Move all roles from local.yaml to hiera

[dsa-puppet.git] / modules / apache2 / manifests / init.pp

diff --git a/modules/apache2/manifests/init.pp b/modules/apache2/manifests/init.pp
index 3c0874e3a243b3abda18173ce0df1ef630e5338f..b14d408d732709a54130e57ec24cd3ae5549a035 100644 (file)
--- a/modules/apache2/manifests/init.pp
+++ b/modules/apache2/manifests/init.pp
@@ -1,5 +1,4 @@
 class apache2 {
-
        package { 'apache2':
                ensure => installed,
        }
@@ -11,10 +10,19 @@ class apache2 {
 
        apache2::module { 'info': }
        apache2::module { 'status': }
+       apache2::module { 'headers': }
+
+       package { 'libapache2-mod-macro':
+               ensure => installed
+       }
+
+       apache2::module { 'macro':
+               require => Package['libapache2-mod-macro']
+       }
 
        apache2::site { '00-default':
                site     => 'default-debian.org',
-               template => 'apache2/default-debian.org.erb',
+               content  => template('apache2/default-debian.org.erb'),
        }
 
        apache2::site { '000-default':
@@ -22,25 +30,45 @@ class apache2 {
        }
 
        apache2::config { 'ressource-limits':
-               template => 'apache2/ressource-limits.erb',
+               ensure => absent,
+       }
+
+       if $::fqdn in $site::roles['buildd_master'] {
+               $memlimit = 192 * 1024**2
+       } elsif $::fqdn in $site::roles['nagiosmaster']{
+               $memlimit = 96 * 1024**2
+       } elsif $::fqdn in $site::roles['packagesqamaster']{
+               $memlimit = 192 * 1024**2
+       } else {
+               $memlimit = 32 * 1024**2
+       }
+
+       apache2::config { 'resource-limits':
+               content => template('apache2/resource-limits.erb'),
        }
 
        apache2::config { 'security':
-               config => 'puppet:///modules/apache2/security',
+               source => 'puppet:///modules/apache2/security',
+       }
+
+       apache2::config { 'logformat-privacy':
+               source => 'puppet:///modules/apache2/logformat-privacy',
        }
 
        apache2::config { 'local-serverinfo':
-               config => 'puppet:///modules/apache2/local-serverinfo',
+               source => 'puppet:///modules/apache2/local-serverinfo',
        }
 
        apache2::config { 'server-status':
-               config => 'puppet:///modules/apache2/server-status',
+               source => 'puppet:///modules/apache2/server-status',
+       }
+
+       apache2::config { 'puppet-ssl-macros':
+               source => 'puppet:///modules/apache2/puppet-ssl-macros',
        }
 
        file { '/etc/apache2/sites-available/common-ssl.inc':
-               source => 'puppet:///modules/apache2/common-ssl.inc',
-               require => Package['apache2'],
-               notify  => Service['apache2'],
+               ensure => absent,
        }
 
        file { '/etc/logrotate.d/apache2':
@@ -56,6 +84,11 @@ class apache2 {
                content => template('apache2/default-index.html'),
        }
 
+       file { '/var/log/apache2/.nobackup':
+               mode    => '0644',
+               content => '',
+       }
+
        munin::check { 'apache_accesses': }
        munin::check { 'apache_processes': }
        munin::check { 'apache_volume': }
@@ -64,20 +97,7 @@ class apache2 {
                script => 'ps_',
        }
 
-       if $php5 {
-               package { 'php5-suhosin':
-                       ensure  => installed,
-                       require => Package['apache2'],
-               }
-
-               file { '/etc/php5/conf.d/suhosin.ini':
-                       source  => 'puppet:///modules/apache2/suhosin.ini',
-                       require => Package['php5-suhosin'],
-                       notify  => Service['apache2'],
-               }
-       }
-
-       if $::hostname in [busoni,duarte,holter,lindberg,master,powell,rore] {
+       if $::hostname in [beach,buxtehude,picconi,pkgmirror-1and1] {
                include apache2::dynamic
        } else {
                @ferm::rule { 'dsa-http':