ 'absent' : {
+ exec { "/usr/sbin/a2dissite $name":
+ onlyif => "/bin/sh -c '[ -L ${apache_sites}-enabled/$name ] \\
+ && [ ${apache_sites}-enabled/$name -ef ${apache_sites}-available/$name ]'",
+ notify => Exec["reload-apache2"],
+ require => Package["apache2"],
+ }
+ }
+ default: { err ( "Unknown ensure value: '$ensure'" ) }
+ }
+ }
+
+ # helper method to actually install a site -- called by site()
+ define install_site ($content = '' ) {
+ # first, make sure the site config exists
+ case $content {
+ '': {
+ file { "${apache_sites}-available/${name}":
+ mode => 644,
+ owner => root,
+ group => root,
+ ensure => present,
+ alias => "site-$name",
+ }
+ }
+
+ default: {
+ file { "${apache_sites}-available/${name}":
+ content => $content,
+ mode => 644,
+ owner => root,
+ group => root,
+ ensure => present,
+ alias => "site-$name",
+ }
+ }
+ }
+
+ # now, enable it.
+ exec { "/usr/sbin/a2ensite $name":
+ unless => "/bin/sh -c '[ -L ${apache_sites}-enabled/$name ] \\
+ && [ ${apache_sites}-enabled/$name -ef ${apache_sites}-available/$name ]'",
+ notify => Exec["reload-apache2"],
+ require => File["site-$name"],
+ }
+ }
+
+ # Define a site config fragment
+ define site_include ( $ensure = 'present', $content = '' ) {
+ file { "${apache_includes}/${name}.inc":
+ content => $content,
+ mode => 644,
+ owner => root,
+ group => root,
+ ensure => $ensure,
+ require => File[$apache_includes],
+ }
+ }
+
+ # Define an apache2 module. Debian packages place the module config
+ # into /etc/apache2/mods-available.
+ #
+ # You can add a custom require (string) if the module depends on
+ # packages that aren't part of the default apache2 package. Because of
+ # the package dependencies, apache2 will automagically be included.
+ #
+ # REVIEW: 20070901 <sq@wesabe.com> -- when facts can be distributed
+ # within modules (see puppet trac ticket #803), the unless/onlyif clauses
+ # below should get rewritten to use custom facter facts
+ define module ( $ensure = 'present') {
+ case $ensure {
+ 'present' : {
+ exec { "/usr/sbin/a2enmod $name":
+ unless => "/bin/sh -c '[ -L ${apache_mods}-enabled/${name}.load ] \\
+ && [ ${apache_mods}-enabled/${name}.load -ef ${apache_mods}-available/${name}.load ]'",
+ notify => Exec["force-reload-apache2"],
+ }
+ }
+ 'absent': {
+ exec { "/usr/sbin/a2dismod $name":
+ onlyif => "/bin/sh -c '[ -L ${apache_mods}-enabled/${name}.load ] \\
+ && [ ${apache_mods}-enabled/${name}.load -ef ${apache_mods}-available/${name}.load ]'",
+ notify => Exec["force-reload-apache2"],
+ }
+ }
+ default: { err ( "Unknown ensure value: '$ensure'" ) }
+ }
+ }
+}
156 templates/base.conf.erb
@@ -0,0 +1,156 @@
+#
+# Based upon the NCSA server configuration files originally by Rob McCool.
+#
+# This is the main Apache server configuration file. It contains the
+# configuration directives that give the server its instructions.
+# See <URL:http://httpd.apache.org/docs-2.1/> for detailed information about
+# the directives.
+#
+# Do NOT simply read the instructions in here without understanding
+# what they do. They're here only as hints or reminders. If you are unsure
+# consult the online docs. You have been warned.
+#
+# The configuration directives are grouped into three basic sections:
+# 1. Directives that control the operation of the Apache server process as a
+# whole (the 'global environment').
+# 2. Directives that define the parameters of the 'main' or 'default' server,
+# which responds to requests that aren't handled by a virtual host.
+# These directives also provide default values for the settings
+# of all virtual hosts.
+# 3. Settings for virtual hosts, which allow Web requests to be sent to
+# different IP addresses or hostnames and have them handled by the
+# same Apache server process.
+#
+# Configuration and logfile names: If the filenames you specify for many
+# of the server's control files begin with "/" (or "drive:/" for Win32), the
+# server will use that explicit path. If the filenames do *not* begin
+# with "/", the value of ServerRoot is prepended -- so "/var/log/apache2/foo.log"
+# with ServerRoot set to "" will be interpreted by the
+# server as "//var/log/apache2/foo.log".
+#
+
+### Section 1: Global Environment
+#
+# The directives in this section affect the overall operation of Apache,
+# such as the number of concurrent requests it can handle or where it
+# can find its configuration files.
+#
+
+#
+# ServerRoot: The top of the directory tree under which the server's
+# configuration, error, and log files are kept.
+#
+# NOTE! If you intend to place this on an NFS (or otherwise network)
+# mounted filesystem then please read the LockFile documentation (available
+# at <URL:http://httpd.apache.org/docs-2.1/mod/mpm_common.html#lockfile>);
+# you will save yourself a lot of trouble.
+#
+# Do NOT add a slash at the end of the directory path.
+#
+ServerRoot "/etc/apache2"
+
+#
+# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
+#
+#<IfModule !mpm_winnt.c>
+#<IfModule !mpm_netware.c>
+LockFile /var/lock/apache2/accept.lock
+#</IfModule>
+#</IfModule>
+
+#
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+#
+PidFile /var/run/apache2.pid
+
+#
+# Timeout: The number of seconds before receives and sends time out.
+#
+Timeout 300
+
+#
+# KeepAlive: Whether or not to allow persistent connections (more than
+# one request per connection). Set to "Off" to deactivate.
+#
+KeepAlive On
+
+#
+# MaxKeepAliveRequests: The maximum number of requests to allow
+# during a persistent connection. Set to 0 to allow an unlimited amount.
+# We recommend you leave this number high, for maximum performance.
+#
+MaxKeepAliveRequests 100
+
+#
+# KeepAliveTimeout: Number of seconds to wait for the next request from the
+# same client on the same connection.
+#
+KeepAliveTimeout 15
+
+
+User www-data
+Group www-data
+
+#
+# AccessFileName: The name of the file to look for in each directory
+# for additional configuration directives. See also the AllowOverride
+# directive.
+#
+
+AccessFileName .htaccess
+
+#
+# The following lines prevent .htaccess and .htpasswd files from being
+# viewed by Web clients.
+#
+<Files ~ "^\.ht">
+ Order allow,deny
+ Deny from all
+</Files>
+
+TypesConfig /etc/mime.types
+
+#
+# DefaultType is the default MIME type the server will use for a document
+# if it cannot otherwise determine one, such as from filename extensions.
+# If your server contains mostly text or HTML documents, "text/plain" is
+# a good value. If most of your content is binary, such as applications
+# or images, you may want to use "application/octet-stream" instead to
+# keep browsers from trying to display binary files as though they are
+# text.
+#
+DefaultType text/plain
+
+
+#
+# HostnameLookups: Log the names of clients or just their IP addresses
+# e.g., www.apache.org (on) or 204.62.129.132 (off).
+# The default is off because it'd be overall better for the net if people
+# had to knowingly turn this feature on, since enabling it means that
+# each client request will result in AT LEAST one lookup request to the
+# nameserver.
+#
+HostnameLookups Off
+
+#
+# ServerTokens
+# This directive configures what you return as the Server HTTP response
+# Header. The default is 'Full' which sends information about the OS-Type
+# and compiled in modules.
+# Set to one of: Full | OS | Minor | Minimal | Major | Prod
+# where Full conveys the most information, and Prod the least.
+#
+ServerTokens Prod
+
+#
+# Optionally add a line containing the server version and virtual host
+# name to server-generated pages (internal error documents, FTP directory
+# listings, mod_status and mod_info output etc., but not CGI generated
+# documents or custom error documents).
+# Set to "EMail" to also include a mailto: link to the ServerAdmin.
+# Set to one of: On | Off | EMail
+#
+ServerSignature Off
+
+DirectoryIndex index.html
26 templates/browser_fixes.conf.erb
@@ -0,0 +1,26 @@
+<IfModule mod_setenvif.c>
+ #
+ # The following directives modify normal HTTP response behavior to
+ # handle known problems with browser implementations.
+ #
+ BrowserMatch "Mozilla/2" nokeepalive
+ BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
+ BrowserMatch "RealPlayer 4\.0" force-response-1.0
+ BrowserMatch "Java/1\.0" force-response-1.0
+ BrowserMatch "JDK/1\.0" force-response-1.0
+
+ #
+ # The following directive disables redirects on non-GET requests for
+ # a directory that does not include the trailing slash. This fixes a
+ # problem with Microsoft WebFolders which does not appropriately handle
+ # redirects for folders with DAV methods.
+ # Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
+ #
+ BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
+ BrowserMatch "MS FrontPage" redirect-carefully
+ BrowserMatch "^WebDrive" redirect-carefully
+ BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
+ BrowserMatch "^gnome-vfs/1.0" redirect-carefully
+ BrowserMatch "^XML Spy" redirect-carefully
+ BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
+</IfModule>
677 templates/debian.conf.erb
@@ -0,0 +1,677 @@
+# 000-debian.conf -- this reproduces the default debian configuration
+
+#
+# Based upon the NCSA server configuration files originally by Rob McCool.
+#
+# This is the main Apache server configuration file. It contains the
+# configuration directives that give the server its instructions.
+# See <URL:http://httpd.apache.org/docs-2.1/> for detailed information about
+# the directives.
+#
+# Do NOT simply read the instructions in here without understanding
+# what they do. They're here only as hints or reminders. If you are unsure
+# consult the online docs. You have been warned.
+#
+# The configuration directives are grouped into three basic sections:
+# 1. Directives that control the operation of the Apache server process as a
+# whole (the 'global environment').
+# 2. Directives that define the parameters of the 'main' or 'default' server,
+# which responds to requests that aren't handled by a virtual host.
+# These directives also provide default values for the settings
+# of all virtual hosts.
+# 3. Settings for virtual hosts, which allow Web requests to be sent to
+# different IP addresses or hostnames and have them handled by the
+# same Apache server process.
+#
+# Configuration and logfile names: If the filenames you specify for many
+# of the server's control files begin with "/" (or "drive:/" for Win32), the
+# server will use that explicit path. If the filenames do *not* begin
+# with "/", the value of ServerRoot is prepended -- so "/var/log/apache2/foo.log"
+# with ServerRoot set to "" will be interpreted by the
+# server as "//var/log/apache2/foo.log".
+#
+
+### Section 1: Global Environment
+#
+# The directives in this section affect the overall operation of Apache,
+# such as the number of concurrent requests it can handle or where it
+# can find its configuration files.
+#
+
+#
+# ServerRoot: The top of the directory tree under which the server's
+# configuration, error, and log files are kept.
+#
+# NOTE! If you intend to place this on an NFS (or otherwise network)
+# mounted filesystem then please read the LockFile documentation (available
+# at <URL:http://httpd.apache.org/docs-2.1/mod/mpm_common.html#lockfile>);
+# you will save yourself a lot of trouble.
+#
+# Do NOT add a slash at the end of the directory path.
+#
+ServerRoot "/etc/apache2"
+
+#
+# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
+#
+#<IfModule !mpm_winnt.c>
+#<IfModule !mpm_netware.c>
+LockFile /var/lock/apache2/accept.lock
+#</IfModule>
+#</IfModule>
+
+#
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+#
+PidFile /var/run/apache2.pid
+
+#
+# Timeout: The number of seconds before receives and sends time out.
+#
+Timeout 300
+
+#
+# KeepAlive: Whether or not to allow persistent connections (more than
+# one request per connection). Set to "Off" to deactivate.
+#
+KeepAlive On
+
+#
+# MaxKeepAliveRequests: The maximum number of requests to allow
+# during a persistent connection. Set to 0 to allow an unlimited amount.
+# We recommend you leave this number high, for maximum performance.
+#
+MaxKeepAliveRequests 100
+
+#
+# KeepAliveTimeout: Number of seconds to wait for the next request from the
+# same client on the same connection.
+#
+KeepAliveTimeout 15
+
+##
+## Server-Pool Size Regulation (MPM specific)
+##
+
+# prefork MPM
+# StartServers: number of server processes to start
+# MinSpareServers: minimum number of server processes which are kept spare
+# MaxSpareServers: maximum number of server processes which are kept spare
+# MaxClients: maximum number of server processes allowed to start
+# MaxRequestsPerChild: maximum number of requests a server process serves
+<IfModule mpm_prefork_module>
+ StartServers 5
+ MinSpareServers 5
+ MaxSpareServers 10
+ MaxClients 150
+ MaxRequestsPerChild 0
+</IfModule>
+
+# worker MPM
+# StartServers: initial number of server processes to start
+# MaxClients: maximum number of simultaneous client connections
+# MinSpareThreads: minimum number of worker threads which are kept spare
+# MaxSpareThreads: maximum number of worker threads which are kept spare
+# ThreadsPerChild: constant number of worker threads in each server process
+# MaxRequestsPerChild: maximum number of requests a server process serves
+<IfModule mpm_worker_module>
+ StartServers 2
+ MaxClients 150
+ MinSpareThreads 25
+ MaxSpareThreads 75
+ ThreadsPerChild 25
+ MaxRequestsPerChild 0
+</IfModule>
+
+User www-data
+Group www-data
+
+#
+# AccessFileName: The name of the file to look for in each directory
+# for additional configuration directives. See also the AllowOverride
+# directive.
+#
+
+AccessFileName .htaccess
+
+#
+# The following lines prevent .htaccess and .htpasswd files from being
+# viewed by Web clients.
+#
+<Files ~ "^\.ht">
+ Order allow,deny
+ Deny from all
+</Files>
+
+TypesConfig /etc/mime.types
+
+#
+# DefaultType is the default MIME type the server will use for a document
+# if it cannot otherwise determine one, such as from filename extensions.
+# If your server contains mostly text or HTML documents, "text/plain" is
+# a good value. If most of your content is binary, such as applications
+# or images, you may want to use "application/octet-stream" instead to
+# keep browsers from trying to display binary files as though they are
+# text.
+#
+DefaultType text/plain
+
+
+#
+# HostnameLookups: Log the names of clients or just their IP addresses
+# e.g., www.apache.org (on) or 204.62.129.132 (off).
+# The default is off because it'd be overall better for the net if people
+# had to knowingly turn this feature on, since enabling it means that
+# each client request will result in AT LEAST one lookup request to the
+# nameserver.
+#
+HostnameLookups Off
+
+# ErrorLog: The location of the error log file.
+# If you do not specify an ErrorLog directive within a <VirtualHost>
+# container, error messages relating to that virtual host will be
+# logged here. If you *do* define an error logfile for a <VirtualHost>
+# container, that host's errors will be logged there and not here.
+#
+ErrorLog /var/log/apache2/error.log
+
+#
+# LogLevel: Control the number of messages logged to the error_log.
+# Possible values include: debug, info, notice, warn, error, crit,
+# alert, emerg.
+#
+LogLevel warn
+
+# the apache2 puppet config already does this stuff:
+## Include module configuration:
+#Include /etc/apache2/mods-enabled/*.load
+#Include /etc/apache2/mods-enabled/*.conf
+#
+## Include all the user configurations:
+#Include /etc/apache2/httpd.conf
+#
+## Include ports listing
+#Include /etc/apache2/ports.conf
+#
+## Include generic snippets of statements
+#Include /etc/apache2/conf.d/
+
+# the apache2 puppet config removes ports.conf, which would have been
+# included above, and which contains (by default) the following line:
+Listen 80
+
+
+#
+# The following directives define some format nicknames for use with
+# a CustomLog directive (see below).
+#
+LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %b" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+
+#
+# ServerTokens
+# This directive configures what you return as the Server HTTP response
+# Header. The default is 'Full' which sends information about the OS-Type
+# and compiled in modules.
+# Set to one of: Full | OS | Minor | Minimal | Major | Prod
+# where Full conveys the most information, and Prod the least.
+#
+ServerTokens Full
+
+#
+# Optionally add a line containing the server version and virtual host
+# name to server-generated pages (internal error documents, FTP directory
+# listings, mod_status and mod_info output etc., but not CGI generated
+# documents or custom error documents).
+# Set to "EMail" to also include a mailto: link to the ServerAdmin.
+# Set to one of: On | Off | EMail
+#
+ServerSignature On
+
+<IfModule alias_module>
+ #
+ # Aliases: Add here as many aliases as you need (with no limit). The format is
+ # Alias fakename realname
+ #
+ # Note that if you include a trailing / on fakename then the server will
+ # require it to be present in the URL. So "/icons" isn't aliased in this
+ # example, only "/icons/". If the fakename is slash-terminated, then the
+ # realname must also be slash terminated, and if the fakename omits the
+ # trailing slash, the realname must also omit it.
+ #
+ # We include the /icons/ alias for FancyIndexed directory listings. If
+ # you do not use FancyIndexing, you may comment this out.
+ #
+ Alias /icons/ "/usr/share/apache2/icons/"
+
+ <Directory "/usr/share/apache2/icons">
+ Options Indexes MultiViews
+ AllowOverride None
+ Order allow,deny
+ Allow from all
+ </Directory>
+
+</IfModule>
+
+#
+# Directives controlling the display of server-generated directory listings.
+#
+<IfModule mod_autoindex.c>
+
+ #
+ # IndexOptions: Controls the appearance of server-generated directory
+ # listings.
+ #
+ IndexOptions FancyIndexing VersionSort HTMLTable NameWidth=*
+
+ #
+ # AddIcon* directives tell the server which icon to show for different
+ # files or filename extensions. These are only displayed for
+ # FancyIndexed directories.
+ #
+ AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
+
+ AddIconByType (TXT,/icons/text.gif) text/*
+ AddIconByType (IMG,/icons/image2.gif) image/*
+ AddIconByType (SND,/icons/sound2.gif) audio/*
+ AddIconByType (VID,/icons/movie.gif) video/*
+
+ AddIcon /icons/binary.gif .bin .exe
+ AddIcon /icons/binhex.gif .hqx
+ AddIcon /icons/tar.gif .tar
+ AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
+ AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
+ AddIcon /icons/a.gif .ps .ai .eps
+ AddIcon /icons/layout.gif .html .shtml .htm .pdf
+ AddIcon /icons/text.gif .txt
+ AddIcon /icons/c.gif .c
+ AddIcon /icons/p.gif .pl .py
+ AddIcon /icons/f.gif .for
+ AddIcon /icons/dvi.gif .dvi
+ AddIcon /icons/uuencoded.gif .uu
+ AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+ AddIcon /icons/tex.gif .tex
+ AddIcon /icons/bomb.gif core
+
+ AddIcon /icons/back.gif ..
+ AddIcon /icons/hand.right.gif README
+ AddIcon /icons/folder.gif ^^DIRECTORY^^
+ AddIcon /icons/blank.gif ^^BLANKICON^^
+
+ #
+ # DefaultIcon is which icon to show for files which do not have an icon
+ # explicitly set.
+ #
+ DefaultIcon /icons/unknown.gif
+
+ #
+ # AddDescription allows you to place a short description after a file in
+ # server-generated indexes. These are only displayed for FancyIndexed
+ # directories.
+ # Format: AddDescription "description" filename
+ #
+ #AddDescription "GZIP compressed document" .gz
+ #AddDescription "tar archive" .tar
+ #AddDescription "GZIP compressed tar archive" .tgz
+
+ #
+ # ReadmeName is the name of the README file the server will look for by
+ # default, and append to directory listings.
+ #
+ # HeaderName is the name of a file which should be prepended to
+ # directory indexes.
+ ReadmeName README.html
+ HeaderName HEADER.html
+
+ #
+ # IndexIgnore is a set of filenames which directory indexing should ignore
+ # and not include in the listing. Shell-style wildcarding is permitted.
+ #
+ IndexIgnore .??* *~ *# RCS CVS *,v *,t
+</IfModule>
+
+<IfModule mod_mime.c>
+
+ #
+ # AddType allows you to add to or override the MIME configuration
+ # file mime.types for specific file types.
+ #
+ #AddType application/x-gzip .tgz
+ #
+ # AddEncoding allows you to have certain browsers uncompress
+ # information on the fly. Note: Not all browsers support this.
+ # Despite the name similarity, the following Add* directives have
+ # nothing to do with the FancyIndexing customization directives above.
+ #
+ #AddEncoding x-compress .Z
+ #AddEncoding x-gzip .gz .tgz
+ #
+ # If the AddEncoding directives above are commented-out, then you
+ # probably should define those extensions to indicate media types:
+ #
+ AddType application/x-compress .Z
+ AddType application/x-gzip .gz .tgz
+
+ #
+ # DefaultLanguage and AddLanguage allows you to specify the language of
+ # a document. You can then use content negotiation to give a browser a
+ # file in a language the user can understand.
+ #
+ # Specify a default language. This means that all data
+ # going out without a specific language tag (see below) will
+ # be marked with this one. You probably do NOT want to set
+ # this unless you are sure it is correct for all cases.
+ #
+ # * It is generally better to not mark a page as
+ # * being a certain language than marking it with the wrong
+ # * language!
+ #
+ # DefaultLanguage nl
+ #
+ # Note 1: The suffix does not have to be the same as the language
+ # keyword --- those with documents in Polish (whose net-standard
+ # language code is pl) may wish to use "AddLanguage pl .po" to
+ # avoid the ambiguity with the common suffix for perl scripts.
+ #
+ # Note 2: The example entries below illustrate that in some cases
+ # the two character 'Language' abbreviation is not identical to
+ # the two character 'Country' code for its country,
+ # E.g. 'Danmark/dk' versus 'Danish/da'.
+ #
+ # Note 3: In the case of 'ltz' we violate the RFC by using a three char
+ # specifier. There is 'work in progress' to fix this and get
+ # the reference data for rfc1766 cleaned up.
+ #
+ # Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
+ # English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
+ # Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
+ # Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
+ # Norwegian (no) - Polish (pl) - Portugese (pt)
+ # Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
+ # Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
+ #
+ AddLanguage ca .ca
+ AddLanguage cs .cz .cs
+ AddLanguage da .dk
+ AddLanguage de .de
+ AddLanguage el .el
+ AddLanguage en .en
+ AddLanguage eo .eo
+ AddLanguage es .es
+ AddLanguage et .et
+ AddLanguage fr .fr
+ AddLanguage he .he
+ AddLanguage hr .hr
+ AddLanguage it .it
+ AddLanguage ja .ja
+ AddLanguage ko .ko
+ AddLanguage ltz .ltz
+ AddLanguage nl .nl
+ AddLanguage nn .nn
+ AddLanguage no .no
+ AddLanguage pl .po
+ AddLanguage pt .pt
+ AddLanguage pt-BR .pt-br
+ AddLanguage ru .ru
+ AddLanguage sv .sv
+ AddLanguage zh-CN .zh-cn
+ AddLanguage zh-TW .zh-tw
+</IfModule>
+
+<IfModule mod_negotiation.c>
+ #
+ # LanguagePriority allows you to give precedence to some languages
+ # in case of a tie during content negotiation.
+ #
+ # Just list the languages in decreasing order of preference. We have
+ # more or less alphabetized them here. You probably want to change this.
+ #
+ LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
+
+ #
+ # ForceLanguagePriority allows you to serve a result page rather than
+ # MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
+ # [in case no accepted languages matched the available variants]
+ #
+ ForceLanguagePriority Prefer Fallback
+
+</IfModule>
+
+<IfModule mod_mime.c>
+ #
+ # Specify a default charset for all pages sent out. This is
+ # always a good idea and opens the door for future internationalisation
+ # of your web site, should you ever want it. Specifying it as
+ # a default does little harm; as the standard dictates that a page
+ # is in iso-8859-1 (latin1) unless specified otherwise i.e. you
+ # are merely stating the obvious. There are also some security
+ # reasons in browsers, related to javascript and URL parsing
+ # which encourage you to always set a default char set.
+ #
+ #AddDefaultCharset ISO-8859-1
+
+ #
+ # Commonly used filename extensions to character sets. You probably
+ # want to avoid clashes with the language extensions, unless you
+ # are good at carefully testing your setup after each change.
+ # See http://www.iana.org/assignments/character-sets for the
+ # official list of charset names and their respective RFCs.
+ #
+ AddCharset us-ascii .ascii .us-ascii
+ AddCharset ISO-8859-1 .iso8859-1 .latin1
+ AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
+ AddCharset ISO-8859-3 .iso8859-3 .latin3
+ AddCharset ISO-8859-4 .iso8859-4 .latin4
+ AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru
+ AddCharset ISO-8859-6 .iso8859-6 .arb .arabic
+ AddCharset ISO-8859-7 .iso8859-7 .grk .greek
+ AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew
+ AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk
+ AddCharset ISO-8859-10 .iso8859-10 .latin6
+ AddCharset ISO-8859-13 .iso8859-13
+ AddCharset ISO-8859-14 .iso8859-14 .latin8
+ AddCharset ISO-8859-15 .iso8859-15 .latin9
+ AddCharset ISO-8859-16 .iso8859-16 .latin10
+ AddCharset ISO-2022-JP .iso2022-jp .jis
+ AddCharset ISO-2022-KR .iso2022-kr .kis
+ AddCharset ISO-2022-CN .iso2022-cn .cis
+ AddCharset Big5 .Big5 .big5 .b5
+ AddCharset cn-Big5 .cn-big5
+ # For russian, more than one charset is used (depends on client, mostly):
+ AddCharset WINDOWS-1251 .cp-1251 .win-1251
+ AddCharset CP866 .cp866
+ AddCharset KOI8 .koi8
+ AddCharset KOI8-E .koi8-e
+ AddCharset KOI8-r .koi8-r .koi8-ru
+ AddCharset KOI8-U .koi8-u
+ AddCharset KOI8-ru .koi8-uk .ua
+ AddCharset ISO-10646-UCS-2 .ucs2
+ AddCharset ISO-10646-UCS-4 .ucs4
+ AddCharset UTF-7 .utf7
+ AddCharset UTF-8 .utf8
+ AddCharset UTF-16 .utf16
+ AddCharset UTF-16BE .utf16be
+ AddCharset UTF-16LE .utf16le
+ AddCharset UTF-32 .utf32
+ AddCharset UTF-32BE .utf32be
+ AddCharset UTF-32LE .utf32le
+ AddCharset euc-cn .euc-cn
+ AddCharset euc-gb .euc-gb
+ AddCharset euc-jp .euc-jp
+ AddCharset euc-kr .euc-kr
+ #Not sure how euc-tw got in - IANA doesn't list it???
+ AddCharset EUC-TW .euc-tw
+ AddCharset gb2312 .gb2312 .gb
+ AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
+ AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
+ AddCharset shift_jis .shift_jis .sjis
+
+ #
+ # AddHandler allows you to map certain file extensions to "handlers":
+ # actions unrelated to filetype. These can be either built into the server
+ # or added with the Action directive (see below)
+ #
+ # To use CGI scripts outside of ScriptAliased directories:
+ # (You will also need to add "ExecCGI" to the "Options" directive.)
+ #
+ #AddHandler cgi-script .cgi
+
+ #
+ # For files that include their own HTTP headers:
+ #
+ #AddHandler send-as-is asis
+
+ #
+ # For server-parsed imagemap files:
+ #
+ #AddHandler imap-file map
+
+ #
+ # For type maps (negotiated resources):
+ # (This is enabled by default to allow the Apache "It Worked" page
+ # to be distributed in multiple languages.)
+ #
+ AddHandler type-map var
+
+ #
+ # Filters allow you to process content before it is sent to the client.
+ #
+ # To parse .shtml files for server-side includes (SSI):
+ # (You will also need to add "Includes" to the "Options" directive.)
+ #
+ AddType text/html .shtml
+ AddOutputFilter INCLUDES .shtml
+</IfModule>
+
+#
+# Action lets you define media types that will execute a script whenever
+# a matching file is called. This eliminates the need for repeated URL
+# pathnames for oft-used CGI file processors.
+# Format: Action media/type /cgi-script/location
+# Format: Action handler-name /cgi-script/location
+#
+
+#
+# Customizable error responses come in three flavors:
+# 1) plain text 2) local redirects 3) external redirects
+#
+# Some examples:
+#ErrorDocument 500 "The server made a boo boo."
+#ErrorDocument 404 /missing.html
+#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
+#ErrorDocument 402 http://www.example.com/subscription_info.html
+#
+
+#
+# Putting this all together, we can internationalize error responses.
+#
+# We use Alias to redirect any /error/HTTP_<error>.html.var response to
+# our collection of by-error message multi-language collections. We use
+# includes to substitute the appropriate text.
+#
+# You can modify the messages' appearance without changing any of the
+# default HTTP_<error>.html.var files by adding the line:
+#
+# Alias /error/include/ "/your/include/path/"
+#
+# which allows you to create your own set of files by starting with the
+# /usr/share/apache2/error/include/ files and copying them to /your/include/path/,
+# even on a per-VirtualHost basis. The default include files will display
+# your Apache version number and your ServerAdmin email address regardless
+# of the setting of ServerSignature.
+#
+# The internationalized error documents require mod_alias, mod_include
+# and mod_negotiation. To activate them, uncomment the following 30 lines.
+
+# Alias /error/ "/usr/share/apache2/error/"
+#
+# <Directory "/usr/share/apache2/error">
+# AllowOverride None
+# Options IncludesNoExec
+# AddOutputFilter Includes html
+# AddHandler type-map var
+# Order allow,deny
+# Allow from all
+# LanguagePriority en cs de es fr it nl sv pt-br ro
+# ForceLanguagePriority Prefer Fallback
+# </Directory>
+#
+# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
+# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
+# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
+# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
+# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
+# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
+# ErrorDocument 410 /error/HTTP_GONE.html.var
+# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
+# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
+# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
+# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
+# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
+# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
+# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
+# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
+# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
+# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
+
+<IfModule mod_setenvif.c>
+ #
+ # The following directives modify normal HTTP response behavior to
+ # handle known problems with browser implementations.
+ #
+ BrowserMatch "Mozilla/2" nokeepalive
+ BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
+ BrowserMatch "RealPlayer 4\.0" force-response-1.0
+ BrowserMatch "Java/1\.0" force-response-1.0
+ BrowserMatch "JDK/1\.0" force-response-1.0
+
+ #
+ # The following directive disables redirects on non-GET requests for
+ # a directory that does not include the trailing slash. This fixes a
+ # problem with Microsoft WebFolders which does not appropriately handle
+ # redirects for folders with DAV methods.
+ # Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
+ #
+ BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
+ BrowserMatch "MS FrontPage" redirect-carefully
+ BrowserMatch "^WebDrive" redirect-carefully
+ BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
+ BrowserMatch "^gnome-vfs/1.0" redirect-carefully
+ BrowserMatch "^XML Spy" redirect-carefully
+ BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
+</IfModule>
+
+#<IfModule mod_status.c>
+ #
+ # Allow server status reports generated by mod_status,
+ # with the URL of http://servername/server-status
+ # Change the ".example.com" to match your domain to enable.
+ #
+ #<Location /server-status>
+ # SetHandler server-status
+ # Order deny,allow
+ # Deny from all
+ # Allow from .example.com
+ #</Location>
+#</IfModule>
+
+#<IfModule mod_info.c>
+ #
+ # Allow remote server configuration reports, with the URL of
+ # http://servername/server-info (requires that mod_info.c be loaded).
+ # Change the ".example.com" to match your domain to enable.
+ #
+ #<Location /server-info>
+ # SetHandler server-info
+ # Order deny,allow
+ # Deny from all
+ # Allow from .example.com
+ #</Location>
+#</IfModule>
+
+# the puppet apache2 module does this already:
+## Include the virtual host configurations:
+#Include /etc/apache2/sites-enabled/
101 templates/directory_indexes.conf.erb
@@ -0,0 +1,101 @@
+<IfModule alias_module>
+ #
+ # Aliases: Add here as many aliases as you need (with no limit). The format is
+ # Alias fakename realname
+ #
+ # Note that if you include a trailing / on fakename then the server will
+ # require it to be present in the URL. So "/icons" isn't aliased in this
+ # example, only "/icons/". If the fakename is slash-terminated, then the
+ # realname must also be slash terminated, and if the fakename omits the
+ # trailing slash, the realname must also omit it.
+ #
+ # We include the /icons/ alias for FancyIndexed directory listings. If
+ # you do not use FancyIndexing, you may comment this out.
+ #
+ Alias /icons/ "/usr/share/apache2/icons/"
+
+ <Directory "/usr/share/apache2/icons">
+ Options Indexes MultiViews
+ AllowOverride None
+ Order allow,deny
+ Allow from all
+ </Directory>
+
+</IfModule>
+
+#
+# Directives controlling the display of server-generated directory listings.
+#
+<IfModule mod_autoindex.c>
+
+ #
+ # IndexOptions: Controls the appearance of server-generated directory
+ # listings.
+ #
+ IndexOptions FancyIndexing VersionSort HTMLTable NameWidth=*
+
+ #
+ # AddIcon* directives tell the server which icon to show for different
+ # files or filename extensions. These are only displayed for
+ # FancyIndexed directories.
+ #
+ AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
+
+ AddIconByType (TXT,/icons/text.gif) text/*
+ AddIconByType (IMG,/icons/image2.gif) image/*
+ AddIconByType (SND,/icons/sound2.gif) audio/*
+ AddIconByType (VID,/icons/movie.gif) video/*
+
+ AddIcon /icons/binary.gif .bin .exe
+ AddIcon /icons/binhex.gif .hqx
+ AddIcon /icons/tar.gif .tar
+ AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
+ AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
+ AddIcon /icons/a.gif .ps .ai .eps
+ AddIcon /icons/layout.gif .html .shtml .htm .pdf
+ AddIcon /icons/text.gif .txt
+ AddIcon /icons/c.gif .c
+ AddIcon /icons/p.gif .pl .py
+ AddIcon /icons/f.gif .for
+ AddIcon /icons/dvi.gif .dvi
+ AddIcon /icons/uuencoded.gif .uu
+ AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+ AddIcon /icons/tex.gif .tex
+ AddIcon /icons/bomb.gif core
+
+ AddIcon /icons/back.gif ..
+ AddIcon /icons/hand.right.gif README
+ AddIcon /icons/folder.gif ^^DIRECTORY^^
+ AddIcon /icons/blank.gif ^^BLANKICON^^
+
+ #
+ # DefaultIcon is which icon to show for files which do not have an icon
+ # explicitly set.
+ #
+ DefaultIcon /icons/unknown.gif
+
+ #
+ # AddDescription allows you to place a short description after a file in
+ # server-generated indexes. These are only displayed for FancyIndexed
+ # directories.
+ # Format: AddDescription "description" filename
+ #
+ #AddDescription "GZIP compressed document" .gz
+ #AddDescription "tar archive" .tar
+ #AddDescription "GZIP compressed tar archive" .tgz
+
+ #
+ # ReadmeName is the name of the README file the server will look for by
+ # default, and append to directory listings.
+ #
+ # HeaderName is the name of a file which should be prepended to
+ # directory indexes.
+ ReadmeName README.html
+ HeaderName HEADER.html
+
+ #
+ # IndexIgnore is a set of filenames which directory indexing should ignore
+ # and not include in the listing. Shell-style wildcarding is permitted.
+ #
+ IndexIgnore .??* *~ *# RCS CVS *,v *,t
+</IfModule>
42 templates/logging-syslog.conf.erb
@@ -0,0 +1,42 @@
+#
+# LogLevel: Control the number of messages logged to the error_log.
+# Possible values include: debug, info, notice, warn, error, crit,
+# alert, emerg.
+#
+LogLevel warn
+
+#
+# ErrorLog: The location of the error log file.
+# If you do not specify an ErrorLog directive within a <VirtualHost>
+# container, error messages relating to that virtual host will be
+# logged here. If you *do* define an error logfile for a <VirtualHost>
+# container, that host's errors will be logged there and not here.
+#
+ErrorLog syslog:local7
+
+#
+# The following directives define some format nicknames for use with
+# a CustomLog directive (see below).
+#
+# NOTE: using %a instead of %h seems to save a full DNS lookup for every
+# connection...
+#
+LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%a %l %u %t \"%r\" %>s %b" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+
+#
+# This will send the access log messages to syslog
+#
+CustomLog "|/usr/bin/logger -p local7.info -t apache" combined
+
+#
+# The BufferedLogs directive causes mod_log_config to store several log
+# entries in memory and write them together to disk, rather than writing
+# them after each request. On some systems, this may result in more
+# efficient disk access and hence higher performance. It may be set only
+# once for the entire server; it cannot be configured per virtual-host.
+# This directive is experimental and should be used with caution.
+
+BufferedLogs On
211 templates/mime-extras.conf.erb
@@ -0,0 +1,211 @@
+<IfModule mod_mime.c>
+ #
+ # AddType allows you to add to or override the MIME configuration
+ # file mime.types for specific file types.
+ #
+ #AddType application/x-gzip .tgz
+ #
+ # AddEncoding allows you to have certain browsers uncompress
+ # information on the fly. Note: Not all browsers support this.
+ # Despite the name similarity, the following Add* directives have
+ # nothing to do with the FancyIndexing customization directives above.
+ #
+ #AddEncoding x-compress .Z
+ #AddEncoding x-gzip .gz .tgz
+ #
+ # If the AddEncoding directives above are commented-out, then you
+ # probably should define those extensions to indicate media types:
+ #
+ AddType application/x-compress .Z
+ AddType application/x-gzip .gz .tgz
+
+ #
+ # DefaultLanguage and AddLanguage allows you to specify the language of
+ # a document. You can then use content negotiation to give a browser a
+ # file in a language the user can understand.
+ #
+ # Specify a default language. This means that all data
+ # going out without a specific language tag (see below) will
+ # be marked with this one. You probably do NOT want to set
+ # this unless you are sure it is correct for all cases.
+ #
+ # * It is generally better to not mark a page as
+ # * being a certain language than marking it with the wrong
+ # * language!
+ #
+ # DefaultLanguage nl
+ #
+ # Note 1: The suffix does not have to be the same as the language
+ # keyword --- those with documents in Polish (whose net-standard
+ # language code is pl) may wish to use "AddLanguage pl .po" to
+ # avoid the ambiguity with the common suffix for perl scripts.
+ #
+ # Note 2: The example entries below illustrate that in some cases
+ # the two character 'Language' abbreviation is not identical to
+ # the two character 'Country' code for its country,
+ # E.g. 'Danmark/dk' versus 'Danish/da'.
+ #
+ # Note 3: In the case of 'ltz' we violate the RFC by using a three char
+ # specifier. There is 'work in progress' to fix this and get
+ # the reference data for rfc1766 cleaned up.
+ #
+ # Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
+ # English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
+ # Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
+ # Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
+ # Norwegian (no) - Polish (pl) - Portugese (pt)
+ # Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
+ # Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
+ #
+# AddLanguage ca .ca
+# AddLanguage cs .cz .cs
+# AddLanguage da .dk
+# AddLanguage de .de
+# AddLanguage el .el
+# AddLanguage en .en
+# AddLanguage eo .eo
+# AddLanguage es .es
+# AddLanguage et .et
+# AddLanguage fr .fr
+# AddLanguage he .he
+# AddLanguage hr .hr
+# AddLanguage it .it
+# AddLanguage ja .ja
+# AddLanguage ko .ko
+# AddLanguage ltz .ltz
+# AddLanguage nl .nl
+# AddLanguage nn .nn
+# AddLanguage no .no
+# AddLanguage pl .po
+# AddLanguage pt .pt
+# AddLanguage pt-BR .pt-br
+# AddLanguage ru .ru
+# AddLanguage sv .sv
+# AddLanguage zh-CN .zh-cn
+# AddLanguage zh-TW .zh-tw
+</IfModule>
+
+<IfModule mod_negotiation.c>
+ #
+ # LanguagePriority allows you to give precedence to some languages
+ # in case of a tie during content negotiation.
+ #
+ # Just list the languages in decreasing order of preference. We have
+ # more or less alphabetized them here. You probably want to change this.
+ #
+ LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
+
+ #
+ # ForceLanguagePriority allows you to serve a result page rather than
+ # MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
+ # [in case no accepted languages matched the available variants]
+ #
+ ForceLanguagePriority Prefer Fallback
+
+</IfModule>
+
+<IfModule mod_mime.c>
+ #
+ # Specify a default charset for all pages sent out. This is
+ # always a good idea and opens the door for future internationalisation
+ # of your web site, should you ever want it. Specifying it as
+ # a default does little harm; as the standard dictates that a page
+ # is in iso-8859-1 (latin1) unless specified otherwise i.e. you
+ # are merely stating the obvious. There are also some security
+ # reasons in browsers, related to javascript and URL parsing
+ # which encourage you to always set a default char set.
+ #
+ #AddDefaultCharset ISO-8859-1
+
+ #
+ # Commonly used filename extensions to character sets. You probably
+ # want to avoid clashes with the language extensions, unless you
+ # are good at carefully testing your setup after each change.
+ # See http://www.iana.org/assignments/character-sets for the
+ # official list of charset names and their respective RFCs.
+ #
+ AddCharset us-ascii .ascii .us-ascii
+ AddCharset ISO-8859-1 .iso8859-1 .latin1
+ AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
+ AddCharset ISO-8859-3 .iso8859-3 .latin3
+ AddCharset ISO-8859-4 .iso8859-4 .latin4
+ AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru
+ AddCharset ISO-8859-6 .iso8859-6 .arb .arabic
+ AddCharset ISO-8859-7 .iso8859-7 .grk .greek
+ AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew
+ AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk
+ AddCharset ISO-8859-10 .iso8859-10 .latin6
+ AddCharset ISO-8859-13 .iso8859-13
+ AddCharset ISO-8859-14 .iso8859-14 .latin8
+ AddCharset ISO-8859-15 .iso8859-15 .latin9
+ AddCharset ISO-8859-16 .iso8859-16 .latin10
+ AddCharset ISO-2022-JP .iso2022-jp .jis
+ AddCharset ISO-2022-KR .iso2022-kr .kis
+ AddCharset ISO-2022-CN .iso2022-cn .cis
+ AddCharset Big5 .Big5 .big5 .b5
+ AddCharset cn-Big5 .cn-big5
+ # For russian, more than one charset is used (depends on client, mostly):
+ AddCharset WINDOWS-1251 .cp-1251 .win-1251
+ AddCharset CP866 .cp866
+ AddCharset KOI8 .koi8
+ AddCharset KOI8-E .koi8-e
+ AddCharset KOI8-r .koi8-r .koi8-ru
+ AddCharset KOI8-U .koi8-u
+ AddCharset KOI8-ru .koi8-uk .ua
+ AddCharset ISO-10646-UCS-2 .ucs2
+ AddCharset ISO-10646-UCS-4 .ucs4
+ AddCharset UTF-7 .utf7
+ AddCharset UTF-8 .utf8
+ AddCharset UTF-16 .utf16
+ AddCharset UTF-16BE .utf16be
+ AddCharset UTF-16LE .utf16le
+ AddCharset UTF-32 .utf32
+ AddCharset UTF-32BE .utf32be
+ AddCharset UTF-32LE .utf32le
+ AddCharset euc-cn .euc-cn
+ AddCharset euc-gb .euc-gb
+ AddCharset euc-jp .euc-jp
+ AddCharset euc-kr .euc-kr
+ #Not sure how euc-tw got in - IANA doesn't list it???
+ AddCharset EUC-TW .euc-tw
+ AddCharset gb2312 .gb2312 .gb
+ AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
+ AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
+ AddCharset shift_jis .shift_jis .sjis
+
+ #
+ # AddHandler allows you to map certain file extensions to "handlers":
+ # actions unrelated to filetype. These can be either built into the server
+ # or added with the Action directive (see below)
+ #
+ # To use CGI scripts outside of ScriptAliased directories:
+ # (You will also need to add "ExecCGI" to the "Options" directive.)
+ #
+ #AddHandler cgi-script .cgi
+
+ #
+ # For files that include their own HTTP headers:
+ #
+ #AddHandler send-as-is asis
+
+ #
+ # For server-parsed imagemap files:
+ #
+ #AddHandler imap-file map
+
+ #
+ # For type maps (negotiated resources):
+ # (This is enabled by default to allow the Apache "It Worked" page
+ # to be distributed in multiple languages.)
+ #
+ AddHandler type-map var
+
+ #
+ # Filters allow you to process content before it is sent to the client.
+ #
+ # To parse .shtml files for server-side includes (SSI):
+ # (You will also need to add "Includes" to the "Options" directive.)
+ #
+ AddType text/html .shtml
+ AddOutputFilter INCLUDES .shtml
+</IfModule>
15 templates/mime-minimal.conf.erb
@@ -0,0 +1,15 @@
+# this is a very minimal mime configuration -- in particular, all
+# of the magical language/negotiation stuff that apache can do.
+# has been stripped out, because we don't use apache for that.
+
+<IfModule mod_mime.c>
+
+ # Lookup mime types in the system-wide mime.types file first
+ TypesConfig /etc/mime.types
+
+ # for firefox extensions:
+ # this is in more recent mime.types files (feisty) but not older ones
+ # (sarge). explicitly include it just to be safe.
+ AddType application/x-xpinstall .xpi
+
+</IfModule>
20 templates/mpm-worker.conf.erb
@@ -0,0 +1,20 @@
+##
+## Server-Pool Size Regulation (MPM specific)
+##
+
+# worker MPM
+# StartServers: initial number of server processes to start
+# MaxClients: maximum number of simultaneous client connections
+# MinSpareThreads: minimum number of worker threads which are kept spare
+# MaxSpareThreads: maximum number of worker threads which are kept spare
+# ThreadsPerChild: constant number of worker threads in each server process
+# MaxRequestsPerChild: maximum number of requests a server process serves
+<IfModule mpm_worker_module>
+ StartServers 5
+ MaxClients 300
+ MinSpareThreads 25
+ MaxSpareThreads 75
+ ThreadsPerChild 25
+ MaxRequestsPerChild 0
+</IfModule>
+
20 templates/mpm-worker.erb
@@ -0,0 +1,20 @@
+##
+## Server-Pool Size Regulation (MPM specific)
+##
+
+# worker MPM
+# StartServers: initial number of server processes to start
+# MaxClients: maximum number of simultaneous client connections
+# MinSpareThreads: minimum number of worker threads which are kept spare
+# MaxSpareThreads: maximum number of worker threads which are kept spare
+# ThreadsPerChild: constant number of worker threads in each server process
+# MaxRequestsPerChild: maximum number of requests a server process serves
+<IfModule mpm_worker_module>
+ StartServers 2
+ MaxClients 500
+ MinSpareThreads 25
+ MaxSpareThreads 75
+ ThreadsPerChild 25
+ MaxRequestsPerChild 0
+</IfModule>
+
19 templates/server-status.erb
@@ -0,0 +1,19 @@
+# create a virtual host which provides statistics
+ExtendedStatus on
+NameVirtualHost <%= 127.0.0.1 %>
+<VirtualHost <%= 127.0.0.1 %>>
+ # hide this a little bit from "normal" accesses
+ # This expects that external users only use the fqdn to access a service
+ ServerName <%= hostname %>
+ <Directory />
+ Order deny,allow
+ Deny from all
+ </Directory>
+ <Location /server-status>
+ SetHandler server-status
+ Order deny,allow
+ Deny from all
+ Allow from <%= 127.0.0.1 %>
+ </Location>
+</VirtualHost>
+
Please sign in to comment.
Something went wrong with that request. Please try again.