diff --git a/manifests/site.pp b/manifests/site.pp
index 84a278aff552936a8c934e7b1433b8a6fb434cbe..e7eb8a8479402caf13a6c370880dd6d4a0298aa2 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -37,23 +37,27 @@ node 'd-group' {
email => 'webb@d-group.se',
}
+ # package { 'libapache2-mod-php':
+ # ensure => 'latest',
+ # }
+
file { ['/var/log/apache2', '/var/log/django', ]:
group => 'www-data',
mode => '0775',
ensure => 'directory',
}
class {'apache':
-# TODO serveradmin?
- # default_vhost => false,
- # mpm_module => 'prefork',
+ default_vhost => false,
+ # required by php module
+ mpm_module => 'prefork',
# purge_configs => false,
serveradmin => 'webb@d-group.se',
}
$root = '/var/www/d-group.se'
ensure_packages (['python-certbot-apache'], { ensure => installed })
- letsencrypt::certonly { 'd-group certs':
- domains => ['d-group.se', ], # 'www.d-group.se', 'domd.nu',
+ letsencrypt::certonly { 'd-group.se':
+ domains => [ 'd-group.se', ], # 'www.d-group.se', 'domd.nu',
# 'www.domd.nu', 'admin.d-group.se',
# 'wiki.d-group.se', 'www.xn--dmd-sna.nu',
# 'xn--dmd-sna.nu', 'tentakravallen.se',
@@ -62,24 +66,30 @@ node 'd-group' {
suppress_cron_output => true,
cron_hour => '4',
cron_minute => '17',
- # plugin => 'apache',
- cron_success_command => '/bin/systemctl reload apache2.service',
- }
-
- # apache::vhost { 'd-group.se-non-ssl':
- # ssl => false,
- # redirect_status => 'permanent',
- # redirect_dest => 'https://d-group.se/',
- # before => Letsencrypt::Certonly['d-group certs'],
- # docroot => '/var/www',
- # }
+ plugin => 'apache',
+ # cron_success_command => '/bin/systemctl reload apache2.service',
+ }
+
+ apache::vhost { 'd-group.se-non-ssl':
+ servername => 'd-group.se',
+ ssl => false,
+ port => 80,
+ redirect_status => 'permanent',
+ redirect_dest => 'https://d-group.se/',
+ # before => Letsencrypt::Certonly['d-group certs'],
+ docroot => '/var/www/d-group.se',
+ }
apache::vhost { 'd-group.se':
servername => 'd-group.se',
- # ssl => true,
+ ssl => true,
+ port => 443,
serveraliases => ['www.d-group.se'],
docroot => "${root}/d-group.se",
- default_vhost => true,
+ # default_vhost => true,
+ ssl_cert => "/etc/letsencrypt/live/d-group.se/fullchain.pem",
+ ssl_key => "/etc/letsencrypt/live/d-group.se/privkey.pem",
+ require => Letsencrypt::Certonly['d-group.se'],
wsgi_script_aliases => { '/' => "${root}/d-group.se/dgroup/wsgi_production.py", },
wsgi_daemon_process => 'd-group.se',
@@ -115,9 +125,7 @@ node 'd-group' {
}
-
-
- dgroup::simple { 'admin.d-group.se':
+ dgroup::codeigniter { 'admin.d-group.se':
root => $root,
}
@@ -126,19 +134,20 @@ node 'd-group' {
}
- dgroup::simple { 'domd.nu':
- root => $root,
- serveraliases => [ 'www.domd.nu',
- 'xn--dmd-sna.nu',
- 'www.xn--dmd-sna.nu', ],
- }
+ # dgroup::simple { 'domd.nu':
+ # root => $root,
+ # serveraliases => [ 'www.domd.nu',
+ # 'xn--dmd-sna.nu',
+ # 'www.xn--dmd-sna.nu', ],
+ # }
- dgroup::simple { 'tentakravallen.se':
- root => '/var/www',
- serveraliases => [ 'www.tentakravallen.se', ],
- }
+ # dgroup::simple { 'tentakravallen.se':
+ # root => '/var/www',
+ # serveraliases => [ 'www.tentakravallen.se', ],
+ # }
include ::apache::mod::rewrite
+ include ::apache::mod::php
class { '::apache::mod::wsgi':
package_name => 'libapache2-mod-wsgi-py3',
mod_path => 'mod_wsgi.so',
diff --git a/modules/dgroup/manifests/codeigniter.pp b/modules/dgroup/manifests/codeigniter.pp
new file mode 100644
index 0000000000000000000000000000000000000000..195396303b42be5d4a42c012621c6f5ccf7835ad
--- /dev/null
+++ b/modules/dgroup/manifests/codeigniter.pp
@@ -0,0 +1,72 @@
+define dgroup::codeigniter (
+ $root,
+) {
+
+ ensure_packages (['php-mbstring', 'php-intl'], {
+ ensure => 'latest',
+ })
+
+ file_line { 'php intl':
+ ensure => present,
+ path => '/etc/php/7.2/apache2/php.ini',
+ line => 'extension=intl',
+ match => '^;extension=intl',
+ }
+
+ #exec { 'writable writable':
+ # command => "chmod -R g+rw $docroot/writable",
+ # path => ['/usr/bin', '/bin'],
+ #}
+ #exec { 'writable writable':
+ # command => "chgrp -R www-data $docroot/writable",
+ # path => ['/usr/bin', '/bin'],
+ #}
+
+ # file { "$docroot/writable":
+ # ensure => directory,
+ # recurse => true,
+ # group => www-data,
+ # mode => '0775',
+ # }
+
+ $docroot = "${root}/${name}/public"
+
+ $base_directories = [
+ { 'path' => '/', options => 'FollowSymLinks', 'allowoverride' => 'None', },
+ { 'path' => $docroot,
+ 'options' => 'FollowSymLinks MultiViews',
+ 'allowoverride' => 'all',
+ 'order' => 'allow,deny',
+ 'allow' => 'from all',
+ },
+ { 'path' => '/usr/lib/cgi-bin',
+ 'options' => '+ExecCGI -MultiViews +SymLinksIfOwnerMatch',
+ 'allowoverride' => 'none',
+ 'order' => 'allow,deny',
+ 'allow' => 'from all',
+ },
+ { 'path' => '/usr/share/doc',
+ 'options' => 'MultiViews FollowSymLinks',
+ 'allowoverride' => 'none',
+ 'order' => 'deny,allow',
+ 'deny' => 'from all',
+ 'allow' => 'from 127.0.0.0/255.0.0.0 ::1/128',
+ },
+ ]
+
+ $base_aliases = [
+ { alias => '/doc/', path => '/usr/share/doc' },
+ { scriptalias => '/cgi-bin/', path => '/usr/lib/cgi-bin' },
+ ]
+
+ apache::vhost { $name:
+ servername => $name,
+ port => 80,
+ #serveraliases => $serveraliases,
+ docroot => $docroot,
+ aliases => $base_aliases,
+ directories => $base_directories,
+ error_log_file => 'error.log',
+ access_log_file => 'access.log',
+ }
+}
diff --git a/modules/dgroup/manifests/simple.pp b/modules/dgroup/manifests/simple.pp
index 1df22759495a6510f902ac0f5fa1efffef5a6275..f4d28d847b5393edf68208ed8b22632787f83c73 100644
--- a/modules/dgroup/manifests/simple.pp
+++ b/modules/dgroup/manifests/simple.pp
@@ -32,6 +32,7 @@ define dgroup::simple (
apache::vhost { $name:
servername => $name,
+ port => 80,
serveraliases => $serveraliases,
docroot => "${root}/${name}",
aliases => $base_aliases,