2018-02-16: FG; Small errors discovered when deploying.

config.yaml

@@ -18,32 +18,36 @@ options:
   use-https:
     default: false
     type: boolean
-    description: Set to True to enable it. If you don't specify SSL cert, SSL key (end eventually SSL CA cert), it will use self-signed certificates.
+    description: Set to True to enable it. If you do not specify SSL cert, SSL key (end possibly SSL CA cert), it will use self-signed certificates.
   ssl_cert:
     type: string
     default: ""
     description: |
-      Base64-encoded SSL certificate to install and use for web server. juju config moodle ssl_cert="$(cat cert.pme | base64)"
+      Base64-encoded SSL certificate to install and use for web server.
+      Set by executing  juju config moodle ssl_cert="$(cat cert.pme | base64)"
   ssl_key:
     type: string
     default: ""
-    description: Base64-encoded SSL key to use with certificate specified as ssl_cert. juju config moodle ssl_key="$(cat key.pem | base64)"
+    description: |
+      Base64-encoded SSL key to use with certificate specified as ssl_cert.
+      Set by executing  juju config moodle ssl_key="$(cat key.pem | base64)"
   ssl_ca:
     type: string
     default: ""
     description: |
       Base64-encoded SSL CA to use with the certificate and key provided - this is only
-      required if you are providing a privately signed ssl_cert and ssl_key. juju config moodle ssl_ca="$(cat cacert.pem | base64)"
+      required if you are providing a privately signed ssl_cert and ssl_key.
+      Set by executing  juju config moodle ssl_ca="$(cat cacert.pem | base64)"
   ssl_ciphers:
     type: string
     default: ""
     description: |
-      List of the ciphers the client is permitted to negotiate, will become the value of parameter SSLCipherSuite
+      List of the ciphers the client is permitted to negotiate, will become the value of parameter SSLCipherSuite.
   ssl_protocol:
     type: string
     default: ""
     description: |
-      SSL protocols to enable, will become the value of parametes SSLProtocol
+      SSL protocols to enable, will become the value of parameter SSLProtocol.
   post-max-size:
     default: 10M
     type: string
@@ -60,19 +64,24 @@ options:
     type: string
     default: ""
     description: |
-      White-space separated list of additional packages to be installed, e.g. python to make Ansible happy.
+      White-space separated list of additional packages to be installed, e.g. python to make
+      Ansible happy.
   mpm_type:
     type: string
     default: "mpm_prefork"
     description: |
-      Multi-Processing Module to be enabled within Apache2.
+      Multi-Processing Module to be enabled within Apache2. Should be one of
+      mpm_prefork, mpm_event, mpm_worker
   mpm_config:
     type: string
     default: ""
     description: |
-      Comma-separated list of configuration directives (in the form key-value) overriding those already 
-      present in default /etc/apache2/mods-available/${mpm_type}.conf file.
+      Comma-separated list of configuration directives (in the form key-value) overriding
+      those already present in default /etc/apache2/mods-available/${mpm_type}.conf file.
       As an example, you may set this to
+      .
       StartServers=10,MaxRequestWorkers=1000,ServerLimit=1000
-      Note that additional directives not present in the default .conf file (for example, ThreadsPerChild
-      when mpm_type=prefork) will be just ignored.
+      .
+      Note that this parameter will only take effect when mpm_type is set, and that
+      additional directives not present in the relevant .conf file (for example,
+      ThreadsPerChild when mpm_type=prefork) will be just ignored.

hooks/config-changed

@@ -87,6 +87,10 @@ if [ ! -z "$POST_MAX_SIZE" ]; then
 fi
 
 #Configure SSL ciphers/protocols
+if [ ! -e /etc/apache2/mods-available/ssl.conf.bak ]; then
+    # save a backup of the original file, just in case...
+    cp /etc/apache2/mods-available/ssl.conf /etc/apache2/mods-available/ssl.conf.bak
+fi
 if [ -z "$SSL_CIPHERS" ]; then
     STR_OLD=`cat /etc/apache2/mods-available/ssl.conf | grep '^\s*SSLCipherSuite'`
     STR_NEW=`cat /etc/apache2/mods-available/ssl.conf.bak | grep '^\s*SSLCipherSuite'`
@@ -145,20 +149,23 @@ fi
 
 #Configure Apache2 MPM. Note that only one in [event, worker, prefork] should be active.
 if [ ! -z "$MPM_TYPE" ]; then
-    for atype in mpm_prefork mpm_event mpm_worker ; do
-	if [ "$atype" == "$MPM_TYPE" ]; then
-	    a2enmod $atype
-	    set -f
-	    mpmCfgArray=(${MPM_CONFIG//,/ })
-	    for elemArray in "${!mpmCfgArray[@]}" ; do
-		elemKey=$(echo $elemArray | cut -f1 -d=)
-		elemVal=$(echo $elemArray | cut -f2 -d=)
-		sed -i "s|^\s+$elemKey.*|$elemKey  $elemVal|g" /etc/apache2/mods-available/${MPM_TYPE}.conf
-	    done
-	else
-	    a2dismod $atype
-	fi
-    done
+    juju-log "Configure Apache MPM"
+    if ( echo "mpm_prefork mpm_event mpm_worker" | grep -w $MPM_TYPE ); then
+	for atype in mpm_prefork mpm_event mpm_worker ; do
+	    if [ "$atype" == "$MPM_TYPE" ]; then
+		a2enmod $atype
+		set -f
+		mpmCfgArray=(${MPM_CONFIG//,/ })
+		for elemArray in "${mpmCfgArray[@]}" ; do
+		    elemKey=$(echo $elemArray | cut -f1 -d=)
+		    elemVal=$(echo $elemArray | cut -f2 -d=)
+		    sed -i "s|^\(\s\+\)$elemKey.*|\1 $elemKey  $elemVal|g" /etc/apache2/mods-available/${MPM_TYPE}.conf
+		done
+	    else
+		a2dismod $atype
+	    fi
+	done
+    fi
 fi
 
 # We do simple reload here as we don't want to break running server:
@@ -206,7 +213,7 @@ fi
 #Install cron job for Moodle auto-update if "auto-update" is true
 if [ $(config-get auto-update) == "True" ]; then
     cp $JUJU_CHARM_DIR/hooks/inc/moodle_update /etc/cron.d/moodle_update
-    sed -i "s|SCRIPTPATH|$JUJU_CHARM_DIR/hooks/inc/update-moodle.sh|g" /etc/cron.d/moodle_update
+    sed -i "s|SCRIPTPATH|$JUJU_CHARM_DIR/hooks/inc/update_moodle.sh|g" /etc/cron.d/moodle_update
 else
     if [ -f /etc/cron.d/moodle_update ]; then rm /etc/cron.d/moodle_update; fi
 fi
@@ -222,7 +229,7 @@ fi
 
 DBNAME=`grep dbname $WWWROOT/config.php | cut -d \' -f 2`
 
-if [ -z "$DBNAME"]; then
+if [ -z "$DBNAME" ]; then
     status-set blocked "Waiting for active database relation"
 else 
     status-set active "Unit is Ready"

revision

-8
+9