mediawiki.pp 7.51 KB
Newer Older
mh's avatar
mh committed
1
2
3
4
5
6
# domainalias:
#   - www: add as well a www.${name} entry
#   - absent: do nothing
#   - default: add the string
# run_mode:
#   - normal: nothing special (*default*)
7
8
9
#   - fcgid: apache is running with the fcgid module and suexec
# run_uid: the uid the vhost should run as with the suexec module
# run_gid: the gid the vhost should run as with the suexec module
mh's avatar
mh committed
10
11
12
13
14
15
#
# logmode:
#   - default: Do normal logging to CustomLog and ErrorLog
#   - nologs: Send every logging to /dev/null
#   - anonym: Don't log ips for CustomLog, send ErrorLog to /dev/null
#   - semianonym: Don't log ips for CustomLog, log normal ErrorLog
mh's avatar
mh committed
16
define webhosting::php::mediawiki(
17
18
19
20
21
22
23
24
25
26
27
28
  $ensure              = present,
  $configuration       = {},
  $uid                 = 'absent',
  $uid_name            = 'absent',
  $gid                 = 'uid',
  $gid_name            = 'absent',
  $password            = 'absent',
  $password_crypted    = true,
  $domainalias         = 'www',
  $server_admin        = 'absent',
  $logmode             = 'default',
  $owner               = root,
29
  $group               = 'absent',
30
31
32
33
34
35
36
37
38
39
40
41
42
  $run_mode            = 'normal',
  $run_uid             = 'absent',
  $run_uid_name        = 'absent',
  $run_gid             = 'absent',
  $run_gid_name        = 'absent',
  $wwwmail             = false,
  $allow_override      = 'FileInfo Limit Options=FollowSymLinks',
  $options             = 'absent',
  $additional_options  = 'absent',
  $default_charset     = 'absent',
  $ssl_mode            = false,
  $php_settings        = {},
  $php_options         = {},
mh's avatar
mh committed
43
  $php_installation    = 'scl74',
44
45
46
47
48
49
50
51
52
53
  $vhost_mode          = 'template',
  $template_partial    = 'absent',
  $vhost_source        = 'absent',
  $vhost_destination   = 'absent',
  $htpasswd_file       = 'absent',
  $nagios_check        = 'ensure',
  $nagios_check_domain = 'absent',
  $nagios_check_url    = '/',
  $nagios_check_code   = '200',
  $nagios_use          = 'generic-service',
mh's avatar
mh committed
54
  $mod_security        = false,
55
56
57
58
59
60
61
62
63
  $image               = 'absent',
  $config              = 'unmanaged',
  $db_server           = 'unmanaged',
  $db_name             = 'unmanaged',
  $db_user             = 'db_name',
  $db_pwd              = 'unmanaged',
  $contact             = 'unmanaged',
  $sitename            = 'unmanaged',
  $secret_key          = 'unmanaged',
mh's avatar
mh committed
64
  $spam_protection     = false,
65
66
67
68
69
70
71
  $wiki_options        = {},
  $autoinstall         = true,
  $squid_servers       = 'absent',
  $file_extensions     = 'absent',
  $extensions          = 'absent',
  $language            = 'de',
  $hashed_upload_dir   = true
mh's avatar
mh committed
72
){
mh's avatar
linting    
mh committed
73
74
75
76
77
78
79
80
81
82
  if ($uid_name == 'absent'){
    $real_uid_name = $name
  } else {
    $real_uid_name = $uid_name
  }
  if ($gid_name == 'absent'){
    $real_gid_name = $real_uid_name
  } else {
    $real_gid_name = $gid_name
  }
83
84
85
86
87
  if ($group == 'absent') {
    $real_group = $real_gid_name
  } else {
    $real_group = 'apache'
  }
mh's avatar
linting    
mh committed
88
  webhosting::common{$name:
mh's avatar
linting    
mh committed
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
    ensure              => $ensure,
    configuration       => $configuration,
    uid                 => $uid,
    uid_name            => $real_uid_name,
    gid                 => $gid,
    gid_name            => $real_gid_name,
    password            => $password,
    password_crypted    => $password_crypted,
    htpasswd_file       => $htpasswd_file,
    ssl_mode            => $ssl_mode,
    run_mode            => $run_mode,
    run_uid             => $run_uid,
    run_uid_name        => $run_uid_name,
    run_gid             => $run_gid,
    wwwmail             => $wwwmail,
    nagios_check        => $nagios_check,
    nagios_check_domain => $nagios_check_domain,
    nagios_check_url    => $nagios_check_url,
    nagios_check_code   => $nagios_check_code,
    nagios_use          => $nagios_use,
109
    php_installation    => $php_installation,
mh's avatar
linting    
mh committed
110
  }
mh's avatar
mh committed
111

mh's avatar
linting    
mh committed
112
  if $wwwmail and ($contact != 'unmanaged'){
mh's avatar
mh committed
113
114
115
116
117
118
    $sendmail_path = "/usr/sbin/sendmail -t -f${contact} -i"
  } else {
    $sendmail_path = undef
  }
  $mediawiki_php_settings = {
    sendmail_path => $sendmail_path,
mh's avatar
linting    
mh committed
119
120
  }
  $real_php_settings = merge($mediawiki_php_settings,$php_settings)
121
  $mediawiki_php_options = {
mh's avatar
linting    
mh committed
122
    additional_open_basedir  => '/var/www/mediawiki:/usr/bin/git',
123
124
  }
  $real_php_options = merge($mediawiki_php_options,$php_options)
125

mh's avatar
linting    
mh committed
126
127
  apache::vhost::php::mediawiki{$name:
    ensure             => $ensure,
o's avatar
o committed
128
    configuration      => $configuration,
mh's avatar
linting    
mh committed
129
130
131
    domainalias        => $domainalias,
    server_admin       => $server_admin,
    logmode            => $logmode,
mh's avatar
mh committed
132
    group              => $real_group,
mh's avatar
linting    
mh committed
133
134
135
136
137
138
139
140
    manage_docroot     => false,
    allow_override     => $allow_override,
    options            => $options,
    additional_options => $additional_options,
    default_charset    => $default_charset,
    run_mode           => $run_mode,
    ssl_mode           => $ssl_mode,
    php_settings       => $real_php_settings,
141
    php_options        => $real_php_options,
142
    php_installation   => $php_installation,
mh's avatar
linting    
mh committed
143
144
145
146
147
148
149
    vhost_mode         => $vhost_mode,
    vhost_source       => $vhost_source,
    vhost_destination  => $vhost_destination,
    htpasswd_file      => $htpasswd_file,
    mod_security       => $mod_security,
  }
  mediawiki::instance{$name:
mh's avatar
mh committed
150
151
152
153
154
155
156
157
158
159
160
161
162
    ensure                  => $ensure,
    image                   => $image,
    config                  => $config,
    db_server               => $db_server,
    db_name                 => $db_name,
    db_user                 => $db_user,
    db_pwd                  => $db_pwd,
    contact                 => $contact,
    sitename                => $sitename,
    ssl_mode                => $ssl_mode,
    secret_key              => $secret_key,
    file_extensions         => $file_extensions,
    extensions              => $extensions,
mh's avatar
mh committed
163
    spam_protection         => $spam_protection,
mh's avatar
mh committed
164
    wiki_options            => $wiki_options,
165
    php_installation        => $php_installation,
mh's avatar
mh committed
166
167
168
169
    autoinstall             => $autoinstall,
    squid_servers           => $squid_servers,
    language                => $language,
    hashed_upload_dir       => $hashed_upload_dir,
mh's avatar
linting    
mh committed
170
    documentroot_write_mode => '0660',
mh's avatar
linting    
mh committed
171
  }
mh's avatar
mh committed
172

mh's avatar
linting    
mh committed
173
  case $run_mode {
mh's avatar
mh committed
174
    'fpm','fcgid': {
mh's avatar
linting    
mh committed
175
176
177
178
      if ($run_uid_name == 'absent'){
        $real_run_uid_name = "${name}_run"
      } else {
        $real_run_uid_name = $run_uid_name
mh's avatar
mh committed
179
      }
mh's avatar
linting    
mh committed
180
181
182
183
      if ($run_gid_name == 'absent'){
        $real_run_gid_name = $gid_name ? {
          'absent' => $name,
          default  => $gid_name
mh's avatar
mh committed
184
        }
mh's avatar
linting    
mh committed
185
186
187
188
189
190
191
192
193
194
195
196
      } else {
        $real_run_gid_name = $run_gid_name
      }
      Apache::Vhost::Php::Mediawiki[$name]{
        documentroot_owner => $real_uid_name,
        documentroot_group => $real_gid_name,
        run_uid            => $real_run_uid_name,
        run_gid            => $real_run_gid_name,
      }
      Mediawiki::Instance[$name]{
        documentroot_owner => $real_uid_name,
        documentroot_group => $real_gid_name,
mh's avatar
linting    
mh committed
197
        documentroot_mode  => '0640',
198
199
200
201
202
203
204
205
206
207
      }
      if $ensure != 'absent' {
        Apache::Vhost::Php::Mediawiki[$name]{
          require => [User::Sftp_only[$real_uid_name],
                      User::Managed[$real_run_uid_name] ],
        }
        Mediawiki::Instance[$name]{
          require => [User::Sftp_only[$real_uid_name],
                      User::Managed[$real_run_uid_name] ],
        }
mh's avatar
mh committed
208
209
      }
    }
mh's avatar
linting    
mh committed
210
    default: {
211
212
213
214
215
216
217
      if $ensure != 'absent' {
        Apache::Vhost::Php::Mediawiki[$name]{
          require => User::Sftp_only[$real_uid_name],
        }
        Mediawiki::Instance[$name]{
          require => User::Sftp_only[$real_uid_name],
        }
mh's avatar
mh committed
218
219
      }
    }
mh's avatar
linting    
mh committed
220
221
222
223
224
225
  }
  if $template_partial != 'absent' {
    Apache::Vhost::Php::Mediawiki[$name]{
      template_partial => $template_partial
    }
  }
mh's avatar
mh committed
226
227
}