diff --git a/.gitmodules b/.gitmodules index 298a31ed47ff09a0bb58aabb13c7cbc1da0dc7c8..cf96e602b1bb26e369e7385892dd1437c598427a 100644 --- a/.gitmodules +++ b/.gitmodules @@ -4,9 +4,9 @@ [submodule "puppetlabs/apache"] path = puppetlabs/apache url = https://github.com/puppetlabs/puppetlabs-apache -[submodule "puppetlabs/stdlib"] - path = puppetlabs/stdlib - url = https://github.com/puppetlabs/puppetlabs-stdlib [submodule "puppetlabs/firewall"] path = puppetlabs/firewall url = https://github.com/puppetlabs/puppetlabs-firewall +[submodule "puppetlabs/stdlib"] + path = puppetlabs/stdlib + url = https://github.com/puppetlabs/puppetlabs-stdlib diff --git a/garr/shib2common/lib/augeas/lenses/tomcatxml.aug b/garr/shib2common/files/customlenses/tomcatxml_0-10-0.aug similarity index 99% rename from garr/shib2common/lib/augeas/lenses/tomcatxml.aug rename to garr/shib2common/files/customlenses/tomcatxml_0-10-0.aug index 78540253e975564aa4f2c2b51525bfe4c07dee79..900d014b86790e4e5b8d5f45464208ff731b68ed 100644 --- a/garr/shib2common/lib/augeas/lenses/tomcatxml.aug +++ b/garr/shib2common/files/customlenses/tomcatxml_0-10-0.aug @@ -143,4 +143,5 @@ let filter = (incl "/etc/tomcat6/tomcat-users.xml") . (incl "/etc/tomcat6/server . (incl "/etc/tomcat7/tomcat-users.xml") . (incl "/etc/tomcat7/server.xml") . Util.stdexcl -let xfm = transform lns filter \ No newline at end of file +let xfm = transform lns filter + diff --git a/garr/shib2common/files/customlenses/tomcatxml_1-2-0.aug b/garr/shib2common/files/customlenses/tomcatxml_1-2-0.aug new file mode 100644 index 0000000000000000000000000000000000000000..300a90b59bdcd9430b2bf5fffb49a87faa72c3de --- /dev/null +++ b/garr/shib2common/files/customlenses/tomcatxml_1-2-0.aug @@ -0,0 +1,163 @@ +(* XML lens for Augeas + Author: Francis Giraldeau <francis.giraldeau@usherbrooke.ca> + + Reference: http://www.w3.org/TR/2006/REC-xml11-20060816/ +*) + +module TomcatXml = + +autoload xfm + +(************************************************************************ + * Utilities lens + *************************************************************************) + +let dels (s:string) = del s s +let spc = /[ \t\r\n]+/ +let osp = /[ \t\r\n]*/ +let sep_spc = del /[ \t\r\n]+/ " " +let sep_osp = del /[ \t\r\n]*/ "" +let sep_eq = del /[ \t\r\n]*=[ \t\r\n]*/ "=" + +let nmtoken = /[a-zA-Z:_][a-zA-Z0-9:_.-]*/ +let word = /[a-zA-Z][a-zA-Z0-9._-]*/ +let char = /.|(\r?\n)/ +(* if we hide the quotes, then we can only accept single or double quotes *) +(* otherwise a put ambiguity is raised *) +let sto_dquote = dels "\"" . store /[^"]*/ . dels "\"" (* " *) +let sto_squote = dels "'" . store /[^']*/ . dels "'" + +let comment = [ label "#comment" . + dels "<!--" . + store /([^-]|-[^-])*/ . + dels "-->" ] + +let pi_target = nmtoken - /[Xx][Mm][Ll]/ +let empty = Util.empty +let del_end = del />[\r?\n]?/ ">\n" +let del_end_simple = dels ">" + +(* This is siplified version of processing instruction + * pi has to not start or end with a white space and the string + * must not contain "?>". We restrict too much by not allowing any + * "?" nor ">" in PI + *) +let pi = /[^ \r\n\t]|[^ \r\n\t][^?>]*[^ \r\n\t]/ + +(************************************************************************ + * Attributes + *************************************************************************) + + +let decl = [ label "#decl" . sep_spc . + store /[^> \t\n\r]|[^> \t\n\r][^>\t\n\r]*[^> \t\n\r]/ ] + +let decl_def (r:regexp) (b:lens) = [ dels "<" . key r . + sep_spc . store word . + b . sep_osp . del_end_simple ] + +let elem_def = decl_def /!ELEMENT/ decl + +let enum = "(" . osp . nmtoken . ( osp . "|" . osp . nmtoken )* . osp . ")" + +let att_type = /CDATA|ID|IDREF|IDREFS|ENTITY|ENTITIES|NMTOKEN|NMTOKENS/ | + enum + +let id_def = [ sep_spc . key /PUBLIC/ . + [ label "#literal" . sep_spc . sto_dquote ]* ] | + [ sep_spc . key /SYSTEM/ . sep_spc . sto_dquote ] + +let notation_def = decl_def /!NOTATION/ id_def + +let att_def = counter "att_id" . + [ sep_spc . seq "att_id" . + [ label "#name" . store word . sep_spc ] . + [ label "#type" . store att_type . sep_spc ] . + ([ key /#REQUIRED|#IMPLIED/ ] | + [ label "#FIXED" . del /#FIXED[ \r\n\t]*|/ "" . sto_dquote ]) ]* + +let att_list_def = decl_def /!ATTLIST/ att_def + +let entity_def = decl_def /!ENTITY/ ([sep_spc . label "#decl" . sto_dquote ]) + +let decl_def_item = elem_def | entity_def | att_list_def | notation_def + +let decl_outer = sep_osp . del /\[[ \n\t\r]*/ "[\n" . + (decl_def_item . sep_osp )* . dels "]" + +(* let dtd_def = [ sep_spc . key "SYSTEM" . sep_spc . sto_dquote ] *) + +let doctype = decl_def /!DOCTYPE/ (decl_outer|id_def) + +(* General shape of an attribute + * q is the regexp matching the quote character for the value + * qd is the default quote character + * brx is what the actual attribute value must match *) +let attval (q:regexp) (qd:string) (brx:regexp) = + let quote = del q qd in + let body = store brx in + [ sep_spc . key nmtoken . sep_eq . square quote body quote ] + +(* We treat attributes according to one of the following three patterns: + attval1 : values that must be quoted with single quotes + attval2 : values that must be quoted with double quotes + attval3 : values that can be quoted with either *) +let attributes = + let attval1 = attval "'" "'" /[^']*"[^']*/ in (* " *) + let attval2 = attval "\"" "\"" /[^"]*'[^"]*/ in + let attval3 = attval /['"]/ "\"" /[^'\"]*/ in (* " *) + [ label "#attribute" . (attval1|attval2|attval3)+ ] + +let prolog = [ label "#declaration" . + dels "<?xml" . + attributes . + sep_osp . + dels "?>" ] + + +(************************************************************************ + * Tags + *************************************************************************) + +(* we consider entities as simple text *) +let text_re = /[^<]+/ - /([^<]*\]\]>[^<]*)/ +let text = [ label "#text" . store text_re ] +let cdata = [ label "#CDATA" . dels "<![CDATA[" . + store (char* - (char* . "]]>" . char*)) . dels "]]>" ] + +(* the value of nmtoken_del is always the nmtoken_key string *) +let nmtoken_key = key nmtoken +let nmtoken_del = del nmtoken "a" + +let element (body:lens) = + let h = attributes? . sep_osp . dels ">" . body* . dels "</" in + [ dels "<" . square nmtoken_key h nmtoken_del . sep_osp . del_end ] + +let empty_element = [ dels "<" . nmtoken_key . value "#empty" . + attributes? . sep_osp . del /\/>[\r?\n]?/ "/>\n" ] + +let pi_instruction = [ dels "<?" . label "#pi" . + [ label "#target" . store pi_target ] . + [ sep_spc . label "#instruction" . store pi ]? . + sep_osp . del /\?>/ "?>" ] + +(* Typecheck is weaker on rec lens, detected by unfolding *) +(* +let content1 = element text +let rec content2 = element (content1|text|comment) +*) + +let rec content = element (text|comment|content|empty_element|pi_instruction) + +(* Constraints are weaker here, but it's better than being too strict *) +let doc = (sep_osp . (prolog | comment | doctype | pi_instruction))* . + ((sep_osp . content) | (sep_osp . empty_element)) . + (sep_osp . (comment | pi_instruction ))* . sep_osp + +let lns = doc + +let filter = (incl "/etc/tomcat6/tomcat-users.xml") . (incl "/etc/tomcat6/server.xml") + . (incl "/etc/tomcat7/tomcat-users.xml") . (incl "/etc/tomcat7/server.xml") + . (incl "/etc/xml/catalog") + +let xfm = transform lns filter diff --git a/garr/shib2common/lib/augeas/lenses/webappxml.aug b/garr/shib2common/files/customlenses/webappxml_0-10-0.aug similarity index 100% rename from garr/shib2common/lib/augeas/lenses/webappxml.aug rename to garr/shib2common/files/customlenses/webappxml_0-10-0.aug diff --git a/garr/shib2common/files/customlenses/webappxml_1-2-0.aug b/garr/shib2common/files/customlenses/webappxml_1-2-0.aug new file mode 100644 index 0000000000000000000000000000000000000000..f8eedc863e6ae86f0eae0dc294a2c21cc0bcffe4 --- /dev/null +++ b/garr/shib2common/files/customlenses/webappxml_1-2-0.aug @@ -0,0 +1,162 @@ +(* XML lens for Augeas + Author: Francis Giraldeau <francis.giraldeau@usherbrooke.ca> + + Reference: http://www.w3.org/TR/2006/REC-xml11-20060816/ +*) + +module WebAppXml = + +autoload xfm + +(************************************************************************ + * Utilities lens + *************************************************************************) + +let dels (s:string) = del s s +let spc = /[ \t\r\n]+/ +let osp = /[ \t\r\n]*/ +let sep_spc = del /[ \t\r\n]+/ " " +let sep_osp = del /[ \t\r\n]*/ "" +let sep_eq = del /[ \t\r\n]*=[ \t\r\n]*/ "=" + +let nmtoken = /[a-zA-Z:_][a-zA-Z0-9:_.-]*/ +let word = /[a-zA-Z][a-zA-Z0-9._-]*/ +let char = /.|(\r?\n)/ +(* if we hide the quotes, then we can only accept single or double quotes *) +(* otherwise a put ambiguity is raised *) +let sto_dquote = dels "\"" . store /[^"]*/ . dels "\"" (* " *) +let sto_squote = dels "'" . store /[^']*/ . dels "'" + +let comment = [ label "#comment" . + dels "<!--" . + store /([^-]|-[^-])*/ . + dels "-->" ] + +let pi_target = nmtoken - /[Xx][Mm][Ll]/ +let empty = Util.empty +let del_end = del />[\r?\n]?/ ">\n" +let del_end_simple = dels ">" + +(* This is siplified version of processing instruction + * pi has to not start or end with a white space and the string + * must not contain "?>". We restrict too much by not allowing any + * "?" nor ">" in PI + *) +let pi = /[^ \r\n\t]|[^ \r\n\t][^?>]*[^ \r\n\t]/ + +(************************************************************************ + * Attributes + *************************************************************************) + + +let decl = [ label "#decl" . sep_spc . + store /[^> \t\n\r]|[^> \t\n\r][^>\t\n\r]*[^> \t\n\r]/ ] + +let decl_def (r:regexp) (b:lens) = [ dels "<" . key r . + sep_spc . store word . + b . sep_osp . del_end_simple ] + +let elem_def = decl_def /!ELEMENT/ decl + +let enum = "(" . osp . nmtoken . ( osp . "|" . osp . nmtoken )* . osp . ")" + +let att_type = /CDATA|ID|IDREF|IDREFS|ENTITY|ENTITIES|NMTOKEN|NMTOKENS/ | + enum + +let id_def = [ sep_spc . key /PUBLIC/ . + [ label "#literal" . sep_spc . sto_dquote ]* ] | + [ sep_spc . key /SYSTEM/ . sep_spc . sto_dquote ] + +let notation_def = decl_def /!NOTATION/ id_def + +let att_def = counter "att_id" . + [ sep_spc . seq "att_id" . + [ label "#name" . store word . sep_spc ] . + [ label "#type" . store att_type . sep_spc ] . + ([ key /#REQUIRED|#IMPLIED/ ] | + [ label "#FIXED" . del /#FIXED[ \r\n\t]*|/ "" . sto_dquote ]) ]* + +let att_list_def = decl_def /!ATTLIST/ att_def + +let entity_def = decl_def /!ENTITY/ ([sep_spc . label "#decl" . sto_dquote ]) + +let decl_def_item = elem_def | entity_def | att_list_def | notation_def + +let decl_outer = sep_osp . del /\[[ \n\t\r]*/ "[\n" . + (decl_def_item . sep_osp )* . dels "]" + +(* let dtd_def = [ sep_spc . key "SYSTEM" . sep_spc . sto_dquote ] *) + +let doctype = decl_def /!DOCTYPE/ (decl_outer|id_def) + +(* General shape of an attribute + * q is the regexp matching the quote character for the value + * qd is the default quote character + * brx is what the actual attribute value must match *) +let attval (q:regexp) (qd:string) (brx:regexp) = + let quote = del q qd in + let body = store brx in + [ sep_spc . key nmtoken . sep_eq . square quote body quote ] + +(* We treat attributes according to one of the following three patterns: + attval1 : values that must be quoted with single quotes + attval2 : values that must be quoted with double quotes + attval3 : values that can be quoted with either *) +let attributes = + let attval1 = attval "'" "'" /[^']*"[^']*/ in (* " *) + let attval2 = attval "\"" "\"" /[^"]*'[^"]*/ in + let attval3 = attval /['"]/ "\"" /[^'\"]*/ in (* " *) + [ label "#attribute" . (attval1|attval2|attval3)+ ] + +let prolog = [ label "#declaration" . + dels "<?xml" . + attributes . + sep_osp . + dels "?>" ] + + +(************************************************************************ + * Tags + *************************************************************************) + +(* we consider entities as simple text *) +let text_re = /[^<]+/ - /([^<]*\]\]>[^<]*)/ +let text = [ label "#text" . store text_re ] +let cdata = [ label "#CDATA" . dels "<![CDATA[" . + store (char* - (char* . "]]>" . char*)) . dels "]]>" ] + +(* the value of nmtoken_del is always the nmtoken_key string *) +let nmtoken_key = key nmtoken +let nmtoken_del = del nmtoken "a" + +let element (body:lens) = + let h = attributes? . sep_osp . dels ">" . body* . dels "</" in + [ dels "<" . square nmtoken_key h nmtoken_del . sep_osp . del_end ] + +let empty_element = [ dels "<" . nmtoken_key . value "#empty" . + attributes? . sep_osp . del /\/>[\r?\n]?/ "/>\n" ] + +let pi_instruction = [ dels "<?" . label "#pi" . + [ label "#target" . store pi_target ] . + [ sep_spc . label "#instruction" . store pi ]? . + sep_osp . del /\?>/ "?>" ] + +(* Typecheck is weaker on rec lens, detected by unfolding *) +(* +let content1 = element text +let rec content2 = element (content1|text|comment) +*) + +let rec content = element (text|comment|content|empty_element|pi_instruction) + +(* Constraints are weaker here, but it's better than being too strict *) +let doc = (sep_osp . (prolog | comment | doctype | pi_instruction))* . + ((sep_osp . content) | (sep_osp . empty_element)) . + (sep_osp . (comment | pi_instruction ))* . sep_osp + +let lns = doc + +let filter = (incl "/usr/local/src/shibboleth-identityprovider/src/main/webapp/WEB-INF/*.xml") + . (incl "/etc/xml/catalog") + +let xfm = transform lns filter diff --git a/garr/shib2common/manifests/classes/augeas.pp b/garr/shib2common/manifests/classes/augeas.pp index 5fa4d5cbb0b7372b867d9e19bd285c5cba9858b4..8f44bbd219fd774f58e40d0a5ec4eb7c37500afe 100644 --- a/garr/shib2common/manifests/classes/augeas.pp +++ b/garr/shib2common/manifests/classes/augeas.pp @@ -37,8 +37,20 @@ class shib2common::augeas ( } if($lsbdistid == 'Ubuntu'){ - package { ['augeas-lenses','libaugeas0','augeas-tools','libaugeas-ruby1.8']: - ensure => 'present', + if ($rubyversion == '1.8.7'){ + package { ['augeas-lenses','libaugeas0','augeas-tools','libaugeas-ruby1.8']: + ensure => 'present', + } + } + # For Ruby 1.9.3 + else{ + package { 'libaugeas-ruby1.8': + ensure => 'purged', + } + + package { ['augeas-lenses','libaugeas0','augeas-tools','ruby-augeas']: + ensure => 'present', + } } } elsif($lsbdistid == 'Debian' and $lsbdistcodename == 'squeeze'){ @@ -118,4 +130,43 @@ class shib2common::augeas ( require => Package['augeas-lenses']; } -} \ No newline at end of file + if ($augeasversion == '0.10.0'){ + file { + '/usr/share/augeas/lenses/dist/tomcatxml.aug': + ensure => present, + owner => root, + group => root, + mode => '644', + source => 'puppet:///modules/shib2common/customlenses/tomcatxml_0-10-0.aug', + require => File["${lens_dir}/dist"]; + + '/usr/share/augeas/lenses/dist/webappxml.aug': + ensure => present, + owner => root, + group => root, + mode => '644', + source => 'puppet:///modules/shib2common/customlenses/webappxml_0-10-0.aug', + require => File["${lens_dir}/dist"]; + } + } + if ($augeasversion == '1.2.0'){ + file { + '/usr/share/augeas/lenses/dist/tomcatxml.aug': + ensure => present, + owner => root, + group => root, + mode => '644', + source => 'puppet:///modules/shib2common/customlenses/tomcatxml_1-2-0.aug', + require => File["${lens_dir}/dist"]; + + '/usr/share/augeas/lenses/dist/webappxml.aug': + ensure => present, + owner => root, + group => root, + mode => '644', + source => 'puppet:///modules/shib2common/customlenses/webappxml_1-2-0.aug', + require => File["${lens_dir}/dist"]; + } + } + +} diff --git a/garr/shib2common/manifests/classes/certificate.pp b/garr/shib2common/manifests/classes/certificate.pp index 630e2c69cc28fc6c2234aa8e1d1ffeeaa22b1110..be5e9f0ac7e5fe2b80355657b339b9322f006efa 100644 --- a/garr/shib2common/manifests/classes/certificate.pp +++ b/garr/shib2common/manifests/classes/certificate.pp @@ -32,10 +32,25 @@ class shib2common::certificate ( $nagiosserver = undef, ) { - $curtomcat = $::tomcat::curtomcat + #$curtomcat = $::tomcat::curtomcat $cert_directory = '/root/certificates' $idp_home = '/opt/shibboleth-idp' + host { + "localhost": + ensure => 'present', + target => '/etc/hosts', + ip => '127.0.0.1', + + ; + + "$fqdn": + ensure => 'present', + target => '/etc/hosts', + ip => '127.0.1.1', + host_aliases => ["$hostname"] + } + file { $cert_directory: ensure => directory, @@ -50,7 +65,7 @@ class shib2common::certificate ( mode => '0600', source => "puppet:///modules/shib2common/certs/${hostname}-key-server.pem", require => File[$cert_directory], - notify => Exec['shib2-apache-restart']; + notify => Service['httpd']; "${cert_directory}/cert-server.pem": ensure => present, @@ -59,7 +74,7 @@ class shib2common::certificate ( mode => '0600', source => "puppet:///modules/shib2common/certs/${hostname}-cert-server.pem", require => File[$cert_directory], - notify => Exec['shib2-apache-restart']; + notify => Service['httpd']; } # Install certificate files. They should be present in ${cert_directory} directory and @@ -67,7 +82,7 @@ class shib2common::certificate ( download_file { "${cert_directory}/Terena-chain.pem": url => 'https://ca.garr.it/mgt/Terena-chain.pem', require => File[$cert_directory], - notify => Exec['shib2-apache-restart'], + notify => Service['httpd'], } # if nagiosserver is set, the activities to verify certificate expiration @@ -83,8 +98,6 @@ class shib2common::certificate ( require => File["${cert_directory}"]; } - - } } diff --git a/garr/shib2common/manifests/classes/java/download.pp b/garr/shib2common/manifests/classes/java/download.pp index 62672362ef73f026bb8549fd973db28a3809f2eb..afd1dc628285dbbd05f13bc3356e55825df199a9 100644 --- a/garr/shib2common/manifests/classes/java/download.pp +++ b/garr/shib2common/manifests/classes/java/download.pp @@ -24,18 +24,4 @@ class shib2common::java::download { # require => Package["oracle-java7-installer", "oracle-jdk7-installer"], #} - file_line { - 'java_environment_rule_1': - ensure => present, - path => '/etc/environment', - line => "JAVA_HOME=${::shib2idp::java::params::java_home}", - require => Download_file[$::shib2idp::java::params::java_home]; - - 'java_environment_rule_2': - ensure => present, - path => '/etc/environment', - line => 'JAVA_OPTS="-Djava.awt.headless=true -Xmx512M -XX:MaxPermSize=128m"', - require => Download_file[$::shib2idp::java::params::java_home]; - } - } diff --git a/garr/shib2common/manifests/classes/java/package.pp b/garr/shib2common/manifests/classes/java/package.pp index 02eecce1c25c384d3e39a228b38dee7bb39b9cbe..402fd98bfd77c831269fa0d43b28f4b34b126626 100644 --- a/garr/shib2common/manifests/classes/java/package.pp +++ b/garr/shib2common/manifests/classes/java/package.pp @@ -50,6 +50,7 @@ class shib2common::java::package { 'oracle-jdk7-installer': ensure => installed, + install_options => '--force-yes', require => Exec['agree-to-jdk-license']; } @@ -63,16 +64,10 @@ class shib2common::java::package { file_line { 'java_environment_rule_1': - ensure => present, - path => '/etc/environment', - line => "JAVA_HOME=${java_home}", - require => [Package['oracle-java7-installer'], Package['oracle-jdk7-installer']]; - - 'java_environment_rule_2': - ensure => present, - path => '/etc/environment', - line => 'JAVA_OPTS="-Djava.awt.headless=true -Xmx512M -XX:MaxPermSize=128m"', - require => [Package['oracle-java7-installer'], Package['oracle-jdk7-installer']]; + ensure => present, + path => '/etc/environment', + line => "JAVA_HOME=${java_home}", + require => [Package['oracle-java7-installer'], Package['oracle-jdk7-installer']] } } diff --git a/garr/shib2common/manifests/classes/postinstall.pp b/garr/shib2common/manifests/classes/postinstall.pp index 252272b736a342e1833b759c4d65b477b96c5c17..33fa00e4817ee8010e6508a1d51fbbb48ca59b37 100644 --- a/garr/shib2common/manifests/classes/postinstall.pp +++ b/garr/shib2common/manifests/classes/postinstall.pp @@ -15,13 +15,13 @@ class shib2common::postinstall() { # Exec to restart tomcat and apache after installations and configuration $curtomcat = $::tomcat::curtomcat exec { - 'shib2-tomcat-restart': - command => "/usr/sbin/service ${curtomcat} restart", - refreshonly => true; + #'shib2-tomcat-restart': + # command => "/usr/sbin/service ${curtomcat} restart", + # refreshonly => true; - 'shib2-apache-restart': - command => '/usr/sbin/service apache2 restart', - refreshonly => true; + #'shib2-apache-restart': + # command => '/usr/sbin/service apache2 restart', + # refreshonly => true; 'shib2-shibd-restart': command => '/usr/sbin/service shibd restart', diff --git a/garr/shib2common/manifests/classes/prerequisites.pp b/garr/shib2common/manifests/classes/prerequisites.pp index a53164bb2057534ee47853183b2c9703ca473c89..4e44e94a6b488fe64bd2414f4114ab477dc062bf 100644 --- a/garr/shib2common/manifests/classes/prerequisites.pp +++ b/garr/shib2common/manifests/classes/prerequisites.pp @@ -42,10 +42,14 @@ class shib2common::prerequisites( path => ['/usr/local/sbin', '/usr/local/bin', '/usr/sbin', '/usr/bin', '/sbin', '/bin'], } + # Execute an "apt-get update" and then install all packages Exec['apt-get update'] -> Package<| |> - Package['unzip', 'wget'] -> Download_file <| |> - Package['ruby-mysql'] -> Execute_mysql <| |> + # Install the packages "unzip" and "wget" before execute any Download_file + Package['unzip', 'wget'] -> Download_file <| |> + + # Install "ruby-mysql" package before execute any Execute_mysql + Package['ruby-mysql'] -> Execute_mysql <| |> package { [ 'openssl', @@ -64,16 +68,21 @@ class shib2common::prerequisites( if ($install_apache == true) { # Install Apache2 Web server and default modules for Prefork version. + if ($operatingsystem == 'Ubuntu' and $operatingsystemmajrelease == '14.04'){ + package { 'apache2-utils': + ensure => installed, + } + } + class { 'apache': default_vhost => false, mpm_module => 'prefork', - require => Class['shib2common::certificate'], + require => [Host ['localhost'], Host ["$fqdn"]], } - # Install the module SSL, Proxy, Proxy AJP, PHP5 + # Install the module SSL, Proxy, Proxy AJP class { 'apache::mod::ssl': } class { 'apache::mod::proxy': } - class { 'apache::mod::php': } if ($install_tomcat == true) { # Install Tomcat application server. diff --git a/garr/tomcat/manifests/init.pp b/garr/tomcat/manifests/init.pp index 9daddb69f61ce81deb7bec7331f4f7ff7d1876ad..6172915476e974b4b7eab84083eef4bf4be87c37 100644 --- a/garr/tomcat/manifests/init.pp +++ b/garr/tomcat/manifests/init.pp @@ -140,6 +140,7 @@ class tomcat { $catalina_home = $tomcat6::catalina_home $curtomcat = "tomcat6" + }elsif($lsbdistid == 'Ubuntu'){ include tomcat::tomcat7 $tomcat_home = $tomcat7::tomcat_home diff --git a/puppetlabs/apache b/puppetlabs/apache index 81069bc88af182757199d5af8d43da162931c0e9..511287b2968177fa000db4187cb23591a34b194d 160000 --- a/puppetlabs/apache +++ b/puppetlabs/apache @@ -1 +1 @@ -Subproject commit 81069bc88af182757199d5af8d43da162931c0e9 +Subproject commit 511287b2968177fa000db4187cb23591a34b194d diff --git a/puppetlabs/stdlib b/puppetlabs/stdlib index 0cda8587440f2a9c1d5af174f3fd21ed72fa3ca2..dcc9605a8434164494dd2912424c8eef83b86ee5 160000 --- a/puppetlabs/stdlib +++ b/puppetlabs/stdlib @@ -1 +1 @@ -Subproject commit 0cda8587440f2a9c1d5af174f3fd21ed72fa3ca2 +Subproject commit dcc9605a8434164494dd2912424c8eef83b86ee5 diff --git a/site.pp b/site.pp index 2288cf5ec02815ef222b0bb4ebc778939291dab4..334ba844689e1fecbda209a31d07460982d23711 100644 --- a/site.pp +++ b/site.pp @@ -109,7 +109,7 @@ node 'sp-test1.mib.garr.it' { 'communityDesc' => 'GARR Research&Development', 'orgUrl' => 'http://www.garr.it/', 'nameOrg' => 'Consortium GARR', - 'nameService' => 'Test SP', + 'nameService' => 'Test SP', 'url_LogoOrg-32x32' => 'https://puppetclient.mib.garr.it/idp/images/logoEnte-32x32_en.png', 'url_LogoOrg-160x120' => 'https://puppetclient.mib.garr.it/idp/images/logoEnte-160x120_en.png', }, @@ -119,7 +119,7 @@ node 'sp-test1.mib.garr.it' { 'orgUrl' => 'http://www.garr.it/', 'privacyPage' => 'http://www.garr.it/', 'nameOrg' => 'Consortium GARR', - 'nameService' => 'SP di test', + 'nameService' => 'SP di test', 'url_LogoOrg-32x32' => 'https://puppetclient.mib.garr.it/idp/images/logoEnte-32x32_it.png', 'url_LogoOrg-160x120' => 'https://puppetclient.mib.garr.it/idp/images/logoEnte-160x120_it.png', }, @@ -184,7 +184,7 @@ node 'registry.mib.garr.it' { 'communityDesc' => 'GARR Research&Development', 'orgUrl' => 'http://www.garr.it/', 'nameOrg' => 'Consortium GARR', - 'nameService' => 'Jagger', + 'nameService' => 'Jagger', 'url_LogoOrg-32x32' => 'https://registry.mib.garr.it/idp/images/logoEnte-32x32_en.png', 'url_LogoOrg-160x120' => 'https://registry.mib.garr.it/idp/images/logoEnte-160x120_en.png', }, @@ -194,7 +194,7 @@ node 'registry.mib.garr.it' { 'orgUrl' => 'http://www.garr.it/', 'privacyPage' => 'http://www.garr.it/', 'nameOrg' => 'Consortium GARR', - 'nameService' => 'Jagger', + 'nameService' => 'Jagger', 'url_LogoOrg-32x32' => 'https://registry.mib.garr.it/idp/images/logoEnte-32x32_it.png', 'url_LogoOrg-160x120' => 'https://registry.mib.garr.it/idp/images/logoEnte-160x120_it.png', },