Saltstack Official Apache Formula

135 lines
4.2KB

  1. {% import_yaml "apache/osfingermap.yaml" as osfingermap %}
  2. {% import_yaml "apache/modsecurity.yaml" as modsec %}
  3. {% set apache = salt['grains.filter_by']({
  4. 'Debian': {
  5. 'server': 'apache2',
  6. 'service': 'apache2',
  7. 'configfile': '/etc/apache2/apache2.conf',
  8. 'portsfile': '/etc/apache2/ports.conf',
  9. 'mod_wsgi': 'libapache2-mod-wsgi',
  10. 'mod_php5': 'libapache2-mod-php5',
  11. 'mod_fcgid': 'libapache2-mod-fcgid',
  12. 'mod_pagespeed_source': 'https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_amd64.deb',
  13. 'vhostdir': '/etc/apache2/sites-available',
  14. 'confdir': '/etc/apache2/conf.d',
  15. 'confext': '.conf',
  16. 'default_site': 'default',
  17. 'default_site_ssl': 'default-ssl',
  18. 'logdir': '/var/log/apache2',
  19. 'logrotatedir': '/etc/logrotate.d/apache2',
  20. 'wwwdir': '/srv',
  21. 'use_require': False,
  22. },
  23. 'RedHat': {
  24. 'server': 'httpd',
  25. 'service': 'httpd',
  26. 'configfile': '/etc/httpd/conf/httpd.conf',
  27. 'mod_wsgi': 'mod_wsgi',
  28. 'mod_php5': 'php',
  29. 'mod_pagespeed_source': 'https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_x86_64.rpm',
  30. 'vhostdir': '/etc/httpd/vhosts.d',
  31. 'confdir': '/etc/httpd/conf.d',
  32. 'confext': '.conf',
  33. 'default_site': 'default',
  34. 'default_site_ssl': 'default-ssl',
  35. 'logdir': '/var/log/httpd',
  36. 'logrotatedir': '/etc/logrotate.d/httpd',
  37. 'wwwdir': '/var/www',
  38. 'default_charset': 'UTF-8',
  39. 'use_require': False,
  40. },
  41. 'Suse': {
  42. 'server': 'apache2',
  43. 'service': 'apache2',
  44. 'configfile': '/etc/apache2/httpd.conf',
  45. 'mod_wsgi': 'apache2-mod_wsgi',
  46. 'mod_php5': 'apache2-mod_php5',
  47. 'mod_fcgid': 'apache2-mod_fcgid',
  48. 'vhostdir': '/etc/apache2/vhosts.d',
  49. 'confdir': '/etc/httpd/conf.d',
  50. 'confext': '.conf',
  51. 'default_site': 'vhost.template',
  52. 'default_site_ssl': 'vhost-ssl.template',
  53. 'logdir': '/var/log/apache2',
  54. 'wwwdir': '/srv/www',
  55. 'use_require': True,
  56. },
  57. 'FreeBSD': {
  58. 'server': 'apache22',
  59. 'service': 'apache22',
  60. 'configfile': '/usr/local/etc/apache22/httpd.conf',
  61. 'mod_wsgi': 'ap22-mod_wsgi3',
  62. 'vhostdir': '/usr/local/etc/apache22/Includes',
  63. 'confdir': '/usr/local/etc/apache22/Includes',
  64. 'confext': '',
  65. 'default_site': 'default',
  66. 'default_site_ssl': 'default-ssl',
  67. 'logdir': '/var/log/',
  68. 'wwwdir': '/usr/local/www/apache22/',
  69. 'use_require': False,
  70. },
  71. }, merge=salt['grains.filter_by']({
  72. 'precise': {
  73. 'confext': '',
  74. 'default_site': 'default',
  75. 'default_site_ssl': 'default-ssl',
  76. 'use_require': True,
  77. },
  78. 'trusty': {
  79. 'confext': '.conf',
  80. 'default_site': '000-default.conf',
  81. 'default_site_ssl': 'default-ssl.conf',
  82. 'use_require': True,
  83. },
  84. 'utopic': {
  85. 'confext': '.conf',
  86. 'default_site': '000-default.conf',
  87. 'default_site_ssl': 'default-ssl.conf',
  88. 'use_require': True,
  89. },
  90. 'vivid': {
  91. 'confext': '.conf',
  92. 'default_site': '000-default.conf',
  93. 'default_site_ssl': 'default-ssl.conf',
  94. 'use_require': True,
  95. },
  96. 'wily': {
  97. 'confext': '.conf',
  98. 'default_site': '000-default.conf',
  99. 'default_site_ssl': 'default-ssl.conf',
  100. 'use_require': True,
  101. },
  102. 'xenial': {
  103. 'confext': '.conf',
  104. 'default_site': '000-default.conf',
  105. 'default_site_ssl': 'default-ssl.conf',
  106. 'use_require': True,
  107. },
  108. 'jessie': {
  109. 'wwwdir': '/var/www',
  110. 'confext': '.conf',
  111. 'default_site': '000-default.conf',
  112. 'default_site_ssl': 'default-ssl.conf',
  113. 'use_require': True,
  114. },
  115. }, grain='oscodename', merge=salt['grains.filter_by'](
  116. osfingermap
  117. , grain='osfinger', merge=salt['pillar.get']('apache:lookup')))) %}
  118. {% set modsecurity = salt['grains.filter_by'](
  119. modsec
  120. , grain='os_family', merge=salt['pillar.get']('apache:mod_security')) or {} %}
  121. {# merge the os family/codename mod_sec's specific data over the defaults #}
  122. {% do apache.update({ 'mod_security': modsecurity }) %}