|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315 |
- .. _readme:
-
- apache
- ======
-
- |img_travis| |img_sr|
-
- .. |img_travis| image:: https://travis-ci.com/saltstack-formulas/apache-formula.svg?branch=master
- :alt: Travis CI Build Status
- :scale: 100%
- :target: https://travis-ci.com/saltstack-formulas/apache-formula
- .. |img_sr| image:: https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg
- :alt: Semantic Release
- :scale: 100%
- :target: https://github.com/semantic-release/semantic-release
-
- Formulas to set up and configure the Apache HTTP server.
-
- .. contents:: **Table of Contents**
-
- General notes
- -------------
-
- See the full `SaltStack Formulas installation and usage instructions
- <https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html>`_.
-
- If you are interested in writing or contributing to formulas, please pay attention to the `Writing Formula Section
- <https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html#writing-formulas>`_.
-
- If you want to use this formula, please pay attention to the ``FORMULA`` file and/or ``git tag``,
- which contains the currently released version. This formula is versioned according to `Semantic Versioning <http://semver.org/>`_.
-
- See `Formula Versioning Section <https://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html#versioning>`_ for more details.
-
- Contributing to this repo
- -------------------------
-
- **Commit message formatting is significant!!**
-
- Please see `How to contribute <https://github.com/saltstack-formulas/.github/blob/master/CONTRIBUTING.rst>`_ for more details.
-
- Available states
- ----------------
-
- .. contents::
- :local:
-
- ``apache``
- ^^^^^^^^^^
-
- Installs the Apache package and starts the service.
-
- ``apache.config``
- ^^^^^^^^^^^^^^^^^
-
- Configures apache based on os_family
-
- ``apache.certificates``
- ^^^^^^^^^^^^^^^^^^^^^^^
-
- Deploy SSL certificates from pillars
-
- ``apache.mod_mpm``
- ^^^^^^^^^^^^^^^^^^
-
- Configures the apache mpm modules on Debian ``mpm_prefork``, ``mpm_worker`` or ``mpm_event`` (Debian Only)
-
- ``apache.modules``
- ^^^^^^^^^^^^^^^^^^
-
- Enables and disables Apache modules.
-
- ``apache.mod_rewrite``
- ^^^^^^^^^^^^^^^^^^^^^^
-
- Enabled the Apache module mod_rewrite (Debian and FreeBSD only)
-
- ``apache.mod_proxy``
- ^^^^^^^^^^^^^^^^^^^^
-
- Enables the Apache module mod_proxy. (Debian and FreeBSD only)
-
- ``apache.mod_proxy_http``
- ^^^^^^^^^^^^^^^^^^^^^^^^^
-
- Enables the Apache module mod_proxy_http and requires the Apache module mod_proxy to be enabled. (Debian Only)
-
- ``apache.mod_proxy_fcgi``
- ^^^^^^^^^^^^^^^^^^^^^^^^^
-
- Enables the Apache module mod_proxy_fcgi and requires the Apache module mod_proxy to be enabled. (Debian Only)
-
- ``apache.mod_wsgi``
- ^^^^^^^^^^^^^^^^^^^
-
- Installs the mod_wsgi package and enables the Apache module.
-
- ``apache.mod_actions``
- ^^^^^^^^^^^^^^^^^^^^^^
-
- Enables the Apache module mod_actions. (Debian Only)
-
- ``apache.mod_headers``
- ^^^^^^^^^^^^^^^^^^^^^^
-
- Enables the Apache module mod_headers. (Debian Only)
-
- ``apache.mod_pagespeed``
- ^^^^^^^^^^^^^^^^^^^^^^^^
-
- Installs and Enables the mod_pagespeed module. (Debian and RedHat Only)
-
- ``apache.mod_perl2``
- ^^^^^^^^^^^^^^^^^^^^
-
- Installs and enables the mod_perl2 module (Debian and FreeBSD only)
-
- ``apache.mod_geoip``
- ^^^^^^^^^^^^^^^^^^^^
-
- Installs and enables the mod_geoIP (RedHat only)
-
- ``apache.mod_php5``
- ^^^^^^^^^^^^^^^^^^^
-
- Installs and enables the mod_php5 module
-
- ``apache.mod_cgi``
- ^^^^^^^^^^^^^^^^^^
-
- Enables mod_cgi. (FreeBSD only)
-
- ``apache.mod_fcgid``
- ^^^^^^^^^^^^^^^^^^^^
-
- Installs and enables the mod_fcgid module (Debian only)
-
- ``apache.mod_fastcgi``
- ^^^^^^^^^^^^^^^^^^^^^^
-
- Installs and enables the mod_fastcgi module
-
- ``apache.mod_dav_svn``
- ^^^^^^^^^^^^^^^^^^^^^^
-
- Installs and enables the mod_dav_svn module (Debian only)
-
- ``apache.mod_security``
- ^^^^^^^^^^^^^^^^^^^^^^^
-
- Installs an enables the `Apache mod_security2 WAF`<http://modsecurity.org/>`_
- using data from Pillar. (Debian and RedHat Only)
-
- Allows you to install the basic Core Rules (CRS) and some basic configuration for mod_security2
-
- ``apache.mod_security.rules``
- ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
- This state can create symlinks based on basic Core Rules package. (Debian only)
- Or it can distribute a mod_security rule file and place it /etc/modsecurity/
-
- ``apache.mod_socache_shmcb``
- ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
- Enables mod_socache_shmcb. (FreeBSD only)
-
- ``apache.mod_ssl``
- ^^^^^^^^^^^^^^^^^^
-
- Installs and enables the mod_ssl module (Debian, RedHat and FreeBSD only)
-
- ``apache.mod_suexec``
- ^^^^^^^^^^^^^^^^^^^^^
-
- Enables mod_suexec. (FreeBSD only)
-
- ``apache.mod_vhost_alias``
- ^^^^^^^^^^^^^^^^^^^^^^^^^^
-
- Enables the Apache module vhost_alias (Debian Only)
-
- ``apache.mod_remoteip``
- ^^^^^^^^^^^^^^^^^^^^^^^
-
- Enables and configures the Apache module mod_remoteip using data from Pillar. (Debian Only)
-
- ``apache.mod_xsendfile``
- ^^^^^^^^^^^^^^^^^^^^^^^^
-
- Installs and enables mod_xsendfile module. (Debian Only)
-
- ``apache.own_default_vhost``
- ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
- Replace default vhost with own version. By default, it's 503 code. (Debian Only)
-
- ``apache.no_default_vhost``
- ^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
- Remove the default vhost. (Debian Only)
-
- ``apache.vhosts.standard``
- ^^^^^^^^^^^^^^^^^^^^^^^^^^
-
- Configures Apache name-based virtual hosts and creates virtual host directories using data from Pillar.
-
- Example Pillar:
-
- .. code:: yaml
-
- apache:
- sites:
- example.com: # must be unique; used as an ID declaration in Salt; also passed to the template context as {{ id }}
- template_file: salt://apache/vhosts/standard.tmpl
-
- When using the provided templates, one can use a space separated list
- of interfaces to bind to. For example, to bind both IPv4 and IPv6:
-
- .. code:: yaml
-
- apache:
- sites:
- example.com:
- interface: '1.2.3.4 [2001:abc:def:100::3]'
-
- ``apache.manage_security``
- ^^^^^^^^^^^^^^^^^^^^^^^^^^
-
- Configures Apache's security.conf options by reassinging them using data from Pillar.
-
- ``apache.server_status``
- ^^^^^^^^^^^^^^^^^^^^^^^^
-
- Configures Apache's server_status handler for localhost
-
- ``apache.debian_full``
- ^^^^^^^^^^^^^^^^^^^^^^
-
- Installs and configures Apache on Debian and Ubuntu systems.
-
- ``apache.uninstall``
- ^^^^^^^^^^^^^^^^^^^^
-
- Stops the Apache service and uninstalls the package.
-
- These states are ordered using the ``order`` declaration. Different stages
- are divided into the following number ranges:
-
- 1) apache will use 1-500 for ordering
- 2) apache will reserve 1 -100 as unused
- 3) apache will reserve 101-150 for pre pkg install
- 4) apache will reserve 151-200 for pkg install
- 5) apache will reserve 201-250 for pkg configure
- 6) apache will reserve 251-300 for downloads, git stuff, load data
- 7) apache will reserve 301-400 for unknown purposes
- 8) apache will reserve 401-450 for service restart-reloads
- 9) apache WILL reserve 451-460 for service.running
- 10) apache will reserve 461-500 for cmd requiring operational services
-
- Example Pillar:
-
- .. code:: yaml
-
- apache:
- register-site:
- # any name as an array index, and you can duplicate this section
- {{UNIQUE}}:
- name: 'my name'
- path: 'salt://path/to/sites-available/conf/file'
- state: 'enabled'
-
- Testing
- -------
-
- Linux testing is done with ``kitchen-salt``.
-
- Requirements
- ^^^^^^^^^^^^
-
- * Ruby
- * Docker
-
- .. code-block:: bash
-
- $ gem install bundler
- $ bundle install
- $ bin/kitchen test [platform]
-
- Where ``[platform]`` is the platform name defined in ``kitchen.yml``,
- e.g. ``debian-9-2019-2-py3``.
-
- ``bin/kitchen converge``
- ^^^^^^^^^^^^^^^^^^^^^^^^
-
- Creates the docker instance and runs the ``template`` main state, ready for testing.
-
- ``bin/kitchen verify``
- ^^^^^^^^^^^^^^^^^^^^^^
-
- Runs the ``inspec`` tests on the actual instance.
-
- ``bin/kitchen destroy``
- ^^^^^^^^^^^^^^^^^^^^^^^
-
- Removes the docker instance.
-
- ``bin/kitchen test``
- ^^^^^^^^^^^^^^^^^^^^
-
- Runs all of the stages above in one go: i.e. ``destroy`` + ``converge`` + ``verify`` + ``destroy``.
-
- ``bin/kitchen login``
- ^^^^^^^^^^^^^^^^^^^^^
-
- Gives you SSH access to the instance for manual testing.
|